camouf 0.1.0

package/dist/core/rules/builtin/layer-dependencies.rule.js

@@ -0,0 +1,102 @@
+/**
+ * Layer Dependencies Rule
+ *
+ * Validates architectural layer dependencies (e.g., presentation -> business -> data).
+ */
+export class LayerDependenciesRule {
+    id = 'layer-dependencies';
+    name = 'Layer Dependencies';
+    description = 'Validates architectural layer dependencies';
+    severity = 'error';
+    tags = ['architecture', 'layers', 'dependencies'];
+    config = {
+        enabled: true,
+        severity: 'error',
+        strictMode: true,
+        layers: [
+            {
+                name: 'presentation',
+                patterns: ['controller', 'handler', 'view', 'component', 'page'],
+                allowedDependencies: ['application', 'domain'],
+            },
+            {
+                name: 'application',
+                patterns: ['service', 'usecase', 'application'],
+                allowedDependencies: ['domain', 'infrastructure'],
+            },
+            {
+                name: 'domain',
+                patterns: ['entity', 'domain', 'model', 'aggregate', 'value-object'],
+                allowedDependencies: [],
+            },
+            {
+                name: 'infrastructure',
+                patterns: ['repository', 'adapter', 'infrastructure', 'persistence'],
+                allowedDependencies: ['domain'],
+            },
+        ],
+    };
+    configure(options) {
+        this.config = { ...this.config, ...options };
+    }
+    async check(context) {
+        const violations = [];
+        for (const nodeId of context.graph.nodes()) {
+            const node = context.getNodeData(nodeId);
+            if (!node)
+                continue;
+            const filePath = node.data.relativePath;
+            const sourceLayer = this.detectLayer(filePath);
+            if (!sourceLayer)
+                continue;
+            const successors = context.graph.successors(nodeId);
+            if (!successors)
+                continue;
+            for (const successor of successors) {
+                const targetNode = context.getNodeData(successor);
+                if (!targetNode)
+                    continue;
+                const targetPath = targetNode.data.relativePath;
+                const targetLayer = this.detectLayer(targetPath);
+                if (!targetLayer)
+                    continue;
+                if (sourceLayer.name === targetLayer.name)
+                    continue;
+                if (!this.isDependencyAllowed(sourceLayer, targetLayer.name)) {
+                    violations.push(this.createViolation(filePath, `Invalid layer dependency: ${sourceLayer.name} -> ${targetLayer.name}`, 1, `${sourceLayer.name} layer can only depend on: ${sourceLayer.allowedDependencies.join(', ') || 'none'}`));
+                }
+            }
+        }
+        return { violations };
+    }
+    detectLayer(filePath) {
+        const normalizedPath = filePath.toLowerCase().replace(/\\/g, '/');
+        for (const layer of this.config.layers || []) {
+            for (const pattern of layer.patterns) {
+                if (normalizedPath.includes(pattern)) {
+                    return layer;
+                }
+            }
+        }
+        return null;
+    }
+    isDependencyAllowed(sourceLayer, targetLayerName) {
+        if (!this.config.strictMode) {
+            return true;
+        }
+        return sourceLayer.allowedDependencies.includes(targetLayerName);
+    }
+    createViolation(file, message, line, suggestion) {
+        return {
+            id: `${this.id}-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`,
+            ruleId: this.id,
+            ruleName: this.name,
+            severity: 'error',
+            message,
+            file,
+            line,
+            suggestion,
+        };
+    }
+}
+//# sourceMappingURL=layer-dependencies.rule.js.map

package/dist/core/rules/builtin/layer-dependencies.rule.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"layer-dependencies.rule.js","sourceRoot":"","sources":["../../../../src/core/rules/builtin/layer-dependencies.rule.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAgBH,MAAM,OAAO,qBAAqB;IACvB,EAAE,GAAG,oBAAoB,CAAC;IAC1B,IAAI,GAAG,oBAAoB,CAAC;IAC5B,WAAW,GAAG,4CAA4C,CAAC;IAC3D,QAAQ,GAAG,OAAgB,CAAC;IAC5B,IAAI,GAAG,CAAC,cAAc,EAAE,QAAQ,EAAE,cAAc,CAAC,CAAC;IAEnD,MAAM,GAA4B;QACxC,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,OAAO;QACjB,UAAU,EAAE,IAAI;QAChB,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,cAAc;gBACpB,QAAQ,EAAE,CAAC,YAAY,EAAE,SAAS,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,CAAC;gBAChE,mBAAmB,EAAE,CAAC,aAAa,EAAE,QAAQ,CAAC;aAC/C;YACD;gBACE,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,CAAC,SAAS,EAAE,SAAS,EAAE,aAAa,CAAC;gBAC/C,mBAAmB,EAAE,CAAC,QAAQ,EAAE,gBAAgB,CAAC;aAClD;YACD;gBACE,IAAI,EAAE,QAAQ;gBACd,QAAQ,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,OAAO,EAAE,WAAW,EAAE,cAAc,CAAC;gBACpE,mBAAmB,EAAE,EAAE;aACxB;YACD;gBACE,IAAI,EAAE,gBAAgB;gBACtB,QAAQ,EAAE,CAAC,YAAY,EAAE,SAAS,EAAE,gBAAgB,EAAE,aAAa,CAAC;gBACpE,mBAAmB,EAAE,CAAC,QAAQ,CAAC;aAChC;SACF;KACF,CAAC;IAEF,SAAS,CAAC,OAAyC;QACjD,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,OAAO,EAAE,CAAC;IAC/C,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,OAAoB;QAC9B,MAAM,UAAU,GAAgB,EAAE,CAAC;QAEnC,KAAK,MAAM,MAAM,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC;YAC3C,MAAM,IAAI,GAAG,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YACzC,IAAI,CAAC,IAAI;gBAAE,SAAS;YAEpB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC;YACxC,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;YAC/C,IAAI,CAAC,WAAW;gBAAE,SAAS;YAE3B,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YACpD,IAAI,CAAC,UAAU;gBAAE,SAAS;YAE1B,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;gBACnC,MAAM,UAAU,GAAG,OAAO,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC;gBAClD,IAAI,CAAC,UAAU;oBAAE,SAAS;gBAE1B,MAAM,UAAU,GAAG,UAAU,CAAC,IAAI,CAAC,YAAY,CAAC;gBAChD,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC,UAAU,CAAC,CAAC;gBACjD,IAAI,CAAC,WAAW;oBAAE,SAAS;gBAE3B,IAAI,WAAW,CAAC,IAAI,KAAK,WAAW,CAAC,IAAI;oBAAE,SAAS;gBAEpD,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,WAAW,EAAE,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC7D,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAClC,QAAQ,EACR,6BAA6B,WAAW,CAAC,IAAI,OAAO,WAAW,CAAC,IAAI,EAAE,EACtE,CAAC,EACD,GAAG,WAAW,CAAC,IAAI,8BAA8B,WAAW,CAAC,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,MAAM,EAAE,CACxG,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,EAAE,UAAU,EAAE,CAAC;IACxB,CAAC;IAEO,WAAW,CAAC,QAAgB;QAClC,MAAM,cAAc,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAElE,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;YAC7C,KAAK,MAAM,OAAO,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;gBACrC,IAAI,cAAc,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;oBACrC,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,mBAAmB,CAAC,WAAwB,EAAE,eAAuB;QAC3E,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,WAAW,CAAC,mBAAmB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;IACnE,CAAC;IAEO,eAAe,CAAC,IAAY,EAAE,OAAe,EAAE,IAAY,EAAE,UAAmB;QACtF,OAAO;YACL,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;YACzE,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,QAAQ,EAAE,IAAI,CAAC,IAAI;YACnB,QAAQ,EAAE,OAAO;YACjB,OAAO;YACP,IAAI;YACJ,IAAI;YACJ,UAAU;SACX,CAAC;IACJ,CAAC;CACF"}

package/dist/core/rules/builtin/performance-antipatterns.rule.d.ts

@@ -0,0 +1,29 @@
+/**
+ * Performance Anti-patterns Rule
+ *
+ * Detects common performance anti-patterns in code.
+ */
+import { IRule, RuleContext, RuleConfig, RuleResult } from '../rule.interface.js';
+interface PerformanceConfig extends RuleConfig {
+    checkN1Queries?: boolean;
+    checkUnboundedLoops?: boolean;
+    checkMemoryLeaks?: boolean;
+    maxLoopDepth?: number;
+}
+export declare class PerformanceAntipatternsRule implements IRule {
+    readonly id = "performance-antipatterns";
+    readonly name = "Performance Anti-patterns";
+    readonly description = "Detects common performance anti-patterns in code";
+    readonly severity: "warning";
+    readonly tags: string[];
+    private config;
+    configure(options: Partial<PerformanceConfig>): void;
+    check(context: RuleContext): Promise<RuleResult>;
+    private checkN1QueryPattern;
+    private checkUnboundedLoops;
+    private checkMemoryLeakPatterns;
+    private checkSyncOperations;
+    private createViolation;
+}
+export {};
+//# sourceMappingURL=performance-antipatterns.rule.d.ts.map

package/dist/core/rules/builtin/performance-antipatterns.rule.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"performance-antipatterns.rule.d.ts","sourceRoot":"","sources":["../../../../src/core/rules/builtin/performance-antipatterns.rule.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAGlF,UAAU,iBAAkB,SAAQ,UAAU;IAC5C,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAC3B,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,qBAAa,2BAA4B,YAAW,KAAK;IACvD,QAAQ,CAAC,EAAE,8BAA8B;IACzC,QAAQ,CAAC,IAAI,+BAA+B;IAC5C,QAAQ,CAAC,WAAW,sDAAsD;IAC1E,QAAQ,CAAC,QAAQ,EAAG,SAAS,CAAU;IACvC,QAAQ,CAAC,IAAI,WAAqD;IAElE,OAAO,CAAC,MAAM,CAOZ;IAEF,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,iBAAiB,CAAC,GAAG,IAAI;IAI9C,KAAK,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC;IA0BtD,OAAO,CAAC,mBAAmB;IAmC3B,OAAO,CAAC,mBAAmB;IAoC3B,OAAO,CAAC,uBAAuB;IA+C/B,OAAO,CAAC,mBAAmB;IAuB3B,OAAO,CAAC,eAAe;CAYxB"}

