ailabs/puaros
1
0
Fork 0
mirror of https://github.com/samiyev/puaros.git synced 2025-12-27 23:06:54 +05:00
Code Issues Packages Projects Releases Wiki Activity
100 Commits 1 Branch 67 Tags
6234fbce925e0bdd7a35d8f9522d14af393fa0a5
Commit Graph

84 Commits

Author SHA1 Message Date
imfozilbek
af9c2377a0 chore(ipuaro): bump version to 0.3.0 2025-11-30 01:25:23 +05:00
imfozilbek
d0c1ddc22e feat(ipuaro): implement indexer module (v0.3.0) 
Add complete indexer infrastructure:
- FileScanner: recursive scanning with gitignore support
- ASTParser: tree-sitter based TS/JS/TSX/JSX parsing
- MetaAnalyzer: complexity metrics, dependency analysis
- IndexBuilder: symbol index and dependency graph
- Watchdog: file watching with chokidar and debouncing

321 tests, 96.38% coverage
 2025-11-30 01:24:21 +05:00
imfozilbek
225480c806 feat(ipuaro): implement Redis storage module (v0.2.0) 
- Add RedisClient with connection management and AOF config
- Add RedisStorage implementing full IStorage interface
- Add Redis key schema for project and session data
- Add generateProjectName() utility
- Add 68 unit tests for Redis module (159 total)
- Update ESLint: no-unnecessary-type-parameters as warn
 2025-11-30 00:22:49 +05:00
imfozilbek
fd8e97af0e chore(ipuaro): bump version to 0.1.1 2025-11-29 23:25:49 +05:00
imfozilbek
d36f9a6e21 chore(guardian): bump version to 0.9.3 2025-11-29 23:24:28 +05:00
imfozilbek
4267938dcd docs(guardian): remove fictional success stories and stats 2025-11-29 23:22:26 +05:00
imfozilbek
127c7e2185 docs(ipuaro): improve README with detailed documentation 2025-11-29 23:19:56 +05:00
imfozilbek
130a8c4f24 feat(ipuaro): implement v0.1.0 foundation 
- Project setup with tsup, vitest, ESM support
- Domain entities: Session, Project
- Value objects: FileData, FileAST, FileMeta, ChatMessage, ToolCall, ToolResult, UndoEntry
- Service interfaces: IStorage, ILLMClient, ITool, IIndexer, IToolRegistry
- Shared: Config (zod), IpuaroError, utils (hash, tokens), Result type
- CLI with placeholder commands (start, init, index)
- 91 unit tests with 100% coverage
- Fix package scope @puaros -> @samiyev in CLAUDE.md
 2025-11-29 23:08:38 +05:00
imfozilbek
7f6180df37 docs: add monorepo versioning strategy and release pipeline 
- add Path Reference section with explicit paths
- add Monorepo Versioning Strategy with prefixed tags
- add 6-phase Release Pipeline documentation
- update Git Commit Format for monorepo (package scope)
- update .gitmessage with package scopes
- fix tsconfig.json references (remove non-existent, add ipuaro)
- fix guardian tsconfig formatting (4-space indent)
 2025-11-29 22:41:03 +05:00
imfozilbek
daace23814 docs: move ipuaro CONCEPT.md to docs folder 2025-11-29 22:12:28 +05:00
imfozilbek
625e109c0a feat: add ipuaro package with concept and roadmap 2025-11-29 22:10:32 +05:00
imfozilbek
085e236c4a docs: move guardian analysis docs to docs folder 2025-11-29 22:09:42 +05:00
imfozilbek
ee6388f587 docs: add research on project structure detection approaches 2025-11-28 11:41:21 +05:00
imfozilbek
a75dbcf147 chore: bump version to 0.9.2 2025-11-27 19:32:07 +05:00
imfozilbek
42da5127cc docs: update CHANGELOG.md for v0.9.2 2025-11-27 19:28:32 +05:00
imfozilbek
0da6d9f3c2 test: update naming convention detector tests for AST-based analysis 2025-11-27 19:27:46 +05:00
imfozilbek
6b35679f09 refactor: update AST strategies to use centralized node type constants 2025-11-27 19:27:30 +05:00
imfozilbek
07e6535633 refactor: add context keywords and improve hardcoded value suggestions 2025-11-27 19:27:07 +05:00
imfozilbek
e8626dd03c refactor: migrate naming convention detector to AST-based analysis 2025-11-27 19:26:43 +05:00
imfozilbek
ce78183c6e refactor: create AST-based naming analyzers for enhanced detection 2025-11-27 19:26:24 +05:00
imfozilbek
1d6aebcd87 refactor: add AST node type constants for tree-sitter analysis 2025-11-27 19:26:01 +05:00
imfozilbek
ceb87f1b1f chore: bump version to 0.9.1 2025-11-26 18:10:36 +05:00
imfozilbek
b953956181 docs: update CHANGELOG.md for v0.9.1 2025-11-26 17:39:21 +05:00
imfozilbek
af094eb54a refactor: migrate hardcode detector from regex to AST-based analysis 
- Replace regex-based matchers with tree-sitter AST traversal
- Add duplicate value tracking across files
- Implement boolean literal detection
- Add value type classification (email, url, ip, api_key, etc.)
- Improve context awareness with AST node analysis
- Reduce false positives with better constant detection

