npm - @delegance/claude-autopilot - Versions diffs - 5.0.1 → 5.0.2 - Mend

@delegance/claude-autopilot 5.0.1 → 5.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (410) hide show

package/dist/src/cli/index.js +39 -1
package/dist/src/cli/preflight.js +17 -4
package/package.json +4 -3
package/dist/presets/go/rules/go-sql-injection.d.ts.map +0 -1
package/dist/presets/go/rules/go-sql-injection.js.map +0 -1
package/dist/presets/nextjs-supabase/rules/supabase-rls-bypass.d.ts.map +0 -1
package/dist/presets/nextjs-supabase/rules/supabase-rls-bypass.js.map +0 -1
package/dist/presets/python-fastapi/rules/fastapi-missing-auth.d.ts.map +0 -1
package/dist/presets/python-fastapi/rules/fastapi-missing-auth.js.map +0 -1
package/dist/presets/rails-postgres/rules/rails-sql-injection.d.ts.map +0 -1
package/dist/presets/rails-postgres/rules/rails-sql-injection.js.map +0 -1
package/dist/presets/t3/rules/t3-server-only.d.ts.map +0 -1
package/dist/presets/t3/rules/t3-server-only.js.map +0 -1
package/dist/src/adapters/base.d.ts.map +0 -1
package/dist/src/adapters/base.js.map +0 -1
package/dist/src/adapters/council/claude.d.ts.map +0 -1
package/dist/src/adapters/council/claude.js.map +0 -1
package/dist/src/adapters/council/openai.d.ts.map +0 -1
package/dist/src/adapters/council/openai.js.map +0 -1
package/dist/src/adapters/council/types.d.ts.map +0 -1
package/dist/src/adapters/council/types.js.map +0 -1
package/dist/src/adapters/loader.d.ts.map +0 -1
package/dist/src/adapters/loader.js.map +0 -1
package/dist/src/adapters/migration-runner/supabase.d.ts.map +0 -1
package/dist/src/adapters/migration-runner/supabase.js.map +0 -1
package/dist/src/adapters/migration-runner/types.d.ts.map +0 -1
package/dist/src/adapters/migration-runner/types.js.map +0 -1
package/dist/src/adapters/review-bot-parser/cursor.d.ts.map +0 -1
package/dist/src/adapters/review-bot-parser/cursor.js.map +0 -1
package/dist/src/adapters/review-bot-parser/declarative-base.d.ts.map +0 -1
package/dist/src/adapters/review-bot-parser/declarative-base.js.map +0 -1
package/dist/src/adapters/review-bot-parser/types.d.ts.map +0 -1
package/dist/src/adapters/review-bot-parser/types.js.map +0 -1
package/dist/src/adapters/review-engine/auto.d.ts.map +0 -1
package/dist/src/adapters/review-engine/auto.js.map +0 -1
package/dist/src/adapters/review-engine/claude.d.ts.map +0 -1
package/dist/src/adapters/review-engine/claude.js.map +0 -1
package/dist/src/adapters/review-engine/codex.d.ts.map +0 -1
package/dist/src/adapters/review-engine/codex.js.map +0 -1
package/dist/src/adapters/review-engine/gemini.d.ts.map +0 -1
package/dist/src/adapters/review-engine/gemini.js.map +0 -1
package/dist/src/adapters/review-engine/openai-compatible.d.ts.map +0 -1
package/dist/src/adapters/review-engine/openai-compatible.js.map +0 -1
package/dist/src/adapters/review-engine/parse-output.d.ts.map +0 -1
package/dist/src/adapters/review-engine/parse-output.js.map +0 -1
package/dist/src/adapters/review-engine/prompt-builder.d.ts.map +0 -1
package/dist/src/adapters/review-engine/prompt-builder.js.map +0 -1
package/dist/src/adapters/review-engine/types.d.ts.map +0 -1
package/dist/src/adapters/review-engine/types.js.map +0 -1
package/dist/src/adapters/vcs-host/commit-status.d.ts.map +0 -1
package/dist/src/adapters/vcs-host/commit-status.js.map +0 -1
package/dist/src/adapters/vcs-host/github.d.ts.map +0 -1
package/dist/src/adapters/vcs-host/github.js.map +0 -1
package/dist/src/adapters/vcs-host/types.d.ts.map +0 -1
package/dist/src/adapters/vcs-host/types.js.map +0 -1
package/dist/src/cli/_pkg-root.d.ts.map +0 -1
package/dist/src/cli/_pkg-root.js.map +0 -1
package/dist/src/cli/autoregress-bridge.d.ts.map +0 -1
package/dist/src/cli/autoregress-bridge.js.map +0 -1
package/dist/src/cli/baseline.d.ts.map +0 -1
package/dist/src/cli/baseline.js.map +0 -1
package/dist/src/cli/ci.d.ts.map +0 -1
package/dist/src/cli/ci.js.map +0 -1
package/dist/src/cli/costs.d.ts.map +0 -1
package/dist/src/cli/costs.js.map +0 -1
package/dist/src/cli/council.d.ts.map +0 -1
package/dist/src/cli/council.js.map +0 -1
package/dist/src/cli/detector.d.ts.map +0 -1
package/dist/src/cli/detector.js.map +0 -1
package/dist/src/cli/explain.d.ts.map +0 -1
package/dist/src/cli/explain.js.map +0 -1
package/dist/src/cli/fix.d.ts.map +0 -1
package/dist/src/cli/fix.js.map +0 -1
package/dist/src/cli/hook.d.ts.map +0 -1
package/dist/src/cli/hook.js.map +0 -1
package/dist/src/cli/ignore-helper.d.ts.map +0 -1
package/dist/src/cli/ignore-helper.js.map +0 -1
package/dist/src/cli/index.d.ts.map +0 -1
package/dist/src/cli/index.js.map +0 -1
package/dist/src/cli/lsp.d.ts.map +0 -1
package/dist/src/cli/lsp.js.map +0 -1
package/dist/src/cli/mcp.d.ts.map +0 -1
package/dist/src/cli/mcp.js.map +0 -1
package/dist/src/cli/migrate-v4.d.ts.map +0 -1
package/dist/src/cli/migrate-v4.js.map +0 -1
package/dist/src/cli/pr-comment.d.ts.map +0 -1
package/dist/src/cli/pr-comment.js.map +0 -1
package/dist/src/cli/pr-desc.d.ts.map +0 -1
package/dist/src/cli/pr-desc.js.map +0 -1
package/dist/src/cli/pr-review-comments.d.ts.map +0 -1
