@vibecheckai/cli 3.5.0 → 3.5.2

package/bin/runners/lib/engines/type-aware-engine.js

@@ -1,105 +1,12 @@
 /**
  * Type-Aware Analysis Engine
  * Uses TypeScript type information for more accurate detection
- * Enhanced with context-aware detection:
- * - Legitimate uses of `any` in generics, catch clauses, type definitions
- * - Non-null assertions preceded by null checks
- * - @ts-ignore with explanatory comments
- * - Framework-specific patterns (React, Next.js)
  */
 
 const { getAST } = require("./ast-cache");
 const traverse = require("@babel/traverse").default;
 const t = require("@babel/types");
 
-/**
- * Contexts where `any` is legitimate
- */
-const LEGITIMATE_ANY_CONTEXTS = [
-  // Catch clause parameter
-  /catch\s*\(\s*\w+\s*:\s*any/,
-  // Generic constraints
-  /<[^>]*any[^>]*>/,
-  // Type utility definitions
-  /type\s+\w+<.*any.*>/,
-  // Third-party library type fixes
-  /\/\/\s*@types\/|\/\/\s*TODO:\s*fix\s*types?/i,
-  // Conditional types
-  /extends\s+any/,
-  // Mapped types
-  /\[\s*\w+\s+in\s+keyof\s+any\s*\]/,
-];
-
-/**
- * Check if `any` is in a legitimate context
- */
-function isLegitimateAnyContext(line, lines, lineIndex) {
-  // Check the current line
-  if (LEGITIMATE_ANY_CONTEXTS.some(pattern => pattern.test(line))) {
-    return true;
-  }
-  
-  // Check surrounding context (type definitions often span multiple lines)
-  const start = Math.max(0, lineIndex - 2);
-  const end = Math.min(lines.length, lineIndex + 2);
-  const context = lines.slice(start, end).join('\n');
-  
-  // Type definition files (.d.ts)
-  if (context.includes('declare ') || context.includes('export type ') || context.includes('export interface ')) {
-    return true;
-  }
-  
-  // Event handlers often need any for native events
-  if (/on\w+\s*=|addEventListener|handleEvent/.test(context)) {
-    return true;
-  }
-  
-  // JSON parsing (any is common and acceptable)
-  if (/JSON\.parse|\.json\(\)|response\.json/.test(context)) {
-    return true;
-  }
-  
-  return false;
-}
-
-/**
- * Check if non-null assertion is preceded by a null check
- */
-function hasPrecedingNullCheck(lines, lineIndex, varName) {
-  // Look back a few lines for null checks
-  const start = Math.max(0, lineIndex - 5);
-  const context = lines.slice(start, lineIndex + 1).join('\n');
-  
-  // Common null check patterns
-  const nullCheckPatterns = [
-    new RegExp(`if\\s*\\(\\s*!?${varName}\\s*\\)`, 'i'),
-    new RegExp(`if\\s*\\(\\s*${varName}\\s*!==?\\s*(?:null|undefined)`, 'i'),
-    new RegExp(`if\\s*\\(\\s*${varName}\\s*&&`, 'i'),
-    new RegExp(`${varName}\\s*&&\\s*${varName}`, 'i'),
-    new RegExp(`${varName}\\s*\\?\\?`, 'i'), // Nullish coalescing
-    /\.filter\(|\.find\(|\.some\(|\.every\(/, // Array methods often guarantee non-null
-  ];
-  
-  return nullCheckPatterns.some(pattern => pattern.test(context));
-}
-
-/**
- * Check if @ts-ignore has an explanation
- */
-function hasExplanation(line, nextLine) {
-  // Check if the same line has an explanation
-  const hasInlineExplanation = /@ts-(?:ignore|expect-error)\s*[-:]\s*\w/.test(line);
-  if (hasInlineExplanation) return true;
-  
-  // Check if there's a comment on the previous or next line explaining why
-  const explanationPatterns = [
-    /\/\/.*(?:because|due to|reason|workaround|todo|fixme|third[- ]?party|library|types? (?:issue|bug|missing))/i,
-    /\/\/.*https?:\/\//, // Link to issue/discussion
-  ];
-  
-  return explanationPatterns.some(pattern => pattern.test(line) || pattern.test(nextLine || ''));
-}
-
 /**
  * Analyze type-related issues
  */
@@ -110,38 +17,13 @@ function analyzeTypeAware(code, filePath) {
 
   const lines = code.split("\n");
   const isTypeScript = filePath.endsWith(".ts") || filePath.endsWith(".tsx");
-  
-  // Skip .d.ts declaration files (they legitimately use `any` for typing)
-  if (filePath.endsWith(".d.ts")) {
-    return findings;
-  }
 