Breaking changes removed:
- BraceTracker.ts
- ExportConstantAnalyzer.ts
- MagicNumberMatcher.ts
- MagicStringMatcher.ts

New components added:
- AstTreeTraverser for AST walking
- DuplicateValueTracker for cross-file tracking
- AstContextChecker for node context analysis
- AstNumberAnalyzer, AstStringAnalyzer, AstBooleanAnalyzer
- ValuePatternMatcher for type detection

Test coverage: 87.97% statements, 96.75% functions
 2025-11-26 17:38:30 +05:00
imfozilbek
656571860e docs: add Anemic Model Detection documentation to WHY.md and RESEARCH_CITATIONS.md 2025-11-26 00:44:12 +05:00
imfozilbek
a6b4c69b75 feat: add anemic model detection and refactor hardcoded values (v0.9.0) 2025-11-26 00:09:48 +05:00
imfozilbek
1d6c2a0e00 refactor: extract all hardcoded values to constants (v0.8.1) 
Fix all 63 hardcoded value issues from Guardian self-check:
- Remove hardcoded Slack token from documentation
- Remove aws-sdk framework leak from domain layer
- Rename 4 pipeline files to verb-noun convention
- Extract 57 magic strings to SecretExamples.ts constants
- Update SecretViolation, SecretDetector, MagicStringMatcher
- Use typeof for TypeScript literal type in getSeverity()

Result: 0 issues in Guardian self-check (was 63)
All 566 tests passing, build successful
 2025-11-25 19:06:33 +05:00
imfozilbek
0b1cc5a79a feat: add secret detection with Secretlint (v0.8.0) 
Add critical security feature to detect 350+ types of hardcoded secrets
using industry-standard Secretlint library.

Features:
- Detect AWS keys, GitHub tokens, NPM tokens, SSH keys, API keys, etc.
- All secrets marked as CRITICAL severity
- Context-aware remediation suggestions per secret type
- New SecretDetector using @secretlint/node
- New SecretViolation value object (100% test coverage)
- CLI output with "🔐 Secrets" section
- Async pipeline support for secret detection

Tests:
- Added 47 new tests (566 total, 100% pass rate)
- Coverage: 93.3% statements, 83.74% branches
- SecretViolation: 23 tests, 100% coverage
- SecretDetector: 24 tests

Dependencies:
- @secretlint/node: 11.2.5
- @secretlint/core: 11.2.5
- @secretlint/types: 11.2.5
- @secretlint/secretlint-rule-preset-recommend: 11.2.5
 2025-11-25 18:27:27 +05:00
imfozilbek
8d400c9517 refactor: extract detector logic into focused strategy classes 
Refactored three largest detectors to improve maintainability and reduce complexity:

- AggregateBoundaryDetector: 381 → 162 lines (57% reduction)
- HardcodeDetector: 459 → 89 lines (81% reduction)
- RepositoryPatternDetector: 479 → 106 lines (78% reduction)

Added 13 new strategy classes:
- FolderRegistry - centralized DDD folder name management
- AggregatePathAnalyzer - path parsing and aggregate extraction
- ImportValidator - import validation logic
- BraceTracker - brace and bracket counting
- ConstantsFileChecker - constants file detection
- ExportConstantAnalyzer - export const analysis
- MagicNumberMatcher - magic number detection
- MagicStringMatcher - magic string detection
- OrmTypeMatcher - ORM type matching
- MethodNameValidator - repository method validation
- RepositoryFileAnalyzer - file role detection
- RepositoryViolationDetector - violation detection logic