package/dist/core/rules/builtin/performance-antipatterns.rule.js

@@ -0,0 +1,148 @@
+/**
+ * Performance Anti-patterns Rule
+ *
+ * Detects common performance anti-patterns in code.
+ */
+export class PerformanceAntipatternsRule {
+    id = 'performance-antipatterns';
+    name = 'Performance Anti-patterns';
+    description = 'Detects common performance anti-patterns in code';
+    severity = 'warning';
+    tags = ['performance', 'optimization', 'best-practices'];
+    config = {
+        enabled: true,
+        severity: 'warning',
+        checkN1Queries: true,
+        checkUnboundedLoops: true,
+        checkMemoryLeaks: true,
+        maxLoopDepth: 3,
+    };
+    configure(options) {
+        this.config = { ...this.config, ...options };
+    }
+    async check(context) {
+        const violations = [];
+        for (const nodeId of context.graph.nodes()) {
+            const node = context.getNodeData(nodeId);
+            if (!node)
+                continue;
+            const filePath = node.data.relativePath;
+            const content = context.fileContents?.get(filePath);
+            if (!content)
+                continue;
+            if (this.config.checkN1Queries) {
+                this.checkN1QueryPattern(filePath, content, violations);
+            }
+            if (this.config.checkUnboundedLoops) {
+                this.checkUnboundedLoops(filePath, content, violations);
+            }
+            if (this.config.checkMemoryLeaks) {
+                this.checkMemoryLeakPatterns(filePath, content, violations);
+            }
+            this.checkSyncOperations(filePath, content, violations);
+        }
+        return { violations };
+    }
+    checkN1QueryPattern(filePath, content, violations) {
+        const lines = content.split('\n');
+        let inLoop = false;
+        let loopStartLine = 0;
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            // Detect loop start
+            if (/\b(for|while|forEach|map|reduce|filter)\s*[\(\[]/.test(line)) {
+                inLoop = true;
+                loopStartLine = i + 1;
+            }
+            // Detect query/fetch inside loop
+            if (inLoop) {
+                if (/\.find\(|\.findOne\(|\.query\(|\.execute\(|await\s+fetch\(|axios\.\w+\(/.test(line)) {
+                    violations.push(this.createViolation(filePath, 'Potential N+1 query pattern detected', i + 1, 'Consider using batch queries, eager loading, or data loaders'));
+                }
+                // Detect loop end (simplified)
+                const openBraces = (line.match(/{/g) || []).length;
+                const closeBraces = (line.match(/}/g) || []).length;
+                if (closeBraces > openBraces) {
+                    inLoop = false;
+                }
+            }
+        }
+    }
+    checkUnboundedLoops(filePath, content, violations) {
+        const lines = content.split('\n');
+        let currentDepth = 0;
+        const maxDepth = this.config.maxLoopDepth || 3;
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            if (/\b(for|while|do)\s*[\(\{]/.test(line)) {
+                currentDepth++;
+                if (currentDepth > maxDepth) {
+                    violations.push(this.createViolation(filePath, `Deep nested loops detected (depth: ${currentDepth})`, i + 1, 'Consider refactoring to reduce loop nesting or use different algorithms'));
+                }
+            }
+            // Check for while(true) or infinite loops
+            if (/while\s*\(\s*true\s*\)|for\s*\(\s*;\s*;\s*\)/.test(line)) {
+                violations.push(this.createViolation(filePath, 'Potentially infinite loop detected', i + 1, 'Ensure proper exit conditions exist'));
+            }
+            if (line.includes('}')) {
+                currentDepth = Math.max(0, currentDepth - 1);
+            }
+        }
+    }
+    checkMemoryLeakPatterns(filePath, content, violations) {
+        const lines = content.split('\n');
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            // Check for event listeners without cleanup
+            if (/addEventListener\s*\(|\.on\s*\(/.test(line)) {
+                // Look for corresponding removeEventListener in the file
+                if (!content.includes('removeEventListener') && !content.includes('.off(')) {
+                    violations.push(this.createViolation(filePath, 'Event listener without apparent cleanup', i + 1, 'Ensure event listeners are removed in cleanup/unmount'));
+                }
+            }
+            // Check for setInterval without clearInterval
+            if (/setInterval\s*\(/.test(line)) {
+                if (!content.includes('clearInterval')) {
+                    violations.push(this.createViolation(filePath, 'setInterval without clearInterval', i + 1, 'Store interval ID and clear it during cleanup'));
+                }
+            }
+            // Check for large array accumulation in loops
+            if (/\.push\s*\(/.test(line) && /while|for/.test(content.substring(Math.max(0, content.indexOf(line) - 200), content.indexOf(line)))) {
+                // Check if there's no size limit
+                if (!/\.length\s*[<>]|\.slice\(|\.splice\(/.test(content)) {
+                    violations.push(this.createViolation(filePath, 'Array accumulation in loop without apparent size limit', i + 1, 'Consider adding size limits or using streaming'));
+                    break;
+                }
+            }
+        }
+    }
+    checkSyncOperations(filePath, content, violations) {
+        const lines = content.split('\n');
+        const syncPatterns = [
+            { pattern: /readFileSync\s*\(/, name: 'readFileSync' },
+            { pattern: /writeFileSync\s*\(/, name: 'writeFileSync' },
+            { pattern: /execSync\s*\(/, name: 'execSync' },
+            { pattern: /spawnSync\s*\(/, name: 'spawnSync' },
+        ];
+        for (let i = 0; i < lines.length; i++) {
+            for (const { pattern, name } of syncPatterns) {
+                if (pattern.test(lines[i])) {
+                    violations.push(this.createViolation(filePath, `Synchronous operation '${name}' may block event loop`, i + 1, `Consider using async version or worker threads`));
+                }
+            }
+        }
+    }
+    createViolation(file, message, line, suggestion) {
+        return {
+            id: `${this.id}-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`,
+            ruleId: this.id,
+            ruleName: this.name,
+            severity: 'warning',
+            message,
+            file,
+            line,
+            suggestion,
+        };
+    }
+}
+//# sourceMappingURL=performance-antipatterns.rule.js.map

package/dist/core/rules/builtin/performance-antipatterns.rule.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"performance-antipatterns.rule.js","sourceRoot":"","sources":["../../../../src/core/rules/builtin/performance-antipatterns.rule.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAYH,MAAM,OAAO,2BAA2B;IAC7B,EAAE,GAAG,0BAA0B,CAAC;IAChC,IAAI,GAAG,2BAA2B,CAAC;IACnC,WAAW,GAAG,kDAAkD,CAAC;IACjE,QAAQ,GAAG,SAAkB,CAAC;IAC9B,IAAI,GAAG,CAAC,aAAa,EAAE,cAAc,EAAE,gBAAgB,CAAC,CAAC;IAE1D,MAAM,GAAsB;QAClC,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,SAAS;QACnB,cAAc,EAAE,IAAI;QACpB,mBAAmB,EAAE,IAAI;QACzB,gBAAgB,EAAE,IAAI;QACtB,YAAY,EAAE,CAAC;KAChB,CAAC;IAEF,SAAS,CAAC,OAAmC;QAC3C,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,OAAO,EAAE,CAAC;IAC/C,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,OAAoB;QAC9B,MAAM,UAAU,GAAgB,EAAE,CAAC;QAEnC,KAAK,MAAM,MAAM,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC;YAC3C,MAAM,IAAI,GAAG,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YACzC,IAAI,CAAC,IAAI;gBAAE,SAAS;YAEpB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC;YACxC,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;YACpD,IAAI,CAAC,OAAO;gBAAE,SAAS;YAEvB,IAAI,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;gBAC/B,IAAI,CAAC,mBAAmB,CAAC,QAAQ,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;YAC1D,CAAC;YACD,IAAI,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC;gBACpC,IAAI,CAAC,mBAAmB,CAAC,QAAQ,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;YAC1D,CAAC;YACD,IAAI,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC;gBACjC,IAAI,CAAC,uBAAuB,CAAC,QAAQ,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;YAC9D,CAAC;YACD,IAAI,CAAC,mBAAmB,CAAC,QAAQ,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;QAC1D,CAAC;QAED,OAAO,EAAE,UAAU,EAAE,CAAC;IACxB,CAAC;IAEO,mBAAmB,CAAC,QAAgB,EAAE,OAAe,EAAE,UAAuB;QACpF,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,IAAI,MAAM,GAAG,KAAK,CAAC;QACnB,IAAI,aAAa,GAAG,CAAC,CAAC;QAEtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YAEtB,oBAAoB;YACpB,IAAI,kDAAkD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClE,MAAM,GAAG,IAAI,CAAC;gBACd,aAAa,GAAG,CAAC,GAAG,CAAC,CAAC;YACxB,CAAC;YAED,iCAAiC;YACjC,IAAI,MAAM,EAAE,CAAC;gBACX,IAAI,yEAAyE,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBACzF,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAClC,QAAQ,EACR,sCAAsC,EACtC,CAAC,GAAG,CAAC,EACL,8DAA8D,CAC/D,CAAC,CAAC;gBACL,CAAC;gBAED,+BAA+B;gBAC/B,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;gBACnD,MAAM,WAAW,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;gBACpD,IAAI,WAAW,GAAG,UAAU,EAAE,CAAC;oBAC7B,MAAM,GAAG,KAAK,CAAC;gBACjB,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAEO,mBAAmB,CAAC,QAAgB,EAAE,OAAe,EAAE,UAAuB;QACpF,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,IAAI,YAAY,GAAG,CAAC,CAAC;QACrB,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,IAAI,CAAC,CAAC;QAE/C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YAEtB,IAAI,2BAA2B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC3C,YAAY,EAAE,CAAC;gBACf,IAAI,YAAY,GAAG,QAAQ,EAAE,CAAC;oBAC5B,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAClC,QAAQ,EACR,sCAAsC,YAAY,GAAG,EACrD,CAAC,GAAG,CAAC,EACL,yEAAyE,CAC1E,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,0CAA0C;YAC1C,IAAI,8CAA8C,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC9D,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAClC,QAAQ,EACR,oCAAoC,EACpC,CAAC,GAAG,CAAC,EACL,qCAAqC,CACtC,CAAC,CAAC;YACL,CAAC;YAED,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACvB,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,YAAY,GAAG,CAAC,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;IACH,CAAC;IAEO,uBAAuB,CAAC,QAAgB,EAAE,OAAe,EAAE,UAAuB;QACxF,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YAEtB,4CAA4C;YAC5C,IAAI,iCAAiC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACjD,yDAAyD;gBACzD,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC3E,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAClC,QAAQ,EACR,yCAAyC,EACzC,CAAC,GAAG,CAAC,EACL,uDAAuD,CACxD,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,8CAA8C;YAC9C,IAAI,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;oBACvC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAClC,QAAQ,EACR,mCAAmC,EACnC,CAAC,GAAG,CAAC,EACL,+CAA+C,CAChD,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,8CAA8C;YAC9C,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,EAAE,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;gBACrI,iCAAiC;gBACjC,IAAI,CAAC,sCAAsC,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC1D,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAClC,QAAQ,EACR,wDAAwD,EACxD,CAAC,GAAG,CAAC,EACL,gDAAgD,CACjD,CAAC,CAAC;oBACH,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAEO,mBAAmB,CAAC,QAAgB,EAAE,OAAe,EAAE,UAAuB;QACpF,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,YAAY,GAAG;YACnB,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,cAAc,EAAE;YACtD,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,eAAe,EAAE;YACxD,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,UAAU,EAAE;YAC9C,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,WAAW,EAAE;SACjD,CAAC;QAEF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,YAAY,EAAE,CAAC;gBAC7C,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC3B,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAClC,QAAQ,EACR,0BAA0B,IAAI,wBAAwB,EACtD,CAAC,GAAG,CAAC,EACL,gDAAgD,CACjD,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAEO,eAAe,CAAC,IAAY,EAAE,OAAe,EAAE,IAAY,EAAE,UAAmB;QACtF,OAAO;YACL,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;YACzE,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,QAAQ,EAAE,IAAI,CAAC,IAAI;YACnB,QAAQ,EAAE,SAAS;YACnB,OAAO;YACP,IAAI;YACJ,IAAI;YACJ,UAAU;SACX,CAAC;IACJ,CAAC;CACF"}

