From d4f35a20adc293639d4784bad84d903ca3858a3d Mon Sep 17 00:00:00 2001
From: seonghobae <8172694+seonghobae@users.noreply.github.com>
Date: Tue, 16 Jun 2026 05:09:22 +0000
Subject: [PATCH 1/2] =?UTF-8?q?=E2=9A=A1=20Bolt:=20Use=20set=20for=20sever?=
 =?UTF-8?q?ity=20membership=20check?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .jules/bolt.md         | 6 ++++++
 scanner/cli/vibesec.py | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/.jules/bolt.md b/.jules/bolt.md
index 3708540..071cd44 100644
--- a/.jules/bolt.md
+++ b/.jules/bolt.md
@@ -13,3 +13,9 @@
 ## 2026-06-14 - Deferring Pathlib Operations in Hot Paths
 **Learning:** In highly repetitive loops like file scanners (e.g., iterating through thousands of safe files), preemptively calculating `Path.relative_to()` and sanitizing strings adds significant cumulative overhead. Pathlib operations internally parse paths, check parts, and construct new objects, which is extremely expensive when executed on a per-file basis unconditionally.
 **Action:** Always defer expensive path computations (like converting paths to relative or string sanitization) until *after* the fast-path condition (like a regex match) triggers. This drastically cuts down on unnecessary string operations for clean files.
+
+## 2024-05-18 - Set literal vs Tuple membership check
+
+**Learning:** In Python, using set literals for constant membership checks (e.g., `in {'CRITICAL', 'HIGH'}`) inside loops or comprehensions is highly efficient because CPython optimizes them into `frozenset` constants at compile time, eliminating runtime instantiation overhead. Using `tuple` for these checks performs an `O(n)` linear search, while a `frozenset` performs an `O(1)` hash lookup.
+
+**Action:** Prefer set literals `in {"A", "B"}` over tuples `in ("A", "B")` when performing membership checks against constant items, especially in hot paths or tight loops.
diff --git a/scanner/cli/vibesec.py b/scanner/cli/vibesec.py
index 5fb6e4e..69bd10a 100644
--- a/scanner/cli/vibesec.py
+++ b/scanner/cli/vibesec.py
@@ -419,7 +419,7 @@ def cmd_scan(args):
         findings.extend(file_findings)
 
     _print_scan_results(findings, files_scanned)
-    return 1 if any(f["severity"] in ("CRITICAL", "HIGH") for f in findings) else 0
+    return 1 if any(f["severity"] in {"CRITICAL", "HIGH"} for f in findings) else 0
 
 
 def cmd_hook(args):

From 4b0a88113a16d8ee00f1cd38d54f19d3de3cef6a Mon Sep 17 00:00:00 2001
From: seonghobae <8172694+seonghobae@users.noreply.github.com>
Date: Tue, 16 Jun 2026 05:13:00 +0000
Subject: [PATCH 2/2] =?UTF-8?q?=E2=9A=A1=20Bolt:=20Use=20set=20for=20sever?=
 =?UTF-8?q?ity=20membership=20check?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit