@kevinrabun/judges 3.42.0 → 3.44.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +25 -0
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +112 -0
- package/dist/cli.js.map +1 -1
- package/dist/commands/assign-findings.d.ts +37 -0
- package/dist/commands/assign-findings.d.ts.map +1 -0
- package/dist/commands/assign-findings.js +178 -0
- package/dist/commands/assign-findings.js.map +1 -0
- package/dist/commands/burndown.d.ts +27 -0
- package/dist/commands/burndown.d.ts.map +1 -0
- package/dist/commands/burndown.js +180 -0
- package/dist/commands/burndown.js.map +1 -0
- package/dist/commands/ci-template.d.ts +15 -0
- package/dist/commands/ci-template.d.ts.map +1 -0
- package/dist/commands/ci-template.js +212 -0
- package/dist/commands/ci-template.js.map +1 -0
- package/dist/commands/false-negatives.d.ts +35 -0
- package/dist/commands/false-negatives.d.ts.map +1 -0
- package/dist/commands/false-negatives.js +166 -0
- package/dist/commands/false-negatives.js.map +1 -0
- package/dist/commands/hook-install.d.ts +22 -0
- package/dist/commands/hook-install.d.ts.map +1 -0
- package/dist/commands/hook-install.js +143 -0
- package/dist/commands/hook-install.js.map +1 -0
- package/dist/commands/kb.d.ts +41 -0
- package/dist/commands/kb.d.ts.map +1 -0
- package/dist/commands/kb.js +231 -0
- package/dist/commands/kb.js.map +1 -0
- package/dist/commands/noise-advisor.d.ts +30 -0
- package/dist/commands/noise-advisor.d.ts.map +1 -0
- package/dist/commands/noise-advisor.js +171 -0
- package/dist/commands/noise-advisor.js.map +1 -0
- package/dist/commands/policy-audit.d.ts +53 -0
- package/dist/commands/policy-audit.d.ts.map +1 -0
- package/dist/commands/policy-audit.js +161 -0
- package/dist/commands/policy-audit.js.map +1 -0
- package/dist/commands/recommend.d.ts +21 -0
- package/dist/commands/recommend.d.ts.map +1 -0
- package/dist/commands/recommend.js +283 -0
- package/dist/commands/recommend.js.map +1 -0
- package/dist/commands/regression-alert.d.ts +32 -0
- package/dist/commands/regression-alert.d.ts.map +1 -0
- package/dist/commands/regression-alert.js +216 -0
- package/dist/commands/regression-alert.js.map +1 -0
- package/dist/commands/remediation.d.ts +21 -0
- package/dist/commands/remediation.d.ts.map +1 -0
- package/dist/commands/remediation.js +257 -0
- package/dist/commands/remediation.js.map +1 -0
- package/dist/commands/report-template.d.ts +17 -0
- package/dist/commands/report-template.d.ts.map +1 -0
- package/dist/commands/report-template.js +291 -0
- package/dist/commands/report-template.js.map +1 -0
- package/dist/commands/review-queue.d.ts +34 -0
- package/dist/commands/review-queue.d.ts.map +1 -0
- package/dist/commands/review-queue.js +226 -0
- package/dist/commands/review-queue.js.map +1 -0
- package/dist/commands/rule-owner.d.ts +31 -0
- package/dist/commands/rule-owner.d.ts.map +1 -0
- package/dist/commands/rule-owner.js +182 -0
- package/dist/commands/rule-owner.js.map +1 -0
- package/dist/commands/sla-track.d.ts +57 -0
- package/dist/commands/sla-track.d.ts.map +1 -0
- package/dist/commands/sla-track.js +269 -0
- package/dist/commands/sla-track.js.map +1 -0
- package/dist/commands/suppress.d.ts +40 -0
- package/dist/commands/suppress.d.ts.map +1 -0
- package/dist/commands/suppress.js +209 -0
- package/dist/commands/suppress.js.map +1 -0
- package/dist/commands/ticket-sync.d.ts +26 -0
- package/dist/commands/ticket-sync.d.ts.map +1 -0
- package/dist/commands/ticket-sync.js +236 -0
- package/dist/commands/ticket-sync.js.map +1 -0
- package/package.json +1 -1
- package/server.json +2 -2
|
@@ -0,0 +1,209 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Batch false-positive suppression — suppress findings by glob, rule
|
|
3
|
+
* prefix, severity, or pattern with a full audit trail.
|
|
4
|
+
*
|
|
5
|
+
* Suppressions stored locally in .judges-suppressions.json.
|
|
6
|
+
*/
|
|
7
|
+
import { readFileSync, writeFileSync, existsSync } from "fs";
|
|
8
|
+
const SUPPRESSION_FILE = ".judges-suppressions.json";
|
|
9
|
+
// ─── Core ───────────────────────────────────────────────────────────────────
|
|
10
|
+
function loadDb(file = SUPPRESSION_FILE) {
|
|
11
|
+
if (!existsSync(file))
|
|
12
|
+
return { version: 1, rules: [] };
|
|
13
|
+
return JSON.parse(readFileSync(file, "utf-8"));
|
|
14
|
+
}
|
|
15
|
+
function saveDb(db, file = SUPPRESSION_FILE) {
|
|
16
|
+
writeFileSync(file, JSON.stringify(db, null, 2));
|
|
17
|
+
}
|
|
18
|
+
function generateId() {
|
|
19
|
+
return `sup-${Date.now().toString(36)}-${Math.random().toString(36).slice(2, 6)}`;
|
|
20
|
+
}
|
|
21
|
+
function matchesGlob(filePath, glob) {
|
|
22
|
+
const regex = glob
|
|
23
|
+
.replace(/\./g, "\\.")
