npm - pumuki-ast-hooks - Versions diffs - 5.5.51 → 5.5.52 - Mend

pumuki-ast-hooks 5.5.51 → 5.5.52

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (38) hide show

package/scripts/hooks-system/application/services/installation/mcp/McpServerConfigBuilder.js ADDED Viewed

@@ -0,0 +1,103 @@
+const fs = require('fs');
+const path = require('path');
+const { execSync } = require('child_process');
+const crypto = require('crypto');
+const env = require('../../../../config/env.js');
+function slugifyId(input) {
+    return String(input || '')
+        .trim()
+        .toLowerCase()
+        .replace(/[^a-z0-9]+/g, '-')
+        .replace(/^-+|-+$/g, '')
+        .slice(0, 48);
+}
+class McpServerConfigBuilder {
+    constructor(targetRoot, hookSystemRoot, logger = null) {
+        this.targetRoot = targetRoot;
+        this.hookSystemRoot = hookSystemRoot;
+        this.logger = logger;
+    }
+    build() {
+        const serverId = this.computeServerIdForRepo(this.targetRoot);
+        const entrypoint = this.resolveAutomationEntrypoint();
+        const nodePath = this.resolveNodeBinary();
+        const mcpConfig = {
+            mcpServers: {
+                [serverId]: {
+                    command: nodePath,
+                    args: [entrypoint],
+                    env: {
+                        REPO_ROOT: this.targetRoot,
+                        AUTO_COMMIT_ENABLED: 'false',
+                        AUTO_PUSH_ENABLED: 'false',
+                        AUTO_PR_ENABLED: 'false'
+                    }
+                }
+            }
+        };
+        return { serverId, mcpConfig };
+    }
+    resolveAutomationEntrypoint() {
+        const candidates = [
+            this.hookSystemRoot
+                ? path.join(this.hookSystemRoot, 'infrastructure', 'mcp', 'ast-intelligence-automation.js')
+                : null,
+            path.join(this.targetRoot, 'scripts', 'hooks-system', 'infrastructure', 'mcp', 'ast-intelligence-automation.js')
+        ].filter(Boolean);
+        for (const candidate of candidates) {
+            try {
+                if (fs.existsSync(candidate)) return candidate;
+            } catch (error) {
+                this.logger?.warn?.('MCP_ENTRYPOINT_CHECK_FAILED', { candidate, error: error.message });
+            }
+        }
+        return path.join(this.targetRoot, 'scripts/hooks-system/infrastructure/mcp/ast-intelligence-automation.js');
+    }
+    resolveNodeBinary() {
+        let nodePath = process.execPath;
+        if (nodePath && fs.existsSync(nodePath)) return nodePath;
+        try {
+            return execSync('which node', { encoding: 'utf-8' }).trim();
+        } catch (error) {
+            if (process.env.DEBUG) {
+                process.stderr.write(`[MCP] which node failed: ${error && error.message ? error.message : String(error)}\n`);
+            }
+            return 'node';
+        }
+    }
+    computeServerIdForRepo(repoRoot) {
+        const legacyServerId = 'ast-intelligence-automation';
+        const forced = (env.get('MCP_SERVER_ID', '') || '').trim();
+        if (forced.length > 0) return forced;
+        const repoName = path.basename(repoRoot || process.cwd());
+        const slug = slugifyId(repoName) || 'repo';
+        const fp = this.computeRepoFingerprint(repoRoot);
+        return `${legacyServerId}-${slug}-${fp}`;
+    }
+    computeRepoFingerprint(repoRoot) {
+        try {
+            const real = fs.realpathSync(repoRoot);
+            return crypto.createHash('sha1').update(real).digest('hex').slice(0, 8);
+        } catch (error) {
+            if (process.env.DEBUG) {
+                process.stderr.write(`[MCP] computeRepoFingerprint fallback: ${error && error.message ? error.message : String(error)}\n`);
+            }
+            return crypto.createHash('sha1').update(String(repoRoot || '')).digest('hex').slice(0, 8);
+        }
+    }
+}
+module.exports = McpServerConfigBuilder;

package/scripts/hooks-system/application/services/monitoring/EvidenceMonitor.js CHANGED Viewed

