uneven-ai 0.12.6 → 1.0.2

package/CHANGELOG.md

@@ -5,6 +5,387 @@ All notable changes to Uneven AI will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.0.2] - 2026-04-15
+
+### Fixed
+
+- **CI (release)**: rename prebuild assets to unique filenames (`linux-x64.node`, etc.) before
+  uploading to GitHub Release — previously all 5 platforms shared the name `uneven_core.node`,
+  causing asset upload to fail with HTTP 404
+
+## [1.0.1] - 2026-04-15
+
+### Fixed
+
+- **CI (linux-arm64)**: install `g++-aarch64-linux-gnu` and set `CXX_aarch64_unknown_linux_gnu`
+  so crates with C++ build scripts (e.g. `esaxx-rs`) cross-compile correctly on the release pipeline
+
+## [1.0.0] - 2026-04-15
+
+### Added — Test suite
+
+- **`__tests__/engine.test.ts`**: 26 unit tests covering the orchestration engine — `init()`,
+  `stop()`, `handleErrorFix()` (anti-loop, deduplication, file queue), `_runFixForError()`
+  (confidence gate, autoFix on/off paths, fix-applied/fix-reverted/fix-pending events)
+- **`crates/.../error_parser.rs`**: 9 Rust unit tests — TypeScript, absolute path, relative,
+  nested path formats; edge cases: empty string, missing column, plain URL rejection
+- **`crates/.../retrieval/mod.rs`**: 11 Rust unit tests — `cosine_sim` (identical, orthogonal,
+  opposite, mismatched lengths, empty vectors) and `assemble_context` (empty, single, multiple
+  documents, score formatting, header presence)
+- **`crates/.../providers.rs`**: 4 Rust unit tests — all valid providers, case-insensitive
+  parsing, unknown provider error, error message content
+- **`crates/.../embeddings.rs`**: 7 pure Rust unit tests — `normalize_l2` (unit vector, scaling,
+  zero-vector error), `hash_embed` (dimension, normalization, determinism, distinctness), `fnv3`
+  (determinism, collision); existing 4 model-dependent tests fixed (`#[ignore]` + multi-thread
+  runtime to prevent `block_in_place` panic)
+- **Total**: 135 TypeScript tests (7 suites) + 34 Rust tests (0 failures, 4 ignored)
+
+### Added — CI workflow
+
+- **`.github/workflows/ci.yml`**: `cargo test --lib` added to `build-rust` job — pure Rust
+  unit tests run on every push to `main`; Jest job decoupled from full Rust build (bridge
+  mocked, binary not required); `cargo clippy -D warnings` catches lint regressions before
+  they reach a release tag
+
+### Fixed — ESM test infrastructure
+
+- **`jest.config.cjs`**: bridge `moduleNameMapper` patterns reordered before the `.js` stripper
+  so patterns match `bridge.js` before the extension is stripped
+- **`__tests__/engine.test.ts`**: uses `jest.unstable_mockModule()` + explicit
+  `import { jest } from '@jest/globals'` — required for `--experimental-vm-modules` where
+  `jest` is not injected as a bare global into ESM module scope
+- **`__tests__/error-parser.test.ts`**: Python traceback fixture corrected — added the
+  intermediate executing-code line that the parser requires to identify the last stack frame
+
+## [0.16.0] - 2026-04-15
+
+### Added — NAPI streaming inference
+
+- **`inference.rs`**: `generate_streaming` and `run_inference_streaming` — token-by-token generation
+  via callback, enabling progressive output instead of waiting for full completion
+- **`llm/orchestrator.rs`**: `infer_with_params_streaming` wires the streaming path end-to-end
+- **`api/napi_api.rs`**: `llm_infer_stream` exposed as a NAPI function with `ThreadsafeFunction`
+  callback — each generated token is delivered to JS as it is produced
+- **`bridge.ts`**: `llmInferStream` bound and wired into `engine.ts ask()` — `ask` and `askf`
+  commands now stream tokens inline instead of printing the full response at once
+- **`test/mocks`**: `llmInferStream` mock added to simulate token-by-token delivery in unit tests
+
+### Added — pendingDiffs protocol (autoFix=false agent coexistence)
+
+- **`engine.ts`**: P2 pendingDiffs protocol — when `autoFix: false`, detected errors are posted
+  to `session.json` as `PendingDiff` records instead of being discarded; agents or the human
+  user can inspect, apply, or reject them independently
+- **`cli/commands/diff.ts`**: `uneven-ai diff` command — lists pending diffs, applies them with
+  `--apply <id>` (checksum guard + snapshot + atomic write), rejects with `--reject <id>`,
+  clears resolved history with `--clear`
+
+### Fixed — autoFix pipeline: P0+P1 correctness
+
+- **`engine.ts`**: P0 — concurrent writes to the same file during autoFix now serialized via a
+  per-file `fileFixQueue` — without this, two rapid errors in the same file could produce an
+  interleaved, corrupted result
+- **`engine.ts`**: P0 — session lock (`acquireLock`/`releaseLock`) now wraps file writes;
+  snapshot taken before every write to support `uneven-ai restore`
+- **`engine.ts`**: P0 — checksum guard before `applyFix` aborts if the file was modified between
+  error detection and LLM response, preventing the fix from being applied to the wrong version
+- **`engine.ts`**: P0 — removed early return at the `autoFix=false` branch that silently discarded
+  all errors before the session check at line 1183 — `autoFix: false` via `uneven.config.ts`
+  was completely inoperative; `pendingDiff` was never posted
+- **`engine.ts`**: P1 — 500 ms debounce applied to both autoFix paths; debounce timers cleared on
+  `stop()` to prevent a queued fix from firing after the engine shuts down
+- **`engine.ts`**: P1 — `promptUserConfirmFix` returns `false` in non-TTY environments instead
+  of hanging indefinitely waiting for stdin
+- **`engine.ts`**: P1 — `autoFix`/`confirmBeforeFix` shadow variables removed from error handler
+  closure — outer config values now used directly, eliminating stale-capture bug
+
+### Fixed — malware scanner
+
+- **`supply-chain-auditor.ts`**: `levenshtein` call in typosquatting explanation replaced with
+  `editDistance` — function was removed in v0.14.0 audit but one call site in the explanation
+  string was missed; caused `ReferenceError` at runtime on any project with typosquat findings
+- **`supply-chain-auditor.ts`**: unified `POPULAR_PACKAGES` list; minimum name length guard added
+  to typosquatting — single-character package names produced false positives with edit distance 1
