@vyuhlabs/dxkit 2.4.6 → 2.4.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (357) hide show
  1. package/CHANGELOG.md +1076 -0
  2. package/README.md +132 -27
  3. package/dist/analysis-result.d.ts +112 -0
  4. package/dist/analysis-result.d.ts.map +1 -0
  5. package/dist/analysis-result.js +52 -0
  6. package/dist/analysis-result.js.map +1 -0
  7. package/dist/analyzers/bom/detailed.d.ts.map +1 -1
  8. package/dist/analyzers/bom/detailed.js +19 -0
  9. package/dist/analyzers/bom/detailed.js.map +1 -1
  10. package/dist/analyzers/bom/gather.d.ts +27 -26
  11. package/dist/analyzers/bom/gather.d.ts.map +1 -1
  12. package/dist/analyzers/bom/gather.js +26 -87
  13. package/dist/analyzers/bom/gather.js.map +1 -1
  14. package/dist/analyzers/bom/index.d.ts +0 -7
  15. package/dist/analyzers/bom/index.d.ts.map +1 -1
  16. package/dist/analyzers/bom/index.js +98 -48
  17. package/dist/analyzers/bom/index.js.map +1 -1
  18. package/dist/analyzers/bom/types.d.ts +11 -13
  19. package/dist/analyzers/bom/types.d.ts.map +1 -1
  20. package/dist/analyzers/cache.d.ts +95 -0
  21. package/dist/analyzers/cache.d.ts.map +1 -0
  22. package/dist/analyzers/cache.js +309 -0
  23. package/dist/analyzers/cache.js.map +1 -0
  24. package/dist/analyzers/coverage-runner.d.ts +56 -0
  25. package/dist/analyzers/coverage-runner.d.ts.map +1 -0
  26. package/dist/analyzers/coverage-runner.js +72 -0
  27. package/dist/analyzers/coverage-runner.js.map +1 -0
  28. package/dist/analyzers/dashboard/index.d.ts +24 -0
  29. package/dist/analyzers/dashboard/index.d.ts.map +1 -0
  30. package/dist/analyzers/dashboard/index.js +667 -0
  31. package/dist/analyzers/dashboard/index.js.map +1 -0
  32. package/dist/analyzers/developer/gather.d.ts.map +1 -1
  33. package/dist/analyzers/developer/gather.js +205 -37
  34. package/dist/analyzers/developer/gather.js.map +1 -1
  35. package/dist/analyzers/developer/index.d.ts +1 -1
  36. package/dist/analyzers/developer/index.d.ts.map +1 -1
  37. package/dist/analyzers/developer/index.js +21 -9
  38. package/dist/analyzers/developer/index.js.map +1 -1
  39. package/dist/analyzers/dispatcher.d.ts +52 -0
  40. package/dist/analyzers/dispatcher.d.ts.map +1 -1
  41. package/dist/analyzers/dispatcher.js +92 -9
  42. package/dist/analyzers/dispatcher.js.map +1 -1
  43. package/dist/analyzers/docs/shallow.d.ts +17 -5
  44. package/dist/analyzers/docs/shallow.d.ts.map +1 -1
  45. package/dist/analyzers/docs/shallow.js +65 -2
  46. package/dist/analyzers/docs/shallow.js.map +1 -1
  47. package/dist/analyzers/dx/shallow.d.ts +17 -5
  48. package/dist/analyzers/dx/shallow.d.ts.map +1 -1
  49. package/dist/analyzers/dx/shallow.js +66 -2
  50. package/dist/analyzers/dx/shallow.js.map +1 -1
  51. package/dist/analyzers/health/actions.d.ts +1 -1
  52. package/dist/analyzers/health/actions.d.ts.map +1 -1
  53. package/dist/analyzers/health/actions.js +27 -9
  54. package/dist/analyzers/health/actions.js.map +1 -1
  55. package/dist/analyzers/health/detailed.d.ts +2 -1
  56. package/dist/analyzers/health/detailed.d.ts.map +1 -1
  57. package/dist/analyzers/health/detailed.js +11 -7
  58. package/dist/analyzers/health/detailed.js.map +1 -1
  59. package/dist/analyzers/health.d.ts +27 -0
  60. package/dist/analyzers/health.d.ts.map +1 -1
  61. package/dist/analyzers/health.js +282 -34
  62. package/dist/analyzers/health.js.map +1 -1
  63. package/dist/analyzers/licenses/gather.d.ts +35 -8
  64. package/dist/analyzers/licenses/gather.d.ts.map +1 -1
  65. package/dist/analyzers/licenses/gather.js +86 -13
  66. package/dist/analyzers/licenses/gather.js.map +1 -1
  67. package/dist/analyzers/licenses/index.d.ts +1 -1
  68. package/dist/analyzers/licenses/index.d.ts.map +1 -1
  69. package/dist/analyzers/licenses/index.js +52 -11
  70. package/dist/analyzers/licenses/index.js.map +1 -1
  71. package/dist/analyzers/licenses/types.d.ts +15 -0
  72. package/dist/analyzers/licenses/types.d.ts.map +1 -1
  73. package/dist/analyzers/maintainability/shallow.d.ts +17 -5
  74. package/dist/analyzers/maintainability/shallow.d.ts.map +1 -1
  75. package/dist/analyzers/maintainability/shallow.js +80 -2
  76. package/dist/analyzers/maintainability/shallow.js.map +1 -1
  77. package/dist/analyzers/quality/detailed.d.ts.map +1 -1
  78. package/dist/analyzers/quality/detailed.js +4 -6
  79. package/dist/analyzers/quality/detailed.js.map +1 -1
  80. package/dist/analyzers/quality/gather.d.ts +1 -14
  81. package/dist/analyzers/quality/gather.d.ts.map +1 -1
  82. package/dist/analyzers/quality/gather.js +48 -137
  83. package/dist/analyzers/quality/gather.js.map +1 -1
  84. package/dist/analyzers/quality/index.d.ts +9 -2
  85. package/dist/analyzers/quality/index.d.ts.map +1 -1
  86. package/dist/analyzers/quality/index.js +197 -117
  87. package/dist/analyzers/quality/index.js.map +1 -1
  88. package/dist/analyzers/quality/shallow.d.ts +50 -5
  89. package/dist/analyzers/quality/shallow.d.ts.map +1 -1
  90. package/dist/analyzers/quality/shallow.js +155 -2
  91. package/dist/analyzers/quality/shallow.js.map +1 -1
  92. package/dist/analyzers/quality/types.d.ts +14 -0
  93. package/dist/analyzers/quality/types.d.ts.map +1 -1
  94. package/dist/analyzers/security/actions.d.ts +11 -4
  95. package/dist/analyzers/security/actions.d.ts.map +1 -1
  96. package/dist/analyzers/security/actions.js +87 -37
  97. package/dist/analyzers/security/actions.js.map +1 -1
  98. package/dist/analyzers/security/aggregator.d.ts +236 -0
  99. package/dist/analyzers/security/aggregator.d.ts.map +1 -0
  100. package/dist/analyzers/security/aggregator.js +349 -0
  101. package/dist/analyzers/security/aggregator.js.map +1 -0
  102. package/dist/analyzers/security/detailed.d.ts +2 -2
  103. package/dist/analyzers/security/detailed.d.ts.map +1 -1
  104. package/dist/analyzers/security/detailed.js +10 -9
  105. package/dist/analyzers/security/detailed.js.map +1 -1
  106. package/dist/analyzers/security/gather.d.ts +104 -1
  107. package/dist/analyzers/security/gather.d.ts.map +1 -1
  108. package/dist/analyzers/security/gather.js +299 -9
  109. package/dist/analyzers/security/gather.js.map +1 -1
  110. package/dist/analyzers/security/index.d.ts +15 -0
  111. package/dist/analyzers/security/index.d.ts.map +1 -1
  112. package/dist/analyzers/security/index.js +463 -50
  113. package/dist/analyzers/security/index.js.map +1 -1
  114. package/dist/analyzers/security/shallow.d.ts +50 -6
  115. package/dist/analyzers/security/shallow.d.ts.map +1 -1
  116. package/dist/analyzers/security/shallow.js +154 -2
  117. package/dist/analyzers/security/shallow.js.map +1 -1
  118. package/dist/analyzers/security/types.d.ts +51 -0
  119. package/dist/analyzers/security/types.d.ts.map +1 -1
  120. package/dist/analyzers/tests/detailed.d.ts.map +1 -1
  121. package/dist/analyzers/tests/detailed.js +2 -3
  122. package/dist/analyzers/tests/detailed.js.map +1 -1
  123. package/dist/analyzers/tests/gather.d.ts +2 -1
  124. package/dist/analyzers/tests/gather.d.ts.map +1 -1
  125. package/dist/analyzers/tests/gather.js +98 -69
  126. package/dist/analyzers/tests/gather.js.map +1 -1
  127. package/dist/analyzers/tests/index.d.ts +11 -2
  128. package/dist/analyzers/tests/index.d.ts.map +1 -1
  129. package/dist/analyzers/tests/index.js +83 -18
  130. package/dist/analyzers/tests/index.js.map +1 -1
  131. package/dist/analyzers/tests/shallow.d.ts +19 -5
  132. package/dist/analyzers/tests/shallow.d.ts.map +1 -1
  133. package/dist/analyzers/tests/shallow.js +89 -2
  134. package/dist/analyzers/tests/shallow.js.map +1 -1
  135. package/dist/analyzers/tests/types.d.ts +41 -1
  136. package/dist/analyzers/tests/types.d.ts.map +1 -1
  137. package/dist/analyzers/tools/autogen-header.d.ts +8 -0
  138. package/dist/analyzers/tools/autogen-header.d.ts.map +1 -0
  139. package/dist/analyzers/tools/autogen-header.js +107 -0
  140. package/dist/analyzers/tools/autogen-header.js.map +1 -0