@@ -1,6 +1,7 @@
 const fs = require('fs');
 const path = require('path');
-const { EvidenceRefreshRunner } = require('./EvidenceRefreshRunner');
+const { execSync } = require('child_process');
+const { ConfigurationError, DomainError } = require('../../../domain/errors');
 const AuditLogger = require('../logging/AuditLogger');
 class EvidenceMonitor {
@@ -13,9 +14,98 @@ class EvidenceMonitor {
         this.lastStaleNotification = 0;
         this.pollTimer = null;
         this.evidencePath = path.join(repoRoot, '.AI_EVIDENCE.json');
-        this.refreshRunner = new EvidenceRefreshRunner(repoRoot, {
-            refreshTimeoutMs: options.refreshTimeoutMs
-        });
+        this.tempDir = path.join(repoRoot, '.audit_tmp');
+        this.updateScript = this.resolveUpdateEvidenceScript();
+        this.refreshInFlight = false;
+        this.refreshTimeoutMs = options.refreshTimeoutMs || 120000;
+        this.refreshLockFile = path.join(this.tempDir, 'evidence-refresh.lock');
+    }
+    isPidRunning(pid) {
+        if (!pid || !Number.isFinite(pid) || pid <= 0) return false;
+        try {
+            process.kill(pid, 0);
+            return true;
+        } catch {
+            return false;
+        }
+    }
+    acquireRefreshLock() {
+        try {
+            fs.mkdirSync(this.tempDir, { recursive: true });
+        } catch (error) {
+            console.warn('[EvidenceMonitor] Failed to ensure temp dir:', error.message);
+        }
+        try {
+            const fd = fs.openSync(this.refreshLockFile, 'wx');
+            const payload = JSON.stringify({ pid: process.pid, timestamp: new Date().toISOString() });
+            fs.writeFileSync(fd, payload, { encoding: 'utf8' });
+            fs.closeSync(fd);
+            return { acquired: true };
+        } catch (error) {
+            if (error && error.code !== 'EEXIST') {
+                return { acquired: false, reason: 'error', error };
+            }
+            try {
+                const raw = String(fs.readFileSync(this.refreshLockFile, 'utf8') || '').trim();
+                const data = raw ? JSON.parse(raw) : null;
+                const lockPid = data && Number(data.pid);
+                if (lockPid && this.isPidRunning(lockPid)) {
+                    return { acquired: false, reason: 'locked', pid: lockPid };
+                }
+            } catch (error) {
+                console.warn('[EvidenceMonitor] Failed to read refresh lock file:', error.message);
+            }
+            try {
+                fs.unlinkSync(this.refreshLockFile);
+            } catch (error) {
+                console.warn('[EvidenceMonitor] Failed to remove stale refresh lock:', error.message);
+            }
+            try {
+                const fd = fs.openSync(this.refreshLockFile, 'wx');
+                const payload = JSON.stringify({ pid: process.pid, timestamp: new Date().toISOString() });
+                fs.writeFileSync(fd, payload, { encoding: 'utf8' });
+                fs.closeSync(fd);
+                return { acquired: true };
+            } catch (retryError) {
+                return { acquired: false, reason: 'locked', error: retryError };
+            }
+        }
+    }
+    releaseRefreshLock() {
+        try {
+            if (!fs.existsSync(this.refreshLockFile)) return;
+            const raw = String(fs.readFileSync(this.refreshLockFile, 'utf8') || '').trim();
+            const data = raw ? JSON.parse(raw) : null;
+            const lockPid = data && Number(data.pid);
+            if (lockPid === process.pid) {
+                fs.unlinkSync(this.refreshLockFile);
+            }
+        } catch (error) {
+            console.warn('[EvidenceMonitor] Failed to release refresh lock:', error.message);
+        }
+    }
+    resolveUpdateEvidenceScript() {
+        const candidates = [
+            path.join(this.repoRoot, 'node_modules/@pumuki/ast-intelligence-hooks/bin/update-evidence.sh'),
+            path.join(this.repoRoot, 'scripts/hooks-system/bin/update-evidence.sh'),
+            path.join(this.repoRoot, 'bin/update-evidence.sh')
+        ];
+        for (const candidate of candidates) {
+            if (fs.existsSync(candidate)) {
+                return candidate;
+            }
+        }
+        return null;
     }
     isStale() {
@@ -33,7 +123,58 @@ class EvidenceMonitor {
     }
     async refresh() {
-        return this.refreshRunner.refresh();
+        if (!this.updateScript) {
+            throw new ConfigurationError('Update evidence script not found', 'updateScript');
+        }
+        if (this.refreshInFlight) {
+            return '';
+        }
+        const lock = this.acquireRefreshLock();
+        if (!lock.acquired) {
+            return '';
+        }
+        this.refreshInFlight = true;
+        return new Promise((resolve, reject) => {
+            const child = require('child_process').spawn('bash', [this.updateScript, '--auto', '--refresh-only'], {
+                cwd: this.repoRoot,
+                stdio: ['pipe', 'pipe', 'pipe']
+            });
+            let output = '';
+            child.stdout.on('data', (data) => {
+                output += data.toString();
+            });
+            const timeoutId = setTimeout(() => {
+                try {
+                    child.kill('SIGKILL');
+                } catch (error) {
+                    console.warn('[EvidenceMonitor] Failed to kill timed-out refresh process:', error.message);
+                }
+            }, this.refreshTimeoutMs);
+            child.on('close', (code) => {
+                clearTimeout(timeoutId);
+                this.refreshInFlight = false;
+                this.releaseRefreshLock();
+                if (code === 0) {
+                    resolve(output);
+                } else {
+                    reject(new DomainError(`Evidence refresh failed with code ${code}`, 'EVIDENCE_REFRESH_FAILED'));
+                }
+            });
+            child.on('error', (err) => {
+                clearTimeout(timeoutId);
+                this.refreshInFlight = false;
+                this.releaseRefreshLock();
+                reject(err);
+            });
+        });
     }
     startPolling(onStale, onRefreshed) {

package/scripts/hooks-system/infrastructure/ast/ast-core.js CHANGED Viewed

@@ -45,18 +45,6 @@ function getRepoRoot() {
  */
 function shouldIgnore(file) {
   const p = file.replace(/\\/g, "/");
-  try {
-    const configPaths = loadExclusions()?.exclusions?.paths;
-    if (configPaths && typeof configPaths === 'object') {
-      for (const [key, enabled] of Object.entries(configPaths)) {
-        if (enabled && p.includes(key)) return true;
-      }
-    }
-  } catch (error) {
-    if (process.env.DEBUG) {
-      console.debug(`[ast-core] Failed to load exclusions for shouldIgnore: ${error.message || String(error)}`);
-    }
-  }
   if (p.includes("node_modules/")) return true;
   if (p.includes("/.next/")) return true;
   if (p.includes("/dist/")) return true;
@@ -137,7 +125,7 @@ let exclusionsConfig = null;
 function loadExclusions() {
   if (exclusionsConfig) return exclusionsConfig;
   try {
-    const configPath = path.join(getRepoRoot(), 'config', 'ast-exclusions.json');
+    const configPath = path.join(__dirname, '../../config/ast-exclusions.json');
     if (fs.existsSync(configPath)) {
       exclusionsConfig = JSON.parse(fs.readFileSync(configPath, 'utf-8'));
     }

package/scripts/hooks-system/infrastructure/ast/ast-intelligence.js CHANGED Viewed

