apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-18 20:15:14 +02:00
Code Issues Projects Releases Packages Wiki Activity

[pitboss/grind] deferred session-0003 (20260521T201327Z-3848)

Browse source
This commit is contained in:
pitboss 2026-05-21 16:05:15 -05:00
parent d99361cff6
commit 368f628054
14 changed files with 672 additions and 86 deletions
Download patch file Download diff file Expand all files Collapse all files

198
src/dynamic/framework/adapters/graphql_apollo.rs
View file

@ -1,8 +1,16 @@
//! Phase 21 (Track M.3) — Apollo GraphQL resolver adapter (JS).
//!
//! Fires when the surrounding source imports `@apollo/server` / the
//! legacy `apollo-server` / `apollo-server-express` package, or the
//! function body sits inside a `Query` / `Mutation` resolver map.
//! legacy `apollo-server` / `apollo-server-express` package AND the
//! function under analysis looks like a resolver: either its name is
//! a key inside a `Query: { … }` / `Mutation: { … }` / `Subscription:
//! { … }` literal block, or its declaration carries the canonical
//! `(parent, args, context, info?)` formal signature.
//!
//! The previous version of this adapter accepted the bare source
//! needle `const resolvers`, which bound every function inside any
//! file that happened to declare such a variable (Phase 21
//! binding-stealing audit follow-up).
use crate::dynamic::framework::{FrameworkAdapter, FrameworkBinding};
use crate::evidence::EntryKind;
@ -13,14 +21,6 @@ pub struct GraphqlApolloAdapter;
const ADAPTER_NAME: &str = "graphql-apollo";
fn callee_is_apollo(name: &str) -> bool {
let last = name.rsplit_once('.').map(|(_, s)| s).unwrap_or(name);
matches!(
last,
"ApolloServer" | "startStandaloneServer" | "gql" | "applyMiddleware" | "expressMiddleware"
)
}
fn source_imports_apollo(file_bytes: &[u8]) -> bool {
const NEEDLES: &[&[u8]] = &[
b"@apollo/server",
@ -30,17 +30,96 @@ fn source_imports_apollo(file_bytes: &[u8]) -> bool {
b"from 'apollo-server",
b"from \"apollo-server",
b"new ApolloServer",
b"const resolvers",
];
NEEDLES
.iter()
.any(|n| file_bytes.windows(n.len()).any(|w| w == *n))
}
fn name_in_resolver_block(name: &str, file_bytes: &[u8]) -> bool {
if name.is_empty() {
return false;
}
if name.starts_with("Query.")
|| name.starts_with("Mutation.")
|| name.starts_with("Subscription.")
{
return true;
}
let text = match std::str::from_utf8(file_bytes) {
Ok(s) => s,
Err(_) => return false,
};
let bytes = text.as_bytes();
for opener in ["Query:", "Mutation:", "Subscription:"] {
let mut cursor = 0;
while let Some(idx) = text[cursor..].find(opener) {
let after_open = cursor + idx + opener.len();
let rest = &text[after_open..];
let trimmed = rest.trim_start();
if !trimmed.starts_with('{') {
cursor = after_open;
continue;
}
let body_start = after_open + (rest.len() - trimmed.len()) + 1;
let mut depth = 1i32;
let mut i = body_start;
while i < bytes.len() && depth > 0 {
match bytes[i] {
b'{' => depth += 1,
b'}' => depth -= 1,
_ => {}
}
i += 1;
}
let inner_end = i.saturating_sub(1).min(bytes.len());
let inner = &text[body_start..inner_end];
let key_colon = format!("{name}:");
let key_paren = format!("{name}(");
if inner.contains(&key_colon) || inner.contains(&key_paren) {
return true;
}
cursor = inner_end;
}
}
false
}
fn has_resolver_signature(name: &str, file_bytes: &[u8]) -> bool {
if name.is_empty() {
return false;
}
let text = match std::str::from_utf8(file_bytes) {
Ok(s) => s,
Err(_) => return false,
};
const PARENTS: &[&str] = &["parent", "root", "obj", "_"];
const ARGS: &[&str] = &["args", "input", "_args", "params", "variables"];
for p in PARENTS {
for a in ARGS {
let pairs = [
format!("function {name}({p}, {a}"),
format!("function {name}({p},{a}"),
format!("{name} = function({p}, {a}"),
format!("{name} = function({p},{a}"),
format!("{name} = ({p}, {a}"),
format!("{name} = ({p},{a}"),
format!("{name}: function({p}, {a}"),
format!("{name}: function({p},{a}"),
format!("{name}: ({p}, {a}"),
format!("{name}: ({p},{a}"),
format!("{name}({p}, {a}"),
format!("{name}({p},{a}"),
];
if pairs.iter().any(|p| text.contains(p.as_str())) {
return true;
}
}
}
false
}
fn extract_resolver(summary: &FuncSummary) -> (String, String) {
// Best-effort: split a fully-qualified name like `Query.user` into
// `("Query", "user")`. Falls back to ("Query", name) so the
// binding always carries some type_name + field.
if let Some((parent, field)) = summary.name.rsplit_once('.') {
return (parent.to_owned(), field.to_owned());
}
@ -62,21 +141,23 @@ impl FrameworkAdapter for GraphqlApolloAdapter {
_ast: tree_sitter::Node<'_>,
file_bytes: &[u8],
) -> Option<FrameworkBinding> {
let matches_call = super::any_callee_matches(summary, callee_is_apollo);
let matches_source = source_imports_apollo(file_bytes);
if matches_call || matches_source {
let (type_name, field) = extract_resolver(summary);
Some(FrameworkBinding {
adapter: ADAPTER_NAME.to_owned(),
kind: EntryKind::GraphQLResolver { type_name, field },
route: None,
request_params: Vec::new(),
response_writer: None,
middleware: Vec::new(),
})
} else {
None
if !source_imports_apollo(file_bytes) {
return None;
}
let in_block = name_in_resolver_block(&summary.name, file_bytes);
let has_sig = has_resolver_signature(&summary.name, file_bytes);
if !(in_block || has_sig) {
return None;
}
let (type_name, field) = extract_resolver(summary);
Some(FrameworkBinding {
adapter: ADAPTER_NAME.to_owned(),
kind: EntryKind::GraphQLResolver { type_name, field },
route: None,
request_params: Vec::new(),
response_writer: None,
middleware: Vec::new(),
})
}
}
@ -109,4 +190,65 @@ mod tests {
assert_eq!(field, "user");
}
}
#[test]
fn fires_on_resolver_signature_outside_query_block() {
// Real-world resolver declared as a standalone function with the
// canonical (parent, args, context) signature, exported for use
// in the schema. Matches the dynamic fixture shape.
let src: &[u8] = b"const _NYX_ADAPTER_MARKER = \"require('@apollo/server')\";\n\
function resolveUser(parent, args, ctx) { return args.id; }\n\
module.exports = { resolveUser };\n";
let tree = parse_js(src);
let summary = FuncSummary {
name: "resolveUser".into(),
..Default::default()
};
let binding = GraphqlApolloAdapter
.detect(&summary, tree.root_node(), src)
.expect("standalone resolver binds via signature");
assert_eq!(binding.adapter, "graphql-apollo");
}
#[test]
fn does_not_bind_unrelated_helper_in_apollo_file() {
// File imports Apollo and declares a `Query` block on a
// different field, but the analyser is asking about an unrelated
// helper that neither sits in the resolver block nor has the
// canonical (parent, args) shape.
let src: &[u8] = b"const { ApolloServer } = require('@apollo/server');\n\
function loadConfig() { return { port: 3000 }; }\n\
const resolvers = { Query: { user: () => 'x' } };\n";
let tree = parse_js(src);
let summary = FuncSummary {
name: "loadConfig".into(),
..Default::default()
};
assert!(
GraphqlApolloAdapter
.detect(&summary, tree.root_node(), src)
.is_none(),
"unrelated helper in an Apollo file must not bind as a resolver",
);
}
#[test]
fn does_not_bind_bare_const_resolvers_outside_apollo() {
// File declares `const resolvers = …` without any Apollo import.
// The old needle `const resolvers` bound this; the tightened
// adapter requires a real Apollo source token first.
let src: &[u8] = b"const resolvers = { foo: () => 'bar' };\n\
function helper() { return 1; }\n";
let tree = parse_js(src);
let summary = FuncSummary {
name: "helper".into(),
..Default::default()
};
assert!(
GraphqlApolloAdapter
.detect(&summary, tree.root_node(), src)
.is_none(),
"`const resolvers` alone must not bind without an Apollo import",
);
}
}