+- **`malware-scanner.ts`**: `isTestFile` now detects `__tests__` directories via `filePath`
+  instead of `basename` — test files in `__tests__/` were scanned and flagged as production code
+- **`malware-scanner.ts`**: `computeRiskLevel` now applies confidence threshold symmetrically —
+  low-confidence findings no longer elevated the risk level
+- **`malware-scanner.ts`**: `dependenciesScanned` count fixed — was always `0` due to wrong
+  variable reference
+- **`malware-scanner.ts`**: LLM evaluation prompt now sanitizes the filename — special characters
+  in filenames could break the prompt structure
+- **`malware-scanner.ts`**: non-global regex in `STATIC_RULES` loop now uses `break` guard
+  correctly; `peerDependencies` added to dependency scan scope; dead `dirs` variable removed
+- **`scan.ts`**: `spinner.stop()` → `spinner.succeed('Scan complete')` — spinner disappeared
+  silently with no completion feedback
+- **`scan.ts`**: logger flushed before `process.exit` to prevent log truncation on findings
+- **`cli/index.ts`**: `--report` help text corrected from `.uneven/` to `uneven-reports/`
+
+### Fixed — pentest & security analyzer
+
+- **`security-analyzer.ts`**: `COOKIE_CALL` regex rewritten — options object now captured via
+  `\{[^}]*\}` group; `\b` word boundary added before `cookie` to eliminate false positives on
+  `_cookie(` and `cookieStore(`
+- **`security-analyzer.ts`**: CORS wildcard+credentials check scoped to each individual
+  `cors({...})` block — file-wide flag produced false positives when the two options appeared in
+  separate route configs that never co-existed
+- **`security-analyzer.ts`**: `scanHeaders` now respects the `dirs` parameter — was ignoring it
+  and always scanning the full project
+- **`security-analyzer.ts`**: `execSync npm audit` replaced with async `execFile` — blocked the
+  event loop and could not be interrupted
+- **`security-analyzer.ts`**: `walkDir` skip list hoisted to module-level `Set` — was
+  reallocated on every call
+- **`security-analyzer.ts`**: `let mc` redeclaration in CORS_BLOCK loop renamed to `mc2` —
+  TypeScript block-scoped variable redeclaration error in same function scope
+- **`pentest-context.ts`**: `matchesTarget` CIDR — captures 4th octet correctly; supports
+  `/25`–`/32` prefixes that were silently rejected
+- **`pentest-context.ts`**: credential spray blocked at `>= 50` threads — the `100–499` range
+  was missing from the guard condition
+- **`pentest.ts`**: IP octet range and CIDR prefix validated on input — malformed targets
+  previously reached the scanner unchecked
+
+### Fixed — terminal watch engine
+
+- **`process-lock.ts`**: lock file created with `O_EXCL` (atomic) — race between two processes
+  reading "no lock exists" then both writing was possible with the old check-then-create pattern;
+  signal handler accumulation on repeated `watch` invocations fixed with `once`
+- **`watcher.ts`**: zombie process prevention — `ProcessWatcher` now guards against
+  restart-after-stop; output buffers capped at 100 KB to prevent OOM on runaway processes;
+  `restartCount` reset after stability window; spawn errors surfaced; `watch()` resolves on max
+  restarts
+- **`file-watcher.ts`**: `running = true` set before the `ready` event so that `stop()` called
+  immediately after `start()` actually closes the watcher
+
+### Fixed — data analyst & document intel
+
+- **`db-loader.ts`**: `LOAD_LIMIT` applied to `loadDocuments` queries — unbounded `SELECT *` on
+  large tables caused OOM on the analyst pipeline
+- **`data-analyst.ts`**: MongoDB schema inference now samples multiple documents — single-document
+  sample missed fields that only appeared in a subset of records
+- **`data-analyst.ts`**: `generateSQL` prompt truncated when schema exceeds context budget —
+  oversized schema was silently overflowing LLM context
+- **`data-analyst.ts`**: MongoDB `executeQuery` now parses and applies `WHERE` clause filters —
+  all MongoDB queries previously returned unfiltered collections
+- **`data-analyst.ts`**: SQLite `PRAGMA table_info` now quotes the table name — table names with
+  spaces or reserved words caused a parse error
+- **`data-security-context.ts`**: wildcard column regex fixed to match single-segment names;
+  arbitrary `slice(0, 30)` cap on `buildPromptRules` removed — truncated security rules were
+  silently omitted from the LLM prompt
+- **`analyze.ts`**: requires explicit `A` or `APPROVE` to execute destructive queries — any
+  truthy input previously approved execution
+- **`analyze.ts`**: `dbUrl` (not `dbType`) now passed to `jobManager.createJob` — job was
+  created without a connection string, failing on first query
+- **`report-packager.ts`**: `execSync` replaced with async `execFile`; shell injection in
+  filename argument fixed
+- **`dashboard-generator.ts`**: `</script>` escaped in JSON chart data to prevent XSS when
+  the dashboard HTML is served from a web origin
+- **`excel-exporter.ts`**: `require()` replaced with ESM-compatible dynamic `import()`
+- **`llm-security-reviewer.ts`**: operator precedence bug in `sanitizeContext` fixed — `&&`
+  was binding tighter than intended, causing some sensitive patterns to pass through unsanitized
+
+### Fixed — logger & error parser
+
+- **`logger/index.ts`**: `getTimestamp` now includes date (`YYYY-MM-DD HH:MM:SS`) — log entries
+  across midnight were indistinguishable
+- **`logger/index.ts`**: triple backticks in `fixApplied` before/after code blocks escaped —
+  unescaped backticks broke the Markdown fence in the log file
+- **`logger/index.ts`**: `securityFinding` uses `line != null` — `line === 0` (first line of
+  file) was treated as falsy and silently omitted from the log
+- **`error-parser.ts`**: `parsePythonErrors` reads exception message at the frame boundary, not
+  at `i+1` — off-by-one caused the wrong line to be stored as the error message
+- **`error-parser.ts`**: `getContext` now receives the terminal output index, not the source line
+  number — produced context slices from the wrong position
+- **`error-parser.ts`**: `parseRustErrors` searches forward for the `-->` location line —
+  fixed cases where the location appeared after the error header, not on the same line
