auditor-lambda 0.6.8 → 0.6.10

package/dist/extractors/graphSuites.js

@@ -0,0 +1,246 @@
+import { posix } from "node:path";
+import { graphEdge, isJsonSchemaPath, isPytestConftestPath, normalizeGraphPath, resolveCandidate, STRING_LITERAL_PATTERN, } from "./graphPathUtils.js";
+import { isTestPath, normalizeExtractorPath } from "./pathPatterns.js";
+const JSON_SCHEMA_REF_EDGE_CONFIDENCE = 0.93;
+const SCHEMA_CONTRACT_TEST_EDGE_CONFIDENCE = 0.86;
+const SCHEMA_SUITE_EDGE_CONFIDENCE = 0.78;
+const GITHUB_WORKFLOW_SUITE_EDGE_CONFIDENCE = 0.78;
+const PACKAGE_SCRIPT_SUITE_EDGE_CONFIDENCE = 0.78;
+const TYPESCRIPT_TYPE_SUITE_EDGE_CONFIDENCE = 0.78;
+const PYTHON_TEST_UTIL_SUITE_EDGE_CONFIDENCE = 0.72;
+const PYTHON_TEST_UTIL_SEGMENT_NAMES = new Set(["utils", "helpers", "support"]);
+const MAX_BOUNDED_SUITE_EDGE_FILES = 12;
+const MAX_BOUNDED_TYPE_SUITE_EDGE_FILES = 16;
+const MAX_TYPE_CONTRACT_SOURCE_BYTES = 64 * 1024;
+const TYPESCRIPT_TYPE_CONTRACT_EXTENSIONS = [
+    ".ts",
+    ".tsx",
+    ".mts",
+    ".cts",
+];
+const PACKAGE_SCRIPT_SUITE_EXTENSIONS = [
+    ".js",
+    ".jsx",
+    ".mjs",
+    ".cjs",
+    ".ts",
+    ".tsx",
+    ".mts",
+    ".cts",
+];
+function collectJsonSchemaRefs(value, refs) {
+    if (Array.isArray(value)) {
+        for (const item of value) {
+            collectJsonSchemaRefs(item, refs);
+        }
+        return;
+    }
+    if (value === null || typeof value !== "object") {
+        return;
+    }
+    for (const [key, item] of Object.entries(value)) {
+        if (key === "$ref" && typeof item === "string" && item.trim().length > 0) {
+            refs.add(item.trim());
+            continue;
+        }
+        collectJsonSchemaRefs(item, refs);
+    }
+}
+function resolveJsonSchemaRef(fromPath, ref, pathLookup) {
+    const targetSpecifier = (ref.split("#", 1)[0] ?? "").trim();
+    if (targetSpecifier.length === 0) {
+        return undefined;
+    }
+    const normalizedSpecifier = normalizeGraphPath(targetSpecifier);
+    if (normalizedSpecifier.startsWith("/") ||
+        /^[a-z][a-z0-9+.-]*:/i.test(normalizedSpecifier)) {
+        return undefined;
+    }
+    const baseDir = posix.dirname(normalizeGraphPath(fromPath));
+    const candidate = targetSpecifier.startsWith(".") || !normalizedSpecifier.includes("/")
+        ? posix.join(baseDir, normalizedSpecifier)
+        : normalizedSpecifier;
+    return resolveCandidate(candidate, pathLookup);
+}
+export function extractJsonSchemaReferenceEdges(fromPath, content, pathLookup) {
+    if (!isJsonSchemaPath(fromPath)) {
+        return [];
+    }
+    let parsed;
+    try {
+        parsed = JSON.parse(content);
+    }
+    catch {
+        return [];
+    }
+    const refs = new Set();
+    collectJsonSchemaRefs(parsed, refs);
+    const edges = [];
+    for (const ref of refs) {
+        const target = resolveJsonSchemaRef(fromPath, ref, pathLookup);
+        if (!target || target === fromPath) {
+            continue;
+        }
+        edges.push(graphEdge({
+            from: fromPath,
+            to: target,
+            kind: "json-schema-ref",
+            confidence: JSON_SCHEMA_REF_EDGE_CONFIDENCE,
