pumuki-ast-hooks 5.3.1

package/scripts/hooks-system/infrastructure/severity/analyzers/maintainability-analyzer.js

@@ -0,0 +1,100 @@
+
+class MaintainabilityAnalyzer {
+  analyze(violation, context) {
+    let score = 0;
+
+    score += this.analyzeCoupling(violation, context);
+
+    score += this.analyzeComplexity(violation, context);
+
+    score += this.analyzeDuplication(violation, context);
+
+    score += this.analyzeTestability(violation, context);
+
+    return Math.min(100, score);
+  }
+
+  analyzeCoupling(violation, context) {
+    const ruleId = violation.ruleId || '';
+
+    if (ruleId.includes('dip')) {
+      if (context.dependencyCount > 10) return 30;
+      return 20;
+    }
+
+    if (ruleId.includes('isp')) {
+      return 15;
+    }
+
+    if (ruleId.includes('prop_drilling')) {
+      const depth = violation.metrics?.propDrillingDepth || 0;
+      if (depth > 5) return 25;
+      return 10;
+    }
+
+    return 0;
+  }
+
+  analyzeComplexity(violation, context) {
+    const ruleId = violation.ruleId || '';
+
+    const complexity = violation.metrics?.cyclomaticComplexity || 0;
+    if (complexity > 20) return 30;
+    if (complexity > 15) return 20;
+    if (complexity > 10) return 10;
+
+    if (ruleId.includes('god') || ruleId.includes('massive')) {
+      const size = violation.metrics?.methodCount || 0;
+      if (size > 30) return 30;
+      if (size > 20) return 20;
+      return 15;
+    }
+
+    if (ruleId.includes('nested') || ruleId.includes('pyramid')) {
+      return 25;
+    }
+
+    if (ruleId.includes('callback_hell')) {
+      return 20;
+    }
+
+    return 0;
+  }
+
+  analyzeDuplication(violation, context) {
+    const ruleId = violation.ruleId || '';
+
+    if (ruleId.includes('duplication') || ruleId.includes('duplicate')) {
+      const duplicateCount = violation.metrics?.duplicateCount || 1;
+      return Math.min(20, duplicateCount * 5);
+    }
+
+    if (ruleId.includes('ocp')) {
+      return 15;
+    }
+
+    return 0;
+  }
+
+  analyzeTestability(violation, context) {
+    const ruleId = violation.ruleId || '';
+
+    if (ruleId.includes('missing_tests') || ruleId.includes('coverage')) {
+      if (context.criticalPath) return 20;
+      if (context.hasBusinessLogic) return 15;
+      return 5;
+    }
+
+    if (ruleId.includes('dip') || ruleId.includes('concrete_dependency')) {
+      return 15;
+    }
+
+    if (ruleId.includes('mock_in_production')) {
+      return 18;
+    }
+
+    return 0;
+  }
+}
+
+module.exports = { MaintainabilityAnalyzer };

package/scripts/hooks-system/infrastructure/severity/analyzers/performance-analyzer.js

