x-fidelity 2.10.0 → 2.12.0

package/CHANGELOG.md

@@ -1,3 +1,26 @@
+# [2.12.0](https://github.com/zotoio/x-fidelity/compare/v2.11.0...v2.12.0) (2024-08-25)
+
+
+### Bug Fixes
+
+* **analysis:** ensure long single-line files are catered for and npm namespaces ([509b4db](https://github.com/zotoio/x-fidelity/commit/509b4db1c3bb3f2cb487e043f5d23689bc8ed42d))
+* Handle [@namespace](https://github.com/namespace) packages in dependency analysis ([b5314ac](https://github.com/zotoio/x-fidelity/commit/b5314ac2b67f1bf241cbad3229c0ce3498bd9175))
+* Refactor repoFileAnalysis function to improve performance ([ae725bb](https://github.com/zotoio/x-fidelity/commit/ae725bbab307008424bb7494444e66eaca684aad))
+
+
+### Features
+
+* Implement file content splitting for analysis ([4d5f049](https://github.com/zotoio/x-fidelity/commit/4d5f04938d7fd78425e79ac74143439be1552879))
+
+# [2.11.0](https://github.com/zotoio/x-fidelity/compare/v2.10.0...v2.11.0) (2024-08-24)
+
+
+### Features
+
+* Add documentation for custom operators in x-fidelity ([d015fff](https://github.com/zotoio/x-fidelity/commit/d015fff73189704486f2a51eb8a235f2c161152d))
+* Add new operators section in README ([a306c4d](https://github.com/zotoio/x-fidelity/commit/a306c4db3b4043e8e8cf6fcd9bb78e2282c82ec9))
+* Update README.md with new features and enhancements ([751b4ed](https://github.com/zotoio/x-fidelity/commit/751b4eddb5abafd7500f52ec403b5a42d7b0c447))
+
 # [2.10.0](https://github.com/zotoio/x-fidelity/compare/v2.9.0...v2.10.0) (2024-08-24)
 
 

package/README.md

@@ -31,10 +31,6 @@ x-fidelity is an advanced CLI tool and paired config server designed to perform
    ```
    xfidelity .
    ```
-4. For more options:
-   ```
-   xfidelity --help
-   ```
 
 ## Table of Contents
 
@@ -303,7 +299,7 @@ x-fidelity uses archetypes to define project-specific configurations. Archetypes
 - Implementation of GitHub webhook to update local config
 - New cache routes: clearcache and viewcache
 - JSON schema validation for archetypes and rules
-- Input validation using Joi for URL parameters and telemetry data
+- Input validation for URL parameters and telemetry data
 - Helmet middleware for improved security headers
 - Rate limiting on the Express server
 - Refactored ConfigManager with static methods and caching
@@ -312,9 +308,34 @@ x-fidelity uses archetypes to define project-specific configurations. Archetypes
 - Shared secret option for telemetry client and server
 - Improved dependency compatibility checks for npm and yarn
 - Enhanced error handling and logging
+- Updated `fileContains` operator to support array of patterns
+- New exemptions feature for temporarily waiving specific rules
+- Improved OpenAI analysis with customizable prompts and severity thresholds
 
 For more detailed information on these features and how to use them, please refer to the respective sections in this README.
 
+### Exemptions
+
+x-fidelity now supports exemptions, allowing you to temporarily waive specific rules for a given repository. This feature is useful when you need to make exceptions to your standard rules due to specific project requirements or during a transition period.
+
+Exemptions are defined in JSON files and include:
+- The repository URL
+- The rule being exempted
+- An expiration date
+- A reason for the exemption
+
+For more details on how to use and manage exemptions, see the [Exemptions](#exemptions) section.
+
+### OpenAI Integration Enhancements
+
+The OpenAI integration has been expanded to allow for more customizable analysis:
+
+- Custom prompts can now be defined in OpenAI-specific rules
+- Severity thresholds can be set for OpenAI analysis results
+- New `openaiAnalysisHighSeverity` operator for fine-grained control over AI-generated insights
+
+For more information on leveraging these new OpenAI features, see the [OpenAI Integration](#openai-integration) section.
+
 ### Archetype Structure
 
