@vyuhlabs/dxkit 1.6.1 → 2.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +115 -0
- package/README.md +3 -3
- package/dist/agents/extract.d.ts +25 -0
- package/dist/agents/extract.d.ts.map +1 -0
- package/dist/agents/extract.js +186 -0
- package/dist/agents/extract.js.map +1 -0
- package/dist/agents/schemas.d.ts +106 -0
- package/dist/agents/schemas.d.ts.map +1 -0
- package/dist/agents/schemas.js +86 -0
- package/dist/agents/schemas.js.map +1 -0
- package/dist/agents/session.d.ts +28 -0
- package/dist/agents/session.d.ts.map +1 -0
- package/dist/agents/session.js +223 -0
- package/dist/agents/session.js.map +1 -0
- package/dist/analyzers/developer/detailed.js +1 -1
- package/dist/analyzers/developer/detailed.js.map +1 -1
- package/dist/analyzers/dispatcher.d.ts +36 -0
- package/dist/analyzers/dispatcher.d.ts.map +1 -0
- package/dist/analyzers/dispatcher.js +62 -0
- package/dist/analyzers/dispatcher.js.map +1 -0
- package/dist/analyzers/docs/shallow.d.ts +3 -2
- package/dist/analyzers/docs/shallow.d.ts.map +1 -1
- package/dist/analyzers/docs/shallow.js +2 -2
- package/dist/analyzers/docs/shallow.js.map +1 -1
- package/dist/analyzers/dx/shallow.d.ts +3 -2
- package/dist/analyzers/dx/shallow.d.ts.map +1 -1
- package/dist/analyzers/dx/shallow.js +2 -2
- package/dist/analyzers/dx/shallow.js.map +1 -1
- package/dist/analyzers/health/actions.d.ts +3 -3
- package/dist/analyzers/health/actions.d.ts.map +1 -1
- package/dist/analyzers/health/actions.js +99 -52
- package/dist/analyzers/health/actions.js.map +1 -1
- package/dist/analyzers/health/detailed.d.ts.map +1 -1
- package/dist/analyzers/health/detailed.js +6 -2
- package/dist/analyzers/health/detailed.js.map +1 -1
- package/dist/analyzers/health.d.ts +0 -2
- package/dist/analyzers/health.d.ts.map +1 -1
- package/dist/analyzers/health.js +134 -72
- package/dist/analyzers/health.js.map +1 -1
- package/dist/analyzers/maintainability/shallow.d.ts +3 -2
- package/dist/analyzers/maintainability/shallow.d.ts.map +1 -1
- package/dist/analyzers/maintainability/shallow.js +2 -2
- package/dist/analyzers/maintainability/shallow.js.map +1 -1
- package/dist/analyzers/quality/detailed.js +1 -1
- package/dist/analyzers/quality/detailed.js.map +1 -1
- package/dist/analyzers/quality/gather.d.ts +33 -4
- package/dist/analyzers/quality/gather.d.ts.map +1 -1
- package/dist/analyzers/quality/gather.js +81 -93
- package/dist/analyzers/quality/gather.js.map +1 -1
- package/dist/analyzers/quality/index.js +4 -4
- package/dist/analyzers/quality/index.js.map +1 -1
- package/dist/analyzers/quality/shallow.d.ts +3 -2
- package/dist/analyzers/quality/shallow.d.ts.map +1 -1
- package/dist/analyzers/quality/shallow.js +2 -2
- package/dist/analyzers/quality/shallow.js.map +1 -1
- package/dist/analyzers/scoring.d.ts +26 -9
- package/dist/analyzers/scoring.d.ts.map +1 -1
- package/dist/analyzers/scoring.js +83 -71
- package/dist/analyzers/scoring.js.map +1 -1
- package/dist/analyzers/security/detailed.js +1 -1
- package/dist/analyzers/security/detailed.js.map +1 -1
- package/dist/analyzers/security/gather.d.ts +28 -5
- package/dist/analyzers/security/gather.d.ts.map +1 -1
- package/dist/analyzers/security/gather.js +87 -135
- package/dist/analyzers/security/gather.js.map +1 -1
- package/dist/analyzers/security/index.d.ts +1 -1
- package/dist/analyzers/security/index.d.ts.map +1 -1
- package/dist/analyzers/security/index.js +16 -11
- package/dist/analyzers/security/index.js.map +1 -1
- package/dist/analyzers/security/report.d.ts +6 -0
- package/dist/analyzers/security/report.d.ts.map +1 -0
- package/dist/analyzers/security/report.js +118 -0
- package/dist/analyzers/security/report.js.map +1 -0
- package/dist/analyzers/security/shallow.d.ts +3 -2
- package/dist/analyzers/security/shallow.d.ts.map +1 -1
- package/dist/analyzers/security/shallow.js +2 -2
- package/dist/analyzers/security/shallow.js.map +1 -1
- package/dist/analyzers/tests/detailed.js +1 -1
- package/dist/analyzers/tests/detailed.js.map +1 -1
- package/dist/analyzers/tests/import-graph.d.ts +8 -22
- package/dist/analyzers/tests/import-graph.d.ts.map +1 -1
- package/dist/analyzers/tests/import-graph.js +22 -189
- package/dist/analyzers/tests/import-graph.js.map +1 -1
- package/dist/analyzers/tests/index.d.ts +1 -1
- package/dist/analyzers/tests/index.d.ts.map +1 -1
- package/dist/analyzers/tests/index.js +3 -3
- package/dist/analyzers/tests/index.js.map +1 -1
- package/dist/analyzers/tests/shallow.d.ts +3 -2
- package/dist/analyzers/tests/shallow.d.ts.map +1 -1
- package/dist/analyzers/tests/shallow.js +2 -2
- package/dist/analyzers/tests/shallow.js.map +1 -1
- package/dist/analyzers/tools/coverage.d.ts +21 -11
- package/dist/analyzers/tools/coverage.d.ts.map +1 -1
- package/dist/analyzers/tools/coverage.js +32 -44
- package/dist/analyzers/tools/coverage.js.map +1 -1
- package/dist/analyzers/tools/dotnet.d.ts +8 -0
- package/dist/analyzers/tools/dotnet.d.ts.map +1 -0
- package/dist/analyzers/tools/dotnet.js +81 -0
- package/dist/analyzers/tools/dotnet.js.map +1 -0
- package/dist/analyzers/tools/gather-cache.d.ts +16 -0
- package/dist/analyzers/tools/gather-cache.d.ts.map +1 -0
- package/dist/analyzers/tools/gather-cache.js +126 -0
- package/dist/analyzers/tools/gather-cache.js.map +1 -0
- package/dist/analyzers/tools/generic.d.ts.map +1 -1
- package/dist/analyzers/tools/generic.js +6 -28
- package/dist/analyzers/tools/generic.js.map +1 -1
- package/dist/analyzers/tools/gitleaks.d.ts +28 -5
- package/dist/analyzers/tools/gitleaks.d.ts.map +1 -1
- package/dist/analyzers/tools/gitleaks.js +91 -37
- package/dist/analyzers/tools/gitleaks.js.map +1 -1
- package/dist/analyzers/tools/go.d.ts +8 -0
- package/dist/analyzers/tools/go.d.ts.map +1 -0
- package/dist/analyzers/tools/go.js +84 -0
- package/dist/analyzers/tools/go.js.map +1 -0
- package/dist/analyzers/tools/graphify.d.ts +31 -3
- package/dist/analyzers/tools/graphify.d.ts.map +1 -1
- package/dist/analyzers/tools/graphify.js +78 -36
- package/dist/analyzers/tools/graphify.js.map +1 -1
- package/dist/analyzers/tools/grep-secrets.d.ts +6 -0