@@ -0,0 +1,109 @@
+
+class PerformanceAnalyzer {
+  analyze(violation, context) {
+    let score = 0;
+
+    score += this.analyzeUIThreadBlocking(violation, context);
+
+    score += this.analyzeMemoryImpact(violation, context);
+
+    score += this.analyzeAlgorithmicComplexity(violation, context);
+
+    score += this.analyzeMissingOptimizations(violation, context);
+
+    return Math.min(100, score);
+  }
+
+  analyzeUIThreadBlocking(violation, context) {
+    const ruleId = violation.ruleId || '';
+
+    if (ruleId.includes('ui_on_background') || ruleId.includes('blocking_on_main')) {
+      if (context.isMainThread) {
+        const estimatedDuration = this.estimateBlockingDuration(violation);
+        if (estimatedDuration > 100) return 40;
+        if (estimatedDuration > 50) return 30;
+        if (estimatedDuration > 16) return 20;
+      }
+    }
+
+    if (ruleId.includes('sync') && (ruleId.includes('network') || ruleId.includes('io'))) {
+      return 35;
+    }
+
+    return 0;
+  }
+
+  estimateBlockingDuration(violation) {
+    const message = violation.message || '';
+
+    if (message.includes('network') || message.includes('URLSession')) return 1000;
+    if (message.includes('database') || message.includes('query')) return 50;
+    if (message.includes('file') || message.includes('disk')) return 30;
+    if (message.includes('computation') || message.includes('algorithm')) return 20;
+
+    return 10;
+  }
+
+  analyzeMemoryImpact(violation, context) {
+    const ruleId = violation.ruleId || '';
+
+    if (ruleId.includes('retain_cycle') || ruleId.includes('closure') && ruleId.includes('weak')) {
+      if (context.callFrequency > 100) return 30;
+      return 20;
+    }
+
+    if (ruleId.includes('cancellable') || ruleId.includes('disposable')) {
+      return 25;
+    }
+
+    if (ruleId.includes('context_leak')) {
+      return 25;
+    }
+
+    if (ruleId.includes('allocation') && context.inHotPath) {
+      return 15;
+    }
+
+    return 0;
+  }
+
+  analyzeAlgorithmicComplexity(violation, context) {
+    const ruleId = violation.ruleId || '';
+
+    if (ruleId.includes('n_plus_one') || ruleId.includes('eager_loading')) {
+      return 20;
+    }
+
+    if (violation.metrics && violation.metrics.nestedLoops > 2) {
+      return 18;
+    }
+
+    if (ruleId.includes('pagination') && context.dataSize > 1000) {
+      return 15;
+    }
+
+    return 0;
+  }
+
+  analyzeMissingOptimizations(violation, context) {
+    const ruleId = violation.ruleId || '';
+
+    if (ruleId.includes('memo') || ruleId.includes('useMemo')) {
+      if (context.callFrequency > 100) return 10;
+      return 3;
+    }
+
+    if (ruleId.includes('virtualization') || ruleId.includes('LazyColumn')) {
+      if (context.listSize > 1000) return 8;
+      return 2;
+    }
+
+    if (ruleId.includes('code_splitting')) {
+      return 4;
+    }
+
+    return 0;
+  }
+}
+
+module.exports = { PerformanceAnalyzer };

package/scripts/hooks-system/infrastructure/severity/analyzers/security-analyzer.js

@@ -0,0 +1,104 @@
+
+class SecurityAnalyzer {
+  /**
+   * Analyze security impact of violation
+   * @param {Object} violation - AST violation
+   * @param {Object} context - Execution context
+   * @returns {number} Score 0-100
+   */
+  analyze(violation, context) {
+    let score = 0;
+
+    score += this.analyzeDataExposure(violation, context);
+
+    score += this.analyzeInjectionRisk(violation, context);
+
+    score += this.analyzeAuthRisk(violation, context);
+
+    score += this.analyzeNetworkRisk(violation, context);
+
+    return Math.min(100, score);
+  }
+
+  analyzeDataExposure(violation, context) {
+    const ruleId = violation.ruleId || '';
+    const message = violation.message || '';
+
+    if (ruleId.includes('hardcoded_secret') || ruleId.includes('hardcoded_api_key')) {
+      if (context.isProductionCode) return 40;
+      return 25;
+    }
+
+    if (ruleId.includes('userdefaults_sensitive') || ruleId.includes('shared_prefs_sensitive')) {
+      return 35;
+    }
+
+    if (ruleId.includes('console_log') || ruleId.includes('production_logs')) {
+      if (context.handlesPII || context.handlesCredentials) return 30;
+      return 5;
+    }
+
+    if (ruleId.includes('dangerouslySetInnerHTML') || ruleId.includes('xss')) {
+      return 30;
+    }
+
+    return 0;
+  }
+
+  analyzeInjectionRisk(violation, context) {
+    const ruleId = violation.ruleId || '';
+
+    if (ruleId.includes('sql') && ruleId.includes('raw')) {
+      return 30;
+    }
+
+    if (ruleId.includes('xss') || ruleId.includes('innerHTML')) {
+      if (context.userGeneratedContent) return 25;
+      return 15;
+    }
+
+    if (ruleId.includes('eval') || ruleId.includes('exec')) {
+      return 25;
+    }
+
+    return 0;
+  }
+
+  analyzeAuthRisk(violation, context) {
+    const ruleId = violation.ruleId || '';
+
+    if (ruleId.includes('missing_auth') || ruleId.includes('unprotected_route')) {
+      if (context.handlesPayments) return 20;
+      if (context.handlesPII) return 18;
+      return 15;
+    }
+
+    if (ruleId.includes('weak') && ruleId.includes('auth')) {
+      return 15;
+    }
+
+    return 0;
+  }
+
+  analyzeNetworkRisk(violation, context) {
+    const ruleId = violation.ruleId || '';
+
+    if (ruleId.includes('http_url') && !ruleId.includes('https')) {
+      if (context.handlesCredentials || context.handlesPayments) return 10;
+      return 5;
+    }
+
+    if (ruleId.includes('ssl_pinning')) {
+      if (context.isProductionAPI) return 8;
+      return 3;
+    }
+
+    if (ruleId.includes('missing_csp')) {
+      return 6;
+    }
+
+    return 0;
+  }
+}
+
+module.exports = { SecurityAnalyzer };

