78 lines
2.2 KiB
JavaScript
78 lines
2.2 KiB
JavaScript
#!/usr/bin/env node
|
|
|
|
import fs from 'fs'
|
|
import path from 'path'
|
|
import process from 'process'
|
|
|
|
const root = process.cwd()
|
|
const scanRoots = ['src/app/api', 'src/pages/api']
|
|
const allowedPrefixes = []
|
|
const sourceExtensions = new Set(['.ts', '.tsx', '.js', '.jsx', '.mjs', '.cjs'])
|
|
|
|
function fail(title, details = []) {
|
|
console.error(`\n[no-api-direct-llm-call] ${title}`)
|
|
for (const line of details) {
|
|
console.error(` - ${line}`)
|
|
}
|
|
process.exit(1)
|
|
}
|
|
|
|
function toRel(fullPath) {
|
|
return path.relative(root, fullPath).split(path.sep).join('/')
|
|
}
|
|
|
|
function walk(dir, out = []) {
|
|
if (!fs.existsSync(dir)) return out
|
|
const entries = fs.readdirSync(dir, { withFileTypes: true })
|
|
for (const entry of entries) {
|
|
if (entry.name === '.git' || entry.name === '.next' || entry.name === 'node_modules') continue
|
|
const fullPath = path.join(dir, entry.name)
|
|
if (entry.isDirectory()) {
|
|
walk(fullPath, out)
|
|
continue
|
|
}
|
|
const ext = path.extname(entry.name)
|
|
if (sourceExtensions.has(ext)) {
|
|
out.push(fullPath)
|
|
}
|
|
}
|
|
return out
|
|
}
|
|
|
|
function isAllowedFile(relPath) {
|
|
return allowedPrefixes.some((prefix) => relPath.startsWith(prefix))
|
|
}
|
|
|
|
function collectViolations(fullPath) {
|
|
const relPath = toRel(fullPath)
|
|
if (isAllowedFile(relPath)) return []
|
|
|
|
const content = fs.readFileSync(fullPath, 'utf8')
|
|
const lines = content.split('\n')
|
|
const violations = []
|
|
|
|
for (let i = 0; i < lines.length; i += 1) {
|
|
const line = lines[i]
|
|
if (/from\s+['"]@\/lib\/llm-client['"]/.test(line)) {
|
|
violations.push(`${relPath}:${i + 1} forbidden import from '@/lib/llm-client'`)
|
|
}
|
|
if (/\bchatCompletion[A-Za-z0-9_]*\s*\(/.test(line)) {
|
|
violations.push(`${relPath}:${i + 1} forbidden direct chatCompletion* call`)
|
|
}
|
|
if (/\bisInternalTaskExecution\b/.test(line)) {
|
|
violations.push(`${relPath}:${i + 1} forbidden dual-track fallback marker isInternalTaskExecution`)
|
|
}
|
|
}
|
|
|
|
return violations
|
|
}
|
|
|
|
const allFiles = scanRoots.flatMap((scanRoot) => walk(path.join(root, scanRoot)))
|
|
const violations = allFiles.flatMap((fullPath) => collectViolations(fullPath))
|
|
|
|
if (violations.length > 0) {
|
|
fail('Found forbidden direct LLM execution in production API routes', violations)
|
|
}
|
|
|
|
console.log('[no-api-direct-llm-call] OK')
|