1use std::collections::BTreeMap;
2
3use fallow_types::envelope::{Meta, MetaMetric, MetaRule};
4use serde_json::{Value, json};
5
6use crate::{ACTIONS_AUTO_FIXABLE_FIELD_DEFINITION, ACTIONS_FIELD_DEFINITION};
7
8pub const DUPES_DOCS: &str = "https://docs.fallow.tools/cli/dupes";
10
11pub const COVERAGE_SETUP_DOCS: &str = "https://docs.fallow.tools/cli/coverage#agent-readable-json";
13
14pub const COVERAGE_ANALYZE_DOCS: &str = "https://docs.fallow.tools/cli/coverage#analyze";
16
17pub const HEALTH_DOCS: &str = "https://docs.fallow.tools/cli/health";
19
20pub const SECURITY_DOCS: &str = "https://docs.fallow.tools/cli/security";
22
23#[derive(Debug, Clone, Copy, PartialEq, Eq)]
25pub struct SecurityRuleMeta<'a> {
26 pub id: &'a str,
27 pub name: &'a str,
28 pub description: &'a str,
29 pub docs_path: &'a str,
30}
31
32#[must_use]
34pub fn health_meta() -> Meta {
35 Meta {
36 docs: Some(HEALTH_DOCS.to_string()),
37 field_definitions: action_field_definitions(),
38 metrics: health_metrics(),
39 ..Meta::default()
40 }
41}
42
43#[must_use]
45pub fn security_meta<'a>(rules: impl IntoIterator<Item = SecurityRuleMeta<'a>>) -> Meta {
46 Meta {
47 docs: Some(SECURITY_DOCS.to_string()),
48 field_definitions: security_field_definitions(),
49 metrics: BTreeMap::new(),
50 rules: rules
51 .into_iter()
52 .map(|rule| {
53 (
54 rule.id.to_string(),
55 MetaRule {
56 name: Some(rule.name.to_string()),
57 description: Some(rule.description.to_string()),
58 docs: Some(report_rule_docs_url(rule.docs_path)),
59 },
60 )
61 })
62 .collect(),
63 ..Meta::default()
64 }
65}
66
67#[must_use]
69pub fn dupes_meta() -> Meta {
70 Meta {
71 docs: Some(DUPES_DOCS.to_string()),
72 field_definitions: action_field_definitions(),
73 metrics: BTreeMap::from([
74 (
75 "duplication_percentage".to_string(),
76 metric(
77 "Duplication Percentage",
78 "Fraction of total source tokens that appear in at least one clone group. Computed over the full analyzed file set.",
79 Some("[0, 100]"),
80 "lower is better",
81 ),
82 ),
83 (
84 "token_count".to_string(),
85 metric(
86 "Token Count",
87 "Number of normalized source tokens in the clone group. Tokens are language-aware (keywords, identifiers, operators, punctuation). Higher token count = larger duplicate.",
88 Some("[1, ∞)"),
89 "larger clones have higher refactoring value",
90 ),
91 ),
92 (
93 "line_count".to_string(),
94 metric(
95 "Line Count",
96 "Number of source lines spanned by the clone instance. Approximation of clone size for human readability.",
97 Some("[1, ∞)"),
98 "larger clones are more impactful to deduplicate",
99 ),
100 ),
101 (
102 "clone_groups".to_string(),
103 metric(
104 "Clone Groups",
105 "A set of code fragments with identical or near-identical normalized token sequences. Each group has 2+ instances across different locations.",
106 None,
107 "each group is a single refactoring opportunity",
108 ),
109 ),
110 (
111 "clone_groups_below_min_occurrences".to_string(),
112 metric(
113 "Clone Groups Below minOccurrences",
114 "Number of clone groups detected but hidden by the `duplicates.minOccurrences` filter. Always 0 (or absent) when the filter is at its default of 2. Pre-filter group count = `clone_groups + clone_groups_below_min_occurrences`.",
115 Some("[0, ∞)"),
116 "high values suggest noisy pair-only duplication; lower `minOccurrences` to inspect",
117 ),
118 ),
119 (
120 "clone_families".to_string(),
121 metric(
122 "Clone Families",
123 "Groups of clone groups that share the same set of files. Indicates systematic duplication patterns (e.g., mirrored directory structures).",
124 None,
125 "families suggest extract-module refactoring opportunities",
126 ),
127 ),
128 ]),
129 ..Meta::default()
130 }
131}
132
133#[must_use]
135pub fn coverage_setup_meta() -> Value {
136 json!({
137 "docs_url": COVERAGE_SETUP_DOCS,
138 "field_definitions": {
139 "schema_version": "Coverage setup JSON contract version. Stays at \"1\" for additive opt-in fields such as _meta.",
140 "framework_detected": "Primary detected runtime framework for compatibility with single-app consumers. In workspaces this mirrors the first emitted runtime member; unknown means no runtime member was detected.",
141 "package_manager": "Detected package manager used for install and run commands, or null when no package manager signal was found.",
142 "runtime_targets": "Union of runtime targets across emitted members.",
143 "members[]": "Per-runtime-workspace setup recipes. Pure aggregator roots and build-only libraries are omitted.",
144 "members[].name": "Workspace package name from package.json, or the root directory name when package.json has no name.",
145 "members[].path": "Workspace path relative to the command root. The root package is represented as \".\".",
146 "members[].framework_detected": "Runtime framework detected for that member.",
147 "members[].package_manager": "Package manager detected for that member, or inherited from the workspace root when no member-specific signal exists.",
148 "members[].runtime_targets": "Runtime targets produced by that member.",
149 "members[].files_to_edit": "Files in that member that should receive runtime beacon setup code.",
150 "members[].snippets": "Copy-paste setup snippets for that member, with paths relative to the command root.",
151 "members[].dockerfile_snippet": "Environment snippet for file-system capture in that member's containerized Node runtime, or null when not applicable.",
152 "members[].warnings": "Actionable setup caveats discovered for that member.",
153 "config_written": "Always null for --json because JSON setup is side-effect-free and never writes configuration.",
154 "files_to_edit": "Compatibility copy of the primary member's files, with workspace prefixes when the primary member is not the root.",
155 "snippets": "Compatibility copy of the primary member's snippets, with workspace prefixes when the primary member is not the root.",
156 "dockerfile_snippet": "Environment snippet for file-system capture in containerized Node runtimes, or null when not applicable.",
157 "commands": "Package-manager commands needed to install the runtime beacon and sidecar packages.",
158 "next_steps": "Ordered setup workflow after applying the emitted snippets.",
159 "warnings": "Actionable setup caveats discovered while building the recipe."
160 },
161 "enums": {
162 "framework_detected": ["nextjs", "nestjs", "nuxt", "sveltekit", "astro", "remix", "vite", "plain_node", "unknown"],
163 "runtime_targets": ["node", "browser"],
164 "package_manager": ["npm", "pnpm", "yarn", "bun", null]
165 },
166 "warnings": {
167 "No runtime workspace members were detected": "The root appears to be a workspace, but no runtime-bearing package was found. The payload emits install commands only.",
168 "No local coverage artifact was detected yet": "Run the application with runtime coverage collection enabled, then re-run setup or health with the produced capture path.",
169 "Package manager was not detected": "No packageManager field or known lockfile was found. Commands fall back to npm.",
170 "Framework was not detected": "No known framework dependency or runtime script was found. Treat the recipe as a generic Node setup and adjust the entry path as needed."
