@kevinrabun/judges 3.4.0 → 3.5.0

package/README.md

@@ -11,7 +11,7 @@ An MCP (Model Context Protocol) server that provides a panel of **35 specialized
 [![npm](https://img.shields.io/npm/v/@kevinrabun/judges)](https://www.npmjs.com/package/@kevinrabun/judges)
 [![npm downloads](https://img.shields.io/npm/dw/@kevinrabun/judges)](https://www.npmjs.com/package/@kevinrabun/judges)
 [![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
-[![Tests](https://img.shields.io/badge/tests-730-brightgreen)](https://github.com/KevinRabun/judges/actions)
+[![Tests](https://img.shields.io/badge/tests-777-brightgreen)](https://github.com/KevinRabun/judges/actions)
 
 ---
 
@@ -63,6 +63,15 @@ judges eval --fail-on-findings src/api.ts
 # Suppress known findings via baseline
 judges eval --baseline baseline.json src/api.ts
 
+# Use a named preset
+judges eval --preset security-only src/api.ts
+
+# Use a config file
+judges eval --config .judgesrc.json src/api.ts
+
+# Set a minimum score threshold (exit 1 if below)
+judges eval --min-score 80 src/api.ts
+
 # One-line summary for scripts
 judges eval --summary src/api.ts
 
@@ -88,6 +97,32 @@ judges watch src/
 # Project-level report (local directory)
 judges report . --format html --output report.html
 
+# Evaluate a unified diff (pipe from git diff)
+git diff HEAD~1 | judges diff
+
+# Analyze dependencies for supply-chain risks
+judges deps --path . --format json
+
+# Create a baseline file to suppress known findings
+judges baseline create --file src/api.ts -o baseline.json
+
+# Generate CI template files
+judges ci-templates --provider github
+judges ci-templates --provider gitlab
+judges ci-templates --provider azure
+judges ci-templates --provider bitbucket
+
+# Generate per-judge rule documentation
+judges docs
+judges docs --judge cybersecurity
+judges docs --output docs/
+
+# Install shell completions
+judges completions bash   # eval "$(judges completions bash)"
+judges completions zsh
+judges completions fish
+judges completions powershell
+
 # Install pre-commit hook
 judges hook install
 
@@ -371,11 +406,17 @@ Evaluate a file with all 35 judges or a single judge.
 | `--file <path>` / positional | File to evaluate |
 | `--judge <id>` / `-j <id>` | Single judge mode |
 | `--language <lang>` / `-l <lang>` | Language hint (auto-detected from extension) |
-| `--format <fmt>` / `-f <fmt>` | Output format: `text`, `json`, `sarif`, `markdown`, `html` |
+| `--format <fmt>` / `-f <fmt>` | Output format: `text`, `json`, `sarif`, `markdown`, `html`, `junit`, `codeclimate` |
 | `--output <path>` / `-o <path>` | Write output to file |
 | `--fail-on-findings` | Exit with code 1 if verdict is FAIL |
 | `--baseline <path>` / `-b <path>` | JSON baseline file — suppress known findings |
 | `--summary` | Print a single summary line (ideal for scripts) |
+| `--config <path>` | Load a `.judgesrc` / `.judgesrc.json` config file |
+| `--preset <name>` | Use a named preset: `strict`, `lenient`, `security-only`, `startup`, `compliance`, `performance` |
+| `--min-score <n>` | Exit with code 1 if overall score is below this threshold |
+| `--verbose` | Print timing and debug information |
+| `--quiet` | Suppress non-essential output |
+| `--no-color` | Disable ANSI colors |
 
 ### `judges init`
 
@@ -428,6 +469,131 @@ judges hook uninstall  # remove pre-commit hook
 
 Detects Husky (`.husky/pre-commit`) and falls back to `.git/hooks/pre-commit`. Uses marker-based injection so it won't clobber existing hooks.
 
+### `judges diff`
+
+Evaluate only the changed lines from a unified diff (e.g., `git diff` output).
+
+| Flag | Description |
+|------|-------------|
+| `--file <path>` | Read diff from file instead of stdin |
+| `--format <fmt>` | Output format: `text`, `json`, `sarif`, `junit`, `codeclimate` |
+| `--output <path>` | Write output to file |
+
+```bash
+git diff HEAD~1 | judges diff
+judges diff --file changes.patch --format sarif
+```
+
+### `judges deps`
+
+Analyze project dependencies for supply-chain risks.
+
+| Flag | Description |
+|------|-------------|
+| `--path <dir>` | Project root to scan (default: `.`) |
+| `--format <fmt>` | Output format: `text`, `json` |
+
+```bash
+judges deps --path .
+judges deps --path ./backend --format json
+```
+
+### `judges baseline`
+
+Create a baseline file to suppress known findings in future evaluations.
+
+```bash
+judges baseline create --file src/api.ts
+judges baseline create --file src/api.ts -o .judges-baseline.json
+```
+
+### `judges ci-templates`
+
+Generate CI/CD configuration templates for popular providers.
+
+```bash
+judges ci-templates --provider github   # .github/workflows/judges.yml
+judges ci-templates --provider gitlab   # .gitlab-ci.judges.yml
+judges ci-templates --provider azure    # azure-pipelines.judges.yml
+judges ci-templates --provider bitbucket # bitbucket-pipelines.yml (snippet)
+```
+
+### `judges docs`
+
+Generate per-judge rule documentation in Markdown.
+
+| Flag | Description |
+|------|-------------|
+| `--judge <id>` | Generate docs for a single judge |
+| `--output <dir>` | Write individual `.md` files per judge |
+
+```bash
+judges docs                          # all judges to stdout
+judges docs --judge cybersecurity    # single judge
+judges docs --output docs/judges/    # write files to directory
+```
+
+### `judges completions`
+
+Generate shell completion scripts.
+
+```bash
+eval "$(judges completions bash)"        # Bash
+eval "$(judges completions zsh)"         # Zsh
+judges completions fish | source         # Fish
+judges completions powershell            # PowerShell (Register-ArgumentCompleter)
+```
+
+### Named Presets
+
+Use `--preset` to apply pre-configured evaluation settings:
+
+| Preset | Description |
+|--------|-------------|
+| `strict` | All severities, all judges — maximum thoroughness |
+| `lenient` | Only high and critical findings — fast and focused |
+| `security-only` | Security judges only — cybersecurity, data-security, authentication, logging-privacy |
+| `startup` | Skip compliance, sovereignty, i18n judges — move fast |
+| `compliance` | Only compliance, data-sovereignty, authentication — regulatory focus |
+| `performance` | Only performance, scalability, caching, cost-effectiveness |
+
+```bash
+judges eval --preset security-only src/api.ts
+judges eval --preset strict --format sarif src/app.ts > results.sarif
+```
+
+### CI Output Formats
+
+#### JUnit XML
+
+Generate JUnit XML for Jenkins, Azure DevOps, GitHub Actions, or GitLab test result viewers:
+
+```bash
+judges eval --format junit src/api.ts > results.xml
+```
+
+Each judge maps to a `<testsuite>`, each finding becomes a `<testcase>` with `<failure>` for critical/high severity.
+
+#### CodeClimate / GitLab Code Quality
+
+Generate CodeClimate JSON for GitLab Code Quality or similar tools:
+
+```bash
+judges eval --format codeclimate src/api.ts > codequality.json
+```
+
+#### Score Badges
+
+Generate SVG or text badges for your README:
+
+```typescript
+import { generateBadgeSvg, generateBadgeText } from "@kevinrabun/judges/badge";
+
+const svg = generateBadgeSvg(85);          // shields.io-style SVG
+const text = generateBadgeText(85);        // "✓ judges 85/100"
+const svg2 = generateBadgeSvg(75, "quality"); // custom label
+```
+
 ---
 
