npm - @delegance/claude-autopilot - Versions diffs - 5.0.1 → 5.0.3 - Mend

@delegance/claude-autopilot 5.0.1 → 5.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (412) hide show

package/dist/src/adapters/review-engine/codex.js +13 -1
package/dist/src/cli/index.js +39 -1
package/dist/src/cli/preflight.js +17 -4
package/dist/src/cli/scan.js +12 -0
package/package.json +4 -3
package/dist/presets/go/rules/go-sql-injection.d.ts.map +0 -1
package/dist/presets/go/rules/go-sql-injection.js.map +0 -1
package/dist/presets/nextjs-supabase/rules/supabase-rls-bypass.d.ts.map +0 -1
package/dist/presets/nextjs-supabase/rules/supabase-rls-bypass.js.map +0 -1
package/dist/presets/python-fastapi/rules/fastapi-missing-auth.d.ts.map +0 -1
package/dist/presets/python-fastapi/rules/fastapi-missing-auth.js.map +0 -1
package/dist/presets/rails-postgres/rules/rails-sql-injection.d.ts.map +0 -1
package/dist/presets/rails-postgres/rules/rails-sql-injection.js.map +0 -1
package/dist/presets/t3/rules/t3-server-only.d.ts.map +0 -1
package/dist/presets/t3/rules/t3-server-only.js.map +0 -1
package/dist/src/adapters/base.d.ts.map +0 -1
package/dist/src/adapters/base.js.map +0 -1
package/dist/src/adapters/council/claude.d.ts.map +0 -1
package/dist/src/adapters/council/claude.js.map +0 -1
package/dist/src/adapters/council/openai.d.ts.map +0 -1
package/dist/src/adapters/council/openai.js.map +0 -1
package/dist/src/adapters/council/types.d.ts.map +0 -1
package/dist/src/adapters/council/types.js.map +0 -1
package/dist/src/adapters/loader.d.ts.map +0 -1
package/dist/src/adapters/loader.js.map +0 -1
package/dist/src/adapters/migration-runner/supabase.d.ts.map +0 -1
package/dist/src/adapters/migration-runner/supabase.js.map +0 -1
package/dist/src/adapters/migration-runner/types.d.ts.map +0 -1
package/dist/src/adapters/migration-runner/types.js.map +0 -1
package/dist/src/adapters/review-bot-parser/cursor.d.ts.map +0 -1
package/dist/src/adapters/review-bot-parser/cursor.js.map +0 -1
package/dist/src/adapters/review-bot-parser/declarative-base.d.ts.map +0 -1
package/dist/src/adapters/review-bot-parser/declarative-base.js.map +0 -1
package/dist/src/adapters/review-bot-parser/types.d.ts.map +0 -1
package/dist/src/adapters/review-bot-parser/types.js.map +0 -1
package/dist/src/adapters/review-engine/auto.d.ts.map +0 -1
package/dist/src/adapters/review-engine/auto.js.map +0 -1
package/dist/src/adapters/review-engine/claude.d.ts.map +0 -1
package/dist/src/adapters/review-engine/claude.js.map +0 -1
package/dist/src/adapters/review-engine/codex.d.ts.map +0 -1
package/dist/src/adapters/review-engine/codex.js.map +0 -1
package/dist/src/adapters/review-engine/gemini.d.ts.map +0 -1
package/dist/src/adapters/review-engine/gemini.js.map +0 -1
package/dist/src/adapters/review-engine/openai-compatible.d.ts.map +0 -1
package/dist/src/adapters/review-engine/openai-compatible.js.map +0 -1
package/dist/src/adapters/review-engine/parse-output.d.ts.map +0 -1
package/dist/src/adapters/review-engine/parse-output.js.map +0 -1
package/dist/src/adapters/review-engine/prompt-builder.d.ts.map +0 -1
package/dist/src/adapters/review-engine/prompt-builder.js.map +0 -1
package/dist/src/adapters/review-engine/types.d.ts.map +0 -1
package/dist/src/adapters/review-engine/types.js.map +0 -1
package/dist/src/adapters/vcs-host/commit-status.d.ts.map +0 -1
package/dist/src/adapters/vcs-host/commit-status.js.map +0 -1
package/dist/src/adapters/vcs-host/github.d.ts.map +0 -1
package/dist/src/adapters/vcs-host/github.js.map +0 -1
package/dist/src/adapters/vcs-host/types.d.ts.map +0 -1
package/dist/src/adapters/vcs-host/types.js.map +0 -1
package/dist/src/cli/_pkg-root.d.ts.map +0 -1
package/dist/src/cli/_pkg-root.js.map +0 -1
package/dist/src/cli/autoregress-bridge.d.ts.map +0 -1
package/dist/src/cli/autoregress-bridge.js.map +0 -1
package/dist/src/cli/baseline.d.ts.map +0 -1
package/dist/src/cli/baseline.js.map +0 -1
package/dist/src/cli/ci.d.ts.map +0 -1
package/dist/src/cli/ci.js.map +0 -1
package/dist/src/cli/costs.d.ts.map +0 -1
package/dist/src/cli/costs.js.map +0 -1
package/dist/src/cli/council.d.ts.map +0 -1
package/dist/src/cli/council.js.map +0 -1
package/dist/src/cli/detector.d.ts.map +0 -1
package/dist/src/cli/detector.js.map +0 -1
package/dist/src/cli/explain.d.ts.map +0 -1
package/dist/src/cli/explain.js.map +0 -1
package/dist/src/cli/fix.d.ts.map +0 -1
package/dist/src/cli/fix.js.map +0 -1
package/dist/src/cli/hook.d.ts.map +0 -1
package/dist/src/cli/hook.js.map +0 -1
package/dist/src/cli/ignore-helper.d.ts.map +0 -1
package/dist/src/cli/ignore-helper.js.map +0 -1
package/dist/src/cli/index.d.ts.map +0 -1
package/dist/src/cli/index.js.map +0 -1
package/dist/src/cli/lsp.d.ts.map +0 -1
package/dist/src/cli/lsp.js.map +0 -1
package/dist/src/cli/mcp.d.ts.map +0 -1
package/dist/src/cli/mcp.js.map +0 -1
package/dist/src/cli/migrate-v4.d.ts.map +0 -1
package/dist/src/cli/migrate-v4.js.map +0 -1
package/dist/src/cli/pr-comment.d.ts.map +0 -1
package/dist/src/cli/pr-comment.js.map +0 -1
package/dist/src/cli/pr-desc.d.ts.map +0 -1
package/dist/src/cli/pr-desc.js.map +0 -1
package/dist/src/cli/pr-review-comments.d.ts.map +0 -1
package/dist/src/cli/pr-review-comments.js.map +0 -1
package/dist/src/cli/pr.d.ts.map +0 -1
package/dist/src/cli/pr.js.map +0 -1
package/dist/src/cli/preflight.d.ts.map +0 -1
package/dist/src/cli/preflight.js.map +0 -1
