@sun-asterisk/sunlint 1.3.0 → 1.3.1

package/README.md

@@ -33,7 +33,7 @@ SunLint uses a unified adapter pattern ensuring consistency between CLI and VSCo
 │ • Origin Rules (markdown)         │
 │ • Heuristic Engine (244 rules)    │
 │ • ESLint Engine (17 rules)        │
-│ • AI Engine (256 rules)           │
+│ • OpenAI Engine (256 rules)       │
 └───────────────────────────────────┘
 ```
 
@@ -166,13 +166,13 @@ sunlint --show-engines --rules=C010,R001,S005
 # Use specific engine
 sunlint --engine=heuristic --rules=C010,C020 --input=src
 sunlint --engine=eslint --rules=R001,R006 --input=src  
-sunlint --engine=ai --rules=C010,S001 --input=src
+sunlint --engine=openai --rules=C010,S001 --input=src
 ```
 
 **Engine Stats:**
 - **Heuristic Engine**: 244/256 rules (95.3%) - Fast, universal
 - **ESLint Engine**: 17/256 rules (6.6%) - JavaScript/TypeScript focused
-- **AI Engine**: 256/256 rules (100%) - Context-aware analysis
+- **OpenAI Engine**: 256/256 rules (100%) - Context-aware analysis
 
 ### **ESLint Integration**
 Seamlessly integrate with existing ESLint configurations:
@@ -261,7 +261,6 @@ sunlint --all --only-source --input=src
 | **C043** | No Console or Print | ✅ Stable |
 | **C047** | No Duplicate Retry Logic | ✅ Stable |
 | **C075** | Explicit Function Return Types | ✅ Stable |
-| **C076** | Single Test Behavior | ✅ Stable |
 | **T002-T021** | TypeScript-specific rules | ✅ Stable |
 
 ### **Security Rules** 🔒 (47 rules)

package/config/ci-cd.json

@@ -0,0 +1,54 @@
+{
+  "name": "CI/CD Optimized Configuration", 
+  "description": "Fast analysis for CI/CD pipelines",
+  
+  "performance": {
+    "maxSemanticFiles": 300,
+    "maxConcurrentRules": 3,
+    "timeoutMs": 30000
+  },
+  
+  "input": ["."],
+  
+  "include": [
+    "src/**/*.ts",
+    "src/**/*.js"
+  ],
+  
+  "exclude": [
+    "**/*.test.*",
+    "**/*.d.ts",
+    "node_modules/**",
+    "dist/**",
+    "build/**"
+  ],
+  
+  "rules": {
+    "categories": {
+      "security": true,
+      "quality": true,
+      "logging": false
+    }
+  },
+  
+  "output": {
+    "format": "github",
+    "console": true,
+    "summary": false
+  },
+  
+  "engines": {
+    "semantic": {
+      "enabled": true,
+      "fileLimit": 300
+    },
+    "ai": {
+      "enabled": false
+    }
+  },
+  
+  "reporting": {
+    "exitOnError": true,
+    "showProgress": false
+  }
+}

package/config/development.json

@@ -0,0 +1,56 @@
+{
+  "name": "Development Configuration",
+  "description": "Fast feedback for daily development",
+  
+  "performance": {
+    "maxSemanticFiles": 500,
+    "maxConcurrentRules": 4,
+    "timeoutMs": 15000
+  },
+  
+  "input": ["."],
+  
+  "include": [
+    "src/**/*.ts",
+    "src/**/*.js",
+    "lib/**/*.ts"
+  ],
+  
+  "exclude": [
+    "**/*.test.*",
+    "**/*.spec.*", 
+    "**/*.d.ts",
+    "node_modules/**",
+    "dist/**"
+  ],
+  
+  "rules": {
+    "C006": "error",
+    "C019": "error", 
+    "C029": "error",
+    "S001": "error",
+    "S005": "error"
+  },
+  
+  "output": {
+    "format": "summary",
+    "console": true,
+    "summary": true,
+    "verbose": false
+  },
+  
+  "engines": {
+    "semantic": {
+      "enabled": true,
+      "fileLimit": 500
+    },
+    "ai": {
+      "enabled": false
+    }
+  },
+  
+  "git": {
+    "changedFiles": true,
+    "diffBase": "origin/main"
+  }
+}

