@varun-ai07/covenant-mcp 1.2.3 → 1.3.2

package/dist/lib/schemaHelpers.js

@@ -0,0 +1,11 @@
+import { z } from "zod";
+export const ethAddress = z.string().describe('Full 42-character Ethereum address starting with 0x. Example: "0x715f3b64189EcA51a57567962Cd2278dc7a5e92C". Do NOT pass ENS names. Do NOT abbreviate. Must be exactly 42 characters.');
+export const ethAmount = z.string().describe('Payment amount in ETH as a decimal string. Examples: "0.001" (1 milliETH), "0.01" (10 milliETH). Do NOT pass wei values. Do NOT pass plain numbers. Always a quoted decimal string.');
+export const ethStake = z.string().optional().default("0.001").describe('Stake deposit in ETH as a decimal string. Minimum is "0.001". This is held as a security deposit, not a fee. It is returned when you deregister cleanly.');
+export const ipfsCid = z.string().describe('IPFS content identifier (CID). Starts with "Qm" (CIDv0, 46 chars) or "bafy" (CIDv1). Upload your content to Pinata (pinata.cloud) first, then pass the returned CID here.');
+export const unixDeadline = z.number().describe('Unix timestamp in seconds when the task expires. For 24 hours from now: Math.floor(Date.now()/1000) + 86400. For 48 hours: Math.floor(Date.now()/1000) + 172800. Must be a number (not string) and must be in the future.');
+export const taskId = z.number().describe('Numeric task ID returned by corven_create_task or corven_post_open_task. Example: 42. Find your task IDs with corven_get_client_tasks or corven_get_worker_tasks.');
+export const agentName = z.string().min(1).max(100).describe('Human-readable display name for this agent. Stored permanently on-chain. Examples: "ResearchBot", "DataAnalystPro", "CodeReviewAgent".');
+export const capabilities = z.array(z.string()).min(1).max(10).describe('Array of capability tags this agent can perform. Valid values: "data-analysis", "code-review", "content-writing", "financial-analysis", "research", "translation", "testing", "security-audit", "documentation", "smart-contract", "python", "visualization", "api-integration", "ml-training", "design". Maximum 10 capabilities per agent.');
+export const priority = z.number().min(0).max(3).optional().default(1).describe('Task priority level. 0 = Low, 1 = Medium (default), 2 = High, 3 = Urgent. Use 1 for most tasks.');
+//# sourceMappingURL=schemaHelpers.js.map

package/dist/lib/schemaHelpers.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"schemaHelpers.js","sourceRoot":"","sources":["../../src/lib/schemaHelpers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAC3C,sLAAsL,CACvL,CAAC;AAEF,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAC1C,qLAAqL,CACtL,CAAC;AAEF,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,QAAQ,CACrE,0JAA0J,CAC3J,CAAC;AAEF,MAAM,CAAC,MAAM,OAAO,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CACxC,2KAA2K,CAC5K,CAAC;AAEF,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAC7C,2NAA2N,CAC5N,CAAC;AAEF,MAAM,CAAC,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CACvC,mKAAmK,CACpK,CAAC;AAEF,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,QAAQ,CAC1D,wIAAwI,CACzI,CAAC;AAEF,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,QAAQ,CACrE,8UAA8U,CAC/U,CAAC;AAEF,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,QAAQ,CAC7E,iGAAiG,CAClG,CAAC"}

package/dist/lib/store.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Load a persisted store by name. Returns `defaultValue` when no file exists
+ * or the file cannot be parsed.
+ */
+export declare function loadStore<T>(name: string, defaultValue: T): T;
+/**
+ * Persist a store to disk immediately. Call after every mutation.
+ */
+export declare function saveStore<T>(name: string, data: T): void;
+//# sourceMappingURL=store.d.ts.map

package/dist/lib/store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"store.d.ts","sourceRoot":"","sources":["../../src/lib/store.ts"],"names":[],"mappings":"AAiBA;;;GAGG;AACH,wBAAgB,SAAS,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC,GAAG,CAAC,CAS7D;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,GAAG,IAAI,CAIxD"}

