Releases: Architecture-Mind/ArchTest
Release list
v0.4.0
What's new
3 new linter rules
- L008 — Route returns entity directly without response DTO (HIGH)
- L009 — GET list route has no pagination guard (WARN)
- L010 — Circular DTO reference — may cause infinite serialization (INFO)
--explain flag for archtest lint
Every rule (L001–L010) now surfaces Why? / Risk / Suggested Fix inline when --explain is passed.
--ci flag — GitHub Actions annotation output
archtest lint --ci outputs ::error/::warning commands that annotate PRs directly. No separate Action required.
archtest baseline + --new-only
Save known issues as a baseline. Future runs with --new-only only surface regressions — ideal for legacy codebases with existing issues.
archtest.config.json — per-project config
{
"rules": { "L009": "warning", "L010": "off" },
"ignore": [{ "rule": "L009", "route": "GET /admin/export" }]
}archtest report — HTML / Markdown report
Combines lint + snapshot diff into a shareable file for CI artifacts or team review.
Fuzz field coverage tracking
After each fuzz run, shows a per-field breakdown: payloads fired, categories covered, crashes and bypasses.
Snapshot diff exit codes
0— no changes1— non-breaking changes2— breaking changes ← new, previously merged with1
269 tests passing. Full changelog: CHANGELOG.md
v0.3.0 — Framework Detection & Linter Rules
What's New
Framework Detection
- Auto-detect NestJS/Laravel from filesystem (nest-cli.json, package.json, composer.json)
--framework <nestjs|laravel>flag on all commands to override detection
Zod Boundary Validation
- archmind CLI output now validated at parse time with Zod schemas
- Clear
ArchmindFormatErrorwith field path and message when archmind version is incompatible
New Linter Rules
- L006: flag auth-sensitive routes (
/login,/register,/password,/token) with no rate-limiting guard (WARN) - L007: flag privileged routes (
/admin,/internal,/management,/backoffice,/system) with no auth gate (HIGH)
Linter Improvements
- L005: removed
"type"and"kind"from enum-hint field names — too generic, caused false positives
Stats
- 200 tests passing (up from 162 in v0.2.0)
v0.2.0
What's new in 0.2.0
New commands
archtest lint — Static analysis without a server. Detects validation gaps, weak password fields, unprotected routes, and missing DTOs. Exits 1 on HIGH issues for CI integration.
archtest fuzz — Fire edge-case payloads (overflow numbers, unicode, SQL injection, template injection, very long strings) to find 500 errors and validation bypasses.
Laravel support
All commands now work on Laravel projects. Auto-detected from the archmind trace. Parses FormRequest::rules() — pipe-syntax and array-syntax, including nullable, sometimes, in:a,b,c, between:min,max, regex:/pattern/.
New class-validator decorators
@IsIn, @Length(min, max), @IsDate, @IsPhoneNumber, @IsEthereumAddress, @IsAlphanumeric, @IsNumberString
Bug fixes
- Fields with
!definite assignment assertion (name!: string) were silently dropped — fixed - archmind
.cjsbinary crashed on Windows — now wrapped withnodeautomatically
Architecture
- Validation types now sourced from
@kidkender/archmind-protocol - DTO parsing delegated to
@kidkender/archmind-nestjs-parser - FormRequest parsing delegated to
@kidkender/archmind-laravel-parser
See CHANGELOG.md for the full list of changes.