@kevinrabun/judges-cli 3.124.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1745) hide show
  1. package/README.md +24 -0
  2. package/agents/accessibility.judge.md +44 -0
  3. package/agents/agent-instructions.judge.md +44 -0
  4. package/agents/ai-code-safety.judge.md +55 -0
  5. package/agents/api-contract.judge.md +37 -0
  6. package/agents/api-design.judge.md +55 -0
  7. package/agents/authentication.judge.md +61 -0
  8. package/agents/backwards-compatibility.judge.md +44 -0
  9. package/agents/caching.judge.md +44 -0
  10. package/agents/ci-cd.judge.md +44 -0
  11. package/agents/cloud-readiness.judge.md +51 -0
  12. package/agents/code-structure.judge.md +48 -0
  13. package/agents/compliance.judge.md +47 -0
  14. package/agents/concurrency.judge.md +46 -0
  15. package/agents/configuration-management.judge.md +44 -0
  16. package/agents/cost-effectiveness.judge.md +40 -0
  17. package/agents/cybersecurity.judge.md +61 -0
  18. package/agents/data-security.judge.md +48 -0
  19. package/agents/data-sovereignty.judge.md +58 -0
  20. package/agents/database.judge.md +49 -0
  21. package/agents/dependency-health.judge.md +46 -0
  22. package/agents/documentation.judge.md +53 -0
  23. package/agents/error-handling.judge.md +53 -0
  24. package/agents/ethics-bias.judge.md +46 -0
  25. package/agents/false-positive-review.judge.md +85 -0
  26. package/agents/framework-safety.judge.md +47 -0
  27. package/agents/hallucination-detection.judge.md +46 -0
  28. package/agents/iac-security.judge.md +45 -0
  29. package/agents/intent-alignment.judge.md +44 -0
  30. package/agents/internationalization.judge.md +42 -0
  31. package/agents/logging-privacy.judge.md +44 -0
  32. package/agents/logic-review.judge.md +34 -0
  33. package/agents/maintainability.judge.md +44 -0
  34. package/agents/model-fingerprint.judge.md +31 -0
  35. package/agents/multi-turn-coherence.judge.md +36 -0
  36. package/agents/observability.judge.md +52 -0
  37. package/agents/over-engineering.judge.md +48 -0
  38. package/agents/performance.judge.md +44 -0
  39. package/agents/portability.judge.md +44 -0
  40. package/agents/rate-limiting.judge.md +53 -0
  41. package/agents/reliability.judge.md +55 -0
  42. package/agents/scalability.judge.md +50 -0
  43. package/agents/security.judge.md +62 -0
  44. package/agents/software-practices.judge.md +54 -0
  45. package/agents/testing.judge.md +52 -0
  46. package/agents/ux.judge.md +44 -0
  47. package/bin/judges.js +8 -0
  48. package/dist/a2a-protocol.d.ts +136 -0
  49. package/dist/a2a-protocol.js +218 -0
  50. package/dist/agent-loader.d.ts +107 -0
  51. package/dist/agent-loader.js +260 -0
  52. package/dist/api.d.ts +169 -0
  53. package/dist/api.js +195 -0
  54. package/dist/ast/cross-file-taint.d.ts +42 -0
  55. package/dist/ast/cross-file-taint.js +679 -0
  56. package/dist/ast/index.d.ts +25 -0
  57. package/dist/ast/index.js +148 -0
  58. package/dist/ast/structural-parser.d.ts +2 -0
  59. package/dist/ast/structural-parser.js +756 -0
  60. package/dist/ast/taint-tracker.d.ts +48 -0
  61. package/dist/ast/taint-tracker.js +1033 -0
  62. package/dist/ast/tree-sitter-ast.d.ts +33 -0
  63. package/dist/ast/tree-sitter-ast.js +1164 -0
  64. package/dist/ast/types.d.ts +50 -0
  65. package/dist/ast/types.js +7 -0
  66. package/dist/audit-trail.d.ts +245 -0
  67. package/dist/audit-trail.js +257 -0
  68. package/dist/auto-tune.d.ts +146 -0
  69. package/dist/auto-tune.js +373 -0
  70. package/dist/cache.d.ts +53 -0
  71. package/dist/cache.js +86 -0
  72. package/dist/calibration.d.ts +108 -0
  73. package/dist/calibration.js +219 -0
  74. package/dist/cli-dispatch.d.ts +7 -0
  75. package/dist/cli-dispatch.js +654 -0
  76. package/dist/cli-formatters.d.ts +6 -0
  77. package/dist/cli-formatters.js +186 -0
  78. package/dist/cli-helpers.d.ts +29 -0
  79. package/dist/cli-helpers.js +129 -0
  80. package/dist/cli.d.ts +30 -0
  81. package/dist/cli.js +1487 -0
  82. package/dist/commands/adoption-report.d.ts +7 -0
  83. package/dist/commands/adoption-report.js +218 -0
  84. package/dist/commands/adoption-track.d.ts +4 -0
  85. package/dist/commands/adoption-track.js +246 -0
  86. package/dist/commands/ai-gate.d.ts +7 -0
  87. package/dist/commands/ai-gate.js +212 -0
  88. package/dist/commands/ai-model-trust.d.ts +16 -0
  89. package/dist/commands/ai-model-trust.js +234 -0
  90. package/dist/commands/ai-output-compare.d.ts +8 -0
  91. package/dist/commands/ai-output-compare.js +202 -0
  92. package/dist/commands/ai-pattern-trend.d.ts +8 -0
  93. package/dist/commands/ai-pattern-trend.js +223 -0
  94. package/dist/commands/ai-prompt-audit.d.ts +22 -0
  95. package/dist/commands/ai-prompt-audit.js +254 -0
  96. package/dist/commands/ai-provenance.d.ts +4 -0
  97. package/dist/commands/ai-provenance.js +247 -0
  98. package/dist/commands/api-audit.d.ts +8 -0
  99. package/dist/commands/api-audit.js +359 -0
  100. package/dist/commands/api-misuse.d.ts +4 -0
  101. package/dist/commands/api-misuse.js +260 -0
  102. package/dist/commands/api-versioning-audit.d.ts +5 -0
  103. package/dist/commands/api-versioning-audit.js +233 -0
  104. package/dist/commands/approve-chain.d.ts +7 -0
  105. package/dist/commands/approve-chain.js +234 -0
  106. package/dist/commands/arch-audit.d.ts +8 -0
  107. package/dist/commands/arch-audit.js +283 -0
  108. package/dist/commands/assertion-density.d.ts +4 -0
  109. package/dist/commands/assertion-density.js +263 -0
  110. package/dist/commands/assign-findings.d.ts +36 -0
  111. package/dist/commands/assign-findings.js +177 -0
  112. package/dist/commands/async-safety.d.ts +4 -0
  113. package/dist/commands/async-safety.js +266 -0
  114. package/dist/commands/audit-bundle.d.ts +28 -0
  115. package/dist/commands/audit-bundle.js +234 -0
  116. package/dist/commands/audit-trail.d.ts +17 -0
  117. package/dist/commands/audit-trail.js +154 -0
  118. package/dist/commands/auto-approve.d.ts +4 -0
  119. package/dist/commands/auto-approve.js +188 -0
  120. package/dist/commands/auto-calibrate.d.ts +14 -0
  121. package/dist/commands/auto-calibrate.js +106 -0
  122. package/dist/commands/auto-detect.d.ts +61 -0
  123. package/dist/commands/auto-detect.js +328 -0
  124. package/dist/commands/auto-fix.d.ts +17 -0
  125. package/dist/commands/auto-fix.js +240 -0
  126. package/dist/commands/auto-triage.d.ts +31 -0
  127. package/dist/commands/auto-triage.js +125 -0
  128. package/dist/commands/baseline.d.ts +47 -0
  129. package/dist/commands/baseline.js +353 -0
  130. package/dist/commands/batch-review.d.ts +4 -0
  131. package/dist/commands/batch-review.js +180 -0
  132. package/dist/commands/benchmark-advanced.d.ts +14 -0
  133. package/dist/commands/benchmark-advanced.js +5057 -0
  134. package/dist/commands/benchmark-ai-agents.d.ts +8 -0
  135. package/dist/commands/benchmark-ai-agents.js +4123 -0
  136. package/dist/commands/benchmark-ai-output.d.ts +9 -0
  137. package/dist/commands/benchmark-ai-output.js +365 -0
  138. package/dist/commands/benchmark-compliance-ethics.d.ts +8 -0
  139. package/dist/commands/benchmark-compliance-ethics.js +3060 -0
  140. package/dist/commands/benchmark-expanded-2.d.ts +12 -0
  141. package/dist/commands/benchmark-expanded-2.js +5530 -0
  142. package/dist/commands/benchmark-expanded.d.ts +12 -0
  143. package/dist/commands/benchmark-expanded.js +2599 -0
  144. package/dist/commands/benchmark-infrastructure.d.ts +8 -0
  145. package/dist/commands/benchmark-infrastructure.js +2882 -0
  146. package/dist/commands/benchmark-languages.d.ts +8 -0
  147. package/dist/commands/benchmark-languages.js +1963 -0
  148. package/dist/commands/benchmark-quality-ops.d.ts +8 -0
  149. package/dist/commands/benchmark-quality-ops.js +3415 -0
  150. package/dist/commands/benchmark-security-deep.d.ts +9 -0
  151. package/dist/commands/benchmark-security-deep.js +2335 -0
  152. package/dist/commands/benchmark.d.ts +233 -0
  153. package/dist/commands/benchmark.js +3214 -0
  154. package/dist/commands/blame-review.d.ts +4 -0
  155. package/dist/commands/blame-review.js +266 -0
  156. package/dist/commands/boundary-enforce.d.ts +5 -0
  157. package/dist/commands/boundary-enforce.js +255 -0
  158. package/dist/commands/build-optimize.d.ts +6 -0
  159. package/dist/commands/build-optimize.js +256 -0
  160. package/dist/commands/burndown.d.ts +26 -0
  161. package/dist/commands/burndown.js +179 -0
  162. package/dist/commands/cache-audit.d.ts +4 -0
  163. package/dist/commands/cache-audit.js +219 -0
  164. package/dist/commands/calibration-dashboard.d.ts +1 -0
  165. package/dist/commands/calibration-dashboard.js +294 -0
  166. package/dist/commands/calibration-share.d.ts +30 -0
  167. package/dist/commands/calibration-share.js +182 -0
  168. package/dist/commands/chat-notify.d.ts +8 -0
  169. package/dist/commands/chat-notify.js +258 -0
  170. package/dist/commands/ci-template.d.ts +14 -0
  171. package/dist/commands/ci-template.js +211 -0
  172. package/dist/commands/ci-templates.d.ts +9 -0
  173. package/dist/commands/ci-templates.js +89 -0
  174. package/dist/commands/clarity-score.d.ts +8 -0
  175. package/dist/commands/clarity-score.js +260 -0
  176. package/dist/commands/clone-detect.d.ts +4 -0
  177. package/dist/commands/clone-detect.js +232 -0
  178. package/dist/commands/coach-mode.d.ts +7 -0
  179. package/dist/commands/coach-mode.js +229 -0
  180. package/dist/commands/code-health.d.ts +4 -0
  181. package/dist/commands/code-health.js +195 -0
  182. package/dist/commands/code-owner-suggest.d.ts +16 -0
  183. package/dist/commands/code-owner-suggest.js +214 -0
  184. package/dist/commands/code-similarity.d.ts +8 -0
  185. package/dist/commands/code-similarity.js +231 -0
  186. package/dist/commands/comment-drift.d.ts +4 -0
  187. package/dist/commands/comment-drift.js +228 -0
  188. package/dist/commands/commit-hygiene.d.ts +5 -0
  189. package/dist/commands/commit-hygiene.js +175 -0
  190. package/dist/commands/community-patterns.d.ts +1 -0
  191. package/dist/commands/community-patterns.js +131 -0
  192. package/dist/commands/compare-runs.d.ts +37 -0
  193. package/dist/commands/compare-runs.js +228 -0
  194. package/dist/commands/completion-audit.d.ts +4 -0
  195. package/dist/commands/completion-audit.js +296 -0
  196. package/dist/commands/completions.d.ts +1 -0
  197. package/dist/commands/completions.js +257 -0
  198. package/dist/commands/compliance-map.d.ts +8 -0
  199. package/dist/commands/compliance-map.js +374 -0
  200. package/dist/commands/compliance-report.d.ts +34 -0
  201. package/dist/commands/compliance-report.js +161 -0
  202. package/dist/commands/compliance-weight.d.ts +8 -0
  203. package/dist/commands/compliance-weight.js +272 -0
  204. package/dist/commands/config-drift.d.ts +24 -0
  205. package/dist/commands/config-drift.js +213 -0
  206. package/dist/commands/config-lint.d.ts +4 -0
  207. package/dist/commands/config-lint.js +187 -0
  208. package/dist/commands/config-migrate.d.ts +43 -0
  209. package/dist/commands/config-migrate.js +240 -0
  210. package/dist/commands/config-share.d.ts +95 -0
  211. package/dist/commands/config-share.js +406 -0
  212. package/dist/commands/context-blind.d.ts +4 -0
  213. package/dist/commands/context-blind.js +272 -0
  214. package/dist/commands/context-inject.d.ts +8 -0
  215. package/dist/commands/context-inject.js +211 -0
  216. package/dist/commands/contract-verify.d.ts +4 -0
  217. package/dist/commands/contract-verify.js +316 -0
  218. package/dist/commands/correlate.d.ts +27 -0
  219. package/dist/commands/correlate.js +241 -0
  220. package/dist/commands/cost-forecast.d.ts +18 -0
  221. package/dist/commands/cost-forecast.js +193 -0
  222. package/dist/commands/coverage-map.d.ts +22 -0
  223. package/dist/commands/coverage-map.js +222 -0
  224. package/dist/commands/coverage.d.ts +40 -0
  225. package/dist/commands/coverage.js +147 -0
  226. package/dist/commands/cross-file-consistency.d.ts +4 -0
  227. package/dist/commands/cross-file-consistency.js +254 -0
  228. package/dist/commands/cross-pr-regression.d.ts +8 -0
  229. package/dist/commands/cross-pr-regression.js +297 -0
  230. package/dist/commands/custom-rule.d.ts +4 -0
  231. package/dist/commands/custom-rule.js +210 -0
  232. package/dist/commands/dead-code-detect.d.ts +4 -0
  233. package/dist/commands/dead-code-detect.js +255 -0
  234. package/dist/commands/dedup-report.d.ts +12 -0
  235. package/dist/commands/dedup-report.js +137 -0
  236. package/dist/commands/dep-audit.d.ts +52 -0
  237. package/dist/commands/dep-audit.js +277 -0
  238. package/dist/commands/dep-correlate.d.ts +8 -0
  239. package/dist/commands/dep-correlate.js +207 -0
  240. package/dist/commands/deploy-readiness.d.ts +5 -0
  241. package/dist/commands/deploy-readiness.js +211 -0
  242. package/dist/commands/deprecated.d.ts +47 -0
  243. package/dist/commands/deprecated.js +201 -0
  244. package/dist/commands/deps.d.ts +5 -0
  245. package/dist/commands/deps.js +122 -0
  246. package/dist/commands/design-audit.d.ts +8 -0
  247. package/dist/commands/design-audit.js +301 -0
  248. package/dist/commands/dev-score.d.ts +36 -0
  249. package/dist/commands/dev-score.js +203 -0
  250. package/dist/commands/diff-explain.d.ts +4 -0
  251. package/dist/commands/diff-explain.js +142 -0
  252. package/dist/commands/diff-only.d.ts +33 -0
  253. package/dist/commands/diff-only.js +151 -0
  254. package/dist/commands/diff-review.d.ts +4 -0
  255. package/dist/commands/diff-review.js +190 -0
  256. package/dist/commands/diff.d.ts +6 -0
  257. package/dist/commands/diff.js +449 -0
  258. package/dist/commands/digest.d.ts +19 -0
  259. package/dist/commands/digest.js +221 -0
  260. package/dist/commands/doc-drift.d.ts +8 -0
  261. package/dist/commands/doc-drift.js +258 -0
  262. package/dist/commands/doc-gen.d.ts +7 -0
  263. package/dist/commands/doc-gen.js +208 -0
  264. package/dist/commands/docs.d.ts +1 -0
  265. package/dist/commands/docs.js +156 -0
  266. package/dist/commands/doctor.d.ts +55 -0
  267. package/dist/commands/doctor.js +362 -0
  268. package/dist/commands/encoding-safety.d.ts +4 -0
  269. package/dist/commands/encoding-safety.js +275 -0
  270. package/dist/commands/error-taxonomy.d.ts +5 -0
  271. package/dist/commands/error-taxonomy.js +226 -0
  272. package/dist/commands/error-ux.d.ts +4 -0
  273. package/dist/commands/error-ux.js +252 -0
  274. package/dist/commands/event-leak.d.ts +4 -0
  275. package/dist/commands/event-leak.js +262 -0
  276. package/dist/commands/evidence-chain.d.ts +4 -0
  277. package/dist/commands/evidence-chain.js +309 -0
  278. package/dist/commands/example-leak.d.ts +4 -0
  279. package/dist/commands/example-leak.js +232 -0
  280. package/dist/commands/exception-consistency.d.ts +6 -0
  281. package/dist/commands/exception-consistency.js +192 -0
  282. package/dist/commands/exec-report.d.ts +8 -0
  283. package/dist/commands/exec-report.js +271 -0
  284. package/dist/commands/explain-finding.d.ts +7 -0
  285. package/dist/commands/explain-finding.js +278 -0
  286. package/dist/commands/false-negatives.d.ts +34 -0
  287. package/dist/commands/false-negatives.js +165 -0
  288. package/dist/commands/feedback-rules.d.ts +28 -0
  289. package/dist/commands/feedback-rules.js +173 -0
  290. package/dist/commands/feedback.d.ts +182 -0
  291. package/dist/commands/feedback.js +550 -0
  292. package/dist/commands/finding-age-analysis.d.ts +4 -0
  293. package/dist/commands/finding-age-analysis.js +144 -0
  294. package/dist/commands/finding-age-report.d.ts +4 -0
  295. package/dist/commands/finding-age-report.js +154 -0
  296. package/dist/commands/finding-age-tracker.d.ts +7 -0
  297. package/dist/commands/finding-age-tracker.js +152 -0
  298. package/dist/commands/finding-age.d.ts +4 -0
  299. package/dist/commands/finding-age.js +145 -0
