aislop 0.9.6 → 0.10.1

package/dist/cli.js

@@ -34,7 +34,7 @@ var __exportAll = (all, no_symbols) => {
 
 //#endregion
 //#region src/version.ts
-const APP_VERSION = "0.9.6";
+const APP_VERSION = "0.10.1";
 
 //#endregion
 //#region src/telemetry/env.ts
@@ -183,7 +183,7 @@ const redactProperties = (props) => {
 const POSTHOG_HOST = process.env.AISLOP_POSTHOG_HOST ?? "https://eu.i.posthog.com";
 const POSTHOG_KEY = process.env.AISLOP_POSTHOG_KEY ?? "phc_eY2cOMFva9q24GrWeOuvuVIOhCIdjOALxeAR3ItrqbJ";
 const SCHEMA_VERSION = "v2";
-const REQUEST_TIMEOUT_MS = 3e3;
+const REQUEST_TIMEOUT_MS$1 = 3e3;
 const isTelemetryDisabled = (config) => {
 	const env = process.env;
 	if (env.AISLOP_NO_TELEMETRY === "1" || env.DO_NOT_TRACK === "1") return true;
@@ -237,7 +237,7 @@ const track = (input) => {
 		method: "POST",
 		headers: { "Content-Type": "application/json" },
 		body: JSON.stringify(payload),
-		signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS)
+		signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS$1)
 	}).then(() => {}).catch(() => {}).finally(() => {
 		pendingRequests.delete(request);
 	});
@@ -836,6 +836,218 @@ const loadConfig = (directory) => {
 	}
 };
 
+//#endregion
+//#region src/utils/source-masker.ts
+const JS_EXTS$2 = new Set([
+	".ts",
+	".tsx",
+	".js",
+	".jsx",
+	".mjs",
+	".cjs"
+]);
+const PY_EXTS = new Set([".py"]);
+const RB_EXTS = new Set([".rb"]);
+const PHP_EXTS = new Set([".php"]);
+const familyForExt = (ext) => {
+	if (JS_EXTS$2.has(ext)) return "js";
+	if (PY_EXTS.has(ext)) return "py";
+	if (RB_EXTS.has(ext)) return "rb";
+	if (PHP_EXTS.has(ext)) return "php";
+	return "none";
+};
+const maskStringsAndComments = (content, ext) => {
+	const family = familyForExt(ext);
+	if (family === "none") return content;
+	if (family === "js") return maskJs(content, true);
+	return maskSimple(content, family, true);
+};
+const maskComments = (content, ext) => {
+	const family = familyForExt(ext);
+	if (family === "none") return content;
+	if (family === "js") return maskJs(content, false);
+	return maskSimple(content, family, false);
+};
+const handleQuotesAndComments = (content, i, tplStack, mask, maskStrings) => {
+	const len = content.length;
+	const c = content[i];
+	const next = content[i + 1];
+	if (c === "\"" || c === "'") {
+		const strStart = i;
+		const end = consumeQuotedString(content, i, c);
+		if (maskStrings) mask(strStart + 1, end - 1);
+		return {
+			handled: true,
+			nextI: end
+		};
+	}
+	if (c === "`") {
+		const scan = consumeTemplateString(content, i + 1);
+		if (maskStrings) mask(i + 1, scan.maskEnd);
+		if (scan.openedInterp) tplStack.push(0);
+		return {
+			handled: true,
+			nextI: scan.resumeAt
+		};
+	}
+	if (c === "/" && next === "/") {
+		const strStart = i;
+		let k = i;
+		while (k < len && content[k] !== "\n") k++;
+		mask(strStart, k);
+		return {
+			handled: true,
+			nextI: k
+		};
+	}
+	if (c === "/" && next === "*") {
+		const strStart = i;
+		let k = i + 2;
+		while (k < len - 1 && !(content[k] === "*" && content[k + 1] === "/")) k++;
+		if (k < len - 1) k += 2;
+		mask(strStart, k);
+		return {
+			handled: true,
+			nextI: k
+		};
+	}
+	return {
+		handled: false,
+		nextI: i
+	};
+};
+const maskJs = (content, maskStrings) => {
+	const out = content.split("");
+	const len = content.length;
+	const tplStack = [];
+	let i = 0;
+	const mask = (start, end) => {
+		for (let k = start; k < end; k++) if (out[k] !== "\n") out[k] = " ";
+	};
+	while (i < len) {
+		const c = content[i];
+		if (tplStack.length > 0) {
+			if (c === "{") {
+				tplStack[tplStack.length - 1]++;
+				i++;
+				continue;
+			}
+			if (c === "}") {
+				if (tplStack[tplStack.length - 1] === 0) {
+					tplStack.pop();
+					const scan = consumeTemplateString(content, i + 1);
+					if (maskStrings) mask(i + 1, scan.maskEnd);
+					if (scan.openedInterp) tplStack.push(0);
+					i = scan.resumeAt;
+					continue;
+				}
+				tplStack[tplStack.length - 1]--;
+				i++;
+				continue;
+			}
+		}
+		const handled = handleQuotesAndComments(content, i, tplStack, mask, maskStrings);
+		if (handled.handled) {
+			i = handled.nextI;
+			continue;
+		}
+		i++;
+	}
+	return out.join("");
+};
+const consumeQuotedString = (content, start, quote) => {
+	const len = content.length;
+	let i = start + 1;
+	while (i < len) {
+		const c = content[i];
+		if (c === "\\" && i + 1 < len) {
+			i += 2;
+			continue;
+		}
+		if (c === quote) return i + 1;
+		if (c === "\n") return i;
+		i++;
+	}
+	return i;
+};
+const consumeTemplateString = (content, start) => {
+	const len = content.length;
+	let i = start;
+	while (i < len) {
+		const c = content[i];
+		if (c === "\\" && i + 1 < len) {
+			i += 2;
+			continue;
+		}
+		if (c === "`") return {
+			maskEnd: i,
+			resumeAt: i + 1,
+			openedInterp: false
+		};
+		if (c === "$" && content[i + 1] === "{") return {
+			maskEnd: i,
+			resumeAt: i + 2,
+			openedInterp: true
+		};
+		i++;
+	}
+	return {
+		maskEnd: i,
+		resumeAt: i,
+		openedInterp: false
+	};
+};
+const maskSimple = (content, family, maskStrings) => {
+	const out = content.split("");
+	const len = content.length;
+	let i = 0;
+	const mask = (start, end) => {
+		for (let k = start; k < end; k++) if (out[k] !== "\n") out[k] = " ";
+	};
+	while (i < len) {
+		const c = content[i];
+		const next = content[i + 1];
+		if (family === "py" && (c === "\"" || c === "'")) {
+			if (content[i + 1] === c && content[i + 2] === c) {
+				const triple = c + c + c;
+				const end = content.indexOf(triple, i + 3);
+				const stop = end === -1 ? len : end + 3;
+				if (maskStrings) mask(i + 3, stop - 3);
+				i = stop;
+				continue;
+			}
+		}
