@triedotdev/mcp 1.0.0

package/dist/chunk-3CS6Z2SL.js

@@ -0,0 +1,927 @@
+import {
+  AhoCorasick
+} from "./chunk-6NLHFIYA.js";
+
+// src/trie/vibe-code-signatures.ts
+var VIBE_CODE_PATTERNS = [
+  // ============================================
+  // CRITICAL: Security issues AI often creates
+  // ============================================
+  {
+    pattern: "NEXT_PUBLIC_",
+    metadata: {
+      type: "pattern",
+      severity: "serious",
+      category: "exposed-secrets",
+      description: "Environment variable exposed to browser",
+      commonMistake: "AI puts API keys in NEXT_PUBLIC_ variables, exposing them to users",
+      fix: "Only NEXT_PUBLIC_ for non-sensitive data. Move secrets to server-side API routes",
+      learnMore: "https://nextjs.org/docs/basic-features/environment-variables"
+    }
+  },
+  {
+    pattern: "VITE_",
+    metadata: {
+      type: "pattern",
+      severity: "serious",
+      category: "exposed-secrets",
+      description: "Environment variable exposed to browser",
+      commonMistake: "AI puts API keys in VITE_ variables, exposing them to users",
+      fix: "Only VITE_ for non-sensitive data. Create a backend API to hide secrets",
+      learnMore: "https://vitejs.dev/guide/env-and-mode.html"
+    }
+  },
+  {
+    pattern: "REACT_APP_",
+    metadata: {
+      type: "pattern",
+      severity: "serious",
+      category: "exposed-secrets",
+      description: "Environment variable exposed to browser",
+      commonMistake: "AI puts sensitive keys in REACT_APP_ making them visible in bundle",
+      fix: "Never put secrets in REACT_APP_. Use a backend proxy for API calls"
+    }
+  },
+  {
+    pattern: '"sk-',
+    metadata: {
+      type: "pattern",
+      severity: "critical",
+      category: "exposed-secrets",
+      description: "OpenAI API key pattern detected in string",
+      commonMistake: "AI generates code with OpenAI key in frontend - anyone can steal it!",
+      fix: "NEVER put sk- keys in frontend. Create /api/chat endpoint on server"
+    }
+  },
+  {
+    pattern: "'sk-",
+    metadata: {
+      type: "pattern",
+      severity: "critical",
+      category: "exposed-secrets",
+      description: "OpenAI API key pattern detected in string",
+      commonMistake: "AI generates code with OpenAI key in frontend - anyone can steal it!",
+      fix: "NEVER put sk- keys in frontend. Create /api/chat endpoint on server"
+    }
+  },
+  {
+    pattern: "`sk-",
+    metadata: {
+      type: "pattern",
+      severity: "critical",
+      category: "exposed-secrets",
+      description: "OpenAI API key pattern detected in template",
+      commonMistake: "AI generates code with OpenAI key in frontend - anyone can steal it!",
+      fix: "NEVER put sk- keys in frontend. Create /api/chat endpoint on server"
+    }
+  },
+  {
+    pattern: "sk_live_",
+    metadata: {
+      type: "pattern",
+      severity: "critical",
+      category: "exposed-secrets",
+      description: "Stripe live secret key detected",
+      commonMistake: "Stripe secret key in frontend = attackers can charge your account",
+      fix: "Use Stripe.js with publishable key only. Secret key stays on server"
+    }
+  },
+  {
+    pattern: "sk_test_",
+    metadata: {
+      type: "pattern",
+      severity: "serious",
+      category: "exposed-secrets",
+      description: "Stripe test secret key in code",
+      commonMistake: "Even test keys shouldnt be in frontend - bad habit",
+      fix: "Move to environment variables on server side"
+    }
+  },
+  // ============================================
+  // SERIOUS: Giant file anti-patterns
+  // ============================================
+  {
+    pattern: "function App()",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "giant-file",
+      description: "Main App component - check file size",
+      commonMistake: "AI puts EVERYTHING in App.jsx - 1000+ lines, impossible to maintain",
+      fix: "Split into components: Header, Sidebar, MainContent, Footer, etc."
