# Changelog All notable changes to @samiyev/guardian will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html). ## [0.7.4] - 2025-11-25 ### Fixed - πŸ› **TypeScript-aware hardcode detection** - dramatically reduces false positives by 35.7%: - Ignore strings in TypeScript union types (`type Status = 'active' | 'inactive'`) - Ignore strings in interface property types (`interface { mode: 'development' | 'production' }`) - Ignore strings in type assertions (`as 'read' | 'write'`) - Ignore strings in typeof checks (`typeof x === 'string'`) - Ignore strings in Symbol() calls for DI tokens (`Symbol('LOGGER')`) - Ignore strings in dynamic import() calls (`import('../../module.js')`) - Exclude tokens.ts/tokens.js files completely (DI container files) - Tested on real-world TypeScript project: 985 β†’ 633 issues (352 false positives eliminated) - βœ… **Added 13 new tests** for TypeScript type context filtering ## [0.7.3] - 2025-11-25 ### Fixed - πŸ› **False positive: repository importing its own aggregate:** - Added `isInternalBoundedContextImport()` method to detect internal imports - Imports like `../aggregates/Entity` from `repositories/Repo` are now allowed - This correctly allows `ICodeProjectRepository` to import `CodeProject` from the same bounded context - Cross-aggregate imports (with multiple `../..`) are still detected as violations ## [0.7.2] - 2025-11-25 ### Fixed - πŸ› **False positive: `errors` folder detected as aggregate:** - Added `errors` and `exceptions` to `DDD_FOLDER_NAMES` constants - Added to `nonAggregateFolderNames` β€” these folders are no longer detected as aggregates - Added to `allowedFolderNames` β€” imports from `errors`/`exceptions` folders are allowed across aggregates - Fixes issue where `domain/code-analysis/errors/` was incorrectly identified as a separate aggregate named "errors" ## [0.7.1] - 2025-11-25 ### Fixed - πŸ› **Aggregate Boundary Detection for relative paths:** - Fixed regex pattern to support paths starting with `domain/` (without leading `/`) - Now correctly detects violations in projects scanned from parent directories - πŸ› **Reduced false positives in Repository Pattern detection:** - Removed `findAll`, `exists`, `count` from ORM technical methods blacklist - These are now correctly recognized as valid domain method names - Added `exists`, `count`, `countBy[A-Z]` to domain method patterns - πŸ› **Non-aggregate folder exclusions:** - Added exclusions for standard DDD folders: `constants`, `shared`, `factories`, `ports`, `interfaces` - Prevents false positives when domain layer has shared utilities ### Changed - ♻️ **Extracted magic strings to constants:** - DDD folder names (`entities`, `aggregates`, `value-objects`, etc.) moved to `DDD_FOLDER_NAMES` - Repository method suggestions moved to `REPOSITORY_METHOD_SUGGESTIONS` - Fallback suggestions moved to `REPOSITORY_FALLBACK_SUGGESTIONS` ### Added - πŸ“ **Aggregate boundary test examples:** - Added `examples/aggregate-boundary/domain/` with Order, User, Product aggregates - Demonstrates cross-aggregate entity reference violations ## [0.7.0] - 2025-11-25 ### Added **πŸ”’ Aggregate Boundary Validation** New DDD feature to enforce aggregate boundaries and prevent tight coupling between aggregates. - βœ… **Aggregate Boundary Detector:** - Detects direct entity references across aggregate boundaries - Validates that aggregates reference each other only by ID or Value Objects - Supports multiple folder structure patterns: - `domain/aggregates/order/Order.ts` - `domain/order/Order.ts` - `domain/entities/order/Order.ts` - βœ… **Smart Import Analysis:** - Parses ES6 imports and CommonJS require statements - Identifies entity imports from other aggregates - Allows imports from value-objects, events, services, specifications folders - βœ… **Actionable Suggestions:** - Reference by ID instead of entity - Use Value Objects to store needed data from other aggregates - Maintain aggregate independence - βœ… **CLI Integration:** - `--architecture` flag includes aggregate boundary checks - CRITICAL severity for violations - Detailed violation messages with file:line references - βœ… **Test Coverage:** - 