+		if (c === "\"" || c === "'") {
+			const strStart = i;
+			i = consumeQuotedString(content, i, c);
+			if (maskStrings) mask(strStart + 1, i - 1);
+			continue;
+		}
+		if ((family === "py" || family === "rb" || family === "php") && c === "#") {
+			const strStart = i;
+			while (i < len && content[i] !== "\n") i++;
+			mask(strStart, i);
+			continue;
+		}
+		if (family === "php" && c === "/" && next === "/") {
+			const strStart = i;
+			while (i < len && content[i] !== "\n") i++;
+			mask(strStart, i);
+			continue;
+		}
+		if (family === "php" && c === "/" && next === "*") {
+			const strStart = i;
+			i += 2;
+			while (i < len - 1 && !(content[i] === "*" && content[i + 1] === "/")) i++;
+			if (i < len - 1) i += 2;
+			mask(strStart, i);
+			continue;
+		}
+		i++;
+	}
+	return out.join("");
+};
+
 //#endregion
 //#region src/utils/source-files.ts
 const MAX_BUFFER$1 = 50 * 1024 * 1024;
@@ -1086,7 +1298,7 @@ const getSourceFilesWithExtras = (context, extraExtensions) => {
 
 //#endregion
 //#region src/engines/ai-slop/abstractions.ts
-const JS_EXTS$2 = new Set([
+const JS_EXTS$1 = new Set([
 	".ts",
 	".tsx",
 	".js",
@@ -1097,11 +1309,11 @@ const JS_EXTS$2 = new Set([
 const THIN_WRAPPER_PATTERNS = [
 	{
 		pattern: /(?:export\s+)?(?:async\s+)?function\s+(\w+)\s*\([^)]*\)\s*(?::\s*\w[^{]*)?\{\s*\n?\s*return\s+\w+\([^)]*\);\s*\n?\s*\}/g,
-		extensions: JS_EXTS$2
+		extensions: JS_EXTS$1
 	},
 	{
 		pattern: /(?:export\s+)?const\s+(\w+)\s*=\s*(?:async\s+)?\([^)]*\)\s*(?::\s*\w[^=]*)?\s*=>\s*\w+\([^)]*\);/g,
-		extensions: JS_EXTS$2
+		extensions: JS_EXTS$1
 	},
 	{
 		pattern: /def\s+(\w+)\s*\([^)]*\)(?:\s*->[^:]*)?:\s*\n\s+return\s+\w+\([^)]*\)\s*$/gm,
@@ -1111,14 +1323,16 @@ const THIN_WRAPPER_PATTERNS = [
 const AI_NAMING_PATTERNS = [/(?:helper|util|handler|process|do|handle|execute|perform)_?\d+/i, /(?:data|temp|result|value|item|obj|arr|str|num|val)\d+/];
 const FRAMEWORK_METHOD_NAMES = /^(?:setUp|tearDown|setUpClass|tearDownClass|setUpModule|tearDownModule)$/;
 const DUNDER_PATTERN = /^__\w+__$/;
-const hasHardcodedArgs = (matchText) => {
-	const innerCallMatch = matchText.match(/=>\s*\w+\(([^)]*)\)\s*;?\s*$/);
-	if (!innerCallMatch) {
-		const returnCallMatch = matchText.match(/return\s+\w+\(([^)]*)\)\s*;?\s*\}/);
-		if (!returnCallMatch) return false;
-		return /['"`]\w+['"`]|(?<!\w)\d+(?!\w)/.test(returnCallMatch[1]);
-	}
-	return /['"`]\w+['"`]|(?<!\w)\d+(?!\w)/.test(innerCallMatch[1]);
+const stripParam = (p) => p.trim().split(/[:=]/)[0].trim().replace(/^[*&]+/, "");
+const paramNames = (paramsText) => new Set(paramsText.split(",").map(stripParam).filter((p) => p && p !== "self" && p !== "cls"));
+const isIdentityForward = (matchText) => {
+	const paramsMatch = matchText.match(/\(([^)]*)\)/);
+	const innerMatch = matchText.match(/(?:return\s+\w+|=>\s*\w+)\s*\(([^)]*)\)/);
+	if (!paramsMatch || !innerMatch) return false;
+	const params = paramNames(paramsMatch[1]);
+	const args = innerMatch[1].split(",").map((a) => a.trim()).filter((a) => a.length > 0);
+	if (args.length === 0) return false;
+	return args.every((a) => /^[A-Za-z_$][\w$]*$/.test(a) && params.has(a));
 };
 const isUseContextWrapper = (matchText) => /\buse\w+/.test(matchText) && /useContext\s*\(/.test(matchText);
 const detectThinWrappers = (content, relativePath, ext) => {
@@ -1138,7 +1352,7 @@ const detectThinWrappers = (content, relativePath, ext) => {
 				const prevLine = lines[lineNumber - 2]?.trim();
 				if (prevLine && prevLine.startsWith("@")) continue;
 			}
-			if (hasHardcodedArgs(matchText)) continue;
+			if (!isIdentityForward(matchText)) continue;
 			if (isUseContextWrapper(matchText)) continue;
 			diagnostics.push({
 				filePath: relativePath,
@@ -1192,8 +1406,9 @@ const detectOverAbstraction = async (context) => {
 		}
 		const relativePath = path.relative(context.rootDirectory, filePath);
 		const ext = path.extname(filePath);
-		diagnostics.push(...detectThinWrappers(content, relativePath, ext));
-		diagnostics.push(...detectAiNaming(content, relativePath));
+		const codeOnly = maskComments(content, ext);
+		diagnostics.push(...detectThinWrappers(codeOnly, relativePath, ext));
+		diagnostics.push(...detectAiNaming(codeOnly, relativePath));
 	}
 	return diagnostics;
 };
@@ -1223,8 +1438,7 @@ const JUSTIFICATION_OPENERS = [
 	/^(?:First|Then|Finally|Next|Lastly|Subsequently),?\s+(?:it|we|the\s+(?:function|method|class))\b/i
 ];
 const EXPLANATORY_OPENERS = /^(Matches|Detects|Represents|Holds|Stores|Tracks|Handles|Manages|Controls|Contains|Captures|Encapsulates|Wraps|Describes)\s+[A-Za-z`'"]/;
-const STEP_COMMENT_VERB_RE = /^(?:Render|Enable|Disable|Initialize|Init|Setup|Set|Get|Fetch|Load|Save|Build|Create|Delete|Remove|Add|Update|Process|Execute|Run|Start|Stop|Clean|Cleanup|Configure|Validate|Check|Verify|Parse|Extract|Apply|Wait|Sleep|Skip|Allow|Deny|Lock|Unlock|Refresh|Reload|Reset|Clear|Send|Receive|Read|Write|Print|Log|Emit|Dispatch|Fire|Open|Close|Bind|Connect|Disconnect|Register|Unregister|Push|Pop|Insert|Append|Prepend|Sort|Filter|Find|Search|Replace|Encode|Decode|Convert|Transform|Map|Reduce|Iterate|Loop|Walk|Visit|Mark|Unmark|Toggle|Switch|Restart|Resume|Pause|Abort|Cancel|Compute|Calculate|Resolve|Reject|Ignore|Handle|Track|Trace|Increment|Decrement|Round|Truncate|Resize|Move|Copy|Clone|Merge|Split|Join|Wrap|Unwrap|Bump|Drain|Flush|Sync|Persist|Commit|Rollback|Yield|Return|Discard|Defer|Pin|Unpin|Mount|Unmount|Spawn|Kill|Restore)(?:\s|$)/;
-const EXPLANATORY_WHY_MARKERS = /\b(?:because|since|otherwise|workaround|caveat|warning|important|assumes?|note:|bug|issue|see\s+(?:issue|above|below)|in\s+prod|in\s+production|breaks?\s+when|fails?\s+when|must\s+run|must\s+be|has\s+to\s+be|hack\s+for|fix\s+for|reason:|to\s+avoid|to\s+ensure|to\s+prevent|in\s+order\s+to|necessary|guarantee[sd]?|prevents?|regardless\s+of|required\s+(?:for|to|by)|for\s+example|e\.g\.|i\.e\.|useful\s+(?:for|when)|intended\s+to|on\s+purpose|by\s+design)\b/i;
+const EXPLANATORY_WHY_MARKERS = /\b(?:because|since|otherwise|workaround|caveat|warning|important|assumes?|note:|bug|issue|see\s+(?:issue|above|below)|in\s+prod|in\s+production|breaks?\s+when|fails?\s+when|must\s+run|must\s+be|has\s+to\s+be|hack\s+for|fix\s+for|reason:|to\s+avoid|to\s+ensure|to\s+prevent|in\s+order\s+to|necessary|guarantee[sd]?|prevents?|regardless\s+of|required\s+(?:for|to|by)|for\s+example|e\.g\.|i\.e\.|useful\s+(?:for|when)|intended\s+to|on\s+purpose|by\s+design|ideally|however|although|even\s+though|despite|whereas|unfortunately|trade-?off|first\s+need)\b/i;
 const MEANINGFUL_JSDOC_TAGS = new Set([
 	"deprecated",
 	"see",
@@ -1320,7 +1534,7 @@ const PHP_DECL_START = /^\s*(?:(?:public|private|protected|static|final|abstract
 
 //#endregion
 //#region src/engines/ai-slop/non-production-paths.ts
-const DIR_PATTERN = /(?:^|\/)(?:scripts|bin|examples?|demos?|bench|benches|benchmarks?|fixtures?|__fixtures__|__mocks__|__tests__|vendor|_vendor|vendored|third_party|blib2to3|lib2to3|cli|cli-[\w-]+|[\w-]+-cli)\//i;
+const DIR_PATTERN = /(?:^|\/)(?:scripts|bin|examples?|demos?|docs?|bench|benches|benchmarks?|fixtures?|__fixtures__|__mocks__|__tests__|vendor|_vendor|vendored|third_party|blib2to3|lib2to3|cli|cli-[\w-]+|[\w-]+-cli)\//i;
 const BASENAME_PATTERN = /(?:^|\/)(?:benchmark|bench|demo|example|script|seed|migrate|profile|smoke|stress|load|debug|repro)[-_.][^/]*\.[mc]?[jt]sx?$|(?:^|\/)[^/]+[-_](?:benchmark|bench|demo|example)\.[mc]?[jt]sx?$/i;
 const isNonProductionPath = (relativePath) => DIR_PATTERN.test(relativePath) || BASENAME_PATTERN.test(relativePath);
 
@@ -1329,7 +1543,7 @@ const isNonProductionPath = (relativePath) => DIR_PATTERN.test(relativePath) ||
 const TRIVIAL_VERB_STEMS = "Import|Defin|Initializ|Setting|Set\\s+up|Setup|Return|Check|Loop|Iterat|Creat|Updat|Delet|Remov|Handl|Get|Fetch|Increment|Decrement|Writ|Runn|Run|Pars|Execut|Extract|Sav|Load|Build|Start|Stopp|Stop|Clean(?:up|\\s+up)?|Configur|Validat|Process|Queue|Fire|Emit|Dispatch|Log|Print|Render";
 const TRIVIAL_JS_COMMENT_PATTERNS = [/\/\/\s*This (?:function|method|class|variable|constant) (?:will |is used to |is responsible for )?/i, new RegExp(`\\/\\/\\s*(?:${TRIVIAL_VERB_STEMS})(?:e|es|ing|s)?\\b`, "i")];
 const TRIVIAL_PYTHON_COMMENT_PATTERNS = [/^#\s*This (?:function|method|class) (?:will |is used to )?/i, new RegExp(`^#\\s*(?:${TRIVIAL_VERB_STEMS})(?:e|es|ing|s)?\\b`, "i")];
-const EXPLANATORY_KEYWORDS = /\b(?:because|since|note|todo|fixme|hack|warn|warning|workaround|caveat|important|assumes?)\b/i;
+const EXPLANATORY_KEYWORDS = /\b(?:because|since|note|todo|fixme|hack|warn|warning|workaround|caveat|important|assumes?|if|when|unless|until|only|except|otherwise|needs?|must|should|ensure|avoid|prevent|requires?)\b/i;
 const COMMENTED_CODE_CHARS = /[({=;}\]>]/;
 const MAX_TRIVIAL_COMMENT_LENGTH = 60;
 const isJsComment = (trimmed) => trimmed.startsWith("//") && !trimmed.startsWith("///") && !trimmed.startsWith("//!");
@@ -1478,6 +1692,7 @@ const TODO_PATTERN = new RegExp(`\\b(?:${[
 	"PLACEHOLDER",
 	"STUB"
 ].join("|")})[:\\s]`);
+const TODO_TRACKING_RE = /https?:\/\/|#\d+|\bgh-\d+\b|\b[A-Z][A-Z0-9]+-\d+\b|\b(?:issue|ticket|jira)\b/i;
 const isBlockCloserAfterReturn = (line) => line.startsWith("}") || line.startsWith("};") || line.startsWith("),") || line.startsWith(");") || line.startsWith("],") || line.startsWith("]);");
 const isGuardedSingleLineExit = (lines, lineIndex) => {
 	const contextLines = [];
@@ -1497,7 +1712,10 @@ const detectTodoStubs = (content, relativePath) => {
 	for (let i = 0; i < lines.length; i++) {
 		const trimmed = lines[i].trim();
 		if (!trimmed.startsWith("//") && !trimmed.startsWith("#") && !trimmed.startsWith("*") && !trimmed.startsWith("/*")) continue;
-		if (TODO_PATTERN.test(trimmed)) diagnostics.push(slop(relativePath, i + 1, "ai-slop/todo-stub", "info", "Unresolved TODO/FIXME/HACK comment indicates incomplete code", "Resolve the TODO or create a tracked issue for it", false));
+		if (TODO_PATTERN.test(trimmed)) {
+			if (TODO_TRACKING_RE.test(trimmed)) continue;
+			diagnostics.push(slop(relativePath, i + 1, "ai-slop/todo-stub", "info", "Unresolved TODO/FIXME/HACK comment indicates incomplete code", "Resolve the TODO or create a tracked issue for it", false));
+		}
 	}
 	return diagnostics;
 };
@@ -1546,9 +1764,10 @@ const detectDeadPatterns = async (context) => {
 		}
 		const ext = path.extname(filePath);
 		const relativePath = path.relative(context.rootDirectory, filePath);
-		diagnostics.push(...detectConsoleLeftovers(content, relativePath, ext));
+		const codeOnly = maskComments(content, ext);
+		diagnostics.push(...detectConsoleLeftovers(codeOnly, relativePath, ext));
 		diagnostics.push(...detectTodoStubs(content, relativePath));
-		diagnostics.push(...detectDeadCodePatterns(content, relativePath, ext));
+		diagnostics.push(...detectDeadCodePatterns(codeOnly, relativePath, ext));
 		diagnostics.push(...detectUnsafeTypePatterns(content, relativePath, ext));
 	}
 	return diagnostics;
@@ -1738,6 +1957,7 @@ const JS_EXTENSIONS$3 = new Set([
 const IMPORT_FROM_RE$1 = /^\s*import\s+([^;]*?)\s+from\s+["']([^"']+)["']/;
 const TYPE_ONLY_RE = /^\s*type\b/;
 const VALUE_BINDING_RE = /\{([^}]*)\}/;
+const NAMESPACE_RE = /\*\s+as\s+/;
 const isTypeOnly = (clause) => {
 	if (TYPE_ONLY_RE.test(clause)) return true;
 	const braces = VALUE_BINDING_RE.exec(clause);
