npm - pumuki - Versions diffs - 6.3.183 → 6.3.185 - Mend

pumuki 6.3.183 → 6.3.185

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (10) hide show

package/VERSION +1 -1
package/core/facts/detectors/text/android.test.ts +76 -0
package/core/facts/detectors/text/android.ts +17 -0
package/core/facts/extractHeuristicFacts.ts +2 -0
package/core/rules/presets/heuristics/android.test.ts +11 -1
package/core/rules/presets/heuristics/android.ts +40 -0
package/docs/codex-skills/android-enterprise-rules.md +3 -1
package/integrations/config/skillsDetectorRegistry.ts +8 -0
package/package.json +1 -1
package/skills.lock.json +1 -1

package/VERSION CHANGED Viewed

	@@ -1 +1 @@
1	- v6.3.~~183~~
1	+ v6.3.185

package/core/facts/detectors/text/android.test.ts CHANGED Viewed

@@ -6,10 +6,12 @@ import {
   findKotlinLiskovSubstitutionMatch,
   findKotlinOpenClosedWhenMatch,
   findKotlinPresentationSrpMatch,
+  hasKotlinCoroutineTryCatchUsage,
   hasKotlinDispatcherMainBoundaryLeakUsage,
   hasKotlinGlobalScopeUsage,
   hasKotlinHardcodedBackgroundDispatcherUsage,
   hasKotlinLiveDataStateExposureUsage,
+  hasKotlinWithContextUsage,
   hasKotlinManualCoroutineScopeInViewModelUsage,
   hasKotlinRunBlockingUsage,
   hasKotlinSupervisorScopeUsage,
@@ -192,6 +194,33 @@ class SyncOrdersUseCase {
   assert.equal(hasKotlinHardcodedBackgroundDispatcherUsage(source), false);
 });
+test('hasKotlinWithContextUsage detecta withContext con dispatcher y con generics', () => {
+  const dispatcherSource = `
+class SyncOrdersUseCase {
+  suspend fun execute() = withContext(Dispatchers.IO) { syncRemote() }
+}
+`;
+  const genericSource = `
+class SyncOrdersUseCase {
+  suspend fun execute() = withContext<Unit>(dispatcher) { syncRemote() }
+}
+`;
+  assert.equal(hasKotlinWithContextUsage(dispatcherSource), true);
+  assert.equal(hasKotlinWithContextUsage(genericSource), true);
+});
+test('hasKotlinWithContextUsage ignora imports, comentarios, strings y nombres parciales', () => {
+  const source = `
+import kotlinx.coroutines.withContext
+// withContext(Dispatchers.IO) { }
+val sample = "withContext(Dispatchers.Default)"
+class SyncOrdersUseCase {
+  suspend fun execute() = customWithContext(dispatcher) { syncRemote() }
+}
+`;
+  assert.equal(hasKotlinWithContextUsage(source), false);
+});
 test('hasKotlinSupervisorScopeUsage detecta supervisorScope con parentesis y llaves', () => {
   const parenthesesSource = `
 class SyncOrdersUseCase {
@@ -223,6 +252,53 @@ class SyncOrdersUseCase {
   assert.equal(hasKotlinSupervisorScopeUsage(source), false);
 });
+test('hasKotlinCoroutineTryCatchUsage detecta try-catch dentro de contexto coroutine', () => {
+  const suspendSource = `
+class SyncOrdersUseCase {
+  suspend fun execute() {
+    try {
+      syncRemote()
+    } catch (error: IOException) {
+      recover(error)
+    }
+  }
+}
+`;
+  const launchSource = `
+class SyncOrdersUseCase {
+  fun execute() {
+    launch {
+      try {
+        syncRemote()
+      } catch (error: IOException) {
+        recover(error)
+      }
+    }
+  }
+}
+`;
+  assert.equal(hasKotlinCoroutineTryCatchUsage(suspendSource), true);
+  assert.equal(hasKotlinCoroutineTryCatchUsage(launchSource), true);
+});
+test('hasKotlinCoroutineTryCatchUsage ignora imports, comentarios, strings y try-catch no coroutine', () => {
+  const source = `
+import kotlin.runCatching
+// suspend fun execute() { try { syncRemote() } catch (error: IOException) { recover(error) } }
+val sample = "try { syncRemote() } catch (error: IOException) { recover(error) }"
+class SyncOrdersUseCase {
+  fun execute() {
+    try {
+      syncRemote()
+    } catch (error: IOException) {
+      recover(error)
+    }
+  }
+}
+`;
+  assert.equal(hasKotlinCoroutineTryCatchUsage(source), false);
+});
 test('findKotlinPresentationSrpMatch devuelve payload semantico para SRP-Android en presentation', () => {
   const source = `
 import android.content.SharedPreferences