package/dist/core/rules/builtin/resilience-patterns.rule.d.ts

@@ -0,0 +1,29 @@
+/**
+ * Resilience Patterns Rule
+ *
+ * Validates resilience patterns like circuit breaker, retry, and timeout.
+ */
+import { IRule, RuleContext, RuleConfig, RuleResult } from '../rule.interface.js';
+interface ResilienceConfig extends RuleConfig {
+    requireCircuitBreaker?: boolean;
+    requireRetry?: boolean;
+    requireTimeout?: boolean;
+    externalCallPatterns?: string[];
+}
+export declare class ResiliencePatternsRule implements IRule {
+    readonly id = "resilience-patterns";
+    readonly name = "Resilience Patterns";
+    readonly description = "Validates resilience patterns like circuit breaker, retry, and timeout";
+    readonly severity: "warning";
+    readonly tags: string[];
+    private config;
+    configure(options: Partial<ResilienceConfig>): void;
+    check(context: RuleContext): Promise<RuleResult>;
+    private checkExternalCalls;
+    private checkResiliencePatterns;
+    private checkErrorHandling;
+    private hasTimeout;
+    private createViolation;
+}
+export {};
+//# sourceMappingURL=resilience-patterns.rule.d.ts.map

package/dist/core/rules/builtin/resilience-patterns.rule.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"resilience-patterns.rule.d.ts","sourceRoot":"","sources":["../../../../src/core/rules/builtin/resilience-patterns.rule.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAIlF,UAAU,gBAAiB,SAAQ,UAAU;IAC3C,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,oBAAoB,CAAC,EAAE,MAAM,EAAE,CAAC;CACjC;AAED,qBAAa,sBAAuB,YAAW,KAAK;IAClD,QAAQ,CAAC,EAAE,yBAAyB;IACpC,QAAQ,CAAC,IAAI,yBAAyB;IACtC,QAAQ,CAAC,WAAW,4EAA4E;IAChG,QAAQ,CAAC,QAAQ,EAAG,SAAS,CAAU;IACvC,QAAQ,CAAC,IAAI,WAA6C;IAE1D,OAAO,CAAC,MAAM,CAOZ;IAEF,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,gBAAgB,CAAC,GAAG,IAAI;IAI7C,KAAK,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC;IAmBtD,OAAO,CAAC,kBAAkB;IA4B1B,OAAO,CAAC,uBAAuB;IA0C/B,OAAO,CAAC,kBAAkB;IAgC1B,OAAO,CAAC,UAAU;IAYlB,OAAO,CAAC,eAAe;CAYxB"}

package/dist/core/rules/builtin/resilience-patterns.rule.js

@@ -0,0 +1,123 @@
+/**
+ * Resilience Patterns Rule
+ *
+ * Validates resilience patterns like circuit breaker, retry, and timeout.
+ */
+import * as path from 'path';
+export class ResiliencePatternsRule {
+    id = 'resilience-patterns';
+    name = 'Resilience Patterns';
+    description = 'Validates resilience patterns like circuit breaker, retry, and timeout';
+    severity = 'warning';
+    tags = ['resilience', 'reliability', 'patterns'];
+    config = {
+        enabled: true,
+        severity: 'warning',
+        requireCircuitBreaker: true,
+        requireRetry: true,
+        requireTimeout: true,
+        externalCallPatterns: ['fetch', 'axios', 'http', 'request', 'got'],
+    };
+    configure(options) {
+        this.config = { ...this.config, ...options };
+    }
+    async check(context) {
+        const violations = [];
+        for (const nodeId of context.graph.nodes()) {
+            const node = context.getNodeData(nodeId);
+            if (!node)
+                continue;
+            const filePath = node.data.relativePath;
+            const content = context.fileContents?.get(filePath);
+            if (!content)
+                continue;
+            this.checkExternalCalls(filePath, content, violations);
+            this.checkResiliencePatterns(filePath, content, violations);
+            this.checkErrorHandling(filePath, content, violations);
+        }
+        return { violations };
+    }
+    checkExternalCalls(filePath, content, violations) {
+        const lines = content.split('\n');
+        const callPatterns = this.config.externalCallPatterns || [];
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            for (const pattern of callPatterns) {
+                const regex = new RegExp(`\\b${pattern}\\s*[\\(.]`, 'i');
+                if (regex.test(line)) {
+                    // Check for timeout in surrounding context
+                    const contextStart = Math.max(0, i - 10);
+                    const contextEnd = Math.min(lines.length, i + 10);
+                    const context = lines.slice(contextStart, contextEnd).join('\n');
+                    if (this.config.requireTimeout && !this.hasTimeout(context)) {
+                        violations.push(this.createViolation(filePath, `External call without timeout configuration`, i + 1, 'Add timeout to external service calls'));
+                    }
+                }
+            }
+        }
+    }
+    checkResiliencePatterns(filePath, content, violations) {
+        const fileName = path.basename(filePath).toLowerCase();
+        // Skip if not a service or client file
+        if (!fileName.includes('service') && !fileName.includes('client') && !fileName.includes('adapter')) {
+            return;
+        }
+        const hasExternalCalls = this.config.externalCallPatterns?.some(p => content.toLowerCase().includes(p));
+        if (!hasExternalCalls)
+            return;
+        const hasCircuitBreaker = content.includes('circuitBreaker') ||
+            content.includes('CircuitBreaker') ||
+            content.includes('@CircuitBreaker');
+        const hasRetry = content.includes('retry') ||
+            content.includes('Retry') ||
+            content.includes('@Retryable') ||
+            content.includes('maxRetries');
+        if (this.config.requireCircuitBreaker && !hasCircuitBreaker) {
+            violations.push(this.createViolation(filePath, 'Service with external calls missing circuit breaker', 1, 'Implement circuit breaker pattern for fault tolerance'));
+        }
+        if (this.config.requireRetry && !hasRetry) {
+            violations.push(this.createViolation(filePath, 'Service with external calls missing retry logic', 1, 'Implement retry with exponential backoff for transient failures'));
+        }
+    }
+    checkErrorHandling(filePath, content, violations) {
+        const lines = content.split('\n');
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            // Check for empty catch blocks
+            if (/catch\s*\([^)]*\)\s*\{\s*\}/.test(line) ||
+                (/catch\s*\([^)]*\)\s*\{/.test(line) && lines[i + 1]?.trim() === '}')) {
+                violations.push(this.createViolation(filePath, 'Empty catch block swallows errors silently', i + 1, 'Log the error or handle it appropriately'));
+            }
+            // Check for catch blocks that only console.log
+            if (/catch\s*\([^)]*\)\s*\{/.test(line)) {
+                const nextLines = lines.slice(i + 1, i + 4).join('\n');
+                if (/console\.(log|error)/.test(nextLines) && !/throw|return|reject/.test(nextLines)) {
+                    violations.push(this.createViolation(filePath, 'Catch block only logs error without proper handling', i + 1, 'Consider rethrowing, returning error result, or using circuit breaker'));
+                }
+            }
+        }
+    }
+    hasTimeout(context) {
+        const timeoutPatterns = [
+            /timeout/i,
+            /AbortController/,
+            /signal/,
+            /deadline/i,
+            /\d+\s*\*\s*1000/, // Common timeout patterns like 30 * 1000
+        ];
+        return timeoutPatterns.some(p => p.test(context));
+    }
+    createViolation(file, message, line, suggestion) {
+        return {
+            id: `${this.id}-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`,
+            ruleId: this.id,
+            ruleName: this.name,
+            severity: 'warning',
+            message,
+            file,
+            line,
+            suggestion,
+        };
+    }
+}
+//# sourceMappingURL=resilience-patterns.rule.js.map

