vibeclean 1.0.0

package/src/analyzers/errorhandling.js

@@ -0,0 +1,216 @@
+import { severityFromScore, scoreFromRatio, countMatches, parseAst } from "./utils.js";
+
+function countAwaitStats(fileContent) {
+  const ast = parseAst(fileContent);
+  if (!ast) {
+    return { totalAwait: countMatches(fileContent, /\bawait\b/g), unhandledAwait: 0 };
+  }
+
+  const counters = {
+    totalAwait: 0,
+    unhandledAwait: 0
+  };
+
+  function hasCatchChain(node) {
+    if (!node || typeof node !== "object") {
+      return false;
+    }
+
+    if (
+      node.type === "CallExpression" &&
+      node.callee?.type === "MemberExpression" &&
+      !node.callee.computed &&
+      node.callee.property?.type === "Identifier" &&
+      node.callee.property.name === "catch"
+    ) {
+      return true;
+    }
+
+    if (node.type === "CallExpression" && node.callee?.type === "MemberExpression") {
+      return hasCatchChain(node.callee.object);
+    }
+
+    return false;
+  }
+
+  function visit(node, inTryBlock = false) {
+    if (!node || typeof node !== "object") {
+      return;
+    }
+
+    if (node.type === "AwaitExpression") {
+      counters.totalAwait += 1;
+      if (!inTryBlock && !hasCatchChain(node.argument)) {
+        counters.unhandledAwait += 1;
+      }
+    }
+
+    if (node.type === "TryStatement") {
+      visit(node.block, true);
+      if (node.handler) {
+        visit(node.handler, false);
+      }
+      if (node.finalizer) {
+        visit(node.finalizer, false);
+      }
+      return;
+    }
+
+    for (const key of Object.keys(node)) {
+      const value = node[key];
+      if (Array.isArray(value)) {
+        for (const child of value) {
+          if (child?.type) {
+            visit(child, inTryBlock);
+          }
+        }
+      } else if (value?.type) {
+        visit(value, inTryBlock);
+      }
+    }
+  }
+
+  visit(ast, false);
+  return counters;
+}
+
+export function analyzeErrorHandling(files) {
+  let totalFunctions = 0;
+  let tryBlocks = 0;
+  let catchBlocks = 0;
+  let emptyCatch = 0;
+  let catchLogOnly = 0;
+  let unhandledAwait = 0;
+  let thenChains = 0;
+  let catchChains = 0;
+  let throwCount = 0;
+  let returnNullCount = 0;
+  let returnErrorObjectCount = 0;
+  let totalAwait = 0;
+
+  for (const file of files) {
+    const content = file.content;
+
+    totalFunctions += countMatches(
+      content,
+      /(?:async\s+)?function\s+[A-Za-z_$][A-Za-z0-9_$]*\s*\(|\b[A-Za-z_$][A-Za-z0-9_$]*\s*=\s*(?:async\s*)?\([^)]*\)\s*=>|\([^)]*\)\s*=>\s*\{/g
+    );
+
+    tryBlocks += countMatches(content, /\btry\s*\{/g);
+    catchBlocks += countMatches(content, /\bcatch\s*\(/g);
+
+    emptyCatch += countMatches(content, /catch\s*\([^)]*\)\s*\{\s*\}/gs);
+    catchLogOnly += countMatches(
+      content,
+      /catch\s*\([^)]*\)\s*\{\s*console\.(?:log|warn|error|debug)\([^)]*\);?\s*\}/gs
+    );
+
+    const awaitStats = countAwaitStats(content);
+    totalAwait += awaitStats.totalAwait;
+    unhandledAwait += awaitStats.unhandledAwait;
+
+    thenChains += countMatches(content, /\.then\s*\(/g);
+    catchChains += countMatches(content, /\.catch\s*\(/g);
+
+    throwCount += countMatches(content, /\bthrow\b/g);
+    returnNullCount += countMatches(content, /return\s+null\b/g);
+    returnErrorObjectCount += countMatches(content, /return\s+\{\s*error\s*[:}]|return\s+error\b/g);
+  }
+
+  const functionsWithTry = Math.min(totalFunctions, tryBlocks);
+  const handledRate = totalFunctions ? Math.round((functionsWithTry / totalFunctions) * 100) : 100;
+  const promiseWithoutCatch = Math.max(0, thenChains - catchChains);
+
+  const findings = [];
+  if (handledRate < 60) {
+    findings.push({
+      severity: handledRate < 40 ? "high" : "medium",
+      message: `Only ${handledRate}% of detected functions use try/catch.`
+    });
+  }
+
+  if (emptyCatch > 0) {
+    findings.push({
+      severity: "high",
+      message: `${emptyCatch} empty catch blocks found.`
+    });
+  }
+
+  if (catchLogOnly > 0) {
+    findings.push({
+      severity: "medium",
+      message: `${catchLogOnly} catch blocks only log errors and do not recover or rethrow.`
+    });
+  }
+
+  if (unhandledAwait > 0) {
+    findings.push({
+      severity: "high",
+      message: `${unhandledAwait} await calls appear to be outside local try/catch context.`
+    });
+  }
+
+  if (promiseWithoutCatch > 0) {
+    findings.push({
+      severity: "medium",
+      message: `${promiseWithoutCatch} promise chains appear to miss .catch() handling.`
+    });
+  }
+
+  const mixedPatterns =
+    (throwCount > 0 ? 1 : 0) +
+    (returnNullCount > 0 ? 1 : 0) +
+    (returnErrorObjectCount > 0 ? 1 : 0);
+
+  if (mixedPatterns > 1) {
+    findings.push({
+      severity: "medium",
+      message: "Mixed error return patterns detected (throw, return null, and/or return error objects)."