- package/dist/analyzers/tools/grep-secrets.d.ts.map +1 -0
- package/dist/analyzers/tools/grep-secrets.js +124 -0
- package/dist/analyzers/tools/grep-secrets.js.map +1 -0
- package/dist/analyzers/tools/jscpd.d.ts +40 -0
- package/dist/analyzers/tools/jscpd.d.ts.map +1 -0
- package/dist/analyzers/tools/jscpd.js +96 -0
- package/dist/analyzers/tools/jscpd.js.map +1 -0
- package/dist/analyzers/tools/node.d.ts +8 -0
- package/dist/analyzers/tools/node.d.ts.map +1 -0
- package/dist/analyzers/tools/node.js +160 -0
- package/dist/analyzers/tools/node.js.map +1 -0
- package/dist/analyzers/tools/package-json.d.ts +6 -0
- package/dist/analyzers/tools/package-json.d.ts.map +1 -0
- package/dist/analyzers/tools/package-json.js +67 -0
- package/dist/analyzers/tools/package-json.js.map +1 -0
- package/dist/analyzers/tools/parallel.d.ts +22 -5
- package/dist/analyzers/tools/parallel.d.ts.map +1 -1
- package/dist/analyzers/tools/parallel.js +26 -185
- package/dist/analyzers/tools/parallel.js.map +1 -1
- package/dist/analyzers/tools/paths.d.ts +21 -0
- package/dist/analyzers/tools/paths.d.ts.map +1 -0
- package/dist/analyzers/tools/paths.js +62 -0
- package/dist/analyzers/tools/paths.js.map +1 -0
- package/dist/analyzers/tools/python.d.ts +8 -0
- package/dist/analyzers/tools/python.d.ts.map +1 -0
- package/dist/analyzers/tools/python.js +81 -0
- package/dist/analyzers/tools/python.js.map +1 -0
- package/dist/analyzers/tools/rust.d.ts +8 -0
- package/dist/analyzers/tools/rust.d.ts.map +1 -0
- package/dist/analyzers/tools/rust.js +86 -0
- package/dist/analyzers/tools/rust.js.map +1 -0
- package/dist/analyzers/tools/semgrep.d.ts +39 -0
- package/dist/analyzers/tools/semgrep.d.ts.map +1 -0
- package/dist/analyzers/tools/semgrep.js +129 -0
- package/dist/analyzers/tools/semgrep.js.map +1 -0
- package/dist/analyzers/tools/tool-registry.d.ts +0 -41
- package/dist/analyzers/tools/tool-registry.d.ts.map +1 -1
- package/dist/analyzers/tools/tool-registry.js +0 -87
- package/dist/analyzers/tools/tool-registry.js.map +1 -1
- package/dist/analyzers/types.d.ts +42 -30
- package/dist/analyzers/types.d.ts.map +1 -1
- package/dist/cli.js +2 -2
- package/dist/cli.js.map +1 -1
- package/dist/constants.d.ts +1 -3
- package/dist/constants.d.ts.map +1 -1
- package/dist/constants.js +55 -14
- package/dist/constants.js.map +1 -1
- package/dist/languages/capabilities/descriptors.d.ts +74 -0
- package/dist/languages/capabilities/descriptors.d.ts.map +1 -0
- package/dist/languages/capabilities/descriptors.js +250 -0
- package/dist/languages/capabilities/descriptors.js.map +1 -0
- package/dist/languages/capabilities/global.d.ts +43 -0
- package/dist/languages/capabilities/global.d.ts.map +1 -0
- package/dist/languages/capabilities/global.js +48 -0
- package/dist/languages/capabilities/global.js.map +1 -0
- package/dist/languages/capabilities/index.d.ts +31 -0
- package/dist/languages/capabilities/index.d.ts.map +1 -0
- package/dist/languages/capabilities/index.js +56 -0
- package/dist/languages/capabilities/index.js.map +1 -0
- package/dist/languages/capabilities/provider.d.ts +16 -0
- package/dist/languages/capabilities/provider.d.ts.map +1 -0
- package/dist/languages/capabilities/provider.js +12 -0
- package/dist/languages/capabilities/provider.js.map +1 -0
- package/dist/languages/capabilities/types.d.ts +226 -0
- package/dist/languages/capabilities/types.d.ts.map +1 -0
- package/dist/languages/capabilities/types.js +23 -0
- package/dist/languages/capabilities/types.js.map +1 -0
- package/dist/languages/csharp.d.ts +8 -0
- package/dist/languages/csharp.d.ts.map +1 -1
- package/dist/languages/csharp.js +203 -103
- package/dist/languages/csharp.js.map +1 -1
- package/dist/languages/go.d.ts +13 -7
- package/dist/languages/go.d.ts.map +1 -1
- package/dist/languages/go.js +277 -183
- package/dist/languages/go.js.map +1 -1
- package/dist/languages/python.d.ts +14 -0
- package/dist/languages/python.d.ts.map +1 -1
- package/dist/languages/python.js +276 -169
- package/dist/languages/python.js.map +1 -1
- package/dist/languages/rust.d.ts +8 -0
- package/dist/languages/rust.d.ts.map +1 -1
- package/dist/languages/rust.js +218 -131
- package/dist/languages/rust.js.map +1 -1
- package/dist/languages/types.d.ts +16 -15
- package/dist/languages/types.d.ts.map +1 -1
- package/dist/languages/typescript.d.ts +12 -11
- package/dist/languages/typescript.d.ts.map +1 -1
- package/dist/languages/typescript.js +256 -161
- package/dist/languages/typescript.js.map +1 -1
- package/package.json +1 -1
- package/templates/.ai/templates/session-checkpoint-template.md +97 -0
|
@@ -0,0 +1,84 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.gatherGoMetrics = gatherGoMetrics;
|
|
4
|
+
const runner_1 = require("./runner");
|
|
5
|
+
const tool_registry_1 = require("./tool-registry");
|
|
6
|
+
/** Gather Go-specific metrics. */
|
|
7
|
+
function gatherGoMetrics(cwd) {
|
|
8
|
+
const metrics = {
|
|
9
|
+
toolsUsed: [],
|
|
10
|
+
toolsUnavailable: [],
|
|
11
|
+
};
|
|
12
|
+
// golangci-lint
|
|
13
|
+
const lint = (0, tool_registry_1.findTool)(tool_registry_1.TOOL_DEFS['golangci-lint'], cwd);
|
|
14
|
+
if (lint.available && lint.path) {
|
|
15
|
+
const raw = (0, runner_1.run)(`${lint.path} run --out-format json ./... 2>/dev/null`, cwd, 120000);
|
|
16
|
+
if (raw) {
|
|
17
|
+
try {
|
|
18
|
+
const data = JSON.parse(raw);
|
|
19
|
+
const issues = data.Issues || [];
|
|
20
|
+
const errors = issues.filter((i) => i.Severity === 'error').length;
|
|
21
|
+
const warnings = issues.length - errors;
|
|
22
|
+
metrics.lintErrors = errors;
|
|
23
|
+
metrics.lintWarnings = warnings;
|
|
24
|
+
metrics.lintTool = 'golangci-lint';
|
|
25
|
+
metrics.toolsUsed.push('golangci-lint');
|
|
26
|
+
}
|
|
27
|
+
catch {
|
|
28
|
+
metrics.toolsUnavailable.push('golangci-lint (parse error)');
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
else {
|
|
32
|
+
// Empty = no issues
|
|
33
|
+
metrics.lintErrors = 0;
|
|
34
|
+
metrics.lintWarnings = 0;
|
|
35
|
+
metrics.lintTool = 'golangci-lint';
|
|
36
|
+
metrics.toolsUsed.push('golangci-lint');
|
|
37
