@kevinrabun/judges 3.40.0 → 3.42.0

package/dist/commands/coverage-map.js

@@ -0,0 +1,223 @@
+/**
+ * Rule coverage map — show which rules apply to which languages,
+ * helping teams understand their coverage and identify gaps.
+ */
+// ─── Rules-to-Language Mapping ──────────────────────────────────────────────
+/**
+ * Universal rules applicable to all programming languages.
+ */
+const UNIVERSAL_RULES = [
+    { pattern: "SEC-", judge: "cybersecurity", severity: "high" },
+    { pattern: "ERR-", judge: "error-handling", severity: "medium" },
+    { pattern: "MAINT-", judge: "maintainability", severity: "low" },
+    { pattern: "DOC-", judge: "documentation", severity: "low" },
+    { pattern: "STRUCT-", judge: "code-structure", severity: "medium" },
+    { pattern: "TEST-", judge: "testing", severity: "medium" },
+    { pattern: "LOG-", judge: "logging-privacy", severity: "medium" },
+    { pattern: "AI-", judge: "ai-code-safety", severity: "high" },
+];
+/**
+ * Language-specific rules with limited applicability.
+ */
+const LANGUAGE_RULES = [
+    {
+        pattern: "INJECT-SQL",
+        judge: "cybersecurity",
+        severity: "critical",
+        languages: ["typescript", "javascript", "python", "java", "csharp", "php", "ruby", "go"],
+    },
+    {
+        pattern: "INJECT-CMD",
+        judge: "cybersecurity",
+        severity: "critical",
+        languages: ["typescript", "javascript", "python", "java", "csharp", "php", "ruby", "go", "rust"],
+    },
+    {
+        pattern: "XSS-",
+        judge: "cybersecurity",
+        severity: "high",
+        languages: ["typescript", "javascript", "python", "java", "csharp", "php", "ruby"],
+    },
+    {
+        pattern: "SSRF-",
+        judge: "cybersecurity",
+        severity: "high",
+        languages: ["typescript", "javascript", "python", "java", "csharp", "go", "ruby"],
+    },
+    {
+        pattern: "CRYPTO-",
+        judge: "cybersecurity",
+        severity: "high",
+        languages: ["typescript", "javascript", "python", "java", "csharp", "go", "rust", "c", "cpp"],
+    },
+    {
+        pattern: "AUTH-",
+        judge: "authentication",
+        severity: "high",
+        languages: ["typescript", "javascript", "python", "java", "csharp", "go", "ruby", "php"],
+    },
+    {
+        pattern: "PERF-",
+        judge: "performance",
+        severity: "medium",
+        languages: ["typescript", "javascript", "python", "java", "csharp", "go", "rust", "c", "cpp"],
+    },
+    {
+        pattern: "DB-",
+        judge: "database",
+        severity: "medium",
+        languages: ["typescript", "javascript", "python", "java", "csharp", "go", "ruby", "sql"],
+    },
+    { pattern: "IAC-", judge: "iac-security", severity: "high", languages: ["terraform", "bicep", "yaml", "dockerfile"] },
+    { pattern: "CICD-", judge: "ci-cd", severity: "high", languages: ["yaml", "dockerfile", "bash", "powershell"] },
+    {
+        pattern: "CONCUR-",
+        judge: "concurrency",
+        severity: "high",
+        languages: ["go", "rust", "java", "csharp", "python", "c", "cpp"],
+    },
+    { pattern: "A11Y-", judge: "accessibility", severity: "medium", languages: ["typescript", "javascript", "html"] },
+    {
+        pattern: "I18N-",
+        judge: "internationalization",
+        severity: "low",
+        languages: ["typescript", "javascript", "python", "java", "csharp"],
+    },
+    { pattern: "FW-REACT", judge: "framework-safety", severity: "high", languages: ["typescript", "javascript"] },
+    { pattern: "FW-EXPRESS", judge: "framework-safety", severity: "high", languages: ["typescript", "javascript"] },
+    { pattern: "FW-DJANGO", judge: "framework-safety", severity: "high", languages: ["python"] },
+    { pattern: "FW-FLASK", judge: "framework-safety", severity: "high", languages: ["python"] },
