shiplint 0.1.0

package/dist/parsers/workspace-parser.d.ts

@@ -0,0 +1,82 @@
+/**
+ * A project reference extracted from workspace data
+ */
+export interface WorkspaceProjectRef {
+    /** The location string as it appears in the XML (e.g., "group:MyApp/MyApp.xcodeproj") */
+    rawLocation: string;
+    /** The location type (group, absolute, container, self) */
+    locationType: 'group' | 'absolute' | 'container' | 'self' | 'unknown';
+    /** The relative or absolute path to the project */
+    projectPath: string;
+    /** Whether this is a Pods project (dependency, not the main app) */
+    isPods: boolean;
+    /** Whether this is a test/example project (by path heuristics) */
+    isTestOrExample: boolean;
+    /** Product type priority score (higher = better candidate for main app) */
+    productTypePriority?: number;
+    /** Main target product type (e.g., "com.apple.product-type.application") */
+    productType?: string;
+    /** Whether the main target is an application (by productType) */
+    isApplication?: boolean;
+    /** Whether the main target is a test target (by productType) */
+    isTestTarget?: boolean;
+}
+/**
+ * Parsed workspace data
+ */
+export interface ParsedWorkspace {
+    /** Version from the Workspace element */
+    version: string;
+    /** All project references found */
+    projectRefs: WorkspaceProjectRef[];
+    /** Main project refs (excluding Pods, tests, examples) */
+    mainProjectRefs: WorkspaceProjectRef[];
+}
+/**
+ * Parses the contents.xcworkspacedata file
+ *
+ * The file is XML with structure:
+ * ```xml
+ * <?xml version="1.0" encoding="UTF-8"?>
+ * <Workspace version="1.0">
+ *    <FileRef location="group:MyApp/MyApp.xcodeproj"/>
+ *    <FileRef location="group:Pods/Pods.xcodeproj"/>
+ * </Workspace>
+ * ```
+ *
+ * Location types:
+ * - group: relative to workspace directory
+ * - absolute: absolute filesystem path
+ * - container: relative to containing project (rare)
+ * - self: the workspace itself (rare)
+ */
+export declare function parseWorkspaceData(workspacePath: string): ParsedWorkspace;
+/**
+ * Parses workspace data from a string (for testing)
+ */
+export declare function parseWorkspaceDataString(content: string): ParsedWorkspace;
+/**
+ * Resolves a workspace project reference to an absolute path
+ *
+ * @param ref The project reference
+ * @param workspaceDir Directory containing the .xcworkspace
+ * @returns Absolute path to the .xcodeproj, or undefined if not resolvable
+ */
+export declare function resolveProjectRef(ref: WorkspaceProjectRef, workspaceDir: string): string | undefined;
+/**
+ * Given a workspace path, returns the main project paths
+ *
+ * This is the primary API for discovering projects in a workspace.
+ * It parses the workspace data and resolves the main project references.
+ *
+ * P1/P2 Fix: Now uses product type for scoring, not name heuristics.
+ * Projects are sorted by:
+ * 1. Product type priority (applications first)
+ * 2. Not being Pods
+ * 3. Not being a test target (by productType)
+ *
+ * @param workspacePath Path to .xcworkspace directory
+ * @returns Array of absolute paths to .xcodeproj directories
+ */
+export declare function getWorkspaceProjects(workspacePath: string): string[];
+//# sourceMappingURL=workspace-parser.d.ts.map

package/dist/parsers/workspace-parser.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"workspace-parser.d.ts","sourceRoot":"","sources":["../../src/parsers/workspace-parser.ts"],"names":[],"mappings":"AAkBA;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,yFAAyF;IACzF,WAAW,EAAE,MAAM,CAAC;IACpB,2DAA2D;IAC3D,YAAY,EAAE,OAAO,GAAG,UAAU,GAAG,WAAW,GAAG,MAAM,GAAG,SAAS,CAAC;IACtE,mDAAmD;IACnD,WAAW,EAAE,MAAM,CAAC;IACpB,oEAAoE;IACpE,MAAM,EAAE,OAAO,CAAC;IAChB,kEAAkE;IAClE,eAAe,EAAE,OAAO,CAAC;IACzB,2EAA2E;IAC3E,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,4EAA4E;IAC5E,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,iEAAiE;IACjE,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,gEAAgE;IAChE,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,yCAAyC;IACzC,OAAO,EAAE,MAAM,CAAC;IAChB,mCAAmC;IACnC,WAAW,EAAE,mBAAmB,EAAE,CAAC;IACnC,0DAA0D;IAC1D,eAAe,EAAE,mBAAmB,EAAE,CAAC;CACxC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,kBAAkB,CAAC,aAAa,EAAE,MAAM,GAAG,eAAe,CAsBzE;AAED;;GAEG;AACH,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,MAAM,GAAG,eAAe,CA8BzE;AA4DD;;;;;;GAMG;AACH,wBAAgB,iBAAiB,CAC/B,GAAG,EAAE,mBAAmB,EACxB,YAAY,EAAE,MAAM,GACnB,MAAM,GAAG,SAAS,CAgBpB;AAkCD;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,oBAAoB,CAAC,aAAa,EAAE,MAAM,GAAG,MAAM,EAAE,CAoEpE"}