+- **`error-parser.ts`**: `FATAL` mapped to `'error'` and `WARN` mapped to `'warning'` in
+  `parseGenericErrors` — unrecognized severity strings were dropped
+
+### Fixed — CLI commands
+
+- **`init.ts`**: downloads are now atomic (`.tmp` + rename) — SIGINT during download no longer
+  leaves a partial file that `fileExists()` accepts as valid on the next run
+- **`init.ts`**: `readline` wrapped in `try/finally` — `rl.close()` now called on Ctrl+C or
+  EOF during the provider prompt, preventing stdin from being held open
+- **`init.ts`**: `fetch()` for model downloads now carries `AbortSignal.timeout(20 * 60 * 1000)`
+  — stalled CDN connections previously blocked `init` indefinitely
+- **`init.ts`**: `hardware.gpu.recommendation.gpuLayers` now propagated to both `saveConfig` and
+  `makeConfig` — was detected and displayed but always overridden by the hardcoded `gpuLayers: 32`
+  default; users with 1.5 GB VRAM received 32 layers and crashed at runtime
+- **`init.ts`**: invalid provider choice now emits a `warn()` instead of silently defaulting —
+  a typo during setup produced no diagnostic
+- **`init.ts`**: `uneven-reports/` added to `.gitignore` — HTML pentest and Excel data reports
+  were committed accidentally
+- **`init.ts`**: `res.body` null check moved inside the try block so the partial file descriptor
+  is cleaned up before throwing
+- **`init.ts`**: `threads` value now derived from `Math.max(2, Math.min(hardware.cpuCores, 8))`
+  in both `saveConfig` and `makeConfig` — the two had diverged (2 vs 4)
+- **`init.ts`**: `defaultModelFor(provider)` pure function extracted — duplicate model-resolution
+  logic in `makeConfig` and `initCommand` had already diverged
+- **`init.ts`**: `User-Agent` updated to use the runtime `version` string instead of hardcoded
+  `'uneven-ai-init/0.7.1'`
+- **`ask.ts`**: `guardian` hoisted before the `try` block so `catch` can call `guardian?.stop()`
+  — was a block-scope error; `ResourceGuardian` was never stopped on exception
+- **`ask.ts`**: `config.brain.temperature` forwarded to local inference — `ask` was always using
+  the default temperature regardless of user config
+- **`ask.ts`**: tokens now streamed inline — each token was printed on a new line instead of
+  appended to the current line
+- **`askf.ts`**: `readline` interface closed in `finally` to prevent stdin leak on any exit path
+- **`askf.ts`**: `path.sep` added to `startsWith` check — sibling directories sharing a prefix
+  (e.g. `src/foo-extra`) could bypass the allowed-paths guard
+- **`askf.ts`**: files and summary parsed from the sanitized answer, not from raw tokens —
+  streaming tokens arrived in arbitrary chunks, making per-token parsing unreliable
+- **`index.ts` (CLI)**: lock released on all exit paths including early-return guards — a failed
+  file read during indexing left the lock held indefinitely
+- **`engine.ts` (index)**: Phase 2B file guards aligned with Phase 2A — binary, ignored-dir, and
+  extension checks were missing from the Phase 2B worker path
+- **`diff.ts`**: missing `/**` JSDoc opening delimiter added — absence generated dozens of tsc
+  parse errors that saturated compiler output and masked all other real type errors in the project
+- **`engine.ts`**: `'uneven-ai diff reject'` hint corrected to `'uneven-ai diff --reject'`
+
+### Fixed — CI/CD pipeline
+
+- **`.github/workflows`**: `timeout-minutes` added to all jobs — runaway builds previously
+  consumed the full Actions quota before timing out
+- **`.github/workflows`**: `uneven-ci` job dependency chain fixed; `lint-and-typecheck` added as
+  a required dependency of the test job
+- **`local-release.sh`**: `wait_actions` fixed for `workflow_dispatch` trigger — was polling the
+  wrong event type and timing out immediately
+- **`build/release`**: tag-push trigger restored for darwin and win32 Actions builds
+- **`postinstall.ts`**: banner box alignment corrected
+
+### Changed
+
+- Version bumped to `0.16.0` across `package.json`, `Cargo.toml`, `napi_api.rs`, `session.ts`,
+  and `sbom-generator.ts`
+- Local release pipeline added (`build/local-release.sh`) — Linux builds locally, darwin and
+  win32 via Actions; win32 cross-compile via MinGW auto-detected if `gcc-mingw` is installed
+
+## [0.15.0] - 2026-04-14
+
+### Performance — local LLM inference
+
+- **`llm/inference.rs`**: replaced manual `argmax` with `candle_transformers::generation::LogitsProcessor` —
+  supports greedy decode (temperature=0, default) and temperature/top-p sampling
+- **`llm/inference.rs`**: added repetition penalty via `apply_repeat_penalty` on a 64-token sliding
+  window of generated output (default penalty=1.1) — prevents degenerate loops that previously
+  exhausted the full `max_tokens` budget without hitting EOS
+- **`llm/inference.rs`**: context-window guard — prompts exceeding `max_context - max_tokens` tokens
+  are truncated from the left (most-recent context kept); default `max_context=2048`
+- **`llm/inference.rs`**: `tokens.reserve(max_tokens)` — eliminates O(log n) Vec reallocations
+  during generation
+- **`api/napi_api.rs`**: `llm_infer` now accepts `temperature: f64` and `repeat_penalty: f64`;
+  TypeScript callers default to `temperature=0.0, repeatPenalty=1.1`
+
+## [0.14.1] - 2026-04-14
+
+### Fixed — CI
+
+- **`retrieval/mod.rs`**: gated `STORE_USEARCH` and `STORE_META_BIN` constants behind
+  `#[cfg(feature = "vector-store")]` — dead-code lint under `-D warnings` blocked CI on v0.14.0
+- **`retrieval/mod.rs`**: replaced `&*store` with `&store` in two `write_binary` call sites —
+  `clippy::explicit_auto_deref` lint also blocked CI
+- **`error-parser.ts`**: added `startsWith('PHP ')` fallback to `hasPHP` detection —
+  single-line PHP output was never parsed, causing 3 test failures in CI on v0.13.0
+
+## [0.14.0] - 2026-04-14
+
+### Performance — Rust core: vector store dual-backend
+
+- **`retrieval/mod.rs`**: replaced JSON persistence with bincode in the default HashMap backend —
+  10–50× smaller files, ~100× faster parse; atomic writes (tmp + rename) prevent corruption
+- **`retrieval/mod.rs`**: added optional HNSW backend (`--features vector-store`) via usearch —
+  O(log n) ANN search replaces O(n) brute-force; `StoreMeta` serialized with bincode; automatic