+    { pattern: "FW-SPRING", judge: "framework-safety", severity: "high", languages: ["java", "kotlin"] },
+    { pattern: "FW-RAILS", judge: "framework-safety", severity: "high", languages: ["ruby"] },
+    { pattern: "FW-NEXT", judge: "framework-safety", severity: "high", languages: ["typescript", "javascript"] },
+    { pattern: "FW-FASTAPI", judge: "framework-safety", severity: "high", languages: ["python"] },
+];
+const ALL_LANGUAGES = [
+    "typescript",
+    "javascript",
+    "python",
+    "java",
+    "csharp",
+    "go",
+    "rust",
+    "ruby",
+    "php",
+    "c",
+    "cpp",
+    "kotlin",
+    "scala",
+    "swift",
+    "dart",
+    "bash",
+    "powershell",
+    "sql",
+    "terraform",
+    "bicep",
+    "yaml",
+    "dockerfile",
+    "html",
+];
+// ─── Coverage Computation ───────────────────────────────────────────────────
+export function buildCoverageMap(languages) {
+    const langs = languages || ALL_LANGUAGES;
+    const rules = [];
+    const matrix = {};
+    // Universal rules
+    for (const r of UNIVERSAL_RULES) {
+        const coverage = {
+            ruleId: r.pattern.replace(/-$/, ""),
+            languages: [...langs],
+            severity: r.severity,
+            judge: r.judge,
+        };
+        rules.push(coverage);
+        matrix[coverage.ruleId] = {};
+        for (const l of langs)
+            matrix[coverage.ruleId][l] = true;
+    }
+    // Language-specific rules
+    for (const r of LANGUAGE_RULES) {
+        const applicableLangs = r.languages.filter((l) => langs.includes(l));
+        const coverage = {
+            ruleId: r.pattern.replace(/-$/, ""),
+            languages: applicableLangs,
+            severity: r.severity,
+            judge: r.judge,
+        };
+        rules.push(coverage);
+        matrix[coverage.ruleId] = {};
+        for (const l of langs)
+            matrix[coverage.ruleId][l] = applicableLangs.includes(l);
+    }
+    // Statistics
+    const byLanguage = {};
+    const byJudge = {};
+    for (const r of rules) {
+        byJudge[r.judge] = (byJudge[r.judge] || 0) + 1;
+        for (const l of r.languages) {
+            byLanguage[l] = (byLanguage[l] || 0) + 1;
+        }
+    }
+    return {
+        languages: langs,
+        rules,
+        matrix,
+        stats: { totalRules: rules.length, byLanguage, byJudge },
+    };
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runCoverageMap(argv) {
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges coverage-map — Show which rules apply to which languages
+
+Usage:
+  judges coverage-map                              Full coverage matrix
+  judges coverage-map --languages typescript,python Focus on specific languages
+  judges coverage-map --judge cybersecurity         Filter by judge
+
+Options:
+  --languages <list>    Comma-separated languages to show
+  --judge <id>          Filter rules by judge
+  --format json         JSON output
+  --help, -h            Show this help
+`);
+        return;
+    }
+    const langsArg = argv.find((_a, i) => argv[i - 1] === "--languages");
+    const judgeFilter = argv.find((_a, i) => argv[i - 1] === "--judge");
+    const format = argv.find((_a, i) => argv[i - 1] === "--format") || "text";
+    const languages = langsArg ? langsArg.split(",").map((s) => s.trim()) : undefined;
+    const map = buildCoverageMap(languages);
+    let rules = map.rules;
+    if (judgeFilter) {
+        rules = rules.filter((r) => r.judge === judgeFilter);
+    }
+    if (format === "json") {
+        console.log(JSON.stringify({ ...map, rules }, null, 2));
+        return;
+    }
+    console.log(`\n  Rule Coverage Map\n`);
+    console.log(`  Total rules: ${rules.length} | Languages: ${map.languages.length}\n`);
+    // Show compact matrix
+    const displayLangs = map.languages.slice(0, 12); // limit width
