learning_ai_common_plat

bytelyst/learning_ai_common_plat

Fork 0

Commit Graph

Author	SHA1	Message	Date
saravanakumardb1	14ab38e49e	feat(scripts): precision-tune rule violation scanner (hex false positives) Three precision improvements that drop total findings from 2548 to 1643 without losing real violations: 1. web-hardcoded-hex: switch from grep -oE to grep -nE so the scanner can examine each match in CONTEXT, then apply context filters: - Skip CSS custom property DEFINITIONS: '--bl-accent: #5A8CFF' - Skip var(--token, #fallback) patterns: defensive design-token fallbacks for boot-order safety, not raw hardcodes - Skip globals.css, .tokens., *Theme.{ts,tsx,swift,kt} files - Skip design-system/ and color-picker/markdown-preview tool pages 2. b5-hardcoded-product-id: scripts/ exclusion (was previously bypassed for the script case but still caught churn-alert.ts genuinely). 3. Updates baseline report. Findings by category: Before After ----- ----- web-hardcoded-hex 1370 465 (-66%) b7-emoji-in-code 465 465 b4-python-print 351 351 ts-any-type 249 249 b4-console-log 93 93 b5-hardcoded-product-id 13 13 b4-swift-print 7 7 ---- ---- Total 2548 1643 Remaining hex findings are now substantively real: - flowmonk: 114 (zone seed data: { color: '#5A8CFF' }) - fastgap: 102 (BodyCanvas organ colors, organ-data.ts) - mindlyst: 97 (mixed UI + data) - common_plat: 59 (brand colors in login page: Google #4285F4 etc.) - efforise: 39 - mac_tooling: 18 These fall into three classes which will be triaged in Phase 2: A. Brand colors (Google login etc.) - keep, document as exceptions B. Data seeds (zone colors, category colors) - migrate to design tokens C. Inline styling (color: '#fff') - replace with var(--xx-token)	2026-05-23 14:10:59 -07:00
saravanakumardb1	4967b125fd	feat(scripts): ecosystem-wide rule violation scanner + baseline report Adds scripts/check-rule-violations.sh: a marker-based, repo-agnostic scanner that audits every repo in repos.txt for violations of the canonical rules in AI.dev/SKILLS/agent-behavior-guidelines.md plus common per-repo MUST NOT rules. Rules currently scanned (7): - b4-console-log \\ console.log in non-test, non-script TS/JS - b4-swift-print \\ print() in non-test Swift - b4-python-print \\ print() in src/tools/backend-python (CLIs excluded) - ts-any-type \\ any type in non-test TS source - web-hardcoded-hex \\ #rgb / #rrggbb literals outside design-tokens - b5-hardcoded-product-id \\ literal product ID strings outside config - b7-emoji-in-code \\ decorative emojis (faces/food/etc.) in source Precision filters baked in: - Cross-product UI in common_plat dashboards exempted from product-id rule - TS literal type definitions exempted from product-id rule - JSDoc/docstring comment lines exempted from product-id rule - scripts/ directories exempted from console.log/print rules (CLIs print) - CLI entrypoint files (cli.py, __main__.py) exempted from python-print - Sandbox dirs (__LOCAL_LLMs, chat-history, __experiments) excluded - Unicode 'Miscellaneous Symbols' block (✓✗⚠★☐) NOT flagged as emoji (universally used as UI status indicators, not decorative) Bash 3.2 compatible (no associative arrays). Runs in ~13 seconds across 19 repos. Output: - reports/rule-violations-YYYY-MM-DD.md (human-readable, dated, gitignored) - reports/rule-violations-YYYY-MM-DD.json (machine-readable, dated, gitignored) - reports/rule-violations-baseline.md (this commit's snapshot, committed) Baseline (2026-05-23) totals: Total findings: 2548 across 19 repos - critical: 13 (real hardcoded product IDs in non-canonical locations) - major: 1821 (mostly hardcoded hex colors + console.log) - minor: 714 (any type, decorative emojis) By rule: web-hardcoded-hex 1370 b7-emoji-in-code 465 b4-python-print 351 ts-any-type 249 b4-console-log 93 b5-hardcoded-product-id 13 b4-swift-print 7 Repos clean (0 findings): - learning_ai_smart_auth (docs-only) - learning_ai_auth_app (small native scaffolding only) Repos with highest finding counts: - learning_ai_mac_tooling: 585 (Python backend + React dashboard) - learning_ai_common_plat: 521 (large shared platform) - learning_ai_fastgap: 409 - learning_ai_multimodal: 312 Next phase: per-repo triage and fix, processing repos in order of ascending complexity per the roadmap (see prior planning conversation). The scanner is the gating tool for that work.	2026-05-23 14:02:14 -07:00

Author

SHA1

Message

Date

saravanakumardb1

14ab38e49e

feat(scripts): precision-tune rule violation scanner (hex false positives)

