mss-vdp 2.1.0__tar.gz

mss_vdp-2.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 MSS-AI Project Contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

mss_vdp-2.1.0/PKG-INFO

@@ -0,0 +1,111 @@
+Metadata-Version: 2.4
+Name: mss-vdp
+Version: 2.1.0
+Summary: MSS Verification Discipline Protocol — Multi-language code quality & compliance scanner
+Home-page: https://github.com/mss-ai/vdp
+Author: MSS-AI
+Classifier: Development Status :: 5 - Production/Stable
+Classifier: Intended Audience :: Developers
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3.10
+Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
+Classifier: Topic :: Software Development :: Quality Assurance
+Classifier: Topic :: Software Development :: Testing
+Requires-Python: >=3.10
+Description-Content-Type: text/markdown
+License-File: LICENSE
+Requires-Dist: tree-sitter>=0.20
+Requires-Dist: tree-sitter-python
+Requires-Dist: tree-sitter-javascript
+Requires-Dist: tree-sitter-rust
+Requires-Dist: tree-sitter-java
+Requires-Dist: tree-sitter-cpp
+Requires-Dist: tree-sitter-c
+Requires-Dist: tree-sitter-go
+Requires-Dist: tree-sitter-ruby
+Requires-Dist: tree-sitter-php
+Requires-Dist: uvicorn
+Requires-Dist: fastapi
+Requires-Dist: pydantic
+Dynamic: author
+Dynamic: classifier
+Dynamic: description
+Dynamic: description-content-type
+Dynamic: home-page
+Dynamic: license-file
+Dynamic: requires-dist
+Dynamic: requires-python
+Dynamic: summary
+
+# MSS-VDP v2.0
+
+**Verification Discipline Protocol** — Multi-language code quality, security, and compliance scanner.
+
+## Quick Start
+
+```bash
+pip install mss-vdp
+
+# Scan Python
+vdp-scan src/ --json
+
+# Scan JavaScript
+vdp-js src/ --json
+
+# Full pipeline (all languages)
+vdp-pipeline . --json
+
+# Smoke test (19 checks)
+vdp-smoke
+```
+
+## Supported Languages (10)
+
+| Language | Command | Engine | Rules |
+|----------|---------|--------|-------|
+| Python | `vdp-scan` | tree-sitter | V1-V6 |
+| JavaScript/TS | `vdp-js` | tree-sitter | V1-V9 |
+| Rust | `vdp-rust` | tree-sitter | R1-R5 |
+| Java | `vdp-scan --java` | tree-sitter | J1-J5 |
+| C/C++ | `vdp-scan --cpp` | tree-sitter | C1-C4 |
+| Go | `vdp-go` | tree-sitter | G1-G5 |
+| Ruby | `vdp-ruby` | tree-sitter | R1-R5 |
+| PHP | `vdp-php` | tree-sitter | P1-P5 |
+| Kotlin | `vdp-kotlin` | regex | K1-K5 |
+| C# | `vdp-csharp` | regex | C1-C5 |
+
+## Tools
+
+### Runtimes
+- **Rate Limiter** — Token bucket for API protection
+- **Service Monitor** — Health check + Lark/Slack alerts
+- **Lock Profiler** — Thread contention detection
+- **Memory Profiler** — tracemalloc leak detection
+- **Fuzzer** — Random mutation testing
+
+### Domain Tools
+- **PowerShell Verify** — 11-command PS safety checker
+- **PowerShell Judge** — Golden answer benchmark
+- **Python Clean** — venv/pyc/pip diagnostics
+- **Android/iOS Verify** — Mobile dev diagnostics
+
+### Analysis
+- **Org Resilience** — Organizational health + 3-layer Tuning Degree
+- **Content Compliance** — Document quality scanner
+- **LLM Benchmark** — Offline/live/regression LLM evaluation
+- **VDP DSL** — Custom rule engine (YAML-based)
+
+## CI/CD
+
+```yaml
+# GitHub Actions
+.github/workflows/vdp-pipeline.yml
+
+# GitLab CI
+.gitlab-ci.yml
+```
+
+## License
+
+MIT

mss_vdp-2.1.0/README.md

@@ -0,0 +1,71 @@
+# MSS-VDP v2.0
+
+**Verification Discipline Protocol** — Multi-language code quality, security, and compliance scanner.
+
+## Quick Start
+
+```bash
+pip install mss-vdp
+
+# Scan Python
+vdp-scan src/ --json
+
+# Scan JavaScript
+vdp-js src/ --json
+
+# Full pipeline (all languages)
+vdp-pipeline . --json
+
+# Smoke test (19 checks)
+vdp-smoke
+```
+
+## Supported Languages (10)
+
+| Language | Command | Engine | Rules |
+|----------|---------|--------|-------|
+| Python | `vdp-scan` | tree-sitter | V1-V6 |
+| JavaScript/TS | `vdp-js` | tree-sitter | V1-V9 |
+| Rust | `vdp-rust` | tree-sitter | R1-R5 |
+| Java | `vdp-scan --java` | tree-sitter | J1-J5 |
+| C/C++ | `vdp-scan --cpp` | tree-sitter | C1-C4 |
+| Go | `vdp-go` | tree-sitter | G1-G5 |
+| Ruby | `vdp-ruby` | tree-sitter | R1-R5 |
+| PHP | `vdp-php` | tree-sitter | P1-P5 |
+| Kotlin | `vdp-kotlin` | regex | K1-K5 |
+| C# | `vdp-csharp` | regex | C1-C5 |
+
+## Tools
+
+### Runtimes
+- **Rate Limiter** — Token bucket for API protection
+- **Service Monitor** — Health check + Lark/Slack alerts
+- **Lock Profiler** — Thread contention detection
+- **Memory Profiler** — tracemalloc leak detection
+- **Fuzzer** — Random mutation testing
+
+### Domain Tools
+- **PowerShell Verify** — 11-command PS safety checker
+- **PowerShell Judge** — Golden answer benchmark
+- **Python Clean** — venv/pyc/pip diagnostics
+- **Android/iOS Verify** — Mobile dev diagnostics
+
+### Analysis
+- **Org Resilience** — Organizational health + 3-layer Tuning Degree
+- **Content Compliance** — Document quality scanner
+- **LLM Benchmark** — Offline/live/regression LLM evaluation
+- **VDP DSL** — Custom rule engine (YAML-based)
+
+## CI/CD
+
+```yaml
+# GitHub Actions
+.github/workflows/vdp-pipeline.yml
+
+# GitLab CI
+.gitlab-ci.yml
+```
+
+## License
+
+MIT