+    const header = "  " + "Rule".padEnd(20) + displayLangs.map((l) => l.slice(0, 4).padEnd(5)).join("");
+    console.log(header);
+    console.log("  " + "─".repeat(header.length - 2));
+    for (const r of rules) {
+        const row = displayLangs.map((l) => (r.languages.includes(l) ? "  ✓  " : "  ·  ")).join("");
+        console.log(`  ${r.ruleId.padEnd(20)}${row}`);
+    }
+    console.log(`\n  Coverage by language:`);
+    const sorted = Object.entries(map.stats.byLanguage).sort((a, b) => b[1] - a[1]);
+    for (const [lang, count] of sorted) {
+        const pct = ((count / rules.length) * 100).toFixed(0);
+        console.log(`    ${lang.padEnd(15)} ${String(count).padStart(3)} rules (${pct}%)`);
+    }
+    console.log(`\n  Coverage by judge:`);
+    for (const [judge, count] of Object.entries(map.stats.byJudge).sort((a, b) => b[1] - a[1])) {
+        console.log(`    ${judge.padEnd(25)} ${count} rules`);
+    }
+    console.log("");
+}
+//# sourceMappingURL=coverage-map.js.map

package/dist/commands/coverage-map.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"coverage-map.js","sourceRoot":"","sources":["../../src/commands/coverage-map.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAsBH,+EAA+E;AAE/E;;GAEG;AACH,MAAM,eAAe,GAAgE;IACnF,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC7D,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAChE,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,iBAAiB,EAAE,QAAQ,EAAE,KAAK,EAAE;IAChE,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,eAAe,EAAE,QAAQ,EAAE,KAAK,EAAE;IAC5D,EAAE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE;IACnE,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAC1D,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,iBAAiB,EAAE,QAAQ,EAAE,QAAQ,EAAE;IACjE,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,EAAE;CAC9D,CAAC;AAEF;;GAEG;AACH,MAAM,cAAc,GAAqF;IACvG;QACE,OAAO,EAAE,YAAY;QACrB,KAAK,EAAE,eAAe;QACtB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC;KACzF;IACD;QACE,OAAO,EAAE,YAAY;QACrB,KAAK,EAAE,eAAe;QACtB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC;KACjG;IACD;QACE,OAAO,EAAE,MAAM;QACf,KAAK,EAAE,eAAe;QACtB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC;KACnF;IACD;QACE,OAAO,EAAE,OAAO;QAChB,KAAK,EAAE,eAAe;QACtB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,CAAC;KAClF;IACD;QACE,OAAO,EAAE,SAAS;QAClB,KAAK,EAAE,eAAe;QACtB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,KAAK,CAAC;KAC9F;IACD;QACE,OAAO,EAAE,OAAO;QAChB,KAAK,EAAE,gBAAgB;QACvB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC;KACzF;IACD;QACE,OAAO,EAAE,OAAO;QAChB,KAAK,EAAE,aAAa;QACpB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,KAAK,CAAC;KAC9F;IACD;QACE,OAAO,EAAE,KAAK;QACd,KAAK,EAAE,UAAU;QACjB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC;KACzF;IACD,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,WAAW,EAAE,OAAO,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE;IACrH,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE;IAC/G;QACE,OAAO,EAAE,SAAS;QAClB,KAAK,EAAE,aAAa;QACpB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,KAAK,CAAC;KAClE;IACD,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,eAAe,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,MAAM,CAAC,EAAE;IACjH;QACE,OAAO,EAAE,OAAO;QAChB,KAAK,EAAE,sBAAsB;QAC7B,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC;KACpE;IACD,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,CAAC,EAAE;IAC7G,EAAE,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,CAAC,EAAE;IAC/G,EAAE,OAAO,EAAE,WAAW,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,QAAQ,CAAC,EAAE;IAC5F,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,QAAQ,CAAC,EAAE;IAC3F,EAAE,OAAO,EAAE,WAAW,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,QAAQ,CAAC,EAAE;IACpG,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IACzF,EAAE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,CAAC,EAAE;IAC5G,EAAE,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,QAAQ,CAAC,EAAE;CAC9F,CAAC;AAEF,MAAM,aAAa,GAAG;IACpB,YAAY;IACZ,YAAY;IACZ,QAAQ;IACR,MAAM;IACN,QAAQ;IACR,IAAI;IACJ,MAAM;IACN,MAAM;IACN,KAAK;IACL,GAAG;IACH,KAAK;IACL,QAAQ;IACR,OAAO;IACP,OAAO;IACP,MAAM;IACN,MAAM;IACN,YAAY;IACZ,KAAK;IACL,WAAW;IACX,OAAO;IACP,MAAM;IACN,YAAY;IACZ,MAAM;CACP,CAAC;AAEF,+EAA+E;AAE/E,MAAM,UAAU,gBAAgB,CAAC,SAAoB;IACnD,MAAM,KAAK,GAAG,SAAS,IAAI,aAAa,CAAC;IACzC,MAAM,KAAK,GAAmB,EAAE,CAAC;IACjC,MAAM,MAAM,GAA4C,EAAE,CAAC;IAE3D,kBAAkB;IAClB,KAAK,MAAM,CAAC,IAAI,eAAe,EAAE,CAAC;QAChC,MAAM,QAAQ,GAAiB;YAC7B,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;YACnC,SAAS,EAAE,CAAC,GAAG,KAAK,CAAC;YACrB,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,KAAK,EAAE,CAAC,CAAC,KAAK;SACf,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACrB,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;QAC7B,KAAK,MAAM,CAAC,IAAI,KAAK;YAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;IAC3D,CAAC;IAED,0BAA0B;IAC1B,KAAK,MAAM,CAAC,IAAI,cAAc,EAAE,CAAC;QAC/B,MAAM,eAAe,GAAG,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QACrE,MAAM,QAAQ,GAAiB;YAC7B,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;YACnC,SAAS,EAAE,eAAe;YAC1B,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,KAAK,EAAE,CAAC,CAAC,KAAK;SACf,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACrB,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;QAC7B,KAAK,MAAM,CAAC,IAAI,KAAK;YAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAClF,CAAC;IAED,aAAa;IACb,MAAM,UAAU,GAA2B,EAAE,CAAC;IAC9C,MAAM,OAAO,GAA2B,EAAE,CAAC;IAE3C,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QAC/C,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,CAAC;YAC5B,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAED,OAAO;QACL,SAAS,EAAE,KAAK;QAChB,KAAK;QACL,MAAM;QACN,KAAK,EAAE,EAAE,UAAU,EAAE,KAAK,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE;KACzD,CAAC;AACJ,CAAC;AAED,+EAA+E;AAE/E,MAAM,UAAU,cAAc,CAAC,IAAc;IAC3C,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;CAaf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,aAAa,CAAC,CAAC;IACrF,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;IACpF,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,IAAI,MAAM,CAAC;IAE1F,MAAM,SAAS,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAC1F,MAAM,GAAG,GAAG,gBAAgB,CAAC,SAAS,CAAC,CAAC;IAExC,IAAI,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC;IACtB,IAAI,WAAW,EAAE,CAAC;QAChB,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,WAAW,CAAC,CAAC;IACvD,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,GAAG,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACxD,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;IACvC,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,MAAM,iBAAiB,GAAG,CAAC,SAAS,CAAC,MAAM,IAAI,CAAC,CAAC;IAErF,sBAAsB;IACtB,MAAM,YAAY,GAAG,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc;IAC/D,MAAM,MAAM,GAAG,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACpG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACpB,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC;IAElD,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC5F,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC;IAChD,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;IACzC,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAChF,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,EAAE,CAAC;QACnC,MAAM,GAAG,GAAG,CAAC,CAAC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QACtD,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,GAAG,IAAI,CAAC,CAAC;IACrF,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;IACtC,KAAK,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC3F,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AAClB,CAAC"}

package/dist/commands/dedup-report.d.ts

@@ -0,0 +1,13 @@
+/**
+ * `judges dedup-report` — Cross-run finding deduplication report.