171 }
172 })
173}
174
175#[must_use]
177pub fn coverage_analyze_meta() -> Value {
178 json!({
179 "docs_url": COVERAGE_ANALYZE_DOCS,
180 "field_definitions": {
181 "schema_version": "Standalone coverage analyze envelope version. \"1\" for the current shape.",
182 "version": "fallow CLI version that produced this output.",
183 "elapsed_ms": "Wall-clock milliseconds spent producing the report.",
184 "runtime_coverage": "Same RuntimeCoverageReport block emitted by `fallow health --runtime-coverage`.",
185 "runtime_coverage.summary.data_source": "Which evidence source produced the report. local = on-disk artifact via --runtime-coverage <path>; cloud = explicit pull via --cloud / --runtime-coverage-cloud / FALLOW_RUNTIME_COVERAGE_SOURCE=cloud.",
186 "runtime_coverage.summary.last_received_at": "ISO-8601 timestamp of the newest runtime payload included in the report. Null for local artifacts that do not carry receipt metadata.",
187 "runtime_coverage.summary.capture_quality": "Capture-window telemetry derived from the runtime evidence. lazy_parse_warning trips when more than 30% of tracked functions are V8-untracked, which usually indicates a short observation window.",
188 "runtime_coverage.findings[].id": "Per-finding SUPPRESSION key (fallow:prod:<hash>). Hashes file + function + the current line, so it changes when the function moves. Use it to suppress one finding at its current location.",
189 "runtime_coverage.findings[].stable_id": "Cross-surface JOIN key (fallow:fn:<hash>) from fallow_cov_protocol::function_identity_id, hashing file + name + start_line. The same function shares ONE value across findings, hot paths, blast-radius, and importance entries (the per-finding id uses a per-surface salt and differs), and across V8/Istanbul/oxc producers (columns are excluded from the hash). Like id, it changes when the function's file, name, or start line changes: it is a cross-surface/cross-producer join key, NOT a line-move-immune one. Omitted from the JSON entirely (not emitted as null) when the producing surface or an un-migrated cloud supplied no FunctionIdentity. New baselines key on this when present to align with the cross-surface join key; the grace-window reader accepts the legacy id too.",
190 "runtime_coverage._matching": "Function-identity fallback order when joining runtime evidence to local static analysis: (1) exact stable_id match (fallow:fn:<hash>) when both sides carry one; (2) exact (path, name, start_line); (3) fuzzy nearest candidate within a line tolerance. Baseline suppression accepts BOTH the stable_id and the legacy fallow:prod: id during the grace window, so baselines written before this version keep suppressing.",
191 "runtime_coverage.findings[].evidence.static_status": "used = the function is reachable in the AST module graph; unused = it is dead by static analysis.",
192 "runtime_coverage.findings[].evidence.test_coverage": "covered = the local test suite hits the function; not_covered otherwise.",
193 "runtime_coverage.findings[].evidence.v8_tracking": "tracked = V8 observed the function during the capture window; untracked otherwise.",
194 "runtime_coverage.findings[].actions[].type": "Suggested follow-up identifier. delete-cold-code is emitted on safe_to_delete; review-runtime on review_required.",
195 "runtime_coverage.blast_radius[]": "First-class blast-radius entries with stable fallow:blast IDs, static caller count, traffic-weighted caller reach, optional cloud deploy touch count, and low/medium/high risk band.",
196 "runtime_coverage.importance[]": "First-class production-importance entries with stable fallow:importance IDs, invocations, cyclomatic complexity, owner count, 0-100 importance score, and templated reason.",
197 "runtime_coverage.warnings[].code": "Stable warning identifier. cloud_functions_unmatched flags entries dropped because no AST/static counterpart was found locally."
198 },
199 "enums": {
200 "data_source": ["local", "cloud"],
201 "report_verdict": ["clean", "hot-path-touched", "cold-code-detected", "license-expired-grace", "unknown"],
202 "finding_verdict": ["safe_to_delete", "review_required", "coverage_unavailable", "low_traffic", "active", "unknown"],
203 "static_status": ["used", "unused"],
204 "test_coverage": ["covered", "not_covered"],
205 "v8_tracking": ["tracked", "untracked"],
206 "action_type": ["delete-cold-code", "review-runtime"]
207 },
208 "warnings": {
209 "no_runtime_data": "Cloud returned an empty runtime window. Either the period is too narrow or no traces have been ingested yet.",
210 "cloud_functions_unmatched": "One or more cloud-side functions could not be matched against the local AST/static index and were dropped from findings. Common causes: stale runtime data after a rename/move, file path mismatch between deploy and repo, or analysis run on the wrong commit."
211 }
212 })
213}
214
215fn action_field_definitions() -> BTreeMap<String, String> {
216 BTreeMap::from([
217 (
218 "actions[]".to_string(),
219 ACTIONS_FIELD_DEFINITION.to_string(),
220 ),
221 (
222 "actions[].auto_fixable".to_string(),
223 ACTIONS_AUTO_FIXABLE_FIELD_DEFINITION.to_string(),
224 ),
225 ])
226}
227
228fn security_field_definitions() -> BTreeMap<String, String> {
229 BTreeMap::from([
230 (
231 "version".to_string(),
232 "fallow CLI version that produced this output.".to_string(),
233 ),
234 (
235 "elapsed_ms".to_string(),
236 "Wall-clock milliseconds spent producing the security report.".to_string(),
237 ),
238 (
239 "config".to_string(),
240 "Privacy-safe config context relevant to security candidate generation.".to_string(),
241 ),
242 (
243 "config.rules.*.configured".to_string(),
244 "Severity from resolved config before the security command forced default-off rules on."