 Archetypes specify:
@@ -606,7 +627,7 @@ You can create custom OpenAI rules to leverage AI-powered analysis for specific
 
 ```json
 {
-    "name": "openai-custom-analysis",
+    "name": "openaiCustomAnalysis-global",
     "conditions": {
         "all": [
             {
@@ -630,7 +651,7 @@ You can create custom OpenAI rules to leverage AI-powered analysis for specific
         "type": "warning",
         "params": {
             "message": "Custom message for the warning",
-            "results": {
+            "details": {
                 "fact": "openaiCustomAnalysisResult"
             }
         }
@@ -639,7 +660,7 @@ You can create custom OpenAI rules to leverage AI-powered analysis for specific
 ```
 
 3. Customize the rule:
-   - Set a unique `name` for your rule, ensuring it starts with 'openai'.
+   - Set a unique `name` for your rule, ensuring it starts with 'openai' and ends with '-global'.
    - Modify the `prompt` in the `params` section to specify what you want the AI to analyze.
    - Adjust the `value` in the `openaiAnalysisHighSeverity` operator to set the severity threshold (1-10).
    - Customize the `message` in the `event` params to describe the warning.
@@ -648,6 +669,85 @@ You can create custom OpenAI rules to leverage AI-powered analysis for specific
 
 This structure allows you to create custom AI-powered rules that can analyze your codebase for specific patterns, best practices, or potential issues. Remember to follow the naming convention to ensure proper handling of OpenAI rules in the system.
 
+## Custom Operators
+
+x-fidelity includes several custom operators that can be used in your rules. Here's a brief overview of each:
+
+### `fileContains` Operator
+
+The `fileContains` operator checks if a file contains specific patterns. It supports an array of patterns for flexible content matching.
+
+Usage example:
+```json
+{
+    "fact": "repoFileAnalysis",
+    "params": {
+        "checkPattern": [
+            "pattern1",
+            "pattern2",
+            "pattern3"
+        ],
+        "resultFact": "fileResults"
+    },
+    "operator": "fileContains",
+    "value": true
+}
+```
+
+This operator returns true if any of the patterns in the array are found in the file content.
+
+### `outdatedFramework` Operator
+
+The `outdatedFramework` operator checks if the project is using outdated versions of dependencies. It compares the installed versions of dependencies against the minimum required versions specified in the archetype configuration.
+
+Key features:
+- Supports both npm and Yarn package managers
+- Handles version ranges and specific versions
+- Checks nested dependencies
+- Returns `true` if any dependency is outdated, triggering a rule failure
+
+Usage example in a rule:
+```json
+{
+    "fact": "repoDependencyAnalysis",
+    "params": {
+        "resultFact": "repoDependencyResults"
+    },
+    "operator": "outdatedFramework",
+    "value": true
+}
+```
+
+### `nonStandardDirectoryStructure` Operator
+
+The `nonStandardDirectoryStructure` operator verifies if the project follows the standard directory structure defined in the archetype. It recursively checks the project's directory structure against the specified standard structure.
+
+Key features:
+- Performs a deep comparison of the directory structure
+- Ignores files and focuses only on directory structure
+- Returns `true` if the structure doesn't match, triggering a rule failure
+- Only runs on the special `REPO_GLOBAL_CHECK` file to ensure a single, comprehensive check
+
+Usage example in a rule:
+```json
+{
+    "fact": "fileData",
+    "path": "$.filePath",
+    "operator": "nonStandardDirectoryStructure",
+    "value": {
+        "fact": "standardStructure"
+    }
+}
+```
+
+Both operators play crucial roles in maintaining project consistency and up-to-date dependencies, contributing to the overall quality and maintainability of the codebase.
+
+### `openaiAnalysisHighSeverity` Operator
+
+The `openaiAnalysisHighSeverity` operator is used with OpenAI integration to identify high-severity issues in the AI-generated analysis.
+
+For more detailed information on how to use these operators in your rules, please refer to the specific rule examples in the documentation.
+
 ## Best Practices
 
 1. **Version Control**: Keep your x-fidelity configurations (archetypes and rules) in version control.

