hardness 1.1.1 → 1.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/AGENTS.md +3 -0
- package/CHANGELOG.md +34 -2
- package/README.md +3 -1
- package/node_modules/@hardness/analyzers/dist/index.d.ts +16 -0
- package/node_modules/@hardness/analyzers/dist/index.js +29 -0
- package/node_modules/@hardness/analyzers/dist/index.js.map +1 -1
- package/node_modules/@hardness/analyzers/dist/typescript-node.js +15 -8
- package/node_modules/@hardness/analyzers/dist/typescript-node.js.map +1 -1
- package/node_modules/@hardness/analyzers/package.json +1 -1
- package/node_modules/@hardness/core/dist/agent/adapter.d.ts +17 -0
- package/node_modules/@hardness/core/dist/agent/adapter.js +17 -0
- package/node_modules/@hardness/core/dist/agent/adapter.js.map +1 -1
- package/node_modules/@hardness/core/dist/common/paths.js +1 -0
- package/node_modules/@hardness/core/dist/common/paths.js.map +1 -1
- package/node_modules/@hardness/core/dist/common/types.d.ts +2 -1
- package/node_modules/@hardness/core/dist/common/types.js +1 -1
- package/node_modules/@hardness/core/dist/common/types.js.map +1 -1
- package/node_modules/@hardness/core/dist/gates/analyzer-gate.d.ts +3 -0
- package/node_modules/@hardness/core/dist/gates/analyzer-gate.js +29 -4
- package/node_modules/@hardness/core/dist/gates/analyzer-gate.js.map +1 -1
- package/node_modules/@hardness/core/dist/gates/dependency.d.ts +6 -0
- package/node_modules/@hardness/core/dist/gates/dependency.js +17 -2
- package/node_modules/@hardness/core/dist/gates/dependency.js.map +1 -1
- package/node_modules/@hardness/core/dist/gates/generic.d.ts +7 -1
- package/node_modules/@hardness/core/dist/gates/generic.js +24 -14
- package/node_modules/@hardness/core/dist/gates/generic.js.map +1 -1
- package/node_modules/@hardness/core/dist/gates/import-resolver.d.ts +2 -0
- package/node_modules/@hardness/core/dist/gates/import-resolver.js +34 -36
- package/node_modules/@hardness/core/dist/gates/import-resolver.js.map +1 -1
- package/node_modules/@hardness/core/dist/locks/harness-guard.js +2 -1
- package/node_modules/@hardness/core/dist/locks/harness-guard.js.map +1 -1
- package/node_modules/@hardness/core/dist/locks/sprint-lock.js +2 -1
- package/node_modules/@hardness/core/dist/locks/sprint-lock.js.map +1 -1
- package/node_modules/@hardness/core/dist/orchestrator.d.ts +2 -0
- package/node_modules/@hardness/core/dist/orchestrator.js +7 -0
- package/node_modules/@hardness/core/dist/orchestrator.js.map +1 -1
- package/node_modules/@hardness/core/dist/sprint/status.js +3 -3
- package/node_modules/@hardness/core/dist/sprint/status.js.map +1 -1
- package/node_modules/@hardness/core/dist/sprint/validator.js +14 -2
- package/node_modules/@hardness/core/dist/sprint/validator.js.map +1 -1
- package/node_modules/@hardness/core/package.json +1 -1
- package/node_modules/@hardness/prompts/package.json +1 -1
- package/package.json +1 -1
- package/packages/analyzers/dist/index.d.ts +16 -0
- package/packages/analyzers/dist/index.js +29 -0
- package/packages/analyzers/dist/index.js.map +1 -1
- package/packages/analyzers/dist/typescript-node.js +15 -8
- package/packages/analyzers/dist/typescript-node.js.map +1 -1
- package/packages/analyzers/package.json +1 -1
- package/packages/cli/dist/commands/audit.js +1 -1
- package/packages/cli/dist/commands/audit.js.map +1 -1
- package/packages/cli/dist/commands/discover.js +7 -1
- package/packages/cli/dist/commands/discover.js.map +1 -1
- package/packages/cli/dist/commands/plan.js +3 -1
- package/packages/cli/dist/commands/plan.js.map +1 -1
- package/packages/cli/dist/commands/run.js +6 -1
- package/packages/cli/dist/commands/run.js.map +1 -1
- package/packages/cli/dist/commands/spec.js +3 -1
- package/packages/cli/dist/commands/spec.js.map +1 -1
- package/packages/cli/dist/commands/validate.js +2 -2
- package/packages/cli/dist/commands/validate.js.map +1 -1
- package/packages/cli/package.json +1 -1
- package/packages/core/dist/agent/adapter.d.ts +17 -0
- package/packages/core/dist/agent/adapter.js +17 -0
- package/packages/core/dist/agent/adapter.js.map +1 -1
- package/packages/core/dist/common/paths.js +1 -0
- package/packages/core/dist/common/paths.js.map +1 -1
- package/packages/core/dist/common/types.d.ts +2 -1
- package/packages/core/dist/common/types.js +1 -1
- package/packages/core/dist/common/types.js.map +1 -1
- package/packages/core/dist/gates/analyzer-gate.d.ts +3 -0
- package/packages/core/dist/gates/analyzer-gate.js +29 -4
- package/packages/core/dist/gates/analyzer-gate.js.map +1 -1
- package/packages/core/dist/gates/dependency.d.ts +6 -0
- package/packages/core/dist/gates/dependency.js +17 -2
- package/packages/core/dist/gates/dependency.js.map +1 -1
- package/packages/core/dist/gates/generic.d.ts +7 -1
- package/packages/core/dist/gates/generic.js +24 -14
- package/packages/core/dist/gates/generic.js.map +1 -1
- package/packages/core/dist/gates/import-resolver.d.ts +2 -0
- package/packages/core/dist/gates/import-resolver.js +34 -36
- package/packages/core/dist/gates/import-resolver.js.map +1 -1
- package/packages/core/dist/locks/harness-guard.js +2 -1
- package/packages/core/dist/locks/harness-guard.js.map +1 -1
- package/packages/core/dist/locks/sprint-lock.js +2 -1
- package/packages/core/dist/locks/sprint-lock.js.map +1 -1
- package/packages/core/dist/orchestrator.d.ts +2 -0
- package/packages/core/dist/orchestrator.js +7 -0
- package/packages/core/dist/orchestrator.js.map +1 -1
- package/packages/core/dist/sprint/status.js +3 -3
- package/packages/core/dist/sprint/status.js.map +1 -1
- package/packages/core/dist/sprint/validator.js +14 -2
- package/packages/core/dist/sprint/validator.js.map +1 -1
- package/packages/core/package.json +1 -1
- package/packages/prompts/package.json +1 -1
- package/schemas/sprint.schema.json +1 -1
package/AGENTS.md
CHANGED
|
@@ -3,6 +3,9 @@
|
|
|
3
3
|
> Manual for AI agents operating inside a Hardness-managed repository.
|
|
4
4
|
> This document is the single source of truth for how an agent must behave
|
|
5
5
|
> when invoked by the Hardness orchestrator. English only — by design.
|
|
6
|
+
>
|
|
7
|
+
> **Project onboarding:** read [`llms.txt`](./llms.txt) first for the complete
|
|
8
|
+
> repository snapshot (stack, layout, pipeline, gates, conventions).
|
|
6
9
|
|
|
7
10
|
## Your role
|
|
8
11
|
|
package/CHANGELOG.md
CHANGED
|
@@ -5,6 +5,38 @@ All notable changes to this project will be documented in this file.
|
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
|
|
6
6
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
7
7
|
|
|
8
|
+
## [1.1.3] — 2026-07-05
|
|
9
|
+
|
|
10
|
+
### Fixed
|
|
11
|
+
|
|
12
|
+
- **CLI `run` command**: the `--thinking` and `--timeout` options were accepted but silently ignored; they now propagate to the orchestrator and override the config values.
|
|
13
|
+
- **`UnicodeGate`**: extended to cover zero-width space (U+200B), zero-width non-joiner (U+200C), word joiner (U+2060), BOM (U+FEFF), RTL override (U+202E) and LTR override (U+202D), matching the contract advertised in `AGENTS.md`.
|
|
14
|
+
- **`smoke.executedBy`**: removed the dead `'agent'` member from the type and JSON schema so the type matches what the validator actually accepts (`'workflow'` only).
|
|
15
|
+
- **`SPRINT_FILE_RE`**: escaped the dot before `json` so filenames like `01-fooXjson` are no longer accepted.
|
|
16
|
+
- **Sprint validator**: `new RegExp(blockedPatterns[i])` is now wrapped in try/catch, producing a friendly validation error instead of a crash on invalid regex.