|
+
}
|
|
38
|
+
}
|
|
39
|
+
else {
|
|
40
|
+
metrics.toolsUnavailable.push('golangci-lint');
|
|
41
|
+
}
|
|
42
|
+
// govulncheck
|
|
43
|
+
const vuln = (0, tool_registry_1.findTool)(tool_registry_1.TOOL_DEFS.govulncheck, cwd);
|
|
44
|
+
if (vuln.available && vuln.path) {
|
|
45
|
+
const raw = (0, runner_1.run)(`${vuln.path} -json ./... 2>/dev/null`, cwd, 120000);
|
|
46
|
+
if (raw) {
|
|
47
|
+
try {
|
|
48
|
+
// govulncheck JSON is newline-delimited JSON objects
|
|
49
|
+
let vulnCount = 0;
|
|
50
|
+
for (const line of raw.split('\n')) {
|
|
51
|
+
if (!line.trim())
|
|
52
|
+
continue;
|
|
53
|
+
try {
|
|
54
|
+
const obj = JSON.parse(line);
|
|
55
|
+
if (obj.finding)
|
|
56
|
+
vulnCount++;
|
|
57
|
+
}
|
|
58
|
+
catch {
|
|
59
|
+
/* skip non-JSON lines */
|
|
60
|
+
}
|
|
61
|
+
}
|
|
62
|
+
// govulncheck doesn't provide severity breakdown — count all as high
|
|
63
|
+
metrics.depVulnHigh = vulnCount;
|
|
64
|
+
metrics.depVulnCritical = 0;
|
|
65
|
+
metrics.depVulnMedium = 0;
|
|
66
|
+
metrics.depVulnLow = 0;
|
|
67
|
+
metrics.depAuditTool = 'govulncheck';
|
|
68
|
+
metrics.toolsUsed.push('govulncheck');
|
|
69
|
+
}
|
|
70
|
+
catch {
|
|
71
|
+
metrics.toolsUnavailable.push('govulncheck (parse error)');
|
|
72
|
+
}
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
else {
|
|
76
|
+
metrics.toolsUnavailable.push('govulncheck');
|
|
77
|
+
}
|
|
78
|
+
// Test framework detection
|
|
79
|
+
if ((0, runner_1.fileExists)(cwd, 'go.mod')) {
|
|
80
|
+
metrics.testFramework = 'go-test';
|
|
81
|
+
}
|
|
82
|
+
return metrics;
|
|
83
|
+
}
|
|
84
|
+
//# sourceMappingURL=go.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"go.js","sourceRoot":"","sources":["../../../src/analyzers/tools/go.ts"],"names":[],"mappings":";;AAkBA,0CAwEC;AArFD,qCAA2C;AAC3C,mDAAsD;AAWtD,kCAAkC;AAClC,SAAgB,eAAe,CAAC,GAAW;IACzC,MAAM,OAAO,GAA2B;QACtC,SAAS,EAAE,EAAE;QACb,gBAAgB,EAAE,EAAE;KACrB,CAAC;IAEF,gBAAgB;IAChB,MAAM,IAAI,GAAG,IAAA,wBAAQ,EAAC,yBAAS,CAAC,eAAe,CAAC,EAAE,GAAG,CAAC,CAAC;IACvD,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QAChC,MAAM,GAAG,GAAG,IAAA,YAAG,EAAC,GAAG,IAAI,CAAC,IAAI,0CAA0C,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QACrF,IAAI,GAAG,EAAE,CAAC;YACR,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAmB,CAAC;gBAC/C,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC;gBACjC,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,MAAM,CAAC;gBACnE,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,GAAG,MAAM,CAAC;gBACxC,OAAO,CAAC,UAAU,GAAG,MAAM,CAAC;gBAC5B,OAAO,CAAC,YAAY,GAAG,QAAQ,CAAC;gBAChC,OAAO,CAAC,QAAQ,GAAG,eAAe,CAAC;gBACnC,OAAO,CAAC,SAAU,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YAC3C,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,CAAC,gBAAiB,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;YAChE,CAAC;QACH,CAAC;aAAM,CAAC;YACN,oBAAoB;YACpB,OAAO,CAAC,UAAU,GAAG,CAAC,CAAC;YACvB,OAAO,CAAC,YAAY,GAAG,CAAC,CAAC;YACzB,OAAO,CAAC,QAAQ,GAAG,eAAe,CAAC;YACnC,OAAO,CAAC,SAAU,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,gBAAiB,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IAClD,CAAC;IAED,cAAc;IACd,MAAM,IAAI,GAAG,IAAA,wBAAQ,EAAC,yBAAS,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;IAClD,IAAI,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QAChC,MAAM,GAAG,GAAG,IAAA,YAAG,EAAC,GAAG,IAAI,CAAC,IAAI,0BAA0B,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QACrE,IAAI,GAAG,EAAE,CAAC;YACR,IAAI,CAAC;gBACH,qDAAqD;gBACrD,IAAI,SAAS,GAAG,CAAC,CAAC;gBAClB,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;oBACnC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;wBAAE,SAAS;oBAC3B,IAAI,CAAC;wBACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;wBAC7B,IAAI,GAAG,CAAC,OAAO;4BAAE,SAAS,EAAE,CAAC;oBAC/B,CAAC;oBAAC,MAAM,CAAC;wBACP,yBAAyB;oBAC3B,CAAC;gBACH,CAAC;gBACD,qEAAqE;gBACrE,OAAO,CAAC,WAAW,GAAG,SAAS,CAAC;gBAChC,OAAO,CAAC,eAAe,GAAG,CAAC,CAAC;gBAC5B,OAAO,CAAC,aAAa,GAAG,CAAC,CAAC;gBAC1B,OAAO,CAAC,UAAU,GAAG,CAAC,CAAC;gBACvB,OAAO,CAAC,YAAY,GAAG,aAAa,CAAC;gBACrC,OAAO,CAAC,SAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YACzC,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,CAAC,gBAAiB,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;YAC9D,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,gBAAiB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAChD,CAAC;IAED,2BAA2B;IAC3B,IAAI,IAAA,mBAAU,EAAC,GAAG,EAAE,QAAQ,CAAC,EAAE,CAAC;QAC9B,OAAO,CAAC,aAAa,GAAG,SAAS,CAAC;IACpC,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
|
@@ -1,4 +1,32 @@
|
|
|
1
|
-
import {
|
|
2
|
-
|
|
3
|
-
|
|
1
|
+
import type { CapabilityProvider } from '../../languages/capabilities/provider';
|
|
2
|
+
import type { StructuralResult } from '../../languages/capabilities/types';
|
|
3
|
+
/**
|
|
4
|
+
* Outcome union mirrors the other global wrappers (gitleaks, semgrep,
|
|
5
|
+
* jscpd). The capability provider collapses this to `StructuralResult
|
|
6
|
+
* | null`; the Layer 2 reshape in `tools/parallel.ts` reads
|
|
7
|
+
* `unavailable.reason` so `toolsUnavailable` surfaces the precise
|
|
8
|
+
* failure mode (`graphify (not installed)`, `graphify (failed to run)`,
|
|
9
|
+
* `graphify (parse error)`, …).
|
|
10
|
+
*/
|
|
11
|
+
export type StructuralGatherOutcome = {
|
|
12
|
+
kind: 'success';
|
|
13
|
+
envelope: StructuralResult;
|
|
14
|
+
} | {
|
|
15
|
+
kind: 'unavailable';
|
|
16
|
+
reason: string;
|
|
17
|
+
};
|
|
18
|
+
/**
|
|
19
|
+
* Single source of truth for the graphify subprocess invocation.
|
|
20
|
+
* Consumed by `graphifyProvider` (capability dispatcher) and by the
|
|
21
|
+
* Layer 2 legacy reshape in `tools/parallel.ts` — both paths share the
|
|
22
|
+
* memoized per-cwd outcome so graphify shells out at most once per
|
|
23
|
+
* analyzer run.
|
|
24
|
+
*/
|
|
25
|
+
export declare function gatherGraphifyResult(cwd: string): StructuralGatherOutcome;
|
|
26
|
+
/**
|
|
27
|
+
* Capability-shaped provider. Register in
|
|
28
|
+
* `src/languages/capabilities/global.ts:GLOBAL_CAPABILITIES.structural`
|
|
29
|
+
* so the dispatcher picks it up via `providersFor(STRUCTURAL)`.
|
|
30
|
+
*/
|
|
31
|
+
export declare const graphifyProvider: CapabilityProvider<StructuralResult>;
|
|
4
32
|
//# sourceMappingURL=graphify.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"graphify.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/graphify.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"graphify.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/graphify.ts"],"names":[],"mappings":"AAmBA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,uCAAuC,CAAC;AAChF,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,oCAAoC,CAAC;AAsI3E;;;;;;;GAOG;AACH,MAAM,MAAM,uBAAuB,GAC/B;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,QAAQ,EAAE,gBAAgB,CAAA;CAAE,GAC/C;IAAE,IAAI,EAAE,aAAa,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC;AAa5C;;;;;;GAMG;AACH,wBAAgB,oBAAoB,CAAC,GAAG,EAAE,MAAM,GAAG,uBAAuB,CAMzE;AAkDD;;;;GAIG;AACH,eAAO,MAAM,gBAAgB,EAAE,kBAAkB,CAAC,gBAAgB,CAMjE,CAAC"}
|
|
@@ -33,13 +33,22 @@ var __importStar = (this && this.__importStar) || (function () {
|
|
|
33
33
|
};
|
|
34
34
|
})();
|
|
35
35
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
-
exports.
|
|
36
|
+
exports.graphifyProvider = void 0;
|
|
37
|
+
exports.gatherGraphifyResult = gatherGraphifyResult;
|
|
37
38
|
/**
|
|
38
|
-
* Graphify integration
|
|
39
|
+
* Graphify integration — deterministic AST extraction via tree-sitter.
|
|
39
40
|
* Layer 2 (optional): requires `pip install graphifyy`.
|
|
40
41
|
*
|
|
41
|
-
*
|
|
42
|
-
*
|
|
42
|
+
* Exposes one gather helper — `gatherGraphifyResult(cwd)` — returning a
|
|
43
|
+
* typed outcome with either a `StructuralResult` envelope or the reason
|
|
44
|
+
* extraction was skipped. Consumed by the capability provider
|
|
45
|
+
* (`graphifyProvider`) and by the Layer 2 legacy-field reshape path in
|
|
46
|
+
* `tools/parallel.ts`. Memoized per-cwd so both callers share one
|
|
47
|
+
* invocation per analyzer run.
|
|
48
|
+
*
|
|
49
|
+
* Known flake (Phase 10f.2): `/tmp/graphify-venv` race + `/tmp`
|
|
50
|
+
* cleanup kills graphify ~50% of runs. Separate behavioral fix; this
|
|
51
|
+
* file's structure is unaffected.
|
|
43
52
|
*/
|
|
44
53
|
const fs = __importStar(require("fs"));
|
|
45
54
|
const runner_1 = require("./runner");
|
|
@@ -162,14 +171,35 @@ print(json.dumps({
|
|
|
162
171
|
}))
|
|
163
172
|
`;
|
|
164
173
|
}
|
|
165
|
-
/**
|
|
166
|
-
|
|
167
|
-
|
|
174
|
+
/**
|
|
175
|
+
* Per-cwd memoization of the graphify outcome. Graphify is the heaviest
|
|
176
|
+
* external tool dxkit shells out to (~10-60s depending on repo size);
|
|
177
|
+
* memoizing ensures the Layer 2 reshape path + the capability
|
|
178
|
+
* dispatcher's `graphifyProvider` share one invocation per analyzer run.
|
|
179
|
+
*
|
|
180
|
+
* Same constraints as the gitleaks cache: module-scoped, no automatic
|
|
181
|
+
* invalidation, safe for the one-shot CLI shape.
|
|
182
|
+
*/
|
|
183
|
+
const graphifyOutcomeCache = new Map();
|
|
184
|
+
/**
|
|
185
|
+
* Single source of truth for the graphify subprocess invocation.
|
|
186
|
+
* Consumed by `graphifyProvider` (capability dispatcher) and by the
|
|
187
|
+
* Layer 2 legacy reshape in `tools/parallel.ts` — both paths share the
|
|
188
|
+
* memoized per-cwd outcome so graphify shells out at most once per
|
|
189
|
+
* analyzer run.
|
|
190
|
+
*/
|
|
191
|
+
function gatherGraphifyResult(cwd) {
|
|
192
|
+
const cached = graphifyOutcomeCache.get(cwd);
|
|
193
|
+
if (cached)
|
|
194
|
+
return cached;
|
|
195
|
+
const outcome = computeGraphifyOutcome(cwd);
|
|
196
|
+
graphifyOutcomeCache.set(cwd, outcome);
|
|
197
|
+
return outcome;
|
|
198
|
+
}
|
|
199
|
+
function computeGraphifyOutcome(cwd) {
|
|
168
200
|
const pythonCmd = findPython(cwd);
|
|
169
|
-
if (!pythonCmd)
|
|
170
|
-
return {
|
|
171
|
-
}
|
|
172
|
-
// Write script to temp file to avoid shell escaping issues
|
|
201
|
+
if (!pythonCmd)
|
|
202
|
+
return { kind: 'unavailable', reason: 'not installed' };
|
|
173
203
|
const scriptPath = `/tmp/dxkit-graphify-${Date.now()}.py`;
|
|
174
204
|
fs.writeFileSync(scriptPath, buildGraphifyScript(cwd));
|
|
175
205
|
// Redirect stderr to suppress progress output, run from /tmp to avoid writing to target
|
|
@@ -180,40 +210,52 @@ function gatherGraphifyMetrics(cwd) {
|
|
|
180
210
|
catch {
|
|
181
211
|
/* ignore */
|
|
182
212
|
}
|
|
183
|
-
if (!output)
|
|
184
|
-
return {
|
|
185
|
-
|
|
186
|
-
// Graphify prints progress to stdout before the JSON — extract only the JSON line
|
|
213
|
+
if (!output)
|
|
214
|
+
return { kind: 'unavailable', reason: 'failed to run' };
|
|
215
|
+
// Graphify prints progress to stdout before the JSON — extract only the JSON line.
|
|
187
216
|
const jsonLine = output
|
|
188
217
|
.split('\n')
|
|
189
218
|
.filter((l) => l.startsWith('{'))
|
|
190
219
|
.pop();
|
|
191
|
-
if (!jsonLine)
|
|
192
|
-
return {
|
|
193
|
-
|
|
220
|
+
if (!jsonLine)
|
|
221
|
+
return { kind: 'unavailable', reason: 'no JSON output' };
|
|
222
|
+
let data;
|
|
194
223
|
try {
|
|
195
|
-
|
|
196
|
-
if (data.error) {
|
|
197
|
-
return { toolsUnavailable: [`graphify (${data.error})`] };
|
|
198
|
-
}
|
|
199
|
-
return {
|
|
200
|
-
functionCount: data.functionCount,
|
|
201
|
-
classCount: data.classCount,
|
|
202
|
-
maxFunctionsInFile: data.maxFunctionsInFile,
|
|
203
|
-
maxFunctionsFilePath: data.maxFunctionsFilePath,
|
|
204
|
-
godNodeCount: data.godNodeCount,
|
|
205
|
-
communityCount: data.communityCount,
|
|
206
|
-
avgCohesion: data.avgCohesion,
|
|
207
|
-
orphanModuleCount: data.orphanModuleCount,
|
|
208
|
-
deadImportCount: data.deadImportCount,
|
|
209
|
-
commentedCodeRatio: data.commentedCodeRatio,
|
|
210
|
-
toolsUsed: ['graphify'],
|
|
211
|
-
};
|
|
224
|
+
data = JSON.parse(jsonLine);
|
|
212
225
|
}
|
|
213
226
|
catch {
|
|
214
|
-
return {
|
|
227
|
+
return { kind: 'unavailable', reason: 'parse error' };
|
|
215
228
|
}
|
|
229
|
+
if (data.error)
|
|
230
|
+
return { kind: 'unavailable', reason: data.error };
|
|
231
|
+
const envelope = {
|
|
232
|
+
schemaVersion: 1,
|
|
233
|
+
tool: 'graphify',
|
|
234
|
+
functionCount: data.functionCount,
|
|
235
|
+
classCount: data.classCount,
|
|
236
|
+
maxFunctionsInFile: data.maxFunctionsInFile,
|
|
237
|
+
maxFunctionsFilePath: data.maxFunctionsFilePath,
|
|
238
|
+
godNodeCount: data.godNodeCount,
|
|
239
|
+
communityCount: data.communityCount,
|
|
240
|
+
avgCohesion: data.avgCohesion,
|
|
241
|
+
orphanModuleCount: data.orphanModuleCount,
|
|
242
|
+
deadImportCount: data.deadImportCount,
|
|
243
|
+
commentedCodeRatio: data.commentedCodeRatio,
|
|
244
|
+
};
|
|
245
|
+
return { kind: 'success', envelope };
|
|
216
246
|
}
|
|
247
|
+
/**
|
|
248
|
+
* Capability-shaped provider. Register in
|
|
249
|
+
* `src/languages/capabilities/global.ts:GLOBAL_CAPABILITIES.structural`
|
|
250
|
+
* so the dispatcher picks it up via `providersFor(STRUCTURAL)`.
