kcode-pi 0.1.6 → 0.1.8

package/src/harness/types.ts

@@ -9,6 +9,19 @@ export interface GateResult {
 	checkedAt: string;
 }
 
+export interface KdQuestion {
+	id: string;
+	phase: KdPhase;
+	question: string;
+	reason?: string;
+	choices?: string[];
+	blocking: boolean;
+	status: "open" | "answered";
+	answer?: string;
+	createdAt: string;
+	answeredAt?: string;
+}
+
 export interface ActiveRun {
 	id: string;
 	phase: KdPhase;
@@ -19,6 +32,7 @@ export interface ActiveRun {
 	risk?: KdRisk;
 	artifacts: Record<string, string>;
 	gate: GateResult;
+	questions?: KdQuestion[];
 }
 
 export const PHASE_ORDER: KdPhase[] = ["discuss", "spec", "plan", "execute", "verify", "ship"];

package/src/official/kingdee-skills.ts

@@ -109,8 +109,8 @@ export async function runOfficialCommand(command: OfficialCommand): Promise<Comm
 export async function cosmicConfigCommand(cwd: string, config?: string): Promise<OfficialCommand> {
 	await ensureOfficialSkillRoot(cwd, "ok-cosmic");
 	const configPath = resolveConfigPath(cwd, config);
-	const display = formatCommand("kcode-node:cosmic-config", config ? ["--config", configPath] : []);
-	return officialCommand(display, () => runCosmicConfig(cwd, configPath));
+	const display = formatCommand("kcode-node:cosmic-config", config && configPath ? ["--config", configPath] : []);
+	return officialCommand(display, () => runCosmicConfig(cwd, configPath, Boolean(config)));
 }
 
 export async function cosmicMetadataCommand(
@@ -133,7 +133,7 @@ export async function cosmicMetadataCommand(
 	if (params.fuzzy) args.push("--fuzzy", ...splitTerms(params.fuzzy));
 	if (params.typeFilter) args.push("--type", params.typeFilter);
 	const configPath = resolveConfigPath(cwd, params.config);
-	return officialCommand(formatCommand("kcode-node:cosmic-metadata", args), () => runCosmicMetadata(cwd, configPath, params));
+	return officialCommand(formatCommand("kcode-node:cosmic-metadata", args), () => runCosmicMetadata(cwd, configPath, Boolean(params.config), params));
 }
 
 export async function cosmicApiCommand(
@@ -219,8 +219,10 @@ function officialCommand(display: string, run: () => Promise<Omit<CommandResult,
 	};
 }
 
-function resolveConfigPath(cwd: string, config?: string): string {
-	return config ? resolveWorkspacePath(cwd, config) : resolve(cwd, "ok-cosmic.json");
+function resolveConfigPath(cwd: string, config?: string): string | undefined {
+	if (config) return resolveWorkspacePath(cwd, config);
+	const projectConfig = resolve(cwd, "ok-cosmic.json");
+	return existsSync(projectConfig) ? projectConfig : undefined;
 }
 
 function readJsonObject(path: string): Record<string, unknown> {
@@ -231,20 +233,34 @@ function readJsonObject(path: string): Record<string, unknown> {
 	return data as Record<string, unknown>;
 }
 
-async function runCosmicConfig(_cwd: string, configPath: string): Promise<Omit<CommandResult, "command">> {
+interface LoadedCosmicConfig {
+	config: Record<string, unknown>;
+	path?: string;
+	source: "project" | "explicit" | "bundled";
+	baseDir: string;
+}
+
+async function runCosmicConfig(cwd: string, configPath: string | undefined, explicitConfig: boolean): Promise<Omit<CommandResult, "command">> {
 	const issues: Array<{ level: "OK" | "WARNING" | "ERROR"; key: string; message: string }> = [];
 	issues.push({ level: "OK", key: "runtime.node", message: `Node ${process.version}` });
 
-	let config: Record<string, unknown> | undefined;
+	let loaded: LoadedCosmicConfig | undefined;
 	try {
-		if (!existsSync(configPath)) throw new Error(`找不到配置文件: ${configPath}`);
-		config = readJsonObject(configPath);
-		issues.push({ level: "OK", key: "__file__", message: `已找到配置文件: ${configPath}` });
+		loaded = loadCosmicConfig(cwd, configPath, explicitConfig);
+		if (loaded.path) {
+			issues.push({ level: "OK", key: "__file__", message: `已找到配置文件: ${loaded.path}` });
+		} else {
+			issues.push({
+				level: "WARNING",
+				key: "__file__",
+				message: "当前项目未提供 ok-cosmic.json，已使用 KCode 随包默认配置。项目根目录 cosmic.json 是苍穹工程配置，不是 KCode 官方能力配置。",
+			});
+		}
 	} catch (error) {
 		issues.push({ level: "ERROR", key: "__file__", message: error instanceof Error ? error.message : String(error) });
 	}
 
-	if (config) issues.push(...validateCosmicConfig(config, dirname(configPath)));
+	if (loaded) issues.push(...validateCosmicConfig(loaded.config, loaded.baseDir));
 	const errors = issues.filter((issue) => issue.level === "ERROR").length;
 	const warnings = issues.filter((issue) => issue.level === "WARNING").length;
 	const lines = issues.map((issue) => `[${issue.level}] ${issue.key}: ${issue.message}`);
@@ -252,6 +268,36 @@ async function runCosmicConfig(_cwd: string, configPath: string): Promise<Omit<C
 	return { exitCode: errors ? 1 : 0, stdout: `${lines.join("\n")}\n`, stderr: "" };
 }
 
+function loadCosmicConfig(cwd: string, configPath: string | undefined, explicitConfig: boolean): LoadedCosmicConfig {
+	if (configPath) {
+		if (!existsSync(configPath)) throw new Error(`找不到配置文件: ${configPath}`);
+		return {
+			config: readJsonObject(configPath),
+			path: configPath,
+			source: explicitConfig ? "explicit" : "project",
+			baseDir: dirname(configPath),
+		};
+	}
+	if (explicitConfig) throw new Error("指定的 ok-cosmic.json 配置文件不存在。");
+	return {
+		config: defaultCosmicConfig(),
+		source: "bundled",
+		baseDir: cwd,
+	};
+}
+
+function defaultCosmicConfig(): Record<string, unknown> {
+	return {
+		graph: {
+			dbPath: join(packageRoot, "vendor", "kingdee-skills", "ok-cosmic", "setup", "ok-cosmic-docs.db"),
+		},
+		route: {
+			apiUrl: process.env.COSMIC_ROUTE_API || process.env.COSMIC_RUNTIME_ROUTE_API || "",
+			timeoutSeconds: Number(process.env.COSMIC_ROUTE_TIMEOUT || 10),
+		},
+	};
+}
+
 function validateCosmicConfig(config: Record<string, unknown>, baseDir: string): Array<{ level: "OK" | "WARNING" | "ERROR"; key: string; message: string }> {
 	const issues: Array<{ level: "OK" | "WARNING" | "ERROR"; key: string; message: string }> = [];
 	const graph = objectValue(config.graph);
@@ -308,10 +354,11 @@ function validateCosmicConfig(config: Record<string, unknown>, baseDir: string):
 
 async function runCosmicMetadata(
 	cwd: string,
-	configPath: string,
+	configPath: string | undefined,
+	explicitConfig: boolean,
 	params: { form: string; fuzzy?: string; typeFilter?: string; sql?: boolean; op?: boolean; showDetail?: boolean },
 ): Promise<Omit<CommandResult, "command">> {
-	const config = readJsonObject(configPath);
+	const config = loadCosmicConfig(cwd, configPath, explicitConfig).config;
 	const cache = readMetadataCache(cwd);
 	const targets = params.form.split(/[,，]/).map((item) => item.trim()).filter(Boolean);
 	if (targets.length === 0) return { exitCode: 1, stdout: "", stderr: "必须提供 formId 或中文单据名。" };