package/core/facts/detectors/text/android.ts CHANGED Viewed

@@ -259,10 +259,27 @@ export const hasKotlinHardcodedBackgroundDispatcherUsage = (source: string): boo
   return collectKotlinRegexLines(source, /\bDispatchers\s*\.\s*(?:IO|Default)\b/).length > 0;
 };
+export const hasKotlinWithContextUsage = (source: string): boolean => {
+  return collectKotlinRegexLines(source, /\bwithContext\s*(?:<[^>\n]+>\s*)?\(/).length > 0;
+};
 export const hasKotlinSupervisorScopeUsage = (source: string): boolean => {
   return collectKotlinRegexLines(source, /\bsupervisorScope\s*(?:<[^>\n]+>\s*)?(?:\(|\{)/).length > 0;
 };
+export const hasKotlinCoroutineTryCatchUsage = (source: string): boolean => {
+  const sanitizedSource = source
+    .split(/\r?\n/)
+    .map((line) => stripKotlinLineForSemanticScan(line))
+    .filter((line) => !line.trimStart().startsWith('import '))
+    .join('\n');
+  return (
+    /\btry\s*\{[\s\S]*\bcatch\s*\(/.test(sanitizedSource) &&
+    /\b(?:suspend\s+fun|launch\s*\{|async\s*\{|withContext\s*\(|supervisorScope\s*(?:<[^>\n]+>\s*)?(?:\(|\{))/.test(sanitizedSource)
+  );
+};
 export const hasKotlinThreadSleepCall = (source: string): boolean => {
   return scanCodeLikeSource(source, ({ source: kotlinSource, index, current }) => {
     if (current !== 'T') {

package/core/facts/extractHeuristicFacts.ts CHANGED Viewed

@@ -649,7 +649,9 @@ const textDetectorRegistry: ReadonlyArray<TextDetectorRegistryEntry> = [
   { platform: 'android', pathCheck: isAndroidPresentationPath, excludePaths: [isKotlinTestPath], detect: TextAndroid.hasKotlinManualCoroutineScopeInViewModelUsage, ruleId: 'heuristics.android.coroutines.manual-scope-in-viewmodel.ast', code: 'HEURISTICS_ANDROID_COROUTINES_MANUAL_SCOPE_IN_VIEWMODEL_AST', message: 'AST heuristic detected manual CoroutineScope inside an Android ViewModel where viewModelScope should be preferred.' },
   { platform: 'android', pathCheck: isAndroidNonPresentationKotlinPath, excludePaths: [isKotlinTestPath], detect: TextAndroid.hasKotlinDispatcherMainBoundaryLeakUsage, ruleId: 'heuristics.android.coroutines.dispatchers-main-boundary-leak.ast', code: 'HEURISTICS_ANDROID_COROUTINES_DISPATCHERS_MAIN_BOUNDARY_LEAK_AST', message: 'AST heuristic detected Dispatchers.Main outside Android presentation code.' },
   { platform: 'android', pathCheck: isAndroidDomainOrApplicationPath, excludePaths: [isKotlinTestPath], detect: TextAndroid.hasKotlinHardcodedBackgroundDispatcherUsage, ruleId: 'heuristics.android.coroutines.hardcoded-background-dispatcher.ast', code: 'HEURISTICS_ANDROID_COROUTINES_HARDCODED_BACKGROUND_DISPATCHER_AST', message: 'AST heuristic detected hard-coded Dispatchers.IO or Dispatchers.Default in Android domain/application code.' },
+  { platform: 'android', pathCheck: isAndroidDomainOrApplicationPath, excludePaths: [isKotlinTestPath], detect: TextAndroid.hasKotlinWithContextUsage, ruleId: 'heuristics.android.coroutines.with-context.ast', code: 'HEURISTICS_ANDROID_COROUTINES_WITH_CONTEXT_AST', message: 'AST heuristic detected withContext usage in Android domain/application code.' },
   { platform: 'android', pathCheck: isAndroidDomainOrApplicationPath, excludePaths: [isKotlinTestPath], detect: TextAndroid.hasKotlinSupervisorScopeUsage, ruleId: 'heuristics.android.coroutines.supervisor-scope.ast', code: 'HEURISTICS_ANDROID_COROUTINES_SUPERVISOR_SCOPE_AST', message: 'AST heuristic detected supervisorScope usage in Android domain/application code.' },
+  { platform: 'android', pathCheck: isAndroidDomainOrApplicationPath, excludePaths: [isKotlinTestPath], detect: TextAndroid.hasKotlinCoroutineTryCatchUsage, ruleId: 'heuristics.android.coroutines.try-catch.ast', code: 'HEURISTICS_ANDROID_COROUTINES_TRY_CATCH_AST', message: 'AST heuristic detected try-catch handling in Android coroutine code.' },
 ];
 const extractWorkflowHeuristicFacts = (

