fix: Address high-severity bandit issues

2025-12-11 07:13:06 -03:00
parent bcb4475744
commit 5b2a328dd1
167 changed files with 7051 additions and 7168 deletions
--- a/dss-claude-plugin/hooks/scripts/complexity-monitor.js
+++ b/dss-claude-plugin/hooks/scripts/complexity-monitor.js
@@ -55,7 +55,7 @@ function countProps(content) {
 function countNestingDepth(content) {
  let maxDepth = 0;
  let currentDepth = 0;
-  
+
  for (const char of content) {
    if (char === '{' || char === '(') {
      currentDepth++;
@@ -64,7 +64,7 @@ function countNestingDepth(content) {
      currentDepth = Math.max(0, currentDepth - 1);
    }
  }
-  
+
  return maxDepth;
 }

@@ -74,7 +74,7 @@ function countFunctions(content) {
    /const\s+\w+\s*=\s*(?:async\s*)?\([^)]*\)\s*=>/g,
    /const\s+\w+\s*=\s*(?:async\s*)?function/g
  ];
-  
+
  let count = 0;
  for (const pattern of patterns) {
    const matches = content.match(pattern);
@@ -87,17 +87,17 @@ function analyzeComplexity(content, filePath, config) {
  const issues = [];
  const monitorConfig = config.complexity_monitor || {};
  const ext = path.extname(filePath).toLowerCase();
-  
+
  // Only analyze JS/TS files
  if (!['.js', '.jsx', '.ts', '.tsx'].includes(ext)) {
    return issues;
  }
-  
+
  const lines = countLines(content);
  const props = countProps(content);
  const nesting = countNestingDepth(content);
  const functions = countFunctions(content);
-  
+
  // Check component size (for tsx/jsx files)
  if (['.tsx', '.jsx'].includes(ext)) {
    if (lines > monitorConfig.max_component_lines) {
@@ -108,7 +108,7 @@ function analyzeComplexity(content, filePath, config) {
        suggestion: 'Consider breaking into smaller components'
      });
    }
-    
+
    if (props > monitorConfig.max_props) {
      issues.push({
        type: 'prop_count',
@@ -118,7 +118,7 @@ function analyzeComplexity(content, filePath, config) {
      });
    }
  }
-  
+
  // Check nesting depth
  if (nesting > monitorConfig.max_nesting_depth) {
    issues.push({
@@ -128,7 +128,7 @@ function analyzeComplexity(content, filePath, config) {
      suggestion: 'Extract nested logic into separate functions'
    });
  }
-  
+
  // Check function count (indicator of file doing too much)
  if (functions > 10) {
    issues.push({
@@ -138,38 +138,38 @@ function analyzeComplexity(content, filePath, config) {
      suggestion: 'Consider splitting into multiple modules'
    });
  }
-  
+
  return issues;
 }

 function formatOutput(issues, filePath) {
  if (issues.length === 0) return '';
-  
+
  const severityIcons = {
    high: '[HIGH]',
    medium: '[MED]',
    low: '[LOW]'
  };
-  
+
  const lines = [`\n=== DSS Complexity Monitor: ${filePath} ===\n`];
-  
+
  for (const issue of issues) {
    const icon = severityIcons[issue.severity] || '[?]';
    lines.push(`${icon} ${issue.message}`);
    lines.push(`    Suggestion: ${issue.suggestion}\n`);
  }
-  
+
  lines.push('='.repeat(50));
  return lines.join('\n');
 }

 async function main() {
  const config = loadConfig();
-  
+
  if (!config.complexity_monitor?.enabled) {
    process.exit(0);
  }
-  
+
  // Read input from stdin
  let inputData;
  try {
@@ -181,34 +181,34 @@ async function main() {
  } catch (e) {
    process.exit(0);
  }
-  
+
  const toolName = inputData.tool_name || '';
  const toolInput = inputData.tool_input || {};
-  
+
  if (!['Edit', 'Write'].includes(toolName)) {
    process.exit(0);
  }
-  
+
  const filePath = toolInput.file_path || '';
  let content = '';
-  
+
  if (toolName === 'Write') {
    content = toolInput.content || '';
  } else if (toolName === 'Edit') {
    content = toolInput.new_string || '';
  }
-  
+
  if (!content || !filePath) {
    process.exit(0);
  }
-  
+
  const issues = analyzeComplexity(content, filePath, config);
-  
+
  if (issues.length > 0) {
    const output = formatOutput(issues, filePath);
    console.error(output);
  }
-  
+
  process.exit(0);
 }