code-sentinel-mcp 0.2.3 → 0.2.5

package/build/analyzers/errors.js

@@ -1,214 +1,7 @@
-const errorPatterns = [
-    // Unhandled promises
-    {
-        id: 'CS-ERR001',
-        pattern: /(?:^|\s)(?:await\s+)?(?:\w+\.)+\w+\s*\([^)]*\)\s*;?\s*$/gm,
-        title: 'Potentially Unhandled Promise',
-        description: 'Async call without await or .then()/.catch() may silently fail.',
-        severity: 'medium',
-        category: 'error',
-        suggestion: 'Use await with try/catch or add .catch() handler.'
-    },
-    // Missing error handling
-    {
-        id: 'CS-ERR010',
-        pattern: /async\s+(?:function\s+\w+|\w+\s*=\s*async)\s*\([^)]*\)\s*(?::\s*\w+\s*)?\{(?:(?!try\s*\{).)*\}/gs,
-        title: 'Async Function Without Try/Catch',
-        description: 'Async function has no error handling.',
-        severity: 'medium',
-        category: 'error',
-        suggestion: 'Wrap async operations in try/catch or handle at call site.'
-    },
-    // Variable shadowing and redeclaration
-    {
-        id: 'CS-ERR020',
-        pattern: /var\s+(\w+)[\s\S]*?var\s+\1\s*=/g,
-        title: 'Variable Redeclaration with var',
-        description: 'Same variable declared twice with var - potential bug.',
-        severity: 'medium',
-        category: 'error',
-        suggestion: 'Use let/const and avoid redeclaring variables.'
-    },
-    // Comparison issues
-    {
-        id: 'CS-ERR030',
-        pattern: /[^!=]==[^=]/g,
-        title: 'Loose Equality (==)',
-        description: 'Loose equality can cause unexpected type coercion.',
-        severity: 'low',
-        category: 'error',
-        suggestion: 'Use strict equality (===) instead.'
-    },
-    {
-        id: 'CS-ERR031',
-        pattern: /!=[^=]/g,
-        title: 'Loose Inequality (!=)',
-        description: 'Loose inequality can cause unexpected type coercion.',
-        severity: 'low',
-        category: 'error',
-        suggestion: 'Use strict inequality (!==) instead.'
-    },
-    {
-        id: 'CS-ERR032',
-        pattern: /if\s*\(\s*\w+\s*=\s*[^=]/g,
-        title: 'Assignment in Condition',
-        description: 'Assignment inside if condition - likely meant to use ==.',
-        severity: 'high',
-        category: 'error',
-        suggestion: 'Use === for comparison. If assignment is intentional, wrap in extra parens.'
-    },
-    // Null/undefined issues
-    {
-        id: 'CS-ERR040',
-        pattern: /(\w+)\.(\w+)\s*(?:\(|\.)/g,
-        title: 'Potential Null Reference',
-        description: 'Accessing property without null check - may throw.',
-        severity: 'low',
-        category: 'error',
-        suggestion: 'Use optional chaining (?.) or add null checks.'
-    },
-    // Loop issues
-    {
-        id: 'CS-ERR050',
-        pattern: /for\s*\(\s*(?:var|let)\s+\w+\s+in\s+/g,
-        title: 'for...in on Array',
-        description: 'for...in iterates over keys, not values - often wrong for arrays.',
-        severity: 'medium',
-        category: 'error',
-        suggestion: 'Use for...of, forEach(), or traditional for loop for arrays.'
-    },
-    {
-        id: 'CS-ERR051',
-        pattern: /while\s*\(\s*true\s*\)/g,
-        title: 'Infinite Loop Pattern',
-        description: 'while(true) requires explicit break - easy to create infinite loop.',
-        severity: 'medium',
-        category: 'error',
-        suggestion: 'Ensure there is always a reachable break condition.'
-    },
-    // Floating point comparison
-    {
-        id: 'CS-ERR060',
-        pattern: /(?:\d+\.\d+|\w+)\s*===?\s*(?:\d+\.\d+|\w+).*?(?:price|amount|total|sum|money|currency|rate)/gi,
-        title: 'Floating Point Comparison',
-        description: 'Direct comparison of floats (especially money) can fail due to precision.',
-        severity: 'high',
-        category: 'error',
-        suggestion: 'Use epsilon comparison or integer cents for money.'
-    },
-    // Array mutation issues
-    {
-        id: 'CS-ERR070',
-        pattern: /\.forEach\s*\([^)]*\)\s*\{[^}]*(?:\.push|\.pop|\.shift|\.splice)/g,
-        title: 'Array Mutation During Iteration',
-        description: 'Modifying array while iterating can cause skipped elements.',
-        severity: 'high',
-        category: 'error',
-        suggestion: 'Create a new array or iterate backwards when mutating.'
-    },
-    // parseInt without radix
-    {
-        id: 'CS-ERR080',
-        pattern: /parseInt\s*\(\s*[^,)]+\s*\)(?!\s*,)/g,
-        title: 'parseInt Without Radix',
-        description: 'parseInt without radix can give unexpected results.',
-        severity: 'low',
-        category: 'error',
-        suggestion: 'Always specify radix: parseInt(x, 10).'
-    },
-    // Unreachable code
-    {
-        id: 'CS-ERR090',
-        pattern: /return\s+[^;]+;\s*\n\s*(?![\s}]|case\s|default:)/g,
-        title: 'Potentially Unreachable Code',
-        description: 'Code after return statement will never execute.',
-        severity: 'medium',
-        category: 'error',
-        suggestion: 'Remove unreachable code or fix control flow.'
-    },
-    // Dangerous delete
-    {
-        id: 'CS-ERR100',
-        pattern: /delete\s+\w+\[\w+\]/g,
-        title: 'delete Operator on Array',
-        description: 'delete leaves holes in arrays - length unchanged.',
-        severity: 'medium',
-        category: 'error',
-        suggestion: 'Use splice() to remove array elements.'
-    },
-    // This binding issues
-    {
-        id: 'CS-ERR110',
-        pattern: /setTimeout\s*\(\s*(?:this\.\w+|function\s*\([^)]*\)\s*\{[^}]*this\.)/g,
-        title: 'Potential "this" Binding Issue',
-        description: 'Using "this" in setTimeout callback may not refer to expected context.',
-        severity: 'medium',
-        category: 'error',
-        suggestion: 'Use arrow function or .bind(this).'
-    },
-    // Constructor without new
-    {
-        id: 'CS-ERR120',
-        pattern: /(?:^|[^.])\b(?:Date|Array|Object|Map|Set|Promise)\s*\(\s*\)/g,
-        title: 'Constructor Without "new"',
-        description: 'Calling constructor without new may not work as expected.',
-        severity: 'low',
-        category: 'error',
-        suggestion: 'Use "new" keyword with constructors.'
-    },
-    // Magic numbers
-    {
-        id: 'CS-ERR130',
-        pattern: /(?:if|while|for|===?|!==?|[<>]=?)\s*\(?\s*(?:\d{3,}|\d+\.\d+)\s*(?!\s*(?:px|em|rem|%|vh|vw|s|ms))/g,
-        title: 'Magic Number',
-        description: 'Hardcoded number without context makes code hard to maintain.',
-        severity: 'low',
-        category: 'error',
-        suggestion: 'Extract magic numbers into named constants.'
-    },
-    // Async in constructor
-    {
-        id: 'CS-ERR140',
-        pattern: /constructor\s*\([^)]*\)\s*\{[^}]*await\s+/g,
-        title: 'Await in Constructor',
-        description: 'Constructors cannot be async - await will not work as expected.',
-        severity: 'high',
-        category: 'error',
-        suggestion: 'Use a static factory method for async initialization.'
