npm - @kevinrabun/judges-cli - Versions diffs - 3.124.0 - Mend

@kevinrabun/judges-cli 3.124.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (1745) hide show

package/README.md +24 -0
package/agents/accessibility.judge.md +44 -0
package/agents/agent-instructions.judge.md +44 -0
package/agents/ai-code-safety.judge.md +55 -0
package/agents/api-contract.judge.md +37 -0
package/agents/api-design.judge.md +55 -0
package/agents/authentication.judge.md +61 -0
package/agents/backwards-compatibility.judge.md +44 -0
package/agents/caching.judge.md +44 -0
package/agents/ci-cd.judge.md +44 -0
package/agents/cloud-readiness.judge.md +51 -0
package/agents/code-structure.judge.md +48 -0
package/agents/compliance.judge.md +47 -0
package/agents/concurrency.judge.md +46 -0
package/agents/configuration-management.judge.md +44 -0
package/agents/cost-effectiveness.judge.md +40 -0
package/agents/cybersecurity.judge.md +61 -0
package/agents/data-security.judge.md +48 -0
package/agents/data-sovereignty.judge.md +58 -0
package/agents/database.judge.md +49 -0
package/agents/dependency-health.judge.md +46 -0
package/agents/documentation.judge.md +53 -0
package/agents/error-handling.judge.md +53 -0
package/agents/ethics-bias.judge.md +46 -0
package/agents/false-positive-review.judge.md +85 -0
package/agents/framework-safety.judge.md +47 -0
package/agents/hallucination-detection.judge.md +46 -0
package/agents/iac-security.judge.md +45 -0
package/agents/intent-alignment.judge.md +44 -0
package/agents/internationalization.judge.md +42 -0
package/agents/logging-privacy.judge.md +44 -0
package/agents/logic-review.judge.md +34 -0
package/agents/maintainability.judge.md +44 -0
package/agents/model-fingerprint.judge.md +31 -0
package/agents/multi-turn-coherence.judge.md +36 -0
package/agents/observability.judge.md +52 -0
package/agents/over-engineering.judge.md +48 -0
package/agents/performance.judge.md +44 -0
package/agents/portability.judge.md +44 -0
package/agents/rate-limiting.judge.md +53 -0
package/agents/reliability.judge.md +55 -0
package/agents/scalability.judge.md +50 -0
package/agents/security.judge.md +62 -0
package/agents/software-practices.judge.md +54 -0
package/agents/testing.judge.md +52 -0
package/agents/ux.judge.md +44 -0
package/bin/judges.js +8 -0
package/dist/a2a-protocol.d.ts +136 -0
package/dist/a2a-protocol.js +218 -0
package/dist/agent-loader.d.ts +107 -0
package/dist/agent-loader.js +260 -0
package/dist/api.d.ts +169 -0
package/dist/api.js +195 -0
package/dist/ast/cross-file-taint.d.ts +42 -0
package/dist/ast/cross-file-taint.js +679 -0
package/dist/ast/index.d.ts +25 -0
package/dist/ast/index.js +148 -0
package/dist/ast/structural-parser.d.ts +2 -0
package/dist/ast/structural-parser.js +756 -0
package/dist/ast/taint-tracker.d.ts +48 -0
package/dist/ast/taint-tracker.js +1033 -0
package/dist/ast/tree-sitter-ast.d.ts +33 -0
package/dist/ast/tree-sitter-ast.js +1164 -0
package/dist/ast/types.d.ts +50 -0
package/dist/ast/types.js +7 -0
package/dist/audit-trail.d.ts +245 -0
package/dist/audit-trail.js +257 -0
package/dist/auto-tune.d.ts +146 -0
package/dist/auto-tune.js +373 -0
package/dist/cache.d.ts +53 -0
package/dist/cache.js +86 -0
package/dist/calibration.d.ts +108 -0
package/dist/calibration.js +219 -0
package/dist/cli-dispatch.d.ts +7 -0
package/dist/cli-dispatch.js +654 -0
package/dist/cli-formatters.d.ts +6 -0
package/dist/cli-formatters.js +186 -0
package/dist/cli-helpers.d.ts +29 -0
package/dist/cli-helpers.js +129 -0
package/dist/cli.d.ts +30 -0
package/dist/cli.js +1487 -0
package/dist/commands/adoption-report.d.ts +7 -0
package/dist/commands/adoption-report.js +218 -0
package/dist/commands/adoption-track.d.ts +4 -0
package/dist/commands/adoption-track.js +246 -0
package/dist/commands/ai-gate.d.ts +7 -0
package/dist/commands/ai-gate.js +212 -0
package/dist/commands/ai-model-trust.d.ts +16 -0
package/dist/commands/ai-model-trust.js +234 -0
package/dist/commands/ai-output-compare.d.ts +8 -0
package/dist/commands/ai-output-compare.js +202 -0
package/dist/commands/ai-pattern-trend.d.ts +8 -0
package/dist/commands/ai-pattern-trend.js +223 -0
package/dist/commands/ai-prompt-audit.d.ts +22 -0
package/dist/commands/ai-prompt-audit.js +254 -0
package/dist/commands/ai-provenance.d.ts +4 -0
package/dist/commands/ai-provenance.js +247 -0
package/dist/commands/api-audit.d.ts +8 -0
package/dist/commands/api-audit.js +359 -0
package/dist/commands/api-misuse.d.ts +4 -0
package/dist/commands/api-misuse.js +260 -0
package/dist/commands/api-versioning-audit.d.ts +5 -0
package/dist/commands/api-versioning-audit.js +233 -0
package/dist/commands/approve-chain.d.ts +7 -0
package/dist/commands/approve-chain.js +234 -0
package/dist/commands/arch-audit.d.ts +8 -0
package/dist/commands/arch-audit.js +283 -0
package/dist/commands/assertion-density.d.ts +4 -0
package/dist/commands/assertion-density.js +263 -0
package/dist/commands/assign-findings.d.ts +36 -0
package/dist/commands/assign-findings.js +177 -0
package/dist/commands/async-safety.d.ts +4 -0
package/dist/commands/async-safety.js +266 -0
package/dist/commands/audit-bundle.d.ts +28 -0
package/dist/commands/audit-bundle.js +234 -0
package/dist/commands/audit-trail.d.ts +17 -0
package/dist/commands/audit-trail.js +154 -0
package/dist/commands/auto-approve.d.ts +4 -0
package/dist/commands/auto-approve.js +188 -0
package/dist/commands/auto-calibrate.d.ts +14 -0
package/dist/commands/auto-calibrate.js +106 -0
package/dist/commands/auto-detect.d.ts +61 -0
package/dist/commands/auto-detect.js +328 -0
package/dist/commands/auto-fix.d.ts +17 -0
package/dist/commands/auto-fix.js +240 -0
package/dist/commands/auto-triage.d.ts +31 -0
package/dist/commands/auto-triage.js +125 -0
package/dist/commands/baseline.d.ts +47 -0
package/dist/commands/baseline.js +353 -0
package/dist/commands/batch-review.d.ts +4 -0
package/dist/commands/batch-review.js +180 -0
package/dist/commands/benchmark-advanced.d.ts +14 -0
package/dist/commands/benchmark-advanced.js +5057 -0
package/dist/commands/benchmark-ai-agents.d.ts +8 -0
package/dist/commands/benchmark-ai-agents.js +4123 -0
package/dist/commands/benchmark-ai-output.d.ts +9 -0
package/dist/commands/benchmark-ai-output.js +365 -0
package/dist/commands/benchmark-compliance-ethics.d.ts +8 -0
package/dist/commands/benchmark-compliance-ethics.js +3060 -0
package/dist/commands/benchmark-expanded-2.d.ts +12 -0
package/dist/commands/benchmark-expanded-2.js +5530 -0
package/dist/commands/benchmark-expanded.d.ts +12 -0
package/dist/commands/benchmark-expanded.js +2599 -0
package/dist/commands/benchmark-infrastructure.d.ts +8 -0
package/dist/commands/benchmark-infrastructure.js +2882 -0
package/dist/commands/benchmark-languages.d.ts +8 -0
package/dist/commands/benchmark-languages.js +1963 -0
package/dist/commands/benchmark-quality-ops.d.ts +8 -0
package/dist/commands/benchmark-quality-ops.js +3415 -0
package/dist/commands/benchmark-security-deep.d.ts +9 -0
package/dist/commands/benchmark-security-deep.js +2335 -0
package/dist/commands/benchmark.d.ts +233 -0
package/dist/commands/benchmark.js +3214 -0
package/dist/commands/blame-review.d.ts +4 -0
package/dist/commands/blame-review.js +266 -0
package/dist/commands/boundary-enforce.d.ts +5 -0
package/dist/commands/boundary-enforce.js +255 -0
package/dist/commands/build-optimize.d.ts +6 -0
package/dist/commands/build-optimize.js +256 -0
package/dist/commands/burndown.d.ts +26 -0
package/dist/commands/burndown.js +179 -0
package/dist/commands/cache-audit.d.ts +4 -0
package/dist/commands/cache-audit.js +219 -0
package/dist/commands/calibration-dashboard.d.ts +1 -0
package/dist/commands/calibration-dashboard.js +294 -0
package/dist/commands/calibration-share.d.ts +30 -0
package/dist/commands/calibration-share.js +182 -0
package/dist/commands/chat-notify.d.ts +8 -0
package/dist/commands/chat-notify.js +258 -0
package/dist/commands/ci-template.d.ts +14 -0
package/dist/commands/ci-template.js +211 -0
package/dist/commands/ci-templates.d.ts +9 -0
package/dist/commands/ci-templates.js +89 -0
package/dist/commands/clarity-score.d.ts +8 -0
package/dist/commands/clarity-score.js +260 -0
package/dist/commands/clone-detect.d.ts +4 -0
package/dist/commands/clone-detect.js +232 -0
package/dist/commands/coach-mode.d.ts +7 -0
package/dist/commands/coach-mode.js +229 -0
package/dist/commands/code-health.d.ts +4 -0
package/dist/commands/code-health.js +195 -0
package/dist/commands/code-owner-suggest.d.ts +16 -0
package/dist/commands/code-owner-suggest.js +214 -0
package/dist/commands/code-similarity.d.ts +8 -0
package/dist/commands/code-similarity.js +231 -0
package/dist/commands/comment-drift.d.ts +4 -0
package/dist/commands/comment-drift.js +228 -0
package/dist/commands/commit-hygiene.d.ts +5 -0
package/dist/commands/commit-hygiene.js +175 -0
package/dist/commands/community-patterns.d.ts +1 -0
package/dist/commands/community-patterns.js +131 -0
package/dist/commands/compare-runs.d.ts +37 -0
package/dist/commands/compare-runs.js +228 -0
package/dist/commands/completion-audit.d.ts +4 -0
package/dist/commands/completion-audit.js +296 -0
package/dist/commands/completions.d.ts +1 -0
package/dist/commands/completions.js +257 -0
package/dist/commands/compliance-map.d.ts +8 -0
package/dist/commands/compliance-map.js +374 -0
package/dist/commands/compliance-report.d.ts +34 -0
package/dist/commands/compliance-report.js +161 -0
package/dist/commands/compliance-weight.d.ts +8 -0
package/dist/commands/compliance-weight.js +272 -0
package/dist/commands/config-drift.d.ts +24 -0
package/dist/commands/config-drift.js +213 -0
package/dist/commands/config-lint.d.ts +4 -0
package/dist/commands/config-lint.js +187 -0
package/dist/commands/config-migrate.d.ts +43 -0
package/dist/commands/config-migrate.js +240 -0
package/dist/commands/config-share.d.ts +95 -0
package/dist/commands/config-share.js +406 -0
package/dist/commands/context-blind.d.ts +4 -0
package/dist/commands/context-blind.js +272 -0
package/dist/commands/context-inject.d.ts +8 -0
package/dist/commands/context-inject.js +211 -0
package/dist/commands/contract-verify.d.ts +4 -0
package/dist/commands/contract-verify.js +316 -0
package/dist/commands/correlate.d.ts +27 -0
package/dist/commands/correlate.js +241 -0
package/dist/commands/cost-forecast.d.ts +18 -0
package/dist/commands/cost-forecast.js +193 -0
package/dist/commands/coverage-map.d.ts +22 -0
package/dist/commands/coverage-map.js +222 -0
package/dist/commands/coverage.d.ts +40 -0
package/dist/commands/coverage.js +147 -0
package/dist/commands/cross-file-consistency.d.ts +4 -0
package/dist/commands/cross-file-consistency.js +254 -0
package/dist/commands/cross-pr-regression.d.ts +8 -0
package/dist/commands/cross-pr-regression.js +297 -0
package/dist/commands/custom-rule.d.ts +4 -0
package/dist/commands/custom-rule.js +210 -0
package/dist/commands/dead-code-detect.d.ts +4 -0
package/dist/commands/dead-code-detect.js +255 -0
package/dist/commands/dedup-report.d.ts +12 -0
package/dist/commands/dedup-report.js +137 -0
package/dist/commands/dep-audit.d.ts +52 -0
package/dist/commands/dep-audit.js +277 -0
package/dist/commands/dep-correlate.d.ts +8 -0
package/dist/commands/dep-correlate.js +207 -0
package/dist/commands/deploy-readiness.d.ts +5 -0
package/dist/commands/deploy-readiness.js +211 -0
package/dist/commands/deprecated.d.ts +47 -0
package/dist/commands/deprecated.js +201 -0
package/dist/commands/deps.d.ts +5 -0
package/dist/commands/deps.js +122 -0
package/dist/commands/design-audit.d.ts +8 -0
package/dist/commands/design-audit.js +301 -0
package/dist/commands/dev-score.d.ts +36 -0
package/dist/commands/dev-score.js +203 -0
package/dist/commands/diff-explain.d.ts +4 -0
package/dist/commands/diff-explain.js +142 -0
package/dist/commands/diff-only.d.ts +33 -0
package/dist/commands/diff-only.js +151 -0
package/dist/commands/diff-review.d.ts +4 -0
package/dist/commands/diff-review.js +190 -0
package/dist/commands/diff.d.ts +6 -0
package/dist/commands/diff.js +449 -0
package/dist/commands/digest.d.ts +19 -0
package/dist/commands/digest.js +221 -0
package/dist/commands/doc-drift.d.ts +8 -0
package/dist/commands/doc-drift.js +258 -0
package/dist/commands/doc-gen.d.ts +7 -0
package/dist/commands/doc-gen.js +208 -0
package/dist/commands/docs.d.ts +1 -0
package/dist/commands/docs.js +156 -0
package/dist/commands/doctor.d.ts +55 -0
package/dist/commands/doctor.js +362 -0
package/dist/commands/encoding-safety.d.ts +4 -0
package/dist/commands/encoding-safety.js +275 -0
package/dist/commands/error-taxonomy.d.ts +5 -0
package/dist/commands/error-taxonomy.js +226 -0
package/dist/commands/error-ux.d.ts +4 -0
package/dist/commands/error-ux.js +252 -0
package/dist/commands/event-leak.d.ts +4 -0
package/dist/commands/event-leak.js +262 -0
package/dist/commands/evidence-chain.d.ts +4 -0
package/dist/commands/evidence-chain.js +309 -0
package/dist/commands/example-leak.d.ts +4 -0
package/dist/commands/example-leak.js +232 -0
package/dist/commands/exception-consistency.d.ts +6 -0
package/dist/commands/exception-consistency.js +192 -0
package/dist/commands/exec-report.d.ts +8 -0
package/dist/commands/exec-report.js +271 -0
package/dist/commands/explain-finding.d.ts +7 -0
package/dist/commands/explain-finding.js +278 -0
package/dist/commands/false-negatives.d.ts +34 -0
package/dist/commands/false-negatives.js +165 -0
package/dist/commands/feedback-rules.d.ts +28 -0
package/dist/commands/feedback-rules.js +173 -0
package/dist/commands/feedback.d.ts +182 -0
package/dist/commands/feedback.js +550 -0
package/dist/commands/finding-age-analysis.d.ts +4 -0
package/dist/commands/finding-age-analysis.js +144 -0
package/dist/commands/finding-age-report.d.ts +4 -0
package/dist/commands/finding-age-report.js +154 -0
package/dist/commands/finding-age-tracker.d.ts +7 -0
package/dist/commands/finding-age-tracker.js +152 -0
package/dist/commands/finding-age.d.ts +4 -0
package/dist/commands/finding-age.js +145 -0
package/dist/commands/finding-ancestry-trace.d.ts +1 -0
package/dist/commands/finding-ancestry-trace.js +69 -0
package/dist/commands/finding-annotation-export.d.ts +1 -0
package/dist/commands/finding-annotation-export.js +97 -0
package/dist/commands/finding-annotation-layer.d.ts +4 -0
package/dist/commands/finding-annotation-layer.js +128 -0
package/dist/commands/finding-auto-categorize.d.ts +1 -0
package/dist/commands/finding-auto-categorize.js +109 -0
package/dist/commands/finding-auto-fix-suggest.d.ts +1 -0
