pumuki-ast-hooks 5.3.18 → 5.3.19

package/scripts/hooks-system/application/services/token/TokenMetricsService.js

@@ -1,8 +1,5 @@
 const { execSync } = require('child_process');
 
-// Import recordMetric for prometheus metrics
-const { recordMetric } = require('../../../infrastructure/telemetry/metrics-logger');
-
 class TokenMetricsService {
     constructor(cursorTokenService, thresholds, logger) {
         this.cursorTokenService = cursorTokenService;
@@ -57,8 +54,7 @@ class TokenMetricsService {
         if (untrusted) {
             level = 'ok';
         }
-        const env = require('../../config/env');
-        const forceLevel = (env.get('TOKEN_MONITOR_FORCE_LEVEL', '') || '').toLowerCase();
+        const forceLevel = (process.env.TOKEN_MONITOR_FORCE_LEVEL || '').toLowerCase();
         if (forceLevel === 'warning' || forceLevel === 'critical' || forceLevel === 'ok') {
             level = forceLevel;
         }
@@ -79,15 +75,6 @@ class TokenMetricsService {
             this.logger.debug('TOKEN_MONITOR_METRICS', metrics);
         }
 
-        // Record prometheus metrics
-        recordMetric({
-            hook: 'token_monitor',
-            status: 'collect',
-            tokensUsed,
-            percentUsed: Number(percentUsed.toFixed(0)),
-            level
-        });
-
         return metrics;
     }
 

package/scripts/hooks-system/bin/__tests__/evidence-update.spec.js

@@ -0,0 +1,49 @@
+const fs = require('fs');
+const os = require('os');
+const path = require('path');
+const { execSync } = require('child_process');
+
+describe('ast-hooks evidence:update', () => {
+    let repoRoot;
+    let subdir;
+
+    beforeEach(() => {
+        repoRoot = fs.mkdtempSync(path.join(os.tmpdir(), 'ast-hooks-evidence-cli-'));
+        subdir = path.join(repoRoot, 'packages', 'app');
+        fs.mkdirSync(subdir, { recursive: true });
+
+        execSync('git init', { cwd: repoRoot, stdio: 'ignore' });
+        execSync('git config user.email "test@example.com"', { cwd: repoRoot, stdio: 'ignore' });
+        execSync('git config user.name "Test"', { cwd: repoRoot, stdio: 'ignore' });
+
+        fs.writeFileSync(path.join(repoRoot, 'README.md'), 'test', 'utf8');
+        execSync('git add README.md', { cwd: repoRoot, stdio: 'ignore' });
+        execSync('git commit -m "chore: init"', { cwd: repoRoot, stdio: 'ignore' });
+    });
+
+    afterEach(() => {
+        fs.rmSync(repoRoot, { recursive: true, force: true });
+    });
+
+    it('updates .AI_EVIDENCE.json in repo root even when executed from subdirectory', () => {
+        const cliPath = path.resolve(__dirname, '..', 'cli.js');
+        const output = execSync(`node ${cliPath} evidence:update`, {
+            cwd: subdir,
+            encoding: 'utf8',
+            env: {
+                ...process.env,
+                AUTO_EVIDENCE_TRIGGER: 'test',
+                AUTO_EVIDENCE_REASON: 'test',
+                AUTO_EVIDENCE_SUMMARY: 'test'
+            }
+        }).trim();
+
+        const evidencePath = path.join(repoRoot, '.AI_EVIDENCE.json');
+        expect(fs.realpathSync(output)).toBe(fs.realpathSync(evidencePath));
+        expect(fs.existsSync(evidencePath)).toBe(true);
+
+        const json = JSON.parse(fs.readFileSync(evidencePath, 'utf8'));
+        expect(typeof json.timestamp).toBe('string');
+        expect(json.timestamp.length).toBeGreaterThan(10);
+    });
+});

package/scripts/hooks-system/bin/cli.js

@@ -121,21 +121,7 @@ const commands = {
   },
 
   ast: () => {
-    const env = { ...process.env };
-    const filteredArgs = [];
-
-    for (const arg of args) {
-      if (arg === '--staged') {
-        env.STAGING_ONLY_MODE = '1';
-      } else {
-        filteredArgs.push(arg);
-      }
-    }
-
-    execSync(
-      `node ${path.join(HOOKS_ROOT, 'infrastructure/ast/ast-intelligence.js')} ${filteredArgs.join(' ')}`,
-      { stdio: 'inherit', env }
-    );
+    execSync(`node ${path.join(HOOKS_ROOT, 'infrastructure/ast/ast-intelligence.js')}`, { stdio: 'inherit' });
   },
 
   install: () => {

package/scripts/hooks-system/domain/events/index.js

@@ -1,5 +1,3 @@
-const { ValidationError } = require('../errors');
-
 class DomainEvent {
     constructor(type, payload) {
         this.type = type;
@@ -9,8 +7,8 @@ class DomainEvent {
     }
 
     validate() {
-        if (!this.type) throw new ValidationError('Event type is required', 'type', this.type);
-        if (!this.payload) throw new ValidationError('Event payload is required', 'payload', this.payload);
+        if (!this.type) throw new Error('Event type is required');
+        if (!this.payload) throw new Error('Event payload is required');
         return true;
     }
 
@@ -31,9 +29,7 @@ class EvidenceStaleEvent extends DomainEvent {
 
     validate() {
         super.validate();
-        if (!this.payload.evidencePath) {
-            throw new ValidationError('Evidence path is required', 'payload.evidencePath', this.payload.evidencePath);
-        }
+        if (!this.payload.evidencePath) throw new Error('Evidence path is required');
     }
 }
 
@@ -45,12 +41,8 @@ class GitFlowViolationEvent extends DomainEvent {
 
     validate() {
         super.validate();
-        if (!this.payload.branch) {
-            throw new ValidationError('Branch name is required', 'payload.branch', this.payload.branch);
-        }
-        if (!this.payload.violation) {
-            throw new ValidationError('Violation details are required', 'payload.violation', this.payload.violation);
-        }
+        if (!this.payload.branch) throw new Error('Branch name is required');
+        if (!this.payload.violation) throw new Error('Violation details are required');
     }
 }
 
@@ -62,9 +54,7 @@ class AstCriticalFoundEvent extends DomainEvent {
 
     validate() {
         super.validate();
-        if (!Array.isArray(this.payload.findings)) {
-            throw new ValidationError('Findings must be an array', 'payload.findings', this.payload.findings);
-        }
+        if (!Array.isArray(this.payload.findings)) throw new Error('Findings must be an array');
     }
 }
 
@@ -85,8 +75,6 @@ class AnalysisCompletedEvent extends DomainEvent {
 class EventBus {
     constructor() {
         this.subscribers = new Map();
-        this.processedIds = new Set();
-        this.maxProcessed = 500;
     }
 
     subscribe(eventType, handler) {
@@ -106,25 +94,11 @@ class EventBus {
     }
 
     async publish(event) {
-        if (event?.id && this.processedIds.has(event.id)) {
-            return event;
-        }
         const handlers = this.subscribers.get(event.type) || [];
         const wildcardHandlers = this.subscribers.get('*') || [];
         const allHandlers = [...handlers, ...wildcardHandlers];
 
         await Promise.all(allHandlers.map(handler => handler(event)));
-
-        if (event?.id) {
-            this.processedIds.add(event.id);
-            if (this.processedIds.size > this.maxProcessed) {
-                const iter = this.processedIds.values();
-                for (let i = 0; i < 50 && this.processedIds.size > this.maxProcessed; i++) {
-                    const next = iter.next();
-                    if (!next.done) this.processedIds.delete(next.value);
-                }
-            }
-        }
         return event;
     }
 

package/scripts/hooks-system/infrastructure/ast/android/analyzers/AndroidAnalysisOrchestrator.js

@@ -40,9 +40,8 @@ class AndroidAnalysisOrchestrator {
             return 0.6745 * (x - med) / madValue;
         };
 
-        const env = require('../../../../config/env');
-        const pOutlier = env.getNumber('AST_GODCLASS_P_OUTLIER', 90);
-        const pExtreme = env.getNumber('AST_GODCLASS_P_EXTREME', 97);
+        const pOutlier = Number(process.env.AST_GODCLASS_P_OUTLIER || 90);
+        const pExtreme = Number(process.env.AST_GODCLASS_P_EXTREME || 97);
 
         const methods = this.godClassCandidates.map(c => c.methodsCount);
         const props = this.godClassCandidates.map(c => c.propertiesCount);

package/scripts/hooks-system/infrastructure/ast/ast-core.js

@@ -2,7 +2,6 @@
 const { Project, Node, SyntaxKind, ScriptTarget, ModuleKind } = require("ts-morph");
 const path = require("path");
 const fs = require("fs");
-const env = require("../../config/env");
 
 let SeverityEvaluator = null;
 let severityEvaluatorInstance = null;
@@ -20,7 +19,7 @@ function getSeverityEvaluator() {
   return severityEvaluatorInstance;
 }
 
-let INTELLIGENT_SEVERITY_ENABLED = env.getBool('INTELLIGENT_SEVERITY', false);
+let INTELLIGENT_SEVERITY_ENABLED = process.env.INTELLIGENT_SEVERITY === 'true';
 
 /**
  * Get repository root directory (portable - dynamic detection)
@@ -180,18 +179,18 @@ function pushFinding(ruleId, severity, sf, node, message, findings, metrics = {}
   let mappedSeverity = mapToLevel(severity);
   const isCleanLayerMarkerRule = ruleId === 'backend.clean.domain' || ruleId === 'backend.clean.application' || ruleId === 'backend.clean.infrastructure' || ruleId === 'backend.clean.presentation';
   let isStrictCriticalRule = false;
-  if (env.get('AUDIT_STRICT', '0') === '1' && !isCleanLayerMarkerRule) {
+  if (process.env.AUDIT_STRICT === '1' && !isCleanLayerMarkerRule) {
     const defaultStrictCriticalRegex = '(solid\\.|architecture\\.|clean\\.|cqrs\\.|tdd\\.|bdd\\.|security\\.|error\\.|testing\\.|performance\\.|metrics\\.|observability\\.|validation\\.|i18n\\.|accessibility\\.|naming\\.)';
     const defaultStrictCriticalRegexLibrary = '(solid\\.|architecture\\.|clean\\.|cqrs\\.|tdd\\.|bdd\\.|security\\.|error\\.|testing\\.|validation\\.|naming\\.)';
-    const strictRegexSource = env.get('AST_STRICT_CRITICAL_RULES_REGEX',
-      env.getBool('AUDIT_LIBRARY', false)
-        ? env.get('AST_STRICT_CRITICAL_RULES_REGEX_LIBRARY', defaultStrictCriticalRegexLibrary)
+    const strictRegexSource = process.env.AST_STRICT_CRITICAL_RULES_REGEX ||
+      (process.env.AUDIT_LIBRARY === 'true'
+        ? (process.env.AST_STRICT_CRITICAL_RULES_REGEX_LIBRARY || defaultStrictCriticalRegexLibrary)
         : defaultStrictCriticalRegex);
     let strictRegex;
     try {
       strictRegex = new RegExp(strictRegexSource, 'i');
     } catch {
-      strictRegex = new RegExp(env.getBool('AUDIT_LIBRARY', false) ? defaultStrictCriticalRegexLibrary : defaultStrictCriticalRegex, 'i');
+      strictRegex = new RegExp(process.env.AUDIT_LIBRARY === 'true' ? defaultStrictCriticalRegexLibrary : defaultStrictCriticalRegex, 'i');
     }
     isStrictCriticalRule = strictRegex.test(ruleId);
     if (isStrictCriticalRule) {
@@ -242,18 +241,18 @@ function pushFileFinding(ruleId, severity, filePath, line, column, message, find
   let mappedSeverity = mapToLevel(severity);
   const isCleanLayerMarkerRule = ruleId === 'backend.clean.domain' || ruleId === 'backend.clean.application' || ruleId === 'backend.clean.infrastructure' || ruleId === 'backend.clean.presentation';
   let isStrictCriticalRule = false;
-  if (env.get('AUDIT_STRICT', '0') === '1' && !isCleanLayerMarkerRule) {
+  if (process.env.AUDIT_STRICT === '1' && !isCleanLayerMarkerRule) {
     const defaultStrictCriticalRegex = '(solid\\.|architecture\\.|clean\\.|cqrs\\.|tdd\\.|bdd\\.|security\\.|error\\.|testing\\.|performance\\.|metrics\\.|observability\\.|validation\\.|i18n\\.|accessibility\\.|naming\\.)';
     const defaultStrictCriticalRegexLibrary = '(solid\\.|architecture\\.|clean\\.|cqrs\\.|tdd\\.|bdd\\.|security\\.|error\\.|testing\\.|validation\\.|naming\\.)';
-    const strictRegexSource = env.get('AST_STRICT_CRITICAL_RULES_REGEX',
-      env.getBool('AUDIT_LIBRARY', false)
-        ? env.get('AST_STRICT_CRITICAL_RULES_REGEX_LIBRARY', defaultStrictCriticalRegexLibrary)
+    const strictRegexSource = process.env.AST_STRICT_CRITICAL_RULES_REGEX ||
+      (process.env.AUDIT_LIBRARY === 'true'
+        ? (process.env.AST_STRICT_CRITICAL_RULES_REGEX_LIBRARY || defaultStrictCriticalRegexLibrary)
         : defaultStrictCriticalRegex);
     let strictRegex;
     try {
       strictRegex = new RegExp(strictRegexSource, 'i');
     } catch {
-      strictRegex = new RegExp(env.getBool('AUDIT_LIBRARY', false) ? defaultStrictCriticalRegexLibrary : defaultStrictCriticalRegex, 'i');
+      strictRegex = new RegExp(process.env.AUDIT_LIBRARY === 'true' ? defaultStrictCriticalRegexLibrary : defaultStrictCriticalRegex, 'i');
     }
     isStrictCriticalRule = strictRegex.test(ruleId);
     if (isStrictCriticalRule) {
@@ -333,6 +332,15 @@ function mapToLevel(severity) {
 function platformOf(filePath) {
   const p = filePath.replace(/\\/g, "/");
 