-    }
-];
+// Error pattern analyzer - uses data-driven pattern system
+// This file now delegates to the core analyzer with compiled patterns
+import { analyzeErrorsWithPatterns } from './core.js';
+// Main export - uses the data-driven pattern system
 export function analyzeErrors(code, filename) {
-    const issues = [];
-    const lines = code.split('\n');
-    for (const patternDef of errorPatterns) {
-        patternDef.pattern.lastIndex = 0;
-        let match;
-        while ((match = patternDef.pattern.exec(code)) !== null) {
-            const beforeMatch = code.substring(0, match.index);
-            const lineNumber = beforeMatch.split('\n').length;
-            const lineContent = lines[lineNumber - 1] || '';
-            // Build verification with actual values substituted
-            let verification = patternDef.verification;
-            if (verification) {
-                verification = {
-                    ...verification,
-                    commands: verification.commands?.map(cmd => cmd.replace(/<filename>/g, filename))
-                };
-            }
-            issues.push({
-                id: patternDef.id,
-                category: patternDef.category,
-                severity: patternDef.severity,
-                title: patternDef.title,
-                description: patternDef.description,
-                line: lineNumber,
-                code: lineContent.trim(),
-                suggestion: patternDef.suggestion,
-                verification
-            });
-            if (!patternDef.pattern.global)
-                break;
-        }
-    }
-    return issues;
+    return analyzeErrorsWithPatterns(code, filename);
 }

package/build/analyzers/placeholders.js

@@ -1,216 +1,7 @@
-const placeholderPatterns = [
-    // TODO/FIXME comments
-    {
-        id: 'CS-PH001',
-        pattern: /\/\/\s*TODO(?::|\.|\s).*$/gim,
-        title: 'TODO Comment Found',
-        description: 'Incomplete work marker found in code.',
-        severity: 'low',
-        category: 'placeholder',
-        suggestion: 'Complete or remove the TODO before shipping.'
-    },
-    {
-        id: 'CS-PH002',
-        pattern: /\/\/\s*FIXME(?::|\.|\s).*$/gim,
-        title: 'FIXME Comment Found',
-        description: 'Known issue marker found - this should be fixed.',
-        severity: 'medium',
-        category: 'placeholder',
-        suggestion: 'Fix the issue or create a ticket to track it.'
-    },
-    {
-        id: 'CS-PH003',
-        pattern: /\/\/\s*HACK(?::|\.|\s).*$/gim,
-        title: 'HACK Comment Found',
-        description: 'Workaround marker found - technical debt.',
-        severity: 'medium',
-        category: 'placeholder',
-        suggestion: 'Document why the hack exists and plan to remove it.'
-    },
-    {
-        id: 'CS-PH004',
-        pattern: /\/\/\s*XXX(?::|\.|\s).*$/gim,
-        title: 'XXX Comment Found',
-        description: 'Attention marker found - requires review.',
-        severity: 'low',
-        category: 'placeholder',
-        suggestion: 'Address the flagged issue or remove the marker.'
-    },
-    // Lorem ipsum and dummy text
-    {
-        id: 'CS-PH010',
-        pattern: /lorem\s+ipsum/gi,
-        title: 'Lorem Ipsum Placeholder Text',
-        description: 'Placeholder text found - replace with real content.',
-        severity: 'medium',
-        category: 'placeholder',
-        suggestion: 'Replace with actual content before release.'
-    },
-    {
-        id: 'CS-PH011',
-        pattern: /['"`](?:foo|bar|baz|qux|test|dummy|sample|example|placeholder)['"`]/gi,
-        title: 'Common Placeholder Value',
-        description: 'Generic placeholder value detected.',
-        severity: 'low',
-        category: 'placeholder',
-        suggestion: 'Replace with meaningful values.'
-    },
-    // Test/dummy data
-    {
-        id: 'CS-PH020',
-        pattern: /['"`]test@(?:test|example|dummy|sample)\.[a-z]+['"`]/gi,
-        title: 'Test Email Address',
-        description: 'Placeholder email found - may not be intended for production.',
-        severity: 'medium',
-        category: 'placeholder',
-        suggestion: 'Remove or replace with proper configuration.'
-    },
-    {
-        id: 'CS-PH021',
-        pattern: /['"`](?:123|1234|12345|123456|password|admin|root|test)['"`]/gi,
-        title: 'Common Test Password/Value',
-        description: 'Potentially insecure placeholder password or test value.',
-        severity: 'high',
-        category: 'placeholder',
-        suggestion: 'Remove test credentials before deployment.'