+            reason: `JSON Schema $ref '${ref}' resolves to '${target}'.`,
+        }));
+    }
+    return edges;
+}
+export function extractSchemaContractTestEdges(fromPath, content, pathLookup) {
+    if (!isTestPath(normalizeExtractorPath(fromPath)) ||
+        !/schema/i.test(fromPath) ||
+        !/\.schema\.json/i.test(content)) {
+        return [];
+    }
+    const literalBasenames = new Set();
+    STRING_LITERAL_PATTERN.lastIndex = 0;
+    for (const match of content.matchAll(STRING_LITERAL_PATTERN)) {
+        const literal = match[1];
+        if (!literal || !literal.toLowerCase().endsWith(".schema.json")) {
+            continue;
+        }
+        literalBasenames.add(posix.basename(normalizeGraphPath(literal)).toLowerCase());
+    }
+    if (literalBasenames.size === 0 ||
+        literalBasenames.size > MAX_BOUNDED_SUITE_EDGE_FILES) {
+        return [];
+    }
+    const targets = [...new Set(pathLookup.values())]
+        .filter((path) => {
+        const normalized = normalizeGraphPath(path);
+        return (isJsonSchemaPath(normalized) &&
+            literalBasenames.has(posix.basename(normalized).toLowerCase()));
+    })
+        .sort((a, b) => a.localeCompare(b));
+    if (targets.length > MAX_BOUNDED_SUITE_EDGE_FILES) {
+        return [];
+    }
+    return targets.map((target) => graphEdge({
+        from: fromPath,
+        to: target,
+        kind: "schema-contract-test-link",
+        confidence: SCHEMA_CONTRACT_TEST_EDGE_CONFIDENCE,
+        reason: `Schema contract test references '${posix.basename(target)}'.`,
+    }));
+}
+function isGithubWorkflowPath(path) {
+    const normalized = normalizeGraphPath(path).toLowerCase();
+    return (normalized.startsWith(".github/workflows/") &&
+        (normalized.endsWith(".yml") || normalized.endsWith(".yaml")));
+}
+function isTypescriptTypeContractPath(path, fileContents) {
+    const normalized = normalizeGraphPath(path);
+    const segments = normalized.split("/").filter(Boolean);
+    if (!segments.includes("types") ||
+        isTestPath(normalizeExtractorPath(normalized)) ||
+        !TYPESCRIPT_TYPE_CONTRACT_EXTENSIONS.some((extension) => normalized.endsWith(extension))) {
+        return false;
+    }
+    const content = fileContents[path];
+    if (!content || content.length > MAX_TYPE_CONTRACT_SOURCE_BYTES) {
+        return false;
+    }
+    return /\bexport\s+(?:declare\s+)?(?:interface|type|enum|const)\b/.test(content);
+}
+function packageScriptSuiteDirectories(graphEdges) {
+    const directories = new Set();
+    for (const edge of graphEdges) {
+        if (edge.kind !== "package-script-link") {
+            continue;
+        }
+        const directory = posix.dirname(normalizeGraphPath(edge.to));
+        const basename = posix.basename(directory);
+        if (basename === "scripts" || basename === "bin") {
+            directories.add(directory);
+        }
+    }
+    return directories;
+}
+function isPackageScriptSuitePath(path, suiteDirectories) {
+    const normalized = normalizeGraphPath(path);
+    return (suiteDirectories.has(posix.dirname(normalized)) &&
+        PACKAGE_SCRIPT_SUITE_EXTENSIONS.some((extension) => normalized.endsWith(extension)));
