npm - aislop - Versions diffs - 0.9.5 → 0.9.6 - Mend

aislop 0.9.5 → 0.9.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/dist/cli.js +14 -2
package/dist/index.js +16 -4
package/dist/{json-CZU3lEfE.js → json-CxiErSgX.js} +1 -1
package/dist/mcp.js +14 -2
package/dist/{sarif-Cneulb6L.js → sarif-CLVijBAO.js} +1 -1
package/dist/version-CPpO6jbj.js +5 -0
package/package.json +1 -1
package/dist/version-ls3wZmOU.js +0 -5

package/dist/cli.js CHANGED Viewed

@@ -34,7 +34,7 @@ var __exportAll = (all, no_symbols) => {
 //#endregion
 //#region src/version.ts
-const APP_VERSION = "0.9.5";
+const APP_VERSION = "0.9.6";
 //#endregion
 //#region src/telemetry/env.ts
@@ -2011,11 +2011,18 @@ const DOC_URL_CONTEXT_RE = /\b(?:docs?|documentation|homepage|repository|bugs|li
 const URL_CONFIG_CONTEXT_RE = /\b(?:api|base[_-]?url|baseUrl|endpoint|host|origin|webhook|callback|redirect|server|service|domain|url)\b/i;
 const ENVIRONMENT_HOST_RE = /(?:^|[.-])(?:api|app|admin|auth|staging|stage|prod|dev|sandbox|webhook|internal)(?:[.-]|$)|^(?:localhost|127\.0\.0\.1|0\.0\.0\.0)$/i;
 const ID_CONTEXT_RE = /(?:^|[^A-Za-z0-9])(?:api[_-]?key|client[_-]?id|project[_-]?id|org(?:anization)?[_-]?id|workspace[_-]?id|tenant[_-]?id|price[_-]?id|product[_-]?id|customer[_-]?id|subscription[_-]?id|account[_-]?id|app[_-]?id|key|token|secret)(?:$|[^A-Za-z0-9])/i;
+const MIGRATION_PATH_RE$1 = /(?:^|[\\/])(?:migrations?|db[\\/]migrate)[\\/]/i;
 const PLACEHOLDER_HOSTS = new Set([
 	"example.com",
 	"example.org",
 	"example.net"
 ]);
+const LOOPBACK_HOSTS = new Set([
+	"localhost",
+	"127.0.0.1",
+	"0.0.0.0",
+	"::1"
+]);
 const PLACEHOLDER_ID_RE = /^(?:changeme|replace[_-]?me|your[_-]|example|placeholder|todo)/i;
 const HARDCODED_URL_FINDING = {
 	rule: "ai-slop/hardcoded-url",
@@ -2059,14 +2066,17 @@ const shouldFlagUrlLiteral = (line, urlText) => {
 	const host = safeUrlHost(urlText);
 	if (!host) return false;
 	if (PLACEHOLDER_HOSTS.has(host)) return false;
+	if (LOOPBACK_HOSTS.has(host)) return false;
 	if (DOC_URL_CONTEXT_RE.test(line) && !ENVIRONMENT_HOST_RE.test(host)) return false;
 	return URL_CONFIG_CONTEXT_RE.test(line) || ENVIRONMENT_HOST_RE.test(host);
 };
+const ENV_VAR_NAME_RE = /^[A-Z][A-Z0-9]*(?:_[A-Z0-9]+)+$/;
 const hasUsefulIdShape = (value) => {
 	if (PLACEHOLDER_ID_RE.test(value)) return false;
+	if (ENV_VAR_NAME_RE.test(value)) return false;
 	if (/^https?:\/\//i.test(value)) return false;
 	if (/^[A-Za-z]+$/.test(value)) return false;
-	return /[0-9_-]/.test(value);
+	return /[0-9]/.test(value);
 };
 const scanLineForConfigLiterals = (line, relativePath, ext, lineNumber) => {
 	const diagnostics = [];
@@ -2093,6 +2103,7 @@ const scanLineForConfigLiterals = (line, relativePath, ext, lineNumber) => {
 const scanFileForConfigLiterals = (content, relativePath, ext) => {
 	if (!SOURCE_EXTENSIONS.has(ext)) return [];
 	if (isNonProductionPath(relativePath)) return [];
+	if (MIGRATION_PATH_RE$1.test(relativePath)) return [];
 	return content.split("\n").flatMap((line, index) => scanLineForConfigLiterals(line, relativePath, ext, index + 1));
 };
 const detectHardcodedConfigLiterals = async (context) => {
@@ -2411,6 +2422,7 @@ const PYTHON_IMPORT_TO_PIP = {
 	pptx: ["python-pptx"],
 	git: ["gitpython"],
 	socks: ["pysocks"],
+	psycopg2: ["psycopg2-binary", "psycopg2"],
 	redis: ["redis"],
 	cairo: ["pycairo"],
 	serial: ["pyserial"],