  141. package/dist/analyzers/tools/cloc.d.ts.map +1 -1
  142. package/dist/analyzers/tools/cloc.js +36 -5
  143. package/dist/analyzers/tools/cloc.js.map +1 -1
  144. package/dist/analyzers/tools/deadline.d.ts +67 -0
  145. package/dist/analyzers/tools/deadline.d.ts.map +1 -0
  146. package/dist/analyzers/tools/deadline.js +81 -0
  147. package/dist/analyzers/tools/deadline.js.map +1 -0
  148. package/dist/analyzers/tools/debug-statements.d.ts +17 -0
  149. package/dist/analyzers/tools/debug-statements.d.ts.map +1 -0
  150. package/dist/analyzers/tools/debug-statements.js +58 -0
  151. package/dist/analyzers/tools/debug-statements.js.map +1 -0
  152. package/dist/analyzers/tools/default-exclusions.gitignore +28 -0
  153. package/dist/analyzers/tools/exclusions.d.ts +33 -6
  154. package/dist/analyzers/tools/exclusions.d.ts.map +1 -1
  155. package/dist/analyzers/tools/exclusions.js +95 -26
  156. package/dist/analyzers/tools/exclusions.js.map +1 -1
  157. package/dist/analyzers/tools/generic.d.ts +17 -2
  158. package/dist/analyzers/tools/generic.d.ts.map +1 -1
  159. package/dist/analyzers/tools/generic.js +206 -109
  160. package/dist/analyzers/tools/generic.js.map +1 -1
  161. package/dist/analyzers/tools/gitleaks.d.ts.map +1 -1
  162. package/dist/analyzers/tools/gitleaks.js +48 -1
  163. package/dist/analyzers/tools/gitleaks.js.map +1 -1
  164. package/dist/analyzers/tools/graphify.d.ts +30 -2
  165. package/dist/analyzers/tools/graphify.d.ts.map +1 -1
  166. package/dist/analyzers/tools/graphify.js +131 -15
  167. package/dist/analyzers/tools/graphify.js.map +1 -1
  168. package/dist/analyzers/tools/jscpd.d.ts +12 -2
  169. package/dist/analyzers/tools/jscpd.d.ts.map +1 -1
  170. package/dist/analyzers/tools/jscpd.js +129 -6
  171. package/dist/analyzers/tools/jscpd.js.map +1 -1
  172. package/dist/analyzers/tools/lint-label.d.ts +29 -0
  173. package/dist/analyzers/tools/lint-label.d.ts.map +1 -0
  174. package/dist/analyzers/tools/lint-label.js +23 -0
  175. package/dist/analyzers/tools/lint-label.js.map +1 -0
  176. package/dist/analyzers/tools/minified-detection.d.ts +9 -0
  177. package/dist/analyzers/tools/minified-detection.d.ts.map +1 -0
  178. package/dist/analyzers/tools/minified-detection.js +147 -0
  179. package/dist/analyzers/tools/minified-detection.js.map +1 -0
  180. package/dist/analyzers/tools/nuget-package-reference.d.ts +133 -0
  181. package/dist/analyzers/tools/nuget-package-reference.d.ts.map +1 -0
  182. package/dist/analyzers/tools/nuget-package-reference.js +177 -0
  183. package/dist/analyzers/tools/nuget-package-reference.js.map +1 -0
  184. package/dist/analyzers/tools/osv-scanner-deps.d.ts +3 -2
  185. package/dist/analyzers/tools/osv-scanner-deps.d.ts.map +1 -1
  186. package/dist/analyzers/tools/osv-scanner-deps.js +32 -14
  187. package/dist/analyzers/tools/osv-scanner-deps.js.map +1 -1
  188. package/dist/analyzers/tools/osv.d.ts +36 -0
  189. package/dist/analyzers/tools/osv.d.ts.map +1 -1
  190. package/dist/analyzers/tools/osv.js +26 -0
  191. package/dist/analyzers/tools/osv.js.map +1 -1
  192. package/dist/analyzers/tools/parallel.d.ts +1 -1
  193. package/dist/analyzers/tools/parallel.d.ts.map +1 -1
  194. package/dist/analyzers/tools/parallel.js +2 -2
  195. package/dist/analyzers/tools/parallel.js.map +1 -1
  196. package/dist/analyzers/tools/report-date.d.ts +17 -0
  197. package/dist/analyzers/tools/report-date.d.ts.map +1 -0
  198. package/dist/analyzers/tools/report-date.js +26 -0
  199. package/dist/analyzers/tools/report-date.js.map +1 -0
  200. package/dist/analyzers/tools/risk-score.d.ts +7 -0
  201. package/dist/analyzers/tools/risk-score.d.ts.map +1 -1
  202. package/dist/analyzers/tools/risk-score.js +9 -2
  203. package/dist/analyzers/tools/risk-score.js.map +1 -1
  204. package/dist/analyzers/tools/run-tests-helper.d.ts +43 -0
  205. package/dist/analyzers/tools/run-tests-helper.d.ts.map +1 -0
  206. package/dist/analyzers/tools/run-tests-helper.js +156 -0
  207. package/dist/analyzers/tools/run-tests-helper.js.map +1 -0
  208. package/dist/analyzers/tools/runner.d.ts.map +1 -1
  209. package/dist/analyzers/tools/runner.js +75 -12
  210. package/dist/analyzers/tools/runner.js.map +1 -1
  211. package/dist/analyzers/tools/semgrep.d.ts +39 -2
  212. package/dist/analyzers/tools/semgrep.d.ts.map +1 -1
  213. package/dist/analyzers/tools/semgrep.js +131 -9
  214. package/dist/analyzers/tools/semgrep.js.map +1 -1
  215. package/dist/analyzers/tools/timing.d.ts +17 -3
  216. package/dist/analyzers/tools/timing.d.ts.map +1 -1
  217. package/dist/analyzers/tools/timing.js +36 -14
  218. package/dist/analyzers/tools/timing.js.map +1 -1
  219. package/dist/analyzers/tools/tool-registry.d.ts.map +1 -1
  220. package/dist/analyzers/tools/tool-registry.js +11 -1
  221. package/dist/analyzers/tools/tool-registry.js.map +1 -1
  222. package/dist/analyzers/tools/tools-unavailable-prose.d.ts +18 -0
  223. package/dist/analyzers/tools/tools-unavailable-prose.d.ts.map +1 -0
  224. package/dist/analyzers/tools/tools-unavailable-prose.js +69 -0
  225. package/dist/analyzers/tools/tools-unavailable-prose.js.map +1 -0
  226. package/dist/analyzers/tools/upgrade-plan-resolver.d.ts.map +1 -1
  227. package/dist/analyzers/tools/upgrade-plan-resolver.js +7 -0
  228. package/dist/analyzers/tools/upgrade-plan-resolver.js.map +1 -1
  229. package/dist/analyzers/tools/vendored-advisor.d.ts +43 -0
  230. package/dist/analyzers/tools/vendored-advisor.d.ts.map +1 -0
  231. package/dist/analyzers/tools/vendored-advisor.js +107 -0
  232. package/dist/analyzers/tools/vendored-advisor.js.map +1 -0
  233. package/dist/analyzers/tools/walk-paths.d.ts +78 -0
  234. package/dist/analyzers/tools/walk-paths.d.ts.map +1 -0
  235. package/dist/analyzers/tools/walk-paths.js +150 -0
  236. package/dist/analyzers/tools/walk-paths.js.map +1 -0
  237. package/dist/analyzers/tools/walk-source-files.d.ts +70 -0
  238. package/dist/analyzers/tools/walk-source-files.d.ts.map +1 -0
  239. package/dist/analyzers/tools/walk-source-files.js +369 -0
  240. package/dist/analyzers/tools/walk-source-files.js.map +1 -0
  241. package/dist/analyzers/types.d.ts +204 -4
  242. package/dist/analyzers/types.d.ts.map +1 -1
  243. package/dist/analyzers/xlsx/bom.d.ts.map +1 -1
  244. package/dist/analyzers/xlsx/bom.js +8 -1
  245. package/dist/analyzers/xlsx/bom.js.map +1 -1
  246. package/dist/cli.d.ts.map +1 -1
  247. package/dist/cli.js +581 -189
  248. package/dist/cli.js.map +1 -1
  249. package/dist/detect.d.ts.map +1 -1
  250. package/dist/detect.js +24 -7
  251. package/dist/detect.js.map +1 -1
  252. package/dist/doctor.d.ts.map +1 -1
  253. package/dist/doctor.js +103 -53
  254. package/dist/doctor.js.map +1 -1
  255. package/dist/languages/capabilities/provider.d.ts +130 -1
  256. package/dist/languages/capabilities/provider.d.ts.map +1 -1
  257. package/dist/languages/capabilities/types.d.ts +68 -7
  258. package/dist/languages/capabilities/types.d.ts.map +1 -1
  259. package/dist/languages/csharp.d.ts +15 -1
  260. package/dist/languages/csharp.d.ts.map +1 -1
  261. package/dist/languages/csharp.js +624 -146
  262. package/dist/languages/csharp.js.map +1 -1
  263. package/dist/languages/go.d.ts.map +1 -1
  264. package/dist/languages/go.js +89 -11
  265. package/dist/languages/go.js.map +1 -1
  266. package/dist/languages/index.d.ts +132 -2
  267. package/dist/languages/index.d.ts.map +1 -1
  268. package/dist/languages/index.js +207 -0
  269. package/dist/languages/index.js.map +1 -1
  270. package/dist/languages/java.d.ts.map +1 -1
  271. package/dist/languages/java.js +113 -26
  272. package/dist/languages/java.js.map +1 -1
  273. package/dist/languages/kotlin.d.ts.map +1 -1
  274. package/dist/languages/kotlin.js +132 -26
  275. package/dist/languages/kotlin.js.map +1 -1
  276. package/dist/languages/python.d.ts.map +1 -1
  277. package/dist/languages/python.js +149 -44
  278. package/dist/languages/python.js.map +1 -1
