@samiyev/guardian/dist/infrastructure/analyzers/EntityExposureDetector.d.ts

Research-backed code quality guardian for AI-assisted development. Detects hardcodes, secrets, circular deps, framework leaks, entity exposure, and 9 architecture violations. Enforces Clean Architecture/DDD principles. Works with GitHub Copilot, Cursor, W

import { IEntityExposureDetector } from "../../domain/services/IEntityExposureDetector";
import { EntityExposure } from "../../domain/value-objects/EntityExposure";
/**
 * Detects domain entity exposure in controller/route return types
 *
 * This detector identifies violations where controllers or route handlers
 * directly return domain entities instead of using DTOs (Data Transfer Objects).
 * This violates separation of concerns and can expose internal domain logic.
 *
 * @example
 * ```typescript
 * const detector = new EntityExposureDetector()
 *
 * // Detect exposures in a controller file
 * const code = `
 * class UserController {
 *     async getUser(id: string): Promise<User> {
 *         return this.userService.findById(id)
 *     }
 * }
 * `
 * const exposures = detector.detectExposures(code, 'src/infrastructure/controllers/UserController.ts', 'infrastructure')
 *
 * // exposures will contain violation for returning User entity
 * console.log(exposures.length) // 1
 * console.log(exposures[0].entityName) // 'User'
 * ```
 */
export declare class EntityExposureDetector implements IEntityExposureDetector {
    private readonly dtoSuffixes;
    private readonly controllerPatterns;
    /**
     * Detects entity exposure violations in the given code
     *
     * Analyzes method return types in controllers/routes to identify
     * domain entities being directly exposed to external clients.
     *
     * @param code - Source code to analyze
     * @param filePath - Path to the file being analyzed
     * @param layer - The architectural layer of the file (domain, application, infrastructure, shared)
     * @returns Array of detected entity exposure violations
     */
    detectExposures(code: string, filePath: string, layer: string | undefined): EntityExposure[];
    /**
     * Checks if a return type is a domain entity
     *
     * Domain entities are typically PascalCase nouns without Dto/Request/Response suffixes
     * and are defined in the domain layer.
     *
     * @param returnType - The return type to check
     * @returns True if the return type appears to be a domain entity
     */
    isDomainEntity(returnType: string): boolean;
    /**
     * Checks if the file is a controller/route file
     */
    private isControllerFile;
    /**
     * Finds method return types in a line of code
     */
    private findMethodReturnTypes;
    /**
     * Extracts core type from complex type annotations
     * Examples:
     * - "Promise<User>" -> "User"
     * - "User[]" -> "User"
     * - "User | null" -> "User"
     */
    private extractCoreType;
    /**
     * Checks if a type is a primitive type
     */
    private isPrimitiveType;
    /**
     * Checks if a type has an allowed DTO/Response suffix
     */
    private hasAllowedSuffix;
    /**
     * Checks if a string is in PascalCase
     */
    private isPascalCase;
}
//# sourceMappingURL=EntityExposureDetector.d.ts.map