mss_vdp-2.1.0/alert_sender.py

@@ -0,0 +1,138 @@
+#!/usr/bin/env python3
+"""
+MSS 告警发送器 — Lark/Slack Webhook 通知
+集成 rate_limiter TokenBucket 防止平台限流
+"""
+import os, json, urllib.request, time
+from datetime import datetime
+from rate_limiter import TokenBucket
+
+# ── Webhook 地址 (环境变量) ──
+LARK_WEBHOOK = os.getenv("LARK_WEBHOOK_URL", "")
+SLACK_WEBHOOK = os.getenv("SLACK_WEBHOOK_URL", "")
+
+# ── 告警限速器: 1条/分钟, burst 2 (防同一事件多次触发) ──
+_alert_limiter = TokenBucket(rate=1/60, burst=2)
+
+# ── 颜色映射 ──
+COLORS = {"ERROR": "red", "WARN": "orange", "INFO": "green"}
+
+
+def send_alert(platform: str, title: str, content: str, level: str = "ERROR") -> bool:
+    """发送告警到 Lark 或 Slack (自动限速)"""
+    if not _alert_limiter.consume(1):
+        print(f"[ALERT] Rate limited: {title[:60]}")
+        return False
+    
+    ts = datetime.now().strftime("%Y-%m-%d %H:%M:%S")
+    
+    if platform == "lark":
+        if not LARK_WEBHOOK:
+            print("[ALERT] LARK_WEBHOOK_URL not configured")
+            return False
+        payload = {
+            "msg_type": "interactive",
+            "card": {
+                "header": {
+                    "title": {"tag": "plain_text", "content": title},
+                    "template": COLORS.get(level, "blue"),
+                },
+                "elements": [{
+                    "tag": "div",
+                    "text": {"tag": "lark_md", "content": f"**时间**: {ts}\n{content}"}
+                }]
+            }
+        }
+        url = LARK_WEBHOOK
+    
+    elif platform == "slack":
+        if not SLACK_WEBHOOK:
+            print("[ALERT] SLACK_WEBHOOK_URL not configured")
+            return False
+        payload = {
+            "attachments": [{
+                "color": COLORS.get(level, "#36a64f"),
+                "title": title,
+                "text": f"*{ts}*\n{content}",
+                "footer": "MSS VDP Monitor",
+            }]
+        }
+        url = SLACK_WEBHOOK
+    
+    else:
+        return False
+    
+    body = json.dumps(payload, ensure_ascii=False).encode("utf-8")
+    try:
+        req = urllib.request.Request(url, data=body, headers={"Content-Type": "application/json"})
+        with urllib.request.urlopen(req, timeout=5) as resp:
+            return resp.status == 200
+    except Exception as e:
+        print(f"[ALERT] Send failed: {e}")
+        return False
+
+
+def send_both(title: str, content: str, level: str = "ERROR"):
+    """同时发送到 Lark 和 Slack"""
+    ok_l = send_alert("lark", title, content, level) if LARK_WEBHOOK else None
+    ok_s = send_alert("slack", title, content, level) if SLACK_WEBHOOK else None
+    return ok_l, ok_s
+
+
+# ── 预定义告警模板 ──
+
+def alert_service_down(service_name: str, port: int, detail: str = "") -> bool:
+    return send_both(
+        f"🚨 服务 {service_name} 下线",
+        f"端口 `{port}` 无响应\n{detail}",
+        "ERROR"
+    )
+
+def alert_service_up(service_name: str, port: int) -> bool:
+    return send_both(
+        f"✅ 服务 {service_name} 恢复",
+        f"端口 `{port}` 已恢复正常",
+        "INFO"
+    )
+
+def alert_rate_limit(ip: str, endpoint: str, count: int) -> bool:
+    return send_both(
+        f"🛡️ 速率限制触发",
+        f"IP `{ip}` 在 `{endpoint}` 被拦截 {count} 次",
+        "WARN"
+    )
+
+def alert_vdp_scan_complete(files: int, violations: int, rejects: int, duration_ms: float) -> bool:
+    level = "ERROR" if rejects > 0 else "INFO"
+    return send_both(
+        f"{'❌' if rejects else '✅'} VDP 扫描完成",
+        f"文件: {files} | 违规: {violations} | 拒绝: {rejects} | 耗时: {duration_ms:.0f}ms",
+        level
+    )
+
+def alert_memory_warning(process: str, current_mb: float, limit_mb: float) -> bool:
+    return send_both(
+        f"⚠️ 内存使用告警",
+        f"进程 `{process}` 使用 {current_mb:.1f}MB / 限制 {limit_mb:.1f}MB",
+        "WARN"
+    )
+
+
+# ── CLI ──
+
+if __name__ == "__main__":
+    import argparse
+    ap = argparse.ArgumentParser(description='MSS 告警发送器')
+    ap.add_argument('--test', action='store_true', help='发送测试告警')
+    ap.add_argument('--platform', choices=['lark','slack','both'], default='both')
+    args = ap.parse_args()
+    
+    if args.test:
+        print(f"Testing alert...")
+        print(f"  Lark webhook:  {'configured' if LARK_WEBHOOK else 'NOT SET'}")
+        print(f"  Slack webhook: {'configured' if SLACK_WEBHOOK else 'NOT SET'}")
+        
+        ok = alert_service_down("test-service", 9999, "这是一个测试告警")
+        print(f"  Sent: {ok}")
+    else:
+        ap.print_help()

