npm - @kevinrabun/judges - Versions diffs - 3.41.0 → 3.43.0 - Mend

@kevinrabun/judges 3.41.0 → 3.43.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (82) hide show

package/CHANGELOG.md +30 -0
package/dist/cli.d.ts.map +1 -1
package/dist/cli.js +126 -0
package/dist/cli.js.map +1 -1
package/dist/commands/assign-findings.d.ts +37 -0
package/dist/commands/assign-findings.d.ts.map +1 -0
package/dist/commands/assign-findings.js +178 -0
package/dist/commands/assign-findings.js.map +1 -0
package/dist/commands/auto-triage.d.ts +32 -0
package/dist/commands/auto-triage.d.ts.map +1 -0
package/dist/commands/auto-triage.js +126 -0
package/dist/commands/auto-triage.js.map +1 -0
package/dist/commands/ci-template.d.ts +15 -0
package/dist/commands/ci-template.d.ts.map +1 -0
package/dist/commands/ci-template.js +212 -0
package/dist/commands/ci-template.js.map +1 -0
package/dist/commands/coverage-map.d.ts +23 -0
package/dist/commands/coverage-map.d.ts.map +1 -0
package/dist/commands/coverage-map.js +223 -0
package/dist/commands/coverage-map.js.map +1 -0
package/dist/commands/diff-only.d.ts +34 -0
package/dist/commands/diff-only.d.ts.map +1 -0
package/dist/commands/diff-only.js +152 -0
package/dist/commands/diff-only.js.map +1 -0
package/dist/commands/false-negatives.d.ts +35 -0
package/dist/commands/false-negatives.d.ts.map +1 -0
package/dist/commands/false-negatives.js +166 -0
package/dist/commands/false-negatives.js.map +1 -0
package/dist/commands/group-findings.d.ts +23 -0
package/dist/commands/group-findings.d.ts.map +1 -0
package/dist/commands/group-findings.js +155 -0
package/dist/commands/group-findings.js.map +1 -0
package/dist/commands/hook-install.d.ts +22 -0
package/dist/commands/hook-install.d.ts.map +1 -0
package/dist/commands/hook-install.js +143 -0
package/dist/commands/hook-install.js.map +1 -0
package/dist/commands/policy-audit.d.ts +53 -0
package/dist/commands/policy-audit.d.ts.map +1 -0
package/dist/commands/policy-audit.js +161 -0
package/dist/commands/policy-audit.js.map +1 -0
package/dist/commands/pr-summary.d.ts +26 -0
package/dist/commands/pr-summary.d.ts.map +1 -0
package/dist/commands/pr-summary.js +188 -0
package/dist/commands/pr-summary.js.map +1 -0
package/dist/commands/profile.d.ts +38 -0
package/dist/commands/profile.d.ts.map +1 -0
package/dist/commands/profile.js +102 -0
package/dist/commands/profile.js.map +1 -0
package/dist/commands/regression-alert.d.ts +32 -0
package/dist/commands/regression-alert.d.ts.map +1 -0
package/dist/commands/regression-alert.js +216 -0
package/dist/commands/regression-alert.js.map +1 -0
package/dist/commands/remediation.d.ts +21 -0
package/dist/commands/remediation.d.ts.map +1 -0
package/dist/commands/remediation.js +257 -0
package/dist/commands/remediation.js.map +1 -0
package/dist/commands/sla-track.d.ts +57 -0
package/dist/commands/sla-track.d.ts.map +1 -0
package/dist/commands/sla-track.js +269 -0
package/dist/commands/sla-track.js.map +1 -0
package/dist/commands/smart-select.d.ts +27 -0
package/dist/commands/smart-select.d.ts.map +1 -0
package/dist/commands/smart-select.js +346 -0
package/dist/commands/smart-select.js.map +1 -0
package/dist/commands/ticket-sync.d.ts +26 -0
package/dist/commands/ticket-sync.d.ts.map +1 -0
package/dist/commands/ticket-sync.js +236 -0
package/dist/commands/ticket-sync.js.map +1 -0
package/dist/commands/upload.d.ts +14 -0
package/dist/commands/upload.d.ts.map +1 -0
package/dist/commands/upload.js +173 -0
package/dist/commands/upload.js.map +1 -0
package/dist/commands/validate-config.d.ts +17 -0
package/dist/commands/validate-config.d.ts.map +1 -0
package/dist/commands/validate-config.js +268 -0
package/dist/commands/validate-config.js.map +1 -0
package/dist/commands/warm-cache.d.ts +31 -0
package/dist/commands/warm-cache.d.ts.map +1 -0
package/dist/commands/warm-cache.js +166 -0
package/dist/commands/warm-cache.js.map +1 -0
package/package.json +1 -1
package/server.json +2 -2

