@delegance/claude-autopilot 5.0.0 → 5.0.2

package/dist/src/core/config/types.d.ts

@@ -0,0 +1,115 @@
+import type { SchemaAlignmentConfig } from '../schema-alignment/types.ts';
+export interface AdapterReference {
+    adapter: string;
+    options?: Record<string, unknown>;
+}
+export type AdapterRef = string | AdapterReference;
+export type StaticRuleReference = string | {
+    adapter: string;
+    options?: Record<string, unknown>;
+};
+export interface GuardrailConfig {
+    configVersion: 1;
+    preset?: string;
+    reviewEngine?: AdapterRef;
+    vcsHost?: AdapterRef;
+    migrationRunner?: AdapterRef;
+    reviewBot?: AdapterRef;
+    adapterAllowlist?: string[];
+    protectedPaths?: string[];
+    staticRules?: StaticRuleReference[];
+    staticRulesParallel?: boolean;
+    stack?: string;
+    testCommand?: string | null;
+    thresholds?: {
+        bugbotAutoFix?: number;
+        bugbotProposePatch?: number;
+        maxValidateRetries?: number;
+        maxCodexRetries?: number;
+        maxBugbotRounds?: number;
+    };
+    ignore?: Array<string | {
+        rule?: string;
+        path: string;
+    }>;
+    reviewStrategy?: 'auto' | 'single-pass' | 'file-level' | 'diff' | 'auto-diff';
+    chunking?: {
+        smallTierMaxTokens?: number;
+        partialReviewTokens?: number;
+        perFileMaxTokens?: number;
+        parallelism?: number;
+        rateLimitBackoff?: 'exp' | 'linear' | 'none';
+    };
+    policy?: {
+        /** Severity threshold for exit code 1. Default: 'critical'. Use 'none' to always pass. */
+        failOn?: 'critical' | 'warning' | 'note' | 'none';
+        /** Only report findings not present in the committed baseline. Default: false. */
+        newOnly?: boolean;
+        /** Path to baseline file relative to cwd. Default: .guardrail-baseline.json */
+        baselinePath?: string;
+    };
+    pipeline?: {
+        /**
+         * When true, run the LLM review phase even if the static-rules phase reports `fail`
+         * (i.e. finds a critical). Default: true. Set to false to skip only the review
+         * phase on static-fail — the tests phase still runs regardless.
+         *
+         * Users that explicitly configure a review engine typically expect it to run — the
+         * bugs the LLM is best at (IDOR, TOCTOU, CORS, off-by-one, rate limits) often sit
+         * in the same commit as something a static rule already flagged. This flag only
+         * gates the review phase, mirroring `runReviewOnTestFail`.
+         */
+        runReviewOnStaticFail?: boolean;
+        /**
+         * When true, run the LLM review phase even if the tests phase reports `fail`.
+         * Default: false — failing tests usually indicate broken code, not code to review.
+         * This flag only gates the review phase; the tests phase itself always runs.
+         */
+        runReviewOnTestFail?: boolean;
+    };
+    cost?: {
+        /** Abort review phase if estimated spend exceeds this amount (USD). */
+        maxPerRun?: number;
+        /** Print token estimate before starting LLM review. Default: false. */
+        estimateBeforeRun?: boolean;
+        /** Per-model token price overrides (input/output per 1M tokens). */
+        pricing?: Record<string, {
+            inputPer1M: number;
+            outputPer1M: number;
+        }>;
+    };
+    brand?: {
+        /** Path to tailwind.config.{ts,js} — auto-extracts theme.colors as canonical palette */
+        colorsFrom?: string;
+        /** Explicit canonical color values (hex/rgb/hsl). Merged with colorsFrom. */
+        colors?: string[];
+        /** Canonical font family names */
+        fonts?: string[];
+        /** Path to design system component library (informational, for future LLM review) */
+        componentLibrary?: string | {
+            tokens?: string;
+            guide?: string;
+        };
+    };
+    'schema-alignment'?: SchemaAlignmentConfig;
+    cache?: Record<string, unknown>;
+    persistence?: Record<string, unknown>;
+    concurrency?: Record<string, unknown>;
+    council?: {
+        models: Array<{
+            adapter: string;
+            model: string;
+            label: string;
+        }>;
+        synthesizer: {
+            adapter: string;
+            model: string;
+            label: string;
+        };
+        timeout_ms?: number;
+        min_successful_responses?: number;
+        parallel_input_max_tokens?: number;
+        synthesis_input_max_tokens?: number;
+    };
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/src/core/council/config.d.ts

