Skip to content

Releases: Architecture-Mind/ArchTest

v0.4.0

Choose a tag to compare

@Kidkender Kidkender released this 30 Jun 09:48

What's new

3 new linter rules

  • L008 — Route returns entity directly without response DTO (HIGH)
  • L009 — GET list route has no pagination guard (WARN)
  • L010 — Circular DTO reference — may cause infinite serialization (INFO)

--explain flag for archtest lint

Every rule (L001–L010) now surfaces Why? / Risk / Suggested Fix inline when --explain is passed.

--ci flag — GitHub Actions annotation output

archtest lint --ci outputs ::error/::warning commands that annotate PRs directly. No separate Action required.

archtest baseline + --new-only

Save known issues as a baseline. Future runs with --new-only only surface regressions — ideal for legacy codebases with existing issues.

archtest.config.json — per-project config

{
  "rules": { "L009": "warning", "L010": "off" },
  "ignore": [{ "rule": "L009", "route": "GET /admin/export" }]
}

archtest report — HTML / Markdown report

Combines lint + snapshot diff into a shareable file for CI artifacts or team review.

Fuzz field coverage tracking

After each fuzz run, shows a per-field breakdown: payloads fired, categories covered, crashes and bypasses.

Snapshot diff exit codes

  • 0 — no changes
  • 1 — non-breaking changes
  • 2 — breaking changes ← new, previously merged with 1

269 tests passing. Full changelog: CHANGELOG.md

v0.3.0 — Framework Detection & Linter Rules

Choose a tag to compare

@Kidkender Kidkender released this 26 Jun 02:50
5340fb3

What's New

Framework Detection

  • Auto-detect NestJS/Laravel from filesystem (nest-cli.json, package.json, composer.json)
  • --framework <nestjs|laravel> flag on all commands to override detection

Zod Boundary Validation

  • archmind CLI output now validated at parse time with Zod schemas
  • Clear ArchmindFormatError with field path and message when archmind version is incompatible

New Linter Rules

  • L006: flag auth-sensitive routes (/login, /register, /password, /token) with no rate-limiting guard (WARN)
  • L007: flag privileged routes (/admin, /internal, /management, /backoffice, /system) with no auth gate (HIGH)

Linter Improvements

  • L005: removed "type" and "kind" from enum-hint field names — too generic, caused false positives

Stats

  • 200 tests passing (up from 162 in v0.2.0)

v0.2.0

Choose a tag to compare

@Kidkender Kidkender released this 23 Jun 17:33
49d88a1

What's new in 0.2.0

New commands

archtest lint — Static analysis without a server. Detects validation gaps, weak password fields, unprotected routes, and missing DTOs. Exits 1 on HIGH issues for CI integration.

archtest fuzz — Fire edge-case payloads (overflow numbers, unicode, SQL injection, template injection, very long strings) to find 500 errors and validation bypasses.

Laravel support

All commands now work on Laravel projects. Auto-detected from the archmind trace. Parses FormRequest::rules() — pipe-syntax and array-syntax, including nullable, sometimes, in:a,b,c, between:min,max, regex:/pattern/.

New class-validator decorators

@IsIn, @Length(min, max), @IsDate, @IsPhoneNumber, @IsEthereumAddress, @IsAlphanumeric, @IsNumberString

Bug fixes

  • Fields with ! definite assignment assertion (name!: string) were silently dropped — fixed
  • archmind .cjs binary crashed on Windows — now wrapped with node automatically

Architecture

  • Validation types now sourced from @kidkender/archmind-protocol
  • DTO parsing delegated to @kidkender/archmind-nestjs-parser
  • FormRequest parsing delegated to @kidkender/archmind-laravel-parser

See CHANGELOG.md for the full list of changes.