+ *
+ * Shows which findings are new vs recurring vs fixed across runs.
+ * Built on the existing finding-lifecycle tracking infrastructure.
+ *
+ * Usage:
+ *   judges dedup-report                       # Show finding delta report
+ *   judges dedup-report --format json         # JSON output
+ *   judges dedup-report --stats               # Summary statistics only
+ */
+export declare function runDedupReport(argv: string[]): void;
+//# sourceMappingURL=dedup-report.d.ts.map

package/dist/commands/dedup-report.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dedup-report.d.ts","sourceRoot":"","sources":["../../src/commands/dedup-report.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAQH,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CA0HnD"}

package/dist/commands/dedup-report.js

@@ -0,0 +1,138 @@
+/**
+ * `judges dedup-report` — Cross-run finding deduplication report.
+ *
+ * Shows which findings are new vs recurring vs fixed across runs.
+ * Built on the existing finding-lifecycle tracking infrastructure.
+ *
+ * Usage:
+ *   judges dedup-report                       # Show finding delta report
+ *   judges dedup-report --format json         # JSON output
+ *   judges dedup-report --stats               # Summary statistics only
+ */
+import { loadFindingStore, getFindingStats } from "../finding-lifecycle.js";
+import { resolve } from "path";
+// ─── CLI Runner ─────────────────────────────────────────────────────────────
+export function runDedupReport(argv) {
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges dedup-report — Cross-run finding deduplication report
+
+Usage:
+  judges dedup-report [dir]                 Show finding delta report
+  judges dedup-report --stats               Summary statistics only
+  judges dedup-report --recurring           Show only recurring findings
+  judges dedup-report --new                 Show only new findings since last run
+  judges dedup-report --fixed               Show recently fixed findings
+  judges dedup-report --format json         JSON output
+
+Reads .judges-findings.json from the project directory to show:
+  • New findings introduced since last run
+  • Recurring findings (persistent across runs)
+  • Fixed findings (no longer detected)
+  • Trend analysis (improving / stable / degrading)
+
+Options:
+  --dir <path>         Project directory (default: current)
+  --stats              Show summary statistics only
+  --recurring          Filter to recurring findings
+  --new                Filter to newly introduced findings
+  --fixed              Filter to fixed findings
+  --format <fmt>       Output format: text, json
+  --help, -h           Show this help
+`);
+        return;
+    }
+    const dir = resolve(argv.find((_a, i) => argv[i - 1] === "--dir") ||
+        argv.find((a, i) => i > 1 && !a.startsWith("-") && argv[i - 1] !== "--format" && argv[i - 1] !== "--dir") ||
+        ".");
+    const format = argv.find((_a, i) => argv[i - 1] === "--format") || "text";
+    const statsOnly = argv.includes("--stats");
+    const showRecurring = argv.includes("--recurring");
+    const showNew = argv.includes("--new");
+    const showFixed = argv.includes("--fixed");
+    const store = loadFindingStore(dir);
+    if (store.findings.length === 0) {
+        console.log("\n  No finding history found. Run 'judges eval' first to build the finding store.\n");
+        return;
+    }
+    const stats = getFindingStats(store);
+    if (format === "json") {
+        const data = { stats, runNumber: store.runNumber, lastRunAt: store.lastRunAt };
+        if (!statsOnly) {
+            const openFindings = store.findings.filter((f) => f.status === "open");
+            const fixedFindings = store.findings.filter((f) => f.status === "fixed");
+            const newFindings = openFindings.filter((f) => f.runCount === 1);
+            const recurringFindings = openFindings.filter((f) => f.runCount > 1);
+            if (showNew)