41 new tests for aggregate boundary detection - 333 total tests passing (100% pass rate) - Examples in `examples/aggregate-boundary/` ### Technical - New `AggregateBoundaryDetector` in infrastructure layer - New `AggregateBoundaryViolation` value object in domain layer - New `IAggregateBoundaryDetector` interface for dependency inversion - Integrated into `AnalyzeProject` use case ## [0.6.4] - 2025-11-24 ### Added **🎯 Smart Context-Aware Suggestions for Repository Method Names** Guardian now provides intelligent, context-specific suggestions when it detects non-domain method names in repositories. - βœ… **Intelligent method name analysis:** - `queryUsers()` β†’ Suggests: `search`, `findBy[Property]` - `selectById()` β†’ Suggests: `findBy[Property]`, `get[Entity]` - `insertUser()` β†’ Suggests: `create`, `add[Entity]`, `store[Entity]` - `updateRecord()` β†’ Suggests: `update`, `modify[Entity]` - `upsertUser()` β†’ Suggests: `save`, `store[Entity]` - `removeUser()` β†’ Suggests: `delete`, `removeBy[Property]` - `fetchUserData()` β†’ Suggests: `findBy[Property]`, `get[Entity]` - And more technical patterns detected automatically! - 🎯 **Impact:** - Developers get actionable, relevant suggestions instead of generic examples - Faster refactoring with specific naming alternatives - Better learning experience for developers new to DDD ### Fixed - βœ… **Expanded domain method patterns support:** - `find*()` methods - e.g., `findNodes()`, `findNodeById()`, `findSimilar()` - `saveAll()` - batch save operations - `deleteBy*()` methods - e.g., `deleteByPath()`, `deleteById()` - `deleteAll()` - clear all entities - `add*()` methods - e.g., `addRelationship()`, `addItem()` - `initializeCollection()` - collection initialization - πŸ› **Removed `findAll` from technical methods blacklist:** - `findAll()` is now correctly recognized as a standard domain method - Reduced false positives for repositories using this common pattern ### Technical - Added `suggestDomainMethodName()` method in `RepositoryPatternDetector.ts` with keyword-based suggestion mapping - Updated `getNonDomainMethodSuggestion()` in `RepositoryViolation.ts` to extract and use smart suggestions - Refactored suggestion logic to reduce cyclomatic complexity (22 β†’ 9) - Enhanced `domainMethodPatterns` with 9 additional patterns - All 333 tests passing ## [0.6.3] - 2025-11-24 ### Fixed **πŸ› Repository Pattern Detection - Reduced False Positives** Fixed overly strict repository method name validation that was flagging valid DDD patterns as violations. - βœ… **Added support for common DDD repository patterns:** - `has*()` methods - e.g., `hasProject()`, `hasPermission()` - `is*()` methods - e.g., `isCached()`, `isActive()` - `exists*()` methods - e.g., `existsById()`, `existsByEmail()` - `clear*()` methods - e.g., `clearCache()`, `clearAll()` - `store*()` methods - e.g., `storeMetadata()`, `storeFile()` - Lifecycle methods: `initialize()`, `close()`, `connect()`, `disconnect()` - 🎯 **Impact:** - Reduced false positives in real-world DDD projects - Better alignment with Domain-Driven Design best practices - More practical for cache repositories, connection management, and business queries - πŸ“š **Why these patterns are valid:** - Martin Fowler's Repository Pattern allows domain-specific query methods - DDD recommends using ubiquitous language in method names - Lifecycle methods are standard for resource management in repositories ### Technical - Updated `domainMethodPatterns` in `RepositoryPatternDetector.ts` with 11 additional valid patterns - All existing functionality remains unchanged ## [0.6.2] - 2025-11-24 ### Added **πŸ“š Research-Backed Documentation** Guardian's detection rules are now backed by scientific research and industry standards! - βœ… **New Documentation** - `docs/WHY.md` - User-friendly explanations for each rule with authoritative sources - `docs/RESEARCH_CITATIONS.md` - Complete academic and industry references (551 lines) - Organized by detection type with quick navigation - βœ… **Micro-Citations in README** - Each feature now includes one-line citation with "Why?" link - Examples: "Based on MIT 6.031, SonarQube RSPEC-109" - Non-intrusive, opt-in for users who want to learn more - βœ… **CLI Help Enhancement** - Added "BACKED BY RESEARCH" section to `--help` output - Mentions MIT, Martin Fowler, Robert C. Martin, industry standards - Link to full documentation ### Changed - **Documentation Structure**: Moved `RESEARCH_CITATIONS.md` to `docs/` directory for better organization - **All internal links updated** to reflect new documentation structure ### Backed By Our rules are supported by: - πŸŽ“ **Academia**: MIT Course 6.031, ScienceDirect peer-reviewed studies - πŸ“š **Books**: Clean Architecture (Martin 2017), DDD (Evans 2003), Enterprise Patterns (Fowler 2002) - 🏒 **Industry**: Google, Microsoft, Airbnb style guides, SonarQube standards - πŸ‘¨β€πŸ« **Experts**: Martin Fowler, Robert C. Martin, Eric Evans, Alistair Cockburn ## [0.6.1] - 2025-11-24 ### Improved **πŸ“– Enhanced CLI Help System** Guardian's `--help` command is now comprehensive and AI-agent-friendly! - βœ… **Detailed Main Help** - Complete detector descriptions with quick fix instructions - Severity level explanations (CRITICAL β†’ LOW) - Step-by-step workflow guide for fixing violations - 7 practical usage examples - "HOW TO FIX COMMON ISSUES" reference section - βœ… **Better Organization** - Clear DETECTS section with all 8 violation types - Each detector includes β†’ what to do to fix it - Severity system with priority guidance - Examples cover all major use cases - βœ… **AI Agent Ready** - Help output provides complete context for autonomous agents - Actionable instructions for each violation type - Clear workflow: run β†’ review β†’ fix β†’ verify ### Fixed - **Code Quality**: Extracted all hardcoded strings from help text to constants - Moved 17 magic strings to `CLI_HELP_TEXT` constant - Improved maintainability and i18n readiness - Follows Clean Code principles (Single Source of Truth) ### Technical - All CLI help strings now use `CLI_HELP_TEXT` from constants - Zero hardcode violations in Guardian's own codebase - Passes all quality checks (format, lint, build, self-check) ## [0.6.0] - 2025-11-24 ### Added **🎯 Output Limit Control** Guardian now supports limiting detailed violation output for large codebases! - βœ… **--limit Option** - Limit detailed violation output per category: `guardian check src --limit 10` - Short form: `-l ` - Works with severity filters: `guardian check src --only-critical --limit 5` - Shows warning when violations exceed limit - Full statistics always displayed **πŸ“‹ Severity Display Constants** - Extracted severity labels and headers to reusable constants - Improved CLI maintainability and consistency - `SEVERITY_DISPLAY_LABELS` and `SEVERITY_SECTION_HEADERS` **πŸ“š Complete Development Workflow** - Added comprehensive workflow documentation to CLAUDE.md - 6-phase development process (Planning β†’ Quality β†’ Documentation β†’ Verification β†’ Commit β†’ Publication) - Quick checklists for new features - Common workflows and debugging tips ### Changed - **ESLint Configuration**: Optimized with CLI-specific overrides, reduced warnings from 129 to 0 - **Documentation**: Updated README with all 8 detector types and latest statistics - **TODO**: Added technical debt tracking for low-coverage files ### Fixed - Removed unused `SEVERITY_LEVELS` import from AnalyzeProject.ts - Fixed unused `fileName` variable in HardcodeDetector.ts - Replaced `||` with `??` for nullish coalescing ### Removed - Deleted unused `IBaseRepository` interface (dead code) - Fixed repository pattern violations detected by Guardian on itself ### Technical Details - All 292 tests passing (100% pass rate) - Coverage: 90.63% statements, 82.19% branches, 83.51% functions - ESLint: 0 errors, 0 warnings - Guardian self-check: βœ… No issues found - No breaking changes - fully backwards compatible ## [0.5.2] - 2025-11-24 ### Added **🎯 Severity-Based Prioritization** Guardian now intelligently prioritizes violations by severity, helping teams focus on critical issues first! - βœ… **Severity Levels** - πŸ”΄ **CRITICAL**: Circular dependencies, Repository pattern violations - 🟠 **HIGH**: Dependency direction violations, Framework leaks, Entity exposures - 🟑 **MEDIUM**: Naming violations, Architecture violations - 🟒 **LOW**: Hardcoded values - βœ… **Automatic Sorting** - All violations automatically sorted by severity (most critical first) - Applied in AnalyzeProject use case before returning results - Consistent ordering across all detection types - βœ… **CLI Filtering Options** - `--min-severity ` - Show only violations at specified level and above - `--only-critical` - Quick filter for critical issues only - Examples: - `guardian check src --only-critical` - `guardian check src --min-severity high` - βœ… **Enhanced CLI Output** - Color-coded severity labels (πŸ”΄πŸŸ πŸŸ‘πŸŸ’) - Visual severity group headers with separators - Severity displayed for each violation - Clear filtering messages when filters active ### Changed - Updated all violation interfaces to include `severity: SeverityLevel` field - Improved CLI presentation with grouped severity display - Enhanced developer experience with visual prioritization ### Technical Details - All 292 tests passing (100% pass rate) - Coverage: 90.63% statements, 82.19% branches, 83.51% functions - No breaking changes - fully backwards compatible - Clean Architecture principles maintained --- ## [0.5.1] - 2025-11-24 ### Changed **🧹 Code Quality Refactoring** Major internal refactoring to eliminate hardcoded values and improve maintainability - Guardian now fully passes its own quality checks! - βœ… **Extracted Constants** - All RepositoryViolation messages moved to domain constants (Messages.ts) - All framework leak template strings centralized - All layer paths moved to infrastructure constants (paths.ts) - All regex patterns extracted to IMPORT_PATTERNS constant - 30+ new constants added for better maintainability - βœ… **New Constants Files** - `src/infrastructure/constants/paths.ts` - Layer paths, CLI paths, import patterns - Extended `src/domain/constants/Messages.ts` - 25+ repository pattern messages - Extended `src/shared/constants/rules.ts` - Package placeholder constant - βœ… **Self-Validation Achievement** - Reduced hardcoded values from 37 to 1 (97% improvement) - Guardian now passes its own `src/` directory checks with 0 violations - Only acceptable hardcode remaining: bin/guardian.js entry point path - All 292 tests still passing (100% pass rate) - βœ… **Improved Code Organization** - Better separation of concerns - More maintainable codebase - Easier to extend with new features - Follows DRY principle throughout ### Technical Details - No breaking changes - fully backwards compatible - All functionality preserved - Test suite: 292 tests passing - Coverage: 96.77% statements, 83.82% branches --- ## [0.5.0] - 2025-11-24 ### Added **πŸ“š Repository Pattern Validation** Validate proper implementation of the Repository Pattern to ensure domain remains decoupled from infrastructure. - βœ… **ORM Type Detection in Interfaces** - Detects ORM-specific types (Prisma, TypeORM, Mongoose) in domain repository interfaces - Ensures repository interfaces remain persistence-agnostic - Supports detection of 25+ ORM type patterns - Provides fix suggestions with clean domain examples - βœ… **Concrete Repository Usage Detection** - Identifies use cases depending on concrete repository implementations - Enforces Dependency Inversion Principle - Validates constructor and field dependency types - Suggests using repository interfaces instead - βœ… **Repository Instantiation Detection** - Detects `new Repository()` in use cases - Enforces Dependency Injection pattern - Identifies hidden dependencies - Provides DI container setup guidance - βœ… **Domain Language Validation** - Checks repository methods use domain terminology - Rejects technical database terms (findOne, insert, query, execute) - Promotes ubiquitous language across codebase - Suggests business-oriented method names - βœ… **Smart Violation Reporting** - RepositoryViolation value object with detailed context - Four violation types: ORM types, concrete repos, new instances, technical names - Provides actionable fix suggestions - Shows before/after code examples - βœ… **Comprehensive Test Coverage** - 31 