package/src/rules/checker.ts

@@ -65,6 +65,7 @@ function checkCosmicReviewerRules(lines: string[]): CheckResult[] {
 		...checkSecurityPatterns(lines),
 		...checkThreadingPatterns(lines),
 		...checkUiPerformance(lines),
+		...checkViewInteractionOrder(lines),
 		...checkLoggingAndDiagnostics(lines),
 	];
 }
@@ -134,6 +135,17 @@ function checkResourceHandling(lines: string[]): CheckResult[] {
 		results.push(makeResult(i, line, "DataSet", "resource", "error", "P0：DataSet 创建后未明显使用 try-with-resources 关闭，可能导致连接泄漏", "p0-dataset-not-closed"));
 	}
 
+	for (let i = 0; i < lines.length; i++) {
+		const line = lines[i];
+		if (isCommentLine(line)) continue;
+		if (/\.\s*getDynamicObject\s*\([^)]*\)\s*\.\s*get(?:String|Long|Int|Integer|Double|Date|PkValue|DynamicObject|DynamicObjectCollection)\s*\(/.test(line)) {
+			results.push(makeResult(i, line, "getDynamicObject", "resource", "warning", "P1：嵌套 DynamicObject 直接取值缺少空值保护，引用字段为空时可能 NPE；先取对象并判空或用安全取值工具", "p1-dynamicobject-chain-null-risk"));
+		}
+		if (/row\s*\.\s*get(?:BigDecimal|String|Long|Int|Integer|Date)\s*\(/.test(line) && !nearbyLineHas(lines, i, -2, /\brow\b\s*(?:!=|==)\s*null|Optional\.ofNullable\s*\(\s*row\s*\)|Objects\.nonNull\s*\(\s*row\s*\)/)) {
+			results.push(makeResult(i, line, "row", "resource", "warning", "P1：DataSet.Row 取值可能返回 null，参与运算或解包前应判空或给默认值", "p1-dataset-row-null-risk"));
+		}
+	}
+
 	return results;
 }
 
@@ -159,6 +171,20 @@ function checkSecurityPatterns(lines: string[]): CheckResult[] {
 		if (/(password|passwd|secret|token|ak|sk)\s*=\s*"[^"]{4,}"/i.test(line)) {
 			results.push(makeResult(i, line, "=", "security", "error", "P0：疑似敏感信息硬编码，请改为安全配置或密文存储", "p0-secret-hardcode"));
 		}
+
+		if (/\bcache\s*\.\s*put\s*\(/i.test(line) || /\bCacheFactory\b/.test(line)) {
+			const statement = collectStatement(lines, i, 5);
+			if (/\bput\s*\(/i.test(statement) && !/(account|acct|tenant|org|dcId|getAccountId|getOrgId|RequestContext|UserServiceHelper)/i.test(statement)) {
+				results.push(makeResult(i, line, "put", "security", "warning", "P1：缓存写入 key 未体现账套/租户/组织隔离，跨账套环境可能串数据", "p1-cache-key-without-tenant"));
+			}
+		}
+
+		if (/\b(openConnection|HttpClient\s*\.|HttpClientBuilder|OkHttpClient|RestTemplate|WebClient)\b/.test(line)) {
+			const statement = collectStatement(lines, i, 8);
+			if (!/(timeout|setConnectTimeout|setReadTimeout|connectTimeout|readTimeout|callTimeout|responseTimeout)/i.test(statement)) {
+				results.push(makeResult(i, line, line.match(/\b(openConnection|HttpClient|HttpClientBuilder|OkHttpClient|RestTemplate|WebClient)\b/)?.[1] ?? "HTTP", "security", "warning", "P1：第三方 HTTP 调用未看到超时设置，生产环境可能阻塞业务线程", "p1-http-without-timeout"));
+			}
+		}
 	}
 