All 519 tests passing, zero ESLint errors, no breaking changes.
 2025-11-25 17:41:32 +05:00
imfozilbek
9fb9beb311 docs: mark v0.7.8 as published to npm 2025-11-25 17:23:54 +05:00
imfozilbek
5a43fbf116 test: add comprehensive E2E test suite for v0.7.8 
- Add 62 new E2E tests (21 + 22 + 19)
- AnalyzeProject.e2e.test.ts: full pipeline testing
- CLI.e2e.test.ts: CLI smoke tests with process spawning
- JSONOutput.e2e.test.ts: JSON structure validation
- 100% test pass rate achieved (519/519 tests)
- Update ROADMAP.md and CHANGELOG.md
- Bump version to 0.7.8
 2025-11-25 17:20:56 +05:00
imfozilbek
669e764718 docs: mark v0.7.7 as published to npm 2025-11-25 16:52:00 +05:00
imfozilbek
0b9b8564bf test: improve test coverage for domain files from 46-58% to 92-100% 
- Add 31 tests for SourceFile.ts (46% → 100%)
- Add 31 tests for ProjectPath.ts (50% → 100%)
- Add 18 tests for ValueObject.ts (25% → 100%)
- Add 32 tests for RepositoryViolation.ts (58% → 92.68%)
- Total test count: 345 → 457 tests (all passing)
- Overall coverage: 95.4% statements, 86.25% branches, 96.68% functions
- Update version to 0.7.7
- Update ROADMAP.md and CHANGELOG.md
 2025-11-25 16:50:00 +05:00
imfozilbek
0da25d9046 docs: mark v0.7.6 as published to npm 2025-11-25 16:31:23 +05:00
imfozilbek
7fea9a8fdb refactor: split CLI module into focused formatters and groupers 
- Created cli/groupers/ViolationGrouper.ts for severity filtering
- Created cli/formatters/OutputFormatter.ts for violation formatting
- Created cli/formatters/StatisticsFormatter.ts for metrics display
- Reduced cli/index.ts from 484 to 260 lines (46% reduction)
- All 345 tests pass, CLI output identical to before
- No breaking changes
 2025-11-25 16:30:04 +05:00
imfozilbek
b5f54fc3f8 docs: mark v0.7.5 as released in ROADMAP 2025-11-25 16:09:17 +05:00
imfozilbek
8a2c6fdc0e refactor: split AnalyzeProject into pipeline components 
Split 615-line God Use-Case into focused pipeline components:
- FileCollectionStep.ts (66 lines) - file scanning and basic parsing
- ParsingStep.ts (51 lines) - AST parsing and dependency graph
- DetectionPipeline.ts (371 lines) - all 7 detectors
- ResultAggregator.ts (81 lines) - response DTO builder

Reduced AnalyzeProject.ts from 615 to 245 lines (60% reduction).

All 345 tests pass, no breaking changes.
Improved separation of concerns and testability.

Closes #0.7.5 roadmap task.
 2025-11-25 16:07:20 +05:00
imfozilbek
2479bde9a8 docs: update CHANGELOG for v0.7.5-beta.1 2025-11-25 15:50:30 +05:00
imfozilbek
f6bb65f2f1 chore: bump version to 0.7.5-beta.1 2025-11-25 15:48:31 +05:00
imfozilbek
8916ce9eab feat(cli): add AI Agent Instructions to --help output 
Add dedicated section in help for AI coding assistants with:
- Step-by-step workflow (scan → fix → verify → expand)
- Recommended commands for each step
- Output format description for parsing
- Priority order guidance (CRITICAL → HIGH → MEDIUM → LOW)

This helps AI agents (Claude, Copilot, Cursor) immediately
understand how to use Guardian and take action.
 2025-11-25 15:48:03 +05:00
imfozilbek
24f54d4b57 docs: add hardening releases v0.7.5-v0.7.9 to ROADMAP 
Plan internal improvements before v0.8.0:
- v0.7.5: Refactor AnalyzeProject use-case (614 -> ~100 lines)
- v0.7.6: Refactor CLI module (470 -> ~100 lines)
- v0.7.7: Improve test coverage for domain files
- v0.7.8: Add E2E tests for pipeline and CLI
- v0.7.9: Refactor large detectors (optional)

