@samiyev/guardian/dist/infrastructure/strategies/ValuePatternMatcher.js

Research-backed code quality guardian for AI-assisted development. Detects hardcodes, secrets, circular deps, framework leaks, entity exposure, and 9 architecture violations. Enforces Clean Architecture/DDD principles. Works with GitHub Copilot, Cursor, W

"use strict";
Object.defineProperty(exports, "__esModule", { value: true });
exports.ValuePatternMatcher = void 0;
const ast_node_types_1 = require("../../shared/constants/ast-node-types");
/**
 * Pattern matcher for detecting specific value types
 *
 * Provides pattern matching for emails, IPs, paths, dates, UUIDs, versions, and other common hardcoded values
 */
class ValuePatternMatcher {
    static EMAIL_PATTERN = /^[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,}$/;
    static IP_V4_PATTERN = /^(\d{1,3}\.){3}\d{1,3}$/;
    static IP_V6_PATTERN = /^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$|^::([0-9a-fA-F]{1,4}:){0,6}[0-9a-fA-F]{1,4}$/;
    static DATE_ISO_PATTERN = /^\d{4}-\d{2}-\d{2}$/;
    static URL_PATTERN = /^https?:\/\/|^mongodb:\/\/|^postgresql:\/\//;
    static UNIX_PATH_PATTERN = /^\/[a-zA-Z0-9/_-]+/;
    static WINDOWS_PATH_PATTERN = /^[a-zA-Z]:\\[a-zA-Z0-9\\/_-]+/;
    static API_KEY_PATTERN = /^(sk_|pk_|api_|key_)[a-zA-Z0-9_-]{20,}$/;
    static UUID_PATTERN = /^[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}$/i;
    static SEMVER_PATTERN = /^\d+\.\d+\.\d+(-[\w.-]+)?(\+[\w.-]+)?$/;
    static HEX_COLOR_PATTERN = /^#([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$/;
    static MAC_ADDRESS_PATTERN = /^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$/;
    static BASE64_PATTERN = /^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$/;
    static JWT_PATTERN = /^eyJ[A-Za-z0-9-_]+\.eyJ[A-Za-z0-9-_]+\.[A-Za-z0-9-_]+$/;
    /**
     * Checks if value is an email address
     */
    isEmail(value) {
        return ValuePatternMatcher.EMAIL_PATTERN.test(value);
    }
    /**
     * Checks if value is an IP address (v4 or v6)
     */
    isIpAddress(value) {
        return (ValuePatternMatcher.IP_V4_PATTERN.test(value) ||
            ValuePatternMatcher.IP_V6_PATTERN.test(value));
    }
    /**
     * Checks if value is a date in ISO format
     */
    isDate(value) {
        return ValuePatternMatcher.DATE_ISO_PATTERN.test(value);
    }
    /**
     * Checks if value is a URL
     */
    isUrl(value) {
        return ValuePatternMatcher.URL_PATTERN.test(value);
    }
    /**
     * Checks if value is a file path (Unix or Windows)
     */
    isFilePath(value) {
        return (ValuePatternMatcher.UNIX_PATH_PATTERN.test(value) ||
            ValuePatternMatcher.WINDOWS_PATH_PATTERN.test(value));
    }
    /**
     * Checks if value looks like an API key
     */
    isApiKey(value) {
        return ValuePatternMatcher.API_KEY_PATTERN.test(value);
    }
    /**
     * Checks if value is a UUID
     */
    isUuid(value) {
        return ValuePatternMatcher.UUID_PATTERN.test(value);
    }
    /**
     * Checks if value is a semantic version
     */
    isSemver(value) {
        return ValuePatternMatcher.SEMVER_PATTERN.test(value);
    }
    /**
     * Checks if value is a hex color
     */
    isHexColor(value) {
        return ValuePatternMatcher.HEX_COLOR_PATTERN.test(value);
    }
    /**
     * Checks if value is a MAC address
     */
    isMacAddress(value) {
        return ValuePatternMatcher.MAC_ADDRESS_PATTERN.test(value);
    }
    /**
     * Checks if value is Base64 encoded (min length 20 to avoid false positives)
     */
    isBase64(value) {
        return value.length >= 20 && ValuePatternMatcher.BASE64_PATTERN.test(value);
    }
    /**
     * Checks if value is a JWT token
     */
    isJwt(value) {
        return ValuePatternMatcher.JWT_PATTERN.test(value);
    }
    /**
     * Detects the type of value
     */
    detectType(value) {
        if (this.isEmail(value)) {
            return ast_node_types_1.VALUE_PATTERN_TYPES.EMAIL;
        }
        if (this.isJwt(value)) {
            return ast_node_types_1.VALUE_PATTERN_TYPES.API_KEY;
        }
        if (this.isApiKey(value)) {
            return ast_node_types_1.VALUE_PATTERN_TYPES.API_KEY;
        }
        if (this.isUrl(value)) {
            return ast_node_types_1.VALUE_PATTERN_TYPES.URL;
        }
        if (this.isIpAddress(value)) {
            return ast_node_types_1.VALUE_PATTERN_TYPES.IP_ADDRESS;
        }
        if (this.isFilePath(value)) {
            return ast_node_types_1.VALUE_PATTERN_TYPES.FILE_PATH;
        }
        if (this.isDate(value)) {
            return ast_node_types_1.VALUE_PATTERN_TYPES.DATE;
        }
        if (this.isUuid(value)) {
            return ast_node_types_1.VALUE_PATTERN_TYPES.UUID;
        }
        if (this.isSemver(value)) {
            return ast_node_types_1.VALUE_PATTERN_TYPES.VERSION;
        }
        if (this.isHexColor(value)) {
            return "color";
        }
        if (this.isMacAddress(value)) {
            return ast_node_types_1.VALUE_PATTERN_TYPES.MAC_ADDRESS;
        }
        if (this.isBase64(value)) {
            return ast_node_types_1.VALUE_PATTERN_TYPES.BASE64;
        }
        return null;
    }
    /**
     * Checks if value should be detected as hardcoded
     */
    shouldDetect(value) {
        return (this.isEmail(value) ||
            this.isUrl(value) ||
            this.isIpAddress(value) ||
            this.isFilePath(value) ||
            this.isDate(value) ||
            this.isApiKey(value) ||
            this.isUuid(value) ||
            this.isSemver(value) ||
            this.isHexColor(value) ||
            this.isMacAddress(value) ||
            this.isBase64(value) ||
            this.isJwt(value));
    }
}
exports.ValuePatternMatcher = ValuePatternMatcher;
//# sourceMappingURL=ValuePatternMatcher.js.map