  279. package/dist/languages/ruby.d.ts +39 -1
  280. package/dist/languages/ruby.d.ts.map +1 -1
  281. package/dist/languages/ruby.js +178 -44
  282. package/dist/languages/ruby.js.map +1 -1
  283. package/dist/languages/rust.d.ts.map +1 -1
  284. package/dist/languages/rust.js +103 -16
  285. package/dist/languages/rust.js.map +1 -1
  286. package/dist/languages/types.d.ts +228 -5
  287. package/dist/languages/types.d.ts.map +1 -1
  288. package/dist/languages/typescript.d.ts.map +1 -1
  289. package/dist/languages/typescript.js +201 -14
  290. package/dist/languages/typescript.js.map +1 -1
  291. package/dist/scoring/dimensions/documentation.d.ts +53 -0
  292. package/dist/scoring/dimensions/documentation.d.ts.map +1 -0
  293. package/dist/scoring/dimensions/documentation.js +106 -0
  294. package/dist/scoring/dimensions/documentation.js.map +1 -0
  295. package/dist/scoring/dimensions/dx.d.ts +53 -0
  296. package/dist/scoring/dimensions/dx.d.ts.map +1 -0
  297. package/dist/scoring/dimensions/dx.js +105 -0
  298. package/dist/scoring/dimensions/dx.js.map +1 -0
  299. package/dist/scoring/dimensions/maintainability.d.ts +53 -0
  300. package/dist/scoring/dimensions/maintainability.d.ts.map +1 -0
  301. package/dist/scoring/dimensions/maintainability.js +101 -0
  302. package/dist/scoring/dimensions/maintainability.js.map +1 -0
  303. package/dist/scoring/dimensions/quality.d.ts +108 -0
  304. package/dist/scoring/dimensions/quality.d.ts.map +1 -0
  305. package/dist/scoring/dimensions/quality.js +174 -0
  306. package/dist/scoring/dimensions/quality.js.map +1 -0
  307. package/dist/scoring/dimensions/security.d.ts +84 -0
  308. package/dist/scoring/dimensions/security.d.ts.map +1 -0
  309. package/dist/scoring/dimensions/security.js +135 -0
  310. package/dist/scoring/dimensions/security.js.map +1 -0
  311. package/dist/scoring/dimensions/testing.d.ts +56 -0
  312. package/dist/scoring/dimensions/testing.d.ts.map +1 -0
  313. package/dist/scoring/dimensions/testing.js +98 -0
  314. package/dist/scoring/dimensions/testing.js.map +1 -0
  315. package/dist/scoring/evaluator.d.ts +27 -0
  316. package/dist/scoring/evaluator.d.ts.map +1 -0
  317. package/dist/scoring/evaluator.js +124 -0
  318. package/dist/scoring/evaluator.js.map +1 -0
  319. package/dist/scoring/format.d.ts +34 -0
  320. package/dist/scoring/format.d.ts.map +1 -0
  321. package/dist/scoring/format.js +63 -0
  322. package/dist/scoring/format.js.map +1 -0
  323. package/dist/scoring/index.d.ts +37 -0
  324. package/dist/scoring/index.d.ts.map +1 -0
  325. package/dist/scoring/index.js +57 -0
  326. package/dist/scoring/index.js.map +1 -0
  327. package/dist/scoring/overall.d.ts +54 -0
  328. package/dist/scoring/overall.d.ts.map +1 -0
  329. package/dist/scoring/overall.js +76 -0
  330. package/dist/scoring/overall.js.map +1 -0
  331. package/dist/scoring/result.d.ts +111 -0
  332. package/dist/scoring/result.d.ts.map +1 -0
  333. package/dist/scoring/result.js +14 -0
  334. package/dist/scoring/result.js.map +1 -0
  335. package/dist/scoring/spec.d.ts +76 -0
  336. package/dist/scoring/spec.d.ts.map +1 -0
  337. package/dist/scoring/spec.js +22 -0
  338. package/dist/scoring/spec.js.map +1 -0
  339. package/dist/scoring/thresholds.d.ts +56 -0
  340. package/dist/scoring/thresholds.d.ts.map +1 -0
  341. package/dist/scoring/thresholds.js +75 -0
  342. package/dist/scoring/thresholds.js.map +1 -0
  343. package/dist/tools-cli.d.ts.map +1 -1
  344. package/dist/tools-cli.js +21 -2
  345. package/dist/tools-cli.js.map +1 -1
  346. package/dist/types.d.ts +16 -0
  347. package/dist/types.d.ts.map +1 -1
  348. package/package.json +1 -1
  349. package/templates/.claude/commands/dashboard.md +17 -9
  350. package/dist/analyzers/scoring.d.ts +0 -49
  351. package/dist/analyzers/scoring.d.ts.map +0 -1
  352. package/dist/analyzers/scoring.js +0 -422
  353. package/dist/analyzers/scoring.js.map +0 -1
  354. package/dist/analyzers/security/scoring.d.ts +0 -29
  355. package/dist/analyzers/security/scoring.d.ts.map +0 -1
  356. package/dist/analyzers/security/scoring.js +0 -40
  357. package/dist/analyzers/security/scoring.js.map +0 -1
@@ -1,8 +1,95 @@
1
1
  "use strict";
2
2
  Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.toTestingScoreInput = toTestingScoreInput;
4
+ exports.scoreTestFromScoreInput = scoreTestFromScoreInput;
3
5
  exports.scoreTestsDimension = scoreTestsDimension;
4
- const scoring_1 = require("../scoring");
6
+ /**
7
+ * Testing dimension — health-side adapter over the declarative
8
+ * testing scoring spec.
9
+ *
10
+ * Builds `TestingScoreInput` from the health-side `ScoreInput`
11
+ * (HealthMetrics + CapabilityReport) and dispatches through
12
+ * `evaluateSpec`. The resulting `DimensionScore` carries the score,
13
+ * rating letter, full provenance (deductions, capsApplied,
14
+ * topActions), and the dimension-specific metrics + details surfaced
15
+ * in the health audit's markdown.
16
+ */
17
+ const scoring_1 = require("../../scoring");
18
+ function coveragePercentFrom(c) {
19
+ const raw = c.coverage?.coverage.linePercent;
20
+ return raw === undefined ? null : Math.round(raw);
21
+ }
22
+ function toTestingScoreInput(input) {
23
+ const m = input.metrics;
24
+ const c = input.capabilities;
25
+ return {
26
+ sourceFiles: m.sourceFiles,
27
+ testFiles: m.testFiles,
28
+ coverageConfigExists: m.coverageConfigExists,
29
+ testsPass: m.testsPass,
30
+ coveragePercent: coveragePercentFrom(c),
31
+ commentedCodeRatio: c.structural?.commentedCodeRatio ?? null,
32
+ };
33
+ }
34
+ /**
35
+ * Score-only adapter for the health remediation planner. Mirrors
36
+ * `scoreSecurityFromScoreInput` / `scoreQualityFromScoreInput` so
37
+ * `health/actions.ts` stays symmetric across dimensions.
38
+ */
39
+ function scoreTestFromScoreInput(input) {
40
+ return (0, scoring_1.evaluateSpec)(scoring_1.TESTING_SCORING_SPEC, toTestingScoreInput(input));
41
+ }
5
42
  function scoreTestsDimension(input) {
6
- return (0, scoring_1.scoreTest)(input);
43
+ const m = input.metrics;
44
+ const c = input.capabilities;
45
+ const scoreInput = toTestingScoreInput(input);
46
+ const result = (0, scoring_1.evaluateSpec)(scoring_1.TESTING_SCORING_SPEC, scoreInput);
47
+ const score = result.score;
48
+ const testRatio = m.testFiles / Math.max(m.sourceFiles, 1);
49
+ const coveragePercent = scoreInput.coveragePercent;
50
+ const testFramework = c.testFramework?.name ?? null;
51
+ const commentedCodeRatio = scoreInput.commentedCodeRatio;
52
+ return {
53
+ score,
54
+ maxScore: 100,
55
+ rating: (0, scoring_1.ratingFromScore)(score),
56
+ rawScore: result.rawScore,
57
+ rawPenalty: result.rawPenalty,
58
+ methodology: result.methodology,
59
+ deductions: result.deductions,
60
+ capsApplied: result.capsApplied,
61
+ topActions: result.topActions,
62
+ // Schema v11: `metrics` surfaces only the non-capability signals.
63
+ // Capability-owned values (coverage / testFramework / structural)
64
+ // live in `report.capabilities.*` so downstream consumers read
65
+ // them from one place.
66
+ metrics: {
67
+ sourceFiles: m.sourceFiles,
68
+ testFiles: m.testFiles,
69
+ testRatio: Math.round(testRatio * 100) / 100,
70
+ testsPass: m.testsPass,
71
+ coverageConfigExists: m.coverageConfigExists,
72
+ },
73
+ details: m.testFiles === 0
74
+ ? `No test files found across ${m.sourceFiles} source files. 0% test coverage.`
75
+ : `${m.testFiles} test files for ${m.sourceFiles} source files (ratio: ${(testRatio * 100).toFixed(1)}%). ` +
76
+ `Tests ${m.testsPass === true ? 'pass' : m.testsPass === false ? 'fail' : 'not run'}. ` +
77
+ (coveragePercent !== null ? `Coverage: ${coveragePercent}%. ` : 'No coverage data. ') +
78
+ // Always surface framework state explicitly. A silent omission
79
+ // when detection fails reads as "no framework needed" rather
80
+ // than "we couldn't infer it" — the latter is actionable
81
+ // (configure the test runner; report a detection gap).