+  migration chain from legacy JSON and old bincode formats
+- **`retrieval/mod.rs`**: `VECTOR_STORE` changed from `Mutex` to `RwLock` — concurrent readers
+  no longer serialize during search
+- **`embeddings.rs`**: `BERT` changed from `Mutex` to `RwLock` — rayon threads in `batch_embed`
+  can now hold concurrent read locks, restoring true parallelism
+- **`api/napi_api.rs`**: `retrieval_search` returns `NapiRetrievalResult` struct instead of JSON
+  string — eliminates per-query `serde_json::to_string` + JS `JSON.parse` round-trip
+
+### Performance — TypeScript: indexing pipeline
+
+- **`engine.ts`**: `processFile` reads each file once (raw `Buffer`), reuses it for binary
+  detection, SHA-256 hash, and content extraction — eliminates two extra syscalls per file
+- **`engine.ts`**: `getFilesRecursive` parallelized with `Promise.all` — subdirectory traversal
+  no longer sequential
+- **`engine.ts`**: Phase 2B and Phase 2D use the same worker-pool pattern as Phase 2A —
+  `INDEX_CONCURRENCY` scales to `os.cpus().length`
+- **`engine.ts`**: `watch()` busy-wait loop replaced with event-driven `stopSignal` promise —
+  eliminates 1 s polling
+- **`engine.ts`**: `IGNORED_DIRS`, `SUPPORTED_EXTENSIONS`, `IGNORED_EXTENSIONS` converted to
+  module-level `Set` — O(1) lookup instead of O(n) array scan per file
+- **`incremental-index.ts`**: all sync I/O eliminated; `status`, `diff`, `needsIndexing` are
+  fully async; `diff` uses `Promise.all` for concurrent hash checks; `markIndexedWithHash`
+  avoids re-reading a file whose buffer was already read by the caller
+- **`supply-chain-auditor.ts`**: `editDistance` rewritten with two rolling rows (O(n) memory)
+  and early-exit when row minimum exceeds `maxDist` — O(m×n) → sublinear for typosquatting
+  threshold of 2
+
+## [0.13.0] - 2026-04-13
+
+### Fixed — Rust core: critical bug fixes and anti-pattern removal
+
+- **`embeddings.rs`**: extracted `embed_sync()` synchronous path for `batch_embed` — previous
+  implementation called `futures::executor::block_on(generate_embedding())` inside rayon threads,
+  which panicked at runtime because `block_in_place` is only valid on tokio worker threads
+- **`retrieval/mod.rs`**: removed redundant `Arc` wrapping from `VECTOR_STORE` static —
+  `Lazy<RwLock<T>>` is already thread-safe; the extra `Arc` added indirection with no benefit
+- **`inference.rs`**: removed dead `prompt_len` variable and its `let _ = prompt_len` suppressor
+- **`retrieval/mod.rs`**: removed unused `use std::sync::Arc` import
+
+### Fixed — Rust core: performance and correctness (previous session)
+
+- **`napi_api.rs`**: replaced hardcoded `"0.12.3"` with `UNEVEN_VERSION` constant in `get_engine_info()`
+- **`napi_api.rs`**: removed `spawn_blocking(|| block_on(...))` anti-pattern — CPU-bound LLM
+  inference now offloaded correctly via `block_in_place` inside `run_inference`
+- **`inference.rs`**: removed `Arc` from `LLAMA`, `LOADED_MODEL`, `INTERRUPT` statics
+- **`embeddings.rs`**: wrapped BERT forward pass in `block_in_place` to prevent tokio starvation
+- **`retrieval/mod.rs`**: replaced O(n log n) full sort with O(n log k) min-heap in `semantic_search`;
+  replaced blocking `std::fs` calls with async `tokio::fs` in `init_store` and `persist_store`
+- **`error_parser.rs`**: regex compiled once via `Lazy<Regex>` instead of on every parse call
+- **`file_loader.rs`**: `is_supported()` changed from O(n) `Vec::contains` to O(1) `HashSet` lookup
+  via `OnceLock`; `FileLoader` struct is now zero-sized
+- **`port_scanner.rs`**: `scan_common_ports` changed from sequential to concurrent via `join_all`,
+  reducing wall time from ~9 s to ~1 s
+
+### Fixed — TypeScript layer: bugs and anti-patterns
+
+- **`git-manager.ts`**: `undoLastFix` and `listFixCommits` were grepping for `"uneven-ai"` but
+  `commitFix` generates messages with `"fix(uneven):"` — both commands were completely broken
+- **`bridge.ts`**: duplicate `process.env.UNEVEN_DEBUG` condition `|| process.env.UNEVEN_DEBUG`
+  removed (always evaluated the same branch)
+- **`logger/index.ts`**: duplicate `=== '1' || === '1'` condition collapsed to single check
+- **`process-watcher.ts`**: `command.split(' ')` replaced with quoted-arg-aware regex tokenizer —
+  commands with quoted arguments (e.g. `npm run "my script"`) were split incorrectly
+- **`process-lock.ts`**: `process.on()` replaced with `process.once()` for exit/signal handlers —
+  repeated `watch` invocations were stacking handlers
+- **`web-scraper.ts`**: `fetchMultiple` changed from sequential loop to `Promise.allSettled`;
+  `urlToId` hash upgraded from charCode-sum to FNV-1a 32-bit for better distribution
+- **`chunker.ts`**: removed O(n) `.includes()` guard before `.push()` in line-tracking loop —
+  was causing chunks to silently drop line references on large files
+- **`error-parser.ts`**: added O(1) pre-scan dispatch — only relevant parsers run per error,
+  skipping all 9 parsers for every line
+- **`data-analyst.ts`**: fixed `raw.length + (raw.length - raw.length)` expression (always
+  equalled `raw.length`) — total-before-filter count now captured correctly before filtering
+- **`sbom-generator.ts`**: stale fallback version updated
+- **`incremental-index.ts`**: `save()` now wraps atomic write in try/catch and unlinks temp file
+  on failure to prevent corrupted state replacing valid state on next run
+- **`cli/index.ts`**: dead third condition in help display logic removed
+
+### Fixed — TypeScript layer: second-pass subtle bugs
+
+- **`supply-chain-auditor.ts`**: phantom-package inner condition `const inLock` was always false
+  (outer `if` already guaranteed `!lockedPkgs.has(pkgName)`) — dead code removed
+- **`supply-chain-auditor.ts`**: typosquatting loop used `break` on exact name match, exiting
+  the entire popular-packages loop instead of skipping only that entry — changed to `continue`
+- **`engine.ts`**: shadowed `threads` re-declaration inside `if (isNativeAvailable())` removed;
+  fixed indentation that made `initLlmEngine` appear outside the conditional block
+
+### Changed
+
+- Version bumped to `0.13.0` across `package.json`, `Cargo.toml`, `napi_api.rs`,
+  `session.ts`, and `sbom-generator.ts`
+
 ## [0.12.0] - 2026-04-12
 