package/dist/src/cli/pr-review-comments.js.map +0 -1
package/dist/src/cli/pr.d.ts.map +0 -1
package/dist/src/cli/pr.js.map +0 -1
package/dist/src/cli/preflight.d.ts.map +0 -1
package/dist/src/cli/preflight.js.map +0 -1
package/dist/src/cli/report.d.ts.map +0 -1
package/dist/src/cli/report.js.map +0 -1
package/dist/src/cli/run.d.ts.map +0 -1
package/dist/src/cli/run.js.map +0 -1
package/dist/src/cli/scan.d.ts.map +0 -1
package/dist/src/cli/scan.js.map +0 -1
package/dist/src/cli/setup.d.ts.map +0 -1
package/dist/src/cli/setup.js.map +0 -1
package/dist/src/cli/test-gen.d.ts.map +0 -1
package/dist/src/cli/test-gen.js.map +0 -1
package/dist/src/cli/triage.d.ts.map +0 -1
package/dist/src/cli/triage.js.map +0 -1
package/dist/src/cli/watch.d.ts.map +0 -1
package/dist/src/cli/watch.js.map +0 -1
package/dist/src/cli/worker.d.ts.map +0 -1
package/dist/src/cli/worker.js.map +0 -1
package/dist/src/core/cache/cached-engine.d.ts.map +0 -1
package/dist/src/core/cache/cached-engine.js.map +0 -1
package/dist/src/core/cache/review-cache.d.ts.map +0 -1
package/dist/src/core/cache/review-cache.js.map +0 -1
package/dist/src/core/chunking/index.d.ts.map +0 -1
package/dist/src/core/chunking/index.js.map +0 -1
package/dist/src/core/chunking/risk-ranker.d.ts.map +0 -1
package/dist/src/core/chunking/risk-ranker.js.map +0 -1
package/dist/src/core/config/loader.d.ts.map +0 -1
package/dist/src/core/config/loader.js.map +0 -1
package/dist/src/core/config/preset-resolver.d.ts.map +0 -1
package/dist/src/core/config/preset-resolver.js.map +0 -1
package/dist/src/core/config/schema.d.ts.map +0 -1
package/dist/src/core/config/schema.js.map +0 -1
package/dist/src/core/config/types.d.ts.map +0 -1
package/dist/src/core/config/types.js.map +0 -1
package/dist/src/core/council/config.d.ts.map +0 -1
package/dist/src/core/council/config.js.map +0 -1
package/dist/src/core/council/context.d.ts.map +0 -1
package/dist/src/core/council/context.js.map +0 -1
package/dist/src/core/council/runner.d.ts.map +0 -1
package/dist/src/core/council/runner.js.map +0 -1
package/dist/src/core/council/types.d.ts.map +0 -1
package/dist/src/core/council/types.js.map +0 -1
package/dist/src/core/detect/git-context.d.ts.map +0 -1
package/dist/src/core/detect/git-context.js.map +0 -1
package/dist/src/core/detect/llm-key.d.ts.map +0 -1
package/dist/src/core/detect/llm-key.js.map +0 -1
package/dist/src/core/detect/protected-paths.d.ts.map +0 -1
package/dist/src/core/detect/protected-paths.js.map +0 -1
package/dist/src/core/detect/provider-usage.d.ts.map +0 -1
package/dist/src/core/detect/provider-usage.js.map +0 -1
package/dist/src/core/detect/stack.d.ts.map +0 -1
package/dist/src/core/detect/stack.js.map +0 -1
package/dist/src/core/detect/workspaces.d.ts.map +0 -1
package/dist/src/core/detect/workspaces.js.map +0 -1
package/dist/src/core/errors.d.ts.map +0 -1
package/dist/src/core/errors.js.map +0 -1
package/dist/src/core/findings/dedup.d.ts.map +0 -1
package/dist/src/core/findings/dedup.js.map +0 -1
package/dist/src/core/findings/types.d.ts.map +0 -1
package/dist/src/core/findings/types.js.map +0 -1
package/dist/src/core/fix/generator.d.ts.map +0 -1
package/dist/src/core/fix/generator.js.map +0 -1
package/dist/src/core/git/diff-hunks.d.ts.map +0 -1
package/dist/src/core/git/diff-hunks.js.map +0 -1
package/dist/src/core/git/touched-files.d.ts.map +0 -1
package/dist/src/core/git/touched-files.js.map +0 -1
package/dist/src/core/ignore/index.d.ts.map +0 -1
package/dist/src/core/ignore/index.js.map +0 -1
package/dist/src/core/index.d.ts.map +0 -1
package/dist/src/core/index.js.map +0 -1
package/dist/src/core/logging/ndjson-writer.d.ts.map +0 -1
package/dist/src/core/logging/ndjson-writer.js.map +0 -1
package/dist/src/core/logging/redaction.d.ts.map +0 -1
package/dist/src/core/logging/redaction.js.map +0 -1
package/dist/src/core/mcp/concurrency.d.ts.map +0 -1
package/dist/src/core/mcp/concurrency.js.map +0 -1
package/dist/src/core/mcp/handlers/fix-finding.d.ts.map +0 -1
package/dist/src/core/mcp/handlers/fix-finding.js.map +0 -1
package/dist/src/core/mcp/handlers/get-capabilities.d.ts.map +0 -1
package/dist/src/core/mcp/handlers/get-capabilities.js.map +0 -1
package/dist/src/core/mcp/handlers/get-findings.d.ts.map +0 -1
package/dist/src/core/mcp/handlers/get-findings.js.map +0 -1
package/dist/src/core/mcp/handlers/review-diff.d.ts.map +0 -1
package/dist/src/core/mcp/handlers/review-diff.js.map +0 -1
package/dist/src/core/mcp/handlers/scan-files.d.ts.map +0 -1
package/dist/src/core/mcp/handlers/scan-files.js.map +0 -1
package/dist/src/core/mcp/handlers/validate-fix.d.ts.map +0 -1
package/dist/src/core/mcp/handlers/validate-fix.js.map +0 -1
package/dist/src/core/mcp/run-store.d.ts.map +0 -1
package/dist/src/core/mcp/run-store.js.map +0 -1
package/dist/src/core/mcp/workspace.d.ts.map +0 -1
package/dist/src/core/mcp/workspace.js.map +0 -1
package/dist/src/core/persist/baseline.d.ts.map +0 -1
package/dist/src/core/persist/baseline.js.map +0 -1
package/dist/src/core/persist/cost-log.d.ts.map +0 -1
package/dist/src/core/persist/cost-log.js.map +0 -1
