swynx-lite 1.0.0

package/src/output/json.mjs

@@ -0,0 +1,76 @@
+// src/output/json.mjs
+// JSON output formatter
+
+/**
+ * Format scan results as JSON schema matching the spec
+ */
+export function formatJSON(results, options = {}) {
+  const { projectPath, security } = options;
+
+  const output = {
+    version: '1.0.0',
+    tool: 'swynx-lite',
+    timestamp: new Date().toISOString(),
+    project: {
+      path: projectPath,
+      languages: Object.keys(results.summary.languages || {}),
+      framework: results.framework || null,
+    },
+    summary: {
+      totalFiles: results.summary.totalFiles,
+      entryPoints: results.summary.entryPoints,
+      reachableFiles: results.summary.reachableFiles,
+      deadFiles: results.summary.deadFiles,
+      deadRate: parseFloat(results.summary.deadRate),
+      deadBytes: results.summary.totalDeadBytes,
+    },
+    deadFiles: (results.deadFiles || []).map(f => ({
+      path: f.file,
+      language: f.language,
+      size: f.size,
+      lines: f.lines,
+      exports: (f.exports || []).map(e => e.name || e),
+    })),
+  };
+
+  // Security section
+  if (security && security.summary && security.summary.total > 0) {
+    output.security = {
+      findings: (security.findings || []).map(f => ({
+        severity: f.severity,
+        cwe: f.cwe,
+        cweName: f.cweName,
+        file: f.file,
+        line: f.line,
+        description: f.description,
+        inDeadCode: f.isDead || false,
+      })),
+    };
+  }
+
+  return JSON.stringify(output, null, 2);
+}
+
+/**
+ * Format clean results as JSON
+ */
+export function formatCleanJSON(results) {
+  return JSON.stringify({
+    version: '1.0.0',
+    tool: 'swynx-lite',
+    timestamp: new Date().toISOString(),
+    action: results.dryRun ? 'dry-run' : 'clean',
+    summary: {
+      filesRemoved: results.filesRemoved || 0,
+      bytesRemoved: results.bytesRemoved || 0,
+      importsRemoved: results.importsRemoved || 0,
+      barrelExportsRemoved: results.barrelExportsRemoved || 0,
+    },
+    quarantine: results.sessionId ? {
+      sessionId: results.sessionId,
+      restoreCommand: 'swynx-lite restore',
+      purgeCommand: 'swynx-lite purge',
+    } : null,
+    files: results.files || [],
+  }, null, 2);
+}

package/src/output/progress.mjs

@@ -0,0 +1,57 @@
+// src/output/progress.mjs
+// Braille spinner on stderr for interactive mode
+
+const BRAILLE = ['⠋', '⠙', '⠹', '⠸', '⠼', '⠴', '⠦', '⠧', '⠇', '⠏'];
+
+export class ProgressSpinner {
+  constructor(options = {}) {
+    this.active = false;
+    this.frame = 0;
+    this.interval = null;
+    this.message = '';
+    this.noColor = options.noColor || false;
+    this.enabled = options.enabled !== false && process.stderr.isTTY;
+  }
+
+  start(message = '') {
+    if (!this.enabled) return;
+    this.active = true;
+    this.message = message;
+    this.interval = setInterval(() => this._render(), 80);
+    this._render();
+  }
+
+  update(progress) {
+    if (!this.enabled) return;
+    if (progress.message) {
+      this.message = progress.message;
+    }
+    if (progress.phase === 'done') {
+      this.stop();
+    }
+  }
+
+  stop() {
+    if (!this.active) return;
+    this.active = false;
+    if (this.interval) {
+      clearInterval(this.interval);
+      this.interval = null;
+    }
+    // Clear the spinner line
+    if (this.enabled) {
+      process.stderr.write('\r\x1b[K');
+    }
+  }
+
+  _render() {
+    if (!this.active) return;
+    const spinner = BRAILLE[this.frame % BRAILLE.length];
+    this.frame++;
+
+    const dim = this.noColor ? '' : '\x1b[2m';
+    const reset = this.noColor ? '' : '\x1b[0m';
+
+    process.stderr.write(`\r\x1b[K  ${dim}${spinner} ${this.message}${reset}`);
+  }
+}