package/dist/archetypes/node-fullstack.json

@@ -21,6 +21,9 @@
     ],
     "config": {
         "minimumDependencyVersions": {
+            "@types/react": "^17.0.0",
+            "react": "^17.0.0",
+            "@yarnpkg/lockfile": "^1.2.0",
             "commander": "^2.0.0",
             "nodemon": "^3.9.0"
         },

package/dist/facts/repoDependencyFacts.js

@@ -40,6 +40,7 @@ exports.getDependencyVersionFacts = getDependencyVersionFacts;
 exports.findPropertiesInTree = findPropertiesInTree;
 exports.repoDependencyAnalysis = repoDependencyAnalysis;
 exports.semverValid = semverValid;
+exports.normalizePackageName = normalizePackageName;
 const logger_1 = require("../utils/logger");
 const child_process_1 = require("child_process");
 const semver = __importStar(require("semver"));
@@ -105,6 +106,13 @@ function processYarnDependencies(yarnOutput) {
             return newDep;
         };
         const extractNameAndVersion = (nameAndVersion) => {
+            const lastAtIndex = nameAndVersion.lastIndexOf('@');
+            if (nameAndVersion.startsWith('@') && lastAtIndex > 0) {
+                return {
+                    name: nameAndVersion.substring(0, lastAtIndex),
+                    version: nameAndVersion.substring(lastAtIndex + 1)
+                };
+            }
             const parts = nameAndVersion.split('@');
             return { name: parts[0], version: parts[1] };
         };
@@ -160,8 +168,10 @@ function findPropertiesInTree(depGraph, minVersions) {
     logger_1.logger.debug(`depGraph: ${JSON.stringify(depGraph)}`);
     function walk(dep, parentName = '') {
         const fullName = parentName ? `${parentName}/${dep.name}` : dep.name;
-        if (Object.keys(minVersions).includes(dep.name)) {
-            results.push({ dep: fullName, ver: dep.version, min: minVersions[dep.name] });
+        if (Object.keys(minVersions).some(key => key === dep.name || `@${key}` === dep.name)) {
+            const minVersionKey = Object.keys(minVersions).find(key => key === dep.name || `@${key}` === dep.name);
+            // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+            results.push({ dep: fullName, ver: dep.version, min: minVersions[minVersionKey] });
         }
         if (dep.dependencies) {
             dep.dependencies.forEach(childDep => {
@@ -201,8 +211,11 @@ function repoDependencyAnalysis(params, almanac) {
         return result;
     });
 }
-function semverValid(required, installed) {
-    if (!required || !installed) {
+function semverValid(installed, required) {
+    // Remove potential @namespace from installed version
+    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+    const installedVersion = installed.includes('@') ? installed.split('@').pop() : installed;
+    if (!required || !installedVersion) {
         return true;
     }
     // If 'installed' is a single version and 'required' is a range
@@ -227,3 +240,6 @@ function semverValid(required, installed) {
     }
     return false;
 }
+function normalizePackageName(name) {
+    return name.startsWith('@') ? name : `@${name}`;
+}

package/dist/facts/repoFilesystemFacts.js

@@ -89,17 +89,49 @@ function repoFileAnalysis(params, almanac) {
         const analysis = [];
         const lines = fileContent.split('\n');
         logger_1.logger.debug(`lines: ${lines.length}`);
-        let lineNumber = 0;
+        const processedLines = [];
+        let splitOccurred = false;
         for (const line of lines) {
-            lineNumber++;
+            if (line.length > 200) {
+                let startIndex = 0;
+                while (startIndex < line.length) {
+                    let endIndex = startIndex + 200;
+                    if (endIndex < line.length) {
+                        // Find the nearest space or end of token
+                        while (endIndex > startIndex && !(/\s/.test(line[endIndex]) || /\W/.test(line[endIndex]))) {
+                            endIndex--;
+                        }
+                        // If no suitable break point found, use the full 200 characters
+                        if (endIndex === startIndex) {
+                            endIndex = startIndex + 200;
+                        }
+                    }
+                    else {
+                        endIndex = line.length;
+                    }
+                    processedLines.push(line.substring(startIndex, endIndex));
+                    startIndex = endIndex;
+                }
+                splitOccurred = true;
+            }
+            else {
+                processedLines.push(line);
+            }
+        }
+        if (lines.length === 1 || splitOccurred) {
+            logger_1.logger.debug(`File content was split for analysis`);
+        }
+        for (let i = 0; i < processedLines.length; i++) {
+            const line = processedLines[i];
             for (const pattern of checkPatterns) {
                 const regex = new RegExp(pattern, 'g');
                 if (regex.test(line)) {
-                    logger_1.logger.debug(`match on line ${lineNumber} for pattern ${pattern}`);
+                    logger_1.logger.debug(`match on line ${i + 1} for pattern ${pattern}`);
                     const match = {
                         'match': pattern,
-                        'lineNumber': lineNumber,
-                        'line': line
+                        'lineNumber': i + 1,
+                        'line': line,
+                        'splitOccurred': splitOccurred
                     };
                     analysis.push(match);
                 }