package/dist/commands/coverage-map.js ADDED Viewed

@@ -0,0 +1,223 @@
+/**
+ * Rule coverage map — show which rules apply to which languages,
+ * helping teams understand their coverage and identify gaps.
+ */
+// ─── Rules-to-Language Mapping ──────────────────────────────────────────────
+/**
+ * Universal rules applicable to all programming languages.
+ */
+const UNIVERSAL_RULES = [
+    { pattern: "SEC-", judge: "cybersecurity", severity: "high" },
+    { pattern: "ERR-", judge: "error-handling", severity: "medium" },
+    { pattern: "MAINT-", judge: "maintainability", severity: "low" },
+    { pattern: "DOC-", judge: "documentation", severity: "low" },
+    { pattern: "STRUCT-", judge: "code-structure", severity: "medium" },
+    { pattern: "TEST-", judge: "testing", severity: "medium" },
+    { pattern: "LOG-", judge: "logging-privacy", severity: "medium" },
+    { pattern: "AI-", judge: "ai-code-safety", severity: "high" },
+];
+/**
+ * Language-specific rules with limited applicability.
+ */
+const LANGUAGE_RULES = [
+    {
+        pattern: "INJECT-SQL",
+        judge: "cybersecurity",
+        severity: "critical",
+        languages: ["typescript", "javascript", "python", "java", "csharp", "php", "ruby", "go"],
+    },
+    {
+        pattern: "INJECT-CMD",
+        judge: "cybersecurity",
+        severity: "critical",
+        languages: ["typescript", "javascript", "python", "java", "csharp", "php", "ruby", "go", "rust"],
+    },
+    {
+        pattern: "XSS-",
+        judge: "cybersecurity",
+        severity: "high",
+        languages: ["typescript", "javascript", "python", "java", "csharp", "php", "ruby"],
+    },
+    {
+        pattern: "SSRF-",
+        judge: "cybersecurity",
+        severity: "high",
+        languages: ["typescript", "javascript", "python", "java", "csharp", "go", "ruby"],
+    },
+    {
+        pattern: "CRYPTO-",
+        judge: "cybersecurity",
+        severity: "high",
+        languages: ["typescript", "javascript", "python", "java", "csharp", "go", "rust", "c", "cpp"],
+    },
+    {
+        pattern: "AUTH-",
+        judge: "authentication",
+        severity: "high",
+        languages: ["typescript", "javascript", "python", "java", "csharp", "go", "ruby", "php"],
+    },
+    {
+        pattern: "PERF-",
+        judge: "performance",
+        severity: "medium",
+        languages: ["typescript", "javascript", "python", "java", "csharp", "go", "rust", "c", "cpp"],
+    },
+    {
+        pattern: "DB-",
+        judge: "database",
+        severity: "medium",
+        languages: ["typescript", "javascript", "python", "java", "csharp", "go", "ruby", "sql"],
+    },
+    { pattern: "IAC-", judge: "iac-security", severity: "high", languages: ["terraform", "bicep", "yaml", "dockerfile"] },
+    { pattern: "CICD-", judge: "ci-cd", severity: "high", languages: ["yaml", "dockerfile", "bash", "powershell"] },
+    {
+        pattern: "CONCUR-",
+        judge: "concurrency",
+        severity: "high",
+        languages: ["go", "rust", "java", "csharp", "python", "c", "cpp"],
+    },
+    { pattern: "A11Y-", judge: "accessibility", severity: "medium", languages: ["typescript", "javascript", "html"] },
+    {
+        pattern: "I18N-",
+        judge: "internationalization",
+        severity: "low",
+        languages: ["typescript", "javascript", "python", "java", "csharp"],
+    },
+    { pattern: "FW-REACT", judge: "framework-safety", severity: "high", languages: ["typescript", "javascript"] },
+    { pattern: "FW-EXPRESS", judge: "framework-safety", severity: "high", languages: ["typescript", "javascript"] },
+    { pattern: "FW-DJANGO", judge: "framework-safety", severity: "high", languages: ["python"] },
+    { pattern: "FW-FLASK", judge: "framework-safety", severity: "high", languages: ["python"] },
+    { pattern: "FW-SPRING", judge: "framework-safety", severity: "high", languages: ["java", "kotlin"] },
+    { pattern: "FW-RAILS", judge: "framework-safety", severity: "high", languages: ["ruby"] },
+    { pattern: "FW-NEXT", judge: "framework-safety", severity: "high", languages: ["typescript", "javascript"] },
+    { pattern: "FW-FASTAPI", judge: "framework-safety", severity: "high", languages: ["python"] },
+];
+const ALL_LANGUAGES = [
+    "typescript",
+    "javascript",
+    "python",
+    "java",
+    "csharp",
+    "go",
+    "rust",
+    "ruby",
+    "php",
+    "c",
+    "cpp",
+    "kotlin",
+    "scala",
+    "swift",
+    "dart",
+    "bash",
+    "powershell",
+    "sql",
+    "terraform",
+    "bicep",
+    "yaml",
+    "dockerfile",
+    "html",
+];
+// ─── Coverage Computation ───────────────────────────────────────────────────
+export function buildCoverageMap(languages) {
+    const langs = languages || ALL_LANGUAGES;
+    const rules = [];
+    const matrix = {};
+    // Universal rules
+    for (const r of UNIVERSAL_RULES) {
+        const coverage = {
+            ruleId: r.pattern.replace(/-$/, ""),
+            languages: [...langs],
+            severity: r.severity,
+            judge: r.judge,
+        };
+        rules.push(coverage);
+        matrix[coverage.ruleId] = {};
+        for (const l of langs)
+            matrix[coverage.ruleId][l] = true;
+    }
+    // Language-specific rules
+    for (const r of LANGUAGE_RULES) {
+        const applicableLangs = r.languages.filter((l) => langs.includes(l));
+        const coverage = {
+            ruleId: r.pattern.replace(/-$/, ""),
+            languages: applicableLangs,
+            severity: r.severity,
+            judge: r.judge,
+        };
+        rules.push(coverage);
+        matrix[coverage.ruleId] = {};
+        for (const l of langs)
+            matrix[coverage.ruleId][l] = applicableLangs.includes(l);
+    }
+    // Statistics
+    const byLanguage = {};
+    const byJudge = {};
+    for (const r of rules) {
+        byJudge[r.judge] = (byJudge[r.judge] || 0) + 1;
+        for (const l of r.languages) {
+            byLanguage[l] = (byLanguage[l] || 0) + 1;
+        }
+    }
+    return {
+        languages: langs,
+        rules,
+        matrix,
+        stats: { totalRules: rules.length, byLanguage, byJudge },
+    };
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runCoverageMap(argv) {
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges coverage-map — Show which rules apply to which languages
+Usage:
+  judges coverage-map                              Full coverage matrix
+  judges coverage-map --languages typescript,python Focus on specific languages
+  judges coverage-map --judge cybersecurity         Filter by judge
+Options:
+  --languages <list>    Comma-separated languages to show
+  --judge <id>          Filter rules by judge
+  --format json         JSON output
+  --help, -h            Show this help
+`);
+        return;
+    }
+    const langsArg = argv.find((_a, i) => argv[i - 1] === "--languages");
+    const judgeFilter = argv.find((_a, i) => argv[i - 1] === "--judge");
+    const format = argv.find((_a, i) => argv[i - 1] === "--format") || "text";
+    const languages = langsArg ? langsArg.split(",").map((s) => s.trim()) : undefined;
+    const map = buildCoverageMap(languages);
+    let rules = map.rules;
+    if (judgeFilter) {
+        rules = rules.filter((r) => r.judge === judgeFilter);
+    }
+    if (format === "json") {
+        console.log(JSON.stringify({ ...map, rules }, null, 2));
+        return;
+    }
+    console.log(`\n  Rule Coverage Map\n`);
+    console.log(`  Total rules: ${rules.length} | Languages: ${map.languages.length}\n`);
+    // Show compact matrix
+    const displayLangs = map.languages.slice(0, 12); // limit width
+    const header = "  " + "Rule".padEnd(20) + displayLangs.map((l) => l.slice(0, 4).padEnd(5)).join("");
+    console.log(header);
+    console.log("  " + "─".repeat(header.length - 2));
+    for (const r of rules) {
+        const row = displayLangs.map((l) => (r.languages.includes(l) ? "  ✓  " : "  ·  ")).join("");
+        console.log(`  ${r.ruleId.padEnd(20)}${row}`);
+    }
+    console.log(`\n  Coverage by language:`);
+    const sorted = Object.entries(map.stats.byLanguage).sort((a, b) => b[1] - a[1]);
+    for (const [lang, count] of sorted) {
+        const pct = ((count / rules.length) * 100).toFixed(0);
+        console.log(`    ${lang.padEnd(15)} ${String(count).padStart(3)} rules (${pct}%)`);
+    }
+    console.log(`\n  Coverage by judge:`);
+    for (const [judge, count] of Object.entries(map.stats.byJudge).sort((a, b) => b[1] - a[1])) {
+        console.log(`    ${judge.padEnd(25)} ${count} rules`);
+    }
+    console.log("");
+}
+//# sourceMappingURL=coverage-map.js.map

