@delegance/claude-autopilot 5.0.0 → 5.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/presets/go/rules/go-sql-injection.d.ts +4 -0
- package/dist/presets/nextjs-supabase/rules/supabase-rls-bypass.d.ts +4 -0
- package/dist/presets/python-fastapi/rules/fastapi-missing-auth.d.ts +4 -0
- package/dist/presets/rails-postgres/rules/rails-sql-injection.d.ts +4 -0
- package/dist/presets/t3/rules/t3-server-only.d.ts +4 -0
- package/dist/src/adapters/base.d.ts +11 -0
- package/dist/src/adapters/council/claude.d.ts +3 -0
- package/dist/src/adapters/council/openai.d.ts +3 -0
- package/dist/src/adapters/council/types.d.ts +5 -0
- package/dist/src/adapters/loader.d.ts +11 -0
- package/dist/src/adapters/migration-runner/supabase.d.ts +4 -0
- package/dist/src/adapters/migration-runner/types.d.ts +31 -0
- package/dist/src/adapters/review-bot-parser/cursor.d.ts +3 -0
- package/dist/src/adapters/review-bot-parser/declarative-base.d.ts +13 -0
- package/{src/adapters/review-bot-parser/types.ts → dist/src/adapters/review-bot-parser/types.d.ts} +4 -4
- package/dist/src/adapters/review-engine/auto.d.ts +4 -0
- package/dist/src/adapters/review-engine/claude.d.ts +4 -0
- package/dist/src/adapters/review-engine/codex.d.ts +4 -0
- package/dist/src/adapters/review-engine/gemini.d.ts +4 -0
- package/dist/src/adapters/review-engine/openai-compatible.d.ts +4 -0
- package/dist/src/adapters/review-engine/parse-output.d.ts +13 -0
- package/dist/src/adapters/review-engine/prompt-builder.d.ts +4 -0
- package/dist/src/adapters/review-engine/types.d.ts +28 -0
- package/dist/src/adapters/vcs-host/commit-status.d.ts +12 -0
- package/dist/src/adapters/vcs-host/github.d.ts +4 -0
- package/dist/src/adapters/vcs-host/types.d.ts +42 -0
- package/{src/cli/_pkg-root.ts → dist/src/cli/_pkg-root.d.ts} +4 -42
- package/dist/src/cli/autoregress-bridge.d.ts +3 -0
- package/dist/src/cli/baseline.d.ts +7 -0
- package/dist/src/cli/ci.d.ts +23 -0
- package/dist/src/cli/costs.d.ts +2 -0
- package/dist/src/cli/council.d.ts +8 -0
- package/dist/src/cli/detector.d.ts +8 -0
- package/dist/src/cli/explain.d.ts +8 -0
- package/dist/src/cli/fix.d.ts +10 -0
- package/dist/src/cli/hook.d.ts +9 -0
- package/dist/src/cli/ignore-helper.d.ts +7 -0
- package/dist/src/cli/index.d.ts +3 -0
- package/dist/src/cli/index.js +39 -1
- package/dist/src/cli/lsp.d.ts +29 -0
- package/dist/src/cli/mcp.d.ts +5 -0
- package/dist/src/cli/migrate-v4.d.ts +28 -0
- package/dist/src/cli/pr-comment.d.ts +13 -0
- package/dist/src/cli/pr-desc.d.ts +31 -0
- package/dist/src/cli/pr-review-comments.d.ts +12 -0
- package/dist/src/cli/pr.d.ts +9 -0
- package/dist/src/cli/preflight.d.ts +8 -0
- package/dist/src/cli/preflight.js +17 -4
- package/dist/src/cli/report.d.ts +7 -0
- package/dist/src/cli/run.d.ts +23 -0
- package/dist/src/cli/scan.d.ts +11 -0
- package/dist/src/cli/setup.d.ts +9 -0
- package/dist/src/cli/test-gen.d.ts +10 -0
- package/dist/src/cli/triage.d.ts +5 -0
- package/dist/src/cli/watch.d.ts +18 -0
- package/dist/src/cli/worker.d.ts +5 -0
- package/dist/src/core/cache/cached-engine.d.ts +8 -0
- package/dist/src/core/cache/review-cache.d.ts +21 -0
- package/dist/src/core/chunking/index.d.ts +18 -0
- package/dist/src/core/chunking/risk-ranker.d.ts +10 -0
- package/dist/src/core/config/loader.d.ts +3 -0
- package/dist/src/core/config/preset-resolver.d.ts +9 -0
- package/dist/src/core/config/schema.d.ts +342 -0
- package/dist/src/core/config/types.d.ts +115 -0
- package/dist/src/core/council/config.d.ts +3 -0
- package/dist/src/core/council/context.d.ts +2 -0
- package/dist/src/core/council/runner.d.ts +4 -0
- package/dist/src/core/council/types.d.ts +36 -0
- package/dist/src/core/detect/git-context.d.ts +12 -0
- package/dist/src/core/detect/llm-key.d.ts +38 -0
- package/dist/src/core/detect/protected-paths.d.ts +6 -0
- package/dist/src/core/detect/provider-usage.d.ts +17 -0
- package/dist/src/core/detect/stack.d.ts +6 -0
- package/dist/src/core/detect/workspaces.d.ts +11 -0
- package/dist/src/core/errors.d.ts +17 -0
- package/dist/src/core/findings/dedup.d.ts +4 -0
- package/dist/src/core/findings/types.d.ts +33 -0
- package/dist/src/core/fix/generator.d.ts +17 -0
- package/dist/src/core/git/diff-hunks.d.ts +22 -0
- package/dist/src/core/git/touched-files.d.ts +11 -0
- package/dist/src/core/ignore/index.d.ts +11 -0
- package/dist/src/core/index.d.ts +2 -0
- package/dist/src/core/logging/ndjson-writer.d.ts +16 -0
- package/dist/src/core/logging/redaction.d.ts +4 -0