package/dist/commands/finding-auto-fix-suggest.js +76 -0
package/dist/commands/finding-auto-fix.d.ts +4 -0
package/dist/commands/finding-auto-fix.js +188 -0
package/dist/commands/finding-auto-group.d.ts +4 -0
package/dist/commands/finding-auto-group.js +108 -0
package/dist/commands/finding-auto-label.d.ts +4 -0
package/dist/commands/finding-auto-label.js +220 -0
package/dist/commands/finding-auto-priority.d.ts +1 -0
package/dist/commands/finding-auto-priority.js +100 -0
package/dist/commands/finding-auto-suppress.d.ts +4 -0
package/dist/commands/finding-auto-suppress.js +126 -0
package/dist/commands/finding-auto-tag.d.ts +4 -0
package/dist/commands/finding-auto-tag.js +113 -0
package/dist/commands/finding-auto-triage.d.ts +4 -0
package/dist/commands/finding-auto-triage.js +108 -0
package/dist/commands/finding-autofix-preview.d.ts +4 -0
package/dist/commands/finding-autofix-preview.js +86 -0
package/dist/commands/finding-batch-resolve.d.ts +4 -0
package/dist/commands/finding-batch-resolve.js +165 -0
package/dist/commands/finding-batch-suppress.d.ts +4 -0
package/dist/commands/finding-batch-suppress.js +85 -0
package/dist/commands/finding-batch-triage.d.ts +1 -0
package/dist/commands/finding-batch-triage.js +90 -0
package/dist/commands/finding-blast-radius.d.ts +4 -0
package/dist/commands/finding-blast-radius.js +91 -0
package/dist/commands/finding-budget.d.ts +4 -0
package/dist/commands/finding-budget.js +232 -0
package/dist/commands/finding-category-map.d.ts +4 -0
package/dist/commands/finding-category-map.js +103 -0
package/dist/commands/finding-category-stats.d.ts +4 -0
package/dist/commands/finding-category-stats.js +104 -0
package/dist/commands/finding-category.d.ts +4 -0
package/dist/commands/finding-category.js +109 -0
package/dist/commands/finding-change-impact.d.ts +4 -0
package/dist/commands/finding-change-impact.js +107 -0
package/dist/commands/finding-cluster-analysis.d.ts +4 -0
package/dist/commands/finding-cluster-analysis.js +133 -0
package/dist/commands/finding-cluster-group.d.ts +4 -0
package/dist/commands/finding-cluster-group.js +105 -0
package/dist/commands/finding-cluster-summary.d.ts +1 -0
package/dist/commands/finding-cluster-summary.js +85 -0
package/dist/commands/finding-cluster.d.ts +4 -0
package/dist/commands/finding-cluster.js +157 -0
package/dist/commands/finding-code-context.d.ts +4 -0
package/dist/commands/finding-code-context.js +96 -0
package/dist/commands/finding-code-smell.d.ts +4 -0
package/dist/commands/finding-code-smell.js +113 -0
package/dist/commands/finding-compare-runs.d.ts +4 -0
package/dist/commands/finding-compare-runs.js +105 -0
package/dist/commands/finding-compliance-tag.d.ts +1 -0
package/dist/commands/finding-compliance-tag.js +106 -0
package/dist/commands/finding-confidence-boost.d.ts +1 -0
package/dist/commands/finding-confidence-boost.js +88 -0
package/dist/commands/finding-confidence-calibrate.d.ts +4 -0
package/dist/commands/finding-confidence-calibrate.js +111 -0
package/dist/commands/finding-confidence-filter.d.ts +4 -0
package/dist/commands/finding-confidence-filter.js +77 -0
package/dist/commands/finding-contest.d.ts +7 -0
package/dist/commands/finding-contest.js +192 -0
package/dist/commands/finding-context-enrich.d.ts +4 -0
package/dist/commands/finding-context-enrich.js +89 -0
package/dist/commands/finding-context-expand.d.ts +4 -0
package/dist/commands/finding-context-expand.js +102 -0
package/dist/commands/finding-context-link.d.ts +1 -0
package/dist/commands/finding-context-link.js +94 -0
package/dist/commands/finding-context-summary.d.ts +1 -0
package/dist/commands/finding-context-summary.js +85 -0
package/dist/commands/finding-context-window.d.ts +4 -0
package/dist/commands/finding-context-window.js +126 -0
package/dist/commands/finding-context.d.ts +4 -0
package/dist/commands/finding-context.js +140 -0
package/dist/commands/finding-correlate.d.ts +4 -0
package/dist/commands/finding-correlate.js +88 -0
package/dist/commands/finding-correlation-map.d.ts +4 -0
package/dist/commands/finding-correlation-map.js +101 -0
package/dist/commands/finding-correlation.d.ts +4 -0
package/dist/commands/finding-correlation.js +103 -0
package/dist/commands/finding-cross-file-link.d.ts +1 -0
package/dist/commands/finding-cross-file-link.js +101 -0
package/dist/commands/finding-cross-ref.d.ts +4 -0
package/dist/commands/finding-cross-ref.js +98 -0
package/dist/commands/finding-cve-lookup.d.ts +4 -0
package/dist/commands/finding-cve-lookup.js +97 -0
package/dist/commands/finding-cwe-lookup.d.ts +4 -0
package/dist/commands/finding-cwe-lookup.js +148 -0
package/dist/commands/finding-cwe-map.d.ts +4 -0
package/dist/commands/finding-cwe-map.js +133 -0
package/dist/commands/finding-dedup-cross-file.d.ts +4 -0
package/dist/commands/finding-dedup-cross-file.js +95 -0
package/dist/commands/finding-dedup-cross.d.ts +4 -0
package/dist/commands/finding-dedup-cross.js +90 -0
package/dist/commands/finding-dedup-merge.d.ts +1 -0
package/dist/commands/finding-dedup-merge.js +107 -0
package/dist/commands/finding-dedup-report.d.ts +4 -0
package/dist/commands/finding-dedup-report.js +101 -0
package/dist/commands/finding-dedup-smart.d.ts +1 -0
package/dist/commands/finding-dedup-smart.js +109 -0
package/dist/commands/finding-deduplicate.d.ts +4 -0
package/dist/commands/finding-deduplicate.js +141 -0
package/dist/commands/finding-dependency-check.d.ts +4 -0
package/dist/commands/finding-dependency-check.js +119 -0
package/dist/commands/finding-dependency-impact.d.ts +1 -0
package/dist/commands/finding-dependency-impact.js +97 -0
package/dist/commands/finding-dependency-link.d.ts +4 -0
package/dist/commands/finding-dependency-link.js +73 -0
package/dist/commands/finding-dependency-risk.d.ts +4 -0
package/dist/commands/finding-dependency-risk.js +117 -0
package/dist/commands/finding-dependency-tree.d.ts +4 -0
package/dist/commands/finding-dependency-tree.js +116 -0
package/dist/commands/finding-diff-highlight.d.ts +4 -0
package/dist/commands/finding-diff-highlight.js +107 -0
package/dist/commands/finding-dismiss-workflow.d.ts +4 -0
package/dist/commands/finding-dismiss-workflow.js +119 -0
package/dist/commands/finding-duplicate-detect.d.ts +4 -0
package/dist/commands/finding-duplicate-detect.js +113 -0
package/dist/commands/finding-duplicate-rule.d.ts +4 -0
package/dist/commands/finding-duplicate-rule.js +103 -0
package/dist/commands/finding-effort-rank.d.ts +1 -0
package/dist/commands/finding-effort-rank.js +93 -0
package/dist/commands/finding-evidence-chain.d.ts +4 -0
package/dist/commands/finding-evidence-chain.js +147 -0
package/dist/commands/finding-evidence-collect.d.ts +4 -0
package/dist/commands/finding-evidence-collect.js +114 -0
package/dist/commands/finding-explain.d.ts +4 -0
package/dist/commands/finding-explain.js +93 -0
package/dist/commands/finding-export-csv.d.ts +4 -0
package/dist/commands/finding-export-csv.js +78 -0
package/dist/commands/finding-false-neg-check.d.ts +8 -0
package/dist/commands/finding-false-neg-check.js +139 -0
package/dist/commands/finding-false-positive-learn.d.ts +4 -0
package/dist/commands/finding-false-positive-learn.js +85 -0
package/dist/commands/finding-false-positive-log.d.ts +4 -0
package/dist/commands/finding-false-positive-log.js +150 -0
package/dist/commands/finding-false-positive.d.ts +4 -0
package/dist/commands/finding-false-positive.js +134 -0
package/dist/commands/finding-filter-view.d.ts +4 -0
package/dist/commands/finding-filter-view.js +107 -0
package/dist/commands/finding-fix-chain.d.ts +1 -0
package/dist/commands/finding-fix-chain.js +78 -0
package/dist/commands/finding-fix-estimate.d.ts +1 -0
package/dist/commands/finding-fix-estimate.js +95 -0
package/dist/commands/finding-fix-playbook.d.ts +1 -0
package/dist/commands/finding-fix-playbook.js +110 -0
package/dist/commands/finding-fix-priority.d.ts +4 -0
package/dist/commands/finding-fix-priority.js +98 -0
package/dist/commands/finding-fix-rate.d.ts +4 -0
package/dist/commands/finding-fix-rate.js +141 -0
package/dist/commands/finding-fix-suggest.d.ts +4 -0
package/dist/commands/finding-fix-suggest.js +88 -0
package/dist/commands/finding-fix-validation.d.ts +4 -0
package/dist/commands/finding-fix-validation.js +115 -0
package/dist/commands/finding-fix-verify.d.ts +4 -0
package/dist/commands/finding-fix-verify.js +198 -0
package/dist/commands/finding-group-by.d.ts +4 -0
package/dist/commands/finding-group-by.js +86 -0
package/dist/commands/finding-group.d.ts +15 -0
package/dist/commands/finding-group.js +164 -0
package/dist/commands/finding-groupby-file.d.ts +4 -0
package/dist/commands/finding-groupby-file.js +94 -0
package/dist/commands/finding-hotfix-suggest.d.ts +7 -0
package/dist/commands/finding-hotfix-suggest.js +170 -0
package/dist/commands/finding-hotspot-detect.d.ts +1 -0
package/dist/commands/finding-hotspot-detect.js +120 -0
package/dist/commands/finding-hotspot-map.d.ts +4 -0
package/dist/commands/finding-hotspot-map.js +106 -0
package/dist/commands/finding-hotspot.d.ts +4 -0
package/dist/commands/finding-hotspot.js +115 -0
package/dist/commands/finding-impact-radius.d.ts +1 -0
package/dist/commands/finding-impact-radius.js +94 -0
package/dist/commands/finding-impact-rank.d.ts +4 -0
package/dist/commands/finding-impact-rank.js +85 -0
package/dist/commands/finding-impact-score.d.ts +4 -0
package/dist/commands/finding-impact-score.js +123 -0
package/dist/commands/finding-impact.d.ts +4 -0
package/dist/commands/finding-impact.js +135 -0
package/dist/commands/finding-line-blame.d.ts +7 -0
package/dist/commands/finding-line-blame.js +129 -0
package/dist/commands/finding-link-graph.d.ts +4 -0
package/dist/commands/finding-link-graph.js +144 -0
package/dist/commands/finding-link.d.ts +4 -0
package/dist/commands/finding-link.js +128 -0
package/dist/commands/finding-merge-results.d.ts +4 -0
package/dist/commands/finding-merge-results.js +110 -0
package/dist/commands/finding-merge-strategy.d.ts +1 -0
package/dist/commands/finding-merge-strategy.js +84 -0
package/dist/commands/finding-metadata-enrich.d.ts +4 -0
package/dist/commands/finding-metadata-enrich.js +92 -0
package/dist/commands/finding-noise-filter.d.ts +7 -0
package/dist/commands/finding-noise-filter.js +140 -0
package/dist/commands/finding-noise-reduce.d.ts +1 -0
package/dist/commands/finding-noise-reduce.js +81 -0
package/dist/commands/finding-noise-score.d.ts +1 -0
package/dist/commands/finding-noise-score.js +93 -0
package/dist/commands/finding-owner-assign.d.ts +4 -0
package/dist/commands/finding-owner-assign.js +133 -0
package/dist/commands/finding-owner-notify.d.ts +1 -0
package/dist/commands/finding-owner-notify.js +121 -0
package/dist/commands/finding-ownership-assign.d.ts +4 -0
package/dist/commands/finding-ownership-assign.js +101 -0
package/dist/commands/finding-ownership-map.d.ts +4 -0
package/dist/commands/finding-ownership-map.js +118 -0
package/dist/commands/finding-patch-chain.d.ts +1 -0
package/dist/commands/finding-patch-chain.js +90 -0
package/dist/commands/finding-patch-preview.d.ts +4 -0
package/dist/commands/finding-patch-preview.js +103 -0
package/dist/commands/finding-pattern-detect.d.ts +4 -0
package/dist/commands/finding-pattern-detect.js +127 -0
package/dist/commands/finding-pattern-library.d.ts +4 -0
package/dist/commands/finding-pattern-library.js +145 -0
package/dist/commands/finding-pattern-match.d.ts +4 -0
package/dist/commands/finding-pattern-match.js +165 -0
package/dist/commands/finding-prioritize.d.ts +4 -0
package/dist/commands/finding-prioritize.js +119 -0
package/dist/commands/finding-priority-matrix.d.ts +4 -0
package/dist/commands/finding-priority-matrix.js +102 -0
package/dist/commands/finding-priority-queue.d.ts +4 -0
package/dist/commands/finding-priority-queue.js +131 -0
package/dist/commands/finding-priority-rank.d.ts +1 -0
package/dist/commands/finding-priority-rank.js +82 -0
package/dist/commands/finding-quality-gate.d.ts +4 -0
package/dist/commands/finding-quality-gate.js +107 -0
package/dist/commands/finding-rank.d.ts +4 -0
package/dist/commands/finding-rank.js +138 -0
package/dist/commands/finding-reachability-check.d.ts +4 -0
package/dist/commands/finding-reachability-check.js +102 -0
package/dist/commands/finding-reachability.d.ts +4 -0
package/dist/commands/finding-reachability.js +131 -0
package/dist/commands/finding-recurrence-check.d.ts +1 -0
package/dist/commands/finding-recurrence-check.js +103 -0
package/dist/commands/finding-recurrence-detect.d.ts +4 -0
package/dist/commands/finding-recurrence-detect.js +77 -0
package/dist/commands/finding-recurrence.d.ts +4 -0
package/dist/commands/finding-recurrence.js +135 -0
package/dist/commands/finding-regression-check.d.ts +4 -0
package/dist/commands/finding-regression-check.js +112 -0
package/dist/commands/finding-regression-detect.d.ts +1 -0
package/dist/commands/finding-regression-detect.js +86 -0
package/dist/commands/finding-related-rules.d.ts +4 -0
package/dist/commands/finding-related-rules.js +151 -0
package/dist/commands/finding-remediation-cost.d.ts +1 -0
package/dist/commands/finding-remediation-cost.js +79 -0
package/dist/commands/finding-remediation-plan.d.ts +4 -0
package/dist/commands/finding-remediation-plan.js +107 -0
package/dist/commands/finding-reopen-detect.d.ts +1 -0
package/dist/commands/finding-reopen-detect.js +77 -0
package/dist/commands/finding-repeat-detect.d.ts +1 -0
package/dist/commands/finding-repeat-detect.js +92 -0
package/dist/commands/finding-resolution-track.d.ts +4 -0
package/dist/commands/finding-resolution-track.js +150 -0
package/dist/commands/finding-resolution-tracker.d.ts +4 -0
package/dist/commands/finding-resolution-tracker.js +163 -0
package/dist/commands/finding-resolution-workflow.d.ts +1 -0
package/dist/commands/finding-resolution-workflow.js +91 -0
package/dist/commands/finding-resolution.d.ts +4 -0
package/dist/commands/finding-resolution.js +142 -0
package/dist/commands/finding-risk-label.d.ts +1 -0
package/dist/commands/finding-risk-label.js +72 -0
package/dist/commands/finding-risk-matrix.d.ts +4 -0
package/dist/commands/finding-risk-matrix.js +126 -0
package/dist/commands/finding-risk-score.d.ts +4 -0
package/dist/commands/finding-risk-score.js +95 -0
package/dist/commands/finding-root-cause.d.ts +4 -0
package/dist/commands/finding-root-cause.js +184 -0
package/dist/commands/finding-rule-explain.d.ts +4 -0
package/dist/commands/finding-rule-explain.js +140 -0
package/dist/commands/finding-scope-filter.d.ts +1 -0