@@ -22,7 +22,7 @@ function formatLocalTimestamp(date = new Date()) {
 }
 const astModulesPath = __dirname;
-const { createProject, platformOf, mapToLevel, shouldIgnore: coreShouldIgnore } = require(path.join(astModulesPath, "ast-core"));
+const { createProject, platformOf, mapToLevel } = require(path.join(astModulesPath, "ast-core"));
 const MacOSNotificationAdapter = require(path.join(__dirname, '../adapters/MacOSNotificationAdapter'));
 const { runBackendIntelligence } = require(path.join(astModulesPath, "backend/ast-backend"));
 const { runFrontendIntelligence } = require(path.join(astModulesPath, "frontend/ast-frontend"));
@@ -138,6 +138,8 @@ function runProjectHardcodedThresholdAudit(root, allFiles, findings) {
     if (p.includes('/build/')) return true;
     if (p.includes('/coverage/')) return true;
     if (p.includes('/.audit_tmp/')) return true;
+    if (p.includes('/infrastructure/ast/')) return true;
+    if (p.includes('/scripts/hooks-system/')) return true;
     return false;
   };
@@ -704,7 +706,6 @@ function listSourceFiles(root) {
  */
 function shouldIgnore(file) {
   const p = file.replace(/\\/g, "/");
-  if (typeof coreShouldIgnore === 'function' && coreShouldIgnore(p)) return true;
   if (p.includes("node_modules/")) return true;
   if (p.includes("/.cursor/")) return true;
   if (/\.bak/i.test(p)) return true;

package/scripts/hooks-system/infrastructure/ast/backend/ast-backend.js CHANGED Viewed