+}
+function isPythonTestUtilSuitePath(path) {
+    const normalized = normalizeGraphPath(path);
+    if (!normalized.endsWith(".py"))
+        return false;
+    if (isPytestConftestPath(normalized))
+        return false;
+    const dir = posix.dirname(normalized);
+    if (!PYTHON_TEST_UTIL_SEGMENT_NAMES.has(posix.basename(dir).toLowerCase()))
+        return false;
+    return isTestPath(normalizeExtractorPath(dir));
+}
+export function extractBoundedSuiteEdges(pathLookup, fileContents, graphEdges) {
+    const files = [...new Set(pathLookup.values())].sort((a, b) => a.localeCompare(b));
+    const edges = [];
+    const scriptSuiteDirectories = packageScriptSuiteDirectories(graphEdges);
+    const addSuiteEdges = (params) => {
+        const groups = new Map();
+        for (const file of files) {
+            if (!params.predicate(file)) {
+                continue;
+            }
+            const directory = posix.dirname(normalizeGraphPath(file));
+            const group = groups.get(directory) ?? [];
+            group.push(file);
+            groups.set(directory, group);
+        }
+        for (const [directory, group] of groups) {
+            const maxFiles = params.maxFiles ?? MAX_BOUNDED_SUITE_EDGE_FILES;
+            if (group.length < 2 ||
+                group.length > maxFiles) {
+                continue;
+            }
+            const suiteName = directory === "." ? "repository root" : directory;
+            for (let index = 1; index < group.length; index++) {
+                edges.push(graphEdge({
+                    from: group[index - 1],
+                    to: group[index],
+                    kind: params.kind,
+                    direction: "undirected",
+                    confidence: params.confidence,
+                    reason: `${params.label} suite '${suiteName}' groups ${group.length} related file(s).`,
+                }));
+            }
+        }
+    };
+    addSuiteEdges({
+        predicate: isJsonSchemaPath,
+        kind: "schema-suite-link",
+        confidence: SCHEMA_SUITE_EDGE_CONFIDENCE,
+        label: "JSON Schema",
+    });
+    addSuiteEdges({
+        predicate: isGithubWorkflowPath,
+        kind: "github-workflow-suite-link",
+        confidence: GITHUB_WORKFLOW_SUITE_EDGE_CONFIDENCE,
+        label: "GitHub Actions workflow",
+    });
+    addSuiteEdges({
+        predicate: (path) => isPackageScriptSuitePath(path, scriptSuiteDirectories),
+        kind: "package-script-suite-link",
+        confidence: PACKAGE_SCRIPT_SUITE_EDGE_CONFIDENCE,
+        label: "Package script",
+    });
+    addSuiteEdges({
+        predicate: (path) => isTypescriptTypeContractPath(path, fileContents),
+        kind: "typescript-type-suite-link",
+        confidence: TYPESCRIPT_TYPE_SUITE_EDGE_CONFIDENCE,
+        label: "TypeScript type contract",
+        maxFiles: MAX_BOUNDED_TYPE_SUITE_EDGE_FILES,
+    });
+    addSuiteEdges({
+        predicate: isPythonTestUtilSuitePath,
+        kind: "python-test-util-suite-link",
+        confidence: PYTHON_TEST_UTIL_SUITE_EDGE_CONFIDENCE,
+        label: "Python test utility",
+    });
+    return edges;
+}