 ### Changed — Pure Clean Architecture Refactor (Stages 1 & 2)

package/README.md

@@ -11,7 +11,7 @@
 >
 > Embeds a **local LLM**, indexes your entire codebase, watches running terminals in real time, **autonomously fixes errors**, scans for **malicious code and compromised dependencies**, runs a built-in **AI data analyst**, performs **scoped security testing**, and generates **shareable reports** — all from a single CLI.
 >
-> **Rust-powered high-performance engine** with **Modular Clean Architecture**. Zero network dependencies.
+> **High-performance native engine** with **Modular Clean Architecture**. Zero network dependencies.
 
 ## 🏗️ Architecture
 
@@ -63,7 +63,7 @@ Requirements vary significantly depending on the **brain provider** you choose.
 
 > Uneven AI itself uses ~512 MB. The Ollama daemon handles model memory independently — RAM required depends on the model you pull (e.g. `llama3.2` ~2 GB).
 
-### Local brain (LLaMA via Candle — no API, no cloud)
+### Local brain (LLaMA — no API, no cloud)
 
 | Item | Minimum | Recommended |
 |---|---|---|
@@ -72,7 +72,7 @@ Requirements vary significantly depending on the **brain provider** you choose.
 | Disk | 200 MB (embeddings) | 2 GB+ (local LLM) |
 | OS | Linux, macOS, Windows 11 (Native) | Linux / macOS |
 
-> The independent local mode loads a high-precision neural model directly into system memory. This ensures 100% offline operation and absolute data sovereignty with zero external dependencies.
+> The independent local mode loads a neural model directly into system memory. This ensures 100% offline operation and absolute data sovereignty with zero external dependencies.
 
 ---
 

package/dist/application/analysis/dashboard-generator.js

@@ -225,11 +225,14 @@ function buildChartSection(result, chartType) {
             tension: 0.3,
         }));
     }
-    const chartData = JSON.stringify({
+    // Escape </script> inside JSON to prevent premature termination of the
+    // surrounding <script> block when database values contain that sequence.
+    const escapeScript = (json) => json.replace(/<\/script>/gi, '<\\/script>');
+    const chartData = escapeScript(JSON.stringify({
         labels: chartType === 'scatter' ? undefined : labels,
         datasets,
-    });
-    const chartOptions = JSON.stringify({
+    }));
+    const chartOptions = escapeScript(JSON.stringify({
         responsive: true,
         plugins: {
             legend: { labels: { color: '#94a3b8' } },
@@ -239,7 +242,7 @@ function buildChartSection(result, chartType) {
             x: { ticks: { color: '#64748b' }, grid: { color: '#1e293b' } },
             y: { ticks: { color: '#64748b' }, grid: { color: '#334155' } },
         },
-    });
+    }));
     return `<canvas id="mainChart"></canvas>
 <script>
   new Chart(document.getElementById('mainChart'), {