+    }
+  },
+  {
+    pattern: "export default function Home",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "giant-file",
+      description: "Next.js page component - check file size",
+      commonMistake: "AI dumps entire page logic in one file including API calls",
+      fix: "Extract components to /components, hooks to /hooks, API to /lib"
+    }
+  },
+  {
+    pattern: "useState(",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "state-management",
+      description: "useState hook - check if overused",
+      commonMistake: "AI creates 20+ useState calls in one component instead of useReducer",
+      fix: "Group related state with useReducer or create custom hooks"
+    }
+  },
+  // ============================================
+  // No error handling
+  // ============================================
+  {
+    pattern: "fetch(",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "no-error-handling",
+      description: "fetch call - verify error handling exists",
+      commonMistake: "AI generates fetch() without try/catch or .catch() - app crashes on network error",
+      fix: "Wrap in try/catch, add loading state, show error message to user"
+    }
+  },
+  {
+    pattern: "axios.",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "no-error-handling",
+      description: "axios call - verify error handling exists",
+      commonMistake: "AI uses axios without error handling or loading states",
+      fix: "Add try/catch, loading state, and user-friendly error messages"
+    }
+  },
+  {
+    pattern: ".then(",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "no-error-handling",
+      description: "Promise chain - check for .catch()",
+      commonMistake: "AI chains .then() without .catch() - silent failures",
+      fix: "Always add .catch() or use async/await with try/catch"
+    }
+  },
+  {
+    pattern: "await ",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "no-error-handling",
+      description: "await - verify try/catch exists",
+      commonMistake: "AI uses await without try/catch wrapper",
+      fix: "Wrap async operations in try/catch blocks"
+    }
+  },
+  // ============================================
+  // Missing loading/empty states
+  // ============================================
+  {
+    pattern: "isLoading",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "loading-state",
+      description: "Loading state exists - good!",
+      commonMistake: "This is actually good! Just verify its being used",
+      fix: "Make sure to show spinner/skeleton while isLoading is true"
+    }
+  },
+  {
+    pattern: "loading ?",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "loading-state",
+      description: "Conditional loading render",
+      commonMistake: "AI sometimes forgets the else case for loading",
+      fix: "Show meaningful loading UI, not just null"
+    }
+  },
+  {
+    pattern: "{data &&",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "empty-state",
+      description: "Conditional data render",
+      commonMistake: "AI checks if data exists but no UI for when its missing",
+      fix: 'Add empty state: "No items found" or call-to-action'
+    }
+  },
+  {
+    pattern: "{data?.map(",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "empty-state",
+      description: "Optional chaining on map",
+      commonMistake: "Shows nothing when data is empty - confusing for users",
+      fix: 'Check data.length and show "No items yet" message'
+    }
+  },
+  // ============================================
+  // Hardcoded values
+  // ============================================
+  {
+    pattern: "localhost:",
+    metadata: {
+      type: "pattern",
+      severity: "serious",
+      category: "hardcoded",
+      description: "Hardcoded localhost URL",
+      commonMistake: "AI hardcodes localhost:3000 URLs - breaks in production",
+      fix: "Use environment variable: process.env.NEXT_PUBLIC_API_URL"
+    }
+  },
+  {
+    pattern: "http://localhost",
+    metadata: {
+      type: "pattern",
+      severity: "serious",
+      category: "hardcoded",
+      description: "Hardcoded localhost URL",
+      commonMistake: "Works locally, fails when deployed",
+      fix: "Use relative URLs (/api/...) or environment variables"
+    }
+  },
+  {
+    pattern: "127.0.0.1",
+    metadata: {
+      type: "pattern",
+      severity: "serious",
+      category: "hardcoded",
+      description: "Hardcoded localhost IP",
+      commonMistake: "Hardcoded local IP wont work in production",
+      fix: "Use environment variables for all URLs"
+    }
+  },
+  // ============================================
+  // Copy-paste code smells
+  // ============================================
+  {
+    pattern: "TODO",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "incomplete",
+      description: "TODO comment left behind",
+      commonMistake: "AI leaves TODO comments that never get done",
+      fix: "Either implement the TODO or remove it"
+    }
+  },
+  {
+    pattern: "FIXME",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "incomplete",
+      description: "FIXME comment - known issue",
+      commonMistake: "AI acknowledges a problem but doesnt fix it",
+      fix: "Actually fix the issue or create a GitHub issue to track it"
+    }
+  },
+  {