package/dist/src/core/persist/findings-cache.d.ts.map +0 -1
package/dist/src/core/persist/findings-cache.js.map +0 -1
package/dist/src/core/persist/triage.d.ts.map +0 -1
package/dist/src/core/persist/triage.js.map +0 -1
package/dist/src/core/phases/static-rules.d.ts.map +0 -1
package/dist/src/core/phases/static-rules.js.map +0 -1
package/dist/src/core/phases/tests.d.ts.map +0 -1
package/dist/src/core/phases/tests.js.map +0 -1
package/dist/src/core/pipeline/review-phase.d.ts.map +0 -1
package/dist/src/core/pipeline/review-phase.js.map +0 -1
package/dist/src/core/pipeline/run.d.ts.map +0 -1
package/dist/src/core/pipeline/run.js.map +0 -1
package/dist/src/core/runtime/idempotency.d.ts.map +0 -1
package/dist/src/core/runtime/idempotency.js.map +0 -1
package/dist/src/core/runtime/lock.d.ts.map +0 -1
package/dist/src/core/runtime/lock.js.map +0 -1
package/dist/src/core/runtime/state.d.ts.map +0 -1
package/dist/src/core/runtime/state.js.map +0 -1
package/dist/src/core/schema-alignment/detector.d.ts.map +0 -1
package/dist/src/core/schema-alignment/detector.js.map +0 -1
package/dist/src/core/schema-alignment/extractor/index.d.ts.map +0 -1
package/dist/src/core/schema-alignment/extractor/index.js.map +0 -1
package/dist/src/core/schema-alignment/extractor/prisma.d.ts.map +0 -1
package/dist/src/core/schema-alignment/extractor/prisma.js.map +0 -1
package/dist/src/core/schema-alignment/extractor/sql.d.ts.map +0 -1
package/dist/src/core/schema-alignment/extractor/sql.js.map +0 -1
package/dist/src/core/schema-alignment/llm-check.d.ts.map +0 -1
package/dist/src/core/schema-alignment/llm-check.js.map +0 -1
package/dist/src/core/schema-alignment/scanner.d.ts.map +0 -1
package/dist/src/core/schema-alignment/scanner.js.map +0 -1
package/dist/src/core/schema-alignment/types.d.ts.map +0 -1
package/dist/src/core/schema-alignment/types.js.map +0 -1
package/dist/src/core/shell.d.ts.map +0 -1
package/dist/src/core/shell.js.map +0 -1
package/dist/src/core/static-rules/registry.d.ts.map +0 -1
package/dist/src/core/static-rules/registry.js.map +0 -1
package/dist/src/core/static-rules/rules/brand-tokens.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/brand-tokens.js.map +0 -1
package/dist/src/core/static-rules/rules/console-log.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/console-log.js.map +0 -1
package/dist/src/core/static-rules/rules/hardcoded-secrets.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/hardcoded-secrets.js.map +0 -1
package/dist/src/core/static-rules/rules/insecure-redirect.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/insecure-redirect.js.map +0 -1
package/dist/src/core/static-rules/rules/large-file.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/large-file.js.map +0 -1
package/dist/src/core/static-rules/rules/missing-auth.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/missing-auth.js.map +0 -1
package/dist/src/core/static-rules/rules/missing-tests.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/missing-tests.js.map +0 -1
package/dist/src/core/static-rules/rules/npm-audit.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/npm-audit.js.map +0 -1
package/dist/src/core/static-rules/rules/package-lock-sync.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/package-lock-sync.js.map +0 -1
package/dist/src/core/static-rules/rules/schema-alignment.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/schema-alignment.js.map +0 -1
package/dist/src/core/static-rules/rules/sql-injection.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/sql-injection.js.map +0 -1
package/dist/src/core/static-rules/rules/ssrf.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/ssrf.js.map +0 -1
package/dist/src/core/static-rules/rules/todo-fixme.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/todo-fixme.js.map +0 -1
package/dist/src/core/static-rules/tailwind-extractor.d.ts.map +0 -1
package/dist/src/core/static-rules/tailwind-extractor.js.map +0 -1
package/dist/src/core/test-gen/coverage-analyzer.d.ts.map +0 -1
package/dist/src/core/test-gen/coverage-analyzer.js.map +0 -1
package/dist/src/core/test-gen/framework-detector.d.ts.map +0 -1
package/dist/src/core/test-gen/framework-detector.js.map +0 -1
package/dist/src/core/test-gen/test-writer.d.ts.map +0 -1
package/dist/src/core/test-gen/test-writer.js.map +0 -1
package/dist/src/core/ui/design-context-loader.d.ts.map +0 -1
package/dist/src/core/ui/design-context-loader.js.map +0 -1
package/dist/src/core/worker/client.d.ts.map +0 -1
package/dist/src/core/worker/client.js.map +0 -1
package/dist/src/core/worker/lockfile.d.ts.map +0 -1
package/dist/src/core/worker/lockfile.js.map +0 -1
package/dist/src/core/worker/server.d.ts.map +0 -1
package/dist/src/core/worker/server.js.map +0 -1
package/dist/src/formatters/github-annotations.d.ts.map +0 -1
package/dist/src/formatters/github-annotations.js.map +0 -1
package/dist/src/formatters/index.d.ts.map +0 -1
package/dist/src/formatters/index.js.map +0 -1
package/dist/src/formatters/junit.d.ts.map +0 -1
package/dist/src/formatters/junit.js.map +0 -1
package/dist/src/formatters/sarif.d.ts.map +0 -1
package/dist/src/formatters/sarif.js.map +0 -1
package/dist/src/index.d.ts.map +0 -1
package/dist/src/index.js.map +0 -1
package/src/adapters/base.ts +0 -19
package/src/adapters/council/claude.ts +0 -41
package/src/adapters/council/openai.ts +0 -40
package/src/adapters/council/types.ts +0 -7
package/src/adapters/loader.ts +0 -108
package/src/adapters/migration-runner/supabase.ts +0 -56
package/src/adapters/migration-runner/types.ts +0 -36
package/src/adapters/review-bot-parser/cursor.ts +0 -13
package/src/adapters/review-bot-parser/declarative-base.ts +0 -64
package/src/adapters/review-bot-parser/types.ts +0 -9
package/src/adapters/review-engine/auto.ts +0 -94
package/src/adapters/review-engine/claude.ts +0 -100
package/src/adapters/review-engine/codex.ts +0 -82
package/src/adapters/review-engine/gemini.ts +0 -105
package/src/adapters/review-engine/openai-compatible.ts +0 -100
package/src/adapters/review-engine/parse-output.ts +0 -74
package/src/adapters/review-engine/prompt-builder.ts +0 -19
package/src/adapters/review-engine/types.ts +0 -19
package/src/adapters/vcs-host/commit-status.ts +0 -39
package/src/adapters/vcs-host/github.ts +0 -77
package/src/adapters/vcs-host/types.ts +0 -44
package/src/cli/_pkg-root.ts +0 -85
package/src/cli/autoregress-bridge.ts +0 -30
package/src/cli/baseline.ts +0 -125
package/src/cli/ci.ts +0 -45
package/src/cli/costs.ts +0 -80
package/src/cli/council.ts +0 -96
package/src/cli/detector.ts +0 -92
package/src/cli/explain.ts +0 -197
package/src/cli/fix.ts +0 -249
package/src/cli/hook.ts +0 -124
package/src/cli/ignore-helper.ts +0 -116
package/src/cli/index.ts +0 -612
package/src/cli/lsp.ts +0 -200
package/src/cli/mcp.ts +0 -206
package/src/cli/migrate-v4.ts +0 -388
package/src/cli/pr-comment.ts +0 -139
package/src/cli/pr-desc.ts +0 -168
package/src/cli/pr-review-comments.ts +0 -92
package/src/cli/pr.ts +0 -76
package/src/cli/preflight.ts +0 -235
package/src/cli/report.ts +0 -186
package/src/cli/run.ts +0 -425
package/src/cli/scan.ts +0 -233
package/src/cli/setup.ts +0 -191
package/src/cli/test-gen.ts +0 -125
package/src/cli/triage.ts +0 -137
package/src/cli/watch.ts +0 -190
package/src/cli/worker.ts +0 -109
package/src/core/.gitkeep +0 -0
package/src/core/cache/cached-engine.ts +0 -32
package/src/core/cache/review-cache.ts +0 -70
package/src/core/chunking/index.ts +0 -113
package/src/core/chunking/risk-ranker.ts +0 -56
package/src/core/config/loader.ts +0 -53
package/src/core/config/preset-resolver.ts +0 -46
package/src/core/config/schema.ts +0 -181
package/src/core/config/types.ts +0 -98
package/src/core/council/config.ts +0 -71
package/src/core/council/context.ts +0 -17
package/src/core/council/runner.ts +0 -83
package/src/core/council/types.ts +0 -45
package/src/core/detect/git-context.ts +0 -27
package/src/core/detect/llm-key.ts +0 -89
package/src/core/detect/protected-paths.ts +0 -63
package/src/core/detect/provider-usage.ts +0 -74
package/src/core/detect/stack.ts +0 -153
package/src/core/detect/workspaces.ts +0 -103
package/src/core/errors.ts +0 -37
package/src/core/findings/dedup.ts +0 -14
package/src/core/findings/types.ts +0 -39
package/src/core/fix/generator.ts +0 -149
package/src/core/git/diff-hunks.ts +0 -86
package/src/core/git/touched-files.ts +0 -73
package/src/core/ignore/index.ts +0 -54
package/src/core/index.ts +0 -1
package/src/core/logging/ndjson-writer.ts +0 -37
package/src/core/logging/redaction.ts +0 -19
package/src/core/mcp/concurrency.ts +0 -16
package/src/core/mcp/handlers/fix-finding.ts +0 -126
package/src/core/mcp/handlers/get-capabilities.ts +0 -62
package/src/core/mcp/handlers/get-findings.ts +0 -36
package/src/core/mcp/handlers/review-diff.ts +0 -65
package/src/core/mcp/handlers/scan-files.ts +0 -65
package/src/core/mcp/handlers/validate-fix.ts +0 -41
package/src/core/mcp/run-store.ts +0 -85
package/src/core/mcp/workspace.ts +0 -35
package/src/core/persist/baseline.ts +0 -112
package/src/core/persist/cost-log.ts +0 -30
package/src/core/persist/findings-cache.ts +0 -43
package/src/core/persist/triage.ts +0 -112
package/src/core/phases/static-rules.ts +0 -93
package/src/core/phases/tests.ts +0 -51
package/src/core/pipeline/review-phase.ts +0 -182
package/src/core/pipeline/run.ts +0 -116
package/src/core/runtime/idempotency.ts +0 -6
package/src/core/runtime/lock.ts +0 -29
package/src/core/runtime/state.ts +0 -97
package/src/core/schema-alignment/detector.ts +0 -59
package/src/core/schema-alignment/extractor/index.ts +0 -24
package/src/core/schema-alignment/extractor/prisma.ts +0 -21
package/src/core/schema-alignment/extractor/sql.ts +0 -99
package/src/core/schema-alignment/llm-check.ts +0 -91
package/src/core/schema-alignment/scanner.ts +0 -107
package/src/core/schema-alignment/types.ts +0 -43
package/src/core/shell.ts +0 -48
package/src/core/static-rules/registry.ts +0 -59
package/src/core/static-rules/rules/brand-tokens.ts +0 -145
package/src/core/static-rules/rules/console-log.ts +0 -42
package/src/core/static-rules/rules/hardcoded-secrets.ts +0 -83
package/src/core/static-rules/rules/insecure-redirect.ts +0 -67
package/src/core/static-rules/rules/large-file.ts +0 -37
package/src/core/static-rules/rules/missing-auth.ts +0 -70
package/src/core/static-rules/rules/missing-tests.ts +0 -57
package/src/core/static-rules/rules/npm-audit.ts +0 -38
package/src/core/static-rules/rules/package-lock-sync.ts +0 -54
package/src/core/static-rules/rules/schema-alignment.ts +0 -132
package/src/core/static-rules/rules/sql-injection.ts +0 -71
package/src/core/static-rules/rules/ssrf.ts +0 -63
package/src/core/static-rules/rules/todo-fixme.ts +0 -40
package/src/core/static-rules/tailwind-extractor.ts +0 -38
package/src/core/test-gen/coverage-analyzer.ts +0 -93
package/src/core/test-gen/framework-detector.ts +0 -21
package/src/core/test-gen/test-writer.ts +0 -33
package/src/core/ui/design-context-loader.ts +0 -87
package/src/core/worker/client.ts +0 -46
package/src/core/worker/lockfile.ts +0 -38
package/src/core/worker/server.ts +0 -81
package/src/formatters/github-annotations.ts +0 -36
package/src/formatters/index.ts +0 -3
package/src/formatters/junit.ts +0 -52
package/src/formatters/sarif.ts +0 -103
package/src/index.ts +0 -3

package/src/cli/fix.ts DELETED Viewed

@@ -1,249 +0,0 @@
-import * as fs from 'node:fs';
-import * as path from 'node:path';
-import * as readline from 'node:readline';
-import { execSync } from 'node:child_process';
-import { loadCachedFindings } from '../core/persist/findings-cache.ts';
-import { loadConfig } from '../core/config/loader.ts';
-import { loadAdapter } from '../adapters/loader.ts';
-import type { ReviewEngine } from '../adapters/review-engine/types.ts';
-import type { Finding } from '../core/findings/types.ts';
-import type { GuardrailConfig } from '../core/config/types.ts';
-import { generateFix, buildUnifiedDiff, type GenerateResult } from '../core/fix/generator.ts';
-const C = {
-  reset: '\x1b[0m', bold: '\x1b[1m', dim: '\x1b[2m',
-  green: '\x1b[32m', yellow: '\x1b[33m', red: '\x1b[31m', cyan: '\x1b[36m',
-};
-const fmt = (c: keyof typeof C, t: string) => `${C[c]}${t}${C.reset}`;
-export interface FixCommandOptions {
-  cwd?: string;
-  configPath?: string;
-  severity?: 'critical' | 'warning' | 'all';
-  dryRun?: boolean;
-  yes?: boolean;      // skip per-fix confirmation prompts
-  noVerify?: boolean; // skip test verification after applying fix
-}
-interface FixResult {
-  file: string;
-  line: number;
-  findingMessage: string;
-  status: 'fixed' | 'skipped' | 'rejected' | 'failed';
-  reason?: string;
-}
-async function confirmFix(diff: string, finding: Finding): Promise<'yes' | 'no' | 'quit'> {
-  console.log('');
-  console.log(diff);
-  console.log('');
-  const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
-  return new Promise(resolve => {
-    rl.question(fmt('bold', '  Apply this fix? [y]es / [n]o / [q]uit  '), answer => {
-      rl.close();
-      const a = answer.trim().toLowerCase();
-      if (a === 'q') resolve('quit');
-      else if (a === 'y' || a === '') resolve('yes');
-      else resolve('no');
-    });
-  });
-}
-export async function runFix(options: FixCommandOptions = {}): Promise<number> {
-  const cwd = options.cwd ?? process.cwd();
-  const configPath = options.configPath ?? path.join(cwd, 'guardrail.config.yaml');
-  const severityFilter = options.severity ?? 'critical';
-  const findings = loadCachedFindings(cwd);
-  if (findings.length === 0) {
-    console.log(fmt('yellow', '[fix] No cached findings — run `guardrail scan <path>` or `guardrail run` first.'));
-    return 0;
-  }
-  const fixable = findings.filter(f => {
-    if (!f.line || !f.file || f.file === '<unspecified>' || f.file === '<pipeline>') return false;
-    if (severityFilter === 'all') return true;
-    if (severityFilter === 'critical') return f.severity === 'critical';
-    return f.severity === 'critical' || f.severity === 'warning';
-  });
-  if (fixable.length === 0) {
-    console.log(fmt('yellow', `[fix] No fixable findings (severity=${severityFilter}, need file+line).`));
-    return 0;
-  }
-  const modeNote = options.dryRun ? ' (dry run)' : options.yes ? '' : ' (interactive — use --yes to skip prompts)';
-  console.log(`\n${fmt('bold', '[fix]')} ${fixable.length} finding${fixable.length !== 1 ? 's' : ''} to attempt${modeNote}\n`);
-  // Print upfront summary of all fixable findings before prompting
-  for (const f of fixable) {
-    const sev = f.severity === 'critical' ? fmt('red', 'CRITICAL') : fmt('yellow', 'WARNING ');
-    const loc = fmt('dim', `${f.file}:${f.line}`);
-    console.log(`  [${sev}] ${loc} ${f.message}`);
-    if (f.suggestion) console.log(fmt('dim', `           → ${f.suggestion}`));
-  }
-  console.log('');
-  // Dry-run: listing the findings is sufficient — no LLM needed
-  if (options.dryRun) {
-    console.log(fmt('yellow', `[fix] Dry run — ${fixable.length} finding${fixable.length !== 1 ? 's' : ''} listed above, no files modified.\n`));
-    return 0;
-  }
-  // Load config + review engine (config optional — defaults to auto adapter)
