@kevinrabun/judges 3.42.0 → 3.44.0

package/dist/commands/regression-alert.js

@@ -0,0 +1,216 @@
+/**
+ * Regression alerting — compare current scan results against a saved
+ * baseline snapshot to detect quality regressions.
+ *
+ * Snapshots are stored locally in .judges-baseline.json.
+ */
+import { readFileSync, writeFileSync, existsSync } from "fs";
+const BASELINE_FILE = ".judges-baseline.json";
+// ─── Helpers ────────────────────────────────────────────────────────────────
+function makeFindingId(f) {
+    return `${f.ruleId}::${f.title}`;
+}
+function getGitInfo() {
+    try {
+        const { execSync } = require("child_process");
+        const commit = execSync("git rev-parse --short HEAD", { encoding: "utf-8" }).trim();
+        const branch = execSync("git rev-parse --abbrev-ref HEAD", { encoding: "utf-8" }).trim();
+        return { commit, branch };
+    }
+    catch {
+        return {};
+    }
+}
+export function buildSnapshot(findings) {
+    const git = getGitInfo();
+    const bySeverity = {};
+    const byRule = {};
+    const findingIds = [];
+    for (const f of findings) {
+        bySeverity[f.severity] = (bySeverity[f.severity] || 0) + 1;
+        byRule[f.ruleId] = (byRule[f.ruleId] || 0) + 1;
+        findingIds.push(makeFindingId(f));
+    }
+    return {
+        timestamp: new Date().toISOString(),
+        gitCommit: git.commit,
+        gitBranch: git.branch,
+        totalFindings: findings.length,
+        bySeverity,
+        byRule,
+        findingIds,
+    };
+}
+export function saveBaseline(snapshot, file = BASELINE_FILE) {
+    writeFileSync(file, JSON.stringify(snapshot, null, 2));
+}
+export function loadBaseline(file = BASELINE_FILE) {
+    if (!existsSync(file))
+        return null;
+    return JSON.parse(readFileSync(file, "utf-8"));
+}
+export function compareSnapshots(baseline, current) {
+    const baseSet = new Set(baseline.findingIds);
+    const currSet = new Set(current.findingIds);
+    const newFindings = current.findingIds.filter((id) => !baseSet.has(id));
+    const fixedFindings = baseline.findingIds.filter((id) => !currSet.has(id));
+    const delta = current.totalFindings - baseline.totalFindings;
+    const severityDelta = {};
+    const allSeverities = new Set([...Object.keys(baseline.bySeverity), ...Object.keys(current.bySeverity)]);
+    for (const sev of allSeverities) {
+        severityDelta[sev] = (current.bySeverity[sev] || 0) - (baseline.bySeverity[sev] || 0);
+    }
+    const ruleDelta = {};
+    const allRules = new Set([...Object.keys(baseline.byRule), ...Object.keys(current.byRule)]);
+    for (const rule of allRules) {
+        const d = (current.byRule[rule] || 0) - (baseline.byRule[rule] || 0);
+        if (d !== 0)
+            ruleDelta[rule] = d;
+    }
+    let status = "stable";
+    if (delta > 0 || newFindings.length > 0)
+        status = "regressed";
+    else if (delta < 0 || fixedFindings.length > 0)
+        status = "improved";
+    return {
+        status,
+        newFindings,
+        fixedFindings,
+        delta,
+        severityDelta,
+        ruleDelta,
+        baseline,
+        current,
+    };
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export async function runRegressionAlert(argv) {
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges regression-alert — Detect quality regressions between scans
+
+Usage:
+  judges regression-alert --save --input results.json     Save current results as baseline
+  judges regression-alert --check --input results.json    Compare current results against baseline
+  judges regression-alert --show                          Show current baseline
+
+Options:
+  --save                Save current results as the baseline
+  --check               Compare against saved baseline
+  --show                Display stored baseline info
+  --input <path>        Results JSON file
+  --fail-on-regression  Exit with code 1 if regressions detected (CI mode)
+  --threshold <n>       Only alert if >= n new findings (default: 1)
+  --format json         JSON output
+  --help, -h            Show this help
+`);
+        return;
+    }
+    const format = argv.find((_a, i) => argv[i - 1] === "--format") || "text";
+    const inputPath = argv.find((_a, i) => argv[i - 1] === "--input");
+    const failOnRegression = argv.includes("--fail-on-regression");
+    const thresholdStr = argv.find((_a, i) => argv[i - 1] === "--threshold");