package/dist/parsers/workspace-parser.js

@@ -0,0 +1,287 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseWorkspaceData = parseWorkspaceData;
+exports.parseWorkspaceDataString = parseWorkspaceDataString;
+exports.resolveProjectRef = resolveProjectRef;
+exports.getWorkspaceProjects = getWorkspaceProjects;
+/**
+ * Parser for Xcode workspace files
+ *
+ * Parses contents.xcworkspacedata to extract project references.
+ * This allows us to find the correct project(s) instead of relying
+ * on directory heuristics that can pick the wrong project in monorepos.
+ *
+ * P1/P2 Fix: Now uses product type for scoring instead of name-based heuristics.
+ */
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const pbxproj_parser_js_1 = require("./pbxproj-parser.js");
+/**
+ * Parses the contents.xcworkspacedata file
+ *
+ * The file is XML with structure:
+ * ```xml
+ * <?xml version="1.0" encoding="UTF-8"?>
+ * <Workspace version="1.0">
+ *    <FileRef location="group:MyApp/MyApp.xcodeproj"/>
+ *    <FileRef location="group:Pods/Pods.xcodeproj"/>
+ * </Workspace>
+ * ```
+ *
+ * Location types:
+ * - group: relative to workspace directory
+ * - absolute: absolute filesystem path
+ * - container: relative to containing project (rare)
+ * - self: the workspace itself (rare)
+ */
+function parseWorkspaceData(workspacePath) {
+    // Find the contents.xcworkspacedata file
+    let dataPath;
+    if (workspacePath.endsWith('.xcworkspace')) {
+        dataPath = path.join(workspacePath, 'contents.xcworkspacedata');
+    }
+    else if (workspacePath.endsWith('contents.xcworkspacedata')) {
+        dataPath = workspacePath;
+    }
+    else {
+        throw new Error(`Invalid workspace path: ${workspacePath}`);
+    }
+    if (!fs.existsSync(dataPath)) {
+        // Return empty result if no workspace data file
+        return {
+            version: '',
+            projectRefs: [],
+            mainProjectRefs: [],
+        };
+    }
+    const content = fs.readFileSync(dataPath, 'utf-8');
+    return parseWorkspaceDataString(content);
+}
+/**
+ * Parses workspace data from a string (for testing)
+ */
+function parseWorkspaceDataString(content) {
+    // Extract version from Workspace element
+    const versionMatch = content.match(/<Workspace\s+version="([^"]+)"/);
+    const version = versionMatch ? versionMatch[1] : '';
+    // Extract all FileRef locations
+    const fileRefRegex = /<FileRef\s+location="([^"]+)"\s*\/>/g;
+    const projectRefs = [];
+    let match;
+    while ((match = fileRefRegex.exec(content)) !== null) {
+        const rawLocation = match[1];
+        const ref = parseLocationString(rawLocation);
+        // Only include .xcodeproj references
+        if (ref.projectPath.endsWith('.xcodeproj')) {
+            projectRefs.push(ref);
+        }
+    }
+    // Filter to main projects (non-Pods, non-test, non-example)
+    const mainProjectRefs = projectRefs.filter(ref => !ref.isPods && !ref.isTestOrExample);
+    return {
+        version,
+        projectRefs,
+        mainProjectRefs,
+    };
+}
+/**
+ * Parses a location string into its components
+ */
+function parseLocationString(rawLocation) {
+    // Split on first colon
+    const colonIndex = rawLocation.indexOf(':');
+    let locationType;
+    let projectPath;
+    if (colonIndex === -1) {
+        // No colon = treat as relative path
+        locationType = 'unknown';
+        projectPath = rawLocation;
+    }
+    else {
+        const typeStr = rawLocation.substring(0, colonIndex);
+        projectPath = rawLocation.substring(colonIndex + 1);
+        switch (typeStr) {
+            case 'group':
+                locationType = 'group';
+                break;
+            case 'absolute':
+                locationType = 'absolute';
+                break;
+            case 'container':
+                locationType = 'container';
+                break;
+            case 'self':
+                locationType = 'self';
+                break;
+            default:
+                locationType = 'unknown';
+        }
+    }
+    // Detect Pods projects
+    const isPods = projectPath.includes('Pods.xcodeproj') ||
+        projectPath.includes('/Pods/') ||
+        projectPath.startsWith('Pods/');
+    // Detect test/example projects by path segments (not substring)
+    // This avoids false positives like "BestApp", "ContestManager", "LatestNews"
+    const pathSegments = projectPath.toLowerCase().split('/');
+    const testKeywords = ['test', 'tests', 'example', 'examples', 'demo', 'demos', 'sample', 'samples'];
+    const isTestOrExample = pathSegments.some(segment => testKeywords.some(keyword => segment === keyword || segment.endsWith('tests') || segment.endsWith('test')));
+    return {
+        rawLocation,
+        locationType,
+        projectPath,
+        isPods,
+        isTestOrExample,
+    };
+}
+/**
+ * Resolves a workspace project reference to an absolute path
