npm - @getcodesentinel/codesentinel - Versions diffs - 1.15.0 → 1.16.0 - Mend

@getcodesentinel/codesentinel 1.15.0 → 1.16.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/README.md CHANGED Viewed

@@ -76,7 +76,7 @@ CI example:
     BASE_REF="${GITHUB_BASE_REF:-main}"
     git fetch origin "+refs/heads/${BASE_REF}:refs/remotes/origin/${BASE_REF}"
 - name: Run CodeSentinel
-  run: npx codesentinel ci --baseline-ref auto --max-repo-score 55 --max-repo-delta 0.03 --no-new-cycles --no-new-high-risk-deps --max-new-hotspots 2 --fail-on error
+  run: npx codesentinel ci --baseline-ref auto --max-risk-score 55 --max-risk-delta 0.03 --min-quality-score 65 --max-quality-delta 0.03 --no-new-cycles --no-new-high-risk-deps --max-new-hotspots 2 --fail-on error
 ```
 `--baseline-ref auto` requires enough git history to resolve a baseline deterministically. In GitHub Actions, use `fetch-depth: 0` and ensure the CI base branch ref is fetched.
@@ -111,6 +111,7 @@ The goal is a practical, engineering-grade model that supports both strategic ar
 - `packages/git-analyzer`: Git history and evolutionary signals.
 - `packages/dependency-firewall`: external dependency and supply chain signals.
 - `packages/risk-engine`: risk aggregation and scoring model.
+- `packages/quality-signals`: local quality signal collection (lint, diagnostics, complexity, duplication, coverage).
 - `packages/quality-engine`: quality posture aggregation and scoring model.
 - `packages/reporter`: structured report output (console, JSON, CI).
 - `packages/governance`: CI gate evaluation and enforcement policy checks.
@@ -167,9 +168,9 @@ codesentinel report
 codesentinel report --format md --output report.md
 codesentinel report --snapshot snapshot.json
 codesentinel report --compare baseline.json --format text
-codesentinel check --compare baseline.json --max-repo-delta 0.03 --no-new-cycles
+codesentinel check --compare baseline.json --max-risk-delta 0.03 --no-new-cycles
 codesentinel ci --baseline baseline.json --snapshot current.json --report report.md --fail-on error
-codesentinel ci --baseline-ref origin/main --max-repo-delta 0.03 --no-new-cycles
+codesentinel ci --baseline-ref origin/main --max-risk-delta 0.03 --no-new-cycles
 codesentinel ci --baseline-ref auto --fail-on error
 codesentinel dependency-risk react
 codesentinel dependency-risk react@19.0.0
@@ -256,7 +257,7 @@ pnpm dev -- explain . --file src/app/page.tsx
 pnpm dev -- report
 pnpm dev -- report . --format md --output report.md
 pnpm dev -- report . --compare baseline.json --format text
-pnpm dev -- check . --compare baseline.json --max-repo-delta 0.03 --no-new-cycles
+pnpm dev -- check . --compare baseline.json --max-risk-delta 0.03 --no-new-cycles
 pnpm dev -- ci . --baseline baseline.json --snapshot current.json --report report.md --fail-on warn
 ```
@@ -282,7 +283,7 @@ Diff mode compares snapshots and reports:
 `codesentinel run` is a convenience command that emits `analyze + explain + report` in one execution.
-- formats: `text`, `md`, `json` (`text` default)
+- formats: `text`, `md`, `json` (`md` default)
 - detail levels: `--detail compact|standard|full` (`compact` default, `full` = full verbose sections)
 - explain target selectors: `--file <path>`, `--module <name>`, `--top <n>`
 - report diff/snapshot flags: `--compare <baseline.json>`, `--snapshot <path>`, `--no-trace`
@@ -293,11 +294,13 @@ Diff mode compares snapshots and reports:
 Supported gates:
-- `--max-repo-delta <value>`
+- `--max-risk-delta <value>`
+- `--max-quality-delta <value>`
 - `--no-new-cycles`
 - `--no-new-high-risk-deps`
 - `--max-new-hotspots <count>`
-- `--max-repo-score <score>`
+- `--max-risk-score <score>`
+- `--min-quality-score <score>`
 - `--new-hotspot-score-threshold <score>`
 - `--fail-on error|warn`
@@ -391,9 +394,16 @@ Minimal shape:
     "dimensions": {
       "modularity": 0,
       "changeHygiene": 0,
+      "staticAnalysis": 0,
+      "complexity": 0,
+      "duplication": 0,
       "testHealth": 0
     },
-    "topIssues": []
+    "topIssues": [],
+    "trace": {
+      "schemaVersion": "1",
+      "dimensions": []
+    }
   }
 }
 ```
@@ -409,6 +419,25 @@ Score direction:
 - `risk.riskScore`: higher means higher risk (worse).
 - `quality.qualityScore`: higher means better quality posture.
+- `quality.trace`: per-dimension factor traces with normalized metrics and evidence.
+Quality v2 dimensions and weights:
+- `modularity` (`0.20`): cycles + fan-in/fan-out concentration.
+- `changeHygiene` (`0.20`): churn/volatility/coupling concentration + TODO/FIXME comment load.
+- `staticAnalysis` (`0.20`): ESLint issue rates + TypeScript diagnostics.
+- `complexity` (`0.15`): cyclomatic complexity pressure.
+- `duplication` (`0.10`): duplicated block/line ratio.
+- `testHealth` (`0.15`): test file presence + optional coverage summary input.
+Signal ingestion (deterministic, local):
+- ESLint issues are collected via ESLint API when configuration is available.
+- TypeScript diagnostics are collected from local `tsconfig.json` program diagnostics.
+- Complexity and duplication are derived from local source files.
+- Coverage input is optional:
+  - default path: `<target>/coverage/coverage-summary.json`
+  - override path: `CODESENTINEL_QUALITY_COVERAGE_SUMMARY`
 Interpretation notes: