@darrenjcoxon/vibeguard 1.0.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 Kompass Education
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,58 @@
+# Vibeguard 🛡️
+
+Scan your code for security issues. Get a `FIXES.md` file. Give it to Claude Code or Cursor to fix everything.
+
+## Install
+
+```bash
+npm install -g @darrenjcoxon/vibeguard
+```
+
+That's it. Vibeguard automatically installs Semgrep and Gitleaks on first run.
+
+## Use
+
+```bash
+cd your-project
+vibeguard
+```
+
+This will:
+1. Auto-install any missing scanning tools
+2. Scan for security vulnerabilities, secrets, bad dependencies, code quality issues
+3. Create `FIXES.md` in your project
+4. Tell your AI agent: *"Fix all the issues in FIXES.md"*
+
+## What It Finds
+
+| Scanner | Issues |
+|---------|--------|
+| **Semgrep** | SQL injection, XSS, command injection, path traversal |
+| **Gitleaks** | API keys, passwords, tokens, secrets |
+| **npm audit** | Vulnerable dependencies |
+| **ESLint** | Code quality issues |
+| **Complexity** | Complex code, TODOs, debug statements |
+
+## Commands
+
+```bash
+vibeguard                     # Scan current directory
+vibeguard /path/to/project    # Scan specific path
+vibeguard setup               # Manually install scanning tools
+vibeguard check               # Check which tools are installed
+vibeguard --no-fixes          # Skip FIXES.md generation
+vibeguard --ci                # CI mode: exit 1 on high/critical issues
+```
+
+## CI/CD
+
+```yaml
+# GitHub Actions
+- run: |
+    npm install -g @darrenjcoxon/vibeguard
+    vibeguard --ci
+```
+
+## License
+
+MIT

package/dist/agent-report.d.ts

@@ -0,0 +1,36 @@
+/**
+ * Agent Report Generator
+ *
+ * Generates markdown reports optimized for AI coding agents (Claude Code, Cursor, etc.)
+ * to automatically fix security and quality issues
+ */
+import { ScanReport, SeverityLevel } from './types.js';
+export interface AgentReportOptions {
+    outputPath?: string;
+    includeSnippets?: boolean;
+    maxFindings?: number;
+    groupByFile?: boolean;
+    prioritySeverities?: SeverityLevel[];
+}
+export declare class AgentReportGenerator {
+    /**
+     * Generate an agent-friendly markdown report
+     */
+    generate(report: ScanReport, options?: AgentReportOptions): string;
+    /**
+     * Generate and save the report
+     */
+    generateAndSave(report: ScanReport, outputPath: string, options?: AgentReportOptions): string;
+    private generateHeader;
+    private generateQuickStats;
+    private generateInstructions;
+    private generateFindingsByFile;
+    private generateFindingsList;
+    private formatFinding;
+    private getSeverityEmoji;
+    private getFixExample;
+    private generateChecklist;
+    private generateFooter;
+}
+export default AgentReportGenerator;
+//# sourceMappingURL=agent-report.d.ts.map

package/dist/agent-report.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"agent-report.d.ts","sourceRoot":"","sources":["../src/agent-report.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,UAAU,EAAW,aAAa,EAAE,MAAM,YAAY,CAAC;AAGhE,MAAM,WAAW,kBAAkB;IACjC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,kBAAkB,CAAC,EAAE,aAAa,EAAE,CAAC;CACtC;AAED,qBAAa,oBAAoB;IAE/B;;OAEG;IACH,QAAQ,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,GAAE,kBAAuB,GAAG,MAAM;IA6BtE;;OAEG;IACH,eAAe,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,GAAE,kBAAuB,GAAG,MAAM;IAMjG,OAAO,CAAC,cAAc;IAetB,OAAO,CAAC,kBAAkB;IAkB1B,OAAO,CAAC,oBAAoB;IA0B5B,OAAO,CAAC,sBAAsB;IA4B9B,OAAO,CAAC,oBAAoB;IAU5B,OAAO,CAAC,aAAa;IAuDrB,OAAO,CAAC,gBAAgB;IAWxB,OAAO,CAAC,aAAa;IAqGrB,OAAO,CAAC,iBAAiB;IAsCzB,OAAO,CAAC,cAAc;CAwBvB;AAED,eAAe,oBAAoB,CAAC"}

package/dist/agent-report.js

@@ -0,0 +1,329 @@
+/**
+ * Agent Report Generator
+ *
+ * Generates markdown reports optimized for AI coding agents (Claude Code, Cursor, etc.)
