pumuki 6.3.265 → 6.3.267
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,13 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## [6.3.267] - 2026-05-14
|
|
4
|
+
|
|
5
|
+
- iOS: `skills.ios.no-dispatchsemaphore` now emits actionable AST-style evidence for `DispatchSemaphore` usage, including exact lines, primary/related nodes and remediation toward `TaskGroup`, `AsyncStream` or explicit async boundaries.
|
|
6
|
+
|
|
7
|
+
## [6.3.266] - 2026-05-14
|
|
8
|
+
|
|
9
|
+
- iOS: `skills.ios.no-dispatchgroup` now emits actionable AST-style evidence for `DispatchGroup` usage, including exact lines, primary/related nodes and remediation toward `TaskGroup` or other Swift concurrency boundaries.
|
|
10
|
+
|
|
3
11
|
## [6.3.265] - 2026-05-14
|
|
4
12
|
|
|
5
13
|
- iOS: `skills.ios.no-dispatchqueue` now emits actionable AST-style evidence for GCD `DispatchQueue` calls, including exact lines, primary/related nodes and remediation toward Swift structured concurrency.
|
|
@@ -15,6 +15,8 @@ import {
|
|
|
15
15
|
collectSwiftXCTUnwrapLines,
|
|
16
16
|
collectSwiftAnyViewLines,
|
|
17
17
|
collectSwiftCallbackStyleSignatureLines,
|
|
18
|
+
collectSwiftDispatchGroupLines,
|
|
19
|
+
collectSwiftDispatchSemaphoreLines,
|
|
18
20
|
hasSwiftAnyViewUsage,
|
|
19
21
|
hasSwiftAsyncWithoutAwaitUsage,
|
|
20
22
|
hasSwiftCallbackStyleSignature,
|
|
@@ -508,6 +510,8 @@ OperationQueue()
|
|
|
508
510
|
assert.equal(hasSwiftDispatchSemaphoreUsage(source), true);
|
|
509
511
|
assert.equal(hasSwiftOperationQueueUsage(source), true);
|
|
510
512
|
assert.deepEqual(collectSwiftDispatchQueueLines(source), [2]);
|
|
513
|
+
assert.deepEqual(collectSwiftDispatchGroupLines(source), [3]);
|
|
514
|
+
assert.deepEqual(collectSwiftDispatchSemaphoreLines(source), [4]);
|
|
511
515
|
});
|
|
512
516
|
|
|
513
517
|
test('hasSwiftTaskDetachedUsage detecta Task.detached y evita Task normal', () => {
|
|
@@ -471,6 +471,10 @@ export const hasSwiftDispatchGroupUsage = (source: string): boolean => {
|
|
|
471
471
|
});
|
|
472
472
|
};
|
|
473
473
|
|
|
474
|
+
export const collectSwiftDispatchGroupLines = (source: string): readonly number[] => {
|
|
475
|
+
return sortedUniqueLines(collectSwiftRegexLines(source, /\bDispatchGroup\b/));
|
|
476
|
+
};
|
|
477
|
+
|
|
474
478
|
export const hasSwiftDispatchSemaphoreUsage = (source: string): boolean => {
|
|
475
479
|
return scanCodeLikeSource(source, ({ source: swiftSource, index, current }) => {
|
|
476
480
|
if (current !== 'D') {
|
|
@@ -481,6 +485,10 @@ export const hasSwiftDispatchSemaphoreUsage = (source: string): boolean => {
|
|
|
481
485
|
});
|
|
482
486
|
};
|
|
483
487
|
|
|
488
|
+
export const collectSwiftDispatchSemaphoreLines = (source: string): readonly number[] => {
|
|
489
|
+
return sortedUniqueLines(collectSwiftRegexLines(source, /\bDispatchSemaphore\b/));
|
|
490
|
+
};
|
|
491
|
+
|
|
484
492
|
export const hasSwiftOperationQueueUsage = (source: string): boolean => {
|
|
485
493
|
return scanCodeLikeSource(source, ({ source: swiftSource, index, current }) => {
|
|
486
494
|
if (current !== 'O') {
|
|
@@ -648,8 +648,8 @@ const textDetectorRegistry: ReadonlyArray<TextDetectorRegistryEntry> = [
|
|
|
648
648
|
{ platform: 'ios', pathCheck: isIOSSwiftPath, excludePaths: [isSwiftTestPath], detect: TextIOS.hasSwiftForceCastUsage, locateLines: TextIOS.collectSwiftForceCastLines, primaryNode: (lines) => ({ kind: 'call', name: 'force cast expression as!', lines }), relatedNodes: (lines) => [{ kind: 'call', name: 'replacement: conditional cast or typed boundary', lines }], why: 'Force cast converts a type mismatch into an unconditional runtime crash instead of preserving a checked domain or presentation boundary.', impact: 'Unexpected payloads, dependency substitutions or navigation models can terminate the app instead of producing a recoverable validation path.', expected_fix: 'Replace as! with as?, guard let, pattern matching, generic constraints, protocol boundaries, or a typed mapper that validates the runtime value explicitly.', ruleId: 'heuristics.ios.force-cast.ast', code: 'HEURISTICS_IOS_FORCE_CAST_AST', message: 'AST heuristic detected force cast usage.' },