+ *
+ * @param ref The project reference
+ * @param workspaceDir Directory containing the .xcworkspace
+ * @returns Absolute path to the .xcodeproj, or undefined if not resolvable
+ */
+function resolveProjectRef(ref, workspaceDir) {
+    switch (ref.locationType) {
+        case 'group':
+            // Relative to workspace parent directory
+            return path.resolve(workspaceDir, ref.projectPath);
+        case 'absolute':
+            // Already absolute
+            return ref.projectPath;
+        case 'container':
+        case 'self':
+        case 'unknown':
+            // Try as relative path
+            return path.resolve(workspaceDir, ref.projectPath);
+    }
+}
+/**
+ * Enrich a project reference with product type info by parsing its pbxproj
+ *
+ * @param ref The project reference
+ * @param resolvedPath The resolved absolute path to the .xcodeproj
+ */
+function enrichProjectRefWithProductType(ref, resolvedPath) {
+    const pbxprojPath = path.join(resolvedPath, 'project.pbxproj');
+    if (!fs.existsSync(pbxprojPath)) {
+        return;
+    }
+    try {
+        const content = fs.readFileSync(pbxprojPath, 'utf-8');
+        const projectName = path.basename(resolvedPath).replace('.xcodeproj', '');
+        const productType = (0, pbxproj_parser_js_1.getMainTargetProductType)(content, projectName);
+        if (productType) {
+            ref.productType = productType;
+            ref.productTypePriority = (0, pbxproj_parser_js_1.getProductTypePriority)(productType);
+            ref.isApplication = (0, pbxproj_parser_js_1.isApplicationType)(productType);
+            ref.isTestTarget = (0, pbxproj_parser_js_1.isTestType)(productType);
+        }
+    }
+    catch {
+        // Ignore parsing errors - fall back to path heuristics
+    }
+}
+/**
+ * Given a workspace path, returns the main project paths
+ *
+ * This is the primary API for discovering projects in a workspace.
+ * It parses the workspace data and resolves the main project references.
+ *
+ * P1/P2 Fix: Now uses product type for scoring, not name heuristics.
+ * Projects are sorted by:
+ * 1. Product type priority (applications first)
+ * 2. Not being Pods
+ * 3. Not being a test target (by productType)
+ *
+ * @param workspacePath Path to .xcworkspace directory
+ * @returns Array of absolute paths to .xcodeproj directories
+ */
+function getWorkspaceProjects(workspacePath) {
+    const workspaceDir = workspacePath.endsWith('.xcworkspace')
+        ? path.dirname(workspacePath)
+        : path.dirname(path.dirname(workspacePath));
+    const parsed = parseWorkspaceData(workspacePath);
+    // Resolve all project paths and enrich with product type
+    const enrichedRefs = [];
+    for (const ref of parsed.projectRefs) {
+        const resolved = resolveProjectRef(ref, workspaceDir);
+        if (resolved && fs.existsSync(resolved)) {
+            // Enrich with product type info
+            enrichProjectRefWithProductType(ref, resolved);
+            enrichedRefs.push({ ref, resolved });
+        }
+    }
+    // Sort by product type priority (P1/P2 fix: use productType, not name)
+    enrichedRefs.sort((a, b) => {
+        // First: exclude Pods (always last)
+        if (a.ref.isPods !== b.ref.isPods) {
+            return a.ref.isPods ? 1 : -1;
+        }
+        // Second: prefer applications by productType (not name heuristics)
+        if (a.ref.isApplication !== b.ref.isApplication) {
+            return a.ref.isApplication ? -1 : 1;
+        }
+        // Third: exclude test targets by productType (more reliable than name)
+        if (a.ref.isTestTarget !== b.ref.isTestTarget) {
+            return a.ref.isTestTarget ? 1 : -1;
+        }
+        // Fourth: sort by product type priority
+        const priorityA = a.ref.productTypePriority ?? 0;
+        const priorityB = b.ref.productTypePriority ?? 0;
+        if (priorityA !== priorityB) {
+            return priorityB - priorityA;
+        }
+        // Fifth: fall back to path heuristics for test/example
+        if (a.ref.isTestOrExample !== b.ref.isTestOrExample) {
+            return a.ref.isTestOrExample ? 1 : -1;
+        }
+        return 0;
+    });
+    // Filter to "main" projects for backward compatibility
+    // Main = application type or (not Pods and not test target)
+    const mainProjects = enrichedRefs.filter(({ ref }) => ref.isApplication || (!ref.isPods && !ref.isTestTarget && !ref.isTestOrExample));
+    // If no main projects found, return all non-test projects
+    const resultRefs = mainProjects.length > 0
+        ? mainProjects
+        : enrichedRefs.filter(({ ref }) => !ref.isTestTarget);
+    // If still nothing, return all
+    if (resultRefs.length === 0) {
+        return enrichedRefs.map(({ resolved }) => resolved);
+    }
+    return resultRefs.map(({ resolved }) => resolved);
+}
+//# sourceMappingURL=workspace-parser.js.map