package/dist/src/cli/report.d.ts.map +0 -1
package/dist/src/cli/report.js.map +0 -1
package/dist/src/cli/run.d.ts.map +0 -1
package/dist/src/cli/run.js.map +0 -1
package/dist/src/cli/scan.d.ts.map +0 -1
package/dist/src/cli/scan.js.map +0 -1
package/dist/src/cli/setup.d.ts.map +0 -1
package/dist/src/cli/setup.js.map +0 -1
package/dist/src/cli/test-gen.d.ts.map +0 -1
package/dist/src/cli/test-gen.js.map +0 -1
package/dist/src/cli/triage.d.ts.map +0 -1
package/dist/src/cli/triage.js.map +0 -1
package/dist/src/cli/watch.d.ts.map +0 -1
package/dist/src/cli/watch.js.map +0 -1
package/dist/src/cli/worker.d.ts.map +0 -1
package/dist/src/cli/worker.js.map +0 -1
package/dist/src/core/cache/cached-engine.d.ts.map +0 -1
package/dist/src/core/cache/cached-engine.js.map +0 -1
package/dist/src/core/cache/review-cache.d.ts.map +0 -1
package/dist/src/core/cache/review-cache.js.map +0 -1
package/dist/src/core/chunking/index.d.ts.map +0 -1
package/dist/src/core/chunking/index.js.map +0 -1
package/dist/src/core/chunking/risk-ranker.d.ts.map +0 -1
package/dist/src/core/chunking/risk-ranker.js.map +0 -1
package/dist/src/core/config/loader.d.ts.map +0 -1
package/dist/src/core/config/loader.js.map +0 -1
package/dist/src/core/config/preset-resolver.d.ts.map +0 -1
package/dist/src/core/config/preset-resolver.js.map +0 -1
package/dist/src/core/config/schema.d.ts.map +0 -1
package/dist/src/core/config/schema.js.map +0 -1
package/dist/src/core/config/types.d.ts.map +0 -1
package/dist/src/core/config/types.js.map +0 -1
package/dist/src/core/council/config.d.ts.map +0 -1
package/dist/src/core/council/config.js.map +0 -1
package/dist/src/core/council/context.d.ts.map +0 -1
package/dist/src/core/council/context.js.map +0 -1
package/dist/src/core/council/runner.d.ts.map +0 -1
package/dist/src/core/council/runner.js.map +0 -1
package/dist/src/core/council/types.d.ts.map +0 -1
package/dist/src/core/council/types.js.map +0 -1
package/dist/src/core/detect/git-context.d.ts.map +0 -1
package/dist/src/core/detect/git-context.js.map +0 -1
package/dist/src/core/detect/llm-key.d.ts.map +0 -1
package/dist/src/core/detect/llm-key.js.map +0 -1
package/dist/src/core/detect/protected-paths.d.ts.map +0 -1
package/dist/src/core/detect/protected-paths.js.map +0 -1
package/dist/src/core/detect/provider-usage.d.ts.map +0 -1
package/dist/src/core/detect/provider-usage.js.map +0 -1
package/dist/src/core/detect/stack.d.ts.map +0 -1
package/dist/src/core/detect/stack.js.map +0 -1
package/dist/src/core/detect/workspaces.d.ts.map +0 -1
package/dist/src/core/detect/workspaces.js.map +0 -1
package/dist/src/core/errors.d.ts.map +0 -1
package/dist/src/core/errors.js.map +0 -1
package/dist/src/core/findings/dedup.d.ts.map +0 -1
package/dist/src/core/findings/dedup.js.map +0 -1
package/dist/src/core/findings/types.d.ts.map +0 -1
package/dist/src/core/findings/types.js.map +0 -1
package/dist/src/core/fix/generator.d.ts.map +0 -1
package/dist/src/core/fix/generator.js.map +0 -1
package/dist/src/core/git/diff-hunks.d.ts.map +0 -1
package/dist/src/core/git/diff-hunks.js.map +0 -1
package/dist/src/core/git/touched-files.d.ts.map +0 -1
package/dist/src/core/git/touched-files.js.map +0 -1
package/dist/src/core/ignore/index.d.ts.map +0 -1
package/dist/src/core/ignore/index.js.map +0 -1
package/dist/src/core/index.d.ts.map +0 -1
package/dist/src/core/index.js.map +0 -1
package/dist/src/core/logging/ndjson-writer.d.ts.map +0 -1
package/dist/src/core/logging/ndjson-writer.js.map +0 -1
package/dist/src/core/logging/redaction.d.ts.map +0 -1
package/dist/src/core/logging/redaction.js.map +0 -1
package/dist/src/core/mcp/concurrency.d.ts.map +0 -1
package/dist/src/core/mcp/concurrency.js.map +0 -1
package/dist/src/core/mcp/handlers/fix-finding.d.ts.map +0 -1
package/dist/src/core/mcp/handlers/fix-finding.js.map +0 -1
package/dist/src/core/mcp/handlers/get-capabilities.d.ts.map +0 -1
package/dist/src/core/mcp/handlers/get-capabilities.js.map +0 -1
package/dist/src/core/mcp/handlers/get-findings.d.ts.map +0 -1
package/dist/src/core/mcp/handlers/get-findings.js.map +0 -1
package/dist/src/core/mcp/handlers/review-diff.d.ts.map +0 -1
package/dist/src/core/mcp/handlers/review-diff.js.map +0 -1
package/dist/src/core/mcp/handlers/scan-files.d.ts.map +0 -1
package/dist/src/core/mcp/handlers/scan-files.js.map +0 -1
package/dist/src/core/mcp/handlers/validate-fix.d.ts.map +0 -1
package/dist/src/core/mcp/handlers/validate-fix.js.map +0 -1
package/dist/src/core/mcp/run-store.d.ts.map +0 -1
package/dist/src/core/mcp/run-store.js.map +0 -1
package/dist/src/core/mcp/workspace.d.ts.map +0 -1
package/dist/src/core/mcp/workspace.js.map +0 -1
package/dist/src/core/persist/baseline.d.ts.map +0 -1
package/dist/src/core/persist/baseline.js.map +0 -1
package/dist/src/core/persist/cost-log.d.ts.map +0 -1
package/dist/src/core/persist/cost-log.js.map +0 -1
package/dist/src/core/persist/findings-cache.d.ts.map +0 -1
package/dist/src/core/persist/findings-cache.js.map +0 -1
package/dist/src/core/persist/triage.d.ts.map +0 -1
package/dist/src/core/persist/triage.js.map +0 -1
package/dist/src/core/phases/static-rules.d.ts.map +0 -1
package/dist/src/core/phases/static-rules.js.map +0 -1
package/dist/src/core/phases/tests.d.ts.map +0 -1
package/dist/src/core/phases/tests.js.map +0 -1
package/dist/src/core/pipeline/review-phase.d.ts.map +0 -1
package/dist/src/core/pipeline/review-phase.js.map +0 -1
package/dist/src/core/pipeline/run.d.ts.map +0 -1
package/dist/src/core/pipeline/run.js.map +0 -1
package/dist/src/core/runtime/idempotency.d.ts.map +0 -1
package/dist/src/core/runtime/idempotency.js.map +0 -1
package/dist/src/core/runtime/lock.d.ts.map +0 -1
package/dist/src/core/runtime/lock.js.map +0 -1
package/dist/src/core/runtime/state.d.ts.map +0 -1
package/dist/src/core/runtime/state.js.map +0 -1
package/dist/src/core/schema-alignment/detector.d.ts.map +0 -1
package/dist/src/core/schema-alignment/detector.js.map +0 -1
package/dist/src/core/schema-alignment/extractor/index.d.ts.map +0 -1
package/dist/src/core/schema-alignment/extractor/index.js.map +0 -1
package/dist/src/core/schema-alignment/extractor/prisma.d.ts.map +0 -1
package/dist/src/core/schema-alignment/extractor/prisma.js.map +0 -1
package/dist/src/core/schema-alignment/extractor/sql.d.ts.map +0 -1
package/dist/src/core/schema-alignment/extractor/sql.js.map +0 -1
package/dist/src/core/schema-alignment/llm-check.d.ts.map +0 -1
package/dist/src/core/schema-alignment/llm-check.js.map +0 -1
package/dist/src/core/schema-alignment/scanner.d.ts.map +0 -1
package/dist/src/core/schema-alignment/scanner.js.map +0 -1
package/dist/src/core/schema-alignment/types.d.ts.map +0 -1
package/dist/src/core/schema-alignment/types.js.map +0 -1
package/dist/src/core/shell.d.ts.map +0 -1
package/dist/src/core/shell.js.map +0 -1
package/dist/src/core/static-rules/registry.d.ts.map +0 -1
package/dist/src/core/static-rules/registry.js.map +0 -1
package/dist/src/core/static-rules/rules/brand-tokens.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/brand-tokens.js.map +0 -1
package/dist/src/core/static-rules/rules/console-log.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/console-log.js.map +0 -1
package/dist/src/core/static-rules/rules/hardcoded-secrets.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/hardcoded-secrets.js.map +0 -1
package/dist/src/core/static-rules/rules/insecure-redirect.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/insecure-redirect.js.map +0 -1
package/dist/src/core/static-rules/rules/large-file.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/large-file.js.map +0 -1
package/dist/src/core/static-rules/rules/missing-auth.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/missing-auth.js.map +0 -1
package/dist/src/core/static-rules/rules/missing-tests.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/missing-tests.js.map +0 -1
package/dist/src/core/static-rules/rules/npm-audit.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/npm-audit.js.map +0 -1
package/dist/src/core/static-rules/rules/package-lock-sync.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/package-lock-sync.js.map +0 -1
package/dist/src/core/static-rules/rules/schema-alignment.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/schema-alignment.js.map +0 -1
package/dist/src/core/static-rules/rules/sql-injection.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/sql-injection.js.map +0 -1
package/dist/src/core/static-rules/rules/ssrf.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/ssrf.js.map +0 -1
package/dist/src/core/static-rules/rules/todo-fixme.d.ts.map +0 -1
package/dist/src/core/static-rules/rules/todo-fixme.js.map +0 -1
package/dist/src/core/static-rules/tailwind-extractor.d.ts.map +0 -1
package/dist/src/core/static-rules/tailwind-extractor.js.map +0 -1
package/dist/src/core/test-gen/coverage-analyzer.d.ts.map +0 -1
package/dist/src/core/test-gen/coverage-analyzer.js.map +0 -1
package/dist/src/core/test-gen/framework-detector.d.ts.map +0 -1
package/dist/src/core/test-gen/framework-detector.js.map +0 -1
package/dist/src/core/test-gen/test-writer.d.ts.map +0 -1
package/dist/src/core/test-gen/test-writer.js.map +0 -1
package/dist/src/core/ui/design-context-loader.d.ts.map +0 -1
package/dist/src/core/ui/design-context-loader.js.map +0 -1
package/dist/src/core/worker/client.d.ts.map +0 -1
package/dist/src/core/worker/client.js.map +0 -1
package/dist/src/core/worker/lockfile.d.ts.map +0 -1
package/dist/src/core/worker/lockfile.js.map +0 -1
package/dist/src/core/worker/server.d.ts.map +0 -1
package/dist/src/core/worker/server.js.map +0 -1
package/dist/src/formatters/github-annotations.d.ts.map +0 -1
package/dist/src/formatters/github-annotations.js.map +0 -1
package/dist/src/formatters/index.d.ts.map +0 -1
package/dist/src/formatters/index.js.map +0 -1
package/dist/src/formatters/junit.d.ts.map +0 -1
package/dist/src/formatters/junit.js.map +0 -1
package/dist/src/formatters/sarif.d.ts.map +0 -1
package/dist/src/formatters/sarif.js.map +0 -1
package/dist/src/index.d.ts.map +0 -1
package/dist/src/index.js.map +0 -1
package/src/adapters/base.ts +0 -19
package/src/adapters/council/claude.ts +0 -41
package/src/adapters/council/openai.ts +0 -40
package/src/adapters/council/types.ts +0 -7
package/src/adapters/loader.ts +0 -108
package/src/adapters/migration-runner/supabase.ts +0 -56
package/src/adapters/migration-runner/types.ts +0 -36
package/src/adapters/review-bot-parser/cursor.ts +0 -13
package/src/adapters/review-bot-parser/declarative-base.ts +0 -64
package/src/adapters/review-bot-parser/types.ts +0 -9
package/src/adapters/review-engine/auto.ts +0 -94
package/src/adapters/review-engine/claude.ts +0 -100
package/src/adapters/review-engine/codex.ts +0 -82
package/src/adapters/review-engine/gemini.ts +0 -105
package/src/adapters/review-engine/openai-compatible.ts +0 -100
package/src/adapters/review-engine/parse-output.ts +0 -74
package/src/adapters/review-engine/prompt-builder.ts +0 -19
package/src/adapters/review-engine/types.ts +0 -19
package/src/adapters/vcs-host/commit-status.ts +0 -39
package/src/adapters/vcs-host/github.ts +0 -77
package/src/adapters/vcs-host/types.ts +0 -44
package/src/cli/_pkg-root.ts +0 -85
package/src/cli/autoregress-bridge.ts +0 -30
package/src/cli/baseline.ts +0 -125
package/src/cli/ci.ts +0 -45
package/src/cli/costs.ts +0 -80
package/src/cli/council.ts +0 -96
package/src/cli/detector.ts +0 -92
package/src/cli/explain.ts +0 -197
package/src/cli/fix.ts +0 -249
package/src/cli/hook.ts +0 -124
package/src/cli/ignore-helper.ts +0 -116
package/src/cli/index.ts +0 -612
package/src/cli/lsp.ts +0 -200
package/src/cli/mcp.ts +0 -206
package/src/cli/migrate-v4.ts +0 -388
package/src/cli/pr-comment.ts +0 -139
package/src/cli/pr-desc.ts +0 -168
package/src/cli/pr-review-comments.ts +0 -92
package/src/cli/pr.ts +0 -76
package/src/cli/preflight.ts +0 -235
package/src/cli/report.ts +0 -186
package/src/cli/run.ts +0 -425
package/src/cli/scan.ts +0 -233
package/src/cli/setup.ts +0 -191
package/src/cli/test-gen.ts +0 -125
package/src/cli/triage.ts +0 -137
package/src/cli/watch.ts +0 -190
package/src/cli/worker.ts +0 -109
package/src/core/.gitkeep +0 -0
package/src/core/cache/cached-engine.ts +0 -32
package/src/core/cache/review-cache.ts +0 -70
package/src/core/chunking/index.ts +0 -113
package/src/core/chunking/risk-ranker.ts +0 -56
package/src/core/config/loader.ts +0 -53
package/src/core/config/preset-resolver.ts +0 -46
package/src/core/config/schema.ts +0 -181
package/src/core/config/types.ts +0 -98
package/src/core/council/config.ts +0 -71
package/src/core/council/context.ts +0 -17
package/src/core/council/runner.ts +0 -83
package/src/core/council/types.ts +0 -45
package/src/core/detect/git-context.ts +0 -27
package/src/core/detect/llm-key.ts +0 -89
package/src/core/detect/protected-paths.ts +0 -63
package/src/core/detect/provider-usage.ts +0 -74
package/src/core/detect/stack.ts +0 -153
package/src/core/detect/workspaces.ts +0 -103
package/src/core/errors.ts +0 -37
package/src/core/findings/dedup.ts +0 -14
package/src/core/findings/types.ts +0 -39
package/src/core/fix/generator.ts +0 -149
package/src/core/git/diff-hunks.ts +0 -86
package/src/core/git/touched-files.ts +0 -73
package/src/core/ignore/index.ts +0 -54
package/src/core/index.ts +0 -1
package/src/core/logging/ndjson-writer.ts +0 -37
package/src/core/logging/redaction.ts +0 -19
package/src/core/mcp/concurrency.ts +0 -16
package/src/core/mcp/handlers/fix-finding.ts +0 -126
package/src/core/mcp/handlers/get-capabilities.ts +0 -62
package/src/core/mcp/handlers/get-findings.ts +0 -36
package/src/core/mcp/handlers/review-diff.ts +0 -65
package/src/core/mcp/handlers/scan-files.ts +0 -65
package/src/core/mcp/handlers/validate-fix.ts +0 -41
package/src/core/mcp/run-store.ts +0 -85
package/src/core/mcp/workspace.ts +0 -35
package/src/core/persist/baseline.ts +0 -112
package/src/core/persist/cost-log.ts +0 -30
package/src/core/persist/findings-cache.ts +0 -43
package/src/core/persist/triage.ts +0 -112
package/src/core/phases/static-rules.ts +0 -93
package/src/core/phases/tests.ts +0 -51
package/src/core/pipeline/review-phase.ts +0 -182
package/src/core/pipeline/run.ts +0 -116
package/src/core/runtime/idempotency.ts +0 -6
package/src/core/runtime/lock.ts +0 -29
package/src/core/runtime/state.ts +0 -97
package/src/core/schema-alignment/detector.ts +0 -59
package/src/core/schema-alignment/extractor/index.ts +0 -24
package/src/core/schema-alignment/extractor/prisma.ts +0 -21
package/src/core/schema-alignment/extractor/sql.ts +0 -99
package/src/core/schema-alignment/llm-check.ts +0 -91
package/src/core/schema-alignment/scanner.ts +0 -107
package/src/core/schema-alignment/types.ts +0 -43
package/src/core/shell.ts +0 -48
package/src/core/static-rules/registry.ts +0 -59
package/src/core/static-rules/rules/brand-tokens.ts +0 -145
package/src/core/static-rules/rules/console-log.ts +0 -42
package/src/core/static-rules/rules/hardcoded-secrets.ts +0 -83
package/src/core/static-rules/rules/insecure-redirect.ts +0 -67
package/src/core/static-rules/rules/large-file.ts +0 -37
package/src/core/static-rules/rules/missing-auth.ts +0 -70
package/src/core/static-rules/rules/missing-tests.ts +0 -57
package/src/core/static-rules/rules/npm-audit.ts +0 -38
package/src/core/static-rules/rules/package-lock-sync.ts +0 -54
package/src/core/static-rules/rules/schema-alignment.ts +0 -132
package/src/core/static-rules/rules/sql-injection.ts +0 -71
package/src/core/static-rules/rules/ssrf.ts +0 -63
package/src/core/static-rules/rules/todo-fixme.ts +0 -40
package/src/core/static-rules/tailwind-extractor.ts +0 -38
package/src/core/test-gen/coverage-analyzer.ts +0 -93
package/src/core/test-gen/framework-detector.ts +0 -21
package/src/core/test-gen/test-writer.ts +0 -33
package/src/core/ui/design-context-loader.ts +0 -87
package/src/core/worker/client.ts +0 -46
package/src/core/worker/lockfile.ts +0 -38
package/src/core/worker/server.ts +0 -81
package/src/formatters/github-annotations.ts +0 -36
package/src/formatters/index.ts +0 -3
package/src/formatters/junit.ts +0 -52
package/src/formatters/sarif.ts +0 -103
package/src/index.ts +0 -3