@@ -1755,7 +1975,8 @@ const extractImportLines = (content) => {
 		results.push({
 			spec: match[2],
 			line: i + 1,
-			typeOnly: isTypeOnly(match[1])
+			typeOnly: isTypeOnly(match[1]),
+			namespace: NAMESPACE_RE.test(match[1])
 		});
 	}
 	return results;
@@ -1772,11 +1993,11 @@ const detectDuplicateImports = async (context) => {
 		} catch {
 			continue;
 		}
-		const imports = extractImportLines(content);
+		const imports = extractImportLines(maskComments(content, path.extname(filePath)));
 		if (imports.length < 2) continue;
 		const byBucket = /* @__PURE__ */ new Map();
 		for (const imp of imports) {
-			const key = `${imp.typeOnly ? "type" : "value"}\0${imp.spec}`;
+			const key = `${imp.namespace ? "ns" : imp.typeOnly ? "type" : "value"}\0${imp.spec}`;
 			const list = byBucket.get(key) ?? [];
 			list.push(imp);
 			byBucket.set(key, list);
@@ -2023,6 +2244,30 @@ const LOOPBACK_HOSTS = new Set([
 	"0.0.0.0",
 	"::1"
 ]);
+const VENDOR_API_DOMAINS = [
+	"github.com",
+	"githubusercontent.com",
+	"googleapis.com",
+	"accounts.google.com",
+	"stripe.com",
+	"openai.com",
+	"anthropic.com",
+	"slack.com",
+	"twilio.com",
+	"sendgrid.com",
+	"mailgun.net",
+	"cloudflare.com",
+	"discord.com",
+	"telegram.org",
+	"login.microsoftonline.com",
+	"graph.microsoft.com",
+	"twitter.com",
+	"x.com",
+	"twimg.com",
+	"t.co",
+	"api.telegram.org"
+];
+const isVendorApiHost = (host) => VENDOR_API_DOMAINS.some((d) => host === d || host.endsWith(`.${d}`));
 const PLACEHOLDER_ID_RE = /^(?:changeme|replace[_-]?me|your[_-]|example|placeholder|todo)/i;
 const HARDCODED_URL_FINDING = {
 	rule: "ai-slop/hardcoded-url",
@@ -2067,6 +2312,7 @@ const shouldFlagUrlLiteral = (line, urlText) => {
 	if (!host) return false;
 	if (PLACEHOLDER_HOSTS.has(host)) return false;
 	if (LOOPBACK_HOSTS.has(host)) return false;
+	if (isVendorApiHost(host)) return false;
 	if (DOC_URL_CONTEXT_RE.test(line) && !ENVIRONMENT_HOST_RE.test(host)) return false;
 	return URL_CONFIG_CONTEXT_RE.test(line) || ENVIRONMENT_HOST_RE.test(host);
 };
@@ -2118,7 +2364,7 @@ const detectHardcodedConfigLiterals = async (context) => {
 		}
 		const relativePath = path.relative(context.rootDirectory, filePath);
 		const ext = path.extname(filePath);
-		diagnostics.push(...scanFileForConfigLiterals(content, relativePath, ext));
+		diagnostics.push(...scanFileForConfigLiterals(maskComments(content, ext), relativePath, ext));
 	}
 	return diagnostics;
 };
@@ -2251,7 +2497,9 @@ const PYTHON_STDLIB = new Set([
 	"builtins",
 	"bz2",
 	"calendar",
+	"code",
 	"codecs",
+	"codeop",
 	"collections",
 	"concurrent",
 	"configparser",
@@ -2324,6 +2572,7 @@ const PYTHON_STDLIB = new Set([
 	"readline",
 	"reprlib",
 	"resource",
+	"rlcompleter",
 	"secrets",
 	"select",
 	"selectors",
@@ -2512,6 +2761,8 @@ const collectFromPyproject = (rootDir, pyDeps) => {
 		}
 		const extras = content.match(/\[project\.optional-dependencies\]([\s\S]*?)(?=\n\[|$)/);
 		if (extras) for (const m of extras[1].matchAll(/["']\s*([a-zA-Z][a-zA-Z0-9_\-.]+)/g)) addPyDep(pyDeps, m[1]);
+		const groups = content.match(/\[dependency-groups\]([\s\S]*?)(?=\n\[[^[]|$)/);
+		if (groups) for (const m of groups[1].matchAll(/["']\s*([a-zA-Z][a-zA-Z0-9_\-.]+)/g)) addPyDep(pyDeps, m[1]);
 		const poetryRe = /\[tool\.poetry(?:\.group\.[a-z]+)?\.dependencies\]([\s\S]*?)(?=\n\[|$)/g;
 		let match = poetryRe.exec(content);
 		while (match !== null) {
@@ -2744,9 +2995,28 @@ const extractJsImports = (content) => {
 const extractPyImports = (content) => {
 	const lines = content.split("\n");
 	const results = [];
+	let inDoc = null;
+	let typeCheckIndent = -1;
 	for (let i = 0; i < lines.length; i++) {
-		const line = lines[i].trim();
-		if (line.startsWith("#")) continue;
+		const raw = lines[i];
+		const line = raw.trim();
+		if (inDoc) {
+			if (line.includes(inDoc)) inDoc = null;
+			continue;
+		}
+		if (line === "" || line.startsWith("#")) continue;
+		const triples = line.match(/"""|'''/g);
+		if (triples) {
+			if (triples.length % 2 === 1) inDoc = triples[triples.length - 1];
+			continue;
+		}
+		const indent = raw.length - raw.trimStart().length;
+		if (typeCheckIndent >= 0 && indent <= typeCheckIndent) typeCheckIndent = -1;
+		if (/^if\s+(?:[\w.]+\.)?TYPE_CHECKING\b/.test(line)) {
+			typeCheckIndent = indent;
+			continue;
+		}
+		if (typeCheckIndent >= 0) continue;
 		const fromMatch = line.match(/^from\s+([\w.]+)\s+import\b/);
 		if (fromMatch && !fromMatch[1].startsWith(".")) {
 			results.push({
@@ -2756,8 +3026,8 @@ const extractPyImports = (content) => {
 			continue;
 		}
 		const importMatch = line.match(/^import\s+([\w.,\s]+?)(?:\s+as\s+\w+)?\s*$/);
-		if (importMatch) for (const raw of importMatch[1].split(",")) {
-			const cleaned = raw.trim().split(/\s+as\s+/)[0];
+		if (importMatch) for (const part of importMatch[1].split(",")) {
+			const cleaned = part.trim().split(/\s+as\s+/)[0];
 			if (cleaned && !cleaned.startsWith(".")) results.push({
 				spec: cleaned,
 				line: i + 1
@@ -2814,6 +3084,7 @@ const detectHallucinatedImports = async (context) => {
 			continue;
 		}
 		const relPath = path.relative(context.rootDirectory, filePath);
+		if (isNonProductionPath(relPath)) continue;
 		const imports = isJs ? extractJsImports(content) : extractPyImports(content);
 		for (const { spec, line } of imports) {
 			const hallucinated = isJs ? checkJsImport(spec, manifest, tsAliasMatchers) : checkPyImport(spec, manifest);
@@ -2941,7 +3212,7 @@ const collectBlocks = (sourceLines, syntax) => {
 //#endregion
 //#region src/engines/ai-slop/meta-comment.ts
 const PLAN_REFERENCE_RES = [
-	/\b(?:stage|step|phase)\s+\d+\b(?!\s*[:.]?\s*(?:bytes|ms|seconds|of\s+\d))/i,
+	/^(?:stage|step|phase)\s+\d+\s*[:.\-–—]/i,
 	/\bstep\s+\d+\s+of\s+the\s+plan\b/i,
 	/\bas\s+(?:per|requested)\s+(?:the\s+)?(?:requirements?|spec|task|ticket|prompt|instructions?)\b/i,
 	/\bper\s+the\s+(?:spec|requirements?|task|ticket|plan|prompt|instructions?)\b/i,
@@ -3043,24 +3314,6 @@ const looksLikeLicenseHeader = (block) => {
 	const text = block.rawLines.join(" ").toLowerCase();
 	return text.includes("copyright") || text.includes("license") || text.includes("spdx-license-identifier");
 };
-const BARE_LABEL_RE = /^[A-Z][A-Za-z0-9 ]{1,28}$/;
-const isBareSectionLabel = (prose) => {
-	if (!BARE_LABEL_RE.test(prose)) return false;
-	if (prose.endsWith(".")) return false;
-	if (prose.split(/\s+/).length > 3) return false;
-	if (STEP_COMMENT_VERB_RE.test(prose)) return false;
-	return true;
-};
-const DATA_ENTRY_START = /^\s*(?:\{|\[|["'`]|\d|\w+:\s|case\s)/;
-const nextLineLooksLikeDataEntry = (nextLine) => {
-	if (nextLine === null) return false;
-	if (!DATA_ENTRY_START.test(nextLine)) return false;
-	const trimmed = nextLine.trim();
-	if (trimmed.startsWith("case ")) return true;
-	if (trimmed.startsWith("{") || trimmed.startsWith("[") || trimmed.startsWith("\"") || trimmed.startsWith("'") || trimmed.startsWith("`")) return true;
-	if (/^\w+\s*:/.test(trimmed)) return true;
-	return false;
-};
 const looksLikeSuppressDirective = (block) => block.rawLines.some((l) => /\b(biome-ignore|eslint-disable|ts-ignore|ts-expect-error|@ts-\w+|noqa|pylint:\s*disable|rubocop:disable|noinspection|phpcs:disable)\b/.test(l));
 const GO_DECL_NAME_RE = /^(?:func|type|var|const)\s+(?:\([^)]*\)\s*)?(\w+)/;
 const GO_FIELD_LEAD_RE = /^(\w+)\s+/;
@@ -3149,10 +3402,6 @@ const detectNarrativeInBlock = (block, ext) => {
 		matched: true,
 		reason: "phase/section header"
 	};
-	if (block.kind === "line" && block.prose.length === 1 && isBareSectionLabel(block.prose[0]) && !nextLineLooksLikeDataEntry(block.nextNonBlankLine) && !looksLikeDeclarationPreamble(block.nextNonBlankLine, ext)) return {
-		matched: true,
-		reason: "bare section label"
-	};
 	const joined = block.prose.join(" ");
 	const hasWhyMarker = EXPLANATORY_WHY_MARKERS.test(joined);
 	if (hasWhyMarker || hasDocIndicator(block)) return {
@@ -3183,17 +3432,11 @@ const detectNarrativeInBlock = (block, ext) => {
 	};
 	const nonEmptyProseCount = block.prose.filter((l) => l.length > 0).length;
 	const isAboveDeclaration = looksLikeDeclarationPreamble(block.nextNonBlankLine, ext);
-	if (nonEmptyProseCount >= 5) {
-		if (isAboveDeclaration) return {
-			matched: false,
-			reason: ""
-		};
-		return {
-			matched: true,
-			reason: "long narrative block"
-		};
-	}
-	if (nonEmptyProseCount >= 3 && !hasWhyMarker && block.kind === "line" && !isAboveDeclaration) return {
+	if (nonEmptyProseCount >= 5 && !isAboveDeclaration && hasPreambleSlopSignal(block)) return {
+		matched: true,
+		reason: "long narrative block"
+	};
+	if (nonEmptyProseCount >= 3 && !hasWhyMarker && block.kind === "line" && !isAboveDeclaration && hasPreambleSlopSignal(block)) return {
 		matched: true,
 		reason: "multi-line narrative prose"
 	};
@@ -3627,7 +3870,7 @@ const detectRustPatterns = async (context) => {
 
 //#endregion
 //#region src/engines/ai-slop/silent-recovery.ts
-const JS_EXTS$1 = new Set([
+const JS_EXTS = new Set([
 	".ts",
 	".tsx",
 	".js",
@@ -3635,7 +3878,14 @@ const JS_EXTS$1 = new Set([
 	".mjs",
 	".cjs"
 ]);
-const CATCH_HEAD_RE = /\bcatch\s*(?:\([^)]*\))?\s*\{/g;
+const CATCH_HEAD_RE = /\bcatch\s*(?:\(\s*([^)]*?)\s*\))?\s*\{/g;
+const isIdentifier = (s) => /^[A-Za-z_$][\w$]*$/.test(s);
+const recoveryDropsError = (binding, body) => {
+	const name = binding?.trim() ?? "";
+	if (name === "") return true;
+	if (!isIdentifier(name)) return false;
+	return !new RegExp(`\\b${name}\\b`).test(body);
+};
 const LOG_STATEMENT_RE = /^(?:console|[\w$]+(?:\.[\w$]+)*)\.(?:log|info|warn|warning|error|debug|trace)\s*\(/;
 const HANDLING_TOKEN_RE = /\b(?:throw|return|reject|next|process\.exit|continue|break)\b/;
 const stripBlockComments = (text) => text.replace(/\/\*[\s\S]*?\*\//g, "");
@@ -3685,14 +3935,15 @@ const detectJsSilentRecovery = (content, relPath) => {
 		const body = extractCatchBody(content, match.index + match[0].length - 1);
 		if (body === null) continue;
 		if (!isLogOnlyBody(body)) continue;
+		if (!recoveryDropsError(match[1], body)) continue;
 		const line = content.slice(0, match.index).split("\n").length;
 		out.push({
 			filePath: relPath,
 			engine: "ai-slop",
 			rule: "ai-slop/silent-recovery",
 			severity: "warning",
-			message: "Catch only logs then continues, leaving execution in a possibly broken state",
-			help: "Handle the error: rethrow, return an error value, or recover explicitly. Logging alone lets the program proceed as if nothing failed.",
+			message: "Catch logs without the caught error then continues; the failure cause is lost",
+			help: "Include the caught error in the log, or rethrow / recover explicitly, so the failure stays diagnosable.",
 			line,
 			column: 0,
 			category: "AI Slop",
@@ -3702,6 +3953,7 @@ const detectJsSilentRecovery = (content, relPath) => {
 	return out;
 };
 const PY_EXCEPT_RE = /^(\s*)except\b[^\n]*:\s*(?:#.*)?$/;
+const PY_EXCEPT_BINDING_RE = /\bas\s+(\w+)\s*:/;
 const PY_LOG_STATEMENT_RE = /^(?:logging|logger|log|self\.log|self\.logger|print)(?:\.(?:debug|info|warning|warn|error|exception|critical))?\s*\(/;
 const PY_HANDLING_TOKEN_RE = /^(?:raise\b|return\b|continue\b|break\b|self\.|[\w.]+\s*=)/;
 const detectPySilentRecovery = (content, relPath) => {
@@ -3725,13 +3977,14 @@ const detectPySilentRecovery = (content, relPath) => {