 ## The Judge Panel
@@ -926,14 +1092,23 @@ judges/
 │   │   └── *.ts              # One analyzer per judge (35 files)
 │   ├── formatters/           # Output formatters
 │   │   ├── sarif.ts              # SARIF 2.1.0 output
-│   │   └── html.ts               # Self-contained HTML report (dark/light theme, filters)
+│   │   ├── html.ts               # Self-contained HTML report (dark/light theme, filters)
+│   │   ├── junit.ts              # JUnit XML output (Jenkins, Azure DevOps, GitHub Actions)
+│   │   ├── codeclimate.ts        # CodeClimate/GitLab Code Quality JSON
+│   │   └── badge.ts              # SVG and text badge generator
 │   ├── commands/             # CLI subcommands
 │   │   ├── init.ts               # Interactive project setup wizard
 │   │   ├── fix.ts                # Auto-fix patch preview and application
 │   │   ├── watch.ts              # Watch mode — re-evaluate on save
 │   │   ├── report.ts             # Project-level local report
 │   │   ├── hook.ts               # Pre-commit hook install/uninstall
-│   │   └── ci-templates.ts       # GitLab, Azure, Bitbucket CI templates
+│   │   ├── ci-templates.ts       # GitLab, Azure, Bitbucket CI templates
+│   │   ├── diff.ts               # Evaluate unified diff (git diff)
+│   │   ├── deps.ts               # Dependency supply-chain analysis
+│   │   ├── baseline.ts           # Create baseline for finding suppression
+│   │   ├── completions.ts        # Shell completions (bash/zsh/fish/PowerShell)
+│   │   └── docs.ts               # Per-judge rule documentation generator
+│   ├── presets.ts            # Named evaluation presets (strict, lenient, security-only, …)
 │   ├── reports/
 │   │   └── public-repo-report.ts   # Public repo clone + full tribunal report generation
 │   └── judges/               # Judge definitions (id, name, domain, system prompt)
@@ -955,6 +1130,7 @@ judges/
 │   ├── tree-sitter-rust.wasm
 │   ├── tree-sitter-java.wasm
 │   └── tree-sitter-c_sharp.wasm
+├── judgesrc.schema.json      # JSON Schema for .judgesrc config files
 ├── server.json               # MCP Registry manifest
 ├── package.json
 ├── tsconfig.json
@@ -981,6 +1157,12 @@ judges/
 | `judges watch <dir>` | Watch mode — re-evaluate on file save |
 | `judges report <dir>` | Full tribunal report on a local directory |
 | `judges hook install` | Install a Git pre-commit hook |
+| `judges diff` | Evaluate changed lines from unified diff |
+| `judges deps` | Analyze dependencies for supply-chain risks |
+| `judges baseline create` | Create baseline for finding suppression |
+| `judges ci-templates` | Generate CI pipeline templates |
+| `judges docs` | Generate per-judge rule documentation |
+| `judges completions <shell>` | Shell completion scripts |
 
 ---
 
@@ -1051,6 +1233,9 @@ const sarif = findingsToSarif(verdict.evaluations.flatMap(e => e.findings));
 | `@kevinrabun/judges/api` | Programmatic API (default) |
 | `@kevinrabun/judges/server` | MCP server entry point |
 | `@kevinrabun/judges/sarif` | SARIF 2.1.0 formatter |
+| `@kevinrabun/judges/junit` | JUnit XML formatter |
+| `@kevinrabun/judges/codeclimate` | CodeClimate/GitLab Code Quality JSON |
+| `@kevinrabun/judges/badge` | SVG and text badge generator |
 
 ### SARIF Output
 

package/dist/cli.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AAEA;;;;;;;;;;;;;;;;;;;GAmBG;AAyVH,wBAAsB,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CA2I1D"}
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AAEA;;;;;;;;;;;;;;;;;;;GAmBG;AAibH,wBAAsB,MAAM,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAoN1D"}

