repopilot 0.11.0

Local-first CLI for repository audit, architecture risk detection, baseline tracking, and CI-friendly code review.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93

use super::registration::{ProjectAuditRegistration, project_metadata};
use crate::audits::architecture::barrel_file_risk::BarrelFileRiskAudit;
use crate::audits::architecture::deep_nesting::DeepNestingAudit;
use crate::audits::architecture::deep_relative_imports::DeepRelativeImportsAudit;
use crate::audits::architecture::too_many_modules::TooManyModulesAudit;
use crate::audits::security::env_file_committed::EnvFileCommittedAudit;
use crate::audits::testing::missing_test_folder::MissingTestFolderAudit;
use crate::audits::testing::source_without_test::SourceWithoutTestAudit;
use crate::findings::types::{Finding, FindingCategory};
use crate::knowledge::decision::apply_project_decisions;
use crate::scan::config::ScanConfig;
use crate::scan::facts::ScanFacts;

pub fn registered_project_audits(config: &ScanConfig) -> Vec<ProjectAuditRegistration> {
    let mut audits = vec![
        ProjectAuditRegistration::new(
            project_metadata(
                "audit.project.architecture.too-many-modules",
                FindingCategory::Architecture,
                &["architecture.too-many-modules"],
            ),
            Box::new(TooManyModulesAudit),
        ),
        ProjectAuditRegistration::new(
            project_metadata(
                "audit.project.architecture.deep-nesting",
                FindingCategory::Architecture,
                &["architecture.deep-nesting"],
            ),
            Box::new(DeepNestingAudit),
        ),
        ProjectAuditRegistration::new(
            project_metadata(
                "audit.project.architecture.deep-relative-imports",
                FindingCategory::Architecture,
                &["architecture.deep-relative-imports"],
            ),
            Box::new(DeepRelativeImportsAudit),
        ),
        ProjectAuditRegistration::new(
            project_metadata(
                "audit.project.architecture.barrel-file-risk",
                FindingCategory::Architecture,
                &["architecture.barrel-file-risk"],
            ),
            Box::new(BarrelFileRiskAudit),
        ),
        ProjectAuditRegistration::new(
            project_metadata(
                "audit.project.security.env-file-committed",
                FindingCategory::Security,
                &["security.env-file-committed"],
            ),
            Box::new(EnvFileCommittedAudit),
        ),
    ];

    if config.detect_missing_tests {
        audits.insert(
            2,
            ProjectAuditRegistration::new(
                project_metadata(
                    "audit.project.testing.source-without-test",
                    FindingCategory::Testing,
                    &["testing.source-without-test"],
                ),
                Box::new(SourceWithoutTestAudit),
            ),
        );
        audits.insert(
            2,
            ProjectAuditRegistration::new(
                project_metadata(
                    "audit.project.testing.missing-test-folder",
                    FindingCategory::Testing,
                    &["testing.missing-test-folder"],
                ),
                Box::new(MissingTestFolderAudit),
            ),
        );
    }

    audits
}

pub fn run_project_audits(scan_facts: &ScanFacts, config: &ScanConfig) -> Vec<Finding> {
    let findings = registered_project_audits(config)
        .iter()
        .flat_map(|registration| registration.audit.audit(scan_facts, config))
        .collect();

    apply_project_decisions(scan_facts, findings)
}