package/dist/commands/finding-scope-filter.js +77 -0
package/dist/commands/finding-scope-impact.d.ts +1 -0
package/dist/commands/finding-scope-impact.js +83 -0
package/dist/commands/finding-search-index.d.ts +4 -0
package/dist/commands/finding-search-index.js +99 -0
package/dist/commands/finding-security-hotspot.d.ts +4 -0
package/dist/commands/finding-security-hotspot.js +175 -0
package/dist/commands/finding-severity-dist.d.ts +4 -0
package/dist/commands/finding-severity-dist.js +105 -0
package/dist/commands/finding-severity-drift.d.ts +4 -0
package/dist/commands/finding-severity-drift.js +92 -0
package/dist/commands/finding-severity-heatmap.d.ts +4 -0
package/dist/commands/finding-severity-heatmap.js +108 -0
package/dist/commands/finding-severity-histogram.d.ts +4 -0
package/dist/commands/finding-severity-histogram.js +66 -0
package/dist/commands/finding-severity-override.d.ts +4 -0
package/dist/commands/finding-severity-override.js +131 -0
package/dist/commands/finding-severity-rebalance.d.ts +1 -0
package/dist/commands/finding-severity-rebalance.js +108 -0
package/dist/commands/finding-severity-trend.d.ts +4 -0
package/dist/commands/finding-severity-trend.js +127 -0
package/dist/commands/finding-similar-match.d.ts +1 -0
package/dist/commands/finding-similar-match.js +112 -0
package/dist/commands/finding-snippet.d.ts +4 -0
package/dist/commands/finding-snippet.js +102 -0
package/dist/commands/finding-summary-digest.d.ts +7 -0
package/dist/commands/finding-summary-digest.js +145 -0
package/dist/commands/finding-suppress-pattern.d.ts +4 -0
package/dist/commands/finding-suppress-pattern.js +148 -0
package/dist/commands/finding-suppress.d.ts +4 -0
package/dist/commands/finding-suppress.js +164 -0
package/dist/commands/finding-suppression-audit.d.ts +4 -0
package/dist/commands/finding-suppression-audit.js +137 -0
package/dist/commands/finding-suppression-list.d.ts +4 -0
package/dist/commands/finding-suppression-list.js +119 -0
package/dist/commands/finding-suppression-log.d.ts +4 -0
package/dist/commands/finding-suppression-log.js +174 -0
package/dist/commands/finding-time-to-fix.d.ts +1 -0
package/dist/commands/finding-time-to-fix.js +98 -0
package/dist/commands/finding-timeline-view.d.ts +4 -0
package/dist/commands/finding-timeline-view.js +98 -0
package/dist/commands/finding-timeline.d.ts +4 -0
package/dist/commands/finding-timeline.js +143 -0
package/dist/commands/finding-top-offender.d.ts +1 -0
package/dist/commands/finding-top-offender.js +75 -0
package/dist/commands/finding-trace.d.ts +4 -0
package/dist/commands/finding-trace.js +118 -0
package/dist/commands/finding-trend-alert.d.ts +1 -0
package/dist/commands/finding-trend-alert.js +126 -0
package/dist/commands/finding-trend-analysis.d.ts +4 -0
package/dist/commands/finding-trend-analysis.js +95 -0
package/dist/commands/finding-trend-forecast.d.ts +4 -0
package/dist/commands/finding-trend-forecast.js +106 -0
package/dist/commands/finding-trend-report.d.ts +4 -0
package/dist/commands/finding-trend-report.js +107 -0
package/dist/commands/finding-trend.d.ts +4 -0
package/dist/commands/finding-trend.js +118 -0
package/dist/commands/fix-pr.d.ts +22 -0
package/dist/commands/fix-pr.js +286 -0
package/dist/commands/fix-suggest.d.ts +4 -0
package/dist/commands/fix-suggest.js +171 -0
package/dist/commands/fix-verify.d.ts +4 -0
package/dist/commands/fix-verify.js +123 -0
package/dist/commands/fix.d.ts +117 -0
package/dist/commands/fix.js +445 -0
package/dist/commands/focus-area.d.ts +5 -0
package/dist/commands/focus-area.js +192 -0
package/dist/commands/generate.d.ts +7 -0
package/dist/commands/generate.js +403 -0
package/dist/commands/governance.d.ts +31 -0
package/dist/commands/governance.js +202 -0
package/dist/commands/group-findings.d.ts +22 -0
package/dist/commands/group-findings.js +154 -0
package/dist/commands/guided-tour.d.ts +8 -0
package/dist/commands/guided-tour.js +287 -0
package/dist/commands/habit-tracker.d.ts +7 -0
package/dist/commands/habit-tracker.js +194 -0
package/dist/commands/hallucination-detect.d.ts +4 -0
package/dist/commands/hallucination-detect.js +350 -0
package/dist/commands/hallucination-score.d.ts +8 -0
package/dist/commands/hallucination-score.js +316 -0
package/dist/commands/help.d.ts +7 -0
package/dist/commands/help.js +302 -0
package/dist/commands/hook-install.d.ts +21 -0
package/dist/commands/hook-install.js +142 -0
package/dist/commands/hook.d.ts +8 -0
package/dist/commands/hook.js +145 -0
package/dist/commands/iac-lint.d.ts +7 -0
package/dist/commands/iac-lint.js +312 -0
package/dist/commands/idempotency-audit.d.ts +4 -0
package/dist/commands/idempotency-audit.js +222 -0
package/dist/commands/ignore-list.d.ts +18 -0
package/dist/commands/ignore-list.js +152 -0
package/dist/commands/impact-scan.d.ts +8 -0
package/dist/commands/impact-scan.js +281 -0
package/dist/commands/incident-response.d.ts +7 -0
package/dist/commands/incident-response.js +254 -0
package/dist/commands/incremental-review.d.ts +4 -0
package/dist/commands/incremental-review.js +236 -0
package/dist/commands/init.d.ts +10 -0
package/dist/commands/init.js +265 -0
package/dist/commands/input-guard.d.ts +4 -0
package/dist/commands/input-guard.js +255 -0
package/dist/commands/interactive-fix.d.ts +22 -0
package/dist/commands/interactive-fix.js +139 -0
package/dist/commands/judge-author.d.ts +7 -0
package/dist/commands/judge-author.js +260 -0
package/dist/commands/judge-config.d.ts +4 -0
package/dist/commands/judge-config.js +151 -0
package/dist/commands/judge-learn.d.ts +8 -0
package/dist/commands/judge-learn.js +217 -0
package/dist/commands/judge-reputation.d.ts +28 -0
package/dist/commands/judge-reputation.js +198 -0
package/dist/commands/kb.d.ts +40 -0
package/dist/commands/kb.js +228 -0
package/dist/commands/language-packs.d.ts +42 -0
package/dist/commands/language-packs.js +150 -0
package/dist/commands/learn.d.ts +26 -0
package/dist/commands/learn.js +288 -0
package/dist/commands/learning-path.d.ts +8 -0
package/dist/commands/learning-path.js +325 -0
package/dist/commands/license-scan.d.ts +8 -0
package/dist/commands/license-scan.js +183 -0
package/dist/commands/llm-benchmark-optimizer.d.ts +78 -0
package/dist/commands/llm-benchmark-optimizer.js +241 -0
package/dist/commands/llm-benchmark.d.ts +156 -0
package/dist/commands/llm-benchmark.js +670 -0
package/dist/commands/log-quality.d.ts +5 -0
package/dist/commands/log-quality.js +211 -0
package/dist/commands/logic-lint.d.ts +4 -0
package/dist/commands/logic-lint.js +255 -0
package/dist/commands/lsp.d.ts +23 -0
package/dist/commands/lsp.js +285 -0
package/dist/commands/merge-verdict.d.ts +4 -0
package/dist/commands/merge-verdict.js +287 -0
package/dist/commands/metrics-dashboard.d.ts +21 -0
package/dist/commands/metrics-dashboard.js +334 -0
package/dist/commands/metrics.d.ts +57 -0
package/dist/commands/metrics.js +241 -0
package/dist/commands/migration-safety.d.ts +5 -0
package/dist/commands/migration-safety.js +256 -0
package/dist/commands/model-report.d.ts +8 -0
package/dist/commands/model-report.js +194 -0
package/dist/commands/model-risk.d.ts +27 -0
package/dist/commands/model-risk.js +220 -0
package/dist/commands/monorepo.d.ts +37 -0
package/dist/commands/monorepo.js +232 -0
package/dist/commands/multi-lang-review.d.ts +4 -0
package/dist/commands/multi-lang-review.js +230 -0
package/dist/commands/noise-advisor.d.ts +29 -0
package/dist/commands/noise-advisor.js +170 -0
package/dist/commands/notify.d.ts +78 -0
package/dist/commands/notify.js +324 -0
package/dist/commands/null-safety-audit.d.ts +5 -0
package/dist/commands/null-safety-audit.js +221 -0
package/dist/commands/observability-gap.d.ts +5 -0
package/dist/commands/observability-gap.js +211 -0
package/dist/commands/onboard.d.ts +12 -0
package/dist/commands/onboard.js +178 -0
package/dist/commands/org-metrics.d.ts +23 -0
package/dist/commands/org-metrics.js +237 -0
package/dist/commands/org-policy.d.ts +7 -0
package/dist/commands/org-policy.js +207 -0
package/dist/commands/over-abstraction.d.ts +4 -0
package/dist/commands/over-abstraction.js +307 -0
package/dist/commands/override.d.ts +61 -0
package/dist/commands/override.js +268 -0
package/dist/commands/ownership-map.d.ts +5 -0
package/dist/commands/ownership-map.js +217 -0
package/dist/commands/parity.d.ts +30 -0
package/dist/commands/parity.js +212 -0
package/dist/commands/pattern-registry.d.ts +22 -0
package/dist/commands/pattern-registry.js +226 -0
package/dist/commands/perf-compare.d.ts +8 -0
package/dist/commands/perf-compare.js +245 -0
package/dist/commands/perf-hotspot.d.ts +7 -0
package/dist/commands/perf-hotspot.js +273 -0
package/dist/commands/phantom-import.d.ts +4 -0
package/dist/commands/phantom-import.js +260 -0
package/dist/commands/pii-scan.d.ts +7 -0
package/dist/commands/pii-scan.js +299 -0
package/dist/commands/plugin-search.d.ts +39 -0
package/dist/commands/plugin-search.js +327 -0
package/dist/commands/plugins.d.ts +12 -0
package/dist/commands/plugins.js +104 -0
package/dist/commands/policy-audit.d.ts +52 -0
package/dist/commands/policy-audit.js +160 -0
package/dist/commands/pr-quality-gate.d.ts +28 -0
package/dist/commands/pr-quality-gate.js +207 -0
package/dist/commands/pr-summary.d.ts +25 -0
package/dist/commands/pr-summary.js +187 -0
package/dist/commands/predict.d.ts +7 -0
package/dist/commands/predict.js +218 -0
package/dist/commands/privilege-path.d.ts +4 -0
package/dist/commands/privilege-path.js +233 -0
package/dist/commands/profile.d.ts +37 -0
package/dist/commands/profile.js +101 -0
package/dist/commands/prompt-replay.d.ts +7 -0
package/dist/commands/prompt-replay.js +176 -0
package/dist/commands/quality-gate.d.ts +69 -0
package/dist/commands/quality-gate.js +252 -0
package/dist/commands/query.d.ts +19 -0
package/dist/commands/query.js +229 -0
package/dist/commands/quick-check.d.ts +4 -0
package/dist/commands/quick-check.js +173 -0
package/dist/commands/recommend.d.ts +20 -0
package/dist/commands/recommend.js +282 -0
package/dist/commands/refactor-safety.d.ts +8 -0
package/dist/commands/refactor-safety.js +273 -0
package/dist/commands/reg-watch.d.ts +20 -0
package/dist/commands/reg-watch.js +219 -0
package/dist/commands/regression-alert.d.ts +31 -0
package/dist/commands/regression-alert.js +215 -0
package/dist/commands/remediation-lib.d.ts +8 -0
package/dist/commands/remediation-lib.js +265 -0
package/dist/commands/remediation.d.ts +20 -0
package/dist/commands/remediation.js +256 -0
package/dist/commands/report-template.d.ts +16 -0
package/dist/commands/report-template.js +290 -0
package/dist/commands/report.d.ts +12 -0
package/dist/commands/report.js +139 -0
package/dist/commands/resource-cleanup.d.ts +6 -0
package/dist/commands/resource-cleanup.js +235 -0
package/dist/commands/retro.d.ts +22 -0
package/dist/commands/retro.js +211 -0
package/dist/commands/retry-pattern-audit.d.ts +5 -0
package/dist/commands/retry-pattern-audit.js +215 -0
package/dist/commands/review-ab-test.d.ts +4 -0
package/dist/commands/review-ab-test.js +224 -0
package/dist/commands/review-access-log.d.ts +4 -0
package/dist/commands/review-access-log.js +65 -0
package/dist/commands/review-action-item-gen.d.ts +1 -0
package/dist/commands/review-action-item-gen.js +72 -0
package/dist/commands/review-adoption-metrics.d.ts +4 -0
package/dist/commands/review-adoption-metrics.js +95 -0
package/dist/commands/review-adoption-score.d.ts +1 -0
package/dist/commands/review-adoption-score.js +181 -0
package/dist/commands/review-ai-feedback-loop.d.ts +1 -0
package/dist/commands/review-ai-feedback-loop.js +116 -0
package/dist/commands/review-annotate.d.ts +4 -0
package/dist/commands/review-annotate.js +122 -0
package/dist/commands/review-annotation-export.d.ts +4 -0
package/dist/commands/review-annotation-export.js +105 -0
package/dist/commands/review-annotation.d.ts +4 -0
package/dist/commands/review-annotation.js +133 -0
package/dist/commands/review-api-export.d.ts +4 -0
package/dist/commands/review-api-export.js +98 -0
package/dist/commands/review-approval-criteria.d.ts +1 -0
package/dist/commands/review-approval-criteria.js +99 -0
package/dist/commands/review-approval-gate.d.ts +7 -0
package/dist/commands/review-approval-gate.js +190 -0
package/dist/commands/review-approval.d.ts +4 -0
package/dist/commands/review-approval.js +133 -0
package/dist/commands/review-archive-search.d.ts +4 -0
package/dist/commands/review-archive-search.js +70 -0
package/dist/commands/review-archive.d.ts +4 -0
package/dist/commands/review-archive.js +135 -0
package/dist/commands/review-audit-export.d.ts +4 -0
package/dist/commands/review-audit-export.js +93 -0
package/dist/commands/review-audit-log.d.ts +4 -0
package/dist/commands/review-audit-log.js +140 -0
package/dist/commands/review-audit-trail.d.ts +4 -0
package/dist/commands/review-audit-trail.js +96 -0
package/dist/commands/review-auto-merge.d.ts +4 -0
package/dist/commands/review-auto-merge.js +175 -0
package/dist/commands/review-badge.d.ts +4 -0
package/dist/commands/review-badge.js +152 -0
package/dist/commands/review-batch-files.d.ts +4 -0
package/dist/commands/review-batch-files.js +82 -0
package/dist/commands/review-batch-mode.d.ts +4 -0
package/dist/commands/review-batch-mode.js +97 -0
package/dist/commands/review-batch-run.d.ts +4 -0
package/dist/commands/review-batch-run.js +149 -0
package/dist/commands/review-benchmark-self.d.ts +4 -0
package/dist/commands/review-benchmark-self.js +140 -0
package/dist/commands/review-blame-map.d.ts +4 -0
package/dist/commands/review-blame-map.js +100 -0
package/dist/commands/review-branch-compare.d.ts +4 -0
package/dist/commands/review-branch-compare.js +108 -0
package/dist/commands/review-branch-policy.d.ts +4 -0
package/dist/commands/review-branch-policy.js +102 -0
package/dist/commands/review-bulk-action.d.ts +4 -0
package/dist/commands/review-bulk-action.js +109 -0
package/dist/commands/review-bulk-apply.d.ts +4 -0
package/dist/commands/review-bulk-apply.js +102 -0
package/dist/commands/review-cache-clear.d.ts +4 -0
package/dist/commands/review-cache-clear.js +160 -0
package/dist/commands/review-cache-warm.d.ts +4 -0
package/dist/commands/review-cache-warm.js +70 -0
package/dist/commands/review-cache.d.ts +22 -0
package/dist/commands/review-cache.js +134 -0
package/dist/commands/review-changelog-entry.d.ts +7 -0
package/dist/commands/review-changelog-entry.js +109 -0
package/dist/commands/review-changelog-gen.d.ts +4 -0
package/dist/commands/review-changelog-gen.js +117 -0
package/dist/commands/review-changelog-impact.d.ts +1 -0
package/dist/commands/review-changelog-impact.js +89 -0
package/dist/commands/review-checklist.d.ts +4 -0
package/dist/commands/review-checklist.js +144 -0
package/dist/commands/review-checkpoint.d.ts +4 -0
package/dist/commands/review-checkpoint.js +163 -0
package/dist/commands/review-ci-gate.d.ts +4 -0
package/dist/commands/review-ci-gate.js +114 -0
package/dist/commands/review-ci-insight.d.ts +1 -0
package/dist/commands/review-ci-insight.js +100 -0
package/dist/commands/review-ci-integration.d.ts +4 -0
package/dist/commands/review-ci-integration.js +125 -0
package/dist/commands/review-ci-status.d.ts +4 -0
package/dist/commands/review-ci-status.js +200 -0
package/dist/commands/review-cicd-integrate.d.ts +4 -0
package/dist/commands/review-cicd-integrate.js +122 -0
package/dist/commands/review-code-health-score.d.ts +1 -0
package/dist/commands/review-code-health-score.js +100 -0
package/dist/commands/review-code-owner.d.ts +7 -0
package/dist/commands/review-code-owner.js +164 -0
package/dist/commands/review-code-ownership.d.ts +1 -0
package/dist/commands/review-code-ownership.js +88 -0
package/dist/commands/review-comment.d.ts +4 -0
package/dist/commands/review-comment.js +165 -0
package/dist/commands/review-commit-hook.d.ts +7 -0
package/dist/commands/review-commit-hook.js +134 -0
package/dist/commands/review-commit-quality.d.ts +1 -0
package/dist/commands/review-commit-quality.js +94 -0
package/dist/commands/review-comparative.d.ts +4 -0
package/dist/commands/review-comparative.js +149 -0
package/dist/commands/review-compare-version.d.ts +4 -0
package/dist/commands/review-compare-version.js +108 -0
package/dist/commands/review-compare.d.ts +4 -0
package/dist/commands/review-compare.js +200 -0
package/dist/commands/review-compliance-check.d.ts +4 -0
package/dist/commands/review-compliance-check.js +202 -0
package/dist/commands/review-compliance-gate.d.ts +4 -0
package/dist/commands/review-compliance-gate.js +151 -0
package/dist/commands/review-compliance-map.d.ts +4 -0
package/dist/commands/review-compliance-map.js +110 -0
package/dist/commands/review-compliance-report.d.ts +4 -0
package/dist/commands/review-compliance-report.js +127 -0
package/dist/commands/review-confidence-explain.d.ts +1 -0
package/dist/commands/review-confidence-explain.js +99 -0
package/dist/commands/review-config-diff.d.ts +4 -0
package/dist/commands/review-config-diff.js +108 -0
package/dist/commands/review-config-export.d.ts +4 -0
package/dist/commands/review-config-export.js +124 -0
package/dist/commands/review-config-health.d.ts +1 -0
package/dist/commands/review-config-health.js +172 -0
package/dist/commands/review-config-migrate.d.ts +4 -0
package/dist/commands/review-config-migrate.js +123 -0
package/dist/commands/review-config-template.d.ts +4 -0
package/dist/commands/review-config-template.js +112 -0
package/dist/commands/review-config-validate.d.ts +4 -0
package/dist/commands/review-config-validate.js +110 -0
package/dist/commands/review-contract.d.ts +4 -0
package/dist/commands/review-contract.js +199 -0
package/dist/commands/review-coverage-gap.d.ts +4 -0
package/dist/commands/review-coverage-gap.js +120 -0
package/dist/commands/review-coverage-map.d.ts +4 -0
package/dist/commands/review-coverage-map.js +194 -0
package/dist/commands/review-custom-judge-config.d.ts +4 -0
package/dist/commands/review-custom-judge-config.js +103 -0
package/dist/commands/review-custom-judge.d.ts +4 -0
package/dist/commands/review-custom-judge.js +182 -0
package/dist/commands/review-custom-prompt.d.ts +4 -0
package/dist/commands/review-custom-prompt.js +170 -0
package/dist/commands/review-custom-rule.d.ts +4 -0
package/dist/commands/review-custom-rule.js +169 -0
package/dist/commands/review-dashboard-data.d.ts +4 -0
package/dist/commands/review-dashboard-data.js +142 -0
package/dist/commands/review-dashboard.d.ts +4 -0
package/dist/commands/review-dashboard.js +140 -0
package/dist/commands/review-data-retention.d.ts +4 -0
package/dist/commands/review-data-retention.js +119 -0
package/dist/commands/review-dependency-graph.d.ts +4 -0
package/dist/commands/review-dependency-graph.js +94 -0
package/dist/commands/review-dependency-review.d.ts +1 -0
package/dist/commands/review-dependency-review.js +104 -0
package/dist/commands/review-deployment-gate.d.ts +4 -0
package/dist/commands/review-deployment-gate.js +94 -0
package/dist/commands/review-depth.d.ts +4 -0
package/dist/commands/review-depth.js +142 -0
package/dist/commands/review-diff-annotate.d.ts +4 -0
package/dist/commands/review-diff-annotate.js +104 -0
package/dist/commands/review-diff-context.d.ts +4 -0
package/dist/commands/review-diff-context.js +158 -0
package/dist/commands/review-diff-highlight.d.ts +4 -0
package/dist/commands/review-diff-highlight.js +179 -0
package/dist/commands/review-diff-stats.d.ts +4 -0
package/dist/commands/review-diff-stats.js +90 -0
package/dist/commands/review-diff-summary.d.ts +4 -0
package/dist/commands/review-diff-summary.js +154 -0
package/dist/commands/review-digest-gen.d.ts +1 -0
package/dist/commands/review-digest-gen.js +100 -0
package/dist/commands/review-digest.d.ts +4 -0
package/dist/commands/review-digest.js +265 -0
package/dist/commands/review-dry-run.d.ts +4 -0
package/dist/commands/review-dry-run.js +120 -0
package/dist/commands/review-engagement-score.d.ts +1 -0
package/dist/commands/review-engagement-score.js +111 -0
package/dist/commands/review-env-check.d.ts +4 -0
package/dist/commands/review-env-check.js +115 -0
package/dist/commands/review-environment-config.d.ts +4 -0
package/dist/commands/review-environment-config.js +102 -0
package/dist/commands/review-escalation-path.d.ts +1 -0
package/dist/commands/review-escalation-path.js +86 -0
package/dist/commands/review-exclude-vendor.d.ts +4 -0
package/dist/commands/review-exclude-vendor.js +158 -0
package/dist/commands/review-explain.d.ts +5 -0
package/dist/commands/review-explain.js +194 -0
package/dist/commands/review-export-pdf.d.ts +7 -0
package/dist/commands/review-export-pdf.js +131 -0
package/dist/commands/review-export.d.ts +4 -0
package/dist/commands/review-export.js +179 -0
package/dist/commands/review-feedback-loop.d.ts +4 -0
package/dist/commands/review-feedback-loop.js +113 -0
package/dist/commands/review-feedback-summary.d.ts +1 -0
package/dist/commands/review-feedback-summary.js +130 -0
package/dist/commands/review-feedback.d.ts +4 -0
package/dist/commands/review-feedback.js +145 -0
package/dist/commands/review-file-complexity.d.ts +4 -0
package/dist/commands/review-file-complexity.js +137 -0
package/dist/commands/review-file-filter.d.ts +4 -0
package/dist/commands/review-file-filter.js +121 -0
package/dist/commands/review-file-stats.d.ts +4 -0
package/dist/commands/review-file-stats.js +130 -0
package/dist/commands/review-filter.d.ts +4 -0
package/dist/commands/review-filter.js +161 -0
package/dist/commands/review-finding-link.d.ts +7 -0
package/dist/commands/review-finding-link.js +115 -0
package/dist/commands/review-focus-area.d.ts +1 -0
package/dist/commands/review-focus-area.js +96 -0
package/dist/commands/review-focus.d.ts +4 -0
package/dist/commands/review-focus.js +196 -0
package/dist/commands/review-gate-config.d.ts +4 -0
package/dist/commands/review-gate-config.js +153 -0
package/dist/commands/review-gate.d.ts +4 -0
package/dist/commands/review-gate.js +212 -0
package/dist/commands/review-goal-track.d.ts +1 -0
package/dist/commands/review-goal-track.js +123 -0
package/dist/commands/review-guardrail.d.ts +4 -0
package/dist/commands/review-guardrail.js +155 -0
package/dist/commands/review-handoff.d.ts +4 -0
package/dist/commands/review-handoff.js +208 -0
package/dist/commands/review-health-check.d.ts +4 -0
package/dist/commands/review-health-check.js +148 -0
package/dist/commands/review-health-trend.d.ts +1 -0
package/dist/commands/review-health-trend.js +107 -0
package/dist/commands/review-history-compare.d.ts +4 -0
package/dist/commands/review-history-compare.js +93 -0
package/dist/commands/review-history-search.d.ts +4 -0
package/dist/commands/review-history-search.js +214 -0
package/dist/commands/review-ide-sync.d.ts +4 -0
package/dist/commands/review-ide-sync.js +91 -0
package/dist/commands/review-ignore-path.d.ts +4 -0
package/dist/commands/review-ignore-path.js +147 -0
package/dist/commands/review-ignore-pattern.d.ts +5 -0
package/dist/commands/review-ignore-pattern.js +138 -0
package/dist/commands/review-incident-link.d.ts +4 -0
package/dist/commands/review-incident-link.js +93 -0
package/dist/commands/review-incremental.d.ts +4 -0
package/dist/commands/review-incremental.js +128 -0
package/dist/commands/review-integration-health.d.ts +4 -0
package/dist/commands/review-integration-health.js +84 -0
package/dist/commands/review-integration-test.d.ts +4 -0
package/dist/commands/review-integration-test.js +145 -0
package/dist/commands/review-integration.d.ts +4 -0
package/dist/commands/review-integration.js +236 -0
package/dist/commands/review-interactive.d.ts +4 -0
package/dist/commands/review-interactive.js +85 -0
package/dist/commands/review-knowledge-capture.d.ts +1 -0
package/dist/commands/review-knowledge-capture.js +94 -0
package/dist/commands/review-language-profile.d.ts +4 -0
package/dist/commands/review-language-profile.js +72 -0
package/dist/commands/review-language-stats.d.ts +4 -0
package/dist/commands/review-language-stats.js +152 -0
package/dist/commands/review-lock-file.d.ts +4 -0
package/dist/commands/review-lock-file.js +153 -0
package/dist/commands/review-lock.d.ts +4 -0
package/dist/commands/review-lock.js +107 -0
package/dist/commands/review-log.d.ts +22 -0
package/dist/commands/review-log.js +164 -0
package/dist/commands/review-mentor-suggest.d.ts +1 -0
package/dist/commands/review-mentor-suggest.js +112 -0
package/dist/commands/review-merge-check.d.ts +4 -0
package/dist/commands/review-merge-check.js +101 -0
package/dist/commands/review-merge-config.d.ts +4 -0
package/dist/commands/review-merge-config.js +119 -0
package/dist/commands/review-merge-readiness.d.ts +1 -0
package/dist/commands/review-merge-readiness.js +90 -0
package/dist/commands/review-merge-request.d.ts +4 -0
package/dist/commands/review-merge-request.js +95 -0
package/dist/commands/review-merge.d.ts +4 -0
package/dist/commands/review-merge.js +145 -0
package/dist/commands/review-metric-export.d.ts +4 -0
package/dist/commands/review-metric-export.js +62 -0
package/dist/commands/review-milestone.d.ts +4 -0
package/dist/commands/review-milestone.js +136 -0
package/dist/commands/review-multi-repo-sync.d.ts +4 -0
package/dist/commands/review-multi-repo-sync.js +115 -0
package/dist/commands/review-multi-repo.d.ts +4 -0
package/dist/commands/review-multi-repo.js +145 -0
package/dist/commands/review-note.d.ts +4 -0
package/dist/commands/review-note.js +104 -0
package/dist/commands/review-notification-config.d.ts +4 -0
package/dist/commands/review-notification-config.js +122 -0
package/dist/commands/review-notification-digest.d.ts +4 -0
package/dist/commands/review-notification-digest.js +64 -0
package/dist/commands/review-notification.d.ts +4 -0
package/dist/commands/review-notification.js +126 -0
package/dist/commands/review-notify.d.ts +4 -0
package/dist/commands/review-notify.js +143 -0
package/dist/commands/review-offline.d.ts +4 -0
package/dist/commands/review-offline.js +125 -0
package/dist/commands/review-onboard-checklist.d.ts +4 -0
package/dist/commands/review-onboard-checklist.js +119 -0
package/dist/commands/review-onboard-wizard.d.ts +4 -0
package/dist/commands/review-onboard-wizard.js +92 -0
package/dist/commands/review-onboard.d.ts +4 -0
package/dist/commands/review-onboard.js +154 -0
package/dist/commands/review-onboarding-check.d.ts +1 -0
package/dist/commands/review-onboarding-check.js +93 -0
package/dist/commands/review-org-dashboard.d.ts +4 -0
package/dist/commands/review-org-dashboard.js +68 -0
package/dist/commands/review-output-filter.d.ts +4 -0
package/dist/commands/review-output-filter.js +112 -0
package/dist/commands/review-output-format.d.ts +4 -0
package/dist/commands/review-output-format.js +144 -0
package/dist/commands/review-output-transform.d.ts +4 -0
package/dist/commands/review-output-transform.js +119 -0
package/dist/commands/review-owner.d.ts +4 -0
package/dist/commands/review-owner.js +129 -0
package/dist/commands/review-parallel-diff.d.ts +4 -0
package/dist/commands/review-parallel-diff.js +146 -0
package/dist/commands/review-parallel-files.d.ts +7 -0
package/dist/commands/review-parallel-files.js +134 -0
package/dist/commands/review-parallel-run.d.ts +4 -0
package/dist/commands/review-parallel-run.js +116 -0
package/dist/commands/review-parallel.d.ts +4 -0
package/dist/commands/review-parallel.js +164 -0
package/dist/commands/review-perf-profile.d.ts +4 -0
package/dist/commands/review-perf-profile.js +98 -0
package/dist/commands/review-permission-model.d.ts +4 -0
package/dist/commands/review-permission-model.js +149 -0
package/dist/commands/review-pipeline-status.d.ts +4 -0
package/dist/commands/review-pipeline-status.js +54 -0
package/dist/commands/review-plugin-config.d.ts +4 -0
package/dist/commands/review-plugin-config.js +167 -0
package/dist/commands/review-plugin-list.d.ts +4 -0
package/dist/commands/review-plugin-list.js +99 -0
package/dist/commands/review-plugin-manage.d.ts +4 -0
package/dist/commands/review-plugin-manage.js +137 -0
package/dist/commands/review-plugin-status.d.ts +4 -0
package/dist/commands/review-plugin-status.js +53 -0
package/dist/commands/review-policy-enforce.d.ts +1 -0
package/dist/commands/review-policy-enforce.js +92 -0
package/dist/commands/review-policy-engine.d.ts +4 -0
package/dist/commands/review-policy-engine.js +135 -0
package/dist/commands/review-pr-comment-gen.d.ts +4 -0
package/dist/commands/review-pr-comment-gen.js +62 -0
package/dist/commands/review-pr-comment.d.ts +4 -0
package/dist/commands/review-pr-comment.js +106 -0
package/dist/commands/review-pr-label-suggest.d.ts +1 -0
package/dist/commands/review-pr-label-suggest.js +77 -0
package/dist/commands/review-pr-size-check.d.ts +1 -0
package/dist/commands/review-pr-size-check.js +98 -0
package/dist/commands/review-pr-template.d.ts +4 -0
package/dist/commands/review-pr-template.js +104 -0
package/dist/commands/review-preset-save.d.ts +4 -0
package/dist/commands/review-preset-save.js +159 -0