-    },
-    {
-        id: 'CS-PH022',
-        pattern: /(?:localhost|127\.0\.0\.1):\d{4,5}/g,
-        title: 'Localhost URL in Code',
-        description: 'Hardcoded localhost URL may not work in production.',
-        severity: 'medium',
-        category: 'placeholder',
-        suggestion: 'Use environment variables for URLs.'
-    },
-    {
-        id: 'CS-PH023',
-        pattern: /['"`](?:xxx|yyy|zzz|aaa|bbb|ccc)['"`]/gi,
-        title: 'Placeholder String Pattern',
-        description: 'Obvious placeholder pattern detected.',
-        severity: 'low',
-        category: 'placeholder',
-        suggestion: 'Replace with actual values.'
-    },
-    // Fake/test phone numbers
-    {
-        id: 'CS-PH030',
-        pattern: /['"`](?:\+1)?[\s-]?555[\s-]?\d{3}[\s-]?\d{4}['"`]/g,
-        title: 'Test Phone Number (555)',
-        description: 'The 555 prefix is reserved for fictional use.',
-        severity: 'low',
-        category: 'placeholder',
-        suggestion: 'Use proper phone number handling or config.'
-    },
-    {
-        id: 'CS-PH031',
-        pattern: /['"`](?:000[-\s]?00[-\s]?0000|111[-\s]?11[-\s]?1111|123[-\s]?45[-\s]?6789)['"`]/g,
-        title: 'Obviously Fake ID Number',
-        description: 'Placeholder ID number pattern detected.',
-        severity: 'medium',
-        category: 'placeholder',
-        suggestion: 'Remove test data before production.'
-    },
-    // Incomplete implementations
-    {
-        id: 'CS-PH040',
-        pattern: /throw\s+new\s+Error\s*\(\s*['"`](?:not\s+implemented|todo|implement\s+me|coming\s+soon)['"`]\s*\)/gi,
-        title: 'Not Implemented Error',
-        description: 'Function explicitly marked as not implemented.',
-        severity: 'high',
-        category: 'placeholder',
-        suggestion: 'Implement the function or remove the dead code.'
-    },
-    {
-        id: 'CS-PH041',
-        pattern: /(?:return|=)\s*['"`](?:TBD|TBA|N\/A|pending|placeholder)['"`]/gi,
-        title: 'TBD/Placeholder Return Value',
-        description: 'Code returns a placeholder instead of real value.',
-        severity: 'medium',
-        category: 'placeholder',
-        suggestion: 'Implement actual logic or handle the case properly.'
-    },
-    // Debug/test code
-    {
-        id: 'CS-PH050',
-        pattern: /console\.log\s*\(\s*['"`](?:debug|test|here|working|checkpoint|\d+)['"`]\s*\)/gi,
-        title: 'Debug Console.log',
-        description: 'Debug logging statement left in code.',
-        severity: 'low',
-        category: 'placeholder',
-        suggestion: 'Remove debug statements or use a proper logger.'
-    },
-    {
-        id: 'CS-PH051',
-        pattern: /debugger\s*;/g,
-        title: 'Debugger Statement',
-        description: 'Debugger statement will pause execution in browser.',
-        severity: 'medium',
-        category: 'placeholder',
-        suggestion: 'Remove debugger statements before committing.'
-    },
-    {
-        id: 'CS-PH052',
-        pattern: /alert\s*\(\s*['"`](?:test|debug|here|working)['"`]\s*\)/gi,
-        title: 'Debug Alert',
-        description: 'Debug alert left in code.',
-        severity: 'medium',
-        category: 'placeholder',
-        suggestion: 'Remove debug alerts.'
-    },
-    // Commented out code blocks
-    {
-        id: 'CS-PH060',
-        pattern: /\/\/\s*(?:const|let|var|function|class|if|for|while|return)\s+\w+/g,
-        title: 'Commented Out Code',
-        description: 'Code appears to be commented out rather than deleted.',
-        severity: 'low',
-        category: 'placeholder',
-        suggestion: 'Remove dead code - use version control to recover if needed.'