+ * to automatically fix security and quality issues
+ */
+import { writeFileSync } from 'fs';
+export class AgentReportGenerator {
+    /**
+     * Generate an agent-friendly markdown report
+     */
+    generate(report, options = {}) {
+        const { includeSnippets = true, maxFindings = 50, groupByFile = true, prioritySeverities = ['critical', 'high', 'medium'] } = options;
+        // Filter to priority findings
+        const priorityFindings = report.findings
+            .filter(f => prioritySeverities.includes(f.severity))
+            .slice(0, maxFindings);
+        let md = this.generateHeader(report);
+        md += this.generateQuickStats(report);
+        md += this.generateInstructions();
+        if (groupByFile) {
+            md += this.generateFindingsByFile(priorityFindings, includeSnippets);
+        }
+        else {
+            md += this.generateFindingsList(priorityFindings, includeSnippets);
+        }
+        md += this.generateChecklist(priorityFindings);
+        md += this.generateFooter(report);
+        return md;
+    }
+    /**
+     * Generate and save the report
+     */
+    generateAndSave(report, outputPath, options = {}) {
+        const markdown = this.generate(report, options);
+        writeFileSync(outputPath, markdown, 'utf-8');
+        return outputPath;
+    }
+    generateHeader(report) {
+        return `# 🔧 Code Fixes Required
+
+> **This report is designed for AI coding agents (Claude Code, Cursor, Copilot, etc.)**
+> Copy this entire file and ask your AI agent to fix these issues.
+
+**Project:** \`${report.target.path}\`  
+**Scanned:** ${new Date(report.timestamp).toLocaleString()}  
+**Quality Gate:** ${report.summary.passesQualityGate ? '✅ PASSED' : '❌ FAILED'}
+
+---
+
+`;
+    }
+    generateQuickStats(report) {
+        const { summary } = report;
+        return `## 📊 Summary
+
+| Severity | Count | Action |
+|----------|-------|--------|
+| 🔴 Critical | ${summary.bySeverity['critical'] || 0} | **Fix immediately** |
+| 🟠 High | ${summary.bySeverity['high'] || 0} | **Fix before merge** |
+| 🟡 Medium | ${summary.bySeverity['medium'] || 0} | Fix when possible |
+| 🔵 Low | ${summary.bySeverity['low'] || 0} | Consider fixing |
+
+**Total issues to fix:** ${(summary.bySeverity['critical'] || 0) + (summary.bySeverity['high'] || 0) + (summary.bySeverity['medium'] || 0)}
+
+---
+
+`;
+    }
+    generateInstructions() {
+        return `## 🤖 Instructions for AI Agent
+
+Please fix the issues listed below. For each issue:
+
+1. **Read** the description and understand the vulnerability/problem
+2. **Locate** the file and line number specified
+3. **Apply** the suggested fix or implement a secure alternative
+4. **Verify** the fix doesn't break existing functionality
+
+### Priority Order
+Fix issues in this order: Critical → High → Medium
+
+### General Guidelines
+- **SQL Injection**: Use parameterized queries or prepared statements
+- **XSS**: Sanitize/escape user input, use template engines with auto-escaping
+- **Command Injection**: Avoid \`exec()\` with user input, use safe APIs
+- **Path Traversal**: Validate and sanitize file paths, use allowlists
+- **Hardcoded Secrets**: Move to environment variables or secret managers
+- **Eval Usage**: Replace with safer alternatives like \`JSON.parse()\`
+
+---
+
+`;
+    }
+    generateFindingsByFile(findings, includeSnippets) {
+        // Group findings by file
+        const byFile = new Map();
+        for (const finding of findings) {
+            const file = finding.file;
+            if (!byFile.has(file)) {
+                byFile.set(file, []);
+            }
+            byFile.get(file).push(finding);
+        }
+        let md = `## 🔍 Issues by File\n\n`;
+        for (const [file, fileFindings] of byFile) {
+            // Sort by line number within file
+            fileFindings.sort((a, b) => (a.line || 0) - (b.line || 0));