+    pattern: "// eslint-disable",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "code-smell",
+      description: "ESLint rule disabled",
+      commonMistake: "AI disables linter instead of fixing the actual problem",
+      fix: "Fix the underlying issue, dont silence the linter"
+    }
+  },
+  {
+    pattern: "@ts-ignore",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "code-smell",
+      description: "TypeScript error ignored",
+      commonMistake: "AI uses @ts-ignore to hide type errors instead of fixing them",
+      fix: "Fix the type error properly or use @ts-expect-error with explanation"
+    }
+  },
+  {
+    pattern: "@ts-nocheck",
+    metadata: {
+      type: "pattern",
+      severity: "serious",
+      category: "code-smell",
+      description: "TypeScript checking disabled for entire file",
+      commonMistake: "AI disables all type checking - defeats the purpose of TypeScript",
+      fix: "Remove @ts-nocheck and fix type errors one by one"
+    }
+  },
+  {
+    pattern: ": any",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "code-smell",
+      description: "any type used",
+      commonMistake: 'AI uses "any" to avoid writing proper types',
+      fix: "Define proper interfaces/types for your data"
+    }
+  },
+  {
+    pattern: "as any",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "code-smell",
+      description: "Type assertion to any",
+      commonMistake: 'AI casts to "any" to silence type errors',
+      fix: "Use proper type narrowing or define correct types"
+    }
+  },
+  // ============================================
+  // Debug code left in
+  // ============================================
+  {
+    pattern: "console.log(",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "debug-code",
+      description: "console.log left in code",
+      commonMistake: "AI adds console.log for debugging, forgets to remove",
+      fix: "Remove before production or use proper logging library"
+    }
+  },
+  {
+    pattern: "console.error(",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "debug-code",
+      description: "console.error in code",
+      commonMistake: "Error logging is fine but should use proper error tracking",
+      fix: "Consider using Sentry, LogRocket, or similar for production"
+    }
+  },
+  {
+    pattern: "debugger",
+    metadata: {
+      type: "pattern",
+      severity: "serious",
+      category: "debug-code",
+      description: "debugger statement left in code",
+      commonMistake: "AI leaves debugger statements - freezes browser in production!",
+      fix: "Remove all debugger statements before deploying"
+    }
+  },
+  // ============================================
+  // Bad practices specific to frameworks
+  // ============================================
+  {
+    pattern: "useEffect(() => {",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "react-antipattern",
+      description: "useEffect usage - verify necessity",
+      commonMistake: "AI overuses useEffect for things that dont need it",
+      fix: "Consider: Is this really a side effect? Could use useMemo, derived state, or event handler instead?",
+      learnMore: "https://react.dev/learn/you-might-not-need-an-effect"
+    }
+  },
+  {
+    pattern: "useEffect(async",
+    metadata: {
+      type: "pattern",
+      severity: "serious",
+      category: "react-antipattern",
+      description: "async useEffect - incorrect pattern",
+      commonMistake: "AI makes useEffect async directly - causes warnings and bugs",
+      fix: "Define async function inside useEffect, then call it"
+    }
+  },
+  {
+    pattern: ", [])",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "react-antipattern",
+      description: "Empty dependency array",
+      commonMistake: 'AI uses [] to "fix" useEffect warnings without understanding why',
+      fix: "Verify all dependencies are listed, or intentionally run once"
+    }
+  },
+  {
+    pattern: "key={index}",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "react-antipattern",
+      description: "Array index used as key",
+      commonMistake: "AI uses array index as key - causes bugs with reordering/filtering",
+      fix: "Use unique identifier from data: key={item.id}"
+    }
+  },
+  {
+    pattern: "key={i}",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "react-antipattern",
+      description: "Loop index used as key",
+      commonMistake: "Using loop index as key breaks React reconciliation",
+      fix: "Use unique identifier: key={item.id} or key={item.slug}"
+    }
+  },
+  // ============================================
+  // No input validation
+  // ============================================
+  {
+    pattern: "req.body.",
+    metadata: {
+      type: "pattern",
+      severity: "serious",
+      category: "no-validation",
+      description: "Request body accessed directly",
+      commonMistake: "AI trusts user input without validation - security risk!",
+      fix: "Validate with Zod, Yup, or joi before using req.body"
+    }
+  },
+  {
+    pattern: "req.query.",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "no-validation",
+      description: "Query param accessed directly",
+      commonMistake: "AI doesnt validate query parameters",
+      fix: "Validate and sanitize query parameters before use"
+    }
+  },
+  {
