invar-tools 1.17.12__py3-none-any.whl → 1.17.24__py3-none-any.whl

invar/core/models.py

@@ -160,7 +160,10 @@ def get_layer(file_info: FileInfo) -> CodeLayer:
     return CodeLayer.DEFAULT
 
 
-@pre(lambda layer, language="python": isinstance(layer, CodeLayer) and language in ("python", "typescript"))
+@pre(
+    lambda layer, language="python": isinstance(layer, CodeLayer)
+    and language in ("python", "typescript")
+)
 @post(lambda result: result.max_file_lines > 0 and result.max_function_lines > 0)
 def get_limits(layer: CodeLayer, language: str = "python") -> LayerLimits:
     """
@@ -424,8 +427,9 @@ class RuleConfig(BaseModel):
     """
 
     # MINOR-6: Added ge=1 constraints for numeric fields
-    max_file_lines: int = Field(default=500, ge=1)  # Phase 9 P1: Raised from 300
-    max_function_lines: int = Field(default=50, ge=1)
+    # BUG-55: These override layer-based limits when set to non-default values
+    max_file_lines: int = Field(default=500, ge=1)  # Override all layers if != 500
+    max_function_lines: int = Field(default=50, ge=1)  # Override all layers if != 50
     entry_max_lines: int = Field(default=15, ge=1)  # DX-23: Entry point max lines
     shell_max_branches: int = Field(default=3, ge=1)  # DX-22: Shell function max branches
     shell_complexity_debt_limit: int = Field(default=5, ge=0)  # DX-22: 0 = no limit

invar/core/rules.py

@@ -71,7 +71,11 @@ def _build_size_suggestion(base: str, extraction_hint: str, func_hint: str) -> s
 def _get_func_hint(file_info: FileInfo) -> str:
     """Get top 5 largest functions as hint string."""
     funcs = sorted(
-        [(s.name, s.end_line - s.line + 1) for s in file_info.symbols if s.kind in (SymbolKind.FUNCTION, SymbolKind.METHOD)],
+        [
+            (s.name, s.end_line - s.line + 1)
+            for s in file_info.symbols
+            if s.kind in (SymbolKind.FUNCTION, SymbolKind.METHOD)
+        ],
         key=lambda x: -x[1],
     )[:5]
     return f" Functions: {', '.join(f'{n}({sz}L)' for n, sz in funcs)}" if funcs else ""
@@ -104,6 +108,7 @@ def check_file_size(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     Check if file exceeds maximum line count or warning threshold.
 
     LX-10: Uses layer-based limits (Core/Shell/Tests/Default).
+    BUG-55: Config override - if max_file_lines is set to non-default, use it.
     P18: Shows function groups in size warnings to help agents decide what to extract.
     P25: Shows extractable groups with dependencies for warnings.
 
@@ -121,6 +126,10 @@ def check_file_size(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
         >>> # Core layer: 500 lines max (strict)
         >>> len(check_file_size(FileInfo(path="core/calc.py", lines=550, is_core=True), RuleConfig()))
         1
+        >>> # BUG-55: Config override allows larger files (no error at 550 with max 600)
+        >>> vs = check_file_size(FileInfo(path="core/calc.py", lines=550, is_core=True), RuleConfig(max_file_lines=600, size_warning_threshold=0))
+        >>> any(v.rule == "file_size" for v in vs)
+        False
     """
     # Check for escape hatch
     if _has_file_escape(file_info, "file_size"):
@@ -133,23 +142,38 @@ def check_file_size(file_info: FileInfo, config: RuleConfig) -> list[Violation]:
     # LX-10: Get layer-based limits
     layer = get_layer(file_info)
     limits = get_limits(layer)
-    max_lines = limits.max_file_lines
+    # BUG-55: Allow config override if user sets non-default value
+    max_lines = config.max_file_lines if config.max_file_lines != 500 else limits.max_file_lines
 