package/dist/server/configServer.js

@@ -18,7 +18,8 @@ const archetypeRuleRoute_1 = require("./routes/archetypeRuleRoute");
 const telemetryRoute_1 = require("./routes/telemetryRoute");
 const clearCacheRoute_1 = require("./routes/clearCacheRoute");
 const viewCacheRoute_1 = require("./routes/viewCacheRoute");
-const githubWebhookRoute_1 = require("./routes/githubWebhookRoute");
+const githubWebhookConfigUpdateRoute_1 = require("./routes/githubWebhookConfigUpdateRoute");
+const githubWebhookPullRequestCheckRoute_1 = require("./routes/githubWebhookPullRequestCheckRoute");
 const exemptionsRoute_1 = require("./routes/exemptionsRoute");
 const validateUrlInput_1 = require("./middleware/validateUrlInput");
 const validateTelemetryData_1 = require("./middleware/validateTelemetryData");
@@ -57,7 +58,8 @@ app.post('/telemetry', checkSharedSecret, validateTelemetryData_1.validateTeleme
 app.post('/clearcache', checkSharedSecret, clearCacheRoute_1.clearCacheRoute);
 app.get('/viewcache', checkSharedSecret, viewCacheRoute_1.viewCacheRoute);
 app.get('/archetypes/:archetype/exemptions', checkSharedSecret, exemptionsRoute_1.exemptionsRoute);
-app.post('/github-webhook', validateGithubWebhook_1.validateGithubWebhook, githubWebhookRoute_1.githubWebhookRoute);
+app.post('/github-config-update', validateGithubWebhook_1.validateGithubWebhook, githubWebhookConfigUpdateRoute_1.githubWebhookConfigUpdateRoute);
+app.post('/github-pull-request-check', validateGithubWebhook_1.validateGithubWebhook, githubWebhookPullRequestCheckRoute_1.githubWebhookPullRequestCheckRoute);
 function startServer({ customPort, executionLogPrefix }) {
     const serverPort = customPort ? parseInt(customPort) : port;
     executionLogPrefix && (0, logger_1.setLogPrefix)(executionLogPrefix);