-  let engine: ReviewEngine;
-  let loadedConfig: GuardrailConfig | null = null;
-  try {
-    loadedConfig = fs.existsSync(configPath) ? await loadConfig(configPath) : null;
-    const ref = loadedConfig
-      ? (typeof loadedConfig.reviewEngine === 'string' ? loadedConfig.reviewEngine : (loadedConfig.reviewEngine?.adapter ?? 'auto'))
-      : 'auto';
-    engine = await loadAdapter<ReviewEngine>({
-      point: 'review-engine',
-      ref,
-      options: loadedConfig && typeof loadedConfig.reviewEngine === 'object' ? loadedConfig.reviewEngine.options : undefined,
-    });
-  } catch (err) {
-    console.error(fmt('red', `[fix] Could not load review engine: ${err instanceof Error ? err.message : String(err)}`));
-    return 1;
-  }
-  const testCommand = loadedConfig?.testCommand ?? null;
-  const shouldVerify = !options.noVerify && !!testCommand;
-  if (shouldVerify) {
-    console.log(fmt('dim', `[fix] Verified mode — running "${testCommand}" after each fix\n`));
-  }
-  const results: FixResult[] = [];
-  let quit = false;
-  for (const finding of fixable) {
-    if (quit) {
-      results.push({ file: finding.file, line: finding.line!, findingMessage: finding.message, status: 'skipped', reason: 'user quit' });
-      continue;
-    }
-    const sev = finding.severity === 'critical' ? fmt('red', 'CRITICAL') : fmt('yellow', 'WARNING');
-    console.log(`\n  [${sev}] ${fmt('dim', `${finding.file}:${finding.line}`)} ${finding.message}`);
-    const result = await generateFix(finding, engine, cwd);
-    if (result.status === 'cannot_fix') {
-      console.log(fmt('dim', `    → skipped: ${result.reason}`));
-      results.push({ file: finding.file, line: finding.line!, findingMessage: finding.message, status: 'skipped', reason: result.reason });
-      continue;
-    }
-    if (result.status === 'rejected') {
-      console.log(fmt('yellow', `    → rejected: ${result.reason}`));
-      results.push({ file: finding.file, line: finding.line!, findingMessage: finding.message, status: 'rejected', reason: result.reason });
-      continue;
-    }
-    if (result.status === 'error') {
-      console.log(fmt('red', `    → error: ${result.reason}`));
-      results.push({ file: finding.file, line: finding.line!, findingMessage: finding.message, status: 'failed', reason: result.reason });
-      continue;
-    }
-    // Show diff
-    const diff = buildUnifiedDiff(result.originalLines!, result.replacementLines!, finding.file, result.startLine!);
-    if (options.dryRun) {
-      console.log('');
-      console.log(diff);
-      console.log(fmt('dim', '    (dry run — not applied)'));
-      results.push({ file: finding.file, line: finding.line!, findingMessage: finding.message, status: 'skipped', reason: 'dry run' });
-      continue;
-    }
-    // Interactive confirmation (unless --yes)
-    if (!options.yes) {
-      const answer = await confirmFix(diff, finding);
-      if (answer === 'quit') {
-        quit = true;
-        results.push({ file: finding.file, line: finding.line!, findingMessage: finding.message, status: 'skipped', reason: 'user quit' });
-        continue;
-      }
-      if (answer === 'no') {
-        results.push({ file: finding.file, line: finding.line!, findingMessage: finding.message, status: 'skipped', reason: 'user declined' });
-        continue;
-      }
-    } else {
-      // --yes mode: still print the diff so there's a record
-      console.log('');
-      console.log(diff);
-    }
-    // Apply fix atomically
-    try {
-      const absPath = path.resolve(cwd, finding.file);
-      const originalContent = fs.readFileSync(absPath, 'utf8');
-      const allLines = originalContent.split('\n');
-      const newLines = [
-        ...allLines.slice(0, result.startLine! - 1),
-        ...result.replacementLines!,
-        ...allLines.slice(result.endLine!),
-      ];
-      const tmp = absPath + '.guardrail.tmp';
-      fs.writeFileSync(tmp, newLines.join('\n'), 'utf8');
-      fs.renameSync(tmp, absPath);
-      if (shouldVerify) {
-        // Verified mode — same shell invocation pattern as phases/tests.ts
-        console.log(fmt('dim', `    ↻ verifying…`));
-        const passed = runTestCommand(testCommand!, cwd);
-        if (passed) {
-          console.log(fmt('green', `    ✓ applied + tests pass`));
-          results.push({ file: finding.file, line: finding.line!, findingMessage: finding.message, status: 'fixed' });
-        } else {
-          fs.writeFileSync(absPath, originalContent, 'utf8');
-          console.log(fmt('yellow', `    ⚠ reverted — tests failed after fix`));
-          results.push({ file: finding.file, line: finding.line!, findingMessage: finding.message, status: 'rejected', reason: 'tests failed after fix — reverted' });
-        }
-      } else {
-        console.log(fmt('green', `    ✓ applied`));
-        results.push({ file: finding.file, line: finding.line!, findingMessage: finding.message, status: 'fixed' });
-      }
-    } catch (err) {