     if file_info.lines > max_lines:
-        violations.append(Violation(
-            rule="file_size", severity=Severity.ERROR, file=file_info.path, line=None,
-            message=f"File has {file_info.lines} lines (max: {max_lines} for {layer.value})",
-            suggestion=_build_size_suggestion("Split into smaller modules.", extraction_hint, func_hint),
-        ))
+        violations.append(
+            Violation(
+                rule="file_size",
+                severity=Severity.ERROR,
+                file=file_info.path,
+                line=None,
+                message=f"File has {file_info.lines} lines (max: {max_lines} for {layer.value})",
+                suggestion=_build_size_suggestion(
+                    "Split into smaller modules.", extraction_hint, func_hint
+                ),
+            )
+        )
     elif config.size_warning_threshold > 0:
         threshold = int(max_lines * config.size_warning_threshold)
         if file_info.lines >= threshold:
             pct = int(file_info.lines / max_lines * 100)
-            violations.append(Violation(
-                rule="file_size_warning", severity=Severity.WARNING, file=file_info.path, line=None,
-                message=f"File has {file_info.lines} lines ({pct}% of {max_lines} limit)",
-                suggestion=_build_size_suggestion("Consider splitting before reaching limit.", extraction_hint, func_hint),
-            ))
+            violations.append(
+                Violation(
+                    rule="file_size_warning",
+                    severity=Severity.WARNING,
+                    file=file_info.path,
+                    line=None,
+                    message=f"File has {file_info.lines} lines ({pct}% of {max_lines} limit)",
+                    suggestion=_build_size_suggestion(
+                        "Consider splitting before reaching limit.", extraction_hint, func_hint
+                    ),
+                )
+            )
     return violations
 
 
@@ -159,6 +183,7 @@ def check_function_size(file_info: FileInfo, config: RuleConfig) -> list[Violati
     Check if any function exceeds maximum line count.
 
     LX-10: Uses layer-based limits (Core/Shell/Tests/Default).
+    BUG-55: Config override - if max_function_lines is set to non-default, use it.
     DX-22: Always uses code_lines (excluding docstring) and excludes doctest lines.
 
     Examples:
@@ -177,13 +202,19 @@ def check_function_size(file_info: FileInfo, config: RuleConfig) -> list[Violati
         >>> info3 = FileInfo(path="core/calc.py", lines=100, symbols=[sym3], is_core=True)
         >>> len(check_function_size(info3, RuleConfig()))
         1
+        >>> # BUG-55: Config override allows larger functions
+        >>> len(check_function_size(info3, RuleConfig(max_function_lines=70)))
+        0
     """
     violations: list[Violation] = []
 
     # LX-10: Get layer-based limits
     layer = get_layer(file_info)
     limits = get_limits(layer)
-    max_func_lines = limits.max_function_lines
+    # BUG-55: Allow config override if user sets non-default value
+    max_func_lines = (
+        config.max_function_lines if config.max_function_lines != 50 else limits.max_function_lines
+    )
 
     for symbol in file_info.symbols:
         if symbol.kind in (SymbolKind.FUNCTION, SymbolKind.METHOD):
@@ -392,7 +423,9 @@ def check_shell_result(file_info: FileInfo, config: RuleConfig) -> list[Violatio
         ):
             continue
         # DX-23: Skip entry points; DX-22: Skip if @invar:allow marker
-        if is_entry_point(symbol, file_info.source) or has_allow_marker(symbol, file_info.source, "shell_result"):
+        if is_entry_point(symbol, file_info.source) or has_allow_marker(
+            symbol, file_info.source, "shell_result"
+        ):
             continue
         if "Result[" not in symbol.signature:
             violations.append(
@@ -435,7 +468,9 @@ def check_entry_point_thin(file_info: FileInfo, config: RuleConfig) -> list[Viol
             continue
 