mss_vdp-2.1.0/content_compliance.py

@@ -0,0 +1,213 @@
+#!/usr/bin/env python3
+"""
+MSS 内容合规扫描器 v15.1
+针对文档/报告/知识库条目的文本质量审计。
+规则: C1_CLAIM (无锚断言), C2_VAGUE (模糊语言), C3_MEME (模因污染),
+      C4_PSEUDO (伪科学性), C5_THERMAL (热税短视)
+100% 自包含, 无外部依赖。
+"""
+import json, re, argparse, os, sys
+from datetime import datetime
+from pathlib import Path
+
+# ── 规则定义 ──
+
+RULES = {
+    'C1_CLAIM': {
+        'name': '无锚断言检测',
+        'severity': 'reject',
+        'patterns': [
+            r'必然|绝对|毫无疑问|100%|永远|绝不会|显然',
+            r'所有.*都|没有人|从未|始终|完全',
+            r'科学证明|研究表明|数据表明|事实是',
+        ],
+        'detail': '绝对化/无证据断言 — 违反 A7 诚实边界公理',
+        'layer': 'L2',
+    },
+    'C2_VAGUE': {
+        'name': '模糊语言检测',
+        'severity': 'warn',
+        'patterns': [
+            r'某种程度|或多或少|某种意义上|似乎|可能.*也可能',
+            r'一言难尽|说不清|难以描述',
+            r'各方面|全方位|多层次|多维度',
+        ],
+        'detail': '模糊化表达 — 降低信息密度, 增加意义热税 (A3)',
+        'layer': 'L2',
+    },
+    'C3_MEME': {
+        'name': '模因污染检测',
+        'severity': 'warn',
+        'patterns': [
+            r'降维打击|底层逻辑|顶层设计|闭环|赋能',
+            r'抓手|对齐|颗粒度|引爆点|护城河',
+            r'范式|生态|入口|中台|私域',
+            r'all in|内卷|躺平|PUA|画饼',
+        ],
+        'detail': '商业化模因/流行语 — 模因污染降低意义保真度',
+        'layer': 'L3',
+    },
+    'C4_PSEUDO': {
+        'name': '伪科学性检测',
+        'severity': 'reject',
+        'patterns': [
+            r'量子.*能|量子.*疗|量子.*灵',
+            r'能量场|频率共振|宇宙法则|吸引力法则',
+            r'负离子|远红外|纳米.*量子|石墨烯.*量子',
+            r'熵增.*逆|意识.*量子|灵魂.*量子',
+        ],
+        'detail': '伪科学用语 — 将科学术语用作魔法咒语 (A5 物理投影断裂)',
+        'layer': 'L1',
+    },
+    'C5_THERMAL': {
+        'name': '热税短视检测',
+        'severity': 'warn',
+        'patterns': [
+            r'快速.*搞定|一键.*解决|秒变|立马',
+            r'不花.*时间|零成本|无脑|躺赚',
+            r'短期.*见效|快速.*变现|立刻.*提升',
+        ],
+        'detail': '热税短视症 — 承诺零热税操作, 忽略长期代价 (A3)',
+        'layer': 'L1',
+    },
+}
+
+
+class ContentComplianceScanner:
+    """v15.1 内容合规扫描器"""
+    
+    def scan_text(self, text: str, target: str = '<inline>') -> dict:
+        violations = []
+        for rule_id, rule in RULES.items():
+            for pat in rule['patterns']:
+                for m in re.finditer(pat, text):
+                    # Extract surrounding context
+                    start = max(0, m.start() - 20)
+                    end = min(len(text), m.end() + 40)
+                    snippet = text[start:end].replace('\n', ' ')
+                    violations.append({
+                        'rule_id': rule_id,
+                        'severity': rule['severity'],
+                        'layer': rule['layer'],
+                        'category': rule['name'],
+                        'detail': rule['detail'],
+                        'loc': f'pos {m.start()}',
+                        'match': m.group(),
+                        'context': snippet.strip(),
+                    })
+        
+        violations.sort(key=lambda v: (v['severity'] == 'reject', v['loc']))
+        
+        lines = len(text.split('\n')) if text else 0
+        score = max(0, 100 - len(violations) * 5)
+        
+        return {
+            'target': target, 'target_type': 'text',
+            'total_lines': lines,
+            'violations': violations,
+            'verdict': 'reject' if any(v['severity']=='reject' for v in violations)
+                       else 'warn' if violations else 'pass',
+            'compliance_score': score,
+        }
+    
+    def scan_file(self, filepath: str) -> dict:
+        try:
+            with open(filepath, 'r', encoding='utf-8', errors='replace') as f:
+                content = f.read()