|
|
24
|
+
.replace(/\*\*/g, "§DOUBLESTAR§")
|
|
25
|
+
.replace(/\*/g, "[^/]*")
|
|
26
|
+
.replace(/§DOUBLESTAR§/g, ".*")
|
|
27
|
+
.replace(/\?/g, ".");
|
|
28
|
+
return new RegExp(`^${regex}$`).test(filePath);
|
|
29
|
+
}
|
|
30
|
+
export function addSuppression(opts) {
|
|
31
|
+
const db = loadDb();
|
|
32
|
+
const rule = {
|
|
33
|
+
id: generateId(),
|
|
34
|
+
fileGlob: opts.fileGlob,
|
|
35
|
+
rulePrefix: opts.rulePrefix,
|
|
36
|
+
ruleIds: opts.ruleIds,
|
|
37
|
+
maxSeverity: opts.maxSeverity,
|
|
38
|
+
reason: opts.reason,
|
|
39
|
+
author: opts.author || process.env.USER || process.env.USERNAME || "unknown",
|
|
40
|
+
createdIso: new Date().toISOString(),
|
|
41
|
+
active: true,
|
|
42
|
+
};
|
|
43
|
+
if (opts.expiresIn) {
|
|
44
|
+
const exp = new Date();
|
|
45
|
+
exp.setDate(exp.getDate() + opts.expiresIn);
|
|
46
|
+
rule.expiresIso = exp.toISOString();
|
|
47
|
+
}
|
|
48
|
+
db.rules.push(rule);
|
|
49
|
+
saveDb(db);
|
|
50
|
+
return rule;
|
|
51
|
+
}
|
|
52
|
+
export function removeSuppression(id) {
|
|
53
|
+
const db = loadDb();
|
|
54
|
+
const idx = db.rules.findIndex((r) => r.id === id);
|
|
55
|
+
if (idx < 0)
|
|
56
|
+
return false;
|
|
57
|
+
db.rules[idx].active = false;
|
|
58
|
+
saveDb(db);
|
|
59
|
+
return true;
|
|
60
|
+
}
|
|
61
|
+
export function isFindiingSuppressed(ruleId, severity, filePath) {
|
|
62
|
+
const db = loadDb();
|
|
63
|
+
const now = Date.now();
|
|
64
|
+
const severityOrder = ["critical", "high", "medium", "low", "info"];
|
|
65
|
+
for (const rule of db.rules) {
|
|
66
|
+
if (!rule.active)
|
|
67
|
+
continue;
|
|
68
|
+
if (rule.expiresIso && new Date(rule.expiresIso).getTime() < now)
|
|
69
|
+
continue;
|
|
70
|
+
// Check file glob
|
|
71
|
+
if (rule.fileGlob && filePath && !matchesGlob(filePath, rule.fileGlob))
|
|
72
|
+
continue;
|
|
73
|
+
if (rule.fileGlob && !filePath)
|
|
74
|
+
continue;
|
|
75
|
+
// Check rule prefix
|
|
76
|
+
if (rule.rulePrefix && !ruleId.startsWith(rule.rulePrefix))
|
|
77
|
+
continue;
|
|
78
|
+
// Check exact rule IDs
|
|
79
|
+
if (rule.ruleIds && rule.ruleIds.length > 0 && !rule.ruleIds.includes(ruleId))
|
|
80
|
+
continue;
|
|
81
|
+
// Check severity
|
|
82
|
+
if (rule.maxSeverity) {
|
|
83
|
+
const maxIdx = severityOrder.indexOf(rule.maxSeverity);
|
|
84
|
+
const sevIdx = severityOrder.indexOf(severity);
|
|
85
|
+
if (maxIdx >= 0 && sevIdx >= 0 && sevIdx < maxIdx)
|
|
86
|
+
continue;
|
|
87
|
+
}
|
|
88
|
+
// If no criteria were specified besides reason/author, it matches nothing
|
|
89
|
+
if (!rule.fileGlob && !rule.rulePrefix && (!rule.ruleIds || rule.ruleIds.length === 0) && !rule.maxSeverity)
|
|
90
|
+
continue;
|
|
91
|
+
return true;
|
|
92
|
+
}
|
|
93
|
+
return false;
|
|
94
|
+
}
|
|
95
|
+
// ─── CLI ────────────────────────────────────────────────────────────────────
|
|
96
|
+
export function runSuppress(argv) {
|
|
97
|
+
if (argv.includes("--help") || argv.includes("-h")) {
|
|
98
|
+
console.log(`
|
|
99
|
+
judges suppress — Batch false-positive suppression with audit trail
|
|
100
|
+
|
|
101
|
+
Usage:
|
|
102
|
+
judges suppress --glob "**/*.test.ts" --rule-prefix AUTH --reason "Test files"
|
|
103
|
+
judges suppress --rule SEC-001,SEC-002 --reason "Not applicable to internal APIs"
|
|
104
|
+
judges suppress --max-severity low --reason "Low severity not actionable"
|
|
105
|
+
judges suppress --list Show all suppression rules
|
|
106
|
+
judges suppress --remove <id> Deactivate a suppression rule
|
|
107
|
+
judges suppress --stats Show suppression statistics
|
|
108
|
+
|
|
109
|
+
Options:
|
|
110
|
+
--glob <pattern> File glob pattern
|
|
111
|
+
--rule-prefix <pfx> Rule ID prefix (e.g., AUTH, SEC, PERF)
|
|
112
|
+
--rule <ids> Comma-separated rule IDs
|
|
113
|
+
--max-severity <sev> Suppress this severity and below
|
|
114
|
+
--reason <text> Reason for suppression (required for new rules)
|
|
115
|
+
--author <name> Who created this suppression
|
|
116
|
+
--expires-in <days> Auto-expire after N days
|
|
117
|
+
--list List suppression rules
|
|
118
|
+
--remove <id> Deactivate a suppression rule
|
|
119
|
+
--stats Show suppression statistics
|
|
120
|
+
--help, -h Show this help
|
|
121
|
+
`);
|
|
122
|
+
return;
|
|
123
|
+
}
|
|
124
|
+
if (argv.includes("--list")) {
|
|
125
|
+
const db = loadDb();
|
|
126
|
+
const active = db.rules.filter((r) => r.active);
|
|
127
|
+
const inactive = db.rules.filter((r) => !r.active);
|
|
128
|
+
console.log(`\n Suppression Rules (${active.length} active, ${inactive.length} inactive)\n ─────────────────`);
|
|
129
|
+
for (const r of active) {
|
|
130
|
+
const parts = [];
|
|
131
|
+
if (r.fileGlob)
|
|
132
|
+
parts.push(`glob: ${r.fileGlob}`);
|
|
133
|
+
if (r.rulePrefix)
|
|
134
|
+
parts.push(`prefix: ${r.rulePrefix}`);
|
|
135
|
+
if (r.ruleIds?.length)
|
|
136
|
+
parts.push(`rules: ${r.ruleIds.join(",")}`);
|
|
137
|
+
if (r.maxSeverity)
|
|
138
|
+
parts.push(`max-sev: ${r.maxSeverity}`);
|
|
139
|
+
const exp = r.expiresIso ? ` (expires ${r.expiresIso.split("T")[0]})` : "";
|
|
140
|
+
console.log(` ${r.id} ${parts.join(" | ")}${exp}`);
|
|
141
|
+
console.log(` Reason: ${r.reason} — by ${r.author} on ${r.createdIso.split("T")[0]}`);