-    },
-    // Hardcoded test IDs
-    {
-        id: 'CS-PH070',
-        pattern: /['"`](?:test-id|test_id|testid|fake-id|temp-id)['"`]/gi,
-        title: 'Test ID in Code',
-        description: 'Hardcoded test ID found.',
-        severity: 'medium',
-        category: 'placeholder',
-        suggestion: 'Use proper ID generation or configuration.'
-    }
-];
+// Placeholder analyzer - uses data-driven pattern system
+// This file now delegates to the core analyzer with compiled patterns
+import { analyzePlaceholdersWithPatterns } from './core.js';
+// Main export - uses the data-driven pattern system
 export function analyzePlaceholders(code, filename) {
-    const issues = [];
-    const lines = code.split('\n');
-    for (const patternDef of placeholderPatterns) {
-        patternDef.pattern.lastIndex = 0;
-        let match;
-        while ((match = patternDef.pattern.exec(code)) !== null) {
-            const beforeMatch = code.substring(0, match.index);
-            const lineNumber = beforeMatch.split('\n').length;
-            const lineContent = lines[lineNumber - 1] || '';
-            // Build verification with actual values substituted
-            let verification = patternDef.verification;
-            if (verification) {
-                verification = {
-                    ...verification,
-                    commands: verification.commands?.map(cmd => cmd.replace(/<filename>/g, filename))
-                };
-            }
-            issues.push({
-                id: patternDef.id,
-                category: patternDef.category,
-                severity: patternDef.severity,
-                title: patternDef.title,
-                description: patternDef.description,
-                line: lineNumber,
-                code: lineContent.trim(),
-                suggestion: patternDef.suggestion,
-                verification
-            });
-            if (!patternDef.pattern.global)
-                break;
-        }
-    }
-    return issues;
+    return analyzePlaceholdersWithPatterns(code, filename);
 }

package/build/analyzers/security.js

@@ -1,238 +1,7 @@
-const securityPatterns = [
-    // Hardcoded secrets
-    {
-        id: 'CS-SEC001',
-        pattern: /(?:api[_-]?key|apikey|secret|password|passwd|pwd|token|auth[_-]?token|access[_-]?token|private[_-]?key)\s*[:=]\s*['"`][^'"`]{8,}['"`]/gi,
-        title: 'Hardcoded Secret Detected',
-        description: 'Sensitive credentials appear to be hardcoded in the source code.',
-        severity: 'critical',
-        category: 'security',
-        suggestion: 'Move secrets to environment variables or a secure vault.',
-        verification: {
-            status: 'needs_verification',
-            assumption: 'The matched string appears to be a real secret, not a placeholder or test value',
-            commands: [
-                'git log -p -S "<matched_value>" -- <filename>',
-                'grep -r "<matched_value>" .env* config/'
-            ],
-            instruction: 'Verify this is a real secret, not a placeholder like "your-api-key-here" or test data',
-            confirmIf: 'Value looks like a real credential (high entropy, no placeholder words)',
-            falsePositiveIf: 'Value contains words like "example", "test", "placeholder", "your-", "xxx", or is clearly dummy data'
-        }
-    },
-    {
-        id: 'CS-SEC002',
-        pattern: /(?:ghp|gho|ghu|ghs|ghr)_[A-Za-z0-9_]{36,}/g,
-        title: 'GitHub Token Detected',
-        description: 'A GitHub personal access token was found in the code.',
-        severity: 'critical',
-        category: 'security',
-        suggestion: 'Remove the token immediately and rotate it in GitHub settings.',
-        verification: {
-            status: 'needs_verification',
-            assumption: 'Token is real and may have been committed to git history',
-            commands: [
-                'git log -p -S "<matched_value>" --all',
-                'git ls-files <filename>'
-            ],
