diff --git a/gitgalaxy/standards/analysis_lens.py b/gitgalaxy/standards/analysis_lens.py index cd0a591..6a0f503 100644 --- a/gitgalaxy/standards/analysis_lens.py +++ b/gitgalaxy/standards/analysis_lens.py @@ -182,7 +182,7 @@ def get_policy(mode="baseline"): # 7. The Verification Sieve # Test files are naturally dense with assertions and mocked data. # Dampen their cognitive load so they don't outweigh actual application logic. - (re.compile(r'(?:^|/)(?:tests?|specs?|testing)/|_spec\.[a-z]+$|\.test\.[a-z]+$', re.I), 0.50) + (re.compile(r'(?:^|/)(?:tests?|specs?|testing)/|_spec\.[a-zA-Z]+$|\.test\.[a-zA-Z]+$', re.I), 0.50) ], 'Error & Exception Exposure': [ # 1. The Sentinel (Core Security & Auth) @@ -242,7 +242,7 @@ def get_policy(mode="baseline"): # The Verification Exemption # Tests often contain mocked "TODO" strings to test parsers, or deliberate hacks # for negative testing. They do not represent architectural debt. - (re.compile(r'(?:^|/)(?:tests?|specs?|testing)/|_spec\.[a-z]+$|\.test\.[a-z]+$|.*IT\.java$', re.I), 0.0), + (re.compile(r'(?:^|/)(?:tests?|specs?|testing)/|_spec\.[a-zA-Z]+$|\.test\.[a-zA-Z]+$|.*IT\.java$', re.I), 0.0), # ---> NEW: The Documentation/Examples Exemption <--- # Forgive example code for lacking production-grade tests/safety @@ -269,7 +269,7 @@ def get_policy(mode="baseline"): (re.compile(r'\.(?:stories|story|visual)\.', re.I), 0.90), # 6. The Verification Exemption # Unit tests rarely require formal JSDoc/RDoc blocks. Drop doc risk to 0. - (re.compile(r'(?:^|/)(?:tests?|specs?|testing)/|_spec\.[a-z]+$|\.test\.[a-z]+$', re.I), 0.0) + (re.compile(r'(?:^|/)(?:tests?|specs?|testing)/|_spec\.[a-zA-Z]+$|\.test\.[a-zA-Z]+$', re.I), 0.0) ], 'Testing Exposure': [ # 1. The Universal Standard: 'test' is safe across all languages @@ -312,7 +312,7 @@ def get_policy(mode="baseline"): # Forgive example code for lacking production-grade tests/safety (re.compile(r'(?:^|/)examples?/', re.I), 0.0), # Catch mainframe 8-char test prefixes (e.g., lgtestp1.cbl) - (re.compile(r'(?:^|/)[a-z]{0,2}test[a-z0-9]*\.(?:cbl|cob)$', re.I), 0.0), + (re.compile(r'(?:^|/)[a-zA-Z]{0,2}test[a-z0-9]*\.(?:cbl|cob)$', re.I), 0.0), ], 'Dead Code Exposure': [ # 1. The Template (Expected Dead Code) diff --git a/gitgalaxy/standards/language_standards.py b/gitgalaxy/standards/language_standards.py index f56149c..5688d3f 100644 --- a/gitgalaxy/standards/language_standards.py +++ b/gitgalaxy/standards/language_standards.py @@ -685,6 +685,7 @@ "blueprint_version": "v6.3.1", "status": "production", }, + # COMPREHENSIVE SURFACE AREA: Standard modern suffixes, JSX variants, and ambient declaration boundaries. "extensions": [ ".ts", ".tsx", @@ -694,8 +695,6 @@ ".d.mts", ".d.cts", # Ambient declarations ], - # COMPREHENSIVE SURFACE AREA: Standard modern suffixes, JSX variants, and ambient declaration boundaries. - "extensions": [".ts", ".tsx", ".mts", ".cts", ".d.ts", ".d.mts", ".d.cts"], # ABSOLUTE IDENTITY & EXACT FILENAMES: Extensionless build/config scripts and tooling configs that are secretly pure code. "exact_matches": [], # ECOSYSTEM GRAVITY & DISAMBIGUATION: Primary sibling extensions, package manifests, and lockfiles to resolve ambiguous files. @@ -7108,7 +7107,7 @@ ), # 32. events: Pub/Sub Network. Platform Events and Trigger context. "events": re.compile( - r"\b(EventBus\.publish|PlatformEvent)\b|trigger\s+[A-z_]\w+\s+on\s+[A-z_]\w+Event__e", + r"\b(EventBus\.publish|PlatformEvent)\b|trigger\s+[a-zA-Z_]\w+\s+on\s+[a-zA-Z_]\w+Event__e", re.I, ), # 33. dependency_injection: Inversion of Control. Mocking and injection frameworks. @@ -10563,10 +10562,6 @@ "jenkins": {"_shield_": {"exclude_paths": ["translation-tool.pl", "core/report-l10n.rb"]}}, "redis": {"_shield_": {"exclude_dirs": ["deps/lua", "deps/jemalloc", "deps/hiredis"]}}, "Correios-Brasil": { - "_shield_": {"unban_directories": ["features"]} - }, - "freebsd-src": { - "objective-c": {"extensions": ['.mm', '.h']}, - "c": {"extensions": ['.c', '.h', '.cl', '.inc', '.y', '.idc', '.cats', '.m', '.dts', '.dtsi']} - }, -} \ No newline at end of file + "_shield_": {"unban_directories": ["features"]} + } + } \ No newline at end of file diff --git a/site/app.py b/site/app.py index 753cc2f..78c29cb 100644 --- a/site/app.py +++ b/site/app.py @@ -317,19 +317,23 @@ def capture_enterprise_lead(): if any(domain in email for domain in generic_domains): return jsonify(error="Please provide a valid corporate email address for commercial licensing."), 400 - # Log the massive lead as a CRITICAL event so it stands out in your server logs - lead_msg = f"🚨 ENTERPRISE LEAD CAPTURED: {company} | Size: {codebase_size} | Case: {use_case} | Contact: {email}" - logger.critical(lead_msg) + # SANITIZATION: Prevent CRLF Log Injection + safe_company = str(company).replace('\n', ' ').replace('\r', '') + safe_size = str(codebase_size).replace('\n', ' ').replace('\r', '') + safe_case = str(use_case).replace('\n', ' ').replace('\r', '') + safe_email = str(email).replace('\n', ' ').replace('\r', '') - # TODO: Add logic here to ping your Discord webhook or send an email to joe@gitgalaxy.io - # requests.post(os.getenv("DISCORD_WEBHOOK_URL"), json={"content": lead_msg}) + # Log the massive lead safely + lead_msg = f"🚨 ENTERPRISE LEAD CAPTURED: {safe_company} | Size: {safe_size} | Case: {safe_case} | Contact: {safe_email}" + logger.critical(lead_msg) return jsonify({"status": "success", "message": "Lead captured. Our architecture team will be in touch shortly."}), 200 except Exception as e: - logger.error(f"Lead Capture Error: {str(e)}") + safe_error = str(e).replace('\n', ' ') + logger.error(f"Lead Capture Error: {safe_error}") return jsonify(error="Failed to submit inquiry. Please email commercial@gitgalaxy.io directly."), 500 - + if __name__ == '__main__': print("\n" + "═"*50) print(" 🌌 GITGALAXY VISUALIZER: COMMAND CENTER ACTIVE")