-      console.log(fmt('red', `    ✗ write failed: ${err instanceof Error ? err.message : String(err)}`));
-      results.push({ file: finding.file, line: finding.line!, findingMessage: finding.message, status: 'failed', reason: String(err) });
-    }
-  }
-  const fixed    = results.filter(r => r.status === 'fixed').length;
-  const rejected = results.filter(r => r.status === 'rejected').length;
-  const failed   = results.filter(r => r.status === 'failed').length;
-  const skipped  = results.filter(r => r.status === 'skipped').length;
-  console.log('');
-  if (options.dryRun) {
-    console.log(fmt('yellow', `[fix] Dry run complete — ${fixable.length} finding${fixable.length !== 1 ? 's' : ''} previewed, no files modified.\n`));
-  } else {
-    const parts = [
-      fixed   > 0 ? fmt('green',  `${fixed} fixed`)    : null,
-      rejected > 0 ? fmt('yellow', `${rejected} rejected`) : null,
-      failed  > 0 ? fmt('red',    `${failed} failed`)   : null,
-      skipped > 0 ? fmt('dim',    `${skipped} skipped`)  : null,
-    ].filter(Boolean).join(fmt('dim', ' · '));
-    console.log(`[fix] ${parts}\n`);
-  }
-  return failed > 0 ? 1 : 0;
-}
-function runTestCommand(cmd: string, cwd: string): boolean {
-  try {
-    execSync(cmd, {
-      cwd,
-      stdio: 'ignore',
-      timeout: 120000,
-      shell: process.env.SHELL ?? '/bin/sh',
-    });
-    return true;
-  } catch {
-    return false;
-  }
-}

package/src/cli/hook.ts DELETED Viewed

@@ -1,124 +0,0 @@
-import * as fs from 'node:fs';
-import * as path from 'node:path';
-export const GUARDRAIL_MARKER = '# guardrail-managed';
-const PRE_COMMIT_TEMPLATE = `#!/bin/sh
-${GUARDRAIL_MARKER}
-# guardrail pre-commit hook — runs static rules only (<1s, no LLM)
-# --files accepts comma-separated paths; quoting prevents shell word-splitting
-STAGED=$(git diff --cached --name-only --diff-filter=ACM | tr '\\n' ',')
-STAGED=\${STAGED%,}
-if [ -z "$STAGED" ]; then exit 0; fi
-npx guardrail run --static-only --files "$STAGED"
-`;
-const PRE_PUSH_TEMPLATE = `#!/bin/sh
-${GUARDRAIL_MARKER}
-# guardrail pre-push hook — full LLM review against upstream
-BASE=$(git rev-parse --abbrev-ref --symbolic-full-name @{u} 2>/dev/null || echo "HEAD~1")
-npx guardrail run --base "$BASE"
-`;
-function findGitDir(cwd: string): string | null {
-  let dir = path.resolve(cwd);
-  for (let i = 0; i < 10; i++) {
-    const candidate = path.join(dir, '.git');
-    if (fs.existsSync(candidate)) {
-      const stat = fs.statSync(candidate);
-      if (stat.isDirectory()) return candidate;
-      if (stat.isFile()) {
-        const content = fs.readFileSync(candidate, 'utf8');
-        const match = content.match(/^gitdir:\s*(.+)/m);
-        if (match) return path.resolve(dir, match[1]!.trim());
-      }
-    }
-    const parent = path.dirname(dir);
-    if (parent === dir) return null;
-    dir = parent;
-  }
-  return null;
-}
-function isGuardrailHook(hookPath: string): boolean {
-  try {
-    return fs.readFileSync(hookPath, 'utf8').includes(GUARDRAIL_MARKER);
-  } catch {
-    return false;
-  }
-}
-function writeHook(hookPath: string, content: string, force: boolean): boolean {
-  if (fs.existsSync(hookPath) && !force && !isGuardrailHook(hookPath)) {
-    console.error(`[hook] hook already exists at ${hookPath} (not guardrail-managed)`);
-    console.error('       Use --force to overwrite.');
-    return false;
-  }
-  fs.mkdirSync(path.dirname(hookPath), { recursive: true });
-  fs.writeFileSync(hookPath, content, 'utf8');
-  fs.chmodSync(hookPath, 0o755);
-  return true;
-}
-function removeHook(hookPath: string): void {
-  if (!fs.existsSync(hookPath)) return;
-  if (isGuardrailHook(hookPath)) {
-    fs.rmSync(hookPath);
-    console.log(`[hook] removed ${hookPath}`);
-  } else {
-    console.log(`[hook] skipping ${hookPath} — not guardrail-managed`);
-  }
-}
-export async function runHook(
-  sub: string,
-  options: { cwd?: string; force?: boolean; silent?: boolean; preCommitOnly?: boolean; prePushOnly?: boolean } = {},
-): Promise<number> {
-  const cwd = options.cwd ?? process.cwd();
-  const gitDir = findGitDir(cwd);
-  if (!gitDir) {
-    if (!options.silent) console.error('[hook] not inside a git repository');
-    return 1;
-  }
-  const hooksDir = path.join(gitDir, 'hooks');
-  const preCommitPath = path.join(hooksDir, 'pre-commit');
-  const prePushPath = path.join(hooksDir, 'pre-push');
-  const force = options.force ?? false;
-  switch (sub) {
-    case 'install': {
-      const installPreCommit = !options.prePushOnly;
-      const installPrePush = !options.preCommitOnly;
-      let ok = true;
-      if (installPreCommit) {
-        const written = writeHook(preCommitPath, PRE_COMMIT_TEMPLATE, force);
-        if (written) console.log(`[hook] installed pre-commit hook at ${preCommitPath}`);
-        else ok = false;
-      }
-      if (installPrePush) {
-        const written = writeHook(prePushPath, PRE_PUSH_TEMPLATE, force);
-        if (written) console.log(`[hook] installed pre-push hook at ${prePushPath}`);
-        else ok = false;
-      }
-      return ok ? 0 : 1;
