@safets-org/cli 1.0.0

package/dist/utils/ast.js

@@ -0,0 +1,66 @@
+import ts from "typescript";
+export function isNullable(type) {
+    if (type.flags & ts.TypeFlags.Undefined) {
+        return true;
+    }
+    if (type.flags & ts.TypeFlags.Null) {
+        return true;
+    }
+    if (type.isUnion()) {
+        return type.types.some((innerType) => (innerType.flags & ts.TypeFlags.Undefined) !== 0 ||
+            (innerType.flags & ts.TypeFlags.Null) !== 0);
+    }
+    return false;
+}
+export function isInsideTryCatch(node) {
+    let current = node.parent;
+    while (current) {
+        if (ts.isTryStatement(current)) {
+            return true;
+        }
+        current = current.parent;
+    }
+    return false;
+}
+export function pos(sf, node) {
+    const { line, character } = sf.getLineAndCharacterOfPosition(node.getStart());
+    return { line: line + 1, col: character + 1 };
+}
+export function getChainRoot(expr) {
+    let current = expr;
+    while (ts.isPropertyAccessExpression(current) || ts.isElementAccessExpression(current)) {
+        current = current.expression;
+    }
+    return current;
+}
+export function isSubChainDuplicate(node, checker) {
+    const parent = node.parent;
+    if (!ts.isPropertyAccessExpression(parent)) {
+        return false;
+    }
+    try {
+        return isNullable(checker.getTypeAtLocation(parent.expression));
+    }
+    catch {
+        return false;
+    }
+}
+export function isOptionalAccess(node) {
+    if (node.questionDotToken !== undefined) {
+        return true;
+    }
+    let current = node;
+    while (ts.isPropertyAccessExpression(current) || ts.isElementAccessExpression(current)) {
+        if (ts.isPropertyAccessExpression(current) && current.questionDotToken !== undefined) {
+            return true;
+        }
+        if (ts.isElementAccessExpression(current) && current.questionDotToken !== undefined) {
+            return true;
+        }
+        current = current.expression;
+    }
+    return false;
+}
+export function hasNonNullAssertion(node) {
+    return ts.isNonNullExpression(node.expression);
+}

package/dist/utils/colors.d.ts

@@ -0,0 +1,8 @@
+export declare const c: {
+    red: (s: string) => string;
+    yellow: (s: string) => string;
+    green: (s: string) => string;
+    cyan: (s: string) => string;
+    bold: (s: string) => string;
+    dim: (s: string) => string;
+};

package/dist/utils/colors.js

@@ -0,0 +1,8 @@
+export const c = {
+    red: (s) => `\x1b[31m${s}\x1b[0m`,
+    yellow: (s) => `\x1b[33m${s}\x1b[0m`,
+    green: (s) => `\x1b[32m${s}\x1b[0m`,
+    cyan: (s) => `\x1b[36m${s}\x1b[0m`,
+    bold: (s) => `\x1b[1m${s}\x1b[0m`,
+    dim: (s) => `\x1b[2m${s}\x1b[0m`,
+};

package/dist/utils/files.d.ts

@@ -0,0 +1,9 @@
+export declare const SKIP_DIRS: Set<string>;
+export declare function isTestFile(filePath: string): boolean;
+export declare function normalizeFilePath(filePath: string): string;
+export declare function toPortablePath(filePath: string): string;
+export declare function toProjectRelativePath(projectRoot: string, filePath: string): string;
+export declare function isAnalyzableTsFile(filePath: string): boolean;
+export declare function isBundleFile(filePath: string): boolean;
+export declare function findTsFiles(dir: string, files?: string[]): string[];
+export declare function findTsConfigFiles(dir: string, includeTests?: boolean, files?: string[]): string[];