|
|
251
|
+
*/
|
|
252
|
+
exports.graphifyProvider = {
|
|
253
|
+
source: 'graphify',
|
|
254
|
+
async gather(cwd) {
|
|
255
|
+
const outcome = gatherGraphifyResult(cwd);
|
|
256
|
+
return outcome.kind === 'success' ? outcome.envelope : null;
|
|
257
|
+
},
|
|
258
|
+
};
|
|
217
259
|
/** Find a working python3 that has graphify installed. Delegates to tool-registry. */
|
|
218
260
|
function findPython(cwd) {
|
|
219
261
|
const status = (0, tool_registry_1.findTool)(tool_registry_1.TOOL_DEFS.graphify, cwd);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"graphify.js","sourceRoot":"","sources":["../../../src/analyzers/tools/graphify.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"graphify.js","sourceRoot":"","sources":["../../../src/analyzers/tools/graphify.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAwLA,oDAMC;AA9LD;;;;;;;;;;;;;;GAcG;AACH,uCAAyB;AACzB,qCAA+B;AAC/B,mDAAsD;AACtD,6CAAmD;AAkBnD,8EAA8E;AAC9E,SAAS,mBAAmB,CAAC,GAAW;IACtC,OAAO;;;;;;;;;;;;;;;;;;;;iBAoBQ,IAAA,gCAAmB,EAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA6FxC,CAAC;AACF,CAAC;AAcD;;;;;;;;GAQG;AACH,MAAM,oBAAoB,GAAG,IAAI,GAAG,EAAmC,CAAC;AAExE;;;;;;GAMG;AACH,SAAgB,oBAAoB,CAAC,GAAW;IAC9C,MAAM,MAAM,GAAG,oBAAoB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7C,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAC1B,MAAM,OAAO,GAAG,sBAAsB,CAAC,GAAG,CAAC,CAAC;IAC5C,oBAAoB,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;IACvC,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,sBAAsB,CAAC,GAAW;IACzC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAClC,IAAI,CAAC,SAAS;QAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC;IAExE,MAAM,UAAU,GAAG,uBAAuB,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC;IAC1D,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC;IACvD,wFAAwF;IACxF,MAAM,MAAM,GAAG,IAAA,YAAG,EAAC,cAAc,SAAS,KAAK,UAAU,MAAM,GAAG,eAAe,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;IAChG,IAAI,CAAC;QACH,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;IAC5B,CAAC;IAAC,MAAM,CAAC;QACP,YAAY;IACd,CAAC;IAED,IAAI,CAAC,MAAM;QAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC;IAErE,mFAAmF;IACnF,MAAM,QAAQ,GAAG,MAAM;SACpB,KAAK,CAAC,IAAI,CAAC;SACX,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;SAChC,GAAG,EAAE,CAAC;IACT,IAAI,CAAC,QAAQ;QAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IAExE,IAAI,IAAyC,CAAC;IAC9C,IAAI,CAAC;QACH,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAwC,CAAC;IACrE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;IACxD,CAAC;IACD,IAAI,IAAI,CAAC,KAAK;QAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC;IAEnE,MAAM,QAAQ,GAAqB;QACjC,aAAa,EAAE,CAAC;QAChB,IAAI,EAAE,UAAU;QAChB,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,kBAAkB,EAAE,IAAI,CAAC,kBAAkB;QAC3C,oBAAoB,EAAE,IAAI,CAAC,oBAAoB;QAC/C,YAAY,EAAE,IAAI,CAAC,YAAY;QAC/B,cAAc,EAAE,IAAI,CAAC,cAAc;QACnC,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;QACzC,eAAe,EAAE,IAAI,CAAC,eAAe;QACrC,kBAAkB,EAAE,IAAI,CAAC,kBAAkB;KAC5C,CAAC;IACF,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AACvC,CAAC;AAED;;;;GAIG;AACU,QAAA,gBAAgB,GAAyC;IACpE,MAAM,EAAE,UAAU;IAClB,KAAK,CAAC,MAAM,CAAC,GAAG;QACd,MAAM,OAAO,GAAG,oBAAoB,CAAC,GAAG,CAAC,CAAC;QAC1C,OAAO,OAAO,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC9D,CAAC;CACF,CAAC;AAEF,sFAAsF;AACtF,SAAS,UAAU,CAAC,GAAW;IAC7B,MAAM,MAAM,GAAG,IAAA,wBAAQ,EAAC,yBAAS,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;IACjD,OAAO,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;AAC/C,CAAC"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import type { CapabilityProvider } from '../../languages/capabilities/provider';
|
|
2
|
+
import type { SecretsResult } from '../../languages/capabilities/types';
|
|
3
|
+
/** Scan source files for the fallback patterns. Returns null when gitleaks is installed. */
|
|
4
|
+
export declare function gatherGrepSecretsResult(cwd: string): SecretsResult | null;
|
|
5
|
+
export declare const grepSecretsProvider: CapabilityProvider<SecretsResult>;
|
|
6
|
+
//# sourceMappingURL=grep-secrets.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"grep-secrets.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/grep-secrets.ts"],"names":[],"mappings":"AAoBA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,uCAAuC,CAAC;AAChF,OAAO,KAAK,EAAiB,aAAa,EAAE,MAAM,oCAAoC,CAAC;AA0BvF,4FAA4F;AAC5F,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,aAAa,GAAG,IAAI,CAkDzE;AAED,eAAO,MAAM,mBAAmB,EAAE,kBAAkB,CAAC,aAAa,CAKjE,CAAC"}
|
|
@@ -0,0 +1,124 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
+
if (k2 === undefined) k2 = k;
|
|
4
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
+
}
|
|
8
|
+
Object.defineProperty(o, k2, desc);
|
|
9
|
+
}) : (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
o[k2] = m[k];
|
|
12
|
+
}));
|
|
13
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
+
}) : function(o, v) {
|
|
16
|
+
o["default"] = v;
|
|
17
|
+
});
|
|
18
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
+
var ownKeys = function(o) {
|
|
20
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
+
var ar = [];
|
|
22
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
+
return ar;
|
|
24
|
+
};
|
|
25
|
+
return ownKeys(o);
|
|
26
|
+
};
|
|
27
|
+
return function (mod) {
|
|
28
|
+
if (mod && mod.__esModule) return mod;
|
|
29
|
+
var result = {};
|
|
30
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
+
__setModuleDefault(result, mod);
|
|
32
|
+
return result;
|
|
33
|
+
};
|
|
34
|
+
})();
|
|
35
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
+
exports.grepSecretsProvider = void 0;
|
|
37
|
+
exports.gatherGrepSecretsResult = gatherGrepSecretsResult;
|
|
38
|
+
/**
|
|
39
|
+
* Grep-based secret scanner — the 7-pattern fallback that runs when
|
|
40
|
+
* gitleaks is unavailable. Re-registered under `GLOBAL_CAPABILITIES.secrets`
|
|
41
|
+
* in Phase 10e.C.7.5 after `generic.ts`'s legacy Layer-0 equivalent was
|
|
42
|
+
* deleted alongside the capability-owned `HealthMetrics.secretDetails`.