package/dist/commands/review-priority.d.ts +4 -0
package/dist/commands/review-priority.js +157 -0
package/dist/commands/review-profile.d.ts +4 -0
package/dist/commands/review-profile.js +168 -0
package/dist/commands/review-progress-bar.d.ts +4 -0
package/dist/commands/review-progress-bar.js +157 -0
package/dist/commands/review-progress-report.d.ts +1 -0
package/dist/commands/review-progress-report.js +95 -0
package/dist/commands/review-progress-track.d.ts +4 -0
package/dist/commands/review-progress-track.js +94 -0
package/dist/commands/review-quality-baseline.d.ts +1 -0
package/dist/commands/review-quality-baseline.js +134 -0
package/dist/commands/review-quality-gate.d.ts +1 -0
package/dist/commands/review-quality-gate.js +86 -0
package/dist/commands/review-quality-score.d.ts +4 -0
package/dist/commands/review-quality-score.js +127 -0
package/dist/commands/review-quality-trend.d.ts +4 -0
package/dist/commands/review-quality-trend.js +57 -0
package/dist/commands/review-queue.d.ts +33 -0
package/dist/commands/review-queue.js +225 -0
package/dist/commands/review-quickstart.d.ts +4 -0
package/dist/commands/review-quickstart.js +107 -0
package/dist/commands/review-quota-check.d.ts +4 -0
package/dist/commands/review-quota-check.js +97 -0
package/dist/commands/review-quota.d.ts +4 -0
package/dist/commands/review-quota.js +126 -0
package/dist/commands/review-rate-limit.d.ts +4 -0
package/dist/commands/review-rate-limit.js +130 -0
package/dist/commands/review-readiness-check.d.ts +1 -0
package/dist/commands/review-readiness-check.js +98 -0
package/dist/commands/review-receipt.d.ts +4 -0
package/dist/commands/review-receipt.js +220 -0
package/dist/commands/review-release-gate.d.ts +1 -0
package/dist/commands/review-release-gate.js +81 -0
package/dist/commands/review-replay.d.ts +8 -0
package/dist/commands/review-replay.js +264 -0
package/dist/commands/review-repo-onboard.d.ts +4 -0
package/dist/commands/review-repo-onboard.js +114 -0
package/dist/commands/review-report-archive.d.ts +4 -0
package/dist/commands/review-report-archive.js +100 -0
package/dist/commands/review-report-merge.d.ts +4 -0
package/dist/commands/review-report-merge.js +90 -0
package/dist/commands/review-report-pdf.d.ts +4 -0
package/dist/commands/review-report-pdf.js +163 -0
package/dist/commands/review-report-schedule.d.ts +4 -0
package/dist/commands/review-report-schedule.js +96 -0
package/dist/commands/review-retrospective.d.ts +1 -0
package/dist/commands/review-retrospective.js +118 -0
package/dist/commands/review-retry.d.ts +4 -0
package/dist/commands/review-retry.js +91 -0
package/dist/commands/review-review-cadence.d.ts +1 -0
package/dist/commands/review-review-cadence.js +85 -0
package/dist/commands/review-review-comments.d.ts +4 -0
package/dist/commands/review-review-comments.js +84 -0
package/dist/commands/review-reviewer-match.d.ts +1 -0
package/dist/commands/review-reviewer-match.js +108 -0
package/dist/commands/review-risk-matrix.d.ts +1 -0
package/dist/commands/review-risk-matrix.js +96 -0
package/dist/commands/review-risk-score.d.ts +4 -0
package/dist/commands/review-risk-score.js +156 -0
package/dist/commands/review-role-assignment.d.ts +4 -0
package/dist/commands/review-role-assignment.js +98 -0
package/dist/commands/review-rollback.d.ts +4 -0
package/dist/commands/review-rollback.js +171 -0
package/dist/commands/review-rollout-plan.d.ts +4 -0
package/dist/commands/review-rollout-plan.js +123 -0
package/dist/commands/review-rule-filter.d.ts +4 -0
package/dist/commands/review-rule-filter.js +116 -0
package/dist/commands/review-rule-stats.d.ts +4 -0
package/dist/commands/review-rule-stats.js +161 -0
package/dist/commands/review-sandbox.d.ts +4 -0
package/dist/commands/review-sandbox.js +191 -0
package/dist/commands/review-schedule.d.ts +4 -0
package/dist/commands/review-schedule.js +169 -0
package/dist/commands/review-scope-limit.d.ts +4 -0
package/dist/commands/review-scope-limit.js +100 -0
package/dist/commands/review-scope-lock.d.ts +7 -0
package/dist/commands/review-scope-lock.js +138 -0
package/dist/commands/review-scope-select.d.ts +4 -0
package/dist/commands/review-scope-select.js +98 -0
package/dist/commands/review-scope-suggest.d.ts +1 -0
package/dist/commands/review-scope-suggest.js +112 -0
package/dist/commands/review-scope.d.ts +4 -0
package/dist/commands/review-scope.js +197 -0
package/dist/commands/review-score-history.d.ts +4 -0
package/dist/commands/review-score-history.js +137 -0
package/dist/commands/review-security-posture.d.ts +1 -0
package/dist/commands/review-security-posture.js +105 -0
package/dist/commands/review-session-replay.d.ts +4 -0
package/dist/commands/review-session-replay.js +81 -0
package/dist/commands/review-session-save.d.ts +4 -0
package/dist/commands/review-session-save.js +173 -0
package/dist/commands/review-session.d.ts +4 -0
package/dist/commands/review-session.js +150 -0
package/dist/commands/review-skip-list.d.ts +4 -0
package/dist/commands/review-skip-list.js +135 -0
package/dist/commands/review-skip-rule.d.ts +4 -0
package/dist/commands/review-skip-rule.js +105 -0
package/dist/commands/review-sla-config.d.ts +4 -0
package/dist/commands/review-sla-config.js +88 -0
package/dist/commands/review-slack-format.d.ts +4 -0
package/dist/commands/review-slack-format.js +113 -0
package/dist/commands/review-snapshot-diff.d.ts +4 -0
package/dist/commands/review-snapshot-diff.js +100 -0
package/dist/commands/review-sprint-plan.d.ts +1 -0
package/dist/commands/review-sprint-plan.js +79 -0
package/dist/commands/review-stakeholder-notify.d.ts +1 -0
package/dist/commands/review-stakeholder-notify.js +134 -0
package/dist/commands/review-stakeholder-report.d.ts +4 -0
package/dist/commands/review-stakeholder-report.js +75 -0
package/dist/commands/review-stale-finding-clean.d.ts +1 -0
package/dist/commands/review-stale-finding-clean.js +81 -0
package/dist/commands/review-standup.d.ts +4 -0
package/dist/commands/review-standup.js +95 -0
package/dist/commands/review-stats.d.ts +4 -0
package/dist/commands/review-stats.js +175 -0
package/dist/commands/review-status-badge.d.ts +4 -0
package/dist/commands/review-status-badge.js +120 -0
package/dist/commands/review-streak.d.ts +4 -0
package/dist/commands/review-streak.js +150 -0
package/dist/commands/review-summary-dashboard.d.ts +4 -0
package/dist/commands/review-summary-dashboard.js +96 -0
package/dist/commands/review-summary-email.d.ts +4 -0
package/dist/commands/review-summary-email.js +102 -0
package/dist/commands/review-summary.d.ts +4 -0
package/dist/commands/review-summary.js +174 -0
package/dist/commands/review-tag-manager.d.ts +4 -0
package/dist/commands/review-tag-manager.js +128 -0
package/dist/commands/review-tag.d.ts +4 -0
package/dist/commands/review-tag.js +136 -0
package/dist/commands/review-team-analytics.d.ts +1 -0
package/dist/commands/review-team-analytics.js +94 -0
package/dist/commands/review-team-assign.d.ts +7 -0
package/dist/commands/review-team-assign.js +211 -0
package/dist/commands/review-team-coverage.d.ts +1 -0
package/dist/commands/review-team-coverage.js +95 -0
package/dist/commands/review-team-dashboard.d.ts +4 -0
package/dist/commands/review-team-dashboard.js +98 -0
package/dist/commands/review-team-rotation.d.ts +1 -0
package/dist/commands/review-team-rotation.js +99 -0
package/dist/commands/review-team-skill-map.d.ts +1 -0
package/dist/commands/review-team-skill-map.js +102 -0
package/dist/commands/review-team-stats.d.ts +4 -0
package/dist/commands/review-team-stats.js +97 -0
package/dist/commands/review-team-summary.d.ts +4 -0
package/dist/commands/review-team-summary.js +155 -0
package/dist/commands/review-team-velocity.d.ts +1 -0
package/dist/commands/review-team-velocity.js +103 -0
package/dist/commands/review-template-export.d.ts +4 -0
package/dist/commands/review-template-export.js +146 -0
package/dist/commands/review-template-library.d.ts +4 -0
package/dist/commands/review-template-library.js +155 -0
package/dist/commands/review-template-suggest.d.ts +1 -0
package/dist/commands/review-template-suggest.js +119 -0
package/dist/commands/review-template.d.ts +4 -0
package/dist/commands/review-template.js +212 -0
package/dist/commands/review-tenant-config.d.ts +4 -0
package/dist/commands/review-tenant-config.js +116 -0
package/dist/commands/review-threshold-tune.d.ts +4 -0
package/dist/commands/review-threshold-tune.js +135 -0
package/dist/commands/review-timeline.d.ts +4 -0
package/dist/commands/review-timeline.js +76 -0
package/dist/commands/review-token-budget.d.ts +4 -0
package/dist/commands/review-token-budget.js +117 -0
package/dist/commands/review-velocity-track.d.ts +1 -0
package/dist/commands/review-velocity-track.js +94 -0
package/dist/commands/review-watch-mode.d.ts +7 -0
package/dist/commands/review-watch-mode.js +132 -0
package/dist/commands/review-webhook-dispatch.d.ts +4 -0
package/dist/commands/review-webhook-dispatch.js +99 -0
package/dist/commands/review-webhook-notify.d.ts +4 -0
package/dist/commands/review-webhook-notify.js +145 -0
package/dist/commands/review-webhook.d.ts +4 -0
package/dist/commands/review-webhook.js +140 -0
package/dist/commands/review-whitelist.d.ts +4 -0
package/dist/commands/review-whitelist.js +150 -0
package/dist/commands/review-workflow-suggest.d.ts +1 -0
package/dist/commands/review-workflow-suggest.js +129 -0
package/dist/commands/review-workload-balance.d.ts +1 -0
package/dist/commands/review-workload-balance.js +86 -0
package/dist/commands/review-workspace-init.d.ts +4 -0
package/dist/commands/review-workspace-init.js +104 -0
package/dist/commands/review-workspace-scan.d.ts +4 -0
package/dist/commands/review-workspace-scan.js +144 -0
package/dist/commands/review.d.ts +155 -0
package/dist/commands/review.js +1114 -0
package/dist/commands/risk-heatmap.d.ts +7 -0
package/dist/commands/risk-heatmap.js +223 -0
package/dist/commands/rollback-safety.d.ts +4 -0
package/dist/commands/rollback-safety.js +191 -0
package/dist/commands/rule-catalog.d.ts +4 -0
package/dist/commands/rule-catalog.js +128 -0
package/dist/commands/rule-metrics.d.ts +43 -0
package/dist/commands/rule-metrics.js +113 -0
package/dist/commands/rule-owner.d.ts +30 -0
package/dist/commands/rule-owner.js +181 -0
package/dist/commands/rule-share.d.ts +34 -0
package/dist/commands/rule-share.js +202 -0
package/dist/commands/rule-test.d.ts +4 -0
package/dist/commands/rule-test.js +201 -0
package/dist/commands/rule.d.ts +114 -0
package/dist/commands/rule.js +295 -0
package/dist/commands/sbom-export.d.ts +7 -0
package/dist/commands/sbom-export.js +161 -0
package/dist/commands/scaffold-plugin.d.ts +15 -0
package/dist/commands/scaffold-plugin.js +270 -0
package/dist/commands/secret-age.d.ts +5 -0
package/dist/commands/secret-age.js +214 -0
package/dist/commands/secret-scan.d.ts +7 -0
package/dist/commands/secret-scan.js +244 -0
package/dist/commands/security-maturity.d.ts +7 -0
package/dist/commands/security-maturity.js +312 -0
package/dist/commands/security-theater.d.ts +4 -0
package/dist/commands/security-theater.js +278 -0
package/dist/commands/setup-wizard.d.ts +4 -0
package/dist/commands/setup-wizard.js +174 -0
package/dist/commands/severity-tune.d.ts +4 -0
package/dist/commands/severity-tune.js +208 -0
package/dist/commands/sla-track.d.ts +56 -0
package/dist/commands/sla-track.js +268 -0
package/dist/commands/smart-output.d.ts +38 -0
package/dist/commands/smart-output.js +175 -0
package/dist/commands/smart-select.d.ts +26 -0
package/dist/commands/smart-select.js +345 -0
package/dist/commands/snapshot.d.ts +139 -0
package/dist/commands/snapshot.js +478 -0
package/dist/commands/snippet-eval.d.ts +7 -0
package/dist/commands/snippet-eval.js +223 -0
package/dist/commands/spec-conform.d.ts +4 -0
package/dist/commands/spec-conform.js +304 -0
package/dist/commands/stale-pattern.d.ts +4 -0
package/dist/commands/stale-pattern.js +293 -0
package/dist/commands/state-integrity.d.ts +4 -0
package/dist/commands/state-integrity.js +283 -0
package/dist/commands/suppress.d.ts +39 -0
package/dist/commands/suppress.js +203 -0
package/dist/commands/team-config.d.ts +4 -0
package/dist/commands/team-config.js +234 -0
package/dist/commands/team-leaderboard.d.ts +24 -0
package/dist/commands/team-leaderboard.js +227 -0
package/dist/commands/team-rules-sync.d.ts +7 -0
package/dist/commands/team-rules-sync.js +250 -0
package/dist/commands/team-trust.d.ts +7 -0
package/dist/commands/team-trust.js +174 -0
package/dist/commands/test-correlate.d.ts +7 -0
package/dist/commands/test-correlate.js +221 -0
package/dist/commands/test-isolation.d.ts +5 -0
package/dist/commands/test-isolation.js +234 -0
package/dist/commands/test-quality.d.ts +5 -0
package/dist/commands/test-quality.js +160 -0
package/dist/commands/test-suggest.d.ts +8 -0
package/dist/commands/test-suggest.js +247 -0
package/dist/commands/ticket-sync.d.ts +25 -0
package/dist/commands/ticket-sync.js +235 -0
package/dist/commands/timeout-audit.d.ts +4 -0
package/dist/commands/timeout-audit.js +210 -0
package/dist/commands/trace.d.ts +64 -0
package/dist/commands/trace.js +245 -0
package/dist/commands/trend-report.d.ts +4 -0
package/dist/commands/trend-report.js +148 -0
package/dist/commands/triage.d.ts +15 -0
package/dist/commands/triage.js +171 -0
package/dist/commands/trust-adaptive.d.ts +8 -0
package/dist/commands/trust-adaptive.js +193 -0
package/dist/commands/trust-ramp.d.ts +29 -0
package/dist/commands/trust-ramp.js +189 -0
package/dist/commands/tune.d.ts +24 -0
package/dist/commands/tune.js +380 -0
package/dist/commands/type-boundary.d.ts +4 -0
package/dist/commands/type-boundary.js +235 -0
package/dist/commands/upload.d.ts +13 -0
package/dist/commands/upload.js +172 -0
package/dist/commands/validate-config.d.ts +16 -0
package/dist/commands/validate-config.js +267 -0
package/dist/commands/vendor-lock-detect.d.ts +7 -0
package/dist/commands/vendor-lock-detect.js +288 -0
package/dist/commands/vote.d.ts +31 -0
package/dist/commands/vote.js +200 -0
package/dist/commands/warm-cache.d.ts +30 -0
package/dist/commands/warm-cache.js +165 -0
package/dist/commands/watch-judge.d.ts +7 -0
package/dist/commands/watch-judge.js +179 -0
package/dist/commands/watch.d.ts +22 -0
package/dist/commands/watch.js +147 -0
package/dist/comparison.d.ts +67 -0
package/dist/comparison.js +253 -0
package/dist/config.d.ts +108 -0
package/dist/config.js +694 -0
package/dist/context/context-snippets.d.ts +15 -0
package/dist/context/context-snippets.js +36 -0
package/dist/context/embedding-cache.d.ts +30 -0