+                data.findings = newFindings;
+            else if (showRecurring)
+                data.findings = recurringFindings;
+            else if (showFixed)
+                data.findings = fixedFindings;
+            else
+                data.findings = { new: newFindings, recurring: recurringFindings, fixed: fixedFindings };
+        }
+        console.log(JSON.stringify(data, null, 2));
+        return;
+    }
+    // Text output
+    console.log(`\n  Finding Deduplication Report  —  Run #${store.runNumber}  (${store.lastRunAt})\n`);
+    // Stats
+    console.log(`  Total tracked:    ${stats.totalOpen + stats.totalFixed}`);
+    console.log(`  Open:             ${stats.totalOpen}`);
+    console.log(`  Fixed:            ${stats.totalFixed}`);
+    console.log(`  Triaged:          ${stats.totalTriaged}`);
+    console.log(`  Avg age (days):   ${Math.round(stats.avgAge)}`);
+    console.log("");
+    // Severity breakdown
+    console.log("  By severity:");
+    for (const [sev, count] of Object.entries(stats.bySeverity)) {
+        if (count > 0) {
+            console.log(`    ${sev.toUpperCase().padEnd(10)} ${count}`);
+        }
+    }
+    console.log("");
+    if (statsOnly)
+        return;
+    const openFindings = store.findings.filter((f) => f.status === "open");
+    const fixedFindings = store.findings.filter((f) => f.status === "fixed");
+    const newFindings = openFindings.filter((f) => f.runCount === 1);
+    const recurringFindings = openFindings.filter((f) => f.runCount > 1);
+    // New findings
+    if (!showRecurring && !showFixed && newFindings.length > 0) {
+        console.log(`  ─── New Findings (${newFindings.length}) ───\n`);
+        printFindings(newFindings);
+    }
+    // Recurring
+    if (!showNew && !showFixed && recurringFindings.length > 0) {
+        console.log(`  ─── Recurring Findings (${recurringFindings.length}) ───\n`);
+        printFindings(recurringFindings, true);
+    }
+    // Fixed
+    if (!showNew && !showRecurring && fixedFindings.length > 0) {
+        const recentFixed = fixedFindings.filter((f) => {
+            if (!f.fixedAt)
+                return false;
+            const fixedDate = new Date(f.fixedAt);
+            const weekAgo = new Date(Date.now() - 7 * 24 * 60 * 60 * 1000);
+            return fixedDate >= weekAgo;
+        });
+        if (recentFixed.length > 0) {
+            console.log(`  ─── Recently Fixed (${recentFixed.length}) ───\n`);
+            printFindings(recentFixed);
+        }
+    }
+    console.log("");
+}
+function printFindings(findings, showRunCount = false) {
+    for (const f of findings.slice(0, 20)) {
+        const runInfo = showRunCount ? ` (${f.runCount} runs)` : "";
+        console.log(`  • [${f.severity.toUpperCase()}] ${f.ruleId}: ${f.title}${runInfo}`);
+        console.log(`    ${f.filePath}`);
+    }
+    if (findings.length > 20) {
+        console.log(`  ... and ${findings.length - 20} more`);
+    }
+    console.log("");
+}
+//# sourceMappingURL=dedup-report.js.map

package/dist/commands/dedup-report.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"dedup-report.js","sourceRoot":"","sources":["../../src/commands/dedup-report.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAE5E,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAE/B,+EAA+E;AAE/E,MAAM,UAAU,cAAc,CAAC,IAAc;IAC3C,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;CAyBf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,MAAM,GAAG,GAAG,OAAO,CACjB,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,OAAO,CAAC;QAC3C,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,OAAO,CAAC;QACzG,GAAG,CACN,CAAC;IACF,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,IAAI,MAAM,CAAC;IAC1E,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAC3C,MAAM,aAAa,GAAG,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;IACnD,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACvC,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;IAE3C,MAAM,KAAK,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;IAEpC,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAChC,OAAO,CAAC,GAAG,CAAC,qFAAqF,CAAC,CAAC;QACnG,OAAO;IACT,CAAC;IAED,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;IAErC,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,MAAM,IAAI,GAA4B,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,CAAC,SAAS,EAAE,SAAS,EAAE,KAAK,CAAC,SAAS,EAAE,CAAC;QACxG,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,MAAM,YAAY,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC;YACvE,MAAM,aAAa,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,OAAO,CAAC,CAAC;YACzE,MAAM,WAAW,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC;YACjE,MAAM,iBAAiB,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC;YAErE,IAAI,OAAO;gBAAE,IAAI,CAAC,QAAQ,GAAG,WAAW,CAAC;iBACpC,IAAI,aAAa;gBAAE,IAAI,CAAC,QAAQ,GAAG,iBAAiB,CAAC;iBACrD,IAAI,SAAS;gBAAE,IAAI,CAAC,QAAQ,GAAG,aAAa,CAAC;;gBAC7C,IAAI,CAAC,QAAQ,GAAG,EAAE,GAAG,EAAE,WAAW,EAAE,SAAS,EAAE,iBAAiB,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC;QAChG,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC3C,OAAO;IACT,CAAC;IAED,cAAc;IACd,OAAO,CAAC,GAAG,CAAC,6CAA6C,KAAK,CAAC,SAAS,MAAM,KAAK,CAAC,SAAS,KAAK,CAAC,CAAC;IAEpG,QAAQ;IACR,OAAO,CAAC,GAAG,CAAC,uBAAuB,KAAK,CAAC,SAAS,GAAG,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;IACzE,OAAO,CAAC,GAAG,CAAC,uBAAuB,KAAK,CAAC,SAAS,EAAE,CAAC,CAAC;IACtD,OAAO,CAAC,GAAG,CAAC,uBAAuB,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;IACvD,OAAO,CAAC,GAAG,CAAC,uBAAuB,KAAK,CAAC,YAAY,EAAE,CAAC,CAAC;IACzD,OAAO,CAAC,GAAG,CAAC,uBAAuB,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAEhB,qBAAqB;IACrB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAC9B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5D,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;YACd,OAAO,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,WAAW,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,KAAK,EAAE,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAEhB,IAAI,SAAS;QAAE,OAAO;IAEtB,MAAM,YAAY,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC;IACvE,MAAM,aAAa,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,OAAO,CAAC,CAAC;IACzE,MAAM,WAAW,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,CAAC;IACjE,MAAM,iBAAiB,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC;IAErE,eAAe;IACf,IAAI,CAAC,aAAa,IAAI,CAAC,SAAS,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,uBAAuB,WAAW,CAAC,MAAM,SAAS,CAAC,CAAC;QAChE,aAAa,CAAC,WAAW,CAAC,CAAC;IAC7B,CAAC;IAED,YAAY;IACZ,IAAI,CAAC,OAAO,IAAI,CAAC,SAAS,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,6BAA6B,iBAAiB,CAAC,MAAM,SAAS,CAAC,CAAC;QAC5E,aAAa,CAAC,iBAAiB,EAAE,IAAI,CAAC,CAAC;IACzC,CAAC;IAED,QAAQ;IACR,IAAI,CAAC,OAAO,IAAI,CAAC,aAAa,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3D,MAAM,WAAW,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;YAC7C,IAAI,CAAC,CAAC,CAAC,OAAO;gBAAE,OAAO,KAAK,CAAC;YAC7B,MAAM,SAAS,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;YACtC,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;YAC/D,OAAO,SAAS,IAAI,OAAO,CAAC;QAC9B,CAAC,CAAC,CAAC;QACH,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,yBAAyB,WAAW,CAAC,MAAM,SAAS,CAAC,CAAC;YAClE,aAAa,CAAC,WAAW,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AAClB,CAAC;AAED,SAAS,aAAa,CAAC,QAA0B,EAAE,eAAwB,KAAK;IAC9E,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;QACtC,MAAM,OAAO,GAAG,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,QAAQ,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5D,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,KAAK,GAAG,OAAO,EAAE,CAAC,CAAC;QACnF,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;IACnC,CAAC;IACD,IAAI,QAAQ,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,aAAa,QAAQ,CAAC,MAAM,GAAG,EAAE,OAAO,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AAClB,CAAC"}

package/dist/commands/dep-audit.d.ts

@@ -0,0 +1,53 @@
+/**
+ * `judges dep-audit` — Dependency vulnerability correlation.