package/src/core/persist/baseline.ts DELETED Viewed

@@ -1,112 +0,0 @@
-import * as fs from 'node:fs';
-import * as path from 'node:path';
-import type { Finding } from '../findings/types.ts';
-const BASELINE_FILE = '.guardrail-baseline.json';
-export interface BaselineEntry {
-  id: string;
-  file: string;
-  line?: number;
-  severity: string;
-  message: string;
-  pinnedAt: string;
-  note?: string;
-}
-export interface Baseline {
-  version: 1;
-  createdAt: string;
-  updatedAt: string;
-  note?: string;
-  entries: BaselineEntry[];
-}
-/** Stable key for matching a finding against a baseline entry. */
-function baselineKey(f: { id: string; file: string; line?: number }): string {
-  return `${f.id}::${f.file}::${f.line ?? ''}`;
-}
-export function baselineFilePath(cwd: string, overridePath?: string): string {
-  return overridePath
-    ? path.isAbsolute(overridePath) ? overridePath : path.join(cwd, overridePath)
-    : path.join(cwd, BASELINE_FILE);
-}
-export function loadBaseline(cwd: string, overridePath?: string): Baseline | null {
-  const p = baselineFilePath(cwd, overridePath);
-  if (!fs.existsSync(p)) return null;
-  try {
-    return JSON.parse(fs.readFileSync(p, 'utf8')) as Baseline;
-  } catch {
-    return null;
-  }
-}
-export function saveBaseline(cwd: string, findings: Finding[], options: { note?: string; overridePath?: string } = {}): Baseline {
-  const existing = loadBaseline(cwd, options.overridePath);
-  const now = new Date().toISOString();
-  const baseline: Baseline = {
-    version: 1,
-    createdAt: existing?.createdAt ?? now,
-    updatedAt: now,
-    note: options.note ?? existing?.note,
-    entries: findings.map(f => ({
-      id: f.id,
-      file: f.file,
-      line: f.line,
-      severity: f.severity,
-      message: f.message,
-      pinnedAt: now,
-    })),
-  };
-  const p = baselineFilePath(cwd, options.overridePath);
-  const tmp = p + '.tmp';
-  fs.writeFileSync(tmp, JSON.stringify(baseline, null, 2), 'utf8');
-  fs.renameSync(tmp, p);
-  return baseline;
-}
-export function clearBaseline(cwd: string, overridePath?: string): void {
-  const p = baselineFilePath(cwd, overridePath);
-  if (fs.existsSync(p)) fs.unlinkSync(p);
-}
-export interface BaselineFilterResult {
-  newFindings: Finding[];
-  baselinedFindings: Finding[];
-  baselinedCount: number;
-}
-/** Returns findings NOT present in the baseline (new findings only). */
-export function filterBaselined(findings: Finding[], baseline: Baseline): BaselineFilterResult {
-  const pinned = new Set(baseline.entries.map(baselineKey));
-  const newFindings: Finding[] = [];
-  const baselinedFindings: Finding[] = [];
-  for (const f of findings) {
-    if (pinned.has(baselineKey(f))) {
-      baselinedFindings.push(f);
-    } else {
-      newFindings.push(f);
-    }
-  }
-  return { newFindings, baselinedFindings, baselinedCount: baselinedFindings.length };
-}
-export interface BaselineDiff {
-  added: Finding[];       // in current but not in baseline
-  resolved: BaselineEntry[]; // in baseline but not in current
-  unchanged: Finding[];   // in both
-}
-/** Diff current findings against a baseline snapshot. */
-export function diffAgainstBaseline(current: Finding[], baseline: Baseline): BaselineDiff {
-  const currentKeys = new Set(current.map(baselineKey));
-  const baselineKeys = new Set(baseline.entries.map(baselineKey));
-  return {
-    added:     current.filter(f => !baselineKeys.has(baselineKey(f))),
-    resolved:  baseline.entries.filter(e => !currentKeys.has(baselineKey(e))),
-    unchanged: current.filter(f => baselineKeys.has(baselineKey(f))),
-  };
-}

package/src/core/persist/cost-log.ts DELETED Viewed

@@ -1,30 +0,0 @@
-import * as fs from 'node:fs';
-import * as path from 'node:path';
-const CACHE_DIR = '.guardrail-cache';
-const LOG_FILE = 'costs.jsonl';
-export interface CostLogEntry {
-  timestamp: string;
-  files: number;
-  inputTokens: number;
-  outputTokens: number;
-  costUSD: number;
-  durationMs: number;
-}
-export function appendCostLog(cwd: string, entry: CostLogEntry): void {
-  const dir = path.join(cwd, CACHE_DIR);
-  fs.mkdirSync(dir, { recursive: true });
-  fs.appendFileSync(path.join(dir, LOG_FILE), JSON.stringify(entry) + '\n', 'utf8');
-}
-export function readCostLog(cwd: string): CostLogEntry[] {
-  const p = path.join(cwd, CACHE_DIR, LOG_FILE);
-  if (!fs.existsSync(p)) return [];
-  return fs.readFileSync(p, 'utf8')
-    .split('\n')
-    .filter(Boolean)
-    .map(line => { try { return JSON.parse(line) as CostLogEntry; } catch { return null; } })
-    .filter((e): e is CostLogEntry => e !== null);
-}