+  if (p.includes("/infrastructure/ast/") && process.env.AUDIT_LIBRARY !== 'true') return null;
+
+  if (process.env.AUDIT_LIBRARY === 'true') {
+    if (p.includes("/infrastructure/ast/backend/") || p.includes("/scripts/hooks-system/infrastructure/ast/backend/")) return "backend";
+    if (p.includes("/infrastructure/ast/frontend/") || p.includes("/scripts/hooks-system/infrastructure/ast/frontend/")) return "frontend";
+    if (p.includes("/infrastructure/ast/android/") || p.includes("/scripts/hooks-system/infrastructure/ast/android/")) return "android";
+    if (p.includes("/infrastructure/ast/ios/") || p.includes("/scripts/hooks-system/infrastructure/ast/ios/")) return "ios";
+  }
+
   if (p.includes("/apps/backend/") || p.includes("apps/backend/")) return "backend";
   if (p.includes("/apps/admin/") || p.includes("/admin-dashboard/")) return "frontend";
   if (p.includes("/apps/mobile-ios/") || p.includes("/apps/ios/")) return "ios";

package/scripts/hooks-system/infrastructure/ast/ast-intelligence.js

@@ -1,7 +1,6 @@
 
 const path = require("path");
 const fs = require("fs");
-const env = require("../../config/env");
 
 const astModulesPath = __dirname;
 const { createProject, platformOf, mapToLevel } = require(path.join(astModulesPath, "ast-core"));
@@ -28,7 +27,13 @@ async function runASTIntelligence() {
     const { getRepoRoot } = require('./ast-core');
     const root = getRepoRoot();
 
-    const allFiles = listSourceFiles(root);
+    const isLibraryAudit = process.env.AUDIT_LIBRARY === 'true';
+
+    const allFiles = listSourceFiles(root).filter(f => {
+      const p = String(f || '').replace(/\\/g, '/');
+      if (!isLibraryAudit && p.includes('/infrastructure/ast/')) return false;
+      return true;
+    });
 
     const project = createProject(allFiles);
     const findings = [];
@@ -70,9 +75,9 @@ async function runASTIntelligence() {
 }
 
 function runProjectHardcodedThresholdAudit(root, allFiles, findings) {
-  if (env.get('AST_INSIGHTS', '0') !== '1') return;
+  if (process.env.AST_INSIGHTS !== '1') return;
 
-  const maxFindings = env.getNumber('AST_INSIGHTS_PROJECT_MAX', 200);
+  const maxFindings = Number(process.env.AST_INSIGHTS_PROJECT_MAX || 200);
   if (!Number.isFinite(maxFindings) || maxFindings <= 0) return;
 
   const isExcludedPath = (filePath) => {
@@ -155,7 +160,7 @@ function runProjectHardcodedThresholdAudit(root, allFiles, findings) {
 }
 
 function runHardcodedThresholdAudit(root, findings) {
-  if (env.get('AST_INSIGHTS', '0') !== '1') return;
+  if (process.env.AST_INSIGHTS !== '1') return;
 
   const ruleDirs = [
     path.join(root, 'infrastructure', 'ast'),
@@ -312,7 +317,7 @@ async function runPlatformAnalysis(project, findings, context) {
       }
     } catch (error) {
       console.error(`[ERROR] Error processing platform ${platform}:`, error.message);
-      if (env.getBool('DEBUG_AST', false)) {
+      if (process.env.DEBUG_AST) {
         console.error(error.stack);
       }
     }
@@ -371,7 +376,7 @@ function generateOutput(findings, context, project, root) {
  * Save detailed JSON report
  */
 function saveDetailedReport(findings, levelTotals, platformTotals, project, root) {
-  const outDir = env.get('AUDIT_TMP', path.join(root, ".audit_tmp"));
+  const outDir = process.env.AUDIT_TMP || path.join(root, ".audit_tmp");
   try {
     fs.mkdirSync(outDir, { recursive: true });
 