82
+ `Framework: ${testFramework || 'not detected'}.` +
83
+ // When tests are detected but haven't executed AND no coverage
84
+ // artifact is on disk, the customer's next step is to run
85
+ // dxkit's coverage subcommand — surface that explicitly so
86
+ // "0% coverage" doesn't read as an indictment of the codebase.
87
+ (m.testsPass === null && coveragePercent === null
88
+ ? ' Run `vyuh-dxkit coverage` to materialize test execution + coverage data.'
89
+ : '') +
90
+ (commentedCodeRatio !== null && commentedCodeRatio > 0.5
91
+ ? ` Warning: ${(commentedCodeRatio * 100).toFixed(0)}% of source files appear to contain only comments.`
92
+ : ''),
93
+ };
7
94
  }
8
95
  //# sourceMappingURL=shallow.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"shallow.js","sourceRoot":"","sources":["../../../src/analyzers/tests/shallow.ts"],"names":[],"mappings":";;AASA,kDAEC;AAJD,wCAAmD;AAEnD,SAAgB,mBAAmB,CAAC,KAAiB;IACnD,OAAO,IAAA,mBAAS,EAAC,KAAK,CAAC,CAAC;AAC1B,CAAC"}
1
+ {"version":3,"file":"shallow.js","sourceRoot":"","sources":["../../../src/analyzers/tests/shallow.ts"],"names":[],"mappings":";;AAyBA,kDAWC;AAOD,0DAEC;AAED,kDAuDC;AAtGD;;;;;;;;;;GAUG;AACH,2CAKuB;AAIvB,SAAS,mBAAmB,CAAC,CAAmB;IAC9C,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,EAAE,QAAQ,CAAC,WAAW,CAAC;IAC7C,OAAO,GAAG,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;AACpD,CAAC;AAED,SAAgB,mBAAmB,CAAC,KAAiB;IACnD,MAAM,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC;IACxB,MAAM,CAAC,GAAG,KAAK,CAAC,YAAY,CAAC;IAC7B,OAAO;QACL,WAAW,EAAE,CAAC,CAAC,WAAW;QAC1B,SAAS,EAAE,CAAC,CAAC,SAAS;QACtB,oBAAoB,EAAE,CAAC,CAAC,oBAAoB;QAC5C,SAAS,EAAE,CAAC,CAAC,SAAS;QACtB,eAAe,EAAE,mBAAmB,CAAC,CAAC,CAAC;QACvC,kBAAkB,EAAE,CAAC,CAAC,UAAU,EAAE,kBAAkB,IAAI,IAAI;KAC7D,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,SAAgB,uBAAuB,CAAC,KAAiB;IACvD,OAAO,IAAA,sBAAY,EAAC,8BAAoB,EAAE,mBAAmB,CAAC,KAAK,CAAC,CAAC,CAAC;AACxE,CAAC;AAED,SAAgB,mBAAmB,CAAC,KAAiB;IACnD,MAAM,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC;IACxB,MAAM,CAAC,GAAG,KAAK,CAAC,YAAY,CAAC;IAC7B,MAAM,UAAU,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC;IAC9C,MAAM,MAAM,GAAG,IAAA,sBAAY,EAAC,8BAAoB,EAAE,UAAU,CAAC,CAAC;IAC9D,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC;IAE3B,MAAM,SAAS,GAAG,CAAC,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IAC3D,MAAM,eAAe,GAAG,UAAU,CAAC,eAAe,CAAC;IACnD,MAAM,aAAa,GAAG,CAAC,CAAC,aAAa,EAAE,IAAI,IAAI,IAAI,CAAC;IACpD,MAAM,kBAAkB,GAAG,UAAU,CAAC,kBAAkB,CAAC;IAEzD,OAAO;QACL,KAAK;QACL,QAAQ,EAAE,GAAG;QACb,MAAM,EAAE,IAAA,yBAAe,EAAC,KAAK,CAAC;QAC9B,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,kEAAkE;QAClE,kEAAkE;QAClE,+DAA+D;QAC/D,uBAAuB;QACvB,OAAO,EAAE;YACP,WAAW,EAAE,CAAC,CAAC,WAAW;YAC1B,SAAS,EAAE,CAAC,CAAC,SAAS;YACtB,SAAS,EAAE,IAAI,CAAC,KAAK,CAAC,SAAS,GAAG,GAAG,CAAC,GAAG,GAAG;YAC5C,SAAS,EAAE,CAAC,CAAC,SAAS;YACtB,oBAAoB,EAAE,CAAC,CAAC,oBAAoB;SAC7C;QACD,OAAO,EACL,CAAC,CAAC,SAAS,KAAK,CAAC;YACf,CAAC,CAAC,8BAA8B,CAAC,CAAC,WAAW,kCAAkC;YAC/E,CAAC,CAAC,GAAG,CAAC,CAAC,SAAS,mBAAmB,CAAC,CAAC,WAAW,yBAAyB,CAAC,SAAS,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM;gBACzG,SAAS,CAAC,CAAC,SAAS,KAAK,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,KAAK,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,IAAI;gBACvF,CAAC,eAAe,KAAK,IAAI,CAAC,CAAC,CAAC,aAAa,eAAe,KAAK,CAAC,CAAC,CAAC,oBAAoB,CAAC;gBACrF,+DAA+D;gBAC/D,6DAA6D;gBAC7D,yDAAyD;gBACzD,uDAAuD;gBACvD,cAAc,aAAa,IAAI,cAAc,GAAG;gBAChD,+DAA+D;gBAC/D,0DAA0D;gBAC1D,2DAA2D;gBAC3D,+DAA+D;gBAC/D,CAAC,CAAC,CAAC,SAAS,KAAK,IAAI,IAAI,eAAe,KAAK,IAAI;oBAC/C,CAAC,CAAC,2EAA2E;oBAC7E,CAAC,CAAC,EAAE,CAAC;gBACP,CAAC,kBAAkB,KAAK,IAAI,IAAI,kBAAkB,GAAG,GAAG;oBACtD,CAAC,CAAC,aAAa,CAAC,kBAAkB,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,oDAAoD;oBACxG,CAAC,CAAC,EAAE,CAAC;KACd,CAAC;AACJ,CAAC"}
@@ -10,7 +10,18 @@ export interface TestFile {
10
10
  export interface SourceFile {
11
11
  path: string;
12
12
  lines: number;
13
- type: 'controller' | 'service' | 'interceptor' | 'model' | 'repository' | 'other';
13
+ /**
14
+ * Architectural-role label drawn from the path segment that matched
15
+ * an active language pack's `architecturalShape` contribution. Pre-
16
+ * extension this was a closed union with backend-shaped values
17
+ * (`'controller' | 'service' | 'interceptor' | 'model' |
18
+ * 'repository' | 'other'`). Post-extension the values come from
19
+ * the matched path pattern (e.g. `'Forms'` for a csharp WinForms
20
+ * file, `'components'` for a React component), so the field is a
21
+ * free string with `'other'` as the fallback when no pack pattern
22
+ * matches.
23
+ */
24
+ type: string;
14
25
  risk: RiskTier;
15
26
  hasMatchingTest: boolean;
16
27
  }
@@ -26,6 +37,29 @@ export interface SourceFile {
26
37
  */
27
38
  import type { CoverageSource as ArtifactCoverageSource } from '../tools/coverage';
28
39
  export type CoverageSource = ArtifactCoverageSource | 'filename-match' | 'import-graph';
40
+ /**
41
+ * D021 (sub-branch #6, 2.4.7): tier-classification of `coverageSource`.
42
+ * Surfaces the trust level of `effectiveCoverage` so reports + the
43
+ * dashboard can warn users when the headline is heuristic vs ground-truth.
44
+ *
45
+ * `line-coverage` — real artifact (istanbul, coverage-py, jacoco,
46
+ * simplecov, lcov, cobertura, go, ...). The percent
47
+ * is line-coverage truth — what your test run
48
+ * actually exercised.
49
+ * `import-graph` — derived from test files' import edges (up to N
50
+ * hops). Stronger than filename-match because
51
+ * it follows real call paths, but it doesn't know
52
+ * what actually executed at runtime.
53
+ * `filename-match`— share of source files with a name-matched test.
54
+ * Pure heuristic: a 200-line file with a 5-line
55
+ * test passes the predicate. Install a coverage
56
+ * pipeline to get line-level truth.
57
+ *
58
+ * Computed deterministically from `coverageSource` via
59
+ * `tierFromCoverageSource()` in `tests/index.ts`; no separate input
60
+ * needed.
61
+ */
62
+ export type CoverageFidelity = 'line-coverage' | 'import-graph' | 'filename-match';
29
63
  export interface TestGapsReport {
30
64
  repo: string;
31
65
  analyzedAt: string;
@@ -43,6 +77,12 @@ export interface TestGapsReport {
43
77
  effectiveCoverage: number;
44
78
  /** Which signal produced `effectiveCoverage`. */
45
79
  coverageSource: CoverageSource;
80
+ /**
81
+ * D021 (2.4.7): tier-classification of `coverageSource` so consumers
82
+ * can render trust banners + filter on heuristic-vs-ground-truth
83
+ * without re-parsing the source string. See `CoverageFidelity`.