package/dist/index.js CHANGED Viewed

@@ -1,6 +1,6 @@
 import { n as getEngineLabel, t as ENGINE_INFO } from "./engine-info-DCvIfZ0f.js";
 import { n as runSubprocess, t as isToolInstalled } from "./subprocess-CQUJDGgn.js";
-import { t as APP_VERSION } from "./version-ls3wZmOU.js";
+import { t as APP_VERSION } from "./version-CPpO6jbj.js";
 import { r as runGenericLinter, t as fixRubyLint } from "./generic-D_T4cUaC.js";
 import { n as runExpoDoctor } from "./expo-doctor-BcIkOte5.js";
 import { createRequire, isBuiltin } from "node:module";
@@ -2180,11 +2180,18 @@ const DOC_URL_CONTEXT_RE = /\b(?:docs?|documentation|homepage|repository|bugs|li
 const URL_CONFIG_CONTEXT_RE = /\b(?:api|base[_-]?url|baseUrl|endpoint|host|origin|webhook|callback|redirect|server|service|domain|url)\b/i;
 const ENVIRONMENT_HOST_RE = /(?:^|[.-])(?:api|app|admin|auth|staging|stage|prod|dev|sandbox|webhook|internal)(?:[.-]|$)|^(?:localhost|127\.0\.0\.1|0\.0\.0\.0)$/i;
 const ID_CONTEXT_RE = /(?:^|[^A-Za-z0-9])(?:api[_-]?key|client[_-]?id|project[_-]?id|org(?:anization)?[_-]?id|workspace[_-]?id|tenant[_-]?id|price[_-]?id|product[_-]?id|customer[_-]?id|subscription[_-]?id|account[_-]?id|app[_-]?id|key|token|secret)(?:$|[^A-Za-z0-9])/i;
+const MIGRATION_PATH_RE$1 = /(?:^|[\\/])(?:migrations?|db[\\/]migrate)[\\/]/i;
 const PLACEHOLDER_HOSTS = new Set([
 	"example.com",
 	"example.org",
 	"example.net"
 ]);
+const LOOPBACK_HOSTS = new Set([
+	"localhost",
+	"127.0.0.1",
+	"0.0.0.0",
+	"::1"
+]);
 const PLACEHOLDER_ID_RE = /^(?:changeme|replace[_-]?me|your[_-]|example|placeholder|todo)/i;
 const HARDCODED_URL_FINDING = {
 	rule: "ai-slop/hardcoded-url",
@@ -2228,14 +2235,17 @@ const shouldFlagUrlLiteral = (line, urlText) => {
 	const host = safeUrlHost(urlText);
 	if (!host) return false;
 	if (PLACEHOLDER_HOSTS.has(host)) return false;
+	if (LOOPBACK_HOSTS.has(host)) return false;
 	if (DOC_URL_CONTEXT_RE.test(line) && !ENVIRONMENT_HOST_RE.test(host)) return false;
 	return URL_CONFIG_CONTEXT_RE.test(line) || ENVIRONMENT_HOST_RE.test(host);
 };
+const ENV_VAR_NAME_RE = /^[A-Z][A-Z0-9]*(?:_[A-Z0-9]+)+$/;
 const hasUsefulIdShape = (value) => {
 	if (PLACEHOLDER_ID_RE.test(value)) return false;
+	if (ENV_VAR_NAME_RE.test(value)) return false;
 	if (/^https?:\/\//i.test(value)) return false;
 	if (/^[A-Za-z]+$/.test(value)) return false;
-	return /[0-9_-]/.test(value);
+	return /[0-9]/.test(value);
 };
 const scanLineForConfigLiterals = (line, relativePath, ext, lineNumber) => {
 	const diagnostics = [];
@@ -2262,6 +2272,7 @@ const scanLineForConfigLiterals = (line, relativePath, ext, lineNumber) => {
 const scanFileForConfigLiterals = (content, relativePath, ext) => {
 	if (!SOURCE_EXTENSIONS.has(ext)) return [];
 	if (isNonProductionPath(relativePath)) return [];
+	if (MIGRATION_PATH_RE$1.test(relativePath)) return [];
 	return content.split("\n").flatMap((line, index) => scanLineForConfigLiterals(line, relativePath, ext, index + 1));
 };
 const detectHardcodedConfigLiterals = async (context) => {
@@ -2580,6 +2591,7 @@ const PYTHON_IMPORT_TO_PIP = {
 	pptx: ["python-pptx"],
 	git: ["gitpython"],
 	socks: ["pysocks"],
+	psycopg2: ["psycopg2-binary", "psycopg2"],
 	redis: ["redis"],
 	cairo: ["pycairo"],
 	serial: ["pyserial"],
@@ -8301,12 +8313,12 @@ const runScanBody = async (resolvedDir, config, options, projectInfo) => {
 		engineTimings
 	};
 	if (options.sarif) {
-		const { buildSarifLog } = await import("./sarif-Cneulb6L.js");
+		const { buildSarifLog } = await import("./sarif-CLVijBAO.js");
 		console.log(JSON.stringify(buildSarifLog(results), null, 2));
 		return completion;
 	}
 	if (options.json) {
-		const { buildJsonOutput } = await import("./json-CZU3lEfE.js");
+		const { buildJsonOutput } = await import("./json-CxiErSgX.js");
 		const jsonOut = buildJsonOutput(results, scoreResult, projectInfo.sourceFileCount, elapsedMs);
 		console.log(JSON.stringify(jsonOut, null, 2));
 		return completion;