+            md += `### 📄 \`${file}\`\n\n`;
+            for (const finding of fileFindings) {
+                md += this.formatFinding(finding, includeSnippets);
+            }
+        }
+        return md;
+    }
+    generateFindingsList(findings, includeSnippets) {
+        let md = `## 🔍 All Issues\n\n`;
+        for (const finding of findings) {
+            md += this.formatFinding(finding, includeSnippets);
+        }
+        return md;
+    }
+    formatFinding(finding, includeSnippets) {
+        const severityEmoji = this.getSeverityEmoji(finding.severity);
+        const lineInfo = finding.line ? `:${finding.line}` : '';
+        let md = `#### ${severityEmoji} ${finding.title}
+
+**Location:** \`${finding.file}${lineInfo}\`  
+**Severity:** ${finding.severity.toUpperCase()}  
+**Category:** ${finding.category}  
+`;
+        if (finding.cwe) {
+            md += `**CWE:** ${finding.cwe}  \n`;
+        }
+        md += `
+**Problem:**  
+${finding.description}
+
+`;
+        if (finding.snippet && includeSnippets) {
+            md += `**Current Code:**
+\`\`\`javascript
+${finding.snippet}
+\`\`\`
+
+`;
+        }
+        if (finding.suggestion) {
+            md += `**Fix:**  
+${finding.suggestion}
+
+`;
+        }
+        // Add specific fix examples for common issues
+        const fixExample = this.getFixExample(finding);
+        if (fixExample) {
+            md += `**Example Fix:**
+\`\`\`javascript
+${fixExample}
+\`\`\`
+
+`;
+        }
+        md += `---
+
+`;
+        return md;
+    }
+    getSeverityEmoji(severity) {
+        const emojis = {
+            critical: '🔴',
+            high: '🟠',
+            medium: '🟡',
+            low: '🔵',
+            info: 'ℹ️'
+        };
+        return emojis[severity];
+    }
+    getFixExample(finding) {
+        const ruleId = finding.ruleId?.toLowerCase() || '';
+        const title = finding.title.toLowerCase();
+        // SQL Injection
+        if (ruleId.includes('sql') || title.includes('sql-injection')) {
+            return `// Instead of string concatenation:
+// const query = "SELECT * FROM users WHERE id = " + userId;
+
+// Use parameterized queries:
+const query = "SELECT * FROM users WHERE id = ?";
+db.query(query, [userId]);`;
+        }
+        // Command Injection
+        if (ruleId.includes('child-process') || ruleId.includes('command')) {
+            return `// Instead of:
+// exec("ls " + userInput);
+
+// Use execFile with arguments array:
+const { execFile } = require('child_process');
+execFile('ls', [sanitizedPath], (err, stdout) => {
+  console.log(stdout);
+});`;
+        }
+        // XSS
+        if (ruleId.includes('xss') || title.includes('xss') || ruleId.includes('raw-html')) {
+            return `// Instead of:
+// res.send(\`<h1>Results for: \${query}</h1>\`);
+
+// Use a template engine with auto-escaping, or sanitize:
+const sanitizeHtml = require('sanitize-html');
+const safeQuery = sanitizeHtml(query);
+res.send(\`<h1>Results for: \${safeQuery}</h1>\`);
+
+// Or better, use res.render() with a template engine`;
+        }
+        // Path Traversal
+        if (ruleId.includes('path-traversal') || ruleId.includes('sendfile')) {
+            return `// Instead of:
+// const filePath = path.join('/var/www/files', filename);
+
+// Validate the resolved path stays within allowed directory:
+const path = require('path');
+const baseDir = '/var/www/files';
+const filePath = path.join(baseDir, filename);
+const resolvedPath = path.resolve(filePath);
+
+if (!resolvedPath.startsWith(baseDir)) {
+  return res.status(403).send('Access denied');
+}
+res.sendFile(resolvedPath);`;
+        }
+        // Eval
+        if (ruleId.includes('eval') || title.includes('eval')) {
+            return `// Instead of:
+// eval(userCode);
+
+// For JSON parsing:
+const data = JSON.parse(jsonString);
+
+// For dynamic property access:
+const value = obj[propertyName];
