@sun-asterisk/sunlint 1.3.34 → 1.3.36

package/core/architecture-integration.js

@@ -16,16 +16,15 @@ class ArchitectureIntegration {
 
   /**
    * Load architecture detection module
-   * Tries bundled version first, then falls back to local development path
+   * Tries bundled (engines/) first, then npm package, then local dev paths
    */
   async loadArchitectureModule() {
     if (this.archModule) {
       return this.archModule;
     }
 
-    // Try bundled version first (engines/arch-detect)
+    // Priority 1: Try bundled version (engines/arch-detect) - for published package
     const bundledPath = path.join(__dirname, '..', 'engines', 'arch-detect', 'index.js');
-
     if (fs.existsSync(bundledPath)) {
       try {
         this.archModule = require(bundledPath);
@@ -35,12 +34,23 @@ class ArchitectureIntegration {
         return this.archModule;
       } catch (error) {
         if (this.options.verbose) {
-          console.log(chalk.yellow(`⚠️ Failed to load bundled module: ${error.message}`));
+          console.log(chalk.yellow(`⚠️ Failed to load bundled: ${error.message}`));
         }
       }
     }
 
-    // Fallback: Try local development path
+    // Priority 2: Try npm package (workspace link) - for local development
+    try {
+      this.archModule = require('@sunlint/architecture-detection');
+      if (this.options.verbose) {
+        console.log(chalk.gray('📦 Loaded @sunlint/architecture-detection package'));
+      }
+      return this.archModule;
+    } catch (error) {
+      // Package not found, continue to fallback
+    }
+
+    // Priority 3: Try local development paths
     const devPaths = [
       path.join(__dirname, '..', '..', '..', '..', 'architecture-detection', 'dist', 'index.js'),
       path.join(__dirname, '..', '..', '..', 'architecture-detection', 'dist', 'index.js'),
@@ -63,8 +73,7 @@ class ArchitectureIntegration {
     }
 
     throw new Error(
-      'Architecture detection module not found. Run "npm run build" to bundle it, ' +
-      'or ensure architecture-detection is built in the parent directory.'
+      'Architecture detection module not found. Run "npm run build" in sunlint directory.'
     );
   }
 

package/core/auto-performance-manager.js

@@ -76,7 +76,7 @@ class AutoPerformanceManager {
   analyzeProject(options, targetFiles) {
     const fileCount = targetFiles.length;
     const inputPath = options.input || process.cwd();
-    
+
     // Estimate project complexity
     const hasNodeModules = fs.existsSync(path.join(inputPath, 'node_modules'));
     const hasPackageJson = fs.existsSync(path.join(inputPath, 'package.json'));

package/core/cli-action-handler.js

@@ -15,6 +15,7 @@ const OutputService = require('./output-service');
 const GitUtils = require('./git-utils');
 const FileTargetingService = require('./file-targeting-service');
 const { ArchitectureIntegration } = require('./architecture-integration');
+const { ImpactIntegration } = require('./impact-integration');
 
 // Legacy orchestrator for fallback
 // const LegacyOrchestrator = require('./legacy-analysis-orchestrator'); // Removed
@@ -83,8 +84,8 @@ class CliActionHandler {
       const startTime = Date.now();
       let results = null;
 
-      // Run code quality analysis (unless --architecture is used alone)
-      if (rulesToRun.length > 0 && !this.isArchitectureOnly()) {
+      // Run code quality analysis (unless --architecture or --impact is used alone)
+      if (rulesToRun.length > 0 && !this.isArchitectureOnly() && !this.isImpactOnly()) {
         results = await this.runModernAnalysis(rulesToRun, targetingResult.files, config);
       } else {
         results = { results: [], summary: { total: 0, errors: 0, warnings: 0 } };
@@ -96,6 +97,12 @@ class CliActionHandler {
         results.architecture = architectureResults;
       }
 
+      // Run impact analysis if requested
+      if (this.options.impact) {
+        const impactResults = await this.runImpactAnalysis();
+        results.impact = impactResults;
+      }
+
       const duration = Date.now() - startTime;
 
       // Output results
@@ -515,6 +522,22 @@ class CliActionHandler {
    */
   isArchitectureOnly() {
     return this.options.architecture &&
+      !this.options.impact &&
+      !this.options.all &&
+      !this.options.rule &&
+      !this.options.rules &&
+      !this.options.quality &&
+      !this.options.security &&
+      !this.options.category;
+  }
+
+  /**
+   * Check if only impact analysis was requested (no code quality rules)
+   * Following Rule C006: Verb-noun naming
+   */
+  isImpactOnly() {
+    return this.options.impact &&
+      !this.options.architecture &&
       !this.options.all &&
       !this.options.rule &&
       !this.options.rules &&
@@ -554,6 +577,83 @@ class CliActionHandler {
       return null;
     }
   }
+
+  /**
+   * Run impact analysis using impact-analyzer module
+   * Following Rule C006: Verb-noun naming
+   */
+  async runImpactAnalysis() {
+    if (!this.options.quiet) {
+      console.log(chalk.blue('\n🔍 Running impact analysis...'));
+    }
+
+    try {
+      const integration = new ImpactIntegration({
+        ...this.options,
+        impactBase: this.options.impactBase || 'HEAD~1',
+        impactHead: this.options.impactHead,
+        impactReport: this.options.impactReport,
+        impactMaxDepth: this.options.impactMaxDepth ? parseInt(this.options.impactMaxDepth, 10) : 3,
+      });
+
+      const projectPath = this.getProjectPath();
+      const results = await integration.analyze(projectPath);
+
+      // Display summary
+      if (!this.options.quiet && results.summary) {
+        const { summary } = results;
+        const severityColors = {
+          critical: chalk.red,
+          high: chalk.yellow,
+          medium: chalk.cyan,
+          low: chalk.green,
+          none: chalk.gray,
+        };
+        const colorFn = severityColors[summary.severity] || chalk.white;
+
+        console.log(chalk.gray(`\n   Base: ${summary.baseRef}`));
+        console.log(chalk.gray(`   Changes: ${summary.totalChanges} files`));
+        console.log(`   Impact: ${colorFn(summary.impactScore + '/100')} (${colorFn(summary.severity.toUpperCase())})`);
+
+        if (summary.categories) {
+          const cats = Object.entries(summary.categories)
+            .filter(([, count]) => count > 0)
+            .map(([cat, count]) => `${cat}:${count}`)
+            .join(' · ');
+          if (cats) {
+            console.log(chalk.gray(`   Categories: ${cats}`));
+          }
+        }
+      }
+
+      // Save markdown report if requested
+      if (this.options.impactReport && results.markdownReport) {
+        const reportPath = await integration.saveReport(
+          results.markdownReport,
+          this.options.impactReport
+        );
+        if (!this.options.quiet) {
+          console.log(chalk.green(`\n📄 Impact report saved: ${reportPath}`));
+        }
+      }
+
+      // Save JSON report if requested
+      if (this.options.impactJson) {
+        const jsonPath = await integration.saveJsonReport(results, this.options.impactJson);
+        if (!this.options.quiet) {
+          console.log(chalk.green(`📊 Impact JSON saved: ${jsonPath}`));
+        }
+      }
+
+      return results;
+    } catch (error) {
+      console.error(chalk.yellow(`⚠️ Impact analysis failed: ${error.message}`));
+      if (this.options.verbose || this.options.debug) {
+        console.error(error.stack);
+      }
+      return null;
+    }
+  }
 }
 
 module.exports = CliActionHandler;

package/core/cli-program.js

@@ -1,6 +1,6 @@
 /**
  * CLI Program Definition
- * Following Rule C005: Single responsibility - only handle CLI structure
+ * Defines all CLI options and help text for SunLint
  */
 
 const { Command } = require('commander');
@@ -11,169 +11,133 @@ function createCliProgram() {
 
   program
     .name('sunlint')
-    .description('☀️ Sun Lint - Coding Standards Checker | Multi-rule Quality & Security Analysis')
+    .description('☀️ SunLint - Multi-language Static Analysis Tool | Code Quality & Security')
     .version(version);
 
-  // Rule selection options
+  // ──────────────────────────────────────────────────────────────
+  // Rule Selection
+  // ──────────────────────────────────────────────────────────────
   program
     .option('-r, --rule <rule>', 'Run single rule (e.g., C019)')
-    .option('--rules <rules>', 'Run multiple rules (comma-separated, e.g., C019,C006,S005)')
+    .option('--rules <rules>', 'Run multiple rules (comma-separated)')
     .option('-a, --all', 'Run all available rules')
-    .option('-c, --category <category>', 'Run rules by category (quality,security,logging,naming)')
+    .option('-c, --category <category>', 'Run rules by category (quality, security, logging, naming)')
     .option('--quality', 'Run all code quality rules')
     .option('--security', 'Run all secure coding rules');
 
-  // Architecture Analysis options
-  program
-    .option('--architecture', 'Enable architecture pattern detection (layered, modular, mvvm, viper)')
-    .option('--arch-patterns <patterns>', 'Target specific architecture patterns (comma-separated)')
-    .option('--arch-report', 'Generate separate architecture MD report');
-
-  // TypeScript specific options (Phase 1 focus)
-  program
-    .option('--typescript', 'Enable TypeScript-specific analysis')
-    .option('--typescript-engine <engine>', 'TypeScript analysis engine (eslint,heuristic,hybrid)', 'heuristic')
-    .option('--ensure-deps', 'Ensure ESLint dependencies are installed');
-
-  // Input/Output options (v1.x: explicit --input required)
+  // ──────────────────────────────────────────────────────────────
+  // Input/Output
+  // ──────────────────────────────────────────────────────────────
   program
     .option('-i, --input <path>', 'Input file or directory to analyze (REQUIRED)')
-    .option('-f, --format <format>', 'Output format (eslint,json,summary,table)', 'eslint')
-    .option('-o, --output <file>', 'Output file path')
-    .option('--output-summary <file>', 'Output summary report file path (JSON format for CI/CD)')
-    .option('--upload-report [url]', 'Upload summary report to API endpoint after analysis (default: Sun* Coding Standards API)')
-    .option('--config <file>', 'Configuration file path (default: auto-discover)')
-    .option('--github-annotate [mode]', 'Annotate GitHub PR with comments, summary & HTML report artifact (modes: annotate, summary, all)');
-
-  // File targeting options
+    .option('-f, --format <format>', 'Output format: eslint, json, summary, table', 'eslint')
+    .option('-o, --output <file>', 'Write output to file')
+    .option('--output-summary <file>', 'Write JSON summary for CI/CD')
+    .option('--output-html [file]', 'Generate HTML report (default: sunlint-report.html)')
+    .option('--config <file>', 'Configuration file path');
+
+  // ──────────────────────────────────────────────────────────────
+  // File Targeting
+  // ──────────────────────────────────────────────────────────────
   program
     .option('--include <patterns>', 'Include file patterns (comma-separated globs)')
     .option('--exclude <patterns>', 'Exclude file patterns (comma-separated globs)')
-    .option('--languages <languages>', 'Target specific languages (comma-separated: typescript,dart,kotlin)')
-    .option('--include-tests', 'Include test files in analysis (default: true)')
+    .option('--languages <langs>', 'Target languages: typescript, dart, kotlin, swift, java')
     .option('--exclude-tests', 'Exclude test files from analysis')
-    .option('--only-source', 'Only analyze source files (exclude tests, configs, etc.)');
+    .option('--only-source', 'Only analyze source files (exclude tests, configs)');
 
-  // CI/CD and Git integration options
+  // ──────────────────────────────────────────────────────────────
+  // Git Integration
+  // ──────────────────────────────────────────────────────────────
   program
-    .option('--changed-files', 'Only analyze files changed in current branch (git diff)')
+    .option('--changed-files', 'Only analyze changed files (git diff)')
     .option('--staged-files', 'Only analyze staged files (git diff --cached)')
-    .option('--diff-base <ref>', 'Compare against specific git reference (e.g., origin/main)')
-    .option('--since <commit>', 'Only analyze files changed since specific commit')
-    .option('--pr-mode', 'Enable PR mode (changed files + baseline comparison)')
-    .option('--baseline <file>', 'Load baseline results to compare against')
-    .option('--save-baseline <file>', 'Save current results as baseline')
-    .option('--fail-on-new-violations', 'Exit with error only on new violations (not existing)');
-
-  // Performance options (SIMPLIFIED)
+    .option('--diff-base <ref>', 'Compare against git ref (e.g., origin/main)');
+
+  // ──────────────────────────────────────────────────────────────
+  // GitHub Actions
+  // ──────────────────────────────────────────────────────────────
   program
-    .option('--timeout <milliseconds>', 'Analysis timeout in milliseconds (default: auto)', '0')
-    .option('--max-files <count>', 'Maximum files to analyze (default: auto-detect)', '0')
-    .option('--performance <mode>', 'Performance mode: auto, fast, careful (default: auto)', 'auto');
+    .option('--github-annotate [mode]', 'GitHub PR annotations (modes: annotate, summary, all)')
+    .option('--upload-report [url]', 'Upload report to API (default: Sun* Coding Standards)');
 
-  // Advanced options
+  // ──────────────────────────────────────────────────────────────
+  // Analysis Options
+  // ──────────────────────────────────────────────────────────────
+  program
+    .option('--typescript', 'Enable TypeScript-specific analysis')
+    .option('--architecture', 'Enable architecture pattern detection')
+    .option('--arch-patterns <patterns>', 'Target architecture patterns (comma-separated)')
+    .option('--arch-report', 'Generate architecture markdown report')
+    .option('--impact', 'Enable impact analysis (analyze code changes)')
+    .option('--impact-base <ref>', 'Base git ref for impact analysis (default: HEAD~1)')
+    .option('--impact-head <ref>', 'Head git ref for impact analysis (default: working directory)')
+    .option('--impact-report <file>', 'Output impact report file (default: impact-report.md)')
+    .option('--impact-json <file>', 'Output impact analysis as JSON file')
+    .option('--impact-max-depth <n>', 'Maximum call graph depth for impact analysis (default: 3)')
+    .option('--engine <engine>', 'Analysis engine: auto, eslint, heuristic', 'auto')
+    .option('--eslint-integration', 'Merge with existing ESLint config')
+    .option('--no-eslint-integration', 'Disable ESLint integration');
+
+  // ──────────────────────────────────────────────────────────────
+  // Performance
+  // ──────────────────────────────────────────────────────────────
+  program
+    .option('--performance <mode>', 'Performance mode: auto, fast, careful', 'auto')
+    .option('--timeout <ms>', 'Analysis timeout in milliseconds', '0')
+    .option('--max-files <n>', 'Maximum files to analyze', '0')
+    .option('--max-semantic-files <n>', 'TypeScript symbol table limit (default: 1000)');
+
+  // ──────────────────────────────────────────────────────────────
+  // Output Control
+  // ──────────────────────────────────────────────────────────────
   program
-    .option('--engine <engine>', 'Analysis engine (eslint,heuristic,auto)', 'auto')
-    .option('--dry-run', 'Show what would be analyzed without running')
     .option('--verbose', 'Enable verbose logging')
     .option('--quiet', 'Suppress non-error output')
-    .option('--debug', 'Enable debug mode')
     .option('--ai', 'Enable AI-powered analysis')
-    .option('--no-ai', 'Force disable AI analysis')
-    .option('--max-semantic-files <number>', 'Symbol table file limit for TypeScript analysis (default: 1000, -1 for unlimited)')
-    .option('--list-engines', 'List available analysis engines');
-
-  // ESLint Integration options
-  program
-    .option('--eslint-integration', 'Enable ESLint integration (merge with existing ESLint config)')
-    .option('--no-eslint-integration', 'Disable ESLint integration')
-    .option('--eslint-merge-rules', 'Merge SunLint and user ESLint rules (default: true)')
-    .option('--eslint-preserve-config', 'Preserve user ESLint configuration (default: true)')
-    .option('--eslint-run-after', 'Run ESLint after SunLint (instead of merged execution)');
+    .option('--no-ai', 'Disable AI analysis');
 
