pumuki-ast-hooks 5.3.1

package/scripts/hooks-system/infrastructure/severity/analyzers/__tests__/maintainability-analyzer.spec.js

@@ -0,0 +1,170 @@
+const { MaintainabilityAnalyzer } = require('../maintainability-analyzer');
+
+function makeSUT() {
+  return new MaintainabilityAnalyzer();
+}
+
+function createViolation(ruleId, metrics = {}) {
+  return {
+    ruleId,
+    message: 'Test violation',
+    metrics,
+  };
+}
+
+function createContext(overrides = {}) {
+  return {
+    dependencyCount: 0,
+    criticalPath: false,
+    hasBusinessLogic: false,
+    ...overrides,
+  };
+}
+
+describe('MaintainabilityAnalyzer', () => {
+  describe('analyze', () => {
+    it('should return score capped at 100', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('test.rule', { cyclomaticComplexity: 100 });
+      const context = createContext();
+      const score = analyzer.analyze(violation, context);
+      expect(score).toBeLessThanOrEqual(100);
+    });
+
+    it('should aggregate scores from all analyzers', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('dip.violation', {
+        cyclomaticComplexity: 25,
+        duplicateCount: 5,
+      });
+      const context = createContext({ dependencyCount: 15 });
+      const score = analyzer.analyze(violation, context);
+      expect(score).toBeGreaterThan(0);
+    });
+  });
+
+  describe('analyzeCoupling', () => {
+    it('should score DIP violations based on dependency count', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('dip.violation');
+      const highDependencyContext = createContext({ dependencyCount: 15 });
+      const lowDependencyContext = createContext({ dependencyCount: 5 });
+      expect(analyzer.analyzeCoupling(violation, highDependencyContext)).toBe(30);
+      expect(analyzer.analyzeCoupling(violation, lowDependencyContext)).toBe(20);
+    });
+
+    it('should score ISP violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('isp.violation');
+      const context = createContext();
+      expect(analyzer.analyzeCoupling(violation, context)).toBe(15);
+    });
+
+    it('should score prop drilling violations based on depth', () => {
+      const analyzer = makeSUT();
+      const deepViolation = createViolation('prop_drilling.violation', { propDrillingDepth: 7 });
+      const shallowViolation = createViolation('prop_drilling.violation', { propDrillingDepth: 3 });
+      const context = createContext();
+      expect(analyzer.analyzeCoupling(deepViolation, context)).toBe(25);
+      expect(analyzer.analyzeCoupling(shallowViolation, context)).toBe(10);
+    });
+
+    it('should return 0 for unrelated violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('unrelated.rule');
+      const context = createContext();
+      expect(analyzer.analyzeCoupling(violation, context)).toBe(0);
+    });
+  });
+
+  describe('analyzeComplexity', () => {
+    it('should score based on cyclomatic complexity', () => {
+      const analyzer = makeSUT();
+      const highComplexity = createViolation('test.rule', { cyclomaticComplexity: 25 });
+      const mediumComplexity = createViolation('test.rule', { cyclomaticComplexity: 18 });
+      const lowComplexity = createViolation('test.rule', { cyclomaticComplexity: 12 });
+      const context = createContext();
+      expect(analyzer.analyzeComplexity(highComplexity, context)).toBe(30);
+      expect(analyzer.analyzeComplexity(mediumComplexity, context)).toBe(20);
+      expect(analyzer.analyzeComplexity(lowComplexity, context)).toBe(10);
+    });
+
+    it('should score god class violations based on method count', () => {
+      const analyzer = makeSUT();
+      const largeClass = createViolation('god.class.violation', { methodCount: 35 });
+      const mediumClass = createViolation('god.class.violation', { methodCount: 25 });
+      const smallClass = createViolation('god.class.violation', { methodCount: 15 });
+      const context = createContext();
+      expect(analyzer.analyzeComplexity(largeClass, context)).toBe(30);
+      expect(analyzer.analyzeComplexity(mediumClass, context)).toBe(20);
+      expect(analyzer.analyzeComplexity(smallClass, context)).toBe(15);
+    });
+
+    it('should score nested code violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('nested.code.violation');
+      const context = createContext();
+      expect(analyzer.analyzeComplexity(violation, context)).toBe(25);
+    });
+
+    it('should score callback hell violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('callback_hell.violation');
+      const context = createContext();
+      expect(analyzer.analyzeComplexity(violation, context)).toBe(20);
+    });
+  });
+
+  describe('analyzeDuplication', () => {
+    it('should score based on duplicate count', () => {
+      const analyzer = makeSUT();
+      const manyDuplicates = createViolation('duplication.violation', { duplicateCount: 10 });
+      const fewDuplicates = createViolation('duplication.violation', { duplicateCount: 2 });
+      const context = createContext();
+      expect(analyzer.analyzeDuplication(manyDuplicates, context)).toBe(20);
+      expect(analyzer.analyzeDuplication(fewDuplicates, context)).toBe(10);
+    });
+
+    it('should cap duplicate score at 20', () => {
+      const analyzer = makeSUT();
+      const manyDuplicates = createViolation('duplication.violation', { duplicateCount: 100 });
+      const context = createContext();
+      expect(analyzer.analyzeDuplication(manyDuplicates, context)).toBe(20);
+    });
+
+    it('should score OCP violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('ocp.violation');
+      const context = createContext();
+      expect(analyzer.analyzeDuplication(violation, context)).toBe(15);
+    });
+  });
+
+  describe('analyzeTestability', () => {
+    it('should score missing tests based on context', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('missing_tests.violation');
+      const criticalContext = createContext({ criticalPath: true });
+      const businessLogicContext = createContext({ hasBusinessLogic: true });
+      const normalContext = createContext();
+      expect(analyzer.analyzeTestability(violation, criticalContext)).toBe(20);
+      expect(analyzer.analyzeTestability(violation, businessLogicContext)).toBe(15);
+      expect(analyzer.analyzeTestability(violation, normalContext)).toBe(5);
+    });
+
+    it('should score DIP violations affecting testability', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('dip.violation');
+      const context = createContext();
+      expect(analyzer.analyzeTestability(violation, context)).toBe(15);
+    });
+
+    it('should score mock in production violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('mock_in_production.violation');
+      const context = createContext();
+      expect(analyzer.analyzeTestability(violation, context)).toBe(18);
+    });
+  });
+});
+

package/scripts/hooks-system/infrastructure/severity/analyzers/__tests__/performance-analyzer.spec.js

@@ -0,0 +1,186 @@
+const { PerformanceAnalyzer } = require('../performance-analyzer');
+
+function makeSUT() {
+  return new PerformanceAnalyzer();
+}
+
+function createViolation(ruleId, message = '', metrics = {}) {
+  return {
+    ruleId,
+    message,
+    metrics,
+  };
+}
+
+function createContext(overrides = {}) {
+  return {
+    isMainThread: false,
+    callFrequency: 0,
+    inHotPath: false,
+    dataSize: 0,
+    listSize: 0,
+    ...overrides,
+  };
+}
+
+describe('PerformanceAnalyzer', () => {
+  describe('analyze', () => {
+    it('should return score capped at 100', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('test.rule');
+      const context = createContext();
+      const score = analyzer.analyze(violation, context);
+      expect(score).toBeLessThanOrEqual(100);
+    });
+
+    it('should aggregate scores from all analyzers', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('ui_on_background.violation', 'network request');
+      const context = createContext({ isMainThread: true });
+      const score = analyzer.analyze(violation, context);
+      expect(score).toBeGreaterThan(0);
+    });
+  });
+
+  describe('analyzeUIThreadBlocking', () => {
+    it('should score UI blocking violations based on duration', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('ui_on_background.violation', 'network request');
+      const context = createContext({ isMainThread: true });
+      expect(analyzer.analyzeUIThreadBlocking(violation, context)).toBe(40);
+    });
+
+    it('should score sync network operations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('sync.network.violation');
+      const context = createContext();
+      expect(analyzer.analyzeUIThreadBlocking(violation, context)).toBe(35);
+    });
+
+    it('should return 0 for non-blocking violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('unrelated.rule');
+      const context = createContext();
+      expect(analyzer.analyzeUIThreadBlocking(violation, context)).toBe(0);
+    });
+  });
+
+  describe('estimateBlockingDuration', () => {
+    it('should estimate network operations duration', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('test.rule', 'network request');
+      expect(analyzer.estimateBlockingDuration(violation)).toBe(1000);
+    });
+
+    it('should estimate database operations duration', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('test.rule', 'database query');
+      expect(analyzer.estimateBlockingDuration(violation)).toBe(50);
+    });
+
+    it('should estimate file operations duration', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('test.rule', 'file read');
+      expect(analyzer.estimateBlockingDuration(violation)).toBe(30);
+    });
+
+    it('should estimate computation duration', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('test.rule', 'computation algorithm');
+      expect(analyzer.estimateBlockingDuration(violation)).toBe(20);
+    });
+
