npm - kcode-pi - Versions diffs - 0.1.6 → 0.1.7 - Mend

kcode-pi 0.1.6 → 0.1.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (47) hide show

package/vendor/kingdee-skills/kingdee-cosmic-reviewer/scripts/pattern-matcher.py DELETED Viewed

@@ -1,336 +0,0 @@
-#!/usr/bin/env python3
-"""
-金蝶代码问题模式匹配器
-用于快速识别代码中的严重问题
-使用方法:
-    python pattern-matcher.py <file_path>
-输出:
-    - P0 级问题（阻断/严重）
-    - P1 级问题（高危/性能）
-    - P2 级问题（规范/建议）
-"""
-import re
-import sys
-from typing import List, Tuple, Dict, Optional
-# ==========================================
-# 上下文验证函数（减少误判）
-# ==========================================
-def _is_in_try_with_resources(code: str, match_start: int) -> bool:
-    """检查匹配位置是否在 try-with-resources 块内"""
-    # 向前查找最近的 try( 语句
-    before = code[:match_start]
-    # 查找最近的 try 块
-    try_pos = before.rfind('try (')
-    try_pos2 = before.rfind('try(')
-    try_pos = max(try_pos, try_pos2)
-    if try_pos == -1:
-        return False
-    # 检查 try 和 match 之间是否有闭合的 }
-    between = before[try_pos:]
-    open_braces = between.count('{') - between.count('}')
-    return open_braces > 0
-def _is_in_comment(code: str, match_start: int) -> bool:
-    """检查匹配位置是否在注释中"""
-    # 检查是否在单行注释中
-    line_start = code.rfind('\n', 0, match_start) + 1
-    line = code[line_start:match_start]
-    if '//' in line:
-        return True
-    # 检查是否在多行注释中
-    last_open = code.rfind('/*', 0, match_start)
-    if last_open != -1:
-        last_close = code.rfind('*/', 0, match_start)
-        if last_close < last_open:
-            return True
-    return False
-def _is_org_user_id_field(match_text: str) -> bool:
-    """检查是否是组织/用户/部门相关字段（真正的硬编码ID问题）"""
-    id_field_patterns = [
-        r'"[^"]*org[^"]*"',      # 组织相关
-        r'"[^"]*user[^"]*"',     # 用户相关
-        r'"[^"]*dept[^"]*"',     # 部门相关
-        r'"[^"]*creator[^"]*"',  # 创建人
-        r'"[^"]*modifier[^"]*"', # 修改人
-        r'"[^"]*approver[^"]*"', # 审核人
-    ]
-    for pattern in id_field_patterns:
-        if re.search(pattern, match_text, re.IGNORECASE):
-            return True
-    return False
-def _is_null_checked_before(code: str, var_name: str, match_start: int) -> bool:
-    """检查变量在使用前是否已做过空检查"""
-    before = code[:match_start]
-    # 查找最近100个字符内是否有空检查
-    check_range = before[-200:] if len(before) > 200 else before
-    null_check_patterns = [
-        rf'{var_name}\s*!=\s*null',
-        rf'{var_name}\s*==\s*null',
-        rf'Optional\.ofNullable\s*\(\s*{var_name}',
-        rf'if\s*\(\s*{var_name}\s*!=\s*null',
-    ]
-    for pattern in null_check_patterns:
-        if re.search(pattern, check_range):
-            return True
-    return False
-# ==========================================
-# P0 级问题模式定义（阻断/严重）
-# ==========================================
-PATTERNS_P0 = [
-    # 生命周期问题
-    (r'public\s+void\s+initialize\s*\([^)]*\)\s*\{[^}]*addItemClickListener',
-     'Initialize 注册监听', 'lifecycle-checklist.md', '内存泄漏，监听器无法正确释放'),