package/config/large-project.json

@@ -0,0 +1,143 @@
+{
+  "$schema": "./sunlint-schema.json",
+  "name": "Large Project Configuration",
+  "description": "Optimized configuration for projects with 1000+ files",
+  
+  "performance": {
+    "maxSemanticFiles": 1000,
+    "maxConcurrentRules": 5,
+    "timeoutMs": 60000,
+    "cacheEnabled": true,
+    "cacheLocation": ".sunlint-cache/"
+  },
+  
+  "input": [
+    "src",
+    "lib", 
+    "app",
+    "packages"
+  ],
+  
+  "include": [
+    "src/**/*.ts",
+    "src/**/*.js", 
+    "lib/**/*.ts",
+    "app/**/*.ts",
+    "packages/*/src/**/*.ts"
+  ],
+  
+  "exclude": [
+    "node_modules/**",
+    "dist/**",
+    "build/**", 
+    "coverage/**",
+    "**/*.test.*",
+    "**/*.spec.*",
+    "**/*.d.ts",
+    "**/*.generated.*",
+    "**/generated/**",
+    "**/*.min.*",
+    "**/*.bundle.*"
+  ],
+  
+  "rules": {
+    "enabled": [
+      "C006", "C019", "C029", "C047",
+      "S001", "S005", "S010"
+    ],
+    "categories": {
+      "quality": true,
+      "security": true,
+      "performance": false,
+      "logging": true
+    }
+  },
+  
+  "output": {
+    "format": "summary",
+    "console": true,
+    "summary": true,
+    "includeContext": true,
+    "showFixSuggestions": true,
+    "groupByFile": true,
+    "sortBy": "severity"
+  },
+  
+  "engines": {
+    "semantic": {
+      "enabled": true,
+      "fileLimit": 1000,
+      "enableCaching": true,
+      "crossFileAnalysis": true
+    },
+    "heuristic": {
+      "enabled": true,
+      "fastMode": false
+    },
+    "ai": {
+      "enabled": false,
+      "fallbackToPattern": true
+    }
+  },
+  
+  "ci": {
+    "changedFiles": {
+      "maxSemanticFiles": 300,
+      "format": "github",
+      "failOnError": true
+    },
+    "fullScan": {
+      "maxSemanticFiles": 1000,
+      "format": "json", 
+      "output": "sunlint-report.json"
+    },
+    "nightly": {
+      "maxSemanticFiles": 2000,
+      "format": "detailed",
+      "output": "nightly-report.json"
+    }
+  },
+  
+  "overrides": [
+    {
+      "files": ["src/critical/**/*.ts"],
+      "performance": {
+        "maxSemanticFiles": 2000
+      },
+      "rules": {
+        "enabled": "all"
+      }
+    },
+    {
+      "files": ["**/*.test.*", "**/*.spec.*"],
+      "performance": {
+        "maxSemanticFiles": 500
+      },
+      "rules": {
+        "categories": {
+          "testing": true,
+          "security": false
+        }
+      }
+    },
+    {
+      "files": ["packages/*/src/**"],
+      "performance": {
+        "maxSemanticFiles": 1500
+      }
+    }
+  ],
+  
+  "reporting": {
+    "baseline": {
+      "enabled": true,
+      "file": "baseline.json",
+      "updateOnClean": true
+    },
+    "trends": {
+      "enabled": true,
+      "historyFile": "trends.json",
+      "trackMetrics": ["violations", "files", "performance"]
+    }
+  }
+}

package/config/presets/all.json

@@ -32,7 +32,6 @@
     "C072": "warn",
     "C073": "warn",
     "C075": "warn",
-    "C076": "warn",
     "S001": "error",
     "S002": "error",
     "S003": "warn",

package/config/release.json

@@ -0,0 +1,70 @@
+{
+  "name": "Release Validation Configuration",
+  "description": "Comprehensive analysis for release validation", 
+  
+  "performance": {
+    "maxSemanticFiles": -1,
+    "maxConcurrentRules": 8,
+    "timeoutMs": 300000
+  },
+  
+  "input": ["."],
+  
+  "include": [
+    "src/**/*.ts",
+    "src/**/*.js",
+    "lib/**/*.ts",
+    "app/**/*.ts",
+    "packages/*/src/**/*.ts"
+  ],
+  
+  "exclude": [
+    "node_modules/**",
+    "dist/**",
+    "build/**",
+    "coverage/**",
+    "**/*.min.*",
+    "**/*.bundle.*"
+  ],
+  
+  "rules": {
+    "enabled": "all"
+  },
+  
+  "output": {
+    "format": "detailed",
+    "console": true,
+    "summary": true,
+    "includeContext": true,
+    "showFixSuggestions": true,
+    "output": "release-validation-report.json"
+  },
+  
+  "engines": {
+    "semantic": {
+      "enabled": true,
+      "fileLimit": -1,
+      "enableCaching": true,
+      "crossFileAnalysis": true
+    },
+    "ai": {
+      "enabled": true,
+      "provider": "openai",
+      "model": "gpt-4o-mini"
+    }
+  },
+  
+  "reporting": {
+    "baseline": {
+      "enabled": true,
+      "file": "release-baseline.json",
+      "compareWithPrevious": true
+    },
+    "trends": {
+      "enabled": true,
+      "historyFile": "release-trends.json"
+    },
+    "failOnNewViolations": true,
+    "exitOnError": true
+  }
+}