84
+ */
85
+ coverageFidelity: CoverageFidelity;
46
86
  /** Project-relative path of the artifact, when one was used. */
47
87
  coverageSourceFile?: string;
48
88
  sourceFiles: number;
@@ -1 +1 @@
1
- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tests/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAE9D,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,QAAQ,GAAG,eAAe,GAAG,OAAO,GAAG,aAAa,CAAC;IAC7D,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,YAAY,GAAG,SAAS,GAAG,aAAa,GAAG,OAAO,GAAG,YAAY,GAAG,OAAO,CAAC;IAClF,IAAI,EAAE,QAAQ,CAAC;IACf,eAAe,EAAE,OAAO,CAAC;CAC1B;AAED;;;;;;;;;GASG;AACH,OAAO,KAAK,EAAE,cAAc,IAAI,sBAAsB,EAAE,MAAM,mBAAmB,CAAC;AAElF,MAAM,MAAM,cAAc,GACtB,sBAAsB,GACtB,gBAAgB,GAChB,cAAc,CAAC;AAEnB,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE;QACP,SAAS,EAAE,MAAM,CAAC;QAClB,eAAe,EAAE,MAAM,CAAC;QACxB,iBAAiB,EAAE,MAAM,CAAC;QAC1B;;;;WAIG;QACH,iBAAiB,EAAE,MAAM,CAAC;QAC1B,iDAAiD;QACjD,cAAc,EAAE,cAAc,CAAC;QAC/B,gEAAgE;QAChE,kBAAkB,CAAC,EAAE,MAAM,CAAC;QAC5B,WAAW,EAAE,MAAM,CAAC;QACpB,gBAAgB,EAAE,MAAM,CAAC;QACzB,YAAY,EAAE,MAAM,CAAC;QACrB,cAAc,EAAE,MAAM,CAAC;QACvB,WAAW,EAAE,MAAM,CAAC;KACrB,CAAC;IACF,SAAS,EAAE,QAAQ,EAAE,CAAC;IACtB,IAAI,EAAE,UAAU,EAAE,CAAC;IACnB,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,gBAAgB,EAAE,MAAM,EAAE,CAAC;CAC5B"}
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tests/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAE9D,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,QAAQ,GAAG,eAAe,GAAG,OAAO,GAAG,aAAa,CAAC;IAC7D,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd;;;;;;;;;;OAUG;IACH,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,QAAQ,CAAC;IACf,eAAe,EAAE,OAAO,CAAC;CAC1B;AAED;;;;;;;;;GASG;AACH,OAAO,KAAK,EAAE,cAAc,IAAI,sBAAsB,EAAE,MAAM,mBAAmB,CAAC;AAElF,MAAM,MAAM,cAAc,GACtB,sBAAsB,GACtB,gBAAgB,GAChB,cAAc,CAAC;AAEnB;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,MAAM,gBAAgB,GAAG,eAAe,GAAG,cAAc,GAAG,gBAAgB,CAAC;AAEnF,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE;QACP,SAAS,EAAE,MAAM,CAAC;QAClB,eAAe,EAAE,MAAM,CAAC;QACxB,iBAAiB,EAAE,MAAM,CAAC;QAC1B;;;;WAIG;QACH,iBAAiB,EAAE,MAAM,CAAC;QAC1B,iDAAiD;QACjD,cAAc,EAAE,cAAc,CAAC;QAC/B;;;;WAIG;QACH,gBAAgB,EAAE,gBAAgB,CAAC;QACnC,gEAAgE;QAChE,kBAAkB,CAAC,EAAE,MAAM,CAAC;QAC5B,WAAW,EAAE,MAAM,CAAC;QACpB,gBAAgB,EAAE,MAAM,CAAC;QACzB,YAAY,EAAE,MAAM,CAAC;QACrB,cAAc,EAAE,MAAM,CAAC;QACvB,WAAW,EAAE,MAAM,CAAC;KACrB,CAAC;IACF,SAAS,EAAE,QAAQ,EAAE,CAAC;IACtB,IAAI,EAAE,UAAU,EAAE,CAAC;IACnB,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,gBAAgB,EAAE,MAAM,EAAE,CAAC;CAC5B"}
@@ -0,0 +1,8 @@
1
+ /**
2
+ * Probe the first ~2KB of `absPath` for a known auto-generated
3
+ * marker. Returns true on match, false otherwise (including on read
4
+ * errors — over-include is preferable to silently dropping unreadable
5
+ * files).
6
+ */
7
+ export declare function isAutogeneratedByHeader(absPath: string): boolean;
8
+ //# sourceMappingURL=autogen-header.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"autogen-header.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/autogen-header.ts"],"names":[],"mappings":"AA4CA;;;;;GAKG;AACH,wBAAgB,uBAAuB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAmBhE"}
@@ -0,0 +1,107 @@
1
+ "use strict";
2
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
3
+ if (k2 === undefined) k2 = k;
4
+ var desc = Object.getOwnPropertyDescriptor(m, k);
5
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
6
+ desc = { enumerable: true, get: function() { return m[k]; } };
7
+ }
8
+ Object.defineProperty(o, k2, desc);
9
+ }) : (function(o, m, k, k2) {
10
+ if (k2 === undefined) k2 = k;
11
+ o[k2] = m[k];
12
+ }));
13
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
14
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
15
+ }) : function(o, v) {
16
+ o["default"] = v;
17
+ });
18
+ var __importStar = (this && this.__importStar) || (function () {
19
+ var ownKeys = function(o) {
20
+ ownKeys = Object.getOwnPropertyNames || function (o) {
21
+ var ar = [];
22
+ for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
23
+ return ar;
24
+ };
25
+ return ownKeys(o);
26
+ };
27
+ return function (mod) {
28
+ if (mod && mod.__esModule) return mod;
29
+ var result = {};
30
+ if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
31
+ __setModuleDefault(result, mod);
32
+ return result;
33
+ };
34
+ })();
35
+ Object.defineProperty(exports, "__esModule", { value: true });
36
+ exports.isAutogeneratedByHeader = isAutogeneratedByHeader;
37
+ /**
38
+ * D028 extension (2.4.7): auto-generated source-file detection via
39
+ * file headers. Complements `LanguageSupport.autogeneratedSourcePatterns`
40
+ * (basename globs like `*.designer.cs`, `*.pb.go`) by catching the
41
+ * harder case: hand-named generated files that don't match any basename
42
+ * pattern.
43
+ *
44
+ * Motivating case: the .NET WinForms benchmark's SAP Business One integration code
45
+ * includes 30+ files named `OWTQ.cs`, `OPCH.cs`, `ADOC.cs`, etc. —
46
+ * each 11,517 lines, generated by SAP's tool chain. None match the
47
+ * standard csharp autogen patterns (no `.designer.cs` / `.g.cs` /
48
+ * `Reference.cs` suffix), so pre-D028-headers they appeared as
49
+ * legitimate source files. They clutter:
50
+ * - test-gaps LOW priority (30 × 11K-line "untested files")
51
+ * - Maintainability "largest file" + "files over 500 lines"
52
+ * - Code Quality function counts (62,271 → likely ~20,000 real)
53
+ *
54
+ * Header markers cover the de-facto industry conventions:
55
+ *
56
+ * `<auto-generated>` .NET MSBuild / WCF / EF Core; appears in
57
+ * XML doc on line 2 of generated .cs files
58
+ * `@generated` Facebook's universal convention; recognised
59
+ * by Phabricator, GitHub's linguist, etc.
60
+ * Used by Hack, JS, Python, Java, more
61
+ * `Code generated by` Go protobuf / stringer / mockgen / cmd/cgo;
62
+ * documented in golang.org/s/generatedcode
63
+ * `Generated by` Common across OpenAPI Generator, GraphQL
64
+ * codegen, Thrift, Avro, etc.
65
+ * `DO NOT EDIT` Near-universal — most autogen tools emit
66
+ * this string somewhere in the first few lines
67
+ * `AUTO-GENERATED` Variant of DO NOT EDIT
68
+ *
69
+ * Read at most the first 2KB of each file (covers >5 lines for any
70
+ * reasonable language) and apply a single regex over the union.
71
+ *
72
+ * Cost: ~4MB of disk I/O for a 4163-file repo (~1KB read per file
73
+ * via the underlying page cache). Negligible vs. the wc-l pass that
74
+ * already reads every file fully.
75
+ */
76
+ const fs = __importStar(require("fs"));
77
+ const AUTOGEN_HEADER_RE = /<auto-generated>|@generated\b|Code generated by\b|Generated by\b|DO NOT EDIT|AUTO-GENERATED/i;
78
+ /**
79
+ * Probe the first ~2KB of `absPath` for a known auto-generated
80
+ * marker. Returns true on match, false otherwise (including on read
81
+ * errors — over-include is preferable to silently dropping unreadable
82
+ * files).