package/dist/cli.js

@@ -24,6 +24,19 @@ import { resolve, extname } from "path";
 import { evaluateWithTribunal, evaluateWithJudge, formatVerdictAsMarkdown, formatEvaluationAsMarkdown, } from "./evaluators/index.js";
 import { getJudge, getJudgeSummaries } from "./judges/index.js";
 import { verdictToSarif } from "./formatters/sarif.js";
+import { verdictToHtml } from "./formatters/html.js";
+import { verdictToJUnit } from "./formatters/junit.js";
+import { verdictToCodeClimate } from "./formatters/codeclimate.js";
+import { runReport } from "./commands/report.js";
+import { runHook } from "./commands/hook.js";
+import { runDiff } from "./commands/diff.js";
+import { runDeps } from "./commands/deps.js";
+import { runBaseline } from "./commands/baseline.js";
+import { runCompletions } from "./commands/completions.js";
+import { runDocs } from "./commands/docs.js";
+import { generateGitLabCi, generateAzurePipelines, generateBitbucketPipelines } from "./commands/ci-templates.js";
+import { getPreset, listPresets } from "./presets.js";
+import { parseConfig } from "./config.js";
 // ─── Language Detection from Extension ──────────────────────────────────────
 const EXT_TO_LANG = {
     ".ts": "typescript",
@@ -75,6 +88,12 @@ function parseCliArgs(argv) {
         failOnFindings: false,
         baseline: undefined,
         summary: false,
+        config: undefined,
+        preset: undefined,
+        minScore: undefined,
+        noColor: false,
+        verbose: false,
+        quiet: false,
     };
     // First non-flag arg is the command
     let i = 2; // skip node + script
@@ -115,6 +134,26 @@ function parseCliArgs(argv) {
             case "--summary":
                 args.summary = true;
                 break;
+            case "--config":
+            case "-c":
+                args.config = argv[++i];
+                break;
+            case "--preset":
+            case "-p":
+                args.preset = argv[++i];
+                break;
+            case "--min-score":
+                args.minScore = parseInt(argv[++i], 10);
+                break;
+            case "--no-color":
+                args.noColor = true;
+                break;
+            case "--verbose":
+                args.verbose = true;
+                break;
+            case "--quiet":
+                args.quiet = true;
+                break;
             default:
                 // If it looks like a file path (not a flag), treat as --file
                 if (!arg.startsWith("-") && !args.file) {
@@ -138,17 +177,29 @@ USAGE:
   judges watch <path>                 Watch files and re-evaluate on save
   judges report <dir>                 Generate project-level report
   judges hook install                 Install pre-commit git hook
+  judges diff                         Evaluate only changed lines from a diff
+  judges deps [dir]                   Analyze dependencies for supply-chain risks
+  judges baseline create <file>       Create a findings baseline
+  judges ci-templates <provider>      Generate CI pipeline template
+  judges completions <shell>          Generate shell completions
+  judges docs                         Generate rule documentation
   judges list                         List all available judges
   judges --help                       Show this help
 
 EVAL OPTIONS:
   --file, -f <path>          File to evaluate (or pass as positional arg)
   --language, -l <lang>      Language override (auto-detected from extension)
-  --format, -o <fmt>         Output: text (default), json, sarif, markdown, html
+  --format, -o <fmt>         Output: text, json, sarif, markdown, html, junit, codeclimate
   --judge, -j <id>           Run a single judge instead of the full tribunal
   --fail-on-findings         Exit with code 1 when verdict is fail
   --baseline, -b <path>      Suppress findings already in baseline file
   --summary                  Show one-line summary instead of full output
+  --config, -c <path>        Path to .judgesrc config file
+  --preset, -p <name>        Use a named preset (strict, lenient, security-only, startup, compliance, performance)
+  --min-score <n>            Fail if score drops below threshold (0-100)
+  --no-color                 Disable colored output
+  --verbose                  Show detailed evaluation information
+  --quiet                    Suppress non-essential output
   --help, -h                 Show this help
 
 FIX OPTIONS:
@@ -159,20 +210,50 @@ WATCH OPTIONS:
   --judge, -j <id>           Only evaluate with a specific judge
   --fail-on-findings         Exit on first failure
 