|
|
17
|
+
- **`DependencyGate`**: emits a warning for non-Node stacks without an explicit manifest instead of silently skipping; textual search now uses boundary matching so `lodash` no longer falsely satisfies `lodash-es`.
|
|
18
|
+
- **CLI output**: removed the double `✓`/`✗` prefix in `audit` and `validate` commands (`logger` already adds the prefix).
|
|
19
|
+
- **`discover` command**: the stale partial-session file is now removed after discarding, so the warning no longer persists on every run.
|
|
20
|
+
- **`spec`/`plan` commands**: `--prd` and `--spec` are now resolved relative to `--root` (when provided) instead of `cwd`; absolute paths are preserved.
|
|
21
|
+
- **`updateFeatureStatus`**: `startedAt` is no longer set equal to `completedAt` when transitioning `pending → done` directly; it stays `undefined` if no prior `in-progress` phase occurred.
|
|
22
|
+
- **Import resolver gate**: now supports multiline import/require statements and resolves `.cts`, `.mts`, `.cjs` and `.mjs` extensions.
|
|
23
|
+
- **TypeScript/Node analyzer**: `nodeBuiltins` expanded from 14 to 36 modules (Node 20+), eliminating false-positive undeclared-dependency errors for native modules like `net`, `tls`, `worker_threads`, `perf_hooks`, `v8`, etc.
|
|
24
|
+
- **TypeScript/Node analyzer**: removed hardcoded test fixture directory names from the production analyzer; it now uses a configurable ignore set (`node_modules`, `dist`, `.git`, `.hardness`).
|
|
25
|
+
|
|
26
|
+
### Changed
|
|
27
|
+
|
|
28
|
+
- **`AnalyzerGate`**: now honors optional `verification.auditCategory` and `verification.auditFinal` thresholds (`failOnSeverityAtOrAbove`) when present, falling back to `error` severity otherwise. Replaced `any[]` casts with the `Diagnostic` type.
|
|
29
|
+
- **`schemaVersion`**: extracted the duplicated literal `4` into a shared `LOCK_SCHEMA_VERSION` constant in `common/types.ts`, referenced by both `sprint-lock.ts` and `harness-guard.ts`.
|
|
30
|
+
- **Path protection**: `.hardness/prompts/` is now included in `getProtectedPrefixes()` for defense in depth, alongside the existing `harness-guard` protection.
|
|
31
|
+
- **`agent/adapter.ts`**: documented the trust boundary — `agentCommand` and project paths are configured by the project owner, so shell-escaping is intentionally omitted (documented in code and `llms.txt`).
|
|
32
|
+
- **Import regex sharing**: extracted `extractRelativeImports` and `extractImportPathsFromLine` helpers into `@hardness/analyzers` to deduplicate the import-parsing logic between the import-resolver gate and the TypeScript/Node analyzer.
|
|
33
|
+
|
|
34
|
+
### Docs
|
|
35
|
+
|
|
36
|
+
- Removed stale "stubs planned for M4" labels from `docs/ARCHITECTURE.md` and `docs/OPERATING-GUIDE.md` (`discover`, `spec`, `plan` are fully implemented since 1.1.0).
|
|
37
|
+
- Updated branding from "v1.0" to "v1.1" in `docs/ARCHITECTURE.md` and `docs/OPERATING-GUIDE.md`.
|
|
38
|
+
- Corrected the test count in the 1.1.0 entry from 126 to 133 and the new-tests delta from 29 to 49.
|
|
39
|
+
|
|
8
40
|
## [1.1.1] — 2026-07-05
|
|
9
41
|
|
|
10
42
|
### Added
|
|
@@ -37,8 +69,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
37
69
|
|
|
38
70
|
### Tests
|
|
39
71
|
|
|
40
|
-
- Added
|
|
41
|
-
- Total: **
|
|
72
|
+
- Added 49 new tests across: `runner.test.ts`, `prd-generator.test.ts`, `spec-generator.test.ts`, `sprint-generator.test.ts`, `dispatcher.test.ts` (M4 scenarios), `index.test.ts` (stub removal verification).
|
|
73
|
+
- Total: **133 tests** passing (up from 84 at 1.0.0).
|
|
42
74
|
|
|
43
75
|
## [1.0.0] — 2026-07-04
|
|
44
76
|
|
package/README.md
CHANGED
|
@@ -2,6 +2,8 @@
|
|
|
2
2
|
|
|
3
3
|
[English](./README.md) | [Português](./docs/translations/README.pt-BR.md) | [Español](./docs/translations/README.es.md) | [Français](./docs/translations/README.fr.md) | [Deutsch](./docs/translations/README.de.md) | [Русский](./docs/translations/README.ru.md) | [中文](./docs/translations/README.zh.md) | [日本語](./docs/translations/README.ja.md) | [한국어](./docs/translations/README.ko.md)
|
|
4
4
|
|
|
5
|
+
> **Project source of truth:** [`llms.txt`](./llms.txt) — read it first for a complete onboarding snapshot.
|
|
6
|
+
|
|
5
7
|
> **Universal Agentic Development Harness** — give your AI agent a contract, not a blank check.
|
|
6
8
|
|
|
7
9
|
[](https://github.com/cmt-t/HardNess/actions/workflows/ci.yml)
|
|
@@ -70,7 +72,7 @@ npx hardness@latest run
|
|
|
70
72
|
npx hardness@latest audit
|
|
71
73
|
```
|
|
72
74
|
|
|
73
|
-
>
|
|
75
|
+
> Running `hardness` in an empty directory launches the interactive PRD interview; with a `PRD.md` it runs `spec`; with a `SPEC.md` it runs `plan`. You can also use `init`, `validate`, `run` and `audit` with hand-written sprints (see `templates/`).
|
|
74
76
|
|
|
75
77
|
### Already have a project?
|
|
76
78
|
|
|
@@ -24,3 +24,19 @@ export declare const name = "@hardness/analyzers";
|
|
|
24
24
|
import { TypeScriptNodeAnalyzer } from './typescript-node.js';
|
|
25
25
|
import { GenericAnalyzer } from './generic.js';
|
|
26
26
|
export { TypeScriptNodeAnalyzer, GenericAnalyzer };
|
|
27
|
+
/**
|
|
28
|
+
* Extracts relative import paths from source code, handling both single-line
|
|
29
|
+
* and multiline import/require statements.
|
|
30
|
+
*
|
|
31
|
+
* Returns an array of { path, line } where `line` is the 1-indexed line number
|
|
32
|
+
* where the import specifier begins.
|
|
33
|
+
*/
|
|
34
|
+
export declare function extractRelativeImports(content: string): Array<{
|
|
35
|
+
path: string;
|
|
36
|
+
line: number;
|
|
37
|
+
}>;
|
|
38
|
+
/**
|
|
39
|
+
* Extracts all (including non-relative) import paths from a single line.
|
|
40
|
+
* Used for dependency checking (not path resolution).
|
|
41
|
+
*/
|
|
42
|
+
export declare function extractImportPathsFromLine(line: string): string | null;
|
|
@@ -37,4 +37,33 @@ import { GenericAnalyzer } from './generic.js';
|
|
|
37
37
|
globalAnalyzerRegistry.register(TypeScriptNodeAnalyzer);
|
|
38
38
|
globalAnalyzerRegistry.register(GenericAnalyzer);
|
|
39
39
|
export { TypeScriptNodeAnalyzer, GenericAnalyzer };
|
|
40
|
+
/**
|
|
41
|
+
* Extracts relative import paths from source code, handling both single-line
|
|
42
|
+
* and multiline import/require statements.
|
|
43
|
+
*
|
|
44
|
+
* Returns an array of { path, line } where `line` is the 1-indexed line number
|
|
45
|
+
* where the import specifier begins.
|
|
46
|
+
*/
|
|
47
|
+
export function extractRelativeImports(content) {
|
|
48
|
+
const results = [];
|
|
49
|
+
const lines = content.split(/\r?\n/);
|
|
50
|
+
const importRe = /(?:import\s+(?:type\s+)?[\s\S]*?\s+from\s+|require\s*\()[`'"](\.[^`'"]+)[`'"]/g;
|
|
51
|
+
let match;
|
|
52
|
+
while ((match = importRe.exec(content)) !== null) {
|
|
53
|
+
const importPath = match[1];
|
|
54
|
+
const offset = match.index;
|
|
55
|
+
const lineNum = content.substring(0, offset).split(/\r?\n/).length;
|
|
56
|
+
results.push({ path: importPath, line: lineNum });
|
|
57
|
+
}
|
|
58
|
+
return results;
|
|
59
|
+
}
|
|
60
|
+
/**
|
|
61
|
+
* Extracts all (including non-relative) import paths from a single line.
|
|
62
|
+
* Used for dependency checking (not path resolution).
