Implement entity exposure detection to prevent domain entities
from leaking to API responses. Detects when controllers/routes
return domain entities instead of DTOs.
Features:
- EntityExposure value object with detailed suggestions
- IEntityExposureDetector interface in domain layer
- EntityExposureDetector implementation in infrastructure
- Integration into AnalyzeProject use case
- CLI display with helpful suggestions
- 24 comprehensive unit tests (98% coverage)
- Examples for bad and good patterns
Detection scope:
- Infrastructure layer only (controllers, routes, handlers, resolvers, gateways)
- Identifies PascalCase entities without Dto/Request/Response suffixes
- Parses async methods with Promise<T> return types
- Provides step-by-step remediation suggestions
Test coverage:
- EntityExposureDetector: 98.07%
- Overall project: 90.6% statements, 83.97% branches
- 218 tests passing
BREAKING CHANGE: Version bump to 0.3.0
- Fix indentation in DependencyGraph.ts getMetrics return type
- Add ESLint disable comment for Guards class (utility class pattern)
- Clean up formatting across analyzer files
- Add UserWithFrameworks.ts example showing framework leaks in domain
- Add examples/bad/ directory with anti-pattern demonstrations
- Demonstrate common mistakes: Prisma in domain, Express types, etc.
- Add framework leak detector to AnalyzeProject use case
- Export FrameworkLeakDetector in public API
- Add FRAMEWORK_LEAK rule constant
- Include framework leak violations in analysis response
- Add IFrameworkLeakDetector interface in domain/services
- Add FrameworkLeak value object with framework type categorization
- Implement FrameworkLeakDetector with 250+ framework patterns across 12 categories
- Add comprehensive test suite (35 tests) for framework leak detection
- Support HTTP frameworks, ORMs, loggers, caches, message queues, etc.
- Detect framework imports in domain layer and suggest proper abstractions
Add @puaros/guardian package v0.1.0 - code quality guardian for vibe coders and enterprise teams.
Features:
- Hardcode detection (magic numbers, magic strings)
- Circular dependency detection
- Naming convention enforcement (Clean Architecture)
- Architecture violation detection
- CLI tool with comprehensive reporting
- 159 tests with 80%+ coverage
- Smart suggestions for fixes
- Built for AI-assisted development
Built with Clean Architecture and DDD principles.
Works with Claude, GPT, Copilot, Cursor, and any AI coding assistant.
Install required dependencies:
- simple-git for git operations
- tree-sitter and parsers for code parsing
- uuid for ID generation
- vitest for testing
- Remove deprecated @types/ioredis
Add test structure:
- Unit tests for BaseEntity
- Unit tests for Guards utility
- Test fixtures with code samples
- Integration and unit test directories
Add infrastructure implementations:
- BaseRepository with in-memory storage
- GitService for git operations using simple-git
- CodeParser for JS/TS parsing using tree-sitter
Add domain layer components:
- BaseEntity with ID, timestamps and equality checks
- ValueObject for immutable value objects
- IRepository interface for persistence
- DomainEvent system for domain events