package/dist/core/rules/builtin/resilience-patterns.rule.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"resilience-patterns.rule.js","sourceRoot":"","sources":["../../../../src/core/rules/builtin/resilience-patterns.rule.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAS7B,MAAM,OAAO,sBAAsB;IACxB,EAAE,GAAG,qBAAqB,CAAC;IAC3B,IAAI,GAAG,qBAAqB,CAAC;IAC7B,WAAW,GAAG,wEAAwE,CAAC;IACvF,QAAQ,GAAG,SAAkB,CAAC;IAC9B,IAAI,GAAG,CAAC,YAAY,EAAE,aAAa,EAAE,UAAU,CAAC,CAAC;IAElD,MAAM,GAAqB;QACjC,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,SAAS;QACnB,qBAAqB,EAAE,IAAI;QAC3B,YAAY,EAAE,IAAI;QAClB,cAAc,EAAE,IAAI;QACpB,oBAAoB,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,KAAK,CAAC;KACnE,CAAC;IAEF,SAAS,CAAC,OAAkC;QAC1C,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,OAAO,EAAE,CAAC;IAC/C,CAAC;IAED,KAAK,CAAC,KAAK,CAAC,OAAoB;QAC9B,MAAM,UAAU,GAAgB,EAAE,CAAC;QAEnC,KAAK,MAAM,MAAM,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,EAAE,CAAC;YAC3C,MAAM,IAAI,GAAG,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YACzC,IAAI,CAAC,IAAI;gBAAE,SAAS;YAEpB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC;YACxC,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,EAAE,GAAG,CAAC,QAAQ,CAAC,CAAC;YACpD,IAAI,CAAC,OAAO;gBAAE,SAAS;YAEvB,IAAI,CAAC,kBAAkB,CAAC,QAAQ,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;YACvD,IAAI,CAAC,uBAAuB,CAAC,QAAQ,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;YAC5D,IAAI,CAAC,kBAAkB,CAAC,QAAQ,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;QACzD,CAAC;QAED,OAAO,EAAE,UAAU,EAAE,CAAC;IACxB,CAAC;IAEO,kBAAkB,CAAC,QAAgB,EAAE,OAAe,EAAE,UAAuB;QACnF,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,oBAAoB,IAAI,EAAE,CAAC;QAE5D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YAEtB,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;gBACnC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,MAAM,OAAO,YAAY,EAAE,GAAG,CAAC,CAAC;gBACzD,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBACrB,2CAA2C;oBAC3C,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;oBACzC,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;oBAClD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBAEjE,IAAI,IAAI,CAAC,MAAM,CAAC,cAAc,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;wBAC5D,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAClC,QAAQ,EACR,6CAA6C,EAC7C,CAAC,GAAG,CAAC,EACL,uCAAuC,CACxC,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAEO,uBAAuB,CAAC,QAAgB,EAAE,OAAe,EAAE,UAAuB;QACxF,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;QAEvD,uCAAuC;QACvC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YACnG,OAAO;QACT,CAAC;QAED,MAAM,gBAAgB,GAAG,IAAI,CAAC,MAAM,CAAC,oBAAoB,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,CAClE,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,CAClC,CAAC;QAEF,IAAI,CAAC,gBAAgB;YAAE,OAAO;QAE9B,MAAM,iBAAiB,GAAG,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAC;YAClC,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAC;YAClC,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC;QAE9D,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC;YACzB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC;YACzB,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;YAC9B,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;QAEhD,IAAI,IAAI,CAAC,MAAM,CAAC,qBAAqB,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC5D,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAClC,QAAQ,EACR,qDAAqD,EACrD,CAAC,EACD,uDAAuD,CACxD,CAAC,CAAC;QACL,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC1C,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAClC,QAAQ,EACR,iDAAiD,EACjD,CAAC,EACD,iEAAiE,CAClE,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAEO,kBAAkB,CAAC,QAAgB,EAAE,OAAe,EAAE,UAAuB;QACnF,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YAEtB,+BAA+B;YAC/B,IAAI,6BAA6B,CAAC,IAAI,CAAC,IAAI,CAAC;gBACxC,CAAC,wBAAwB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,GAAG,CAAC,EAAE,CAAC;gBAC1E,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAClC,QAAQ,EACR,4CAA4C,EAC5C,CAAC,GAAG,CAAC,EACL,0CAA0C,CAC3C,CAAC,CAAC;YACL,CAAC;YAED,+CAA+C;YAC/C,IAAI,wBAAwB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxC,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACvD,IAAI,sBAAsB,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;oBACrF,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAClC,QAAQ,EACR,qDAAqD,EACrD,CAAC,GAAG,CAAC,EACL,uEAAuE,CACxE,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAEO,UAAU,CAAC,OAAe;QAChC,MAAM,eAAe,GAAG;YACtB,UAAU;YACV,iBAAiB;YACjB,QAAQ;YACR,WAAW;YACX,iBAAiB,EAAE,yCAAyC;SAC7D,CAAC;QAEF,OAAO,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;IACpD,CAAC;IAEO,eAAe,CAAC,IAAY,EAAE,OAAe,EAAE,IAAY,EAAE,UAAmB;QACtF,OAAO;YACL,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,IAAI,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE;YACzE,MAAM,EAAE,IAAI,CAAC,EAAE;YACf,QAAQ,EAAE,IAAI,CAAC,IAAI;YACnB,QAAQ,EAAE,SAAS;YACnB,OAAO;YACP,IAAI;YACJ,IAAI;YACJ,UAAU;SACX,CAAC;IACJ,CAAC;CACF"}