package/dist/application/analysis/data-analyst.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"data-analyst.d.ts","sourceRoot":"","sources":["../../../src/application/analysis/data-analyst.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,+BAA+B,CAAA;AAEtD,OAAO,EAAE,mBAAmB,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAA;AAUhF,MAAM,MAAM,MAAM,GAAG,YAAY,GAAG,OAAO,GAAG,QAAQ,GAAG,SAAS,CAAA;AAElE,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;CAClB;AAED,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,UAAU,EAAE,CAAA;IACrB,0DAA0D;IAC1D,QAAQ,CAAC,EAAE,MAAM,CAAA;CAClB;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,MAAM,EAAE,CAAA;IACjB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAA;IAC/B,QAAQ,EAAE,MAAM,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;CACnB;AAED,MAAM,WAAW,cAAc;IAC7B,GAAG,EAAE,MAAM,CAAA;IACX,WAAW,EAAE,MAAM,CAAA;IACnB,gEAAgE;IAChE,cAAc,EAAE,OAAO,CAAA;CACxB;AAOD,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAQ;IACtB,OAAO,CAAC,UAAU,CAAY;IAC9B,OAAO,CAAC,MAAM,CAAsB;IACpC,OAAO,CAAC,MAAM,CAAoB;IAClC,QAAQ,CAAC,QAAQ,EAAE,mBAAmB,CAAA;gBAE1B,MAAM,EAAE,MAAM,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC;IAO9D,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IA+CrC,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAYjC;;;;;;;OAOG;IACG,gBAAgB,CAAC,aAAa,CAAC,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IAoDxE;;;OAGG;IACG,kBAAkB,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IAqC7C;;;OAGG;IACG,eAAe,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YA2B5B,kBAAkB;YAqBlB,eAAe;YAqBf,gBAAgB;YA4BhB,eAAe;IAwB7B;;;OAGG;IACG,WAAW,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC;IAgE/D;;;OAGG;IACG,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG;QAAE,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;IAiFpF,SAAS,IAAI,WAAW,EAAE;IAC1B,SAAS,IAAI,MAAM,GAAG,IAAI;CAC3B;AAID,8DAA8D;AAC9D,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAOhD"}
+{"version":3,"file":"data-analyst.d.ts","sourceRoot":"","sources":["../../../src/application/analysis/data-analyst.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,+BAA+B,CAAA;AAEtD,OAAO,EAAE,mBAAmB,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAA;AAUhF,MAAM,MAAM,MAAM,GAAG,YAAY,GAAG,OAAO,GAAG,QAAQ,GAAG,SAAS,CAAA;AAElE,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,QAAQ,EAAE,OAAO,CAAA;CAClB;AAED,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,UAAU,EAAE,CAAA;IACrB,0DAA0D;IAC1D,QAAQ,CAAC,EAAE,MAAM,CAAA;CAClB;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,MAAM,EAAE,CAAA;IACjB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAA;IAC/B,QAAQ,EAAE,MAAM,CAAA;IAChB,UAAU,EAAE,MAAM,CAAA;CACnB;AAED,MAAM,WAAW,cAAc;IAC7B,GAAG,EAAE,MAAM,CAAA;IACX,WAAW,EAAE,MAAM,CAAA;IACnB,gEAAgE;IAChE,cAAc,EAAE,OAAO,CAAA;CACxB;AAOD,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAQ;IACtB,OAAO,CAAC,UAAU,CAAY;IAC9B,OAAO,CAAC,MAAM,CAAsB;IACpC,OAAO,CAAC,MAAM,CAAoB;IAClC,QAAQ,CAAC,QAAQ,EAAE,mBAAmB,CAAA;gBAE1B,MAAM,EAAE,MAAM,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,cAAc,CAAC;IAO9D,OAAO,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IA+CrC,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAYjC;;;;;;;OAOG;IACG,gBAAgB,CAAC,aAAa,CAAC,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;IAqDxE;;;OAGG;IACG,kBAAkB,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;IAqC7C;;;OAGG;IACG,eAAe,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YA2B5B,kBAAkB;YAqBlB,eAAe;YAqBf,gBAAgB;YAgChB,eAAe;IAqC7B;;;OAGG;IACG,WAAW,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC;IAsE/D;;;OAGG;IACG,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG;QAAE,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;IAmFpF,SAAS,IAAI,WAAW,EAAE;IAC1B,SAAS,IAAI,MAAM,GAAG,IAAI;CAC3B;AAID,8DAA8D;AAC9D,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAOhD"}