package/dist/commands/coverage-map.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"coverage-map.js","sourceRoot":"","sources":["../../src/commands/coverage-map.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAsBH,+EAA+E;AAE/E;;GAEG;AACH,MAAM,eAAe,GAAgE;IACnF,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC7D,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAChE,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,iBAAiB,EAAE,QAAQ,EAAE,KAAK,EAAE;IAChE,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,eAAe,EAAE,QAAQ,EAAE,KAAK,EAAE;IAC5D,EAAE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,QAAQ,EAAE;IACnE,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAC1D,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,iBAAiB,EAAE,QAAQ,EAAE,QAAQ,EAAE;IACjE,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,EAAE;CAC9D,CAAC;AAEF;;GAEG;AACH,MAAM,cAAc,GAAqF;IACvG;QACE,OAAO,EAAE,YAAY;QACrB,KAAK,EAAE,eAAe;QACtB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC;KACzF;IACD;QACE,OAAO,EAAE,YAAY;QACrB,KAAK,EAAE,eAAe;QACtB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,CAAC;KACjG;IACD;QACE,OAAO,EAAE,MAAM;QACf,KAAK,EAAE,eAAe;QACtB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC;KACnF;IACD;QACE,OAAO,EAAE,OAAO;QAChB,KAAK,EAAE,eAAe;QACtB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,CAAC;KAClF;IACD;QACE,OAAO,EAAE,SAAS;QAClB,KAAK,EAAE,eAAe;QACtB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,KAAK,CAAC;KAC9F;IACD;QACE,OAAO,EAAE,OAAO;QAChB,KAAK,EAAE,gBAAgB;QACvB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC;KACzF;IACD;QACE,OAAO,EAAE,OAAO;QAChB,KAAK,EAAE,aAAa;QACpB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,KAAK,CAAC;KAC9F;IACD;QACE,OAAO,EAAE,KAAK;QACd,KAAK,EAAE,UAAU;QACjB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC;KACzF;IACD,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,WAAW,EAAE,OAAO,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE;IACrH,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE;IAC/G;QACE,OAAO,EAAE,SAAS;QAClB,KAAK,EAAE,aAAa;QACpB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,EAAE,KAAK,CAAC;KAClE;IACD,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,eAAe,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,MAAM,CAAC,EAAE;IACjH;QACE,OAAO,EAAE,OAAO;QAChB,KAAK,EAAE,sBAAsB;QAC7B,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC;KACpE;IACD,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,CAAC,EAAE;IAC7G,EAAE,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,CAAC,EAAE;IAC/G,EAAE,OAAO,EAAE,WAAW,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,QAAQ,CAAC,EAAE;IAC5F,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,QAAQ,CAAC,EAAE;IAC3F,EAAE,OAAO,EAAE,WAAW,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,MAAM,EAAE,QAAQ,CAAC,EAAE;IACpG,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,MAAM,CAAC,EAAE;IACzF,EAAE,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,YAAY,EAAE,YAAY,CAAC,EAAE;IAC5G,EAAE,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC,QAAQ,CAAC,EAAE;CAC9F,CAAC;AAEF,MAAM,aAAa,GAAG;IACpB,YAAY;IACZ,YAAY;IACZ,QAAQ;IACR,MAAM;IACN,QAAQ;IACR,IAAI;IACJ,MAAM;IACN,MAAM;IACN,KAAK;IACL,GAAG;IACH,KAAK;IACL,QAAQ;IACR,OAAO;IACP,OAAO;IACP,MAAM;IACN,MAAM;IACN,YAAY;IACZ,KAAK;IACL,WAAW;IACX,OAAO;IACP,MAAM;IACN,YAAY;IACZ,MAAM;CACP,CAAC;AAEF,+EAA+E;AAE/E,MAAM,UAAU,gBAAgB,CAAC,SAAoB;IACnD,MAAM,KAAK,GAAG,SAAS,IAAI,aAAa,CAAC;IACzC,MAAM,KAAK,GAAmB,EAAE,CAAC;IACjC,MAAM,MAAM,GAA4C,EAAE,CAAC;IAE3D,kBAAkB;IAClB,KAAK,MAAM,CAAC,IAAI,eAAe,EAAE,CAAC;QAChC,MAAM,QAAQ,GAAiB;YAC7B,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;YACnC,SAAS,EAAE,CAAC,GAAG,KAAK,CAAC;YACrB,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,KAAK,EAAE,CAAC,CAAC,KAAK;SACf,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACrB,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;QAC7B,KAAK,MAAM,CAAC,IAAI,KAAK;YAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;IAC3D,CAAC;IAED,0BAA0B;IAC1B,KAAK,MAAM,CAAC,IAAI,cAAc,EAAE,CAAC;QAC/B,MAAM,eAAe,GAAG,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QACrE,MAAM,QAAQ,GAAiB;YAC7B,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;YACnC,SAAS,EAAE,eAAe;YAC1B,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,KAAK,EAAE,CAAC,CAAC,KAAK;SACf,CAAC;QACF,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACrB,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,EAAE,CAAC;QAC7B,KAAK,MAAM,CAAC,IAAI,KAAK;YAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAClF,CAAC;IAED,aAAa;IACb,MAAM,UAAU,GAA2B,EAAE,CAAC;IAC9C,MAAM,OAAO,GAA2B,EAAE,CAAC;IAE3C,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QAC/C,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,CAAC;YAC5B,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAED,OAAO;QACL,SAAS,EAAE,KAAK;QAChB,KAAK;QACL,MAAM;QACN,KAAK,EAAE,EAAE,UAAU,EAAE,KAAK,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE;KACzD,CAAC;AACJ,CAAC;AAED,+EAA+E;AAE/E,MAAM,UAAU,cAAc,CAAC,IAAc;IAC3C,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;CAaf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,aAAa,CAAC,CAAC;IACrF,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;IACpF,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,IAAI,MAAM,CAAC;IAE1F,MAAM,SAAS,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAC1F,MAAM,GAAG,GAAG,gBAAgB,CAAC,SAAS,CAAC,CAAC;IAExC,IAAI,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC;IACtB,IAAI,WAAW,EAAE,CAAC;QAChB,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,WAAW,CAAC,CAAC;IACvD,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,GAAG,GAAG,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACxD,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;IACvC,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,MAAM,iBAAiB,GAAG,CAAC,SAAS,CAAC,MAAM,IAAI,CAAC,CAAC;IAErF,sBAAsB;IACtB,MAAM,YAAY,GAAG,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc;IAC/D,MAAM,MAAM,GAAG,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACpG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACpB,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC;IAElD,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC5F,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC;IAChD,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;IACzC,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAChF,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,EAAE,CAAC;QACnC,MAAM,GAAG,GAAG,CAAC,CAAC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QACtD,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,GAAG,IAAI,CAAC,CAAC;IACrF,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;IACtC,KAAK,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAC3F,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AAClB,CAAC"}