+ *
+ * Correlates code-level findings with known vulnerabilities in project
+ * dependencies. Uses npm audit / pip audit output to enrich findings
+ * with CVE data, adding urgency context to code review.
+ *
+ * Usage:
+ *   judges dep-audit                             # Audit current directory
+ *   judges dep-audit --format json               # JSON output
+ *   judges dep-audit --correlate results.json     # Correlate with findings
+ */
+import type { Finding, Severity } from "../types.js";
+export interface VulnerablePackage {
+    /** Package name */
+    name: string;
+    /** Installed version */
+    version: string;
+    /** Vulnerability severity */
+    severity: Severity;
+    /** CVE identifier(s) */
+    cves: string[];
+    /** CWE identifier(s) */
+    cwes: string[];
+    /** Advisory title */
+    title: string;
+    /** URL for more information */
+    url?: string;
+    /** Fixed version (if known) */
+    fixedIn?: string;
+}
+export interface DepAuditResult {
+    /** Detected package manager */
+    packageManager: "npm" | "pip" | "unknown";
+    /** Vulnerable packages found */
+    vulnerabilities: VulnerablePackage[];
+    /** Total vulnerability count */
+    totalVulnerabilities: number;
+    /** Counts by severity */
+    severityCounts: Record<Severity, number>;
+    /** Correlations with code findings */
+    correlations: Array<{
+        vulnerability: VulnerablePackage;
+        relatedFindings: Array<{
+            ruleId: string;
+            title: string;
+            reason: string;
+        }>;
+    }>;
+}
+export declare function runDepAudit(dir: string, findings?: Finding[]): DepAuditResult;
+export declare function runDepAuditCommand(argv: string[]): void;
+//# sourceMappingURL=dep-audit.d.ts.map

package/dist/commands/dep-audit.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dep-audit.d.ts","sourceRoot":"","sources":["../../src/commands/dep-audit.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAKH,OAAO,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAIrD,MAAM,WAAW,iBAAiB;IAChC,mBAAmB;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,wBAAwB;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,6BAA6B;IAC7B,QAAQ,EAAE,QAAQ,CAAC;IACnB,wBAAwB;IACxB,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,wBAAwB;IACxB,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,qBAAqB;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,+BAA+B;IAC/B,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,+BAA+B;IAC/B,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,cAAc;IAC7B,+BAA+B;IAC/B,cAAc,EAAE,KAAK,GAAG,KAAK,GAAG,SAAS,CAAC;IAC1C,gCAAgC;IAChC,eAAe,EAAE,iBAAiB,EAAE,CAAC;IACrC,gCAAgC;IAChC,oBAAoB,EAAE,MAAM,CAAC;IAC7B,yBAAyB;IACzB,cAAc,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACzC,sCAAsC;IACtC,YAAY,EAAE,KAAK,CAAC;QAClB,aAAa,EAAE,iBAAiB,CAAC;QACjC,eAAe,EAAE,KAAK,CAAC;YAAE,MAAM,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;KAC3E,CAAC,CAAC;CACJ;AA0KD,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,OAAO,EAAE,GAAG,cAAc,CA+B7E;AAID,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAgGvD"}