83
+ */
84
+ function isAutogeneratedByHeader(absPath) {
85
+ let fd = null;
86
+ try {
87
+ fd = fs.openSync(absPath, 'r');
88
+ const buf = Buffer.alloc(2048);
89
+ const n = fs.readSync(fd, buf, 0, 2048, 0);
90
+ const head = buf.toString('utf-8', 0, n);
91
+ return AUTOGEN_HEADER_RE.test(head);
92
+ }
93
+ catch {
94
+ return false;
95
+ }
96
+ finally {
97
+ if (fd !== null) {
98
+ try {
99
+ fs.closeSync(fd);
100
+ }
101
+ catch {
102
+ /* ignore */
103
+ }
104
+ }
105
+ }
106
+ }
107
+ //# sourceMappingURL=autogen-header.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"autogen-header.js","sourceRoot":"","sources":["../../../src/analyzers/tools/autogen-header.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAkDA,0DAmBC;AArED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;AACH,uCAAyB;AAEzB,MAAM,iBAAiB,GACrB,8FAA8F,CAAC;AAEjG;;;;;GAKG;AACH,SAAgB,uBAAuB,CAAC,OAAe;IACrD,IAAI,EAAE,GAAkB,IAAI,CAAC;IAC7B,IAAI,CAAC;QACH,EAAE,GAAG,EAAE,CAAC,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAC/B,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC/B,MAAM,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC3C,MAAM,IAAI,GAAG,GAAG,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC,CAAC;QACzC,OAAO,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;YAAS,CAAC;QACT,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;YAChB,IAAI,CAAC;gBACH,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;YACnB,CAAC;YAAC,MAAM,CAAC;gBACP,YAAY;YACd,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC"}
@@ -1 +1 @@
1
- {"version":3,"file":"cloc.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/cloc.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAYzC,uCAAuC;AACvC,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC,CAkBrE"}
1
+ {"version":3,"file":"cloc.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/cloc.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAazC,uCAAuC;AACvC,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC,CAqBrE"}
@@ -3,13 +3,17 @@ Object.defineProperty(exports, "__esModule", { value: true });
3
3
  exports.gatherClocMetrics = gatherClocMetrics;
4
4
  const runner_1 = require("./runner");
5
5
  const exclusions_1 = require("./exclusions");
6
+ const languages_1 = require("../../languages");
6
7
  const SKIP_KEYS = new Set(['header', 'SUM']);
7
8
  /** Gather metrics from cloc --json. */
8
9
  function gatherClocMetrics(cwd) {
9
10
  // --timeout 0 disables per-file timeout (suppresses warning that breaks JSON parse)
10
- // cloc uses basename matching for --exclude-dir, so use dir names without slashes
11
- const excludeDirs = (0, exclusions_1.getClocExcludeDirs)(cwd);
12
- const flags = `--json --timeout 0 --exclude-dir=${excludeDirs}`;
11
+ // D055 (2.4.7): getClocExcludeFlags emits BOTH `--exclude-dir` (basenames)
12
+ // AND `--fullpath --not-match-d` (Perl regex on full path) so multi-segment
13
+ // `.dxkit-ignore` entries like `Dev/Addons/VendorAddon/SAPB1/` exclude the
14
+ // correct subtree instead of every dir named `Dev`.
15
+ const excludeFlags = (0, exclusions_1.getClocExcludeFlags)(cwd);
16
+ const flags = `--json --timeout 0 ${excludeFlags}`;
13
17
  // Try system cloc first (faster), then npx as fallback
14
18
  const result = (0, runner_1.runJSON)(`cloc . ${flags} 2>/dev/null`, cwd, 180000);
15
19
  if (!result || !result.SUM) {
@@ -22,13 +26,28 @@ function gatherClocMetrics(cwd) {
22
26
  return parseClocResult(result);
23
27
  }
24
28
  function parseClocResult(result) {
29
+ // D073 (2.4.7): filter cloc's per-language summary to the names
30
+ // declared by registered packs. Pre-D073 the language table + the
31
+ // `totalLines` denominator included markup/data formats (JSON,
32
+ // XML, CSV, YAML, Markdown) that cloc lists alongside "real"
33
+ // languages. On the .NET WinForms benchmark the 1.6M-line JSON + 1.3M-line XML
34
+ // dragged the quality "Comment Ratio" from a true ~25% (C#
35
+ // comments / C# total) to 4.3% (all comments / all-cloc-totals).
36
+ // The pack registry is the canonical source of "what counts as
37
+ // source code"; cloc's own categorization is intentionally broad.
38
+ const packLanguages = new Set((0, languages_1.allClocLanguageNames)());
25
39
  const clocLanguages = [];
40
+ let totalCode = 0;
41
+ let totalComment = 0;
42
+ let totalBlank = 0;
26
43
  for (const [key, value] of Object.entries(result)) {
27
44
  if (SKIP_KEYS.has(key))
28
45
  continue;
29
46
  const lang = value;
30
47
  if (typeof lang.nFiles !== 'number')
31
48
  continue;
49
+ if (!packLanguages.has(key))
50
+ continue;
32
51
  clocLanguages.push({
33
52
  language: key,
34
53
  files: lang.nFiles,
@@ -36,12 +55,24 @@ function parseClocResult(result) {
36
55
  comment: lang.comment,
37
56
  blank: lang.blank,
38
57
  });
58
+ totalCode += lang.code;
59
+ totalComment += lang.comment;
60
+ totalBlank += lang.blank;
39
61
  }
40
62
  // Sort by code lines descending
41
63
  clocLanguages.sort((a, b) => b.code - a.code);
64
+ // D057 (2.4.7): cloc no longer writes `sourceFiles`. Pre-fix the
65
+ // mergeLayer2 overlay blindly overwrote generic's find-based count
66
+ // with cloc's, which (a) included markup/data files (JSON/XML/CSV)
67
+ // that aren't source, and (b) on the .NET WinForms benchmark was broken by D055.
68
+ // Field ownership: generic.ts owns sourceFiles; cloc owns line
69
+ // counts + language breakdown. (Class-fix tracked as G_v4_8 in
70
+ // recipe v4 — "each gather declares which fields it owns; merger
71
+ // errors on overlap".)
72
+ // totalLines is now derived from the pack-filtered language sum so
73
+ // it represents source lines, not source+markup+data lines.
42
74
  return {
43
- sourceFiles: result.SUM.nFiles,
44
- totalLines: result.SUM.code + result.SUM.comment + result.SUM.blank,
75
+ totalLines: totalCode + totalComment + totalBlank,
45
76
  clocLanguages,
46
77
  toolsUsed: ['cloc'],
47
78
  };
@@ -1 +1 @@
1
- {"version":3,"file":"cloc.js","sourceRoot":"","sources":["../../../src/analyzers/tools/cloc.ts"],"names":[],"mappings":";;AAiBA,8CAkBC;AA9BD,qCAAmC;AACnC,6CAAkD;AAQlD,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC;AAE7C,uCAAuC;AACvC,SAAgB,iBAAiB,CAAC,GAAW;IAC3C,oFAAoF;IACpF,kFAAkF;IAClF,MAAM,WAAW,GAAG,IAAA,+BAAkB,EAAC,GAAG,CAAC,CAAC;IAC5C,MAAM,KAAK,GAAG,oCAAoC,WAAW,EAAE,CAAC;IAEhE,uDAAuD;IACvD,MAAM,MAAM,GAAG,IAAA,gBAAO,EAAa,UAAU,KAAK,cAAc,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;IAE/E,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;QAC3B,MAAM,QAAQ,GAAG,IAAA,gBAAO,EAAa,cAAc,KAAK,cAAc,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QACrF,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;YAC/B,OAAO,EAAE,gBAAgB,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC;QACxC,CAAC;QACD,OAAO,eAAe,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC;IAED,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC;AACjC,CAAC;AAED,SAAS,eAAe,CAAC,MAAkB;IACzC,MAAM,aAAa,GAAmC,EAAE,CAAC;IAEzD,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,IAAI,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,SAAS;QACjC,MAAM,IAAI,GAAG,KAAyE,CAAC;QACvF,IAAI,OAAO,IAAI,CAAC,MAAM,KAAK,QAAQ;YAAE,SAAS;QAC9C,aAAa,CAAC,IAAI,CAAC;YACjB,QAAQ,EAAE,GAAG;YACb,KAAK,EAAE,IAAI,CAAC,MAAM;YAClB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC,CAAC;IACL,CAAC;IAED,gCAAgC;IAChC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;IAE9C,OAAO;QACL,WAAW,EAAE,MAAM,CAAC,GAAG,CAAC,MAAM;QAC9B,UAAU,EAAE,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,MAAM,CAAC,GAAG,CAAC,OAAO,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK;QACnE,aAAa;QACb,SAAS,EAAE,CAAC,MAAM,CAAC;KACpB,CAAC;AACJ,CAAC"}
1
+ {"version":3,"file":"cloc.js","sourceRoot":"","sources":["../../../src/analyzers/tools/cloc.ts"],"names":[],"mappings":";;AAkBA,8CAqBC;AAlCD,qCAAmC;AACnC,6CAAmD;AACnD,+CAAuD;AAQvD,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC;AAE7C,uCAAuC;AACvC,SAAgB,iBAAiB,CAAC,GAAW;IAC3C,oFAAoF;IACpF,2EAA2E;IAC3E,4EAA4E;IAC5E,2EAA2E;IAC3E,oDAAoD;IACpD,MAAM,YAAY,GAAG,IAAA,gCAAmB,EAAC,GAAG,CAAC,CAAC;IAC9C,MAAM,KAAK,GAAG,sBAAsB,YAAY,EAAE,CAAC;IAEnD,uDAAuD;IACvD,MAAM,MAAM,GAAG,IAAA,gBAAO,EAAa,UAAU,KAAK,cAAc,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;IAE/E,IAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;QAC3B,MAAM,QAAQ,GAAG,IAAA,gBAAO,EAAa,cAAc,KAAK,cAAc,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;QACrF,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;YAC/B,OAAO,EAAE,gBAAgB,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC;QACxC,CAAC;QACD,OAAO,eAAe,CAAC,QAAQ,CAAC,CAAC;IACnC,CAAC;IAED,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC;AACjC,CAAC;AAED,SAAS,eAAe,CAAC,MAAkB;IACzC,gEAAgE;IAChE,kEAAkE;IAClE,+DAA+D;IAC/D,6DAA6D;IAC7D,+EAA+E;IAC/E,2DAA2D;IAC3D,iEAAiE;IACjE,+DAA+D;IAC/D,kEAAkE;IAClE,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,IAAA,gCAAoB,GAAE,CAAC,CAAC;IAEtD,MAAM,aAAa,GAAmC,EAAE,CAAC;IACzD,IAAI,SAAS,GAAG,CAAC,CAAC;IAClB,IAAI,YAAY,GAAG,CAAC,CAAC;IACrB,IAAI,UAAU,GAAG,CAAC,CAAC;IAEnB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAClD,IAAI,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,SAAS;QACjC,MAAM,IAAI,GAAG,KAAyE,CAAC;QACvF,IAAI,OAAO,IAAI,CAAC,MAAM,KAAK,QAAQ;YAAE,SAAS;QAC9C,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,SAAS;QACtC,aAAa,CAAC,IAAI,CAAC;YACjB,QAAQ,EAAE,GAAG;YACb,KAAK,EAAE,IAAI,CAAC,MAAM;YAClB,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC,CAAC;QACH,SAAS,IAAI,IAAI,CAAC,IAAI,CAAC;QACvB,YAAY,IAAI,IAAI,CAAC,OAAO,CAAC;QAC7B,UAAU,IAAI,IAAI,CAAC,KAAK,CAAC;IAC3B,CAAC;IAED,gCAAgC;IAChC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;IAE9C,iEAAiE;IACjE,mEAAmE;IACnE,mEAAmE;IACnE,iFAAiF;IACjF,+DAA+D;IAC/D,+DAA+D;IAC/D,iEAAiE;IACjE,uBAAuB;IACvB,mEAAmE;IACnE,4DAA4D;IAC5D,OAAO;QACL,UAAU,EAAE,SAAS,GAAG,YAAY,GAAG,UAAU;QACjD,aAAa;QACb,SAAS,EAAE,CAAC,MAAM,CAAC;KACpB,CAAC;AACJ,CAAC"}
@@ -0,0 +1,67 @@
1
+ /**
2
+ * Race a Promise against a deadline. The wrapper always settles within
3
+ * `deadlineMs + epsilon`, whether the inner Promise resolves, rejects,
4
+ * or never settles at all. Rejection of the inner Promise propagates
5
+ * untouched so callers can still see real provider errors.