|
|
63
|
+
*/
|
|
64
|
+
export function extractImportPathsFromLine(line) {
|
|
65
|
+
const importRe = /(?:import\s+(?:type\s+)?[\s\S]*?\s+from\s+|require\s*\()[`'"]([^`'"]+)[`'"]/;
|
|
66
|
+
const match = line.match(importRe);
|
|
67
|
+
return match ? match[1] : null;
|
|
68
|
+
}
|
|
40
69
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAcA;;GAEG;AACH,MAAM,OAAO,gBAAgB;IACnB,SAAS,GAAe,EAAE,CAAC;IAEnC,QAAQ,CAAC,QAAkB;QACzB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAChC,CAAC;IAED,aAAa,CAAC,OAAe;QAC3B,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,iBAAiB,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;IAChH,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAAe,EAAE,WAAmB;QAC/C,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAC5C,MAAM,WAAW,GAAiB,EAAE,CAAC;QACrC,KAAK,MAAM,QAAQ,IAAI,OAAO,EAAE,CAAC;YAC/B,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;gBAChD,WAAW,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;YAC3B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,WAAW,CAAC,IAAI,CAAC;oBACf,IAAI,EAAE,SAAS;oBACf,MAAM,EAAE,kBAAkB;oBAC1B,OAAO,EAAE,aAAa,QAAQ,CAAC,IAAI,aAAc,GAAa,CAAC,OAAO,EAAE;oBACxE,QAAQ,EAAE,OAAO;iBAClB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QACD,OAAO,WAAW,CAAC;IACrB,CAAC;CACF;AAED,MAAM,CAAC,MAAM,sBAAsB,GAAG,IAAI,gBAAgB,EAAE,CAAC;AAC7D,MAAM,CAAC,MAAM,IAAI,GAAG,qBAAqB,CAAC;AAE1C,wCAAwC;AACxC,OAAO,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAC;AAC9D,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAE/C,sBAAsB,CAAC,QAAQ,CAAC,sBAAsB,CAAC,CAAC;AACxD,sBAAsB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;AAEjD,OAAO,EAAE,sBAAsB,EAAE,eAAe,EAAE,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAcA;;GAEG;AACH,MAAM,OAAO,gBAAgB;IACnB,SAAS,GAAe,EAAE,CAAC;IAEnC,QAAQ,CAAC,QAAkB;QACzB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAChC,CAAC;IAED,aAAa,CAAC,OAAe;QAC3B,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,iBAAiB,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,iBAAiB,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;IAChH,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,OAAe,EAAE,WAAmB;QAC/C,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAC5C,MAAM,WAAW,GAAiB,EAAE,CAAC;QACrC,KAAK,MAAM,QAAQ,IAAI,OAAO,EAAE,CAAC;YAC/B,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;gBAChD,WAAW,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;YAC3B,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,WAAW,CAAC,IAAI,CAAC;oBACf,IAAI,EAAE,SAAS;oBACf,MAAM,EAAE,kBAAkB;oBAC1B,OAAO,EAAE,aAAa,QAAQ,CAAC,IAAI,aAAc,GAAa,CAAC,OAAO,EAAE;oBACxE,QAAQ,EAAE,OAAO;iBAClB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QACD,OAAO,WAAW,CAAC;IACrB,CAAC;CACF;AAED,MAAM,CAAC,MAAM,sBAAsB,GAAG,IAAI,gBAAgB,EAAE,CAAC;AAC7D,MAAM,CAAC,MAAM,IAAI,GAAG,qBAAqB,CAAC;AAE1C,wCAAwC;AACxC,OAAO,EAAE,sBAAsB,EAAE,MAAM,sBAAsB,CAAC;AAC9D,OAAO,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAE/C,sBAAsB,CAAC,QAAQ,CAAC,sBAAsB,CAAC,CAAC;AACxD,sBAAsB,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;AAEjD,OAAO,EAAE,sBAAsB,EAAE,eAAe,EAAE,CAAC;AAEnD;;;;;;GAMG;AACH,MAAM,UAAU,sBAAsB,CAAC,OAAe;IACpD,MAAM,OAAO,GAA0C,EAAE,CAAC;IAC1D,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAErC,MAAM,QAAQ,GAAG,gFAAgF,CAAC;IAElG,IAAI,KAA6B,CAAC;IAClC,OAAO,CAAC,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACjD,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAC5B,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC;QAC3B,MAAM,OAAO,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;QACnE,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC;IACpD,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,0BAA0B,CAAC,IAAY;IACrD,MAAM,QAAQ,GAAG,6EAA6E,CAAC;IAC/F,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IACnC,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACjC,CAAC"}
|
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import fs from 'fs';
|
|
2
2
|
import path from 'path';
|
|
3
|
+
import { extractImportPathsFromLine } from './index.js';
|
|
3
4
|
/**
|
|
4
5
|
* Static analyzer for TypeScript and Node.js projects.
|
|
5
6
|
* Checks for undeclared dependencies in package.json and discourages console.log without a logger.
|
|
@@ -23,19 +24,26 @@ export const TypeScriptNodeAnalyzer = {
|
|
|
23
24
|
// Ignore package.json parse errors
|
|
24
25
|
}
|
|
25
26
|
}
|
|
26
|
-
// Node.js built-in modules
|
|
27
|
+
// Node.js built-in modules (Node 20+)
|
|
27
28
|
const nodeBuiltins = [
|
|
28
|
-
'
|
|
29
|
-
'
|
|
29
|
+
'assert', 'async_hooks', 'buffer', 'child_process', 'cluster', 'console',
|
|
30
|
+
'constants', 'crypto', 'dgram', 'diagnostics_channel', 'dns', 'domain',
|
|
31
|
+
'events', 'fs', 'http', 'http2', 'https', 'inspector', 'module', 'net',
|
|
32
|
+
'os', 'path', 'perf_hooks', 'process', 'punycode', 'querystring',
|
|
33
|
+
'readline', 'repl', 'stream', 'string_decoder', 'sys', 'timers', 'tls',
|
|
34
|
+
'trace_events', 'tty', 'url', 'util', 'v8', 'vm', 'wasi', 'worker_threads',
|
|
35
|
+
'zlib',
|
|
30
36
|
];
|
|
31
37
|
const allDeclared = [...declaredDeps, ...declaredDevDeps, ...nodeBuiltins];
|
|
38
|
+
// Directories skipped during scan (build output, deps, VCS, harness state)
|
|
39
|
+
const ignoreDirs = new Set(['node_modules', 'dist', '.git', '.hardness']);
|
|
32
40
|
// 2. Find files recursively
|
|
33
41
|
function findFiles(dir) {
|
|
34
42
|
let results = [];
|
|
35
43
|
const list = fs.readdirSync(dir);
|
|
36
44
|
for (const file of list) {
|
|
37
|
-
// Skip common build, dependency or
|
|
38
|
-
if (
|
|
45
|
+
// Skip common build, dependency or harness-internal folders
|
|
46
|
+
if (ignoreDirs.has(file)) {
|
|
39
47
|
continue;
|
|
40
48
|
}
|
|
41
49
|
const filePath = path.join(dir, file);
|
|
@@ -75,9 +83,8 @@ export const TypeScriptNodeAnalyzer = {
|
|
|
75
83
|
});
|
|
76
84
|
}
|
|
77
85
|
// B. Detect imports of packages not declared in the manifest
|
|
78
|
-
const
|
|
79
|
-
if (
|
|
80
|
-
const importPath = importMatch[1];
|
|
86
|
+
const importPath = extractImportPathsFromLine(lineContent);
|
|
87
|
+
if (importPath) {
|
|
81
88
|
// Skip relative imports
|
|
82
89
|
if (!importPath.startsWith('.') && !importPath.startsWith('/') && !importPath.startsWith('file:')) {
|
|
83
90
|