package/dist/commands/diff-only.d.ts ADDED Viewed

@@ -0,0 +1,34 @@
+/**
+ * Diff-only evaluation — evaluate only changed lines in a PR or git diff.
+ *
+ * Parses unified diff output to identify changed line ranges,
+ * then filters evaluation findings to only those touching changed code.
+ * This drastically reduces noise in CI review comments.
+ */
+import type { Finding } from "../types.js";
+export interface DiffHunk {
+    file: string;
+    startLine: number;
+    lineCount: number;
+}
+export interface DiffFilterResult {
+    original: number;
+    filtered: number;
+    removed: number;
+    findings: Finding[];
+}
+/**
+ * Parse a unified diff to extract changed file/line ranges.
+ * Handles both `git diff` and `git diff --cached` output.
+ */
+export declare function parseDiff(diff: string): DiffHunk[];
+/**
+ * Filter findings to only those touching changed lines.
+ */
+export declare function filterByDiff(findings: Finding[], diff: string): DiffFilterResult;
+/**
+ * Get the list of changed files from a diff.
+ */
+export declare function getChangedFiles(diff: string): string[];
+export declare function runDiffOnly(argv: string[]): Promise<void>;
+//# sourceMappingURL=diff-only.d.ts.map

package/dist/commands/diff-only.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"diff-only.d.ts","sourceRoot":"","sources":["../../src/commands/diff-only.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAI3C,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,OAAO,EAAE,CAAC;CACrB;AAID;;;GAGG;AACH,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,GAAG,QAAQ,EAAE,CAwBlD;AAcD;;GAEG;AACH,wBAAgB,YAAY,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,MAAM,GAAG,gBAAgB,CAUhF;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,EAAE,CAOtD;AAID,wBAAsB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAwF/D"}

package/dist/commands/diff-only.js ADDED Viewed

@@ -0,0 +1,152 @@
+/**
+ * Diff-only evaluation — evaluate only changed lines in a PR or git diff.
+ *
+ * Parses unified diff output to identify changed line ranges,
+ * then filters evaluation findings to only those touching changed code.
+ * This drastically reduces noise in CI review comments.
+ */
+// ─── Diff Parsing ───────────────────────────────────────────────────────────
+/**
+ * Parse a unified diff to extract changed file/line ranges.
+ * Handles both `git diff` and `git diff --cached` output.
+ */
+export function parseDiff(diff) {
+    const hunks = [];
+    let currentFile = "";
+    for (const line of diff.split("\n")) {
+        // Match +++ b/path/to/file
+        const fileMatch = line.match(/^\+\+\+ b\/(.+)$/);
+        if (fileMatch) {
+            currentFile = fileMatch[1];
+            continue;
+        }
+        // Match @@ -old,count +new,count @@
+        const hunkMatch = line.match(/^@@ -\d+(?:,\d+)? \+(\d+)(?:,(\d+))? @@/);
+        if (hunkMatch && currentFile) {
+            hunks.push({
+                file: currentFile,
+                startLine: parseInt(hunkMatch[1], 10),
+                lineCount: parseInt(hunkMatch[2] || "1", 10),
+            });
+        }
+    }
+    return hunks;
+}
+/**
+ * Check whether a finding overlaps with any changed hunk.
+ */
+function isInDiff(finding, hunks) {
+    const findingLine = finding.lineNumbers?.[0];
+    if (!findingLine)
+        return false;
+    return hunks.some((h) => {
+        return findingLine >= h.startLine && findingLine <= h.startLine + h.lineCount - 1;
+    });
+}
+/**
+ * Filter findings to only those touching changed lines.
+ */
+export function filterByDiff(findings, diff) {
+    const hunks = parseDiff(diff);
+    const filtered = findings.filter((f) => isInDiff(f, hunks));
+    return {
+        original: findings.length,
+        filtered: filtered.length,
+        removed: findings.length - filtered.length,
+        findings: filtered,
+    };
+}
+/**
+ * Get the list of changed files from a diff.
+ */
+export function getChangedFiles(diff) {
+    const files = new Set();
+    for (const line of diff.split("\n")) {
+        const match = line.match(/^\+\+\+ b\/(.+)$/);
+        if (match)
+            files.add(match[1]);
+    }
+    return [...files];
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export async function runDiffOnly(argv) {
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges diff-only — Evaluate only changed lines in a PR or diff
+Usage:
+  judges diff-only --base main                  Diff against main branch
+  judges diff-only --base HEAD~1                Diff against previous commit
+  judges diff-only --diff-file changes.patch    Use a pre-generated diff
+Options:
+  --base <ref>          Git ref to diff against (default: main)
+  --diff-file <path>    Pre-generated diff file
+  --input <path>        JSON results to filter (default: run fresh eval)
+  --format json         JSON output
+  --help, -h            Show this help
+The command diffs against the base ref, identifies changed lines,
+and filters findings to only those touching changed code. This is
+ideal for CI pipelines reviewing PRs.
+`);
+        return;
+    }
+    const { readFileSync, existsSync } = await import("fs");
+    const { execSync } = await import("child_process");
+    let diff;
+    const diffFile = argv.find((_a, i) => argv[i - 1] === "--diff-file");
+    if (diffFile && existsSync(diffFile)) {
+        diff = readFileSync(diffFile, "utf-8");
+    }
+    else {
+        const base = argv.find((_a, i) => argv[i - 1] === "--base") || "main";
+        try {
+            diff = execSync(`git diff ${base}`, { encoding: "utf-8", maxBuffer: 10 * 1024 * 1024 });
+        }
+        catch {
+            console.error(`Error: could not run git diff ${base}`);
+            process.exit(1);
+        }
+    }
+    const changedFiles = getChangedFiles(diff);
+    const hunks = parseDiff(diff);
+    const format = argv.find((_a, i) => argv[i - 1] === "--format") || "text";
+    const inputPath = argv.find((_a, i) => argv[i - 1] === "--input");
+    if (inputPath && existsSync(inputPath)) {
+        const data = JSON.parse(readFileSync(inputPath, "utf-8"));
+        const findings = data.evaluations
+            ? data.evaluations.flatMap((e) => e.findings || [])
+            : data.findings || data;
+        const result = filterByDiff(findings, diff);
+        if (format === "json") {
+            console.log(JSON.stringify(result, null, 2));
+            return;
+        }
+        console.log(`\n  Diff-Only Filter Results\n`);
+        console.log(`  Changed files: ${changedFiles.length}`);
+        console.log(`  Changed hunks: ${hunks.length}`);
+        console.log(`  Original findings: ${result.original}`);
+        console.log(`  In diff: ${result.filtered}`);
+        console.log(`  Filtered out: ${result.removed}\n`);
+        for (const f of result.findings) {
+            const loc = f.lineNumbers?.length ? `:${f.lineNumbers[0]}` : "";
+            console.log(`  ${f.severity.padEnd(8)} ${f.ruleId}: ${f.title.slice(0, 80)}${loc}`);
+        }
+        console.log("");
+        return;
+    }
+    // Just show diff info without filtering
+    if (format === "json") {
+        console.log(JSON.stringify({ changedFiles, hunks, totalHunks: hunks.length }, null, 2));
+        return;
+    }
+    console.log(`\n  Changed Files (${changedFiles.length}):\n`);
+    for (const f of changedFiles) {
+        const fileHunks = hunks.filter((h) => h.file === f);
+        const totalLines = fileHunks.reduce((s, h) => s + h.lineCount, 0);
+        console.log(`    ${f}  (${fileHunks.length} hunks, ${totalLines} lines)`);
+    }
+    console.log(`\n  Run with --input <results.json> to filter findings.\n`);
+}
+//# sourceMappingURL=diff-only.js.map

package/dist/commands/diff-only.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"diff-only.js","sourceRoot":"","sources":["../../src/commands/diff-only.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAmBH,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,UAAU,SAAS,CAAC,IAAY;IACpC,MAAM,KAAK,GAAe,EAAE,CAAC;IAC7B,IAAI,WAAW,GAAG,EAAE,CAAC;IAErB,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACpC,2BAA2B;QAC3B,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACjD,IAAI,SAAS,EAAE,CAAC;YACd,WAAW,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;YAC3B,SAAS;QACX,CAAC;QAED,oCAAoC;QACpC,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACxE,IAAI,SAAS,IAAI,WAAW,EAAE,CAAC;YAC7B,KAAK,CAAC,IAAI,CAAC;gBACT,IAAI,EAAE,WAAW;gBACjB,SAAS,EAAE,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;gBACrC,SAAS,EAAE,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC;aAC7C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAS,QAAQ,CAAC,OAAgB,EAAE,KAAiB;IACnD,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,CAAC;IAC7C,IAAI,CAAC,WAAW;QAAE,OAAO,KAAK,CAAC;IAE/B,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;QACtB,OAAO,WAAW,IAAI,CAAC,CAAC,SAAS,IAAI,WAAW,IAAI,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC;IACpF,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,QAAmB,EAAE,IAAY;IAC5D,MAAM,KAAK,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IAC9B,MAAM,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;IAE5D,OAAO;QACL,QAAQ,EAAE,QAAQ,CAAC,MAAM;QACzB,QAAQ,EAAE,QAAQ,CAAC,MAAM;QACzB,OAAO,EAAE,QAAQ,CAAC,MAAM,GAAG,QAAQ,CAAC,MAAM;QAC1C,QAAQ,EAAE,QAAQ;KACnB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,IAAY;IAC1C,MAAM,KAAK,GAAG,IAAI,GAAG,EAAU,CAAC;IAChC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACpC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QAC7C,IAAI,KAAK;YAAE,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACjC,CAAC;IACD,OAAO,CAAC,GAAG,KAAK,CAAC,CAAC;AACpB,CAAC;AAED,+EAA+E;AAE/E,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,IAAc;IAC9C,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;CAkBf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,MAAM,EAAE,YAAY,EAAE,UAAU,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC;IACxD,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,CAAC;IAEnD,IAAI,IAAY,CAAC;IAEjB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,aAAa,CAAC,CAAC;IACrF,IAAI,QAAQ,IAAI,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QACrC,IAAI,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACzC,CAAC;SAAM,CAAC;QACN,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,QAAQ,CAAC,IAAI,MAAM,CAAC;QACtF,IAAI,CAAC;YACH,IAAI,GAAG,QAAQ,CAAC,YAAY,IAAI,EAAE,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,CAAC,CAAC;QAC1F,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,CAAC,KAAK,CAAC,iCAAiC,IAAI,EAAE,CAAC,CAAC;YACvD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IAED,MAAM,YAAY,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;IAC3C,MAAM,KAAK,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;IAC9B,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,IAAI,MAAM,CAAC;IAE1F,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;IAClF,IAAI,SAAS,IAAI,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACvC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;QAC1D,MAAM,QAAQ,GAAc,IAAI,CAAC,WAAW;YAC1C,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAA2B,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,IAAI,EAAE,CAAC;YAC7E,CAAC,CAAC,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC;QAE1B,MAAM,MAAM,GAAG,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAE5C,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC7C,OAAO;QACT,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;QAC9C,OAAO,CAAC,GAAG,CAAC,oBAAoB,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC;QACvD,OAAO,CAAC,GAAG,CAAC,oBAAoB,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAChD,OAAO,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QACvD,OAAO,CAAC,GAAG,CAAC,cAAc,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,mBAAmB,MAAM,CAAC,OAAO,IAAI,CAAC,CAAC;QAEnD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YAChC,MAAM,GAAG,GAAG,CAAC,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAChE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC;QACtF,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO;IACT,CAAC;IAED,wCAAwC;IACxC,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,YAAY,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACxF,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,sBAAsB,YAAY,CAAC,MAAM,MAAM,CAAC,CAAC;IAC7D,KAAK,MAAM,CAAC,IAAI,YAAY,EAAE,CAAC;QAC7B,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC;QACpD,MAAM,UAAU,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QAClE,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,SAAS,CAAC,MAAM,WAAW,UAAU,SAAS,CAAC,CAAC;IAC5E,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,2DAA2D,CAAC,CAAC;AAC3E,CAAC"}