@@ -126,10 +126,13 @@ function runBackendIntelligence(project, findings, platform) {
         return;
       }
       // NO excluir archivos AST - la librería debe auto-auditarse
+      if (isTestFile(filePath)) return;
       sf.getDescendantsOfKind(SyntaxKind.ClassDeclaration).forEach((cls) => {
         const className = cls.getName() || '';
         const isValueObject = /Metrics|ValueObject|VO$|Dto$|Entity$/.test(className);
-        if (isValueObject) return;
+        const isTestClass = /Spec$|Test$|Mock/.test(className);
+        if (isValueObject || isTestClass) return;
         const methodsCount = cls.getMethods().length;
         const propertiesCount = cls.getProperties().length;
@@ -207,6 +210,9 @@ function runBackendIntelligence(project, findings, platform) {
     if (platformOf(filePath) !== "backend") return;
+    const normalizedBackendPath = filePath.replace(/\\/g, '/');
+    const isRealBackendAppFile = normalizedBackendPath.includes('/apps/backend/') || normalizedBackendPath.includes('apps/backend/');
     // NO excluir archivos AST - la librería debe auto-auditarse para detectar God classes masivas
     const fullText = sf.getFullText();
@@ -272,7 +278,7 @@ function runBackendIntelligence(project, findings, platform) {
       fullTextUpper.includes("ConfigService") ||
       usesEnvHelper;
     const hasConfigUsage = /process\.env\b|ConfigService|env\.get(Bool|Number)?\(|\bconfig\s*[\.\[]/i.test(sf.getFullText());
-    if (!hasEnvSpecific && hasConfigUsage && !isTestFile(filePath)) {
+    if (isRealBackendAppFile && !hasEnvSpecific && hasConfigUsage && !isTestFile(filePath)) {
       pushFinding("backend.config.missing_env_separation", "info", sf, sf, "Missing environment-specific configuration - consider NODE_ENV or ConfigService", findings);
     }
@@ -287,6 +293,10 @@ function runBackendIntelligence(project, findings, platform) {
       analyzeGodClasses(sf, findings, { SyntaxKind, pushFinding, godClassBaseline });
     }
+    if (!isRealBackendAppFile) {
+      return;
+    }
     sf.getDescendantsOfKind(SyntaxKind.ClassDeclaration).forEach((cls) => {
       const name = cls.getName();
       if (name && /Entity|Model|Domain/.test(name)) {
@@ -349,16 +359,12 @@ function runBackendIntelligence(project, findings, platform) {
       }
     });
-    const filePathNormalizedForMetrics = filePath.replace(/\\/g, "/");
-    const filePathNormalizedForMetricsLower = filePathNormalizedForMetrics.toLowerCase();
-    const isInternalAstToolingFileForMetrics = filePathNormalizedForMetricsLower.includes("/infrastructure/ast/") || filePathNormalizedForMetricsLower.includes("infrastructure/ast/") || filePathNormalizedForMetricsLower.includes("/scripts/hooks-system/infrastructure/ast/");
     const fullTextLower = fullText.toLowerCase();
     const hasMetrics = fullTextLower.includes("micrometer") || fullTextLower.includes("prometheus") ||
       fullTextLower.includes("actuator") || fullTextLower.includes("metrics");
     const looksLikeServiceOrController = fullTextLower.includes("controller") || fullTextLower.includes("service");
-    if (!isInternalAstToolingFileForMetrics && !hasMetrics && looksLikeServiceOrController) {
+    if (isRealBackendAppFile && !hasMetrics && looksLikeServiceOrController) {
       pushFinding("backend.metrics.missing_prometheus", "info", sf, sf, "Missing application metrics - consider Spring Boot Actuator or Micrometer for monitoring", findings);
     }
@@ -478,7 +484,7 @@ function runBackendIntelligence(project, findings, platform) {
     sf.getDescendantsOfKind(SyntaxKind.ThrowStatement).forEach((throwStmt) => {
       const expr = throwStmt.getExpression();
       if (!expr) return;
-      const exprText = expr.getText();
+      const exprText = throwStmt.getExpression().getText();
       if (exprText.includes("Error(") || exprText.includes("Exception(")) {
         const isCustom = exprText.includes("Exception") &&
           (exprText.includes("Validation") ||
@@ -486,7 +492,9 @@ function runBackendIntelligence(project, findings, platform) {
             exprText.includes("Unauthorized") ||
             exprText.includes("Forbidden"));
         if (!isCustom) {
-          pushFinding("backend.error.custom_exceptions", "info", sf, throwStmt, "Generic Error/Exception thrown - create custom exception classes for better error handling", findings);
+          if (isRealBackendAppFile) {
+            pushFinding("backend.error.custom_exceptions", "info", sf, throwStmt, "Generic Error/Exception thrown - create custom exception classes for better error handling", findings);
+          }
         }
       }
     });

package/scripts/hooks-system/infrastructure/ast/backend/detectors/god-class-detector.js CHANGED Viewed

@@ -7,7 +7,8 @@ function analyzeGodClasses(sourceFile, findings, { SyntaxKind, pushFinding, godC
     sourceFile.getDescendantsOfKind(SyntaxKind.ClassDeclaration).forEach((cls) => {
         const className = cls.getName() || '';
         const isValueObject = /Metrics|ValueObject|VO$|Dto$|Entity$/.test(className);
-        if (isValueObject) return;
+        const isTestClass = /Spec$|Test$|Mock/.test(className);
+        if (isValueObject || isTestClass) return;
         const methodsCount = cls.getMethods().length;
         const propertiesCount = cls.getProperties().length;

package/scripts/hooks-system/infrastructure/ast/ios/analyzers/iOSASTIntelligentAnalyzer.js CHANGED Viewed