package/dist/application/analysis/data-analyst.js

@@ -124,9 +124,10 @@ export class DataAnalyst {
         }
         // ── User table filter ─────────────────────────────────────────────────────
         if (allowedTables && allowedTables.length > 0) {
+            const totalBeforeFilter = raw.length;
             const allowed = new Set(allowedTables.map(t => t.toLowerCase()));
             raw = raw.filter(t => allowed.has(t.name.toLowerCase()));
-            this.logger.info(`DataAnalyst: Filtered to ${raw.length}/${raw.length + (raw.length - raw.length)} tables per user selection`);
+            this.logger.info(`DataAnalyst: Filtered to ${raw.length}/${totalBeforeFilter} tables per user selection`);
         }
         // ── Table count safety cap ────────────────────────────────────────────────
         if (raw.length > SCHEMA_TABLE_LIMIT) {
@@ -254,7 +255,11 @@ Suggestions:`;
             .whereNot('name', 'like', 'sqlite_%');
         const result = [];
         for (const { name } of tables) {
-            const cols = await this.connection.raw(`PRAGMA table_info(${name})`);
+            // Double-quote the table name and escape any embedded double-quotes
+            // (SQLite identifier quoting: "" → literal ") to prevent malformed
+            // PRAGMA calls if a table name contains special characters.
+            const quotedName = `"${name.replace(/"/g, '""')}"`;
+            const cols = await this.connection.raw(`PRAGMA table_info(${quotedName})`);
             const countRes = await this.connection.raw(`SELECT COUNT(*) AS cnt FROM "${name}"`);
             const rowCount = countRes[0]?.cnt ?? 0;
             result.push({
@@ -274,14 +279,24 @@ Suggestions:`;
         const collections = await db.listCollections().toArray();
         const result = [];
         for (const col of collections) {
-            const sample = await db.collection(col.name).findOne({});
             const count = await db.collection(col.name).estimatedDocumentCount();
-            const columns = sample
-                ? Object.entries(sample).map(([k, v]) => ({
-                    name: k,
-                    type: Array.isArray(v) ? 'array' : typeof v,
-                    nullable: true,
-                }))
+            // Sample up to 20 documents to build a union of all field names and
+            // types. A single findOne() misses fields that only appear in some
+            // documents, and returns a near-empty schema for heterogeneous collections.
+            const samples = await db
+                .collection(col.name)
+                .find({})
+                .limit(20)
+                .toArray();
+            // Build a field→type map; last-seen type wins on conflicts
+            const fieldMap = new Map();
+            for (const doc of samples) {
+                for (const [k, v] of Object.entries(doc)) {
+                    fieldMap.set(k, Array.isArray(v) ? 'array' : typeof v);
+                }
+            }
+            const columns = fieldMap.size > 0
+                ? Array.from(fieldMap.entries()).map(([name, type]) => ({ name, type, nullable: true }))
                 : [{ name: '_id', type: 'ObjectId', nullable: false }];
             result.push({ name: col.name, columns, rowCount: count });
         }
@@ -300,7 +315,13 @@ Suggestions:`;
                 cannotGenerate: true,
             };
         }
+        // Cap at 40 tables to keep the prompt within the local LLM's context window.
+        // suggestAnalyses uses 20; here we allow more since accuracy matters more.
+        // Tables beyond the cap are still protected by Layers 1-3 — they just won't
+        // be available for LLM-generated queries in this session.
+        const GENERATE_TABLE_LIMIT = 40;
         const schemaText = this.schema
+            .slice(0, GENERATE_TABLE_LIMIT)
             .map(t => {
             const cols = t.columns.map(c => `    ${c.name} ${c.type}${c.nullable ? '' : ' NOT NULL'}`).join(',\n');
             return `  Table: ${t.name}${t.rowCount != null ? ` (~${t.rowCount} rows)` : ''}\n${cols}`;
@@ -380,8 +401,9 @@ SQL:`;
                 rows = await withTimeout(this.connection.raw(sql), DB_QUERY_TIMEOUT_MS, 'SQL query');
             }
             else if (this.dbType === 'mongodb') {
-                // MongoDB: parse the pseudo-SQL to extract collection name and run a find()
-                // Supports "SELECT ... FROM <collection> [WHERE ...] [LIMIT n]"
+                // MongoDB: parse the pseudo-SQL to extract collection name, WHERE filter,
+                // and LIMIT, then run a find() with the resulting filter document.
+                // Supports: SELECT ... FROM <collection> [WHERE <field> = <value> [AND ...]] [LIMIT n]
                 const fromMatch = /FROM\s+(\w+)/i.exec(sql);
                 const limitMatch = /LIMIT\s+(\d+)/i.exec(sql);
                 if (!fromMatch) {
@@ -389,8 +411,9 @@ SQL:`;
                 }
                 const collName = fromMatch[1];
                 const limit = limitMatch ? parseInt(limitMatch[1]) : 100;
+                const filter = parseMongoWhereClause(sql);
                 const db = this.connection.db();
-                const docs = await withTimeout(db.collection(collName).find({}).limit(limit).toArray(), DB_QUERY_TIMEOUT_MS, 'MongoDB find');
+                const docs = await withTimeout(db.collection(collName).find(filter).limit(limit).toArray(), DB_QUERY_TIMEOUT_MS, 'MongoDB find');
                 rows = docs.map((d) => {
                     const flat = {};
                     for (const [k, v] of Object.entries(d)) {
@@ -433,6 +456,49 @@ export function isSafeQuery(sql) {
     const dangerous = /\b(INSERT|UPDATE|DELETE|DROP|TRUNCATE|ALTER|CREATE|GRANT|REVOKE|EXEC|EXECUTE|PRAGMA\s+(?!TABLE_INFO|INDEX_LIST|FOREIGN_KEY_LIST))\b/;
     return !dangerous.test(normalized);
 }
+/**
+ * Extract simple equality conditions from a SQL WHERE clause and convert them
+ * to a MongoDB filter document.
+ *
+ * Supports: field = 'value', field = 123, field = true/false/null,
+ *           combined with AND (OR is not converted — returns {} on OR clauses).
+ * Conditions that cannot be parsed are silently skipped so the query still
+ * runs rather than throwing, matching the best-effort nature of pseudo-SQL.
+ */
+function parseMongoWhereClause(sql) {
+    // Extract the WHERE clause (everything between WHERE and ORDER/LIMIT/GROUP/end)
+    const whereMatch = /WHERE\s+(.+?)(?:\s+(?:ORDER|LIMIT|GROUP|HAVING)\b|$)/is.exec(sql);
+    if (!whereMatch)
+        return {};
+    const whereClause = whereMatch[1].trim();
+    // Bail out on OR conditions — too complex to map reliably to Mongo filter
+    if (/\bOR\b/i.test(whereClause))
+        return {};
+    const filter = {};
+    // Match field = value pairs (AND-separated)
+    // Handles: field = 'string', field = "string", field = number, field = true/false/null
+    const conditionRx = /(\w+)\s*=\s*(?:'([^']*)'|"([^"]*)"|(true|false|null|-?\d+(?:\.\d+)?))/gi;
+    let match;
+    while ((match = conditionRx.exec(whereClause)) !== null) {
+        const field = match[1];
+        const strVal = match[2] ?? match[3];
+        const literalVal = match[4];
+        if (strVal !== undefined) {
+            filter[field] = strVal;
+        }
+        else if (literalVal !== undefined) {
+            if (literalVal === 'true')
+                filter[field] = true;
+            else if (literalVal === 'false')
+                filter[field] = false;
+            else if (literalVal === 'null')
+                filter[field] = null;
+            else
+                filter[field] = parseFloat(literalVal);
+        }
+    }
+    return filter;
+}
 function sanitizeUrl(url) {
     try {
         const u = new URL(url);

package/dist/application/analysis/data-security-context.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"data-security-context.d.ts","sourceRoot":"","sources":["../../../src/application/analysis/data-security-context.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAIjE,MAAM,WAAW,cAAc;IAC7B;;;;OAIG;IACH,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IAEzB;;;;OAIG;IACH,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;IAExB;;;;OAIG;IACH,sBAAsB,CAAC,EAAE,MAAM,EAAE,CAAA;IAEjC;;;OAGG;IACH,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAC3B;AAED,MAAM,WAAW,WAAW;IAC1B,+CAA+C;IAC/C,UAAU,EAAE,OAAO,CAAA;IACnB,sDAAsD;IACtD,OAAO,EAAE,MAAM,EAAE,CAAA;CAClB;AAID;;;GAGG;AACH,eAAO,MAAM,cAAc,EAAE,QAAQ,CAAC,cAAc,CAmDnD,CAAA;AAID,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,MAAM,CAA0B;IACxC,kEAAkE;IAClE,OAAO,CAAC,cAAc,CAAyC;IAC/D,OAAO,CAAC,aAAa,CAA2C;gBAEpD,MAAM,GAAE,OAAO,CAAC,cAAc,CAAM;IAiChD;;;OAGG;IACH,YAAY,CAAC,MAAM,EAAE,WAAW,EAAE,GAAG;QAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;QAAC,KAAK,EAAE,WAAW,CAAA;KAAE;IA6BpF;;;;OAIG;IACH,QAAQ,CAAC,GAAG,EAAE,MAAM,GAAG,WAAW;IAuClC;;;OAGG;IACH,UAAU,CAAC,MAAM,EAAE,WAAW,GAAG;QAAE,MAAM,EAAE,WAAW,CAAC;QAAC,KAAK,EAAE,WAAW,CAAA;KAAE;IA8C5E;;;OAGG;IACH,gBAAgB,IAAI,MAAM;IAiB1B,SAAS,IAAI,QAAQ,CAAC,cAAc,CAAC;IAIrC,OAAO,CAAC,eAAe;IAUvB,OAAO,CAAC,cAAc;CAGvB"}
+{"version":3,"file":"data-security-context.d.ts","sourceRoot":"","sources":["../../../src/application/analysis/data-security-context.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAIjE,MAAM,WAAW,cAAc;IAC7B;;;;OAIG;IACH,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IAEzB;;;;OAIG;IACH,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;IAExB;;;;OAIG;IACH,sBAAsB,CAAC,EAAE,MAAM,EAAE,CAAA;IAEjC;;;OAGG;IACH,gBAAgB,CAAC,EAAE,OAAO,CAAA;CAC3B;AAED,MAAM,WAAW,WAAW;IAC1B,+CAA+C;IAC/C,UAAU,EAAE,OAAO,CAAA;IACnB,sDAAsD;IACtD,OAAO,EAAE,MAAM,EAAE,CAAA;CAClB;AAID;;;GAGG;AACH,eAAO,MAAM,cAAc,EAAE,QAAQ,CAAC,cAAc,CAmDnD,CAAA;AAID,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,MAAM,CAA0B;IACxC,kEAAkE;IAClE,OAAO,CAAC,cAAc,CAAyC;IAC/D,OAAO,CAAC,aAAa,CAA2C;gBAEpD,MAAM,GAAE,OAAO,CAAC,cAAc,CAAM;IAmChD;;;OAGG;IACH,YAAY,CAAC,MAAM,EAAE,WAAW,EAAE,GAAG;QAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;QAAC,KAAK,EAAE,WAAW,CAAA;KAAE;IA6BpF;;;;OAIG;IACH,QAAQ,CAAC,GAAG,EAAE,MAAM,GAAG,WAAW;IAuClC;;;OAGG;IACH,UAAU,CAAC,MAAM,EAAE,WAAW,GAAG;QAAE,MAAM,EAAE,WAAW,CAAC;QAAC,KAAK,EAAE,WAAW,CAAA;KAAE;IA8C5E;;;OAGG;IACH,gBAAgB,IAAI,MAAM;IAiB1B,SAAS,IAAI,QAAQ,CAAC,cAAc,CAAC;IAIrC,OAAO,CAAC,eAAe;IAUvB,OAAO,CAAC,cAAc;CAGvB"}

package/dist/application/analysis/data-security-context.js

@@ -97,7 +97,9 @@ export class DataSecurityContext {
         for (const col of this.policy.blockedColumns) {
             if (col.startsWith('*')) {
                 const suffix = col.slice(1);
-                this.columnPatterns.push({ col, rx: new RegExp(`\\w+${escapeRegex(suffix)}\\b`, 'i') });
+                // \w* (zero-or-more) instead of \w+ so a column whose name IS the
+                // suffix (e.g. a column literally named "_password") is also matched.
+                this.columnPatterns.push({ col, rx: new RegExp(`\\w*${escapeRegex(suffix)}\\b`, 'i') });
             }
             else {
                 this.columnPatterns.push({ col, rx: new RegExp(`\\b${escapeRegex(col)}\\b`, 'i') });
@@ -223,7 +225,7 @@ export class DataSecurityContext {
         const wildcards = this.policy.blockedColumns.filter(c => c.startsWith('*'));
         const lines = [
             'SECURITY RULES — you MUST follow these unconditionally:',
-            '- NEVER SELECT: ' + exactCols.slice(0, 30).join(', '),
+            '- NEVER SELECT: ' + exactCols.join(', '),
             wildcards.length > 0
                 ? '- NEVER SELECT any column whose name ends with: ' + wildcards.map(w => w.slice(1)).join(', ')
                 : '',

package/dist/application/analysis/excel-exporter.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"excel-exporter.d.ts","sourceRoot":"","sources":["../../../src/application/analysis/excel-exporter.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAIpD,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,wCAAwC;IACxC,YAAY,CAAC,EAAE,OAAO,CAAA;IACtB,6CAA6C;IAC7C,OAAO,CAAC,EAAE,OAAO,CAAA;CAClB;AAED,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,MAAM,CAAA;IACd,WAAW,EAAE,MAAM,CAAA;CACpB;AAED,qBAAa,aAAa;IACxB;;OAEG;IACG,YAAY,CAAC,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;IAsBtF;;OAEG;IACG,cAAc,CAClB,OAAO,EAAE,KAAK,CAAC;QAAE,MAAM,EAAE,WAAW,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC,EAC1D,OAAO,EAAE,aAAa,GACrB,OAAO,CAAC,YAAY,CAAC;IA2BxB,OAAO,CAAC,UAAU;CAwEnB"}
+{"version":3,"file":"excel-exporter.d.ts","sourceRoot":"","sources":["../../../src/application/analysis/excel-exporter.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAA;AAIpD,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,MAAM,CAAA;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,wCAAwC;IACxC,YAAY,CAAC,EAAE,OAAO,CAAA;IACtB,6CAA6C;IAC7C,OAAO,CAAC,EAAE,OAAO,CAAA;CAClB;AAED,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,MAAM,CAAA;IACd,WAAW,EAAE,MAAM,CAAA;CACpB;AAED,qBAAa,aAAa;IACxB;;OAEG;IACG,YAAY,CAAC,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,YAAY,CAAC;IAqBtF;;OAEG;IACG,cAAc,CAClB,OAAO,EAAE,KAAK,CAAC;QAAE,MAAM,EAAE,WAAW,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC,EAC1D,OAAO,EAAE,aAAa,GACrB,OAAO,CAAC,YAAY,CAAC;IA0BxB,OAAO,CAAC,UAAU;CAwEnB"}