+        except Exception as e:
+            return {'target': filepath, 'error': str(e), 'violations': []}
+        return self.scan_text(content, filepath)
+    
+    def scan_directory(self, directory: str, patterns: list = None) -> list:
+        if patterns is None:
+            patterns = ['*.md', '*.txt', '*.json', '*.py', '*.yaml', '*.yml']
+        
+        results = []
+        for root, dirs, files in os.walk(directory):
+            dirs[:] = [d for d in dirs if not d.startswith('.') and d not in ('node_modules', '.git', '__pycache__')]
+            for f in files:
+                fp = os.path.join(root, f)
+                if any(Path(f).match(p) for p in patterns):
+                    r = self.scan_file(fp)
+                    if r.get('violations'):
+                        results.append(r)
+        
+        return results
+    
+    def batch_report(self, results: list) -> dict:
+        total_v = sum(len(r.get('violations', [])) for r in results)
+        rejects = sum(1 for r in results if r.get('verdict') == 'reject')
+        by_rule = {}
+        for r in results:
+            for v in r.get('violations', []):
+                rid = v['rule_id']
+                by_rule[rid] = by_rule.get(rid, 0) + 1
+        
+        return {
+            'timestamp': datetime.now().isoformat(),
+            'files_scanned': len(results),
+            'total_violations': total_v,
+            'rejects': rejects,
+            'by_rule': by_rule,
+            'verdict': 'reject' if rejects > 0 else 'warn' if total_v > 0 else 'pass',
+        }
+
+
+def main():
+    ap = argparse.ArgumentParser(description='MSS 内容合规扫描器 v15.1')
+    ap.add_argument('target', nargs='?', help='文件或目录')
+    ap.add_argument('--json', action='store_true', help='JSON 输出')
+    ap.add_argument('--recursive', action='store_true', help='递归扫描目录')
+    ap.add_argument('--demo', action='store_true', help='自助扫描 (扫描自身)')
+    ap.add_argument('--rules', action='store_true', help='输出规则列表')
+    args = ap.parse_args()
+    
+    if args.rules:
+        for rid, rule in RULES.items():
+            print(f"[{rule['severity']:6s}] {rid} [{rule['layer']}] {rule['name']}")
+            print(f"       {rule['detail']}")
+            print(f"       示例: {rule['patterns'][0][:60]}")
+            print()
+        return
+    
+    scanner = ContentComplianceScanner()
+    
+    if args.demo:
+        target = os.path.dirname(__file__) or '.'
+        args.recursive = True
+    elif not args.target:
+        ap.print_help()
+        return
+    else:
+        target = args.target
+    
+    if os.path.isfile(target):
+        result = scanner.scan_file(target)
+        results = [result]
+    elif args.recursive:
+        results = scanner.scan_directory(target)
+    else:
+        results = [scanner.scan_file(f) for f in Path(target).glob('*') if f.is_file()]
+    
+    report = scanner.batch_report(results)
+    
+    if args.json:
+        print(json.dumps({'report': report, 'results': results}, indent=2, ensure_ascii=False))
+    else:
+        print(f"扫描 {report['files_scanned']} 文件: {report['total_violations']} violations ({report['verdict']})")
+        if report['by_rule']:
+            for rid, count in sorted(report['by_rule'].items()):
+                print(f"  {rid}: {count}")
+        
+        for r in results[:10]:
+            vs = r.get('violations', [])
+            if vs:
+                print(f"\n  {r['target']}:")
+                for v in vs[:5]:
+                    print(f"    [{v['severity']:6s}] {v['rule_id']} | {v['match']:12s} | {v['detail'][:60]}")
+    
+    sys.exit(1 if report['verdict'] == 'reject' else 0)
+
+
+if __name__ == '__main__':
+    main()