- package/dist/src/core/mcp/concurrency.d.ts +2 -0
- package/dist/src/core/mcp/handlers/fix-finding.d.ts +17 -0
- package/dist/src/core/mcp/handlers/get-capabilities.d.ts +14 -0
- package/dist/src/core/mcp/handlers/get-findings.d.ts +13 -0
- package/dist/src/core/mcp/handlers/review-diff.d.ts +18 -0
- package/dist/src/core/mcp/handlers/scan-files.d.ts +15 -0
- package/dist/src/core/mcp/handlers/validate-fix.d.ts +12 -0
- package/dist/src/core/mcp/run-store.d.ts +12 -0
- package/dist/src/core/mcp/workspace.d.ts +3 -0
- package/dist/src/core/persist/baseline.d.ts +39 -0
- package/dist/src/core/persist/cost-log.d.ts +11 -0
- package/dist/src/core/persist/findings-cache.d.ts +9 -0
- package/dist/src/core/persist/triage.d.ts +30 -0
- package/dist/src/core/phases/static-rules.d.ts +24 -0
- package/dist/src/core/phases/tests.d.ts +15 -0
- package/dist/src/core/pipeline/review-phase.d.ts +27 -0
- package/dist/src/core/pipeline/run.d.ts +27 -0
- package/dist/src/core/runtime/idempotency.d.ts +2 -0
- package/dist/src/core/runtime/lock.d.ts +5 -0
- package/dist/src/core/runtime/state.d.ts +39 -0
- package/dist/src/core/schema-alignment/detector.d.ts +3 -0
- package/dist/src/core/schema-alignment/extractor/index.d.ts +3 -0
- package/dist/src/core/schema-alignment/extractor/prisma.d.ts +3 -0
- package/dist/src/core/schema-alignment/extractor/sql.d.ts +3 -0
- package/dist/src/core/schema-alignment/llm-check.d.ts +4 -0
- package/dist/src/core/schema-alignment/scanner.d.ts +3 -0
- package/dist/src/core/schema-alignment/types.d.ts +38 -0
- package/dist/src/core/shell.d.ts +15 -0
- package/dist/src/core/static-rules/registry.d.ts +5 -0
- package/dist/src/core/static-rules/rules/brand-tokens.d.ts +3 -0
- package/dist/src/core/static-rules/rules/console-log.d.ts +3 -0
- package/dist/src/core/static-rules/rules/hardcoded-secrets.d.ts +3 -0
- package/dist/src/core/static-rules/rules/insecure-redirect.d.ts +3 -0
- package/dist/src/core/static-rules/rules/large-file.d.ts +3 -0
- package/dist/src/core/static-rules/rules/missing-auth.d.ts +3 -0
- package/dist/src/core/static-rules/rules/missing-tests.d.ts +3 -0
- package/dist/src/core/static-rules/rules/npm-audit.d.ts +3 -0
- package/dist/src/core/static-rules/rules/package-lock-sync.d.ts +3 -0
- package/dist/src/core/static-rules/rules/schema-alignment.d.ts +3 -0
- package/dist/src/core/static-rules/rules/sql-injection.d.ts +3 -0
- package/dist/src/core/static-rules/rules/ssrf.d.ts +3 -0
- package/dist/src/core/static-rules/rules/todo-fixme.d.ts +3 -0
- package/dist/src/core/static-rules/tailwind-extractor.d.ts +7 -0
- package/dist/src/core/test-gen/coverage-analyzer.d.ts +7 -0
- package/dist/src/core/test-gen/framework-detector.d.ts +3 -0
- package/dist/src/core/test-gen/test-writer.d.ts +4 -0
- package/dist/src/core/ui/design-context-loader.d.ts +7 -0
- package/dist/src/core/worker/client.d.ts +23 -0
- package/dist/src/core/worker/lockfile.d.ts +12 -0
- package/dist/src/core/worker/server.d.ts +17 -0
- package/dist/src/formatters/github-annotations.d.ts +5 -0
- package/{src/formatters/index.ts → dist/src/formatters/index.d.ts} +1 -0
- package/dist/src/formatters/junit.d.ts +5 -0
- package/dist/src/formatters/sarif.d.ts +56 -0
- package/{src/index.ts → dist/src/index.d.ts} +1 -0
- package/package.json +7 -6
- package/dist/presets/go/rules/go-sql-injection.js.map +0 -1
- package/dist/presets/nextjs-supabase/rules/supabase-rls-bypass.js.map +0 -1
- package/dist/presets/python-fastapi/rules/fastapi-missing-auth.js.map +0 -1
- package/dist/presets/rails-postgres/rules/rails-sql-injection.js.map +0 -1
- package/dist/presets/t3/rules/t3-server-only.js.map +0 -1
- package/dist/src/adapters/base.js.map +0 -1
- package/dist/src/adapters/council/claude.js.map +0 -1
- package/dist/src/adapters/council/openai.js.map +0 -1
- package/dist/src/adapters/council/types.js.map +0 -1
- package/dist/src/adapters/loader.js.map +0 -1
- package/dist/src/adapters/migration-runner/supabase.js.map +0 -1
- package/dist/src/adapters/migration-runner/types.js.map +0 -1
- package/dist/src/adapters/review-bot-parser/cursor.js.map +0 -1
- package/dist/src/adapters/review-bot-parser/declarative-base.js.map +0 -1
- package/dist/src/adapters/review-bot-parser/types.js.map +0 -1
- package/dist/src/adapters/review-engine/auto.js.map +0 -1
- package/dist/src/adapters/review-engine/claude.js.map +0 -1
- package/dist/src/adapters/review-engine/codex.js.map +0 -1