@@ -0,0 +1,3 @@
+import type { CouncilConfig } from './types.ts';
+export declare function parseCouncilConfig(raw: Record<string, unknown>): CouncilConfig;
+//# sourceMappingURL=config.d.ts.map

package/dist/src/core/council/context.d.ts

@@ -0,0 +1,2 @@
+export declare function windowContext(text: string, maxTokens: number): string;
+//# sourceMappingURL=context.d.ts.map

package/dist/src/core/council/runner.d.ts

@@ -0,0 +1,4 @@
+import type { CouncilConfig, CouncilResult } from './types.ts';
+import type { CouncilAdapter } from '../../adapters/council/types.ts';
+export declare function runCouncil(config: CouncilConfig, adapters: CouncilAdapter[], synthesizer: CouncilAdapter, prompt: string, contextDoc: string): Promise<CouncilResult>;
+//# sourceMappingURL=runner.d.ts.map

package/dist/src/core/council/types.d.ts

@@ -0,0 +1,36 @@
+export interface CouncilModelEntry {
+    adapter: 'claude' | 'openai';
+    model: string;
+    label: string;
+}
+export interface CouncilConfig {
+    models: CouncilModelEntry[];
+    synthesizer: CouncilModelEntry;
+    timeoutMs: number;
+    minSuccessfulResponses: number;
+    parallelInputMaxTokens: number;
+    synthesisInputMaxTokens: number;
+}
+export type ModelResponseStatus = 'ok' | 'timeout' | 'error';
+export interface ModelResponse {
+    label: string;
+    status: ModelResponseStatus;
+    text?: string;
+    error?: string;
+    latencyMs: number;
+}
+export interface SynthesisResponse {
+    label: string;
+    text: string;
+    latencyMs: number;
+}
+export type CouncilStatus = 'success' | 'partial' | 'failed';
+export interface CouncilResult {
+    schema_version: 1;
+    run_id: string;
+    status: CouncilStatus;
+    prompt: string;
+    responses: ModelResponse[];
+    synthesis?: SynthesisResponse;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/src/core/detect/git-context.d.ts

@@ -0,0 +1,12 @@
+export interface GitContext {
+    branch: string | null;
+    commitMessage: string | null;
+    /** Short summary suitable for injecting into a review prompt */
+    summary: string | null;
+}
+/**
+ * Reads branch name and last commit message from git. Returns nulls gracefully
+ * if git is unavailable or the repo has no commits.
+ */
+export declare function detectGitContext(cwd: string): GitContext;
+//# sourceMappingURL=git-context.d.ts.map