|
|
43
|
+
*
|
|
44
|
+
* When gitleaks IS available, this provider returns null — gitleaks's
|
|
45
|
+
* 800+ rules are a strict superset, and running both would double-count
|
|
46
|
+
* overlapping matches (AWS keys, GitHub tokens, Anthropic keys). The
|
|
47
|
+
* SECRETS descriptor aggregate unions findings, so a null from this
|
|
48
|
+
* provider simply yields to gitleaks. That mirrors pre-C.7 behavior
|
|
49
|
+
* exactly: gitleaks dominates when installed, grep carries the signal
|
|
50
|
+
* when it isn't.
|
|
51
|
+
*/
|
|
52
|
+
const path = __importStar(require("path"));
|
|
53
|
+
const runner_1 = require("./runner");
|
|
54
|
+
const tool_registry_1 = require("./tool-registry");
|
|
55
|
+
const exclusions_1 = require("./exclusions");
|
|
56
|
+
const paths_1 = require("./paths");
|
|
57
|
+
const suppressions_1 = require("./suppressions");
|
|
58
|
+
/**
|
|
59
|
+
* Seven patterns that catch the most common hardcoded-secret shapes.
|
|
60
|
+
* Mirrors the set that lived in `generic.ts` pre-C.7, with identical
|
|
61
|
+
* rule IDs so downstream reports stay stable.
|
|
62
|
+
*/
|
|
63
|
+
const PATTERNS = [
|
|
64
|
+
{ pattern: 'password[[:space:]]*[:=]', rule: 'hardcoded-password' },
|
|
65
|
+
{ pattern: 'api[_-]?key[[:space:]]*[:=]', rule: 'hardcoded-api-key' },
|
|
66
|
+
{ pattern: 'secret[[:space:]]*[:=]', rule: 'hardcoded-secret' },
|
|
67
|
+
{ pattern: 'BEGIN.*PRIVATE KEY', rule: 'private-key-in-source' },
|
|
68
|
+
{ pattern: 'AKIA[0-9A-Z]{16}', rule: 'aws-access-key' },
|
|
69
|
+
{ pattern: 'ghp_[a-zA-Z0-9]{36}', rule: 'github-token' },
|
|
70
|
+
{ pattern: 'sk-ant-[a-zA-Z0-9]', rule: 'anthropic-api-key' },
|
|
71
|
+
];
|
|
72
|
+
function severityFor(rule) {
|
|
73
|
+
return rule.includes('private-key') || rule.includes('password') ? 'critical' : 'high';
|
|
74
|
+
}
|
|
75
|
+
/** Scan source files for the fallback patterns. Returns null when gitleaks is installed. */
|
|
76
|
+
function gatherGrepSecretsResult(cwd) {
|
|
77
|
+
// Yield to gitleaks — superset coverage, no point running both. When
|
|
78
|
+
// gitleaks is absent `findTool` returns `available: false` and we proceed
|
|
79
|
+
// with the fallback scan.
|
|
80
|
+
const gitleaks = (0, tool_registry_1.findTool)(tool_registry_1.TOOL_DEFS.gitleaks, cwd);
|
|
81
|
+
if (gitleaks.available)
|
|
82
|
+
return null;
|
|
83
|
+
const excludes = (0, exclusions_1.getGrepExcludeDirFlags)(cwd);
|
|
84
|
+
const includeFlags = "--include='*.ts' --include='*.tsx' --include='*.js' --include='*.py' --include='*.go'";
|
|
85
|
+
const raw = [];
|
|
86
|
+
for (const sp of PATTERNS) {
|
|
87
|
+
// Single-quoted pattern + -E for extended regex. Per the feedback memory.
|
|
88
|
+
const output = (0, runner_1.run)(`grep -rnE '${sp.pattern}' ${includeFlags} ${excludes} . 2>/dev/null | head -50`, cwd);
|
|
89
|
+
if (!output)
|
|
90
|
+
continue;
|
|
91
|
+
for (const line of output.split('\n').filter((l) => l.trim())) {
|
|
92
|
+
// Format: ./relative/path:lineno:matched-text
|
|
93
|
+
const match = line.match(/^\.\/(.+?):(\d+):/);
|
|
94
|
+
if (!match)
|
|
95
|
+
continue;
|
|
96
|
+
const file = (0, paths_1.toProjectRelative)(cwd, path.join(cwd, match[1]));
|
|
97
|
+
if ((0, exclusions_1.isExcludedPath)(cwd, file))
|
|
98
|
+
continue;
|
|
99
|
+
raw.push({
|
|
100
|
+
file,
|
|
101
|
+
line: parseInt(match[2], 10),
|
|
102
|
+
rule: sp.rule,
|
|
103
|
+
severity: severityFor(sp.rule),
|
|
104
|
+
});
|
|
105
|
+
}
|
|
106
|
+
}
|
|
107
|
+
// Apply `.dxkit-suppressions.json` under the same key gitleaks uses, so
|
|
108
|
+
// a repo's existing suppressions cover both scanners.
|
|
109
|
+
const suppressions = (0, suppressions_1.loadSuppressions)(cwd);
|
|
110
|
+
const { kept, suppressed } = (0, suppressions_1.applySuppressions)(raw, suppressions.gitleaks, (d) => d.rule, (d) => d.file);
|
|
111
|
+
return {
|
|
112
|
+
schemaVersion: 1,
|
|
113
|
+
tool: 'grep-secrets',
|
|
114
|
+
findings: kept,
|
|
115
|
+
suppressedCount: suppressed.length,
|
|
116
|
+
};
|
|
117
|
+
}
|
|
118
|
+
exports.grepSecretsProvider = {
|
|
119
|
+
source: 'grep-secrets',
|
|
120
|
+
async gather(cwd) {
|
|
121
|
+
return gatherGrepSecretsResult(cwd);
|
|
122
|
+
},
|
|
123
|
+
};
|
|
124
|
+
//# sourceMappingURL=grep-secrets.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"grep-secrets.js","sourceRoot":"","sources":["../../../src/analyzers/tools/grep-secrets.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAgDA,0DAkDC;AAlGD;;;;;;;;;;;;;GAaG;AACH,2CAA6B;AAC7B,qCAA+B;AAC/B,mDAAsD;AACtD,6CAAsE;AACtE,mCAA4C;AAC5C,iDAAqE;AASrE;;;;GAIG;AACH,MAAM,QAAQ,GAAkB;IAC9B,EAAE,OAAO,EAAE,0BAA0B,EAAE,IAAI,EAAE,oBAAoB,EAAE;IACnE,EAAE,OAAO,EAAE,6BAA6B,EAAE,IAAI,EAAE,mBAAmB,EAAE;IACrE,EAAE,OAAO,EAAE,wBAAwB,EAAE,IAAI,EAAE,kBAAkB,EAAE;IAC/D,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,uBAAuB,EAAE;IAChE,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,gBAAgB,EAAE;IACvD,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,cAAc,EAAE;IACxD,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,mBAAmB,EAAE;CAC7D,CAAC;AAEF,SAAS,WAAW,CAAC,IAAY;IAC/B,OAAO,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC;AACzF,CAAC;AAED,4FAA4F;AAC5F,SAAgB,uBAAuB,CAAC,GAAW;IACjD,qEAAqE;IACrE,0EAA0E;IAC1E,0BAA0B;IAC1B,MAAM,QAAQ,GAAG,IAAA,wBAAQ,EAAC,yBAAS,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;IACnD,IAAI,QAAQ,CAAC,SAAS;QAAE,OAAO,IAAI,CAAC;IAEpC,MAAM,QAAQ,GAAG,IAAA,mCAAsB,EAAC,GAAG,CAAC,CAAC;IAC7C,MAAM,YAAY,GAChB,uFAAuF,CAAC;IAE1F,MAAM,GAAG,GAAoB,EAAE,CAAC;IAChC,KAAK,MAAM,EAAE,IAAI,QAAQ,EAAE,CAAC;QAC1B,0EAA0E;QAC1E,MAAM,MAAM,GAAG,IAAA,YAAG,EAChB,cAAc,EAAE,CAAC,OAAO,KAAK,YAAY,IAAI,QAAQ,2BAA2B,EAChF,GAAG,CACJ,CAAC;QACF,IAAI,CAAC,MAAM;YAAE,SAAS;QACtB,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;YAC9D,8CAA8C;YAC9C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;YAC9C,IAAI,CAAC,KAAK;gBAAE,SAAS;YACrB,MAAM,IAAI,GAAG,IAAA,yBAAiB,EAAC,GAAG,EAAE,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9D,IAAI,IAAA,2BAAc,EAAC,GAAG,EAAE,IAAI,CAAC;gBAAE,SAAS;YACxC,GAAG,CAAC,IAAI,CAAC;gBACP,IAAI;gBACJ,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;gBAC5B,IAAI,EAAE,EAAE,CAAC,IAAI;gBACb,QAAQ,EAAE,WAAW,CAAC,EAAE,CAAC,IAAI,CAAC;aAC/B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,wEAAwE;IACxE,sDAAsD;IACtD,MAAM,YAAY,GAAG,IAAA,+BAAgB,EAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,IAAA,gCAAiB,EAC5C,GAAG,EACH,YAAY,CAAC,QAAQ,EACrB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EACb,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CACd,CAAC;IAEF,OAAO;QACL,aAAa,EAAE,CAAC;QAChB,IAAI,EAAE,cAAc;QACpB,QAAQ,EAAE,IAAI;QACd,eAAe,EAAE,UAAU,CAAC,MAAM;KACnC,CAAC;AACJ,CAAC;AAEY,QAAA,mBAAmB,GAAsC;IACpE,MAAM,EAAE,cAAc;IACtB,KAAK,CAAC,MAAM,CAAC,GAAG;QACd,OAAO,uBAAuB,CAAC,GAAG,CAAC,CAAC;IACtC,CAAC;CACF,CAAC"}
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* jscpd integration — duplicate-code detection.