package/dist/lib/store.js

@@ -0,0 +1,39 @@
+/**
+ * Local JSON file persistence for in-memory MCP stores.
+ *
+ * Data lives under <cwd>/.covenant-data/<name>.json so it survives server
+ * restarts while keeping the in-memory Map / Set semantics during runtime.
+ */
+import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
+import { join } from "path";
+const DATA_DIR = join(process.cwd(), ".covenant-data");
+function ensureDir() {
+    if (!existsSync(DATA_DIR)) {
+        mkdirSync(DATA_DIR, { recursive: true });
+    }
+}
+/**
+ * Load a persisted store by name. Returns `defaultValue` when no file exists
+ * or the file cannot be parsed.
+ */
+export function loadStore(name, defaultValue) {
+    ensureDir();
+    const filePath = join(DATA_DIR, `${name}.json`);
+    if (!existsSync(filePath))
+        return defaultValue;
+    try {
+        return JSON.parse(readFileSync(filePath, "utf-8"));
+    }
+    catch {
+        return defaultValue;
+    }
+}
+/**
+ * Persist a store to disk immediately. Call after every mutation.
+ */
+export function saveStore(name, data) {
+    ensureDir();
+    const filePath = join(DATA_DIR, `${name}.json`);
+    writeFileSync(filePath, JSON.stringify(data, null, 2), "utf-8");
+}
+//# sourceMappingURL=store.js.map

package/dist/lib/store.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"store.js","sourceRoot":"","sources":["../../src/lib/store.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AACH,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,IAAI,CAAC;AACxE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,gBAAgB,CAAC,CAAC;AAEvD,SAAS,SAAS;IAChB,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC3C,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,SAAS,CAAI,IAAY,EAAE,YAAe;IACxD,SAAS,EAAE,CAAC;IACZ,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,GAAG,IAAI,OAAO,CAAC,CAAC;IAChD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO,YAAY,CAAC;IAC/C,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAM,CAAC;IAC1D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,YAAY,CAAC;IACtB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,SAAS,CAAI,IAAY,EAAE,IAAO;IAChD,SAAS,EAAE,CAAC;IACZ,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,GAAG,IAAI,OAAO,CAAC,CAAC;IAChD,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;AAClE,CAAC"}

package/dist/lib/verify.d.ts

@@ -0,0 +1,21 @@
+interface VerificationResult {
+    score: number;
+    verdict: "pass" | "fail" | "partial";
+    checks: CheckResult[];
+    summary: string;
+    recommendations: string[];
+    evidenceHash: string;
+    repoUrl: string;
+    timestamp: number;
+}
+interface CheckResult {
+    dimension: string;
+    score: number;
+    details: string;
+    issues: string[];
+    passed: boolean;
+}
+export declare function cloneRepo(url: string): Promise<string>;
+export declare function verifyProject(repoUrl: string, requirements: string, depth?: "quick" | "standard" | "deep"): Promise<VerificationResult>;
+export {};
+//# sourceMappingURL=verify.d.ts.map

package/dist/lib/verify.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../src/lib/verify.ts"],"names":[],"mappings":"AAOA,UAAU,kBAAkB;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;IACrC,MAAM,EAAE,WAAW,EAAE,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,UAAU,WAAW;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,MAAM,EAAE,OAAO,CAAC;CACjB;AAID,wBAAsB,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAI5D;AAID,wBAAsB,aAAa,CACjC,OAAO,EAAE,MAAM,EACf,YAAY,EAAE,MAAM,EACpB,KAAK,GAAE,OAAO,GAAG,UAAU,GAAG,MAAmB,GAChD,OAAO,CAAC,kBAAkB,CAAC,CAgE7B"}