  300. package/dist/commands/finding-ancestry-trace.d.ts +1 -0
  301. package/dist/commands/finding-ancestry-trace.js +69 -0
  302. package/dist/commands/finding-annotation-export.d.ts +1 -0
  303. package/dist/commands/finding-annotation-export.js +97 -0
  304. package/dist/commands/finding-annotation-layer.d.ts +4 -0
  305. package/dist/commands/finding-annotation-layer.js +128 -0
  306. package/dist/commands/finding-auto-categorize.d.ts +1 -0
  307. package/dist/commands/finding-auto-categorize.js +109 -0
  308. package/dist/commands/finding-auto-fix-suggest.d.ts +1 -0
  309. package/dist/commands/finding-auto-fix-suggest.js +76 -0
  310. package/dist/commands/finding-auto-fix.d.ts +4 -0
  311. package/dist/commands/finding-auto-fix.js +188 -0
  312. package/dist/commands/finding-auto-group.d.ts +4 -0
  313. package/dist/commands/finding-auto-group.js +108 -0
  314. package/dist/commands/finding-auto-label.d.ts +4 -0
  315. package/dist/commands/finding-auto-label.js +220 -0
  316. package/dist/commands/finding-auto-priority.d.ts +1 -0
  317. package/dist/commands/finding-auto-priority.js +100 -0
  318. package/dist/commands/finding-auto-suppress.d.ts +4 -0
  319. package/dist/commands/finding-auto-suppress.js +126 -0
  320. package/dist/commands/finding-auto-tag.d.ts +4 -0
  321. package/dist/commands/finding-auto-tag.js +113 -0
  322. package/dist/commands/finding-auto-triage.d.ts +4 -0
  323. package/dist/commands/finding-auto-triage.js +108 -0
  324. package/dist/commands/finding-autofix-preview.d.ts +4 -0
  325. package/dist/commands/finding-autofix-preview.js +86 -0
  326. package/dist/commands/finding-batch-resolve.d.ts +4 -0
  327. package/dist/commands/finding-batch-resolve.js +165 -0
  328. package/dist/commands/finding-batch-suppress.d.ts +4 -0
  329. package/dist/commands/finding-batch-suppress.js +85 -0
  330. package/dist/commands/finding-batch-triage.d.ts +1 -0
  331. package/dist/commands/finding-batch-triage.js +90 -0
  332. package/dist/commands/finding-blast-radius.d.ts +4 -0
  333. package/dist/commands/finding-blast-radius.js +91 -0
  334. package/dist/commands/finding-budget.d.ts +4 -0
  335. package/dist/commands/finding-budget.js +232 -0
  336. package/dist/commands/finding-category-map.d.ts +4 -0
  337. package/dist/commands/finding-category-map.js +103 -0
  338. package/dist/commands/finding-category-stats.d.ts +4 -0
  339. package/dist/commands/finding-category-stats.js +104 -0
  340. package/dist/commands/finding-category.d.ts +4 -0
  341. package/dist/commands/finding-category.js +109 -0
  342. package/dist/commands/finding-change-impact.d.ts +4 -0
  343. package/dist/commands/finding-change-impact.js +107 -0
  344. package/dist/commands/finding-cluster-analysis.d.ts +4 -0
  345. package/dist/commands/finding-cluster-analysis.js +133 -0
  346. package/dist/commands/finding-cluster-group.d.ts +4 -0
  347. package/dist/commands/finding-cluster-group.js +105 -0
  348. package/dist/commands/finding-cluster-summary.d.ts +1 -0
  349. package/dist/commands/finding-cluster-summary.js +85 -0
  350. package/dist/commands/finding-cluster.d.ts +4 -0
  351. package/dist/commands/finding-cluster.js +157 -0
  352. package/dist/commands/finding-code-context.d.ts +4 -0
  353. package/dist/commands/finding-code-context.js +96 -0
  354. package/dist/commands/finding-code-smell.d.ts +4 -0
  355. package/dist/commands/finding-code-smell.js +113 -0
  356. package/dist/commands/finding-compare-runs.d.ts +4 -0
  357. package/dist/commands/finding-compare-runs.js +105 -0
  358. package/dist/commands/finding-compliance-tag.d.ts +1 -0
  359. package/dist/commands/finding-compliance-tag.js +106 -0
  360. package/dist/commands/finding-confidence-boost.d.ts +1 -0
  361. package/dist/commands/finding-confidence-boost.js +88 -0
  362. package/dist/commands/finding-confidence-calibrate.d.ts +4 -0
  363. package/dist/commands/finding-confidence-calibrate.js +111 -0
  364. package/dist/commands/finding-confidence-filter.d.ts +4 -0
  365. package/dist/commands/finding-confidence-filter.js +77 -0
  366. package/dist/commands/finding-contest.d.ts +7 -0
  367. package/dist/commands/finding-contest.js +192 -0
  368. package/dist/commands/finding-context-enrich.d.ts +4 -0
  369. package/dist/commands/finding-context-enrich.js +89 -0
  370. package/dist/commands/finding-context-expand.d.ts +4 -0
  371. package/dist/commands/finding-context-expand.js +102 -0
  372. package/dist/commands/finding-context-link.d.ts +1 -0
  373. package/dist/commands/finding-context-link.js +94 -0
  374. package/dist/commands/finding-context-summary.d.ts +1 -0
  375. package/dist/commands/finding-context-summary.js +85 -0
  376. package/dist/commands/finding-context-window.d.ts +4 -0
  377. package/dist/commands/finding-context-window.js +126 -0
  378. package/dist/commands/finding-context.d.ts +4 -0
  379. package/dist/commands/finding-context.js +140 -0
  380. package/dist/commands/finding-correlate.d.ts +4 -0
  381. package/dist/commands/finding-correlate.js +88 -0
  382. package/dist/commands/finding-correlation-map.d.ts +4 -0
  383. package/dist/commands/finding-correlation-map.js +101 -0
  384. package/dist/commands/finding-correlation.d.ts +4 -0
  385. package/dist/commands/finding-correlation.js +103 -0
  386. package/dist/commands/finding-cross-file-link.d.ts +1 -0
  387. package/dist/commands/finding-cross-file-link.js +101 -0
  388. package/dist/commands/finding-cross-ref.d.ts +4 -0
  389. package/dist/commands/finding-cross-ref.js +98 -0
  390. package/dist/commands/finding-cve-lookup.d.ts +4 -0
  391. package/dist/commands/finding-cve-lookup.js +97 -0
  392. package/dist/commands/finding-cwe-lookup.d.ts +4 -0
  393. package/dist/commands/finding-cwe-lookup.js +148 -0
  394. package/dist/commands/finding-cwe-map.d.ts +4 -0
  395. package/dist/commands/finding-cwe-map.js +133 -0
  396. package/dist/commands/finding-dedup-cross-file.d.ts +4 -0
  397. package/dist/commands/finding-dedup-cross-file.js +95 -0
  398. package/dist/commands/finding-dedup-cross.d.ts +4 -0
  399. package/dist/commands/finding-dedup-cross.js +90 -0
  400. package/dist/commands/finding-dedup-merge.d.ts +1 -0
  401. package/dist/commands/finding-dedup-merge.js +107 -0
  402. package/dist/commands/finding-dedup-report.d.ts +4 -0
  403. package/dist/commands/finding-dedup-report.js +101 -0
  404. package/dist/commands/finding-dedup-smart.d.ts +1 -0
  405. package/dist/commands/finding-dedup-smart.js +109 -0
  406. package/dist/commands/finding-deduplicate.d.ts +4 -0
  407. package/dist/commands/finding-deduplicate.js +141 -0
  408. package/dist/commands/finding-dependency-check.d.ts +4 -0
  409. package/dist/commands/finding-dependency-check.js +119 -0
  410. package/dist/commands/finding-dependency-impact.d.ts +1 -0
  411. package/dist/commands/finding-dependency-impact.js +97 -0
  412. package/dist/commands/finding-dependency-link.d.ts +4 -0
  413. package/dist/commands/finding-dependency-link.js +73 -0
  414. package/dist/commands/finding-dependency-risk.d.ts +4 -0
  415. package/dist/commands/finding-dependency-risk.js +117 -0
  416. package/dist/commands/finding-dependency-tree.d.ts +4 -0
  417. package/dist/commands/finding-dependency-tree.js +116 -0
  418. package/dist/commands/finding-diff-highlight.d.ts +4 -0
  419. package/dist/commands/finding-diff-highlight.js +107 -0
  420. package/dist/commands/finding-dismiss-workflow.d.ts +4 -0
  421. package/dist/commands/finding-dismiss-workflow.js +119 -0
  422. package/dist/commands/finding-duplicate-detect.d.ts +4 -0
  423. package/dist/commands/finding-duplicate-detect.js +113 -0
  424. package/dist/commands/finding-duplicate-rule.d.ts +4 -0
  425. package/dist/commands/finding-duplicate-rule.js +103 -0
  426. package/dist/commands/finding-effort-rank.d.ts +1 -0
  427. package/dist/commands/finding-effort-rank.js +93 -0
  428. package/dist/commands/finding-evidence-chain.d.ts +4 -0
  429. package/dist/commands/finding-evidence-chain.js +147 -0
  430. package/dist/commands/finding-evidence-collect.d.ts +4 -0
  431. package/dist/commands/finding-evidence-collect.js +114 -0
  432. package/dist/commands/finding-explain.d.ts +4 -0
  433. package/dist/commands/finding-explain.js +93 -0
  434. package/dist/commands/finding-export-csv.d.ts +4 -0
  435. package/dist/commands/finding-export-csv.js +78 -0
  436. package/dist/commands/finding-false-neg-check.d.ts +8 -0
  437. package/dist/commands/finding-false-neg-check.js +139 -0
  438. package/dist/commands/finding-false-positive-learn.d.ts +4 -0
  439. package/dist/commands/finding-false-positive-learn.js +85 -0
  440. package/dist/commands/finding-false-positive-log.d.ts +4 -0
  441. package/dist/commands/finding-false-positive-log.js +150 -0
  442. package/dist/commands/finding-false-positive.d.ts +4 -0
  443. package/dist/commands/finding-false-positive.js +134 -0
  444. package/dist/commands/finding-filter-view.d.ts +4 -0
  445. package/dist/commands/finding-filter-view.js +107 -0
  446. package/dist/commands/finding-fix-chain.d.ts +1 -0
  447. package/dist/commands/finding-fix-chain.js +78 -0
  448. package/dist/commands/finding-fix-estimate.d.ts +1 -0
  449. package/dist/commands/finding-fix-estimate.js +95 -0
  450. package/dist/commands/finding-fix-playbook.d.ts +1 -0
  451. package/dist/commands/finding-fix-playbook.js +110 -0
  452. package/dist/commands/finding-fix-priority.d.ts +4 -0
  453. package/dist/commands/finding-fix-priority.js +98 -0
  454. package/dist/commands/finding-fix-rate.d.ts +4 -0
  455. package/dist/commands/finding-fix-rate.js +141 -0
  456. package/dist/commands/finding-fix-suggest.d.ts +4 -0
  457. package/dist/commands/finding-fix-suggest.js +88 -0
  458. package/dist/commands/finding-fix-validation.d.ts +4 -0
  459. package/dist/commands/finding-fix-validation.js +115 -0
  460. package/dist/commands/finding-fix-verify.d.ts +4 -0
  461. package/dist/commands/finding-fix-verify.js +198 -0
  462. package/dist/commands/finding-group-by.d.ts +4 -0
  463. package/dist/commands/finding-group-by.js +86 -0
  464. package/dist/commands/finding-group.d.ts +15 -0
  465. package/dist/commands/finding-group.js +164 -0
  466. package/dist/commands/finding-groupby-file.d.ts +4 -0
  467. package/dist/commands/finding-groupby-file.js +94 -0
  468. package/dist/commands/finding-hotfix-suggest.d.ts +7 -0
  469. package/dist/commands/finding-hotfix-suggest.js +170 -0
  470. package/dist/commands/finding-hotspot-detect.d.ts +1 -0
  471. package/dist/commands/finding-hotspot-detect.js +120 -0
  472. package/dist/commands/finding-hotspot-map.d.ts +4 -0
  473. package/dist/commands/finding-hotspot-map.js +106 -0
  474. package/dist/commands/finding-hotspot.d.ts +4 -0
  475. package/dist/commands/finding-hotspot.js +115 -0
  476. package/dist/commands/finding-impact-radius.d.ts +1 -0
  477. package/dist/commands/finding-impact-radius.js +94 -0
  478. package/dist/commands/finding-impact-rank.d.ts +4 -0
  479. package/dist/commands/finding-impact-rank.js +85 -0
  480. package/dist/commands/finding-impact-score.d.ts +4 -0
  481. package/dist/commands/finding-impact-score.js +123 -0
  482. package/dist/commands/finding-impact.d.ts +4 -0
  483. package/dist/commands/finding-impact.js +135 -0
  484. package/dist/commands/finding-line-blame.d.ts +7 -0
  485. package/dist/commands/finding-line-blame.js +129 -0
  486. package/dist/commands/finding-link-graph.d.ts +4 -0
  487. package/dist/commands/finding-link-graph.js +144 -0
  488. package/dist/commands/finding-link.d.ts +4 -0
  489. package/dist/commands/finding-link.js +128 -0
  490. package/dist/commands/finding-merge-results.d.ts +4 -0
  491. package/dist/commands/finding-merge-results.js +110 -0
  492. package/dist/commands/finding-merge-strategy.d.ts +1 -0
  493. package/dist/commands/finding-merge-strategy.js +84 -0
  494. package/dist/commands/finding-metadata-enrich.d.ts +4 -0
  495. package/dist/commands/finding-metadata-enrich.js +92 -0
  496. package/dist/commands/finding-noise-filter.d.ts +7 -0
  497. package/dist/commands/finding-noise-filter.js +140 -0
  498. package/dist/commands/finding-noise-reduce.d.ts +1 -0
  499. package/dist/commands/finding-noise-reduce.js +81 -0
  500. package/dist/commands/finding-noise-score.d.ts +1 -0
  501. package/dist/commands/finding-noise-score.js +93 -0
  502. package/dist/commands/finding-owner-assign.d.ts +4 -0
  503. package/dist/commands/finding-owner-assign.js +133 -0
  504. package/dist/commands/finding-owner-notify.d.ts +1 -0
  505. package/dist/commands/finding-owner-notify.js +121 -0
  506. package/dist/commands/finding-ownership-assign.d.ts +4 -0
  507. package/dist/commands/finding-ownership-assign.js +101 -0
  508. package/dist/commands/finding-ownership-map.d.ts +4 -0
  509. package/dist/commands/finding-ownership-map.js +118 -0
  510. package/dist/commands/finding-patch-chain.d.ts +1 -0
  511. package/dist/commands/finding-patch-chain.js +90 -0
  512. package/dist/commands/finding-patch-preview.d.ts +4 -0
  513. package/dist/commands/finding-patch-preview.js +103 -0
  514. package/dist/commands/finding-pattern-detect.d.ts +4 -0
  515. package/dist/commands/finding-pattern-detect.js +127 -0
  516. package/dist/commands/finding-pattern-library.d.ts +4 -0
  517. package/dist/commands/finding-pattern-library.js +145 -0
  518. package/dist/commands/finding-pattern-match.d.ts +4 -0
  519. package/dist/commands/finding-pattern-match.js +165 -0
  520. package/dist/commands/finding-prioritize.d.ts +4 -0
  521. package/dist/commands/finding-prioritize.js +119 -0
  522. package/dist/commands/finding-priority-matrix.d.ts +4 -0
  523. package/dist/commands/finding-priority-matrix.js +102 -0
  524. package/dist/commands/finding-priority-queue.d.ts +4 -0
  525. package/dist/commands/finding-priority-queue.js +131 -0
  526. package/dist/commands/finding-priority-rank.d.ts +1 -0
  527. package/dist/commands/finding-priority-rank.js +82 -0
  528. package/dist/commands/finding-quality-gate.d.ts +4 -0
  529. package/dist/commands/finding-quality-gate.js +107 -0
  530. package/dist/commands/finding-rank.d.ts +4 -0
  531. package/dist/commands/finding-rank.js +138 -0
  532. package/dist/commands/finding-reachability-check.d.ts +4 -0
  533. package/dist/commands/finding-reachability-check.js +102 -0
  534. package/dist/commands/finding-reachability.d.ts +4 -0
  535. package/dist/commands/finding-reachability.js +131 -0
  536. package/dist/commands/finding-recurrence-check.d.ts +1 -0
  537. package/dist/commands/finding-recurrence-check.js +103 -0
  538. package/dist/commands/finding-recurrence-detect.d.ts +4 -0
  539. package/dist/commands/finding-recurrence-detect.js +77 -0
  540. package/dist/commands/finding-recurrence.d.ts +4 -0
  541. package/dist/commands/finding-recurrence.js +135 -0
  542. package/dist/commands/finding-regression-check.d.ts +4 -0
  543. package/dist/commands/finding-regression-check.js +112 -0
  544. package/dist/commands/finding-regression-detect.d.ts +1 -0
  545. package/dist/commands/finding-regression-detect.js +86 -0
  546. package/dist/commands/finding-related-rules.d.ts +4 -0
  547. package/dist/commands/finding-related-rules.js +151 -0
  548. package/dist/commands/finding-remediation-cost.d.ts +1 -0
  549. package/dist/commands/finding-remediation-cost.js +79 -0
  550. package/dist/commands/finding-remediation-plan.d.ts +4 -0
  551. package/dist/commands/finding-remediation-plan.js +107 -0
  552. package/dist/commands/finding-reopen-detect.d.ts +1 -0
  553. package/dist/commands/finding-reopen-detect.js +77 -0
  554. package/dist/commands/finding-repeat-detect.d.ts +1 -0
  555. package/dist/commands/finding-repeat-detect.js +92 -0
  556. package/dist/commands/finding-resolution-track.d.ts +4 -0
  557. package/dist/commands/finding-resolution-track.js +150 -0
  558. package/dist/commands/finding-resolution-tracker.d.ts +4 -0