245 .to_string(),
246 ),
247 (
248 "config.rules.*.effective".to_string(),
249 "Severity used for this security command run.".to_string(),
250 ),
251 (
252 "config.categories_include".to_string(),
253 "Configured security category include list. null means unset, [] means explicitly empty."
254 .to_string(),
255 ),
256 (
257 "config.categories_exclude".to_string(),
258 "Configured security category exclude list. null means unset, [] means explicitly empty."
259 .to_string(),
260 ),
261 (
262 "security_findings[]".to_string(),
263 "Unverified security candidates for downstream human or agent verification.".to_string(),
264 ),
265 (
266 "summary.security_findings".to_string(),
267 "Number of security candidates after all filters, gates, and scopes.".to_string(),
268 ),
269 (
270 "summary.by_severity".to_string(),
271 "Fixed high, medium, and low severity counts for summary JSON.".to_string(),
272 ),
273 (
274 "summary.by_category".to_string(),
275 "Candidate counts by catalogue category, or by kind for uncategorized findings."
276 .to_string(),
277 ),
278 (
279 "summary.by_reachability".to_string(),
280 "Fixed reachability and source-backed ranking-signal counts for summary JSON."
281 .to_string(),
282 ),
283 (
284 "summary.by_runtime_state".to_string(),
285 "Fixed production-runtime coverage state counts for summary JSON.".to_string(),
286 ),
287 (
288 "unresolved_edge_files".to_string(),
289 "Number of client files whose import cone contains dynamic edges the graph could not follow."
290 .to_string(),
291 ),
292 (
293 "unresolved_callee_sites".to_string(),
294 "Number of sink-shaped nodes whose callee could not be flattened to a static path."
295 .to_string(),
296 ),
297 ])
298}
299
300fn health_metrics() -> BTreeMap<String, MetaMetric> {
301 let mut metrics = BTreeMap::new();
302 metrics.extend(health_complexity_metrics());
303 metrics.extend(health_churn_and_target_metrics());
304 metrics.extend(health_ownership_metrics());
305 metrics.extend(health_runtime_metrics());
306 metrics.extend(health_styling_metrics());
307 metrics
308}
309
310fn health_complexity_metrics() -> [(String, MetaMetric); 11] {
311 [
312 health_metric(
313 "cyclomatic",
314 "Cyclomatic Complexity",
315 "McCabe cyclomatic complexity: 1 + number of decision points.",
316 Some("[1, infinity)"),
317 "lower is better; default threshold: 20",
318 ),
319 health_metric(
320 "cognitive",
321 "Cognitive Complexity",
322 "Cognitive complexity penalizes nesting depth and non-linear control flow.",
323 Some("[0, infinity)"),
324 "lower is better; default threshold: 15",
325 ),
326 health_metric(
327 "line_count",
328 "Function Line Count",
329 "Number of lines in the function body.",
330 Some("[1, infinity)"),
331 "context-dependent; long functions may need splitting",
332 ),
333 health_metric(
334 "lines",
335 "File Line Count",
336 "Total lines of code in the file.",
337 Some("[1, infinity)"),
338 "context-dependent; large files may benefit from splitting",
339 ),
340 health_metric(
341 "maintainability_index",
342 "Maintainability Index",
343 "Composite file score combining complexity density, dead code ratio, and coupling.",
344 Some("[0, 100]"),
345 "higher is better",
346 ),
347 health_metric(
348 "complexity_density",
349 "Complexity Density",
350 "Total cyclomatic complexity divided by lines of code.",
351 Some("[0, infinity)"),
352 "lower is better; >1.0 indicates very dense complexity",
353 ),
354 health_metric(
355 "dead_code_ratio",
356 "Dead Code Ratio",
357 "Fraction of value exports with zero references across the project.",
358 Some("[0, 1]"),
359 "lower is better; 0 means all exports are used",
360 ),
361 health_metric(
362 "fan_in",
363 "Fan-in (Importers)",
364 "Number of files that import this file.",
365 Some("[0, infinity)"),
366 "context-dependent; high fan-in files need careful review",
367 ),
368 health_metric(
369 "fan_out",
370 "Fan-out (Imports)",