- package/dist/src/adapters/review-engine/gemini.js.map +0 -1
- package/dist/src/adapters/review-engine/openai-compatible.js.map +0 -1
- package/dist/src/adapters/review-engine/parse-output.js.map +0 -1
- package/dist/src/adapters/review-engine/prompt-builder.js.map +0 -1
- package/dist/src/adapters/review-engine/types.js.map +0 -1
- package/dist/src/adapters/vcs-host/commit-status.js.map +0 -1
- package/dist/src/adapters/vcs-host/github.js.map +0 -1
- package/dist/src/adapters/vcs-host/types.js.map +0 -1
- package/dist/src/cli/_pkg-root.js.map +0 -1
- package/dist/src/cli/autoregress-bridge.js.map +0 -1
- package/dist/src/cli/baseline.js.map +0 -1
- package/dist/src/cli/ci.js.map +0 -1
- package/dist/src/cli/costs.js.map +0 -1
- package/dist/src/cli/council.js.map +0 -1
- package/dist/src/cli/detector.js.map +0 -1
- package/dist/src/cli/explain.js.map +0 -1
- package/dist/src/cli/fix.js.map +0 -1
- package/dist/src/cli/hook.js.map +0 -1
- package/dist/src/cli/ignore-helper.js.map +0 -1
- package/dist/src/cli/index.js.map +0 -1
- package/dist/src/cli/lsp.js.map +0 -1
- package/dist/src/cli/mcp.js.map +0 -1
- package/dist/src/cli/migrate-v4.js.map +0 -1
- package/dist/src/cli/pr-comment.js.map +0 -1
- package/dist/src/cli/pr-desc.js.map +0 -1
- package/dist/src/cli/pr-review-comments.js.map +0 -1
- package/dist/src/cli/pr.js.map +0 -1
- package/dist/src/cli/preflight.js.map +0 -1
- package/dist/src/cli/report.js.map +0 -1
- package/dist/src/cli/run.js.map +0 -1
- package/dist/src/cli/scan.js.map +0 -1
- package/dist/src/cli/setup.js.map +0 -1
- package/dist/src/cli/test-gen.js.map +0 -1
- package/dist/src/cli/triage.js.map +0 -1
- package/dist/src/cli/watch.js.map +0 -1
- package/dist/src/cli/worker.js.map +0 -1
- package/dist/src/core/cache/cached-engine.js.map +0 -1
- package/dist/src/core/cache/review-cache.js.map +0 -1
- package/dist/src/core/chunking/index.js.map +0 -1
- package/dist/src/core/chunking/risk-ranker.js.map +0 -1
- package/dist/src/core/config/loader.js.map +0 -1
- package/dist/src/core/config/preset-resolver.js.map +0 -1
- package/dist/src/core/config/schema.js.map +0 -1
- package/dist/src/core/config/types.js.map +0 -1
- package/dist/src/core/council/config.js.map +0 -1
- package/dist/src/core/council/context.js.map +0 -1
- package/dist/src/core/council/runner.js.map +0 -1
- package/dist/src/core/council/types.js.map +0 -1
- package/dist/src/core/detect/git-context.js.map +0 -1
- package/dist/src/core/detect/llm-key.js.map +0 -1
- package/dist/src/core/detect/protected-paths.js.map +0 -1
- package/dist/src/core/detect/provider-usage.js.map +0 -1
- package/dist/src/core/detect/stack.js.map +0 -1
- package/dist/src/core/detect/workspaces.js.map +0 -1
- package/dist/src/core/errors.js.map +0 -1
- package/dist/src/core/findings/dedup.js.map +0 -1
- package/dist/src/core/findings/types.js.map +0 -1
- package/dist/src/core/fix/generator.js.map +0 -1
- package/dist/src/core/git/diff-hunks.js.map +0 -1
- package/dist/src/core/git/touched-files.js.map +0 -1
- package/dist/src/core/ignore/index.js.map +0 -1
- package/dist/src/core/index.js.map +0 -1
- package/dist/src/core/logging/ndjson-writer.js.map +0 -1
- package/dist/src/core/logging/redaction.js.map +0 -1
- package/dist/src/core/mcp/concurrency.js.map +0 -1
- package/dist/src/core/mcp/handlers/fix-finding.js.map +0 -1
- package/dist/src/core/mcp/handlers/get-capabilities.js.map +0 -1
- package/dist/src/core/mcp/handlers/get-findings.js.map +0 -1
- package/dist/src/core/mcp/handlers/review-diff.js.map +0 -1
- package/dist/src/core/mcp/handlers/scan-files.js.map +0 -1
- package/dist/src/core/mcp/handlers/validate-fix.js.map +0 -1
- package/dist/src/core/mcp/run-store.js.map +0 -1
- package/dist/src/core/mcp/workspace.js.map +0 -1
- package/dist/src/core/persist/baseline.js.map +0 -1
- package/dist/src/core/persist/cost-log.js.map +0 -1
- package/dist/src/core/persist/findings-cache.js.map +0 -1
- package/dist/src/core/persist/triage.js.map +0 -1
- package/dist/src/core/phases/static-rules.js.map +0 -1
- package/dist/src/core/phases/tests.js.map +0 -1
- package/dist/src/core/pipeline/review-phase.js.map +0 -1
- package/dist/src/core/pipeline/run.js.map +0 -1
- package/dist/src/core/runtime/idempotency.js.map +0 -1
- package/dist/src/core/runtime/lock.js.map +0 -1
- package/dist/src/core/runtime/state.js.map +0 -1
- package/dist/src/core/schema-alignment/detector.js.map +0 -1