package/dist/{json-CZU3lEfE.js → json-CxiErSgX.js} RENAMED Viewed

@@ -1,5 +1,5 @@
 import { t as ENGINE_INFO } from "./engine-info-DCvIfZ0f.js";
-import { t as APP_VERSION } from "./version-ls3wZmOU.js";
+import { t as APP_VERSION } from "./version-CPpO6jbj.js";
 //#region src/output/json.ts
 const buildJsonOutput = (results, scoreResult, fileCount, elapsedMs) => {

package/dist/mcp.js CHANGED Viewed

@@ -1438,11 +1438,18 @@ const DOC_URL_CONTEXT_RE = /\b(?:docs?|documentation|homepage|repository|bugs|li
 const URL_CONFIG_CONTEXT_RE = /\b(?:api|base[_-]?url|baseUrl|endpoint|host|origin|webhook|callback|redirect|server|service|domain|url)\b/i;
 const ENVIRONMENT_HOST_RE = /(?:^|[.-])(?:api|app|admin|auth|staging|stage|prod|dev|sandbox|webhook|internal)(?:[.-]|$)|^(?:localhost|127\.0\.0\.1|0\.0\.0\.0)$/i;
 const ID_CONTEXT_RE = /(?:^|[^A-Za-z0-9])(?:api[_-]?key|client[_-]?id|project[_-]?id|org(?:anization)?[_-]?id|workspace[_-]?id|tenant[_-]?id|price[_-]?id|product[_-]?id|customer[_-]?id|subscription[_-]?id|account[_-]?id|app[_-]?id|key|token|secret)(?:$|[^A-Za-z0-9])/i;
+const MIGRATION_PATH_RE$1 = /(?:^|[\\/])(?:migrations?|db[\\/]migrate)[\\/]/i;
 const PLACEHOLDER_HOSTS = new Set([
 	"example.com",
 	"example.org",
 	"example.net"
 ]);
+const LOOPBACK_HOSTS = new Set([
+	"localhost",
+	"127.0.0.1",
+	"0.0.0.0",
+	"::1"
+]);
 const PLACEHOLDER_ID_RE = /^(?:changeme|replace[_-]?me|your[_-]|example|placeholder|todo)/i;
 const HARDCODED_URL_FINDING = {
 	rule: "ai-slop/hardcoded-url",
@@ -1486,14 +1493,17 @@ const shouldFlagUrlLiteral = (line, urlText) => {
 	const host = safeUrlHost(urlText);
 	if (!host) return false;
 	if (PLACEHOLDER_HOSTS.has(host)) return false;
+	if (LOOPBACK_HOSTS.has(host)) return false;
 	if (DOC_URL_CONTEXT_RE.test(line) && !ENVIRONMENT_HOST_RE.test(host)) return false;
 	return URL_CONFIG_CONTEXT_RE.test(line) || ENVIRONMENT_HOST_RE.test(host);
 };
+const ENV_VAR_NAME_RE = /^[A-Z][A-Z0-9]*(?:_[A-Z0-9]+)+$/;
 const hasUsefulIdShape = (value) => {
 	if (PLACEHOLDER_ID_RE.test(value)) return false;
+	if (ENV_VAR_NAME_RE.test(value)) return false;
 	if (/^https?:\/\//i.test(value)) return false;