 		const allLogs = bodyLines.every((line) => PY_LOG_STATEMENT_RE.test(line) || /^[\w"'(),.\s+:%{}[\]-]+$/.test(line));
 		const sawLog = bodyLines.some((line) => PY_LOG_STATEMENT_RE.test(line));
 		if (!allLogs || !sawLog) continue;
+		if (!recoveryDropsError(PY_EXCEPT_BINDING_RE.exec(lines[i])?.[1], bodyLines.join(" "))) continue;
 		out.push({
 			filePath: relPath,
 			engine: "ai-slop",
 			rule: "ai-slop/silent-recovery",
 			severity: "warning",
-			message: "except only logs then continues, leaving execution in a possibly broken state",
-			help: "Handle the error: re-raise, return an error value, or recover explicitly. Logging alone lets the program proceed as if nothing failed.",
+			message: "except logs without the caught error then continues; the failure cause is lost",
+			help: "Include the caught error in the log, or re-raise / recover explicitly, so the failure stays diagnosable.",
 			line: i + 1,
 			column: 0,
 			category: "AI Slop",
@@ -3746,7 +3999,7 @@ const detectSilentRecovery = async (context) => {
 	for (const filePath of files) {
 		if (isAutoGenerated(filePath)) continue;
 		const ext = path.extname(filePath);
-		const isJs = JS_EXTS$1.has(ext);
+		const isJs = JS_EXTS.has(ext);
 		if (!isJs && !(ext === ".py")) continue;
 		const relPath = path.relative(context.rootDirectory, filePath);
 		if (isNonProductionPath(relPath)) continue;
@@ -3834,10 +4087,11 @@ const extractPyImportedSymbols = (lines) => {
 	const importLines = /* @__PURE__ */ new Set();
 	for (let i = 0; i < lines.length; i++) {
 		const trimmed = lines[i].trim();
-		const fromMatch = trimmed.match(/^from\s+[\w.]+\s+import\s+(.+)/);
+		const fromMatch = trimmed.match(/^from\s+([\w.]+)\s+import\s+(.+)/);
 		if (fromMatch) {
 			importLines.add(i);
-			const importPart = fromMatch[1].replace(/#.*$/, "").trim();
+			if (fromMatch[1] === "__future__") continue;
+			const importPart = fromMatch[2].replace(/#.*$/, "").trim();
 			if (importPart === "*") continue;
 			const cleaned = importPart.replace(/[()]/g, "");
 			for (const item of cleaned.split(",")) {
@@ -4225,12 +4479,92 @@ const findBraceFunctionEnd = (lines, startIndex) => {
 		maxNesting
 	};
 };
-const findPythonFunctionEnd = (lines, startIndex) => {
-	const baseIndent = lines[startIndex].match(/^(\s*)/)?.[1].length ?? 0;
-	let endLine = startIndex;
+const extractPythonSignature = (lines, startIndex) => {
+	let depth = 0;
+	let started = false;
+	let params = "";
+	for (let j = startIndex; j < lines.length; j++) {
+		const l = lines[j];
+		for (let ci = 0; ci < l.length; ci++) {
+			const ch = l[ci];
+			if (ch === "(") {
+				depth++;
+				if (depth === 1 && !started) {
+					started = true;
+					continue;
+				}
+			} else if (ch === ")") {
+				depth--;
+				if (depth === 0) return {
+					params,
+					sigEndIndex: j
+				};
+			}
+			if (started) params += ch;
+		}
+		if (started) params += " ";
+	}
+	return {
+		params,
+		sigEndIndex: startIndex
+	};
+};
+const countPythonParams = (signature) => {
+	let depth = 0;
+	const parts = [];
+	let current = "";
+	for (const ch of signature) {
+		if (ch === "(" || ch === "[" || ch === "{") depth++;
+		else if (ch === ")" || ch === "]" || ch === "}") depth--;
+		if (ch === "," && depth === 0) {
+			parts.push(current);
+			current = "";
+			continue;
+		}
+		current += ch;
+	}
+	parts.push(current);
+	let count = 0;
+	for (const raw of parts) {
+		const p = raw.trim();
+		if (p.length === 0 || p === "*" || p === "/") continue;
+		if (p.startsWith("*")) continue;
+		if (p.includes("=")) continue;
+		const name = p.split(":")[0].trim();
+		if (name === "self" || name === "cls") continue;
+		count++;
+	}
+	return count;
+};
+const countPythonBodyCodeLines = (lines, sigEndIndex, endLine) => {
+	let count = 0;
+	let inDoc = false;
+	let delim = "";
+	for (let j = sigEndIndex + 1; j <= endLine && j < lines.length; j++) {
+		const t = lines[j].trim();
+		if (inDoc) {
+			if (t.includes(delim)) inDoc = false;
+			continue;
+		}
+		if (t === "" || t.startsWith("#")) continue;
+		const opener = t.startsWith("\"\"\"") ? "\"\"\"" : t.startsWith("'''") ? "'''" : "";
+		if (opener) {
+			if (!t.slice(3).includes(opener)) {
+				inDoc = true;
+				delim = opener;
+			}
+			continue;
+		}
+		count++;
+	}
+	return count;
+};
+const findPythonFunctionEnd = (lines, defIndex, bodyStartIndex) => {
+	const baseIndent = lines[defIndex].match(/^(\s*)/)?.[1].length ?? 0;
+	let endLine = bodyStartIndex;
 	let maxNesting = 0;
 	const controlIndentStack = [];
-	for (let j = startIndex + 1; j < lines.length; j++) {
+	for (let j = bodyStartIndex + 1; j < lines.length; j++) {
 		const l = lines[j];
 		if (l.trim() === "") {
 			endLine = j;
@@ -4252,7 +4586,10 @@ const findPythonFunctionEnd = (lines, startIndex) => {
 	};
 };
 const findFunctionEnd = (lines, startIndex, isPython) => {
-	if (isPython) return findPythonFunctionEnd(lines, startIndex);
+	if (isPython) {
+		const { sigEndIndex } = extractPythonSignature(lines, startIndex);
+		return findPythonFunctionEnd(lines, startIndex, sigEndIndex);
+	}
 	return findBraceFunctionEnd(lines, startIndex);
 };
 const isBlockArrow = (lines, startIndex) => {
@@ -4317,7 +4654,7 @@ const FUNCTION_PATTERNS = [
 		]
 	},
 	{
-		regex: /^\s*def\s+(\w+)\s*\(([^)]*)\)/,
+		regex: /^\s*(?:async\s+)?def\s+(\w+)\s*\(/,
 		langFilter: [".py"]
 	},
 	{
@@ -4374,14 +4711,23 @@ const analyzeFunctions = (content, ext) => {
 		const isPython = fnMatch.patternIndex === 2;
 		if (fnMatch.patternIndex === 1 && !isBlockArrow(lines, i)) continue;
 		const { endLine, maxNesting } = findFunctionEnd(lines, i, isPython);
-		const bodyLines = lines.slice(i + 1, endLine);