+    });
+  }
+
+  const awaitRisk = totalAwait ? (unhandledAwait / totalAwait) * 2 : 0;
+  const promiseRisk = thenChains ? (promiseWithoutCatch / thenChains) * 2 : 0;
+  const signal =
+    (handledRate < 50 ? (50 - handledRate) / 18 : 0) +
+    emptyCatch * 1.5 +
+    catchLogOnly +
+    awaitRisk +
+    promiseRisk;
+
+  const score = Math.min(10, scoreFromRatio(signal / Math.max(files.length * 0.8, 1), 10));
+
+  return {
+    id: "errorhandling",
+    title: "ERROR HANDLING",
+    score,
+    severity: severityFromScore(score),
+    totalIssues: findings.length,
+    summary:
+      findings.length > 0
+        ? "Inconsistent error handling patterns detected in async and promise code paths."
+        : "Error handling patterns look reasonably consistent.",
+    metrics: {
+      totalFunctions,
+      functionsWithTry,
+      handledRate,
+      tryBlocks,
+      catchBlocks,
+      emptyCatch,
+      catchLogOnly,
+      totalAwait,
+      unhandledAwait,
+      promiseWithoutCatch,
+      throwCount,
+      returnNullCount,
+      returnErrorObjectCount
+    },
+    recommendations: [
+      "Wrap async operations in try/catch and surface errors consistently.",
+      "Avoid empty catch blocks and catch-and-log-only handlers.",
+      "Use one error propagation pattern across the codebase."
+    ],
+    findings
+  };
+}
+

package/src/analyzers/leftovers.js

@@ -0,0 +1,422 @@
+import { severityFromScore, scoreFromRatio } from "./utils.js";
+
+const TODO_RE = /\/\/\s*(TODO|FIXME|HACK|XXX)\b.*$/gim;
+const AI_TODO_RE = /\/\/\s*TODO\s*:\s*(implement this|add error handling|replace with actual implementation|improve this|finish this)/gim;
+const CONSOLE_RE = /\bconsole\.(log|warn|error|debug|trace)\s*\(/g;
+const LOCALHOST_RE = /(https?:\/\/(?:localhost|127\.0\.0\.1)(?::\d+)?[\w\-/?.=&]*)/gi;
+const PLACEHOLDER_RE =
+  /(your-api-key-here|sk-[xX]{3,}|pk_test_[a-zA-Z0-9]+|REPLACE_ME|test@test\.com|user@example\.com|admin@admin\.com|(?:password|passwd|pwd|secret|api[_-]?key)\s*[:=]\s*["'`](?:password123|admin|test)["'`])/gi;
+const LOREM_RE = /lorem ipsum/gi;
+const AI_COMMENT_RE = /\/\/\s*(AI generated|Generated by|Created by Copilot|This function\b.*)/gim;
+const MAX_LOCATIONS_PER_FINDING = 12;
+
+function countCommentedOutBlocks(content) {
+  const lines = content.split("\n");
+  let blocks = 0;
+  let linesInBlocks = 0;
+  let streak = 0;
+  const blockLocations = [];
+
+  for (let index = 0; index < lines.length; index += 1) {
+    const line = lines[index];
+    if (/^\s*\/\//.test(line) && /[;{}()[\]=]|\b(const|let|var|if|for|while|return|import|export|function|class)\b/.test(line)) {
+      if (streak === 0) {
+        blockLocations.push(index + 1);
+      }
+      streak += 1;
+    } else {
+      if (streak >= 3) {
+        blocks += 1;
+        linesInBlocks += streak;
+      } else if (streak > 0) {
+        blockLocations.pop();
+      }
+      streak = 0;
+    }
+  }
+
+  if (streak >= 3) {
+    blocks += 1;
+    linesInBlocks += streak;
+  } else if (streak > 0) {
+    blockLocations.pop();
+  }
+
+  return { blocks, linesInBlocks, blockLocations };
+}
+
+function lineNumberAtIndex(content, index) {
+  return content.slice(0, index).split("\n").length;
+}
+
+function lineAtNumber(content, lineNumber) {
+  return content.split("\n")[lineNumber - 1] || "";
+}
+
+function lineSnippet(content, lineNumber) {
+  const line = lineAtNumber(content, lineNumber);
+  return line.trim().slice(0, 140);
+}
+
+function collectRegexLocations(content, regex, relativePath, maxLocations) {
+  const flags = regex.flags.includes("g") ? regex.flags : `${regex.flags}g`;
+  const probe = new RegExp(regex.source, flags);
+  const locations = [];
+  const seen = new Set();
+
+  for (const match of content.matchAll(probe)) {
+    const index = typeof match.index === "number" ? match.index : 0;
+    const line = lineNumberAtIndex(content, index);
+    const locationKey = `${relativePath}:${line}`;
+    if (seen.has(locationKey)) {
+      continue;
+    }
+    seen.add(locationKey);
+    locations.push({
+      file: relativePath,
+      line,
+      snippet: lineSnippet(content, line)
+    });
+    if (locations.length >= maxLocations) {
+      break;
+    }
+  }
+
+  return locations;
+}
+
+function normalizePath(value = "") {
+  return value.replace(/\\/g, "/");
+}
+
+function matchesPathPrefix(relativePath, prefixes = []) {
+  const normalizedPath = normalizePath(relativePath);
+  for (const prefix of prefixes) {
+    if (!prefix) {
+      continue;
+    }
+    const normalizedPrefix = normalizePath(prefix);
+    if (normalizedPath.startsWith(normalizedPrefix)) {
+      return true;
+    }
+  }
+  return false;
+}
+
+function isDetectorRegexDefinitionLine(content, index) {
+  const lineNumber = lineNumberAtIndex(content, index);
+  const line = lineAtNumber(content, lineNumber).trim();
+  const prevLine = lineAtNumber(content, lineNumber - 1).trim();
+
+  if (/^const\s+[A-Z_]+_RE\s*=/.test(line) && /\/.+\/[gimsuy]*;?$/.test(line)) {
+    return true;
+  }
+
+  if (/^\/.+\/[gimsuy]*;?$/.test(line) && /^const\s+[A-Z_]+_RE\s*=\s*$/.test(prevLine)) {
+    return true;
+  }
+
+  return false;
+}
+
+function collectRegexMatches(content, regex, relativePath, maxLocations, skipMatch) {
+  const flags = regex.flags.includes("g") ? regex.flags : `${regex.flags}g`;
+  const probe = new RegExp(regex.source, flags);
+  let count = 0;
+  const locations = [];
+  const seen = new Set();
+
+  for (const match of content.matchAll(probe)) {
+    const index = typeof match.index === "number" ? match.index : 0;
+    if (typeof skipMatch === "function" && skipMatch(index, match)) {
+      continue;
+    }
+
+    count += 1;
+
+    if (locations.length >= maxLocations) {
+      continue;
+    }
+
+    const line = lineNumberAtIndex(content, index);
+    const locationKey = `${relativePath}:${line}`;
+    if (seen.has(locationKey)) {
+      continue;
+    }
+    seen.add(locationKey);
+    locations.push({
+      file: relativePath,
+      line,
+      snippet: lineSnippet(content, line)
+    });
+  }
+
+  return { count, locations };
+}
+
+function extractImportedNames(content) {
+  const imported = [];
+  const importLines = content.match(/import\s+[^;\n]+/g) || [];
+
+  for (const line of importLines) {
+    const noFrom = line.replace(/\s+from\s+["'`][^"'`]+["'`]/, "").replace(/^import\s+/, "");
+    const parts = noFrom
+      .replace(/[{}]/g, "")
+      .split(",")
+      .map((item) => item.trim())
+      .filter(Boolean);
+
+    for (const part of parts) {
+      const aliasParts = part.split(/\s+as\s+/i);
+      const localName = aliasParts[1] || aliasParts[0];
+      if (localName && /^[A-Za-z_$][A-Za-z0-9_$]*$/.test(localName)) {
+        imported.push(localName);
+      }
+    }
+  }
+
+  return imported;
+}
+
+function findUnusedImports(content) {
+  const importedNames = extractImportedNames(content);
+  if (!importedNames.length) {
+    return [];
+  }
+
+  const linesWithoutImports = content
+    .split("\n")
+    .filter((line) => !line.trim().startsWith("import "))
+    .join("\n");
+
+  const unused = [];
+  for (const name of importedNames) {