package/dist/src/core/detect/llm-key.d.ts

@@ -0,0 +1,38 @@
+/**
+ * Shared LLM API key detection. Used by setup, doctor/preflight, scan, and run so
+ * every surface agrees on which env vars count as "have a key."
+ *
+ * Before this unified helper, doctor only checked ANTHROPIC_API_KEY + OPENAI_API_KEY
+ * while setup/scan/run checked all 5 providers — producing contradictory messages
+ * ("LLM API key: detected" from setup, "No LLM API key" from doctor moments later).
+ */
+/** All env var names guardrail recognizes as LLM API keys, ordered by preference. */
+export declare const LLM_KEY_NAMES: readonly ["ANTHROPIC_API_KEY", "OPENAI_API_KEY", "GEMINI_API_KEY", "GOOGLE_API_KEY", "GROQ_API_KEY"];
+export type LLMKeyName = typeof LLM_KEY_NAMES[number];
+export interface KeyDetectionOptions {
+    /** Additional key→value map to check alongside process.env (e.g. parsed .env.local). */
+    extraEnv?: Record<string, string | undefined>;
+}
+export interface KeyDetectionResult {
+    /** True if any recognized LLM key is set to a non-empty value. */
+    hasKey: boolean;
+    /** Preferred key that was detected, or null. Follows LLM_KEY_NAMES order. */
+    preferred: LLMKeyName | null;
+    /** All keys that were detected, in LLM_KEY_NAMES order. */
+    detected: LLMKeyName[];
+}
+/** Load an env file into a plain object without mutating process.env. */
+export declare function loadEnvFile(filePath: string): Record<string, string>;
+/** Detect whether any recognized LLM API key is set. */
+export declare function detectLLMKey(options?: KeyDetectionOptions): KeyDetectionResult;
+/**
+ * Human-readable list of providers and signup URLs, used by every "no key" message.
+ * Must cover every entry in LLM_KEY_NAMES so users see the same set of options across
+ * preflight, setup, scan, and run.
+ */
+export declare const LLM_KEY_HINTS: Array<{
+    name: LLMKeyName;
+    url: string;
+    note?: string;
+}>;
+//# sourceMappingURL=llm-key.d.ts.map

package/dist/src/core/detect/protected-paths.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Scans the project for migration directories, schema files, and infra configs
+ * and returns glob patterns suitable for `protectedPaths`.
+ */
+export declare function detectProtectedPaths(cwd: string): string[];
+//# sourceMappingURL=protected-paths.d.ts.map

package/dist/src/core/detect/provider-usage.d.ts

@@ -0,0 +1,17 @@
+export type Provider = 'anthropic' | 'gemini' | 'openai' | 'groq';
+export interface ProviderCounts {
+    anthropic: number;
+    gemini: number;
+    openai: number;
+    groq: number;
+}
+/**
+ * Scans source files under `cwd` and returns per-provider match counts.
+ * Counts are capped at 1 per file to avoid skewing on generated lock files.
+ */
+export declare function detectProviderUsage(cwd: string): ProviderCounts;
+/**
+ * Returns the provider with the highest usage count, or null if all zero.
+ */
+export declare function dominantProvider(counts: ProviderCounts): Provider | null;
+//# sourceMappingURL=provider-usage.d.ts.map

package/dist/src/core/detect/stack.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Infers a human-readable stack description from project files.
+ * Returns null if nothing definitive is found (caller should omit from prompt).
+ */
+export declare function detectStack(cwd: string): string | null;
+//# sourceMappingURL=stack.d.ts.map

package/dist/src/core/detect/workspaces.d.ts

@@ -0,0 +1,11 @@
+export interface Workspace {
+    name: string;
+    dir: string;
+    rel: string;
+    testCommand?: string;
+}
+/** Detect npm/yarn/pnpm workspaces, Turborepo, Nx, Go multi-module. */
+export declare function detectWorkspaces(cwd: string): Workspace[] | null;
+/** Given a list of touched files, return which workspaces they belong to. */
+export declare function mapFilesToWorkspaces(files: string[], workspaces: Workspace[], cwd: string): Map<Workspace, string[]>;
+//# sourceMappingURL=workspaces.d.ts.map