package/dist/parsers/workspace-parser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"workspace-parser.js","sourceRoot":"","sources":["../../src/parsers/workspace-parser.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAwEA,gDAsBC;AAKD,4DA8BC;AAmED,8CAmBC;AAiDD,oDAoEC;AA5UD;;;;;;;;GAQG;AACH,uCAAyB;AACzB,2CAA6B;AAC7B,2DAK6B;AAsC7B;;;;;;;;;;;;;;;;;GAiBG;AACH,SAAgB,kBAAkB,CAAC,aAAqB;IACtD,yCAAyC;IACzC,IAAI,QAAgB,CAAC;IACrB,IAAI,aAAa,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QAC3C,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,0BAA0B,CAAC,CAAC;IAClE,CAAC;SAAM,IAAI,aAAa,CAAC,QAAQ,CAAC,0BAA0B,CAAC,EAAE,CAAC;QAC9D,QAAQ,GAAG,aAAa,CAAC;IAC3B,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,KAAK,CAAC,2BAA2B,aAAa,EAAE,CAAC,CAAC;IAC9D,CAAC;IAED,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC7B,gDAAgD;QAChD,OAAO;YACL,OAAO,EAAE,EAAE;YACX,WAAW,EAAE,EAAE;YACf,eAAe,EAAE,EAAE;SACpB,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACnD,OAAO,wBAAwB,CAAC,OAAO,CAAC,CAAC;AAC3C,CAAC;AAED;;GAEG;AACH,SAAgB,wBAAwB,CAAC,OAAe;IACtD,yCAAyC;IACzC,MAAM,YAAY,GAAG,OAAO,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;IACrE,MAAM,OAAO,GAAG,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAEpD,gCAAgC;IAChC,MAAM,YAAY,GAAG,sCAAsC,CAAC;IAC5D,MAAM,WAAW,GAA0B,EAAE,CAAC;IAE9C,IAAI,KAAK,CAAC;IACV,OAAO,CAAC,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACrD,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAC7B,MAAM,GAAG,GAAG,mBAAmB,CAAC,WAAW,CAAC,CAAC;QAE7C,qCAAqC;QACrC,IAAI,GAAG,CAAC,WAAW,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;YAC3C,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACxB,CAAC;IACH,CAAC;IAED,4DAA4D;IAC5D,MAAM,eAAe,GAAG,WAAW,CAAC,MAAM,CACxC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,GAAG,CAAC,eAAe,CAC3C,CAAC;IAEF,OAAO;QACL,OAAO;QACP,WAAW;QACX,eAAe;KAChB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,WAAmB;IAC9C,uBAAuB;IACvB,MAAM,UAAU,GAAG,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAE5C,IAAI,YAAiD,CAAC;IACtD,IAAI,WAAmB,CAAC;IAExB,IAAI,UAAU,KAAK,CAAC,CAAC,EAAE,CAAC;QACtB,oCAAoC;QACpC,YAAY,GAAG,SAAS,CAAC;QACzB,WAAW,GAAG,WAAW,CAAC;IAC5B,CAAC;SAAM,CAAC;QACN,MAAM,OAAO,GAAG,WAAW,CAAC,SAAS,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;QACrD,WAAW,GAAG,WAAW,CAAC,SAAS,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC;QAEpD,QAAQ,OAAO,EAAE,CAAC;YAChB,KAAK,OAAO;gBACV,YAAY,GAAG,OAAO,CAAC;gBACvB,MAAM;YACR,KAAK,UAAU;gBACb,YAAY,GAAG,UAAU,CAAC;gBAC1B,MAAM;YACR,KAAK,WAAW;gBACd,YAAY,GAAG,WAAW,CAAC;gBAC3B,MAAM;YACR,KAAK,MAAM;gBACT,YAAY,GAAG,MAAM,CAAC;gBACtB,MAAM;YACR;gBACE,YAAY,GAAG,SAAS,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,uBAAuB;IACvB,MAAM,MAAM,GAAG,WAAW,CAAC,QAAQ,CAAC,gBAAgB,CAAC;QACtC,WAAW,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC9B,WAAW,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IAE/C,gEAAgE;IAChE,6EAA6E;IAC7E,MAAM,YAAY,GAAG,WAAW,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC1D,MAAM,YAAY,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IACpG,MAAM,eAAe,GAAG,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAClD,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,KAAK,OAAO,IAAI,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAC3G,CAAC;IAEF,OAAO;QACL,WAAW;QACX,YAAY;QACZ,WAAW;QACX,MAAM;QACN,eAAe;KAChB,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,iBAAiB,CAC/B,GAAwB,EACxB,YAAoB;IAEpB,QAAQ,GAAG,CAAC,YAAY,EAAE,CAAC;QACzB,KAAK,OAAO;YACV,yCAAyC;YACzC,OAAO,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC;QAErD,KAAK,UAAU;YACb,mBAAmB;YACnB,OAAO,GAAG,CAAC,WAAW,CAAC;QAEzB,KAAK,WAAW,CAAC;QACjB,KAAK,MAAM,CAAC;QACZ,KAAK,SAAS;YACZ,uBAAuB;YACvB,OAAO,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC;IACvD,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,+BAA+B,CACtC,GAAwB,EACxB,YAAoB;IAEpB,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,iBAAiB,CAAC,CAAC;IAE/D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;QAChC,OAAO;IACT,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QACtD,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;QAE1E,MAAM,WAAW,GAAG,IAAA,4CAAwB,EAAC,OAAO,EAAE,WAAW,CAAC,CAAC;QACnE,IAAI,WAAW,EAAE,CAAC;YAChB,GAAG,CAAC,WAAW,GAAG,WAAW,CAAC;YAC9B,GAAG,CAAC,mBAAmB,GAAG,IAAA,0CAAsB,EAAC,WAAW,CAAC,CAAC;YAC9D,GAAG,CAAC,aAAa,GAAG,IAAA,qCAAiB,EAAC,WAAW,CAAC,CAAC;YACnD,GAAG,CAAC,YAAY,GAAG,IAAA,8BAAU,EAAC,WAAW,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,uDAAuD;IACzD,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;GAcG;AACH,SAAgB,oBAAoB,CAAC,aAAqB;IACxD,MAAM,YAAY,GAAG,aAAa,CAAC,QAAQ,CAAC,cAAc,CAAC;QACzD,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC;QAC7B,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC;IAE9C,MAAM,MAAM,GAAG,kBAAkB,CAAC,aAAa,CAAC,CAAC;IAEjD,yDAAyD;IACzD,MAAM,YAAY,GAA0D,EAAE,CAAC;IAE/E,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,QAAQ,GAAG,iBAAiB,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;QACtD,IAAI,QAAQ,IAAI,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YACxC,gCAAgC;YAChC,+BAA+B,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YAC/C,YAAY,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC,CAAC;QACvC,CAAC;IACH,CAAC;IAED,uEAAuE;IACvE,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACzB,oCAAoC;QACpC,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC;YAClC,OAAO,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC/B,CAAC;QAED,mEAAmE;QACnE,IAAI,CAAC,CAAC,GAAG,CAAC,aAAa,KAAK,CAAC,CAAC,GAAG,CAAC,aAAa,EAAE,CAAC;YAChD,OAAO,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACtC,CAAC;QAED,uEAAuE;QACvE,IAAI,CAAC,CAAC,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;YAC9C,OAAO,CAAC,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACrC,CAAC;QAED,wCAAwC;QACxC,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,mBAAmB,IAAI,CAAC,CAAC;QACjD,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,mBAAmB,IAAI,CAAC,CAAC;QACjD,IAAI,SAAS,KAAK,SAAS,EAAE,CAAC;YAC5B,OAAO,SAAS,GAAG,SAAS,CAAC;QAC/B,CAAC;QAED,uDAAuD;QACvD,IAAI,CAAC,CAAC,GAAG,CAAC,eAAe,KAAK,CAAC,CAAC,GAAG,CAAC,eAAe,EAAE,CAAC;YACpD,OAAO,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACxC,CAAC;QAED,OAAO,CAAC,CAAC;IACX,CAAC,CAAC,CAAC;IAEH,uDAAuD;IACvD,4DAA4D;IAC5D,MAAM,YAAY,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CACnD,GAAG,CAAC,aAAa,IAAI,CAAC,CAAC,GAAG,CAAC,MAAM,IAAI,CAAC,GAAG,CAAC,YAAY,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,CAChF,CAAC;IAEF,0DAA0D;IAC1D,MAAM,UAAU,GAAG,YAAY,CAAC,MAAM,GAAG,CAAC;QACxC,CAAC,CAAC,YAAY;QACd,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAExD,+BAA+B;IAC/B,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,OAAO,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC;IACtD,CAAC;IAED,OAAO,UAAU,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC;AACpD,CAAC"}

package/dist/rules/auth/index.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Auth rules exports
+ */
+export { ThirdPartyLoginNoSIWARule } from './third-party-login-no-siwa.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/rules/auth/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/rules/auth/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC"}

package/dist/rules/auth/index.js

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ThirdPartyLoginNoSIWARule = void 0;
+/**
+ * Auth rules exports
+ */
+var third_party_login_no_siwa_js_1 = require("./third-party-login-no-siwa.js");
+Object.defineProperty(exports, "ThirdPartyLoginNoSIWARule", { enumerable: true, get: function () { return third_party_login_no_siwa_js_1.ThirdPartyLoginNoSIWARule; } });
+//# sourceMappingURL=index.js.map

package/dist/rules/auth/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/rules/auth/index.ts"],"names":[],"mappings":";;;AAAA;;GAEG;AACH,+EAA2E;AAAlE,yIAAA,yBAAyB,OAAA"}

package/dist/rules/auth/third-party-login-no-siwa.d.ts

@@ -0,0 +1,11 @@
+/**
+ * Rule: Third-Party Login Without Sign in with Apple
+ *
+ * Detects when an app includes social login SDKs but doesn't implement
+ * Sign in with Apple as an equivalent option.
+ *
+ * App Store Review Guideline: 4.8
+ */
+import type { Rule } from '../../types/index.js';
+export declare const ThirdPartyLoginNoSIWARule: Rule;
+//# sourceMappingURL=third-party-login-no-siwa.d.ts.map

package/dist/rules/auth/third-party-login-no-siwa.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"third-party-login-no-siwa.d.ts","sourceRoot":"","sources":["../../../src/rules/auth/third-party-login-no-siwa.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,OAAO,KAAK,EAAE,IAAI,EAAwB,MAAM,sBAAsB,CAAC;AAcvE,eAAO,MAAM,yBAAyB,EAAE,IAkHvC,CAAC"}