package/config/rule-analysis-strategies.js

@@ -22,9 +22,10 @@ module.exports = {
       accuracy: { ast: 95, regex: 85 }
     },
     'C017': {
-      reason: 'Constructor logic analysis needs AST context',
-      methods: ['ast', 'regex'],
-      accuracy: { ast: 90, regex: 70 }
+      reason: 'Constructor logic analysis needs semantic context - Phase 2 with symbol-based analysis',
+      methods: ['semantic', 'ast', 'regex'],
+      accuracy: { semantic: 95, ast: 85, regex: 70 },
+      strategy: 'semantic-primary'
     },
     'S015': {
       reason: 'TLS certificate validation requires AST context analysis',
@@ -65,6 +66,24 @@ module.exports = {
       strategy: 'ast-primary-regex-fallback',
       accuracy: { ast: 90, regex: 75, combined: 95 }
     },
+    'C035': {
+      reason: 'Error logging context requires symbol-based + regex analysis',
+      methods: ['semantic', 'regex'],
+      strategy: 'semantic-primary-regex-fallback',
+      accuracy: { semantic: 90, regex: 70, combined: 95 }
+    },
+    'C040': {
+      reason: 'Validation centralization requires project-wide symbol analysis + data flow tracking',
+      methods: ['semantic', 'regex'],
+      strategy: 'semantic-primary-regex-fallback',
+      accuracy: { semantic: 95, regex: 75, combined: 97 }
+    },
+    'C076': {
+      reason: 'Public API type enforcement requires symbol-based analysis for export boundaries',
+      methods: ['semantic'],
+      strategy: 'semantic-primary',
+      accuracy: { semantic: 95 }
+    },
     'C041': {
       reason: 'Hardcoded secrets need AST literal analysis like ESLint',
       methods: ['ast', 'regex'],
@@ -87,4 +106,4 @@ module.exports = {
       strategy: 'progressive-enhancement'
     }
   }
-};
+};

package/config/rules/S027-categories.json

@@ -0,0 +1,122 @@
+{
+  "S027": {
+    "categories": [
+      {
+        "name": "AWS Credentials",
+        "severity": "critical",
+        "description": "AWS access keys, secret keys, and session tokens",
+        "patterns": [
+          "AKIA[0-9A-Z]{16}",
+          "(?i)aws[-_]?(secret[-_]?access[-_]?key|access[-_]?key[-_]?id)[\\s:=]+[\"']?[A-Za-z0-9\\/+=]{20,40}[\"']?",
+          "(?i)aws[-_]?session[-_]?token[\\s:=]+[\"']?[A-Za-z0-9\\/+=]{100,}[\"']?"
+        ],
+        "exclude_patterns": [
+          "(?i)(test|mock|fake|example|demo)[-_]?aws",
+          "AWS_REGION|AWS_DEFAULT_REGION"
+        ]
+      },
+      {
+        "name": "JWT & Authentication Tokens",
+        "severity": "critical", 
+        "description": "JWT tokens and authentication credentials",
+        "patterns": [
+          "eyJ[A-Za-z0-9\\-_=]+\\.[A-Za-z0-9\\-_=]+\\.?[A-Za-z0-9\\-_.+/=]*",
+          "(?i)(jwt|bearer|auth)[-_]?(token|secret)[\\s:=]+[\"']?[a-zA-Z0-9\\-_=]{20,}[\"']?",
+          "(?i)authorization[\\s:=]+[\"']?(bearer|basic)[\\s]+[a-zA-Z0-9\\-_=]{10,}[\"']?"
+        ]
+      },
+      {
+        "name": "API Keys & Secrets",
+        "severity": "high",
+        "description": "Generic API keys and secret tokens",
+        "patterns": [
+          "(?i)(api[-_]?key|secret[-_]?key|access[-_]?token)[\\s:=]+[\"']?[a-zA-Z0-9\\-_=]{16,}[\"']?",
+          "(?i)(client[-_]?secret|app[-_]?secret)[\\s:=]+[\"']?[a-zA-Z0-9\\-_=]{20,}[\"']?",
+          "(?i)(private[-_]?key|encryption[-_]?key)[\\s:=]+[\"']?[a-zA-Z0-9\\-_=]{20,}[\"']?"
+        ],
+        "exclude_patterns": [
+          "(?i)(display|row|sort|primary|foreign)[-_]?key",
+          "(?i)key(value|path|name|code|id|index)",
+          "^key$"
+        ]
+      },
+      {
+        "name": "Database Credentials", 
+        "severity": "high",
+        "description": "Database connection strings and passwords",
+        "patterns": [
+          "(mongodb|mysql|postgres|redis):\\/\\/[^\\/\\s'\"]+:[^\\/\\s'\"]+@[^\\/\\s'\"]+",
+          "(?i)(db|database)[-_]?(password|pass|pwd|secret)[\\s:=]+[\"']?[a-zA-Z0-9\\-_=]{6,}[\"']?",
+          "(?i)connection[-_]?string[\\s:=]+[\"']?[^\"'\\s]{20,}[\"']?"
+        ]
+      },
+      {
+        "name": "Third-party Service Keys",
+        "severity": "high", 
+        "description": "GitHub, Slack, Stripe and other service tokens",
+        "patterns": [
+          "gh[pousr]_[A-Za-z0-9_]{36}",
+          "xox[baprs]-[A-Za-z0-9-]+",
+          "sk_live_[A-Za-z0-9]{24,}",
+          "(?i)(github|slack|stripe|paypal)[-_]?(token|key|secret)[\\s:=]+[\"']?[a-zA-Z0-9\\-_=]{16,}[\"']?"
+        ]
+      },
+      {
+        "name": "Suspicious Variable Names",
+        "severity": "medium",
+        "description": "Variables with sensitive naming patterns",
+        "patterns": [
+          "(?i)(client|app|service)[-_]?(id|key|token|secret)[\"']?\\s*[:=]\\s*[\"'][A-Za-z0-9\\-_=]{12,}[\"']?",
+          "(?i)(oauth|openid)[-_]?(client[-_]?id|secret)[\\s:=]+[\"']?[a-zA-Z0-9\\-_=]{10,}[\"']?"
+        ],
+        "exclude_patterns": [
+          "(?i)(send|verify|update|register|reset).*password",
+          "(?i)password.*(reset|verify|update|first|time)"
+        ]
+      },
+      {
+        "name": "Base64 Encoded Secrets",
+        "severity": "medium",
+        "description": "Potentially encoded sensitive data",
+        "patterns": [
+          "[A-Za-z0-9+\\/]{64,}={0,2}"
+        ],
+        "exclude_patterns": [
+          "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+          "(?i)(test|demo|example|sample)"
+        ]
+      },
+      {
+        "name": "Environment Variables",
+        "severity": "low",
+        "description": "Public environment variables that might leak info",
+        "patterns": [
+          "NEXT_PUBLIC_[A-Z0-9_]+[\\s:=]+[\"'][^\"']+[\"']",
+          "(?i)react_app_[A-Z0-9_]+[\\s:=]+[\"'][^\"']+[\"']"
+        ],
+        "exclude_patterns": [
+          "NODE_ENV|ENV|ENVIRONMENT|MODE|DEBUG"
+        ]
+      },
+      {
+        "name": "File Path Leaks",
+        "severity": "low", 
+        "description": "Sensitive file patterns",
+        "patterns": [
+          "\\.env(\\..+)?$",
+          "(secrets?|credentials?|private[-_]?keys?)\\.(json|ya?ml|ts|js)$",
+          "id_rsa|id_dsa|\\.pem|\\.p12|\\.pfx$"
+        ]
+      }
+    ],
+    "global_exclude_patterns": [
+      "(?i)(test|mock|fake|dummy|example|demo|sample|placeholder)",
+      "(?i)(localhost|127\\.0\\.0\\.1|development|dev|staging)",
+      "^(true|false|null|undefined|none|empty)$",
+      "\\.(test|spec|mock)\\.",
+      "__tests__|\\/tests?\\/|\\/spec\\/"
+    ],
+    "min_length": 8,
+    "max_length": 1000
+  }
+}