package/dist/src/core/errors.d.ts

@@ -0,0 +1,17 @@
+export type ErrorCode = 'auth' | 'rate_limit' | 'transient_network' | 'invalid_config' | 'adapter_bug' | 'user_input' | 'budget_exceeded' | 'concurrency_lock' | 'superseded';
+export interface GuardrailErrorOptions {
+    code: ErrorCode;
+    retryable?: boolean;
+    provider?: string;
+    step?: string;
+    details?: Record<string, unknown>;
+}
+export declare class GuardrailError extends Error {
+    code: ErrorCode;
+    retryable: boolean;
+    provider?: string;
+    step?: string;
+    details: Record<string, unknown>;
+    constructor(message: string, options: GuardrailErrorOptions);
+}
+//# sourceMappingURL=errors.d.ts.map

package/dist/src/core/findings/dedup.d.ts

@@ -0,0 +1,4 @@
+import type { Finding } from './types.ts';
+export declare function findingContentKey(f: Finding): string;
+export declare function dedupFindings(findings: Finding[]): Finding[];
+//# sourceMappingURL=dedup.d.ts.map

package/dist/src/core/findings/types.d.ts

@@ -0,0 +1,33 @@
+export type FindingSource = 'static-rules' | 'review-engine' | 'pipeline' | `review-bot:${string}`;
+export type Severity = 'critical' | 'warning' | 'note';
+export interface Finding {
+    id: string;
+    source: FindingSource;
+    severity: Severity;
+    category: string;
+    file: string;
+    line?: number;
+    message: string;
+    suggestion?: string;
+    protectedPath: boolean;
+    createdAt: string;
+}
+export type TriageVerdict = 'real_bug' | 'false_positive' | 'low_value';
+export type TriageAction = 'auto_fix' | 'propose_patch' | 'ask_question' | 'dismiss' | 'needs_human';
+export interface TriageRecord {
+    findingId: string;
+    verdict: TriageVerdict;
+    confidence: number;
+    reason: string;
+    action: TriageAction;
+    recordedAt: string;
+}
+export type FixStatus = 'fixed' | 'reverted' | 'human_required' | 'skipped';
+export interface FixAttempt {
+    findingId: string;
+    attemptedAt: string;
+    status: FixStatus;
+    commitSha?: string;
+    notes?: string;
+}
+//# sourceMappingURL=types.d.ts.map

package/dist/src/core/fix/generator.d.ts

@@ -0,0 +1,17 @@
+import type { Finding } from '../findings/types.ts';
+import type { ReviewEngine } from '../../adapters/review-engine/types.ts';
+export declare const CONTEXT_LINES = 20;
+export interface GenerateResult {
+    status: 'ok' | 'cannot_fix' | 'rejected' | 'error';
+    reason?: string;
+    originalLines?: string[];
+    replacementLines?: string[];
+    startLine?: number;
+    endLine?: number;
+}
+export declare function validateReplacement(original: string[], replacement: string[], _finding: Finding): string | null;
+export declare function buildUnifiedDiff(original: string[], replacement: string[], filePath: string, startLine: number, opts?: {
+    color?: boolean;
+}): string;
+export declare function generateFix(finding: Finding, engine: ReviewEngine, cwd: string): Promise<GenerateResult>;
+//# sourceMappingURL=generator.d.ts.map

package/dist/src/core/git/diff-hunks.d.ts

@@ -0,0 +1,22 @@
+export interface FileDiff {
+    file: string;
+    hunks: string;
+    additions: number;
+    deletions: number;
+}
+/**
+ * Returns per-file unified diffs for the given files between base and HEAD.
+ * Falls back to working-tree diff (unstaged) when base diff is empty for a file.
+ */
+export declare function getFileDiffs(cwd: string, base: string, files: string[]): FileDiff[];
+/**
+ * Parses unified diff output into per-file FileDiff entries.
+ * Only returns files that actually have diff content.
+ */
+export declare function parseUnifiedDiff(raw: string, requestedFiles: string[]): FileDiff[];
+/**
+ * Formats FileDiff entries into a review-ready string.
+ * Total size is bounded by maxChars (default 120K chars ≈ 30K tokens).
+ */
+export declare function formatDiffContent(diffs: FileDiff[], maxChars?: number): string;
+//# sourceMappingURL=diff-hunks.d.ts.map