let pkgName = importPath;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"typescript-node.js","sourceRoot":"","sources":["../src/typescript-node.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"typescript-node.js","sourceRoot":"","sources":["../src/typescript-node.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAwB,0BAA0B,EAAE,MAAM,YAAY,CAAC;AAE9E;;;GAGG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAAa;IAC9C,IAAI,EAAE,iBAAiB;IACvB,iBAAiB,EAAE,CAAC,iBAAiB,CAAC;IACtC,KAAK,CAAC,OAAO,CAAC,WAAmB;QAC/B,MAAM,WAAW,GAAiB,EAAE,CAAC;QAErC,wDAAwD;QACxD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;QACvD,IAAI,YAAY,GAAa,EAAE,CAAC;QAChC,IAAI,eAAe,GAAa,EAAE,CAAC;QAEnC,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YAC3B,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;gBAC1D,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC;gBACnD,eAAe,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC;YAC3D,CAAC;YAAC,MAAM,CAAC;gBACP,mCAAmC;YACrC,CAAC;QACH,CAAC;QAED,sCAAsC;QACtC,MAAM,YAAY,GAAG;YACnB,QAAQ,EAAE,aAAa,EAAE,QAAQ,EAAE,eAAe,EAAE,SAAS,EAAE,SAAS;YACxE,WAAW,EAAE,QAAQ,EAAE,OAAO,EAAE,qBAAqB,EAAE,KAAK,EAAE,QAAQ;YACtE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,KAAK;YACtE,IAAI,EAAE,MAAM,EAAE,YAAY,EAAE,SAAS,EAAE,UAAU,EAAE,aAAa;YAChE,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,gBAAgB,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK;YACtE,cAAc,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,gBAAgB;YAC1E,MAAM;SACP,CAAC;QAEF,MAAM,WAAW,GAAG,CAAC,GAAG,YAAY,EAAE,GAAG,eAAe,EAAE,GAAG,YAAY,CAAC,CAAC;QAE3E,2EAA2E;QAC3E,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,CAAC,cAAc,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC;QAE1E,4BAA4B;QAC5B,SAAS,SAAS,CAAC,GAAW;YAC5B,IAAI,OAAO,GAAa,EAAE,CAAC;YAC3B,MAAM,IAAI,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;YACjC,KAAK,MAAM,IAAI,IAAI,IAAI,EAAE,CAAC;gBACxB,4DAA4D;gBAC5D,IAAI,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;oBACzB,SAAS;gBACX,CAAC;gBACD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;gBACtC,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBACnC,IAAI,IAAI,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;oBAC/B,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;gBAChD,CAAC;qBAAM,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC1G,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBACzB,CAAC;YACH,CAAC;YACD,OAAO,OAAO,CAAC;QACjB,CAAC;QAED,IAAI,KAAK,GAAa,EAAE,CAAC;QACzB,IAAI,CAAC;YACH,KAAK,GAAG,SAAS,CAAC,WAAW,CAAC,CAAC;QACjC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,oCAAoC;QACpC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAC5E,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YAC/C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACtC,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;gBAC7B,MAAM,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;gBAEtB,wBAAwB;gBACxB,IAAI,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;oBACtG,WAAW,CAAC,IAAI,CAAC;wBACf,IAAI,EAAE,YAAY;wBAClB,IAAI,EAAE,OAAO;wBACb,MAAM,EAAE,gBAAgB;wBACxB,OAAO,EAAE,2EAA2E;wBACpF,QAAQ,EAAE,SAAS;qBACpB,CAAC,CAAC;gBACL,CAAC;gBAED,6DAA6D;gBAC7D,MAAM,UAAU,GAAG,0BAA0B,CAAC,WAAW,CAAC,CAAC;gBAC3D,IAAI,UAAU,EAAE,CAAC;oBAEf,wBAAwB;oBACxB,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;wBAClG,IAAI,OAAO,GAAG,UAAU,CAAC;wBAEzB,+CAA+C;wBAC/C,IAAI,UAAU,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;4BAC/B,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;4BACpC,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;gCACtB,OAAO,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;4BACtC,CAAC;wBACH,CAAC;6BAAM,CAAC;4BACN,OAAO,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;wBACrC,CAAC;wBAED,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;4BACnC,WAAW,CAAC,IAAI,CAAC;gCACf,IAAI,EAAE,YAAY;gCAClB,IAAI,EAAE,OAAO;gCACb,MAAM,EAAE,uBAAuB;gCAC/B,OAAO,EAAE,eAAe,OAAO,sDAAsD;gCACrF,QAAQ,EAAE,OAAO;6BAClB,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;CACF,CAAC"}
|
|
@@ -8,5 +8,22 @@ export interface AgentRunResult {
|
|
|
8
8
|
}
|
|
9
9
|
/**
|
|
10
10
|
* Invokes the external agent, substituting template variables and handling the shell process.
|
|
11
|
+
*
|
|
12
|
+
* Trust boundary: the `agentCommand` template and the project root path are
|
|
13
|
+
* configured by the project owner via `.hardness/config.json`. Hardness does
|
|
14
|
+
* not shell-escape the substituted `{cwd}`, `{context_file}` or `{timeout}`
|
|
15
|
+
* values because:
|
|
16
|
+
*
|
|
17
|
+
* 1. The project owner is the trusted author of `agentCommand` — they control
|
|
18
|
+
* both the command string and the location of the project on disk.
|
|
19
|
+
* 2. Escaping rules differ across shells (POSIX sh, bash, cmd.exe, PowerShell)
|
|
20
|
+
* and a naive escape implementation could introduce bugs more dangerous
|
|
21
|
+
* than the risk it mitigates.
|
|
22
|
+
* 3. The orchestrator only ever substitutes paths that originate from
|
|
23
|
+
* `getProjectRoot()` and the `.hardness/context.json` path it writes itself
|
|
24
|
+
* — never from agent-supplied or user-input strings at runtime.
|
|
25
|
+
*
|
|
26
|
+
* If an untrusted party can influence the project root path or the
|
|
27
|
+
* `agentCommand` value, that is the real vulnerability — not the substitution.
|
|
11
28
|
*/
|
|
12
29
|
export declare function runAgent(config: HardnessConfig, contextFilePath: string, projectRoot: string): Promise<AgentRunResult>;
|
|
@@ -2,6 +2,23 @@ import { runChecked } from '../common/subprocess.js';
|
|
|
2
2
|
import { logger } from '../common/logger.js';
|
|
3
3
|
/**
|
|
4
4
|
* Invokes the external agent, substituting template variables and handling the shell process.
|
|
5
|
+
*
|
|
6
|
+
* Trust boundary: the `agentCommand` template and the project root path are
|
|
7
|
+
* configured by the project owner via `.hardness/config.json`. Hardness does
|
|
8
|
+
* not shell-escape the substituted `{cwd}`, `{context_file}` or `{timeout}`
|
|
9
|
+
* values because:
|
|
10
|
+
*
|
|
11
|
+
* 1. The project owner is the trusted author of `agentCommand` — they control
|
|
12
|
+
* both the command string and the location of the project on disk.
|
|
13
|
+
* 2. Escaping rules differ across shells (POSIX sh, bash, cmd.exe, PowerShell)
|
|
14
|
+
* and a naive escape implementation could introduce bugs more dangerous
|
|
15
|
+
* than the risk it mitigates.
|
|
16
|
+
* 3. The orchestrator only ever substitutes paths that originate from
|
|
17
|
+
* `getProjectRoot()` and the `.hardness/context.json` path it writes itself
|
|
18
|
+
* — never from agent-supplied or user-input strings at runtime.
|
|
19
|
+
*
|
|
20
|
+
* If an untrusted party can influence the project root path or the
|
|
21
|
+
* `agentCommand` value, that is the real vulnerability — not the substitution.