 	return results;
@@ -197,6 +223,22 @@ function checkUiPerformance(lines: string[]): CheckResult[] {
 		if (isInsideLoop(lines, i) && /getFieldIndex\s*\(/.test(line)) {
 			results.push(makeResult(i, line, "getFieldIndex", "performance", "warning", "P1：循环内重复获取 FieldIndex 会造成性能损耗；应在循环外缓存", "p1-loop-field-index"));
 		}
+
+		if (/SerializationUtils\s*\.\s*toJsonString\s*\(/.test(line) && /(view|model|event|page|args|this|getView\s*\(|getModel\s*\(|\be\b)/i.test(line)) {
+			results.push(makeResult(i, line, "SerializationUtils", "performance", "warning", "P1：不要序列化页面、模型或事件大对象做日志，容易造成 CPU 和内存压力；只记录关键字段", "p1-heavy-json-serialization"));
+		}
+
+		const entryUiMatch = line.match(/\bgetView\s*\(\)\s*\.\s*(setEnable|setVisible)\s*\(/);
+		if (entryUiMatch) {
+			const statement = collectStatement(lines, i, 3);
+			const args = extractCallArgs(statement, /(setEnable|setVisible)\s*\(/);
+			if (args.length >= 2 && !looksLikeRowIndexedViewCall(args)) {
+				const fieldArgs = args.slice(1).join(",");
+				if (/(entry|entries|detail|row|qty|price|amount|material|item)/i.test(fieldArgs)) {
+					results.push(makeResult(i, line, entryUiMatch[1], "performance", "warning", "P1：疑似对分录字段使用单头 setEnable/setVisible；分录字段应使用带 rowIndex 的重载", "p1-entry-field-without-row-index"));
+				}
+			}
+		}
 	}
 
 	if (beginInitCount > endInitCount) {
@@ -209,6 +251,45 @@ function checkUiPerformance(lines: string[]): CheckResult[] {
 	return results;
 }
 
+function checkViewInteractionOrder(lines: string[]): CheckResult[] {
+	const results: CheckResult[] = [];
+
+	for (let i = 0; i < lines.length; i++) {
+		const line = lines[i];
+		if (isCommentLine(line)) continue;
+
+		if (/setDataChanged\s*\(\s*false\s*\)/.test(line)) {
+			for (let j = i + 1; j < Math.min(lines.length, i + 25); j++) {
+				if (/^\s*}\s*$/.test(lines[j])) break;
+				if (!isCommentLine(lines[j]) && /(getModel\s*\(\)\s*\.\s*)?setValue\s*\(/.test(lines[j])) {
+					results.push(makeResult(i, line, "setDataChanged", "lifecycle", "warning", "P1：setDataChanged(false) 后仍继续 setValue，脏标记会被重新置回；应放到所有 setValue 之后", "p1-set-data-changed-before-setvalue"));
+					break;
+				}
+			}
+		}
+
+		if (/showConfirm\s*\(/.test(line)) {
+			const statement = collectStatement(lines, i, 8);
+			const args = extractCallArgs(statement, /showConfirm\s*\(/);
+			if (args.length < 3 || /\bnull\b/.test(args[2] ?? "")) {
+				results.push(makeResult(i, line, "showConfirm", "lifecycle", "error", "P0：showConfirm 未提供有效回调监听器，用户选择不会触发业务处理", "p0-show-confirm-without-callback"));
+			}
+		}
+
+		if (/getView\s*\(\)\s*\.\s*close\s*\(/.test(line)) {
+			for (let j = i + 1; j < Math.min(lines.length, i + 10); j++) {
+				if (/^\s*}\s*$/.test(lines[j])) break;
+				if (!isCommentLine(lines[j]) && /returnDataToParent\s*\(/.test(lines[j])) {
+					results.push(makeResult(i, line, "close", "lifecycle", "error", "P0：先 close 再 returnDataToParent 会导致返回数据不执行；应先 returnDataToParent 再 close", "p0-close-before-return-data"));
+					break;
+				}
+			}
+		}
+	}
+
+	return results;
+}
+
 function checkLoggingAndDiagnostics(lines: string[]): CheckResult[] {
 	const results: CheckResult[] = [];
 
@@ -548,6 +629,68 @@ function isInsideLoop(lines: string[], index: number): boolean {
 	return false;
 }
 
+function collectStatement(lines: string[], start: number, maxExtraLines: number): string {
+	const parts: string[] = [];
+	for (let i = start; i < Math.min(lines.length, start + maxExtraLines + 1); i++) {
+		parts.push(lines[i]);
+		if (/[;{}]\s*$/.test(lines[i].trim())) break;
+	}
+	return parts.join("\n");
+}
+
+function extractCallArgs(statement: string, callPattern: RegExp): string[] {
+	const match = callPattern.exec(statement);
+	if (!match || match.index === undefined) return [];
+	const open = statement.indexOf("(", match.index);
+	if (open < 0) return [];
+
+	const args: string[] = [];
+	let depth = 0;
+	let current = "";
+	let quote: "'" | '"' | undefined;
+	for (let i = open + 1; i < statement.length; i++) {
+		const ch = statement[i];
+		const prev = statement[i - 1];
+		if (quote) {
+			current += ch;
+			if (ch === quote && prev !== "\\") quote = undefined;
+			continue;
+		}
+		if (ch === "'" || ch === '"') {
+			quote = ch;
+			current += ch;
+			continue;
+		}
+		if (ch === "(" || ch === "[" || ch === "{") {
+			depth++;
+			current += ch;
+			continue;
+		}
+		if (ch === ")" && depth === 0) {
+			if (current.trim()) args.push(current.trim());
+			return args;
+		}
+		if (ch === ")" || ch === "]" || ch === "}") {
+			depth--;
+			current += ch;
+			continue;
+		}
+		if (ch === "," && depth === 0) {
+			args.push(current.trim());
+			current = "";
+			continue;
+		}
+		current += ch;
+	}
+	return [];
+}
+
+function looksLikeRowIndexedViewCall(args: string[]): boolean {
+	if (args.length < 3) return false;
+	const second = args[1].trim();
+	return /^(rowIndex|index|idx|i|row|entryIndex|\d+)$/.test(second) || /\bgetRowIndex\s*\(/.test(second);
+}
+
 function isCommentLine(line: string): boolean {
 	const trimmed = line.trim();
 	return trimmed.startsWith("//") || trimmed.startsWith("*") || trimmed.startsWith("/*");