+DIFF OPTIONS:
+  --file, -f <path>          Read diff from file (or pipe via stdin)
+  --language, -l <lang>      Language override for all files in diff
+
+DEPS OPTIONS:
+  --file, -f <path>          Specific manifest to analyze
+  --format, -o <fmt>         Output: text, json
+
+CI-TEMPLATES:
+  judges ci-templates github  GitHub Actions workflow
+  judges ci-templates gitlab  GitLab CI pipeline
+  judges ci-templates azure   Azure Pipelines
+  judges ci-templates bitbucket  Bitbucket Pipelines
+
+COMPLETIONS:
+  judges completions bash        Bash completions
+  judges completions zsh         Zsh completions
+  judges completions fish        Fish completions
+  judges completions powershell  PowerShell completions
+
 STDIN:
   cat file.ts | judges eval --language typescript
+  git diff | judges diff --language typescript
 
 EXAMPLES:
   judges eval src/app.ts
   judges eval --file api.py --format sarif
   judges eval --judge cybersecurity server.ts
-  judges eval --format html --fail-on-findings src/
+  judges eval --format junit --fail-on-findings src/
   judges eval --baseline .judges-baseline.json src/app.ts
+  judges eval --preset security-only src/app.ts
+  judges eval --config .judgesrc src/app.ts
+  judges eval --min-score 80 src/app.ts
   judges init
   judges fix src/app.ts --apply
   judges watch src/
   judges report .
   judges hook install
+  judges diff --file changes.patch
+  judges deps .
+  judges baseline create --file src/app.ts
+  judges ci-templates github
+  judges docs --output docs/rules/
+  judges completions bash >> ~/.bashrc
   judges list
 
 SUPPORTED LANGUAGES:
@@ -340,16 +421,44 @@ export async function runCli(argv) {
     }
     // ─── Report Command ───────────────────────────────────────────────────
     if (args.command === "report") {
-        const { runReport } = await import("./commands/report.js");
         runReport(argv);
         return;
     }
     // ─── Hook Command ────────────────────────────────────────────────────
     if (args.command === "hook") {
-        const { runHook } = await import("./commands/hook.js");
         runHook(argv);
         return;
     }
+    // ─── Diff Command ────────────────────────────────────────────────────
+    if (args.command === "diff") {
+        runDiff(argv);
+        return;
+    }
+    // ─── Deps Command ────────────────────────────────────────────────────
+    if (args.command === "deps") {
+        runDeps(argv);
+        return;
+    }
+    // ─── Baseline Command ────────────────────────────────────────────────
+    if (args.command === "baseline") {
+        runBaseline(argv);
+        return;
+    }
+    // ─── CI Templates Command ────────────────────────────────────────────
+    if (args.command === "ci-templates") {
+        runCiTemplates(argv);
+        return;
+    }
+    // ─── Completions Command ─────────────────────────────────────────────
+    if (args.command === "completions") {
+        runCompletions(argv);
+        return;
+    }
+    // ─── Docs Command ────────────────────────────────────────────────────
+    if (args.command === "docs") {
+        runDocs(argv);
+        return;
+    }
     // ─── List Command ────────────────────────────────────────────────────
     if (args.command === "list") {
         listJudges();
@@ -357,13 +466,18 @@ export async function runCli(argv) {
     }
     // ─── Eval Command ────────────────────────────────────────────────────
     if (args.command === "eval" || args.file) {
+        const startTime = Date.now();
         const { code, resolvedPath } = readCode(args.file);
         const language = args.language || detectLanguage(args.file || resolvedPath) || "typescript";
-        // Load baseline if specified
+        // Load config from file or preset
+        const evalConfig = loadEvalConfig(args);
+        // Load baseline if specified (from CLI flag — config doesn't carry baseline)
         let baselineFindings;
         if (args.baseline) {
             baselineFindings = loadBaseline(args.baseline);
         }
+        // Build evaluation options from config
+        const evalOptions = evalConfig ? { config: evalConfig } : undefined;
         if (args.judge) {
             // Single judge mode
             const judge = getJudge(args.judge);
@@ -377,6 +491,11 @@ export async function runCli(argv) {
             if (baselineFindings) {
                 evaluation.findings = evaluation.findings.filter((f) => !baselineFindings.has(baselineKey(f)));
             }
+            // Apply min-severity filter from config
+            if (evalConfig?.minSeverity) {
+                evaluation.findings = filterBySeverity(evaluation.findings, evalConfig.minSeverity);
+            }
+            const elapsed = Date.now() - startTime;
             if (args.summary) {
                 printSummaryLine(evaluation.verdict, evaluation.score, evaluation.findings.length);
             }
@@ -387,7 +506,6 @@ export async function runCli(argv) {
                 console.log(formatEvaluationAsMarkdown(evaluation));
             }
             else if (args.format === "html") {
-                const { verdictToHtml } = await import("./formatters/html.js");
                 // Wrap single evaluation as a tribunal-like verdict for HTML
                 const wrappedVerdict = {
                     overallVerdict: evaluation.verdict,
@@ -404,14 +522,20 @@ export async function runCli(argv) {
             else {
                 console.log(formatSingleJudgeTextOutput(evaluation));
             }
-            // Exit code
-            if (args.failOnFindings && evaluation.verdict === "fail") {
+            if (args.verbose) {
+                console.log(`  ⏱  Evaluated in ${elapsed}ms`);
+            }
+            // Exit code — fail-on-findings or min-score
+            if (args.failOnFindings && evaluation.verdict === "fail")
+                process.exit(1);
+            if (args.minScore !== undefined && evaluation.score < args.minScore) {
+                console.error(`Score ${evaluation.score} is below minimum threshold ${args.minScore}`);
                 process.exit(1);
             }
         }
         else {
             // Full tribunal mode
-            const verdict = evaluateWithTribunal(code, language);
+            const verdict = evaluateWithTribunal(code, language, undefined, evalOptions);
             // Apply baseline suppression
             if (baselineFindings) {
                 for (const evaluation of verdict.evaluations) {
@@ -419,19 +543,39 @@ export async function runCli(argv) {
                 }
                 verdict.findings = verdict.findings.filter((f) => !baselineFindings.has(baselineKey(f)));
             }
+            // Apply min-severity filter from config
+            if (evalConfig?.minSeverity) {
+                for (const evaluation of verdict.evaluations) {
+                    evaluation.findings = filterBySeverity(evaluation.findings, evalConfig.minSeverity);
+                }
+                verdict.findings = filterBySeverity(verdict.findings, evalConfig.minSeverity);
+            }
+            const elapsed = Date.now() - startTime;
             if (args.summary) {
                 const totalFindings = verdict.evaluations.reduce((s, e) => s + e.findings.length, 0);