371 "Number of files this file directly imports.",
372 Some("[0, infinity)"),
373 "lower is better; high fan-out indicates coupling",
374 ),
375 health_metric(
376 "max_render_fan_in",
377 "Render Fan-in (Blast Radius)",
378 "Highest distinct-parent render count across React or Preact components.",
379 Some("[0, infinity)"),
380 "descriptive only; high values mean broad edit ripple",
381 ),
382 health_metric(
383 "crap_max",
384 "Untested Complexity Risk (CRAP)",
385 "Highest Change Risk Anti-Patterns score from complexity and coverage evidence.",
386 Some("[1, infinity)"),
387 "lower is better; high values indicate complex untested code",
388 ),
389 ]
390}
391
392fn health_churn_and_target_metrics() -> [(String, MetaMetric); 8] {
393 [
394 health_metric(
395 "score",
396 "Hotspot Score",
397 "Normalized churn multiplied by normalized complexity.",
398 Some("[0, 100]"),
399 "higher means riskier; prioritize refactoring high-score files",
400 ),
401 health_metric(
402 "weighted_commits",
403 "Weighted Commits",
404 "Recency-weighted commit count using exponential decay.",
405 Some("[0, infinity)"),
406 "higher means more recent churn activity",
407 ),
408 health_metric(
409 "trend",
410 "Churn Trend",
411 "Compares recent vs older commit frequency within the analysis window.",
412 None,
413 "accelerating files need attention; cooling files are stabilizing",
414 ),
415 health_metric(
416 "priority",
417 "Refactoring Priority",
418 "Weighted refactoring score using complexity, hotspots, dead code, fan-in, and fan-out.",
419 Some("[0, 100]"),
420 "higher means more urgent to refactor",
421 ),
422 health_metric(
423 "efficiency",
424 "Efficiency Score",
425 "Priority divided by effort estimate.",
426 Some("[0, 100]"),
427 "higher means better quick-win value",
428 ),
429 health_metric(
430 "effort",
431 "Effort Estimate",
432 "Heuristic effort estimate based on file size, function count, and fan-in.",
433 None,
434 "low means quick win, high needs planning and coordination",
435 ),
436 health_metric(
437 "confidence",
438 "Confidence Level",
439 "Reliability of the recommendation based on data source.",
440 None,
441 "high means act on it; medium or low means verify context",
442 ),
443 health_metric(
444 "health_score",
445 "Health Score",
446 "Project-level aggregate score computed from vital signs and issue signals.",
447 Some("[0, 100]"),
448 "higher is better; missing metrics are not penalized",
449 ),
450 ]
451}
452
453fn health_ownership_metrics() -> [(String, MetaMetric); 6] {
454 [
455 health_metric(
456 "bus_factor",
457 "Bus Factor",
458 "Minimum number of contributors who account for most recent weighted commits.",
459 Some("[1, infinity)"),
460 "lower is higher knowledge-loss risk",
461 ),
462 health_metric(
463 "contributor_count",
464 "Contributor Count",
465 "Number of distinct authors who touched this file in the analysis window.",
466 Some("[0, infinity)"),
467 "higher generally indicates broader knowledge spread",
468 ),
469 health_metric(
470 "share",
471 "Contributor Share",
472 "Recency-weighted share of total weighted commits attributed to a contributor.",
473 Some("[0, 1]"),
474 "share close to 1.0 indicates ownership concentration",
475 ),
476 health_metric(
477 "stale_days",
478 "Stale Days",
479 "Days since this contributor last touched the file.",
480 Some("[0, infinity)"),
481 "high stale days can indicate ownership drift",
482 ),
483 health_metric(
484 "drift",
485 "Ownership Drift",
486 "Whether original authorship and current contribution ownership have diverged.",
487 None,
488 "true means current review ownership may differ from original ownership",
489 ),
490 health_metric(
491 "unowned",
492 "Unowned (Tristate)",
493 "Whether CODEOWNERS exists but has no matching owner for this file.",
494 None,
495 "true on a hotspot is a review-bottleneck risk",
496 ),
497 ]
498}
499