   // Type safety issues
   traverse(ast, {
-    // Any types in TypeScript - now context-aware
+    // Any types in TypeScript
     TSAnyKeyword(path) {
       if (isTypeScript) {
         const line = path.node.loc.start.line;
-        const lineContent = lines[line - 1] || "";
-        
-        // Skip if in a legitimate context
-        if (isLegitimateAnyContext(lineContent, lines, line - 1)) {
-          return;
-        }
-        
-        // Check parent node for more context
-        const parent = path.parent;
-        
-        // Skip catch clause parameters
-        if (t.isCatchClause(path.parentPath?.parent)) {
-          return;
-        }
-        
-        // Skip type parameters (generics)
-        if (t.isTSTypeParameterDeclaration(parent)) {
-          return;
-        }
-        
         findings.push({
           type: "any_type",
           severity: "WARN",
@@ -150,66 +32,40 @@ function analyzeTypeAware(code, filePath) {
           line,
           column: path.node.loc.start.column,
           title: "Use of 'any' type",
-          message: "Using 'any' defeats TypeScript's type safety. Consider using 'unknown' instead.",
-          codeSnippet: lineContent.trim(),
+          message: "Using 'any' type defeats TypeScript's type safety",
+          codeSnippet: lines[line - 1]?.trim(),
           confidence: "high",
-          fixHint: "Replace 'any' with a specific type or 'unknown' for type safety",
         });
       }
     },
     
-    // @ts-ignore comments - now checks for explanations
+    // @ts-ignore comments
     Comment(path) {
       const comment = path.node;
       if (comment.type === "CommentLine" || comment.type === "CommentBlock") {
         const text = comment.value || "";
-        const match = text.match(/@ts-(ignore|expect-error|nocheck)/);
-        if (match) {
+        if (/@ts-ignore|@ts-expect-error|@ts-nocheck/.test(text)) {
           const line = comment.loc.start.line;
-          const lineContent = lines[line - 1] || "";
-          const nextLine = lines[line] || "";
-          
-          // Lower severity if has explanation or is @ts-expect-error (better practice)
-          const hasExplanationComment = hasExplanation(lineContent, nextLine);
-          const isExpectError = match[1] === "expect-error";
-          
-          // @ts-nocheck on whole files is worse
-          const isNocheck = match[1] === "nocheck";
-          
           findings.push({
             type: "ts_ignore",
-            severity: isNocheck ? "BLOCK" : (hasExplanationComment ? "INFO" : "WARN"),
+            severity: "WARN",
             category: "TypeSafety",
             file: filePath,
             line,
             column: comment.loc.start.column,
-            title: `TypeScript error suppression (${match[0]})`,
-            message: isNocheck 
-              ? "@ts-nocheck disables type checking for entire file - this is dangerous"
-              : hasExplanationComment 
-                ? `Using ${match[0]} with explanation - consider fixing the underlying issue`
-                : `Using ${match[0]} without explanation - add a comment explaining why`,
-            codeSnippet: lineContent.trim(),
-            confidence: hasExplanationComment ? "med" : "high",
-            fixHint: isExpectError 
-              ? "@ts-expect-error is preferred over @ts-ignore (fails if error goes away)"
-              : "Add an explanation comment or fix the underlying type issue",
+            title: "TypeScript error suppression",
+            message: `Using ${text.match(/@ts-\w+/)?.[0]} suppresses type checking - fix the underlying issue`,
+            codeSnippet: lines[line - 1]?.trim(),
+            confidence: "high",
           });
         }
       }
     },
     
-    // Unsafe type assertions (as any) - skip legitimate contexts
+    // Unsafe type assertions (as any)
     TSAsExpression(path) {
       if (t.isTSAnyKeyword(path.node.typeAnnotation)) {
         const line = path.node.loc.start.line;
-        const lineContent = lines[line - 1] || "";
-        
-        // Skip if in legitimate context
-        if (isLegitimateAnyContext(lineContent, lines, line - 1)) {
-          return;
-        }
-        
         findings.push({
           type: "unsafe_type_assertion",
           severity: "WARN",
@@ -218,48 +74,16 @@ function analyzeTypeAware(code, filePath) {
           line,
           column: path.node.loc.start.column,
           title: "Unsafe type assertion (as any)",
-          message: "Type assertion to 'any' bypasses type checking. Use 'as unknown as T' for safer casting.",
-          codeSnippet: lineContent.trim(),
+          message: "Type assertion to 'any' bypasses type checking",
+          codeSnippet: lines[line - 1]?.trim(),
           confidence: "high",
-          fixHint: "Use 'as unknown as Type' for explicit type narrowing or fix the underlying type issue",
         });
       }
     },
     
-    // Non-null assertions (!) - now checks for preceding null checks
+    // Non-null assertions (!)
     TSNonNullExpression(path) {
       const line = path.node.loc.start.line;
-      const lineContent = lines[line - 1] || "";
-      
-      // Try to get the variable name being asserted
-      let varName = "";
-      if (t.isIdentifier(path.node.expression)) {
-        varName = path.node.expression.name;
-      } else if (t.isMemberExpression(path.node.expression)) {
-        // Get the full member expression (e.g., "obj.prop")
-        if (t.isIdentifier(path.node.expression.property)) {
-          varName = path.node.expression.property.name;
-        }
-      }
-      
-      // Skip if there's a preceding null check
-      if (varName && hasPrecedingNullCheck(lines, line - 1, varName)) {
-        return;
-      }
-      
-      // Skip common safe patterns
-      const safePatterns = [
-        /\.filter\([^)]+\).*!/, // After filter
-        /\.find\([^)]+\).*!/, // After find with condition
-        /assert.*!/, // After assertion
-        /if\s*\(.*!\s*\)/, // Inside if condition
-        /\?\?.*!/, // After nullish coalescing
-      ];
-      
-      if (safePatterns.some(p => p.test(lineContent))) {
-        return;
-      }
-      
       findings.push({
         type: "non_null_assertion",
         severity: "WARN",
@@ -269,99 +93,51 @@ function analyzeTypeAware(code, filePath) {
         column: path.node.loc.start.column,
         title: "Non-null assertion operator (!)",
         message: "Non-null assertion can cause runtime errors if value is null/undefined",
-        codeSnippet: lineContent.trim(),
+        codeSnippet: lines[line - 1]?.trim(),
         confidence: "med",
-        fixHint: "Add a null check before using the value, or use optional chaining (?.) with a default",
       });
     },
     
-    // Removed: OptionalMemberExpression check was too noisy
-    // Optional chaining is a GOOD pattern, not something to warn about
+    // Optional chaining without null check
+    OptionalMemberExpression(path) {
+      // Check if result is used without null check
+      const parent = path.parent;
+      if (!t.isIfStatement(parent) && !t.isConditionalExpression(parent)) {
+        const line = path.node.loc.start.line;
+        findings.push({
+          type: "unsafe_optional_chaining",
+          severity: "WARN",
+          category: "TypeSafety",
+          file: filePath,
+          line,
+          column: path.node.loc.start.column,
+          title: "Optional chaining without null check",
+          message: "Optional chaining result should be checked for null/undefined",
+          codeSnippet: lines[line - 1]?.trim(),
+          confidence: "low",
+        });
+      }
+    },
   });
 
-  // Missing return type annotations - only for exported/public functions
+  // Missing return type annotations
   if (isTypeScript) {
     traverse(ast, {
       FunctionDeclaration(path) {
         const node = path.node;
         if (!node.returnType && node.id) {
-          // Only flag exported functions (public API)
-          const isExported = path.parent && 
-            (t.isExportNamedDeclaration(path.parent) || 
-             t.isExportDefaultDeclaration(path.parent));
-          
-          // Skip short utility functions (likely internal)
-          const lineCount = node.loc.end.line - node.loc.start.line;
-          if (!isExported && lineCount < 5) {
-            return;
-          }
-          
-          // Skip functions that clearly return void (no return statement or only return;)
-          let hasNonVoidReturn = false;
-          traverse(node, {
-            ReturnStatement(returnPath) {
-              if (returnPath.node.argument) {
-                hasNonVoidReturn = true;
-              }
-            },
-          }, path.scope, path);
-          
-          if (!hasNonVoidReturn && !isExported) {
-            return;
-          }
-          
           const line = node.loc.start.line;
           findings.push({
             type: "missing_return_type",
-            severity: isExported ? "WARN" : "INFO",
+            severity: "WARN",
             category: "TypeSafety",
             file: filePath,
             line,
             column: node.loc.start.column,
-            title: `Missing return type: ${node.id.name}`,
-            message: isExported 
-              ? "Exported function should have explicit return type for better API documentation"
-              : "Consider adding return type annotation for clarity",
+            title: `Missing return type annotation: ${node.id.name}`,
+            message: "Function should have explicit return type annotation",
             codeSnippet: lines[line - 1]?.trim(),
             confidence: "med",
-            fixHint: "Add return type annotation after the parameters: function name(): ReturnType",
-          });
-        }
-      },
-      
-      // Also check arrow functions assigned to exports
-      ArrowFunctionExpression(path) {
-        const parent = path.parent;
-        const grandparent = path.parentPath?.parent;
-        
-        // Check if it's an exported arrow function
-        const isExportedConst = 
-          t.isVariableDeclarator(parent) && 
-          t.isVariableDeclaration(grandparent) &&
-          path.parentPath?.parentPath?.parent &&
-          (t.isExportNamedDeclaration(path.parentPath.parentPath.parent) ||
-           t.isExportDefaultDeclaration(path.parentPath.parentPath.parent));
-        
-        if (isExportedConst && !path.node.returnType) {
-          const varName = parent.id?.name || "anonymous";
-          const line = path.node.loc.start.line;
-          
-          // Skip short arrow functions
-          const lineCount = path.node.loc.end.line - path.node.loc.start.line;
-          if (lineCount < 3) return;
-          
-          findings.push({
-            type: "missing_return_type",
-            severity: "INFO",
-            category: "TypeSafety",
-            file: filePath,
-            line,
-            column: path.node.loc.start.column,
-            title: `Missing return type: ${varName}`,
-            message: "Exported arrow function could benefit from explicit return type",
-            codeSnippet: lines[line - 1]?.trim(),
-            confidence: "low",
-            fixHint: "Add return type: const fn = (): ReturnType => { ... }",
           });
         }
       },