                 printSummaryLine(verdict.overallVerdict, verdict.overallScore, totalFindings);
             }
             else if (args.format === "html") {
-                const { verdictToHtml } = await import("./formatters/html.js");
                 console.log(verdictToHtml(verdict, resolvedPath || args.file));
             }
+            else if (args.format === "junit") {
+                console.log(verdictToJUnit(verdict, resolvedPath || args.file));
+            }
+            else if (args.format === "codeclimate") {
+                console.log(JSON.stringify(verdictToCodeClimate(verdict, resolvedPath || args.file), null, 2));
+            }
             else {
                 console.log(formatTribunalOutput(verdict, args.format, resolvedPath || args.file));
             }
-            // Exit code
-            if (args.failOnFindings && verdict.overallVerdict === "fail") {
+            if (args.verbose) {
+                console.log(`  ⏱  Evaluated in ${elapsed}ms`);
+                console.log(`  📊 ${verdict.evaluations.length} judges, ${verdict.findings.length} total findings`);
+            }
+            // Exit code — fail-on-findings or min-score
+            if (args.failOnFindings && verdict.overallVerdict === "fail")
+                process.exit(1);
+            if (args.minScore !== undefined && verdict.overallScore < args.minScore) {
+                console.error(`Score ${verdict.overallScore} is below minimum threshold ${args.minScore}`);
                 process.exit(1);
             }
         }
@@ -472,4 +616,128 @@ function printSummaryLine(verdict, score, findings) {
     const icon = verdict === "pass" ? "✅" : verdict === "warning" ? "⚠️" : "❌";
     console.log(`${icon} ${verdict.toUpperCase()} ${score}/100 (${findings} findings)`);
 }
+// ─── Config / Preset Loader ────────────────────────────────────────────────
+function loadEvalConfig(args) {
+    let config;
+    // 1. Load from preset
+    if (args.preset) {
+        const preset = getPreset(args.preset);
+        if (!preset) {
+            console.error(`Unknown preset: ${args.preset}`);
+            console.error(`Available: ${listPresets()
+                .map((p) => p.name)
+                .join(", ")}`);
+            process.exit(1);
+        }
+        config = { ...preset.config };
+    }
+    // 2. Load from --config file (overrides preset)
+    if (args.config) {
+        const configPath = resolve(args.config);
+        if (!existsSync(configPath)) {
+            console.error(`Config file not found: ${configPath}`);
+            process.exit(1);
+        }
+        const fileConfig = parseConfig(readFileSync(configPath, "utf-8"));
+        config = config ? { ...config, ...fileConfig } : fileConfig;
+    }
+    // 3. Auto-discover .judgesrc or .judgesrc.json if no explicit config
+    if (!config && !args.config) {
+        for (const name of [".judgesrc", ".judgesrc.json"]) {
+            const p = resolve(name);
+            if (existsSync(p)) {
+                try {
+                    config = parseConfig(readFileSync(p, "utf-8"));
+                }
+                catch {
+                    // Silently skip invalid auto-discovered configs
+                }
+                break;
+            }
+        }
+    }
+    return config;
+}
+// ─── Severity Filter ────────────────────────────────────────────────────────
+const SEVERITY_ORDER = ["critical", "high", "medium", "low", "info"];
+function filterBySeverity(findings, minSeverity) {
+    const minIndex = SEVERITY_ORDER.indexOf(minSeverity);
+    if (minIndex < 0)
+        return findings;
+    return findings.filter((f) => {
+        const idx = SEVERITY_ORDER.indexOf(f.severity);
+        return idx >= 0 && idx <= minIndex;
+    });
+}
+// ─── CI Templates CLI ──────────────────────────────────────────────────────
+function runCiTemplates(argv) {
+    const provider = argv[3];
+    if (!provider || provider === "--help" || provider === "-h") {
+        console.log(`
+Judges Panel — CI Template Generator
+
+USAGE:
+  judges ci-templates github      GitHub Actions workflow
+  judges ci-templates gitlab      GitLab CI pipeline
+  judges ci-templates azure       Azure Pipelines
+  judges ci-templates bitbucket   Bitbucket Pipelines
+`);
+        process.exit(0);
+    }
+    switch (provider) {
+        case "github":
+            console.log(generateGitHubActions());
+            break;
+        case "gitlab":
+            console.log(generateGitLabCi());
+            break;
+        case "azure":
+            console.log(generateAzurePipelines());
+            break;
+        case "bitbucket":
+            console.log(generateBitbucketPipelines());
+            break;
+        default:
+            console.error(`Unknown provider: ${provider}`);
+            console.error("Supported: github, gitlab, azure, bitbucket");
+            process.exit(1);
+    }
+    process.exit(0);
+}
+function generateGitHubActions() {
+    return `# .github/workflows/judges.yml
+name: Judges Panel Code Review
+
+on:
+  pull_request:
+    branches: [main]
+  push:
+    branches: [main]
+
+jobs:
+  judges:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: actions/setup-node@v4
+        with:
+          node-version: '22'
+
+      - name: Install Judges
+        run: npm install -g @kevinrabun/judges
+
+      - name: Run Judges Evaluation
+        run: |
+          for file in $(git diff --name-only HEAD~1 -- '*.ts' '*.js' '*.py' '*.go' '*.rs' '*.java' '*.cs'); do
+            judges eval --file "$file" --format sarif --fail-on-findings >> results.sarif || true
+          done
+
+      - name: Upload SARIF
+        if: always()
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: results.sarif
+`;
+}
 //# sourceMappingURL=cli.js.map