-  // Help examples
+  // ──────────────────────────────────────────────────────────────
+  // Help Examples
+  // ──────────────────────────────────────────────────────────────
   program.addHelpText('after', `
 Examples:
-  $ sunlint --rule=C019 --input=src
-  $ sunlint --rule C019 --input src
-  $ sunlint --rules=C019,C006,S005 --input=src
-  $ sunlint --all --input=src
-  $ sunlint --quality --input=src
-  $ sunlint --security --input=src
-  $ sunlint --category=logging --input=src
-
-File Targeting:
-  $ sunlint --all --include="src/**/*.ts" --exclude="**/*.test.*" --input=.
-
-Performance (SIMPLIFIED):
-  $ sunlint --all --input=src --performance=auto        # Auto-detect best settings
-  $ sunlint --all --input=src --performance=fast        # Quick scan
-  $ sunlint --all --input=src --performance=careful     # Thorough analysis
-  $ sunlint --all --input=src --timeout=60000           # Custom timeout (60s)
-
-File Limits (when needed):
-  $ sunlint --all --input=src --max-files=500           # Limit total files analyzed
-  $ sunlint --all --input=src --max-semantic-files=200  # Limit TypeScript symbol table
-  $ sunlint --all --languages=typescript,dart --input=src
-  $ sunlint --typescript --exclude-tests --input=src
-  $ sunlint --all --only-source --include="src/**,lib/**" --input=.
-
-TypeScript Analysis (Phase 1):
-  $ sunlint --typescript --input=src
-  $ sunlint --rule=C006 --typescript --input=src
-  $ sunlint --rules=C019,S005 --typescript --input=src
-  $ sunlint --typescript-engine=eslint --input=src
-
-Version Strategy:
-  v1.x: ESLint-first with SunLint fallback (current)
-  v2.x: SunLint-first with ESLint integration (--eslint-integration)
-
-Engine Configuration:
-  $ sunlint --all --input=src                    # Use config engine setting
-  $ sunlint --all --input=src --engine=eslint    # Force ESLint engine 
-  $ sunlint --all --input=src --engine=heuristic # Force Heuristic engine
-
-CI/CD Integration:
-  $ sunlint --all --changed-files --format=summary --no-ai
-  $ sunlint --all --changed-files --diff-base=origin/main --fail-on-new-violations
-  $ sunlint --all --staged-files --format=summary
-  $ sunlint --all --pr-mode --diff-base=origin/main
-  $ sunlint --all --output-summary=report.json --upload-report
-  $ sunlint --all --output-summary=report.json --upload-report=https://custom-api.com/reports
-
-GitHub Actions Integration:
-  $ sunlint --all --input=src --github-annotate                       # Inline + summary + HTML artifact
-  $ sunlint --all --input=src --github-annotate=annotate              # Inline comments only
-  $ sunlint --all --input=src --github-annotate=summary               # Summary comment + HTML artifact
-  $ sunlint --all --input=src --github-annotate=all                   # All features (default)
-  $ sunlint --all --changed-files --github-annotate                   # With changed files only
-
-ESLint Integration:
-  $ sunlint --typescript --eslint-integration --input=src
-  $ sunlint --all --eslint-integration --eslint-merge-rules --input=src
-  $ sunlint --all --eslint-integration --eslint-run-after --input=src
-  $ sunlint --typescript --eslint-integration --changed-files
-
-Advanced File Targeting:
-  $ sunlint --all --include="src/**/*.ts,lib/**/*.dart" --exclude="**/*.generated.*" --input=.
-  $ sunlint --typescript --exclude="**/*.d.ts,**/*.test.*" --input=src
-  $ sunlint --languages=typescript,dart --include="src/**,packages/**" --input=.
-  $ sunlint --all --only-source --exclude-tests --languages=typescript --input=.
-
-Large Project Optimization:
-  $ sunlint --all --input=. --max-semantic-files=500    # Conservative analysis
-  $ sunlint --all --input=. --max-semantic-files=2000   # Comprehensive analysis
-  $ sunlint --all --input=. --max-semantic-files=-1     # Unlimited (all files)
-  $ sunlint --all --input=. --max-semantic-files=0      # Disable semantic analysis
-  $ sunlint --all --changed-files --max-semantic-files=300  # Fast CI analysis
-
-Architecture Analysis:
-  $ sunlint --all --architecture --input=src            # Code quality + architecture
-  $ sunlint --architecture --input=src                  # Architecture only
-  $ sunlint --architecture --arch-report --input=src    # Generate MD report
-  $ sunlint --architecture --arch-patterns=mvvm,layered --input=src
-
-Sun* Engineering - Coding Standards Made Simple ☀️
+  sunlint --all --input=src                    # Analyze all rules
+  sunlint --rule=C019 --input=src              # Single rule
+  sunlint --rules=C019,C006 --input=src        # Multiple rules
+  sunlint --quality --input=src                # Quality rules only
+  sunlint --security --input=src               # Security rules only
+
+Git Integration:
+  sunlint --all --changed-files --input=.      # Changed files only
+  sunlint --all --staged-files --input=.       # Staged files only
+  sunlint --all --diff-base=origin/main        # Compare with main
+
+GitHub Actions:
+  sunlint --all --github-annotate --input=src  # PR annotations
+  sunlint --all --output-summary=report.json   # JSON report for CI
+
+Reports:
+  sunlint --all --output-html --input=src      # Generate HTML report
+  sunlint --all --output-html=report.html      # Custom HTML filename
+
+Architecture:
+  sunlint --architecture --input=src           # Detect patterns
+  sunlint --architecture --arch-report         # Generate MD report
+
+Impact Analysis:
+  sunlint --impact --input=src                       # Analyze code changes
+  sunlint --impact --impact-base=origin/main         # Compare with main
+  sunlint --impact --impact-head=HEAD                # Specify head ref
+  sunlint --impact --impact-report=report.md         # Markdown report
+  sunlint --impact --impact-json=report.json         # JSON report
+  sunlint --impact --impact-max-depth=5              # Call graph depth
+
+Performance:
+  sunlint --all --performance=fast --input=.   # Quick scan
+  sunlint --all --max-files=500 --input=.      # Limit files
+
+☀️ Sun* Engineering - Coding Standards Made Simple
 `);
 