package/dist/extractors/graphTestSources.d.ts

@@ -0,0 +1,2 @@
+import type { GraphEdge } from "@audit-tools/shared";
+export declare function extractTestSourceEdges(fromPath: string, pathLookup: Map<string, string>): GraphEdge[];

package/dist/extractors/graphTestSources.js

@@ -0,0 +1,102 @@
+import { posix } from "node:path";
+import { graphEdge, normalizeGraphPath, resolveCandidate, SOURCE_EXTENSIONS, } from "./graphPathUtils.js";
+import { isTestPath, normalizeExtractorPath } from "./pathPatterns.js";
+import { isPythonSourcePath } from "./graphPythonImports.js";
+const TEST_SOURCE_EDGE_CONFIDENCE = 0.88;
+const TOP_LEVEL_TEST_SEGMENTS = new Set(["test", "tests", "spec", "specs"]);
+const COLOCATED_TEST_SEGMENTS = new Set([
+    "__test__",
+    "__tests__",
+    "__spec__",
+    "__specs__",
+    "test",
+    "tests",
+    "spec",
+    "specs",
+]);
+function stripKnownSourceExtension(path) {
+    const lowerPath = path.toLowerCase();
+    const extension = SOURCE_EXTENSIONS.find((item) => lowerPath.endsWith(item));
+    if (!extension) {
+        return undefined;
+    }
+    return path.slice(0, -extension.length);
+}
+function stripTestSuffix(pathWithoutExtension) {
+    const stripped = pathWithoutExtension.replace(/[._-](?:test|spec)$/i, "");
+    return stripped === pathWithoutExtension ? undefined : stripped;
+}
+function stripPythonTestPrefix(pathWithoutExtension) {
+    const basename = posix.basename(pathWithoutExtension);
+    const match = /^test[._-](.+)$/i.exec(basename);
+    if (!match?.[1]) {
+        return undefined;
+    }
+    const directory = posix.dirname(pathWithoutExtension);
+    return directory === "." ? match[1] : posix.join(directory, match[1]);
+}
+function addTestSourceCandidatesForBase(basePath, candidates) {
+    candidates.add(basePath);
+    const parts = basePath.split("/").filter(Boolean);
+    const topLevelSegment = parts[0]?.toLowerCase();
+    if (topLevelSegment && TOP_LEVEL_TEST_SEGMENTS.has(topLevelSegment)) {
+        const mirroredParts = parts.slice(1);
+        if (mirroredParts.length > 0) {
+            candidates.add(posix.join("src", ...mirroredParts));
+        }
+    }
+    for (let index = 1; index < parts.length; index++) {
+        if (COLOCATED_TEST_SEGMENTS.has(parts[index].toLowerCase())) {
+            const colocatedParts = [
+                ...parts.slice(0, index),
+                ...parts.slice(index + 1),
+            ];
+            if (colocatedParts.length > 0) {
+                candidates.add(posix.join(...colocatedParts));
+            }
+        }
+    }
+}
+function testSourceCandidates(testPath) {
+    const normalizedPath = normalizeGraphPath(testPath);
+    const withoutExtension = stripKnownSourceExtension(normalizedPath);
+    if (!withoutExtension) {
+        return [];
+    }
+    const baseCandidates = new Set();
+    const withoutTestSuffix = stripTestSuffix(withoutExtension);
+    if (withoutTestSuffix) {
+        baseCandidates.add(withoutTestSuffix);
+    }
+    if (isPythonSourcePath(normalizedPath)) {
+        const withoutPythonPrefix = stripPythonTestPrefix(withoutExtension);
+        if (withoutPythonPrefix) {
+            baseCandidates.add(withoutPythonPrefix);
+        }
+    }
+    const candidates = new Set();
+    for (const basePath of baseCandidates) {
+        addTestSourceCandidatesForBase(basePath, candidates);
+    }
+    return [...candidates];
+}
+export function extractTestSourceEdges(fromPath, pathLookup) {
+    if (!isTestPath(normalizeExtractorPath(fromPath))) {
+        return [];
+    }
+    const edges = [];
+    for (const candidate of testSourceCandidates(fromPath)) {
+        const target = resolveCandidate(candidate, pathLookup);
+        if (!target || isTestPath(normalizeExtractorPath(target))) {
+            continue;
+        }
+        edges.push(graphEdge({
+            from: fromPath,
+            to: target,
+            kind: "test-source-link",
+            confidence: TEST_SOURCE_EDGE_CONFIDENCE,
+            reason: `Test path naming maps to source path '${target}'.`,
+        }));
+    }
+    return edges;
+}

package/dist/extractors/languageMap.generated.d.ts

@@ -0,0 +1 @@
+export declare const LANGUAGE_BY_EXTENSION: Record<string, string>;