package/dist/utils/files.js

@@ -0,0 +1,123 @@
+import fs from "fs";
+import path from "path";
+export const SKIP_DIRS = new Set([
+    "node_modules",
+    "dist",
+    "build",
+    "out",
+    ".next",
+    ".nuxt",
+    "coverage",
+    ".storybook",
+    ".generated",
+    "generated",
+    "tmp",
+    ".cache",
+    "__generated__",
+    ".turbo",
+    ".vercel",
+    ".prisma",
+    "evals",
+    "integration-tests",
+]);
+const MAX_FILE_LINES = 5000;
+const TEST_PATTERNS = [
+    /\.test\.ts$/,
+    /\.spec\.ts$/,
+    /\/__tests__\//,
+    /\/__tests[^/]*\//,
+    /\/test\//,
+    /\/tests\//,
+    /\/test-utils\//,
+    /\/testing\//,
+    /\/fixtures\//,
+    /\/mocks\//,
+];
+export function isTestFile(filePath) {
+    return TEST_PATTERNS.some((pattern) => pattern.test(filePath.replaceAll("\\", "/")));
+}
+export function normalizeFilePath(filePath) {
+    return path.normalize(filePath);
+}
+export function toPortablePath(filePath) {
+    return normalizeFilePath(filePath).replaceAll("\\", "/");
+}
+export function toProjectRelativePath(projectRoot, filePath) {
+    return toPortablePath(path.relative(projectRoot, normalizeFilePath(filePath)));
+}
+export function isAnalyzableTsFile(filePath) {
+    const normalizedPath = normalizeFilePath(filePath);
+    const fileName = path.basename(normalizedPath);
+    return (fileName.endsWith(".ts") &&
+        !fileName.endsWith(".d.ts") &&
+        !isBundleFile(normalizedPath));
+}
+export function isBundleFile(filePath) {
+    try {
+        const content = fs.readFileSync(filePath, "utf-8");
+        return content.split("\n").length > MAX_FILE_LINES;
+    }
+    catch {
+        return false;
+    }
+}
+export function findTsFiles(dir, files = []) {
+    try {
+        for (const entry of fs.readdirSync(dir, { withFileTypes: true })) {
+            if (entry.name.startsWith(".")) {
+                continue;
+            }
+            if (SKIP_DIRS.has(entry.name.toLowerCase())) {
+                continue;
+            }
+            const fullPath = path.join(dir, entry.name);
+            try {
+                if (entry.isDirectory()) {
+                    findTsFiles(fullPath, files);
+                }
+                else if (isAnalyzableTsFile(fullPath)) {
+                    files.push(normalizeFilePath(fullPath));
+                }
+            }
+            catch {
+                // Skip unreadable entries.
+            }
+        }
+    }
+    catch {
+        // Skip unreadable directories.
+    }
+    return files;
+}
+export function findTsConfigFiles(dir, includeTests = false, files = []) {
+    try {
+        for (const entry of fs.readdirSync(dir, { withFileTypes: true })) {
+            if (entry.name.startsWith(".")) {
+                continue;
+            }
+            if (SKIP_DIRS.has(entry.name.toLowerCase())) {
+                continue;
+            }
+            const fullPath = path.join(dir, entry.name);
+            const checkPath = entry.isDirectory() ? `${fullPath}${path.sep}` : fullPath;
+            if (!includeTests && isTestFile(checkPath)) {
+                continue;
+            }
+            try {
+                if (entry.isDirectory()) {
+                    findTsConfigFiles(fullPath, includeTests, files);
+                }
+                else if (entry.name === "tsconfig.json") {
+                    files.push(normalizeFilePath(fullPath));
+                }
+            }
+            catch {
+                // Skip unreadable entries.
+            }
+        }
+    }
+    catch {
+        // Skip unreadable directories.
+    }
+    return files;
+}

package/dist/utils/types.d.ts

@@ -0,0 +1,45 @@
+export type PatternName = "Unsafe property access" | "Unsafe destructuring" | "Unsafe array index access" | "Unprotected JSON.parse" | "Unsafe process.env access" | "Non-null assertion on nullable" | "Unsafe access after await" | "Unsafe Promise.all destructuring" | "Unsafe Map/Record access";
+export interface CrashReport {
+    file: string;
+    line: number;
+    col: number;
+    expr: string;
+    rootExpr: string;
+    type: string;
+    pattern: PatternName;
+    confidence: "HIGH" | "MEDIUM";
+    crashPath: string[];
+    fallback?: boolean;
+}
+export interface BaselineOptions {
+    includeTests: boolean;
+}
+export interface BaselineCrash {
+    file: string;
+    line: number;
+    expr: string;
+    pattern?: PatternName;
+}
+export interface Baseline {
+    version: string;
+    date: string;
+    options?: BaselineOptions;
+    crashes: BaselineCrash[];
+}
+export interface ProgramResult {
+    program: import("typescript").Program | null;
+    programInputs?: {
+        configFile: string | null;
+        fileNames: string[];
+        options: import("typescript").CompilerOptions;
+        rootFileCount: number;
+        filteredFileCount: number;
+    }[];
+    fallback: boolean;
+    warnings: string[];
+    includeTests: boolean;
+    strategy: "root-tsconfig" | "workspace-tsconfigs" | "direct-scan" | "fallback";
+    configFiles: string[];
+    rootFileCount: number;
+    filteredFileCount: number;
+}

package/dist/utils/types.js

@@ -0,0 +1 @@
+export {};

package/package.json

@@ -0,0 +1,50 @@
+{
+  "name": "@safets-org/cli",
+  "version": "1.0.0",
+  "description": "Finds common runtime crashes TypeScript can't detect",
+  "type": "module",
+  "bin": {
+    "safets": "dist/index.js"
+  },
+  "scripts": {
+    "build": "tsc -p tsconfig.build.json",
+    "typecheck": "tsc --noEmit",
+    "test": "npm run test:smoke && npm run test:cli && npm run test:detectors && npm run test:integration && npm run test:json && npm run test:action",
+    "test:action": "node scripts/test-github-action.mjs",
+    "test:cli": "node scripts/test-cli.mjs",
+    "test:detectors": "node scripts/test-detectors.mjs",
+    "test:integration": "node scripts/test-cli-integration.mjs",
+    "test:json": "node scripts/test-json-reporter.mjs",
+    "test:smoke": "node ./dist/index.js doctor",
+    "validate:real-world": "node scripts/validate-real-world.mjs",
+    "pack:check": "node scripts/check-pack.mjs",
+    "ci:check": "npm run typecheck && npm test && npm run pack:check",
+    "doctor": "node ./dist/index.js doctor",
+    "fix": "node ./dist/index.js fix",
+    "debt": "node ./dist/index.js debt",
+    "baseline": "node ./dist/index.js baseline",
+    "prepare": "npm run build"
+  },
+  "keywords": [
+    "typescript",
+    "static-analysis",
+    "runtime-crashes",
+    "linter",
+    "safety"
+  ],
+  "author": "",
+  "license": "MIT",
+  "devDependencies": {
+    "@types/node": "^20.0.0",
+    "ts-node": "^10.9.0",
+    "typescript": "^5.4.0"
+  },
+  "peerDependencies": {
+    "typescript": ">=4.9.0"
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ]
+}