package/dist/rules/auth/third-party-login-no-siwa.js

@@ -0,0 +1,119 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ThirdPartyLoginNoSIWARule = void 0;
+const index_js_1 = require("../../types/index.js");
+const framework_detector_js_1 = require("../../parsers/framework-detector.js");
+const entitlements_parser_js_1 = require("../../parsers/entitlements-parser.js");
+const base_js_1 = require("../base.js");
+const AUTH_SERVICES_FRAMEWORK = 'AuthenticationServices';
+// SDKs that definitively indicate social login
+const DEFINITIVE_SOCIAL_SDKS = ['Google Sign-In', 'Facebook Login', 'Twitter Login', 'Login with Amazon', 'LinkedIn Login'];
+// SDKs that may be used for email/password only
+const AMBIGUOUS_SDKS = ['Firebase Auth', 'Auth0'];
+exports.ThirdPartyLoginNoSIWARule = {
+    id: 'auth-001-third-party-login-no-siwa',
+    name: 'Third-Party Login Without Sign in with Apple',
+    description: 'Checks for social login SDKs without Sign in with Apple implementation',
+    category: index_js_1.RuleCategory.Auth,
+    severity: index_js_1.Severity.Critical,
+    confidence: index_js_1.Confidence.High,
+    guidelineReference: '4.8',
+    async evaluate(context) {
+        // Detect social login SDKs
+        const detectedSDKs = (0, framework_detector_js_1.detectSocialLoginSDKs)(context.dependencies);
+        if (detectedSDKs.length === 0) {
+            return [];
+        }
+        // Separate definitive and ambiguous SDKs
+        const definitiveSocialSDKs = detectedSDKs.filter(sdk => DEFINITIVE_SOCIAL_SDKS.includes(sdk));
+        const ambiguousSDKs = detectedSDKs.filter(sdk => AMBIGUOUS_SDKS.includes(sdk));
+        // Check for SIWA capability
+        const hasSIWAEntitlement = context.hasEntitlement(entitlements_parser_js_1.EntitlementKeys.signInWithApple);
+        // Check for AuthenticationServices framework
+        const hasAuthServices = context.hasFramework(AUTH_SERVICES_FRAMEWORK);
+        const findings = [];
+        // If definitive social SDKs are present (Google Sign-In, Facebook Login, etc.)
+        if (definitiveSocialSDKs.length > 0) {
+            // Case 1: No SIWA entitlement
+            if (!hasSIWAEntitlement) {
+                findings.push((0, base_js_1.makeFinding)(this, {
+                    description: `Your app includes third-party social login SDKs (${definitiveSocialSDKs.join(', ')}) ` +
+                        `but the Sign in with Apple capability is not configured. According to App Store Review ` +
+                        `Guideline 4.8, apps that offer third-party social login must also offer Sign in with Apple ` +
+                        `as an equivalent option.`,
+                    location: 'Entitlements',
+                    fixGuidance: `Add Sign in with Apple to your app:
+
+1. In Xcode, select your app target → Signing & Capabilities
+2. Click "+ Capability" and add "Sign in with Apple"
+3. Implement the SIWA UI alongside your existing login options:
+
+import AuthenticationServices
+
+// Add the Apple sign-in button to your login screen
+let button = ASAuthorizationAppleIDButton(type: .signIn, style: .black)
+button.addTarget(self, action: #selector(handleAppleSignIn), for: .touchUpInside)
+
+@objc func handleAppleSignIn() {
+    let provider = ASAuthorizationAppleIDProvider()
+    let request = provider.createRequest()
+    request.requestedScopes = [.fullName, .email]
+    
+    let controller = ASAuthorizationController(authorizationRequests: [request])
+    controller.delegate = self
+    controller.performRequests()
+}
+
+Important: Sign in with Apple must be presented as an equivalent option - same ` +
+                        `prominence as other social login buttons.`,
+                    documentationURL: 'https://developer.apple.com/sign-in-with-apple/',
+                }));
+            }
+            // Case 2: Has entitlement but no AuthenticationServices framework
+            else if (!hasAuthServices) {
+                findings.push((0, base_js_1.makeCustomFinding)(this, index_js_1.Severity.Medium, index_js_1.Confidence.Medium, {
+                    title: 'Sign in with Apple May Not Be Implemented',
+                    description: `Your app has the Sign in with Apple capability enabled but ` +
+                        `AuthenticationServices framework doesn't appear to be linked. This may indicate ` +
+                        `an incomplete SIWA implementation.`,
+                    location: 'Project',
+                    fixGuidance: `Ensure you're importing AuthenticationServices and implementing the sign-in flow:
+
+import AuthenticationServices
+
+// Present the sign-in button and handle the flow
+// See Apple's documentation for complete implementation
+
+Note: If you're using a third-party library that wraps SIWA, you can ignore ` +
+                        `this finding.`,
+                    documentationURL: 'https://developer.apple.com/sign-in-with-apple/',
+                }));
+            }
+        }
+        // If only ambiguous SDKs (Firebase Auth, Auth0) - lower confidence
+        if (definitiveSocialSDKs.length === 0 && ambiguousSDKs.length > 0 && !hasSIWAEntitlement) {
+            findings.push((0, base_js_1.makeCustomFinding)(this, index_js_1.Severity.Medium, index_js_1.Confidence.Medium, {
+                title: 'Potential Social Login Without Sign in with Apple',
+                description: `Your app includes authentication SDKs (${ambiguousSDKs.join(', ')}) that may ` +
+                    `be configured for social login. If you offer Google, Facebook, or other social login ` +
+                    `options, you must also offer Sign in with Apple.`,
+                location: 'Entitlements',
+                fixGuidance: `Review your authentication implementation:
+
+**If you use social login (Google, Facebook, etc.):**
+Add Sign in with Apple capability and implement it as an equivalent option.
+
+**If you only use email/password authentication:**
+You're exempt from Guideline 4.8. Sign in with Apple is not required for ` +
+                    `apps that don't offer third-party social login.
+
+**If using Firebase Auth with social providers:**
+Firebase supports Sign in with Apple - add it as a provider:
+https://firebase.google.com/docs/auth/ios/apple`,
+                documentationURL: 'https://developer.apple.com/sign-in-with-apple/',
+            }));
+        }
+        return findings;
+    },
+};
+//# sourceMappingURL=third-party-login-no-siwa.js.map