|
|
649
649
|
{ platform: 'ios', pathCheck: isIOSSwiftPath, excludePaths: [isSwiftTestPath, isApprovedIOSBridgePath], detect: TextIOS.hasSwiftCallbackStyleSignature, locateLines: TextIOS.collectSwiftCallbackStyleSignatureLines, primaryNode: (lines) => ({ kind: 'call', name: 'escaping callback-style API signature', lines }), relatedNodes: (lines) => [{ kind: 'call', name: 'replacement: async/await API or explicit bridge adapter', lines }], why: 'Callback-style completion APIs outside bridge layers bypass Swift structured concurrency and make cancellation, isolation and error flow implicit.', impact: 'Consumers must reason about escaping lifetime, actor hops and callback ordering manually, which increases race, leak and flaky-test risk in production iOS flows.', expected_fix: 'Expose async/await or AsyncSequence APIs in production boundaries. Keep callbacks only inside approved bridge/adapters that wrap legacy SDKs and document the conversion point explicitly.', ruleId: 'heuristics.ios.callback-style.ast', code: 'HEURISTICS_IOS_CALLBACK_STYLE_AST', message: 'AST heuristic detected callback-style API signature outside bridge layers.' },
|
|
650
650
|
{ platform: 'ios', pathCheck: isIOSSwiftPath, excludePaths: [isSwiftTestPath], detect: TextIOS.hasSwiftDispatchQueueUsage, locateLines: TextIOS.collectSwiftDispatchQueueLines, primaryNode: (lines) => ({ kind: 'call', name: 'GCD DispatchQueue call', lines }), relatedNodes: (lines) => [{ kind: 'call', name: 'replacement: structured concurrency Task/actor/MainActor boundary', lines }], why: 'DispatchQueue introduces unstructured GCD scheduling in production Swift code instead of preserving Swift concurrency cancellation, priority and actor isolation semantics.', impact: 'Manual queue hops make ordering, cancellation and main-actor safety harder to reason about, increasing race and flaky UI update risk.', expected_fix: 'Use async/await, Task, TaskGroup, actors, MainActor.run or isolated async APIs. Keep GCD only inside explicitly approved legacy bridge layers with documented ownership.', ruleId: 'heuristics.ios.dispatchqueue.ast', code: 'HEURISTICS_IOS_DISPATCHQUEUE_AST', message: 'AST heuristic detected DispatchQueue usage.' },
|
|
651
|
-
{ platform: 'ios', pathCheck: isIOSSwiftPath, excludePaths: [isSwiftTestPath], detect: TextIOS.hasSwiftDispatchGroupUsage, ruleId: 'heuristics.ios.dispatchgroup.ast', code: 'HEURISTICS_IOS_DISPATCHGROUP_AST', message: 'AST heuristic detected DispatchGroup usage.' },
|
|
652
|
-
{ platform: 'ios', pathCheck: isIOSSwiftPath, excludePaths: [isSwiftTestPath], detect: TextIOS.hasSwiftDispatchSemaphoreUsage, ruleId: 'heuristics.ios.dispatchsemaphore.ast', code: 'HEURISTICS_IOS_DISPATCHSEMAPHORE_AST', message: 'AST heuristic detected DispatchSemaphore usage.' },
|
|
651
|
+
{ platform: 'ios', pathCheck: isIOSSwiftPath, excludePaths: [isSwiftTestPath], detect: TextIOS.hasSwiftDispatchGroupUsage, locateLines: TextIOS.collectSwiftDispatchGroupLines, primaryNode: (lines) => ({ kind: 'call', name: 'GCD DispatchGroup call', lines }), relatedNodes: (lines) => [{ kind: 'call', name: 'replacement: structured concurrency TaskGroup or async aggregation boundary', lines }], why: 'DispatchGroup is an unstructured coordination primitive that makes asynchronous control flow and cancellation implicit instead of modeled by Swift concurrency.', impact: 'Group coordination is harder to reason about and can hide waiting or deadlock risks in production code paths that should be expressed through TaskGroup or async aggregation.', expected_fix: 'Use TaskGroup, async let, await aggregation, actors or explicit async APIs. Keep DispatchGroup only inside approved legacy bridge layers with documented ownership and migration scope.', ruleId: 'heuristics.ios.dispatchgroup.ast', code: 'HEURISTICS_IOS_DISPATCHGROUP_AST', message: 'AST heuristic detected DispatchGroup usage.' },