- package/dist/src/core/schema-alignment/extractor/index.js.map +0 -1
- package/dist/src/core/schema-alignment/extractor/prisma.js.map +0 -1
- package/dist/src/core/schema-alignment/extractor/sql.js.map +0 -1
- package/dist/src/core/schema-alignment/llm-check.js.map +0 -1
- package/dist/src/core/schema-alignment/scanner.js.map +0 -1
- package/dist/src/core/schema-alignment/types.js.map +0 -1
- package/dist/src/core/shell.js.map +0 -1
- package/dist/src/core/static-rules/registry.js.map +0 -1
- package/dist/src/core/static-rules/rules/brand-tokens.js.map +0 -1
- package/dist/src/core/static-rules/rules/console-log.js.map +0 -1
- package/dist/src/core/static-rules/rules/hardcoded-secrets.js.map +0 -1
- package/dist/src/core/static-rules/rules/insecure-redirect.js.map +0 -1
- package/dist/src/core/static-rules/rules/large-file.js.map +0 -1
- package/dist/src/core/static-rules/rules/missing-auth.js.map +0 -1
- package/dist/src/core/static-rules/rules/missing-tests.js.map +0 -1
- package/dist/src/core/static-rules/rules/npm-audit.js.map +0 -1
- package/dist/src/core/static-rules/rules/package-lock-sync.js.map +0 -1
- package/dist/src/core/static-rules/rules/schema-alignment.js.map +0 -1
- package/dist/src/core/static-rules/rules/sql-injection.js.map +0 -1
- package/dist/src/core/static-rules/rules/ssrf.js.map +0 -1
- package/dist/src/core/static-rules/rules/todo-fixme.js.map +0 -1
- package/dist/src/core/static-rules/tailwind-extractor.js.map +0 -1
- package/dist/src/core/test-gen/coverage-analyzer.js.map +0 -1
- package/dist/src/core/test-gen/framework-detector.js.map +0 -1
- package/dist/src/core/test-gen/test-writer.js.map +0 -1
- package/dist/src/core/ui/design-context-loader.js.map +0 -1
- package/dist/src/core/worker/client.js.map +0 -1
- package/dist/src/core/worker/lockfile.js.map +0 -1
- package/dist/src/core/worker/server.js.map +0 -1
- package/dist/src/formatters/github-annotations.js.map +0 -1
- package/dist/src/formatters/index.js.map +0 -1
- package/dist/src/formatters/junit.js.map +0 -1
- package/dist/src/formatters/sarif.js.map +0 -1
- package/dist/src/index.js.map +0 -1
- package/src/adapters/base.ts +0 -19
- package/src/adapters/council/claude.ts +0 -41
- package/src/adapters/council/openai.ts +0 -40
- package/src/adapters/council/types.ts +0 -7
- package/src/adapters/loader.ts +0 -108
- package/src/adapters/migration-runner/supabase.ts +0 -56
- package/src/adapters/migration-runner/types.ts +0 -36
- package/src/adapters/review-bot-parser/cursor.ts +0 -13
- package/src/adapters/review-bot-parser/declarative-base.ts +0 -64
- package/src/adapters/review-engine/auto.ts +0 -94
- package/src/adapters/review-engine/claude.ts +0 -100
- package/src/adapters/review-engine/codex.ts +0 -82
- package/src/adapters/review-engine/gemini.ts +0 -105
- package/src/adapters/review-engine/openai-compatible.ts +0 -100
- package/src/adapters/review-engine/parse-output.ts +0 -74
- package/src/adapters/review-engine/prompt-builder.ts +0 -19
- package/src/adapters/review-engine/types.ts +0 -19
- package/src/adapters/vcs-host/commit-status.ts +0 -39
- package/src/adapters/vcs-host/github.ts +0 -77
- package/src/adapters/vcs-host/types.ts +0 -44
- package/src/cli/autoregress-bridge.ts +0 -30
- package/src/cli/baseline.ts +0 -125
- package/src/cli/ci.ts +0 -45
- package/src/cli/costs.ts +0 -80
- package/src/cli/council.ts +0 -96
- package/src/cli/detector.ts +0 -92
- package/src/cli/explain.ts +0 -197
- package/src/cli/fix.ts +0 -249
- package/src/cli/hook.ts +0 -124
- package/src/cli/ignore-helper.ts +0 -116
- package/src/cli/index.ts +0 -612
- package/src/cli/lsp.ts +0 -200
- package/src/cli/mcp.ts +0 -206
- package/src/cli/migrate-v4.ts +0 -388
- package/src/cli/pr-comment.ts +0 -139
- package/src/cli/pr-desc.ts +0 -168
- package/src/cli/pr-review-comments.ts +0 -92
- package/src/cli/pr.ts +0 -76
- package/src/cli/preflight.ts +0 -235
- package/src/cli/report.ts +0 -186
- package/src/cli/run.ts +0 -425
- package/src/cli/scan.ts +0 -233
- package/src/cli/setup.ts +0 -191
- package/src/cli/test-gen.ts +0 -125
- package/src/cli/triage.ts +0 -137
- package/src/cli/watch.ts +0 -190
- package/src/cli/worker.ts +0 -109
- package/src/core/.gitkeep +0 -0
- package/src/core/cache/cached-engine.ts +0 -32
- package/src/core/cache/review-cache.ts +0 -70
- package/src/core/chunking/index.ts +0 -113
- package/src/core/chunking/risk-ranker.ts +0 -56
- package/src/core/config/loader.ts +0 -53