package/dist/server/configServer.test.js

@@ -6,15 +6,16 @@ const archetypeRuleRoute_1 = require("./routes/archetypeRuleRoute");
 const telemetryRoute_1 = require("./routes/telemetryRoute");
 const clearCacheRoute_1 = require("./routes/clearCacheRoute");
 const viewCacheRoute_1 = require("./routes/viewCacheRoute");
-const githubWebhookRoute_1 = require("./routes/githubWebhookRoute");
+const githubWebhookConfigUpdateRoute_1 = require("./routes/githubWebhookConfigUpdateRoute");
 const checkSharedSecret_1 = require("./middleware/checkSharedSecret");
+const validateGithubWebhook_1 = require("./middleware/validateGithubWebhook");
 jest.mock('./routes/archetypeRoute');
 jest.mock('./routes/archetypeRulesRoute');
 jest.mock('./routes/archetypeRuleRoute');
 jest.mock('./routes/telemetryRoute');
 jest.mock('./routes/clearCacheRoute');
 jest.mock('./routes/viewCacheRoute');
-jest.mock('./routes/githubWebhookRoute');
+jest.mock('./routes/githubWebhookConfigUpdateRoute');
 jest.mock('./middleware/checkSharedSecret');
 describe('configServer', () => {
     let app;
@@ -32,7 +33,7 @@ describe('configServer', () => {
         app.post('/telemetry', checkSharedSecret_1.checkSharedSecret, telemetryRoute_1.telemetryRoute);
         app.post('/clearcache', checkSharedSecret_1.checkSharedSecret, clearCacheRoute_1.clearCacheRoute);
         app.get('/viewcache', checkSharedSecret_1.checkSharedSecret, viewCacheRoute_1.viewCacheRoute);
-        app.post('/github-webhook', githubWebhookRoute_1.githubWebhookRoute);
+        app.post('/github-config-update', validateGithubWebhook_1.validateGithubWebhook, githubWebhookConfigUpdateRoute_1.githubWebhookConfigUpdateRoute);
         // Verify routes are set up correctly
         expect(app.get).toHaveBeenCalledWith('/archetypes/:archetype', archetypeRoute_1.archetypeRoute);
         expect(app.get).toHaveBeenCalledWith('/archetypes/:archetype/rules', archetypeRulesRoute_1.archetypeRulesRoute);
@@ -40,7 +41,7 @@ describe('configServer', () => {
         expect(app.post).toHaveBeenCalledWith('/telemetry', checkSharedSecret_1.checkSharedSecret, telemetryRoute_1.telemetryRoute);
         expect(app.post).toHaveBeenCalledWith('/clearcache', checkSharedSecret_1.checkSharedSecret, clearCacheRoute_1.clearCacheRoute);
         expect(app.get).toHaveBeenCalledWith('/viewcache', checkSharedSecret_1.checkSharedSecret, viewCacheRoute_1.viewCacheRoute);
-        expect(app.post).toHaveBeenCalledWith('/github-webhook', githubWebhookRoute_1.githubWebhookRoute);
+        expect(app.post).toHaveBeenCalledWith('/github-config-update', validateGithubWebhook_1.validateGithubWebhook, githubWebhookConfigUpdateRoute_1.githubWebhookConfigUpdateRoute);
     });
     afterEach(() => {
         jest.resetAllMocks();

package/dist/server/routes/{githubWebhookRoute.js → githubWebhookConfigUpdateRoute.js}

@@ -12,7 +12,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.githubWebhookRoute = githubWebhookRoute;
+exports.githubWebhookConfigUpdateRoute = githubWebhookConfigUpdateRoute;
 const logger_1 = require("../../utils/logger");
 const crypto_1 = __importDefault(require("crypto"));
 const axios_1 = __importDefault(require("axios"));
@@ -22,7 +22,7 @@ const fs_1 = __importDefault(require("fs"));
 const cacheManager_1 = require("../cacheManager");
 const configManager_1 = require("../../utils/configManager");
 const cli_1 = require("../../core/cli");
-function githubWebhookRoute(req, res) {
+function githubWebhookConfigUpdateRoute(req, res) {
     return __awaiter(this, void 0, void 0, function* () {
         const requestLogPrefix = req.headers['x-log-prefix'] || '';
         (0, logger_1.setLogPrefix)(requestLogPrefix);

package/dist/server/routes/githubWebhookPullRequestCheckRoute.js

@@ -0,0 +1,45 @@
+"use strict";
+var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
+    function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
+    return new (P || (P = Promise))(function (resolve, reject) {
+        function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
+        function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
+        function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
+        step((generator = generator.apply(thisArg, _arguments || [])).next());
+    });
+};
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.githubWebhookPullRequestCheckRoute = githubWebhookPullRequestCheckRoute;
+const logger_1 = require("../../utils/logger");
+const crypto_1 = __importDefault(require("crypto"));
+function githubWebhookPullRequestCheckRoute(req, res) {
+    return __awaiter(this, void 0, void 0, function* () {
+        const requestLogPrefix = req.headers['x-log-prefix'] || '';
+        (0, logger_1.setLogPrefix)(requestLogPrefix);
+        const signature = req.headers['x-hub-signature-256'];
+        const githubSecret = process.env.GITHUB_WEBHOOK_SECRET;
+        if (!githubSecret) {
+            logger_1.logger.error('GitHub webhook secret is not set');
+            return res.status(500).send('Server is not configured for webhooks');
+        }
+        if (!signature) {
+            logger_1.logger.error('No X-Hub-Signature-256 found on request');
+            return res.status(400).send('No X-Hub-Signature-256 found on request');
+        }
+        const hmac = crypto_1.default.createHmac('sha256', githubSecret);
+        const digest = 'sha256=' + hmac.update(JSON.stringify(req.body)).digest('hex');
+        if (signature !== digest) {
+            logger_1.logger.error('Request body digest did not match X-Hub-Signature-256');
+            return res.status(400).send('Invalid signature');
+        }
+        const event = req.headers['x-github-event'];
+        if (event === 'push') {
+            // TODO: Implement pull request check
+            return res.status(200).send('Webhook received and processed');
+        }
+        res.status(200).send('Received');
+    });
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "x-fidelity",
-  "version": "2.10.0",
+  "version": "2.12.0",
   "description": "cli for opinionated framework adherence checks",
   "main": "dist/xfidelity",
   "bin": {

package/src/archetypes/node-fullstack.json

@@ -21,6 +21,9 @@
     ],
     "config": {
         "minimumDependencyVersions": {
+            "@types/react": "^17.0.0",
+            "react": "^17.0.0",
+            "@yarnpkg/lockfile": "^1.2.0",
             "commander": "^2.0.0",
             "nodemon": "^3.9.0"
         },

package/src/facts/repoDependencyFacts.ts

@@ -64,9 +64,16 @@ function processYarnDependencies(yarnOutput: any): LocalDependencies[] {
             return newDep;
         };
         const extractNameAndVersion = (nameAndVersion: string) => {
+            const lastAtIndex = nameAndVersion.lastIndexOf('@');
+            if (nameAndVersion.startsWith('@') && lastAtIndex > 0) {
+                return {
+                    name: nameAndVersion.substring(0, lastAtIndex),
+                    version: nameAndVersion.substring(lastAtIndex + 1)
+                };
+            }
             const parts = nameAndVersion.split('@');
             return { name: parts[0], version: parts[1] };
-        }
+        };
         yarnOutput.data.trees.forEach((tree: any) => {
             dependencies.push(processDependency(tree));
         });
@@ -125,8 +132,10 @@ export function findPropertiesInTree(depGraph: LocalDependencies[], minVersions:
 
     function walk(dep: LocalDependencies, parentName = '') {
         const fullName = parentName ? `${parentName}/${dep.name}` : dep.name;
-        if (Object.keys(minVersions).includes(dep.name)) {
-            results.push({ dep: fullName, ver: dep.version, min: minVersions[dep.name] });
+        if (Object.keys(minVersions).some(key => key === dep.name || `@${key}` === dep.name)) {
+            const minVersionKey = Object.keys(minVersions).find(key => key === dep.name || `@${key}` === dep.name);
+            // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+            results.push({ dep: fullName, ver: dep.version, min: minVersions[minVersionKey!] });
         }
         if (dep.dependencies) {
             dep.dependencies.forEach(childDep => {
@@ -176,9 +185,12 @@ export async function repoDependencyAnalysis(params: any, almanac: Almanac) {
     return result;
 }
 
-export function semverValid(required: string, installed: string): boolean {
-
-    if (!required || !installed) {
+export function semverValid(installed: string, required: string): boolean {
+    // Remove potential @namespace from installed version
+    // eslint-disable-next-line @typescript-eslint/no-non-null-assertion
+    const installedVersion = installed.includes('@') ? installed.split('@').pop()! : installed;
+    
+    if (!required || !installedVersion) {
         return true;
     }
 