package/dist/core/rules/builtin/security-context.rule.d.ts

@@ -0,0 +1,32 @@
+/**
+ * Security Context Rule
+ *
+ * Validates security context propagation and authorization patterns.
+ */
+import { IRule, RuleContext, RuleConfig, RuleResult } from '../rule.interface.js';
+interface SecurityContextConfig extends RuleConfig {
+    requireAuthentication?: boolean;
+    requireAuthorization?: boolean;
+    sensitiveRoutes?: string[];
+    publicRoutes?: string[];
+}
+export declare class SecurityContextRule implements IRule {
+    readonly id = "security-context";
+    readonly name = "Security Context Propagation";
+    readonly description = "Validates security context propagation and authorization patterns";
+    readonly severity: "error";
+    readonly tags: string[];
+    private config;
+    configure(options: Partial<SecurityContextConfig>): void;
+    check(context: RuleContext): Promise<RuleResult>;
+    private isSecurityRelevantFile;
+    private checkAuthenticationMiddleware;
+    private checkAuthorizationDecorators;
+    private checkSecurityHeaders;
+    private checkSensitiveDataHandling;
+    private isPublicRoute;
+    private isSensitiveRoute;
+    private createViolation;
+}
+export {};
+//# sourceMappingURL=security-context.rule.d.ts.map

package/dist/core/rules/builtin/security-context.rule.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-context.rule.d.ts","sourceRoot":"","sources":["../../../../src/core/rules/builtin/security-context.rule.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAIlF,UAAU,qBAAsB,SAAQ,UAAU;IAChD,qBAAqB,CAAC,EAAE,OAAO,CAAC;IAChC,oBAAoB,CAAC,EAAE,OAAO,CAAC;IAC/B,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;CACzB;AAED,qBAAa,mBAAoB,YAAW,KAAK;IAC/C,QAAQ,CAAC,EAAE,sBAAsB;IACjC,QAAQ,CAAC,IAAI,kCAAkC;IAC/C,QAAQ,CAAC,WAAW,uEAAuE;IAC3F,QAAQ,CAAC,QAAQ,EAAG,OAAO,CAAU;IACrC,QAAQ,CAAC,IAAI,WAAmD;IAEhE,OAAO,CAAC,MAAM,CAOZ;IAEF,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,qBAAqB,CAAC,GAAG,IAAI;IAIlD,KAAK,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC;IAwBtD,OAAO,CAAC,sBAAsB;IAK9B,OAAO,CAAC,6BAA6B;IAsDrC,OAAO,CAAC,4BAA4B;IAyBpC,OAAO,CAAC,oBAAoB;IAmB5B,OAAO,CAAC,0BAA0B;IAuBlC,OAAO,CAAC,aAAa;IAIrB,OAAO,CAAC,gBAAgB;IAIxB,OAAO,CAAC,eAAe;CAYxB"}