|
|
142
|
+
}
|
|
143
|
+
console.log("");
|
|
144
|
+
return;
|
|
145
|
+
}
|
|
146
|
+
const removeId = argv.find((_a, i) => argv[i - 1] === "--remove");
|
|
147
|
+
if (removeId) {
|
|
148
|
+
if (removeSuppression(removeId)) {
|
|
149
|
+
console.log(` Deactivated: ${removeId}`);
|
|
150
|
+
}
|
|
151
|
+
else {
|
|
152
|
+
console.error(` Error: not found: ${removeId}`);
|
|
153
|
+
}
|
|
154
|
+
return;
|
|
155
|
+
}
|
|
156
|
+
if (argv.includes("--stats")) {
|
|
157
|
+
const db = loadDb();
|
|
158
|
+
const active = db.rules.filter((r) => r.active);
|
|
159
|
+
const byPrefix = {};
|
|
160
|
+
for (const r of active) {
|
|
161
|
+
const key = r.rulePrefix || r.ruleIds?.[0]?.split("-")[0] || "other";
|
|
162
|
+
byPrefix[key] = (byPrefix[key] || 0) + 1;
|
|
163
|
+
}
|
|
164
|
+
console.log(`\n Total rules: ${db.rules.length} (${active.length} active)`);
|
|
165
|
+
for (const [k, v] of Object.entries(byPrefix)) {
|
|
166
|
+
console.log(` ${k.padEnd(12)} ${v}`);
|
|
167
|
+
}
|
|
168
|
+
console.log("");
|
|
169
|
+
return;
|
|
170
|
+
}
|
|
171
|
+
// Add new suppression
|
|
172
|
+
const glob = argv.find((_a, i) => argv[i - 1] === "--glob");
|
|
173
|
+
const rulePrefix = argv.find((_a, i) => argv[i - 1] === "--rule-prefix");
|
|
174
|
+
const ruleStr = argv.find((_a, i) => argv[i - 1] === "--rule");
|
|
175
|
+
const maxSeverity = argv.find((_a, i) => argv[i - 1] === "--max-severity");
|
|
176
|
+
const reason = argv.find((_a, i) => argv[i - 1] === "--reason");
|
|
177
|
+
const author = argv.find((_a, i) => argv[i - 1] === "--author");
|
|
178
|
+
const expiresStr = argv.find((_a, i) => argv[i - 1] === "--expires-in");
|
|
179
|
+
if (!reason) {
|
|
180
|
+
console.error("Error: --reason is required");
|
|
181
|
+
process.exit(1);
|
|
182
|
+
}
|
|
183
|
+
if (!glob && !rulePrefix && !ruleStr && !maxSeverity) {
|
|
184
|
+
console.error("Error: At least one of --glob, --rule-prefix, --rule, or --max-severity required");
|
|
185
|
+
process.exit(1);
|
|
186
|
+
}
|
|
187
|
+
const rule = addSuppression({
|
|
188
|
+
fileGlob: glob,
|
|
189
|
+
rulePrefix,
|
|
190
|
+
ruleIds: ruleStr ? ruleStr.split(",").map((s) => s.trim()) : undefined,
|
|
191
|
+
maxSeverity,
|
|
192
|
+
reason,
|
|
193
|
+
author,
|
|
194
|
+
expiresIn: expiresStr ? parseInt(expiresStr, 10) : undefined,
|
|
195
|
+
});
|
|
196
|
+
console.log(` ✅ Suppression created: ${rule.id}`);
|
|
197
|
+
const parts = [];
|
|
198
|
+
if (rule.fileGlob)
|
|
199
|
+
parts.push(`glob: ${rule.fileGlob}`);
|
|
200
|
+
if (rule.rulePrefix)
|
|
201
|
+
parts.push(`prefix: ${rule.rulePrefix}`);
|
|
202
|
+
if (rule.ruleIds?.length)
|
|
203
|
+
parts.push(`rules: ${rule.ruleIds.join(",")}`);
|
|
204
|
+
if (rule.maxSeverity)
|
|
205
|
+
parts.push(`max-sev: ${rule.maxSeverity}`);
|
|
206
|
+
console.log(` ${parts.join(" | ")}`);
|
|
207
|
+
console.log(` Reason: ${rule.reason}`);
|
|
208
|
+
}
|
|
209
|
+
//# sourceMappingURL=suppress.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"suppress.js","sourceRoot":"","sources":["../../src/commands/suppress.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AA+B7D,MAAM,gBAAgB,GAAG,2BAA2B,CAAC;AAErD,+EAA+E;AAE/E,SAAS,MAAM,CAAC,IAAI,GAAG,gBAAgB;IACrC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;IACxD,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC;AACjD,CAAC;AAED,SAAS,MAAM,CAAC,EAAiB,EAAE,IAAI,GAAG,gBAAgB;IACxD,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AACnD,CAAC;AAED,SAAS,UAAU;IACjB,OAAO,OAAO,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;AACpF,CAAC;AAED,SAAS,WAAW,CAAC,QAAgB,EAAE,IAAY;IACjD,MAAM,KAAK,GAAG,IAAI;SACf,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;SACrB,OAAO,CAAC,OAAO,EAAE,cAAc,CAAC;SAChC,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC;SACvB,OAAO,CAAC,eAAe,EAAE,IAAI,CAAC;SAC9B,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IACvB,OAAO,IAAI,MAAM,CAAC,IAAI,KAAK,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACjD,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,IAQ9B;IACC,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC;IACpB,MAAM,IAAI,GAAoB;QAC5B,EAAE,EAAE,UAAU,EAAE;QAChB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,SAAS;QAC5E,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACpC,MAAM,EAAE,IAAI;KACb,CAAC;IACF,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;QACnB,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC;QAC5C,IAAI,CAAC,UAAU,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;IACtC,CAAC;IACD,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACpB,MAAM,CAAC,EAAE,CAAC,CAAC;IACX,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,EAAU;IAC1C,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC;IACpB,MAAM,GAAG,GAAG,EAAE,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;IACnD,IAAI,GAAG,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAC1B,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,KAAK,CAAC;IAC7B,MAAM,CAAC,EAAE,CAAC,CAAC;IACX,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,MAAc,EAAE,QAAgB,EAAE,QAAiB;IACtF,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC;IACpB,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,MAAM,aAAa,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;IAEpE,KAAK,MAAM,IAAI,IAAI,EAAE,CAAC,KAAK,EAAE,CAAC;QAC5B,IAAI,CAAC,IAAI,CAAC,MAAM;YAAE,SAAS;QAC3B,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,OAAO,EAAE,GAAG,GAAG;YAAE,SAAS;QAE3E,kBAAkB;QAClB,IAAI,IAAI,CAAC,QAAQ,IAAI,QAAQ,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC;YAAE,SAAS;QACjF,IAAI,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ;YAAE,SAAS;QAEzC,oBAAoB;QACpB,IAAI,IAAI,CAAC,UAAU,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC;YAAE,SAAS;QAErE,uBAAuB;QACvB,IAAI,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC;YAAE,SAAS;QAExF,iBAAiB;QACjB,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,MAAM,MAAM,GAAG,aAAa,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACvD,MAAM,MAAM,GAAG,aAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAC/C,IAAI,MAAM,IAAI,CAAC,IAAI,MAAM,IAAI,CAAC,IAAI,MAAM,GAAG,MAAM;gBAAE,SAAS;QAC9D,CAAC;QAED,0EAA0E;QAC1E,IAAI,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW;YACzG,SAAS;QAEX,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,+EAA+E;AAE/E,MAAM,UAAU,WAAW,CAAC,IAAc;IACxC,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;;;;;CAuBf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5B,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QAChD,MAAM,QAAQ,GAAG,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC,0BAA0B,MAAM,CAAC,MAAM,YAAY,QAAQ,CAAC,MAAM,iCAAiC,CAAC,CAAC;QACjH,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;YACvB,MAAM,KAAK,GAAa,EAAE,CAAC;YAC3B,IAAI,CAAC,CAAC,QAAQ;gBAAE,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;YAClD,IAAI,CAAC,CAAC,UAAU;gBAAE,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC;YACxD,IAAI,CAAC,CAAC,OAAO,EAAE,MAAM;gBAAE,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACnE,IAAI,CAAC,CAAC,WAAW;gBAAE,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;YAC3D,MAAM,GAAG,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3E,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,EAAE,KAAK,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,EAAE,CAAC,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,MAAM,SAAS,CAAC,CAAC,MAAM,OAAO,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC7F,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO;IACT,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,CAAC;IAClF,IAAI,QAAQ,EAAE,CAAC;QACb,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;YAChC,OAAO,CAAC,GAAG,CAAC,kBAAkB,QAAQ,EAAE,CAAC,CAAC;QAC5C,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,uBAAuB,QAAQ,EAAE,CAAC,CAAC;QACnD,CAAC;QACD,OAAO;IACT,CAAC;IAED,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QAC7B,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QAChD,MAAM,QAAQ,GAA2B,EAAE,CAAC;QAC5C,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;YACvB,MAAM,GAAG,GAAG,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC;YACrE,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QAC3C,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,oBAAoB,EAAE,CAAC,KAAK,CAAC,MAAM,KAAK,MAAM,CAAC,MAAM,UAAU,CAAC,CAAC;QAC7E,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC9C,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC1C,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO;IACT,CAAC;IAED,sBAAsB;IACtB,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC;IAC5E,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,eAAe,CAAC,CAAC;IACzF,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC;IAC/E,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,gBAAgB,CAAC,CAAC;IAC3F,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,CAAC;IAChF,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,CAAC;IAChF,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,cAAc,CAAC,CAAC;IAExF,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;QAC7C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,IAAI,CAAC,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC;QACrD,OAAO,CAAC,KAAK,CAAC,kFAAkF,CAAC,CAAC;QAClG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,IAAI,GAAG,cAAc,CAAC;QAC1B,QAAQ,EAAE,IAAI;QACd,UAAU;QACV,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;QACtE,WAAW;QACX,MAAM;QACN,MAAM;QACN,SAAS,EAAE,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;KAC7D,CAAC,CAAC;IAEH,OAAO,CAAC,GAAG,CAAC,4BAA4B,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;IACnD,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,IAAI,IAAI,CAAC,QAAQ;QAAE,KAAK,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;IACxD,IAAI,IAAI,CAAC,UAAU;QAAE,KAAK,CAAC,IAAI,CAAC,WAAW,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC;IAC9D,IAAI,IAAI,CAAC,OAAO,EAAE,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,UAAU,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACzE,IAAI,IAAI,CAAC,WAAW;QAAE,KAAK,CAAC,IAAI,CAAC,YAAY,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;IACjE,OAAO,CAAC,GAAG,CAAC,QAAQ,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACzC,OAAO,CAAC,GAAG,CAAC,gBAAgB,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;AAC7C,CAAC"}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Ticket sync — create tickets in external issue trackers (Jira, Linear,
|
|
3
|
+
* GitHub Issues) from Judges findings.
|
|
4
|
+
*
|
|
5
|
+
* Uses standard REST APIs. No data is stored by Judges — tickets are
|
|
6
|
+
* created directly in the user's chosen tracker.
|
|
7
|
+
*/
|
|
8
|
+
export interface TicketConfig {
|
|
9
|
+
provider: "github" | "jira" | "linear";
|
|
10
|
+
/** GitHub: owner/repo. Jira: project key. Linear: team key */
|
|
11
|
+
project: string;
|
|
12
|
+
/** API token */
|
|
13
|
+
token: string;
|
|
14
|
+
/** Base URL for Jira (e.g., https://mycompany.atlassian.net) */
|
|
15
|
+
baseUrl?: string;
|
|
16
|
+
/** Label(s) to add to created tickets */
|
|
17
|
+
labels?: string[];
|
|
18
|
+
}
|
|
19
|
+
export interface TicketResult {
|
|
20
|
+
findingRuleId: string;
|
|
21
|
+
ticketId: string;
|
|
22
|
+
url: string;
|
|
23
|
+
provider: string;
|
|
24
|
+
}
|
|
25
|
+
export declare function runTicketSync(argv: string[]): Promise<void>;
|
|
26
|
+
//# sourceMappingURL=ticket-sync.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ticket-sync.d.ts","sourceRoot":"","sources":["../../src/commands/ticket-sync.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAMH,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,QAAQ,GAAG,MAAM,GAAG,QAAQ,CAAC;IACvC,8DAA8D;IAC9D,OAAO,EAAE,MAAM,CAAC;IAChB,gBAAgB;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,gEAAgE;IAChE,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,yCAAyC;IACzC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;CACnB;AAED,MAAM,WAAW,YAAY;IAC3B,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,EAAE,MAAM,CAAC;CAClB;AAkJD,wBAAsB,aAAa,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAyGjE"}
|
|
@@ -0,0 +1,236 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Ticket sync — create tickets in external issue trackers (Jira, Linear,
|
|
3
|
+
* GitHub Issues) from Judges findings.
|
|
4
|
+
*
|
|
5
|
+
* Uses standard REST APIs. No data is stored by Judges — tickets are
|
|
6
|
+
* created directly in the user's chosen tracker.
|
|
7
|
+
*/
|
|
8
|
+
// ─── Ticket Creation ────────────────────────────────────────────────────────
|
|
9
|
+
async function createGitHubIssue(finding, config) {
|
|
10
|
+
const [owner, repo] = config.project.split("/");
|
|
11
|
+
const url = `https://api.github.com/repos/${owner}/${repo}/issues`;
|
|
12
|
+
const body = [
|
|
13
|
+
`## ${finding.title}`,
|
|
14
|
+
"",
|
|
15
|
+
`**Severity:** ${finding.severity}`,
|
|
16
|
+
`**Rule:** ${finding.ruleId}`,
|
|
17
|
+
"",
|
|
18
|
+
finding.description,
|
|
19
|
+
"",
|
|
20
|
+
"### Recommendation",
|
|
21
|
+
finding.recommendation,
|
|
22
|
+
finding.reference ? `\n### Reference\n${finding.reference}` : "",
|
|
23
|
+
"",
|
|
24
|
+
"---",
|
|
25
|
+
"_Created by [Judges](https://github.com/KevinRabun/judges)_",
|
|
26
|
+
].join("\n");
|
|
27
|
+
const res = await fetch(url, {
|
|
28
|
+
method: "POST",
|
|
29
|
+
headers: {
|
|
30
|
+
Authorization: `Bearer ${config.token}`,
|
|
31
|
+
Accept: "application/vnd.github+json",
|
|
32
|
+
"Content-Type": "application/json",
|
|
33
|
+
},
|
|
34
|
+
body: JSON.stringify({
|
|
35
|
+
title: `[${finding.severity.toUpperCase()}] ${finding.ruleId}: ${finding.title}`,
|
|
36
|
+
body,
|
|
37
|
+
labels: config.labels || ["judges", "security"],
|
|
38
|
+
}),
|
|
39
|
+
});
|
|
40
|
+
if (!res.ok)
|
|
41
|
+
throw new Error(`GitHub API error: ${res.status} ${res.statusText}`);
|
|
42
|
+
const data = (await res.json());
|
|
43
|
+
return { findingRuleId: finding.ruleId, ticketId: `#${data.number}`, url: data.html_url, provider: "github" };
|
|
44
|
+
}
|
|
45
|
+
async function createJiraTicket(finding, config) {
|
|
46
|
+
const baseUrl = config.baseUrl || "https://jira.atlassian.net";
|
|
47
|
+
const url = `${baseUrl}/rest/api/3/issue`;
|
|
48
|
+
const severityMap = {
|
|
49
|
+
critical: "Highest",
|
|
50
|
+
high: "High",
|
|
51
|
+
medium: "Medium",
|
|
52
|
+
low: "Low",
|
|
53
|
+
info: "Lowest",
|
|
54
|
+
};
|
|
55
|
+
const res = await fetch(url, {
|
|
56
|
+
method: "POST",
|
|
57
|
+
headers: {
|
|
58
|
+
Authorization: `Basic ${Buffer.from(`user:${config.token}`).toString("base64")}`,
|
|
59
|
+
Accept: "application/json",
|
|
60
|
+
"Content-Type": "application/json",
|
|
61
|
+
},
|
|
62
|
+
body: JSON.stringify({
|
|
63
|
+
fields: {
|
|
64
|
+
project: { key: config.project },
|
|
65
|
+
summary: `[${finding.severity.toUpperCase()}] ${finding.ruleId}: ${finding.title}`,
|
|
66
|
+
description: {
|
|
67
|
+
type: "doc",
|
|
68
|
+
version: 1,
|
|
69
|
+
content: [
|
|
70
|
+
{
|
|
71
|
+
type: "paragraph",
|
|
72
|
+
content: [{ type: "text", text: finding.description }],
|
|
73
|
+
},
|
|
74
|
+
],
|
|
75
|
+
},
|
|
76
|
+
issuetype: { name: "Bug" },
|
|
77
|
+
priority: { name: severityMap[finding.severity] || "Medium" },
|
|
78
|
+
labels: config.labels || ["judges", "security"],
|
|
79
|
+
},
|
|
80
|
+
}),
|
|
81
|
+
});
|
|
82
|
+
if (!res.ok)
|
|
83
|
+
throw new Error(`Jira API error: ${res.status} ${res.statusText}`);
|
|
84
|
+
const data = (await res.json());
|
|
85
|
+
return {
|
|
86
|
+
findingRuleId: finding.ruleId,
|
|
87
|
+
ticketId: data.key,
|
|
88
|
+
url: `${baseUrl}/browse/${data.key}`,
|
|
89
|
+
provider: "jira",
|
|
90
|
+
};
|
|
91
|
+
}
|
|
92
|
+
async function createLinearIssue(finding, config) {
|
|
93
|
+
const priorityMap = {
|
|
94
|
+
critical: 1,
|
|
95
|
+
high: 2,
|
|
96
|
+
medium: 3,
|
|
97
|
+
low: 4,
|
|
98
|
+
info: 0,
|
|
99
|
+
};
|
|
100
|
+
const query = `mutation {
|
|
101
|
+
issueCreate(input: {
|
|
102
|
+
teamId: "${config.project}"
|
|
103
|
+
title: "[${finding.severity.toUpperCase()}] ${finding.ruleId}: ${finding.title}"
|
|
104
|
+
description: "${finding.description.replace(/"/g, '\\"').replace(/\n/g, "\\n")}"
|
|
105
|
+
priority: ${priorityMap[finding.severity] ?? 3}
|
|
106
|
+
}) {
|
|
107
|
+
success
|
|
108
|
+
issue {
|
|
109
|
+
id
|
|
110
|
+
identifier
|
|
111
|
+
url
|
|
112
|
+
}
|
|
113
|
+
}
|
|
114
|
+
}`;
|
|
115
|
+
const res = await fetch("https://api.linear.app/graphql", {
|
|
116
|
+
method: "POST",
|
|
117
|
+
headers: {
|
|
118
|
+
Authorization: config.token,
|
|
119
|
+
"Content-Type": "application/json",
|
|
120
|
+
},
|
|
121
|
+
body: JSON.stringify({ query }),
|
|
122
|
+
});
|
|
123
|
+
if (!res.ok)
|
|
124
|
+
throw new Error(`Linear API error: ${res.status} ${res.statusText}`);
|
|
125
|
+
const data = (await res.json());
|
|
126
|
+
const issue = data.data.issueCreate.issue;
|
|
127
|
+
return { findingRuleId: finding.ruleId, ticketId: issue.identifier, url: issue.url, provider: "linear" };
|
|
128
|
+
}
|
|
129
|
+
async function createTicket(finding, config) {
|
|
130
|
+
switch (config.provider) {
|
|
131
|
+
case "github":
|
|
132
|
+
return createGitHubIssue(finding, config);
|
|
133
|
+
case "jira":
|
|
134
|
+
return createJiraTicket(finding, config);
|
|
135
|
+
case "linear":
|
|
136
|
+
return createLinearIssue(finding, config);
|
|
137
|
+
}
|
|
138
|
+
}
|
|
139
|
+
// ─── CLI ────────────────────────────────────────────────────────────────────
|
|
140
|
+
export async function runTicketSync(argv) {
|
|
141
|
+
if (argv.includes("--help") || argv.includes("-h")) {
|
|
142
|
+
console.log(`
|
|
143
|
+
judges ticket-sync — Create tickets from findings in Jira, Linear, or GitHub
|
|
144
|
+
|
|
145
|
+
Usage:
|
|
146
|
+
judges ticket-sync --input results.json --provider github --project owner/repo
|
|
147
|
+
judges ticket-sync --input results.json --provider jira --project PROJ --base-url https://myco.atlassian.net
|
|
148
|
+
judges ticket-sync --input results.json --provider linear --project team-id
|
|
149
|
+
|
|
150
|
+
Options:
|
|
151
|
+
--input <path> JSON results file (required)
|
|
152
|
+
--provider <name> Ticket provider: github, jira, linear (required)
|
|
153
|
+
--project <key> Project identifier (required)
|
|
154
|
+
--token <token> API token (default: JUDGES_TICKET_TOKEN or GITHUB_TOKEN env)
|
|
155
|
+
--base-url <url> Jira base URL
|
|
156
|
+
--severity <level> Only create tickets for this severity+
|
|
157
|
+
--labels <list> Comma-separated labels
|
|
158
|
+
--dry-run Show what would be created without creating
|
|
159
|
+
--format json JSON output
|
|
160
|
+
--help, -h Show this help
|
|
161
|
+
`);
|
|
162
|
+
return;
|
|
163
|
+
}
|
|
164
|
+
const { readFileSync, existsSync } = await import("fs");
|
|
165
|
+
const inputPath = argv.find((_a, i) => argv[i - 1] === "--input");
|
|
166
|
+
const provider = argv.find((_a, i) => argv[i - 1] === "--provider");
|
|
167
|
+
const project = argv.find((_a, i) => argv[i - 1] === "--project");
|
|
168
|
+
const token = argv.find((_a, i) => argv[i - 1] === "--token") ||
|
|
169
|
+
process.env.JUDGES_TICKET_TOKEN ||
|
|
170
|
+
process.env.GITHUB_TOKEN ||
|
|
171
|
+
"";
|
|
172
|
+
const baseUrl = argv.find((_a, i) => argv[i - 1] === "--base-url");
|
|
173
|
+
const labelsStr = argv.find((_a, i) => argv[i - 1] === "--labels");
|
|
174
|
+
const severityFilter = argv.find((_a, i) => argv[i - 1] === "--severity");
|
|
175
|
+
const dryRun = argv.includes("--dry-run");
|
|
176
|
+
const format = argv.find((_a, i) => argv[i - 1] === "--format") || "text";
|
|
177
|
+
if (!inputPath || !provider || !project) {
|
|
178
|
+
console.error("Error: --input, --provider, and --project required");
|
|
179
|
+
process.exit(1);
|
|
180
|
+
}
|
|
181
|
+
if (!existsSync(inputPath)) {
|
|
182
|
+
console.error(`Error: file not found: ${inputPath}`);
|
|
183
|
+
process.exit(1);
|
|
184
|
+
}
|
|
185
|
+
if (!token) {
|
|
186
|
+
console.error("Error: --token or JUDGES_TICKET_TOKEN/GITHUB_TOKEN env required");
|
|
187
|
+
process.exit(1);
|
|
188
|
+
}
|
|
189
|
+
const data = JSON.parse(readFileSync(inputPath, "utf-8"));
|
|
190
|
+
let findings = data.evaluations
|
|
191
|
+
? data.evaluations.flatMap((e) => e.findings || [])
|
|
192
|
+
: data.findings || data;
|
|
193
|
+
if (severityFilter) {
|
|
194
|
+
const order = ["critical", "high", "medium", "low", "info"];
|
|
195
|
+
const idx = order.indexOf(severityFilter);
|
|
196
|
+
if (idx >= 0) {
|
|
197
|
+
const allowed = new Set(order.slice(0, idx + 1));
|
|
198
|
+
findings = findings.filter((f) => allowed.has(f.severity));
|
|
199
|
+
}
|
|
200
|
+
}
|
|
201
|
+
const config = {
|
|
202
|
+
provider,
|
|
203
|
+
project,
|
|
204
|
+
token,
|
|
205
|
+
baseUrl,
|
|
206
|
+
labels: labelsStr ? labelsStr.split(",").map((s) => s.trim()) : undefined,
|
|
207
|
+
};
|
|
208
|
+
if (dryRun) {
|
|
209
|
+
console.log(`\n Dry Run — Would create ${findings.length} tickets in ${provider}/${project}\n`);
|
|
210
|
+
for (const f of findings) {
|
|
211
|
+
console.log(` ${f.severity.padEnd(8)} ${f.ruleId}: ${f.title}`);
|
|
212
|
+
}
|
|
213
|
+
console.log("");
|
|
214
|
+
return;
|
|
215
|
+
}
|
|
216
|
+
const results = [];
|
|
217
|
+
for (const f of findings) {
|
|
218
|
+
try {
|
|
219
|
+
const result = await createTicket(f, config);
|
|
220
|
+
results.push(result);
|
|
221
|
+
if (format !== "json") {
|
|
222
|
+
console.log(` ✅ ${result.ticketId}: ${f.ruleId} — ${result.url}`);
|
|
223
|
+
}
|
|
224
|
+
}
|
|
225
|
+
catch (e) {
|
|
226
|
+
console.error(` ❌ Failed for ${f.ruleId}: ${e instanceof Error ? e.message : e}`);
|
|
227
|
+
}
|
|
228
|
+
}
|
|
229
|
+
if (format === "json") {
|
|
230
|
+
console.log(JSON.stringify(results, null, 2));
|
|
231
|
+
}
|
|
232
|
+
else {
|
|
233
|
+
console.log(`\n Created ${results.length}/${findings.length} tickets\n`);
|
|
234
|
+
}
|
|
235
|
+
}
|
|
236
|
+
//# sourceMappingURL=ticket-sync.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ticket-sync.js","sourceRoot":"","sources":["../../src/commands/ticket-sync.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAyBH,+EAA+E;AAE/E,KAAK,UAAU,iBAAiB,CAAC,OAAgB,EAAE,MAAoB;IACrE,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAChD,MAAM,GAAG,GAAG,gCAAgC,KAAK,IAAI,IAAI,SAAS,CAAC;IAEnE,MAAM,IAAI,GAAG;QACX,MAAM,OAAO,CAAC,KAAK,EAAE;QACrB,EAAE;QACF,iBAAiB,OAAO,CAAC,QAAQ,EAAE;QACnC,aAAa,OAAO,CAAC,MAAM,EAAE;QAC7B,EAAE;QACF,OAAO,CAAC,WAAW;QACnB,EAAE;QACF,oBAAoB;QACpB,OAAO,CAAC,cAAc;QACtB,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,oBAAoB,OAAO,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE;QAChE,EAAE;QACF,KAAK;QACL,6DAA6D;KAC9D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEb,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAC3B,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,aAAa,EAAE,UAAU,MAAM,CAAC,KAAK,EAAE;YACvC,MAAM,EAAE,6BAA6B;YACrC,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,KAAK,EAAE,IAAI,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,OAAO,CAAC,MAAM,KAAK,OAAO,CAAC,KAAK,EAAE;YAChF,IAAI;YACJ,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC;SAChD,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;IAClF,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAyC,CAAC;IACxE,OAAO,EAAE,aAAa,EAAE,OAAO,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,EAAE,GAAG,EAAE,IAAI,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC;AAChH,CAAC;AAED,KAAK,UAAU,gBAAgB,CAAC,OAAgB,EAAE,MAAoB;IACpE,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,4BAA4B,CAAC;IAC/D,MAAM,GAAG,GAAG,GAAG,OAAO,mBAAmB,CAAC;IAE1C,MAAM,WAAW,GAA2B;QAC1C,QAAQ,EAAE,SAAS;QACnB,IAAI,EAAE,MAAM;QACZ,MAAM,EAAE,QAAQ;QAChB,GAAG,EAAE,KAAK;QACV,IAAI,EAAE,QAAQ;KACf,CAAC;IAEF,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;QAC3B,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,aAAa,EAAE,SAAS,MAAM,CAAC,IAAI,CAAC,QAAQ,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE;YAChF,MAAM,EAAE,kBAAkB;YAC1B,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;YACnB,MAAM,EAAE;gBACN,OAAO,EAAE,EAAE,GAAG,EAAE,MAAM,CAAC,OAAO,EAAE;gBAChC,OAAO,EAAE,IAAI,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,OAAO,CAAC,MAAM,KAAK,OAAO,CAAC,KAAK,EAAE;gBAClF,WAAW,EAAE;oBACX,IAAI,EAAE,KAAK;oBACX,OAAO,EAAE,CAAC;oBACV,OAAO,EAAE;wBACP;4BACE,IAAI,EAAE,WAAW;4BACjB,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC;yBACvD;qBACF;iBACF;gBACD,SAAS,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE;gBAC1B,QAAQ,EAAE,EAAE,IAAI,EAAE,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,QAAQ,EAAE;gBAC7D,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC;aAChD;SACF,CAAC;KACH,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,mBAAmB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;IAChF,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAoB,CAAC;IACnD,OAAO;QACL,aAAa,EAAE,OAAO,CAAC,MAAM;QAC7B,QAAQ,EAAE,IAAI,CAAC,GAAG;QAClB,GAAG,EAAE,GAAG,OAAO,WAAW,IAAI,CAAC,GAAG,EAAE;QACpC,QAAQ,EAAE,MAAM;KACjB,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,iBAAiB,CAAC,OAAgB,EAAE,MAAoB;IACrE,MAAM,WAAW,GAA2B;QAC1C,QAAQ,EAAE,CAAC;QACX,IAAI,EAAE,CAAC;QACP,MAAM,EAAE,CAAC;QACT,GAAG,EAAE,CAAC;QACN,IAAI,EAAE,CAAC;KACR,CAAC;IAEF,MAAM,KAAK,GAAG;;iBAEC,MAAM,CAAC,OAAO;iBACd,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,OAAO,CAAC,MAAM,KAAK,OAAO,CAAC,KAAK;sBAC9D,OAAO,CAAC,WAAW,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC;kBAClE,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;;;;;;;;;IAShD,CAAC;IAEH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,gCAAgC,EAAE;QACxD,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,aAAa,EAAE,MAAM,CAAC,KAAK;YAC3B,cAAc,EAAE,kBAAkB;SACnC;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,CAAC;KAChC,CAAC,CAAC;IAEH,IAAI,CAAC,GAAG,CAAC,EAAE;QAAE,MAAM,IAAI,KAAK,CAAC,qBAAqB,GAAG,CAAC,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;IAClF,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAA8E,CAAC;IAC7G,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC;IAC1C,OAAO,EAAE,aAAa,EAAE,OAAO,CAAC,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAC,UAAU,EAAE,GAAG,EAAE,KAAK,CAAC,GAAG,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC;AAC3G,CAAC;AAED,KAAK,UAAU,YAAY,CAAC,OAAgB,EAAE,MAAoB;IAChE,QAAQ,MAAM,CAAC,QAAQ,EAAE,CAAC;QACxB,KAAK,QAAQ;YACX,OAAO,iBAAiB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC5C,KAAK,MAAM;YACT,OAAO,gBAAgB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC3C,KAAK,QAAQ;YACX,OAAO,iBAAiB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC9C,CAAC;AACH,CAAC;AAED,+EAA+E;AAE/E,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,IAAc;IAChD,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;CAmBf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,MAAM,EAAE,YAAY,EAAE,UAAU,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC;IAExD,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;IAClF,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,YAAY,CAA6B,CAAC;IAChH,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,WAAW,CAAC,CAAC;IAClF,MAAM,KAAK,GACT,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,SAAS,CAAC;QAC/D,OAAO,CAAC,GAAG,CAAC,mBAAmB;QAC/B,OAAO,CAAC,GAAG,CAAC,YAAY;QACxB,EAAE,CAAC;IACL,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,YAAY,CAAC,CAAC;IACnF,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,CAAC;IACnF,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,YAAY,CAAC,CAAC;IAC1F,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,IAAI,MAAM,CAAC;IAE1F,IAAI,CAAC,SAAS,IAAI,CAAC,QAAQ,IAAI,CAAC,OAAO,EAAE,CAAC;QACxC,OAAO,CAAC,KAAK,CAAC,oDAAoD,CAAC,CAAC;QACpE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC3B,OAAO,CAAC,KAAK,CAAC,0BAA0B,SAAS,EAAE,CAAC,CAAC;QACrD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,CAAC,KAAK,CAAC,iEAAiE,CAAC,CAAC;QACjF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;IAC1D,IAAI,QAAQ,GAAc,IAAI,CAAC,WAAW;QACxC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAA2B,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,IAAI,EAAE,CAAC;QAC7E,CAAC,CAAC,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC;IAE1B,IAAI,cAAc,EAAE,CAAC;QACnB,MAAM,KAAK,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;QAC5D,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QAC1C,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC;YACb,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC;YACjD,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAAiB;QAC3B,QAAQ;QACR,OAAO;QACP,KAAK;QACL,OAAO;QACP,MAAM,EAAE,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS;KAClF,CAAC;IAEF,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,8BAA8B,QAAQ,CAAC,MAAM,eAAe,QAAQ,IAAI,OAAO,IAAI,CAAC,CAAC;QACjG,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;QACrE,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAmB,EAAE,CAAC;IACnC,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YAC7C,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACrB,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;gBACtB,OAAO,CAAC,GAAG,CAAC,OAAO,MAAM,CAAC,QAAQ,KAAK,CAAC,CAAC,MAAM,MAAM,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;YACrE,CAAC;QACH,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,MAAM,KAAK,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACrF,CAAC;IACH,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAChD,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,eAAe,OAAO,CAAC,MAAM,IAAI,QAAQ,CAAC,MAAM,YAAY,CAAC,CAAC;IAC5E,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
package/server.json
CHANGED
|
@@ -7,12 +7,12 @@
|
|
|
7
7
|
"url": "https://github.com/kevinrabun/judges",
|
|
8
8
|
"source": "github"
|
|
9
9
|
},
|
|
10
|
-
"version": "3.
|
|
10
|
+
"version": "3.44.0",
|
|
11
11
|
"packages": [
|
|
12
12
|
{
|
|
13
13
|
"registryType": "npm",
|
|
14
14
|
"identifier": "@kevinrabun/judges",
|
|
15
|
-
"version": "3.
|
|
15
|
+
"version": "3.44.0",
|
|
16
16
|
"transport": {
|
|
17
17
|
"type": "stdio"
|
|
18
18
|
}
|