  559. package/dist/commands/finding-resolution-tracker.js +163 -0
  560. package/dist/commands/finding-resolution-workflow.d.ts +1 -0
  561. package/dist/commands/finding-resolution-workflow.js +91 -0
  562. package/dist/commands/finding-resolution.d.ts +4 -0
  563. package/dist/commands/finding-resolution.js +142 -0
  564. package/dist/commands/finding-risk-label.d.ts +1 -0
  565. package/dist/commands/finding-risk-label.js +72 -0
  566. package/dist/commands/finding-risk-matrix.d.ts +4 -0
  567. package/dist/commands/finding-risk-matrix.js +126 -0
  568. package/dist/commands/finding-risk-score.d.ts +4 -0
  569. package/dist/commands/finding-risk-score.js +95 -0
  570. package/dist/commands/finding-root-cause.d.ts +4 -0
  571. package/dist/commands/finding-root-cause.js +184 -0
  572. package/dist/commands/finding-rule-explain.d.ts +4 -0
  573. package/dist/commands/finding-rule-explain.js +140 -0
  574. package/dist/commands/finding-scope-filter.d.ts +1 -0
  575. package/dist/commands/finding-scope-filter.js +77 -0
  576. package/dist/commands/finding-scope-impact.d.ts +1 -0
  577. package/dist/commands/finding-scope-impact.js +83 -0
  578. package/dist/commands/finding-search-index.d.ts +4 -0
  579. package/dist/commands/finding-search-index.js +99 -0
  580. package/dist/commands/finding-security-hotspot.d.ts +4 -0
  581. package/dist/commands/finding-security-hotspot.js +175 -0
  582. package/dist/commands/finding-severity-dist.d.ts +4 -0
  583. package/dist/commands/finding-severity-dist.js +105 -0
  584. package/dist/commands/finding-severity-drift.d.ts +4 -0
  585. package/dist/commands/finding-severity-drift.js +92 -0
  586. package/dist/commands/finding-severity-heatmap.d.ts +4 -0
  587. package/dist/commands/finding-severity-heatmap.js +108 -0
  588. package/dist/commands/finding-severity-histogram.d.ts +4 -0
  589. package/dist/commands/finding-severity-histogram.js +66 -0
  590. package/dist/commands/finding-severity-override.d.ts +4 -0
  591. package/dist/commands/finding-severity-override.js +131 -0
  592. package/dist/commands/finding-severity-rebalance.d.ts +1 -0
  593. package/dist/commands/finding-severity-rebalance.js +108 -0
  594. package/dist/commands/finding-severity-trend.d.ts +4 -0
  595. package/dist/commands/finding-severity-trend.js +127 -0
  596. package/dist/commands/finding-similar-match.d.ts +1 -0
  597. package/dist/commands/finding-similar-match.js +112 -0
  598. package/dist/commands/finding-snippet.d.ts +4 -0
  599. package/dist/commands/finding-snippet.js +102 -0
  600. package/dist/commands/finding-summary-digest.d.ts +7 -0
  601. package/dist/commands/finding-summary-digest.js +145 -0
  602. package/dist/commands/finding-suppress-pattern.d.ts +4 -0
  603. package/dist/commands/finding-suppress-pattern.js +148 -0
  604. package/dist/commands/finding-suppress.d.ts +4 -0
  605. package/dist/commands/finding-suppress.js +164 -0
  606. package/dist/commands/finding-suppression-audit.d.ts +4 -0
  607. package/dist/commands/finding-suppression-audit.js +137 -0
  608. package/dist/commands/finding-suppression-list.d.ts +4 -0
  609. package/dist/commands/finding-suppression-list.js +119 -0
  610. package/dist/commands/finding-suppression-log.d.ts +4 -0
  611. package/dist/commands/finding-suppression-log.js +174 -0
  612. package/dist/commands/finding-time-to-fix.d.ts +1 -0
  613. package/dist/commands/finding-time-to-fix.js +98 -0
  614. package/dist/commands/finding-timeline-view.d.ts +4 -0
  615. package/dist/commands/finding-timeline-view.js +98 -0
  616. package/dist/commands/finding-timeline.d.ts +4 -0
  617. package/dist/commands/finding-timeline.js +143 -0
  618. package/dist/commands/finding-top-offender.d.ts +1 -0
  619. package/dist/commands/finding-top-offender.js +75 -0
  620. package/dist/commands/finding-trace.d.ts +4 -0
  621. package/dist/commands/finding-trace.js +118 -0
  622. package/dist/commands/finding-trend-alert.d.ts +1 -0
  623. package/dist/commands/finding-trend-alert.js +126 -0
  624. package/dist/commands/finding-trend-analysis.d.ts +4 -0
  625. package/dist/commands/finding-trend-analysis.js +95 -0
  626. package/dist/commands/finding-trend-forecast.d.ts +4 -0
  627. package/dist/commands/finding-trend-forecast.js +106 -0
  628. package/dist/commands/finding-trend-report.d.ts +4 -0
  629. package/dist/commands/finding-trend-report.js +107 -0
  630. package/dist/commands/finding-trend.d.ts +4 -0
  631. package/dist/commands/finding-trend.js +118 -0
  632. package/dist/commands/fix-pr.d.ts +22 -0
  633. package/dist/commands/fix-pr.js +286 -0
  634. package/dist/commands/fix-suggest.d.ts +4 -0
  635. package/dist/commands/fix-suggest.js +171 -0
  636. package/dist/commands/fix-verify.d.ts +4 -0
  637. package/dist/commands/fix-verify.js +123 -0
  638. package/dist/commands/fix.d.ts +117 -0
  639. package/dist/commands/fix.js +445 -0
  640. package/dist/commands/focus-area.d.ts +5 -0
  641. package/dist/commands/focus-area.js +192 -0
  642. package/dist/commands/generate.d.ts +7 -0
  643. package/dist/commands/generate.js +403 -0
  644. package/dist/commands/governance.d.ts +31 -0
  645. package/dist/commands/governance.js +202 -0
  646. package/dist/commands/group-findings.d.ts +22 -0
  647. package/dist/commands/group-findings.js +154 -0
  648. package/dist/commands/guided-tour.d.ts +8 -0
  649. package/dist/commands/guided-tour.js +287 -0
  650. package/dist/commands/habit-tracker.d.ts +7 -0
  651. package/dist/commands/habit-tracker.js +194 -0
  652. package/dist/commands/hallucination-detect.d.ts +4 -0
  653. package/dist/commands/hallucination-detect.js +350 -0
  654. package/dist/commands/hallucination-score.d.ts +8 -0
  655. package/dist/commands/hallucination-score.js +316 -0
  656. package/dist/commands/help.d.ts +7 -0
  657. package/dist/commands/help.js +302 -0
  658. package/dist/commands/hook-install.d.ts +21 -0
  659. package/dist/commands/hook-install.js +142 -0
  660. package/dist/commands/hook.d.ts +8 -0
  661. package/dist/commands/hook.js +145 -0
  662. package/dist/commands/iac-lint.d.ts +7 -0
  663. package/dist/commands/iac-lint.js +312 -0
  664. package/dist/commands/idempotency-audit.d.ts +4 -0
  665. package/dist/commands/idempotency-audit.js +222 -0
  666. package/dist/commands/ignore-list.d.ts +18 -0
  667. package/dist/commands/ignore-list.js +152 -0
  668. package/dist/commands/impact-scan.d.ts +8 -0
  669. package/dist/commands/impact-scan.js +281 -0
  670. package/dist/commands/incident-response.d.ts +7 -0
  671. package/dist/commands/incident-response.js +254 -0
  672. package/dist/commands/incremental-review.d.ts +4 -0
  673. package/dist/commands/incremental-review.js +236 -0
  674. package/dist/commands/init.d.ts +10 -0
  675. package/dist/commands/init.js +265 -0
  676. package/dist/commands/input-guard.d.ts +4 -0
  677. package/dist/commands/input-guard.js +255 -0
  678. package/dist/commands/interactive-fix.d.ts +22 -0
  679. package/dist/commands/interactive-fix.js +139 -0
  680. package/dist/commands/judge-author.d.ts +7 -0
  681. package/dist/commands/judge-author.js +260 -0
  682. package/dist/commands/judge-config.d.ts +4 -0
  683. package/dist/commands/judge-config.js +151 -0
  684. package/dist/commands/judge-learn.d.ts +8 -0
  685. package/dist/commands/judge-learn.js +217 -0
  686. package/dist/commands/judge-reputation.d.ts +28 -0
  687. package/dist/commands/judge-reputation.js +198 -0
  688. package/dist/commands/kb.d.ts +40 -0
  689. package/dist/commands/kb.js +228 -0
  690. package/dist/commands/language-packs.d.ts +42 -0
  691. package/dist/commands/language-packs.js +150 -0
  692. package/dist/commands/learn.d.ts +26 -0
  693. package/dist/commands/learn.js +288 -0
  694. package/dist/commands/learning-path.d.ts +8 -0
  695. package/dist/commands/learning-path.js +325 -0
  696. package/dist/commands/license-scan.d.ts +8 -0
  697. package/dist/commands/license-scan.js +183 -0
  698. package/dist/commands/llm-benchmark-optimizer.d.ts +78 -0
  699. package/dist/commands/llm-benchmark-optimizer.js +241 -0
  700. package/dist/commands/llm-benchmark.d.ts +156 -0
  701. package/dist/commands/llm-benchmark.js +670 -0
  702. package/dist/commands/log-quality.d.ts +5 -0
  703. package/dist/commands/log-quality.js +211 -0
  704. package/dist/commands/logic-lint.d.ts +4 -0
  705. package/dist/commands/logic-lint.js +255 -0
  706. package/dist/commands/lsp.d.ts +23 -0
  707. package/dist/commands/lsp.js +285 -0
  708. package/dist/commands/merge-verdict.d.ts +4 -0
  709. package/dist/commands/merge-verdict.js +287 -0
  710. package/dist/commands/metrics-dashboard.d.ts +21 -0
  711. package/dist/commands/metrics-dashboard.js +334 -0
  712. package/dist/commands/metrics.d.ts +57 -0
  713. package/dist/commands/metrics.js +241 -0
  714. package/dist/commands/migration-safety.d.ts +5 -0
  715. package/dist/commands/migration-safety.js +256 -0
  716. package/dist/commands/model-report.d.ts +8 -0
  717. package/dist/commands/model-report.js +194 -0
  718. package/dist/commands/model-risk.d.ts +27 -0
  719. package/dist/commands/model-risk.js +220 -0
  720. package/dist/commands/monorepo.d.ts +37 -0
  721. package/dist/commands/monorepo.js +232 -0
  722. package/dist/commands/multi-lang-review.d.ts +4 -0
  723. package/dist/commands/multi-lang-review.js +230 -0
  724. package/dist/commands/noise-advisor.d.ts +29 -0
  725. package/dist/commands/noise-advisor.js +170 -0
  726. package/dist/commands/notify.d.ts +78 -0
  727. package/dist/commands/notify.js +324 -0
  728. package/dist/commands/null-safety-audit.d.ts +5 -0
  729. package/dist/commands/null-safety-audit.js +221 -0
  730. package/dist/commands/observability-gap.d.ts +5 -0
  731. package/dist/commands/observability-gap.js +211 -0
  732. package/dist/commands/onboard.d.ts +12 -0
  733. package/dist/commands/onboard.js +178 -0
  734. package/dist/commands/org-metrics.d.ts +23 -0
  735. package/dist/commands/org-metrics.js +237 -0
  736. package/dist/commands/org-policy.d.ts +7 -0
  737. package/dist/commands/org-policy.js +207 -0
  738. package/dist/commands/over-abstraction.d.ts +4 -0
  739. package/dist/commands/over-abstraction.js +307 -0
  740. package/dist/commands/override.d.ts +61 -0
  741. package/dist/commands/override.js +268 -0
  742. package/dist/commands/ownership-map.d.ts +5 -0
  743. package/dist/commands/ownership-map.js +217 -0
  744. package/dist/commands/parity.d.ts +30 -0
  745. package/dist/commands/parity.js +212 -0
  746. package/dist/commands/pattern-registry.d.ts +22 -0
  747. package/dist/commands/pattern-registry.js +226 -0
  748. package/dist/commands/perf-compare.d.ts +8 -0
  749. package/dist/commands/perf-compare.js +245 -0
  750. package/dist/commands/perf-hotspot.d.ts +7 -0
  751. package/dist/commands/perf-hotspot.js +273 -0
  752. package/dist/commands/phantom-import.d.ts +4 -0
  753. package/dist/commands/phantom-import.js +260 -0
  754. package/dist/commands/pii-scan.d.ts +7 -0
  755. package/dist/commands/pii-scan.js +299 -0
  756. package/dist/commands/plugin-search.d.ts +39 -0
  757. package/dist/commands/plugin-search.js +327 -0
  758. package/dist/commands/plugins.d.ts +12 -0
  759. package/dist/commands/plugins.js +104 -0
  760. package/dist/commands/policy-audit.d.ts +52 -0
  761. package/dist/commands/policy-audit.js +160 -0
  762. package/dist/commands/pr-quality-gate.d.ts +28 -0
  763. package/dist/commands/pr-quality-gate.js +207 -0
  764. package/dist/commands/pr-summary.d.ts +25 -0
  765. package/dist/commands/pr-summary.js +187 -0
  766. package/dist/commands/predict.d.ts +7 -0
  767. package/dist/commands/predict.js +218 -0
  768. package/dist/commands/privilege-path.d.ts +4 -0
  769. package/dist/commands/privilege-path.js +233 -0
  770. package/dist/commands/profile.d.ts +37 -0
  771. package/dist/commands/profile.js +101 -0
  772. package/dist/commands/prompt-replay.d.ts +7 -0
  773. package/dist/commands/prompt-replay.js +176 -0
  774. package/dist/commands/quality-gate.d.ts +69 -0
  775. package/dist/commands/quality-gate.js +252 -0
  776. package/dist/commands/query.d.ts +19 -0
  777. package/dist/commands/query.js +229 -0
  778. package/dist/commands/quick-check.d.ts +4 -0
  779. package/dist/commands/quick-check.js +173 -0
  780. package/dist/commands/recommend.d.ts +20 -0
  781. package/dist/commands/recommend.js +282 -0
  782. package/dist/commands/refactor-safety.d.ts +8 -0
  783. package/dist/commands/refactor-safety.js +273 -0
  784. package/dist/commands/reg-watch.d.ts +20 -0
  785. package/dist/commands/reg-watch.js +219 -0
  786. package/dist/commands/regression-alert.d.ts +31 -0
  787. package/dist/commands/regression-alert.js +215 -0
  788. package/dist/commands/remediation-lib.d.ts +8 -0
  789. package/dist/commands/remediation-lib.js +265 -0
  790. package/dist/commands/remediation.d.ts +20 -0
  791. package/dist/commands/remediation.js +256 -0
  792. package/dist/commands/report-template.d.ts +16 -0
  793. package/dist/commands/report-template.js +290 -0
  794. package/dist/commands/report.d.ts +12 -0
  795. package/dist/commands/report.js +139 -0
  796. package/dist/commands/resource-cleanup.d.ts +6 -0
  797. package/dist/commands/resource-cleanup.js +235 -0
  798. package/dist/commands/retro.d.ts +22 -0
  799. package/dist/commands/retro.js +211 -0
  800. package/dist/commands/retry-pattern-audit.d.ts +5 -0
  801. package/dist/commands/retry-pattern-audit.js +215 -0
  802. package/dist/commands/review-ab-test.d.ts +4 -0
  803. package/dist/commands/review-ab-test.js +224 -0
  804. package/dist/commands/review-access-log.d.ts +4 -0
  805. package/dist/commands/review-access-log.js +65 -0
  806. package/dist/commands/review-action-item-gen.d.ts +1 -0
  807. package/dist/commands/review-action-item-gen.js +72 -0
  808. package/dist/commands/review-adoption-metrics.d.ts +4 -0
  809. package/dist/commands/review-adoption-metrics.js +95 -0
  810. package/dist/commands/review-adoption-score.d.ts +1 -0
  811. package/dist/commands/review-adoption-score.js +181 -0
  812. package/dist/commands/review-ai-feedback-loop.d.ts +1 -0
  813. package/dist/commands/review-ai-feedback-loop.js +116 -0
  814. package/dist/commands/review-annotate.d.ts +4 -0
  815. package/dist/commands/review-annotate.js +122 -0
  816. package/dist/commands/review-annotation-export.d.ts +4 -0
  817. package/dist/commands/review-annotation-export.js +105 -0
  818. package/dist/commands/review-annotation.d.ts +4 -0
  819. package/dist/commands/review-annotation.js +133 -0
  820. package/dist/commands/review-api-export.d.ts +4 -0
  821. package/dist/commands/review-api-export.js +98 -0
  822. package/dist/commands/review-approval-criteria.d.ts +1 -0
  823. package/dist/commands/review-approval-criteria.js +99 -0
  824. package/dist/commands/review-approval-gate.d.ts +7 -0
  825. package/dist/commands/review-approval-gate.js +190 -0
  826. package/dist/commands/review-approval.d.ts +4 -0
  827. package/dist/commands/review-approval.js +133 -0
  828. package/dist/commands/review-archive-search.d.ts +4 -0
  829. package/dist/commands/review-archive-search.js +70 -0
  830. package/dist/commands/review-archive.d.ts +4 -0
  831. package/dist/commands/review-archive.js +135 -0
  832. package/dist/commands/review-audit-export.d.ts +4 -0
  833. package/dist/commands/review-audit-export.js +93 -0
  834. package/dist/commands/review-audit-log.d.ts +4 -0
  835. package/dist/commands/review-audit-log.js +140 -0
  836. package/dist/commands/review-audit-trail.d.ts +4 -0
  837. package/dist/commands/review-audit-trail.js +96 -0
  838. package/dist/commands/review-auto-merge.d.ts +4 -0
  839. package/dist/commands/review-auto-merge.js +175 -0
  840. package/dist/commands/review-badge.d.ts +4 -0
  841. package/dist/commands/review-badge.js +152 -0