|
|
3
|
+
*
|
|
4
|
+
* The `jscpdProvider` is registered in `GLOBAL_CAPABILITIES.duplication`
|
|
5
|
+
* (src/languages/capabilities/global.ts). jscpd runs once per repo with
|
|
6
|
+
* a fixed source-file pattern and respects the project's `.gitignore`
|
|
7
|
+
* via the `--gitignore` flag — crucial on large repos, jscpd without
|
|
8
|
+
* it walks into `node_modules` and OOMs.
|
|
9
|
+
*
|
|
10
|
+
* The source-file pattern is cross-language (all five packs' extensions
|
|
11
|
+
* in one glob). jscpd's tokenizer is language-aware so this is safe;
|
|
12
|
+
* keeping the pattern declared here rather than per-pack avoids five
|
|
13
|
+
* separate jscpd invocations on mixed-stack repos.
|
|
14
|
+
*/
|
|
15
|
+
import type { CapabilityProvider } from '../../languages/capabilities/provider';
|
|
16
|
+
import type { DuplicationResult } from '../../languages/capabilities/types';
|
|
17
|
+
/**
|
|
18
|
+
* Outcome union mirrors the other global wrappers (gitleaks, semgrep,
|
|
19
|
+
* graphify). Collapses to `DuplicationResult | null` at the provider
|
|
20
|
+
* level; keeping the `unavailable.reason` at this level lets internal
|
|
21
|
+
* callers distinguish install-missing from parse-failure if needed.
|
|
22
|
+
*/
|
|
23
|
+
export type DuplicationGatherOutcome = {
|
|
24
|
+
kind: 'success';
|
|
25
|
+
envelope: DuplicationResult;
|
|
26
|
+
} | {
|
|
27
|
+
kind: 'unavailable';
|
|
28
|
+
reason: string;
|
|
29
|
+
};
|
|
30
|
+
/**
|
|
31
|
+
* Single source of truth for the jscpd invocation. Consumed by
|
|
32
|
+
* `jscpdProvider` (capability dispatcher).
|
|
33
|
+
*/
|
|
34
|
+
export declare function gatherJscpdResult(cwd: string): DuplicationGatherOutcome;
|
|
35
|
+
/**
|
|
36
|
+
* Capability-shaped provider. Registered in
|
|
37
|
+
* `src/languages/capabilities/global.ts:GLOBAL_CAPABILITIES.duplication`.
|
|
38
|
+
*/
|
|
39
|
+
export declare const jscpdProvider: CapabilityProvider<DuplicationResult>;
|
|
40
|
+
//# sourceMappingURL=jscpd.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"jscpd.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/jscpd.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,uCAAuC,CAAC;AAChF,OAAO,KAAK,EAAoB,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AAsB9F;;;;;GAKG;AACH,MAAM,MAAM,wBAAwB,GAChC;IAAE,IAAI,EAAE,SAAS,CAAC;IAAC,QAAQ,EAAE,iBAAiB,CAAA;CAAE,GAChD;IAAE,IAAI,EAAE,aAAa,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC;AAgC5C;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,wBAAwB,CAqCvE;AAED;;;GAGG;AACH,eAAO,MAAM,aAAa,EAAE,kBAAkB,CAAC,iBAAiB,CAM/D,CAAC"}
|
|
@@ -0,0 +1,96 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* jscpd integration — duplicate-code detection.
|
|
4
|
+
*
|
|
5
|
+
* The `jscpdProvider` is registered in `GLOBAL_CAPABILITIES.duplication`
|
|
6
|
+
* (src/languages/capabilities/global.ts). jscpd runs once per repo with
|
|
7
|
+
* a fixed source-file pattern and respects the project's `.gitignore`
|
|
8
|
+
* via the `--gitignore` flag — crucial on large repos, jscpd without
|
|
9
|
+
* it walks into `node_modules` and OOMs.
|
|
10
|
+
*
|
|
11
|
+
* The source-file pattern is cross-language (all five packs' extensions
|
|
12
|
+
* in one glob). jscpd's tokenizer is language-aware so this is safe;
|
|
13
|
+
* keeping the pattern declared here rather than per-pack avoids five
|
|
14
|
+
* separate jscpd invocations on mixed-stack repos.
|
|
15
|
+
*/
|
|
16
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
exports.jscpdProvider = void 0;
|
|
18
|
+
exports.gatherJscpdResult = gatherJscpdResult;
|
|
19
|
+
const runner_1 = require("./runner");
|
|
20
|
+
const tool_registry_1 = require("./tool-registry");
|
|
21
|
+
/**
|
|
22
|
+
* Union of source extensions across all language packs. A union pattern
|
|
23
|
+
* rather than per-pack invocation so mixed-stack repos (Node + Python)
|
|
24
|
+
* pay for one jscpd run, not N. Adding a language's extensions here is
|
|
25
|
+
* the one cross-cutting edit needed when registering a new pack.
|
|
26
|
+
*/
|
|
27
|
+
const JSCPD_PATTERN = '**/*.{ts,tsx,js,jsx,py,go,rs,cs}';
|
|
28
|
+
/** Extract the top N clone pairs sorted largest-first. */
|
|
29
|
+
function topClonesFrom(duplicates, limit = 15) {
|
|
30
|
+
return duplicates
|
|
31
|
+
.filter((d) => d.firstFile?.name && d.secondFile?.name && d.lines)
|
|
32
|
+
.map((d) => ({
|
|
33
|
+
lines: d.lines || 0,
|
|
34
|
+
tokens: d.tokens || 0,
|
|
35
|
+
a: {
|
|
36
|
+
file: d.firstFile.name,
|
|
37
|
+
startLine: d.firstFile.start || 0,
|
|
38
|
+
endLine: d.firstFile.end || 0,
|
|
39
|
+
},
|
|
40
|
+
b: {
|
|
41
|
+
file: d.secondFile.name,
|
|
42
|
+
startLine: d.secondFile.start || 0,
|
|
43
|
+
endLine: d.secondFile.end || 0,
|
|
44
|
+
},
|
|
45
|
+
}))
|
|
46
|
+
.sort((x, y) => y.lines - x.lines)
|
|
47
|
+
.slice(0, limit);
|
|
48
|
+
}
|
|
49
|
+
/**
|
|
50
|
+
* Single source of truth for the jscpd invocation. Consumed by
|
|
51
|
+
* `jscpdProvider` (capability dispatcher).
|
|
52
|
+
*/
|
|
53
|
+
function gatherJscpdResult(cwd) {
|
|
54
|
+
const status = (0, tool_registry_1.findTool)(tool_registry_1.TOOL_DEFS.jscpd, cwd);
|
|
55
|
+
if (!status.available || !status.path)
|
|
56
|
+
return { kind: 'unavailable', reason: 'not installed' };
|
|
57
|
+
const reportDir = `/tmp/dxkit-jscpd-${Date.now()}`;
|
|
58
|
+
(0, runner_1.run)(`${status.path} --reporters json --output '${reportDir}' --gitignore --pattern '${JSCPD_PATTERN}' --min-lines 5 --min-tokens 50 '${cwd}' > /dev/null 2>&1`, cwd, 300000);
|
|
59
|
+
const reportRaw = (0, runner_1.run)(`cat '${reportDir}/jscpd-report.json' 2>/dev/null`, cwd);
|
|
60
|
+
(0, runner_1.run)(`rm -rf '${reportDir}'`, cwd);
|
|
61
|
+
if (!reportRaw)
|
|
62
|
+
return { kind: 'unavailable', reason: 'no output' };
|
|
63
|
+
let data;
|
|
64
|
+
try {
|
|
65
|
+
data = JSON.parse(reportRaw);
|
|
66
|
+
}
|
|
67
|
+
catch {
|
|
68
|
+
return { kind: 'unavailable', reason: 'parse error' };
|
|
69
|
+
}
|
|
70
|
+
const t = data.statistics?.total;
|
|
71
|
+
if (!t)
|
|
72
|
+
return { kind: 'unavailable', reason: 'no total stats' };
|
|
73
|
+
const duplicates = data.duplicates || [];
|
|
74
|
+
const envelope = {
|
|
75
|
+
schemaVersion: 1,
|
|
76
|
+
tool: 'jscpd',
|
|
77
|
+
totalLines: t.lines,
|
|
78
|
+
duplicatedLines: t.duplicatedLines,
|
|
79
|
+
percentage: Math.round(t.percentage * 100) / 100,
|
|
80
|
+
cloneCount: duplicates.length,
|
|
81
|
+
topClones: topClonesFrom(duplicates),
|
|
82
|
+
};
|
|
83
|
+
return { kind: 'success', envelope };
|
|
84
|
+
}
|
|
85
|
+
/**
|
|
86
|
+
* Capability-shaped provider. Registered in
|
|
87
|
+
* `src/languages/capabilities/global.ts:GLOBAL_CAPABILITIES.duplication`.
|
|
88
|
+
*/
|
|
89
|
+
exports.jscpdProvider = {
|
|
90
|
+
source: 'jscpd',
|
|
91
|
+
async gather(cwd) {
|
|
92
|
+
const outcome = gatherJscpdResult(cwd);
|
|
93
|
+
return outcome.kind === 'success' ? outcome.envelope : null;
|
|
94
|
+
},
|
|
95
|
+
};
|
|
96
|
+
//# sourceMappingURL=jscpd.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"jscpd.js","sourceRoot":"","sources":["../../../src/analyzers/tools/jscpd.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;GAaG;;;AAqEH,8CAqCC;AAtGD,qCAA+B;AAC/B,mDAAsD;AA8BtD;;;;;GAKG;AACH,MAAM,aAAa,GAAG,kCAAkC,CAAC;AAEzD,0DAA0D;AAC1D,SAAS,aAAa,CAAC,UAA+B,EAAE,KAAK,GAAG,EAAE;IAChE,OAAO,UAAU;SACd,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,EAAE,IAAI,IAAI,CAAC,CAAC,UAAU,EAAE,IAAI,IAAI,CAAC,CAAC,KAAK,CAAC;SACjE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACX,KAAK,EAAE,CAAC,CAAC,KAAK,IAAI,CAAC;QACnB,MAAM,EAAE,CAAC,CAAC,MAAM,IAAI,CAAC;QACrB,CAAC,EAAE;YACD,IAAI,EAAE,CAAC,CAAC,SAAU,CAAC,IAAK;YACxB,SAAS,EAAE,CAAC,CAAC,SAAU,CAAC,KAAK,IAAI,CAAC;YAClC,OAAO,EAAE,CAAC,CAAC,SAAU,CAAC,GAAG,IAAI,CAAC;SAC/B;QACD,CAAC,EAAE;YACD,IAAI,EAAE,CAAC,CAAC,UAAW,CAAC,IAAK;YACzB,SAAS,EAAE,CAAC,CAAC,UAAW,CAAC,KAAK,IAAI,CAAC;YACnC,OAAO,EAAE,CAAC,CAAC,UAAW,CAAC,GAAG,IAAI,CAAC;SAChC;KACF,CAAC,CAAC;SACF,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC;SACjC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;AACrB,CAAC;AAED;;;GAGG;AACH,SAAgB,iBAAiB,CAAC,GAAW;IAC3C,MAAM,MAAM,GAAG,IAAA,wBAAQ,EAAC,yBAAS,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAC9C,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,CAAC,MAAM,CAAC,IAAI;QAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,eAAe,EAAE,CAAC;IAE/F,MAAM,SAAS,GAAG,oBAAoB,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;IACnD,IAAA,YAAG,EACD,GAAG,MAAM,CAAC,IAAI,+BAA+B,SAAS,4BAA4B,aAAa,oCAAoC,GAAG,oBAAoB,EAC1J,GAAG,EACH,MAAM,CACP,CAAC;IAEF,MAAM,SAAS,GAAG,IAAA,YAAG,EAAC,QAAQ,SAAS,iCAAiC,EAAE,GAAG,CAAC,CAAC;IAC/E,IAAA,YAAG,EAAC,WAAW,SAAS,GAAG,EAAE,GAAG,CAAC,CAAC;IAElC,IAAI,CAAC,SAAS;QAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;IAEpE,IAAI,IAAiB,CAAC;IACtB,IAAI,CAAC;QACH,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAgB,CAAC;IAC9C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC;IACxD,CAAC;IAED,MAAM,CAAC,GAAG,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC;IACjC,IAAI,CAAC,CAAC;QAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;IAEjE,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,EAAE,CAAC;IACzC,MAAM,QAAQ,GAAsB;QAClC,aAAa,EAAE,CAAC;QAChB,IAAI,EAAE,OAAO;QACb,UAAU,EAAE,CAAC,CAAC,KAAK;QACnB,eAAe,EAAE,CAAC,CAAC,eAAe;QAClC,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,UAAU,GAAG,GAAG,CAAC,GAAG,GAAG;QAChD,UAAU,EAAE,UAAU,CAAC,MAAM;QAC7B,SAAS,EAAE,aAAa,CAAC,UAAU,CAAC;KACrC,CAAC;IACF,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AACvC,CAAC;AAED;;;GAGG;AACU,QAAA,aAAa,GAA0C;IAClE,MAAM,EAAE,OAAO;IACf,KAAK,CAAC,MAAM,CAAC,GAAG;QACd,MAAM,OAAO,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC;QACvC,OAAO,OAAO,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC9D,CAAC;CACF,CAAC"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Node.js tool runner -- eslint, npm audit, test runners.
|
|
3
|
+
* Layer 1 (project tools) + Layer 2 (optional tools).
|
|
4
|
+
*/
|
|
5
|
+
import { HealthMetrics } from '../types';
|
|
6
|
+
/** Gather Node.js-specific metrics. */
|
|
7
|
+
export declare function gatherNodeMetrics(cwd: string): Partial<HealthMetrics>;
|
|
8
|
+
//# sourceMappingURL=node.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"node.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/node.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAiBzC,uCAAuC;AACvC,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC,CAwFrE"}
|