+    pattern: "req.params.",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "no-validation",
+      description: "URL param accessed directly",
+      commonMistake: "AI trusts URL parameters without validation",
+      fix: "Validate params (especially IDs) before database queries"
+    }
+  },
+  // ============================================
+  // Mixing concerns (DB in components)
+  // ============================================
+  {
+    pattern: "prisma.",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "mixing-concerns",
+      description: "Prisma in component/page",
+      commonMistake: "AI puts database calls directly in React components",
+      fix: "Move to API routes, server actions, or /lib/db.ts"
+    }
+  },
+  {
+    pattern: "mongoose.",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "mixing-concerns",
+      description: "Mongoose in component",
+      commonMistake: "Database logic mixed with UI code",
+      fix: "Create separate /lib/db.ts or /services/ for data access"
+    }
+  },
+  {
+    pattern: "supabase.",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "mixing-concerns",
+      description: "Supabase client usage",
+      commonMistake: "AI puts Supabase calls everywhere instead of centralizing",
+      fix: "Create /lib/supabase.ts with helper functions"
+    }
+  },
+  // ============================================
+  // Common AI oversights
+  // ============================================
+  {
+    pattern: "onClick={() =>",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "performance",
+      description: "Inline arrow function in onClick",
+      commonMistake: "AI creates new function on every render",
+      fix: "For simple cases its fine, but consider useCallback for expensive components"
+    }
+  },
+  {
+    pattern: "style={{",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "performance",
+      description: "Inline style object",
+      commonMistake: "AI uses inline styles creating new objects every render",
+      fix: "Use CSS classes, Tailwind, or define styles outside component"
+    }
+  },
+  {
+    pattern: "new Date()",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "dates",
+      description: "Date creation",
+      commonMistake: "AI uses new Date() without considering timezones",
+      fix: "Consider timezone handling, use date-fns or dayjs for complex date logic"
+    }
+  },
+  // ============================================
+  // Vibe coding specific patterns (r/vibecoding)
+  // ============================================
+  {
+    pattern: "just works",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "vibe-smell",
+      description: 'Comment suggesting "it just works"',
+      commonMistake: "Classic vibe coding - accepting code without understanding it",
+      fix: "Take time to understand WHY it works, or it will break later"
+    }
+  },
+  {
+    pattern: "idk why",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "vibe-smell",
+      description: "Comment admitting confusion",
+      commonMistake: "AI generated something you dont understand - tech debt waiting to happen",
+      fix: "Ask the AI to explain what this code does and why"
+    }
+  },
+  {
+    pattern: "dont touch",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "vibe-smell",
+      description: "Warning comment about fragile code",
+      commonMistake: 'Code that "works but nobody knows how" - very fragile',
+      fix: "Refactor this section or at least document what it does"
+    }
+  },
+  {
+    pattern: "// ai generated",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "vibe-smell",
+      description: "AI generated code marker",
+      commonMistake: "At least you labeled it! But did you review it?",
+      fix: "Review AI-generated code for security issues and edge cases"
+    }
+  },
+  {
+    pattern: "// cursor",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "vibe-smell",
+      description: "Cursor-generated code marker",
+      commonMistake: "Marked as Cursor-generated - make sure to review",
+      fix: "Verify the logic is correct and handles errors properly"
+    }
+  },
+  {
+    pattern: "// copilot",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "vibe-smell",
+      description: "Copilot-generated code marker",
+      commonMistake: "Copilot suggestion accepted without review",
+      fix: "Always review Copilot suggestions for correctness"
+    }
+  },
+  // ============================================
+  // Deployment/Production issues
+  // ============================================
+  {
+    pattern: "npm run dev",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "deployment",
+      description: "Dev script reference",
+      commonMistake: "Make sure you also have build and start scripts for production",
+      fix: "Verify you can run: npm run build && npm start"
+    }
+  },
+  {
+    pattern: "development",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "deployment",
+      description: "Development mode reference",
+      commonMistake: "Ensure dev-only code doesnt run in production",
+      fix: "Check NODE_ENV and use proper environment detection"
+    }
+  },
+  {
+    pattern: ".env.local",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "deployment",
+      description: "Local env file reference",
+      commonMistake: "Local env works, but did you set up production env vars?",