package/src/scan.mjs

@@ -0,0 +1,143 @@
+// src/scan.mjs
+// Scan orchestrator — wraps the shared scanner for Lite
+
+import { resolve } from 'path';
+import { existsSync } from 'fs';
+import { loadConfig } from './config.mjs';
+import { scanDeadCode } from './shared/scanner/scan-dead-code.mjs';
+import { ProgressSpinner } from './output/progress.mjs';
+import { renderScanOutput } from './output/console.mjs';
+import { formatJSON } from './output/json.mjs';
+
+/**
+ * Run a dead code scan
+ *
+ * @param {string} targetPath - Path to scan
+ * @param {object} cliOptions - CLI options
+ * @returns {Promise<{ exitCode: number, results: object }>}
+ */
+export async function runScan(targetPath, cliOptions = {}) {
+  const projectPath = resolve(targetPath || '.');
+
+  if (!existsSync(projectPath)) {
+    console.error(`  Error: path not found — ${projectPath}`);
+    return { exitCode: 2, results: null };
+  }
+
+  // Load config
+  const config = loadConfig(projectPath, cliOptions);
+
+  // Detect CI
+  const isCI = cliOptions.ci || !!process.env.CI || !!process.env.GITHUB_ACTIONS || !!process.env.GITLAB_CI;
+  const isJSON = cliOptions.json || false;
+  const noColor = cliOptions.color === false || !!process.env.NO_COLOR || isCI;
+  const verbose = cliOptions.verbose || false;
+
+  // Progress spinner (only in interactive mode)
+  const spinner = new ProgressSpinner({
+    enabled: !isJSON && !isCI,
+    noColor,
+  });
+
+  spinner.start('Discovering files...');
+
+  // Build exclude patterns from config
+  const exclude = config.ignore.length > 0 ? undefined : undefined;
+
+  let results;
+  try {
+    results = await scanDeadCode(projectPath, {
+      exclude: undefined, // use scanner defaults + config ignore is separate
+      onProgress: (p) => spinner.update(p),
+    });
+  } catch (e) {
+    spinner.stop();
+    console.error(`  Error during scan: ${e.message}`);
+    if (verbose) console.error(e.stack);
+    return { exitCode: 2, results: null };
+  }
+
+  spinner.stop();
+
+  // Filter out ignored files from results
+  if (config.ignore.length > 0) {
+    const { minimatch } = await loadMinimatch();
+    if (minimatch) {
+      results.deadFiles = results.deadFiles.filter(f => {
+        const filePath = f.file || f.path || '';
+        return !config.ignore.some(pattern => minimatch(filePath, pattern, { dot: true }));
+      });
+      // Recalculate summary
+      const deadCount = results.deadFiles.length;
+      const totalDeadBytes = results.deadFiles.reduce((sum, f) => sum + (f.size || 0), 0);
+      const deadRate = results.summary.totalFiles > 0
+        ? ((deadCount / results.summary.totalFiles) * 100).toFixed(2)
+        : '0.00';
+      results.summary.deadFiles = deadCount;
+      results.summary.totalDeadBytes = totalDeadBytes;
+      results.summary.deadRate = `${deadRate}%`;
+    }
+  }
+
+  // Security scanning
+  let security = null;
+  if (config.security.enabled && cliOptions.security !== false) {
+    try {
+      const { runSecurityScan } = await import('./security.mjs');
+      security = await runSecurityScan(projectPath, results, { onProgress: (p) => spinner.update(p) });
+    } catch {
+      // Security module may not be available — skip silently
+    }
+  }
+
+  // Output
+  if (isJSON) {
+    console.log(formatJSON(results, { projectPath, security }));
+  } else {
+    console.log(renderScanOutput(results, { noColor, verbose, ci: isCI, security }));
+  }
+
+  // Exit code logic
+  let exitCode = 0;
+  if (isCI) {
+    const threshold = parseFloat(cliOptions.threshold ?? config.ci.threshold ?? 0);
+    const deadRate = parseFloat(results.summary.deadRate);
+
+    if (deadRate > threshold) {
+      exitCode = 1;
+    }
+
+    // Security failures in CI
+    if (config.ci.failOnSecurity && security && security.summary) {
+      const minSev = config.ci.securitySeverity || 'HIGH';
+      const sevRank = { CRITICAL: 4, HIGH: 3, MEDIUM: 2, LOW: 1 };
+      const minRank = sevRank[minSev] || 3;
+
+      const hasFailure = (security.findings || []).some(f =>
+        (sevRank[f.severity] || 0) >= minRank
+      );
+      if (hasFailure) exitCode = 1;
+    }
+  }
+
+  return { exitCode, results, security };
+}
+
+/**
+ * Try to load minimatch for ignore pattern matching
+ */
+async function loadMinimatch() {
+  try {
+    const { minimatch } = await import('minimatch');
+    return { minimatch };
+  } catch {
+    // minimatch not available — glob patterns in ignore won't work
+    // (it's a transitive dep from glob, so usually available)
+    try {
+      // Try the glob module's internal minimatch
+      const mod = await import('glob');
+      if (mod.minimatch) return { minimatch: mod.minimatch };
+    } catch { /* */ }
+    return { minimatch: null };
+  }
+}

