@sun-asterisk/sunlint 1.0.6 → 1.1.3

package/core/file-targeting-service.js

@@ -47,48 +47,59 @@ class FileTargetingService {
    */
   applyFiltering(files, config, cliOptions) {
     let filteredFiles = [...files];
+    const debug = cliOptions?.debug || false;
+
+    if (debug) console.log(`🔍 [DEBUG] applyFiltering: start with ${filteredFiles.length} files`);
+    if (debug) console.log(`🔍 [DEBUG] config.include:`, config.include);
+    if (debug) console.log(`🔍 [DEBUG] cliOptions.include:`, cliOptions.include);
 
     // 1. Apply config include patterns first (medium priority)
     if (config.include && config.include.length > 0) {
-      filteredFiles = this.applyIncludePatterns(filteredFiles, config.include);
+      filteredFiles = this.applyIncludePatterns(filteredFiles, config.include, debug);
+      if (debug) console.log(`🔍 [DEBUG] After config include: ${filteredFiles.length} files`);
     }
 
     // 2. Apply CLI include overrides (highest priority - completely overrides config)
     if (cliOptions.include) {
       // CLI include completely replaces config include - start fresh from all files
-      filteredFiles = this.applyIncludePatterns([...files], cliOptions.include);
+      filteredFiles = this.applyIncludePatterns([...files], cliOptions.include, debug);
     }
 
     // 3. Apply config exclude patterns
     if (config.exclude && config.exclude.length > 0) {
-      filteredFiles = this.applyExcludePatterns(filteredFiles, config.exclude);
+      if (debug) console.log(`🔍 [DEBUG] About to apply config exclude patterns: ${config.exclude}`);
+      if (debug) console.log(`🔍 [DEBUG] Files before config exclude: ${filteredFiles.length}`);
+      filteredFiles = this.applyExcludePatterns(filteredFiles, config.exclude, debug);
+      if (debug) console.log(`🔍 [DEBUG] Files after config exclude: ${filteredFiles.length}`);
     }
 
     // 4. Apply CLI exclude overrides (highest priority)
     if (cliOptions.exclude) {
-      filteredFiles = this.applyExcludePatterns(filteredFiles, cliOptions.exclude);
+      if (debug) console.log(`🔍 [DEBUG] About to apply CLI exclude patterns: ${cliOptions.exclude}`);
+      if (debug) console.log(`🔍 [DEBUG] Files before CLI exclude: ${filteredFiles.length}`);
+      filteredFiles = this.applyExcludePatterns(filteredFiles, cliOptions.exclude, debug);
+      if (debug) console.log(`🔍 [DEBUG] Files after CLI exclude: ${filteredFiles.length}`);
     }
 
     // 5. Apply language-specific filtering
     if (cliOptions.languages || config.languages) {
-      filteredFiles = this.applyLanguageFiltering(filteredFiles, config, cliOptions);
-    }
-
-    // 6. Apply legacy ignorePatterns (backward compatibility)
-    if (config.ignorePatterns && config.ignorePatterns.length > 0) {
-      filteredFiles = this.applyExcludePatterns(filteredFiles, config.ignorePatterns);
+      filteredFiles = this.applyLanguageFiltering(filteredFiles, config, cliOptions, debug);
+      if (debug) console.log(`🔍 [DEBUG] After language filtering: ${filteredFiles.length} files`);
     }
 
-    // 7. Apply only-source filtering (exclude tests, configs, etc.)
+    // 6. Apply only-source filtering (exclude tests, configs, etc.)
     if (cliOptions.onlySource) {
       filteredFiles = this.applyOnlySourceFiltering(filteredFiles);
+      if (debug) console.log(`🔍 [DEBUG] After onlySource filtering: ${filteredFiles.length} files`);
     } else {
       // 8. Handle test files normally
       if (config.testPatterns) {
         filteredFiles = this.handleTestFiles(filteredFiles, config.testPatterns, cliOptions, config);
+        if (debug) console.log(`🔍 [DEBUG] After test files handling: ${filteredFiles.length} files`);
       }
     }
 