  842. package/dist/commands/review-batch-files.d.ts +4 -0
  843. package/dist/commands/review-batch-files.js +82 -0
  844. package/dist/commands/review-batch-mode.d.ts +4 -0
  845. package/dist/commands/review-batch-mode.js +97 -0
  846. package/dist/commands/review-batch-run.d.ts +4 -0
  847. package/dist/commands/review-batch-run.js +149 -0
  848. package/dist/commands/review-benchmark-self.d.ts +4 -0
  849. package/dist/commands/review-benchmark-self.js +140 -0
  850. package/dist/commands/review-blame-map.d.ts +4 -0
  851. package/dist/commands/review-blame-map.js +100 -0
  852. package/dist/commands/review-branch-compare.d.ts +4 -0
  853. package/dist/commands/review-branch-compare.js +108 -0
  854. package/dist/commands/review-branch-policy.d.ts +4 -0
  855. package/dist/commands/review-branch-policy.js +102 -0
  856. package/dist/commands/review-bulk-action.d.ts +4 -0
  857. package/dist/commands/review-bulk-action.js +109 -0
  858. package/dist/commands/review-bulk-apply.d.ts +4 -0
  859. package/dist/commands/review-bulk-apply.js +102 -0
  860. package/dist/commands/review-cache-clear.d.ts +4 -0
  861. package/dist/commands/review-cache-clear.js +160 -0
  862. package/dist/commands/review-cache-warm.d.ts +4 -0
  863. package/dist/commands/review-cache-warm.js +70 -0
  864. package/dist/commands/review-cache.d.ts +22 -0
  865. package/dist/commands/review-cache.js +134 -0
  866. package/dist/commands/review-changelog-entry.d.ts +7 -0
  867. package/dist/commands/review-changelog-entry.js +109 -0
  868. package/dist/commands/review-changelog-gen.d.ts +4 -0
  869. package/dist/commands/review-changelog-gen.js +117 -0
  870. package/dist/commands/review-changelog-impact.d.ts +1 -0
  871. package/dist/commands/review-changelog-impact.js +89 -0
  872. package/dist/commands/review-checklist.d.ts +4 -0
  873. package/dist/commands/review-checklist.js +144 -0
  874. package/dist/commands/review-checkpoint.d.ts +4 -0
  875. package/dist/commands/review-checkpoint.js +163 -0
  876. package/dist/commands/review-ci-gate.d.ts +4 -0
  877. package/dist/commands/review-ci-gate.js +114 -0
  878. package/dist/commands/review-ci-insight.d.ts +1 -0
  879. package/dist/commands/review-ci-insight.js +100 -0
  880. package/dist/commands/review-ci-integration.d.ts +4 -0
  881. package/dist/commands/review-ci-integration.js +125 -0
  882. package/dist/commands/review-ci-status.d.ts +4 -0
  883. package/dist/commands/review-ci-status.js +200 -0
  884. package/dist/commands/review-cicd-integrate.d.ts +4 -0
  885. package/dist/commands/review-cicd-integrate.js +122 -0
  886. package/dist/commands/review-code-health-score.d.ts +1 -0
  887. package/dist/commands/review-code-health-score.js +100 -0
  888. package/dist/commands/review-code-owner.d.ts +7 -0
  889. package/dist/commands/review-code-owner.js +164 -0
  890. package/dist/commands/review-code-ownership.d.ts +1 -0
  891. package/dist/commands/review-code-ownership.js +88 -0
  892. package/dist/commands/review-comment.d.ts +4 -0
  893. package/dist/commands/review-comment.js +165 -0
  894. package/dist/commands/review-commit-hook.d.ts +7 -0
  895. package/dist/commands/review-commit-hook.js +134 -0
  896. package/dist/commands/review-commit-quality.d.ts +1 -0
  897. package/dist/commands/review-commit-quality.js +94 -0
  898. package/dist/commands/review-comparative.d.ts +4 -0
  899. package/dist/commands/review-comparative.js +149 -0
  900. package/dist/commands/review-compare-version.d.ts +4 -0
  901. package/dist/commands/review-compare-version.js +108 -0
  902. package/dist/commands/review-compare.d.ts +4 -0
  903. package/dist/commands/review-compare.js +200 -0
  904. package/dist/commands/review-compliance-check.d.ts +4 -0
  905. package/dist/commands/review-compliance-check.js +202 -0
  906. package/dist/commands/review-compliance-gate.d.ts +4 -0
  907. package/dist/commands/review-compliance-gate.js +151 -0
  908. package/dist/commands/review-compliance-map.d.ts +4 -0
  909. package/dist/commands/review-compliance-map.js +110 -0
  910. package/dist/commands/review-compliance-report.d.ts +4 -0
  911. package/dist/commands/review-compliance-report.js +127 -0
  912. package/dist/commands/review-confidence-explain.d.ts +1 -0
  913. package/dist/commands/review-confidence-explain.js +99 -0
  914. package/dist/commands/review-config-diff.d.ts +4 -0
  915. package/dist/commands/review-config-diff.js +108 -0
  916. package/dist/commands/review-config-export.d.ts +4 -0
  917. package/dist/commands/review-config-export.js +124 -0
  918. package/dist/commands/review-config-health.d.ts +1 -0
  919. package/dist/commands/review-config-health.js +172 -0
  920. package/dist/commands/review-config-migrate.d.ts +4 -0
  921. package/dist/commands/review-config-migrate.js +123 -0
  922. package/dist/commands/review-config-template.d.ts +4 -0
  923. package/dist/commands/review-config-template.js +112 -0
  924. package/dist/commands/review-config-validate.d.ts +4 -0
  925. package/dist/commands/review-config-validate.js +110 -0
  926. package/dist/commands/review-contract.d.ts +4 -0
  927. package/dist/commands/review-contract.js +199 -0
  928. package/dist/commands/review-coverage-gap.d.ts +4 -0
  929. package/dist/commands/review-coverage-gap.js +120 -0
  930. package/dist/commands/review-coverage-map.d.ts +4 -0
  931. package/dist/commands/review-coverage-map.js +194 -0
  932. package/dist/commands/review-custom-judge-config.d.ts +4 -0
  933. package/dist/commands/review-custom-judge-config.js +103 -0
  934. package/dist/commands/review-custom-judge.d.ts +4 -0
  935. package/dist/commands/review-custom-judge.js +182 -0
  936. package/dist/commands/review-custom-prompt.d.ts +4 -0
  937. package/dist/commands/review-custom-prompt.js +170 -0
  938. package/dist/commands/review-custom-rule.d.ts +4 -0
  939. package/dist/commands/review-custom-rule.js +169 -0
  940. package/dist/commands/review-dashboard-data.d.ts +4 -0
  941. package/dist/commands/review-dashboard-data.js +142 -0
  942. package/dist/commands/review-dashboard.d.ts +4 -0
  943. package/dist/commands/review-dashboard.js +140 -0
  944. package/dist/commands/review-data-retention.d.ts +4 -0
  945. package/dist/commands/review-data-retention.js +119 -0
  946. package/dist/commands/review-dependency-graph.d.ts +4 -0
  947. package/dist/commands/review-dependency-graph.js +94 -0
  948. package/dist/commands/review-dependency-review.d.ts +1 -0
  949. package/dist/commands/review-dependency-review.js +104 -0
  950. package/dist/commands/review-deployment-gate.d.ts +4 -0
  951. package/dist/commands/review-deployment-gate.js +94 -0
  952. package/dist/commands/review-depth.d.ts +4 -0
  953. package/dist/commands/review-depth.js +142 -0
  954. package/dist/commands/review-diff-annotate.d.ts +4 -0
  955. package/dist/commands/review-diff-annotate.js +104 -0
  956. package/dist/commands/review-diff-context.d.ts +4 -0
  957. package/dist/commands/review-diff-context.js +158 -0
  958. package/dist/commands/review-diff-highlight.d.ts +4 -0
  959. package/dist/commands/review-diff-highlight.js +179 -0
  960. package/dist/commands/review-diff-stats.d.ts +4 -0
  961. package/dist/commands/review-diff-stats.js +90 -0
  962. package/dist/commands/review-diff-summary.d.ts +4 -0
  963. package/dist/commands/review-diff-summary.js +154 -0
  964. package/dist/commands/review-digest-gen.d.ts +1 -0
  965. package/dist/commands/review-digest-gen.js +100 -0
  966. package/dist/commands/review-digest.d.ts +4 -0
  967. package/dist/commands/review-digest.js +265 -0
  968. package/dist/commands/review-dry-run.d.ts +4 -0
  969. package/dist/commands/review-dry-run.js +120 -0
  970. package/dist/commands/review-engagement-score.d.ts +1 -0
  971. package/dist/commands/review-engagement-score.js +111 -0
  972. package/dist/commands/review-env-check.d.ts +4 -0
  973. package/dist/commands/review-env-check.js +115 -0
  974. package/dist/commands/review-environment-config.d.ts +4 -0
  975. package/dist/commands/review-environment-config.js +102 -0
  976. package/dist/commands/review-escalation-path.d.ts +1 -0
  977. package/dist/commands/review-escalation-path.js +86 -0
  978. package/dist/commands/review-exclude-vendor.d.ts +4 -0
  979. package/dist/commands/review-exclude-vendor.js +158 -0
  980. package/dist/commands/review-explain.d.ts +5 -0
  981. package/dist/commands/review-explain.js +194 -0
  982. package/dist/commands/review-export-pdf.d.ts +7 -0
  983. package/dist/commands/review-export-pdf.js +131 -0
  984. package/dist/commands/review-export.d.ts +4 -0
  985. package/dist/commands/review-export.js +179 -0
  986. package/dist/commands/review-feedback-loop.d.ts +4 -0
  987. package/dist/commands/review-feedback-loop.js +113 -0
  988. package/dist/commands/review-feedback-summary.d.ts +1 -0
  989. package/dist/commands/review-feedback-summary.js +130 -0
  990. package/dist/commands/review-feedback.d.ts +4 -0
  991. package/dist/commands/review-feedback.js +145 -0
  992. package/dist/commands/review-file-complexity.d.ts +4 -0
  993. package/dist/commands/review-file-complexity.js +137 -0
  994. package/dist/commands/review-file-filter.d.ts +4 -0
  995. package/dist/commands/review-file-filter.js +121 -0
  996. package/dist/commands/review-file-stats.d.ts +4 -0
  997. package/dist/commands/review-file-stats.js +130 -0
  998. package/dist/commands/review-filter.d.ts +4 -0
  999. package/dist/commands/review-filter.js +161 -0
  1000. package/dist/commands/review-finding-link.d.ts +7 -0
  1001. package/dist/commands/review-finding-link.js +115 -0
  1002. package/dist/commands/review-focus-area.d.ts +1 -0
  1003. package/dist/commands/review-focus-area.js +96 -0
  1004. package/dist/commands/review-focus.d.ts +4 -0
  1005. package/dist/commands/review-focus.js +196 -0
  1006. package/dist/commands/review-gate-config.d.ts +4 -0
  1007. package/dist/commands/review-gate-config.js +153 -0
  1008. package/dist/commands/review-gate.d.ts +4 -0
  1009. package/dist/commands/review-gate.js +212 -0
  1010. package/dist/commands/review-goal-track.d.ts +1 -0
  1011. package/dist/commands/review-goal-track.js +123 -0
  1012. package/dist/commands/review-guardrail.d.ts +4 -0
  1013. package/dist/commands/review-guardrail.js +155 -0
  1014. package/dist/commands/review-handoff.d.ts +4 -0
  1015. package/dist/commands/review-handoff.js +208 -0
  1016. package/dist/commands/review-health-check.d.ts +4 -0
  1017. package/dist/commands/review-health-check.js +148 -0
  1018. package/dist/commands/review-health-trend.d.ts +1 -0
  1019. package/dist/commands/review-health-trend.js +107 -0
  1020. package/dist/commands/review-history-compare.d.ts +4 -0
  1021. package/dist/commands/review-history-compare.js +93 -0
  1022. package/dist/commands/review-history-search.d.ts +4 -0
  1023. package/dist/commands/review-history-search.js +214 -0
  1024. package/dist/commands/review-ide-sync.d.ts +4 -0
  1025. package/dist/commands/review-ide-sync.js +91 -0
  1026. package/dist/commands/review-ignore-path.d.ts +4 -0
  1027. package/dist/commands/review-ignore-path.js +147 -0
  1028. package/dist/commands/review-ignore-pattern.d.ts +5 -0
  1029. package/dist/commands/review-ignore-pattern.js +138 -0
  1030. package/dist/commands/review-incident-link.d.ts +4 -0
  1031. package/dist/commands/review-incident-link.js +93 -0
  1032. package/dist/commands/review-incremental.d.ts +4 -0
  1033. package/dist/commands/review-incremental.js +128 -0
  1034. package/dist/commands/review-integration-health.d.ts +4 -0
  1035. package/dist/commands/review-integration-health.js +84 -0
  1036. package/dist/commands/review-integration-test.d.ts +4 -0
  1037. package/dist/commands/review-integration-test.js +145 -0
  1038. package/dist/commands/review-integration.d.ts +4 -0
  1039. package/dist/commands/review-integration.js +236 -0
  1040. package/dist/commands/review-interactive.d.ts +4 -0
  1041. package/dist/commands/review-interactive.js +85 -0
  1042. package/dist/commands/review-knowledge-capture.d.ts +1 -0
  1043. package/dist/commands/review-knowledge-capture.js +94 -0
  1044. package/dist/commands/review-language-profile.d.ts +4 -0
  1045. package/dist/commands/review-language-profile.js +72 -0
  1046. package/dist/commands/review-language-stats.d.ts +4 -0
  1047. package/dist/commands/review-language-stats.js +152 -0
  1048. package/dist/commands/review-lock-file.d.ts +4 -0
  1049. package/dist/commands/review-lock-file.js +153 -0
  1050. package/dist/commands/review-lock.d.ts +4 -0
  1051. package/dist/commands/review-lock.js +107 -0
  1052. package/dist/commands/review-log.d.ts +22 -0
  1053. package/dist/commands/review-log.js +164 -0
  1054. package/dist/commands/review-mentor-suggest.d.ts +1 -0
  1055. package/dist/commands/review-mentor-suggest.js +112 -0
  1056. package/dist/commands/review-merge-check.d.ts +4 -0
  1057. package/dist/commands/review-merge-check.js +101 -0
  1058. package/dist/commands/review-merge-config.d.ts +4 -0
  1059. package/dist/commands/review-merge-config.js +119 -0
  1060. package/dist/commands/review-merge-readiness.d.ts +1 -0
  1061. package/dist/commands/review-merge-readiness.js +90 -0
  1062. package/dist/commands/review-merge-request.d.ts +4 -0
  1063. package/dist/commands/review-merge-request.js +95 -0
  1064. package/dist/commands/review-merge.d.ts +4 -0
  1065. package/dist/commands/review-merge.js +145 -0
  1066. package/dist/commands/review-metric-export.d.ts +4 -0
  1067. package/dist/commands/review-metric-export.js +62 -0
  1068. package/dist/commands/review-milestone.d.ts +4 -0
  1069. package/dist/commands/review-milestone.js +136 -0
  1070. package/dist/commands/review-multi-repo-sync.d.ts +4 -0
  1071. package/dist/commands/review-multi-repo-sync.js +115 -0
  1072. package/dist/commands/review-multi-repo.d.ts +4 -0
  1073. package/dist/commands/review-multi-repo.js +145 -0
  1074. package/dist/commands/review-note.d.ts +4 -0
  1075. package/dist/commands/review-note.js +104 -0
  1076. package/dist/commands/review-notification-config.d.ts +4 -0
  1077. package/dist/commands/review-notification-config.js +122 -0
  1078. package/dist/commands/review-notification-digest.d.ts +4 -0
  1079. package/dist/commands/review-notification-digest.js +64 -0
  1080. package/dist/commands/review-notification.d.ts +4 -0
  1081. package/dist/commands/review-notification.js +126 -0
  1082. package/dist/commands/review-notify.d.ts +4 -0
  1083. package/dist/commands/review-notify.js +143 -0
  1084. package/dist/commands/review-offline.d.ts +4 -0
  1085. package/dist/commands/review-offline.js +125 -0
  1086. package/dist/commands/review-onboard-checklist.d.ts +4 -0
  1087. package/dist/commands/review-onboard-checklist.js +119 -0
  1088. package/dist/commands/review-onboard-wizard.d.ts +4 -0
  1089. package/dist/commands/review-onboard-wizard.js +92 -0
  1090. package/dist/commands/review-onboard.d.ts +4 -0
  1091. package/dist/commands/review-onboard.js +154 -0
  1092. package/dist/commands/review-onboarding-check.d.ts +1 -0
  1093. package/dist/commands/review-onboarding-check.js +93 -0
  1094. package/dist/commands/review-org-dashboard.d.ts +4 -0
  1095. package/dist/commands/review-org-dashboard.js +68 -0
  1096. package/dist/commands/review-output-filter.d.ts +4 -0
  1097. package/dist/commands/review-output-filter.js +112 -0
  1098. package/dist/commands/review-output-format.d.ts +4 -0
  1099. package/dist/commands/review-output-format.js +144 -0
  1100. package/dist/commands/review-output-transform.d.ts +4 -0
  1101. package/dist/commands/review-output-transform.js +119 -0
  1102. package/dist/commands/review-owner.d.ts +4 -0
  1103. package/dist/commands/review-owner.js +129 -0
  1104. package/dist/commands/review-parallel-diff.d.ts +4 -0
  1105. package/dist/commands/review-parallel-diff.js +146 -0