500fn health_runtime_metrics() -> [(String, MetaMetric); 5] {
501 [
502 health_metric(
503 "runtime_coverage_verdict",
504 "Runtime Coverage Verdict",
505 "Overall verdict across runtime-coverage findings.",
506 None,
507 "cold-code-detected is the primary standalone cleanup signal",
508 ),
509 health_metric(
510 "runtime_coverage_state",
511 "Runtime Coverage State",
512 "Per-function runtime observation state.",
513 None,
514 "never-called with static unused is the highest-confidence delete signal",
515 ),
516 health_metric(
517 "runtime_coverage_confidence",
518 "Runtime Coverage Confidence",
519 "Confidence in a runtime-coverage finding.",
520 None,
521 "high means act on it; medium or low means verify context",
522 ),
523 health_metric(
524 "production_invocations",
525 "Production Invocations",
526 "Observed invocation count for the function over the collected coverage window.",
527 Some("[0, infinity)"),
528 "0 plus tracked means cold path; high means active path",
529 ),
530 health_metric(
531 "percent_dead_in_production",
532 "Percent Dead in Production",
533 "Fraction of tracked functions with zero observed invocations, multiplied by 100.",
534 Some("[0, 100]"),
535 "lower is better",
536 ),
537 ]
538}
539
540fn health_styling_metrics() -> [(String, MetaMetric); 10] {
541 [
542 health_metric(
543 "styling_health.score",
544 "Styling Health Score",
545 "CSS/styling-axis aggregate score computed from the styling penalty rubric. Present only under --css.",
546 Some("[0, 100]"),
547 "higher is better; missing metrics are not penalized",
548 ),
549 health_metric(
550 "styling_health.formula_version",
551 "Styling Health Formula Version",
552 "Version of the styling-health scoring rubric used to produce the score. Present only under --css.",
553 Some("[1, infinity)"),
554 "bump signals a rubric change; compare scores only within the same version",
555 ),
556 health_metric(
557 "styling_health.penalties.duplication",
558 "Styling Duplication Penalty",
559 "Points deducted for copy-paste declaration blocks, scaled by the share of declarations removable via consolidation. Present only under --css.",
560 Some("[0, 20]"),
561 "lower is better; 0 means no removable duplicate blocks",
562 ),
563 health_metric(
564 "styling_health.penalties.dead_surface",
565 "Styling Dead-Surface Penalty",
566 "Points deducted for unreferenced classes, unused tokens, at-rules, and font-faces, normalized per stylesheet. Present only under --css.",
567 Some("[0, 20]"),
568 "lower is better; 0 means no dead styling surface",
569 ),
570 health_metric(
571 "styling_health.penalties.broken_references",
572 "Styling Broken-References Penalty",
573 "Points deducted for markup classes one edit from a defined class and animations referencing undefined keyframes. Present only under --css.",
574 Some("[0, 15]"),
575 "lower is better; 0 means no broken references",
576 ),
577 health_metric(
578 "styling_health.penalties.token_erosion",
579 "Styling Token-Erosion Penalty",
580 "Points deducted for mixing font-size units past a healthy baseline and Tailwind arbitrary-value bypasses. Present only under --css.",
581 Some("[0, 10]"),
582 "lower is better; 0 means a single source of truth for the scale",
583 ),
584 health_metric(
585 "styling_health.penalties.structural",
586 "Styling Structural Penalty",
587 "Points deducted for !important density above a healthy floor and deep style-rule nesting. Present only under --css.",
588 Some("[0, 10]"),
589 "lower is better; 0 means no structural smells",
590 ),
591 health_metric(
592 "css_analytics.summary.near_duplicate_theme_tokens",
593 "Near-Duplicate Theme Tokens",
594 "Count of Tailwind v4 theme tokens whose comparable values are close to another token in the same theme dictionary. Present only in deep CSS analysis.",
595 Some("[0, infinity)"),
596 "0 means no near-duplicate token candidates were found",
597 ),
598 health_metric(
