couchloop-eq-mcp 1.0.4 → 1.1.0

package/dist/developer/scanners/review-assistant.js

@@ -0,0 +1,374 @@
+/**
+ * Review Assistant Scanner
+ * Scans code for common issues to reduce human review burden
+ * Detects: console logs, commented code, TODOs/FIXMEs, error handling, hardcoded values, type definitions, unreachable code
+ */
+export class ReviewAssistant {
+    lines;
+    language;
+    constructor(code, language = 'typescript') {
+        this.language = language.toLowerCase();
+        this.lines = code.split('\n');
+    }
+    scan() {
+        const issues = [];
+        issues.push(...this.findConsoleLogs());
+        issues.push(...this.findCommentedCode());
+        issues.push(...this.findTodos());
+        issues.push(...this.findMissingErrorHandling());
+        issues.push(...this.findHardcodedValues());
+        issues.push(...this.findMissingTypes());
+        issues.push(...this.findUnreachableCode());
+        issues.push(...this.findNestedComplexity());
+        return this.compileScanResult(issues);
+    }
+    findConsoleLogs() {
+        const issues = [];
+        const consolePattern = /\bconsole\.(log|debug|info|warn|error)\s*\(/gi;
+        this.lines.forEach((line, index) => {
+            if (line.trim().startsWith('//'))
+                return; // Skip comments
+            let match;
+            while ((match = consolePattern.exec(line)) !== null) {
+                issues.push({
+                    line: index + 1,
+                    column: match.index + 1,
+                    type: 'console_log',
+                    severity: 'low',
+                    message: `Remove debug statement: console.${match[1]}()`,
+                    code: line.trim(),
+                    suggestion: `Remove this line before merging to production`
+                });
+            }
+        });
+        return issues;
+    }
+    findCommentedCode() {
+        const issues = [];
+        this.lines.forEach((line, index) => {
+            const trimmed = line.trim();
+            // Skip single-line comments that are actual documentation
+            if (trimmed.startsWith('//') && !trimmed.startsWith('// '))
+                return;
+            // Check for commented out code patterns
+            const commentedCodePatterns = [
+                /^\/\/\s*(const|let|var|function|if|for|while|return|async|await|import|export)\b/,
+                /^\/\/\s*\w+\s*[\.\[\(\{]/,
+                /^\/\/\s*}\s*$/,
+                /^\/\/\s*;/
+            ];
+            for (const pattern of commentedCodePatterns) {
+                if (pattern.test(trimmed)) {
+                    issues.push({
+                        line: index + 1,
+                        column: 1,
+                        type: 'commented_code',
+                        severity: 'low',
+                        message: 'Remove commented out code',
+                        code: line.trim(),
+                        suggestion: 'Use version control to recover old code if needed'
+                    });
+                    break;
+                }
+            }
+            // Multi-line commented code
+            if (trimmed.startsWith('/*') && !trimmed.startsWith('/**')) {
+                let commentContent = trimmed.slice(2);
+                if (commentContent.includes('{') || commentContent.includes(';') || /\w+\s*=/i.test(commentContent)) {
+                    issues.push({
+                        line: index + 1,
+                        column: 1,
+                        type: 'commented_code',
+                        severity: 'low',
+                        message: 'Remove commented out code block',
+                        code: line.trim(),
+                        suggestion: 'Use version control instead'
+                    });
+                }
+            }
+        });
+        return issues;
+    }
+    findTodos() {
+        const issues = [];
+        const todoPattern = /\b(TODO|todo)\b[:\s]*(.*?)(?=\n|$)/gi;
+        const fixmePattern = /\b(FIXME|fixme)\b[:\s]*(.*?)(?=\n|$)/gi;