  1106. package/dist/commands/review-parallel-files.d.ts +7 -0
  1107. package/dist/commands/review-parallel-files.js +134 -0
  1108. package/dist/commands/review-parallel-run.d.ts +4 -0
  1109. package/dist/commands/review-parallel-run.js +116 -0
  1110. package/dist/commands/review-parallel.d.ts +4 -0
  1111. package/dist/commands/review-parallel.js +164 -0
  1112. package/dist/commands/review-perf-profile.d.ts +4 -0
  1113. package/dist/commands/review-perf-profile.js +98 -0
  1114. package/dist/commands/review-permission-model.d.ts +4 -0
  1115. package/dist/commands/review-permission-model.js +149 -0
  1116. package/dist/commands/review-pipeline-status.d.ts +4 -0
  1117. package/dist/commands/review-pipeline-status.js +54 -0
  1118. package/dist/commands/review-plugin-config.d.ts +4 -0
  1119. package/dist/commands/review-plugin-config.js +167 -0
  1120. package/dist/commands/review-plugin-list.d.ts +4 -0
  1121. package/dist/commands/review-plugin-list.js +99 -0
  1122. package/dist/commands/review-plugin-manage.d.ts +4 -0
  1123. package/dist/commands/review-plugin-manage.js +137 -0
  1124. package/dist/commands/review-plugin-status.d.ts +4 -0
  1125. package/dist/commands/review-plugin-status.js +53 -0
  1126. package/dist/commands/review-policy-enforce.d.ts +1 -0
  1127. package/dist/commands/review-policy-enforce.js +92 -0
  1128. package/dist/commands/review-policy-engine.d.ts +4 -0
  1129. package/dist/commands/review-policy-engine.js +135 -0
  1130. package/dist/commands/review-pr-comment-gen.d.ts +4 -0
  1131. package/dist/commands/review-pr-comment-gen.js +62 -0
  1132. package/dist/commands/review-pr-comment.d.ts +4 -0
  1133. package/dist/commands/review-pr-comment.js +106 -0
  1134. package/dist/commands/review-pr-label-suggest.d.ts +1 -0
  1135. package/dist/commands/review-pr-label-suggest.js +77 -0
  1136. package/dist/commands/review-pr-size-check.d.ts +1 -0
  1137. package/dist/commands/review-pr-size-check.js +98 -0
  1138. package/dist/commands/review-pr-template.d.ts +4 -0
  1139. package/dist/commands/review-pr-template.js +104 -0
  1140. package/dist/commands/review-preset-save.d.ts +4 -0
  1141. package/dist/commands/review-preset-save.js +159 -0
  1142. package/dist/commands/review-priority.d.ts +4 -0
  1143. package/dist/commands/review-priority.js +157 -0
  1144. package/dist/commands/review-profile.d.ts +4 -0
  1145. package/dist/commands/review-profile.js +168 -0
  1146. package/dist/commands/review-progress-bar.d.ts +4 -0
  1147. package/dist/commands/review-progress-bar.js +157 -0
  1148. package/dist/commands/review-progress-report.d.ts +1 -0
  1149. package/dist/commands/review-progress-report.js +95 -0
  1150. package/dist/commands/review-progress-track.d.ts +4 -0
  1151. package/dist/commands/review-progress-track.js +94 -0
  1152. package/dist/commands/review-quality-baseline.d.ts +1 -0
  1153. package/dist/commands/review-quality-baseline.js +134 -0
  1154. package/dist/commands/review-quality-gate.d.ts +1 -0
  1155. package/dist/commands/review-quality-gate.js +86 -0
  1156. package/dist/commands/review-quality-score.d.ts +4 -0
  1157. package/dist/commands/review-quality-score.js +127 -0
  1158. package/dist/commands/review-quality-trend.d.ts +4 -0
  1159. package/dist/commands/review-quality-trend.js +57 -0
  1160. package/dist/commands/review-queue.d.ts +33 -0
  1161. package/dist/commands/review-queue.js +225 -0
  1162. package/dist/commands/review-quickstart.d.ts +4 -0
  1163. package/dist/commands/review-quickstart.js +107 -0
  1164. package/dist/commands/review-quota-check.d.ts +4 -0
  1165. package/dist/commands/review-quota-check.js +97 -0
  1166. package/dist/commands/review-quota.d.ts +4 -0
  1167. package/dist/commands/review-quota.js +126 -0
  1168. package/dist/commands/review-rate-limit.d.ts +4 -0
  1169. package/dist/commands/review-rate-limit.js +130 -0
  1170. package/dist/commands/review-readiness-check.d.ts +1 -0
  1171. package/dist/commands/review-readiness-check.js +98 -0
  1172. package/dist/commands/review-receipt.d.ts +4 -0
  1173. package/dist/commands/review-receipt.js +220 -0
  1174. package/dist/commands/review-release-gate.d.ts +1 -0
  1175. package/dist/commands/review-release-gate.js +81 -0
  1176. package/dist/commands/review-replay.d.ts +8 -0
  1177. package/dist/commands/review-replay.js +264 -0
  1178. package/dist/commands/review-repo-onboard.d.ts +4 -0
  1179. package/dist/commands/review-repo-onboard.js +114 -0
  1180. package/dist/commands/review-report-archive.d.ts +4 -0
  1181. package/dist/commands/review-report-archive.js +100 -0
  1182. package/dist/commands/review-report-merge.d.ts +4 -0
  1183. package/dist/commands/review-report-merge.js +90 -0
  1184. package/dist/commands/review-report-pdf.d.ts +4 -0
  1185. package/dist/commands/review-report-pdf.js +163 -0
  1186. package/dist/commands/review-report-schedule.d.ts +4 -0
  1187. package/dist/commands/review-report-schedule.js +96 -0
  1188. package/dist/commands/review-retrospective.d.ts +1 -0
  1189. package/dist/commands/review-retrospective.js +118 -0
  1190. package/dist/commands/review-retry.d.ts +4 -0
  1191. package/dist/commands/review-retry.js +91 -0
  1192. package/dist/commands/review-review-cadence.d.ts +1 -0
  1193. package/dist/commands/review-review-cadence.js +85 -0
  1194. package/dist/commands/review-review-comments.d.ts +4 -0
  1195. package/dist/commands/review-review-comments.js +84 -0
  1196. package/dist/commands/review-reviewer-match.d.ts +1 -0
  1197. package/dist/commands/review-reviewer-match.js +108 -0
  1198. package/dist/commands/review-risk-matrix.d.ts +1 -0
  1199. package/dist/commands/review-risk-matrix.js +96 -0
  1200. package/dist/commands/review-risk-score.d.ts +4 -0
  1201. package/dist/commands/review-risk-score.js +156 -0
  1202. package/dist/commands/review-role-assignment.d.ts +4 -0
  1203. package/dist/commands/review-role-assignment.js +98 -0
  1204. package/dist/commands/review-rollback.d.ts +4 -0
  1205. package/dist/commands/review-rollback.js +171 -0
  1206. package/dist/commands/review-rollout-plan.d.ts +4 -0
  1207. package/dist/commands/review-rollout-plan.js +123 -0
  1208. package/dist/commands/review-rule-filter.d.ts +4 -0
  1209. package/dist/commands/review-rule-filter.js +116 -0
  1210. package/dist/commands/review-rule-stats.d.ts +4 -0
  1211. package/dist/commands/review-rule-stats.js +161 -0
  1212. package/dist/commands/review-sandbox.d.ts +4 -0
  1213. package/dist/commands/review-sandbox.js +191 -0
  1214. package/dist/commands/review-schedule.d.ts +4 -0
  1215. package/dist/commands/review-schedule.js +169 -0
  1216. package/dist/commands/review-scope-limit.d.ts +4 -0
  1217. package/dist/commands/review-scope-limit.js +100 -0
  1218. package/dist/commands/review-scope-lock.d.ts +7 -0
  1219. package/dist/commands/review-scope-lock.js +138 -0
  1220. package/dist/commands/review-scope-select.d.ts +4 -0
  1221. package/dist/commands/review-scope-select.js +98 -0
  1222. package/dist/commands/review-scope-suggest.d.ts +1 -0
  1223. package/dist/commands/review-scope-suggest.js +112 -0
  1224. package/dist/commands/review-scope.d.ts +4 -0
  1225. package/dist/commands/review-scope.js +197 -0
  1226. package/dist/commands/review-score-history.d.ts +4 -0
  1227. package/dist/commands/review-score-history.js +137 -0
  1228. package/dist/commands/review-security-posture.d.ts +1 -0
  1229. package/dist/commands/review-security-posture.js +105 -0
  1230. package/dist/commands/review-session-replay.d.ts +4 -0
  1231. package/dist/commands/review-session-replay.js +81 -0
  1232. package/dist/commands/review-session-save.d.ts +4 -0
  1233. package/dist/commands/review-session-save.js +173 -0
  1234. package/dist/commands/review-session.d.ts +4 -0
  1235. package/dist/commands/review-session.js +150 -0
  1236. package/dist/commands/review-skip-list.d.ts +4 -0
  1237. package/dist/commands/review-skip-list.js +135 -0
  1238. package/dist/commands/review-skip-rule.d.ts +4 -0
  1239. package/dist/commands/review-skip-rule.js +105 -0
  1240. package/dist/commands/review-sla-config.d.ts +4 -0
  1241. package/dist/commands/review-sla-config.js +88 -0
  1242. package/dist/commands/review-slack-format.d.ts +4 -0
  1243. package/dist/commands/review-slack-format.js +113 -0
  1244. package/dist/commands/review-snapshot-diff.d.ts +4 -0
  1245. package/dist/commands/review-snapshot-diff.js +100 -0
  1246. package/dist/commands/review-sprint-plan.d.ts +1 -0
  1247. package/dist/commands/review-sprint-plan.js +79 -0
  1248. package/dist/commands/review-stakeholder-notify.d.ts +1 -0
  1249. package/dist/commands/review-stakeholder-notify.js +134 -0
  1250. package/dist/commands/review-stakeholder-report.d.ts +4 -0
  1251. package/dist/commands/review-stakeholder-report.js +75 -0
  1252. package/dist/commands/review-stale-finding-clean.d.ts +1 -0
  1253. package/dist/commands/review-stale-finding-clean.js +81 -0
  1254. package/dist/commands/review-standup.d.ts +4 -0
  1255. package/dist/commands/review-standup.js +95 -0
  1256. package/dist/commands/review-stats.d.ts +4 -0
  1257. package/dist/commands/review-stats.js +175 -0
  1258. package/dist/commands/review-status-badge.d.ts +4 -0
  1259. package/dist/commands/review-status-badge.js +120 -0
  1260. package/dist/commands/review-streak.d.ts +4 -0
  1261. package/dist/commands/review-streak.js +150 -0
  1262. package/dist/commands/review-summary-dashboard.d.ts +4 -0
  1263. package/dist/commands/review-summary-dashboard.js +96 -0
  1264. package/dist/commands/review-summary-email.d.ts +4 -0
  1265. package/dist/commands/review-summary-email.js +102 -0
  1266. package/dist/commands/review-summary.d.ts +4 -0
  1267. package/dist/commands/review-summary.js +174 -0
  1268. package/dist/commands/review-tag-manager.d.ts +4 -0
  1269. package/dist/commands/review-tag-manager.js +128 -0
  1270. package/dist/commands/review-tag.d.ts +4 -0
  1271. package/dist/commands/review-tag.js +136 -0
  1272. package/dist/commands/review-team-analytics.d.ts +1 -0
  1273. package/dist/commands/review-team-analytics.js +94 -0
  1274. package/dist/commands/review-team-assign.d.ts +7 -0
  1275. package/dist/commands/review-team-assign.js +211 -0
  1276. package/dist/commands/review-team-coverage.d.ts +1 -0
  1277. package/dist/commands/review-team-coverage.js +95 -0
  1278. package/dist/commands/review-team-dashboard.d.ts +4 -0
  1279. package/dist/commands/review-team-dashboard.js +98 -0
  1280. package/dist/commands/review-team-rotation.d.ts +1 -0
  1281. package/dist/commands/review-team-rotation.js +99 -0
  1282. package/dist/commands/review-team-skill-map.d.ts +1 -0
  1283. package/dist/commands/review-team-skill-map.js +102 -0
  1284. package/dist/commands/review-team-stats.d.ts +4 -0
  1285. package/dist/commands/review-team-stats.js +97 -0
  1286. package/dist/commands/review-team-summary.d.ts +4 -0
  1287. package/dist/commands/review-team-summary.js +155 -0
  1288. package/dist/commands/review-team-velocity.d.ts +1 -0
  1289. package/dist/commands/review-team-velocity.js +103 -0
  1290. package/dist/commands/review-template-export.d.ts +4 -0
  1291. package/dist/commands/review-template-export.js +146 -0
  1292. package/dist/commands/review-template-library.d.ts +4 -0
  1293. package/dist/commands/review-template-library.js +155 -0
  1294. package/dist/commands/review-template-suggest.d.ts +1 -0
  1295. package/dist/commands/review-template-suggest.js +119 -0
  1296. package/dist/commands/review-template.d.ts +4 -0
  1297. package/dist/commands/review-template.js +212 -0
  1298. package/dist/commands/review-tenant-config.d.ts +4 -0
  1299. package/dist/commands/review-tenant-config.js +116 -0
  1300. package/dist/commands/review-threshold-tune.d.ts +4 -0
  1301. package/dist/commands/review-threshold-tune.js +135 -0
  1302. package/dist/commands/review-timeline.d.ts +4 -0
  1303. package/dist/commands/review-timeline.js +76 -0
  1304. package/dist/commands/review-token-budget.d.ts +4 -0
  1305. package/dist/commands/review-token-budget.js +117 -0
  1306. package/dist/commands/review-velocity-track.d.ts +1 -0
  1307. package/dist/commands/review-velocity-track.js +94 -0
  1308. package/dist/commands/review-watch-mode.d.ts +7 -0
  1309. package/dist/commands/review-watch-mode.js +132 -0
  1310. package/dist/commands/review-webhook-dispatch.d.ts +4 -0
  1311. package/dist/commands/review-webhook-dispatch.js +99 -0
  1312. package/dist/commands/review-webhook-notify.d.ts +4 -0
  1313. package/dist/commands/review-webhook-notify.js +145 -0
  1314. package/dist/commands/review-webhook.d.ts +4 -0
  1315. package/dist/commands/review-webhook.js +140 -0
  1316. package/dist/commands/review-whitelist.d.ts +4 -0
  1317. package/dist/commands/review-whitelist.js +150 -0
  1318. package/dist/commands/review-workflow-suggest.d.ts +1 -0
  1319. package/dist/commands/review-workflow-suggest.js +129 -0
  1320. package/dist/commands/review-workload-balance.d.ts +1 -0
  1321. package/dist/commands/review-workload-balance.js +86 -0
  1322. package/dist/commands/review-workspace-init.d.ts +4 -0
  1323. package/dist/commands/review-workspace-init.js +104 -0
  1324. package/dist/commands/review-workspace-scan.d.ts +4 -0
  1325. package/dist/commands/review-workspace-scan.js +144 -0
  1326. package/dist/commands/review.d.ts +155 -0
  1327. package/dist/commands/review.js +1114 -0
  1328. package/dist/commands/risk-heatmap.d.ts +7 -0
  1329. package/dist/commands/risk-heatmap.js +223 -0
  1330. package/dist/commands/rollback-safety.d.ts +4 -0
  1331. package/dist/commands/rollback-safety.js +191 -0
  1332. package/dist/commands/rule-catalog.d.ts +4 -0
  1333. package/dist/commands/rule-catalog.js +128 -0
  1334. package/dist/commands/rule-metrics.d.ts +43 -0
  1335. package/dist/commands/rule-metrics.js +113 -0
  1336. package/dist/commands/rule-owner.d.ts +30 -0
  1337. package/dist/commands/rule-owner.js +181 -0
  1338. package/dist/commands/rule-share.d.ts +34 -0
  1339. package/dist/commands/rule-share.js +202 -0
  1340. package/dist/commands/rule-test.d.ts +4 -0
  1341. package/dist/commands/rule-test.js +201 -0
  1342. package/dist/commands/rule.d.ts +114 -0
  1343. package/dist/commands/rule.js +295 -0
  1344. package/dist/commands/sbom-export.d.ts +7 -0
  1345. package/dist/commands/sbom-export.js +161 -0
  1346. package/dist/commands/scaffold-plugin.d.ts +15 -0
  1347. package/dist/commands/scaffold-plugin.js +270 -0
  1348. package/dist/commands/secret-age.d.ts +5 -0
  1349. package/dist/commands/secret-age.js +214 -0
  1350. package/dist/commands/secret-scan.d.ts +7 -0
  1351. package/dist/commands/secret-scan.js +244 -0
  1352. package/dist/commands/security-maturity.d.ts +7 -0
  1353. package/dist/commands/security-maturity.js +312 -0
  1354. package/dist/commands/security-theater.d.ts +4 -0
  1355. package/dist/commands/security-theater.js +278 -0
  1356. package/dist/commands/setup-wizard.d.ts +4 -0
  1357. package/dist/commands/setup-wizard.js +174 -0
  1358. package/dist/commands/severity-tune.d.ts +4 -0
  1359. package/dist/commands/severity-tune.js +208 -0
  1360. package/dist/commands/sla-track.d.ts +56 -0
  1361. package/dist/commands/sla-track.js +268 -0
  1362. package/dist/commands/smart-output.d.ts +38 -0
  1363. package/dist/commands/smart-output.js +175 -0
  1364. package/dist/commands/smart-select.d.ts +26 -0
  1365. package/dist/commands/smart-select.js +345 -0
  1366. package/dist/commands/snapshot.d.ts +139 -0
  1367. package/dist/commands/snapshot.js +478 -0
  1368. package/dist/commands/snippet-eval.d.ts +7 -0
  1369. package/dist/commands/snippet-eval.js +223 -0
  1370. package/dist/commands/spec-conform.d.ts +4 -0
  1371. package/dist/commands/spec-conform.js +304 -0
  1372. package/dist/commands/stale-pattern.d.ts +4 -0