package/scripts/hooks-system/infrastructure/severity/analyzers/stability-analyzer.js

@@ -0,0 +1,85 @@
+
+class StabilityAnalyzer {
+  analyze(violation, context) {
+    let score = 0;
+
+    score += this.analyzeCrashRisk(violation, context);
+
+    score += this.analyzeDataCorruptionRisk(violation, context);
+
+    score += this.analyzeUndefinedBehavior(violation, context);
+
+    return Math.min(100, score);
+  }
+
+  analyzeCrashRisk(violation, context) {
+    const ruleId = violation.ruleId || '';
+
+    if (ruleId.includes('force_unwrap') || ruleId.includes('non_null_assertion')) {
+      if (context.valueCanBeNil) return 50;
+      return 30;
+    }
+
+    if (ruleId.includes('empty_catch') || ruleId.includes('silenced_error')) {
+      if (context.criticalPath) return 45;
+      return 25;
+    }
+
+    if (ruleId.includes('force_try')) {
+      return 40;
+    }
+
+    if (ruleId.includes('index') || ruleId.includes('bounds')) {
+      return 35;
+    }
+
+    if (violation.message.includes('division') && violation.message.includes('zero')) {
+      return 35;
+    }
+
+    return 0;
+  }
+
+  analyzeDataCorruptionRisk(violation, context) {
+    const ruleId = violation.ruleId || '';
+
+    if (ruleId.includes('race') || ruleId.includes('thread_safe')) {
+      if (context.isSharedState) return 30;
+      return 15;
+    }
+
+    if (ruleId.includes('transaction') && context.isMultiStepOperation) {
+      return 25;
+    }
+
+    if (ruleId.includes('invariant') || ruleId.includes('lsp')) {
+      return 20;
+    }
+
+    if (ruleId.includes('direct_mutation') && context.isSharedState) {
+      return 25;
+    }
+
+    return 0;
+  }
+
+  analyzeUndefinedBehavior(violation, context) {
+    const ruleId = violation.ruleId || '';
+
+    if (ruleId.includes('lsp')) {
+      return 20;
+    }
+
+    if (ruleId.includes('untyped_catch') || ruleId.includes('any_without_guard')) {
+      return 15;
+    }
+
+    if (ruleId.includes('undefined')) {
+      return 18;
+    }
+
+    return 0;
+  }
+}
+
+module.exports = { StabilityAnalyzer };

package/scripts/hooks-system/infrastructure/severity/context/analyzers/CodeClassificationAnalyzer.js

@@ -0,0 +1,71 @@
+const fs = require('fs');
+
+class CodeClassificationAnalyzer {
+    detectMainThread(violation, filePath) {
+        const indicators = [
+            '@MainActor',
+            'DispatchQueue.main',
+            'runOnUiThread',
+            'withContext(Dispatchers.Main)',
+            'UI thread',
+            'main thread'
+        ];
+
+        const message = violation.message || '';
+        return indicators.some(indicator => message.includes(indicator)) ||
+            filePath.includes('/presentation/') ||
+            filePath.includes('/views/') ||
+            filePath.includes('/ui/');
+    }
+
+    isProductionCode(filePath) {
+        const testPatterns = ['/test/', '/__tests__/', '.test.', '.spec.', '/Tests/', '/androidTest/', '/testDebug/'];
+        return !testPatterns.some(pattern => filePath.includes(pattern));
+    }
+
+    isTestCode(filePath) {
+        return !this.isProductionCode(filePath);
+    }
+
+    detectLayer(filePath) {
+        if (filePath.includes('/domain/') || filePath.includes('/Domain/')) return 'DOMAIN';
+        if (filePath.includes('/application/') || filePath.includes('/Application/')) return 'APPLICATION';
+        if (filePath.includes('/infrastructure/') || filePath.includes('/Infrastructure/') ||
+            filePath.includes('/data/')) return 'INFRASTRUCTURE';
+        if (filePath.includes('/presentation/') || filePath.includes('/Presentation/') ||
+            filePath.includes('/ui/')) return 'PRESENTATION';
+        return 'UNKNOWN';
+    }
+
+    isPublicAPI(filePath) {
+        if (!fs.existsSync(filePath)) return false;
+
+        try {
+            const content = fs.readFileSync(filePath, 'utf8');
+            return content.includes('export ') ||
+                content.includes('public ') ||
+                filePath.includes('/api/') ||
+                filePath.includes('/public/');
+        } catch {
+            return false;
+        }
+    }
+
+    isSharedKernel(filePath) {
+        return filePath.includes('/shared/') ||
+            filePath.includes('/common/') ||
+            filePath.includes('/core/') ||
+            filePath.includes('@ruralgo/shared');
+    }
+
+    hasBusinessLogic(filePath, layer) {
+        // layer can be passed in or detected again if not provided
+        const detectedLayer = layer || this.detectLayer(filePath);
+        return detectedLayer === 'DOMAIN' ||
+            detectedLayer === 'APPLICATION' ||
+            filePath.includes('/use-case/') ||
+            filePath.includes('/UseCase/');
+    }
+}
+
+module.exports = { CodeClassificationAnalyzer };

package/scripts/hooks-system/infrastructure/severity/context/analyzers/DataAnalyzer.js

@@ -0,0 +1,64 @@
+const { execSync } = require('child_process');
+
+class DataAnalyzer {
+    handlesUserContent(filePath) {
+        return filePath.includes('/comments/') ||
+            filePath.includes('/posts/') ||
+            filePath.includes('/reviews/') ||
+            filePath.includes('/messages/');
+    }
+
+    isSharedState(violation, filePath) {
+        const message = violation.message || '';
+        return message.includes('shared') ||
+            message.includes('global') ||
+            filePath.includes('/store/') ||
+            filePath.includes('/state/');
+    }
+
+    isMultiStepOperation(violation) {
+        const message = violation.message || '';
+        return message.includes('transaction') ||
+            message.includes('multi-step') ||
+            message.includes('atomic');
+    }
+
+    canBeNil(violation) {
+        const message = violation.message || '';
+        return message.includes('optional') ||
+            message.includes('nullable') ||
+            message.includes('?') ||
+            message.includes('nil');
+    }
+
+    estimateDataSize(violation) {
+        const metrics = violation.metrics || {};
+        return metrics.dataSize || metrics.arraySize || 0;
+    }
+
+    estimateListSize(violation) {
+        const metrics = violation.metrics || {};
+        return metrics.listSize || 0;
+    }
+
+    getModificationFrequency(filePath, gitCommitCountFn) {
+        if (typeof gitCommitCountFn === 'function') {
+            return gitCommitCountFn(filePath, 30);
+        }
+        return 0;
+    }
+
+    getLastModified(filePath) {
+        try {
+            const result = execSync(
+                `git log -1 --format=%cd --date=iso -- "${filePath}"`,
+                { encoding: 'utf8', cwd: process.cwd(), stdio: ['pipe', 'pipe', 'ignore'] }
+            );
+            return result.trim();
+        } catch {
+            return null;
+        }
+    }
+}
+
+module.exports = { DataAnalyzer };

package/scripts/hooks-system/infrastructure/severity/context/analyzers/ImpactAnalyzer.js