package/src/tools/sdk-signature.ts

@@ -0,0 +1,309 @@
+import { execFile } from "node:child_process";
+import { existsSync, readFileSync, readdirSync, statSync } from "node:fs";
+import { extname, join, relative } from "node:path";
+import { promisify } from "node:util";
+import { resolveWorkspacePath } from "../platform/path.ts";
+
+const execFileAsync = promisify(execFile);
+
+export type SdkSignatureLanguage = "java" | "csharp";
+
+export interface SdkSignatureParams {
+	language: SdkSignatureLanguage;
+	query?: string;
+	className?: string;
+	method?: string;
+	path?: string;
+	limit?: number;
+}
+
+export interface SdkSignatureResult {
+	language: SdkSignatureLanguage;
+	query: string;
+	exitCode: number;
+	stdout: string;
+	stderr: string;
+	sources: string[];
+}
+
+const SKIP_DIRS = new Set([
+	".git",
+	".gradle",
+	".idea",
+	".pi",
+	".tmp",
+	"dist",
+	"node_modules",
+	"out",
+	"target",
+]);
+
+export async function inspectSdkSignature(cwd: string, params: SdkSignatureParams): Promise<SdkSignatureResult> {
+	const query = (params.className || params.query || "").trim();
+	if (!query) {
+		return {
+			language: params.language,
+			query,
+			exitCode: 2,
+			stdout: "",
+			stderr: "Provide query or className for kd_sdk_signature. method is only a filter within a matched class/type.",
+			sources: [],
+		};
+	}
+
+	if (params.language === "java") return inspectJavaSignature(cwd, params, query);
+	return inspectCsharpSignature(cwd, params, query);
+}
+
+export function formatSdkSignatureResult(result: SdkSignatureResult): string {
+	return [
+		`Language: ${result.language}`,
+		`Query: ${result.query}`,
+		`Exit: ${result.exitCode}`,
+		result.sources.length ? `Sources:\n${result.sources.map((source) => `- ${source}`).join("\n")}` : "Sources: none",
+		result.stdout.trim() ? `\nSTDOUT:\n${result.stdout.trim()}` : undefined,
+		result.stderr.trim() ? `\nSTDERR:\n${result.stderr.trim()}` : undefined,
+		"",
+		"Use this as local SDK evidence only when Exit is 0. If it fails, use build output or project SDK configuration before trusting bundled knowledge.",
+	]
+		.filter(Boolean)
+		.join("\n");
+}
+
+async function inspectJavaSignature(cwd: string, params: SdkSignatureParams, query: string): Promise<SdkSignatureResult> {
+	const roots = scanRoots(cwd, params.path);
+	const jars = roots.flatMap((root) => findFiles(root, ".jar", params.limit ?? 200));
+	if (jars.length === 0) {
+		return {
+			language: "java",
+			query,
+			exitCode: 2,
+			stdout: "",
+			stderr: "No jar files found in the current project. Build/copy dependencies first or pass path=<sdk/lib directory>.",
+			sources: [],
+		};
+	}
+
+	const classNames = params.className ? [params.className] : await findJavaClasses(jars, query, params.limit ?? 20);
+	if (classNames.length === 0) {
+		return {
+			language: "java",
+			query,
+			exitCode: 1,
+			stdout: "",
+			stderr: `No class matching "${query}" found in project jars.`,
+			sources: jars.map((jar) => relativeOrSelf(cwd, jar)).slice(0, 20),
+		};
+	}
+
+	const classpath = jars.join(process.platform === "win32" ? ";" : ":");
+	const outputs: string[] = [];
+	const errors: string[] = [];
+	const inspectedSources = new Set<string>();
+
+	for (const className of classNames.slice(0, params.limit ?? 10)) {
+		try {
+			const result = await execFileAsync("javap", ["-classpath", classpath, "-public", className], {
+				cwd,
+				timeout: 60_000,
+				maxBuffer: 1024 * 1024 * 4,
+			});
+			const text = filterMethodLines(result.stdout || "", params.method);
+			if (text.trim()) outputs.push(`## ${className}\n${text.trim()}`);