+    const re = new RegExp(`\\b${name}\\b`, "g");
+    const matches = linesWithoutImports.match(re);
+    if (!matches || matches.length === 0) {
+      unused.push(name);
+    }
+  }
+
+  return unused;
+}
+
+export function analyzeLeftovers(files, context = {}) {
+  let todoCount = 0;
+  let aiTodoCount = 0;
+  let consoleCount = 0;
+  let localhostCount = 0;
+  let placeholderCount = 0;
+  let loremCount = 0;
+  let aiCommentCount = 0;
+  let commentedOutBlocks = 0;
+  let commentedOutLines = 0;
+  let unusedImportCount = 0;
+
+  const filesWithConsole = new Set();
+  const filesWithTodos = new Set();
+  const filesWithPlaceholders = new Set();
+  const consoleLocations = [];
+  const todoLocations = [];
+  const placeholderLocations = [];
+  const commentedCodeLocations = [];
+  const profileOptions = context.config?.leftovers || {};
+  const allowConsolePaths = Array.isArray(profileOptions.allowConsolePaths)
+    ? profileOptions.allowConsolePaths
+    : [];
+  const ignoreTodoPaths = Array.isArray(profileOptions.ignoreTodoPaths)
+    ? profileOptions.ignoreTodoPaths
+    : [];
+
+  for (const file of files) {
+    const content = file.content;
+    const skipTodoSignals = matchesPathPrefix(file.relativePath, ignoreTodoPaths);
+    const allowConsole = matchesPathPrefix(file.relativePath, allowConsolePaths);
+
+    if (!skipTodoSignals) {
+      const todos = content.match(TODO_RE) || [];
+      if (todos.length > 0) {
+        todoCount += todos.length;
+        filesWithTodos.add(file.relativePath);
+        if (todoLocations.length < MAX_LOCATIONS_PER_FINDING) {
+          todoLocations.push(
+            ...collectRegexLocations(
+              content,
+              TODO_RE,
+              file.relativePath,
+              MAX_LOCATIONS_PER_FINDING - todoLocations.length
+            )
+          );
+        }
+      }
+
+      aiTodoCount += (content.match(AI_TODO_RE) || []).length;
+    }
+
+    if (!allowConsole && !/(logger|logging|middleware)/i.test(file.relativePath)) {
+      const consoles = content.match(CONSOLE_RE) || [];
+      if (consoles.length > 0) {
+        consoleCount += consoles.length;
+        filesWithConsole.add(file.relativePath);
+        if (consoleLocations.length < MAX_LOCATIONS_PER_FINDING) {
+          consoleLocations.push(
+            ...collectRegexLocations(
+              content,
+              CONSOLE_RE,
+              file.relativePath,
+              MAX_LOCATIONS_PER_FINDING - consoleLocations.length
+            )
+          );
+        }
+      }
+    }
+
+    const localhostSignals = collectRegexMatches(
+      content,
+      LOCALHOST_RE,
+      file.relativePath,
+      MAX_LOCATIONS_PER_FINDING - placeholderLocations.length,
+      (index) => isDetectorRegexDefinitionLine(content, index)
+    );
+    if (localhostSignals.count > 0) {
+      localhostCount += localhostSignals.count;
+      filesWithPlaceholders.add(file.relativePath);
+      if (placeholderLocations.length < MAX_LOCATIONS_PER_FINDING) {
+        placeholderLocations.push(...localhostSignals.locations);
+      }
+    }
+
+    const placeholderSignals = collectRegexMatches(
+      content,
+      PLACEHOLDER_RE,
+      file.relativePath,
+      MAX_LOCATIONS_PER_FINDING - placeholderLocations.length,
+      (index) => isDetectorRegexDefinitionLine(content, index)
+    );
+    if (placeholderSignals.count > 0) {
+      placeholderCount += placeholderSignals.count;
+      filesWithPlaceholders.add(file.relativePath);
+      if (placeholderLocations.length < MAX_LOCATIONS_PER_FINDING) {