package/dist/commands/false-negatives.d.ts ADDED Viewed

@@ -0,0 +1,35 @@
+/**
+ * False-negative report — collect and analyze cases where Judges
+ * missed a real vulnerability or bug that was later found manually.
+ *
+ * Builds a local feedback database (.judges-false-negatives.json)
+ * that helps teams understand blind spots and request new rules.
+ */
+export interface FalseNegativeEntry {
+    id: string;
+    timestamp: string;
+    file: string;
+    line?: number;
+    category: string;
+    description: string;
+    severity: string;
+    expectedRule?: string;
+    language: string;
+    codeSnippet?: string;
+    reportedBy?: string;
+    status: "open" | "rule-added" | "wont-fix" | "duplicate";
+}
+export interface FalseNegativeDb {
+    entries: FalseNegativeEntry[];
+    version: string;
+}
+export declare function addFalseNegative(entry: Omit<FalseNegativeEntry, "id" | "timestamp" | "status">): FalseNegativeEntry;
+export declare function getFalseNegativeStats(db: FalseNegativeDb): {
+    total: number;
+    open: number;
+    byCategory: Record<string, number>;
+    bySeverity: Record<string, number>;
+    byLanguage: Record<string, number>;
+};
+export declare function runFalseNegativeReport(argv: string[]): void;
+//# sourceMappingURL=false-negatives.d.ts.map

package/dist/commands/false-negatives.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"false-negatives.d.ts","sourceRoot":"","sources":["../../src/commands/false-negatives.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAMH,MAAM,WAAW,kBAAkB;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,GAAG,YAAY,GAAG,UAAU,GAAG,WAAW,CAAC;CAC1D;AAED,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,kBAAkB,EAAE,CAAC;IAC9B,OAAO,EAAE,MAAM,CAAC;CACjB;AAuBD,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,IAAI,CAAC,kBAAkB,EAAE,IAAI,GAAG,WAAW,GAAG,QAAQ,CAAC,GAAG,kBAAkB,CAcnH;AAED,wBAAgB,qBAAqB,CAAC,EAAE,EAAE,eAAe,GAAG;IAC1D,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACnC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACnC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACpC,CAaA;AAID,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CA2G3D"}

