@safetnsr/vet 1.20.0 → 1.20.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -26,10 +26,16 @@ function analyzeCatch(node) {
26
26
  const block = node.block;
27
27
  const stmts = block.statements;
28
28
  const line = node.getSourceFile().getLineAndCharacterOfPosition(node.getStart()).line + 1;
29
+ const text = block.getText();
29
30
  if (stmts.length === 0) {
31
+ // Check if there's a deliberate comment (/* skip */, /* ignore */, etc.)
32
+ const hasComment = /\/[/*]\s*(skip|ignore|noop|intentional|expected|ok|no-op)/i.test(text);
33
+ if (hasComment) {
34
+ // Deliberate empty catch — not a bug
35
+ return { line, isEmpty: false, isLazy: false, isRethrow: false };
36
+ }
30
37
  return { line, isEmpty: true, isLazy: false, isRethrow: false };
31
38
  }
32
- const text = block.getText();
33
39
  const isLazy = stmts.length === 1 && /console\.(log|error|warn)\s*\(/.test(text) && !text.includes('throw');
34
40
  const isRethrow = text.includes('throw');
35
41
  return { line, isEmpty: false, isLazy, isRethrow };
@@ -311,6 +311,16 @@ const TOOLING_PACKAGES = new Set([
311
311
  'del-cli', 'make-node',
312
312
  // Type packages (consumed by TS compiler, not imported)
313
313
  '@types/react', '@types/react-dom', '@types/jest', '@types/mocha',
314
+ // Test runners / e2e (used via CLI, not imported)
315
+ 'playwright', '@playwright/test', 'cypress', 'puppeteer',
316
+ // Package quality tools (used via CLI)
317
+ 'publint', 'arethetypeswrong', 'are-the-types-wrong', 'attw',
318
+ 'pkg-pr-new', 'size-limit', '@size-limit/preset-small-lib',
319
+ // Monorepo/workspace tools
320
+ 'update-ts-references', 'syncpack', 'manypkg',
321
+ // Prettier plugins (loaded via config, not imported)
322
+ 'prettier-plugin-svelte', 'prettier-plugin-tailwindcss',
323
+ 'prettier-plugin-organize-imports', 'prettier-plugin-packagejson',
314
324
  ]);
315
325
  // ── Collect all deps declared in workspace sub-packages ──────────────────────
316
326
  export function collectWorkspaceDeps(cwd) {
@@ -500,6 +510,11 @@ export async function checkDeps(cwd) {
500
510
  // Skip known tooling packages that are devDependencies (used via CLI scripts, not imports)
501
511
  if (TOOLING_PACKAGES.has(pkg) && devDepNames.has(pkg))
502
512
  continue;
513
+ // Wildcard tooling patterns (eslint configs, prettier plugins, @types/*)
514
+ if (devDepNames.has(pkg) && (pkg.startsWith('eslint-config-') || pkg.startsWith('eslint-plugin-') ||
515
+ pkg.startsWith('prettier-plugin-') || pkg.startsWith('@types/') ||
516
+ pkg.startsWith('@typescript-eslint/') || pkg.startsWith('@eslint/')))
517
+ continue;
503
518
  // Check if it's a CLI tool / plugin / type package (common false positives)
504
519
  // Still flag it, but as info
505
520
  issues.push({
@@ -130,7 +130,7 @@ export async function checkSemantic(cwd) {
130
130
  patternEmbeddings.push({ pattern, embedding: new Float32Array(result.data) });
131
131
  }
132
132
  // Embed and compare each function
133
- const THRESHOLD = 0.40; // similarity threshold — code-to-code embeddings
133
+ const THRESHOLD = 0.45; // similarity threshold — code-to-code embeddings (0.40 gave false positives)
134
134
  for (const func of funcsToAnalyze) {
135
135
  const result = await extractor(func.body, { pooling: 'mean', normalize: true });
136
136
  const funcEmb = new Float32Array(result.data);
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@safetnsr/vet",
3
- "version": "1.20.0",
3
+ "version": "1.20.1",
4
4
  "description": "vet your AI-generated code — one command, one score card, one letter grade",
5
5
  "type": "module",
6
6
  "bin": {