+        placeholderLocations.push(...placeholderSignals.locations);
+      }
+    }
+
+    loremCount += (content.match(LOREM_RE) || []).length;
+    aiCommentCount += (content.match(AI_COMMENT_RE) || []).length;
+
+    const blockStats = countCommentedOutBlocks(content);
+    commentedOutBlocks += blockStats.blocks;
+    commentedOutLines += blockStats.linesInBlocks;
+    if (commentedCodeLocations.length < MAX_LOCATIONS_PER_FINDING) {
+      for (const line of blockStats.blockLocations) {
+        commentedCodeLocations.push({
+          file: file.relativePath,
+          line,
+          snippet: lineSnippet(content, line)
+        });
+        if (commentedCodeLocations.length >= MAX_LOCATIONS_PER_FINDING) {
+          break;
+        }
+      }
+    }
+
+    const unusedImports = findUnusedImports(content);
+    unusedImportCount += unusedImports.length;
+  }
+
+  const issueWeight =
+    consoleCount +
+    todoCount +
+    aiTodoCount +
+    localhostCount * 2 +
+    placeholderCount * 2 +
+    aiCommentCount +
+    commentedOutBlocks * 2 +
+    unusedImportCount;
+
+  const score = Math.min(10, scoreFromRatio(issueWeight / Math.max(files.length * 1.2, 1), 10));
+
+  const findings = [];
+  if (consoleCount) {
+    findings.push({
+      severity: consoleCount > 15 ? "high" : "medium",
+      message: `${consoleCount} console statements found across ${filesWithConsole.size} files.`,
+      files: [...filesWithConsole].slice(0, 20),
+      locations: consoleLocations
+    });
+  }
+
+  if (todoCount) {
+    findings.push({
+      severity: todoCount > 10 ? "high" : "medium",
+      message: `${todoCount} TODO/FIXME/HACK markers found (${aiTodoCount} look AI-generated).`,
+      files: [...filesWithTodos].slice(0, 20),
+      locations: todoLocations
+    });
+  }
+
+  if (localhostCount || placeholderCount) {
+    findings.push({
+      severity: "high",
+      message: `${localhostCount} localhost URLs and ${placeholderCount} placeholder values found in code.`,
+      files: [...filesWithPlaceholders].slice(0, 20),
+      locations: placeholderLocations
+    });
+  }
+
+  if (commentedOutBlocks) {
+    findings.push({
+      severity: "low",
+      message: `${commentedOutBlocks} commented-out code blocks (${commentedOutLines} lines total).`,
+      locations: commentedCodeLocations
+    });
+  }
+
+  if (unusedImportCount) {
+    findings.push({
+      severity: "low",
+      message: `${unusedImportCount} potentially unused imports detected.`
+    });
+  }
+
+  const totalIssues =
+    consoleCount +
+    todoCount +
+    localhostCount +
+    placeholderCount +
+    commentedOutBlocks +
+    unusedImportCount +
+    aiCommentCount +
+    loremCount;
+
+  return {
+    id: "leftovers",
+    title: "AI LEFTOVERS",
+    score,
+    severity: severityFromScore(score),
+    totalIssues,
+    summary:
+      totalIssues > 0
+        ? `${totalIssues} leftover signals found (console logs, TODOs, placeholders, or dead comments).`
+        : "No common AI leftovers detected.",
+    metrics: {
+      consoleCount,
+      todoCount,
+      aiTodoCount,
+      localhostCount,
+      placeholderCount,
+      loremCount,
+      aiCommentCount,
+      commentedOutBlocks,
+      commentedOutLines,
+      unusedImportCount
+    },
+    recommendations: [
+      "Replace console.* with project logging utilities.",
+      "Move TODO/FIXME notes into issues and remove placeholder comments.",
+      "Remove hardcoded localhost/credentials and use environment configuration.",
+      "Delete commented-out code and unused imports."
+    ],
+    findings
+  };
+}