+    if (debug) console.log(`🔍 [DEBUG] Final filtered files: ${filteredFiles.length}`);
     return filteredFiles;
   }
 
@@ -96,7 +107,11 @@ class FileTargetingService {
    * Apply language-specific filtering
    * Rule C005: Single responsibility - language filtering only
    */
-  applyLanguageFiltering(files, config, cliOptions) {
+  applyLanguageFiltering(files, config, cliOptions, debug = false) {
+    if (debug) console.log(`🔍 [DEBUG] === applyLanguageFiltering ENTRY ===`);
+    if (debug) console.log(`🔍 [DEBUG] Input files.length: ${files.length}`);
+    if (debug) console.log(`🔍 [DEBUG] Sample input files:`, files.slice(0, 3));
+    
     // Determine target languages from CLI or config
     let targetLanguages;
     if (cliOptions.languages) {
@@ -107,78 +122,118 @@ class FileTargetingService {
       targetLanguages = Object.keys(config.languages || {});
     }
 
+    if (debug) console.log(`🔍 [DEBUG] applyLanguageFiltering: cliOptions.languages = ${cliOptions.languages}`);
+    if (debug) console.log(`🔍 [DEBUG] applyLanguageFiltering: config.languages =`, config.languages);
+    if (debug) console.log(`🔍 [DEBUG] applyLanguageFiltering: targetLanguages =`, targetLanguages);
+
     if (targetLanguages.length === 0) {
+      if (debug) console.log(`🔍 [DEBUG] applyLanguageFiltering: No language filtering, returning all files`);
       return files; // No language filtering
     }
 
     let languageFiles = [];
 
     for (const language of targetLanguages) {
+      if (debug) console.log(`🔍 [DEBUG] Processing language: ${language}`);
       if (Array.isArray(config.languages)) {
         // New array format - use isLanguageFile method
         const langFiles = files.filter(file => this.isLanguageFile(file, language));
         languageFiles.push(...langFiles);
+        if (debug) console.log(`🔍 [DEBUG] Array format - found ${langFiles.length} files for ${language}`);
       } else {
         // Legacy object format - use include/exclude patterns
         const langConfig = config.languages[language];
-        if (!langConfig) continue;
+        if (!langConfig) {
+          if (debug) console.log(`🔍 [DEBUG] No config for language: ${language}`);
+          continue;
+        }
 
         let langFiles = [...files];
+        if (debug) console.log(`🔍 [DEBUG] Starting with ${langFiles.length} files for ${language}`);
 
         // Apply language-specific include patterns
         if (langConfig.include && langConfig.include.length > 0) {
-          langFiles = this.applyIncludePatterns(langFiles, langConfig.include);
+          langFiles = this.applyIncludePatterns(langFiles, langConfig.include, debug);
+          if (debug) console.log(`🔍 [DEBUG] After include patterns ${langConfig.include}: ${langFiles.length} files`);
         }
 
         // Apply language-specific exclude patterns
         if (langConfig.exclude && langConfig.exclude.length > 0) {
-          langFiles = this.applyExcludePatterns(langFiles, langConfig.exclude);
+          langFiles = this.applyExcludePatterns(langFiles, langConfig.exclude, debug);
+          if (debug) console.log(`🔍 [DEBUG] After exclude patterns ${langConfig.exclude}: ${langFiles.length} files`);
         }
 
         languageFiles.push(...langFiles);
+        if (debug) console.log(`🔍 [DEBUG] Added ${langFiles.length} files for ${language}, total: ${languageFiles.length}`);
       }
     }
 
     // Remove duplicates
-    return [...new Set(languageFiles)];
+    const finalFiles = [...new Set(languageFiles)];
+    if (debug) console.log(`🔍 [DEBUG] Final language files after dedup: ${finalFiles.length}`);
+    return finalFiles;
   }
 