+    it('should return default duration for unknown operations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('test.rule', 'unknown operation');
+      expect(analyzer.estimateBlockingDuration(violation)).toBe(10);
+    });
+  });
+
+  describe('analyzeMemoryImpact', () => {
+    it('should score retain cycle violations based on call frequency', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('retain_cycle.violation');
+      const highFrequencyContext = createContext({ callFrequency: 150 });
+      const lowFrequencyContext = createContext({ callFrequency: 50 });
+      expect(analyzer.analyzeMemoryImpact(violation, highFrequencyContext)).toBe(30);
+      expect(analyzer.analyzeMemoryImpact(violation, lowFrequencyContext)).toBe(20);
+    });
+
+    it('should score cancellable violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('cancellable.violation');
+      const context = createContext();
+      expect(analyzer.analyzeMemoryImpact(violation, context)).toBe(25);
+    });
+
+    it('should score context leak violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('context_leak.violation');
+      const context = createContext();
+      expect(analyzer.analyzeMemoryImpact(violation, context)).toBe(25);
+    });
+
+    it('should score allocation violations in hot path', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('allocation.violation');
+      const hotPathContext = createContext({ inHotPath: true });
+      const normalContext = createContext({ inHotPath: false });
+      expect(analyzer.analyzeMemoryImpact(violation, hotPathContext)).toBe(15);
+      expect(analyzer.analyzeMemoryImpact(violation, normalContext)).toBe(0);
+    });
+  });
+
+  describe('analyzeAlgorithmicComplexity', () => {
+    it('should score N+1 query violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('n_plus_one.violation');
+      const context = createContext();
+      expect(analyzer.analyzeAlgorithmicComplexity(violation, context)).toBe(20);
+    });
+
+    it('should score nested loops violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('test.rule', '', { nestedLoops: 3 });
+      const context = createContext();
+      expect(analyzer.analyzeAlgorithmicComplexity(violation, context)).toBe(18);
+    });
+
+    it('should score missing pagination for large datasets', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('pagination.violation');
+      const largeDatasetContext = createContext({ dataSize: 2000 });
+      const smallDatasetContext = createContext({ dataSize: 100 });
+      expect(analyzer.analyzeAlgorithmicComplexity(violation, largeDatasetContext)).toBe(15);
+      expect(analyzer.analyzeAlgorithmicComplexity(violation, smallDatasetContext)).toBe(0);
+    });
+  });
+
+  describe('analyzeMissingOptimizations', () => {
+    it('should score missing memoization based on call frequency', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('memo.violation');
+      const highFrequencyContext = createContext({ callFrequency: 150 });
+      const lowFrequencyContext = createContext({ callFrequency: 50 });
+      expect(analyzer.analyzeMissingOptimizations(violation, highFrequencyContext)).toBe(10);
+      expect(analyzer.analyzeMissingOptimizations(violation, lowFrequencyContext)).toBe(3);
+    });
+
+    it('should score missing virtualization for large lists', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('virtualization.violation');
+      const largeListContext = createContext({ listSize: 2000 });
+      const smallListContext = createContext({ listSize: 100 });
+      expect(analyzer.analyzeMissingOptimizations(violation, largeListContext)).toBe(8);
+      expect(analyzer.analyzeMissingOptimizations(violation, smallListContext)).toBe(2);
+    });
+
+    it('should score missing code splitting', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('code_splitting.violation');
+      const context = createContext();
+      expect(analyzer.analyzeMissingOptimizations(violation, context)).toBe(4);
+    });
+  });
+});
+

package/scripts/hooks-system/infrastructure/severity/analyzers/__tests__/security-analyzer.spec.js

@@ -0,0 +1,151 @@
+const { SecurityAnalyzer } = require('../security-analyzer');
+
+function makeSUT() {
+  return new SecurityAnalyzer();
+}
+
+function createViolation(ruleId, message = '') {
+  return {
+    ruleId,
+    message,
+  };
+}
+
+function createContext(overrides = {}) {
+  return {
+    isProductionCode: false,
+    handlesPII: false,
+    handlesCredentials: false,
+    userGeneratedContent: false,
+    handlesPayments: false,
+    isProductionAPI: false,
+    ...overrides,
+  };
+}
+
+describe('SecurityAnalyzer', () => {
+  describe('analyze', () => {
+    it('should return score capped at 100', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('test.rule');
+      const context = createContext();
+      const score = analyzer.analyze(violation, context);
+      expect(score).toBeLessThanOrEqual(100);
+    });
+
+    it('should aggregate scores from all analyzers', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('hardcoded_secret.violation');