package/dist/context/embedding-cache.js +48 -0
package/dist/data-adapter.d.ts +123 -0
package/dist/data-adapter.js +212 -0
package/dist/dedup.d.ts +105 -0
package/dist/dedup.js +606 -0
package/dist/disk-cache.d.ts +59 -0
package/dist/disk-cache.js +236 -0
package/dist/errors.d.ts +43 -0
package/dist/errors.js +63 -0
package/dist/escalation.d.ts +100 -0
package/dist/escalation.js +292 -0
package/dist/evaluation-session.d.ts +74 -0
package/dist/evaluation-session.js +152 -0
package/dist/evaluators/accessibility.d.ts +2 -0
package/dist/evaluators/accessibility.js +559 -0
package/dist/evaluators/agent-instructions.d.ts +2 -0
package/dist/evaluators/agent-instructions.js +214 -0
package/dist/evaluators/ai-code-safety.d.ts +8 -0
package/dist/evaluators/ai-code-safety.js +410 -0
package/dist/evaluators/api-contract.d.ts +9 -0
package/dist/evaluators/api-contract.js +203 -0
package/dist/evaluators/api-design.d.ts +2 -0
package/dist/evaluators/api-design.js +260 -0
package/dist/evaluators/app-builder.d.ts +33 -0
package/dist/evaluators/app-builder.js +155 -0
package/dist/evaluators/authentication.d.ts +2 -0
package/dist/evaluators/authentication.js +455 -0
package/dist/evaluators/backwards-compatibility.d.ts +2 -0
package/dist/evaluators/backwards-compatibility.js +168 -0
package/dist/evaluators/caching.d.ts +2 -0
package/dist/evaluators/caching.js +171 -0
package/dist/evaluators/ci-cd.d.ts +2 -0
package/dist/evaluators/ci-cd.js +218 -0
package/dist/evaluators/cloud-readiness.d.ts +2 -0
package/dist/evaluators/cloud-readiness.js +231 -0
package/dist/evaluators/code-structure.d.ts +21 -0
package/dist/evaluators/code-structure.js +195 -0
package/dist/evaluators/compliance.d.ts +2 -0
package/dist/evaluators/compliance.js +329 -0
package/dist/evaluators/concurrency.d.ts +2 -0
package/dist/evaluators/concurrency.js +307 -0
package/dist/evaluators/configuration-management.d.ts +2 -0
package/dist/evaluators/configuration-management.js +232 -0
package/dist/evaluators/cost-effectiveness.d.ts +2 -0
package/dist/evaluators/cost-effectiveness.js +418 -0
package/dist/evaluators/cybersecurity.d.ts +2 -0
package/dist/evaluators/cybersecurity.js +1197 -0
package/dist/evaluators/data-security.d.ts +2 -0
package/dist/evaluators/data-security.js +467 -0
package/dist/evaluators/data-sovereignty.d.ts +2 -0
package/dist/evaluators/data-sovereignty.js +495 -0
package/dist/evaluators/database.d.ts +2 -0
package/dist/evaluators/database.js +240 -0
package/dist/evaluators/dependencies.d.ts +5 -0
package/dist/evaluators/dependencies.js +228 -0
package/dist/evaluators/dependency-health.d.ts +2 -0
package/dist/evaluators/dependency-health.js +477 -0
package/dist/evaluators/documentation.d.ts +2 -0
package/dist/evaluators/documentation.js +432 -0
package/dist/evaluators/error-handling.d.ts +2 -0
package/dist/evaluators/error-handling.js +426 -0
package/dist/evaluators/ethics-bias.d.ts +2 -0
package/dist/evaluators/ethics-bias.js +263 -0
package/dist/evaluators/false-positive-review.d.ts +21 -0
package/dist/evaluators/false-positive-review.js +1246 -0
package/dist/evaluators/framework-rules.d.ts +58 -0
package/dist/evaluators/framework-rules.js +291 -0
package/dist/evaluators/framework-safety.d.ts +12 -0
package/dist/evaluators/framework-safety.js +1205 -0
package/dist/evaluators/hallucination-detection.d.ts +2 -0
package/dist/evaluators/hallucination-detection.js +1250 -0
package/dist/evaluators/iac-security.d.ts +8 -0
package/dist/evaluators/iac-security.js +701 -0
package/dist/evaluators/index.d.ts +167 -0
package/dist/evaluators/index.js +994 -0
package/dist/evaluators/intent-alignment.d.ts +18 -0
package/dist/evaluators/intent-alignment.js +405 -0
package/dist/evaluators/internationalization.d.ts +2 -0
package/dist/evaluators/internationalization.js +287 -0
package/dist/evaluators/judge-selector.d.ts +19 -0
package/dist/evaluators/judge-selector.js +141 -0
package/dist/evaluators/logging-privacy.d.ts +2 -0
package/dist/evaluators/logging-privacy.js +190 -0
package/dist/evaluators/logic-review.d.ts +2 -0
package/dist/evaluators/logic-review.js +289 -0
package/dist/evaluators/maintainability.d.ts +2 -0
package/dist/evaluators/maintainability.js +430 -0
package/dist/evaluators/model-fingerprint.d.ts +2 -0
package/dist/evaluators/model-fingerprint.js +151 -0
package/dist/evaluators/multi-turn-coherence.d.ts +13 -0
package/dist/evaluators/multi-turn-coherence.js +149 -0
package/dist/evaluators/observability.d.ts +2 -0
package/dist/evaluators/observability.js +238 -0
package/dist/evaluators/over-engineering.d.ts +2 -0
package/dist/evaluators/over-engineering.js +160 -0
package/dist/evaluators/performance.d.ts +2 -0
package/dist/evaluators/performance.js +649 -0
package/dist/evaluators/portability.d.ts +2 -0
package/dist/evaluators/portability.js +254 -0
package/dist/evaluators/project.d.ts +48 -0
package/dist/evaluators/project.js +817 -0
package/dist/evaluators/rate-limiting.d.ts +2 -0
package/dist/evaluators/rate-limiting.js +193 -0
package/dist/evaluators/recall-boost.d.ts +27 -0
package/dist/evaluators/recall-boost.js +409 -0
package/dist/evaluators/reliability.d.ts +2 -0
package/dist/evaluators/reliability.js +245 -0
package/dist/evaluators/scalability.d.ts +2 -0
package/dist/evaluators/scalability.js +230 -0
package/dist/evaluators/security.d.ts +12 -0
package/dist/evaluators/security.js +1013 -0
package/dist/evaluators/shared.d.ts +219 -0
package/dist/evaluators/shared.js +1169 -0
package/dist/evaluators/software-practices.d.ts +2 -0
package/dist/evaluators/software-practices.js +395 -0
package/dist/evaluators/suppressions.d.ts +49 -0
package/dist/evaluators/suppressions.js +185 -0
package/dist/evaluators/testing.d.ts +2 -0
package/dist/evaluators/testing.js +348 -0
package/dist/evaluators/ux.d.ts +2 -0
package/dist/evaluators/ux.js +309 -0
package/dist/evaluators/v2.d.ts +26 -0
package/dist/evaluators/v2.js +354 -0
package/dist/ext-to-lang.d.ts +16 -0
package/dist/ext-to-lang.js +60 -0
package/dist/feedback-loop.d.ts +62 -0
package/dist/feedback-loop.js +179 -0
package/dist/finding-lifecycle.d.ts +215 -0
package/dist/finding-lifecycle.js +547 -0
package/dist/fingerprint.d.ts +39 -0
package/dist/fingerprint.js +179 -0
package/dist/fix-history.d.ts +103 -0
package/dist/fix-history.js +164 -0
package/dist/formatters/badge.d.ts +16 -0
package/dist/formatters/badge.js +78 -0
package/dist/formatters/codeclimate.d.ts +24 -0
package/dist/formatters/codeclimate.js +80 -0
package/dist/formatters/csv.d.ts +16 -0
package/dist/formatters/csv.js +53 -0
package/dist/formatters/diagnostics.d.ts +81 -0
package/dist/formatters/diagnostics.js +152 -0
package/dist/formatters/github-actions.d.ts +6 -0
package/dist/formatters/github-actions.js +68 -0
package/dist/formatters/html.d.ts +12 -0
package/dist/formatters/html.js +194 -0
package/dist/formatters/junit.d.ts +6 -0
package/dist/formatters/junit.js +68 -0
package/dist/formatters/pdf.d.ts +12 -0
package/dist/formatters/pdf.js +114 -0
package/dist/formatters/sarif.d.ts +92 -0
package/dist/formatters/sarif.js +256 -0
package/dist/formatters/shared.d.ts +4 -0
package/dist/formatters/shared.js +29 -0
package/dist/git-diff.d.ts +62 -0
package/dist/git-diff.js +282 -0
package/dist/github-app.d.ts +152 -0
package/dist/github-app.js +716 -0
package/dist/import-resolver.d.ts +51 -0
package/dist/import-resolver.js +213 -0
package/dist/index.d.ts +4 -0
package/dist/index.js +38 -0
package/dist/judge-registry.d.ts +156 -0
package/dist/judge-registry.js +272 -0
package/dist/judges/accessibility.d.ts +2 -0
package/dist/judges/accessibility.js +46 -0
package/dist/judges/agent-instructions.d.ts +2 -0
package/dist/judges/agent-instructions.js +46 -0
package/dist/judges/ai-code-safety.d.ts +2 -0
package/dist/judges/ai-code-safety.js +57 -0
package/dist/judges/api-contract.d.ts +2 -0
package/dist/judges/api-contract.js +40 -0
package/dist/judges/api-design.d.ts +2 -0
package/dist/judges/api-design.js +57 -0
package/dist/judges/authentication.d.ts +2 -0
package/dist/judges/authentication.js +63 -0
package/dist/judges/backwards-compatibility.d.ts +2 -0
package/dist/judges/backwards-compatibility.js +46 -0
package/dist/judges/caching.d.ts +2 -0
package/dist/judges/caching.js +46 -0
package/dist/judges/ci-cd.d.ts +2 -0
package/dist/judges/ci-cd.js +46 -0
package/dist/judges/cloud-readiness.d.ts +2 -0
package/dist/judges/cloud-readiness.js +53 -0
package/dist/judges/code-structure.d.ts +2 -0
package/dist/judges/code-structure.js +50 -0
package/dist/judges/compliance.d.ts +2 -0
package/dist/judges/compliance.js +49 -0
package/dist/judges/concurrency.d.ts +2 -0
package/dist/judges/concurrency.js +48 -0
package/dist/judges/configuration-management.d.ts +2 -0
package/dist/judges/configuration-management.js +46 -0
package/dist/judges/cost-effectiveness.d.ts +2 -0
package/dist/judges/cost-effectiveness.js +42 -0
package/dist/judges/cybersecurity.d.ts +2 -0
package/dist/judges/cybersecurity.js +63 -0
package/dist/judges/data-security.d.ts +2 -0
package/dist/judges/data-security.js +50 -0
package/dist/judges/data-sovereignty.d.ts +2 -0
package/dist/judges/data-sovereignty.js +60 -0
package/dist/judges/database.d.ts +2 -0
package/dist/judges/database.js +51 -0
package/dist/judges/dependency-health.d.ts +2 -0
package/dist/judges/dependency-health.js +48 -0
package/dist/judges/documentation.d.ts +2 -0
package/dist/judges/documentation.js +55 -0
package/dist/judges/error-handling.d.ts +2 -0
package/dist/judges/error-handling.js +55 -0
package/dist/judges/ethics-bias.d.ts +2 -0
package/dist/judges/ethics-bias.js +48 -0
package/dist/judges/false-positive-review.d.ts +2 -0
package/dist/judges/false-positive-review.js +85 -0
package/dist/judges/framework-safety.d.ts +2 -0
package/dist/judges/framework-safety.js +49 -0
package/dist/judges/hallucination-detection.d.ts +2 -0
package/dist/judges/hallucination-detection.js +48 -0
package/dist/judges/iac-security.d.ts +2 -0
package/dist/judges/iac-security.js +47 -0
package/dist/judges/index.d.ts +88 -0
package/dist/judges/index.js +128 -0
package/dist/judges/intent-alignment.d.ts +2 -0
package/dist/judges/intent-alignment.js +46 -0
package/dist/judges/internationalization.d.ts +2 -0
package/dist/judges/internationalization.js +44 -0
package/dist/judges/logging-privacy.d.ts +2 -0
package/dist/judges/logging-privacy.js +46 -0
package/dist/judges/logic-review.d.ts +2 -0
package/dist/judges/logic-review.js +36 -0
package/dist/judges/maintainability.d.ts +2 -0
package/dist/judges/maintainability.js +46 -0
package/dist/judges/model-fingerprint.d.ts +2 -0
package/dist/judges/model-fingerprint.js +35 -0
package/dist/judges/multi-turn-coherence.d.ts +2 -0
package/dist/judges/multi-turn-coherence.js +39 -0
package/dist/judges/observability.d.ts +2 -0
package/dist/judges/observability.js +54 -0
package/dist/judges/over-engineering.d.ts +2 -0
package/dist/judges/over-engineering.js +50 -0
package/dist/judges/performance.d.ts +2 -0
package/dist/judges/performance.js +46 -0
package/dist/judges/portability.d.ts +2 -0
package/dist/judges/portability.js +46 -0
package/dist/judges/rate-limiting.d.ts +2 -0
package/dist/judges/rate-limiting.js +55 -0
package/dist/judges/reliability.d.ts +2 -0
package/dist/judges/reliability.js +57 -0
package/dist/judges/scalability.d.ts +2 -0
package/dist/judges/scalability.js +52 -0
package/dist/judges/security.d.ts +2 -0
package/dist/judges/security.js +64 -0
package/dist/judges/software-practices.d.ts +2 -0
package/dist/judges/software-practices.js +56 -0
package/dist/judges/testing.d.ts +2 -0
package/dist/judges/testing.js +54 -0
package/dist/judges/ux.d.ts +2 -0
package/dist/judges/ux.js +46 -0
package/dist/language-patterns.d.ts +653 -0
package/dist/language-patterns.js +851 -0
package/dist/parallel.d.ts +52 -0
package/dist/parallel.js +157 -0
package/dist/patches/apply.d.ts +15 -0
package/dist/patches/apply.js +37 -0
package/dist/patches/index.d.ts +9 -0
package/dist/patches/index.js +2544 -0
package/dist/plugins.d.ts +59 -0
package/dist/plugins.js +76 -0
package/dist/presets.d.ts +35 -0
package/dist/presets.js +406 -0
package/dist/probabilistic/llm-response-validator.d.ts +26 -0
package/dist/probabilistic/llm-response-validator.js +122 -0
package/dist/reports/public-repo-report.d.ts +42 -0
package/dist/reports/public-repo-report.js +579 -0
package/dist/review-conversation.d.ts +87 -0
package/dist/review-conversation.js +307 -0
package/dist/sast-integration.d.ts +112 -0
package/dist/sast-integration.js +215 -0
package/dist/scoring.d.ts +36 -0
package/dist/scoring.js +437 -0
package/dist/security-ids.d.ts +23 -0
package/dist/security-ids.js +239 -0
package/dist/skill-loader.d.ts +33 -0
package/dist/skill-loader.js +167 -0
package/dist/tools/command-safety.d.ts +13 -0
package/dist/tools/command-safety.js +95 -0
package/dist/tools/deep-review.d.ts +38 -0
package/dist/tools/deep-review.js +302 -0
package/dist/tools/prompts.d.ts +27 -0
package/dist/tools/prompts.js +122 -0
package/dist/tools/register-evaluation.d.ts +6 -0
package/dist/tools/register-evaluation.js +587 -0
package/dist/tools/register-fix.d.ts +5 -0
package/dist/tools/register-fix.js +175 -0
package/dist/tools/register-resources.d.ts +6 -0
package/dist/tools/register-resources.js +177 -0
package/dist/tools/register-review.d.ts +6 -0
package/dist/tools/register-review.js +564 -0
package/dist/tools/register-scaffold.d.ts +2 -0
package/dist/tools/register-scaffold.js +398 -0
package/dist/tools/register-workflow.d.ts +6 -0
package/dist/tools/register-workflow.js +1037 -0
package/dist/tools/register-workspace.d.ts +2 -0
package/dist/tools/register-workspace.js +214 -0
package/dist/tools/register.d.ts +6 -0
package/dist/tools/register.js +21 -0
package/dist/tools/schemas.d.ts +25 -0
package/dist/tools/schemas.js +41 -0
package/dist/tools/validation.d.ts +13 -0
package/dist/tools/validation.js +77 -0
package/dist/types.d.ts +898 -0
package/dist/types.js +1 -0
package/package.json +54 -0
package/skills/ai-code-review.skill.md +57 -0
package/skills/release-gate.skill.md +27 -0
package/skills/security-review.skill.md +32 -0

package/dist/evaluators/app-builder.js ADDED Viewed

@@ -0,0 +1,155 @@
+/**
+ * App Builder Workflow
+ *
+ * Extracted from the evaluators monolith. Provides a high-level, opinionated
+ * workflow that chains tribunal review → plain-language translation → task planning
+ * for use by AI-powered code review agents and CI/CD pipelines.