         # Only check entry points; DX-22: Skip if @invar:allow marker
-        if not is_entry_point(symbol, file_info.source) or has_allow_marker(symbol, file_info.source, "entry_point_too_thick"):
+        if not is_entry_point(symbol, file_info.source) or has_allow_marker(
+            symbol, file_info.source, "entry_point_too_thick"
+        ):
             continue
         lines = get_symbol_lines(symbol)
         if lines > max_lines:

invar/mcp/handlers.py

@@ -427,11 +427,24 @@ async def _execute_command(
             timeout=timeout,
         )
 
+        stdout = result.stdout.strip()
+
+        # Try to parse as JSON
         try:
-            parsed = json.loads(result.stdout)
+            parsed = json.loads(stdout)
             return ([TextContent(type="text", text=json.dumps(parsed, indent=2))], parsed)
         except json.JSONDecodeError:
-            output = result.stdout
+            # Try to fix unescaped newlines in JSON strings
+            # Guard/map commands may output multiline JSON with literal newlines
+            fixed = _fix_json_newlines(stdout)
+            try:
+                parsed = json.loads(fixed)
+                return ([TextContent(type="text", text=json.dumps(parsed, indent=2))], parsed)
+            except json.JSONDecodeError:
+                pass
+
+            # Fall back to text output
+            output = stdout
             if result.stderr:
                 output += f"\n\nStderr:\n{result.stderr}"
             return [TextContent(type="text", text=output)]
@@ -440,3 +453,46 @@ async def _execute_command(
         return [TextContent(type="text", text=f"Error: Command timed out ({timeout}s)")]
     except Exception as e:
         return [TextContent(type="text", text=f"Error: {e}")]
+
+
+# @invar:allow shell_too_complex: Simple state machine, 6 branches is minimal
+# @invar:allow shell_pure_logic: No I/O, but called from shell context
+# @invar:allow shell_result: Pure transformation, returns str not Result
+def _fix_json_newlines(text: str) -> str:
+    """Fix unescaped newlines in JSON strings.
+
+    When subprocess outputs multiline JSON, newlines inside string values
+    are not escaped, causing json.loads() to fail. This function escapes them.
+
+    DX-33: Escape hatch for complex pure logic helper.
+    """
+    result = []
+    i = 0
+    while i < len(text):
+        if text[i] == '"':
+            # Inside a string - collect until closing quote
+            result.append('"')
+            i += 1
+            while i < len(text):
+                c = text[i]
+                if c == "\\" and i + 1 < len(text):
+                    # Escaped character - keep as is
+                    result.append("\\")
+                    result.append(text[i + 1])
+                    i += 2
+                elif c == '"':
+                    # End of string
+                    result.append('"')
+                    i += 1
+                    break
+                elif c == "\n" or c == "\r":
+                    # Unescaped newline - escape it
+                    result.append("\\n")
+                    i += 1
+                else:
+                    result.append(c)
+                    i += 1
+        else:
+            result.append(text[i])
+            i += 1
+    return "".join(result)