6
+ *
7
+ * Why this exists: capability providers shell out to external tools
8
+ * (semgrep, jscpd, graphify, npm audit, pip-audit, …) and occasionally
9
+ * produce a Promise that never settles — typically because the
10
+ * provider awaits multiple async operations in turn and one of them
11
+ * (a `Promise.all`, a non-`runDetached` subprocess, a network call)
12
+ * silently hangs. `runDetached` has its own safety-deadline that
13
+ * forces its Promise to resolve, but providers can produce abandoned
14
+ * Promises outside `runDetached` too. The dispatcher used to wrap
15
+ * those calls in `Promise.allSettled`, which only collapses settled
16
+ * Promises — an unsettled Promise inside leaves the whole capability
17
+ * gather pending forever, the Node event loop empties, and the
18
+ * subprocess exits cleanly with no work done — a silent rc=0 with
19
+ * no report on disk. The reproducible offender on at least one
20
+ * heavy JS-stack customer audit has been `license-checker` walking
21
+ * a deep `node_modules` tree, which occasionally produces an
22
+ * unsettling Promise under concurrent subprocess load.
23
+ *
24
+ * The dispatcher applies this helper per-provider so any single
25
+ * provider that stalls is bounded; the rest of the Promise.allSettled
26
+ * still completes; the stalled source ends up in
27
+ * `DispatchOutcome.skipped` with a deadline reason that surfaces
28
+ * downstream in `toolsUnavailable`. Two non-dispatcher gathers
29
+ * (`gatherDepVulnsWithAvailability`, `gatherLicensesWithAvailability`)
30
+ * iterate packs themselves; they apply the same pattern at their
31
+ * own iteration site.
32
+ */
33
+ export type DeadlineOutcome<T> = {
34
+ stalled: false;
35
+ value: T;
36
+ } | {
37
+ stalled: true;
38
+ stalledMs: number;
39
+ };
40
+ /**
41
+ * Race `promise` against a `deadlineMs` timer. Returns:
42
+ * - `{ stalled: false, value }` if the Promise resolves before the deadline
43
+ * - `{ stalled: true, stalledMs }` if the deadline fires first
44
+ *
45
+ * Rejections of the inner Promise propagate as rejections of the
46
+ * returned Promise — callers handle them separately (e.g. via
47
+ * `Promise.allSettled`). The internal timer is cleared on settle so a
48
+ * resolved Promise doesn't leave a stray pending timer keeping Node
49
+ * alive past process exit.
50
+ */
51
+ export declare function withDeadline<T>(promise: Promise<T>, deadlineMs: number): Promise<DeadlineOutcome<T>>;
52
+ /**
53
+ * Default per-provider deadline for capability gathers. Chosen so the
54
+ * deadline only fires on genuine abandoned-Promise hangs, not on slow
55
+ * legitimate tool runs:
56
+ * - jscpd's `runDetached` timeout is 600s; its safety-deadline adds 30s
57
+ * - semgrep's `runDetached` timeout is 300s
58
+ * - depVulns providers (npm/pip/gem audit, govulncheck, cargo-audit,
59
+ * dotnet) typically settle within 60–180s on large monorepos
60
+ *
61
+ * 720s (12 min) sits above the slowest legitimate provider by ~90s of
62
+ * slack for parsing + aggregation. Real provider runs on the customer
63
+ * benchmark repos finish well inside this; only the stuck case trips
64
+ * it.
65
+ */
66
+ export declare const DEFAULT_PROVIDER_DEADLINE_MS = 720000;
67
+ //# sourceMappingURL=deadline.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"deadline.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/deadline.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AAEH,MAAM,MAAM,eAAe,CAAC,CAAC,IACzB;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,CAAC,CAAA;CAAE,GAC5B;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,CAAC;AAEzC;;;;;;;;;;GAUG;AACH,wBAAgB,YAAY,CAAC,CAAC,EAC5B,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,EACnB,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAkB7B;AAED;;;;;;;;;;;;;GAaG;AACH,eAAO,MAAM,4BAA4B,SAAU,CAAC"}
@@ -0,0 +1,81 @@
1
+ "use strict";
2
+ /**
3
+ * Race a Promise against a deadline. The wrapper always settles within
4
+ * `deadlineMs + epsilon`, whether the inner Promise resolves, rejects,
5
+ * or never settles at all. Rejection of the inner Promise propagates
6
+ * untouched so callers can still see real provider errors.
7
+ *
8
+ * Why this exists: capability providers shell out to external tools
9
+ * (semgrep, jscpd, graphify, npm audit, pip-audit, …) and occasionally
10
+ * produce a Promise that never settles — typically because the
11
+ * provider awaits multiple async operations in turn and one of them
12
+ * (a `Promise.all`, a non-`runDetached` subprocess, a network call)
13
+ * silently hangs. `runDetached` has its own safety-deadline that
14
+ * forces its Promise to resolve, but providers can produce abandoned
15
+ * Promises outside `runDetached` too. The dispatcher used to wrap
16
+ * those calls in `Promise.allSettled`, which only collapses settled
17
+ * Promises — an unsettled Promise inside leaves the whole capability
18
+ * gather pending forever, the Node event loop empties, and the
19
+ * subprocess exits cleanly with no work done — a silent rc=0 with
20
+ * no report on disk. The reproducible offender on at least one
21
+ * heavy JS-stack customer audit has been `license-checker` walking
22
+ * a deep `node_modules` tree, which occasionally produces an
23
+ * unsettling Promise under concurrent subprocess load.
24
+ *
25
+ * The dispatcher applies this helper per-provider so any single
26
+ * provider that stalls is bounded; the rest of the Promise.allSettled
27
+ * still completes; the stalled source ends up in
28
+ * `DispatchOutcome.skipped` with a deadline reason that surfaces
29
+ * downstream in `toolsUnavailable`. Two non-dispatcher gathers
30
+ * (`gatherDepVulnsWithAvailability`, `gatherLicensesWithAvailability`)
31
+ * iterate packs themselves; they apply the same pattern at their
32
+ * own iteration site.
33
+ */
34
+ Object.defineProperty(exports, "__esModule", { value: true });
35
+ exports.DEFAULT_PROVIDER_DEADLINE_MS = void 0;
36
+ exports.withDeadline = withDeadline;
37
+ /**
38
+ * Race `promise` against a `deadlineMs` timer. Returns:
39
+ * - `{ stalled: false, value }` if the Promise resolves before the deadline
40
+ * - `{ stalled: true, stalledMs }` if the deadline fires first
41
+ *
42
+ * Rejections of the inner Promise propagate as rejections of the
43
+ * returned Promise — callers handle them separately (e.g. via
44
+ * `Promise.allSettled`). The internal timer is cleared on settle so a
45
+ * resolved Promise doesn't leave a stray pending timer keeping Node
46
+ * alive past process exit.