-		const templateLines = isPython ? 0 : countTemplateLines(bodyLines);
+		let templateLines;
+		let paramCount;
+		if (isPython) {
+			const sig = extractPythonSignature(lines, i);
+			const codeLines = countPythonBodyCodeLines(lines, sig.sigEndIndex, endLine);
+			templateLines = endLine - i + 1 - codeLines;
+			paramCount = countPythonParams(sig.params);
+		} else {
+			templateLines = countTemplateLines(lines.slice(i + 1, endLine));
+			paramCount = countParams(fnMatch.params);
+		}
 		functions.push({
 			name: fnMatch.name,
 			startLine: i + 1,
 			lineCount: endLine - i + 1,
 			maxNesting,
-			paramCount: countParams(fnMatch.params),
+			paramCount,
 			templateLines
 		});
 	}
@@ -6591,212 +6937,6 @@ const runCargoAudit = async (rootDir, timeout) => {
 	}
 };
 
-//#endregion
-//#region src/utils/source-masker.ts
-const JS_EXTS = new Set([
-	".ts",
-	".tsx",
-	".js",
-	".jsx",
-	".mjs",
-	".cjs"
-]);
-const PY_EXTS = new Set([".py"]);
-const RB_EXTS = new Set([".rb"]);
-const PHP_EXTS = new Set([".php"]);
-const familyForExt = (ext) => {
-	if (JS_EXTS.has(ext)) return "js";
-	if (PY_EXTS.has(ext)) return "py";
-	if (RB_EXTS.has(ext)) return "rb";
-	if (PHP_EXTS.has(ext)) return "php";
-	return "none";
-};
-const maskStringsAndComments = (content, ext) => {
-	const family = familyForExt(ext);
-	if (family === "none") return content;
-	if (family === "js") return maskJs(content);
-	return maskSimple(content, family);
-};
-const handleQuotesAndComments = (content, i, tplStack, mask) => {
-	const len = content.length;
-	const c = content[i];
-	const next = content[i + 1];
-	if (c === "\"" || c === "'") {
-		const strStart = i;
-		const end = consumeQuotedString(content, i, c);
-		mask(strStart + 1, end - 1);
-		return {
-			handled: true,
-			nextI: end
-		};
-	}
-	if (c === "`") {
-		const scan = consumeTemplateString(content, i + 1);
-		mask(i + 1, scan.maskEnd);
-		if (scan.openedInterp) tplStack.push(0);
-		return {
-			handled: true,
-			nextI: scan.resumeAt
-		};
-	}
-	if (c === "/" && next === "/") {
-		const strStart = i;
-		let k = i;
-		while (k < len && content[k] !== "\n") k++;
-		mask(strStart, k);
-		return {
-			handled: true,
-			nextI: k
-		};
-	}
-	if (c === "/" && next === "*") {
-		const strStart = i;
-		let k = i + 2;
-		while (k < len - 1 && !(content[k] === "*" && content[k + 1] === "/")) k++;
-		if (k < len - 1) k += 2;
-		mask(strStart, k);
-		return {
-			handled: true,
-			nextI: k
-		};
-	}
-	return {
-		handled: false,
-		nextI: i
-	};
-};
-const maskJs = (content) => {
-	const out = content.split("");
-	const len = content.length;
-	const tplStack = [];
-	let i = 0;
-	const mask = (start, end) => {
-		for (let k = start; k < end; k++) if (out[k] !== "\n") out[k] = " ";
-	};
-	while (i < len) {
-		const c = content[i];
-		if (tplStack.length > 0) {
-			if (c === "{") {
-				tplStack[tplStack.length - 1]++;
-				i++;
-				continue;
-			}
-			if (c === "}") {
-				if (tplStack[tplStack.length - 1] === 0) {
-					tplStack.pop();
-					const scan = consumeTemplateString(content, i + 1);
-					mask(i + 1, scan.maskEnd);
-					if (scan.openedInterp) tplStack.push(0);
-					i = scan.resumeAt;
-					continue;
-				}
-				tplStack[tplStack.length - 1]--;
-				i++;
-				continue;
-			}
-		}
-		const handled = handleQuotesAndComments(content, i, tplStack, mask);
-		if (handled.handled) {
-			i = handled.nextI;
-			continue;
-		}
-		i++;
-	}
-	return out.join("");
-};
-const consumeQuotedString = (content, start, quote) => {
-	const len = content.length;
-	let i = start + 1;
-	while (i < len) {
-		const c = content[i];
-		if (c === "\\" && i + 1 < len) {
-			i += 2;
-			continue;
-		}
-		if (c === quote) return i + 1;
-		if (c === "\n") return i;
-		i++;
-	}
-	return i;
-};
-const consumeTemplateString = (content, start) => {
-	const len = content.length;
-	let i = start;
-	while (i < len) {
-		const c = content[i];
-		if (c === "\\" && i + 1 < len) {
-			i += 2;
-			continue;
-		}
-		if (c === "`") return {
-			maskEnd: i,
-			resumeAt: i + 1,
-			openedInterp: false
-		};
-		if (c === "$" && content[i + 1] === "{") return {
-			maskEnd: i,
-			resumeAt: i + 2,
-			openedInterp: true
-		};
-		i++;
-	}
-	return {
-		maskEnd: i,
-		resumeAt: i,
-		openedInterp: false
-	};
-};
-const maskSimple = (content, family) => {
-	const out = content.split("");
-	const len = content.length;
-	let i = 0;
-	const mask = (start, end) => {
-		for (let k = start; k < end; k++) if (out[k] !== "\n") out[k] = " ";
-	};
-	while (i < len) {
-		const c = content[i];
-		const next = content[i + 1];
-		if (family === "py" && (c === "\"" || c === "'")) {
-			if (content[i + 1] === c && content[i + 2] === c) {
-				const triple = c + c + c;
-				const end = content.indexOf(triple, i + 3);
-				const stop = end === -1 ? len : end + 3;
-				mask(i + 3, stop - 3);
-				i = stop;
-				continue;
-			}
-		}
-		if (c === "\"" || c === "'") {
-			const strStart = i;
-			i = consumeQuotedString(content, i, c);
-			mask(strStart + 1, i - 1);
-			continue;
-		}
-		if ((family === "py" || family === "rb" || family === "php") && c === "#") {
-			const strStart = i;
-			while (i < len && content[i] !== "\n") i++;
-			mask(strStart, i);
-			continue;
-		}
-		if (family === "php" && c === "/" && next === "/") {
-			const strStart = i;
-			while (i < len && content[i] !== "\n") i++;
-			mask(strStart, i);
-			continue;
-		}
-		if (family === "php" && c === "/" && next === "*") {
-			const strStart = i;
-			i += 2;
-			while (i < len - 1 && !(content[i] === "*" && content[i + 1] === "/")) i++;
-			if (i < len - 1) i += 2;
-			mask(strStart, i);
-			continue;
-		}
-		i++;
-	}