package/src/core/persist/findings-cache.ts DELETED Viewed

@@ -1,43 +0,0 @@
-import * as fs from 'node:fs';
-import * as path from 'node:path';
-import type { Finding } from '../findings/types.ts';
-const CACHE_DIR = '.guardrail-cache';
-const CACHE_FILE = 'findings.json';
-function cacheFilePath(cwd: string): string {
-  return path.join(cwd, CACHE_DIR, CACHE_FILE);
-}
-function findingKey(f: Finding): string {
-  return `${f.id}::${f.file}::${f.line ?? ''}`;
-}
-export function loadCachedFindings(cwd: string): Finding[] {
-  const p = cacheFilePath(cwd);
-  if (!fs.existsSync(p)) return [];
-  try {
-    return JSON.parse(fs.readFileSync(p, 'utf8')) as Finding[];
-  } catch {
-    return [];
-  }
-}
-export function saveCachedFindings(cwd: string, findings: Finding[]): void {
-  const dir = path.join(cwd, CACHE_DIR);
-  fs.mkdirSync(dir, { recursive: true });
-  // atomic write
-  const tmp = cacheFilePath(cwd) + '.tmp';
-  fs.writeFileSync(tmp, JSON.stringify(findings, null, 2), 'utf8');
-  fs.renameSync(tmp, cacheFilePath(cwd));
-}
-/**
- * Returns only findings not present in the cached baseline.
- * Two findings are considered the same when id + file + line all match.
- */
-export function filterNewFindings(current: Finding[], cached: Finding[]): Finding[] {
-  if (cached.length === 0) return current;
-  const seen = new Set(cached.map(findingKey));
-  return current.filter(f => !seen.has(findingKey(f)));
-}

package/src/core/persist/triage.ts DELETED Viewed

@@ -1,112 +0,0 @@
-import * as fs from 'node:fs';
-import * as path from 'node:path';
-import type { Finding } from '../findings/types.ts';
-const TRIAGE_FILE = '.guardrail-triage.json';
-export type TriageState = 'accepted-risk' | 'false-positive';
-export interface TriageEntry {
-  id: string;
-  file: string;
-  line?: number;
-  state: TriageState;
-  reason?: string;
-  triagedAt: string;
-  expiresAt?: string;
-}
-export interface TriageStore {
-  version: 1;
-  entries: TriageEntry[];
-}
-function triageFilePath(cwd: string): string {
-  return path.join(cwd, TRIAGE_FILE);
-}
-function entryKey(e: { id: string; file: string; line?: number }): string {
-  return `${e.id}::${e.file}::${e.line ?? ''}`;
-}
-export function loadTriage(cwd: string): TriageStore {
-  const p = triageFilePath(cwd);
-  if (!fs.existsSync(p)) return { version: 1, entries: [] };
-  try {
-    return JSON.parse(fs.readFileSync(p, 'utf8')) as TriageStore;
-  } catch {
-    return { version: 1, entries: [] };
-  }
-}
-export function saveTriage(cwd: string, store: TriageStore): void {
-  const p = triageFilePath(cwd);
-  const tmp = p + '.tmp';
-  fs.writeFileSync(tmp, JSON.stringify(store, null, 2), 'utf8');
-  fs.renameSync(tmp, p);
-}
-export function addTriageEntry(
-  cwd: string,
-  finding: Finding,
-  state: TriageState,
-  options: { reason?: string; expiresInDays?: number } = {},
-): void {
-  const store = loadTriage(cwd);
-  const key = entryKey(finding);
-  store.entries = store.entries.filter(e => entryKey(e) !== key);
-  const entry: TriageEntry = {
-    id: finding.id,
-    file: finding.file,
-    line: finding.line,
-    state,
-    reason: options.reason,
-    triagedAt: new Date().toISOString(),
-  };
-  if (options.expiresInDays !== undefined) {
-    const exp = new Date();
-    exp.setDate(exp.getDate() + options.expiresInDays);
-    entry.expiresAt = exp.toISOString();
-  }
-  store.entries.push(entry);
-  saveTriage(cwd, store);
-}
-export function removeTriageEntry(cwd: string, ids: string[]): number {
-  const store = loadTriage(cwd);
-  const before = store.entries.length;
-  store.entries = store.entries.filter(e => !ids.some(id => e.id === id || e.id.startsWith(id)));
-  saveTriage(cwd, store);
-  return before - store.entries.length;
-}
-export function clearExpiredEntries(cwd: string): number {
-  const store = loadTriage(cwd);
-  const now = new Date().toISOString();
-  const before = store.entries.length;
-  store.entries = store.entries.filter(e => !e.expiresAt || e.expiresAt > now);
-  saveTriage(cwd, store);
-  return before - store.entries.length;
-}
-export interface TriageFilterResult {
-  active: Finding[];
-  triaged: Finding[];
-  triageCount: number;
-}
-export function filterTriaged(findings: Finding[], store: TriageStore): TriageFilterResult {
-  const now = new Date().toISOString();
-  const activeKeys = new Set(
-    store.entries
-      .filter(e => !e.expiresAt || e.expiresAt > now)
-      .map(entryKey),
-  );
-  const active: Finding[] = [];
-  const triaged: Finding[] = [];
-  for (const f of findings) {
-    if (activeKeys.has(entryKey(f))) triaged.push(f);
-    else active.push(f);
-  }
-  return { active, triaged, triageCount: triaged.length };
-}