|
|
5
22
|
*/
|
|
6
23
|
export async function runAgent(config, contextFilePath, projectRoot) {
|
|
7
24
|
const startTime = Date.now();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"adapter.js","sourceRoot":"","sources":["../../src/agent/adapter.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AACrD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAU7C
|
|
1
|
+
{"version":3,"file":"adapter.js","sourceRoot":"","sources":["../../src/agent/adapter.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AACrD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAU7C;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,CAAC,KAAK,UAAU,QAAQ,CAC5B,MAAsB,EACtB,eAAuB,EACvB,WAAmB;IAEnB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC;IAC9C,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,OAAO,GAAG,IAAI,CAAC;IAE9C,sFAAsF;IACtF,MAAM,qBAAqB,GAAG,eAAe,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACpE,MAAM,aAAa,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACxD,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;IAEpD,MAAM,OAAO,GAAG,WAAW;SACxB,KAAK,CAAC,gBAAgB,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC;SACnD,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC;SAClC,KAAK,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAExC,MAAM,CAAC,KAAK,CAAC,4BAA4B,OAAO,GAAG,CAAC,CAAC;IAErD,MAAM,SAAS,GAAG,MAAM,UAAU,CAAC,OAAO,EAAE;QAC1C,GAAG,EAAE,WAAW;QAChB,SAAS,EAAE,SAAS;KACrB,CAAC,CAAC;IAEH,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;IAE1C,OAAO;QACL,IAAI,EAAE,SAAS,CAAC,IAAI;QACpB,UAAU;QACV,MAAM,EAAE,SAAS,CAAC,MAAM;QACxB,MAAM,EAAE,SAAS,CAAC,MAAM;QACxB,KAAK,EAAE,SAAS,CAAC,KAAK;KACvB,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"paths.js","sourceRoot":"","sources":["../../src/common/paths.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB;;;GAGG;AACH,MAAM,UAAU,cAAc;IAC5B,IAAI,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IACjD,CAAC;IACD,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;AACrC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,sBAA8B,EAAE,UAAmB;IACjF,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,cAAc,EAAE,CAAC;IACtE,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,sBAAsB,CAAC,CAAC;IAEhE,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IAEnD,yEAAyE;IACzE,IAAI,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC3D,MAAM,IAAI,KAAK,CAAC,6BAA6B,sBAAsB,0BAA0B,IAAI,GAAG,CAAC,CAAC;IACxG,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,QAAgB,EAAE,UAAmB;IACvE,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,cAAc,EAAE,CAAC;IACtE,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IAClD,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IAEnD,IAAI,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC3D,MAAM,IAAI,KAAK,CAAC,SAAS,QAAQ,kCAAkC,IAAI,GAAG,CAAC,CAAC;IAC9E,CAAC;IAED,2EAA2E;IAC3E,OAAO,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;AAChE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB;IAClC,OAAO;QACL,oBAAoB;QACpB,mBAAmB;QACnB,kBAAkB;QAClB,YAAY;KACb,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,sBAA8B,EAAE,UAAmB;IACjF,IAAI,YAAoB,CAAC;IACzB,IAAI,CAAC;QACH,YAAY,GAAG,mBAAmB,CAAC,sBAAsB,EAAE,UAAU,CAAC,CAAC;IACzE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,sDAAsD;QACtD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,iBAAiB,GAAG,oBAAoB,EAAE,CAAC;IAEjD,mDAAmD;IACnD,IACE,YAAY,KAAK,WAAW;QAC5B,YAAY,KAAK,uBAAuB;QACxC,YAAY,KAAK,uBAAuB,EACxC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CACrC,YAAY,CAAC,UAAU,CAAC,MAAM,CAAC;QAC/B,CAAC,YAAY,GAAG,GAAG,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CACxC,CAAC;AACJ,CAAC"}
|
|
1
|
+
{"version":3,"file":"paths.js","sourceRoot":"","sources":["../../src/common/paths.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB;;;GAGG;AACH,MAAM,UAAU,cAAc;IAC5B,IAAI,OAAO,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IACjD,CAAC;IACD,OAAO,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;AACrC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,sBAA8B,EAAE,UAAmB;IACjF,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,cAAc,EAAE,CAAC;IACtE,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,sBAAsB,CAAC,CAAC;IAEhE,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IAEnD,yEAAyE;IACzE,IAAI,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC3D,MAAM,IAAI,KAAK,CAAC,6BAA6B,sBAAsB,0BAA0B,IAAI,GAAG,CAAC,CAAC;IACxG,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,QAAgB,EAAE,UAAmB;IACvE,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,cAAc,EAAE,CAAC;IACtE,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IAClD,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IAEnD,IAAI,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC3D,MAAM,IAAI,KAAK,CAAC,SAAS,QAAQ,kCAAkC,IAAI,GAAG,CAAC,CAAC;IAC9E,CAAC;IAED,2EAA2E;IAC3E,OAAO,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;AAChE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB;IAClC,OAAO;QACL,oBAAoB;QACpB,mBAAmB;QACnB,kBAAkB;QAClB,oBAAoB;QACpB,YAAY;KACb,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,sBAA8B,EAAE,UAAmB;IACjF,IAAI,YAAoB,CAAC;IACzB,IAAI,CAAC;QACH,YAAY,GAAG,mBAAmB,CAAC,sBAAsB,EAAE,UAAU,CAAC,CAAC;IACzE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,sDAAsD;QACtD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,iBAAiB,GAAG,oBAAoB,EAAE,CAAC;IAEjD,mDAAmD;IACnD,IACE,YAAY,KAAK,WAAW;QAC5B,YAAY,KAAK,uBAAuB;QACxC,YAAY,KAAK,uBAAuB,EACxC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CACrC,YAAY,CAAC,UAAU,CAAC,MAAM,CAAC;QAC/B,CAAC,YAAY,GAAG,GAAG,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CACxC,CAAC;AACJ,CAAC"}
|
|
@@ -1,12 +1,13 @@
|
|
|
1
1
|
export type SprintStatus = 'pending' | 'in-progress' | 'done';
|
|
2
2
|
export type FeatureStatus = 'pending' | 'in-progress' | 'done';
|
|
3
|
+
export declare const LOCK_SCHEMA_VERSION = 4;
|
|
3
4
|
export interface DependencyVerification {
|
|
4
5
|
name: string;
|
|
5
6
|
manifest?: string;
|
|
6
7
|
}
|
|
7
8
|
export interface SmokeVerification {
|
|
8
9
|
command: string;
|
|
9
|
-
executedBy: 'workflow'
|
|
10
|
+
executedBy: 'workflow';
|
|
10
11
|
timeoutSeconds?: number;
|
|
11
12
|
}
|
|
12
13
|
export interface AuditCategoryVerification {
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export
|
|
1
|
+
export const LOCK_SCHEMA_VERSION = 4;
|
|
2
2
|
//# sourceMappingURL=types.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/common/types.ts"],"names":[],"mappings":""}
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/common/types.ts"],"names":[],"mappings":"AAGA,MAAM,CAAC,MAAM,mBAAmB,GAAG,CAAC,CAAC"}
|
|
@@ -2,5 +2,8 @@ import { Gate } from './engine.js';
|
|
|
2
2
|
/**
|
|
3
3
|
* Static Analysis Gate: integrates the orchestrator's gate engine with the
|
|
4
4
|
* global analyzer registry, blocking approval of code with static errors.
|
|
5
|
+
*
|
|
6
|
+
* Honors optional `verification.auditCategory` and `verification.auditFinal`
|
|
7
|
+
* thresholds when present; defaults to failing on `error` severity otherwise.
|
|
5
8
|
*/
|
|
6
9
|
export declare const AnalyzerGate: Gate;
|
|
@@ -1,7 +1,21 @@
|
|
|
1
1
|
import { globalAnalyzerRegistry } from '@hardness/analyzers';
|
|
2
|
+
const SEVERITY_RANK = {
|
|
3
|
+
NONE: 0,
|
|
4
|
+
LOW: 1,
|
|
5
|
+
MED: 2,
|
|
6
|
+
HIGH: 3,
|
|
7
|
+
};
|
|
8
|
+
function shouldFail(diagSeverity, threshold) {
|
|
9
|
+
const diagRank = SEVERITY_RANK[diagSeverity.toUpperCase()] ?? 3;
|
|
10
|
+
const thresholdRank = SEVERITY_RANK[threshold] ?? 0;
|
|
11
|
+
return diagRank >= thresholdRank;
|
|
12
|
+
}
|
|
2
13
|
/**
|
|
3
14
|
* Static Analysis Gate: integrates the orchestrator's gate engine with the
|
|
4
15
|
* global analyzer registry, blocking approval of code with static errors.
|
|
16
|
+
*
|
|
17
|
+
* Honors optional `verification.auditCategory` and `verification.auditFinal`
|
|
18
|
+
* thresholds when present; defaults to failing on `error` severity otherwise.