-    (r'public\s+void\s+initialize\s*\([^)]*\)\s*\{[^}]*getView\(\)',
-     'Initialize 操作 UI', 'lifecycle-checklist.md', '生命周期违规'),
-    # 事务问题
-    (r'beforeExecuteOperationTransaction[^}]*SaveServiceHelper\.save',
-     '操作插件独立保存破坏事务', 'data-transaction-checklist.md', '事务分离，数据不一致，无法回滚'),
-    (r'afterExecuteOperationTransaction[^}]*SaveServiceHelper\.save',
-     '操作插件独立保存破坏事务', 'data-transaction-checklist.md', '事务分离，数据不一致'),
-    # 资源泄漏 - DataSet（需上下文验证：排除已在 try-with-resources 中的情况）
-    (r'DataSet\s+\w+\s*=\s*QueryServiceHelper\.',
-     'DataSet 查询未使用 try-with-resources', 'data-transaction-checklist.md', '连接池耗尽，系统崩溃',
-     'check_try_with_resources'),
-    (r'DataSet\s+\w+\s*=\s*Algo\.',
-     'DataSet (Algo) 未使用 try-with-resources', 'data-transaction-checklist.md', '计算资源泄漏',
-     'check_try_with_resources'),
-    # 资源泄漏 - AlgoContext（需上下文验证）
-    (r'AlgoContext\s+\w+\s*=\s*Algo\.newContext\(\)',
-     'AlgoContext 可能未关闭', 'data-transaction-checklist.md', '计算资源泄漏',
-     'check_try_with_resources'),
-    # 硬编码组织/用户 ID（缩小匹配范围，仅匹配 org/user/dept 相关字段）
-    (r'\.set\s*\(\s*"[^"]*(org|creator|modifier|approver|dept|user)[^"]*"\s*,\s*\d{4,}L?\s*\)',
-     '硬编码组织/用户 ID', 'data-transaction-checklist.md', '跨环境部署失败'),
-    # 空指针风险 - P0级（链式调用未判空）
-    (r'getDynamicObject\s*\(\s*"[^"]+"\s*\)\.getPkValue\s*\(',
-     'getDynamicObject() 结果未判空调用 getPkValue', 'coding-standard-checklist.md', 'NullPointerException'),
-    (r'getDynamicObject\s*\(\s*"[^"]+"\s*\)\.getString\s*\(',
-     'getDynamicObject() 结果未判空调用 getString', 'coding-standard-checklist.md', 'NullPointerException'),
-    (r'getDynamicObject\s*\(\s*"[^"]+"\s*\)\.getBigDecimal\s*\(',
-     'getDynamicObject() 结果未判空调用 getBigDecimal', 'coding-standard-checklist.md', 'NullPointerException'),
-    (r'getDynamicObject\s*\(\s*"[^"]+"\s*\)\.getLong\s*\(',
-     'getDynamicObject() 结果未判空调用 getLong', 'coding-standard-checklist.md', 'NullPointerException'),
-    # 分布式锁未在 finally 释放
-    (r'\.lock\s*\(\s*\)[^}]*(?!finally)',
-     '分布式锁可能未在 finally 中释放', 'infra-checklist.md', '锁永久不释放，线程阻塞'),
-]
-# ==========================================
-# P1 级问题模式定义（高危/性能）
-# ==========================================
-PATTERNS_P1 = [
-    # 性能问题 - UI
-    (r'for\s*\([^)]+\)\s*\{[^}]*updateView\s*\(',
-     '循环内调用 updateView', 'ui-performance-checklist.md', '界面卡顿'),
-    (r'while\s*\([^)]+\)\s*\{[^}]*updateView\s*\(',
-     '循环内调用 updateView', 'ui-performance-checklist.md', '界面卡顿'),
-    (r'for\s*\([^)]+\)\s*\{[^}]*getFieldIndex\s*\(',
-     '循环内获取 FieldIndex', 'ui-performance-checklist.md', '性能损耗'),
-    # 性能问题 - 数据库
-    (r'for\s*\([^)]+\)\s*\{[^}]*BusinessDataServiceHelper\.loadSingle',
-     '循环内调用 loadSingle', 'data-transaction-checklist.md', 'N+1 查询问题'),
-    (r'for\s*\([^)]+\)\s*\{[^}]*BusinessDataServiceHelper\.load\s*\(',
-     '循环内调用 load', 'data-transaction-checklist.md', 'N+1 查询问题'),
-    (r'for\s*\([^)]+\)\s*\{[^}]*SaveServiceHelper\.save',
-     '循环内调用 save', 'data-transaction-checklist.md', '性能问题+事务风险'),
-    (r'for\s*\([^)]+\)\s*\{[^}]*QueryServiceHelper\.query',
-     '循环内调用 QueryServiceHelper', 'data-transaction-checklist.md', 'N+1 查询问题'),
-    (r'for\s*\([^)]+\)\s*\{[^}]*DispatchServiceHelper\.invoke',
-     '循环内调用微服务', 'data-transaction-checklist.md', 'N+1 远程调用'),
-    # 空指针风险 - P1级
-    (r'getDataEntities\s*\(\s*\)\s*\[\s*\d+\s*\]',
-     'getDataEntities() 数组访问未判空', 'coding-standard-checklist.md', 'ArrayIndexOutOfBoundsException'),
-    (r'this\.dataEntities\s*\[',
-     'dataEntities 数组访问未判空', 'coding-standard-checklist.md', '空指针风险'),
-    # JDK 原生线程
-    (r'new\s+Thread\s*\(',
-     '使用 JDK 原生 Thread', 'infra-checklist.md', '绕过平台线程管理'),
-    (r'Executors\.\s*new\w+Pool',
-     '使用 JDK 原生线程池', 'infra-checklist.md', '绕过平台线程管理'),
-    # System.out
-    (r'System\s*\.\s*out\s*\.\s*print',
-     '使用 System.out 而非平台日志', 'coding-standard-checklist.md', '日志不规范'),
-    # 集合问题
-    (r'\.size\s*\(\s*\)\s*>\s*0',
-     '建议使用 !isEmpty() 替代 size()>0', 'coding-standard-checklist.md', '代码可读性'),
-    # MQ publisher 未关闭
-    (r'createSimplePublisher\s*\([^)]*\)',
-     'MQ Publisher 可能未关闭', 'infra-checklist.md', '资源泄漏',
-     'check_try_with_resources'),
-]
-# ==========================================
-# P2 级问题模式定义（规范/建议）
-# ==========================================
-PATTERNS_P2 = [
-    # 编码规范
-    (r'private\s+final\s+\w+\s+ZERO\s*=\s*BigDecimal\.ZERO',
-     'ZERO 字段应声明为 static final', 'coding-standard-checklist.md', '内存浪费'),
-    (r'public\s+\w+\s*\(\s*\)\s*\{\s*super\s*\(\s*\)\s*;\s*\}',
-     '冗余的空构造函数', 'coding-standard-checklist.md', '代码冗余'),
-    (r'logger\.error\s*\(\s*"[^"]+"\s*\)',
-     '异常日志缺少堆栈信息', 'coding-standard-checklist.md', '排查困难'),
-    (r'new\s+Object\[\s*0\s*\]',
-     'new Object[0] 可简化', 'coding-standard-checklist.md', '代码冗余'),
-    # e.printStackTrace
-    (r'\.printStackTrace\s*\(\s*\)',
-     '禁止直接调用 printStackTrace', 'coding-standard-checklist.md', '日志不规范'),
-    # 空 catch 块
-    (r'catch\s*\(\s*\w+\s+\w+\s*\)\s*\{\s*\}',
-     '空 catch 块隐藏异常', 'coding-standard-checklist.md', '异常被吞'),
-    # BigDecimal 问题（降级为 P2 - 仅在 DataSet.Row 场景下才是真正风险）
-    (r'row\.getBigDecimal\s*\(\s*"[^"]+"\s*\)\.compareTo',
-     'DataSet Row.getBigDecimal() 结果可能为 null', 'coding-standard-checklist.md', '空指针风险'),
-]
-def match_patterns(code: str, patterns: List[Tuple], level: str) -> List[dict]:
-    """匹配代码中的问题模式，支持上下文验证减少误判"""
-    issues = []
-    for pattern_data in patterns:
-        # 支持带上下文验证的5元组格式和普通4/3元组格式
-        context_check = None
-        if len(pattern_data) == 5:
-            pattern, desc, ref, risk, context_check = pattern_data
-        elif len(pattern_data) == 4:
-            pattern, desc, ref, risk = pattern_data
-        else:
-            pattern, desc, ref = pattern_data
-            risk = '未指定'
-        matches = re.finditer(pattern, code, re.DOTALL | re.IGNORECASE)
