guardvibe 1.8.6 → 1.8.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -76,6 +76,10 @@ export function analyzeCode(code, language, framework, filePath, configDir, rule
|
|
|
76
76
|
// Skip npm package rules (VG863/VG864/VG865): only apply to package.json files
|
|
77
77
|
if ((rule.id === "VG863" || rule.id === "VG864" || rule.id === "VG865") && filePath && !filePath.endsWith("package.json"))
|
|
78
78
|
continue;
|
|
79
|
+
// Skip server-only import rule (VG964) for files that are inherently server-only:
|
|
80
|
+
// Route Handlers (app/api/), middleware, instrumentation, next.config
|
|
81
|
+
if (rule.id === "VG964" && filePath && /(?:\/api\/|middleware\.|instrumentation\.|next\.config\.)/.test(filePath))
|
|
82
|
+
continue;
|
|
79
83
|
// Skip React Native/mobile-only rules (VG70x) in web projects:
|
|
80
84
|
// only apply when framework is react-native/expo or path suggests mobile
|
|
81
85
|
const mobileRuleIds = new Set(["VG705", "VG706", "VG707", "VG709"]);
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "guardvibe",
|
|
3
|
-
"version": "1.8.
|
|
3
|
+
"version": "1.8.7",
|
|
4
4
|
"description": "Security MCP for vibe coding. 277 rules, 22 tools for Next.js, Supabase, Clerk, Stripe, Prisma, tRPC, Hono, GraphQL, Convex, Turso, Uploadthing, AI SDK, and the full AI-generated stack.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|