   /**
    * Apply include patterns using minimatch
    * Rule C006: applyIncludePatterns - verb-noun naming
    */
-  applyIncludePatterns(files, patterns) {
+  applyIncludePatterns(files, patterns, debug = false) {
     if (!patterns) return files;
     
     // Normalize patterns to array
     const patternArray = Array.isArray(patterns) ? patterns : [patterns];
     if (patternArray.length === 0) return files;
     
-    return files.filter(file => {
+    if (debug) console.log(`🔍 [DEBUG] applyIncludePatterns - input files:`, files.length);
+    if (debug) console.log(`🔍 [DEBUG] applyIncludePatterns - patterns:`, patternArray);
+    if (debug) console.log(`🔍 [DEBUG] applyIncludePatterns - sample input files:`, files.slice(0, 3));
+    
+    const result = files.filter(file => {
       return patternArray.some(pattern => {
         const normalizedFile = this.normalizePath(file);
-        return minimatch(normalizedFile, pattern, { dot: true });
+        const match = minimatch(normalizedFile, pattern, { dot: true });
+        if (debug && file.includes('.ts') && !file.includes('.test.')) {
+          console.log(`🔍 [DEBUG] Testing: '${file}' -> '${normalizedFile}' vs '${pattern}' = ${match}`);
+        }
+        return match;
       });
     });
+    
+    if (debug) console.log(`🔍 [DEBUG] applyIncludePatterns - result:`, result.length);
+    return result;
   }
 
   /**
    * Apply exclude patterns using minimatch
    * Rule C006: applyExcludePatterns - verb-noun naming
    */
-  applyExcludePatterns(files, patterns) {
+  applyExcludePatterns(files, patterns, debug = false) {
     if (!patterns) return files;
     
     // Normalize patterns to array
     const patternArray = Array.isArray(patterns) ? patterns : [patterns];
     if (patternArray.length === 0) return files;
     
-    return files.filter(file => {
-      return !patternArray.some(pattern => {
+    // Filter out negation patterns (starting with !) - these should not be in exclude patterns
+    const excludePatterns = patternArray.filter(pattern => !pattern.startsWith('!'));
+    
+    if (debug) console.log(`🔍 [DEBUG] applyExcludePatterns - input files: ${files.length}`);
+    if (debug) console.log(`🔍 [DEBUG] applyExcludePatterns - original patterns:`, patternArray);
+    if (debug) console.log(`🔍 [DEBUG] applyExcludePatterns - filtered patterns:`, excludePatterns);
+    
+    if (excludePatterns.length === 0) return files;
+    
+    const result = files.filter(file => {
+      return !excludePatterns.some(pattern => {
         const normalizedFile = this.normalizePath(file);
-        return minimatch(normalizedFile, pattern, { dot: true });
+        const match = minimatch(normalizedFile, pattern, { dot: true });
+        return match;
       });
     });
+    
+    if (debug) console.log(`🔍 [DEBUG] applyExcludePatterns - result: ${result.length}`);
+    return result;
   }
 
   /**
@@ -213,13 +268,22 @@ class FileTargetingService {
    */
   async collectFiles(inputPath) {
     const files = [];
-    const stats = fs.statSync(inputPath);
+    
+    try {
+      const stats = fs.statSync(inputPath);
 
-    if (stats.isFile()) {
-      files.push(path.resolve(inputPath));
-    } else if (stats.isDirectory()) {
-      const dirFiles = await this.collectFilesFromDirectory(inputPath);
-      files.push(...dirFiles);
+      if (stats.isFile()) {
+        files.push(path.resolve(inputPath));
+      } else if (stats.isDirectory()) {
+        const dirFiles = await this.collectFilesFromDirectory(inputPath);
+        files.push(...dirFiles);
+      }
+    } catch (error) {
+      if (error.code === 'ENOENT') {
+        console.warn(`⚠️ Path not found: ${inputPath}`);
+        return files; // Return empty array instead of throwing
+      }
+      throw error; // Re-throw other errors
     }
 
     return files;