- package/src/core/config/preset-resolver.ts +0 -46
- package/src/core/config/schema.ts +0 -181
- package/src/core/config/types.ts +0 -98
- package/src/core/council/config.ts +0 -71
- package/src/core/council/context.ts +0 -17
- package/src/core/council/runner.ts +0 -83
- package/src/core/council/types.ts +0 -45
- package/src/core/detect/git-context.ts +0 -27
- package/src/core/detect/llm-key.ts +0 -89
- package/src/core/detect/protected-paths.ts +0 -63
- package/src/core/detect/provider-usage.ts +0 -74
- package/src/core/detect/stack.ts +0 -153
- package/src/core/detect/workspaces.ts +0 -103
- package/src/core/errors.ts +0 -37
- package/src/core/findings/dedup.ts +0 -14
- package/src/core/findings/types.ts +0 -39
- package/src/core/fix/generator.ts +0 -149
- package/src/core/git/diff-hunks.ts +0 -86
- package/src/core/git/touched-files.ts +0 -73
- package/src/core/ignore/index.ts +0 -54
- package/src/core/index.ts +0 -1
- package/src/core/logging/ndjson-writer.ts +0 -37
- package/src/core/logging/redaction.ts +0 -19
- package/src/core/mcp/concurrency.ts +0 -16
- package/src/core/mcp/handlers/fix-finding.ts +0 -126
- package/src/core/mcp/handlers/get-capabilities.ts +0 -62
- package/src/core/mcp/handlers/get-findings.ts +0 -36
- package/src/core/mcp/handlers/review-diff.ts +0 -65
- package/src/core/mcp/handlers/scan-files.ts +0 -65
- package/src/core/mcp/handlers/validate-fix.ts +0 -41
- package/src/core/mcp/run-store.ts +0 -85
- package/src/core/mcp/workspace.ts +0 -35
- package/src/core/persist/baseline.ts +0 -112
- package/src/core/persist/cost-log.ts +0 -30
- package/src/core/persist/findings-cache.ts +0 -43
- package/src/core/persist/triage.ts +0 -112
- package/src/core/phases/static-rules.ts +0 -93
- package/src/core/phases/tests.ts +0 -51
- package/src/core/pipeline/review-phase.ts +0 -182
- package/src/core/pipeline/run.ts +0 -116
- package/src/core/runtime/idempotency.ts +0 -6
- package/src/core/runtime/lock.ts +0 -29
- package/src/core/runtime/state.ts +0 -97
- package/src/core/schema-alignment/detector.ts +0 -59
- package/src/core/schema-alignment/extractor/index.ts +0 -24
- package/src/core/schema-alignment/extractor/prisma.ts +0 -21
- package/src/core/schema-alignment/extractor/sql.ts +0 -99
- package/src/core/schema-alignment/llm-check.ts +0 -91
- package/src/core/schema-alignment/scanner.ts +0 -107
- package/src/core/schema-alignment/types.ts +0 -43
- package/src/core/shell.ts +0 -48
- package/src/core/static-rules/registry.ts +0 -59
- package/src/core/static-rules/rules/brand-tokens.ts +0 -145
- package/src/core/static-rules/rules/console-log.ts +0 -42
- package/src/core/static-rules/rules/hardcoded-secrets.ts +0 -83
- package/src/core/static-rules/rules/insecure-redirect.ts +0 -67
- package/src/core/static-rules/rules/large-file.ts +0 -37
- package/src/core/static-rules/rules/missing-auth.ts +0 -70
- package/src/core/static-rules/rules/missing-tests.ts +0 -57
- package/src/core/static-rules/rules/npm-audit.ts +0 -38
- package/src/core/static-rules/rules/package-lock-sync.ts +0 -54
- package/src/core/static-rules/rules/schema-alignment.ts +0 -132
- package/src/core/static-rules/rules/sql-injection.ts +0 -71
- package/src/core/static-rules/rules/ssrf.ts +0 -63
- package/src/core/static-rules/rules/todo-fixme.ts +0 -40
- package/src/core/static-rules/tailwind-extractor.ts +0 -38
- package/src/core/test-gen/coverage-analyzer.ts +0 -93
- package/src/core/test-gen/framework-detector.ts +0 -21
- package/src/core/test-gen/test-writer.ts +0 -33
- package/src/core/ui/design-context-loader.ts +0 -87
- package/src/core/worker/client.ts +0 -46
- package/src/core/worker/lockfile.ts +0 -38
- package/src/core/worker/server.ts +0 -81
- package/src/formatters/github-annotations.ts +0 -36
- package/src/formatters/junit.ts +0 -52
- package/src/formatters/sarif.ts +0 -103
|
@@ -1,46 +0,0 @@
|
|
|
1
|
-
import type { Finding } from '../findings/types.ts';
|
|
2
|
-
import type { GuardrailConfig } from '../config/types.ts';
|
|
3
|
-
import type { WorkerLock } from './lockfile.ts';
|
|
4
|
-
|
|
5
|
-
export interface WorkerReviewRequest {
|
|
6
|
-
files: string[];
|
|
7
|
-
config: GuardrailConfig;
|
|
8
|
-
}
|
|
9
|
-
|
|
10
|
-
export interface WorkerReviewResponse {
|
|
11
|
-
findings: Finding[];
|
|
12
|
-
usage?: { costUSD: number };
|
|
13
|
-
}
|
|
14
|
-
|
|
15
|
-
export async function dispatchToWorker(
|
|
16
|
-
lock: WorkerLock,
|
|
17
|
-
req: WorkerReviewRequest,