package/dist/rules/auth/third-party-login-no-siwa.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"third-party-login-no-siwa.js","sourceRoot":"","sources":["../../../src/rules/auth/third-party-login-no-siwa.ts"],"names":[],"mappings":";;;AASA,mDAA0E;AAC1E,+EAA4E;AAC5E,iFAAuE;AACvE,wCAA4D;AAE5D,MAAM,uBAAuB,GAAG,wBAAwB,CAAC;AAEzD,+CAA+C;AAC/C,MAAM,sBAAsB,GAAG,CAAC,gBAAgB,EAAE,gBAAgB,EAAE,eAAe,EAAE,mBAAmB,EAAE,gBAAgB,CAAC,CAAC;AAE5H,gDAAgD;AAChD,MAAM,cAAc,GAAG,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC;AAErC,QAAA,yBAAyB,GAAS;IAC7C,EAAE,EAAE,oCAAoC;IACxC,IAAI,EAAE,8CAA8C;IACpD,WAAW,EAAE,wEAAwE;IACrF,QAAQ,EAAE,uBAAY,CAAC,IAAI;IAC3B,QAAQ,EAAE,mBAAQ,CAAC,QAAQ;IAC3B,UAAU,EAAE,qBAAU,CAAC,IAAI;IAC3B,kBAAkB,EAAE,KAAK;IAEzB,KAAK,CAAC,QAAQ,CAAC,OAAoB;QACjC,2BAA2B;QAC3B,MAAM,YAAY,GAAG,IAAA,6CAAqB,EAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAEjE,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,yCAAyC;QACzC,MAAM,oBAAoB,GAAG,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,sBAAsB,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9F,MAAM,aAAa,GAAG,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;QAE/E,4BAA4B;QAC5B,MAAM,kBAAkB,GAAG,OAAO,CAAC,cAAc,CAAC,wCAAe,CAAC,eAAe,CAAC,CAAC;QAEnF,6CAA6C;QAC7C,MAAM,eAAe,GAAG,OAAO,CAAC,YAAY,CAAC,uBAAuB,CAAC,CAAC;QAEtE,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,+EAA+E;QAC/E,IAAI,oBAAoB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpC,8BAA8B;YAC9B,IAAI,CAAC,kBAAkB,EAAE,CAAC;gBACxB,QAAQ,CAAC,IAAI,CAAC,IAAA,qBAAW,EAAC,IAAI,EAAE;oBAC9B,WAAW,EAAE,oDAAoD,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;wBAClG,yFAAyF;wBACzF,6FAA6F;wBAC7F,0BAA0B;oBAC5B,QAAQ,EAAE,cAAc;oBACxB,WAAW,EAAE;;;;;;;;;;;;;;;;;;;;;;gFAsByD;wBACpE,2CAA2C;oBAC7C,gBAAgB,EAAE,iDAAiD;iBACpE,CAAC,CAAC,CAAC;YACN,CAAC;YACD,kEAAkE;iBAC7D,IAAI,CAAC,eAAe,EAAE,CAAC;gBAC1B,QAAQ,CAAC,IAAI,CAAC,IAAA,2BAAiB,EAAC,IAAI,EAAE,mBAAQ,CAAC,MAAM,EAAE,qBAAU,CAAC,MAAM,EAAE;oBACxE,KAAK,EAAE,2CAA2C;oBAClD,WAAW,EAAE,6DAA6D;wBACxE,kFAAkF;wBAClF,oCAAoC;oBACtC,QAAQ,EAAE,SAAS;oBACnB,WAAW,EAAE;;;;;;;6EAOsD;wBACjE,eAAe;oBACjB,gBAAgB,EAAE,iDAAiD;iBACpE,CAAC,CAAC,CAAC;YACN,CAAC;QACH,CAAC;QAED,mEAAmE;QACnE,IAAI,oBAAoB,CAAC,MAAM,KAAK,CAAC,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;YACzF,QAAQ,CAAC,IAAI,CAAC,IAAA,2BAAiB,EAAC,IAAI,EAAE,mBAAQ,CAAC,MAAM,EAAE,qBAAU,CAAC,MAAM,EAAE;gBACxE,KAAK,EAAE,mDAAmD;gBAC1D,WAAW,EAAE,0CAA0C,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa;oBAC1F,uFAAuF;oBACvF,kDAAkD;gBACpD,QAAQ,EAAE,cAAc;gBACxB,WAAW,EAAE;;;;;;0EAMqD;oBAChE;;;;gDAIsC;gBACxC,gBAAgB,EAAE,iDAAiD;aACpE,CAAC,CAAC,CAAC;QACN,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}