|
|
5
19
|
*/
|
|
6
20
|
export const AnalyzerGate = {
|
|
7
21
|
name: 'analyzer',
|
|
@@ -9,9 +23,20 @@ export const AnalyzerGate = {
|
|
|
9
23
|
const profile = config.stack.stackProfile;
|
|
10
24
|
try {
|
|
11
25
|
const diagnostics = await globalAnalyzerRegistry.runAll(profile, projectRoot);
|
|
12
|
-
const
|
|
13
|
-
|
|
14
|
-
|
|
26
|
+
const auditCategory = feature.verification.auditCategory;
|
|
27
|
+
const auditFinal = feature.verification.auditFinal;
|
|
28
|
+
let failing;
|
|
29
|
+
if (auditCategory || auditFinal) {
|
|
30
|
+
const threshold = auditFinal?.failOnSeverityAtOrAbove
|
|
31
|
+
?? auditCategory.failOnSeverityAtOrAbove
|
|
32
|
+
?? 'LOW';
|
|
33
|
+
failing = diagnostics.filter((d) => shouldFail(d.severity, threshold));
|
|
34
|
+
}
|
|
35
|
+
else {
|
|
36
|
+
failing = diagnostics.filter((d) => d.severity === 'error');
|
|
37
|
+
}
|
|
38
|
+
if (failing.length > 0) {
|
|
39
|
+
const details = failing.map((e) => `[${e.file}${e.line ? `:${e.line}` : ''}] (${e.ruleId}): ${e.message}`);
|
|
15
40
|
return {
|
|
16
41
|
passed: false,
|
|
17
42
|
gate: 'analyzer',
|
|
@@ -22,7 +47,7 @@ export const AnalyzerGate = {
|
|
|
22
47
|
return {
|
|
23
48
|
passed: true,
|
|
24
49
|
gate: 'analyzer',
|
|
25
|
-
message: `Static analysis OK. (${diagnostics.length} diagnostics
|
|
50
|
+
message: `Static analysis OK. (${diagnostics.length} diagnostics reported)`
|
|
26
51
|
};
|
|
27
52
|
}
|
|
28
53
|
catch (err) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"analyzer-gate.js","sourceRoot":"","sources":["../../src/gates/analyzer-gate.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,sBAAsB,
|
|
1
|
+
{"version":3,"file":"analyzer-gate.js","sourceRoot":"","sources":["../../src/gates/analyzer-gate.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,sBAAsB,EAAc,MAAM,qBAAqB,CAAC;AAEzE,MAAM,aAAa,GAA6B;IAC9C,IAAI,EAAE,CAAC;IACP,GAAG,EAAE,CAAC;IACN,GAAG,EAAE,CAAC;IACN,IAAI,EAAE,CAAC;CACR,CAAC;AAEF,SAAS,UAAU,CAAC,YAAoB,EAAE,SAAmB;IAC3D,MAAM,QAAQ,GAAG,aAAa,CAAE,YAAY,CAAC,WAAW,EAAe,CAAC,IAAI,CAAC,CAAC;IAC9E,MAAM,aAAa,GAAG,aAAa,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IACpD,OAAO,QAAQ,IAAI,aAAa,CAAC;AACnC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,YAAY,GAAS;IAChC,IAAI,EAAE,UAAU;IAChB,KAAK,CAAC,GAAG,CAAC,OAAgB,EAAE,MAAsB,EAAE,WAAmB;QACrE,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC;QAE1C,IAAI,CAAC;YACH,MAAM,WAAW,GAAiB,MAAM,sBAAsB,CAAC,MAAM,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;YAE5F,MAAM,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC,aAAa,CAAC;YACzD,MAAM,UAAU,GAAG,OAAO,CAAC,YAAY,CAAC,UAAU,CAAC;YAEnD,IAAI,OAAqB,CAAC;YAE1B,IAAI,aAAa,IAAI,UAAU,EAAE,CAAC;gBAChC,MAAM,SAAS,GAAa,UAAU,EAAE,uBAAuB;uBAC1D,aAAc,CAAC,uBAAuB;uBACtC,KAAK,CAAC;gBAEX,OAAO,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC,CAAC;YACzE,CAAC;iBAAM,CAAC;gBACN,OAAO,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;YAC9D,CAAC;YAED,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACvB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,MAAM,MAAM,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC3G,OAAO;oBACL,MAAM,EAAE,KAAK;oBACb,IAAI,EAAE,UAAU;oBAChB,OAAO,EAAE,qDAAqD;oBAC9D,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC;iBAC5B,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,MAAM,EAAE,IAAI;gBACZ,IAAI,EAAE,UAAU;gBAChB,OAAO,EAAE,wBAAwB,WAAW,CAAC,MAAM,wBAAwB;aAC5E,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO;gBACL,MAAM,EAAE,KAAK;gBACb,IAAI,EAAE,UAAU;gBAChB,OAAO,EAAE,iCAAkC,GAAa,CAAC,OAAO,EAAE;aACnE,CAAC;QACJ,CAAC;IACH,CAAC;CACF,CAAC"}
|
|
@@ -1,5 +1,11 @@
|
|
|
1
1
|
import { Gate } from './engine.js';
|
|
2
2
|
/**
|
|
3
3
|
* Dependencies Gate: validates that libraries declared in the feature are present in the package manifest.
|
|
4
|
+
*
|
|
5
|
+
* - For `package.json` manifests, uses structured key lookup (exact match).
|
|
6
|
+
* - For other manifests, uses word-boundary regex matching to avoid false
|
|
7
|
+
* positives like `lodash` matching `lodash-es`.
|
|
8
|
+
* - Emits a warning (via logger) when a non-Node stack has no explicit manifest,
|
|
9
|
+
* instead of silently skipping.
|
|
4
10
|
*/
|
|
5
11
|
export declare const DependencyGate: Gate;
|
|
@@ -1,7 +1,17 @@
|
|
|
1
1
|
import fs from 'fs';
|
|
2
2
|
import { safeProjectPath } from '../common/paths.js';
|
|
3
|
+
import { logger } from '../common/logger.js';
|
|
4
|
+
function escapeRegex(s) {
|
|
5
|
+
return s.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
|
|
6
|
+
}
|
|
3
7
|
/**
|
|
4
8
|
* Dependencies Gate: validates that libraries declared in the feature are present in the package manifest.
|
|
9
|
+
*
|
|
10
|
+
* - For `package.json` manifests, uses structured key lookup (exact match).
|
|
11
|
+
* - For other manifests, uses word-boundary regex matching to avoid false
|
|
12
|
+
* positives like `lodash` matching `lodash-es`.
|
|
13
|
+
* - Emits a warning (via logger) when a non-Node stack has no explicit manifest,
|
|
14
|
+
* instead of silently skipping.
|
|
5
15
|
*/
|
|
6
16
|
export const DependencyGate = {
|
|
7
17
|
name: 'dependencies',
|
|
@@ -19,7 +29,9 @@ export const DependencyGate = {
|
|
|
19
29
|
manifestFile = 'package.json';
|
|
20
30
|
}
|
|
21
31
|
else {
|
|
22
|
-
//
|
|
32
|
+
// Warn instead of silently skipping — the user declared a dependency
|
|
33
|
+
// expectation that we cannot verify without a manifest path.
|
|
34
|
+
logger.warn(`Dependency "${dep.name}" declared without a manifest path and stack profile "${stackProfile}" has no default manifest. Skipping (unverifiable).`);
|
|
23
35
|
continue;
|
|
24
36
|
}
|
|
25
37
|
}
|
|
@@ -48,7 +60,10 @@ export const DependencyGate = {
|
|
|
48
60
|
}
|
|
49
61
|
else {
|
|
50
62
|
// Textual fallback for other formats (e.g. Cargo.toml, requirements.txt)
|
|
51
|
-
|
|
63
|
+
// Use boundary matching that treats '-' as part of package names,
|
|
64
|
+
// so 'lodash' does not false-positive match 'lodash-es'.
|
|
65
|
+
const depRegex = new RegExp(`(?<![a-zA-Z0-9_-])${escapeRegex(dep.name)}(?![a-zA-Z0-9_-])`);
|
|
66
|
+
if (!depRegex.test(raw)) {
|
|
52
67
|
return {
|
|
53
68
|
passed: false,
|
|
54
69
|
gate: 'dependencies',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dependency.js","sourceRoot":"","sources":["../../src/gates/dependency.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AAIpB,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"dependency.js","sourceRoot":"","sources":["../../src/gates/dependency.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AAIpB,OAAO,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AACrD,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAE7C,SAAS,WAAW,CAAC,CAAS;IAC5B,OAAO,CAAC,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC;AAClD,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,cAAc,GAAS;IAClC,IAAI,EAAE,cAAc;IACpB,KAAK,CAAC,GAAG,CAAC,OAAgB,EAAE,MAAsB,EAAE,WAAmB;QACrE,MAAM,IAAI,GAAG,OAAO,CAAC,YAAY,CAAC,YAAY,CAAC;QAC/C,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/B,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,cAAc,EAAE,OAAO,EAAE,4CAA4C,EAAE,CAAC;QACvG,CAAC;QAED,MAAM,YAAY,GAAG,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC;QAE/C,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,IAAI,YAAY,GAAG,GAAG,CAAC,QAAQ,CAAC;YAEhC,iEAAiE;YACjE,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,IAAI,YAAY,KAAK,iBAAiB,EAAE,CAAC;oBACvC,YAAY,GAAG,cAAc,CAAC;gBAChC,CAAC;qBAAM,CAAC;oBACN,qEAAqE;oBACrE,6DAA6D;oBAC7D,MAAM,CAAC,IAAI,CAAC,eAAe,GAAG,CAAC,IAAI,yDAAyD,YAAY,qDAAqD,CAAC,CAAC;oBAC/J,SAAS;gBACX,CAAC;YACH,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,WAAW,GAAG,eAAe,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;gBAC/D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;oBAChC,OAAO;wBACL,MAAM,EAAE,KAAK;wBACb,IAAI,EAAE,cAAc;wBACpB,OAAO,EAAE,2CAA2C,YAAY,GAAG;qBACpE,CAAC;gBACJ,CAAC;gBAED,MAAM,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;gBAElD,IAAI,YAAY,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;oBAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;oBAC5B,MAAM,MAAM,GAAG,CAAC,GAAG,CAAC,YAAY,IAAI,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;wBAChD,CAAC,GAAG,CAAC,eAAe,IAAI,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;wBACtD,CAAC,GAAG,CAAC,gBAAgB,IAAI,GAAG,CAAC,gBAAgB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC;oBAExE,IAAI,CAAC,MAAM,EAAE,CAAC;wBACZ,OAAO;4BACL,MAAM,EAAE,KAAK;4BACb,IAAI,EAAE,cAAc;4BACpB,OAAO,EAAE,eAAe,GAAG,CAAC,IAAI,mBAAmB,YAAY,IAAI;yBACpE,CAAC;oBACJ,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,yEAAyE;oBACzE,kEAAkE;oBAClE,yDAAyD;oBACzD,MAAM,QAAQ,GAAG,IAAI,MAAM,CAAC,qBAAqB,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;oBAC3F,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;wBACxB,OAAO;4BACL,MAAM,EAAE,KAAK;4BACb,IAAI,EAAE,cAAc;4BACpB,OAAO,EAAE,eAAe,GAAG,CAAC,IAAI,mBAAmB,YAAY,qBAAqB;yBACrF,CAAC;oBACJ,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO;oBACL,MAAM,EAAE,KAAK;oBACb,IAAI,EAAE,cAAc;oBACpB,OAAO,EAAE,gCAAgC,GAAG,CAAC,IAAI,kBAAkB,YAAY,MAAO,GAAa,CAAC,OAAO,EAAE;iBAC9G,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,cAAc,EAAE,OAAO,EAAE,iBAAiB,EAAE,CAAC;IAC5E,CAAC;CACF,CAAC"}
|
|
@@ -12,7 +12,13 @@ export declare const AntiEmptyGate: Gate;
|
|
|
12
12
|
*/
|
|
13
13
|
export declare const PathsGate: Gate;
|
|
14
14
|
/**
|
|
15
|
-
* Unicode Gate: rejects invalid typographic characters
|
|
15
|
+
* Unicode Gate: rejects invalid typographic characters and hidden Unicode in source code.
