Nishi FamilyCompare › Code Health and Janitor

Nishi vs the Field

Code Health and Janitor — mechanically measured, liar-killed, sovereign.

Nishi vs SonarQube and Semgrep and Knip and Renovate

How this is scored. Every Nishi cell is measured: the generator reads the real organ source on disk and requires the implementing symbol to exist (no self-grading). Competitor cells record documented capability presence. Best=leads this axis, Yes=present, Part=partial, No=absent. This is capability presence, not depth or scale: the majors lead on index size and neural ranking. Nishi's genuine exceeds are the sovereignty / neutrality / determinism axes.
CapabilityNishiSonarQubeSemgrepKnipRenovateNotes
Whole-tree debt walker with 3-way debt classificationYesBestYesPartNoLIVE 2026-07-10: 89742 files walked, genuine_debt=544 verdict GREEN, purity 892 permil (was 7071 on 2026-06-23); classes KILL, MIGRATE, REVIEW; SonarQube is the platform bar for debt dashboards
Unified cleanliness scorecard (debt + collisions + scratch)YesBestNoNoNoLIVE 2026-07-10 gate 5/5: debt=544, shadow_collisions=19, scratch=627 -- one observable, each axis grounded in its own detector
Duplicate and shadow-name detectionYesPartNoPartNoLIVE: 19 shadow collisions (organs that run the WRONG code by name); June resolutions took 22 to 14, five NEW ones crept in since -- the creep the ratchet exists to catch; SonarQube CPD finds copy-paste, not name-shadowing
Dead and orphan artifact detectionYesPartNoBestNoRegistry artifacts referenced by ZERO organs get flagged for reversible quarantine; Knip is the dead-export bar for JS/TS
In-content sovereignty lint (imports + exec targets)YesYesBestNoNoFlags non-sovereign imports and exec-target literals inside source; Semgrep the rule-engine bar
Byte-verified additive migrationYesNoNoNoNoAny non-sov data file to seg_store, BYTE-VERIFIED, original INTACT; peers report problems, none carry a verified data-migration action
Reversible no-delete retirementYesNoNoNoNoREFUSES unless bytes are store-verified; renameat to _retired/, jan_unretire proves reversal; gate 5/5
Multi-axis ratchet with locked floorsYesPartNoNoNoDebt, collisions, scratch each ratchet DOWN and LOCK -- any rise is RED; SonarQube quality gates fail-on-worse is the closest peer idea; floors need re-lock at today's 544/19/627
Scratch and artifact accumulation meterYesNoNoNoNoLIVE: 627 scratch files (was 258 on 2026-06-23 -- 2.4x creep); missing zone reads -1 not 0 (absent is not empty)
Staleness and freshness caretakerYesNoNoNoPartAre surfaces regenerating, is the system alive -- STALE = silent death; Renovate covers the dependency-staleness slice only
Caller and impact analysis before renameYesPartPartPartNoSovereign whole-tree reference search (no timeout on 89k files); powers the checked collision-resolution method that took 22 to 14 with zero functionality lost
Governed autonomous runs (conductor-owned pulses)YesPartNoNoBestRatchet gates registered as warden-owned conductor pulses -- governed, never ad-hoc; Renovate is the bar for fully-scheduled autonomous hygiene
Dependency update automationNoPartNoNoBestRenovate 43.257.2 (released 2026-07-10) is the field bar; sovereign imports are vendored by doctrine but organ-version staleness has no automation
Secrets and credential scanningNoYesPartNoNoThe vault doctrine keeps credentials out of source by convention; nothing SCANS for leaks -- and the ecosystem has had real credential-rotation flags open
SBOM and license complianceNoPartPartNoNolicense_tier tags exist in organ headers; no bill-of-materials or license-audit organ reads them
Security taint-analysis rulesNoBestPartNoNoSonarQube commercial taint analysis leads; Semgrep taint mode partial; we have no vulnerability-pattern rules
Multi-language analysisNoBestYesPartPartPeers analyze 30+ languages; our lint depth is NishiLang-only (the auditor classifies every file type but only by extension)
CI and PR integrationNoYesYesYesBestEvery peer comments on pull requests; our pulses are internal -- no PR surface
IDE integrationNoBestYesNoNoSonarLint in-editor is the bar; we ship none
Automated fix generationNoPartPartPartBestRenovate auto-PRs updates, Semgrep autofix, Knip --fix removes dead exports; our scrub migrates DATA but never patches CODE
Web dashboard UINoBestPartNoPartSonarQube dashboard is the bar; our scorecard is console-only (this /compare page is the first public surface)
LLM-assisted repair and refactoringNoPartPartNoNoSonarQube AI CodeFix class features arriving across the field; connects to our LLM-assisted-compiler-testing radar gap (mom 145)
Never-brick cleaning by construction (additive-only, no delete syscall, reversible)BestNoNoNoNoThe janitor CANNOT destroy: no sys_unlink anywhere in the fleet, byte-verified store before any move, unretire proves reversal, gates 5/5 x4 organs; knip --fix deletes code, Renovate rewrites manifests -- none are reversible-by-construction
Sovereign zero-dependency fleet on own substrateBestPartPartPartPartWhole fleet is NishiLang organs on our own compiler and runtime, offline, zero SaaS, zero phone-home; peers self-host but sit on Java, OCaml or Node stacks and center on cloud services
coverage 583/1000EXCEEDS 2PRESENT 12ABSENT 10
Honest verdict. The Nishi janitor is a REAL, running code-health system with properties the field does not ship: additive-only never-brick cleaning (byte-verified store before any move, reversible unretire, the janitor has NO delete syscall) and locked ratchet floors so cleaned debt cannot silently return. The instruments ran live for this census: genuine debt 544 (down from 7071 on 2026-06-23, purity 892 permil) but shadow collisions crept 14 to 19 and scratch doubled to 627 -- the ratchet floors need conductor-governed re-locking. Against the field it is honestly behind on breadth: no dependency-update automation (Renovate), no secrets scanning, no SBOM or license compliance, no taint-analysis security rules (SonarQube and Semgrep), no CI, PR, or IDE integration, no auto-fix generation, single-substrate only. The climb: wire the detect-clean-ratchet loop autonomous through the conductor, then the security ring (secrets, vuln rules), then integration surfaces.

Generated by nx_swcompare_matrix (sovereign NishiLang organ) from knowledge/compare/janitor.matrix — every Nishi cell verified against real organ source on disk. Zero JS, zero trackers.