package/dist/src/core/git/touched-files.d.ts

@@ -0,0 +1,11 @@
+export interface TouchedFilesOptions {
+    cwd?: string;
+    base?: string;
+}
+/**
+ * Returns the list of files changed relative to `base` (default HEAD~1).
+ * Falls back to `git status --short` unstaged/staged files if the diff fails
+ * (e.g. first commit, no parent).
+ */
+export declare function resolveGitTouchedFiles(options?: TouchedFilesOptions): string[];
+//# sourceMappingURL=touched-files.d.ts.map

package/dist/src/core/ignore/index.d.ts

@@ -0,0 +1,11 @@
+import type { Finding } from '../findings/types.ts';
+import type { GuardrailConfig } from '../config/types.ts';
+export interface IgnoreRule {
+    ruleId: string | '*';
+    pathGlob: string | null;
+}
+export declare function loadIgnoreRules(cwd: string): IgnoreRule[];
+/** Convert `ignore:` entries from guardrail.config.yaml into IgnoreRules. */
+export declare function parseConfigIgnore(entries: GuardrailConfig['ignore']): IgnoreRule[];
+export declare function applyIgnoreRules(findings: Finding[], rules: IgnoreRule[]): Finding[];
+//# sourceMappingURL=index.d.ts.map

package/dist/src/core/index.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/src/core/logging/ndjson-writer.d.ts

@@ -0,0 +1,16 @@
+export interface NdjsonLoggerOptions {
+    runId: string;
+    logsDir?: string;
+    redactionPatterns?: readonly string[];
+}
+export declare class NdjsonLogger {
+    private readonly runId;
+    private readonly filePath;
+    private readonly stream;
+    private readonly redactionPatterns;
+    constructor(options: NdjsonLoggerOptions);
+    log(event: string, fields?: Record<string, unknown>): void;
+    close(): Promise<void>;
+    getFilePath(): string;
+}
+//# sourceMappingURL=ndjson-writer.d.ts.map

package/dist/src/core/logging/redaction.d.ts

@@ -0,0 +1,4 @@
+export declare const DEFAULT_REDACTION_PATTERNS: readonly string[];
+export declare function applyRedaction(text: string, patterns: readonly string[]): string;
+export declare function containsSecret(text: string, patterns: readonly string[]): boolean;
+//# sourceMappingURL=redaction.d.ts.map

package/dist/src/core/mcp/concurrency.d.ts

@@ -0,0 +1,2 @@
+export declare function withWriteLock<T>(workspace: string, fn: () => Promise<T>): Promise<T>;
+//# sourceMappingURL=concurrency.d.ts.map

package/dist/src/core/mcp/handlers/fix-finding.d.ts

@@ -0,0 +1,17 @@
+import type { ReviewEngine } from '../../../adapters/review-engine/types.ts';
+import type { GuardrailConfig } from '../../config/types.ts';
+export interface FixFindingResult {
+    schema_version: 1;
+    status: 'fixed' | 'reverted' | 'human_required' | 'skipped';
+    reason?: string;
+    patch?: string;
+    commitSha?: string;
+    appliedFiles: string[];
+}
+export declare function handleFixFinding(input: {
+    run_id: string;
+    finding_id: string;
+    cwd?: string;
+    dry_run?: boolean;
+}, config: GuardrailConfig, engine: ReviewEngine): Promise<FixFindingResult>;
+//# sourceMappingURL=fix-finding.d.ts.map

package/dist/src/core/mcp/handlers/get-capabilities.d.ts

@@ -0,0 +1,14 @@
+import type { GuardrailConfig } from '../../config/types.ts';
+export interface CapabilitiesResult {
+    schema_version: 1;
+    adapter: string;
+    enabledRules: string[];
+    writeable: boolean;
+    gitAvailable: boolean;
+    testCommandConfigured: boolean;
+    guardrailVersion: string;
+}
+export declare function handleGetCapabilities(input: {
+    cwd?: string;
+}, config: GuardrailConfig, adapterName: string): Promise<CapabilitiesResult>;
+//# sourceMappingURL=get-capabilities.d.ts.map

package/dist/src/core/mcp/handlers/get-findings.d.ts

@@ -0,0 +1,13 @@
+import type { Finding, Severity } from '../../findings/types.ts';
+export interface GetFindingsResult {
+    schema_version: 1;
+    run_id: string;
+    findings: Finding[];
+    cachedAt: string;
+}
+export declare function handleGetFindings(input: {
+    run_id: string;
+    severity?: Severity;
+    cwd?: string;
+}): Promise<GetFindingsResult>;
+//# sourceMappingURL=get-findings.d.ts.map

package/dist/src/core/mcp/handlers/review-diff.d.ts

@@ -0,0 +1,18 @@
+import type { ReviewEngine } from '../../../adapters/review-engine/types.ts';
+import type { GuardrailConfig } from '../../config/types.ts';
+import type { Finding } from '../../findings/types.ts';
+export interface ReviewDiffResult {
+    schema_version: 1;
+    run_id: string;
+    findings: Finding[];
+    human_summary: string;
+    usage?: {
+        costUSD?: number;
+    };
+}
+export declare function handleReviewDiff(input: {
+    base?: string;
+    cwd?: string;
+    static_only?: boolean;
+}, config: GuardrailConfig, engine: ReviewEngine): Promise<ReviewDiffResult>;
+//# sourceMappingURL=review-diff.d.ts.map

package/dist/src/core/mcp/handlers/scan-files.d.ts

@@ -0,0 +1,15 @@
+import type { ReviewEngine } from '../../../adapters/review-engine/types.ts';
+import type { GuardrailConfig } from '../../config/types.ts';
+import type { Finding } from '../../findings/types.ts';
+export interface ScanFilesResult {
+    schema_version: 1;
+    run_id: string;
+    findings: Finding[];
+    human_summary: string;
+}
+export declare function handleScanFiles(input: {
+    files: string[];
+    cwd?: string;
+    ask?: string;
+}, config: GuardrailConfig, engine: ReviewEngine): Promise<ScanFilesResult>;
+//# sourceMappingURL=scan-files.d.ts.map

package/dist/src/core/mcp/handlers/validate-fix.d.ts

@@ -0,0 +1,12 @@
+import type { GuardrailConfig } from '../../config/types.ts';
+export interface ValidateFixResult {
+    schema_version: 1;
+    passed: boolean;
+    output: string;
+    durationMs: number;
+}
+export declare function handleValidateFix(input: {
+    cwd?: string;
+    files?: string[];
+}, config: GuardrailConfig): Promise<ValidateFixResult>;
+//# sourceMappingURL=validate-fix.d.ts.map

package/dist/src/core/mcp/run-store.d.ts

@@ -0,0 +1,12 @@
+import type { Finding } from '../findings/types.ts';
+export interface RunRecord {
+    run_id: string;
+    createdAt: string;
+    findings: Finding[];
+    fileChecksums: Record<string, string>;
+}
+export declare function saveRun(cwd: string, runId: string, findings: Finding[], fileChecksums: Record<string, string>): void;
+export declare function loadRun(cwd: string, runId: string): RunRecord | null;
+export declare function checksumFile(filePath: string): string;
+export declare function pruneOldRuns(cwd: string, maxAgeMs: number): void;
+//# sourceMappingURL=run-store.d.ts.map

package/dist/src/core/mcp/workspace.d.ts

@@ -0,0 +1,3 @@
+export declare function resolveWorkspace(cwd?: string): string;
+export declare function assertInWorkspace(workspace: string, filePath: string): string;
+//# sourceMappingURL=workspace.d.ts.map