  1373. package/dist/commands/stale-pattern.js +293 -0
  1374. package/dist/commands/state-integrity.d.ts +4 -0
  1375. package/dist/commands/state-integrity.js +283 -0
  1376. package/dist/commands/suppress.d.ts +39 -0
  1377. package/dist/commands/suppress.js +203 -0
  1378. package/dist/commands/team-config.d.ts +4 -0
  1379. package/dist/commands/team-config.js +234 -0
  1380. package/dist/commands/team-leaderboard.d.ts +24 -0
  1381. package/dist/commands/team-leaderboard.js +227 -0
  1382. package/dist/commands/team-rules-sync.d.ts +7 -0
  1383. package/dist/commands/team-rules-sync.js +250 -0
  1384. package/dist/commands/team-trust.d.ts +7 -0
  1385. package/dist/commands/team-trust.js +174 -0
  1386. package/dist/commands/test-correlate.d.ts +7 -0
  1387. package/dist/commands/test-correlate.js +221 -0
  1388. package/dist/commands/test-isolation.d.ts +5 -0
  1389. package/dist/commands/test-isolation.js +234 -0
  1390. package/dist/commands/test-quality.d.ts +5 -0
  1391. package/dist/commands/test-quality.js +160 -0
  1392. package/dist/commands/test-suggest.d.ts +8 -0
  1393. package/dist/commands/test-suggest.js +247 -0
  1394. package/dist/commands/ticket-sync.d.ts +25 -0
  1395. package/dist/commands/ticket-sync.js +235 -0
  1396. package/dist/commands/timeout-audit.d.ts +4 -0
  1397. package/dist/commands/timeout-audit.js +210 -0
  1398. package/dist/commands/trace.d.ts +64 -0
  1399. package/dist/commands/trace.js +245 -0
  1400. package/dist/commands/trend-report.d.ts +4 -0
  1401. package/dist/commands/trend-report.js +148 -0
  1402. package/dist/commands/triage.d.ts +15 -0
  1403. package/dist/commands/triage.js +171 -0
  1404. package/dist/commands/trust-adaptive.d.ts +8 -0
  1405. package/dist/commands/trust-adaptive.js +193 -0
  1406. package/dist/commands/trust-ramp.d.ts +29 -0
  1407. package/dist/commands/trust-ramp.js +189 -0
  1408. package/dist/commands/tune.d.ts +24 -0
  1409. package/dist/commands/tune.js +380 -0
  1410. package/dist/commands/type-boundary.d.ts +4 -0
  1411. package/dist/commands/type-boundary.js +235 -0
  1412. package/dist/commands/upload.d.ts +13 -0
  1413. package/dist/commands/upload.js +172 -0
  1414. package/dist/commands/validate-config.d.ts +16 -0
  1415. package/dist/commands/validate-config.js +267 -0
  1416. package/dist/commands/vendor-lock-detect.d.ts +7 -0
  1417. package/dist/commands/vendor-lock-detect.js +288 -0
  1418. package/dist/commands/vote.d.ts +31 -0
  1419. package/dist/commands/vote.js +200 -0
  1420. package/dist/commands/warm-cache.d.ts +30 -0
  1421. package/dist/commands/warm-cache.js +165 -0
  1422. package/dist/commands/watch-judge.d.ts +7 -0
  1423. package/dist/commands/watch-judge.js +179 -0
  1424. package/dist/commands/watch.d.ts +22 -0
  1425. package/dist/commands/watch.js +147 -0
  1426. package/dist/comparison.d.ts +67 -0
  1427. package/dist/comparison.js +253 -0
  1428. package/dist/config.d.ts +108 -0
  1429. package/dist/config.js +694 -0
  1430. package/dist/context/context-snippets.d.ts +15 -0
  1431. package/dist/context/context-snippets.js +36 -0
  1432. package/dist/context/embedding-cache.d.ts +30 -0
  1433. package/dist/context/embedding-cache.js +48 -0
  1434. package/dist/data-adapter.d.ts +123 -0
  1435. package/dist/data-adapter.js +212 -0
  1436. package/dist/dedup.d.ts +105 -0
  1437. package/dist/dedup.js +606 -0
  1438. package/dist/disk-cache.d.ts +59 -0
  1439. package/dist/disk-cache.js +236 -0
  1440. package/dist/errors.d.ts +43 -0
  1441. package/dist/errors.js +63 -0
  1442. package/dist/escalation.d.ts +100 -0
  1443. package/dist/escalation.js +292 -0
  1444. package/dist/evaluation-session.d.ts +74 -0
  1445. package/dist/evaluation-session.js +152 -0
  1446. package/dist/evaluators/accessibility.d.ts +2 -0
  1447. package/dist/evaluators/accessibility.js +559 -0
  1448. package/dist/evaluators/agent-instructions.d.ts +2 -0
  1449. package/dist/evaluators/agent-instructions.js +214 -0
  1450. package/dist/evaluators/ai-code-safety.d.ts +8 -0
  1451. package/dist/evaluators/ai-code-safety.js +410 -0
  1452. package/dist/evaluators/api-contract.d.ts +9 -0
  1453. package/dist/evaluators/api-contract.js +203 -0
  1454. package/dist/evaluators/api-design.d.ts +2 -0
  1455. package/dist/evaluators/api-design.js +260 -0
  1456. package/dist/evaluators/app-builder.d.ts +33 -0
  1457. package/dist/evaluators/app-builder.js +155 -0
  1458. package/dist/evaluators/authentication.d.ts +2 -0
  1459. package/dist/evaluators/authentication.js +455 -0
  1460. package/dist/evaluators/backwards-compatibility.d.ts +2 -0
  1461. package/dist/evaluators/backwards-compatibility.js +168 -0
  1462. package/dist/evaluators/caching.d.ts +2 -0
  1463. package/dist/evaluators/caching.js +171 -0
  1464. package/dist/evaluators/ci-cd.d.ts +2 -0
  1465. package/dist/evaluators/ci-cd.js +218 -0
  1466. package/dist/evaluators/cloud-readiness.d.ts +2 -0
  1467. package/dist/evaluators/cloud-readiness.js +231 -0
  1468. package/dist/evaluators/code-structure.d.ts +21 -0
  1469. package/dist/evaluators/code-structure.js +195 -0
  1470. package/dist/evaluators/compliance.d.ts +2 -0
  1471. package/dist/evaluators/compliance.js +329 -0
  1472. package/dist/evaluators/concurrency.d.ts +2 -0
  1473. package/dist/evaluators/concurrency.js +307 -0
  1474. package/dist/evaluators/configuration-management.d.ts +2 -0
  1475. package/dist/evaluators/configuration-management.js +232 -0
  1476. package/dist/evaluators/cost-effectiveness.d.ts +2 -0
  1477. package/dist/evaluators/cost-effectiveness.js +418 -0
  1478. package/dist/evaluators/cybersecurity.d.ts +2 -0
  1479. package/dist/evaluators/cybersecurity.js +1197 -0
  1480. package/dist/evaluators/data-security.d.ts +2 -0
  1481. package/dist/evaluators/data-security.js +467 -0
  1482. package/dist/evaluators/data-sovereignty.d.ts +2 -0
  1483. package/dist/evaluators/data-sovereignty.js +495 -0
  1484. package/dist/evaluators/database.d.ts +2 -0
  1485. package/dist/evaluators/database.js +240 -0
  1486. package/dist/evaluators/dependencies.d.ts +5 -0
  1487. package/dist/evaluators/dependencies.js +228 -0
  1488. package/dist/evaluators/dependency-health.d.ts +2 -0
  1489. package/dist/evaluators/dependency-health.js +477 -0
  1490. package/dist/evaluators/documentation.d.ts +2 -0
  1491. package/dist/evaluators/documentation.js +432 -0
  1492. package/dist/evaluators/error-handling.d.ts +2 -0
  1493. package/dist/evaluators/error-handling.js +426 -0
  1494. package/dist/evaluators/ethics-bias.d.ts +2 -0
  1495. package/dist/evaluators/ethics-bias.js +263 -0
  1496. package/dist/evaluators/false-positive-review.d.ts +21 -0
  1497. package/dist/evaluators/false-positive-review.js +1246 -0
  1498. package/dist/evaluators/framework-rules.d.ts +58 -0
  1499. package/dist/evaluators/framework-rules.js +291 -0
  1500. package/dist/evaluators/framework-safety.d.ts +12 -0
  1501. package/dist/evaluators/framework-safety.js +1205 -0
  1502. package/dist/evaluators/hallucination-detection.d.ts +2 -0
  1503. package/dist/evaluators/hallucination-detection.js +1250 -0
  1504. package/dist/evaluators/iac-security.d.ts +8 -0
  1505. package/dist/evaluators/iac-security.js +701 -0
  1506. package/dist/evaluators/index.d.ts +167 -0
  1507. package/dist/evaluators/index.js +994 -0
  1508. package/dist/evaluators/intent-alignment.d.ts +18 -0
  1509. package/dist/evaluators/intent-alignment.js +405 -0
  1510. package/dist/evaluators/internationalization.d.ts +2 -0
  1511. package/dist/evaluators/internationalization.js +287 -0
  1512. package/dist/evaluators/judge-selector.d.ts +19 -0
  1513. package/dist/evaluators/judge-selector.js +141 -0
  1514. package/dist/evaluators/logging-privacy.d.ts +2 -0
  1515. package/dist/evaluators/logging-privacy.js +190 -0
  1516. package/dist/evaluators/logic-review.d.ts +2 -0
  1517. package/dist/evaluators/logic-review.js +289 -0
  1518. package/dist/evaluators/maintainability.d.ts +2 -0
  1519. package/dist/evaluators/maintainability.js +430 -0
  1520. package/dist/evaluators/model-fingerprint.d.ts +2 -0
  1521. package/dist/evaluators/model-fingerprint.js +151 -0
  1522. package/dist/evaluators/multi-turn-coherence.d.ts +13 -0
  1523. package/dist/evaluators/multi-turn-coherence.js +149 -0
  1524. package/dist/evaluators/observability.d.ts +2 -0
  1525. package/dist/evaluators/observability.js +238 -0
  1526. package/dist/evaluators/over-engineering.d.ts +2 -0
  1527. package/dist/evaluators/over-engineering.js +160 -0
  1528. package/dist/evaluators/performance.d.ts +2 -0
  1529. package/dist/evaluators/performance.js +649 -0
  1530. package/dist/evaluators/portability.d.ts +2 -0
  1531. package/dist/evaluators/portability.js +254 -0
  1532. package/dist/evaluators/project.d.ts +48 -0
  1533. package/dist/evaluators/project.js +817 -0
  1534. package/dist/evaluators/rate-limiting.d.ts +2 -0
  1535. package/dist/evaluators/rate-limiting.js +193 -0
  1536. package/dist/evaluators/recall-boost.d.ts +27 -0
  1537. package/dist/evaluators/recall-boost.js +409 -0
  1538. package/dist/evaluators/reliability.d.ts +2 -0
  1539. package/dist/evaluators/reliability.js +245 -0
  1540. package/dist/evaluators/scalability.d.ts +2 -0
  1541. package/dist/evaluators/scalability.js +230 -0
  1542. package/dist/evaluators/security.d.ts +12 -0
  1543. package/dist/evaluators/security.js +1013 -0
  1544. package/dist/evaluators/shared.d.ts +219 -0
  1545. package/dist/evaluators/shared.js +1169 -0
  1546. package/dist/evaluators/software-practices.d.ts +2 -0
  1547. package/dist/evaluators/software-practices.js +395 -0
  1548. package/dist/evaluators/suppressions.d.ts +49 -0
  1549. package/dist/evaluators/suppressions.js +185 -0
  1550. package/dist/evaluators/testing.d.ts +2 -0
  1551. package/dist/evaluators/testing.js +348 -0
  1552. package/dist/evaluators/ux.d.ts +2 -0
  1553. package/dist/evaluators/ux.js +309 -0
  1554. package/dist/evaluators/v2.d.ts +26 -0
  1555. package/dist/evaluators/v2.js +354 -0
  1556. package/dist/ext-to-lang.d.ts +16 -0
  1557. package/dist/ext-to-lang.js +60 -0
  1558. package/dist/feedback-loop.d.ts +62 -0
  1559. package/dist/feedback-loop.js +179 -0
  1560. package/dist/finding-lifecycle.d.ts +215 -0
  1561. package/dist/finding-lifecycle.js +547 -0
  1562. package/dist/fingerprint.d.ts +39 -0
  1563. package/dist/fingerprint.js +179 -0
  1564. package/dist/fix-history.d.ts +103 -0
  1565. package/dist/fix-history.js +164 -0
  1566. package/dist/formatters/badge.d.ts +16 -0
  1567. package/dist/formatters/badge.js +78 -0
  1568. package/dist/formatters/codeclimate.d.ts +24 -0
  1569. package/dist/formatters/codeclimate.js +80 -0
  1570. package/dist/formatters/csv.d.ts +16 -0
  1571. package/dist/formatters/csv.js +53 -0
  1572. package/dist/formatters/diagnostics.d.ts +81 -0
  1573. package/dist/formatters/diagnostics.js +152 -0
  1574. package/dist/formatters/github-actions.d.ts +6 -0
  1575. package/dist/formatters/github-actions.js +68 -0
  1576. package/dist/formatters/html.d.ts +12 -0
  1577. package/dist/formatters/html.js +194 -0
  1578. package/dist/formatters/junit.d.ts +6 -0
  1579. package/dist/formatters/junit.js +68 -0
  1580. package/dist/formatters/pdf.d.ts +12 -0
  1581. package/dist/formatters/pdf.js +114 -0
  1582. package/dist/formatters/sarif.d.ts +92 -0
  1583. package/dist/formatters/sarif.js +256 -0
  1584. package/dist/formatters/shared.d.ts +4 -0
  1585. package/dist/formatters/shared.js +29 -0
  1586. package/dist/git-diff.d.ts +62 -0
  1587. package/dist/git-diff.js +282 -0
  1588. package/dist/github-app.d.ts +152 -0
  1589. package/dist/github-app.js +716 -0
  1590. package/dist/import-resolver.d.ts +51 -0
  1591. package/dist/import-resolver.js +213 -0
  1592. package/dist/index.d.ts +4 -0
  1593. package/dist/index.js +38 -0
  1594. package/dist/judge-registry.d.ts +156 -0
  1595. package/dist/judge-registry.js +272 -0
  1596. package/dist/judges/accessibility.d.ts +2 -0
  1597. package/dist/judges/accessibility.js +46 -0
  1598. package/dist/judges/agent-instructions.d.ts +2 -0
  1599. package/dist/judges/agent-instructions.js +46 -0
  1600. package/dist/judges/ai-code-safety.d.ts +2 -0
  1601. package/dist/judges/ai-code-safety.js +57 -0
  1602. package/dist/judges/api-contract.d.ts +2 -0
  1603. package/dist/judges/api-contract.js +40 -0
  1604. package/dist/judges/api-design.d.ts +2 -0
  1605. package/dist/judges/api-design.js +57 -0
  1606. package/dist/judges/authentication.d.ts +2 -0
  1607. package/dist/judges/authentication.js +63 -0
  1608. package/dist/judges/backwards-compatibility.d.ts +2 -0
  1609. package/dist/judges/backwards-compatibility.js +46 -0
  1610. package/dist/judges/caching.d.ts +2 -0
  1611. package/dist/judges/caching.js +46 -0
  1612. package/dist/judges/ci-cd.d.ts +2 -0
  1613. package/dist/judges/ci-cd.js +46 -0
  1614. package/dist/judges/cloud-readiness.d.ts +2 -0
  1615. package/dist/judges/cloud-readiness.js +53 -0
  1616. package/dist/judges/code-structure.d.ts +2 -0
  1617. package/dist/judges/code-structure.js +50 -0
  1618. package/dist/judges/compliance.d.ts +2 -0
  1619. package/dist/judges/compliance.js +49 -0
  1620. package/dist/judges/concurrency.d.ts +2 -0
  1621. package/dist/judges/concurrency.js +48 -0
  1622. package/dist/judges/configuration-management.d.ts +2 -0
  1623. package/dist/judges/configuration-management.js +46 -0
  1624. package/dist/judges/cost-effectiveness.d.ts +2 -0
  1625. package/dist/judges/cost-effectiveness.js +42 -0
  1626. package/dist/judges/cybersecurity.d.ts +2 -0
  1627. package/dist/judges/cybersecurity.js +63 -0
  1628. package/dist/judges/data-security.d.ts +2 -0
  1629. package/dist/judges/data-security.js +50 -0
  1630. package/dist/judges/data-sovereignty.d.ts +2 -0
  1631. package/dist/judges/data-sovereignty.js +60 -0
  1632. package/dist/judges/database.d.ts +2 -0
  1633. package/dist/judges/database.js +51 -0
  1634. package/dist/judges/dependency-health.d.ts +2 -0
  1635. package/dist/judges/dependency-health.js +48 -0
  1636. package/dist/judges/documentation.d.ts +2 -0
  1637. package/dist/judges/documentation.js +55 -0
  1638. package/dist/judges/error-handling.d.ts +2 -0
  1639. package/dist/judges/error-handling.js +55 -0
  1640. package/dist/judges/ethics-bias.d.ts +2 -0
  1641. package/dist/judges/ethics-bias.js +48 -0
  1642. package/dist/judges/false-positive-review.d.ts +2 -0
  1643. package/dist/judges/false-positive-review.js +85 -0
  1644. package/dist/judges/framework-safety.d.ts +2 -0
  1645. package/dist/judges/framework-safety.js +49 -0
  1646. package/dist/judges/hallucination-detection.d.ts +2 -0
  1647. package/dist/judges/hallucination-detection.js +48 -0
  1648. package/dist/judges/iac-security.d.ts +2 -0
  1649. package/dist/judges/iac-security.js +47 -0
  1650. package/dist/judges/index.d.ts +88 -0
  1651. package/dist/judges/index.js +128 -0
  1652. package/dist/judges/intent-alignment.d.ts +2 -0
  1653. package/dist/judges/intent-alignment.js +46 -0
  1654. package/dist/judges/internationalization.d.ts +2 -0
  1655. package/dist/judges/internationalization.js +44 -0
  1656. package/dist/judges/logging-privacy.d.ts +2 -0
  1657. package/dist/judges/logging-privacy.js +46 -0
  1658. package/dist/judges/logic-review.d.ts +2 -0
  1659. package/dist/judges/logic-review.js +36 -0
  1660. package/dist/judges/maintainability.d.ts +2 -0
  1661. package/dist/judges/maintainability.js +46 -0
  1662. package/dist/judges/model-fingerprint.d.ts +2 -0
  1663. package/dist/judges/model-fingerprint.js +35 -0
  1664. package/dist/judges/multi-turn-coherence.d.ts +2 -0
  1665. package/dist/judges/multi-turn-coherence.js +39 -0
  1666. package/dist/judges/observability.d.ts +2 -0
  1667. package/dist/judges/observability.js +54 -0
  1668. package/dist/judges/over-engineering.d.ts +2 -0
  1669. package/dist/judges/over-engineering.js +50 -0
  1670. package/dist/judges/performance.d.ts +2 -0
  1671. package/dist/judges/performance.js +46 -0
  1672. package/dist/judges/portability.d.ts +2 -0
  1673. package/dist/judges/portability.js +46 -0
  1674. package/dist/judges/rate-limiting.d.ts +2 -0
  1675. package/dist/judges/rate-limiting.js +55 -0
  1676. package/dist/judges/reliability.d.ts +2 -0
  1677. package/dist/judges/reliability.js +57 -0
  1678. package/dist/judges/scalability.d.ts +2 -0
  1679. package/dist/judges/scalability.js +52 -0
  1680. package/dist/judges/security.d.ts +2 -0
  1681. package/dist/judges/security.js +64 -0
  1682. package/dist/judges/software-practices.d.ts +2 -0
  1683. package/dist/judges/software-practices.js +56 -0
  1684. package/dist/judges/testing.d.ts +2 -0
  1685. package/dist/judges/testing.js +54 -0
  1686. package/dist/judges/ux.d.ts +2 -0
  1687. package/dist/judges/ux.js +46 -0
  1688. package/dist/language-patterns.d.ts +653 -0
  1689. package/dist/language-patterns.js +851 -0
  1690. package/dist/parallel.d.ts +52 -0
  1691. package/dist/parallel.js +157 -0
  1692. package/dist/patches/apply.d.ts +15 -0
  1693. package/dist/patches/apply.js +37 -0
  1694. package/dist/patches/index.d.ts +9 -0
  1695. package/dist/patches/index.js +2544 -0
  1696. package/dist/plugins.d.ts +59 -0
  1697. package/dist/plugins.js +76 -0
  1698. package/dist/presets.d.ts +35 -0
  1699. package/dist/presets.js +406 -0
  1700. package/dist/probabilistic/llm-response-validator.d.ts +26 -0
  1701. package/dist/probabilistic/llm-response-validator.js +122 -0
  1702. package/dist/reports/public-repo-report.d.ts +42 -0
  1703. package/dist/reports/public-repo-report.js +579 -0
  1704. package/dist/review-conversation.d.ts +87 -0
  1705. package/dist/review-conversation.js +307 -0
  1706. package/dist/sast-integration.d.ts +112 -0
  1707. package/dist/sast-integration.js +215 -0
  1708. package/dist/scoring.d.ts +36 -0
  1709. package/dist/scoring.js +437 -0
  1710. package/dist/security-ids.d.ts +23 -0
  1711. package/dist/security-ids.js +239 -0
  1712. package/dist/skill-loader.d.ts +33 -0
  1713. package/dist/skill-loader.js +167 -0
  1714. package/dist/tools/command-safety.d.ts +13 -0
  1715. package/dist/tools/command-safety.js +95 -0
  1716. package/dist/tools/deep-review.d.ts +38 -0
  1717. package/dist/tools/deep-review.js +302 -0
  1718. package/dist/tools/prompts.d.ts +27 -0
  1719. package/dist/tools/prompts.js +122 -0
  1720. package/dist/tools/register-evaluation.d.ts +6 -0
  1721. package/dist/tools/register-evaluation.js +587 -0
  1722. package/dist/tools/register-fix.d.ts +5 -0
  1723. package/dist/tools/register-fix.js +175 -0
  1724. package/dist/tools/register-resources.d.ts +6 -0
  1725. package/dist/tools/register-resources.js +177 -0
  1726. package/dist/tools/register-review.d.ts +6 -0
  1727. package/dist/tools/register-review.js +564 -0
  1728. package/dist/tools/register-scaffold.d.ts +2 -0
  1729. package/dist/tools/register-scaffold.js +398 -0
  1730. package/dist/tools/register-workflow.d.ts +6 -0
  1731. package/dist/tools/register-workflow.js +1037 -0
  1732. package/dist/tools/register-workspace.d.ts +2 -0
  1733. package/dist/tools/register-workspace.js +214 -0
  1734. package/dist/tools/register.d.ts +6 -0
  1735. package/dist/tools/register.js +21 -0
  1736. package/dist/tools/schemas.d.ts +25 -0
  1737. package/dist/tools/schemas.js +41 -0
  1738. package/dist/tools/validation.d.ts +13 -0
  1739. package/dist/tools/validation.js +77 -0
  1740. package/dist/types.d.ts +898 -0
  1741. package/dist/types.js +1 -0
  1742. package/package.json +54 -0
  1743. package/skills/ai-code-review.skill.md +57 -0
  1744. package/skills/release-gate.skill.md +27 -0
  1745. package/skills/security-review.skill.md +32 -0
package/dist/evaluators/data-security.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import type { Finding } from "../types.js";
2
+ export declare function analyzeDataSecurity(code: string, language: string): Finding[];
package/dist/evaluators/data-security.js ADDED
@@ -0,0 +1,467 @@
1
+ import { getLineNumbers, getLangLineNumbers, getLangFamily, isIaCTemplate, looksLikeRealCredentialValue, testCode, getContextWindow, isLikelyAnalysisCode, } from "./shared.js";
2
+ import * as LP from "../language-patterns.js";
3
+ function lineContainsRealQuotedSecret(line, pattern) {
4
+ const matches = [...line.matchAll(pattern)];
5
+ if (matches.length === 0)
6
+ return false;
7
+ return matches.some((match) => {
8
+ const full = match[0] ?? "";
9
+ const quotedValueMatch = full.match(/["']([^"']+)["']/);
10
+ if (!quotedValueMatch)
11
+ return true;
12
+ const value = quotedValueMatch[1] ?? "";
13
+ return looksLikeRealCredentialValue(value);
14
+ });
15
+ }
16
+ function isLikelyNonProductionContext(lines, index) {
17
+ const contextStart = Math.max(0, index - 2);
18
+ const contextEnd = Math.min(lines.length, index + 3);
19
+ const context = lines.slice(contextStart, contextEnd).join("\n");
20
+ const nonProductionSignals = /\b(?:describe|it|test)\s*\(|\b(?:tests?|mock|mocks|fixture|fixtures|harness|e2e|example|sample|dummy)\b/i;
21
+ const productionSignals = /\b(?:prod|production|release|deploy|deployment)\b/i;
22
+ return nonProductionSignals.test(context) && !productionSignals.test(context);
23
+ }
24
+ function filterNonProductionLineNumbers(code, lineNumbers) {
25
+ const lines = code.split("\n");
26
+ return lineNumbers.filter((lineNumber) => !isLikelyNonProductionContext(lines, lineNumber - 1));
27
+ }
28
+ function getFilteredHardcodedSecretLines(code, pattern) {
29
+ const lines = code.split("\n");
30
+ const flaggedLines = [];
31
+ for (let index = 0; index < lines.length; index += 1) {
32
+ if (lineContainsRealQuotedSecret(lines[index], pattern) && !isLikelyNonProductionContext(lines, index)) {
33
+ flaggedLines.push(index + 1);
34
+ }
35
+ }
36
+ return flaggedLines;
37
+ }
38
+ export function analyzeDataSecurity(code, language) {
39
+ const findings = [];
40
+ let ruleNum = 1;
41
+ const prefix = "DATA";
42
+ const _lang = getLangFamily(language);
43
+ // Analysis code references PII/secret/credential keywords in regex patterns
44
+ // for detection purposes — these are not real sensitive data.
45
+ if (isLikelyAnalysisCode(code))
46
+ return findings;
47
+ // IaC templates (Bicep/Terraform/ARM) use property names like `token`,
48
+ // `secret`, and `key` for configuration settings (e.g., `useCustomToken:
49
+ // 'false'`). The iac-security evaluator handles actual IaC secret detection
50
+ // with patterns tuned for infrastructure definitions — skip here to avoid
51
+ // duplicate / false-positive findings.
52
+ if (isIaCTemplate(code))
53
+ return findings;
54
+ // Hardcoded secrets (multi-language)
55
+ const secretPatterns = [
56
+ { pattern: /(?:password|passwd|pwd)\s*[:=]\s*["'][^"']+["']/gi, name: "password" },
57
+ { pattern: /(?:api[_-]?key|apikey)\s*[:=]\s*["'][^"']+["']/gi, name: "API key" },
58
+ { pattern: /(?:secret|token)\s*[:=]\s*["'][^"']+["']/gi, name: "secret/token" },
59
+ { pattern: /(?:connection[_-]?string)\s*[:=]\s*["'][^"']+["']/gi, name: "connection string" },
60
+ { pattern: /(?:private[_-]?key)\s*[:=]\s*["'][^"']+["']/gi, name: "private key" },
61
+ { pattern: /-----BEGIN (?:RSA |EC |DSA |OPENSSH )?PRIVATE KEY-----/gi, name: "embedded private key" },
62
+ { pattern: /(?:aws_access_key_id|aws_secret_access_key)\s*[:=]\s*["'][^"']+["']/gi, name: "AWS credential" },
63
+ { pattern: /AKIA[0-9A-Z]{16}/g, name: "AWS access key ID" },
64
+ { pattern: /(?:ghp|gho|ghu|ghs|ghr)_[A-Za-z0-9_]{36,}/g, name: "GitHub token" },
65
+ { pattern: /xox[bprs]-[0-9a-zA-Z-]{10,}/g, name: "Slack token" },
66
+ { pattern: /sk-[a-zA-Z0-9]{20,}/g, name: "OpenAI/Stripe secret key" },
67
+ { pattern: /(?:SG\.)[a-zA-Z0-9_-]{22}\.[a-zA-Z0-9_-]{43}/g, name: "SendGrid API key" },
68
+ { pattern: /(?:bearer|authorization)\s*[:=]\s*["'][^"']{20,}["']/gi, name: "hardcoded auth token" },
69
+ {
70
+ pattern: /(?:AZURE|MICROSOFT)_[A-Z_]*(?:KEY|SECRET|TOKEN|CONNECTION)\s*[:=]\s*["'][^"']+["']/gi,
71
+ name: "Azure credential",
72
+ },
73
+ { pattern: /(?:DATABASE_URL|MONGO_URI|REDIS_URL)\s*[:=]\s*["'][^"']+["']/gi, name: "database connection URL" },
74
+ ];
75
+ const filteredQuotedSecretNames = new Set([
76
+ "password",
77
+ "API key",
78
+ "secret/token",
79
+ "connection string",
80
+ "private key",
81
+ "AWS credential",
82
+ "hardcoded auth token",
83
+ "Azure credential",
84
+ "database connection URL",
85
+ ]);
86
+ for (const sp of secretPatterns) {
87
+ const baseLines = filteredQuotedSecretNames.has(sp.name)
88
+ ? getFilteredHardcodedSecretLines(code, sp.pattern)
89
+ : getLineNumbers(code, sp.pattern);
90
+ const lines = filterNonProductionLineNumbers(code, baseLines);
91
+ if (lines.length > 0) {
92
+ findings.push({
93
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
94
+ severity: "critical",
95
+ title: `Hardcoded ${sp.name} detected`,
96
+ description: `A ${sp.name} appears to be hardcoded in the source code. This is a severe data security risk as it can be extracted from version control, build artifacts, or decompiled binaries.`,
97
+ lineNumbers: lines,
98
+ recommendation: `Move the ${sp.name} to a secrets manager (e.g., Azure Key Vault, AWS Secrets Manager, HashiCorp Vault) or at minimum to environment variables. Never commit secrets to source control.`,
99
+ reference: "OWASP: Hardcoded Credentials — CWE-798",
100
+ suggestedFix: `Replace hardcoded ${sp.name} with an environment variable: process.env.SECRET_NAME or inject from a secrets manager at runtime.`,
101
+ confidence: 0.9,
102
+ });
103
+ }
104
+ }
105
+ // Console/print logging of sensitive data (multi-language)
106
+ const logSensitivePatterns = /(?:console\.\w+|print|println|printf|log\.\w+|logger\.\w+|logging\.\w+|System\.out|System\.err|fmt\.Print|puts|echo)\s*\(.*(?:password|secret|token|key|credential|ssn|credit.?card|cvv|pin_code)/gi;
107
+ const logLines = getLineNumbers(code, logSensitivePatterns);
108
+ if (logLines.length > 0) {
109
+ findings.push({
110
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
111
+ severity: "high",
112
+ title: "Sensitive data may be logged",
113
+ description: "Log output appears to include sensitive data fields such as passwords, tokens, or PII. This can lead to credential exposure in log aggregation systems.",
114
+ lineNumbers: logLines,
115
+ recommendation: "Remove sensitive data from log statements. Use structured logging with redaction filters to automatically mask sensitive fields.",
116
+ reference: "OWASP Logging Cheat Sheet — CWE-532",
117
+ suggestedFix: "Remove sensitive fields from log calls or redact them: logger.info('User login', { userId: user.id }) instead of logging passwords/tokens.",
118
+ confidence: 0.85,
119
+ });
120
+ }
121
+ // Weak hashing (multi-language)
122
+ const weakHashLines = getLangLineNumbers(code, language, LP.WEAK_HASH);
123
+ if (weakHashLines.length > 0) {
124
+ findings.push({
125
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
126
+ severity: "high",
127
+ title: "Weak hashing algorithm used",
128
+ description: "MD5 or SHA1 is used, which are cryptographically broken for security purposes. They should not be used for password hashing, data integrity verification, or any security-sensitive context.",
129
+ lineNumbers: weakHashLines,
130
+ recommendation: "Use SHA-256/SHA-512 for integrity checks, or bcrypt/scrypt/argon2 for password hashing.",
131
+ reference: "NIST SP 800-131A — CWE-328",
132
+ suggestedFix: "Replace MD5/SHA1 with SHA-256 for integrity, or bcrypt/argon2 for passwords: crypto.createHash('sha256') or await bcrypt.hash(password, 12).",
133
+ confidence: 0.9,
134
+ });
135
+ }
136
+ // SQL injection risk (multi-language)
137
+ const sqlLines = getLangLineNumbers(code, language, LP.SQL_INJECTION);
138
+ if (sqlLines.length > 0) {
139
+ findings.push({
140
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
141
+ severity: "critical",
142
+ title: "Potential SQL injection via string concatenation",
143
+ description: "SQL queries appear to be constructed using string interpolation or concatenation with user input, which can lead to SQL injection attacks and data breaches.",
144
+ lineNumbers: sqlLines,
145
+ recommendation: "Use parameterized queries or prepared statements. Never concatenate user input into SQL strings directly.",
146
+ reference: "OWASP SQL Injection — CWE-89",
147
+ suggestedFix: "Use parameterized queries: db.query('SELECT * FROM users WHERE id = $1', [userId]) instead of string concatenation.",
148
+ confidence: 0.95,
149
+ });
150
+ }
151
+ // No encryption in HTTP calls
152
+ const httpPatterns = /['"]http:\/\/(?!localhost|127\.0\.0\.1|0\.0\.0\.0)/gi;
153
+ const httpLines = getLineNumbers(code, httpPatterns);
154
+ if (httpLines.length > 0) {
155
+ findings.push({
156
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
157
+ severity: "medium",
158
+ title: "Unencrypted HTTP connection",
159
+ description: "Non-localhost HTTP URLs are used instead of HTTPS, meaning data is transmitted in plaintext and vulnerable to interception.",
160
+ lineNumbers: httpLines,
161
+ recommendation: "Use HTTPS for all non-local connections to ensure data in transit is encrypted with TLS.",
162
+ reference: "OWASP Transport Layer Protection — CWE-319",
163
+ suggestedFix: "Replace http:// with https:// for all non-localhost URLs to encrypt data in transit.",
164
+ confidence: 0.9,
165
+ });
166
+ }
167
+ // Unsafe deserialization (multi-language)
168
+ const deserLines = getLangLineNumbers(code, language, LP.UNSAFE_DESERIALIZATION);
169
+ if (deserLines.length > 0) {
170
+ findings.push({
171
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
172
+ severity: "critical",
173
+ title: "Unsafe deserialization detected",
174
+ description: "Deserializing untrusted data (pickle, YAML, Java ObjectInputStream, PHP unserialize, .NET BinaryFormatter) can lead to remote code execution.",
175
+ lineNumbers: deserLines,
176
+ recommendation: "Never deserialize untrusted data. Use safe alternatives: yaml.safe_load(), JSON instead of pickle, whitelist-based deserialization. Validate and sanitize all input before deserialization.",
177
+ reference: "OWASP Deserialization — CWE-502",
178
+ suggestedFix: "Replace unsafe deserialization: use yaml.safe_load() instead of yaml.load(), JSON.parse() instead of pickle/eval, or whitelist-based deserialization.",
179
+ confidence: 0.85,
180
+ });
181
+ }
182
+ // Cookie without security flags
183
+ const cookieNoFlagLines = getLineNumbers(code, /(?:res\.cookie|setCookie|set_cookie|SetCookie)\s*\(/gi);
184
+ if (cookieNoFlagLines.length > 0) {
185
+ const hasSecure = testCode(code, /secure\s*:\s*true|Secure/gi);
186
+ const hasHttpOnly = testCode(code, /httpOnly\s*:\s*true|HttpOnly/gi);
187
+ if (!hasSecure || !hasHttpOnly) {
188
+ findings.push({
189
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
190
+ severity: "high",
191
+ title: "Cookie may lack security flags",
192
+ description: "Cookies are set without explicit Secure, HttpOnly, or SameSite flags, making them vulnerable to interception and XSS-based theft.",
193
+ lineNumbers: cookieNoFlagLines,
194
+ recommendation: "Set Secure, HttpOnly, and SameSite=Strict (or Lax) flags on all cookies. Use __Host- prefix for sensitive cookies.",
195
+ reference: "OWASP Session Management — CWE-614",
196
+ suggestedFix: "Add security flags: res.cookie('name', value, { secure: true, httpOnly: true, sameSite: 'strict' });",
197
+ confidence: 0.8,
198
+ });
199
+ }
200
+ }
201
+ // JWT without verification
202
+ const jwtNoVerifyPatterns = /jwt\.decode\s*\(|jose\.decode\s*\(|JWT\.decode\s*\(/gi;
203
+ // Post-filter: Python's PyJWT uses jwt.decode(token, key, algorithms=[...]) for VERIFIED decode.