package/src/core/phases/static-rules.ts DELETED Viewed

@@ -1,93 +0,0 @@
-import type { Finding, FixAttempt, FixStatus } from '../findings/types.ts';
-import type { GuardrailConfig } from '../config/types.ts';
-import type { ReviewEngine } from '../../adapters/review-engine/types.ts';
-import { dedupFindings, findingContentKey } from '../findings/dedup.ts';
-export interface StaticRule {
-  name: string;
-  severity: 'critical' | 'warning' | 'note';
-  check(touchedFiles: string[], config?: Record<string, unknown>): Promise<Finding[]>;
-  autofix?(finding: Finding): Promise<FixStatus>;
-}
-export interface StaticRulesPhaseInput {
-  touchedFiles: string[];
-  rules: StaticRule[];
-  config?: GuardrailConfig;
-  engine?: ReviewEngine;
-}
-export interface StaticRulesPhaseResult {
-  phase: 'static-rules';
-  status: 'pass' | 'warn' | 'fail';
-  findings: Finding[];
-  fixAttempts: FixAttempt[];
-  durationMs: number;
-}
-export async function runStaticRulesPhase(input: StaticRulesPhaseInput): Promise<StaticRulesPhaseResult> {
-  const start = Date.now();
-  const preFixFindings = dedupFindings(await runAllChecks(input.rules, input.touchedFiles, input.config, input.engine));
-  const fixAttempts: FixAttempt[] = [];
-  let anyFixApplied = false;
-  for (const finding of preFixFindings) {
-    const rule = findRuleForFinding(input.rules, finding);
-    if (!rule?.autofix) continue;
-    if (finding.protectedPath) {
-      fixAttempts.push({
-        findingId: finding.id,
-        attemptedAt: new Date().toISOString(),
-        status: 'skipped',
-        notes: 'protected path',
-      });
-      continue;
-    }
-    const status = await rule.autofix(finding);
-    if (status === 'fixed') anyFixApplied = true;
-    fixAttempts.push({ findingId: finding.id, attemptedAt: new Date().toISOString(), status });
-  }
-  // Re-check is the source of truth for what persists after autofix.
-  // findings always returns preFixFindings so callers have a complete record;
-  // fixAttempts + re-check set-difference tells them what was resolved.
-  const postFixFindings = anyFixApplied
-    ? dedupFindings(await runAllChecks(input.rules, input.touchedFiles, input.config, input.engine))
-    : preFixFindings;
-  const postFixKeys = new Set(postFixFindings.map(findingContentKey));
-  const isFixed = (f: Finding): boolean => !postFixKeys.has(findingContentKey(f));
-  const unfixedCritical = preFixFindings.some(f => f.severity === 'critical' && !isFixed(f));
-  const unfixedWarning = preFixFindings.some(f => f.severity === 'warning' && !isFixed(f));
-  let status: StaticRulesPhaseResult['status'];
-  if (unfixedCritical) status = 'fail';
-  else if (unfixedWarning) status = 'warn';
-  else status = 'pass';
-  return { phase: 'static-rules', status, findings: preFixFindings, fixAttempts, durationMs: Date.now() - start };
-}
-async function runAllChecks(
-  rules: StaticRule[],
-  files: string[],
-  config?: GuardrailConfig,
-  engine?: ReviewEngine,
-): Promise<Finding[]> {
-  const ruleConfig: Record<string, unknown> = {
-    ...(config ? (config as unknown as Record<string, unknown>) : {}),
-    _engine: engine,
-  };
-  const all: Finding[] = [];
-  for (const rule of rules) all.push(...(await rule.check(files, ruleConfig)));
-  return all;
-}
-function findRuleForFinding(rules: StaticRule[], finding: Finding): StaticRule | undefined {
-  return rules.find(r => r.name === finding.category) ?? rules.find(r => finding.category.includes(r.name));
-}

package/src/core/phases/tests.ts DELETED Viewed

@@ -1,51 +0,0 @@
-import { execSync } from 'node:child_process';
-import type { Finding } from '../findings/types.ts';
-export interface TestsPhaseInput {
-  touchedFiles: string[];
-  testCommand?: string | null;
-  cwd?: string;
-}
-export interface TestsPhaseResult {
-  phase: 'tests';
-  status: 'pass' | 'fail' | 'skip';
-  findings: Finding[];
-  output?: string;
-  durationMs: number;
-}
-export async function runTestsPhase(input: TestsPhaseInput): Promise<TestsPhaseResult> {
-  const start = Date.now();
-  if (!input.testCommand) {
-    return { phase: 'tests', status: 'skip', findings: [], durationMs: Date.now() - start };
-  }
-  let output: string | undefined;
-  try {
-    // shell:true is intentional — testCommand is developer-supplied config, supports quoted args + pipes.
-    output = execSync(input.testCommand, {
-      encoding: 'utf8',
-      cwd: input.cwd,
-      timeout: 120000,
-      shell: process.env.SHELL ?? "/bin/sh",
-      stdio: ['ignore', 'pipe', 'pipe'],
-    });
-  } catch {
-    const finding: Finding = {
-      id: 'tests-phase-fail',
-      source: 'static-rules',
-      severity: 'critical',
-      category: 'test-failure',
-      file: '<tests>',
-      message: `Test command failed: ${input.testCommand}`,
-      suggestion: 'Fix failing tests before merging',
-      protectedPath: false,
-      createdAt: new Date().toISOString(),
-    };
-    return { phase: 'tests', status: 'fail', findings: [finding], output: undefined, durationMs: Date.now() - start };
-  }
-  return { phase: 'tests', status: 'pass', findings: [], output, durationMs: Date.now() - start };
-}