+        this.lines.forEach((line, index) => {
+            let match;
+            while ((match = todoPattern.exec(line)) !== null) {
+                issues.push({
+                    line: index + 1,
+                    column: match.index + 1,
+                    type: 'todo',
+                    severity: 'medium',
+                    message: `TODO: ${match[2]?.trim() || 'Item left incomplete'}`,
+                    code: line.trim(),
+                    suggestion: 'Complete this task before merge or create an issue'
+                });
+            }
+            while ((match = fixmePattern.exec(line)) !== null) {
+                issues.push({
+                    line: index + 1,
+                    column: match.index + 1,
+                    type: 'fixme',
+                    severity: 'high',
+                    message: `FIXME: ${match[2]?.trim() || 'Issue needs to be fixed'}`,
+                    code: line.trim(),
+                    suggestion: 'This must be fixed before merge'
+                });
+            }
+        });
+        return issues;
+    }
+    findMissingErrorHandling() {
+        const issues = [];
+        this.lines.forEach((line, index) => {
+            // Check for fetch without error handling
+            if (/fetch\s*\([^)]*\)\s*\.then\s*\(/.test(line) && !this.hasErrorHandling(index)) {
+                issues.push({
+                    line: index + 1,
+                    column: 1,
+                    type: 'missing_error_handling',
+                    severity: 'high',
+                    message: 'Missing error handling on fetch call',
+                    code: line.trim(),
+                    suggestion: 'Add .catch() handler or use try/catch with await'
+                });
+            }
+            // Check for Promise without catch
+            if (/\.then\s*\(/.test(line) && !this.hasErrorHandling(index)) {
+                const hasCatch = this.checkMultilinePromiseChain(index);
+                if (!hasCatch) {
+                    issues.push({
+                        line: index + 1,
+                        column: 1,
+                        type: 'missing_error_handling',
+                        severity: 'medium',
+                        message: 'Promise chain may be missing .catch() error handler',
+                        code: line.trim(),
+                        suggestion: 'Add .catch() or ensure error handling in parent context'
+                    });
+                }
+            }
+            // Check for try block without catch
+            if (/^\s*try\s*\{/.test(line)) {
+                const hasCatch = this.findMatchingCatch(index);
+                if (!hasCatch) {
+                    issues.push({
+                        line: index + 1,
+                        column: 1,
+                        type: 'missing_error_handling',
+                        severity: 'high',
+                        message: 'Try block without catch handler',
+                        code: line.trim(),
+                        suggestion: 'Add catch block or finally block for cleanup'
+                    });
+                }
+            }
+        });
+        return issues;
+    }
+    findHardcodedValues() {
+        const issues = [];
+        const patterns = [
+            { regex: /['"]sk-[a-zA-Z0-9]+['"]/, type: 'API key' },
+            { regex: /['"]pk_[a-zA-Z0-9]+['"]/, type: 'API key' },
+            { regex: /auth[_-]?token\s*[:=]\s*['"][^'"]+['"]/, type: 'Auth token' },
+            { regex: /password\s*[:=]\s*['"][^'"]*['"]/, type: 'Password' },
+            { regex: /secret\s*[:=]\s*['"][^'"]+['"]/, type: 'Secret' },
+            { regex: /(['"]https?:\/\/[^'"]+['"])\s*;/, type: 'Hardcoded URL' },
+            { regex: /api[_-]?key\s*[:=]\s*['"][^'"]+['"]/, type: 'API key' }
+        ];
+        this.lines.forEach((line, index) => {
+            if (line.trim().startsWith('//'))
+                return;
+            for (const pattern of patterns) {
+                if (pattern.regex.test(line)) {
+                    issues.push({