+			for (const source of jarsContainingClass(jars, className)) inspectedSources.add(relativeOrSelf(cwd, source));
+		} catch (error) {
+			const err = error as { message?: string; stderr?: string };
+			errors.push(`${className}: ${err.stderr || err.message || String(error)}`);
+		}
+	}
+
+	return {
+		language: "java",
+		query,
+		exitCode: outputs.length ? 0 : 1,
+		stdout: outputs.join("\n\n"),
+		stderr: errors.join("\n").trim(),
+		sources: [...inspectedSources].sort(),
+	};
+}
+
+async function inspectCsharpSignature(cwd: string, params: SdkSignatureParams, query: string): Promise<SdkSignatureResult> {
+	const roots = scanRoots(cwd, params.path);
+	const dlls = roots.flatMap((root) => findFiles(root, ".dll", params.limit ?? 200));
+	if (dlls.length === 0) {
+		return {
+			language: "csharp",
+			query,
+			exitCode: 2,
+			stdout: "",
+			stderr: "No dll files found in the current project. Build/restore references first or pass path=<sdk/bin directory>.",
+			sources: [],
+		};
+	}
+
+	const script = [
+		"$ErrorActionPreference = 'SilentlyContinue'",
+		"$query = $args[0]",
+		"$method = $args[1]",
+		"$dlls = $args[2..($args.Length-1)]",
+		"$hits = New-Object System.Collections.Generic.List[string]",
+		"foreach ($dll in $dlls) {",
+		"  try { $asm = [System.Reflection.Assembly]::LoadFrom($dll) } catch { continue }",
+		"  try { $types = $asm.GetExportedTypes() } catch { continue }",
+		"  foreach ($type in $types) {",
+		"    if ($type.FullName -notlike \"*$query*\" -and $type.Name -notlike \"*$query*\") { continue }",
+		"    $hits.Add(\"## \" + $type.FullName + \"`nAssembly: \" + $dll)",
+		"    foreach ($m in $type.GetMethods([System.Reflection.BindingFlags]'Public,Instance,Static,DeclaredOnly')) {",
+		"      if ($method -and $m.Name -notlike \"*$method*\") { continue }",
+		"      $params = ($m.GetParameters() | ForEach-Object { $_.ParameterType.Name + ' ' + $_.Name }) -join ', '",
+		"      $hits.Add('  ' + $m.ReturnType.Name + ' ' + $m.Name + '(' + $params + ')')",
+		"    }",
+		"    foreach ($p in $type.GetProperties([System.Reflection.BindingFlags]'Public,Instance,Static,DeclaredOnly')) {",
+		"      if ($method -and $p.Name -notlike \"*$method*\") { continue }",
+		"      $hits.Add('  property ' + $p.PropertyType.Name + ' ' + $p.Name)",
+		"    }",
+		"  }",
+		"}",
+		"$hits | Select-Object -First 200",
+	].join("; ");
+
+	try {
+		const executable = process.platform === "win32" ? "powershell" : "pwsh";
+		const result = await execFileAsync(executable, ["-NoProfile", "-Command", script, query, params.method ?? "", ...dlls], {
+			cwd,
+			timeout: 60_000,
+			maxBuffer: 1024 * 1024 * 4,
+		});
+		const stdout = result.stdout || "";
+		return {
+			language: "csharp",
+			query,
+			exitCode: stdout.trim() ? 0 : 1,
+			stdout,
+			stderr: stdout.trim() ? "" : `No public type matching "${query}" found in project dlls.`,
+			sources: dlls.map((dll) => relativeOrSelf(cwd, dll)).slice(0, 20),
+		};
+	} catch (error) {
+		const err = error as { message?: string; stderr?: string };
+		return {
+			language: "csharp",
+			query,
+			exitCode: 1,
+			stdout: "",
+			stderr: err.stderr || err.message || String(error),
+			sources: dlls.map((dll) => relativeOrSelf(cwd, dll)).slice(0, 20),
+		};
+	}
+}
+
+async function findJavaClasses(jars: string[], query: string, limit: number): Promise<string[]> {
+	const basenameQuery = query.includes(".") ? query.split(".").at(-1) || query : query;
+	const classPattern = `${basenameQuery}.class`;
+	const results = new Set<string>();
+
+	for (const jar of jars) {
+		try {
+			const output = await execFileAsync("jar", ["tf", jar], { timeout: 30_000, maxBuffer: 1024 * 1024 * 4 });