   return program;

package/core/file-targeting-service.js

@@ -616,22 +616,80 @@ class FileTargetingService {
     return files;
   }
 
+  /**
+   * Directories to always skip during file collection (performance + safety)
+   * These are known heavy/problematic directories in Flutter/mobile projects
+   */
+  static SKIP_DIRECTORIES = new Set([
+    'node_modules',
+    '.git',
+    '.dart_tool',
+    'build',
+    'Pods',
+    '.symlinks',
+    '.pub-cache',
+    '.gradle',
+    'DerivedData',
+    '__pycache__',
+    '.venv',
+    'vendor',
+    '.bundle'
+  ]);
+
   /**
    * Collect files from directory recursively
    * Rule C006: collectFilesFromDirectory - verb-noun naming
+   * Enhanced: Skip symlinks and known heavy directories to prevent stack overflow
    */
-  async collectFilesFromDirectory(dirPath) {
+  async collectFilesFromDirectory(dirPath, visitedPaths = new Set()) {
     const files = [];
-    const entries = fs.readdirSync(dirPath);
+
+    // Resolve real path to detect circular symlinks
+    let realPath;
+    try {
+      realPath = fs.realpathSync(dirPath);
+    } catch {
+      return files; // Cannot resolve path, skip
+    }
+
+    // Prevent infinite loops from circular symlinks
+    if (visitedPaths.has(realPath)) {
+      return files;
+    }
+    visitedPaths.add(realPath);
+
+    let entries;
+    try {
+      entries = fs.readdirSync(dirPath);
+    } catch {
+      return files; // Cannot read directory, skip
+    }
 
     for (const entry of entries) {
+      // Skip known heavy directories early (before stat call)
+      if (FileTargetingService.SKIP_DIRECTORIES.has(entry)) {
+        continue;
+      }
+
       const fullPath = path.join(dirPath, entry);
-      const stats = fs.statSync(fullPath);
+
+      let stats;
+      try {
+        // Use lstatSync to detect symlinks without following them
+        stats = fs.lstatSync(fullPath);
+      } catch {
+        continue; // Cannot stat, skip this entry
+      }
+
+      // Skip symlinks to prevent circular references
+      if (stats.isSymbolicLink()) {
+        continue;
+      }
 
       if (stats.isFile()) {
         files.push(path.resolve(fullPath));
       } else if (stats.isDirectory()) {
-        const subFiles = await this.collectFilesFromDirectory(fullPath);
+        const subFiles = await this.collectFilesFromDirectory(fullPath, visitedPaths);
         files.push(...subFiles);
       }
     }