+                        line: index + 1,
+                        column: 1,
+                        type: 'hardcoded_value',
+                        severity: 'high',
+                        message: `Hardcoded ${pattern.type} detected`,
+                        code: line.trim(),
+                        suggestion: `Use environment variable instead (e.g., process.env.${pattern.type.replace(/[^A-Z0-9]/gi, '_').toUpperCase()})`
+                    });
+                }
+            }
+        });
+        return issues;
+    }
+    findMissingTypes() {
+        const issues = [];
+        if (!['typescript', 'ts'].includes(this.language)) {
+            return issues;
+        }
+        this.lines.forEach((line, index) => {
+            // Check for function parameters without types
+            const funcParamPattern = /function\s+\w+\s*\(\s*(\w+)\s*[,\)]/;
+            const arrowFuncPattern = /(\w+)\s*=>\s*/;
+            if (funcParamPattern.test(line) || arrowFuncPattern.test(line)) {
+                const match = line.match(/\(([^)]*)\)/);
+                if (match && match[1]) {
+                    const params = match[1].split(',').map(p => p.trim());
+                    for (const param of params) {
+                        if (param && !param.includes(':') && !param.includes('?') && param !== '...rest') {
+                            issues.push({
+                                line: index + 1,
+                                column: 1,
+                                type: 'missing_types',
+                                severity: 'medium',
+                                message: `Parameter "${param}" missing type annotation`,
+                                code: line.trim(),
+                                suggestion: `Add type: (${param}: ParameterType) or enable implicit any`
+                            });
+                            break;
+                        }
+                    }
+                }
+            }
+            // Check for variables without types
+            if (/^\s*(const|let|var)\s+\w+\s*=/.test(line) && !line.includes(':')) {
+                const match = line.match(/^\s*(const|let|var)\s+(\w+)\s*=/);
+                if (match && !this.isObviouslyTyped(line)) {
+                    issues.push({
+                        line: index + 1,
+                        column: 1,
+                        type: 'missing_types',
+                        severity: 'low',
+                        message: `Variable "${match[2]}" could have explicit type annotation`,
+                        code: line.trim(),
+                        suggestion: `Add type: const ${match[2]}: Type = ...`
+                    });
+                }
+            }
+        });
+        return issues;
+    }
+    findUnreachableCode() {
+        const issues = [];
+        this.lines.forEach((line, index) => {
+            if (line.trim() === 'return;' || line.trim().startsWith('return ')) {
+                // Check if there's code after return in same block
+                for (let i = index + 1; i < this.lines.length && i < index + 5; i++) {
+                    const nextLine = this.lines[i]?.trim();
+                    if (!nextLine || nextLine.startsWith('//'))
+                        continue;
+                    if (nextLine.startsWith('}'))
+                        break;
+                    if (!nextLine.startsWith('case') && !nextLine.startsWith('default:')) {
+                        issues.push({
+                            line: i + 1,
+                            column: 1,
+                            type: 'unreachable_code',
+                            severity: 'medium',
+                            message: 'Code unreachable due to return statement above',
+                            code: nextLine,
+                            suggestion: 'Remove this code or reorganize logic'
+                        });
+                        break;
+                    }
+                }
+            }
+        });
+        return issues;
+    }
+    findNestedComplexity() {