|
|
652
|
+
{ platform: 'ios', pathCheck: isIOSSwiftPath, excludePaths: [isSwiftTestPath], detect: TextIOS.hasSwiftDispatchSemaphoreUsage, locateLines: TextIOS.collectSwiftDispatchSemaphoreLines, primaryNode: (lines) => ({ kind: 'call', name: 'GCD DispatchSemaphore call', lines }), relatedNodes: (lines) => [{ kind: 'call', name: 'replacement: structured concurrency TaskGroup, AsyncStream or explicit async boundary', lines }], why: 'DispatchSemaphore is a blocking synchronization primitive that hides ordering and backpressure behind manual waits instead of Swift concurrency boundaries.', impact: 'Semaphore waits can stall threads, obscure cancellation and create deadlock-prone coordination in production code paths that should remain async.', expected_fix: 'Use TaskGroup, AsyncStream, async/await or explicit async boundaries. Keep DispatchSemaphore only inside approved legacy bridge layers with documented ownership and bounded waiting.', ruleId: 'heuristics.ios.dispatchsemaphore.ast', code: 'HEURISTICS_IOS_DISPATCHSEMAPHORE_AST', message: 'AST heuristic detected DispatchSemaphore usage.' },
|
|
653
653
|
{ platform: 'ios', pathCheck: isIOSSwiftPath, excludePaths: [isSwiftTestPath], detect: TextIOS.hasSwiftOperationQueueUsage, ruleId: 'heuristics.ios.operation-queue.ast', code: 'HEURISTICS_IOS_OPERATION_QUEUE_AST', message: 'AST heuristic detected OperationQueue usage.' },
|
|
654
654
|
{ platform: 'ios', pathCheck: isIOSSwiftPath, excludePaths: [isSwiftTestPath], detect: TextIOS.hasSwiftTaskDetachedUsage, ruleId: 'heuristics.ios.task-detached.ast', code: 'HEURISTICS_IOS_TASK_DETACHED_AST', message: 'AST heuristic detected Task.detached usage.' },
|
|
655
655
|
{ platform: 'ios', pathCheck: isIOSSwiftPath, excludePaths: [isSwiftTestPath], detect: TextIOS.hasSwiftAsyncWithoutAwaitUsage, ruleId: 'heuristics.ios.concurrency.async-without-await.ast', code: 'HEURISTICS_IOS_CONCURRENCY_ASYNC_WITHOUT_AWAIT_AST', message: 'AST heuristic detected a private async function without await; remove async unless a protocol/override boundary requires it.' },
|
|
@@ -6,6 +6,14 @@ This file keeps only the operational highlights and rollout notes that matter wh
|
|
|
6
6
|
|
|
7
7
|
## 2026-04 (CLI stability and macOS notifications)
|
|
8
8
|
|
|
9
|
+
### 2026-05-14 (v6.3.267)
|
|
10
|
+
|
|
11
|
+
- Published `pumuki@6.3.267` with AST-style line/node evidence for `skills.ios.no-dispatchsemaphore`, making `DispatchSemaphore` usage remediable through `TaskGroup`, `AsyncStream` or explicit async boundaries.
|
|
12
|
+
|
|
13
|
+
### 2026-05-14 (v6.3.266)
|
|
14
|
+
|
|
15
|
+
- Published `pumuki@6.3.266` with AST-style line/node evidence for `skills.ios.no-dispatchgroup`, making GCD `DispatchGroup` usage remediable through `TaskGroup` or structured async aggregation boundaries.
|
|
16
|
+
|
|
9
17
|
### 2026-05-14 (v6.3.265)
|
|
10
18
|
|
|
11
19
|
- Published `pumuki@6.3.265` with AST-style line/node evidence for `skills.ios.no-dispatchqueue`, making GCD `DispatchQueue` usage remediable through Swift structured concurrency, actors, `Task` or `MainActor` boundaries.
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "pumuki",
|
|
3
|
-
"version": "6.3.
|
|
3
|
+
"version": "6.3.267",
|
|
4
4
|
"description": "Enterprise-grade AST Intelligence System with multi-platform support (iOS, Android, Backend, Frontend) and Feature-First + DDD + Clean Architecture enforcement. Includes dynamic violations API for intelligent querying.",
|
|
5
5
|
"main": "index.js",
|
|
6
6
|
"bin": {
|