+      const context = createContext({ isProductionCode: true });
+      const score = analyzer.analyze(violation, context);
+      expect(score).toBeGreaterThan(0);
+    });
+  });
+
+  describe('analyzeDataExposure', () => {
+    it('should score hardcoded secrets higher in production', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('hardcoded_secret.violation');
+      const productionContext = createContext({ isProductionCode: true });
+      const devContext = createContext({ isProductionCode: false });
+      expect(analyzer.analyzeDataExposure(violation, productionContext)).toBe(40);
+      expect(analyzer.analyzeDataExposure(violation, devContext)).toBe(25);
+    });
+
+    it('should score sensitive data in UserDefaults', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('userdefaults_sensitive.violation');
+      const context = createContext();
+      expect(analyzer.analyzeDataExposure(violation, context)).toBe(35);
+    });
+
+    it('should score console.log violations based on data sensitivity', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('console_log.violation');
+      const sensitiveContext = createContext({ handlesPII: true });
+      const normalContext = createContext();
+      expect(analyzer.analyzeDataExposure(violation, sensitiveContext)).toBe(30);
+      expect(analyzer.analyzeDataExposure(violation, normalContext)).toBe(5);
+    });
+
+    it('should score XSS vulnerabilities', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('xss.violation');
+      const context = createContext();
+      expect(analyzer.analyzeDataExposure(violation, context)).toBe(30);
+    });
+  });
+
+  describe('analyzeInjectionRisk', () => {
+    it('should score raw SQL violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('sql.raw.violation');
+      const context = createContext();
+      expect(analyzer.analyzeInjectionRisk(violation, context)).toBe(30);
+    });
+
+    it('should score XSS violations based on user content', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('xss.violation');
+      const userContentContext = createContext({ userGeneratedContent: true });
+      const normalContext = createContext();
+      expect(analyzer.analyzeInjectionRisk(violation, userContentContext)).toBe(25);
+      expect(analyzer.analyzeInjectionRisk(violation, normalContext)).toBe(15);
+    });
+
+    it('should score eval violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('eval.violation');
+      const context = createContext();
+      expect(analyzer.analyzeInjectionRisk(violation, context)).toBe(25);
+    });
+  });
+
+  describe('analyzeAuthRisk', () => {
+    it('should score missing auth based on data sensitivity', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('missing_auth.violation');
+      const paymentsContext = createContext({ handlesPayments: true });
+      const piiContext = createContext({ handlesPII: true });
+      const normalContext = createContext();
+      expect(analyzer.analyzeAuthRisk(violation, paymentsContext)).toBe(20);
+      expect(analyzer.analyzeAuthRisk(violation, piiContext)).toBe(18);
+      expect(analyzer.analyzeAuthRisk(violation, normalContext)).toBe(15);
+    });
+
+    it('should score weak auth violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('weak.auth.violation');
+      const context = createContext();
+      expect(analyzer.analyzeAuthRisk(violation, context)).toBe(15);
+    });
+  });
+
+  describe('analyzeNetworkRisk', () => {
+    it('should score HTTP URLs based on data sensitivity', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('http_url.violation');
+      const sensitiveContext = createContext({ handlesCredentials: true });
+      const normalContext = createContext();
+      expect(analyzer.analyzeNetworkRisk(violation, sensitiveContext)).toBe(10);
+      expect(analyzer.analyzeNetworkRisk(violation, normalContext)).toBe(5);
+    });
+
+    it('should score missing SSL pinning in production', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('ssl_pinning.violation');
+      const productionContext = createContext({ isProductionAPI: true });
+      const devContext = createContext();
+      expect(analyzer.analyzeNetworkRisk(violation, productionContext)).toBe(8);
+      expect(analyzer.analyzeNetworkRisk(violation, devContext)).toBe(3);
+    });
+
+    it('should score missing CSP violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('missing_csp.violation');
+      const context = createContext();
+      expect(analyzer.analyzeNetworkRisk(violation, context)).toBe(6);
+    });
+  });
+});
+

package/scripts/hooks-system/infrastructure/severity/analyzers/__tests__/stability-analyzer.spec.js

@@ -0,0 +1,143 @@
+const { StabilityAnalyzer } = require('../stability-analyzer');
+
+function makeSUT() {
+  return new StabilityAnalyzer();
+}
+
+function createViolation(ruleId, message = '') {
+  return {
+    ruleId,
+    message,
+  };
+}
+
+function createContext(overrides = {}) {