+ */
+import { severityRank } from "../dedup.js";
+// ─── Internal Helpers ────────────────────────────────────────────────────────
+function dedupeFindings(findings) {
+    const seen = new Set();
+    const result = [];
+    for (const finding of findings) {
+        const key = `${finding.ruleId}|${finding.title}|${finding.severity}`;
+        if (seen.has(key))
+            continue;
+        seen.add(key);
+        result.push(finding);
+    }
+    return result;
+}
+function decideRelease(criticalCount, highCount, score) {
+    if (criticalCount > 0 || score < 60)
+        return "do-not-ship";
+    if (highCount > 0 || score < 80)
+        return "ship-with-caution";
+    return "ship-now";
+}
+function toPlainLanguageFinding(finding) {
+    const severityImpact = {
+        critical: "This can directly cause security incidents, outages, or serious compliance exposure.",
+        high: "This is likely to impact users or operations if left unresolved.",
+        medium: "This can create reliability, maintainability, or quality issues over time.",
+        low: "This is a quality improvement that reduces friction and future rework.",
+        info: "This is guidance to strengthen consistency and engineering hygiene.",
+    };
+    return {
+        ruleId: finding.ruleId,
+        severity: finding.severity,
+        title: finding.title,
+        whatIsWrong: `${finding.title}: ${finding.description}`,
+        whyItMatters: severityImpact[finding.severity],
+        nextAction: finding.recommendation,
+    };
+}
+function pickOwner(finding) {
+    if (/^(UX|A11Y|I18N|ETHICS|COMPAT)-/.test(finding.ruleId))
+        return "product";
+    if (/^(DOC|TEST|MAINT|ERR|CFG)-/.test(finding.ruleId))
+        return "ai";
+    return "developer";
+}
+function pickPriority(severity) {
+    if (severity === "critical")
+        return "P0";
+    if (severity === "high")
+        return "P1";
+    return "P2";
+}
+function pickEffort(finding) {
+    if (finding.severity === "critical")
+        return "L";
+    if (finding.severity === "high")
+        return "M";
+    return finding.lineNumbers && finding.lineNumbers.length > 3 ? "M" : "S";
+}
+function toWorkflowTask(finding) {
+    const owner = pickOwner(finding);
+    const priority = pickPriority(finding.severity);
+    const effort = pickEffort(finding);
+    const aiFixable = owner !== "product";
+    return {
+        priority,
+        owner,
+        effort,
+        ruleId: finding.ruleId,
+        task: `${finding.title} — ${finding.recommendation}`,
+        doneWhen: `A follow-up review no longer reports ${finding.ruleId} and related tests/checks pass.`,
+        aiFixable,
+    };
+}
+// ─── Public API ──────────────────────────────────────────────────────────────
+export function runAppBuilderWorkflow(engine, params) {
+    const maxFindings = Math.max(1, params.maxFindings ?? 10);
+    const maxTasks = Math.max(1, params.maxTasks ?? 20);
+    let mode;
+    let verdict;
+    let score;
+    let findings;
+    if (params.files && params.files.length > 0) {
+        mode = "project";
+        const result = engine.evaluateProject(params.files, params.context, {
+            includeAstFindings: params.includeAstFindings,
+            minConfidence: params.minConfidence,
+        });
+        verdict = result.overallVerdict;
+        score = result.overallScore;
+        findings = [...result.fileResults.flatMap((fr) => fr.findings), ...result.architecturalFindings];
+    }
+    else if (params.changedLines && params.changedLines.length > 0) {
+        if (!params.code || !params.language) {
+            throw new Error("changedLines mode requires both code and language inputs");
+        }
+        mode = "diff";
+        const result = engine.evaluateDiff(params.code, params.language, params.changedLines, params.context, {
+            includeAstFindings: params.includeAstFindings,
+            minConfidence: params.minConfidence,
+        });
+        verdict = result.verdict;
+        score = result.score;
+        findings = result.findings;
+    }
+    else {
+        if (!params.code || !params.language) {
+            throw new Error("code mode requires both code and language, or provide files for project mode");
+        }
+        mode = "code";
+        const result = engine.evaluateWithTribunal(params.code, params.language, params.context, {
+            includeAstFindings: params.includeAstFindings,
+            minConfidence: params.minConfidence,
+        });
+        verdict = result.overallVerdict;
+        score = result.overallScore;
+        findings = result.findings;
+    }
+    const dedupedFindings = dedupeFindings(findings).sort((a, b) => severityRank(b.severity) - severityRank(a.severity));
+    const criticalCount = dedupedFindings.filter((finding) => finding.severity === "critical").length;
+    const highCount = dedupedFindings.filter((finding) => finding.severity === "high").length;
+    const mediumCount = dedupedFindings.filter((finding) => finding.severity === "medium").length;
+    const releaseDecision = decideRelease(criticalCount, highCount, score);
+    const topFindings = dedupedFindings
+        .filter((finding) => ["critical", "high", "medium"].includes(finding.severity))
+        .slice(0, maxFindings);
+    const plainLanguageFindings = topFindings.map(toPlainLanguageFinding);
+    const tasks = dedupedFindings.slice(0, maxTasks).map(toWorkflowTask);
+    const aiFixableNow = tasks.filter((task) => task.aiFixable && (task.priority === "P0" || task.priority === "P1"));
+    const summary = releaseDecision === "do-not-ship"
+        ? "Do not ship yet. Resolve critical risks before release."
+        : releaseDecision === "ship-with-caution"
+            ? "Ship with caution. Address high-priority gaps and monitor closely."
+            : "Ship now. No blocking risks were detected in this review pass.";
+    return {
+        mode,
+        verdict,
+        score,
+        criticalCount,
+        highCount,
+        mediumCount,
+        releaseDecision,
+        summary,
+        plainLanguageFindings,
+        tasks,
+        aiFixableNow,
+    };
+}

package/dist/evaluators/authentication.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import type { Finding, AnalyzeContext } from "../types.js";
2	+ export declare function analyzeAuthentication(code: string, language: string, context?: AnalyzeContext): Finding[];

package/dist/evaluators/authentication.js ADDED Viewed

@@ -0,0 +1,455 @@
+import { getLineNumbers, getLangLineNumbers, getLangFamily, looksLikeRealCredentialValue, isCommentLine, testCode, isLikelyAnalysisCode as isAnalysisModule, } from "./shared.js";
+import * as LP from "../language-patterns.js";
+function getHardcodedCredentialLinesWithoutPlaceholders(code) {
+    const lines = code.split("\n");
+    const flaggedLines = [];
+    const assignmentPattern = /\b(password|passwd|pwd|secret|api_?key|apikey|token|auth_?token)\b\s*[:=]\s*["'`]([^"'`]{3,})["'`]/gi;
+    // Also match compound identifiers like DB_PASSWORD, ADMIN_SECRET, MY_API_KEY
+    const compoundAssignmentPattern = /\b\w+[_-](password|passwd|pwd|secret|api_?key|apikey|token|auth_?token)\b\s*[:=]\s*["'`]([^"'`]{3,})["'`]/gi;
+    // Also match camelCase identifiers like dockerPassword, awsSecretAccessKey
+    const camelCaseAssignmentPattern = /\b(\w+(?:Password|Passwd|Pwd|Secret|SecretKey|AccessKey|ApiKey|APIKey|Token|AuthToken))\s*[:=]\s*["'`]([^"'`]{3,})["'`]/gi;
+    const nonProductionContextPattern = /\b(?:test|tests|mock|mocks|fixture|fixtures|harness|e2e|example|sample|dummy)\b/i;
+    const productionContextPattern = /\b(?:prod|production|release|deploy|deployment)\b/i;
+    const isLikelyTestModule = /\b(?:describe|it|test)\s*\(/i.test(code);
+    if (isLikelyTestModule && !productionContextPattern.test(code)) {
+        return [];
+    }
+    for (let index = 0; index < lines.length; index += 1) {
+        const line = lines[index];
+        if (isCommentLine(line))
+            continue;
+        // Skip lines where credential keywords appear inside regex literals or test/match calls
+        if (/\/[^/\n]+\/[gimsuy]*/.test(line) && /\.test\s*\(|\.match\s*\(|new\s+RegExp/i.test(line))
+            continue;
+        const matches = [
+            ...line.matchAll(assignmentPattern),
+            ...line.matchAll(compoundAssignmentPattern),
+            ...line.matchAll(camelCaseAssignmentPattern),
+        ];
+        if (matches.length === 0)
+            continue;
+        const contextStart = Math.max(0, index - 2);
+        const contextEnd = Math.min(lines.length, index + 3);
+        const context = lines.slice(contextStart, contextEnd).join("\n");
+        // Strip URLs and domain names before checking non-production context
+        // to avoid false suppression from domains like "api.example.com"
+        const contextWithoutUrls = context
+            .replace(/https?:\/\/[^\s"'`]+/gi, "")
+            .replace(/[a-z0-9-]+\.(?:example|test|localhost)\.[a-z]{2,}/gi, "");
+        const isLikelyNonProductionContext = nonProductionContextPattern.test(contextWithoutUrls) && !productionContextPattern.test(contextWithoutUrls);
+        const hasRealCredential = matches.some((match) => {
+            const value = match[2] ?? "";
+            return looksLikeRealCredentialValue(value);
+        });
+        if (hasRealCredential && !isLikelyNonProductionContext) {
+            flaggedLines.push(index + 1);
+        }
+    }
+    return flaggedLines;
+}
+function getWeakCredentialHashLines(code) {
+    const lines = code.split("\n");
+    const weakHashPattern = /createHash\s*\(\s*["'`](?:md5|sha1|sha256)["'`]\)|(?:\bmd5\b|\bsha1\b)\s*\(/gi;
+    const authContextPattern = /password|passwd|pwd|credential|login|signin|signup|auth|token|session|user/i;
+    const flagged = [];
+    for (let index = 0; index < lines.length; index += 1) {
+        weakHashPattern.lastIndex = 0;
+        if (!weakHashPattern.test(lines[index])) {
+            continue;
+        }
+        const start = Math.max(0, index - 4);
+        const end = Math.min(lines.length - 1, index + 4);
+        const context = lines.slice(start, end + 1).join("\n");
+        if (authContextPattern.test(context)) {
+            flagged.push(index + 1);
+        }
+    }
+    return flagged;
+}
+export function analyzeAuthentication(code, language, context) {
+    const findings = [];
+    let ruleNum = 1;
+    const prefix = "AUTH";
+    const _lang = getLangFamily(language);
+    // Analysis code references password/credential keywords in regex patterns
+    // for detection purposes — these are not actual authentication flows.
+    if (isAnalysisModule(code))
+        return findings;
+    const lines = code.split("\n");
+    // ── AST context (optional — enables decorator and import awareness) ───────
+    const ast = context?.ast;
+    const astImports = new Set((ast?.imports ?? []).map((i) => {
+        const parts = i.split("/");
+        return (i.startsWith("@") ? parts.slice(0, 2).join("/") : parts[0]).toLowerCase();
+    }));
+    const astFunctions = ast?.functions ?? [];
+    // Detect auth-related decorators across all functions
+    const hasAuthDecorator = astFunctions.some((f) => f.decorators?.some((d) => /login_required|requires_auth|Authorize|PreAuthorize|Secured|RequiresAuthentication|authenticate|protected/i.test(d)));
+    // Detect auth library imports via AST
+    const hasAuthImport = astImports.has("passport") ||
+        astImports.has("jsonwebtoken") ||
+        astImports.has("jose") ||
+        astImports.has("bcrypt") ||
+        astImports.has("argon2") ||
+        astImports.has("passport-jwt") ||
+        astImports.has("express-jwt") ||
+        astImports.has("next-auth") ||
+        astImports.has("@auth0/nextjs-auth0");
+    // Hardcoded credentials
+    const credentialLines = getHardcodedCredentialLinesWithoutPlaceholders(code);
+    // Also detect PHP define() with credential constants
+    const defineCredLines = [];
+    const envCredLines = [];
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        if (isCommentLine(line))
+            continue;
+        // PHP define('DB_PASSWORD', 'value') or define('SECRET_KEY', 'value')
+        const defineMatch = line.match(/\bdefine\s*\(\s*['"]([^'"]*(?:password|passwd|pwd|secret|api_?key|apikey|token|auth_?token|db_pass)[^'"]*)['"],\s*['"]([^'"]{3,})['"]/i);
+        if (defineMatch) {
+            const val = defineMatch[2];
+            if (looksLikeRealCredentialValue(val)) {
+                defineCredLines.push(i + 1);
+            }
+        }
+        // Dockerfile ENV with secret values: ENV SECRET_KEY=value or ENV SECRET_KEY value
+        if (/^\s*ENV\s+\w*(?:password|passwd|pwd|secret|api_?key|token|auth_?token|db_pass)\w*[\s=]+/i.test(line)) {
+            // Exclude variable references like ${VAR} or $VAR
+            if (!/\$\{?\w+\}?/.test(line)) {
+                envCredLines.push(i + 1);
+            }
+        }
+    }
+    const allCredLines = [...new Set([...credentialLines, ...defineCredLines, ...envCredLines])].sort((a, b) => a - b);
+    if (allCredLines.length > 0) {
+        findings.push({
+            ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
+            severity: "critical",
+            title: "Hardcoded credentials in source code",
+            description: `Found ${allCredLines.length} instance(s) of what appears to be hardcoded credentials. Credentials in source code are exposed in version control and cannot be rotated without redeployment.`,
+            lineNumbers: allCredLines,
+            recommendation: "Use environment variables or a secrets manager (Azure Key Vault, AWS Secrets Manager, HashiCorp Vault). Never commit credentials to version control.",
+            reference: "OWASP: Credential Management / CWE-798",
+            suggestedFix: "Replace hardcoded credentials with environment variables: process.env.SECRET_NAME (Node.js), os.environ['SECRET_NAME'] (Python), or inject from a secrets manager.",
+            confidence: 0.9,
+        });
+    }
+    // No auth middleware on routes (multi-language)
+    const routeLines = getLangLineNumbers(code, language, LP.HTTP_ROUTE);
+    // Filter out route-pattern references inside regex/test calls (analysis code, not real routes)
+    const actualRouteLines = routeLines.filter((ln) => {
+        const line = lines[ln - 1] || "";
+        // Skip lines where route patterns appear inside regex literals or match/test calls
+        if (/\/[^/\n]+\/[gimsuy]*/.test(line) && /\.test\s*\(|\.match\s*\(|new\s+RegExp/i.test(line))
+            return false;
+        // Skip lines that are string literal patterns for code analysis (e.g. pattern maps)
+        if (/^\s*["'`].*["'`]\s*[:,]?\s*$/.test(line) && /app\\?\.(?:get|post|put|delete)/i.test(line))
+            return false;
+        return true;
+    });
+    const hasRoutes = actualRouteLines.length > 0;
+    const hasAuthMiddleware = /(?:authenticate|authorize|requireAuth|ensureAuth|isAuthenticated|verifyToken|passport\.authenticate|jwt\.verify|jwt\.decode|jwt\.Parse|jwt\.ParseWithClaims|OAuth2PasswordBearer|DecodingKey|\[Authorize|authMiddleware|auth_middleware|verify_token|check_auth|get_current_user|getCurrentUser|auth\(\)|protect|guard|requireLogin|@login_required|@requires_auth|@Authorize|@PreAuthorize|@Secured)/gi.test(code);
+    // Suppress when endpoints are explicitly marked as public/anonymous or are standard health-check routes
+    const hasPublicEndpointMarker = /(?:public|noAuth|anonymous|unauthenticated|AllowAnonymous|@PermitAll|permitAll|open.?api|isPublic|skipAuth|no.?auth.?required)/i.test(code);
+    const isHealthCheckOnly = actualRouteLines.length > 0 &&
+        actualRouteLines.every((ln) => {
+            const line = lines[ln - 1] || "";
+            return /['"/](?:health|status|metrics|ready|live|liveness|readiness|ping|version|favicon|\.well-known)/i.test(line);
+        });
+    // Suppress when the file is primarily code-analysis / evaluator logic (many regex .test() calls)
+    const regexTestCallCount = (code.match(/\.test\s*\(/g) || []).length;
+    const isLikelyAnalysisCode = regexTestCallCount >= 8;
+    if (hasRoutes &&
+        !hasAuthMiddleware &&
+        !hasPublicEndpointMarker &&
+        !isHealthCheckOnly &&
+        !isLikelyAnalysisCode &&
+        !hasAuthDecorator &&
+        !hasAuthImport &&
+        code.split("\n").length > 20) {
+        findings.push({
+            ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
+            severity: "high",
+            title: "API routes without authentication middleware",
+            description: "API endpoints are defined without any visible authentication middleware. Any client can access these endpoints without proving their identity.",
+            recommendation: "Apply authentication middleware to routes that require it. Use framework-specific auth guards: Express middleware, Python decorators (@login_required), Java annotations (@PreAuthorize), or Go middleware.",
+            reference: "OWASP API Security Top 10: API2 — Broken Authentication",
+            suggestedFix: "Add auth middleware: app.use(authenticateJWT) (Express), @login_required (Django/Flask), @PreAuthorize (Spring), or middleware.Auth(handler) (Go).",
+            confidence: 0.7,
+            isAbsenceBased: true,
+        });
+    }
+    // Token in query parameters
+    const tokenQueryPattern = /req\.query\.(?:token|api_?key|auth|secret|password|access_token)/gi;
+    const tokenQueryLines = getLineNumbers(code, tokenQueryPattern);
+    if (tokenQueryLines.length > 0) {
+        findings.push({
+            ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
+            severity: "high",
+            title: "Sensitive tokens passed in query parameters",
+            description: "Authentication tokens or API keys are read from query parameters. Query params appear in server logs, browser history, referrer headers, and proxy logs.",
+            lineNumbers: tokenQueryLines,
+            recommendation: "Pass tokens in the Authorization header (Bearer scheme) or in httpOnly cookies. Never use query parameters for sensitive credentials.",
+            reference: "OWASP: Transport Layer Security / RFC 6750",
+            suggestedFix: "Read tokens from the Authorization header instead: const token = req.headers.authorization?.replace('Bearer ', '');",
+            confidence: 0.9,
+        });
+    }
+    // Weak password hashing (multi-language)
+    const weakHashByLang = getLangLineNumbers(code, language, LP.WEAK_HASH);
+    const weakHashLines = weakHashByLang.length > 0 ? weakHashByLang : getWeakCredentialHashLines(code);
+    if (weakHashLines.length > 0) {
+        // AST: lower confidence when a strong hashing library is imported — the weak
+        // hash may be used for non-credential purposes (checksums, cache keys, etc.)