+
+// For math expressions, use a safe parser:
+const mathjs = require('mathjs');
+const result = mathjs.evaluate(expression);`;
+        }
+        // Hardcoded secrets
+        if (finding.category === 'secret' || ruleId.includes('secret') || ruleId.includes('password')) {
+            return `// Instead of:
+// const API_KEY = "sk-1234567890";
+
+// Use environment variables:
+const API_KEY = process.env.API_KEY;
+
+// Or use a secrets manager:
+const { SecretManagerServiceClient } = require('@google-cloud/secret-manager');`;
+        }
+        // CSRF
+        if (ruleId.includes('csrf') || ruleId.includes('csurf')) {
+            return `// Add CSRF protection middleware:
+const csrf = require('csurf');
+const csrfProtection = csrf({ cookie: true });
+
+app.use(csrfProtection);
+
+// Include token in forms:
+app.get('/form', (req, res) => {
+  res.render('form', { csrfToken: req.csrfToken() });
+});`;
+        }
+        return null;
+    }
+    generateChecklist(findings) {
+        let md = `## ✅ Fix Checklist
+
+Use this checklist to track your progress:
+
+`;
+        const critical = findings.filter(f => f.severity === 'critical');
+        const high = findings.filter(f => f.severity === 'high');
+        const medium = findings.filter(f => f.severity === 'medium');
+        if (critical.length > 0) {
+            md += `### Critical (Must Fix)\n`;
+            for (const f of critical) {
+                md += `- [ ] ${f.title} in \`${f.file}${f.line ? `:${f.line}` : ''}\`\n`;
+            }
+            md += '\n';
+        }
+        if (high.length > 0) {
+            md += `### High Priority\n`;
+            for (const f of high) {
+                md += `- [ ] ${f.title} in \`${f.file}${f.line ? `:${f.line}` : ''}\`\n`;
+            }
+            md += '\n';
+        }
+        if (medium.length > 0) {
+            md += `### Medium Priority\n`;
+            for (const f of medium) {
+                md += `- [ ] ${f.title} in \`${f.file}${f.line ? `:${f.line}` : ''}\`\n`;
+            }
+            md += '\n';
+        }
+        return md;
+    }
+    generateFooter(report) {
+        return `---
+
+## 🔄 After Fixing
+
+Once you've fixed the issues:
+
+1. **Run the scan again** to verify fixes:
+   \`\`\`bash
+   vibeguard scan ${report.target.path}
+   \`\`\`
+
+2. **Commit your changes** with a descriptive message:
+   \`\`\`bash
+   git commit -m "fix: resolve security vulnerabilities from Vibeguard scan"
+   \`\`\`
+
+3. **Review the changes** to ensure no functionality was broken
+
+---
+
+*Generated by [Vibeguard](https://github.com/kompass-edu/vibeguard) - AI-powered code security scanner*
+`;
+    }
+}
+export default AgentReportGenerator;
+//# sourceMappingURL=agent-report.js.map

package/dist/agent-report.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"agent-report.js","sourceRoot":"","sources":["../src/agent-report.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,aAAa,EAAE,MAAM,IAAI,CAAC;AAUnC,MAAM,OAAO,oBAAoB;IAE/B;;OAEG;IACH,QAAQ,CAAC,MAAkB,EAAE,UAA8B,EAAE;QAC3D,MAAM,EACJ,eAAe,GAAG,IAAI,EACtB,WAAW,GAAG,EAAE,EAChB,WAAW,GAAG,IAAI,EAClB,kBAAkB,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,CAAC,EACpD,GAAG,OAAO,CAAC;QAEZ,8BAA8B;QAC9B,MAAM,gBAAgB,GAAG,MAAM,CAAC,QAAQ;aACrC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,kBAAkB,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;aACpD,KAAK,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;QAEzB,IAAI,EAAE,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QACrC,EAAE,IAAI,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACtC,EAAE,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAElC,IAAI,WAAW,EAAE,CAAC;YAChB,EAAE,IAAI,IAAI,CAAC,sBAAsB,CAAC,gBAAgB,EAAE,eAAe,CAAC,CAAC;QACvE,CAAC;aAAM,CAAC;YACN,EAAE,IAAI,IAAI,CAAC,oBAAoB,CAAC,gBAAgB,EAAE,eAAe,CAAC,CAAC;QACrE,CAAC;QAED,EAAE,IAAI,IAAI,CAAC,iBAAiB,CAAC,gBAAgB,CAAC,CAAC;QAC/C,EAAE,IAAI,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;QAElC,OAAO,EAAE,CAAC;IACZ,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,MAAkB,EAAE,UAAkB,EAAE,UAA8B,EAAE;QACtF,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAChD,aAAa,CAAC,UAAU,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC7C,OAAO,UAAU,CAAC;IACpB,CAAC;IAEO,cAAc,CAAC,MAAkB;QACvC,OAAO;;;;;iBAKM,MAAM,CAAC,MAAM,CAAC,IAAI;eACpB,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,cAAc,EAAE;oBACtC,MAAM,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,UAAU;;;;CAI7E,CAAC;IACA,CAAC;IAEO,kBAAkB,CAAC,MAAkB;QAC3C,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC;QAC3B,OAAO;;;;kBAIO,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC;cACvC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC;gBAC7B,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC;aACpC,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC;;2BAEhB,CAAC,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;;;;CAIzI,CAAC;IACA,CAAC;IAEO,oBAAoB;QAC1B,OAAO;;;;;;;;;;;;;;;;;;;;;;CAsBV,CAAC;IACA,CAAC;IAEO,sBAAsB,CAAC,QAAmB,EAAE,eAAwB;QAC1E,yBAAyB;QACzB,MAAM,MAAM,GAAG,IAAI,GAAG,EAAqB,CAAC;QAE5C,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;YAC1B,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBACtB,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YACvB,CAAC;YACD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAClC,CAAC;QAED,IAAI,EAAE,GAAG,0BAA0B,CAAC;QAEpC,KAAK,MAAM,CAAC,IAAI,EAAE,YAAY,CAAC,IAAI,MAAM,EAAE,CAAC;YAC1C,kCAAkC;YAClC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;YAE3D,EAAE,IAAI,YAAY,IAAI,QAAQ,CAAC;YAE/B,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;gBACnC,EAAE,IAAI,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;YACrD,CAAC;QACH,CAAC;QAED,OAAO,EAAE,CAAC;IACZ,CAAC;IAEO,oBAAoB,CAAC,QAAmB,EAAE,eAAwB;QACxE,IAAI,EAAE,GAAG,sBAAsB,CAAC;QAEhC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,EAAE,IAAI,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;QACrD,CAAC;QAED,OAAO,EAAE,CAAC;IACZ,CAAC;IAEO,aAAa,CAAC,OAAgB,EAAE,eAAwB;QAC9D,MAAM,aAAa,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9D,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAExD,IAAI,EAAE,GAAG,QAAQ,aAAa,IAAI,OAAO,CAAC,KAAK;;kBAEjC,OAAO,CAAC,IAAI,GAAG,QAAQ;gBACzB,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE;gBAC9B,OAAO,CAAC,QAAQ;CAC/B,CAAC;QAEE,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;YAChB,EAAE,IAAI,YAAY,OAAO,CAAC,GAAG,MAAM,CAAC;QACtC,CAAC;QAED,EAAE,IAAI;;EAER,OAAO,CAAC,WAAW;;CAEpB,CAAC;QAEE,IAAI,OAAO,CAAC,OAAO,IAAI,eAAe,EAAE,CAAC;YACvC,EAAE,IAAI;;EAEV,OAAO,CAAC,OAAO;;;CAGhB,CAAC;QACE,CAAC;QAED,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;YACvB,EAAE,IAAI;EACV,OAAO,CAAC,UAAU;;CAEnB,CAAC;QACE,CAAC;QAED,8CAA8C;QAC9C,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAC/C,IAAI,UAAU,EAAE,CAAC;YACf,EAAE,IAAI;;EAEV,UAAU;;;CAGX,CAAC;QACE,CAAC;QAED,EAAE,IAAI;;CAET,CAAC;QAEE,OAAO,EAAE,CAAC;IACZ,CAAC;IAEO,gBAAgB,CAAC,QAAuB;QAC9C,MAAM,MAAM,GAAkC;YAC5C,QAAQ,EAAE,IAAI;YACd,IAAI,EAAE,IAAI;YACV,MAAM,EAAE,IAAI;YACZ,GAAG,EAAE,IAAI;YACT,IAAI,EAAE,IAAI;SACX,CAAC;QACF,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC;IAC1B,CAAC;IAEO,aAAa,CAAC,OAAgB;QACpC,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,CAAC;QACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;QAE1C,gBAAgB;QAChB,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;YAC9D,OAAO;;;;;2BAKc,CAAC;QACxB,CAAC;QAED,oBAAoB;QACpB,IAAI,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YACnE,OAAO;;;;;;;IAOT,CAAC;QACD,CAAC;QAED,MAAM;QACN,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YACnF,OAAO;;;;;;;;sDAQyC,CAAC;QACnD,CAAC;QAED,iBAAiB;QACjB,IAAI,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YACrE,OAAO;;;;;;;;;;;;4BAYe,CAAC;QACzB,CAAC;QAED,OAAO;QACP,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YACtD,OAAO;;;;;;;;;;;4CAW+B,CAAC;QACzC,CAAC;QAED,oBAAoB;QACpB,IAAI,OAAO,CAAC,QAAQ,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YAC9F,OAAO;;;;;;;gFAOmE,CAAC;QAC7E,CAAC;QAED,OAAO;QACP,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YACxD,OAAO;;;;;;;;;IAST,CAAC;QACD,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,iBAAiB,CAAC,QAAmB;QAC3C,IAAI,EAAE,GAAG;;;;CAIZ,CAAC;QAEE,MAAM,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QACjE,MAAM,IAAI,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;QACzD,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;QAE7D,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,EAAE,IAAI,2BAA2B,CAAC;YAClC,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;gBACzB,EAAE,IAAI,SAAS,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,MAAM,CAAC;YAC3E,CAAC;YACD,EAAE,IAAI,IAAI,CAAC;QACb,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpB,EAAE,IAAI,qBAAqB,CAAC;YAC5B,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;gBACrB,EAAE,IAAI,SAAS,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,MAAM,CAAC;YAC3E,CAAC;YACD,EAAE,IAAI,IAAI,CAAC;QACb,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtB,EAAE,IAAI,uBAAuB,CAAC;YAC9B,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;gBACvB,EAAE,IAAI,SAAS,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,MAAM,CAAC;YAC3E,CAAC;YACD,EAAE,IAAI,IAAI,CAAC;QACb,CAAC;QAED,OAAO,EAAE,CAAC;IACZ,CAAC;IAEO,cAAc,CAAC,MAAkB;QACvC,OAAO;;;;;;;;oBAQS,MAAM,CAAC,MAAM,CAAC,IAAI;;;;;;;;;;;;;CAarC,CAAC;IACA,CAAC;CACF;AAED,eAAe,oBAAoB,CAAC"}

package/dist/ai-summary.d.ts

@@ -0,0 +1,55 @@
+/**
+ * AI Summary Generator
+ *
+ * Uses Claude to generate intelligent summaries and recommendations
+ */
+import { ScanReport } from './types.js';
+export interface AISummaryConfig {
+    apiKey?: string;
+    model?: string;
+    maxTokens?: number;
+}
+export declare class AISummaryGenerator {
+    private client;
+    private model;
+    private maxTokens;
+    constructor(config?: AISummaryConfig);
+    /**
+     * Check if AI summarization is available
+     */
+    isAvailable(): boolean;
+    /**
+     * Generate an AI summary of the scan report
+     */
+    generateSummary(report: ScanReport): Promise<string>;
+    /**
+     * Generate AI recommendations for fixing issues
+     */
+    generateRecommendations(report: ScanReport): Promise<string[]>;
+    /**
+     * Generate a PR comment summary
+     */
+    generatePRComment(report: ScanReport): Promise<string>;
+    /**
+     * Build the summary prompt
+     */
+    private buildSummaryPrompt;
+    /**
+     * Build the recommendations prompt
+     */
+    private buildRecommendationsPrompt;
+    /**
+     * Build the PR comment prompt
+     */
+    private buildPRCommentPrompt;
+    /**
+     * Summarize findings for prompts
+     */
+    private summarizeFindings;
+    /**
+     * Generate a fallback PR comment without AI
+     */
+    private generateFallbackPRComment;
+}
+export default AISummaryGenerator;
+//# sourceMappingURL=ai-summary.d.ts.map

package/dist/ai-summary.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ai-summary.d.ts","sourceRoot":"","sources":["../src/ai-summary.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAE,UAAU,EAAW,MAAM,YAAY,CAAC;AAEjD,MAAM,WAAW,eAAe;IAC9B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,qBAAa,kBAAkB;IAC7B,OAAO,CAAC,MAAM,CAA0B;IACxC,OAAO,CAAC,KAAK,CAAS;IACtB,OAAO,CAAC,SAAS,CAAS;gBAEd,MAAM,GAAE,eAAoB;IAWxC;;OAEG;IACH,WAAW,IAAI,OAAO;IAItB;;OAEG;IACG,eAAe,CAAC,MAAM,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC;IA4B1D;;OAEG;IACG,uBAAuB,CAAC,MAAM,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;IAkCpE;;OAEG;IACG,iBAAiB,CAAC,MAAM,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC;IA2B5D;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAmC1B;;OAEG;IACH,OAAO,CAAC,0BAA0B;IA0BlC;;OAEG;IACH,OAAO,CAAC,oBAAoB;IA2B5B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IASzB;;OAEG;IACH,OAAO,CAAC,yBAAyB;CAwDlC;AAED,eAAe,kBAAkB,CAAC"}