package/core/interfaces/analysis-engine.interface.js

@@ -0,0 +1,100 @@
+/**
+ * Analysis Engine Interface
+ * Following Rule C014: Dependency Injection interface
+ * Following Rule C015: Use domain language - clear interface naming
+ */
+
+class AnalysisEngineInterface {
+  /**
+   * Constructor for Analysis Engine
+   * @param {string} id - Engine ID (e.g., 'eslint', 'heuristic', 'openai')
+   * @param {string} version - Engine version
+   * @param {string[]} supportedLanguages - Array of supported languages
+   */
+  constructor(id, version, supportedLanguages = []) {
+    this.id = id;
+    this.version = version;
+    this.supportedLanguages = supportedLanguages;
+    this.initialized = false;
+  }
+
+  /**
+   * Initialize the analysis engine
+   * Following Rule C006: Verb-noun naming
+   * @param {Object} config - Engine-specific configuration
+   * @returns {Promise<void>}
+   */
+  async initialize(config) {
+    throw new Error(`Method initialize() must be implemented by ${this.constructor.name}`);
+  }
+
+  /**
+   * Analyze files with given rules
+   * Following Rule C006: Verb-noun naming
+   * @param {string[]} files - Array of file paths to analyze
+   * @param {Object[]} rules - Array of rule objects to apply
+   * @param {Object} options - Analysis options
+   * @returns {Promise<Object>} Analysis results
+   */
+  async analyze(files, rules, options) {
+    throw new Error(`Method analyze() must be implemented by ${this.constructor.name}`);
+  }
+
+  /**
+   * Get supported rules for this engine
+   * Following Rule C006: Verb-noun naming
+   * @returns {string[]} Array of supported rule IDs
+   */
+  getSupportedRules() {
+    throw new Error(`Method getSupportedRules() must be implemented by ${this.constructor.name}`);
+  }
+
+  /**
+   * Check if a specific rule is supported
+   * Following Rule C006: Verb-noun naming
+   * @param {string} ruleId - Rule ID to check
+   * @returns {boolean} True if rule is supported
+   */
+  isRuleSupported(ruleId) {
+    return this.getSupportedRules().includes(ruleId);
+  }
+
+  /**
+   * Check if a language is supported
+   * Following Rule C006: Verb-noun naming
+   * @param {string} language - Language to check
+   * @returns {boolean} True if language is supported
+   */
+  isLanguageSupported(language) {
+    return this.supportedLanguages.includes(language) || 
+           this.supportedLanguages.includes('all') ||
+           this.supportedLanguages.length === 0;
+  }
+
+  /**
+   * Get engine metadata
+   * Following Rule C006: Verb-noun naming
+   * @returns {Object} Engine metadata
+   */
+  getEngineInfo() {
+    return {
+      name: this.name,
+      version: this.version,
+      supportedLanguages: this.supportedLanguages,
+      supportedRules: this.getSupportedRules(),
+      initialized: this.initialized
+    };
+  }
+
+  /**
+   * Cleanup engine resources
+   * Following Rule C006: Verb-noun naming
+   * @returns {Promise<void>}
+   */
+  async cleanup() {
+    // Default implementation - engines can override if needed
+    this.initialized = false;
+  }
+}
+
+module.exports = AnalysisEngineInterface;

package/core/multi-rule-runner.js

@@ -1,221 +0,0 @@
-const path = require('path');
-const fs = require('fs');
-const glob = require('glob');
-const chalk = require('chalk');
-const FileTargetingService = require('./file-targeting-service');
-
-class MultiRuleRunner {
-  constructor(config, options) {
-    this.config = config;
-    this.options = options;
-    this.ruleCache = new Map();
-    this.fileTargetingService = new FileTargetingService();
-  }
-
-  async runRules(rules, inputPath, options) {
-    console.log(chalk.blue(`🔄 Analyzing ${rules.length} rules...`));
-    
-    // Get files to analyze
-    const files = await this.getFilesToAnalyze(inputPath, options);
-    
-    console.log(chalk.gray(`📁 Found ${files ? files.length : 'undefined'} files to analyze`));
-    
-    if (!files || files.length === 0) {
-      console.log(chalk.yellow('⚠️  No files found to analyze'));
-      return [];
-    }
-
-    // Group files by language
-    const filesByLanguage = this.groupFilesByLanguage(files);
-    
-    // Run rules in parallel (with concurrency limit)
-    const maxConcurrent = parseInt(options.maxConcurrent) || 5;
-    const timeout = parseInt(options.timeout) || 30000;
-    
-    const results = [];
-    
-    // Process rules in batches
-    for (let i = 0; i < rules.length; i += maxConcurrent) {
-      const batch = rules.slice(i, i + maxConcurrent);
-      
-      const batchPromises = batch.map(async (rule) => {
-        try {
-          return await this.runSingleRule(rule, filesByLanguage, options, timeout);
-        } catch (error) {
-          console.error(chalk.red(`❌ Rule ${rule.id} failed:`), error.message);
-          return {
-            ruleId: rule.id,
-            ruleName: rule.name,
-            violations: [],
-            error: error.message,
-            status: 'failed'
-          };
-        }
-      });
-
-      const batchResults = await Promise.all(batchPromises);
-      results.push(...batchResults);
-      
-      if (options.verbose) {
-        console.log(chalk.gray(`✅ Completed batch ${Math.floor(i/maxConcurrent) + 1}/${Math.ceil(rules.length/maxConcurrent)}`));
-      }
-    }
-
-    return this.consolidateResults(results, files.length);
-  }
-
-  async runSingleRule(rule, filesByLanguage, options, timeout) {
-    if (options.verbose) {
-      console.log(chalk.gray(`🔍 Running rule ${rule.id}: ${rule.name}`));
-    }
-
-    const startTime = Date.now();
-    
-    // Load rule analyzer
-    const analyzer = await this.loadRuleAnalyzer(rule);
-    
-    if (!analyzer) {
-      return {
-        ruleId: rule.id,
-        ruleName: rule.name,
-        violations: [],
-        error: 'Analyzer not found',
-        status: 'skipped'
-      };
-    }
-
-    const violations = [];
-
-    // Run analyzer for each supported language
-    for (const language of rule.languages) {
-      const languageFiles = filesByLanguage[language] || [];
-      
-      if (languageFiles.length === 0) {
-        continue;
-      }
-
-      try {
-        // Run with timeout
-        const languageViolations = await Promise.race([
-          analyzer.analyze(languageFiles, language, this.config),
-          new Promise((_, reject) => 
-            setTimeout(() => reject(new Error('Timeout')), timeout)
-          )
-        ]);
-
-        violations.push(...languageViolations);
-      } catch (error) {
-        console.error(chalk.yellow(`⚠️  Rule ${rule.id} failed for ${language}:`), error.message);
-      }
-    }
-
-    const duration = Date.now() - startTime;
-
-    return {
-      ruleId: rule.id,
-      ruleName: rule.name,
-      category: rule.category,
-      severity: rule.severity,
-      violations,
-      filesAnalyzed: Object.values(filesByLanguage).flat().length,
-      duration,
-      status: 'completed'
-    };
-  }
-
-  async loadRuleAnalyzer(rule) {
-    // Check cache first
-    if (this.ruleCache.has(rule.id)) {
-      return this.ruleCache.get(rule.id);
-    }
-
-    try {
-      const analyzerPath = path.resolve(__dirname, '..', rule.analyzer);
-      
-      if (!fs.existsSync(analyzerPath)) {
-        console.error(chalk.yellow(`⚠️  Analyzer not found for rule ${rule.id}: ${analyzerPath}`));
-        return null;
-      }
-
-      const analyzer = require(analyzerPath);
-      this.ruleCache.set(rule.id, analyzer);
-      return analyzer;
-    } catch (error) {
-      console.error(chalk.red(`❌ Failed to load analyzer for rule ${rule.id}:`), error.message);
-      return null;
-    }
-  }
-
-  async getFilesToAnalyze(inputPath, options) {
-    // Use centralized file targeting service - convert single path to array
-    const inputPaths = Array.isArray(inputPath) ? inputPath : [inputPath];
-    const result = await this.fileTargetingService.getTargetFiles(inputPaths, this.config, options);
-    return result.files; // Extract files array from result object
-  }
-
-  groupFilesByLanguage(files) {
-    const rulesRegistry = require('../config/rules-registry.json');
-    const languageConfig = rulesRegistry.languages;
-    
-    const filesByLanguage = {};
-
-    files.forEach(file => {
-      const ext = path.extname(file);
-      
-      for (const [language, config] of Object.entries(languageConfig)) {
-        if (config.extensions.includes(ext)) {
-          if (!filesByLanguage[language]) {
-            filesByLanguage[language] = [];
-          }
-          filesByLanguage[language].push(file);
-          break; // File belongs to first matching language
-        }
-      }
-    });
-
-    return filesByLanguage;
-  }
-
-  consolidateResults(results, totalFiles) {
-    const consolidatedResults = {
-      filesAnalyzed: totalFiles,
-      rulesRun: results.length,
-      totalViolations: 0,
-      violationsBySeverity: { error: 0, warning: 0, info: 0 },
-      violationsByRule: {},
-      violationsByFile: {},
-      results: []
-    };
-
-    results.forEach(result => {
-      consolidatedResults.results.push(result);
-      
-      if (result.violations) {
-        consolidatedResults.totalViolations += result.violations.length;
-        
-        // Count by severity
-        result.violations.forEach(violation => {
-          const severity = violation.severity || result.severity || 'warning';
-          consolidatedResults.violationsBySeverity[severity] = 
-            (consolidatedResults.violationsBySeverity[severity] || 0) + 1;
-        });
-
-        // Count by rule
-        consolidatedResults.violationsByRule[result.ruleId] = result.violations.length;
-
-        // Count by file
-        result.violations.forEach(violation => {
-          const file = violation.file || violation.filePath;
-          if (file) {
-            consolidatedResults.violationsByFile[file] = 
-              (consolidatedResults.violationsByFile[file] || 0) + 1;
-          }
-        });
-      }
-    });
-
-    return consolidatedResults;
-  }
-}
-
-module.exports = MultiRuleRunner;