package/bin/runners/lib/engines/vibecheck-engines/index.js

@@ -1,124 +1,15 @@
-// Core utilities (use parent directory versions - newer/enhanced)
-const astCache = require('../ast-cache');
-const fileFilter = require('../file-filter');
-const parallelProcessor = require('../parallel-processor');
-
-// Analysis engines (use parent directory versions when available - they're newer)
-const deadCodeEngine = require('../dead-code-engine');
-const emptyCatchEngine = require('../empty-catch-engine');
-const codeQualityEngine = require('../code-quality-engine');
-const consoleLogsEngine = require('../console-logs-engine');
-const deprecatedApiEngine = require('../deprecated-api-engine'); // Use enhanced top-level version
-const hardcodedSecretsEngine = require('../hardcoded-secrets-engine'); // Use top-level version
-const mockDataEngine = require('../mock-data-engine'); // Use enhanced top-level version  
-const performanceIssuesEngine = require('../performance-issues-engine');
-const typeAwareEngine = require('../type-aware-engine');
-const unsafeRegexEngine = require('../unsafe-regex-engine');
-
-// NEW: Advanced vibecheck engines
-const aiHallucinationEngine = require('./lib/ai-hallucination-engine');
-const vibeScoreEngine = require('./lib/vibe-score-engine');
-const smartFixEngine = require('./lib/smart-fix-engine');
-
-// New engines from parent directory
-const bundleSizeEngine = require('../bundle-size-engine');
-const duplicateCodeEngine = require('../duplicate-code-engine');
-const envVariablesEngine = require('../env-variables-engine');
-const asyncPatternsEngine = require('../async-patterns-engine');
-const namingConventionsEngine = require('../naming-conventions-engine');
-const importOrderEngine = require('../import-order-engine');
-const reactPatternsEngine = require('../react-patterns-engine');
-const errorHandlingEngine = require('../error-handling-engine');
-const databasePatternsEngine = require('../database-patterns-engine');
-
-// Shared utilities from parent engines directory
-const confidenceScoring = require('../confidence-scoring');
-const frameworkDetection = require('../framework-detection');
-const contextDetection = require('../context-detection');
-
 module.exports = {
-  // AST cache utilities
-  ...astCache,
-  
-  // File filtering
-  fileFilter,
-  
-  // Parallel processing
-  parallelProcessor,
-  
-  // Analysis functions
-  analyzeDeadCode: deadCodeEngine.analyzeDeadCode,
-  analyzeEmptyCatch: emptyCatchEngine.analyzeEmptyCatch,
-  analyzeCodeQuality: codeQualityEngine.analyzeCodeQuality,
-  analyzeConsoleLogs: consoleLogsEngine.analyzeConsoleLogs,
-  analyzeDeprecatedApi: deprecatedApiEngine.analyzeDeprecatedApi,
-  analyzeHardcodedSecrets: hardcodedSecretsEngine.analyzeHardcodedSecrets,
-  analyzeMockData: mockDataEngine.analyzeMockData,
-  analyzePerformanceIssues: performanceIssuesEngine.analyzePerformanceIssues,
-  analyzeTypeAware: typeAwareEngine.analyzeTypeAware,
-  analyzeUnsafeRegex: unsafeRegexEngine.analyzeUnsafeRegex,
-  
-  // NEW: Advanced vibecheck analysis
-  analyzeAIHallucinations: aiHallucinationEngine.analyzeAIHallucinations,
-  calculateVibeScore: vibeScoreEngine.calculateVibeScore,
-  generateVibeReport: vibeScoreEngine.generateVibeReport,