invar/node_tools/eslint-plugin/cli.js

@@ -16,11 +16,61 @@
 import { ESLint } from 'eslint';
 import { resolve, dirname } from 'path';
 import { statSync, realpathSync } from 'fs';
+import { spawnSync } from 'child_process';
 import { fileURLToPath } from 'url';
+import { createRequire } from 'module';
 import plugin from './index.js';
 // Get the directory where this CLI script is located (embedded in site-packages)
 const __filename = fileURLToPath(import.meta.url);
 const __dirname = dirname(__filename);
+
+const require = createRequire(import.meta.url);
+
+function resolveTsParser(projectPath) {
+    try {
+        const tseslintEntry = require.resolve('typescript-eslint', { paths: [projectPath] });
+        if (tseslintEntry) {
+            const tseslintRoot = dirname(dirname(tseslintEntry));
+            return require.resolve('@typescript-eslint/parser', { paths: [tseslintRoot] });
+        }
+    }
+    catch {
+    }
+
+    try {
+        return require.resolve('@typescript-eslint/parser', { paths: [projectPath] });
+    }
+    catch {
+    }
+
+    try {
+        return require.resolve('@typescript-eslint/parser', { paths: [__dirname] });
+    }
+    catch {
+        return null;
+    }
+}
+function _gitLsFiles(projectPath) {
+    const check = spawnSync('git', ['-C', projectPath, 'rev-parse', '--is-inside-work-tree'], {
+        encoding: 'utf8',
+        timeout: 2000,
+    });
+    if (check.status !== 0) {
+        return null;
+    }
+
+    const ls = spawnSync('git', ['-C', projectPath, 'ls-files', '-z', '--', '*.ts', '*.tsx'], {
+        encoding: 'utf8',
+        timeout: 15000,
+    });
+    if (ls.status !== 0 || !ls.stdout) {
+        return null;
+    }
+
+    const files = ls.stdout.split('\0').filter(Boolean);
+    return files.length > 0 ? files : null;
+}
+
 function parseArgs(args) {
     const projectPath = args.find(arg => !arg.startsWith('--')) || '.';
     const configArg = args.find(arg => arg.startsWith('--config='));
@@ -93,44 +143,35 @@ async function main() {
             console.error(`Config "${args.config}" not found or invalid`);
             process.exit(1);
         }
-        // Create ESLint instance with programmatic configuration
-        // Use __dirname (where CLI is located) for module resolution
-        // This allows ESLint to find embedded node_modules in site-packages
-        const eslint = new ESLint({
-            useEslintrc: false, // Don't load .eslintrc files
-            cwd: __dirname, // Use CLI location for module resolution (embedded node_modules)
-            resolvePluginsRelativeTo: __dirname, // Resolve plugins from embedded location
-            baseConfig: {
-                parser: '@typescript-eslint/parser', // Will resolve from __dirname/node_modules
-                parserOptions: {
-                    ecmaVersion: 2022,
-                    sourceType: 'module',
-                },
-                plugins: ['@invar'],
-                rules: selectedConfig.rules,
-            },
-            plugins: {
-                '@invar': plugin, // Register plugin directly
-            },
-        }); // Type assertion for ESLint config complexity
-        // Lint the project - detect if path is a file or directory
-        // ESLint defaults to .js only, so we need glob patterns for .ts/.tsx
+        const tsParser = resolveTsParser(projectPath);
+        if (!tsParser) {
+            console.error("ESLint failed: Failed to load TypeScript parser.");
+            console.error("Install either 'typescript-eslint' or '@typescript-eslint/parser' in your project.");
+            process.exit(1);
+        }
+
         let filesToLint;
+        let lintCwd = projectPath;
+        let globInputPaths = true;
         try {
             const stats = statSync(projectPath);
-            // Note: Advisory check for optimization - TOCTOU race condition is acceptable
-            // because ESLint will handle file system changes gracefully during actual linting
             if (stats.isFile()) {
-                // Single file - lint it directly
+                lintCwd = dirname(projectPath);
                 filesToLint = [projectPath];
+                globInputPaths = false;
             }
             else if (stats.isDirectory()) {
-                // Directory - use glob patterns for TypeScript files primarily
-                // Note: Focus on TypeScript files as this is a TypeScript Guard tool
-                filesToLint = [
-                    `${projectPath}/**/*.ts`,
-                    `${projectPath}/**/*.tsx`,
-                ];
+                const gitFiles = _gitLsFiles(projectPath);
+                if (gitFiles) {
+                    filesToLint = gitFiles;
+                    globInputPaths = false;
+                }
+                else {
+                    filesToLint = [
+                        "**/*.ts",
+                        "**/*.tsx",
+                    ];
+                }
             }
             else {
                 console.error(`Error: Path is neither a file nor a directory: ${projectPath}`);
@@ -142,6 +183,39 @@ async function main() {
             console.error(`Error: Cannot access path: ${errorMessage}`);
             process.exit(1);
         }
+
+        const eslint = new ESLint({
+            useEslintrc: false,
+            cwd: lintCwd,
+            resolvePluginsRelativeTo: __dirname,
+            errorOnUnmatchedPattern: false,
+            globInputPaths,
+            baseConfig: {
+                parser: tsParser,
+                parserOptions: {
+                    ecmaVersion: 2022,
+                    sourceType: 'module',
+                },
+                plugins: ['@invar'],
+                rules: selectedConfig.rules,
+                ignorePatterns: [
+                    '**/node_modules/**',
+                    '**/.next/**',
+                    '**/dist/**',
+                    '**/build/**',
+                    '**/.cache/**',
+                    '**/coverage/**',
+                    '**/.turbo/**',
+                    '**/.vercel/**',
+                    '**/playwright-report/**',
+                    '**/test-results/**',
+                ],
+            },
+            plugins: {
+                '@invar': plugin, // Register plugin directly
+            },
+        });
+
         const results = await eslint.lintFiles(filesToLint);
         // Output in standard ESLint JSON format (compatible with guard_ts.py)
         const formatter = await eslint.loadFormatter('json');