@@ -1,6 +1,7 @@
 const { execSync } = require('child_process');
 const fs = require('fs');
 const path = require('path');
+const crypto = require('crypto');
 const env = require(path.join(__dirname, '../../../../config/env'));
 const {
   resetCollections,
@@ -8,21 +9,13 @@ const {
   analyzeCollectedNodes,
   finalizeGodClassDetection,
 } = require('../detectors/ios-ast-intelligent-strategies');
-const { SwiftToolchainResolver } = require('./SwiftToolchainResolver');
-const { StagedSwiftFilePreparer } = require('./StagedSwiftFilePreparer');
-const { SwiftAstRunner } = require('./SwiftAstRunner');
-const { iOSAstAnalysisOrchestrator } = require('./iOSAstAnalysisOrchestrator');
 class iOSASTIntelligentAnalyzer {
   constructor(findings) {
     this.findings = findings;
-    this.toolchain = new SwiftToolchainResolver();
-    this.sourceKittenPath = this.toolchain.sourceKittenPath;
-    this.isAvailable = this.toolchain.checkSourceKitten();
-    this.swiftSyntaxPath = this.toolchain.swiftSyntaxPath;
-    this.hasSwiftSyntax = Boolean(this.swiftSyntaxPath);
-    this.swiftRunner = new SwiftAstRunner({ toolchain: this.toolchain });
-    this.analysisOrchestrator = new iOSAstAnalysisOrchestrator();
+    this.sourceKittenPath = '/opt/homebrew/bin/sourcekitten';
+    this.isAvailable = this.checkSourceKitten();
+    this.hasSwiftSyntax = this.checkSwiftSyntax();
     this.fileContent = '';
     this.currentFilePath = '';
     this.godClassCandidates = [];
@@ -36,6 +29,99 @@ class iOSASTIntelligentAnalyzer {
     this.closures = [];
   }
+  resolveAuditTmpDir(repoRoot) {
+    const configured = String(env.get('AUDIT_TMP', '') || '').trim();
+    if (configured.length > 0) {
+      return path.isAbsolute(configured) ? configured : path.join(repoRoot, configured);
+    }
+    return path.join(repoRoot, '.audit_tmp');
+  }
+  safeTempFilePath(repoRoot, displayPath) {
+    const tmpDir = this.resolveAuditTmpDir(repoRoot);
+    const hash = crypto.createHash('sha1').update(String(displayPath)).digest('hex').slice(0, 10);
+    const base = path.basename(displayPath, '.swift');
+    const filename = `${base}.${hash}.staged.swift`;
+    return path.join(tmpDir, filename);
+  }
+  readStagedFileContent(repoRoot, relPath) {
+    try {
+      return execSync(`git show :"${relPath}"`, { encoding: 'utf8', cwd: repoRoot, stdio: ['ignore', 'pipe', 'pipe'] });
+    } catch (error) {
+      if (process.env.DEBUG) {
+        console.debug(`[iOSASTIntelligentAnalyzer] Failed to read staged file ${relPath}: ${error.message}`);
+      }
+      return null;
+    }
+  }
+  checkSourceKitten() {
+    try {
+      execSync(`${this.sourceKittenPath} version`, { stdio: 'pipe' });
+      return true;
+    } catch (error) {
+      if (process.env.DEBUG) {
+        console.debug(`[iOSASTIntelligentAnalyzer] SourceKitten not available at ${this.sourceKittenPath}: ${error.message}`);
+      }
+      return false;
+    }
+  }
+  checkSwiftSyntax() {
+    const projectRoot = require('child_process')
+      .execSync('git rev-parse --show-toplevel', { encoding: 'utf-8' })
+      .trim();
+    const possiblePaths = [
+      path.join(__dirname, '../../../../../CustomLintRules/.build/debug/swift-ast-analyzer'),
+      path.join(projectRoot, 'CustomLintRules/.build/debug/swift-ast-analyzer'),
+      path.join(projectRoot, '.build/debug/swift-ast-analyzer')
+    ];
+    for (const p of possiblePaths) {
+      if (fs.existsSync(p)) {
+        this.swiftSyntaxPath = p;
+        return true;
+      }
+    }
+    return false;
+  }
+  analyzeWithSwiftSyntax(filePath, displayPath = null) {
+    if (!this.swiftSyntaxPath) return;
+    try {
+      const result = execSync(`"${this.swiftSyntaxPath}" "${filePath}"`, {
+        encoding: 'utf8', timeout: 30000, stdio: ['pipe', 'pipe', 'pipe']
+      });
+      const violations = JSON.parse(result);
+      for (const v of violations) {
+        const reportedPath = displayPath || filePath;
+        this.findings.push({
+          ruleId: v.ruleId, severity: v.severity, filePath: reportedPath,
+          line: v.line, column: v.column, message: v.message
+        });
+      }
+    } catch (error) {
+      console.error('[iOSASTIntelligentAnalyzer] Error parsing file:', error.message);
+    }
+  }
+  parseFile(filePath) {
+    if (!this.isAvailable) return null;
+    try {
+      const result = execSync(
+        `${this.sourceKittenPath} structure --file "${filePath}"`,
+        { encoding: 'utf8', timeout: 30000, stdio: ['pipe', 'pipe', 'pipe'] }
+      );
+      return JSON.parse(result);
+    } catch (error) {
+      if (process.env.DEBUG) {
+        console.debug(`[iOSASTIntelligentAnalyzer] SourceKitten parse failed for ${filePath}: ${error.message}`);
+      }
+      return null;
+    }
+  }
   analyzeFile(filePath, options = {}) {
     if (!filePath || !String(filePath).endsWith('.swift')) return;
@@ -43,29 +129,53 @@ class iOSASTIntelligentAnalyzer {
     const displayPath = options.displayPath || filePath;
     const stagedRelPath = options.stagedRelPath || null;
     const stagingOnly = env.get('STAGING_ONLY_MODE', '0') === '1';
-    const auditTmpDir = this.toolchain.resolveAuditTmpDir(repoRoot);
-    const stagedPreparer = new StagedSwiftFilePreparer({ repoRoot, auditTmpDir });
-    const { parsePath, contentOverride } = stagedPreparer.prepare({
-      filePath,
-      stagedRelPath,
-      stagingOnly
-    });
+    let parsePath = filePath;
+    let contentOverride = null;
+    if (stagingOnly && stagedRelPath) {
+      const stagedContent = this.readStagedFileContent(repoRoot, stagedRelPath);
+      if (typeof stagedContent === 'string') {
+        const tmpPath = this.safeTempFilePath(repoRoot, stagedRelPath);
+        try {
+          fs.mkdirSync(path.dirname(tmpPath), { recursive: true });
+          fs.writeFileSync(tmpPath, stagedContent, 'utf8');
+          parsePath = tmpPath;
+          contentOverride = stagedContent;
+        } catch (error) {
+          if (process.env.DEBUG) {
+            console.debug(`[iOSASTIntelligentAnalyzer] Failed to write temp staged file ${tmpPath}: ${error.message}`);
+          }
+          // Fall back to working tree file
+        }
+      }
+    }
     if (this.hasSwiftSyntax) {
-      this.swiftRunner.runSwiftSyntax(parsePath, displayPath, this.findings);
+      this.analyzeWithSwiftSyntax(parsePath, displayPath);
     }
-    const ast = this.swiftRunner.parseSourceKitten(parsePath);
+    const ast = this.parseFile(parsePath);
     if (!ast) return;
-    this.analysisOrchestrator.run({
-      analyzer: this,
-      ast,
-      parsePath,
-      displayPath,
-      contentOverride
-    });
+    this.currentFilePath = displayPath;
+    resetCollections(this);
+    try {
+      this.fileContent = typeof contentOverride === 'string'
+        ? contentOverride
+        : fs.readFileSync(parsePath, 'utf8');
+    } catch (error) {
+      if (process.env.DEBUG) {
+        console.debug(`[iOSASTIntelligentAnalyzer] Failed to read file content ${parsePath}: ${error.message}`);
+      }
+      this.fileContent = '';
+    }
+    const substructure = ast['key.substructure'] || [];
+    collectAllNodes(this, substructure, null);
+    analyzeCollectedNodes(this, displayPath);
   }
   safeStringify(obj) {