package/dist/commands/false-negatives.js ADDED Viewed

@@ -0,0 +1,166 @@
+/**
+ * False-negative report — collect and analyze cases where Judges
+ * missed a real vulnerability or bug that was later found manually.
+ *
+ * Builds a local feedback database (.judges-false-negatives.json)
+ * that helps teams understand blind spots and request new rules.
+ */
+import { createHash } from "crypto";
+// ─── Database ───────────────────────────────────────────────────────────────
+const DB_FILE = ".judges-false-negatives.json";
+function loadDb() {
+    const { readFileSync, existsSync } = require("fs");
+    if (existsSync(DB_FILE)) {
+        try {
+            return JSON.parse(readFileSync(DB_FILE, "utf-8"));
+        }
+        catch {
+            /* corrupt */
+        }
+    }
+    return { entries: [], version: "1.0" };
+}
+function saveDb(db) {
+    const { writeFileSync } = require("fs");
+    writeFileSync(DB_FILE, JSON.stringify(db, null, 2), "utf-8");
+}
+export function addFalseNegative(entry) {
+    const db = loadDb();
+    const fn = {
+        ...entry,
+        id: createHash("sha256")
+            .update(Date.now().toString() + entry.file + entry.description)
+            .digest("hex")
+            .slice(0, 10),
+        timestamp: new Date().toISOString(),
+        status: "open",
+    };
+    db.entries.push(fn);
+    saveDb(db);
+    return fn;
+}
+export function getFalseNegativeStats(db) {
+    const open = db.entries.filter((e) => e.status === "open").length;
+    const byCategory = {};
+    const bySeverity = {};
+    const byLanguage = {};
+    for (const e of db.entries) {
+        byCategory[e.category] = (byCategory[e.category] || 0) + 1;
+        bySeverity[e.severity] = (bySeverity[e.severity] || 0) + 1;
+        byLanguage[e.language] = (byLanguage[e.language] || 0) + 1;
+    }
+    return { total: db.entries.length, open, byCategory, bySeverity, byLanguage };
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runFalseNegativeReport(argv) {
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges false-negatives — Report and track missed vulnerabilities
+Usage:
+  judges false-negatives                              Show report
+  judges false-negatives --add --file src/app.ts \\
+    --line 42 --category injection --severity high \\
+    --description "SQL injection via user input"     Add a missed finding
+  judges false-negatives --resolve <id>               Mark as resolved
+Options:
+  --add                  Add a new false-negative report
+  --file <path>          File where the issue was found
+  --line <n>             Line number
+  --category <cat>       Category (injection, auth, crypto, xss, etc.)
+  --severity <level>     Severity (critical, high, medium, low)
+  --description <text>   Description of what was missed
+  --language <lang>      Language (auto-detected from file)
+  --resolve <id>         Mark entry as resolved
+  --format json          JSON output
+  --help, -h             Show this help
+This builds a local feedback database that helps identify blind spots
+in the current rule set, informing future rule development.
+`);
+        return;
+    }
+    const format = argv.find((_a, i) => argv[i - 1] === "--format") || "text";
+    if (argv.includes("--add")) {
+        const file = argv.find((_a, i) => argv[i - 1] === "--file") || "";
+        const lineStr = argv.find((_a, i) => argv[i - 1] === "--line");
+        const category = argv.find((_a, i) => argv[i - 1] === "--category") || "unknown";
+        const severity = argv.find((_a, i) => argv[i - 1] === "--severity") || "medium";
+        const description = argv.find((_a, i) => argv[i - 1] === "--description") || "";
+        const language = argv.find((_a, i) => argv[i - 1] === "--language") || detectLanguage(file);
+        if (!file || !description) {
+            console.error("Error: --file and --description required");
+            process.exit(1);
+        }
+        const entry = addFalseNegative({
+            file,
+            line: lineStr ? parseInt(lineStr, 10) : undefined,
+            category,
+            severity,
+            description,
+            language,
+        });
+        console.log(`  ✅ Added false-negative report: ${entry.id}`);
+        return;
+    }
+    const resolveId = argv.find((_a, i) => argv[i - 1] === "--resolve");
+    if (resolveId) {
+        const db = loadDb();
+        const entry = db.entries.find((e) => e.id === resolveId);
+        if (!entry) {
+            console.error(`Error: entry ${resolveId} not found`);
+            process.exit(1);
+        }
+        entry.status = "rule-added";
+        saveDb(db);
+        console.log(`  ✅ Resolved: ${resolveId}`);
+        return;
+    }
+    // Show report
+    const db = loadDb();
+    if (db.entries.length === 0) {
+        console.log("\n  No false-negative reports. Use --add to report a missed finding.\n");
+        return;
+    }
+    const stats = getFalseNegativeStats(db);
+    if (format === "json") {
+        console.log(JSON.stringify({ stats, entries: db.entries }, null, 2));
+        return;
+    }
+    console.log(`\n  False-Negative Analysis\n`);
+    console.log(`  Total: ${stats.total} | Open: ${stats.open}\n`);
+    console.log("  By Category:");
+    for (const [cat, count] of Object.entries(stats.byCategory).sort((a, b) => b[1] - a[1])) {
+        console.log(`    ${cat.padEnd(20)} ${count}`);
+    }
+    console.log("\n  By Severity:");
+    for (const [sev, count] of Object.entries(stats.bySeverity).sort((a, b) => b[1] - a[1])) {
+        console.log(`    ${sev.padEnd(20)} ${count}`);
+    }
+    console.log("\n  Recent entries:");
+    for (const e of db.entries.slice(-10)) {
+        const status = e.status === "open" ? "🔴" : "✅";
+        console.log(`    ${status} ${e.id}  ${e.severity.padEnd(8)} ${e.category.padEnd(15)} ${e.description.slice(0, 50)}`);
+    }
+    console.log("");
+}
+function detectLanguage(file) {
+    const { extname } = require("path");
+    const ext = extname(file).toLowerCase();
+    const map = {
+        ".ts": "typescript",
+        ".tsx": "typescript",
+        ".js": "javascript",
+        ".jsx": "javascript",
+        ".py": "python",
+        ".go": "go",
+        ".rs": "rust",
+        ".java": "java",
+        ".cs": "csharp",
+        ".rb": "ruby",
+        ".php": "php",
+    };
+    return map[ext] || "unknown";
+}
+//# sourceMappingURL=false-negatives.js.map