+        const hasStrongHashImport = astImports.has("bcrypt") || astImports.has("argon2") || astImports.has("scrypt");
+        findings.push({
+            ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
+            severity: "critical",
+            title: "Weak hashing algorithm for credentials",
+            description: "MD5, SHA1, or SHA256 are fast hash algorithms unsuitable for password storage. They can be brute-forced at billions of hashes per second.",
+            lineNumbers: weakHashLines,
+            recommendation: "Use bcrypt, scrypt, or Argon2 for password hashing. These algorithms are intentionally slow and include salt by default.",
+            reference: "OWASP Password Storage Cheat Sheet / NIST 800-63b",
+            suggestedFix: "Replace with bcrypt/argon2: bcrypt.hash(password, 12) (JS), bcrypt.hashpw(password, bcrypt.gensalt()) (Python), Argon2::default().hash_password() (Rust), BCrypt.HashPassword() (C#).",
+            confidence: hasStrongHashImport ? 0.7 : 0.9,
+        });
+    }
+    // No RBAC / authorization checks
+    const hasRoleCheck = testCode(code, /role|permission|isAdmin|isOwner|canAccess|authorize|requiredRole|hasPermission|checkPermission/gi);
+    if (hasRoutes && !hasRoleCheck && code.split("\n").length > 40) {
+        findings.push({
+            ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
+            severity: "medium",
+            title: "No authorization / role-based access control detected",
+            description: "No role or permission checks found. Without authorization, any authenticated user could access any resource, including admin functions.",
+            recommendation: "Implement role-based access control (RBAC) or attribute-based access control (ABAC). Check permissions at each endpoint or resource access.",
+            reference: "OWASP API Security Top 10: API5 — Broken Function Level Authorization",
+            suggestedFix: "Add role-based middleware: const requireRole = (role) => (req, res, next) => { if (req.user.role !== role) return res.status(403).json({ error: 'Forbidden' }); next(); };",
+            confidence: 0.7,
+            isAbsenceBased: true,
+        });
+    }
+    // JWT without verification
+    // This is absence-based in single-file mode: verification middleware often
+    // lives in a separate file from the login/sign endpoint.
+    const hasJwt = testCode(code, /jwt|jsonwebtoken|jose/gi);
+    const hasJwtVerify = testCode(code, /jwt\.verify|jwtVerify|verifyToken|jose\.jwtVerify/gi);
+    const hasJwtSign = testCode(code, /jwt\.sign|jwtSign|signToken/gi);
+    if (hasJwt && hasJwtSign && !hasJwtVerify) {
+        findings.push({
+            ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
+            severity: "high",
+            title: "No JWT verification detected alongside signing",
+            description: "JWT tokens are being created but no verification logic is visible in this file. Verification middleware may exist in another module; in project mode this finding is automatically resolved.",
+            recommendation: "Ensure JWT tokens are verified on every request: check signature, expiration (exp), issuer (iss), and audience (aud).",
+            reference: "RFC 7519: JWT / OWASP JWT Cheat Sheet",
+            suggestedFix: "Add JWT verification: const payload = jwt.verify(token, process.env.JWT_SECRET, { algorithms: ['HS256'], issuer: 'myapp', audience: 'myapp' });",
+            confidence: 0.55,
+            isAbsenceBased: true,
+            provenance: "absence-of-pattern",
+        });
+    }
+    // JWT decode used for auth decisions without signature verification
+    const hasJwtDecode = testCode(code, /jwt\.decode|jwtDecode|jose\.decodeJwt/gi);
+    const jwtDecodeLines = getLineNumbers(code, /jwt\.decode\s*\(|jwtDecode\s*\(|jose\.decodeJwt\s*\(/gi);
+    // Python PyJWT: jwt.decode(token, key, algorithms=[...]) DOES verify the signature
+    const hasPyJwtVerify = /jwt\.decode\s*\([^)]*,\s*\w+[^)]*algorithms/i.test(code);
+    if (hasJwtDecode && !hasJwtVerify && !hasPyJwtVerify) {
+        findings.push({
+            ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
+            severity: "critical",
+            title: "JWT decoded without signature verification",
+            description: "JWT tokens are decoded (jwt.decode) but never verified (jwt.verify). jwt.decode does NOT validate the signature — any attacker can forge tokens with arbitrary claims. This is the 'none algorithm' vulnerability.",
+            lineNumbers: jwtDecodeLines,
+            recommendation: "Always use jwt.verify() with a secret/key and explicit algorithm restriction. Never use jwt.decode() for authorization decisions.",
+            reference: "CWE-347: Improper Verification of Cryptographic Signature / OWASP JWT Cheat Sheet",
+            suggestedFix: "Replace jwt.decode(token) with jwt.verify(token, secret, { algorithms: ['HS256'] }). Never trust decoded JWT claims without verifying the signature.",
+            confidence: 0.95,
+        });
+    }
+    // JWT 'none' algorithm — accepting unsigned tokens
+    {
+        const jwtNoneLines = [];
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            // algorithms: ['none'] or ['HS256','none'] or algorithm: 'none'
+            if (/algorithm[s]?\s*[:=].*['"]none['"]/i.test(line)) {
+                jwtNoneLines.push(i + 1);
+            }
+            // Explicitly passing empty string as secret with jwt.sign/verify
+            if (/jwt\.(?:sign|verify)\s*\([^,]+,\s*['"](?:['"]|\s*$)/i.test(line)) {
+                jwtNoneLines.push(i + 1);
+            }
+        }
+        if (jwtNoneLines.length > 0) {
+            findings.push({
+                ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
+                severity: "critical",
+                title: "JWT 'none' algorithm accepted — unsigned tokens",
+                description: "The JWT configuration accepts the 'none' algorithm, allowing attackers to forge tokens without any cryptographic signature. This completely bypasses authentication.",
+                lineNumbers: jwtNoneLines,
+                recommendation: "Never accept the 'none' algorithm. Explicitly whitelist strong algorithms: { algorithms: ['HS256'] } or { algorithms: ['RS256'] }.",
+                reference: "CWE-327: Use of a Broken Crypto Algorithm / JWT 'none' Attack",
+                suggestedFix: "Restrict algorithms: jwt.verify(token, secret, { algorithms: ['HS256'] }); — remove 'none' from any algorithm list.",
+                confidence: 0.95,
+            });
+        }
+    }
+    // Timing-unsafe comparison of secrets/tokens/signatures
+    const timingLines = [];
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        // Detect === or == comparison of variables named secret/token/signature/hash/hmac/expected/digest
+        if (/(?:secret|token|signature|hash|hmac|expected|digest|apiKey|api_key)\s*===?\s*\w|(?:\w)\s*===?\s*(?:secret|token|signature|hash|hmac|expected|digest|apiKey|api_key)/i.test(line)) {
+            // Make sure it's actually a comparison, not assignment
+            if (/===|==[^=]/.test(line)) {
+                timingLines.push(i + 1);
+            }
+        }
+    }
+    const hasTimingSafe = testCode(code, /timingSafeEqual|constantTimeCompare|constant_time_compare|secure_compare|MessageDigest\.isEqual|hmac\.Equal|subtle\.ConstantTimeCompare/gi);
+    if (timingLines.length > 0 && !hasTimingSafe) {
+        findings.push({
+            ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
+            severity: "high",
+            title: "Timing-unsafe comparison of secrets or signatures",
+            description: "Secrets, tokens, or cryptographic signatures are compared using === or == instead of a constant-time comparison function. An attacker can measure response times to deduce the expected value byte-by-byte.",
+            lineNumbers: timingLines,
+            recommendation: "Use crypto.timingSafeEqual() (Node.js), hmac.compare_digest() (Python), MessageDigest.isEqual() (Java), subtle.ConstantTimeCompare() (Go), or equivalent constant-time comparison.",
+            reference: "CWE-208: Observable Timing Discrepancy",
+            suggestedFix: "Replace `if (a === b)` with `if (crypto.timingSafeEqual(Buffer.from(a), Buffer.from(b)))` to prevent timing attacks.",
+            confidence: 0.85,
+        });
+    }
+    // Disabled TLS / certificate validation (multi-language)
+    const tlsLines = getLangLineNumbers(code, language, LP.TLS_DISABLED);
+    if (tlsLines.length > 0) {
+        findings.push({
+            ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
+            severity: "critical",
+            title: "TLS certificate validation disabled",
+            description: "TLS certificate verification is disabled, allowing man-in-the-middle attacks. Authentication credentials sent over this connection can be intercepted.",
+            lineNumbers: tlsLines,
+            recommendation: "Never disable TLS verification in production. Fix certificate issues properly. Use CA bundles for self-signed certs in development only.",
+            reference: "CWE-295: Improper Certificate Validation",
+            suggestedFix: "Remove TLS bypass: delete rejectUnauthorized:false (JS), verify=False (Python), InsecureSkipVerify:true (Go), danger_accept_invalid_certs(true) (Rust), TrustAllCerts (Java).",
+            confidence: 0.9,
+        });
+    }
+    // No session expiration / no token expiry
+    const hasSession = testCode(code, /session|express-session|cookie-session|SessionMiddleware/gi);
+    const hasExpiry = testCode(code, /maxAge|expires|expiresIn|exp:|ttl|timeout.*session|cookie.*max/gi);
+    if (hasSession && !hasExpiry) {
+        findings.push({
+            ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
+            severity: "high",
+            title: "Sessions without expiration configured",
+            description: "Session middleware is used without visible expiration settings. Sessions that never expire allow stolen session tokens to be used indefinitely.",
+            recommendation: "Set session maxAge (e.g., 30 minutes for sensitive apps). Implement idle timeout. Invalidate sessions on password change or logout.",
+            reference: "OWASP Session Management Cheat Sheet",
+            suggestedFix: "Set session expiry: app.use(session({ cookie: { maxAge: 30 * 60 * 1000 }, rolling: true })); and invalidate sessions on password change.",
+            confidence: 0.7,
+            isAbsenceBased: true,
+        });
+    }
+    // Weak password policy — no complexity enforcement
+    const hasUserRegistration = testCode(code, /register|signup|sign.?up|createUser|create.*user|new.*user/gi);
+    const hasPasswordPolicy = /minLength|minimum.*length|password.*length|complexity|strongPassword|zxcvbn|password.*policy|password.*require/gi.test(code);
+    if (hasUserRegistration && !hasPasswordPolicy) {
+        findings.push({
+            ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
+            severity: "medium",
+            title: "No password complexity enforcement",
+            description: "User registration logic without visible password policy. Users can set weak passwords like '123456' or 'password', which are trivially guessable.",
+            recommendation: "Enforce minimum password length (12+ chars), check against known breached passwords (HaveIBeenPwned API), and use a strength estimator like zxcvbn.",
+            reference: "NIST 800-63b / OWASP Password Guidelines",
+            suggestedFix: "Enforce password policy: if (password.length < 12) throw new Error('Min 12 chars'); and check against breached passwords via the HaveIBeenPwned API.",
+            confidence: 0.7,
+            isAbsenceBased: true,
+        });
+    }
+    // No account lockout after failed attempts
+    const hasLogin = testCode(code, /login|signin|sign.?in|authenticate|verifyPassword|checkPassword/gi);
+    const hasLockout = testCode(code, /lockout|lock.*out|attempt|maxAttempt|failedAttempt|rateLimitLogin|brute.?force|account.*lock/gi);
+    if (hasLogin && !hasLockout) {
+        findings.push({
+            ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
+            severity: "medium",
+            title: "No account lockout after failed login attempts",
+            description: "Login logic without account lockout or rate limiting. Attackers can brute-force passwords by trying unlimited login attempts.",
+            recommendation: "Implement progressive delays or temporary lockout after 5-10 failed attempts. Use rate limiting on login endpoints. Consider CAPTCHA for repeated failures.",
+            reference: "OWASP Brute Force Prevention / CWE-307",
+            suggestedFix: "Add rate limiting and lockout: after 5 failed attempts, lock the account for 15 minutes. Use express-rate-limit on the login endpoint.",
+            confidence: 0.7,
+            isAbsenceBased: true,
+        });
+    }
+    // Cookie without Secure and HttpOnly flags
+    const cookiePattern = /(?:cookie|Cookie|set-cookie|setCookie|res\.cookie)\s*\(/gi;
+    const cookieLines = getLineNumbers(code, cookiePattern);
+    const hasSecureFlags = testCode(code, /secure\s*:\s*true|httpOnly\s*:\s*true|HttpOnly|Secure/g);
+    if (cookieLines.length > 0 && !hasSecureFlags) {
+        findings.push({
+            ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
+            severity: "high",
+            title: "Cookies set without Secure/HttpOnly flags",
+            description: "Cookies are set without Secure (HTTPS-only) or HttpOnly (no JS access) flags. This exposes cookies to interception and XSS-based theft.",
+            lineNumbers: cookieLines,
+            recommendation: "Set cookies with { secure: true, httpOnly: true, sameSite: 'strict' }. Use Secure for all auth cookies. HttpOnly prevents JavaScript access.",
+            reference: "OWASP Secure Cookie Best Practices / CWE-614",
+            suggestedFix: "Add security flags: res.cookie('session', token, { httpOnly: true, secure: true, sameSite: 'strict' });",
+            confidence: 0.8,
+        });
+    }
+    // No CSRF protection
+    const hasFormPost = testCode(code, /app\.post\s*\(|method\s*=\s*["']POST/gi);
+    const hasCsrf = testCode(code, /csrf|csurf|xsrf|_token|csrfToken|antiForgery|X-CSRF|X-XSRF/gi);
+    if (hasFormPost && !hasCsrf && hasSession) {
+        findings.push({
+            ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
+            severity: "high",
+            title: "No CSRF protection on form submissions",
+            description: "POST endpoints with session-based auth but no CSRF tokens. Attackers can craft pages that submit forms on behalf of authenticated users.",
+            recommendation: "Use CSRF tokens (csurf middleware, Django CSRF, Rails authenticity_token). Set SameSite=Strict on cookies. Use custom headers for API calls.",
+            reference: "OWASP CSRF Prevention Cheat Sheet / CWE-352",
+            suggestedFix: "Add CSRF middleware: app.use(csrf({ cookie: { sameSite: 'strict' } })); and include the token in forms: <input type='hidden' name='_csrf' value='{{csrfToken}}'>.",
+            confidence: 0.8,
+            isAbsenceBased: true,
+        });
+    }
+    // Session fixation — no session regeneration after login
+    const hasLoginHandler = /(?:login|signin|sign.?in|authenticate)\s*(?:=|=>|\(|async)|(?:\.post|\.get|\.put)\s*\(\s*["'][^"']*(?:login|signin|sign.?in|auth)["']/gi.test(code);
+    const hasSessionUsage = testCode(code, /req\.session|session\[|session\./gi);
+    const hasSessionRegen = testCode(code, /session\.regenerate|regenerateSession|session\.cycle|rotate.*session|new.*session|session\.create/gi);
+    if (hasLoginHandler && hasSessionUsage && !hasSessionRegen && code.split("\n").length > 10) {
+        findings.push({
+            ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
+            severity: "high",
+            title: "No session regeneration after authentication",
+            description: "Login handler uses sessions but does not regenerate the session ID after successful authentication. This enables session fixation attacks where an attacker pre-sets the session ID.",
+            recommendation: "Call req.session.regenerate() (Express), session.cycle() (Phoenix), or equivalent immediately after successful login. This invalidates the pre-authentication session ID.",
+            reference: "OWASP Session Fixation — CWE-384",
+            suggestedFix: "Regenerate session after login: req.session.regenerate((err) => { req.session.userId = user.id; res.redirect('/dashboard'); });",
+            confidence: 0.8,
+            isAbsenceBased: true,
+        });
+    }
+    // No MFA/2FA consideration in authentication flows
+    const hasAuthFlow = /(?:login|signin|sign.?in|authenticate|password.*reset|change.*password)\s*(?:\(|=>|=|async)|(?:\.post|\.get|\.put)\s*\(\s*["'][^"']*(?:login|signin|sign.?in|auth|password)["']/gi.test(code);
+    const hasProtectedOps = /(?:transfer|payment|withdraw|approve|delete.*account|change.*email|wire|payout)/gi.test(code);
+    const hasMfa = /(?:mfa|2fa|two.?factor|totp|otp|authenticator|verification.?code|sms.?code|security.?code|second.?factor)/gi.test(code);
+    if ((hasAuthFlow || hasProtectedOps) && !hasMfa && code.split("\n").length > 40) {
+        findings.push({
+            ruleId: `${prefix}-${String(ruleNum).padStart(3, "0")}`,
+            severity: "medium",
+            title: "No MFA/2FA consideration in authentication flow",
+            description: "Authentication or sensitive operation flow with no references to multi-factor authentication. Password-only auth is insufficient for protecting high-value operations.",
+            recommendation: "Implement or integrate MFA (TOTP, WebAuthn, SMS). At minimum, support optional MFA for users and require it for admin/sensitive operations. Consider FIDO2/WebAuthn for phishing-resistant auth.",
+            reference: "NIST 800-63B / OWASP MFA Cheat Sheet",
+            suggestedFix: "Integrate TOTP-based MFA: const verified = speakeasy.totp.verify({ secret: user.mfaSecret, token: req.body.totpCode }); and require MFA for admin and sensitive operations.",
+            confidence: 0.7,
+            isAbsenceBased: true,
+        });
+    }
+    return findings;
+}

package/dist/evaluators/backwards-compatibility.d.ts ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ import type { Finding } from "../types.js";
2	+ export declare function analyzeBackwardsCompatibility(code: string, language: string): Finding[];