@@ -208,3 +220,6 @@ export function semverValid(required: string, installed: string): boolean {
 
     return false;
 }
+export function normalizePackageName(name: string): string {
+    return name.startsWith('@') ? name : `@${name}`;
+}

package/src/facts/repoFilesystemFacts.ts

@@ -83,17 +83,50 @@ async function repoFileAnalysis(params: any, almanac: any) {
     const analysis: any = [];
     const lines = fileContent.split('\n');
     logger.debug(`lines: ${lines.length}`);
-    let lineNumber = 0;
+    const processedLines: string[] = [];
+    let splitOccurred = false;
+
     for (const line of lines) {
-        lineNumber++;
+        if (line.length > 200) {
+            let startIndex = 0;
+            while (startIndex < line.length) {
+                let endIndex = startIndex + 200;
+                if (endIndex < line.length) {
+                    // Find the nearest space or end of token
+                    while (endIndex > startIndex && !(/\s/.test(line[endIndex]) || /\W/.test(line[endIndex]))) {
+                        endIndex--;
+                    }
+                    // If no suitable break point found, use the full 200 characters
+                    if (endIndex === startIndex) {
+                        endIndex = startIndex + 200;
+                    }
+                } else {
+                    endIndex = line.length;
+                }
+                processedLines.push(line.substring(startIndex, endIndex));
+                startIndex = endIndex;
+            }
+            splitOccurred = true;
+        } else {
+            processedLines.push(line);
+        }
+    }
+
+    if (lines.length === 1 || splitOccurred) {
+        logger.debug(`File content was split for analysis`);
+    }
+
+    for (let i = 0; i < processedLines.length; i++) {
+        const line = processedLines[i];
         for (const pattern of checkPatterns) {
             const regex = new RegExp(pattern, 'g');
             if (regex.test(line)) {
-                logger.debug(`match on line ${lineNumber} for pattern ${pattern}`)
+                logger.debug(`match on line ${i + 1} for pattern ${pattern}`);
                 const match = {
                     'match': pattern,
-                    'lineNumber': lineNumber,
-                    'line': line
+                    'lineNumber': i + 1,
+                    'line': line,
+                    'splitOccurred': splitOccurred
                 };
                 analysis.push(match);
             }

package/src/server/configServer.test.ts

@@ -5,8 +5,9 @@ import { archetypeRuleRoute } from './routes/archetypeRuleRoute';
 import { telemetryRoute } from './routes/telemetryRoute';
 import { clearCacheRoute } from './routes/clearCacheRoute';
 import { viewCacheRoute } from './routes/viewCacheRoute';
-import { githubWebhookRoute } from './routes/githubWebhookRoute';
+import { githubWebhookConfigUpdateRoute } from './routes/githubWebhookConfigUpdateRoute';
 import { checkSharedSecret } from './middleware/checkSharedSecret';
+import { validateGithubWebhook } from './middleware/validateGithubWebhook';
 
 jest.mock('./routes/archetypeRoute');
 jest.mock('./routes/archetypeRulesRoute');
@@ -14,7 +15,7 @@ jest.mock('./routes/archetypeRuleRoute');
 jest.mock('./routes/telemetryRoute');
 jest.mock('./routes/clearCacheRoute');
 jest.mock('./routes/viewCacheRoute');
-jest.mock('./routes/githubWebhookRoute');
+jest.mock('./routes/githubWebhookConfigUpdateRoute');
 jest.mock('./middleware/checkSharedSecret');
 
 describe('configServer', () => {
@@ -35,7 +36,7 @@ describe('configServer', () => {
     app.post('/telemetry', checkSharedSecret, telemetryRoute);
     app.post('/clearcache', checkSharedSecret, clearCacheRoute);
     app.get('/viewcache', checkSharedSecret, viewCacheRoute);
-    app.post('/github-webhook', githubWebhookRoute);
+    app.post('/github-config-update', validateGithubWebhook, githubWebhookConfigUpdateRoute);
 