@@ -0,0 +1,68 @@
+const { execSync } = require('child_process');
+const path = require('path');
+
+class ImpactAnalyzer {
+    estimateCallFrequency(violation, filePath, gitCommitCountFn) {
+        if (filePath.includes('/dashboard/') || filePath.includes('/home/')) return 5000;
+        if (filePath.includes('/payment/') || filePath.includes('/checkout/')) return 1000;
+        if (filePath.includes('/admin/')) return 100;
+        if (filePath.includes('/settings/')) return 50;
+
+        // Use passed function or default logic if needed, but ContextBuilder had it inline.
+        // We will assume gitCommitCountFn is passed or logic moved here.
+        // For now, let's keep the git logic here if it's specific to this estimation, 
+        // or assume we get the commit count passed in to keep this class IO-free if possible?
+        // The original code mixed them. Let's replicate original logic but maybe delegate git operations.
+
+        // Ideally, Git operations should be in a GitAdapter, but for this refactor we keep behavior similar.
+        if (typeof gitCommitCountFn === 'function') {
+            const commits = gitCommitCountFn(filePath, 30);
+            if (commits > 10) return 2000;
+            if (commits > 5) return 500;
+        }
+
+        return 100;
+    }
+
+    isUserFacing(filePath) {
+        const uiFolders = ['/views/', '/ui/', '/components/', '/pages/', '/screens/'];
+        return uiFolders.some(folder => filePath.includes(folder));
+    }
+
+    isCriticalPath(violation, filePath) {
+        const criticalPaths = [
+            '/payment/',
+            '/checkout/',
+            '/auth/',
+            '/signup/',
+            '/login/',
+            '/order/',
+            '/transaction/'
+        ];
+
+        return criticalPaths.some(p => filePath.toLowerCase().includes(p)) ||
+            (violation.message && violation.message.toLowerCase().includes('payment')) ||
+            (violation.message && violation.message.toLowerCase().includes('auth'));
+    }
+
+    isHotPath(filePath) {
+        return filePath.includes('/render/') ||
+            filePath.includes('/animation/') ||
+            filePath.includes('/scroll/');
+    }
+
+    countDependents(filePath) {
+        try {
+            const fileName = path.basename(filePath, path.extname(filePath));
+            const result = execSync(
+                `git grep -l "import.*${fileName}" | wc -l`,
+                { encoding: 'utf8', cwd: process.cwd(), stdio: ['pipe', 'pipe', 'ignore'] }
+            );
+            return parseInt(result.trim()) || 0;
+        } catch {
+            return 0;
+        }
+    }
+}
+
+module.exports = { ImpactAnalyzer };

package/scripts/hooks-system/infrastructure/severity/context/analyzers/SafetyAnalyzer.js

@@ -0,0 +1,82 @@
+const fs = require('fs');
+
+class SafetyAnalyzer {
+    hasErrorBoundary(violation, filePath) {
+        if (!fs.existsSync(filePath)) return false;
+
+        try {
+            const content = fs.readFileSync(filePath, 'utf8');
+            return content.includes('try {') ||
+                content.includes('ErrorBoundary') ||
+                content.includes('catch {') ||
+                content.includes('do {');
+        } catch {
+            return false;
+        }
+    }
+
+    hasFallback(violation, filePath) {
+        if (!fs.existsSync(filePath)) return false;
+
+        try {
+            const content = fs.readFileSync(filePath, 'utf8');
+            return content.includes('fallback') ||
+                content.includes('default value') ||
+                content.includes('?? ') ||
+                content.includes('|| ');
+        } catch {
+            return false;
+        }
+    }
+
+    hasRetryLogic(filePath) {
+        if (!fs.existsSync(filePath)) return false;
+
+        try {
+            const content = fs.readFileSync(filePath, 'utf8');
+            return content.includes('retry') ||
+                content.includes('maxRetries') ||
+                content.includes('exponentialBackoff');
+        } catch {
+            return false;
+        }
+    }
+
+    handlesCredentials(filePath) {
+        if (!fs.existsSync(filePath)) return false;
+
+        try {
+            const content = fs.readFileSync(filePath, 'utf8').toLowerCase();
+            return content.includes('password') ||
+                content.includes('token') ||
+                content.includes('apikey') ||
+                content.includes('secret') ||
+                content.includes('credential');
+        } catch {
+            return false;
+        }
+    }
+
+    handlesPII(filePath) {
+        if (!fs.existsSync(filePath)) return false;
+
+        try {
+            const content = fs.readFileSync(filePath, 'utf8').toLowerCase();
+            return content.includes('email') ||
+                content.includes('phone') ||
+                content.includes('address') ||
+                content.includes('ssn') ||
+                content.includes('personaldata') ||
+                content.includes('pii');
+        } catch {
+            return false;
+        }
+    }
+
+    handlesPayments(filePath) {
+        const paymentPatterns = ['/payment/', '/checkout/', '/billing/', '/stripe/', '/paypal/'];
+        return paymentPatterns.some(p => filePath.toLowerCase().includes(p));
+    }
+}
+
+module.exports = { SafetyAnalyzer };