|
|
18
|
-
): Promise<WorkerReviewResponse> {
|
|
19
|
-
const url = `http://127.0.0.1:${lock.port}/review`;
|
|
20
|
-
const res = await fetch(url, {
|
|
21
|
-
method: 'POST',
|
|
22
|
-
headers: { 'Content-Type': 'application/json' },
|
|
23
|
-
body: JSON.stringify(req),
|
|
24
|
-
signal: AbortSignal.timeout(120_000),
|
|
25
|
-
});
|
|
26
|
-
if (!res.ok) throw new Error(`Worker returned ${res.status}: ${await res.text()}`);
|
|
27
|
-
return res.json() as Promise<WorkerReviewResponse>;
|
|
28
|
-
}
|
|
29
|
-
|
|
30
|
-
export async function getWorkerStatus(lock: WorkerLock): Promise<{
|
|
31
|
-
pid: number; port: number; jobsProcessed: number; queueDepth: number; uptimeMs: number;
|
|
32
|
-
}> {
|
|
33
|
-
const url = `http://127.0.0.1:${lock.port}/status`;
|
|
34
|
-
const res = await fetch(url, { signal: AbortSignal.timeout(5_000) });
|
|
35
|
-
if (!res.ok) throw new Error(`Worker status returned ${res.status}`);
|
|
36
|
-
return res.json() as Promise<{ pid: number; port: number; jobsProcessed: number; queueDepth: number; uptimeMs: number }>;
|
|
37
|
-
}
|
|
38
|
-
|
|
39
|
-
export async function stopWorker(lock: WorkerLock): Promise<void> {
|
|
40
|
-
try {
|
|
41
|
-
await fetch(`http://127.0.0.1:${lock.port}/stop`, {
|
|
42
|
-
method: 'POST',
|
|
43
|
-
signal: AbortSignal.timeout(5_000),
|
|
44
|
-
});
|
|
45
|
-
} catch { /* worker may have already exited */ }
|
|
46
|
-
}
|
|
@@ -1,38 +0,0 @@
|
|
|
1
|
-
import * as fs from 'node:fs';
|
|
2
|
-
import * as path from 'node:path';
|
|
3
|
-
|
|
4
|
-
export interface WorkerLock {
|
|
5
|
-
pid: number;
|
|
6
|
-
port: number;
|
|
7
|
-
startedAt: string;
|
|
8
|
-
}
|
|
9
|
-
|
|
10
|
-
const LOCK_FILE = '.guardrail-cache/worker.lock';
|
|
11
|
-
|
|
12
|
-
export function lockfilePath(cwd: string): string {
|
|
13
|
-
return path.join(cwd, LOCK_FILE);
|
|
14
|
-
}
|
|
15
|
-
|
|
16
|
-
export function readLock(cwd: string): WorkerLock | null {
|
|
17
|
-
const p = lockfilePath(cwd);
|
|
18
|
-
if (!fs.existsSync(p)) return null;
|
|
19
|
-
try { return JSON.parse(fs.readFileSync(p, 'utf8')) as WorkerLock; }
|
|
20
|
-
catch { return null; }
|
|
21
|
-
}
|
|
22
|
-
|
|
23
|
-
export function writeLock(cwd: string, lock: WorkerLock): void {
|
|
24
|
-
const dir = path.join(cwd, '.guardrail-cache');
|
|
25
|
-
fs.mkdirSync(dir, { recursive: true });
|
|
26
|
-
fs.writeFileSync(lockfilePath(cwd), JSON.stringify(lock, null, 2), 'utf8');
|
|
27
|
-
}
|
|
28
|
-
|
|
29
|
-
export function deleteLock(cwd: string): void {
|
|
30
|
-
const p = lockfilePath(cwd);
|
|
31
|
-
if (fs.existsSync(p)) fs.unlinkSync(p);
|
|
32
|
-
}
|
|
33
|
-
|
|
34
|
-
/** Returns true if the PID in the lock is currently alive. */
|
|
35
|
-
export function isWorkerAlive(lock: WorkerLock): boolean {
|
|
36
|
-
try { process.kill(lock.pid, 0); return true; }
|
|
37
|
-
catch { return false; }
|
|
38
|
-
}
|
|
@@ -1,81 +0,0 @@
|
|
|
1
|
-
import * as http from 'node:http';
|
|
2
|
-
import * as net from 'node:net';
|
|
3
|
-
import type { GuardrailConfig } from '../config/types.ts';
|
|
4
|
-
import type { Finding } from '../findings/types.ts';
|
|
5
|
-
|
|
6
|
-
export interface WorkerServerOptions {
|
|
7
|
-
cwd: string;
|
|
8
|
-
onReview: (files: string[], config: GuardrailConfig) => Promise<{ findings: Finding[]; usage?: { costUSD: number } }>;
|
|
9
|
-
}
|
|
10
|
-
|
|
11
|
-
export interface WorkerServer {
|
|
12
|
-
port: number;
|
|
13
|
-
close(): Promise<void>;
|
|
14
|
-
}
|
|
15
|
-
|
|
16
|
-
async function getRandomPort(): Promise<number> {
|
|
17
|
-
return new Promise((resolve, reject) => {
|
|
18
|
-
const srv = net.createServer();
|
|
19
|
-
srv.listen(0, '127.0.0.1', () => {
|
|
20
|
-
const addr = srv.address() as net.AddressInfo;
|
|
21
|
-
srv.close(() => resolve(addr.port));
|
|
22
|
-
});
|
|
23
|
-
srv.on('error', reject);
|
|
24
|
-
});
|
|
25
|
-
}
|
|
26
|
-
|
|
27
|
-
export async function startWorkerServer(opts: WorkerServerOptions): Promise<WorkerServer> {
|
|
28
|
-
const port = await getRandomPort();
|
|
29
|
-
let jobsProcessed = 0;
|
|
30
|
-
const startedAt = Date.now();
|
|
31
|
-
|
|
32
|
-
const server = http.createServer(async (req, res) => {
|
|
33
|
-
if (req.method === 'GET' && req.url === '/status') {
|
|
34
|
-
res.writeHead(200, { 'Content-Type': 'application/json' });
|
|
35
|
-
res.end(JSON.stringify({
|
|
36
|
-
pid: process.pid, port, jobsProcessed,
|
|
37
|
-
queueDepth: 0,