599 "styling_findings[].blast_radius",
600 "Styling Finding Blast Radius",
601 "Static lower-bound count of known consumers affected by a styling finding. Omitted when the family has no reliable blast-radius model.",
602 Some("[0, infinity)"),
603 "0 means no static consumers were found; omitted means unknown",
604 ),
605 health_metric(
606 "styling_findings[].nearest_token.distance",
607 "Nearest Styling Token Distance",
608 "Distance between a token-drift finding and its nearest comparable token. Units depend on the token namespace.",
609 Some("(0, infinity)"),
610 "lower means closer; compare only within the same token namespace",
611 ),
612 ]
613}
614
615fn health_metric(
616 key: impl Into<String>,
617 name: impl Into<String>,
618 description: impl Into<String>,
619 range: Option<&str>,
620 interpretation: impl Into<String>,
621) -> (String, MetaMetric) {
622 (key.into(), metric(name, description, range, interpretation))
623}
624
625fn metric(
626 name: impl Into<String>,
627 description: impl Into<String>,
628 range: Option<&str>,
629 interpretation: impl Into<String>,
630) -> MetaMetric {
631 MetaMetric {
632 name: Some(name.into()),
633 description: Some(description.into()),
634 range: range.map(str::to_string),
635 interpretation: Some(interpretation.into()),
636 }
637}
638
639fn report_rule_docs_url(docs_path: &str) -> String {
640 format!("https://docs.fallow.tools/{docs_path}")
641}
642
643#[cfg(test)]
644mod tests {
645 use super::*;
646
647 #[test]
648 fn dupes_meta_uses_output_contract_shape() {
649 let meta = dupes_meta();
650 assert_eq!(meta.docs.as_deref(), Some(DUPES_DOCS));
651 assert!(meta.field_definitions.contains_key("actions[]"));
652 assert!(meta.metrics.contains_key("duplication_percentage"));
653 assert!(
654 meta.metrics
655 .contains_key("clone_groups_below_min_occurrences")
656 );
657 }
658
659 #[test]
660 fn health_meta_uses_output_contract_shape() {
661 let meta = health_meta();
662 assert_eq!(meta.docs.as_deref(), Some(HEALTH_DOCS));
663 assert!(meta.field_definitions.contains_key("actions[]"));
664 assert!(meta.metrics.contains_key("cyclomatic"));
665 assert!(meta.metrics.contains_key("health_score"));
666 assert!(meta.metrics.contains_key("max_render_fan_in"));
667 assert!(meta.metrics.contains_key("percent_dead_in_production"));
668 assert!(meta.metrics.contains_key("styling_health.score"));
669 assert!(
670 meta.metrics
671 .contains_key("styling_health.penalties.duplication")
672 );
673 assert!(
674 meta.metrics
675 .contains_key("styling_health.penalties.structural")
676 );
677 }
678
679 #[test]
680 fn security_meta_uses_output_contract_shape() {
681 let meta = security_meta([SecurityRuleMeta {
682 id: "security/example",
683 name: "Example",
684 description: "Example security candidate.",
685 docs_path: "cli/security",
686 }]);
687 assert_eq!(meta.docs.as_deref(), Some(SECURITY_DOCS));
688 assert!(meta.field_definitions.contains_key("security_findings[]"));
689 assert!(meta.metrics.is_empty());
690 assert_eq!(
691 meta.rules["security/example"].docs.as_deref(),
692 Some("https://docs.fallow.tools/cli/security")
693 );
694 }
695
696 #[test]
697 fn coverage_setup_meta_uses_output_contract_shape() {
698 let meta = coverage_setup_meta();
699 assert_eq!(meta["docs_url"], COVERAGE_SETUP_DOCS);
700 assert!(meta["field_definitions"]["members[]"].is_string());
701 assert!(meta["enums"]["runtime_targets"].is_array());
702 assert!(meta["warnings"]["Package manager was not detected"].is_string());
703 }
704
705 #[test]
706 fn coverage_analyze_meta_uses_output_contract_shape() {
707 let meta = coverage_analyze_meta();
708 assert_eq!(meta["docs_url"], COVERAGE_ANALYZE_DOCS);
709 assert!(meta["field_definitions"]["runtime_coverage.findings[].stable_id"].is_string());
710 assert!(meta["enums"]["action_type"].is_array());
711 assert!(meta["warnings"]["cloud_functions_unmatched"].is_string());
712 }
713}