+      fix: "Set up environment variables in your deployment platform"
+    }
+  },
+  // ============================================
+  // Common LLM hallucination patterns
+  // ============================================
+  {
+    pattern: "import { something }",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "hallucination",
+      description: "Named import - verify it exists",
+      commonMistake: "AI sometimes imports functions that dont exist in the library",
+      fix: 'If you get "X is not exported" error, check library docs'
+    }
+  },
+  {
+    pattern: "v3",
+    metadata: {
+      type: "pattern",
+      severity: "low",
+      category: "hallucination",
+      description: "Version number in code",
+      commonMistake: "AI may use outdated API patterns from old library versions",
+      fix: "Check you are using the correct API for your installed version"
+    }
+  },
+  // ============================================
+  // Quick prototyping shortcuts that become problems
+  // ============================================
+  {
+    pattern: "setTimeout(",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "timing-hack",
+      description: "setTimeout usage",
+      commonMistake: 'AI uses setTimeout to "fix" race conditions instead of proper async',
+      fix: "Use proper async/await, promises, or state management instead"
+    }
+  },
+  {
+    pattern: "sleep(",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "timing-hack",
+      description: "Sleep function usage",
+      commonMistake: "Artificial delays hide real timing issues",
+      fix: "Fix the underlying race condition instead of adding delays"
+    }
+  },
+  {
+    pattern: "window.location.reload",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "hack",
+      description: 'Page reload to "fix" state issues',
+      commonMistake: "AI reloads page instead of properly managing state",
+      fix: "Fix state management - reloading is bad UX"
+    }
+  },
+  {
+    pattern: "force: true",
+    metadata: {
+      type: "pattern",
+      severity: "moderate",
+      category: "hack",
+      description: "Force flag usage",
+      commonMistake: "AI uses force flags to bypass checks instead of fixing root cause",
+      fix: "Understand why the check exists before bypassing it"
+    }
+  }
+];
+function checkFileLevelIssues(filePath, content) {
+  const issues = [];
+  const lines = content.split("\n");
+  const lineCount = lines.length;
+  const fileName = filePath.split("/").pop() || "";
+  if (lineCount > 500) {
+    issues.push({
+      file: filePath,
+      issue: `File has ${lineCount} lines - way too big!`,
+      severity: lineCount > 1e3 ? "serious" : "moderate",
+      category: "giant-file",
+      commonMistake: "AI dumps everything in one file. Reddit is FULL of posts about 2000 line App.jsx files",
+      fix: `Split into smaller files. Rule of thumb: components < 200 lines, pages < 300 lines`
+    });
+  }
+  const useStateCount = (content.match(/useState\(/g) || []).length;
+  if (useStateCount > 10) {
+    issues.push({
+      file: filePath,
+      issue: `${useStateCount} useState hooks in one component`,
+      severity: useStateCount > 15 ? "serious" : "moderate",
+      category: "state-explosion",
+      commonMistake: "AI creates separate useState for every field instead of grouping",
+      fix: "Group related state into objects, or use useReducer for complex state"
+    });
+  }
+  const useEffectCount = (content.match(/useEffect\(/g) || []).length;
+  if (useEffectCount > 5) {
+    issues.push({
+      file: filePath,
+      issue: `${useEffectCount} useEffect hooks - probably too many`,
+      severity: "moderate",
+      category: "effect-hell",
+      commonMistake: "AI creates useEffect for everything. Most effects are unnecessary",
+      fix: "Review each useEffect - many can be replaced with event handlers or derived state"
+    });
+  }
+  if (/^(App|app|main|Main|index|page)\.(jsx?|tsx?)$/.test(fileName) && lineCount > 300) {
+    issues.push({
+      file: filePath,
+      issue: `Main entry file is ${lineCount} lines`,
+      severity: "serious",
+      category: "giant-main",
+      commonMistake: "Classic AI pattern: everything in App.jsx or page.tsx",
+      fix: "Extract: Header, Footer, Sidebar, MainContent as separate components"
+    });
+  }
+  if (filePath.endsWith(".tsx") || filePath.endsWith(".ts")) {
+    const anyCount = (content.match(/:\s*any\b/g) || []).length;
+    if (anyCount > 5) {
+      issues.push({
+        file: filePath,
+        issue: `${anyCount} uses of "any" type`,
+        severity: "moderate",
+        category: "weak-typing",
+        commonMistake: 'AI uses "any" to avoid writing proper types',
+        fix: 'Define interfaces for your data shapes. AI can help: "Generate types for this data"'
+      });
+    }
+  }
+  const consoleLogCount = (content.match(/console\.(log|warn|error|debug)/g) || []).length;
+  if (consoleLogCount > 10) {
+    issues.push({
+      file: filePath,
+      issue: `${consoleLogCount} console statements - cleanup needed`,
+      severity: "low",
+      category: "debug-code",
+      commonMistake: "AI adds console.log for debugging, user never removes them",
+      fix: "Remove debug logs before deploying. Use proper error tracking for production."
