Reduce JQSharp public API surface by hiding implementation types

[Copilot]

This change narrows the exposed API to consumer-facing entry points and hides parser/runtime internals that were unintentionally public. The goal is to keep Jq as the façade while making AST/parser/control-flow implementation types non-public.

• API surface hardening

  • Jq.Parse(string) changed from public to internal.
  • JqFilter changed from public abstract class to non-public abstract class.
  • JqFilter static helpers restricted to internal:
    • CreateNullElementStatic
    • StructurallyEqual
    • GetTypeNameStatic
    • GetValueTextStatic

• Parser/runtime internals made non-public

  • JqParser → non-public sealed class
  • JqHaltException → non-public sealed class
  • JqBreakException → non-public sealed class
  • JqEnvironment → non-public sealed class
  • JqPattern, VariablePattern, ArrayPattern, ObjectPattern → non-public
  • FilterClosure → non-public sealed record
  • BinaryOp → non-public enum
  • UserFunctionDef → non-public sealed class

• Filter implementations hidden

  • All concrete filter types under src/JQSharp/Filters/ were changed from public sealed class to non-public sealed class (implicit internal by omission), matching .editorconfig guidance on redundant visibility modifiers.

• Design doc alignment

  • Updated .github/design.md to reflect Jq as public façade with internal parse entry.

Example of the intended visibility pattern:

public static class Jq
{
    public static IEnumerable<JsonElement> Evaluate(string expression, JsonElement input) { ... }

    internal static JqFilter Parse(string expression) { ... }
}

abstract class JqFilter { ... }    // implementation base, not part of public API
sealed class PipeFilter : JqFilter { ... }  // internal implementation type

Warning

Firewall rules blocked me from connecting to one or more addresses (expand for details)

I tried to connect to the following addresses, but was blocked by firewall rules:

• kzu.blob.core.windows.net
  • Triggering command: /usr/bin/dotnet dotnet restore (dns block)
  • Triggering command: /usr/bin/dotnet dotnet restore --no-dependencies /home/REDACTED/work/JQSharp/JQSharp/JQSharp.slnx --packages /tmp/codeql-scratch-58a1ab1f0b60fde2/dbs/csharp/working/packages /p:DisableImplicitNuGetFallbackFolder=true --verbosity normal /p:TargetFrameworkRootPath=/tmp/codeql-scratch-58a1ab1f0b60fde2/dbs/csharp/working/emptyFakeDotnetRoot /p:NetCoreTargetingPackRoot=/tmp/codeql-scratch-58a1ab1f0b60fde2/dbs/csharp/working/emptyFakeDotnetRoot /p:AllowMissingPrunePackageData=true conf�� rateFilter.cs --global it pull.rebase (dns block)

If you need me to access, download, or install something from one of these locations, you can either:

• Configure Actions setup steps to set up my environment, which run before the firewall is enabled
• Add the appropriate URLs or hosts to the custom allowlist in this repository's Copilot coding agent settings (admins only)

Original prompt

---

This section details on the original issue you should resolve

<issue_title>The project exposes a large number of implementation types that should be hidden from consumers</issue_title>
<issue_description>- [ ] Make Jq.Parse internal

• Change JqFilter to internal abstract class; make CreateNullElementStatic, StructurallyEqual, GetTypeNameStatic, GetValueTextStatic internal
• Change JqParser to internal sealed class
• Change JqHaltException to internal sealed class
• Change JqBreakException to internal sealed class
• Change JqEnvironment to internal sealed class
• Change JqPattern, VariablePattern, ArrayPattern, ObjectPattern to internal
• Change FilterClosure to internal sealed record
• Change BinaryOp to internal enum
• Change UserFunctionDef to internal sealed class
• Change all ~30 filter classes in Filters/ to internal sealed class
• Build and verify

Note that per .editorconfig, redundant visibility should NOT be specified: so internal class should just be class, and private [type] [field] should just be [type] [field].

<agent_instructions>Leverage .github/design.md to understand the codebase.</agent_instructions>

Comments on the Issue (you are @copilot in this section)

• Fixes The project exposes a large number of implementation types that should be hidden from consumers #6

---

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.

[kzu]

🧪 Details on Ubuntu 24.04.3 LTS

from retest v1.1.0 on .NET 10.0.3 with 💜 by @devlooped