package/core/output-service.js

@@ -35,7 +35,7 @@ class OutputService {
 
   generateReport(results, metadata, options = {}) {
     const allViolations = [];
-    let totalFiles = results.filesAnalyzed || results.totalFiles || results.fileCount || 0;
+    let totalFiles = results.filesAnalyzed || results.summary?.totalFiles || results.totalFiles || results.fileCount || 0;
 
     // Collect all violations - handle both file-based and rule-based results
     if (results.results) {

package/core/rule-mapping-service.js

@@ -16,7 +16,7 @@ class RuleMappingService {
    */
   createEslintToSunlintMapping() {
     return {
-      // Custom rules mapping (using actual rule IDs from eslint-plugin-custom)
+      // Custom rules mapping (using actual rule IDs from integrations/eslint/plugin/rules)
       'custom/c002': 'C002',
       'custom/c003': 'C003', 
       'custom/c006': 'C006',
@@ -50,14 +50,18 @@ class RuleMappingService {
       'custom/no-console-error': 'C019',
       
       // Security rules mapping
+      'custom/typescript_s001': 'S001',
+      'custom/typescript_s002': 'S002',
       'custom/typescript_s003': 'S003',
       'custom/typescript_s005': 'S005',
       'custom/typescript_s006': 'S006',
+      'custom/typescript_s007': 'S007',
       'custom/typescript_s008': 'S008',
       'custom/typescript_s009': 'S009',
       'custom/typescript_s010': 'S010',
       'custom/typescript_s011': 'S011',
       'custom/typescript_s012': 'S012',
+      'custom/typescript_s013': 'S013',
       'custom/typescript_s014': 'S014',
       'custom/typescript_s015': 'S015',
       'custom/typescript_s016': 'S016',
@@ -173,13 +177,17 @@ class RuleMappingService {
     mapping['C076'] = ['custom/c076']; // One assert per test
 