+			for (const line of (output.stdout || "").split(/\r?\n/)) {
+				if (!line.endsWith(".class") || line.includes("$")) continue;
+				if (!line.toLowerCase().includes(classPattern.toLowerCase())) continue;
+				results.add(line.replace(/\.class$/, "").replace(/\//g, "."));
+				if (results.size >= limit) return [...results];
+			}
+		} catch {
+			const matched = findClassNamesInJarBytes(jar, basenameQuery, limit - results.size);
+			for (const className of matched) results.add(className);
+			if (results.size >= limit) return [...results];
+		}
+	}
+
+	return [...results];
+}
+
+function findClassNamesInJarBytes(jar: string, query: string, limit: number): string[] {
+	const data = readFileSync(jar).toString("latin1");
+	const pattern = `${query}.class`;
+	const results = new Set<string>();
+	let index = data.indexOf(pattern);
+	while (index >= 0 && results.size < limit) {
+		let start = index;
+		while (start > 0 && /[A-Za-z0-9_/$-]/.test(data[start - 1])) start--;
+		const entry = data.slice(start, index + pattern.length);
+		if (entry.includes("/") && !entry.includes("$")) {
+			results.add(entry.replace(/\.class$/, "").replace(/\//g, "."));
+		}
+		index = data.indexOf(pattern, index + pattern.length);
+	}
+	return [...results];
+}
+
+function jarsContainingClass(jars: string[], className: string): string[] {
+	const entry = `${className.replace(/\./g, "/")}.class`;
+	return jars.filter((jar) => {
+		try {
+			const data = readFileSync(jar).toString("latin1");
+			return data.includes(entry);
+		} catch {
+			return false;
+		}
+	});
+}
+
+function filterMethodLines(output: string, method?: string): string {
+	if (!method) return output;
+	const lines = output.split(/\r?\n/);
+	const kept = lines.filter((line) => line.includes(`${method}(`) || /^(Compiled from|public class|public interface)/.test(line.trim()));
+	return kept.join("\n");
+}
+
+function scanRoots(cwd: string, path?: string): string[] {
+	if (path) {
+		const resolved = resolveWorkspacePath(cwd, path);
+		return existsSync(resolved) ? [resolved] : [];
+	}
+	return [cwd];
+}
+
+function findFiles(root: string, extension: string, limit: number): string[] {
+	if (existsSync(root)) {
+		try {
+			const stat = statSync(root);
+			if (stat.isFile()) return extname(root).toLowerCase() === extension ? [root] : [];
+		} catch {
+			return [];
+		}
+	}
+	const results: string[] = [];
+	walk(root, extension, results, limit, 0);
+	return results;
+}
+
+function walk(dir: string, extension: string, results: string[], limit: number, depth: number): void {
+	if (results.length >= limit || depth > 8 || !existsSync(dir)) return;
+	let entries: string[];
+	try {
+		entries = readdirSync(dir);
+	} catch {
+		return;
+	}
+	for (const entry of entries) {
+		if (results.length >= limit) return;
+		const full = join(dir, entry);
+		let stat;
+		try {
+			stat = statSync(full);
+		} catch {
+			continue;
+		}
+		if (stat.isDirectory()) {
+			if (!SKIP_DIRS.has(entry)) walk(full, extension, results, limit, depth + 1);
+			continue;
+		}
+		if (stat.isFile() && extname(entry).toLowerCase() === extension) results.push(full);
+	}
+}
+
+function relativeOrSelf(cwd: string, path: string): string {
+	const rel = relative(cwd, path);
+	return rel && !rel.startsWith("..") ? rel : path;
+}

package/vendor/kingdee-skills/kingdee-cosmic-reviewer/SKILL.md

@@ -304,7 +304,7 @@ references/
 
 ### 📌 步骤3: 执行模式匹配扫描
 
-**使用 pattern-matcher.py 或手动执行以下模式检查**：
+**使用 KCode `kd_check` 或手动执行以下模式检查**：
 
 ```
 📌 步骤3: 执行模式匹配扫描
@@ -671,4 +671,4 @@ D:\new_workspace\macc-dev\pm\report\代码审查报告_xxx.html  ❌ 子模块
 ### 幂等性
 - 重复执行是否产生副作用
 - MQ 消费是否支持重复消费
-- 操作是否可安全重试
+- 操作是否可安全重试