+    const threshold = thresholdStr ? parseInt(thresholdStr, 10) : 1;
+    // Show baseline
+    if (argv.includes("--show")) {
+        const baseline = loadBaseline();
+        if (!baseline) {
+            console.log("\n  No baseline saved. Run with --save first.\n");
+            return;
+        }
+        if (format === "json") {
+            console.log(JSON.stringify(baseline, null, 2));
+        }
+        else {
+            console.log(`
+  Baseline Snapshot
+  ─────────────────
+  Saved:     ${baseline.timestamp}
+  Commit:    ${baseline.gitCommit || "unknown"}
+  Branch:    ${baseline.gitBranch || "unknown"}
+  Findings:  ${baseline.totalFindings}
+`);
+            for (const [sev, count] of Object.entries(baseline.bySeverity)) {
+                console.log(`    ${sev.padEnd(10)} ${count}`);
+            }
+            console.log("");
+        }
+        return;
+    }
+    // Both --save and --check need input
+    if (!inputPath) {
+        console.error("Error: --input <path> required");
+        process.exit(1);
+    }
+    if (!existsSync(inputPath)) {
+        console.error(`Error: file not found: ${inputPath}`);
+        process.exit(1);
+    }
+    const data = JSON.parse(readFileSync(inputPath, "utf-8"));
+    const findings = data.evaluations
+        ? data.evaluations.flatMap((e) => e.findings || [])
+        : data.findings || data;
+    const snapshot = buildSnapshot(findings);
+    // Save baseline
+    if (argv.includes("--save")) {
+        saveBaseline(snapshot);
+        if (format === "json") {
+            console.log(JSON.stringify(snapshot, null, 2));
+        }
+        else {
+            console.log(`\n  Baseline saved: ${snapshot.totalFindings} findings (${snapshot.gitCommit || "no git"})\n`);
+        }
+        return;
+    }
+    // Check against baseline
+    if (argv.includes("--check")) {
+        const baseline = loadBaseline();
+        if (!baseline) {
+            console.error("Error: No baseline saved. Run with --save first.");
+            process.exit(1);
+        }
+        const report = compareSnapshots(baseline, snapshot);
+        if (format === "json") {
+            console.log(JSON.stringify(report, null, 2));
+        }
+        else {
+            const icon = report.status === "improved" ? "✅" : report.status === "regressed" ? "🚨" : "➖";
+            console.log(`\n  ${icon} Status: ${report.status.toUpperCase()} (delta: ${report.delta >= 0 ? "+" : ""}${report.delta})`);
+            console.log(`  Baseline: ${baseline.totalFindings} findings (${baseline.gitCommit || "?"})`);
+            console.log(`  Current:  ${snapshot.totalFindings} findings (${snapshot.gitCommit || "?"})\n`);
+            if (report.newFindings.length > 0) {
+                console.log(`  New findings (${report.newFindings.length}):`);
+                for (const id of report.newFindings.slice(0, 20)) {
+                    console.log(`    + ${id}`);
+                }
+                if (report.newFindings.length > 20) {
+                    console.log(`    ... and ${report.newFindings.length - 20} more`);
+                }
+            }
+            if (report.fixedFindings.length > 0) {
+                console.log(`\n  Fixed findings (${report.fixedFindings.length}):`);
+                for (const id of report.fixedFindings.slice(0, 20)) {
+                    console.log(`    - ${id}`);
+                }
+                if (report.fixedFindings.length > 20) {
+                    console.log(`    ... and ${report.fixedFindings.length - 20} more`);
+                }
+            }
+            if (Object.keys(report.severityDelta).length > 0) {
+                console.log("\n  By severity:");
+                for (const [sev, d] of Object.entries(report.severityDelta)) {
+                    if (d !== 0)
+                        console.log(`    ${sev.padEnd(10)} ${d >= 0 ? "+" : ""}${d}`);
+                }
+            }
+            console.log("");
+        }
+        if (failOnRegression && report.newFindings.length >= threshold) {
+            console.error(`  ❌ Regression detected: ${report.newFindings.length} new finding(s) (threshold: ${threshold})`);
+            process.exit(1);
+        }
+        return;
+    }
+    console.log("Use --save, --check, or --show. See --help for details.");
+}
+//# sourceMappingURL=regression-alert.js.map