47
+ */
48
+ function withDeadline(promise, deadlineMs) {
49
+ let timer;
50
+ const deadlinePromise = new Promise((resolve) => {
51
+ timer = setTimeout(() => {
52
+ resolve({ stalled: true, stalledMs: deadlineMs });
53
+ }, deadlineMs);
54
+ });
55
+ const racedInner = promise.then((value) => {
56
+ if (timer !== undefined)
57
+ clearTimeout(timer);
58
+ return { stalled: false, value };
59
+ }, (err) => {
60
+ if (timer !== undefined)
61
+ clearTimeout(timer);
62
+ throw err;
63
+ });
64
+ return Promise.race([racedInner, deadlinePromise]);
65
+ }
66
+ /**
67
+ * Default per-provider deadline for capability gathers. Chosen so the
68
+ * deadline only fires on genuine abandoned-Promise hangs, not on slow
69
+ * legitimate tool runs:
70
+ * - jscpd's `runDetached` timeout is 600s; its safety-deadline adds 30s
71
+ * - semgrep's `runDetached` timeout is 300s
72
+ * - depVulns providers (npm/pip/gem audit, govulncheck, cargo-audit,
73
+ * dotnet) typically settle within 60–180s on large monorepos
74
+ *
75
+ * 720s (12 min) sits above the slowest legitimate provider by ~90s of
76
+ * slack for parsing + aggregation. Real provider runs on the customer
77
+ * benchmark repos finish well inside this; only the stuck case trips
78
+ * it.
79
+ */
80
+ exports.DEFAULT_PROVIDER_DEADLINE_MS = 720_000;
81
+ //# sourceMappingURL=deadline.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"deadline.js","sourceRoot":"","sources":["../../../src/analyzers/tools/deadline.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;;;AAiBH,oCAqBC;AAhCD;;;;;;;;;;GAUG;AACH,SAAgB,YAAY,CAC1B,OAAmB,EACnB,UAAkB;IAElB,IAAI,KAAgD,CAAC;IACrD,MAAM,eAAe,GAAG,IAAI,OAAO,CAAqB,CAAC,OAAO,EAAE,EAAE;QAClE,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;YACtB,OAAO,CAAC,EAAE,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,UAAU,EAAE,CAAC,CAAC;QACpD,CAAC,EAAE,UAAU,CAAC,CAAC;IACjB,CAAC,CAAC,CAAC;IACH,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,CAC7B,CAAC,KAAK,EAAsB,EAAE;QAC5B,IAAI,KAAK,KAAK,SAAS;YAAE,YAAY,CAAC,KAAK,CAAC,CAAC;QAC7C,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;IACnC,CAAC,EACD,CAAC,GAAG,EAAE,EAAE;QACN,IAAI,KAAK,KAAK,SAAS;YAAE,YAAY,CAAC,KAAK,CAAC,CAAC;QAC7C,MAAM,GAAG,CAAC;IACZ,CAAC,CACF,CAAC;IACF,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,eAAe,CAAC,CAAC,CAAC;AACrD,CAAC;AAED;;;;;;;;;;;;;GAaG;AACU,QAAA,4BAA4B,GAAG,OAAO,CAAC"}
@@ -0,0 +1,17 @@
1
+ export interface DebugStatementsResult {
2
+ /** Total count across all patterns + extensions. */
3
+ count: number;
4
+ /** Top N offenders (most matches per file). Empty if topN was 0. */
5
+ topOffenders: Array<{
6
+ file: string;
7
+ count: number;
8
+ }>;
9
+ }
10
+ /**
11
+ * Count print-family debug statements project-wide. Pass `topN > 0`
12
+ * to populate `topOffenders` (e.g. for quality's `topConsoleFiles`).
13
+ */
14
+ export declare function gatherDebugStatements(cwd: string, opts?: {
15
+ topN?: number;
16
+ }): DebugStatementsResult;
17
+ //# sourceMappingURL=debug-statements.d.ts.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"debug-statements.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/debug-statements.ts"],"names":[],"mappings":"AAqBA,MAAM,WAAW,qBAAqB;IACpC,oDAAoD;IACpD,KAAK,EAAE,MAAM,CAAC;IACd,oEAAoE;IACpE,YAAY,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CACtD;AAED;;;GAGG;AACH,wBAAgB,qBAAqB,CACnC,GAAG,EAAE,MAAM,EACX,IAAI,GAAE;IAAE,IAAI,CAAC,EAAE,MAAM,CAAA;CAAO,GAC3B,qBAAqB,CAkCvB"}
@@ -0,0 +1,58 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.gatherDebugStatements = gatherDebugStatements;
4
+ /**
5
+ * Print-family debug-statement counter — shared between health and
6
+ * quality so the cross-report `consoleLogCount` metric cannot drift.
7
+ *
8
+ * D079 + cross-report convergence (2.4.7 class-fix release): pre-fix
9
+ * health summed JS console + Py print + Go fmt.Print across
10
+ * language-scoped file lists, while quality counted only
11
+ * console.(log|error|warn) across all extensions. Result on platform:
12
+ * health=698, quality=675 (23-finding gap = Python `print(` matches).
13
+ * Same label, different aggregations.
14
+ *
15
+ * Post-fix: ONE function with the canonical multi-pattern definition.
16
+ * Both reports route through it; they cannot disagree.
17
+ *
18
+ * Pattern set (skipComments: true on each):
19
+ * `.ts`/`.tsx`/`.js`/`.jsx`/`.mjs`/`.cjs` → console.(log|error|warn)
20
+ * `.py` → \bprint\(
21
+ * `.go` → fmt\.Print
22
+ */
23
+ const walk_source_files_1 = require("./walk-source-files");
24
+ /**
25
+ * Count print-family debug statements project-wide. Pass `topN > 0`
26
+ * to populate `topOffenders` (e.g. for quality's `topConsoleFiles`).
27
+ */
28
+ function gatherDebugStatements(cwd, opts = {}) {
29
+ const topN = opts.topN ?? 0;
30
+ // includeTests: true preserves pre-migration scope — debug statements
31
+ // in test fixtures were detected before, still are.
32
+ const tsFiles = (0, walk_source_files_1.walkSourceFiles)(cwd, {
33
+ extensions: ['.ts', '.tsx', '.js', '.jsx', '.mjs', '.cjs'],
34
+ includeTests: true,
35
+ });
36
+ const pyFiles = (0, walk_source_files_1.walkSourceFiles)(cwd, { extensions: ['.py'], includeTests: true });
37
+ const goFiles = (0, walk_source_files_1.walkSourceFiles)(cwd, { extensions: ['.go'], includeTests: true });
38
+ const tsResult = (0, walk_source_files_1.countLineMatches)(cwd, tsFiles, ['console\\.(log|error|warn)'], {
39
+ skipComments: true,
40
+ perFileTopN: topN,
41
+ });
42
+ const pyResult = (0, walk_source_files_1.countLineMatches)(cwd, pyFiles, ['\\bprint\\('], {
43
+ skipComments: true,
44
+ perFileTopN: topN,
45
+ });
46
+ const goResult = (0, walk_source_files_1.countLineMatches)(cwd, goFiles, ['fmt\\.Print'], {
47
+ skipComments: true,
48
+ perFileTopN: topN,
49
+ });
50
+ const count = tsResult.lines + pyResult.lines + goResult.lines;
51
+ if (topN === 0) {
52
+ return { count, topOffenders: [] };
53
+ }
54
+ const merged = [...tsResult.perFile, ...pyResult.perFile, ...goResult.perFile];
55
+ merged.sort((a, b) => b.count - a.count);
56
+ return { count, topOffenders: merged.slice(0, topN) };
57
+ }
58
+ //# sourceMappingURL=debug-statements.js.map
@@ -0,0 +1 @@
1
+ {"version":3,"file":"debug-statements.js","sourceRoot":"","sources":["../../../src/analyzers/tools/debug-statements.ts"],"names":[],"mappings":";;AAgCA,sDAqCC;AArED;;;;;;;;;;;;;;;;;;GAkBG;AACH,2DAAwE;AASxE;;;GAGG;AACH,SAAgB,qBAAqB,CACnC,GAAW,EACX,OAA0B,EAAE;IAE5B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,CAAC,CAAC;IAE5B,sEAAsE;IACtE,oDAAoD;IACpD,MAAM,OAAO,GAAG,IAAA,mCAAe,EAAC,GAAG,EAAE;QACnC,UAAU,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;QAC1D,YAAY,EAAE,IAAI;KACnB,CAAC,CAAC;IACH,MAAM,OAAO,GAAG,IAAA,mCAAe,EAAC,GAAG,EAAE,EAAE,UAAU,EAAE,CAAC,KAAK,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC;IAClF,MAAM,OAAO,GAAG,IAAA,mCAAe,EAAC,GAAG,EAAE,EAAE,UAAU,EAAE,CAAC,KAAK,CAAC,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC;IAElF,MAAM,QAAQ,GAAG,IAAA,oCAAgB,EAAC,GAAG,EAAE,OAAO,EAAE,CAAC,4BAA4B,CAAC,EAAE;QAC9E,YAAY,EAAE,IAAI;QAClB,WAAW,EAAE,IAAI;KAClB,CAAC,CAAC;IACH,MAAM,QAAQ,GAAG,IAAA,oCAAgB,EAAC,GAAG,EAAE,OAAO,EAAE,CAAC,aAAa,CAAC,EAAE;QAC/D,YAAY,EAAE,IAAI;QAClB,WAAW,EAAE,IAAI;KAClB,CAAC,CAAC;IACH,MAAM,QAAQ,GAAG,IAAA,oCAAgB,EAAC,GAAG,EAAE,OAAO,EAAE,CAAC,aAAa,CAAC,EAAE;QAC/D,YAAY,EAAE,IAAI;QAClB,WAAW,EAAE,IAAI;KAClB,CAAC,CAAC;IAEH,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,GAAG,QAAQ,CAAC,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC;IAE/D,IAAI,IAAI,KAAK,CAAC,EAAE,CAAC;QACf,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,EAAE,EAAE,CAAC;IACrC,CAAC;IAED,MAAM,MAAM,GAAG,CAAC,GAAG,QAAQ,CAAC,OAAO,EAAE,GAAG,QAAQ,CAAC,OAAO,EAAE,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;IAC/E,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IACzC,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,EAAE,CAAC;AACxD,CAAC"}