+  return {
+    valueCanBeNil: false,
+    criticalPath: false,
+    isSharedState: false,
+    isMultiStepOperation: false,
+    ...overrides,
+  };
+}
+
+describe('StabilityAnalyzer', () => {
+  describe('analyze', () => {
+    it('should return score capped at 100', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('test.rule');
+      const context = createContext();
+      const score = analyzer.analyze(violation, context);
+      expect(score).toBeLessThanOrEqual(100);
+    });
+
+    it('should aggregate scores from all analyzers', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('force_unwrap.violation');
+      const context = createContext({ valueCanBeNil: true });
+      const score = analyzer.analyze(violation, context);
+      expect(score).toBeGreaterThan(0);
+    });
+  });
+
+  describe('analyzeCrashRisk', () => {
+    it('should score force unwrap violations based on nil possibility', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('force_unwrap.violation');
+      const nilPossibleContext = createContext({ valueCanBeNil: true });
+      const nilImpossibleContext = createContext({ valueCanBeNil: false });
+      expect(analyzer.analyzeCrashRisk(violation, nilPossibleContext)).toBe(50);
+      expect(analyzer.analyzeCrashRisk(violation, nilImpossibleContext)).toBe(30);
+    });
+
+    it('should score empty catch violations based on critical path', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('empty_catch.violation');
+      const criticalContext = createContext({ criticalPath: true });
+      const normalContext = createContext();
+      expect(analyzer.analyzeCrashRisk(violation, criticalContext)).toBe(45);
+      expect(analyzer.analyzeCrashRisk(violation, normalContext)).toBe(25);
+    });
+
+    it('should score force try violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('force_try.violation');
+      const context = createContext();
+      expect(analyzer.analyzeCrashRisk(violation, context)).toBe(40);
+    });
+
+    it('should score index out of bounds violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('index.bounds.violation');
+      const context = createContext();
+      expect(analyzer.analyzeCrashRisk(violation, context)).toBe(35);
+    });
+
+    it('should score division by zero violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('test.rule', 'division by zero');
+      const context = createContext();
+      expect(analyzer.analyzeCrashRisk(violation, context)).toBe(35);
+    });
+  });
+
+  describe('analyzeDataCorruptionRisk', () => {
+    it('should score race condition violations based on shared state', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('race.violation');
+      const sharedStateContext = createContext({ isSharedState: true });
+      const normalContext = createContext();
+      expect(analyzer.analyzeDataCorruptionRisk(violation, sharedStateContext)).toBe(30);
+      expect(analyzer.analyzeDataCorruptionRisk(violation, normalContext)).toBe(15);
+    });
+
+    it('should score missing transaction violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('transaction.violation');
+      const multiStepContext = createContext({ isMultiStepOperation: true });
+      const normalContext = createContext();
+      expect(analyzer.analyzeDataCorruptionRisk(violation, multiStepContext)).toBe(25);
+      expect(analyzer.analyzeDataCorruptionRisk(violation, normalContext)).toBe(0);
+    });
+
+    it('should score invariant violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('invariant.violation');
+      const context = createContext();
+      expect(analyzer.analyzeDataCorruptionRisk(violation, context)).toBe(20);
+    });
+
+    it('should score direct mutation violations on shared state', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('direct_mutation.violation');
+      const sharedStateContext = createContext({ isSharedState: true });
+      const normalContext = createContext();
+      expect(analyzer.analyzeDataCorruptionRisk(violation, sharedStateContext)).toBe(25);
+      expect(analyzer.analyzeDataCorruptionRisk(violation, normalContext)).toBe(0);
+    });
+  });
+
+  describe('analyzeUndefinedBehavior', () => {
+    it('should score LSP violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('lsp.violation');
+      const context = createContext();
+      expect(analyzer.analyzeUndefinedBehavior(violation, context)).toBe(20);
+    });
+
+    it('should score untyped catch violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('untyped_catch.violation');
+      const context = createContext();
+      expect(analyzer.analyzeUndefinedBehavior(violation, context)).toBe(15);
+    });
+
+    it('should score undefined behavior violations', () => {
+      const analyzer = makeSUT();
+      const violation = createViolation('undefined.violation');
+      const context = createContext();
+      expect(analyzer.analyzeUndefinedBehavior(violation, context)).toBe(18);
+    });
+  });
+});
+