Three precision improvements that drop total findings from 2548 to 1643
without losing real violations:

1. web-hardcoded-hex: switch from grep -oE to grep -nE so the scanner
   can examine each match in CONTEXT, then apply context filters:
   - Skip CSS custom property DEFINITIONS:  '--bl-accent: #5A8CFF'
   - Skip var(--token, #fallback) patterns: defensive design-token
     fallbacks for boot-order safety, not raw hardcodes
   - Skip globals.css, *.tokens.*, *Theme.{ts,tsx,swift,kt} files
   - Skip design-system/ and color-picker/markdown-preview tool pages

2. b5-hardcoded-product-id: scripts/ exclusion (was previously bypassed
   for the script case but still caught churn-alert.ts genuinely).

3. Updates baseline report. Findings by category:

   Before                              After
   -----                                -----
   web-hardcoded-hex       1370        465  (-66%)
   b7-emoji-in-code         465        465
   b4-python-print          351        351
   ts-any-type              249        249
   b4-console-log            93         93
   b5-hardcoded-product-id   13         13
   b4-swift-print             7          7
                          ----        ----
   Total                  2548       1643

Remaining hex findings are now substantively real:
  - flowmonk:  114 (zone seed data: { color: '#5A8CFF' })
  - fastgap:   102 (BodyCanvas organ colors, organ-data.ts)
  - mindlyst:   97 (mixed UI + data)
  - common_plat: 59 (brand colors in login page: Google #4285F4 etc.)
  - efforise:   39
  - mac_tooling: 18

These fall into three classes which will be triaged in Phase 2:
  A. Brand colors (Google login etc.) - keep, document as exceptions
  B. Data seeds (zone colors, category colors) - migrate to design tokens
  C. Inline styling (color: '#fff') - replace with var(--xx-token)

2026-05-23 14:10:59 -07:00

saravanakumardb1

4967b125fd

feat(scripts): ecosystem-wide rule violation scanner + baseline report

Adds scripts/check-rule-violations.sh: a marker-based, repo-agnostic
scanner that audits every repo in repos.txt for violations of the
canonical rules in AI.dev/SKILLS/agent-behavior-guidelines.md plus
common per-repo MUST NOT rules.

Rules currently scanned (7):
- b4-console-log    \\  console.log in non-test, non-script TS/JS
- b4-swift-print    \\  print() in non-test Swift
- b4-python-print   \\  print() in src/tools/backend-python (CLIs excluded)
- ts-any-type       \\  any type in non-test TS source
- web-hardcoded-hex \\  #rgb / #rrggbb literals outside design-tokens
- b5-hardcoded-product-id \\ literal product ID strings outside config
- b7-emoji-in-code  \\  decorative emojis (faces/food/etc.) in source

Precision filters baked in:
- Cross-product UI in common_plat dashboards exempted from product-id rule
- TS literal type definitions exempted from product-id rule
- JSDoc/docstring comment lines exempted from product-id rule
- scripts/ directories exempted from console.log/print rules (CLIs print)
- CLI entrypoint files (cli.py, __main__.py) exempted from python-print
- Sandbox dirs (__LOCAL_LLMs, chat-history, __experiments) excluded
- Unicode 'Miscellaneous Symbols' block (✓✗⚠★☐) NOT flagged as emoji
  (universally used as UI status indicators, not decorative)

Bash 3.2 compatible (no associative arrays). Runs in ~13 seconds across
19 repos.

Output:
- reports/rule-violations-YYYY-MM-DD.md   (human-readable, dated, gitignored)
- reports/rule-violations-YYYY-MM-DD.json (machine-readable, dated, gitignored)
- reports/rule-violations-baseline.md     (this commit's snapshot, committed)

Baseline (2026-05-23) totals:
  Total findings:  2548 across 19 repos
  - critical: 13   (real hardcoded product IDs in non-canonical locations)
  - major:    1821 (mostly hardcoded hex colors + console.log)
  - minor:    714  (any type, decorative emojis)

By rule:
  web-hardcoded-hex       1370
  b7-emoji-in-code         465
  b4-python-print          351
  ts-any-type              249
  b4-console-log            93
  b5-hardcoded-product-id   13
  b4-swift-print             7

Repos clean (0 findings):
  - learning_ai_smart_auth (docs-only)
  - learning_ai_auth_app (small native scaffolding only)

Repos with highest finding counts:
  - learning_ai_mac_tooling: 585 (Python backend + React dashboard)
  - learning_ai_common_plat: 521 (large shared platform)
  - learning_ai_fastgap:     409
  - learning_ai_multimodal:  312

Next phase: per-repo triage and fix, processing repos in order of
ascending complexity per the roadmap (see prior planning conversation).
The scanner is the gating tool for that work.

2026-05-23 14:02:14 -07:00

2 Commits