3
src/dynamic/framework/adapters/middleware_rails.rs
View file

@ -75,8 +75,7 @@ impl FrameworkAdapter for MiddlewareRailsAdapter {
}
let has_middleware_shape = source_has_rack_middleware_shape(file_bytes);
let name_matches = name_is_rack_entry(&summary.name);
let body_mounts_middleware =
super::any_callee_matches(summary, callee_is_rails_middleware);
let body_mounts_middleware = super::any_callee_matches(summary, callee_is_rails_middleware);
let binds = (name_matches && has_middleware_shape) || body_mounts_middleware;
if !binds {
return None;

5
src/dynamic/framework/adapters/migration_laravel.rs
View file

@ -21,7 +21,10 @@ const ADAPTER_NAME: &str = "migration-laravel";
fn callee_is_laravel_migration_ddl(name: &str) -> bool {
let last = name.rsplit_once('.').map(|(_, s)| s).unwrap_or(name);
matches!(last, "create" | "table" | "drop" | "statement" | "unprepared")
matches!(
last,
"create" | "table" | "drop" | "statement" | "unprepared"
)
}
fn source_has_migration_shape(file_bytes: &[u8]) -> bool {

176
src/dynamic/framework/adapters/ruby_hanami.rs
View file

@ -30,11 +30,32 @@ fn class_is_hanami_action(class: Node<'_>, bytes: &[u8]) -> bool {
|| class_includes(class, bytes, "Hanami::Action")
}
/// Walk the file for a `# nyx-route: <METHOD> <path>` comment so
/// fixtures can pin an explicit route without needing the Hanami
/// routes DSL. Defaults to `(GET, "/")` if no marker is found.
fn pinned_route(file_bytes: &[u8], fallback_path: &str) -> (HttpMethod, String) {
let text = std::str::from_utf8(file_bytes).unwrap_or("");
/// Resolve the route metadata for `class_name`. Tries the inline
/// Hanami v2 routes DSL first (`get "/run", to: "RunAction"` inside a
/// `Hanami::Routes` / `routes do` block that co-exists with the
/// action class in the same file), then the synthetic
/// `# nyx-route: <METHOD> <path>` comment fixtures rely on, then
/// finally a `(GET, fallback_path)` default.
///
/// Cross-file routes resolution (`config/routes.rb` + `app/actions/<slug>/<verb>.rb`)
/// still needs a project-level file index on the adapter trait —
/// `FrameworkAdapter::detect` only sees one file at a time.
fn route_for_class(
file_bytes: &[u8],
class_name: &str,
fallback_path: &str,
) -> (HttpMethod, String) {
if let Some(found) = parse_inline_route(file_bytes, class_name) {
return found;
}
if let Some(found) = pinned_comment_route(file_bytes) {
return found;
}
(HttpMethod::GET, fallback_path.to_owned())
}
fn pinned_comment_route(file_bytes: &[u8]) -> Option<(HttpMethod, String)> {
let text = std::str::from_utf8(file_bytes).ok()?;
for line in text.lines() {
let trim = line.trim_start();
if let Some(rest) = trim.strip_prefix("# nyx-route:") {
@ -42,11 +63,70 @@ fn pinned_route(file_bytes: &[u8], fallback_path: &str) -> (HttpMethod, String)
let mut parts = rest.split_ascii_whitespace();
if let (Some(verb), Some(path)) = (parts.next(), parts.next()) {
let method = HttpMethod::from_ident(verb).unwrap_or(HttpMethod::GET);
return (method, path.to_owned());
return Some((method, path.to_owned()));
}
}
}
(HttpMethod::GET, fallback_path.to_owned())
None
}
/// Parse the Hanami v2 routes DSL when the routes file and the action
/// class co-exist in one file. Recognises lines of the form
/// `<verb> "<path>", to: "<target>"` (or single-quoted variants) and
/// matches `<target>` against `class_name` either by exact match or by
/// its `snake_case` form (Hanami's container-key convention,
/// e.g. `to: "actions.run_action"`).
fn parse_inline_route(file_bytes: &[u8], class_name: &str) -> Option<(HttpMethod, String)> {
let text = std::str::from_utf8(file_bytes).ok()?;
let snake = camel_to_snake(class_name);
for raw_line in text.lines() {
let line = raw_line.trim_start();
if let Some(parsed) = parse_route_line(line, class_name, &snake) {
return Some(parsed);
}
}
None
}
fn parse_route_line(line: &str, class_orig: &str, class_snake: &str) -> Option<(HttpMethod, String)> {
let (verb_tok, after) = line.split_once(char::is_whitespace)?;
let method = HttpMethod::from_ident(verb_tok)?;
let after = after.trim_start();
let (path, rest) = parse_quoted(after)?;
let to_idx = rest.find("to:")?;
let after_to = rest[to_idx + 3..].trim_start();
let (target, _) = parse_quoted(after_to)?;
let target_last = target.rsplit_once('.').map(|(_, s)| s).unwrap_or(&target);
if target_last == class_orig || target_last == class_snake {
return Some((method, path));
}
None
}
fn parse_quoted(s: &str) -> Option<(String, &str)> {
let quote = match s.as_bytes().first() {
Some(b'"') => '"',
Some(b'\'') => '\'',
_ => return None,
};
let rest = &s[1..];
let end = rest.find(quote)?;
Some((rest[..end].to_owned(), &rest[end + 1..]))
}
fn camel_to_snake(s: &str) -> String {
let mut out = String::with_capacity(s.len() + 2);
for (i, ch) in s.char_indices() {
if ch.is_ascii_uppercase() {
if i > 0 {
out.push('_');
}
out.push(ch.to_ascii_lowercase());
} else {
out.push(ch);
}
}
out
}
fn hanami_default_path(class_name: &str) -> String {
@ -89,7 +169,7 @@ impl FrameworkAdapter for RubyHanamiAdapter {
}
let cls_name = class_name(class, file_bytes).unwrap_or("Entry");
let default = hanami_default_path(cls_name);
let (http_method, path) = pinned_route(file_bytes, &default);
let (http_method, path) = route_for_class(file_bytes, cls_name, &default);
let formals = method_formal_names(method, file_bytes);
let request_params = bind_path_params(&formals, &path);
Some(FrameworkBinding {
@ -196,6 +276,86 @@ mod tests {
assert!(matches!(req.source, ParamSource::Implicit));
}
#[test]
fn picks_up_inline_routes_dsl_classname_to() {
// Hanami v2 routes DSL co-located with the action class. The
// routes block names the action class via `to: "RunAction"`;
// the adapter must pick up `POST /run` rather than the
// snake-case default.
let src: &[u8] = b"require 'hanami/routes'\n\
require 'hanami/action'\n\
class Routes < Hanami::Routes\n\
post \"/run\", to: \"RunAction\"\n\
end\n\
class RunAction < Hanami::Action\n\
def call(req)\n\
'ok'\n\
end\n\
end\n";
let tree = parse(src);
let binding = RubyHanamiAdapter
.detect(&summary("call"), tree.root_node(), src)
.expect("binding");
let route = binding.route.unwrap();
assert_eq!(route.method, HttpMethod::POST);
assert_eq!(route.path, "/run");
}
#[test]
fn picks_up_inline_routes_dsl_snake_case_to() {
// Hanami v2 supports `to: "actions.run_action"` container-key
// notation in addition to the bare class name. The adapter
// should match `run_action` against the snake_case of
// `RunAction`.
let src: &[u8] = b"require 'hanami/routes'\n\
require 'hanami/action'\n\
class Routes < Hanami::Routes\n\
get \"/u/:id\", to: \"actions.run_action\"\n\
end\n\
class RunAction < Hanami::Action\n\
def call(req, id)\n\
id\n\
end\n\
end\n";
let tree = parse(src);
let binding = RubyHanamiAdapter
.detect(&summary("call"), tree.root_node(), src)
.expect("binding");
let route = binding.route.unwrap();
assert_eq!(route.method, HttpMethod::GET);
assert_eq!(route.path, "/u/:id");
let id = binding
.request_params
.iter()
.find(|p| p.name == "id")
.unwrap();
assert!(matches!(id.source, ParamSource::PathSegment(_)));
}
#[test]
fn inline_routes_dsl_wins_over_pinned_comment() {
// When both an inline routes-DSL line and a `# nyx-route:`
// comment are present, the routes-DSL line wins because it is
// the canonical source of truth.
let src: &[u8] = b"# nyx-route: GET /old\n\
require 'hanami/routes'\n\
class Routes < Hanami::Routes\n\
put \"/new\", to: \"PutAction\"\n\
end\n\
class PutAction < Hanami::Action\n\
def call(req)\n\
'ok'\n\
end\n\
end\n";
let tree = parse(src);
let binding = RubyHanamiAdapter
.detect(&summary("call"), tree.root_node(), src)
.expect("binding");
let route = binding.route.unwrap();
assert_eq!(route.method, HttpMethod::PUT);
assert_eq!(route.path, "/new");
}
#[test]
fn skips_non_hanami_classes() {
let src: &[u8] =

97
src/dynamic/framework/adapters/scheduled_sidekiq.rs
View file

@ -1,8 +1,18 @@
//! Phase 21 (Track M.3) — Ruby Sidekiq worker / scheduled-job adapter.
//!
//! Fires when the surrounding source includes the Sidekiq worker
//! mixin (`include Sidekiq::Worker` / `Sidekiq::Job`) or invokes a
//! Sidekiq scheduling callee (`perform_async`, `perform_in`).
//! Fires when the surrounding source carries a Sidekiq shape marker
//! (`include Sidekiq::Worker` / `Sidekiq::Job` / `sidekiq_options` /
//! `require 'sidekiq'`) AND either the function under analysis is the
//! worker entry point (`perform` / `perform_async` / `perform_in`) or
//! its body schedules a Sidekiq job (calls `perform_async` /
//! `perform_in`).
//!
//! The previous version of this adapter matched the bare callee name
//! `set` as a scheduling signal, which collided with unrelated methods
//! like `Set#add` / `Hash#[]=` (Phase 21 binding-stealing audit
//! follow-up). `set` is now recognised only as part of the Sidekiq
//! shape gate; binding additionally requires the function itself to be
//! a worker entry or to call the real scheduling callees.
use crate::dynamic::framework::{FrameworkAdapter, FrameworkBinding};
use crate::evidence::EntryKind;
@ -13,12 +23,16 @@ pub struct ScheduledSidekiqAdapter;
const ADAPTER_NAME: &str = "scheduled-sidekiq";
fn callee_is_sidekiq(name: &str) -> bool {
fn callee_schedules_sidekiq(name: &str) -> bool {
let last = name.rsplit_once('.').map(|(_, s)| s).unwrap_or(name);
matches!(last, "perform_async" | "perform_in" | "perform" | "set")
matches!(last, "perform_async" | "perform_in")
}
fn source_imports_sidekiq(file_bytes: &[u8]) -> bool {
fn name_is_sidekiq_entry(name: &str) -> bool {
matches!(name, "perform" | "perform_async" | "perform_in")
}
fn source_has_sidekiq_shape(file_bytes: &[u8]) -> bool {
const NEEDLES: &[&[u8]] = &[
b"include Sidekiq::Worker",
b"include Sidekiq::Job",
@ -75,22 +89,25 @@ impl FrameworkAdapter for ScheduledSidekiqAdapter {
_ast: tree_sitter::Node<'_>,
file_bytes: &[u8],
) -> Option<FrameworkBinding> {
let matches_call = super::any_callee_matches(summary, callee_is_sidekiq);
let matches_source = source_imports_sidekiq(file_bytes);
if matches_call || matches_source {
Some(FrameworkBinding {
adapter: ADAPTER_NAME.to_owned(),
kind: EntryKind::ScheduledJob {
schedule: extract_schedule(file_bytes),
},
route: None,
request_params: Vec::new(),
response_writer: None,
middleware: Vec::new(),
})
} else {
None
let has_shape = source_has_sidekiq_shape(file_bytes);
if !has_shape {
return None;
}
let name_matches = name_is_sidekiq_entry(&summary.name);
let body_schedules = super::any_callee_matches(summary, callee_schedules_sidekiq);
if !(name_matches || body_schedules) {
return None;
}
Some(FrameworkBinding {
adapter: ADAPTER_NAME.to_owned(),
kind: EntryKind::ScheduledJob {
schedule: extract_schedule(file_bytes),
},
route: None,
request_params: Vec::new(),
response_writer: None,
middleware: Vec::new(),
})
}
}
@ -119,4 +136,42 @@ mod tests {
assert_eq!(binding.adapter, "scheduled-sidekiq");
assert!(matches!(binding.kind, EntryKind::ScheduledJob { .. }));
}
#[test]
fn does_not_bind_set_method_in_non_sidekiq_file() {
// Method named `set` on a class with no Sidekiq tokens anywhere
// — used to bind because the prior `callee_is_sidekiq` matched
// the bare callee `set`, colliding with `Set#add` / `Hash#[]=`.
let src: &[u8] = b"class MySet\n def set(key, val)\n @h[key] = val\n end\nend\n";
let tree = parse_ruby(src);
let summary = FuncSummary {
name: "set".into(),
..Default::default()
};
assert!(
ScheduledSidekiqAdapter
.detect(&summary, tree.root_node(), src)
.is_none(),
"bare `set` method outside Sidekiq scope must not bind",
);
}
#[test]
fn does_not_bind_unrelated_method_inside_sidekiq_file() {
// Sidekiq-flavoured file but the analyser is asking about an
// unrelated helper that neither shares the worker entry name
// nor calls `perform_async` / `perform_in`.
let src: &[u8] = b"# include Sidekiq::Worker\nclass MySet\n def set(key)\n @s.add(key)\n end\nend\n";
let tree = parse_ruby(src);
let summary = FuncSummary {
name: "set".into(),
..Default::default()
};
assert!(
ScheduledSidekiqAdapter
.detect(&summary, tree.root_node(), src)
.is_none(),
"non-worker helper in a Sidekiq file must not bind",
);
}
}