-  generateVibeReportJSON: vibeScoreEngine.generateVibeReportJSON,
-  generateFixSuggestions: smartFixEngine.generateFixSuggestions,
-  generateFixPlan: smartFixEngine.generateFixPlan,
-  
-  // NEW: Engine exports for direct access
-  aiHallucinationEngine,
-  vibeScoreEngine,
-  smartFixEngine,
-  
-  // New analysis functions
-  analyzeBundleSize: bundleSizeEngine.analyzeBundleSize,
-  analyzeDuplicateCode: duplicateCodeEngine.analyzeDuplicateCode,
-  findDuplicatesAcrossFiles: duplicateCodeEngine.findDuplicatesAcrossFiles,
-  analyzeEnvVariables: envVariablesEngine.analyzeEnvVariables,
-  analyzeEnvSetup: envVariablesEngine.analyzeEnvSetup,
-  analyzeAsyncPatterns: asyncPatternsEngine.analyzeAsyncPatterns,
-  analyzeNamingConventions: namingConventionsEngine.analyzeNamingConventions,
-  analyzeImportOrder: importOrderEngine.analyzeImportOrder,
-  analyzeReactPatterns: reactPatternsEngine.analyzeReactPatterns,
-  analyzeErrorHandling: errorHandlingEngine.analyzeErrorHandling,
-  analyzeDatabasePatterns: databasePatternsEngine.analyzeDatabasePatterns,
-  
-  // Shared utilities
-  confidenceScoring,
-  frameworkDetection,
-  contextDetection,
-  bundleSizeEngine,
-  duplicateCodeEngine,
-  envVariablesEngine,
-  asyncPatternsEngine,
-  namingConventionsEngine,
-  importOrderEngine,
-  reactPatternsEngine,
-  errorHandlingEngine,
-  databasePatternsEngine,
-  
-  // Confidence scoring exports (for convenience)
-  CONFIDENCE: confidenceScoring.CONFIDENCE,
-  createFinding: confidenceScoring.createFinding,
-  normalizeConfidence: confidenceScoring.normalizeConfidence,
-  
-  // Framework detection exports (for convenience)
-  FRAMEWORKS: frameworkDetection.FRAMEWORKS,
-  getFileContext: frameworkDetection.getFileContext,
-  hasFramework: frameworkDetection.hasFramework,
-  
-  // Bundle size exports
-  HEAVY_PACKAGES: bundleSizeEngine.HEAVY_PACKAGES,
-  isClientFile: bundleSizeEngine.isClientFile,
-  
-  // Vibe Score exports (for convenience)
-  SCORE_WEIGHTS: vibeScoreEngine.SCORE_WEIGHTS,
-  GRADE_THRESHOLDS: vibeScoreEngine.GRADE_THRESHOLDS,
-  
-  // AI Hallucination exports
-  HALLUCINATION_PATTERNS: aiHallucinationEngine.HALLUCINATION_PATTERNS,
-  
-  // Smart Fix exports
-  FIX_TEMPLATES: smartFixEngine.FIX_TEMPLATES,
+  ...require('./lib/ast-cache'),
+  fileFilter: require('./lib/file-filter'),
+  parallelProcessor: require('./lib/parallel-processor'),
+  analyzeDeadCode: require('./lib/dead-code-engine').analyzeDeadCode,
+  analyzeEmptyCatch: require('./lib/empty-catch-engine').analyzeEmptyCatch,
+  analyzeCodeQuality: require('./lib/code-quality-engine').analyzeCodeQuality,
+  analyzeConsoleLogs: require('./lib/console-logs-engine').analyzeConsoleLogs,
+  analyzeDeprecatedApi: require('./lib/deprecated-api-engine').analyzeDeprecatedApi,
+  analyzeHardcodedSecrets: require('./lib/hardcoded-secrets-engine').analyzeHardcodedSecrets,
+  analyzeMockData: require('./lib/mock-data-engine').analyzeMockData,
+  analyzePerformanceIssues: require('./lib/performance-issues-engine').analyzePerformanceIssues,
+  analyzeTypeAware: require('./lib/type-aware-engine').analyzeTypeAware,
+  analyzeUnsafeRegex: require('./lib/unsafe-regex-engine').analyzeUnsafeRegex,
 };