     // Verify routes are set up correctly
     expect(app.get).toHaveBeenCalledWith('/archetypes/:archetype', archetypeRoute);
@@ -44,7 +45,7 @@ describe('configServer', () => {
     expect(app.post).toHaveBeenCalledWith('/telemetry', checkSharedSecret, telemetryRoute);
     expect(app.post).toHaveBeenCalledWith('/clearcache', checkSharedSecret, clearCacheRoute);
     expect(app.get).toHaveBeenCalledWith('/viewcache', checkSharedSecret, viewCacheRoute);
-    expect(app.post).toHaveBeenCalledWith('/github-webhook', githubWebhookRoute);
+    expect(app.post).toHaveBeenCalledWith('/github-config-update', validateGithubWebhook, githubWebhookConfigUpdateRoute);
   });
 
   afterEach(() => {

package/src/server/configServer.ts

@@ -13,7 +13,8 @@ import { archetypeRuleRoute } from './routes/archetypeRuleRoute';
 import { telemetryRoute } from './routes/telemetryRoute';
 import { clearCacheRoute } from './routes/clearCacheRoute';
 import { viewCacheRoute } from './routes/viewCacheRoute';
-import { githubWebhookRoute } from './routes/githubWebhookRoute';
+import { githubWebhookConfigUpdateRoute } from './routes/githubWebhookConfigUpdateRoute';
+import { githubWebhookPullRequestCheckRoute } from './routes/githubWebhookPullRequestCheckRoute';
 import { exemptionsRoute } from './routes/exemptionsRoute';
 import { validateUrlInput } from './middleware/validateUrlInput';
 import { validateTelemetryData } from './middleware/validateTelemetryData';
@@ -62,7 +63,8 @@ app.post('/clearcache', checkSharedSecret, clearCacheRoute);
 app.get('/viewcache', checkSharedSecret, viewCacheRoute);
 app.get('/archetypes/:archetype/exemptions', checkSharedSecret, exemptionsRoute);
 
-app.post('/github-webhook', validateGithubWebhook, githubWebhookRoute);
+app.post('/github-config-update', validateGithubWebhook, githubWebhookConfigUpdateRoute);
+app.post('/github-pull-request-check', validateGithubWebhook, githubWebhookPullRequestCheckRoute);
 
 export function startServer({ customPort, executionLogPrefix }: StartServerParams): any {
     const serverPort = customPort ? parseInt(customPort) : port;

package/src/server/routes/{githubWebhookRoute.ts → githubWebhookConfigUpdateRoute.ts}

@@ -9,7 +9,7 @@ import { clearCache } from '../cacheManager';
 import { ConfigManager } from '../../utils/configManager';
 import { options } from '../../core/cli';
 
-export async function githubWebhookRoute(req: Request, res: Response) {
+export async function githubWebhookConfigUpdateRoute(req: Request, res: Response) {
     const requestLogPrefix = req.headers['x-log-prefix'] as string || '';
     setLogPrefix(requestLogPrefix);
 

package/src/server/routes/githubWebhookPullRequestCheckRoute.ts

@@ -0,0 +1,40 @@
+import { Request, Response } from 'express';
+import { logger, setLogPrefix } from '../../utils/logger';
+import crypto from 'crypto';
+
+export async function githubWebhookPullRequestCheckRoute(req: Request, res: Response) {
+    const requestLogPrefix = req.headers['x-log-prefix'] as string || '';
+    setLogPrefix(requestLogPrefix);
+
+    const signature = req.headers['x-hub-signature-256'] as string;
+    const githubSecret = process.env.GITHUB_WEBHOOK_SECRET;
+
+    if (!githubSecret) {
+        logger.error('GitHub webhook secret is not set');
+        return res.status(500).send('Server is not configured for webhooks');
+    }
+
+    if (!signature) {
+        logger.error('No X-Hub-Signature-256 found on request');
+        return res.status(400).send('No X-Hub-Signature-256 found on request');
+    }
+
+    const hmac = crypto.createHmac('sha256', githubSecret);
+    const digest = 'sha256=' + hmac.update(JSON.stringify(req.body)).digest('hex');
+
+    if (signature !== digest) {
+        logger.error('Request body digest did not match X-Hub-Signature-256');
+        return res.status(400).send('Invalid signature');
+    }
+
+    const event = req.headers['x-github-event'] as string;
+    if (event === 'push') {
+        // TODO: Implement pull request check
+
+        return res.status(200).send('Webhook received and processed');
+    }
+
+    res.status(200).send('Received');
+}
+
+