-    }
-    case 'uninstall': {
-      removeHook(preCommitPath);
-      removeHook(prePushPath);
-      return 0;
-    }
-    case 'status': {
-      const pcInstalled = fs.existsSync(preCommitPath) && isGuardrailHook(preCommitPath);
-      const ppInstalled = fs.existsSync(prePushPath) && isGuardrailHook(prePushPath);
-      console.log(`[hook] pre-commit: ${pcInstalled ? 'installed (guardrail-managed)' : 'not installed'}`);
-      console.log(`[hook] pre-push:   ${ppInstalled ? 'installed (guardrail-managed)' : 'not installed'}`);
-      return 0;
-    }
-    default:
-      console.error(`[hook] unknown subcommand: ${sub}`);
-      console.error('Usage: guardrail hook <install|uninstall|status> [--force] [--pre-commit-only] [--pre-push-only]');
-      return 1;
-  }
-}

package/src/cli/ignore-helper.ts DELETED Viewed

@@ -1,116 +0,0 @@
-import * as fs from 'node:fs';
-import * as path from 'node:path';
-import * as readline from 'node:readline';
-import { loadCachedFindings } from '../core/persist/findings-cache.ts';
-import type { Finding } from '../core/findings/types.ts';
-const C = {
-  reset: '\x1b[0m', bold: '\x1b[1m', dim: '\x1b[2m',
-  green: '\x1b[32m', yellow: '\x1b[33m', red: '\x1b[31m',
-};
-const fmt = (c: keyof typeof C, t: string) => `${C[c]}${t}${C.reset}`;
-const IGNORE_FILE = '.guardrail-ignore';
-function readIgnoreFile(cwd: string): string {
-  const p = path.join(cwd, IGNORE_FILE);
-  return fs.existsSync(p) ? fs.readFileSync(p, 'utf8') : '';
-}
-function appendIgnoreRule(cwd: string, rule: string): void {
-  const p = path.join(cwd, IGNORE_FILE);
-  const existing = readIgnoreFile(cwd);
-  const separator = existing && !existing.endsWith('\n') ? '\n' : '';
-  fs.appendFileSync(p, `${separator}${rule}\n`, 'utf8');
-}
-function isAlreadyIgnored(existing: string, rule: string): boolean {
-  return existing.split('\n').some(l => l.trim() === rule);
-}
-function buildRule(finding: Finding, scope: 'path' | 'rule+path' | 'rule'): string {
-  if (scope === 'path') {
-    const dir = path.dirname(finding.file);
-    return dir === '.' ? finding.file : `${dir}/**`;
-  }
-  if (scope === 'rule') return `${finding.id} **`;
-  // rule+path: most specific
-  const dir = path.dirname(finding.file);
-  const glob = dir === '.' ? finding.file : `${dir}/**`;
-  return `${finding.id} ${glob}`;
-}
-async function prompt(question: string): Promise<string> {
-  const rl = readline.createInterface({ input: process.stdin, output: process.stdout });
-  return new Promise(resolve => {
-    rl.question(question, answer => { rl.close(); resolve(answer.trim()); });
-  });
-}
-export interface IgnoreCommandOptions {
-  cwd?: string;
-  all?: boolean;       // suppress all findings without prompting
-  dryRun?: boolean;
-}
-export async function runIgnore(options: IgnoreCommandOptions = {}): Promise<number> {
-  const cwd = options.cwd ?? process.cwd();
-  const findings = loadCachedFindings(cwd);
-  if (findings.length === 0) {
-    console.log(fmt('yellow', '[ignore] No cached findings — run `guardrail run` or `guardrail scan` first.'));
-    return 0;
-  }
-  const existing = readIgnoreFile(cwd);
-  let added = 0;
-  console.log(`\n${fmt('bold', '[ignore]')} ${findings.length} finding${findings.length !== 1 ? 's' : ''} to review\n`);
-  for (const [i, f] of findings.entries()) {
-    const sev = f.severity === 'critical' ? fmt('red', 'CRITICAL')
-              : f.severity === 'warning'  ? fmt('yellow', 'WARNING ')
-              : fmt('dim',   'NOTE    ');
-    const loc = f.file !== '<unspecified>' ? `${f.file}${f.line ? `:${f.line}` : ''}` : '<pipeline>';
-    console.log(`\n${fmt('bold', `${i + 1}/${findings.length}`)}  [${sev}] ${f.message}`);
-    console.log(fmt('dim', `     ${loc}  (rule: ${f.id})`));
-    let scope: string;
-    if (options.all) {
-      scope = 'r';  // rule+path
-    } else {
-      console.log(fmt('dim', '     [s] skip  [p] suppress path  [r] suppress rule+path  [R] suppress rule everywhere  [q] quit'));
-      scope = await prompt('     > ');
-    }
-    if (scope === 'q') break;
-    if (scope === 's' || scope === '') continue;
-    const ruleScope = scope === 'p' ? 'path' : scope === 'R' ? 'rule' : 'rule+path';
-    const rule = buildRule(f, ruleScope);
-    if (isAlreadyIgnored(existing, rule)) {
-      console.log(fmt('dim', `     (already in ${IGNORE_FILE}: ${rule})`));
-      continue;
-    }
-    if (options.dryRun) {
-      console.log(fmt('dim', `     (dry run) would add: ${rule}`));
-    } else {
-      appendIgnoreRule(cwd, rule);
-      console.log(fmt('green', `     + added: ${rule}`));
-    }
-    added++;
-  }
-  console.log('');
-  if (options.dryRun) {
-    console.log(fmt('yellow', `[ignore] Dry run — ${added} rule${added !== 1 ? 's' : ''} would be added to ${IGNORE_FILE}\n`));
-  } else if (added > 0) {
-    console.log(fmt('green', `[ignore] ${added} rule${added !== 1 ? 's' : ''} added to ${IGNORE_FILE}\n`));
-  } else {
-    console.log(fmt('dim', `[ignore] No rules added\n`));
-  }
-  return 0;
-}