-            instruction: 'Check if token was ever committed. If in history, it must be rotated even if removed now',
-            confirmIf: 'Token pattern matches GitHub format (ghp_, gho_, etc.) and file is tracked',
-            falsePositiveIf: 'Token is in a test file with obviously fake data or documentation example'
-        }
-    },
-    {
-        id: 'CS-SEC003',
-        pattern: /sk-[A-Za-z0-9]{48,}/g,
-        title: 'OpenAI API Key Detected',
-        description: 'An OpenAI API key was found in the code.',
-        severity: 'critical',
-        category: 'security',
-        suggestion: 'Remove the key and rotate it in your OpenAI dashboard.',
-        verification: {
-            status: 'needs_verification',
-            assumption: 'Key is real and may have been committed to git history',
-            commands: [
-                'git log -p -S "sk-" --all -- <filename>',
-                'git ls-files <filename>'
-            ],
-            instruction: 'Check if key was ever committed. If in history, it must be rotated',
-            confirmIf: 'Key matches OpenAI format (sk- prefix, 48+ chars) and file is tracked',
-            falsePositiveIf: 'Key is in documentation as example or clearly marked as fake'
-        }
-    },
-    {
-        id: 'CS-SEC004',
-        pattern: /AKIA[0-9A-Z]{16}/g,
-        title: 'AWS Access Key Detected',
-        description: 'An AWS access key ID was found in the code.',
-        severity: 'critical',
-        category: 'security',
-        suggestion: 'Remove and rotate the AWS credentials immediately.',
-        verification: {
-            status: 'needs_verification',
-            assumption: 'Key is real and may have been committed to git history',
-            commands: [
-                'git log -p -S "AKIA" --all -- <filename>',
-                'git ls-files <filename>'
-            ],
-            instruction: 'Check if key was ever committed. AWS keys in git history are compromised',
-            confirmIf: 'Key matches AWS format (AKIA prefix, 16 chars) and file is tracked',
-            falsePositiveIf: 'Key is in documentation or test fixtures with fake data'
-        }
-    },
-    // SQL Injection
-    {
-        id: 'CS-SEC010',
-        pattern: /(?:execute|query|raw)\s*\(\s*['"`].*?\$\{.*?\}.*?['"`]\s*\)/gi,
-        title: 'Potential SQL Injection',
-        description: 'String interpolation in SQL query may allow injection attacks.',
-        severity: 'critical',
-        category: 'security',
-        suggestion: 'Use parameterized queries or prepared statements instead.'
-    },
-    {
-        id: 'CS-SEC011',
-        pattern: /(?:execute|query)\s*\(\s*['"`].*?\+.*?['"`]\s*\)/gi,
-        title: 'SQL Query String Concatenation',
-        description: 'Concatenating strings in SQL queries is vulnerable to injection.',
-        severity: 'high',
-        category: 'security',
-        suggestion: 'Use parameterized queries with placeholders.'
-    },
-    // XSS
-    {
-        id: 'CS-SEC020',
-        pattern: /innerHTML\s*=\s*(?!['"`]<)/g,
-        title: 'Potential XSS via innerHTML',
-        description: 'Setting innerHTML with dynamic content can lead to XSS.',
-        severity: 'high',
-        category: 'security',
-        suggestion: 'Use textContent or sanitize HTML before insertion.'
-    },
-    {
-        id: 'CS-SEC021',
-        pattern: /dangerouslySetInnerHTML/g,
-        title: 'React dangerouslySetInnerHTML Usage',
-        description: 'Using dangerouslySetInnerHTML can expose the app to XSS.',
-        severity: 'medium',
-        category: 'security',
-        suggestion: 'Ensure content is properly sanitized before rendering.'
-    },
-    // Insecure practices
-    {
-        id: 'CS-SEC030',
-        pattern: /eval\s*\(/g,
-        title: 'eval() Usage Detected',
-        description: 'eval() can execute arbitrary code and is a security risk.',
-        severity: 'high',
-        category: 'security',
-        suggestion: 'Avoid eval(). Use safer alternatives like JSON.parse().'