package/src/security.mjs

@@ -0,0 +1,62 @@
+// src/security.mjs
+// Security scan orchestrator — wraps the shared security scanner
+
+import { scanCodePatterns } from './shared/security/scanner.mjs';
+import { readFileSync, existsSync } from 'fs';
+import { join, extname } from 'path';
+
+/**
+ * Run security scanning on scan results
+ *
+ * @param {string} projectPath - Project root
+ * @param {object} scanResults - Results from scanDeadCode()
+ * @param {object} options
+ * @returns {object} Security scan results
+ */
+export async function runSecurityScan(projectPath, scanResults, options = {}) {
+  const { onProgress } = options;
+
+  // Build dead file set
+  const deadFileSet = new Set(
+    (scanResults.deadFiles || []).map(f => f.file || f.path || '')
+  );
+
+  // Build analysis objects with content for security scanning
+  // We need to re-read file content since the scanner strips it
+  const allFiles = [];
+  const deadFiles = scanResults.deadFiles || [];
+
+  // Scan dead files for security patterns
+  for (const f of deadFiles) {
+    const filePath = f.file || f.path || '';
+    if (!filePath) continue;
+
+    const fullPath = join(projectPath, filePath);
+    let content = '';
+    try {
+      if (existsSync(fullPath)) {
+        content = readFileSync(fullPath, 'utf-8');
+      }
+    } catch { continue; }
+
+    if (!content) continue;
+
+    allFiles.push({
+      file: filePath,
+      relativePath: filePath,
+      content,
+    });
+  }
+
+  if (onProgress) {
+    onProgress({ phase: 'security', message: `Scanning ${allFiles.length} files for security patterns...` });
+  }
+
+  const results = scanCodePatterns(allFiles, deadFileSet, projectPath, onProgress);
+
+  if (onProgress) {
+    onProgress({ phase: 'done', message: 'Security scan complete' });
+  }
+
+  return results;
+}