Each release scoped to fit single session (~128K tokens).
 2025-11-25 15:42:12 +05:00
imfozilbek
d038f90bd2 docs: add SecretDetector feature to ROADMAP v0.8.0 
- Add comprehensive SecretDetector feature specification for v0.8.0
- Shift all future roadmap versions by +1 (0.8.0→0.9.0, 0.9.0→0.10.0, etc.)
- Document Secretlint integration approach
- Specify 350+ secret patterns detection (AWS, GitHub, NPM, SSH, GCP, Slack)
- Define architecture with ISecretDetector interface and SecretViolation value object
- Highlight separation from HardcodeDetector (two focused detectors)
- Target: Q1 2025, Priority: CRITICAL
 2025-11-25 15:18:27 +05:00
imfozilbek
e79874e420 chore: bump version to 0.7.4 2025-11-25 13:27:38 +05:00
imfozilbek
1663d191ee docs: update CHANGELOG for v0.7.4 2025-11-25 12:16:17 +05:00
imfozilbek
7b4cb60f13 feat: reduce false positives in hardcode detector by 35% 
Add TypeScript-aware filtering to HardcodeDetector to ignore legitimate
language constructs that are not actually hardcoded values.

Changes:
- Add detection and filtering of TypeScript type contexts:
  * Union types (type Status = 'active' | 'inactive')
  * Interface property types (interface { mode: 'development' })
  * Type assertions (as 'read' | 'write')
  * typeof checks (typeof x === 'string')
- Add Symbol() call detection for DI container tokens
- Add import() dynamic import detection
- Extend constants file patterns to include tokens.ts/tokens.js
- Add 13 new tests covering TypeScript type context filtering

Impact:
- Tested on real project (puaro/core): 985 → 633 issues (35.7% reduction)
- All 345 tests pass
- Zero new linting errors
 2025-11-25 12:12:36 +05:00
imfozilbek
33d763c41b fix: allow internal bounded context imports in aggregate detection (v0.7.3) 2025-11-25 00:54:03 +05:00
imfozilbek
3cd97c6197 fix: add errors/exceptions folders to DDD non-aggregate list (v0.7.2) 2025-11-25 00:43:41 +05:00
imfozilbek
8dd445995d fix: eliminate magic strings and fix aggregate boundary detection 
- Extract DDD folder names and repository method suggestions to constants
- Fix regex pattern to support relative paths (domain/... without leading /)
- Add non-aggregate folder exclusions (constants, shared, factories, etc.)
- Remove findAll, exists, count from ORM_QUERY_METHODS (valid domain methods)
- Add exists, count, countBy patterns to domainMethodPatterns
- Add aggregate boundary test examples
 2025-11-25 00:29:02 +05:00
imfozilbek
c75738ba51 feat: add aggregate boundary validation (v0.7.0) 
Implement DDD aggregate boundary validation to detect and prevent direct
entity references across aggregate boundaries.

Features:
- Detect direct entity imports between aggregates
- Allow only ID or Value Object references
- Support multiple folder structures (domain/aggregates/*, domain/*, domain/entities/*)
- Filter allowed imports (value-objects, events, repositories, services)
- Critical severity level for violations
- 41 comprehensive tests with 92.55% coverage
- CLI output with detailed suggestions
- Examples of good and bad patterns

Breaking changes: None
Backwards compatible: Yes
 2025-11-24 23:54:16 +05:00
imfozilbek
83b5dccee4 fix: improve repository method name suggestions and patterns 
- Add smart context-aware suggestions for repository method names
  - queryUsers() → search, findBy[Property]
  - selectById() → findBy[Property], get[Entity]
  - insertUser() → create, add[Entity], store[Entity]
  - And more intelligent pattern matching

- Expand domain method patterns support
  - find*() methods (findNodes, findNodeById, findSimilar)
  - saveAll() batch operations
  - deleteBy*() methods (deleteByPath, deleteById)
  - deleteAll() clear operations
  - add*() methods (addRelationship, addItem)
  - initializeCollection() initialization

- Remove findAll from ORM blacklist (valid domain method)

- Reduce complexity in suggestDomainMethodName (22 → 9)

Version 0.6.4
 2025-11-24 23:49:49 +05:00