-    },
-    {
-        id: 'CS-SEC031',
-        pattern: /new\s+Function\s*\(/g,
-        title: 'Dynamic Function Constructor',
-        description: 'Creating functions from strings is similar to eval().',
-        severity: 'high',
-        category: 'security',
-        suggestion: 'Avoid dynamic function creation from user input.'
-    },
-    {
-        id: 'CS-SEC032',
-        pattern: /document\.write\s*\(/g,
-        title: 'document.write() Usage',
-        description: 'document.write() can overwrite the document and enable XSS.',
-        severity: 'medium',
-        category: 'security',
-        suggestion: 'Use DOM manipulation methods instead.'
-    },
-    // Crypto issues
-    {
-        id: 'CS-SEC040',
-        pattern: /(?:md5|sha1)\s*\(/gi,
-        title: 'Weak Hash Algorithm',
-        description: 'MD5 and SHA1 are cryptographically broken.',
-        severity: 'high',
-        category: 'security',
-        suggestion: 'Use SHA-256 or bcrypt for password hashing.'
-    },
-    {
-        id: 'CS-SEC041',
-        pattern: /Math\.random\s*\(\)/g,
-        title: 'Insecure Random for Security',
-        description: 'Math.random() is not cryptographically secure.',
-        severity: 'medium',
-        category: 'security',
-        suggestion: 'Use crypto.randomBytes() or crypto.getRandomValues().'
-    },
-    // Network
-    {
-        id: 'CS-SEC050',
-        pattern: /http:\/\/(?!localhost|127\.0\.0\.1)/g,
-        title: 'Insecure HTTP URL',
-        description: 'Using HTTP instead of HTTPS exposes data in transit.',
-        severity: 'medium',
-        category: 'security',
-        suggestion: 'Use HTTPS for all external URLs.'
-    },
-    {
-        id: 'CS-SEC051',
-        pattern: /rejectUnauthorized\s*:\s*false/g,
-        title: 'SSL Certificate Validation Disabled',
-        description: 'Disabling certificate validation enables MITM attacks.',
-        severity: 'critical',
-        category: 'security',
-        suggestion: 'Never disable SSL certificate validation in production.'
-    },
-    // CORS
-    {
-        id: 'CS-SEC060',
-        pattern: /Access-Control-Allow-Origin['":\s]+\*/g,
-        title: 'Wildcard CORS Origin',
-        description: 'Allowing all origins can expose the API to unauthorized access.',
-        severity: 'medium',
-        category: 'security',
-        suggestion: 'Specify allowed origins explicitly.'
-    }
-];
+// Security analyzer - uses data-driven pattern system
+// This file now delegates to the core analyzer with compiled patterns
+import { analyzeSecurityWithPatterns } from './core.js';
+// Main export - uses the data-driven pattern system
 export function analyzeSecurityIssues(code, filename) {
-    const issues = [];
-    const lines = code.split('\n');
-    for (const patternDef of securityPatterns) {
-        // Reset regex state
-        patternDef.pattern.lastIndex = 0;
-        let match;
-        while ((match = patternDef.pattern.exec(code)) !== null) {
-            // Find line number
-            const beforeMatch = code.substring(0, match.index);
-            const lineNumber = beforeMatch.split('\n').length;
-            const lineContent = lines[lineNumber - 1] || '';
-            const matchedValue = match[0];
-            // Build verification with actual values substituted
-            let verification = patternDef.verification;
-            if (verification) {
-                verification = {
-                    ...verification,
-                    commands: verification.commands?.map(cmd => cmd
-                        .replace(/<matched_value>/g, matchedValue.substring(0, 20) + '...')
-                        .replace(/<filename>/g, filename))
-                };
-            }
-            issues.push({
-                id: patternDef.id,
-                category: patternDef.category,
-                severity: patternDef.severity,
-                title: patternDef.title,
-                description: patternDef.description,
-                line: lineNumber,
-                code: lineContent.trim(),
-                suggestion: patternDef.suggestion,
-                verification
-            });
-            // Prevent infinite loops for patterns without global flag
-            if (!patternDef.pattern.global)
-                break;
-        }
-    }
-    return issues;
+    return analyzeSecurityWithPatterns(code, filename);
 }