+        const issues = [];
+        this.lines.forEach((line, index) => {
+            let currentDepth = this.getCurrentBraceDepth(index);
+            if (currentDepth >= 4) {
+                if (/^\s*(if|for|while|switch)\s*/.test(line)) {
+                    issues.push({
+                        line: index + 1,
+                        column: 1,
+                        type: 'nested_complexity',
+                        severity: 'medium',
+                        message: `High nesting depth (${currentDepth} levels) - consider refactoring`,
+                        code: line.trim(),
+                        suggestion: 'Extract to separate function or simplify control flow'
+                    });
+                }
+            }
+        });
+        return issues;
+    }
+    hasErrorHandling(lineIndex) {
+        const nextLines = this.lines.slice(lineIndex, Math.min(lineIndex + 5, this.lines.length));
+        return nextLines.some(line => /\.catch\s*\(|\.finally\s*\(/.test(line));
+    }
+    checkMultilinePromiseChain(lineIndex) {
+        for (let i = lineIndex; i < Math.min(lineIndex + 10, this.lines.length); i++) {
+            const line = this.lines[i];
+            if (!line)
+                continue;
+            if (/\.catch\s*\(/.test(line))
+                return true;
+            if (/^\s*[}\);]/.test(line) && i > lineIndex)
+                break;
+        }
+        return false;
+    }
+    findMatchingCatch(tryLineIndex) {
+        let braceCount = 0;
+        let foundOpenBrace = false;
+        for (let i = tryLineIndex; i < Math.min(tryLineIndex + 50, this.lines.length); i++) {
+            const line = this.lines[i];
+            if (!line)
+                continue;
+            if (!foundOpenBrace && line.includes('{')) {
+                foundOpenBrace = true;
+                braceCount += (line.match(/\{/g) || []).length;
+                braceCount -= (line.match(/\}/g) || []).length;
+            }
+            else if (foundOpenBrace) {
+                braceCount += (line.match(/\{/g) || []).length;
+                braceCount -= (line.match(/\}/g) || []).length;
+                if (braceCount <= 0 && /^\s*\}\s*catch\s*\(/.test(line)) {
+                    return true;
+                }
+                if (braceCount <= 0)
+                    break;
+            }
+        }
+        return false;
+    }
+    getCurrentBraceDepth(lineIndex) {
+        let depth = 0;
+        for (let i = 0; i <= lineIndex; i++) {
+            const line = this.lines[i];
+            if (!line)
+                continue;
+            depth += (line.match(/\{/g) || []).length;
+            depth -= (line.match(/\}/g) || []).length;
+        }
+        return Math.max(0, depth);
+    }
+    isObviouslyTyped(line) {
+        return /= (true|false|\d+|['"]|null|undefined|\[|\{)/.test(line);
+    }
+    compileScanResult(issues) {
+        const issuesByType = {};
+        const issuesBySeverity = {
+            low: 0,
+            medium: 0,
+            high: 0
+        };
+        issues.forEach(issue => {
+            issuesByType[issue.type] = (issuesByType[issue.type] || 0) + 1;
+            if (issue.severity in issuesBySeverity) {
+                const severity = issuesBySeverity[issue.severity];
+                if (typeof severity === 'number') {
+                    issuesBySeverity[issue.severity] = severity + 1;
+                }
+            }
+        });
+        return {
+            issues,
+            totalIssues: issues.length,
+            issuesByType,
+            issuesBySeverity
+        };
+    }
+}
+//# sourceMappingURL=review-assistant.js.map