invar/node_tools/eslint-plugin/rules/require-schema-validation.js

@@ -77,49 +77,58 @@ function matchesEnforcePattern(filePath, patterns) {
 function isZodType(typeAnnotation) {
     return ZOD_TYPE_PATTERNS.some(pattern => pattern.test(typeAnnotation));
 }
-function hasParseCall(body, paramName) {
+function collectParseArgs(body, visitorKeys) {
+    const parsed = new Set();
     if (!body)
-        return false;
-    let found = false;
-    const MAX_DEPTH = 50; // Prevent stack overflow on deeply nested types
-    const visit = (node, depth = 0) => {
-        if (found)
-            return;
+        return parsed;
+
+    const MAX_DEPTH = 50;
+    const stack = [{ node: body, depth: 0 }];
+
+    while (stack.length > 0) {
+        const current = stack.pop();
+        if (!current)
+            continue;
+        const node = current.node;
+        const depth = current.depth;
+        if (!node || typeof node !== 'object')
+            continue;
         if (depth > MAX_DEPTH)
-            return; // Depth limit to prevent stack overflow
+            continue;
+
         if (node.type === 'CallExpression') {
             const callee = node.callee;
-            if (callee.type === 'MemberExpression') {
+            if (callee && callee.type === 'MemberExpression') {
                 const property = callee.property;
-                if (property.type === 'Identifier' &&
-                    (property.name === 'parse' || property.name === 'safeParse')) {
-                    // Check if argument is our param
-                    if (node.arguments.some(arg => arg.type === 'Identifier' && arg.name === paramName)) {
-                        found = true;
-                        return;
+                if (property && property.type === 'Identifier' && (property.name === 'parse' || property.name === 'safeParse')) {
+                    for (const arg of node.arguments || []) {
+                        if (arg && arg.type === 'Identifier') {
+                            parsed.add(arg.name);
+                        }
                     }
                 }
             }
         }
-        // Recursively visit children with depth tracking
-        for (const key of Object.keys(node)) {
+
+        const keys = (visitorKeys && node.type && visitorKeys[node.type]) || [];
+        for (const key of keys) {
             const value = node[key];
-            if (value && typeof value === 'object') {
-                if (Array.isArray(value)) {
-                    for (const item of value) {
-                        if (item && typeof item === 'object' && 'type' in item) {
-                            visit(item, depth + 1);
-                        }
+            if (!value)
+                continue;
+            if (Array.isArray(value)) {
+                for (const item of value) {
+                    if (item && typeof item === 'object' && item.type) {
+                        stack.push({ node: item, depth: depth + 1 });
                     }
                 }
-                else if ('type' in value) {
-                    visit(value, depth + 1);
-                }
+            }
+            else if (typeof value === 'object' && value.type) {
+                stack.push({ node: value, depth: depth + 1 });
             }
         }
-    };
-    visit(body);
-    return found;
+    }
+
+    return parsed;
 }
 export const requireSchemaValidation = {
     meta: {
@@ -206,49 +215,54 @@ export const requireSchemaValidation = {
         }
         function checkFunction(node, params) {
             const functionName = getFunctionName(node);
-            // Skip if shouldn't check based on mode
             if (!shouldCheck(functionName)) {
                 return;
             }
+
             const body = 'body' in node ? node.body : null;
+            const zodParams = params.filter((p) => p.typeAnnotation && isZodType(p.typeAnnotation) && p.name && p.name !== '{...}' && p.name !== '[...]');
+            if (zodParams.length === 0) {
+                return;
+            }
+
+            const parsedArgs = collectParseArgs(body, sourceCode.visitorKeys);
             const isRiskFunction = isHighRiskFunction(functionName, filename);
-            for (const param of params) {