@@ -527,7 +532,7 @@ function checkForMigrations(root) {
  * List source files recursively
  */
 function listSourceFiles(root) {
-  if (env.get('STAGING_ONLY_MODE', '0') === "1") {
+  if (process.env.STAGING_ONLY_MODE === "1") {
     const { execSync } = require("child_process");
     try {
       const allStaged = execSync("git diff --cached --name-only --diff-filter=ACM", {
@@ -595,6 +600,11 @@ function listSourceFiles(root) {
 function shouldIgnore(file) {
   const p = file.replace(/\\/g, "/");
   if (p.includes("node_modules/")) return true;
+
+  const isLibraryAudit = process.env.AUDIT_LIBRARY === 'true';
+
+  if (!isLibraryAudit && p.includes("scripts/hooks-system/")) return true;
+  if (!isLibraryAudit && p.includes("/infrastructure/ast/")) return true;
   if (p.includes("/.cursor/")) return true;
   if (/\.bak/i.test(p)) return true;
   if (p.includes("/.next/")) return true;

package/scripts/hooks-system/infrastructure/ast/backend/analyzers/BackendPatternDetector.js

@@ -1,6 +1,5 @@
 const fs = require('fs');
 const path = require('path');
-const env = require('../../../../config/env');
 
 class BackendPatternDetector {
   constructor(projectRoot) {
@@ -12,7 +11,7 @@ class BackendPatternDetector {
       const fullPath = path.join(this.projectRoot, relativePath);
       return fs.readFileSync(fullPath, 'utf-8');
     } catch (error) {
-      if (env.getBool('DEBUG', false)) {
+      if (process.env.DEBUG) {
         console.debug(`[BackendPatternDetector] Failed to read file ${relativePath}: ${error.message}`);
       }
       return '';

package/scripts/hooks-system/infrastructure/ast/backend/ast-backend.js

@@ -1,13 +1,11 @@
+
 const path = require('path');
-const env = require('../../../config/env');
 const {
-  platformOf,
   pushFinding,
-  pushFileFinding,
   mapToLevel,
-  positionOf,
-  isTestFile,
   SyntaxKind,
+  isTestFile,
+  platformOf,
   hasImport,
   hasDecorator,
   findStringLiterals,
@@ -121,7 +119,7 @@ function runBackendIntelligence(project, findings, platform) {
       const filePath = sf.getFilePath();
       if (platformOf(filePath) !== 'backend') return;
       if (/\/ast-[^/]+\.js$/.test(filePath)) return;
-      if (!env.getBool('AUDIT_LIBRARY', false)) {
+      if (process.env.AUDIT_LIBRARY !== 'true') {
         if (/scripts\/hooks-system\/infrastructure\/ast\//i.test(filePath) || /\/infrastructure\/ast\//i.test(filePath)) return;
       }
       if (isTestFile(filePath)) return;
@@ -146,8 +144,8 @@ function runBackendIntelligence(project, findings, platform) {
 
     if (metrics.length === 0) return null;
 
-    const pOutlier = env.getNumber('AST_GODCLASS_P_OUTLIER', 90);
-    const pExtreme = env.getNumber('AST_GODCLASS_P_EXTREME', 97);
+    const pOutlier = Number(process.env.AST_GODCLASS_P_OUTLIER || 90);
+    const pExtreme = Number(process.env.AST_GODCLASS_P_EXTREME || 97);
 
     const methods = metrics.map(m => m.methodsCount);
     const props = metrics.map(m => m.propertiesCount);
@@ -204,12 +202,12 @@ function runBackendIntelligence(project, findings, platform) {
     if (platformOf(filePath) !== "backend") return;
 
     if (/\/ast-[^/]+\.js$/.test(filePath)) return;
-    if (!env.getBool('AUDIT_LIBRARY', false)) {
+    if (process.env.AUDIT_LIBRARY !== 'true') {
       if (/scripts\/hooks-system\/infrastructure\/ast\//i.test(filePath) || /\/infrastructure\/ast\//i.test(filePath)) return;
     }
 
     const fullText = sf.getFullText();
-    const insightsEnabled = env.get('AST_INSIGHTS', '0') === '1';
+    const insightsEnabled = process.env.AST_INSIGHTS === '1';
     const isSpecFile = /\.(spec|test)\.(ts|tsx|js|jsx)$/.test(filePath);
     const secretPattern = /(password|secret|key|token)\s*[:=]\s*['"`]([^'"]{8,})['"`]/gi;
     const matches = Array.from(fullText.matchAll(secretPattern));