package/dist/commands/regression-alert.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"regression-alert.js","sourceRoot":"","sources":["../../src/commands/regression-alert.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AA0B7D,MAAM,aAAa,GAAG,uBAAuB,CAAC;AAE9C,+EAA+E;AAE/E,SAAS,aAAa,CAAC,CAAU;IAC/B,OAAO,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,KAAK,EAAE,CAAC;AACnC,CAAC;AAED,SAAS,UAAU;IACjB,IAAI,CAAC;QACH,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;QAC9C,MAAM,MAAM,GAAG,QAAQ,CAAC,4BAA4B,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACpF,MAAM,MAAM,GAAG,QAAQ,CAAC,iCAAiC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACzF,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;IAC5B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,QAAmB;IAC/C,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC;IACzB,MAAM,UAAU,GAA2B,EAAE,CAAC;IAC9C,MAAM,MAAM,GAA2B,EAAE,CAAC;IAC1C,MAAM,UAAU,GAAa,EAAE,CAAC;IAEhC,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QAC3D,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QAC/C,UAAU,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC;IACpC,CAAC;IAED,OAAO;QACL,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,SAAS,EAAE,GAAG,CAAC,MAAM;QACrB,SAAS,EAAE,GAAG,CAAC,MAAM;QACrB,aAAa,EAAE,QAAQ,CAAC,MAAM;QAC9B,UAAU;QACV,MAAM;QACN,UAAU;KACX,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,QAA0B,EAAE,IAAI,GAAG,aAAa;IAC3E,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AACzD,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,IAAI,GAAG,aAAa;IAC/C,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IACnC,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC;AACjD,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,QAA0B,EAAE,OAAyB;IACpF,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IAC7C,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAE5C,MAAM,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IACxE,MAAM,aAAa,GAAG,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3E,MAAM,KAAK,GAAG,OAAO,CAAC,aAAa,GAAG,QAAQ,CAAC,aAAa,CAAC;IAE7D,MAAM,aAAa,GAA2B,EAAE,CAAC;IACjD,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IACzG,KAAK,MAAM,GAAG,IAAI,aAAa,EAAE,CAAC;QAChC,aAAa,CAAC,GAAG,CAAC,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC;IACxF,CAAC;IAED,MAAM,SAAS,GAA2B,EAAE,CAAC;IAC7C,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAC5F,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC5B,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QACrE,IAAI,CAAC,KAAK,CAAC;YAAE,SAAS,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACnC,CAAC;IAED,IAAI,MAAM,GAA+B,QAAQ,CAAC;IAClD,IAAI,KAAK,GAAG,CAAC,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC;QAAE,MAAM,GAAG,WAAW,CAAC;SACzD,IAAI,KAAK,GAAG,CAAC,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC;QAAE,MAAM,GAAG,UAAU,CAAC;IAEpE,OAAO;QACL,MAAM;QACN,WAAW;QACX,aAAa;QACb,KAAK;QACL,aAAa;QACb,SAAS;QACT,QAAQ;QACR,OAAO;KACR,CAAC;AACJ,CAAC;AAED,+EAA+E;AAE/E,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,IAAc;IACrD,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;CAiBf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,IAAI,MAAM,CAAC;IAC1F,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;IAClF,MAAM,gBAAgB,GAAG,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,CAAC;IAC/D,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,aAAa,CAAC,CAAC;IACzF,MAAM,SAAS,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAEhE,gBAAgB;IAChB,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,YAAY,EAAE,CAAC;QAChC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;YAC/D,OAAO;QACT,CAAC;QACD,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACjD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC;;;eAGH,QAAQ,CAAC,SAAS;eAClB,QAAQ,CAAC,SAAS,IAAI,SAAS;eAC/B,QAAQ,CAAC,SAAS,IAAI,SAAS;eAC/B,QAAQ,CAAC,aAAa;CACpC,CAAC,CAAC;YACG,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC/D,OAAO,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,KAAK,EAAE,CAAC,CAAC;YAChD,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;QACD,OAAO;IACT,CAAC;IAED,qCAAqC;IACrC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;QAChD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC3B,OAAO,CAAC,KAAK,CAAC,0BAA0B,SAAS,EAAE,CAAC,CAAC;QACrD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;IAC1D,MAAM,QAAQ,GAAc,IAAI,CAAC,WAAW;QAC1C,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAA2B,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,IAAI,EAAE,CAAC;QAC7E,CAAC,CAAC,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC;IAE1B,MAAM,QAAQ,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAEzC,gBAAgB;IAChB,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5B,YAAY,CAAC,QAAQ,CAAC,CAAC;QACvB,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACjD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,uBAAuB,QAAQ,CAAC,aAAa,cAAc,QAAQ,CAAC,SAAS,IAAI,QAAQ,KAAK,CAAC,CAAC;QAC9G,CAAC;QACD,OAAO;IACT,CAAC;IAED,yBAAyB;IACzB,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QAC7B,MAAM,QAAQ,GAAG,YAAY,EAAE,CAAC;QAChC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;YAClE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,MAAM,GAAG,gBAAgB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAEpD,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC/C,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,KAAK,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC;YAC7F,OAAO,CAAC,GAAG,CACT,OAAO,IAAI,YAAY,MAAM,CAAC,MAAM,CAAC,WAAW,EAAE,YAAY,MAAM,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,MAAM,CAAC,KAAK,GAAG,CAC7G,CAAC;YACF,OAAO,CAAC,GAAG,CAAC,eAAe,QAAQ,CAAC,aAAa,cAAc,QAAQ,CAAC,SAAS,IAAI,GAAG,GAAG,CAAC,CAAC;YAC7F,OAAO,CAAC,GAAG,CAAC,eAAe,QAAQ,CAAC,aAAa,cAAc,QAAQ,CAAC,SAAS,IAAI,GAAG,KAAK,CAAC,CAAC;YAE/F,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAClC,OAAO,CAAC,GAAG,CAAC,mBAAmB,MAAM,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,CAAC;gBAC9D,KAAK,MAAM,EAAE,IAAI,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;oBACjD,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;gBAC7B,CAAC;gBACD,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;oBACnC,OAAO,CAAC,GAAG,CAAC,eAAe,MAAM,CAAC,WAAW,CAAC,MAAM,GAAG,EAAE,OAAO,CAAC,CAAC;gBACpE,CAAC;YACH,CAAC;YAED,IAAI,MAAM,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACpC,OAAO,CAAC,GAAG,CAAC,uBAAuB,MAAM,CAAC,aAAa,CAAC,MAAM,IAAI,CAAC,CAAC;gBACpE,KAAK,MAAM,EAAE,IAAI,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;oBACnD,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;gBAC7B,CAAC;gBACD,IAAI,MAAM,CAAC,aAAa,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;oBACrC,OAAO,CAAC,GAAG,CAAC,eAAe,MAAM,CAAC,aAAa,CAAC,MAAM,GAAG,EAAE,OAAO,CAAC,CAAC;gBACtE,CAAC;YACH,CAAC;YAED,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACjD,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;gBAChC,KAAK,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,aAAa,CAAC,EAAE,CAAC;oBAC5D,IAAI,CAAC,KAAK,CAAC;wBAAE,OAAO,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;gBAC7E,CAAC;YACH,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;QAED,IAAI,gBAAgB,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,IAAI,SAAS,EAAE,CAAC;YAC/D,OAAO,CAAC,KAAK,CAAC,4BAA4B,MAAM,CAAC,WAAW,CAAC,MAAM,+BAA+B,SAAS,GAAG,CAAC,CAAC;YAChH,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,yDAAyD,CAAC,CAAC;AACzE,CAAC"}

package/dist/commands/remediation.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Remediation guides — provide step-by-step fix guidance for common
+ * finding categories, linked from finding output.
+ *
+ * Each guide includes: description, risk level, fix steps,
+ * code examples (before/after), and references.
+ */
+export interface RemediationGuide {
+    rulePrefix: string;
+    title: string;
+    category: string;
+    risk: string;
+    steps: string[];
+    beforeCode?: string;
+    afterCode?: string;
+    references: string[];
+}
+export declare function findGuide(ruleId: string): RemediationGuide | undefined;
+export declare function listGuides(): RemediationGuide[];
+export declare function runRemediationGuide(argv: string[]): void;
+//# sourceMappingURL=remediation.d.ts.map

package/dist/commands/remediation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"remediation.d.ts","sourceRoot":"","sources":["../../src/commands/remediation.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,MAAM,WAAW,gBAAgB;IAC/B,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,EAAE,CAAC;CACtB;AA6KD,wBAAgB,SAAS,CAAC,MAAM,EAAE,MAAM,GAAG,gBAAgB,GAAG,SAAS,CAGtE;AAED,wBAAgB,UAAU,IAAI,gBAAgB,EAAE,CAE/C;AAID,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAmFxD"}

package/dist/commands/remediation.js

@@ -0,0 +1,257 @@
+/**
+ * Remediation guides — provide step-by-step fix guidance for common
+ * finding categories, linked from finding output.
+ *
+ * Each guide includes: description, risk level, fix steps,
+ * code examples (before/after), and references.