|
|
16
|
+
*
|
|
17
|
+
* Detects:
|
|
18
|
+
* - Em-dash (U+2014) and smart quotes (U+201C/D, U+2018/9) — typographic substitutions
|
|
19
|
+
* - Zero-width space (U+200B), zero-width non-joiner (U+200C), word joiner (U+2060)
|
|
20
|
+
* - BOM (U+FEFF)
|
|
21
|
+
* - RTL override (U+202E) and LTR override (U+202D)
|
|
16
22
|
*/
|
|
17
23
|
export declare const UnicodeGate: Gate;
|
|
18
24
|
/**
|
|
@@ -97,16 +97,30 @@ export const PathsGate = {
|
|
|
97
97
|
}
|
|
98
98
|
};
|
|
99
99
|
/**
|
|
100
|
-
* Unicode Gate: rejects invalid typographic characters
|
|
100
|
+
* Unicode Gate: rejects invalid typographic characters and hidden Unicode in source code.
|
|
101
|
+
*
|
|
102
|
+
* Detects:
|
|
103
|
+
* - Em-dash (U+2014) and smart quotes (U+201C/D, U+2018/9) — typographic substitutions
|
|
104
|
+
* - Zero-width space (U+200B), zero-width non-joiner (U+200C), word joiner (U+2060)
|
|
105
|
+
* - BOM (U+FEFF)
|
|
106
|
+
* - RTL override (U+202E) and LTR override (U+202D)
|
|
101
107
|
*/
|
|
102
108
|
export const UnicodeGate = {
|
|
103
109
|
name: 'unicode',
|
|
104
110
|
async run(feature, config, projectRoot) {
|
|
105
|
-
const
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
111
|
+
const FORBIDDEN = [
|
|
112
|
+
{ cp: '\u2014', label: 'em-dash (—)' },
|
|
113
|
+
{ cp: '\u201c', label: 'left smart quote (“)' },
|
|
114
|
+
{ cp: '\u201d', label: 'right smart quote (”)' },
|
|
115
|
+
{ cp: '\u2018', label: 'single left smart quote (‘)' },
|
|
116
|
+
{ cp: '\u2019', label: 'single right smart quote (’)' },
|
|
117
|
+
{ cp: '\u200b', label: 'zero-width space (U+200B)' },
|
|
118
|
+
{ cp: '\u200c', label: 'zero-width non-joiner (U+200C)' },
|
|
119
|
+
{ cp: '\u2060', label: 'word joiner (U+2060)' },
|
|
120
|
+
{ cp: '\ufeff', label: 'BOM (U+FEFF)' },
|
|
121
|
+
{ cp: '\u202e', label: 'RTL override (U+202E)' },
|
|
122
|
+
{ cp: '\u202d', label: 'LTR override (U+202D)' },
|
|
123
|
+
];
|
|
110
124
|
for (const fileEntry of feature.files) {
|
|
111
125
|
const isObj = typeof fileEntry === 'object';
|
|
112
126
|
const fileRelPath = isObj ? fileEntry.file : fileEntry;
|
|
@@ -115,14 +129,10 @@ export const UnicodeGate = {
|
|
|
115
129
|
if (!fs.existsSync(absPath))
|
|
116
130
|
continue;
|
|
117
131
|
const content = fs.readFileSync(absPath, 'utf-8');
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
return { passed: false, gate: 'unicode', message: `Invalid typographic character 'smart quote' (“ or ”) detected in file: ${fileRelPath}` };
|
|
123
|
-
}
|
|
124
|
-
if (content.includes(SINGLE_LEFT_SMART_QUOTE) || content.includes(SINGLE_RIGHT_SMART_QUOTE)) {
|
|
125
|
-
return { passed: false, gate: 'unicode', message: `Invalid typographic character 'smart quote' (‘ or ’) detected in file: ${fileRelPath}` };
|
|
132
|
+
for (const { cp, label } of FORBIDDEN) {
|
|
133
|
+
if (content.includes(cp)) {
|
|
134
|
+
return { passed: false, gate: 'unicode', message: `Invalid Unicode character '${label}' detected in file: ${fileRelPath}` };
|
|
135
|
+
}
|
|
126
136
|
}
|
|
127
137
|
}
|
|
128
138
|
catch (err) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"generic.js","sourceRoot":"","sources":["../../src/gates/generic.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AAIxB,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAE1E;;GAEG;AACH,MAAM,CAAC,MAAM,aAAa,GAAS;IACjC,IAAI,EAAE,WAAW;IACjB,KAAK,CAAC,GAAG,CAAC,OAAgB,EAAE,MAAsB,EAAE,WAAmB;QACrE,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,EAAE,aAAa,CAAC,CAAC;QAC1E,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;YACnC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC;QAChG,CAAC;QAED,MAAM,UAAU,GAAG,EAAE,CAAC,YAAY,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;QACnE,IAAI,CAAC,UAAU,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;YACzC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,mCAAmC,EAAE,CAAC;QAC3F,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;QAC9E,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC/B,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,oCAAoC,UAAU,IAAI,EAAE,CAAC;QAC1G,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;YAChE,MAAM,eAAe,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,aAAa,IAAI,CAAC,CAAC,EAAE,KAAK,OAAO,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC;YAErH,IAAI,eAAe,GAAG,CAAC,EAAE,CAAC;gBACxB,OAAO;oBACL,MAAM,EAAE,KAAK;oBACb,IAAI,EAAE,WAAW;oBACjB,OAAO,EAAE,mGAAmG;iBAC7G,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,8DAA8D;QAChE,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,cAAc,EAAE,CAAC;IACtE,CAAC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,aAAa,GAAS;IACjC,IAAI,EAAE,YAAY;IAClB,KAAK,CAAC,GAAG,CAAC,OAAgB,EAAE,MAAsB,EAAE,WAAmB;QACrE,IAAI,CAAC,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC;QAClF,CAAC;QACD,IAAI,CAAC,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACpE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC;QACxF,CAAC;QACD,IAAI,CAAC,OAAO,CAAC,kBAAkB,IAAI,OAAO,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACzE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,kDAAkD,EAAE,CAAC;QAC5G,CAAC;QACD,IAAI,CAAC,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/C,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,mCAAmC,EAAE,CAAC;QAC7F,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC;IACxE,CAAC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,SAAS,GAAS;IAC7B,IAAI,EAAE,OAAO;IACb,KAAK,CAAC,GAAG,CAAC,OAAgB,EAAE,MAAsB,EAAE,WAAmB;QACrE,KAAK,MAAM,SAAS,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YACtC,MAAM,KAAK,GAAG,OAAO,SAAS,KAAK,QAAQ,CAAC;YAC5C,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACvD,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;YAE7C,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,eAAe,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;gBAE1D,6DAA6D;gBAC7D,IAAI,KAAK,KAAK,KAAK,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC/C,OAAO;wBACL,MAAM,EAAE,KAAK;wBACb,IAAI,EAAE,OAAO;wBACb,OAAO,EAAE,0CAA0C,WAAW,GAAG;qBAClE,CAAC;gBACJ,CAAC;gBAED,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;oBACjE,OAAO;wBACL,MAAM,EAAE,KAAK;wBACb,IAAI,EAAE,OAAO;wBACb,OAAO,EAAE,uDAAuD,WAAW,GAAG;qBAC/E,CAAC;gBACJ,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO;oBACL,MAAM,EAAE,KAAK;oBACb,IAAI,EAAE,OAAO;oBACb,OAAO,EAAE,0BAA0B,WAAW,MAAO,GAAa,CAAC,OAAO,EAAE;iBAC7E,CAAC;YACJ,CAAC;QACH,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC;IAC9D,CAAC;CACF,CAAC;AAEF
|
|
1
|
+