|
|
38
|
-
uptimeMs: Date.now() - startedAt,
|
|
39
|
-
}));
|
|
40
|
-
return;
|
|
41
|
-
}
|
|
42
|
-
|
|
43
|
-
if (req.method === 'POST' && req.url === '/stop') {
|
|
44
|
-
res.writeHead(200);
|
|
45
|
-
res.end('{"ok":true}');
|
|
46
|
-
setImmediate(() => server.close());
|
|
47
|
-
return;
|
|
48
|
-
}
|
|
49
|
-
|
|
50
|
-
if (req.method === 'POST' && req.url === '/review') {
|
|
51
|
-
let body = '';
|
|
52
|
-
req.on('data', (chunk: Buffer) => { body += chunk.toString(); });
|
|
53
|
-
req.on('end', async () => {
|
|
54
|
-
try {
|
|
55
|
-
const { files, config } = JSON.parse(body) as { files: string[]; config: GuardrailConfig };
|
|
56
|
-
const result = await opts.onReview(files, config);
|
|
57
|
-
jobsProcessed++;
|
|
58
|
-
res.writeHead(200, { 'Content-Type': 'application/json' });
|
|
59
|
-
res.end(JSON.stringify(result));
|
|
60
|
-
} catch (err) {
|
|
61
|
-
res.writeHead(500, { 'Content-Type': 'application/json' });
|
|
62
|
-
res.end(JSON.stringify({ error: String(err) }));
|
|
63
|
-
}
|
|
64
|
-
});
|
|
65
|
-
return;
|
|
66
|
-
}
|
|
67
|
-
|
|
68
|
-
res.writeHead(404);
|
|
69
|
-
res.end('Not found');
|
|
70
|
-
});
|
|
71
|
-
|
|
72
|
-
await new Promise<void>((resolve, reject) => {
|
|
73
|
-
server.listen(port, '127.0.0.1', () => resolve());
|
|
74
|
-
server.on('error', reject);
|
|
75
|
-
});
|
|
76
|
-
|
|
77
|
-
return {
|
|
78
|
-
port,
|
|
79
|
-
close: () => new Promise<void>(resolve => server.close(() => resolve())),
|
|
80
|
-
};
|
|
81
|
-
}
|
|
@@ -1,36 +0,0 @@
|
|
|
1
|
-
import type { Finding } from '../core/findings/types.ts';
|
|
2
|
-
|
|
3
|
-
export function encodeAnnotationProperty(s: string): string {
|
|
4
|
-
return s
|
|
5
|
-
.replace(/%/g, '%25')
|
|
6
|
-
.replace(/\r/g, '%0D')
|
|
7
|
-
.replace(/\n/g, '%0A')
|
|
8
|
-
.replace(/:/g, '%3A')
|
|
9
|
-
.replace(/,/g, '%2C');
|
|
10
|
-
}
|
|
11
|
-
|
|
12
|
-
export function encodeAnnotationData(s: string): string {
|
|
13
|
-
return s
|
|
14
|
-
.replace(/%/g, '%25')
|
|
15
|
-
.replace(/\r/g, '%0D')
|
|
16
|
-
.replace(/\n/g, '%0A');
|
|
17
|
-
}
|
|
18
|
-
|
|
19
|
-
function severityToCommand(s: Finding['severity']): 'error' | 'warning' | 'notice' {
|
|
20
|
-
if (s === 'critical') return 'error';
|
|
21
|
-
if (s === 'warning') return 'warning';
|
|
22
|
-
return 'notice';
|
|
23
|
-
}
|
|
24
|
-
|
|
25
|
-
export function emitAnnotations(findings: Finding[]): void {
|
|
26
|
-
if (process.env.GITHUB_ACTIONS !== 'true') return;
|
|
27
|
-
for (const f of findings) {
|
|
28
|
-
const cmd = severityToCommand(f.severity);
|
|
29
|
-
const props: string[] = [`file=${encodeAnnotationProperty(f.file)}`];
|
|
30
|
-
if (f.line !== undefined) {
|
|
31
|
-
props.push(`line=${f.line}`, `endLine=${f.line}`);
|
|
32
|
-
}
|
|
33
|
-
props.push(`title=${encodeAnnotationProperty(f.category)}`);
|
|
34
|
-
process.stdout.write(`::${cmd} ${props.join(',')}::${encodeAnnotationData(f.message)}\n`);
|
|
35
|
-
}
|
|
36
|
-
}
|
package/src/formatters/junit.ts
DELETED
|
@@ -1,52 +0,0 @@
|
|
|
1
|
-
import type { RunResult } from '../core/pipeline/run.ts';
|
|
2
|
-
|
|
3
|
-
function escapeXml(s: string): string {
|
|
4
|
-
return s
|
|
5
|
-
.replace(/&/g, '&')
|
|
6
|
-
.replace(/</g, '<')
|
|
7
|
-
.replace(/>/g, '>')
|
|
8
|
-
.replace(/"/g, '"')
|
|
9
|
-
.replace(/'/g, ''');
|
|
10
|
-
}
|
|
11
|
-
|
|
12
|
-
export function toJUnit(result: RunResult, opts: { suiteName?: string } = {}): string {
|
|
13
|
-
const name = opts.suiteName ?? 'guardrail';
|
|
14
|
-
const findings = result.allFindings;
|
|
15
|
-
const failures = findings.filter(f => f.severity === 'critical').length;
|
|
16
|
-
const total = findings.length;
|
|
17
|
-
const time = (result.durationMs / 1000).toFixed(3);
|
|
18
|
-
|
|
19
|
-
const lines: string[] = [
|
|
20
|
-
'<?xml version="1.0" encoding="UTF-8"?>',
|
|
21
|
-
`<testsuites name="${escapeXml(name)}" tests="${total}" failures="${failures}" time="${time}">`,
|
|
22
|
-
` <testsuite name="${escapeXml(name)}" tests="${total}" failures="${failures}" errors="0" time="${time}">`,
|
|
23
|
-
];
|
|
24
|
-
|
|
25
|
-
if (findings.length === 0) {
|
|
26
|
-
lines.push(` <testcase name="no findings" classname="${escapeXml(name)}" />`);
|
|
27
|
-
}
|
|
28
|
-
|
|
29
|
-
for (const f of findings) {
|
|
30
|
-
const loc = f.line ? `${f.file}:${f.line}` : f.file;
|
|
31
|
-
const testName = escapeXml(`[${f.severity.toUpperCase()}] ${f.category} — ${loc}`);
|
|
32
|
-
const classname = escapeXml(f.file.replace(/\//g, '.').replace(/\.[tj]sx?$/, ''));
|
|
33
|
-
const body = escapeXml(f.message + (f.suggestion ? `\n${f.suggestion}` : ''));
|
|
34
|
-
|
|
35
|
-
if (f.severity === 'critical') {
|
|
36
|
-
lines.push(
|
|
37
|
-
` <testcase name="${testName}" classname="${classname}">`,
|
|
38
|
-
` <failure type="${escapeXml(f.category)}" message="${escapeXml(f.message)}">${body}</failure>`,
|
|
39
|
-
` </testcase>`,
|
|
40
|
-
);
|
|
41
|
-
} else {
|
|
42
|
-
lines.push(
|
|
43
|
-
` <testcase name="${testName}" classname="${classname}">`,
|
|
44
|
-
` <system-out>${body}</system-out>`,
|
|
45
|
-
` </testcase>`,
|
|
46
|
-
);
|
|
47
|
-
}
|
|
48
|
-
}
|
|
49
|
-
|
|
50
|
-
lines.push(' </testsuite>', '</testsuites>');
|
|
51
|
-
return lines.join('\n');
|
|
52
|
-
}
|
package/src/formatters/sarif.ts
DELETED
|
@@ -1,103 +0,0 @@
|
|
|
1
|
-
import * as path from 'node:path';
|
|
2
|
-
import type { RunResult } from '../core/pipeline/run.ts';
|
|
3
|
-
import type { Finding } from '../core/findings/types.ts';
|
|
4
|
-
|
|
5
|
-
interface SarifLog {
|
|
6
|
-
$schema: string;
|
|
7
|
-
version: '2.1.0';
|
|
8
|
-
runs: SarifRun[];
|
|
9
|
-
}
|
|
10
|
-
interface SarifRun {
|
|
11
|
-
tool: { driver: SarifDriver };
|
|
12
|
-
results: SarifResult[];
|
|
13
|
-
}
|
|
14
|
-
interface SarifDriver {
|
|
15
|
-
name: string;
|
|
16
|
-
version: string;
|
|
17
|
-
informationUri: string;
|
|
18
|
-
rules: SarifRule[];
|
|
19
|
-
}
|
|
20
|
-
interface SarifRule {
|
|
21
|
-
id: string;
|
|
22
|
-
name: string;
|
|
23
|
-
shortDescription: { text: string };
|
|
24
|
-
}
|
|
25
|
-
interface SarifResult {
|
|
26
|
-
ruleId: string;
|
|
27
|
-
level: 'error' | 'warning' | 'note';
|
|
28
|
-
message: { text: string };
|
|
29
|
-
locations: SarifLocation[];
|
|
30
|
-
fixes?: Array<{ description: { text: string } }>;
|
|
31
|
-
}
|
|
32
|
-
interface SarifLocation {
|
|
33
|
-
physicalLocation: {
|
|
34
|
-
artifactLocation: { uri: string; uriBaseId: string };
|
|
35
|
-
region?: { startLine: number };
|
|
36
|
-
};
|
|
37
|
-
}
|
|
38
|
-
|
|
39
|
-
export type { SarifLog };
|
|
40
|
-
|
|
41
|
-
export function normalizeSarifUri(file: string, cwd: string): string {
|
|
42
|
-
let rel = path.isAbsolute(file) ? path.relative(cwd, file) : file;
|
|
43
|
-
rel = rel.replace(/\\/g, '/');
|
|
44
|
-
if (rel.startsWith('./')) rel = rel.slice(2);
|
|
45
|
-
if (rel.startsWith('../')) rel = file.replace(/\\/g, '/');
|
|
46
|
-
return rel;
|
|
47
|
-
}
|
|
48
|
-
|
|
49
|
-
function severityToLevel(s: Finding['severity']): 'error' | 'warning' | 'note' {
|
|
50
|
-
if (s === 'critical') return 'error';
|
|
51
|
-
if (s === 'warning') return 'warning';
|
|
52
|
-
return 'note';
|
|
53
|
-
}
|
|
54
|
-
|
|
55
|
-
export function toSarif(
|
|
56
|
-
result: RunResult,
|
|
57
|
-
opts: { toolVersion: string; cwd?: string },
|
|
58
|
-
): SarifLog {
|
|
59
|
-
const cwd = opts.cwd ?? process.cwd();
|
|
60
|
-
|
|
61
|
-
const rulesMap = new Map<string, SarifRule>();
|
|
62
|
-
for (const f of result.allFindings) {
|
|
63
|
-
if (!rulesMap.has(f.category)) {
|
|
64
|
-
rulesMap.set(f.category, {
|
|
65
|
-
id: f.category,
|
|
66
|
-
name: f.category,
|
|
67
|
-
shortDescription: { text: f.category },
|
|
68
|
-
});
|
|
69
|
-
}
|
|
70
|
-
}
|
|
71
|
-
|
|
72
|
-
const results: SarifResult[] = result.allFindings.map(f => {
|
|
73
|
-
const r: SarifResult = {
|
|
74
|
-
ruleId: f.category,
|
|
75
|
-
level: severityToLevel(f.severity),
|
|
76
|
-
message: { text: f.message },
|
|
77
|
-
locations: [{
|
|
78
|
-
physicalLocation: {
|
|
79
|
-
artifactLocation: { uri: normalizeSarifUri(f.file, cwd), uriBaseId: '%SRCROOT%' },
|
|
80
|
-
...(f.line !== undefined ? { region: { startLine: f.line } } : {}),
|
|
81
|
-
},
|
|
82
|
-
}],
|
|
83
|
-
};
|
|
84
|
-
if (f.suggestion) r.fixes = [{ description: { text: f.suggestion } }];
|
|
85
|
-
return r;
|
|
86
|
-
});
|
|
87
|
-
|
|
88
|
-
return {
|
|
89
|
-
$schema: 'https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json',
|
|
90
|
-
version: '2.1.0',
|
|
91
|
-
runs: [{
|
|
92
|
-
tool: {
|
|
93
|
-
driver: {
|
|
94
|
-
name: 'guardrail',
|
|
95
|
-
version: opts.toolVersion,
|
|
96
|
-
informationUri: 'https://github.com/axledbetter/guardrail',
|
|
97
|
-
rules: [...rulesMap.values()],
|
|
98
|
-
},
|
|
99
|
-
},
|
|
100
|
-
results,
|
|
101
|
-
}],
|
|
102
|
-
};
|
|
103
|
-
}
|