package/dist/lib/verify.js

@@ -0,0 +1,568 @@
+import { execSync } from "child_process";
+import { readFileSync, readdirSync, statSync, existsSync } from "fs";
+import { join } from "path";
+import { createHash } from "crypto";
+// ─── Clone ───────────────────────────────────────────────────
+export async function cloneRepo(url) {
+    const tmpDir = `/tmp/covenant-verify-${Date.now()}`;
+    execSync(`git clone --depth 1 ${url} ${tmpDir}`, { timeout: 60000 });
+    return tmpDir;
+}
+// ─── Main Verification ───────────────────────────────────────
+export async function verifyProject(repoUrl, requirements, depth = "standard") {
+    const repoDir = await cloneRepo(repoUrl);
+    const checks = [];
+    checks.push(await checkCodeQuality(repoDir));
+    checks.push(await checkArchitecture(repoDir));
+    checks.push(await checkSecurity(repoDir));
+    checks.push(await checkPerformance(repoDir));
+    checks.push(await checkTesting(repoDir));
+    checks.push(await checkDocumentation(repoDir));
+    checks.push(await checkDependencies(repoDir));
+    checks.push(await checkBestPractices(repoDir));
+    // Weighted score
+    const weights = {
+        code_quality: 0.20,
+        architecture: 0.15,
+        security: 0.20,
+        performance: 0.15,
+        testing: 0.15,
+        documentation: 0.05,
+        dependencies: 0.05,
+        best_practices: 0.05,
+    };
+    let totalScore = 0;
+    for (const check of checks) {
+        totalScore += check.score * (weights[check.dimension] || 0.1);
+    }
+    const score = Math.round(totalScore);
+    const verdict = score >= 70 ? "pass" : score >= 40 ? "partial" : "fail";
+    const summary = generateSummary(checks, score, requirements);
+    const recommendations = generateRecommendations(checks);
+    const report = {
+        checks,
+        score,
+        verdict,
+        summary,
+        recommendations,
+        timestamp: Date.now(),
+    };
+    const evidenceHash = createHash("sha256")
+        .update(JSON.stringify(report))
+        .digest("hex");
+    // Cleanup
+    try {
+        execSync(`rm -rf ${repoDir}`);
+    }
+    catch { /* best-effort cleanup */ }
+    return {
+        score,
+        verdict,
+        checks,
+        summary,
+        recommendations,
+        evidenceHash,
+        repoUrl,
+        timestamp: Date.now(),
+    };
+}
+// ─── Checkers ────────────────────────────────────────────────
+async function checkCodeQuality(dir) {
+    const issues = [];
+    let score = 100;
+    const loc = countLines(dir);
+    if (loc < 10) {
+        issues.push("Very few lines of code");
+        score -= 30;
+    }
+    const consoleLogs = countPattern(dir, /console\.log\(/g);
+    if (consoleLogs > 5) {
+        issues.push(`${consoleLogs} console.log statements found`);
+        score -= 10;
+    }
+    const anyTypes = countPattern(dir, /:\s*any/g);
+    if (anyTypes > 10) {
+        issues.push(`${anyTypes} uses of 'any' type`);
+        score -= 15;
+    }
+    const todos = countPattern(dir, /TODO|FIXME|HACK/gi);
+    if (todos > 0) {
+        issues.push(`${todos} TODO/FIXME comments`);
+        score -= 5;
+    }
+    // Simple unused import heuristic
+    const files = getFiles(dir, [".ts", ".tsx", ".js", ".jsx"]);
+    let unusedImports = 0;
+    for (const file of files.slice(0, 100)) {
+        // cap at 100 files for perf
+        const content = readFileSync(file, "utf-8");
+        const imports = content.match(/import\s+.*\s+from\s+['"](.+)['"]/g) || [];
+        for (const imp of imports) {
+            const match = imp.match(/import\s+\{\s*(.+?)\s*\}/);
+            if (match) {
+                const symbols = match[1].split(",").map((s) => s.trim());
+                for (const sym of symbols) {
+                    if (sym.length > 0 && !content.includes(sym.replace("type ", ""))) {
+                        unusedImports++;
+                    }
+                }
+            }
+        }
+    }
+    if (unusedImports > 5) {
+        issues.push(`${unusedImports} potentially unused imports`);
+        score -= 5;
+    }
+    return {
+        dimension: "code_quality",
+        score: Math.max(0, score),
+        details: `LOC: ${loc}, Console logs: ${consoleLogs}, Any types: ${anyTypes}, TODOs: ${todos}`,
+        issues,
+        passed: score >= 70,
+    };
+}
+async function checkArchitecture(dir) {
+    const issues = [];
+    let score = 100;
+    const hasSrc = existsSync(join(dir, "src")) || existsSync(join(dir, "app"));