{"version":3,"file":"generic.js","sourceRoot":"","sources":["../../src/gates/generic.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AAIxB,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AAE1E;;GAEG;AACH,MAAM,CAAC,MAAM,aAAa,GAAS;IACjC,IAAI,EAAE,WAAW;IACjB,KAAK,CAAC,GAAG,CAAC,OAAgB,EAAE,MAAsB,EAAE,WAAmB;QACrE,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,EAAE,aAAa,CAAC,CAAC;QAC1E,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;YACnC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,wCAAwC,EAAE,CAAC;QAChG,CAAC;QAED,MAAM,UAAU,GAAG,EAAE,CAAC,YAAY,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;QACnE,IAAI,CAAC,UAAU,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;YACzC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,mCAAmC,EAAE,CAAC;QAC3F,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;QAC9E,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC/B,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,oCAAoC,UAAU,IAAI,EAAE,CAAC;QAC1G,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;YAChE,MAAM,eAAe,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,aAAa,IAAI,CAAC,CAAC,EAAE,KAAK,OAAO,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC;YAErH,IAAI,eAAe,GAAG,CAAC,EAAE,CAAC;gBACxB,OAAO;oBACL,MAAM,EAAE,KAAK;oBACb,IAAI,EAAE,WAAW;oBACjB,OAAO,EAAE,mGAAmG;iBAC7G,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,8DAA8D;QAChE,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,cAAc,EAAE,CAAC;IACtE,CAAC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,aAAa,GAAS;IACjC,IAAI,EAAE,YAAY;IAClB,KAAK,CAAC,GAAG,CAAC,OAAgB,EAAE,MAAsB,EAAE,WAAmB;QACrE,IAAI,CAAC,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,wBAAwB,EAAE,CAAC;QAClF,CAAC;QACD,IAAI,CAAC,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACpE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC;QACxF,CAAC;QACD,IAAI,CAAC,OAAO,CAAC,kBAAkB,IAAI,OAAO,CAAC,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACzE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,kDAAkD,EAAE,CAAC;QAC5G,CAAC;QACD,IAAI,CAAC,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/C,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,mCAAmC,EAAE,CAAC;QAC7F,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,eAAe,EAAE,CAAC;IACxE,CAAC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,SAAS,GAAS;IAC7B,IAAI,EAAE,OAAO;IACb,KAAK,CAAC,GAAG,CAAC,OAAgB,EAAE,MAAsB,EAAE,WAAmB;QACrE,KAAK,MAAM,SAAS,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YACtC,MAAM,KAAK,GAAG,OAAO,SAAS,KAAK,QAAQ,CAAC;YAC5C,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACvD,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;YAE7C,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,eAAe,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;gBAE1D,6DAA6D;gBAC7D,IAAI,KAAK,KAAK,KAAK,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC/C,OAAO;wBACL,MAAM,EAAE,KAAK;wBACb,IAAI,EAAE,OAAO;wBACb,OAAO,EAAE,0CAA0C,WAAW,GAAG;qBAClE,CAAC;gBACJ,CAAC;gBAED,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;oBACjE,OAAO;wBACL,MAAM,EAAE,KAAK;wBACb,IAAI,EAAE,OAAO;wBACb,OAAO,EAAE,uDAAuD,WAAW,GAAG;qBAC/E,CAAC;gBACJ,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO;oBACL,MAAM,EAAE,KAAK;oBACb,IAAI,EAAE,OAAO;oBACb,OAAO,EAAE,0BAA0B,WAAW,MAAO,GAAa,CAAC,OAAO,EAAE;iBAC7E,CAAC;YACJ,CAAC;QACH,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC;IAC9D,CAAC;CACF,CAAC;AAEF;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,WAAW,GAAS;IAC/B,IAAI,EAAE,SAAS;IACf,KAAK,CAAC,GAAG,CAAC,OAAgB,EAAE,MAAsB,EAAE,WAAmB;QACrE,MAAM,SAAS,GAAyC;YACtD,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,aAAa,EAAE;YACtC,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,sBAAsB,EAAE;YAC/C,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,uBAAuB,EAAE;YAChD,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,6BAA6B,EAAE;YACtD,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,8BAA8B,EAAE;YACvD,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,2BAA2B,EAAE;YACpD,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,gCAAgC,EAAE;YACzD,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,sBAAsB,EAAE;YAC/C,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,cAAc,EAAE;YACvC,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,uBAAuB,EAAE;YAChD,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,uBAAuB,EAAE;SACjD,CAAC;QAEF,KAAK,MAAM,SAAS,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YACtC,MAAM,KAAK,GAAG,OAAO,SAAS,KAAK,QAAQ,CAAC;YAC5C,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YAEvD,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,eAAe,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC;gBAC1D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;oBAAE,SAAS;gBAEtC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;gBAElD,KAAK,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,SAAS,EAAE,CAAC;oBACtC,IAAI,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;wBACzB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,8BAA8B,KAAK,uBAAuB,WAAW,EAAE,EAAE,CAAC;oBAC9H,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,uDAAuD;YACzD,CAAC;QACH,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,YAAY,EAAE,CAAC;IAClE,CAAC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,QAAQ,GAAS;IAC5B,IAAI,EAAE,MAAM;IACZ,KAAK,CAAC,GAAG,CAAC,OAAgB,EAAE,MAAsB,EAAE,WAAmB;QACrE,MAAM,EAAE,aAAa,EAAE,gBAAgB,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,YAAY,CAAC;QAC5E,IAAI,CAAC,aAAa,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACxC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC;QACjF,CAAC;QAED,IAAI,CAAC,SAAS,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,6DAA6D,EAAE,CAAC;QACjH,CAAC;QAED,MAAM,YAAY,GAAa,EAAE,CAAC;QAClC,KAAK,MAAM,EAAE,IAAI,SAAS,EAAE,CAAC;YAC3B,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,eAAe,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC;gBAC7C,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;oBACvB,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACzB,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,8BAA8B,EAAE,EAAE,EAAE,CAAC;YACtF,CAAC;QACH,CAAC;QAED,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,sDAAsD,EAAE,CAAC;QAC1G,CAAC;QAED,mEAAmE;QACnE,IAAI,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9C,KAAK,MAAM,OAAO,IAAI,aAAa,EAAE,CAAC;gBACpC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC;gBAClC,IAAI,KAAK,GAAG,KAAK,CAAC;gBAElB,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;oBAChC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;oBAC/C,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;wBACxB,KAAK,GAAG,IAAI,CAAC;wBACb,MAAM;oBACR,CAAC;gBACH,CAAC;gBAED,IAAI,CAAC,KAAK,EAAE,CAAC;oBACX,OAAO;wBACL,MAAM,EAAE,KAAK;wBACb,IAAI,EAAE,MAAM;wBACZ,OAAO,EAAE,gCAAgC,OAAO,GAAG;qBACpD,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,iEAAiE;QACjE,IAAI,gBAAgB,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpD,KAAK,MAAM,OAAO,IAAI,gBAAgB,EAAE,CAAC;gBACvC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC;gBAElC,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;oBAChC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;oBAC/C,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;wBACxB,MAAM,GAAG,GAAG,mBAAmB,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;wBACnD,OAAO;4BACL,MAAM,EAAE,KAAK;4BACb,IAAI,EAAE,MAAM;4BACZ,OAAO,EAAE,uCAAuC,GAAG,OAAO,OAAO,GAAG;yBACrE,CAAC;oBACJ,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;IAC5D,CAAC;CACF,CAAC"}
|
|
@@ -2,5 +2,7 @@ import { Gate } from './engine.js';
|
|
|
2
2
|
/**
|
|
3
3
|
* Import Resolver Gate: validates that all relative imports declared in the
|
|
4
4
|
* feature's edited files actually resolve to existing files on disk.
|
|
5
|
+
*
|
|
6
|
+
* Supports multiline import/require statements via extractRelativeImports.
|
|
5
7
|
*/
|
|
6
8
|
export declare const ImportResolverGate: Gate;
|