-	return out.join("");
-};
-
 //#endregion
 //#region src/engines/security/risky.ts
 const ev = "eval";
@@ -7071,6 +7211,7 @@ const scanSecrets = async (context) => {
 		} catch {
 			continue;
 		}
+		content = maskComments(content, path.extname(filePath));
 		const relativePath = path.relative(context.rootDirectory, filePath);
 		for (const { pattern, name, keywordPrefixed } of SECRET_PATTERNS) {
 			const regex = new RegExp(pattern.source, pattern.flags);
@@ -7159,6 +7300,13 @@ const runEngines = async (context, enabledEngines, onStart, onComplete) => {
 //#endregion
 //#region src/scoring/index.ts
 const PERFECT_SCORE = 100;
+const STYLE_RULES = new Set([
+	"ai-slop/trivial-comment",
+	"ai-slop/narrative-comment",
+	"complexity/file-too-large",
+	"complexity/function-too-long"
+]);
+const STYLE_WEIGHT = .5;
 const getEffectiveFileCount = (diagnostics, sourceFileCount) => {
 	if (typeof sourceFileCount === "number" && sourceFileCount > 0) return sourceFileCount;
 	const filesWithDiagnostics = new Set(diagnostics.map((d) => d.filePath)).size;
@@ -7173,7 +7321,8 @@ const calculateScore = (diagnostics, weights, thresholds, sourceFileCount, smoot
 	for (const d of diagnostics) {
 		const engineWeight = weights[d.engine] ?? 1;
 		const severityPenalty = d.severity === "error" ? 3 : d.severity === "warning" ? 1 : .25;
-		deductions += severityPenalty * engineWeight;
+		const styleFactor = STYLE_RULES.has(d.rule) ? STYLE_WEIGHT : 1;
+		deductions += severityPenalty * engineWeight * styleFactor;
 	}
 	const effectiveFileCount = getEffectiveFileCount(diagnostics, sourceFileCount);
 	const smoothingConstant = typeof smoothing === "number" ? smoothing : 10;
@@ -11684,7 +11833,7 @@ const runNpmAuditFix = async (rootDir, onProgress) => {
 	});
 	if (installResult.exitCode !== 0) throw new Error(installResult.stderr || installResult.stdout || "npm install failed after audit fix");
 };
-const fetchLatestVersion = async (rootDir, pkgName, pm) => {
+const fetchLatestVersion$1 = async (rootDir, pkgName, pm) => {
 	try {
 		const result = await runSubprocess(pm, [
 			"view",
@@ -11704,7 +11853,7 @@ const collectOverrides = async (rootDir, vulnerabilities, pm) => {
 	const overrides = {};
 	for (const [pkgName, vuln] of Object.entries(vulnerabilities)) {
 		if (vuln.fixAvailable !== false || !vuln.range) continue;
-		const latest = await fetchLatestVersion(rootDir, pkgName, pm);
+		const latest = await fetchLatestVersion$1(rootDir, pkgName, pm);
 		if (latest) overrides[pkgName] = latest;
 	}
 	return overrides;
@@ -12667,6 +12816,86 @@ const trendCommand = (directory, limit) => {
 	}));
 };
 
+//#endregion
+//#region src/update-notifier.ts
+const REGISTRY_URL = "https://registry.npmjs.org/aislop/latest";
+const CHECK_INTERVAL_MS = 1440 * 60 * 1e3;
+const REQUEST_TIMEOUT_MS = 2e3;
+const CACHE_BASENAME = "update_check.json";
+const isUpdateNotifierDisabled = (env = process.env) => {
+	if (env.AISLOP_NO_UPDATE_NOTIFIER === "1") return true;
+	if (env.NO_UPDATE_NOTIFIER === "1") return true;
+	if (env.DO_NOT_TRACK === "1") return true;
+	return isCiEnv(env);
+};
+const resolveUpdateCachePath = (homedir = os.homedir(), env = process.env) => {
+	if (process.platform === "linux" && env.XDG_STATE_HOME) return path.join(env.XDG_STATE_HOME, "aislop", CACHE_BASENAME);
+	return path.join(homedir, ".aislop", CACHE_BASENAME);
+};
+const parseVersion = (raw) => {
+	const m = raw.trim().replace(/^v/, "").split(/[-+]/, 1)[0].match(/^(\d+)\.(\d+)\.(\d+)$/);
+	if (!m) return null;
+	return {
+		major: Number(m[1]),
+		minor: Number(m[2]),
+		patch: Number(m[3])
+	};
+};
+const isOutdated = (current, latest) => {
+	const c = parseVersion(current);
+	const l = parseVersion(latest);
+	if (!c || !l) return false;
+	if (l.major !== c.major) return l.major > c.major;
+	if (l.minor !== c.minor) return l.minor > c.minor;
+	return l.patch > c.patch;
+};
+const formatUpdateNotice = (current, latest) => `\nUpdate available: ${current} -> ${latest}. Run npx aislop@latest to upgrade.\n`;
+const readCache = (cachePath) => {
+	try {
+		const parsed = JSON.parse(fs.readFileSync(cachePath, "utf-8"));
+		if (typeof parsed?.latest === "string" && typeof parsed?.checkedAt === "number") return {
+			latest: parsed.latest,
+			checkedAt: parsed.checkedAt
+		};
+		return null;
+	} catch {
+		return null;
+	}
+};
+const writeCache = (cachePath, cache) => {
+	try {
+		fs.mkdirSync(path.dirname(cachePath), { recursive: true });
+		fs.writeFileSync(cachePath, JSON.stringify(cache));
+		return true;
+	} catch {
+		return false;
+	}
+};
+const fetchLatestVersion = async () => {
+	try {
+		const res = await fetch(REGISTRY_URL, { signal: AbortSignal.timeout(REQUEST_TIMEOUT_MS) });
+		if (!res.ok) return null;
+		const data = await res.json();
+		return typeof data.version === "string" ? data.version : null;
+	} catch {
+		return null;
+	}
+};
+const maybeNotifyUpdate = async (now = Date.now()) => {
+	if (isUpdateNotifierDisabled()) return;
+	if (!process.stderr.isTTY) return;
+	const cachePath = resolveUpdateCachePath();
+	const cache = readCache(cachePath);
+	if (cache && isOutdated(APP_VERSION, cache.latest)) process.stderr.write(formatUpdateNotice(APP_VERSION, cache.latest));
+	if (!cache || now - cache.checkedAt > CHECK_INTERVAL_MS) {
+		const latest = await fetchLatestVersion();
+		if (latest) writeCache(cachePath, {
+			latest,
+			checkedAt: now
+		});
+	}
+};
+
 //#endregion
 //#region src/cli.ts
 process.on("SIGINT", () => process.exit(0));
@@ -12920,6 +13149,7 @@ const main = async () => {
 	fireInstalledOnce();
 	await program.parseAsync();
 	await flushTelemetry();
+	await maybeNotifyUpdate();
 };
 main();