     // Security rules mapping
+    mapping['S001'] = ['custom/typescript_s001']; // Fail securely
+    mapping['S002'] = ['custom/typescript_s002']; // IDOR check
     mapping['S005'] = ['custom/typescript_s005']; // No Origin header auth
     mapping['S006'] = ['custom/typescript_s006']; // Activation recovery secret
+    mapping['S007'] = ['custom/typescript_s007']; // No plaintext OTP
     mapping['S008'] = ['custom/typescript_s008']; // Crypto agility
     mapping['S009'] = ['custom/typescript_s009']; // No insecure crypto
     mapping['S010'] = ['custom/typescript_s010']; // No insecure random
     mapping['S011'] = ['custom/typescript_s011']; // No insecure UUID
     mapping['S012'] = ['custom/typescript_s012']; // No hardcoded secrets
+    mapping['S013'] = ['custom/typescript_s013']; // Verify TLS connection
     mapping['S014'] = ['custom/typescript_s014']; // Insecure TLS version
     mapping['S015'] = ['custom/typescript_s015']; // Insecure TLS certificate
     mapping['S016'] = ['custom/typescript_s016']; // Sensitive query parameter

package/core/rule-selection-service.js

@@ -15,7 +15,7 @@ class RuleSelectionService {
   async selectRules(config, options) {
     // Load rules registry
     try {
-      this.rulesRegistry = require('../config/rules-registry.json');
+      this.rulesRegistry = require('../config/rules/rules-registry.json');
     } catch (error) {
       console.log(chalk.yellow('⚠️  Rules registry not found, using minimal rule set'));
       this.rulesRegistry = this.getMinimalRuleSet();
@@ -40,6 +40,14 @@ class RuleSelectionService {
       if (options.verbose) {
         console.log(chalk.blue(`📋 Found ${selectedRules.length} total rules (${registryRules.length} registry + ${eslintSupportedRules.length} ESLint)`));
       }
+    } else if (options.quality) {
+      // Handle --quality shortcut
+      const categoryRules = this.getRulesByCategory('quality');
+      selectedRules = categoryRules;
+    } else if (options.security) {
+      // Handle --security shortcut
+      const categoryRules = this.getRulesByCategory('security');
+      selectedRules = categoryRules;
     } else if (options.category) {
       const categoryRules = this.getRulesByCategory(options.category);
       selectedRules = categoryRules;
@@ -96,7 +104,7 @@ class RuleSelectionService {
         'C043', 'C047', 'C048', 'C076', 'T002', 'T003', 'T004', 'T007', 'T011', 
         'T019', 'T025', 'T026'
       ],
-      'security': ['S003', 'S005', 'S006', 'S008', 'S009', 'S010', 'S011', 'S012', 'S014', 'S015', 'S016', 'S017', 'S018', 'S019', 'S020', 'S022', 'S023', 'S025', 'S026', 'S027', 'S029', 'S030', 'S033', 'S034', 'S035', 'S036', 'S037', 'S038', 'S039', 'S041', 'S042', 'S043', 'S044', 'S045', 'S046', 'S047', 'S048', 'S050', 'S052', 'S054', 'S055', 'S057', 'S058'],
+      'security': ['S001', 'S002', 'S003', 'S005', 'S006', 'S007', 'S008', 'S009', 'S010', 'S011', 'S012', 'S013', 'S014', 'S015', 'S016', 'S017', 'S018', 'S019', 'S020', 'S022', 'S023', 'S025', 'S026', 'S027', 'S029', 'S030', 'S033', 'S034', 'S035', 'S036', 'S037', 'S038', 'S039', 'S041', 'S042', 'S043', 'S044', 'S045', 'S046', 'S047', 'S048', 'S050', 'S052', 'S054', 'S055', 'S057', 'S058'],
       'naming': ['C006'],
       'logging': ['C019', 'S057'],
       'validation': ['C031', 'S018', 'S025', 'S026']