-        for match in matches:
-            # 跳过注释中的匹配
-            if _is_in_comment(code, match.start()):
-                continue
-            # 上下文验证：检查是否在 try-with-resources 中
-            if context_check == 'check_try_with_resources':
-                if _is_in_try_with_resources(code, match.start()):
-                    continue  # 已在 try-with-resources 中，不是问题
-            issues.append({
-                'level': level,
-                'description': desc,
-                'reference': ref,
-                'risk': risk,
-                'match': match.group()[:100] + '...' if len(match.group()) > 100 else match.group(),
-                'start': match.start(),
-                'end': match.end()
-            })
-    return issues
-def analyze_file(filepath: str) -> List[dict]:
-    """分析单个文件"""
-    try:
-        with open(filepath, 'r', encoding='utf-8') as f:
-            code = f.read()
-        p0_issues = match_patterns(code, PATTERNS_P0, 'P0')
-        p1_issues = match_patterns(code, PATTERNS_P1, 'P1')
-        p2_issues = match_patterns(code, PATTERNS_P2, 'P2')
-        return p0_issues + p1_issues + p2_issues
-    except Exception as e:
-        print(f"Error reading file: {e}")
-        return []
-def print_report(issues: List[dict]):
-    """打印格式化的报告"""
-    if not issues:
-        print("\n✅ 未发现 P0/P1/P2 级问题模式\n")
-        return
-    # 按级别分组
-    p0 = [i for i in issues if i['level'] == 'P0']
-    p1 = [i for i in issues if i['level'] == 'P1']
-    p2 = [i for i in issues if i['level'] == 'P2']
-    print(f"\n{'='*60}")
-    print(f"📊 模式匹配扫描报告")
-    print(f"{'='*60}")
-    print(f"   总计发现 {len(issues)} 个潜在问题\n")
-    if p0:
-        print(f"🔴 P0 级问题 ({len(p0)} 个):")
-        for i, issue in enumerate(p0, 1):
-            print(f"   {i}. {issue['description']}")
-            print(f"      风险: {issue['risk']}")
-            print(f"      参考: references/{issue['reference']}")
-        print()
-    if p1:
-        print(f"🟠 P1 级问题 ({len(p1)} 个):")
-        for i, issue in enumerate(p1, 1):
-            print(f"   {i}. {issue['description']}")
-            print(f"      风险: {issue['risk']}")
-            print(f"      参考: references/{issue['reference']}")
-        print()
-    if p2:
-        print(f"🟡 P2 级问题 ({len(p2)} 个):")
-        for i, issue in enumerate(p2, 1):
-            print(f"   {i}. {issue['description']}")
-            print(f"      风险: {issue['risk']}")
-            print(f"      参考: references/{issue['reference']}")
-        print()
-    # 计算评分
-    base_score = 100
-    score = base_score - len(p0) * 15 - len(p1) * 8 - len(p2) * 3
-    score = max(0, score)
-    print(f"{'='*60}")
-    print(f"📐 综合评分: {score} 分", end="")
-    if score >= 90:
-        print(" (优秀)")
-    elif score >= 75:
-        print(" (良好)")
-    elif score >= 60:
-        print(" (中等)")
-    else:
-        print(" (需改进)")
-    print(f"{'='*60}\n")
-def main():
-    if len(sys.argv) < 2:
-        print("Usage: python pattern-matcher.py <file_path>")
-        print("\n示例:")
-        print("  python pattern-matcher.py MyPlugin.java")
-        sys.exit(1)
-    filepath = sys.argv[1]
-    print(f"\n🔍 正在扫描文件: {filepath}")
-    issues = analyze_file(filepath)
-    print_report(issues)
-if __name__ == '__main__':
-    main()

package/vendor/kingdee-skills/kingdee-cosmic-reviewer/scripts/review-score-calculator.py DELETED Viewed

@@ -1,121 +0,0 @@
-#!/usr/bin/env python3
-"""
-金蝶代码审查评分计算器
-根据发现的问题数量和严重程度计算综合评分
-"""
-from typing import List, Dict
-# 问题扣分权重
-WEIGHTS = {
-    'P0': 25,  # 阻断问题 - 严重扣分
-    'P1': 10,  # 高危问题 - 中等扣分
-    'P2': 3,   # 规范问题 - 轻微扣分
-}
-# 评分等级描述
-GRADE_DESCRIPTIONS = {
-    (90, 100): '🟢 优秀 - 代码质量高，可上线',
-    (70, 89):  '🟡 良好 - 存在改进空间',
-    (50, 69):  '🟠 一般 - 需要修复部分问题',
-    (0, 49):   '🔴 差 - 必须修复后才能上线',
-}
-def calculate_score(issues: List[Dict]) -> int:
-    """
-    计算代码评分
-    Args:
-        issues: 问题列表，每个问题包含 level 字段
-    Returns:
-        评分 (0-100)
-    """
-    score = 100
-    for issue in issues:
-        level = issue.get('level', 'P2')
-        score -= WEIGHTS.get(level, 0)
-    return max(0, score)
-def get_grade(score: int) -> str:
-    """
-    获取评分等级描述
-    Args:
-        score: 评分 (0-100)
-    Returns:
-        等级描述
-    """
-    for (low, high), desc in GRADE_DESCRIPTIONS.items():
-        if low <= score <= high:
-            return desc
-    return '🔴 差 - 必须修复后才能上线'
-def get_statistics(issues: List[Dict]) -> Dict:
-    """
-    获取问题统计
-    Args:
-        issues: 问题列表
-    Returns:
-        统计信息字典
-    """
-    stats = {
-        'total': len(issues),
-        'P0': 0,
-        'P1': 0,
-        'P2': 0,
-    }
-    for issue in issues:
-        level = issue.get('level', 'P2')
-        stats[level] = stats.get(level, 0) + 1
-    return stats
-def generate_report(issues: List[Dict], filename: str = '') -> str:
-    """
-    生成审查报告摘要
-    Args:
-        issues: 问题列表
-        filename: 文件名
-    Returns:
-        报告摘要字符串
-    """
-    stats = get_statistics(issues)
-    score = calculate_score(issues)
-    grade = get_grade(score)
-    report = f"""
-# 🛡️ 代码审查摘要
-## 📊 综述
-- **审查文件**: {filename or '未指定'}
-- **发现问题总数**: {stats['total']} (🔴 P0: {stats['P0']} | 🟠 P1: {stats['P1']} | 🟡 P2: {stats['P2']})
-- **综合评分**: {score} 分
-- **评级**: {grade}
-## 📋 改进建议
-"""
-    if stats['P0'] > 0:
-        report += f"- ⚠️ 发现 {stats['P0']} 个 P0 级阻断问题，必须修复后才能上线\n"
-    if stats['P1'] > 0:
-        report += f"- ⚡ 发现 {stats['P1']} 个 P1 级高危问题，强烈建议修复\n"
-    if stats['P2'] > 0:
-        report += f"- 📝 发现 {stats['P2']} 个 P2 级规范问题，建议优化\n"
-    return report
-# 示例用法
-if __name__ == '__main__':
-    # 测试数据
-    test_issues = [
-        {'level': 'P0', 'description': 'Initialize 注册监听'},
-        {'level': 'P1', 'description': '循环内调用 updateView'},
-        {'level': 'P2', 'description': '硬编码中文字符串'},
-    ]
-    print(generate_report(test_issues, 'TestPlugin.java'))