 	if (/^[A-Za-z]+$/.test(value)) return false;
-	return /[0-9_-]/.test(value);
+	return /[0-9]/.test(value);
 };
 const scanLineForConfigLiterals = (line, relativePath, ext, lineNumber) => {
 	const diagnostics = [];
@@ -1520,6 +1530,7 @@ const scanLineForConfigLiterals = (line, relativePath, ext, lineNumber) => {
 const scanFileForConfigLiterals = (content, relativePath, ext) => {
 	if (!SOURCE_EXTENSIONS.has(ext)) return [];
 	if (isNonProductionPath(relativePath)) return [];
+	if (MIGRATION_PATH_RE$1.test(relativePath)) return [];
 	return content.split("\n").flatMap((line, index) => scanLineForConfigLiterals(line, relativePath, ext, index + 1));
 };
 const detectHardcodedConfigLiterals = async (context) => {
@@ -1838,6 +1849,7 @@ const PYTHON_IMPORT_TO_PIP = {
 	pptx: ["python-pptx"],
 	git: ["gitpython"],
 	socks: ["pysocks"],
+	psycopg2: ["psycopg2-binary", "psycopg2"],
 	redis: ["redis"],
 	cairo: ["pycairo"],
 	serial: ["pyserial"],
@@ -6456,7 +6468,7 @@ const handleAislopBaseline = (input) => {
 //#endregion
 //#region src/version.ts
-const APP_VERSION = "0.9.5";
+const APP_VERSION = "0.9.6";
 //#endregion
 //#region src/telemetry/env.ts

package/dist/{sarif-Cneulb6L.js → sarif-CLVijBAO.js} RENAMED Viewed

@@ -1,4 +1,4 @@
-import { t as APP_VERSION } from "./version-ls3wZmOU.js";
+import { t as APP_VERSION } from "./version-CPpO6jbj.js";
 import path from "node:path";
 //#region src/output/sarif.ts

package/dist/version-CPpO6jbj.js ADDED Viewed

@@ -0,0 +1,5 @@
+//#region src/version.ts
+const APP_VERSION = "0.9.6";
+//#endregion
+export { APP_VERSION as t };

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "aislop",
-  "version": "0.9.5",
+  "version": "0.9.6",
   "description": "Catch the slop AI coding agents leave in your code: narrative comments, swallowed exceptions, as-any casts, dead code, oversized functions. 40+ rules across 7 languages (TS/JS, Python, Go, Rust, Ruby, PHP, Java). Sub-second, deterministic, no LLM at runtime. MIT-licensed.",
   "type": "module",
   "bin": {

package/dist/version-ls3wZmOU.js DELETED Viewed

@@ -1,5 +0,0 @@
-//#region src/version.ts
-const APP_VERSION = "0.9.5";
-//#endregion
-export { APP_VERSION as t };