204
+ // Only jwt.decode() without algorithms= or with verify_signature=False is insecure.
205
+ const jwtCodeLines = code.split("\n");
206
+ const jwtNoVerifyLines = getLineNumbers(code, jwtNoVerifyPatterns).filter((ln) => {
207
+ const ctx = getContextWindow(jwtCodeLines, ln, 2);
208
+ return !(/algorithms\s*=/.test(ctx) || /,\s*\w+\s*,\s*algorithms/.test(ctx));
209
+ });
210
+ if (jwtNoVerifyLines.length > 0) {
211
+ findings.push({
212
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
213
+ severity: "critical",
214
+ title: "JWT decoded without signature verification",
215
+ description: "JWT tokens are decoded without verifying the signature, allowing attackers to forge tokens with arbitrary claims.",
216
+ lineNumbers: jwtNoVerifyLines,
217
+ recommendation: "Always use jwt.verify() instead of jwt.decode(). Validate the signature, issuer, audience, and expiration claims.",
218
+ reference: "OWASP JWT Security — CWE-345",
219
+ suggestedFix: "Replace jwt.decode() with jwt.verify(token, secret, { algorithms: ['RS256'], issuer: 'expected-issuer' });",
220
+ confidence: 0.9,
221
+ });
222
+ }
223
+ // File upload without validation
224
+ const fileUploadPatterns = /multer|upload|formidable|busboy|multipart|FileUpload|MultipartFile/gi;
225
+ const fileUploadLines = getLineNumbers(code, fileUploadPatterns);
226
+ if (fileUploadLines.length > 0) {
227
+ const hasValidation = testCode(code, /mime|mimetype|content-type|extension|allowedTypes|fileFilter|accept|maxSize|fileSizeLimit/gi);
228
+ if (!hasValidation) {
229
+ findings.push({
230
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
231
+ severity: "high",
232
+ title: "File upload without type/size validation",
233
+ description: "File uploads are accepted without visible MIME type, extension, or size validation, allowing malicious file uploads.",
234
+ lineNumbers: fileUploadLines,
235
+ recommendation: "Validate file type (MIME + extension + magic bytes), enforce size limits, scan for malware, and store uploads outside the webroot.",
236
+ reference: "OWASP Unrestricted File Upload — CWE-434",
237
+ suggestedFix: "Add file validation: multer({ fileFilter, limits: { fileSize: 5 * 1024 * 1024 } }) with MIME type and extension checks.",
238
+ confidence: 0.8,
239
+ });
240
+ }
241
+ }
242
+ // Cleartext password storage
243
+ const cleartextPwPatterns = /password\s*[:=]\s*(?:req\.|request\.|body\.|input\.|params\.).*(?:save|insert|create|update|store|set)/gi;
244
+ const cleartextLines = getLineNumbers(code, cleartextPwPatterns);
245
+ if (cleartextLines.length > 0) {
246
+ const hasHashing = testCode(code, /bcrypt|argon2|scrypt|pbkdf2|hashPassword|hash_password|PasswordHasher/gi);
247
+ if (!hasHashing) {
248
+ findings.push({
249
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
250
+ severity: "critical",
251
+ title: "Password may be stored in cleartext",
252
+ description: "User passwords appear to be stored without hashing. If the database is compromised, all passwords are exposed.",
253
+ lineNumbers: cleartextLines,
254
+ recommendation: "Hash passwords using bcrypt, argon2, or scrypt with a unique salt per password. Never store passwords in plaintext or with reversible encryption.",
255
+ reference: "OWASP Password Storage — CWE-256",
256
+ suggestedFix: "Hash passwords before storage: const hash = await bcrypt.hash(password, 12); and verify with await bcrypt.compare(input, hash).",
257
+ confidence: 0.85,
258
+ });
259
+ }
260
+ }
261
+ // CORS with credentials and wildcard
262
+ const corsCredLines = getLineNumbers(code, /credentials\s*:\s*true|Access-Control-Allow-Credentials/gi);
263
+ const corsWildcard = testCode(code, /Access-Control-Allow-Origin.*\*|origin\s*:\s*['"]?\*/gi);
264
+ if (corsCredLines.length > 0 && corsWildcard) {
265
+ findings.push({
266
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
267
+ severity: "critical",
268
+ title: "CORS with credentials and wildcard origin",
269
+ description: "Using Access-Control-Allow-Credentials with a wildcard origin allows any website to make authenticated requests to your API.",
270
+ lineNumbers: corsCredLines,
271
+ recommendation: "Never combine credentials: true with origin: '*'. Whitelist specific trusted origins.",
272
+ reference: "OWASP CORS — CWE-942",
273
+ suggestedFix: "Replace origin: '*' with a specific allowlist: origin: ['https://app.example.com'] when credentials: true is used.",
274
+ confidence: 0.9,
275
+ });
276
+ }
277
+ // Missing CSRF protection
278
+ const formPostLines = getLineNumbers(code, /app\.post\s*\(|router\.post\s*\(|@PostMapping|@RequestMapping.*POST|\.post\s*\(/gi);
279
+ const hasCsrf = testCode(code, /csrf|xsrf|_token|csrfToken|antiforgery|AntiForgery|@csrf/gi);
280
+ if (formPostLines.length > 4 && !hasCsrf) {
281
+ findings.push({
282
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
283
+ severity: "high",
284
+ title: "No CSRF protection detected",
285
+ description: "POST endpoints exist but no CSRF tokens or protection middleware is visible, making the application vulnerable to cross-site request forgery.",
286
+ lineNumbers: formPostLines.slice(0, 5),
287
+ recommendation: "Implement CSRF protection using tokens (csurf, django.middleware.csrf, @csrf_exempt annotations) or SameSite cookies.",
288
+ reference: "OWASP CSRF — CWE-352",
289
+ suggestedFix: "Add CSRF middleware: app.use(csurf({ cookie: { httpOnly: true, sameSite: 'strict' } })); and include token in forms.",
290
+ confidence: 0.7,
291
+ });
292
+ }
293
+ // Exposing stack traces to clients
294
+ const stackTracePatterns = /(?:res\.(?:json|send)|response\.(?:json|send))\s*\(.*(?:stack|stackTrace|err\.message|error\.message)|traceback\.format_exc/gi;
295
+ const stackLines = getLineNumbers(code, stackTracePatterns);
296
+ if (stackLines.length > 0) {
297
+ findings.push({
298
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
299
+ severity: "medium",
300
+ title: "Stack traces exposed to clients",
301
+ description: "Error stack traces sent in API responses reveal internal implementation details, file paths, and library versions to attackers.",
302
+ lineNumbers: stackLines,
303
+ recommendation: "Return generic error messages to clients. Log detailed errors server-side only. Use different error handlers for development vs production.",
304
+ reference: "OWASP Error Handling — CWE-209",
305
+ suggestedFix: "Return generic errors to clients: res.status(500).json({ error: 'Internal error', requestId }); and log details server-side only.",
306
+ confidence: 0.85,
307
+ });
308
+ }
309
+ // Hardcoded encryption keys / IVs
310
+ // Use word boundaries around short tokens like `iv` and `nonce` to avoid
311
+ // matching compound identifiers (e.g., LOGPRIV: "..." should not fire).
312
+ const encKeyPatterns = /(?:encryption[_-]?key|aes[_-]?key|\biv\b|initialization[_-]?vector|\bnonce\b)\s*[:=]\s*["'][^"']+["']|(?:Buffer\.from|new\s+Uint8Array)\s*\(.*(?:key|\biv\b)/gi;
313
+ const encKeyLines = filterNonProductionLineNumbers(code, getLineNumbers(code, encKeyPatterns));
314
+ if (encKeyLines.length > 0) {
315
+ findings.push({
316
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
317
+ severity: "critical",
318
+ title: "Hardcoded encryption key or IV",
319
+ description: "Encryption keys and initialization vectors are hardcoded, making encrypted data trivially decryptable by anyone with access to the code.",
320
+ lineNumbers: encKeyLines,
321
+ recommendation: "Generate encryption keys securely at runtime or load from a key management service. IVs/nonces must be random and unique per encryption operation.",
322
+ reference: "CWE-321: Use of Hard-coded Cryptographic Key",
323
+ suggestedFix: "Load encryption keys from a KMS or env var: const key = Buffer.from(process.env.ENCRYPTION_KEY, 'base64'); and generate IVs with crypto.randomBytes(16).",
324
+ confidence: 0.9,
325
+ });
326
+ }
327
+ // Insecure random number generation for security
328
+ const insecureRandPatterns = /Math\.random\s*\(\)|random\.random\s*\(|rand\s*\(|Random\(\)|new\s+Random\b/gi;
329
+ const insecureRandLines = getLineNumbers(code, insecureRandPatterns);
330
+ if (insecureRandLines.length > 0) {
331
+ const nearSecurity = code.split("\n").some((line, i) => {
332
+ if (insecureRandPatterns.test(line)) {
333
+ const context = code
334
+ .split("\n")
335
+ .slice(Math.max(0, i - 3), i + 3)
336
+ .join("\n");
337
+ return /token|secret|password|key|nonce|salt|session|csrf|otp|verification/i.test(context);
338
+ }
339
+ return false;
340
+ });
341
+ if (nearSecurity) {
342
+ findings.push({
343
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
344
+ severity: "high",
345
+ title: "Insecure random for security context",
346
+ description: "Math.random() or similar non-cryptographic PRNGs are used in a security-sensitive context (token generation, etc.). These are predictable.",
347
+ lineNumbers: insecureRandLines,
348
+ recommendation: "Use crypto.randomBytes() (Node.js), secrets.token_hex() (Python), SecureRandom (Java/Ruby), or crypto.getRandomValues() (browser).",
349
+ reference: "CWE-330: Use of Insufficiently Random Values",
350
+ suggestedFix: "Use crypto.randomBytes(32).toString('hex') (Node.js) or crypto.getRandomValues() (browser) for security-sensitive random values.",
351
+ confidence: 0.85,
352
+ });
353
+ }
354
+ }
355
+ // Path traversal risk
356
+ const pathTraversalPatterns = /(?:readFile|writeFile|readdir|open|fopen|file_get_contents|include|require)\s*\(.*(?:req\.|request\.|params\.|query\.|body\.|input\.|args)/gi;
357
+ const pathTravLines = getLineNumbers(code, pathTraversalPatterns).filter((ln) => {
358
+ // Kotlin require() is a precondition assertion, not a file include
359
+ const line = code.split("\n")[ln - 1] || "";
360
+ return (!/\brequire\s*\(.*\{/.test(line) && !/\brequire\s*\(.*\.is/.test(line) && !/\brequire\s*\(.*\.all\b/.test(line));
361
+ });
362
+ if (pathTravLines.length > 0) {
363
+ findings.push({
364
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
365
+ severity: "critical",
366
+ title: "Potential path traversal via user input",
367
+ description: "File operations use user-controlled input without apparent sanitization, allowing attackers to read/write arbitrary files using ../ sequences.",
368
+ lineNumbers: pathTravLines,
369
+ recommendation: "Validate and sanitize file paths. Use path.resolve() + startsWith() checks, or a whitelist of allowed paths. Never pass user input directly to file operations.",
370
+ reference: "OWASP Path Traversal — CWE-22",
371
+ suggestedFix: "Sanitize file paths: const safePath = path.resolve(baseDir, userInput); if (!safePath.startsWith(baseDir)) throw new Error('Invalid path');",
372
+ confidence: 0.85,
373
+ });
374
+ }
375
+ // Missing encryption at rest
376
+ const dbWritePatterns = /\.(?:save|create|insert|insertMany|insertOne|put|store)\s*\(/gi;
377
+ const dbWriteLines = getLineNumbers(code, dbWritePatterns);
378
+ const hasEncryption = testCode(code, /encrypt|cipher|aes|AES|crypto\.createCipher|DataProtect|ProtectedData/gi);
379
+ if (dbWriteLines.length > 5 && !hasEncryption) {
380
+ const hasSensitiveData = testCode(code, /(?:ssn|social_security|credit.?card|password|health|medical|financial|bank)/gi);
381
+ if (hasSensitiveData) {
382
+ findings.push({
383
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
384
+ severity: "high",
385
+ title: "Sensitive data stored without encryption",
386
+ description: "Code stores sensitive data (medical, financial, SSN) without visible encryption-at-rest. If the database is compromised, data is exposed in plaintext.",
387
+ lineNumbers: dbWriteLines.slice(0, 5),
388
+ recommendation: "Use field-level encryption for sensitive data, database-level TDE (Transparent Data Encryption), or application-level encryption before storage.",
389
+ reference: "OWASP Cryptographic Storage — CWE-311",
390
+ suggestedFix: "Encrypt sensitive fields before storage: const encrypted = crypto.createCipheriv('aes-256-gcm', key, iv).update(data); or enable database-level TDE.",
391
+ confidence: 0.7,
392
+ });
393
+ }
394
+ }
395
+ // Secrets or tokens embedded in URL strings
396
+ const secretInUrlPattern = /["'`]https?:\/\/[^"'`\s]*[?&](?:api[_-]?key|token|secret|password|auth|access[_-]?token|client[_-]?secret|api[_-]?secret)=[^&"'`\s]+/gi;
397
+ const secretInUrlLines = getLineNumbers(code, secretInUrlPattern);
398
+ if (secretInUrlLines.length > 0) {
399
+ findings.push({
400
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
401
+ severity: "critical",
402
+ title: "Secret or token embedded in URL string",
403
+ description: "API keys, tokens, or passwords are included as query parameters in URL strings. These appear in server logs, browser history, referer headers, and proxy logs.",
404
+ lineNumbers: secretInUrlLines,
405
+ recommendation: "Pass secrets via Authorization headers, request body, or environment variables — never as URL query parameters. Use SDK client libraries that handle auth properly.",
406
+ reference: "CWE-598: Use of GET Request Method With Sensitive Query Strings",
407
+ suggestedFix: "Move secrets from URL query params to the Authorization header: headers: { Authorization: `Bearer ${token}` }.",
408
+ confidence: 0.9,
409
+ });
410
+ }
411
+ // Credentials in connection strings
412
+ const credInConnPattern = /["'`](?:mongodb|postgres|postgresql|mysql|redis|amqp|mssql|sqlserver):\/\/[^:]+:[^@"'`]+@/gi;
413
+ const credInConnLines = getLineNumbers(code, credInConnPattern);
414
+ if (credInConnLines.length > 0) {
415
+ // Filter out obvious placeholders
416
+ const realCredLines = credInConnLines.filter((lineNum) => {
417
+ const line = code.split("\n")[lineNum - 1] || "";
418
+ return !/(?:password|user|username|changeme|placeholder|example|your_)/i.test(line);
419
+ });
420
+ if (realCredLines.length > 0) {
421
+ findings.push({
422
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
423
+ severity: "critical",
424
+ title: "Credentials embedded in database connection string",
425
+ description: "Database connection strings contain inline credentials. These are committed to version control and visible to anyone with repository access.",
426
+ lineNumbers: realCredLines,
427
+ recommendation: "Use environment variables for connection strings. Use cloud-managed identity (Azure Managed Identity, AWS IAM) for passwordless authentication where possible.",
428
+ reference: "CWE-798: Use of Hard-coded Credentials",
429
+ suggestedFix: "Use environment variables for connection strings: const url = process.env.DATABASE_URL; or use managed identity for passwordless auth.",
430
+ confidence: 0.9,
431
+ });
432
+ }
433
+ }
434
+ // Sensitive data leaked in error messages
435
+ const sensitiveInErrorPattern = /(?:throw\s+new\s+\w*Error|raise\s+\w*Error|new\s+\w*Exception)\s*\([^)]*(?:password|token|secret|ssn|credit.?card|api.?key|connection.?string|private.?key)/gi;
436
+ const sensitiveInErrorLines = getLineNumbers(code, sensitiveInErrorPattern);
437
+ if (sensitiveInErrorLines.length > 0) {
438
+ findings.push({
439
+ ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
440
+ severity: "high",
441
+ title: "Sensitive data referenced in error messages",
442
+ description: "Error messages include references to passwords, tokens, API keys, or other sensitive data. These can leak to logs, error monitoring services, and client responses.",
443
+ lineNumbers: sensitiveInErrorLines,
444
+ recommendation: "Use generic error messages for security failures: 'Authentication failed' instead of 'Invalid password for user@email.com'. Log sensitive context server-side only at debug level.",
445
+ reference: "CWE-209: Information Exposure Through Error Messages",
446
+ suggestedFix: "Use generic error messages: throw new AppError('Authentication failed') instead of including sensitive field names or values.",
447
+ confidence: 0.85,
448
+ });
449
+ }
450
+ // Logging raw request/response bodies
451
+ const logRawBodyPattern = /(?:console\.\w+|logger?\.\w+|log\.\w+|logging\.\w+)\s*\(.*(?:req\.body|request\.body|request\.data|request\.json|response\.data|res\.body)/gi;
452
+ const logRawBodyLines = getLineNumbers(code, logRawBodyPattern);
453
+ if (logRawBodyLines.length > 0) {
454
+ findings.push({
455
+ ruleId: `${prefix}-${String(ruleNum).padStart(3, "0")}`,
456
+ severity: "high",
457
+ title: "Logging raw request/response bodies",
458
+ description: `Found ${logRawBodyLines.length} location(s) logging entire HTTP request or response bodies. These may contain passwords, tokens, PII, credit card numbers, or health data that will be exposed in log aggregators.`,
459
+ lineNumbers: logRawBodyLines,
460
+ recommendation: "Log only specific, non-sensitive fields. Use structured logging with field-level redaction. Never log full request bodies — redact password, token, ssn, and creditCard fields.",
461
+ reference: "CWE-532: Information Exposure Through Log Files",
462
+ suggestedFix: "Log only metadata: logger.info({ method: req.method, url: req.url, status: res.statusCode }); instead of full request/response bodies.",
463
+ confidence: 0.85,
464
+ });
465
+ }
466
+ return findings;
467
+ }
package/dist/evaluators/data-sovereignty.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import type { Finding } from "../types.js";
2
+ export declare function analyzeDataSovereignty(code: string, _language: string): Finding[];