package/dist/developer/scanners/review-assistant.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"review-assistant.js","sourceRoot":"","sources":["../../../src/developer/scanners/review-assistant.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAmBH,MAAM,OAAO,eAAe;IAClB,KAAK,CAAW;IAChB,QAAQ,CAAS;IAEzB,YAAY,IAAY,EAAE,WAAmB,YAAY;QACvD,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;QACvC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAChC,CAAC;IAED,IAAI;QACF,MAAM,MAAM,GAAgB,EAAE,CAAC;QAE/B,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,eAAe,EAAE,CAAC,CAAC;QACvC,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC,CAAC;QACzC,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,wBAAwB,EAAE,CAAC,CAAC;QAChD,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC,CAAC;QAC3C,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC,CAAC;QACxC,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,mBAAmB,EAAE,CAAC,CAAC;QAC3C,MAAM,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,oBAAoB,EAAE,CAAC,CAAC;QAE5C,OAAO,IAAI,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;IACxC,CAAC;IAEO,eAAe;QACrB,MAAM,MAAM,GAAgB,EAAE,CAAC;QAC/B,MAAM,cAAc,GAAG,+CAA+C,CAAC;QAEvE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YACjC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC;gBAAE,OAAO,CAAC,gBAAgB;YAE1D,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBACpD,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,KAAK,GAAG,CAAC;oBACf,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,IAAI,EAAE,aAAa;oBACnB,QAAQ,EAAE,KAAK;oBACf,OAAO,EAAE,mCAAmC,KAAK,CAAC,CAAC,CAAC,IAAI;oBACxD,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;oBACjB,UAAU,EAAE,+CAA+C;iBAC5D,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,iBAAiB;QACvB,MAAM,MAAM,GAAgB,EAAE,CAAC;QAE/B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YACjC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;YAE5B,0DAA0D;YAC1D,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC;gBAAE,OAAO;YAEnE,wCAAwC;YACxC,MAAM,qBAAqB,GAAG;gBAC5B,kFAAkF;gBAClF,0BAA0B;gBAC1B,eAAe;gBACf,WAAW;aACZ,CAAC;YAEF,KAAK,MAAM,OAAO,IAAI,qBAAqB,EAAE,CAAC;gBAC5C,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC1B,MAAM,CAAC,IAAI,CAAC;wBACV,IAAI,EAAE,KAAK,GAAG,CAAC;wBACf,MAAM,EAAE,CAAC;wBACT,IAAI,EAAE,gBAAgB;wBACtB,QAAQ,EAAE,KAAK;wBACf,OAAO,EAAE,2BAA2B;wBACpC,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;wBACjB,UAAU,EAAE,mDAAmD;qBAChE,CAAC,CAAC;oBACH,MAAM;gBACR,CAAC;YACH,CAAC;YAED,4BAA4B;YAC5B,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC3D,IAAI,cAAc,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBACtC,IAAI,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC;oBACpG,MAAM,CAAC,IAAI,CAAC;wBACV,IAAI,EAAE,KAAK,GAAG,CAAC;wBACf,MAAM,EAAE,CAAC;wBACT,IAAI,EAAE,gBAAgB;wBACtB,QAAQ,EAAE,KAAK;wBACf,OAAO,EAAE,iCAAiC;wBAC1C,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;wBACjB,UAAU,EAAE,6BAA6B;qBAC1C,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,SAAS;QACf,MAAM,MAAM,GAAgB,EAAE,CAAC;QAC/B,MAAM,WAAW,GAAG,sCAAsC,CAAC;QAC3D,MAAM,YAAY,GAAG,wCAAwC,CAAC;QAE9D,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YACjC,IAAI,KAAK,CAAC;YAEV,OAAO,CAAC,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBACjD,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,KAAK,GAAG,CAAC;oBACf,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,IAAI,EAAE,MAAM;oBACZ,QAAQ,EAAE,QAAQ;oBAClB,OAAO,EAAE,SAAS,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,sBAAsB,EAAE;oBAC9D,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;oBACjB,UAAU,EAAE,oDAAoD;iBACjE,CAAC,CAAC;YACL,CAAC;YAED,OAAO,CAAC,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAClD,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,KAAK,GAAG,CAAC;oBACf,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,IAAI,EAAE,OAAO;oBACb,QAAQ,EAAE,MAAM;oBAChB,OAAO,EAAE,UAAU,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,yBAAyB,EAAE;oBAClE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;oBACjB,UAAU,EAAE,iCAAiC;iBAC9C,CAAC,CAAC;YACL,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,wBAAwB;QAC9B,MAAM,MAAM,GAAgB,EAAE,CAAC;QAE/B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YACjC,yCAAyC;YACzC,IAAI,iCAAiC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,EAAE,CAAC;gBAClF,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,KAAK,GAAG,CAAC;oBACf,MAAM,EAAE,CAAC;oBACT,IAAI,EAAE,wBAAwB;oBAC9B,QAAQ,EAAE,MAAM;oBAChB,OAAO,EAAE,sCAAsC;oBAC/C,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;oBACjB,