+ */
+// ─── Guides ─────────────────────────────────────────────────────────────────
+const GUIDES = [
+    {
+        rulePrefix: "SEC-001",
+        title: "SQL Injection Prevention",
+        category: "Security",
+        risk: "Critical — allows attackers to read/modify/delete database data",
+        steps: [
+            "Replace string concatenation in SQL queries with parameterized queries",
+            "Use your ORM's built-in query builder instead of raw SQL",
+            "If raw SQL is required, use prepared statements with placeholders",
+            "Validate and sanitize all user input before using in queries",
+            "Apply principle of least privilege to database accounts",
+        ],
+        beforeCode: `// VULNERABLE\nconst result = await db.query(\`SELECT * FROM users WHERE id = '\${userId}'\`);`,
+        afterCode: `// SECURE\nconst result = await db.query('SELECT * FROM users WHERE id = $1', [userId]);`,
+        references: [
+            "https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html",
+            "https://cwe.mitre.org/data/definitions/89.html",
+        ],
+    },
+    {
+        rulePrefix: "SEC-002",
+        title: "Cross-Site Scripting (XSS) Prevention",
+        category: "Security",
+        risk: "High — allows attackers to execute scripts in users' browsers",
+        steps: [
+            "Use context-aware output encoding (HTML, JavaScript, URL, CSS)",
+            "Use framework auto-escaping (React JSX, Angular templates, etc.)",
+            "Avoid dangerouslySetInnerHTML / v-html / innerHTML",
+            "Implement Content-Security-Policy headers",
+            "Validate and sanitize user input on the server side",
+        ],
+        beforeCode: `// VULNERABLE\nelement.innerHTML = userInput;`,
+        afterCode: `// SECURE\nelement.textContent = userInput;`,
+        references: [
+            "https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html",
+            "https://cwe.mitre.org/data/definitions/79.html",
+        ],
+    },
+    {
+        rulePrefix: "SEC-003",
+        title: "Command Injection Prevention",
+        category: "Security",
+        risk: "Critical — allows attackers to execute arbitrary OS commands",
+        steps: [
+            "Avoid shell command execution with user-controlled input",
+            "Use language-native APIs instead of shell commands (e.g., fs.readdir instead of ls)",
+            "If shell execution is required, use allowlists for permitted commands",
+            "Use execFile/spawn with explicit argument arrays instead of exec with string concatenation",
+            "Never pass user input directly to child_process.exec()",
+        ],
+        beforeCode: `// VULNERABLE\nexec(\`ls \${userDir}\`);`,
+        afterCode: `// SECURE\nexecFile('ls', [userDir]);`,
+        references: [
+            "https://cheatsheetseries.owasp.org/cheatsheets/OS_Command_Injection_Defense_Cheat_Sheet.html",
+            "https://cwe.mitre.org/data/definitions/78.html",
+        ],
+    },
+    {
+        rulePrefix: "AUTH-",
+        title: "Authentication Best Practices",
+        category: "Security",
+        risk: "High — weak authentication allows unauthorized access",
+        steps: [
+            "Use bcrypt, argon2, or scrypt for password hashing (never MD5/SHA1)",
+            "Implement rate limiting on login endpoints",
+            "Use secure session management with HttpOnly, Secure, SameSite cookies",
+            "Implement multi-factor authentication for sensitive operations",
+            "Validate JWT tokens on every request (check signature, expiry, issuer)",
+        ],
+        references: [
+            "https://cheatsheetseries.owasp.org/cheatsheets/Authentication_Cheat_Sheet.html",
+            "https://cwe.mitre.org/data/definitions/287.html",
+        ],
+    },
+    {
+        rulePrefix: "CRYPTO-",
+        title: "Cryptographic Best Practices",
+        category: "Security",
+        risk: "High — weak cryptography exposes sensitive data",
+        steps: [
+            "Use AES-256-GCM for symmetric encryption (not DES, 3DES, or ECB mode)",
+            "Use RSA-2048+ or ECDSA P-256+ for asymmetric encryption",
+            "Use SHA-256+ for hashing (not MD5 or SHA-1)",
+            "Never hardcode encryption keys or secrets in source code",
+            "Use platform-provided key management (AWS KMS, Azure Key Vault, etc.)",
+        ],
+        references: [
+            "https://cheatsheetseries.owasp.org/cheatsheets/Cryptographic_Storage_Cheat_Sheet.html",
+            "https://cwe.mitre.org/data/definitions/327.html",
+        ],
+    },
+    {
+        rulePrefix: "SSRF-",
+        title: "Server-Side Request Forgery Prevention",
+        category: "Security",
+        risk: "High — allows attackers to make requests from your server to internal resources",
+        steps: [
+            "Validate and sanitize all URLs before making server-side requests",
+            "Use an allowlist of permitted domains/IPs",
+            "Block requests to private IP ranges (10.x, 172.16-31.x, 192.168.x, 127.x, ::1)",
+            "Disable HTTP redirects or validate redirect targets",
+            "Use a URL parser to validate the scheme (allow only https://)",
+        ],
+        references: [
+            "https://cheatsheetseries.owasp.org/cheatsheets/Server_Side_Request_Forgery_Prevention_Cheat_Sheet.html",
+            "https://cwe.mitre.org/data/definitions/918.html",
+        ],
+    },
+    {
+        rulePrefix: "PERF-",
+        title: "Performance Optimization",
+        category: "Performance",
+        risk: "Medium — poor performance degrades user experience and increases costs",
+        steps: [
+            "Identify the bottleneck: CPU, memory, I/O, or network",
+            "Use profiling tools (Node.js --prof, py-spy, Go pprof)",
+            "Avoid N+1 queries — batch database operations",
+            "Use caching for expensive computations (Redis, in-memory LRU)",
+            "Implement pagination for large result sets",
+        ],
+        references: ["https://web.dev/performance/"],
+    },
+    {
+        rulePrefix: "ERR-",
+        title: "Error Handling Best Practices",
+        category: "Reliability",
+        risk: "Medium — poor error handling causes crashes and data corruption",
+        steps: [
+            "Catch and handle errors at appropriate boundaries",
+            "Never swallow exceptions silently — at minimum log them",
+            "Use structured error types with error codes",
+            "Implement graceful degradation for non-critical failures",
+            "Never expose stack traces or internal error details to users",
+        ],
+        references: ["https://cheatsheetseries.owasp.org/cheatsheets/Error_Handling_Cheat_Sheet.html"],
+    },
+    {
+        rulePrefix: "CONCUR-",
+        title: "Concurrency Safety",
+        category: "Reliability",
+        risk: "High — race conditions cause data corruption and security vulnerabilities",
+        steps: [
+            "Identify shared mutable state and protect it with locks/mutexes",
+            "Prefer immutable data structures",
+            "Use atomic operations for simple shared counters",
+            "Avoid holding multiple locks simultaneously (prevents deadlocks)",
+            "Use channels/message-passing instead of shared memory where possible",
+        ],
+        references: ["https://cwe.mitre.org/data/definitions/362.html"],
+    },
+    {
+        rulePrefix: "IAC-",
+        title: "Infrastructure as Code Security",
+        category: "Infrastructure",
+        risk: "High — IaC misconfigurations expose cloud resources to attack",
+        steps: [
+            "Enable encryption at rest and in transit for all storage resources",
+            "Apply principle of least privilege to IAM roles and policies",
+            "Enable logging and monitoring (CloudTrail, Azure Monitor, etc.)",
+            "Use private subnets for databases and internal services",
+            "Never hardcode secrets in Terraform/Bicep/CloudFormation templates",
+        ],
+        references: ["https://cheatsheetseries.owasp.org/cheatsheets/Infrastructure_as_Code_Security_Cheat_Sheet.html"],
+    },
+];
+// ─── Lookup API ─────────────────────────────────────────────────────────────
+export function findGuide(ruleId) {
+    // Exact match first, then prefix match
+    return GUIDES.find((g) => ruleId.startsWith(g.rulePrefix));
+}
+export function listGuides() {
+    return GUIDES;
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runRemediationGuide(argv) {
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges remediation — Step-by-step fix guidance for findings
+
+Usage:
+  judges remediation SEC-001          Show guide for a specific rule
+  judges remediation --list           List all available guides
+  judges remediation --category Security  Filter by category
+
+Options:
+  --list               List all guides
+  --category <cat>     Filter by category
+  --format json        JSON output
+  --help, -h           Show this help
+`);
+        return;
+    }
+    const format = argv.find((_a, i) => argv[i - 1] === "--format") || "text";
+    const categoryFilter = argv.find((_a, i) => argv[i - 1] === "--category");
+    if (argv.includes("--list")) {
+        let guides = GUIDES;
+        if (categoryFilter)
+            guides = guides.filter((g) => g.category.toLowerCase() === categoryFilter.toLowerCase());
+        if (format === "json") {
+            console.log(JSON.stringify(guides, null, 2));
+            return;
+        }
+        console.log("\n  Available Remediation Guides:\n");
+        for (const g of guides) {
+            console.log(`    ${g.rulePrefix.padEnd(12)} ${g.title.padEnd(40)} [${g.category}]`);
+        }
+        console.log("");
+        return;
+    }
+    // Find guide by rule ID
+    const ruleId = argv.find((a, i) => i > 1 && !a.startsWith("-") && argv[i - 1] !== "--format" && argv[i - 1] !== "--category");
+    if (!ruleId) {
+        console.error("Error: provide a rule ID or use --list");
+        process.exit(1);
+    }
+    const guide = findGuide(ruleId);
+    if (!guide) {
+        console.log(`  No guide found for "${ruleId}". Use --list to see available guides.`);
+        return;
+    }
+    if (format === "json") {
+        console.log(JSON.stringify(guide, null, 2));
+        return;
+    }
+    console.log(`\n  📖 ${guide.title}\n`);
+    console.log(`  Category: ${guide.category}`);
+    console.log(`  Risk: ${guide.risk}\n`);
+    console.log("  Steps:");
+    for (let i = 0; i < guide.steps.length; i++) {
+        console.log(`    ${i + 1}. ${guide.steps[i]}`);
+    }
+    if (guide.beforeCode) {
+        console.log("\n  Before (vulnerable):");
+        console.log(`    ${guide.beforeCode.split("\n").join("\n    ")}`);
+    }
+    if (guide.afterCode) {
+        console.log("\n  After (secure):");
+        console.log(`    ${guide.afterCode.split("\n").join("\n    ")}`);
+    }
+    if (guide.references.length > 0) {
+        console.log("\n  References:");
+        for (const ref of guide.references) {
+            console.log(`    • ${ref}`);
+        }
+    }
+    console.log("");
+}
+//# sourceMappingURL=remediation.js.map

package/dist/commands/remediation.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"remediation.js","sourceRoot":"","sources":["../../src/commands/remediation.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAeH,+EAA+E;AAE/E,MAAM,MAAM,GAAuB;IACjC;QACE,UAAU,EAAE,SAAS;QACrB,KAAK,EAAE,0BAA0B;QACjC,QAAQ,EAAE,UAAU;QACpB,IAAI,EAAE,iEAAiE;QACvE,KAAK,EAAE;YACL,wEAAwE;YACxE,0DAA0D;YAC1D,mEAAmE;YACnE,8DAA8D;YAC9D,yDAAyD;SAC1D;QACD,UAAU,EAAE,gGAAgG;QAC5G,SAAS,EAAE,0FAA0F;QACrG,UAAU,EAAE;YACV,0FAA0F;YAC1F,gDAAgD;SACjD;KACF;IACD;QACE,UAAU,EAAE,SAAS;QACrB,KAAK,EAAE,uCAAuC;QAC9C,QAAQ,EAAE,UAAU;QACpB,IAAI,EAAE,+DAA+D;QACrE,KAAK,EAAE;YACL,gEAAgE;YAChE,kEAAkE;YAClE,oDAAoD;YACpD,2CAA2C;YAC3C,qDAAqD;SACtD;QACD,UAAU,EAAE,+CAA+C;QAC3D,SAAS,EAAE,6CAA6C;QACxD,UAAU,EAAE;YACV,iGAAiG;YACjG,gDAAgD;SACjD;KACF;IACD;QACE,UAAU,EAAE,SAAS;QACrB,KAAK,EAAE,8BAA8B;QACrC,QAAQ,EAAE,UAAU;QACpB,IAAI,EAAE,8DAA8D;QACpE,KAAK,EAAE;YACL,0DAA0D;YAC1D,qFAAqF;YACrF,uEAAuE;YACvE,4FAA4F;YAC5F,wDAAwD;SACzD;QACD,UAAU,EAAE,0CAA0C;QACtD,SAAS,EAAE,uCAAuC;QAClD,UAAU,EAAE;YACV,8FAA8F;YAC9F,gDAAgD;SACjD;KACF;IACD;QACE,UAAU,EAAE,OAAO;QACnB,KAAK,EAAE,+BAA+B;QACtC,QAAQ,EAAE,UAAU;QACpB,IAAI,EAAE,uDAAuD;QAC7D,KAAK,EAAE;YACL,qEAAqE;YACrE,4CAA4C;YAC5C,uEAAuE;YACvE,gEAAgE;YAChE,wEAAwE;SACzE;QACD,UAAU,EAAE;YACV,gFAAgF;YAChF,iDAAiD;SAClD;KACF;IACD;QACE,UAAU,EAAE,SAAS;QACrB,KAAK,EAAE,8BAA8B;QACrC,QAAQ,EAAE,UAAU;QACpB,IAAI,EAAE,iDAAiD;QACvD,KAAK,EAAE;YACL,uEAAuE;YACvE,yDAAyD;YACzD,6CAA6C;YAC7C,0DAA0D;YAC1D,uEAAuE;SACxE;QACD,UAAU,EAAE;YACV,uFAAuF;YACvF,iDAAiD;SAClD;KACF;IACD;QACE,UAAU,EAAE,OAAO;QACnB,KAAK,EAAE,wCAAwC;QAC/C,QAAQ,EAAE,UAAU;QACpB,IAAI,EAAE,iFAAiF;QACvF,KAAK,EAAE;YACL,mEAAmE;YACnE,2CAA2C;YAC3C,gFAAgF;YAChF,qDAAqD;YACrD,+DAA+D;SAChE;QACD,UAAU,EAAE;YACV,wGAAwG;YACxG,iDAAiD;SAClD;KACF;IACD;QACE,UAAU,EAAE,OAAO;QACnB,KAAK,EAAE,0BAA0B;QACjC,QAAQ,EAAE,aAAa;QACvB,IAAI,EAAE,wEAAwE;QAC9E,KAAK,EAAE;YACL,uDAAuD;YACvD,wDAAwD;YACxD,+CAA+C;YAC/C,+DAA+D;YAC/D,4CAA4C;SAC7C;QACD,UAAU,EAAE,CAAC,8BAA8B,CAAC;KAC7C;IACD;QACE,UAAU,EAAE,MAAM;QAClB,KAAK,EAAE,+BAA+B;QACtC,QAAQ,EAAE,aAAa;QACvB,IAAI,EAAE,iEAAiE;QACvE,KAAK,EAAE;YACL,mDAAmD;YACnD,yDAAyD;YACzD,6CAA6C;YAC7C,0DAA0D;YAC1D,8DAA8D;SAC/D;QACD,UAAU,EAAE,CAAC,gFAAgF,CAAC;KAC/F;IACD;QACE,UAAU,EAAE,SAAS;QACrB,KAAK,EAAE,oBAAoB;QAC3B,QAAQ,EAAE,aAAa;QACvB,IAAI,EAAE,2EAA2E;QACjF,KAAK,EAAE;YACL,iEAAiE;YACjE,kCAAkC;YAClC,kDAAkD;YAClD,kEAAkE;YAClE,sEAAsE;SACvE;QACD,UAAU,EAAE,CAAC,iDAAiD,CAAC;KAChE;IACD;QACE,UAAU,EAAE,MAAM;QAClB,KAAK,EAAE,iCAAiC;QACxC,QAAQ,EAAE,gBAAgB;QAC1B,IAAI,EAAE,+DAA+D;QACrE,KAAK,EAAE;YACL,oEAAoE;YACpE,8DAA8D;YAC9D,iEAAiE;YACjE,yDAAyD;YACzD,oEAAoE;SACrE;QACD,UAAU,EAAE,CAAC,iGAAiG,CAAC;KAChH;CACF,CAAC;AAEF,+EAA+E;AAE/E,MAAM,UAAU,SAAS,CAAC,MAAc;IACtC,uCAAuC;IACvC,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED,MAAM,UAAU,UAAU;IACxB,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,+EAA+E;AAE/E,MAAM,UAAU,mBAAmB,CAAC,IAAc;IAChD,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;CAaf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,IAAI,MAAM,CAAC;IAC1F,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,YAAY,CAAC,CAAC;IAE1F,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5B,IAAI,MAAM,GAAG,MAAM,CAAC;QACpB,IAAI,cAAc;YAAE,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,cAAc,CAAC,WAAW,EAAE,CAAC,CAAC;QAE7G,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC7C,OAAO;QACT,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;QACnD,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC;QACtF,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO;IACT,CAAC;IAED,wBAAwB;IACxB,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CACtB,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,IAAI,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,YAAY,CACpG,CAAC;IACF,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,CAAC,KAAK,CAAC,wCAAwC,CAAC,CAAC;QACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,KAAK,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC;IAChC,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,yBAAyB,MAAM,wCAAwC,CAAC,CAAC;QACrF,OAAO;IACT,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC5C,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,UAAU,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC;IACvC,OAAO,CAAC,GAAG,CAAC,eAAe,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC7C,OAAO,CAAC,GAAG,CAAC,WAAW,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;IACvC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACxB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5C,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IACjD,CAAC;IAED,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;QACrB,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACpE,CAAC;IACD,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACnE,CAAC;IAED,IAAI,KAAK,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAC/B,KAAK,MAAM,GAAG,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,SAAS,GAAG,EAAE,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AAClB,CAAC"}

package/dist/commands/report-template.d.ts

@@ -0,0 +1,17 @@
+/**
+ * Report templates — generate reports from different predefined
+ * templates targeting different audiences (exec, dev, compliance).
+ *
+ * Pure local generation — no external services.
+ */
+import type { TribunalVerdict } from "../types.js";
+export interface ReportTemplate {
+    id: string;
+    name: string;
+    audience: string;
+    description: string;
+}
+export declare function listTemplates(): ReportTemplate[];
+export declare function generateReport(templateId: string, verdict: TribunalVerdict): string;
+export declare function runReportTemplate(argv: string[]): void;
+//# sourceMappingURL=report-template.d.ts.map

package/dist/commands/report-template.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"report-template.d.ts","sourceRoot":"","sources":["../../src/commands/report-template.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EAAW,eAAe,EAAE,MAAM,aAAa,CAAC;AAI5D,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;CACrB;AA8PD,wBAAgB,aAAa,IAAI,cAAc,EAAE,CAEhD;AAED,wBAAgB,cAAc,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,eAAe,GAAG,MAAM,CAiBnF;AAID,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CA6DtD"}