-                if (param.typeAnnotation && isZodType(param.typeAnnotation)) {
-                    if (!hasParseCall(body, param.name)) {
-                        // Extract schema name from type annotation (e.g., "z.infer<typeof UserSchema>" -> "UserSchema")
-                        const schemaMatch = param.typeAnnotation.match(/typeof\s+(\w+)/);
-                        const schemaName = schemaMatch ? schemaMatch[1] : 'Schema';
-                        const validatedVarName = `validated${param.name.charAt(0).toUpperCase()}${param.name.slice(1)}`;
-                        context.report({
-                            node: node,
-                            messageId: isRiskFunction ? 'missingValidationRisk' : 'missingValidation',
-                            data: {
-                                name: param.name,
-                                functionName: functionName,
-                            },
-                            suggest: [
-                                {
-                                    messageId: 'addParseCall',
-                                    data: { name: param.name },
-                                    fix(fixer) {
-                                        // Find the opening brace of the function body
-                                        if (!body || body.type !== 'BlockStatement')
-                                            return null;
-                                        const blockBody = body;
-                                        if (!blockBody.body || blockBody.body.length === 0)
-                                            return null;
-                                        const firstStatement = blockBody.body[0];
-                                        // Detect indentation from the first statement
-                                        const firstStatementStart = firstStatement.loc?.start.column ?? 2;
-                                        const indent = ' '.repeat(firstStatementStart);
-                                        const parseCode = `const ${validatedVarName} = ${schemaName}.parse(${param.name});\n${indent}`;
-                                        return fixer.insertTextBefore(firstStatement, parseCode);
-                                    },
-                                },
-                            ],
-                        });
-                    }
+
+            for (const param of zodParams) {
+                if (parsedArgs.has(param.name)) {
+                    continue;
                 }
+
+                const schemaMatch = param.typeAnnotation.match(/typeof\s+(\w+)/);
+                const schemaName = schemaMatch ? schemaMatch[1] : 'Schema';
+                const validatedVarName = `validated${param.name.charAt(0).toUpperCase()}${param.name.slice(1)}`;
+
+                context.report({
+                    node: node,
+                    messageId: isRiskFunction ? 'missingValidationRisk' : 'missingValidation',
+                    data: {
+                        name: param.name,
+                        functionName: functionName,
+                    },
+                    suggest: [
+                        {
+                            messageId: 'addParseCall',
+                            data: { name: param.name },
+                            fix(fixer) {
+                                if (!body || body.type !== 'BlockStatement')
+                                    return null;
+                                const blockBody = body;
+                                if (!blockBody.body || blockBody.body.length === 0)
+                                    return null;
+                                const firstStatement = blockBody.body[0];
+                                const firstStatementStart = firstStatement.loc?.start.column ?? 2;
+                                const indent = ' '.repeat(firstStatementStart);
+                                const parseCode = `const ${validatedVarName} = ${schemaName}.parse(${param.name});\n${indent}`;
+                                return fixer.insertTextBefore(firstStatement, parseCode);
+                            },
+                        },
+                    ],
+                });
             }
         }
         /**