new tests for repository pattern detection - 292 total tests passing (100% pass rate) - Integration tests for multiple violation types - 96.77% statement coverage, 83.82% branch coverage - βœ… **Documentation & Examples** - 6 example files (3 bad patterns, 3 good patterns) - Comprehensive README with patterns and principles - Examples for ORM types, concrete repos, DI, and domain language - Demonstrates Clean Architecture and SOLID principles ### Changed - Updated test count: 261 β†’ 292 tests - Added REPOSITORY_PATTERN rule to constants - Extended AnalyzeProject use case with repository pattern detection - Added REPOSITORY_VIOLATION_TYPES constant with 4 violation types - ROADMAP updated with completed repository pattern validation (v0.5.0) --- ## [0.4.0] - 2025-11-24 ### Added **πŸ”€ Dependency Direction Enforcement** Enforce Clean Architecture dependency rules to prevent architectural violations across layers. - βœ… **Dependency Direction Detector** - Validates that dependencies flow in the correct direction - Domain layer can only import from Domain and Shared - Application layer can only import from Domain, Application, and Shared - Infrastructure layer can import from all layers - Shared layer can be imported by all layers - βœ… **Smart Violation Reporting** - DependencyViolation value object with detailed context - Provides fix suggestions with concrete examples - Shows both violating import and suggested layer placement - CLI output with severity indicators - βœ… **Comprehensive Test Coverage** - 43 new tests for dependency direction detection - 100% test pass rate (261 total tests) - Examples for both good and bad architecture patterns - βœ… **Documentation & Examples** - Good architecture examples for all layers - Bad architecture examples showing common violations - Demonstrates proper layer separation ### Changed - Updated test count: 218 β†’ 261 tests - Optimized extractLayerFromImport method to reduce complexity - Updated getExampleFix to avoid false positives - ROADMAP updated with completed dependency direction feature --- ## [0.3.0] - 2025-11-24 ### Added **🚫 Entity Exposure Detection** Prevent domain entities from leaking to API responses, enforcing proper DTO usage at boundaries. - βœ… **Entity Exposure Detector** - Detects when controllers/routes return domain entities instead of DTOs - Scans infrastructure layer (controllers, routes, handlers, resolvers, gateways) - Identifies PascalCase entities without Dto/Request/Response suffixes - Parses async methods with Promise return types - βœ… **Smart Remediation Suggestions** - EntityExposure value object with step-by-step fix guidance - Suggests creating DTOs with proper naming - Provides mapper implementation examples - Shows how to separate domain from presentation concerns - βœ… **Comprehensive Test Coverage** - 24 new tests for entity exposure detection (98% coverage) - EntityExposureDetector: 98.07% coverage - Overall project: 90.6% statements, 83.97% branches - βœ… **Documentation & Examples** - BadUserController and BadOrderController examples - GoodUserController showing proper DTO usage - Integration with CLI for helpful output ### Changed - Updated test count: 194 β†’ 218 tests - Added entity exposure to violation pipeline - ROADMAP updated with completed entity exposure feature --- ## [0.2.0] - 2025-11-24 ### Added **πŸ”Œ Framework Leak Detection** Major new feature to detect framework-specific imports in domain layer, ensuring Clean Architecture compliance. - βœ… **Framework Leak Detector** - Detects 250+ framework patterns across 12 categories - HTTP frameworks: Express, Fastify, Koa, Hapi, NestJS, etc. - ORMs/Databases: Prisma, TypeORM, Sequelize, Mongoose, Drizzle, etc. - Loggers: Winston, Pino, Bunyan, Log4js, etc. - Caches: Redis, IORedis, Memcached, etc. - Message Queues: Bull, BullMQ, KafkaJS, RabbitMQ, etc. - And 7 more categories (HTTP clients, validation, DI, email, storage, testing, templates) - βœ… **Smart Violation Reporting** - Framework type categorization - Detailed suggestions for proper abstraction - CLI output with severity indicators - Integration with existing violation pipeline - βœ… **Comprehensive Test Coverage** - 35 new tests for framework leak detection - 100% coverage of detection logic - Examples for all major framework types - βœ… **Documentation & Examples** - New bad architecture examples showing framework leaks - Updated README with framework leak detection section - Integration guides for preventing framework coupling ### Changed - Updated test count: 159 β†’ 194 tests across 7 files - Updated examples: 36 β†’ 38 files (29 good + 9 bad) - CLI now reports 5 types of violations (added framework leaks) --- ## [0.1.0] - 2025-11-24 ### Added **πŸŽ‰ Initial Release of @samiyev/guardian** Code quality guardian for vibe coders and enterprise teams - your AI coding companion that keeps code clean while you move fast. #### Core Features - ✨ **Hardcode Detection** - Detects magic numbers (timeouts, ports, limits, retries, delays) - Detects magic strings (URLs, connection strings, API endpoints, error messages) - Smart context analysis to reduce false positives - Automatic constant name suggestions based on context - Location suggestions for extracted constants (domain/shared/infrastructure) - Ignores allowed numbers: -1, 0, 1, 2, 10, 100, 1000 - Ignores console.log, imports, tests, and exported constants - πŸ”„ **Circular Dependency Detection** - Detects import cycles in codebase (A β†’ B β†’ A, A β†’ B β†’ C β†’ A, etc.) - Shows complete dependency chain for each cycle - CLI output with detailed cycle path and severity - Supports detection of multiple independent cycles - Handles complex graphs with both cyclic and acyclic parts - πŸ“ **Naming Convention Enforcement** - Layer-based naming rules for Clean Architecture - **Domain Layer:** - Entities: PascalCase nouns (User.ts, Order.ts) - Services: *Service suffix (UserService.ts) - Repository interfaces: I*Repository prefix (IUserRepository.ts) - Forbidden patterns: Dto, Controller, Request, Response - **Application Layer:** - Use cases: Verb + Noun in PascalCase (CreateUser.ts, UpdateProfile.ts) - DTOs: *Dto, *Request, *Response suffixes - Mappers: *Mapper suffix - **Infrastructure Layer:** - Controllers: *Controller suffix - Repository implementations: *Repository suffix - Services: *Service or *Adapter suffixes - Smart exclusion system for base classes - Support for 26 standard use case verbs - πŸ—οΈ **Architecture Violations** - Clean Architecture layer validation - Dependency rules enforcement: - Domain β†’ can only import Shared - Application β†’ can import Domain, Shared - Infrastructure β†’ can import Domain, Application, Shared - Shared β†’ cannot import anything - Layer detection from file paths - Import statement analysis - πŸ”Œ **Framework Leak Detection** - Detects framework-specific imports in domain layer - Identifies coupling between domain and infrastructure concerns - Checks for HTTP framework leaks (Express, Fastify, Koa, Hapi, NestJS) - Checks for ORM/Database leaks (Prisma, TypeORM, Sequelize, Mongoose, Drizzle) - Checks for external service leaks (AWS SDK, Firebase, Stripe, Twilio) - Reports violations with framework type and suggested fixes - Helps maintain clean domain boundaries #### CLI Interface - πŸ› οΈ **Command-line tool** (`guardian` command) - `guardian check ` - analyze project - `--exclude ` - exclude directories - `--verbose` - detailed output - `--no-hardcode` - skip hardcode detection - `--no-architecture` - skip architecture checks - `--version` - show version - `--help` - show help #### Reporting & Metrics - πŸ“Š **Comprehensive metrics** - Total files analyzed - Total functions count - Total imports count - Layer distribution statistics (domain/application/infrastructure/shared) - Detailed violation reports with file:line:column - Context snippets for each violation - Smart suggestions for fixing issues #### Developer Experience - πŸ€– **Built for AI-Assisted Development** - Perfect companion for GitHub Copilot, Cursor, Windsurf, Claude, ChatGPT, Cline - Catches common AI code smells (hardcoded values, architecture violations) - Educational error messages with fix suggestions - Designed for vibe coding workflow: AI writes β†’ Guardian reviews β†’ AI fixes β†’ Ship - 🏒 **Enterprise-Ready** - Enforce architectural standards at scale - CI/CD integration ready - JSON/Markdown output for automation - Security: catch hardcoded secrets before production - Metrics export for dashboards #### Examples & Documentation - πŸ“š **Comprehensive examples** (38 files) - **Good Architecture** (29 files): Complete DDD/Clean Architecture patterns - Domain: Aggregates, Entities, Value Objects, Events, Services, Factories, Specifications - Application: Use Cases, DTOs, Mappers - Infrastructure: Repositories, Controllers - **Bad Architecture** (9 files): Anti-patterns to avoid - Hardcoded values, Circular dependencies, Framework leaks, Entity exposure, Naming violations - All examples fully documented with explanations - Can be used as templates for new projects #### Testing & Quality - βœ… **Comprehensive test suite** - 194 tests across 7 test files - All tests passing - 80%+ code coverage on all metrics - Test fixtures for various scenarios - Integration and unit tests - 🧹 **Self-analyzing** - Guardian passes its own checks with **0 violations** - All constants extracted (no hardcoded values) - Follows Clean Architecture - No circular dependencies - Proper naming conventions #### Technical Details **Architecture:** - Built with Clean Architecture principles - Domain-Driven Design (DDD) patterns - Layered architecture (Domain, Application, Infrastructure, Shared) - TypeScript with strict type checking - Tree-sitter based AST parsing **Dependencies:** - commander ^12.1.0 - CLI framework - simple-git ^3.30.0 - Git operations - tree-sitter ^0.21.1 - Abstract syntax tree parsing - tree-sitter-javascript ^0.23.0 - JavaScript parser - tree-sitter-typescript ^0.23.0 - TypeScript parser - uuid ^13.0.0 - UUID generation **Development:** - TypeScript 5.7.3 - Vitest 4.0.10 for testing - Node.js >= 18.0.0 required - CommonJS output with full TypeScript declarations - Source maps included **Package:** - Size: ~58 KB compressed - Unpacked: ~239 KB - 172 files included - Public npm package (`@samiyev/guardian`) - CLI binary: `guardian` ### Documentation - πŸ“– **Comprehensive README** (25KB+) - Quick start for vibe coders (30-second setup) - Enterprise integration guides (CI/CD, pre-commit, metrics) - Real-world examples and workflows - API documentation - FAQ for both vibe coders and enterprise teams - Success stories and use cases - πŸ—ΊοΈ **Roadmap** - Future features and improvements - πŸ“‹ **Contributing guidelines** - πŸ“ **TODO list** - Technical debt tracking - πŸ“„ **MIT License** ### Notes - First public release on npm - Production-ready for both individual developers and enterprise teams - Perfect for AI-assisted development workflows - Enforces Clean Architecture at scale - Zero violations in own codebase (self-tested) --- ## Future Releases Planned features for upcoming versions: - Configuration file support (.guardianrc) - Custom rule definitions - Plugin system - Multi-language support - Watch mode - Auto-fix capabilities - Git integration (check only changed files) - Performance optimizations See [ROADMAP.md](./ROADMAP.md) for detailed feature roadmap. --- ## Version Guidelines ### Semantic Versioning **MAJOR.MINOR.PATCH** (e.g., 1.2.3) - **MAJOR** - Incompatible API changes - **MINOR** - New features, backwards compatible - **PATCH** - Bug fixes, backwards compatible ### Release Checklist Before releasing a new version: - [ ] Update CHANGELOG.md with all changes - [ ] Update version in package.json - [ ] Run `pnpm test` - all tests pass - [ ] Run `pnpm build` - clean build - [ ] Run `pnpm test:coverage` - coverage >= 80% - [ ] Update ROADMAP.md if needed - [ ] Update README.md if API changed - [ ] Create git tag: `git tag v0.1.0` - [ ] Push to GitHub: `git push origin main --tags` - [ ] Publish to npm: `npm publish` --- **Links:** - [Official Website](https://puaros.ailabs.uz) - [GitHub Repository](https://github.com/samiyev/puaros) - [npm Package](https://www.npmjs.com/package/@samiyev/guardian) - [Documentation](https://github.com/samiyev/puaros/packages/guardian#readme) - [Roadmap](./ROADMAP.md) - [Issues](https://github.com/samiyev/puaros/issues)