+    const hasTests = existsSync(join(dir, "test")) ||
+        existsSync(join(dir, "tests")) ||
+        existsSync(join(dir, "__tests__"));
+    const hasDocs = existsSync(join(dir, "docs")) || existsSync(join(dir, "README.md"));
+    const hasConfig = existsSync(join(dir, "package.json")) ||
+        existsSync(join(dir, "tsconfig.json"));
+    if (!hasSrc && !hasConfig) {
+        issues.push("No src/ or config found");
+        score -= 20;
+    }
+    if (!hasTests) {
+        issues.push("No test directory found");
+        score -= 15;
+    }
+    if (!hasDocs) {
+        issues.push("No documentation found");
+        score -= 10;
+    }
+    const fileCount = countFiles(dir);
+    if (fileCount < 3) {
+        issues.push("Very few files");
+        score -= 20;
+    }
+    if (fileCount > 500) {
+        issues.push("Very large codebase (500+ files)");
+        score -= 5;
+    }
+    return {
+        dimension: "architecture",
+        score: Math.max(0, score),
+        details: `Files: ${fileCount}, Has src: ${hasSrc}, Has tests: ${hasTests}, Has docs: ${hasDocs}`,
+        issues,
+        passed: score >= 70,
+    };
+}
+async function checkSecurity(dir) {
+    const issues = [];
+    let score = 100;
+    const secretPatterns = [
+        /API_KEY\s*=\s*['"][^'"]+['"]/gi,
+        /SECRET\s*=\s*['"][^'"]+['"]/gi,
+        /PASSWORD\s*=\s*['"][^'"]+['"]/gi,
+        /PRIVATE_KEY\s*=\s*['"][^'"]+['"]/gi,
+    ];
+    for (const pattern of secretPatterns) {
+        const matches = countPattern(dir, pattern);
+        if (matches > 0) {
+            issues.push(`${matches} potential hardcoded secrets`);
+            score -= 20;
+            break; // one deduction is enough for secrets
+        }
+    }
+    if (existsSync(join(dir, ".env"))) {
+        issues.push(".env file committed to repo");
+        score -= 15;
+    }
+    const evals = countPattern(dir, /\beval\s*\(/g);
+    if (evals > 0) {
+        issues.push(`${evals} eval() usage`);
+        score -= 15;
+    }
+    const innerHTML = countPattern(dir, /innerHTML/g);
+    if (innerHTML > 0) {
+        issues.push(`${innerHTML} innerHTML usage (XSS risk)`);
+        score -= 10;
+    }
+    const sqlInjection = countPattern(dir, /query\s*\(\s*['"`].*\$\{/g);
+    if (sqlInjection > 0) {
+        issues.push(`${sqlInjection} potential SQL injection`);
+        score -= 20;
+    }
+    return {
+        dimension: "security",
+        score: Math.max(0, score),
+        details: `Hardcoded secrets checked, eval: ${evals}, innerHTML: ${innerHTML}`,
+        issues,
+        passed: score >= 70,
+    };
+}
+async function checkPerformance(dir) {
+    const issues = [];
+    let score = 100;
+    // Check for build output
+    const buildDirs = ["dist", "build", ".next"];
+    for (const bd of buildDirs) {
+        const bdPath = join(dir, bd);
+        if (existsSync(bdPath)) {
+            const size = getDirSize(bdPath);
+            const sizeMB = size / (1024 * 1024);
+            if (sizeMB > 10) {
+                issues.push(`Bundle size: ${sizeMB.toFixed(1)}MB (very large)`);
+                score -= 20;
+            }
+            else if (sizeMB > 5) {
+                issues.push(`Bundle size: ${sizeMB.toFixed(1)}MB (large)`);
+                score -= 10;
+            }
+            break;
+        }
+    }
+    const largeFiles = findLargeFiles(dir, 1024 * 1024);
+    if (largeFiles.length > 0) {
+        issues.push(`${largeFiles.length} files larger than 1MB`);
+        score -= 10;
+    }
+    const asyncFiles = countPattern(dir, /async\s+function|async\s*\(/g);
+    const totalFiles = countFiles(dir);
+    if (totalFiles > 10 && asyncFiles === 0) {
+        issues.push("No async/await usage found");
+        score -= 5;
+    }
+    return {
+        dimension: "performance",
+        score: Math.max(0, score),
+        details: `Large files: ${largeFiles.length}, Async usage: ${asyncFiles}`,
+        issues,
+        passed: score >= 70,
+    };
+}
+async function checkTesting(dir) {
+    const issues = [];
+    let score = 100;
+    const hasTests = existsSync(join(dir, "test")) ||
+        existsSync(join(dir, "tests")) ||
+        existsSync(join(dir, "__tests__")) ||
+        existsSync(join(dir, "spec"));
+    if (!hasTests) {
+        issues.push("No test files found");
+        score -= 50;
+    }
+    else {
+        const testFiles = getFiles(dir, [
+            ".test.ts",
+            ".test.js",
+            ".spec.ts",
+            ".spec.js",
+            ".test.tsx",
+        ]);
+        const sourceFiles = getFiles(dir, [".ts", ".tsx", ".js", ".jsx"]);
+        const coverage = sourceFiles.length > 0
+            ? (testFiles.length / sourceFiles.length) * 100
+            : 0;
+        if (coverage < 30) {
+            issues.push(`Low test coverage: ${coverage.toFixed(0)}%`);
+            score -= 20;
+        }
+        else if (coverage < 60) {
+            issues.push(`Moderate test coverage: ${coverage.toFixed(0)}%`);
+            score -= 10;
+        }
+        let assertionCount = 0;
+        for (const testFile of testFiles.slice(0, 50)) {
+            const content = readFileSync(testFile, "utf-8");
+            assertionCount += (content.match(/expect\(/g) || []).length;
+        }
+        if (testFiles.length > 0 && assertionCount / testFiles.length < 3) {
+            issues.push("Low assertion density in tests");
+            score -= 10;
+        }
+    }
+    return {
+        dimension: "testing",
+        score: Math.max(0, score),
+        details: `Tests found: ${hasTests}`,
+        issues,
+        passed: score >= 70,
+    };
+}
+async function checkDocumentation(dir) {
+    const issues = [];
+    let score = 100;
+    const readmePath = join(dir, "README.md");
+    if (existsSync(readmePath)) {
+        const readme = readFileSync(readmePath, "utf-8");
+        if (readme.length < 100) {
+            issues.push("README is too short (<100 chars)");
+            score -= 20;
+        }
+        if (!readme.includes("#")) {
+            issues.push("README has no headers");
+            score -= 10;
+        }
+        if (!readme.includes("```")) {
+            issues.push("README has no code examples");
+            score -= 5;
+        }
+    }
+    else {
+        issues.push("No README.md found");
+        score -= 30;
+    }
+    const docComments = countPattern(dir, /\/\*\*[\s\S]*?\*\//g);
+    if (docComments < 5) {
+        issues.push("Few code documentation comments");
+        score -= 10;
+    }
+    return {
+        dimension: "documentation",
+        score: Math.max(0, score),
+        details: `README: ${existsSync(readmePath)}, Doc comments: ${docComments}`,
+        issues,
+        passed: score >= 70,
+    };
+}
+async function checkDependencies(dir) {
+    const issues = [];
+    let score = 100;
+    const pkgPath = join(dir, "package.json");
+    if (existsSync(pkgPath)) {
+        const pkg = JSON.parse(readFileSync(pkgPath, "utf-8"));
+        const deps = Object.keys(pkg.dependencies || {});
+        const devDeps = Object.keys(pkg.devDependencies || {});
+        if (deps.length > 50) {
+            issues.push(`${deps.length} dependencies (may be bloated)`);
+            score -= 10;
+        }
+        if (deps.length === 0 && devDeps.length === 0) {
+            issues.push("No dependencies declared");
+            score -= 10;
+        }
+        const deprecated = ["lodash", "moment", "request"];
+        for (const v of deprecated) {
+            if (deps.includes(v)) {
+                issues.push(`Uses ${v} (consider alternatives)`);
+                score -= 5;
+            }
+        }
+    }
+    const hasLock = existsSync(join(dir, "package-lock.json")) ||
+        existsSync(join(dir, "yarn.lock")) ||
+        existsSync(join(dir, "pnpm-lock.yaml"));
+    if (!hasLock) {
+        issues.push("No lock file found");
+        score -= 10;
+    }
+    return {
+        dimension: "dependencies",
+        score: Math.max(0, score),
+        details: `Dependencies: ${existsSync(pkgPath) ? "found" : "none"}, Lock file: ${hasLock}`,
+        issues,
+        passed: score >= 70,
+    };
+}
+async function checkBestPractices(dir) {
+    const issues = [];
+    let score = 100;
+    if (!existsSync(join(dir, ".gitignore"))) {
+        issues.push("No .gitignore found");
+        score -= 10;
+    }
+    if (existsSync(join(dir, "tsconfig.json"))) {
+        const tsconfig = JSON.parse(readFileSync(join(dir, "tsconfig.json"), "utf-8"));
+        if (!tsconfig.compilerOptions?.strict) {
+            issues.push("TypeScript strict mode not enabled");
+            score -= 10;
+        }
+    }
+    const hasLint = existsSync(join(dir, ".eslintrc")) ||
+        existsSync(join(dir, ".eslintrc.js")) ||
+        existsSync(join(dir, ".eslintrc.json")) ||
+        existsSync(join(dir, "eslint.config.js"));
+    if (!hasLint) {
+        issues.push("No ESLint configuration found");
+        score -= 10;
+    }
+    const tryCatch = countPattern(dir, /try\s*\{/g);
+    const asyncFiles = countPattern(dir, /async\s+function|async\s*\(/g);
+    if (asyncFiles > 5 && tryCatch < asyncFiles * 0.3) {
+        issues.push("Low error handling coverage");
+        score -= 10;
+    }
+    return {
+        dimension: "best_practices",
+        score: Math.max(0, score),
+        details: `Gitignore: ${existsSync(join(dir, ".gitignore"))}, Lint: ${hasLint}`,
+        issues,
+        passed: score >= 70,
+    };
+}
+// ─── Helpers ─────────────────────────────────────────────────
+const SKIP_DIRS = new Set([
+    "node_modules",
+    ".git",
+    "dist",
+    "build",
+    ".next",
+    "coverage",
+    "__pycache__",
+]);
+function countLines(dir) {
+    let total = 0;
+    const files = getFiles(dir, [
+        ".ts",
+        ".tsx",
+        ".js",
+        ".jsx",
+        ".py",
+        ".go",
+        ".rs",
+        ".sol",
+    ]);
+    for (const file of files) {
+        const content = readFileSync(file, "utf-8");
+        total += content.split("\n").length;
+    }
+    return total;
+}
+function countPattern(dir, pattern) {
+    let count = 0;
+    const files = getFiles(dir, [".ts", ".tsx", ".js", ".jsx", ".py", ".sol"]);
+    for (const file of files.slice(0, 200)) {
+        const content = readFileSync(file, "utf-8");
+        const matches = content.match(pattern);
+        if (matches)
+            count += matches.length;
+    }
+    return count;
+}
+function getFiles(dir, extensions) {
+    const files = [];
+    let entries;
+    try {
+        entries = readdirSync(dir);
+    }
+    catch {
+        return files;
+    }
+    for (const entry of entries) {
+        if (SKIP_DIRS.has(entry) || entry.startsWith("."))
+            continue;
+        const fullPath = join(dir, entry);
+        let stat;
+        try {
+            stat = statSync(fullPath);
+        }
+        catch {
+            continue;
+        }
+        if (stat.isDirectory()) {
+            files.push(...getFiles(fullPath, extensions));
+        }
+        else if (extensions.some((ext) => entry.endsWith(ext))) {
+            files.push(fullPath);
+        }
+    }
+    return files;
+}
+function countFiles(dir) {
+    return getFiles(dir, [
+        ".ts",
+        ".tsx",
+        ".js",
+        ".jsx",
+        ".py",
+        ".go",
+        ".rs",
+        ".sol",
+        ".md",
+        ".json",
+        ".yaml",
+        ".yml",
+    ]).length;
+}
+function getDirSize(dir) {
+    let size = 0;
+    let entries;
+    try {
+        entries = readdirSync(dir);
+    }
+    catch {
+        return 0;
+    }
+    for (const entry of entries) {
+        if (SKIP_DIRS.has(entry))
+            continue;
+        const fullPath = join(dir, entry);
+        let stat;
+        try {
+            stat = statSync(fullPath);
+        }
+        catch {
+            continue;
+        }
+        if (stat.isDirectory()) {
+            size += getDirSize(fullPath);
+        }
+        else {
+            size += stat.size;
+        }
+    }
+    return size;
+}
+function findLargeFiles(dir, maxSize) {
+    const large = [];
+    let entries;
+    try {
+        entries = readdirSync(dir);
+    }
+    catch {
+        return large;
+    }
+    for (const entry of entries) {
+        if (SKIP_DIRS.has(entry))
+            continue;
+        const fullPath = join(dir, entry);
+        let stat;
+        try {
+            stat = statSync(fullPath);
+        }
+        catch {
+            continue;
+        }
+        if (stat.isDirectory()) {
+            large.push(...findLargeFiles(fullPath, maxSize));
+        }
+        else if (stat.size > maxSize) {
+            large.push(fullPath);
+        }
+    }
+    return large;
+}
+function generateSummary(checks, score, requirements) {
+    const passed = checks.filter((c) => c.passed).length;
+    const total = checks.length;
+    const topIssues = checks.flatMap((c) => c.issues).slice(0, 3);
+    return (`Score: ${score}/100 (${passed}/${total} checks passed). ` +
+        `Requirements: ${requirements}. ` +
+        (topIssues.length > 0
+            ? `Top issues: ${topIssues.join("; ")}`
+            : "No major issues found."));
+}
+function generateRecommendations(checks) {
+    const recs = [];
+    for (const check of checks) {
+        if (!check.passed) {
+            recs.push(`Improve ${check.dimension}: ${check.issues[0] || "needs work"}`);
+        }
+    }
+    return recs.slice(0, 5);
+}
+//# sourceMappingURL=verify.js.map