+    });
+  }
+  return issues;
+}
+var vibeCodeTrie = null;
+function getVibeCodeTrie() {
+  if (!vibeCodeTrie) {
+    vibeCodeTrie = new AhoCorasick();
+    for (const { pattern, metadata } of VIBE_CODE_PATTERNS) {
+      vibeCodeTrie.addPattern(pattern, metadata, metadata);
+    }
+    vibeCodeTrie.build();
+    console.error(`   \u{1F3AF} Loaded ${VIBE_CODE_PATTERNS.length} vibe-code patterns into trie`);
+  }
+  return vibeCodeTrie;
+}
+var VIBE_EXCLUDED_PATTERNS = [
+  /package-lock\.json$/,
+  /yarn\.lock$/,
+  /pnpm-lock\.yaml$/,
+  /node_modules\//,
+  /\.min\.[jt]s$/,
+  /dist\//,
+  /build\//,
+  /\.d\.ts$/
+];
+function shouldExcludeVibeFile(filePath) {
+  return VIBE_EXCLUDED_PATTERNS.some((pattern) => pattern.test(filePath));
+}
+function isVibeFalsePositive(line, pattern, filePath, category) {
+  const trimmedLine = line.trim();
+  if (trimmedLine.startsWith("//") || trimmedLine.startsWith("*") || trimmedLine.startsWith("/*") || trimmedLine.startsWith("#")) {
+    return true;
+  }
+  if (/^\s*(interface|type|export\s+interface|export\s+type)\s/.test(line)) {
+    return true;
+  }
+  if (/process\.env|import\.meta\.env/.test(line)) {
+    if (["exposed-secrets"].includes(category) && !/=\s*['"`]/.test(line)) {
+      return true;
+    }
+  }
+  switch (pattern) {
+    case "console.log(":
+    case "console.error(":
+      if (/debug|dev|development/i.test(filePath)) return true;
+      if (pattern === "console.error(") return true;
+      break;
+    case "useState(":
+      return true;
+    // Don't flag individual useState
+    case "await ":
+      return true;
+    case ".then(":
+      return true;
+    // Too noisy, disable
+    case "TODO":
+    case "FIXME":
+      break;
+    case "useEffect(() => {":
+      return true;
+    case ", [])":
+      return true;
+    case "development":
+      return true;
+    case "import { something }":
+      return true;
+    case "v3":
+      return true;
+    case "new Date()":
+      return true;
+    case "style={{":
+    case "onClick={() =>":
+      return true;
+  }
+  if (/\.(test|spec)\.[jt]sx?$/.test(filePath) || /__tests__\//.test(filePath)) {
+    if (!["exposed-secrets"].includes(category)) {
+      return true;
+    }
+  }
+  return false;
+}
+function scanForVibeCodeIssues(code, filePath) {
+  if (shouldExcludeVibeFile(filePath)) {
+    return [];
+  }
+  const trie = getVibeCodeTrie();
+  const rawMatches = trie.search(code);
+  const lines = code.split("\n");
+  const matches = [];
+  const seen = /* @__PURE__ */ new Set();
+  for (const match of rawMatches) {
+    const key = `${match.line}:${match.pattern}`;
+    if (seen.has(key)) continue;
+    seen.add(key);
+    const line = lines[match.line - 1] || "";
+    const meta = match.metadata;
+    const category = meta.category || "unknown";
+    if (isVibeFalsePositive(line, match.pattern, filePath, category)) continue;
+    matches.push({
+      pattern: match.pattern,
+      line: match.line,
+      column: match.column,
+      severity: meta.severity,
+      category,
+      description: meta.description || "",
+      commonMistake: meta.commonMistake || "",
+      fix: meta.fix || "",
+      learnMore: meta.learnMore
+    });
+  }
+  return matches;
+}
+function getVibeCodeStats() {
+  const byCategory = {};
+  for (const { metadata } of VIBE_CODE_PATTERNS) {
+    const cat = metadata.category || "unknown";
+    byCategory[cat] = (byCategory[cat] || 0) + 1;
+  }
+  return {
+    total: VIBE_CODE_PATTERNS.length,
+    byCategory
+  };
+}
+
+export {
+  checkFileLevelIssues,
+  getVibeCodeTrie,
+  scanForVibeCodeIssues,
+  getVibeCodeStats
+};
+//# sourceMappingURL=chunk-3CS6Z2SL.js.map