package/dist/core/rules/builtin/security-context.rule.js

@@ -0,0 +1,145 @@
+/**
+ * Security Context Rule
+ *
+ * Validates security context propagation and authorization patterns.
+ */
+import * as path from 'path';
+export class SecurityContextRule {
+    id = 'security-context';
+    name = 'Security Context Propagation';
+    description = 'Validates security context propagation and authorization patterns';
+    severity = 'error';
+    tags = ['security', 'authentication', 'authorization'];
+    config = {
+        enabled: true,
+        severity: 'error',
+        requireAuthentication: true,
+        requireAuthorization: true,
+        sensitiveRoutes: ['/admin', '/api/users', '/api/settings'],
+        publicRoutes: ['/health', '/public', '/auth/login'],
+    };
+    configure(options) {
+        this.config = { ...this.config, ...options };
+    }
+    async check(context) {
+        const violations = [];
+        for (const nodeId of context.graph.nodes()) {
+            const node = context.getNodeData(nodeId);
+            if (!node)
+                continue;
+            const filePath = node.data.relativePath;
+            const content = context.fileContents?.get(filePath);
+            if (!content)
+                continue;
+            const fileName = path.basename(filePath).toLowerCase();
+            if (this.isSecurityRelevantFile(fileName)) {
+                this.checkAuthenticationMiddleware(filePath, content, violations);
+                this.checkAuthorizationDecorators(filePath, content, violations);
+                this.checkSecurityHeaders(filePath, content, violations);
+                this.checkSensitiveDataHandling(filePath, content, violations);
+            }
+        }
+        return { violations };
+    }
+    isSecurityRelevantFile(fileName) {
+        const relevantPatterns = ['controller', 'handler', 'router', 'middleware', 'guard', 'auth'];
+        return relevantPatterns.some(p => fileName.includes(p));
+    }
+    checkAuthenticationMiddleware(filePath, content, violations) {
+        const lines = content.split('\n');
+        // Look for routes/endpoints
+        const routePatterns = [
+            /@(?:Get|Post|Put|Delete|Patch)\s*\(\s*['"]([^'"]+)['"]\s*\)/,
+            /router\.(?:get|post|put|delete|patch)\s*\(\s*['"]([^'"]+)['"]/,
+        ];
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            for (const pattern of routePatterns) {
+                const match = line.match(pattern);
+                if (match) {
+                    const route = match[1];
+                    // Check if it's a public route
+                    if (this.isPublicRoute(route))
+                        continue;
+                    // Look for auth guards/middleware in surrounding context
+                    const contextStart = Math.max(0, i - 5);
+                    const contextEnd = Math.min(lines.length, i + 2);
+                    const context = lines.slice(contextStart, contextEnd).join('\n');
+                    const hasAuth = /@UseGuards|@Auth|authenticate|isAuthenticated|requireAuth|@Public\(false\)/.test(context);
+                    if (!hasAuth && this.config.requireAuthentication) {
+                        violations.push(this.createViolation(filePath, `Route '${route}' without authentication guard`, i + 1, 'Add authentication middleware or guard'));
+                    }
+                    // Check for authorization on sensitive routes
+                    if (this.isSensitiveRoute(route)) {
+                        const hasAuthorization = /@Roles|@Permissions|@Authorize|authorize|checkPermission/.test(context);
+                        if (!hasAuthorization && this.config.requireAuthorization) {
+                            violations.push(this.createViolation(filePath, `Sensitive route '${route}' without authorization`, i + 1, 'Add role-based or permission-based authorization'));
+                        }
+                    }
+                }
+            }
+        }
+    }
+    checkAuthorizationDecorators(filePath, content, violations) {
+        const lines = content.split('\n');
+        // Check for direct database access in controllers without authorization
+        if (filePath.toLowerCase().includes('controller')) {
+            for (let i = 0; i < lines.length; i++) {
+                const line = lines[i];
+                if (/repository\.|\.find\(|\.save\(|\.delete\(|\.update\(/.test(line)) {
+                    // Check if there's authorization above
+                    const contextAbove = lines.slice(Math.max(0, i - 10), i).join('\n');
+                    if (!/@Roles|@Permissions|authorize|checkPermission/.test(contextAbove)) {
+                        violations.push(this.createViolation(filePath, 'Direct data access in controller without authorization check', i + 1, 'Add authorization check before data operations'));
+                    }
+                }
+            }
+        }
+    }
+    checkSecurityHeaders(filePath, content, violations) {
+        // Check for response handling without security headers
+        if (content.includes('res.send') || content.includes('res.json')) {
+            const hasHelmet = content.includes('helmet') || content.includes('Helmet');
+            const hasSecurityHeaders = content.includes('X-Content-Type-Options') ||
+                content.includes('X-Frame-Options') ||
+                content.includes('Content-Security-Policy');
+            if (!hasHelmet && !hasSecurityHeaders) {
+                violations.push(this.createViolation(filePath, 'Response handling without security headers', 1, 'Use helmet middleware or set security headers manually'));
+            }
+        }
+    }
+    checkSensitiveDataHandling(filePath, content, violations) {
+        const lines = content.split('\n');
+        const sensitiveFields = ['password', 'token', 'secret', 'apiKey', 'creditCard', 'ssn'];
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i].toLowerCase();
+            for (const field of sensitiveFields) {
+                if (line.includes(field)) {
+                    // Check if it's being exposed in response
+                    if (/res\.(json|send)\s*\(/.test(lines[i]) || /return\s+\{/.test(lines[i])) {
+                        violations.push(this.createViolation(filePath, `Potential sensitive data '${field}' in response`, i + 1, 'Exclude sensitive fields from API responses using DTOs or serialization'));
+                    }
+                }
+            }
+        }
+    }
+    isPublicRoute(route) {
+        return this.config.publicRoutes?.some(p => route.startsWith(p)) || false;
+    }
+    isSensitiveRoute(route) {
+        return this.config.sensitiveRoutes?.some(p => route.startsWith(p)) || false;
+    }
+    createViolation(file, message, line, suggestion) {
+        return {
+            id: `${this.id}-${Date.now()}-${Math.random().toString(36).substr(2, 9)}`,
+            ruleId: this.id,
+            ruleName: this.name,
+            severity: 'error',
+            message,
+            file,
+            line,
+            suggestion,
+        };
+    }
+}
+//# sourceMappingURL=security-context.rule.js.map