package/dist/src/core/persist/baseline.d.ts

@@ -0,0 +1,39 @@
+import type { Finding } from '../findings/types.ts';
+export interface BaselineEntry {
+    id: string;
+    file: string;
+    line?: number;
+    severity: string;
+    message: string;
+    pinnedAt: string;
+    note?: string;
+}
+export interface Baseline {
+    version: 1;
+    createdAt: string;
+    updatedAt: string;
+    note?: string;
+    entries: BaselineEntry[];
+}
+export declare function baselineFilePath(cwd: string, overridePath?: string): string;
+export declare function loadBaseline(cwd: string, overridePath?: string): Baseline | null;
+export declare function saveBaseline(cwd: string, findings: Finding[], options?: {
+    note?: string;
+    overridePath?: string;
+}): Baseline;
+export declare function clearBaseline(cwd: string, overridePath?: string): void;
+export interface BaselineFilterResult {
+    newFindings: Finding[];
+    baselinedFindings: Finding[];
+    baselinedCount: number;
+}
+/** Returns findings NOT present in the baseline (new findings only). */
+export declare function filterBaselined(findings: Finding[], baseline: Baseline): BaselineFilterResult;
+export interface BaselineDiff {
+    added: Finding[];
+    resolved: BaselineEntry[];
+    unchanged: Finding[];
+}
+/** Diff current findings against a baseline snapshot. */
+export declare function diffAgainstBaseline(current: Finding[], baseline: Baseline): BaselineDiff;
+//# sourceMappingURL=baseline.d.ts.map

package/dist/src/core/persist/cost-log.d.ts

@@ -0,0 +1,11 @@
+export interface CostLogEntry {
+    timestamp: string;
+    files: number;
+    inputTokens: number;
+    outputTokens: number;
+    costUSD: number;
+    durationMs: number;
+}
+export declare function appendCostLog(cwd: string, entry: CostLogEntry): void;
+export declare function readCostLog(cwd: string): CostLogEntry[];
+//# sourceMappingURL=cost-log.d.ts.map

package/dist/src/core/persist/findings-cache.d.ts

@@ -0,0 +1,9 @@
+import type { Finding } from '../findings/types.ts';
+export declare function loadCachedFindings(cwd: string): Finding[];
+export declare function saveCachedFindings(cwd: string, findings: Finding[]): void;
+/**
+ * Returns only findings not present in the cached baseline.
+ * Two findings are considered the same when id + file + line all match.
+ */
+export declare function filterNewFindings(current: Finding[], cached: Finding[]): Finding[];
+//# sourceMappingURL=findings-cache.d.ts.map

package/dist/src/core/persist/triage.d.ts

@@ -0,0 +1,30 @@
+import type { Finding } from '../findings/types.ts';
+export type TriageState = 'accepted-risk' | 'false-positive';
+export interface TriageEntry {
+    id: string;
+    file: string;
+    line?: number;
+    state: TriageState;
+    reason?: string;
+    triagedAt: string;
+    expiresAt?: string;
+}
+export interface TriageStore {
+    version: 1;
+    entries: TriageEntry[];
+}
+export declare function loadTriage(cwd: string): TriageStore;
+export declare function saveTriage(cwd: string, store: TriageStore): void;
+export declare function addTriageEntry(cwd: string, finding: Finding, state: TriageState, options?: {
+    reason?: string;
+    expiresInDays?: number;
+}): void;
+export declare function removeTriageEntry(cwd: string, ids: string[]): number;
+export declare function clearExpiredEntries(cwd: string): number;
+export interface TriageFilterResult {
+    active: Finding[];
+    triaged: Finding[];
+    triageCount: number;
+}
+export declare function filterTriaged(findings: Finding[], store: TriageStore): TriageFilterResult;
+//# sourceMappingURL=triage.d.ts.map