package/src/core/pipeline/review-phase.ts DELETED Viewed

@@ -1,182 +0,0 @@
-import type { ReviewEngine } from '../../adapters/review-engine/types.ts';
-import type { Finding } from '../findings/types.ts';
-import type { GuardrailConfig } from '../config/types.ts';
-import { buildReviewChunks, type ReviewChunk } from '../chunking/index.ts';
-import { GuardrailError } from '../errors.ts';
-import { hasFrontendFiles, loadDesignContext } from '../ui/design-context-loader.ts';
-export interface ReviewPhaseResult {
-  phase: 'review';
-  status: 'pass' | 'warn' | 'fail' | 'skip';
-  findings: Finding[];
-  rawOutputs?: string[];
-  costUSD?: number;
-  usage?: { input: number; output: number };
-  durationMs: number;
-}
-export interface ReviewPhaseInput {
-  touchedFiles: string[];
-  engine: ReviewEngine;
-  config: GuardrailConfig;
-  cwd?: string;
-  gitSummary?: string;
-  designSchema?: string;
-  budgetRemainingUSD?: number;
-  base?: string;
-}
-interface ChunkResult {
-  findings: Finding[];
-  rawOutput: string;
-  inputTokens: number;
-  outputTokens: number;
-  costUSD: number;
-}
-function backoffMs(attempt: number, strategy: 'exp' | 'linear' | 'none'): number {
-  if (strategy === 'none') return 0;
-  if (strategy === 'linear') return attempt * 2000;
-  return Math.min(Math.pow(2, attempt) * 1000, 32000); // exp: 1s, 2s, 4s, 8s … 32s cap
-}
-async function reviewChunkWithRetry(chunk: ReviewChunk, input: ReviewPhaseInput): Promise<ChunkResult> {
-  const strategy = input.config.chunking?.rateLimitBackoff ?? 'exp';
-  const maxAttempts = strategy === 'none' ? 1 : 4;
-  for (let attempt = 0; attempt < maxAttempts; attempt++) {
-    try {
-      const output = await input.engine.review({
-        content: chunk.content,
-        kind: chunk.kind,
-        context: { stack: input.config.stack, cwd: input.cwd, gitSummary: input.gitSummary, designSchema: input.designSchema },
-      });
-      return {
-        findings: output.findings,
-        rawOutput: output.rawOutput,
-        inputTokens: output.usage?.input ?? 0,
-        outputTokens: output.usage?.output ?? 0,
-        costUSD: output.usage?.costUSD ?? 0,
-      };
-    } catch (err) {
-      const isRateLimit = err instanceof GuardrailError && err.code === 'rate_limit';
-      const isLast = attempt === maxAttempts - 1;
-      if (!isRateLimit || isLast) throw err;
-      const delay = backoffMs(attempt + 1, strategy);
-      await new Promise(r => setTimeout(r, delay));
-    }
-  }
-  throw new Error('unreachable');
-}
-/** Run up to `limit` promises concurrently, preserving result order. */
-async function pMap<T, R>(
-  items: T[],
-  fn: (item: T, index: number) => Promise<R>,
-  limit: number,
-): Promise<R[]> {
-  const results: R[] = new Array(items.length);
-  let next = 0;
-  async function worker(): Promise<void> {
-    while (next < items.length) {
-      const i = next++;
-      results[i] = await fn(items[i]!, i);
-    }
-  }
-  const workers = Array.from({ length: Math.min(limit, items.length) }, () => worker());
-  await Promise.all(workers);
-  return results;
-}
-export async function runReviewPhase(input: ReviewPhaseInput): Promise<ReviewPhaseResult> {
-  const start = Date.now();
-  if (input.touchedFiles.length === 0) {
-    return { phase: 'review', status: 'skip', findings: [], durationMs: Date.now() - start };
-  }
-  let designSchema: string | undefined;
-  if (hasFrontendFiles(input.touchedFiles) && input.config.brand?.componentLibrary) {
-    const loaded = loadDesignContext(
-      input.config.brand.componentLibrary,
-      input.cwd ?? process.cwd(),
-    );
-    if (loaded) designSchema = loaded;
-  }
-  const enrichedInput: ReviewPhaseInput = designSchema ? { ...input, designSchema } : input;
-  const chunks = await buildReviewChunks({
-    touchedFiles: enrichedInput.touchedFiles,
-    strategy: enrichedInput.config.reviewStrategy ?? 'auto',
-    chunking: enrichedInput.config.chunking,
-    engine: enrichedInput.engine,
-    cwd: enrichedInput.cwd,
-    protectedPaths: enrichedInput.config.protectedPaths,
-    base: enrichedInput.base,
-  });
-  const parallelism = enrichedInput.config.chunking?.parallelism ?? 3;
-  const budgetUSD = enrichedInput.budgetRemainingUSD;
-  // For budget tracking we still need to enforce it — run serially if budget set,
-  // parallel otherwise (budget check between serial chunks is the safe path).
-  let chunkResults: ChunkResult[];
-  if (budgetUSD !== undefined) {
-    chunkResults = [];
-    let spent = 0;
-    let budgetExceeded = false;
-    for (const chunk of chunks) {
-      if (spent >= budgetUSD) { budgetExceeded = true; break; }
-      const r = await reviewChunkWithRetry(chunk, enrichedInput);
-      spent += r.costUSD;
-      chunkResults.push(r);
-    }
-    if (budgetExceeded) {
-      chunkResults.push({
-        findings: [{
-          id: 'budget-exceeded',
-          source: 'pipeline',
-          severity: 'warning',
-          category: 'budget',
-          file: '<pipeline>',
-          message: `Review budget of $${budgetUSD} USD exceeded — remaining chunks skipped`,
-          protectedPath: false,
-          createdAt: new Date().toISOString(),
-        }],
-        rawOutput: '', inputTokens: 0, outputTokens: 0, costUSD: 0,
-      });
-    }
-  } else {
-    chunkResults = await pMap(chunks, chunk => reviewChunkWithRetry(chunk, enrichedInput), parallelism);
-  }
-  let totalInputTokens = 0;
-  let totalOutputTokens = 0;
-  let totalCostUSD = 0;
-  const allFindings: Finding[] = [];
-  const allRawOutputs: string[] = [];
-  for (const r of chunkResults) {
-    allFindings.push(...r.findings);
-    if (r.rawOutput) allRawOutputs.push(r.rawOutput);
-    totalInputTokens += r.inputTokens;
-    totalOutputTokens += r.outputTokens;
-    totalCostUSD += r.costUSD;
-  }
-  const hasCritical = allFindings.some(f => f.severity === 'critical');
-  const hasWarning = allFindings.some(f => f.severity === 'warning');
-  const status = hasCritical ? 'fail' : hasWarning ? 'warn' : 'pass';
-  return {
-    phase: 'review',
-    status,
-    findings: allFindings,
-    rawOutputs: allRawOutputs.length > 0 ? allRawOutputs : undefined,
-    costUSD: totalCostUSD > 0 ? totalCostUSD : undefined,
-    usage: totalInputTokens > 0 ? { input: totalInputTokens, output: totalOutputTokens } : undefined,
-    durationMs: Date.now() - start,
-  };
-}