test(linter): address code review feedback from ako

- Remove change-detector constant test for MPR008 overlap thresholds
- Add boundary tests for domain-size rule (exactly at and one over threshold)
- Unify nil-reader assertions to check violations != nil consistently

Author: retran

mdl/linter/rules/domain_size_test.go

@@ -78,6 +78,51 @@ func TestDomainModelSizeRule_NonPersistentIgnored(t *testing.T) {
 	}
 }
 
+func TestDomainModelSizeRule_ExactlyAtThreshold(t *testing.T) {
+	var entities [][]any
+	for i := 0; i < DefaultMaxPersistentEntities; i++ {
+		entities = append(entities, []any{
+			fmt.Sprintf("id%d", i), fmt.Sprintf("Entity%d", i),
+			fmt.Sprintf("MyModule.Entity%d", i), "MyModule", "",
+			"PERSISTENT", "", "", 3, 1, 0, 0, 0,
+		})
+	}
+
+	db := setupEntitiesDB(t, entities)
+	defer db.Close()
+
+	ctx := linter.NewLintContextFromDB(db)
+	rule := NewDomainModelSizeRule()
+	violations := rule.Check(ctx)
+
+	if len(violations) != 0 {
+		t.Errorf("expected 0 violations at threshold (%d entities), got %d", DefaultMaxPersistentEntities, len(violations))
+	}
+}
+
+func TestDomainModelSizeRule_OneOverThreshold(t *testing.T) {
+	count := DefaultMaxPersistentEntities + 1
+	var entities [][]any
+	for i := 0; i < count; i++ {
+		entities = append(entities, []any{
+			fmt.Sprintf("id%d", i), fmt.Sprintf("Entity%d", i),
+			fmt.Sprintf("MyModule.Entity%d", i), "MyModule", "",
+			"PERSISTENT", "", "", 3, 1, 0, 0, 0,
+		})
+	}
+
+	db := setupEntitiesDB(t, entities)
+	defer db.Close()
+
+	ctx := linter.NewLintContextFromDB(db)
+	rule := NewDomainModelSizeRule()
+	violations := rule.Check(ctx)
+
+	if len(violations) != 1 {
+		t.Fatalf("expected 1 violation at %d entities, got %d", count, len(violations))
+	}
+}
+
 func TestDomainModelSizeRule_Metadata(t *testing.T) {
 	r := NewDomainModelSizeRule()
 	if r.ID() != "MPR003" {

mdl/linter/rules/mpr008_overlapping_activities_test.go

@@ -36,21 +36,7 @@ func TestOverlappingActivitiesRule_Metadata(t *testing.T) {
 	}
 }
 
-// NOTE: The full Check() logic for overlapping activities requires ctx.Reader().GetMicroflow()
-// which needs a real *mpr.Reader. This rule currently lacks end-to-end coverage;
-// behavioral testing requires a real .mpr project. Here we verify constants used for
-// overlap threshold.
-
-func TestOverlappingActivities_Constants(t *testing.T) {
-	if activityBoxWidth != 120 {
-		t.Errorf("activityBoxWidth = %d, want 120", activityBoxWidth)
-	}
-	if activityBoxHeight != 60 {
-		t.Errorf("activityBoxHeight = %d, want 60", activityBoxHeight)
-	}
-}
-
-// Test the walker function indirectly: the Check method calls an inline collect function
-// that processes ActionActivity, LoopedActivity, ExclusiveSplit, and ExclusiveMerge.
-// Since collect is defined inline in Check(), we can only test it end-to-end via a real reader.
-// For unit coverage, we verify the nil-reader guard and metadata above.
+// The Check() method walks microflow positions via ctx.Reader().GetMicroflow() and detects
+// overlapping activities using pairwise distance checks against internal heuristic constants
+// (activityBoxWidth, activityBoxHeight). Since the collect function is defined inline in
+// Check(), behavioral testing requires a real *mpr.Reader with positioned activities.

mdl/linter/rules/security_test.go

@@ -94,28 +94,20 @@ func TestWeakPasswordPolicyRule_NilReader(t *testing.T) {
 	rule := NewWeakPasswordPolicyRule()
 	violations := rule.Check(ctx)
 
-	if len(violations) != 0 {
-		t.Errorf("expected 0 violations with nil reader, got %d", len(violations))
+	if violations != nil {
+		t.Errorf("expected nil with nil reader, got %v", violations)
 	}
 }
 
-func TestWeakPasswordPolicyRule_Metadata(t *testing.T) {
-	r := NewWeakPasswordPolicyRule()
-	if r.ID() != "SEC002" {
-		t.Errorf("ID = %q, want SEC002", r.ID())
-	}
-	if r.Category() != "security" {
-		t.Errorf("Category = %q, want security", r.Category())
-	}
-}
+// SEC003: Demo users still active in production
+// Without a real MPR file, we can only test the nil-reader early return and metadata.
 
 func TestDemoUsersActiveRule_NilReader(t *testing.T) {
+	r := NewDemoUsersActiveRule()
 	ctx := linter.NewLintContextFromDB(nil)
-	rule := NewDemoUsersActiveRule()
-	violations := rule.Check(ctx)
-
-	if len(violations) != 0 {
-		t.Errorf("expected 0 violations with nil reader, got %d", len(violations))
+	violations := r.Check(ctx)
+	if violations != nil {
+		t.Errorf("expected nil with nil reader, got %v", violations)
 	}
 }