package/src/shared/fixer/barrel-cleaner.mjs

@@ -0,0 +1,192 @@
+// src/fixer/barrel-cleaner.mjs
+// Clean up barrel/index file re-exports that reference deleted files
+
+import { existsSync, readFileSync, writeFileSync } from 'fs';
+import { join, dirname, basename, extname } from 'path';
+
+/**
+ * Find and clean barrel exports that reference deleted files
+ * @param {string} projectPath - Project root
+ * @param {string[]} deletedFiles - List of deleted file paths (relative)
+ * @param {string[]} liveFiles - List of live files to check (relative)
+ * @param {object} options - Options
+ */
+export async function cleanBarrelExports(projectPath, deletedFiles, liveFiles, options = {}) {
+  const { dryRun = false } = options;
+
+  const result = {
+    filesModified: [],
+    exportsRemoved: [],
+    errors: []
+  };
+
+  // Find potential barrel files (index.js, index.ts, etc.)
+  const barrelFiles = liveFiles.filter(f => {
+    const base = basename(f);
+    return /^index\.(js|ts|mjs|cjs|jsx|tsx)$/.test(base);
+  });
+
+  // Build a set of deleted file basenames for matching
+  const deletedBasenames = new Set();
+  for (const file of deletedFiles) {
+    const ext = extname(file);
+    const base = basename(file, ext);
+    deletedBasenames.add(base);
+    deletedBasenames.add(base.toLowerCase());
+  }
+
+  // Process each barrel file
+  for (const barrelFile of barrelFiles) {
+    const fullPath = join(projectPath, barrelFile);
+    const barrelDir = dirname(barrelFile);
+
+    if (!existsSync(fullPath)) continue;
+
+    try {
+      const content = readFileSync(fullPath, 'utf-8');
+      const { modified, changes } = cleanExportsInFile(content, barrelDir, deletedFiles, deletedBasenames);
+
+      if (changes.length > 0) {
+        if (!dryRun) {
+          writeFileSync(fullPath, modified, 'utf-8');
+        }
+
+        result.filesModified.push(barrelFile);
+        result.exportsRemoved.push({
+          file: barrelFile,
+          exports: changes,
+          dryRun
+        });
+      }
+    } catch (error) {
+      result.errors.push({ file: barrelFile, error: error.message });
+    }
+  }
+
+  return result;
+}
+
+/**
+ * Clean exports in a single file's content
+ */
+function cleanExportsInFile(content, barrelDir, deletedFiles, deletedBasenames) {
+  const lines = content.split('\n');
+  const changes = [];
+  const newLines = [];
+
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i];
+    const exportMatch = matchExportStatement(line);
+
+    if (exportMatch) {
+      const { exportPath, fullMatch } = exportMatch;
+
+      // Check if this export references a deleted file
+      if (isDeletedExport(barrelDir, exportPath, deletedFiles, deletedBasenames)) {
+        changes.push({
+          line: i + 1,
+          removed: line.trim(),
+          exportPath
+        });
+        // Skip this line
+        continue;
+      }
+    }
+
+    newLines.push(line);
+  }
+
+  // Clean up consecutive empty lines
+  const cleaned = cleanEmptyLines(newLines);
+
+  return {
+    modified: cleaned.join('\n'),
+    changes
+  };
+}
+
+/**
+ * Match export statements
+ */
+function matchExportStatement(line) {
+  const trimmed = line.trim();
+
+  // export { X } from 'path'
+  // export * from 'path'
+  // export { default as X } from 'path'
+  const reExportMatch = trimmed.match(/^export\s+(?:\{[^}]*\}|\*(?:\s+as\s+\w+)?)\s+from\s+['"]([^'"]+)['"]/);
+  if (reExportMatch) {
+    return { exportPath: reExportMatch[1], fullMatch: reExportMatch[0] };
+  }
+
+  // Named export with default: export { default } from 'path'
+  const defaultExportMatch = trimmed.match(/^export\s+\{\s*default[^}]*\}\s+from\s+['"]([^'"]+)['"]/);
+  if (defaultExportMatch) {
+    return { exportPath: defaultExportMatch[1], fullMatch: defaultExportMatch[0] };
+  }
+
+  return null;
+}
+
+/**
+ * Check if an export path references a deleted file
+ */
+function isDeletedExport(barrelDir, exportPath, deletedFiles, deletedBasenames) {
+  // Skip non-relative exports
+  if (!exportPath.startsWith('.')) {
+    return false;
+  }
+
+  // Resolve the export path relative to barrel file
+  const resolved = join(barrelDir, exportPath).replace(/\\/g, '/').replace(/^\.\//, '');
+
+  // Check against deleted files
+  for (const deleted of deletedFiles) {
+    const deletedNorm = deleted.replace(/\\/g, '/').replace(/^\.\//, '');
+
+    // Exact match
+    if (resolved === deletedNorm) {
+      return true;
+    }
+
+    // Match without extension
+    const deletedNoExt = deletedNorm.replace(/\.[^/.]+$/, '');
+    const resolvedNoExt = resolved.replace(/\.[^/.]+$/, '');
+
+    if (resolvedNoExt === deletedNoExt) {
+      return true;
+    }
+
+    // Match with /index suffix
+    if (resolved + '/index' === deletedNoExt || resolvedNoExt + '/index' === deletedNoExt) {
+      return true;
+    }
+  }
+
+  return false;
+}
+
+/**
+ * Clean up consecutive empty lines
+ */
+function cleanEmptyLines(lines) {
+  const result = [];
+  let lastWasEmpty = false;
+
+  for (const line of lines) {
+    const isEmpty = line.trim() === '';
+
+    if (isEmpty && lastWasEmpty) {
+      continue;
+    }
+
+    result.push(line);
+    lastWasEmpty = isEmpty;
+  }
+
+  return result;
+}
+
+export default {
+  cleanBarrelExports
+};