UAAU,EAAE,kDAAkD;iBAC/D,CAAC,CAAC;YACL,CAAC;YAED,kCAAkC;YAClC,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9D,MAAM,QAAQ,GAAG,IAAI,CAAC,0BAA0B,CAAC,KAAK,CAAC,CAAC;gBACxD,IAAI,CAAC,QAAQ,EAAE,CAAC;oBACd,MAAM,CAAC,IAAI,CAAC;wBACV,IAAI,EAAE,KAAK,GAAG,CAAC;wBACf,MAAM,EAAE,CAAC;wBACT,IAAI,EAAE,wBAAwB;wBAC9B,QAAQ,EAAE,QAAQ;wBAClB,OAAO,EAAE,qDAAqD;wBAC9D,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;wBACjB,UAAU,EAAE,yDAAyD;qBACtE,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,oCAAoC;YACpC,IAAI,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC9B,MAAM,QAAQ,GAAG,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC;gBAC/C,IAAI,CAAC,QAAQ,EAAE,CAAC;oBACd,MAAM,CAAC,IAAI,CAAC;wBACV,IAAI,EAAE,KAAK,GAAG,CAAC;wBACf,MAAM,EAAE,CAAC;wBACT,IAAI,EAAE,wBAAwB;wBAC9B,QAAQ,EAAE,MAAM;wBAChB,OAAO,EAAE,iCAAiC;wBAC1C,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;wBACjB,UAAU,EAAE,8CAA8C;qBAC3D,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,mBAAmB;QACzB,MAAM,MAAM,GAAgB,EAAE,CAAC;QAE/B,MAAM,QAAQ,GAAG;YACf,EAAE,KAAK,EAAE,yBAAyB,EAAE,IAAI,EAAE,SAAS,EAAE;YACrD,EAAE,KAAK,EAAE,yBAAyB,EAAE,IAAI,EAAE,SAAS,EAAE;YACrD,EAAE,KAAK,EAAE,wCAAwC,EAAE,IAAI,EAAE,YAAY,EAAE;YACvE,EAAE,KAAK,EAAE,kCAAkC,EAAE,IAAI,EAAE,UAAU,EAAE;YAC/D,EAAE,KAAK,EAAE,gCAAgC,EAAE,IAAI,EAAE,QAAQ,EAAE;YAC3D,EAAE,KAAK,EAAE,iCAAiC,EAAE,IAAI,EAAE,eAAe,EAAE;YACnE,EAAE,KAAK,EAAE,qCAAqC,EAAE,IAAI,EAAE,SAAS,EAAE;SAClE,CAAC;QAEF,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YACjC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC;gBAAE,OAAO;YAEzC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;gBAC/B,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC7B,MAAM,CAAC,IAAI,CAAC;wBACV,IAAI,EAAE,KAAK,GAAG,CAAC;wBACf,MAAM,EAAE,CAAC;wBACT,IAAI,EAAE,iBAAiB;wBACvB,QAAQ,EAAE,MAAM;wBAChB,OAAO,EAAE,aAAa,OAAO,CAAC,IAAI,WAAW;wBAC7C,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;wBACjB,UAAU,EAAE,uDAAuD,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,GAAG;qBAC7H,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,gBAAgB;QACtB,MAAM,MAAM,GAAgB,EAAE,CAAC;QAE/B,IAAI,CAAC,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAClD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YACjC,8CAA8C;YAC9C,MAAM,gBAAgB,GAAG,qCAAqC,CAAC;YAC/D,MAAM,gBAAgB,GAAG,eAAe,CAAC;YAEzC,IAAI,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC/D,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;gBACxC,IAAI,KAAK,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;oBACtB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;oBACtD,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;wBAC3B,IAAI,KAAK,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;4BACjF,MAAM,CAAC,IAAI,CAAC;gCACV,IAAI,EAAE,KAAK,GAAG,CAAC;gCACf,MAAM,EAAE,CAAC;gCACT,IAAI,EAAE,eAAe;gCACrB,QAAQ,EAAE,QAAQ;gCAClB,OAAO,EAAE,cAAc,KAAK,2BAA2B;gCACvD,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;gCACjB,UAAU,EAAE,cAAc,KAAK,yCAAyC;6BACzE,CAAC,CAAC;4BACH,MAAM;wBACR,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAED,oCAAoC;YACpC,IAAI,+BAA+B,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACtE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;gBAC5D,IAAI,KAAK,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1C,MAAM,CAAC,IAAI,CAAC;wBACV,IAAI,EAAE,KAAK,GAAG,CAAC;wBACf,MAAM,EAAE,CAAC;wBACT,IAAI,EAAE,eAAe;wBACrB,QAAQ,EAAE,KAAK;wBACf,OAAO,EAAE,aAAa,KAAK,CAAC,CAAC,CAAC,uCAAuC;wBACrE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;wBACjB,UAAU,EAAE,mBAAmB,KAAK,CAAC,CAAC,CAAC,cAAc;qBACtD,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,mBAAmB;QACzB,MAAM,MAAM,GAAgB,EAAE,CAAC;QAE/B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YACjC,IAAI,IAAI,CAAC,IAAI,EAAE,KAAK,SAAS,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBACnE,mDAAmD;gBACnD,KAAK,IAAI,CAAC,GAAG,KAAK,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,IAAI,CAAC,GAAG,KAAK,GAAG,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;oBACpE,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC;oBACvC,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC;wBAAE,SAAS;oBACrD,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC;wBAAE,MAAM;oBACpC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;wBACrE,MAAM,CAAC,IAAI,CAAC;4BACV,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,MAAM,EAAE,CAAC;4BACT,IAAI,EAAE,kBAAkB;4BACxB,QAAQ,EAAE,QAAQ;4BAClB,OAAO,EAAE,gDAAgD;4BACzD,IAAI,EAAE,QAAQ;4BACd,UAAU,EAAE,sCAAsC;yBACnD,CAAC,CAAC;wBACH,MAAM;oBACR,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,oBAAoB;QAC1B,MAAM,MAAM,GAAgB,EAAE,CAAC;QAE/B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YACjC,IAAI,YAAY,GAAG,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAC;YAEpD,IAAI,YAAY,IAAI,CAAC,EAAE,CAAC;gBACtB,IAAI,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC9C,MAAM,CAAC,IAAI,CAAC;wBACV,IAAI,EAAE,KAAK,GAAG,CAAC;wBACf,MAAM,EAAE,CAAC;wBACT,IAAI,EAAE,mBAAmB;wBACzB,QAAQ,EAAE,QAAQ;wBAClB,OAAO,EAAE,uBAAuB,YAAY,iCAAiC;wBAC7E,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;wBACjB,UAAU,EAAE,uDAAuD;qBACpE,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,OAAO,MAAM,CAAC;IAChB,CAAC;IAEO,gBAAgB,CAAC,SAAiB;QACxC,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,SAAS,EAAE,IAAI,CAAC,GAAG,CAAC,SAAS,GAAG,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;QAC1F,OAAO,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,6BAA6B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAC1E,CAAC;IAEO,0BAA0B,CAAC,SAAiB;QAClD,KAAK,IAAI,CAAC,GAAG,SAAS,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,SAAS,GAAG,EAAE,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC7E,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,IAAI;gBAAE,SAAS;YACpB,IAAI,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC;gBAAE,OAAO,IAAI,CAAC;YAC3C,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,SAAS;gBAAE,MAAM;QACtD,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAEO,iBAAiB,CAAC,YAAoB;QAC5C,IAAI,UAAU,GAAG,CAAC,CAAC;QACnB,IAAI,cAAc,GAAG,KAAK,CAAC;QAE3B,KAAK,IAAI,CAAC,GAAG,YAAY,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,YAAY,GAAG,EAAE,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YACnF,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,IAAI;gBAAE,SAAS;YAEpB,IAAI,CAAC,cAAc,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC1C,cAAc,GAAG,IAAI,CAAC;gBACtB,UAAU,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;gBAC/C,UAAU,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;YACjD,CAAC;iBAAM,IAAI,cAAc,EAAE,CAAC;gBAC1B,UAAU,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;gBAC/C,UAAU,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;gBAE/C,IAAI,UAAU,IAAI,CAAC,IAAI,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBACxD,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,IAAI,UAAU,IAAI,CAAC;oBAAE,MAAM;YAC7B,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAEO,oBAAoB,CAAC,SAAiB;QAC5C,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;YACpC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC3B,IAAI,CAAC,IAAI;gBAAE,SAAS;YACpB,KAAK,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;YAC1C,KAAK,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;QAC5C,CAAC;QACD,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IAC5B,CAAC;IAEO,gBAAgB,CAAC,IAAY;QACnC,OAAO,8CAA8C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACnE,CAAC;IAEO,iBAAiB,CAAC,MAAmB;QAC3C,MAAM,YAAY,GAA2B,EAAE,CAAC;QAChD,MAAM,gBAAgB,GAA2B;YAC/C,GAAG,EAAE,CAAC;YACN,MAAM,EAAE,CAAC;YACT,IAAI,EAAE,CAAC;SACR,CAAC;QAEF,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE;YACrB,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YAC/D,IAAI,KAAK,CAAC,QAAQ,IAAI,gBAAgB,EAAE,CAAC;gBACvC,MAAM,QAAQ,GAAG,gBAAgB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;gBAClD,IAAI,OAAO,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBACjC,gBAAgB,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,QAAQ,GAAG,CAAC,CAAC;gBAClD,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,OAAO;YACL,MAAM;YACN,WAAW,EAAE,MAAM,CAAC,MAAM;YAC1B,YAAY;YACZ,gBAAgB;SACjB,CAAC;IACJ,CAAC;CACF"}

package/dist/developer/scanners/secret-scanner.d.ts

@@ -0,0 +1,66 @@
+/**
+ * Secret Scanner
+ * Detects hardcoded secrets in code including:
+ * - API keys (AWS, OpenAI, Stripe, etc.)
+ * - Passwords
+ * - Private keys
+ * - Connection strings with credentials
+ * - Tokens and tokens
+ */
+export interface SecretVulnerability {
+    type: 'HARDCODED_API_KEY' | 'HARDCODED_PASSWORD' | 'PRIVATE_KEY' | 'CONNECTION_STRING' | 'JWT_TOKEN' | 'GENERIC_SECRET';
+    severity: 'CRITICAL' | 'HIGH';
+    line: number;
+    column: number;
+    code: string;
+    issue: string;
+    cwe: string;
+    fix: string;
+    secretType?: string;
+    secretPreview?: string;
+}
+export declare class SecretScanner {
+    private vulnerabilities;
+    private readonly patterns;
+    /**
+     * Scan code for hardcoded secrets
+     */
+    scan(code: string): SecretVulnerability[];
+    /**
+     * Check if line should be ignored (comments, examples, etc.)
+     */
+    private isSafeIgnore;
+    /**
+     * Check for AWS keys
+     */
+    private checkAwsKeys;
+    /**
+     * Check for API keys (OpenAI, Stripe, GitHub, etc.)
+     */
+    private checkApiKeys;
+    /**
+     * Check for connection strings with embedded credentials
+     */
+    private checkConnectionStrings;
+    /**
+     * Check for private keys in code
+     */
+    private checkPrivateKeys;
+    /**
+     * Check for hardcoded passwords
+     */
+    private checkPasswords;
+    /**
+     * Check for JWT tokens
+     */
+    private checkJwtTokens;
+    /**
+     * Redact secret for safe display
+     */
+    private redact;
+    /**
+     * Check if position is inside a comment
+     */
+    private isCommentOrString;
+}
+//# sourceMappingURL=secret-scanner.d.ts.map

package/dist/developer/scanners/secret-scanner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"secret-scanner.d.ts","sourceRoot":"","sources":["../../../src/developer/scanners/secret-scanner.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,mBAAmB,GAAG,oBAAoB,GAAG,aAAa,GAAG,mBAAmB,GAAG,WAAW,GAAG,gBAAgB,CAAC;IACxH,QAAQ,EAAE,UAAU,GAAG,MAAM,CAAC;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;IACZ,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,qBAAa,aAAa;IACxB,OAAO,CAAC,eAAe,CAA6B;IAGpD,OAAO,CAAC,QAAQ,CAAC,QAAQ,CA4BvB;IAEF;;OAEG;IACH,IAAI,CAAC,IAAI,EAAE,MAAM,GAAG,mBAAmB,EAAE;IAqBzC;;OAEG;IACH,OAAO,CAAC,YAAY;IAyBpB;;OAEG;IACH,OAAO,CAAC,YAAY;IA4CpB;;OAEG;IACH,OAAO,CAAC,YAAY;IAkCpB;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAgC9B;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAoBxB;;OAEG;IACH,OAAO,CAAC,cAAc;IA8BtB;;OAEG;IACH,OAAO,CAAC,cAAc;IA6BtB;;OAEG;IACH,OAAO,CAAC,MAAM;IAKd;;OAEG;IACH,OAAO,CAAC,iBAAiB;CAW1B"}