package/dist/rules/base.d.ts

@@ -0,0 +1,25 @@
+/**
+ * Base utilities for rules
+ */
+import type { Rule, Finding, Severity, Confidence } from '../types/index.js';
+/**
+ * Helper to create a finding with common rule properties
+ */
+export declare function makeFinding(rule: Pick<Rule, 'id' | 'name' | 'severity' | 'confidence' | 'guidelineReference'>, options: {
+    title?: string;
+    description: string;
+    location?: string;
+    fixGuidance: string;
+    documentationURL?: string;
+}): Finding;
+/**
+ * Creates a finding with custom severity/confidence
+ */
+export declare function makeCustomFinding(rule: Pick<Rule, 'id' | 'guidelineReference'>, severity: Severity, confidence: Confidence, options: {
+    title: string;
+    description: string;
+    location?: string;
+    fixGuidance: string;
+    documentationURL?: string;
+}): Finding;
+//# sourceMappingURL=base.d.ts.map

package/dist/rules/base.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"base.d.ts","sourceRoot":"","sources":["../../src/rules/base.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAE7E;;GAEG;AACH,wBAAgB,WAAW,CACzB,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,GAAG,MAAM,GAAG,UAAU,GAAG,YAAY,GAAG,oBAAoB,CAAC,EAClF,OAAO,EAAE;IACP,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B,GACA,OAAO,CAYT;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,IAAI,GAAG,oBAAoB,CAAC,EAC7C,QAAQ,EAAE,QAAQ,EAClB,UAAU,EAAE,UAAU,EACtB,OAAO,EAAE;IACP,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B,GACA,OAAO,CAYT"}

package/dist/rules/base.js

@@ -0,0 +1,37 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.makeFinding = makeFinding;
+exports.makeCustomFinding = makeCustomFinding;
+/**
+ * Helper to create a finding with common rule properties
+ */
+function makeFinding(rule, options) {
+    return {
+        ruleId: rule.id,
+        severity: rule.severity,
+        confidence: rule.confidence,
+        title: options.title ?? rule.name,
+        description: options.description,
+        location: options.location,
+        guideline: rule.guidelineReference,
+        fixGuidance: options.fixGuidance,
+        documentationURL: options.documentationURL,
+    };
+}
+/**
+ * Creates a finding with custom severity/confidence
+ */
+function makeCustomFinding(rule, severity, confidence, options) {
+    return {
+        ruleId: rule.id,
+        severity,
+        confidence,
+        title: options.title,
+        description: options.description,
+        location: options.location,
+        guideline: rule.guidelineReference,
+        fixGuidance: options.fixGuidance,
+        documentationURL: options.documentationURL,
+    };
+}
+//# sourceMappingURL=base.js.map

package/dist/rules/base.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"base.js","sourceRoot":"","sources":["../../src/rules/base.ts"],"names":[],"mappings":";;AAQA,kCAqBC;AAKD,8CAuBC;AApDD;;GAEG;AACH,SAAgB,WAAW,CACzB,IAAkF,EAClF,OAMC;IAED,OAAO;QACL,MAAM,EAAE,IAAI,CAAC,EAAE;QACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,KAAK,EAAE,OAAO,CAAC,KAAK,IAAI,IAAI,CAAC,IAAI;QACjC,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,SAAS,EAAE,IAAI,CAAC,kBAAkB;QAClC,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,gBAAgB,EAAE,OAAO,CAAC,gBAAgB;KAC3C,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAgB,iBAAiB,CAC/B,IAA6C,EAC7C,QAAkB,EAClB,UAAsB,EACtB,OAMC;IAED,OAAO;QACL,MAAM,EAAE,IAAI,CAAC,EAAE;QACf,QAAQ;QACR,UAAU;QACV,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,SAAS,EAAE,IAAI,CAAC,kBAAkB;QAClC,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,gBAAgB,EAAE,OAAO,CAAC,gBAAgB;KAC3C,CAAC;AACJ,CAAC"}

package/dist/rules/config/ats-exception-without-justification.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Rule: ATS Exception Without Justification
+ *
+ * Detects when an app disables App Transport Security without proper
+ * exception configuration. NSAllowsArbitraryLoads = true is a security
+ * risk and commonly flagged during App Store review.
+ *
+ * App Store Review Guideline: 2.1 (App Completeness)
+ */
+import type { Rule } from '../../types/index.js';
+export declare const ATSExceptionWithoutJustificationRule: Rule;
+//# sourceMappingURL=ats-exception-without-justification.d.ts.map

package/dist/rules/config/ats-exception-without-justification.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ats-exception-without-justification.d.ts","sourceRoot":"","sources":["../../../src/rules/config/ats-exception-without-justification.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AACH,OAAO,KAAK,EAAE,IAAI,EAAwB,MAAM,sBAAsB,CAAC;AASvE,eAAO,MAAM,oCAAoC,EAAE,IAwJlD,CAAC"}