package/core/rules/presets/heuristics/android.test.ts CHANGED Viewed

@@ -3,7 +3,7 @@ import test from 'node:test';
 import { androidRules } from './android';
 test('androidRules define reglas heurísticas locked para plataforma android', () => {
-  assert.equal(androidRules.length, 13);
+  assert.equal(androidRules.length, 15);
   const ids = androidRules.map((rule) => rule.id);
   assert.deepEqual(ids, [
@@ -14,7 +14,9 @@ test('androidRules define reglas heurísticas locked para plataforma android', (
     'heuristics.android.coroutines.manual-scope-in-viewmodel.ast',
     'heuristics.android.coroutines.dispatchers-main-boundary-leak.ast',
     'heuristics.android.coroutines.hardcoded-background-dispatcher.ast',
+    'heuristics.android.coroutines.with-context.ast',
     'heuristics.android.coroutines.supervisor-scope.ast',
+    'heuristics.android.coroutines.try-catch.ast',
     'heuristics.android.solid.srp.presentation-mixed-responsibilities.ast',
     'heuristics.android.solid.ocp.discriminator-branching.ast',
     'heuristics.android.solid.dip.concrete-framework-dependency.ast',
@@ -61,10 +63,18 @@ test('androidRules define reglas heurísticas locked para plataforma android', (
     byId.get('heuristics.android.coroutines.hardcoded-background-dispatcher.ast')?.then.code,
     'HEURISTICS_ANDROID_COROUTINES_HARDCODED_BACKGROUND_DISPATCHER_AST'
   );
+  assert.equal(
+    byId.get('heuristics.android.coroutines.with-context.ast')?.then.code,
+    'HEURISTICS_ANDROID_COROUTINES_WITH_CONTEXT_AST'
+  );
   assert.equal(
     byId.get('heuristics.android.coroutines.supervisor-scope.ast')?.then.code,
     'HEURISTICS_ANDROID_COROUTINES_SUPERVISOR_SCOPE_AST'
   );
+  assert.equal(
+    byId.get('heuristics.android.coroutines.try-catch.ast')?.then.code,
+    'HEURISTICS_ANDROID_COROUTINES_TRY_CATCH_AST'
+  );
   assert.equal(
     byId.get('heuristics.android.solid.srp.presentation-mixed-responsibilities.ast')?.then.code,
     'HEURISTICS_ANDROID_SOLID_SRP_PRESENTATION_MIXED_RESPONSIBILITIES_AST'

package/core/rules/presets/heuristics/android.ts CHANGED Viewed

@@ -135,6 +135,26 @@ export const androidRules: RuleSet = [
       code: 'HEURISTICS_ANDROID_COROUTINES_HARDCODED_BACKGROUND_DISPATCHER_AST',
     },
   },
+  {
+    id: 'heuristics.android.coroutines.with-context.ast',
+    description:
+      'Detects withContext usage in Android domain/application code.',
+    severity: 'WARN',
+    platform: 'android',
+    locked: true,
+    when: {
+      kind: 'Heuristic',
+      where: {
+        ruleId: 'heuristics.android.coroutines.with-context.ast',
+      },
+    },
+    then: {
+      kind: 'Finding',
+      message:
+        'AST heuristic detected withContext usage in Android domain/application code.',
+      code: 'HEURISTICS_ANDROID_COROUTINES_WITH_CONTEXT_AST',
+    },
+  },
   {
     id: 'heuristics.android.coroutines.supervisor-scope.ast',
     description:
@@ -155,6 +175,26 @@ export const androidRules: RuleSet = [
       code: 'HEURISTICS_ANDROID_COROUTINES_SUPERVISOR_SCOPE_AST',
     },
   },
+  {
+    id: 'heuristics.android.coroutines.try-catch.ast',
+    description:
+      'Detects try-catch error handling in Android coroutine code.',
+    severity: 'WARN',
+    platform: 'android',
+    locked: true,
+    when: {
+      kind: 'Heuristic',
+      where: {
+        ruleId: 'heuristics.android.coroutines.try-catch.ast',
+      },
+    },
+    then: {
+      kind: 'Finding',
+      message:
+        'AST heuristic detected try-catch handling in Android coroutine code.',
+      code: 'HEURISTICS_ANDROID_COROUTINES_TRY_CATCH_AST',
+    },
+  },
   {
     id: 'heuristics.android.solid.srp.presentation-mixed-responsibilities.ast',
     description:

package/docs/codex-skills/android-enterprise-rules.md CHANGED Viewed

@@ -126,8 +126,10 @@ app/
 ✅ `skills.android.guideline.android.coroutines-async-await-no-callbacks` debe mapear a señales ejecutables existentes de uso inseguro de coroutines, empezando por `GlobalScope` y `runBlocking`.
 ✅ `skills.android.guideline.android.viewmodelscope-scope-de-viewmodel-cancelado-automa-ticamente` debe mapear a señales ejecutables de scopes manuales dentro de `ViewModel`, empezando por `CoroutineScope(...)` construido en presentation.
 ✅ `skills.android.guideline.android.dispatchers-main-ui-io-network-disk-default-cpu` debe mapear a señales ejecutables de dispatchers mal ubicados: `Dispatchers.Main` fuera de `presentation` y `Dispatchers.IO` / `Dispatchers.Default` hardcodeados en `domain` o `application` en lugar de entrar por frontera inyectable.
+✅ `skills.android.guideline.android.withcontext-cambiar-dispatcher` debe mapear a señal ejecutable de `withContext` en `domain` o `application`.
 ✅ `skills.android.guideline.android.supervisorscope-errores-no-cancelan-otros-jobs` debe mapear a señal ejecutable de `supervisorScope` en `domain` o `application`.
-✅ El baseline inicial de coroutines es parcial: cubre APIs bloqueantes, scopes no estructurados, scopes manuales en `ViewModel`, filtraciones de `Dispatchers.Main`, hardcode de dispatchers de background en dominio/aplicación y `supervisorScope`, pero no declara todavía cobertura completa de `Flow`, dispatchers, try-catch ni cancelación cooperativa.
+✅ `skills.android.guideline.android.try-catch-manejo-de-errores-en-coroutines` debe mapear a señal ejecutable de `try/catch` dentro de código coroutine en `domain` o `application`.
+✅ El baseline inicial de coroutines es parcial: cubre APIs bloqueantes, scopes no estructurados, scopes manuales en `ViewModel`, filtraciones de `Dispatchers.Main`, hardcode de dispatchers de background en dominio/aplicación, `withContext`, `supervisorScope` y `try/catch` en coroutines, pero no declara todavía cobertura completa de `Flow`, dispatchers ni cancelación cooperativa.
 ✅ Si se amplía esta cobertura, cada nueva regla debe aterrizar como detector AST/textual semántico con test dirigido antes de declararse cubierta en el registry.
 ### Enforcement AST inicial de Flow/StateFlow Android

package/integrations/config/skillsDetectorRegistry.ts CHANGED Viewed

@@ -231,10 +231,18 @@ const registryByRuleId: Record<string, SkillsDetectorBinding> = {
       'heuristics.android.coroutines.hardcoded-background-dispatcher.ast',
     ]
   ),
+  'skills.android.guideline.android.withcontext-cambiar-dispatcher': heuristicDetector(
+    'android.coroutines.with-context',
+    ['heuristics.android.coroutines.with-context.ast']
+  ),
   'skills.android.guideline.android.supervisorscope-errores-no-cancelan-otros-jobs': heuristicDetector(
     'android.coroutines.supervisor-scope',
     ['heuristics.android.coroutines.supervisor-scope.ast']
   ),
+  'skills.android.guideline.android.try-catch-manejo-de-errores-en-coroutines': heuristicDetector(
+    'android.coroutines.try-catch',
+    ['heuristics.android.coroutines.try-catch.ast']
+  ),
   'skills.android.guideline.android.stateflow-estado-mutable-observable': heuristicDetector(
     'android.flow.state-exposure',
     ['heuristics.android.flow.livedata-state-exposure.ast']

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "pumuki",
-  "version": "6.3.183",
+  "version": "6.3.185",
   "description": "Enterprise-grade AST Intelligence System with multi-platform support (iOS, Android, Backend, Frontend) and Feature-First + DDD + Clean Architecture enforcement. Includes dynamic violations API for intelligent querying.",
   "main": "index.js",
   "bin": {

package/skills.lock.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "version": "1.0",
   "compilerVersion": "1.0.0",
-  "generatedAt": "2026-05-12T20:42:36.407Z",
+  "generatedAt": "2026-05-12T20:54:35.698Z",
   "bundles": [
     {
       "name": "android-guidelines",