@kevinrabun/judges 3.45.0 → 3.47.0

package/dist/commands/pr-quality-gate.js

@@ -0,0 +1,208 @@
+/**
+ * PR quality gate — automated pass/fail gate for PRs with
+ * configurable thresholds for auto-approval.
+ *
+ * All decisions are local — integrates via output format.
+ */
+import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
+import { join } from "path";
+const GATE_DIR = ".judges-quality-gate";
+const GATE_FILE = join(GATE_DIR, "gate-history.json");
+const POLICY_FILE = join(GATE_DIR, "policy.json");
+const DEFAULT_POLICY = {
+    maxCritical: 0,
+    maxHigh: 2,
+    maxTotal: 20,
+    requireTestCoverage: false,
+    autoApproveBelow: 80,
+};
+// ─── Core ───────────────────────────────────────────────────────────────────
+function ensureDir() {
+    if (!existsSync(GATE_DIR))
+        mkdirSync(GATE_DIR, { recursive: true });
+}
+function loadPolicy() {
+    if (!existsSync(POLICY_FILE))
+        return { ...DEFAULT_POLICY };
+    try {
+        return { ...DEFAULT_POLICY, ...JSON.parse(readFileSync(POLICY_FILE, "utf-8")) };
+    }
+    catch {
+        return { ...DEFAULT_POLICY };
+    }
+}
+function savePolicy(policy) {
+    ensureDir();
+    writeFileSync(POLICY_FILE, JSON.stringify(policy, null, 2));
+}
+function loadHistory() {
+    if (!existsSync(GATE_FILE))
+        return { results: [], updatedAt: new Date().toISOString() };
+    try {
+        return JSON.parse(readFileSync(GATE_FILE, "utf-8"));
+    }
+    catch {
+        return { results: [], updatedAt: new Date().toISOString() };
+    }
+}
+function saveHistory(history) {
+    ensureDir();
+    history.updatedAt = new Date().toISOString();
+    writeFileSync(GATE_FILE, JSON.stringify(history, null, 2));
+}
+export function evaluateGate(critical, high, medium, low, score) {
+    const policy = loadPolicy();
+    const total = critical + high + medium + low;
+    let passed = true;
+    let reason = "All checks passed";
+    if (critical > policy.maxCritical) {
+        passed = false;
+        reason = `Critical findings (${critical}) exceed limit (${policy.maxCritical})`;
+    }
+    else if (high > policy.maxHigh) {
+        passed = false;
+        reason = `High findings (${high}) exceed limit (${policy.maxHigh})`;
+    }
+    else if (total > policy.maxTotal) {
+        passed = false;
+        reason = `Total findings (${total}) exceed limit (${policy.maxTotal})`;
+    }
+    else if (score < policy.autoApproveBelow) {
+        passed = false;
+        reason = `Score (${score}) below threshold (${policy.autoApproveBelow})`;
+    }
+    const result = {
+        passed,
+        reason,
+        critical,
+        high,
+        medium,
+        low,
+        total,
+        score,
+        policy,
+        timestamp: new Date().toISOString(),
+    };
+    // Record
+    const history = loadHistory();
+    history.results.push(result);
+    if (history.results.length > 200)
+        history.results = history.results.slice(-200);
+    saveHistory(history);
+    return result;
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runPrQualityGate(argv) {
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges pr-quality-gate — Automated PR pass/fail quality gate
+
+Usage:
+  judges pr-quality-gate --check --critical 0 --high 1 --medium 5 --low 10 --score 85
+  judges pr-quality-gate --policy
+  judges pr-quality-gate --set-policy --max-critical 0 --max-high 3 --max-total 25
+  judges pr-quality-gate --history
+
+Options:
+  --check                   Evaluate against policy (exit code 1 = fail)
+  --critical <n>            Critical finding count
+  --high <n>                High finding count
+  --medium <n>              Medium finding count
+  --low <n>                 Low finding count
+  --score <n>               Overall score (0-100)
+  --policy                  Show current policy
+  --set-policy              Update policy thresholds
+  --max-critical <n>        Set max critical threshold
+  --max-high <n>            Set max high threshold
+  --max-total <n>           Set max total threshold
+  --auto-approve <n>        Set auto-approve score threshold
+  --history                 Show gate decision history
+  --format json             JSON output
+  --help, -h                Show this help
+`);
+        return;
+    }
+    const format = argv.find((_a, i) => argv[i - 1] === "--format") || "text";
+    // Show policy
+    if (argv.includes("--policy") && !argv.includes("--set-policy")) {
+        const policy = loadPolicy();
+        if (format === "json") {
+            console.log(JSON.stringify(policy, null, 2));
+        }
+        else {
+            console.log(`\n  PR Quality Gate Policy\n  ──────────────────────────`);
+            console.log(`    Max critical:     ${policy.maxCritical}`);
+            console.log(`    Max high:         ${policy.maxHigh}`);
+            console.log(`    Max total:        ${policy.maxTotal}`);
+            console.log(`    Auto-approve >=   ${policy.autoApproveBelow} score`);
+            console.log(`    Require tests:    ${policy.requireTestCoverage}`);
+            console.log("");
+        }
+        return;
+    }
+    // Set policy
+    if (argv.includes("--set-policy")) {
+        const policy = loadPolicy();
+        const mc = argv.find((_a, i) => argv[i - 1] === "--max-critical");
+        const mh = argv.find((_a, i) => argv[i - 1] === "--max-high");
+        const mt = argv.find((_a, i) => argv[i - 1] === "--max-total");
+        const aa = argv.find((_a, i) => argv[i - 1] === "--auto-approve");
+        if (mc)
+            policy.maxCritical = parseInt(mc, 10);
+        if (mh)
+            policy.maxHigh = parseInt(mh, 10);
+        if (mt)
+            policy.maxTotal = parseInt(mt, 10);
+        if (aa)
+            policy.autoApproveBelow = parseInt(aa, 10);
+        savePolicy(policy);
+        console.log(`  ✅ Policy updated`);
+        return;
+    }
+    // History
+    if (argv.includes("--history")) {
+        const history = loadHistory();
+        if (format === "json") {
+            console.log(JSON.stringify(history, null, 2));
+        }
+        else {
+            const passRate = history.results.length > 0
+                ? Math.round((history.results.filter((r) => r.passed).length / history.results.length) * 100)
+                : 0;
+            console.log(`\n  Gate History (${history.results.length} checks, ${passRate}% pass rate)\n  ──────────────────────────`);
+            for (const r of history.results.slice(-15)) {
+                const icon = r.passed ? "✅" : "❌";
+                console.log(`    ${icon} ${r.timestamp.slice(0, 16)}  score:${r.score}  C:${r.critical} H:${r.high} — ${r.reason}`);
+            }
+            console.log("");
+        }
+        return;
+    }
+    // Check
+    if (argv.includes("--check")) {
+        const critical = parseInt(argv.find((_a, i) => argv[i - 1] === "--critical") || "0", 10);
+        const high = parseInt(argv.find((_a, i) => argv[i - 1] === "--high") || "0", 10);
+        const medium = parseInt(argv.find((_a, i) => argv[i - 1] === "--medium") || "0", 10);
+        const low = parseInt(argv.find((_a, i) => argv[i - 1] === "--low") || "0", 10);
+        const score = parseInt(argv.find((_a, i) => argv[i - 1] === "--score") || "100", 10);
+        const result = evaluateGate(critical, high, medium, low, score);
+        if (format === "json") {
+            console.log(JSON.stringify(result, null, 2));
+        }
+        else {
+            const icon = result.passed ? "✅ PASSED" : "❌ FAILED";
+            console.log(`\n  PR Quality Gate: ${icon}`);
+            console.log(`  ──────────────────────────`);
+            console.log(`  Score: ${result.score}/100`);
+            console.log(`  Findings: C:${result.critical} H:${result.high} M:${result.medium} L:${result.low} (total: ${result.total})`);
+            console.log(`  Reason: ${result.reason}`);
+            console.log("");
+        }
+        if (!result.passed) {
+            process.exitCode = 1;
+        }
+        return;
+    }
+    console.error("  Use --check, --policy, --set-policy, or --history. --help for usage.");
+}
+//# sourceMappingURL=pr-quality-gate.js.map

package/dist/commands/pr-quality-gate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pr-quality-gate.js","sourceRoot":"","sources":["../../src/commands/pr-quality-gate.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,IAAI,CAAC;AACxE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AA8B5B,MAAM,QAAQ,GAAG,sBAAsB,CAAC;AACxC,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,EAAE,mBAAmB,CAAC,CAAC;AACtD,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;AAElD,MAAM,cAAc,GAAe;IACjC,WAAW,EAAE,CAAC;IACd,OAAO,EAAE,CAAC;IACV,QAAQ,EAAE,EAAE;IACZ,mBAAmB,EAAE,KAAK;IAC1B,gBAAgB,EAAE,EAAE;CACrB,CAAC;AAEF,+EAA+E;AAE/E,SAAS,SAAS;IAChB,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;QAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;AACtE,CAAC;AAED,SAAS,UAAU;IACjB,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC;QAAE,OAAO,EAAE,GAAG,cAAc,EAAE,CAAC;IAC3D,IAAI,CAAC;QACH,OAAO,EAAE,GAAG,cAAc,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC,EAAE,CAAC;IAClF,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,GAAG,cAAc,EAAE,CAAC;IAC/B,CAAC;AACH,CAAC;AAED,SAAS,UAAU,CAAC,MAAkB;IACpC,SAAS,EAAE,CAAC;IACZ,aAAa,CAAC,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAC9D,CAAC;AAED,SAAS,WAAW;IAClB,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;IACxF,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;IACtD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;IAC9D,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,OAAoB;IACvC,SAAS,EAAE,CAAC;IACZ,OAAO,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC7C,aAAa,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,QAAgB,EAAE,IAAY,EAAE,MAAc,EAAE,GAAW,EAAE,KAAa;IACrG,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,MAAM,KAAK,GAAG,QAAQ,GAAG,IAAI,GAAG,MAAM,GAAG,GAAG,CAAC;IAE7C,IAAI,MAAM,GAAG,IAAI,CAAC;IAClB,IAAI,MAAM,GAAG,mBAAmB,CAAC;IAEjC,IAAI,QAAQ,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;QAClC,MAAM,GAAG,KAAK,CAAC;QACf,MAAM,GAAG,sBAAsB,QAAQ,mBAAmB,MAAM,CAAC,WAAW,GAAG,CAAC;IAClF,CAAC;SAAM,IAAI,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;QACjC,MAAM,GAAG,KAAK,CAAC;QACf,MAAM,GAAG,kBAAkB,IAAI,mBAAmB,MAAM,CAAC,OAAO,GAAG,CAAC;IACtE,CAAC;SAAM,IAAI,KAAK,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAC;QACnC,MAAM,GAAG,KAAK,CAAC;QACf,MAAM,GAAG,mBAAmB,KAAK,mBAAmB,MAAM,CAAC,QAAQ,GAAG,CAAC;IACzE,CAAC;SAAM,IAAI,KAAK,GAAG,MAAM,CAAC,gBAAgB,EAAE,CAAC;QAC3C,MAAM,GAAG,KAAK,CAAC;QACf,MAAM,GAAG,UAAU,KAAK,sBAAsB,MAAM,CAAC,gBAAgB,GAAG,CAAC;IAC3E,CAAC;IAED,MAAM,MAAM,GAAe;QACzB,MAAM;QACN,MAAM;QACN,QAAQ;QACR,IAAI;QACJ,MAAM;QACN,GAAG;QACH,KAAK;QACL,KAAK;QACL,MAAM;QACN,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;IAEF,SAAS;IACT,MAAM,OAAO,GAAG,WAAW,EAAE,CAAC;IAC9B,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC7B,IAAI,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,GAAG;QAAE,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC;IAChF,WAAW,CAAC,OAAO,CAAC,CAAC;IAErB,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,+EAA+E;AAE/E,MAAM,UAAU,gBAAgB,CAAC,IAAc;IAC7C,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;CAyBf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,IAAI,MAAM,CAAC;IAE1F,cAAc;IACd,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QAChE,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;QAC5B,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC/C,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,0DAA0D,CAAC,CAAC;YACxE,OAAO,CAAC,GAAG,CAAC,yBAAyB,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;YAC3D,OAAO,CAAC,GAAG,CAAC,yBAAyB,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,yBAAyB,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YACxD,OAAO,CAAC,GAAG,CAAC,yBAAyB,MAAM,CAAC,gBAAgB,QAAQ,CAAC,CAAC;YACtE,OAAO,CAAC,GAAG,CAAC,yBAAyB,MAAM,CAAC,mBAAmB,EAAE,CAAC,CAAC;YACnE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;QACD,OAAO;IACT,CAAC;IAED,aAAa;IACb,IAAI,IAAI,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QAClC,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;QAC5B,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,gBAAgB,CAAC,CAAC;QAClF,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,YAAY,CAAC,CAAC;QAC9E,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,aAAa,CAAC,CAAC;QAC/E,MAAM,EAAE,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,gBAAgB,CAAC,CAAC;QAElF,IAAI,EAAE;YAAE,MAAM,CAAC,WAAW,GAAG,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QAC9C,IAAI,EAAE;YAAE,MAAM,CAAC,OAAO,GAAG,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QAC1C,IAAI,EAAE;YAAE,MAAM,CAAC,QAAQ,GAAG,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QAC3C,IAAI,EAAE;YAAE,MAAM,CAAC,gBAAgB,GAAG,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QAEnD,UAAU,CAAC,MAAM,CAAC,CAAC;QACnB,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QAClC,OAAO;IACT,CAAC;IAED,UAAU;IACV,IAAI,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;QAC/B,MAAM,OAAO,GAAG,WAAW,EAAE,CAAC;QAC9B,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAChD,CAAC;aAAM,CAAC;YACN,MAAM,QAAQ,GACZ,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC;gBACxB,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,GAAG,GAAG,CAAC;gBAC7F,CAAC,CAAC,CAAC,CAAC;YACR,OAAO,CAAC,GAAG,CACT,qBAAqB,OAAO,CAAC,OAAO,CAAC,MAAM,YAAY,QAAQ,4CAA4C,CAC5G,CAAC;YACF,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;gBAC3C,MAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;gBAClC,OAAO,CAAC,GAAG,CACT,OAAO,IAAI,IAAI,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,CAAC,KAAK,OAAO,CAAC,CAAC,QAAQ,MAAM,CAAC,CAAC,IAAI,MAAM,CAAC,CAAC,MAAM,EAAE,CACvG,CAAC;YACJ,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;QACD,OAAO;IACT,CAAC;IAED,QAAQ;IACR,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QAC7B,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,YAAY,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC,CAAC;QACzG,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,QAAQ,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC,CAAC;QACjG,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC,CAAC;QACrG,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,OAAO,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC,CAAC;QAC/F,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,SAAS,CAAC,IAAI,KAAK,EAAE,EAAE,CAAC,CAAC;QAErG,MAAM,MAAM,GAAG,YAAY,CAAC,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;QAChE,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC/C,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC;YACrD,OAAO,CAAC,GAAG,CAAC,wBAAwB,IAAI,EAAE,CAAC,CAAC;YAC5C,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;YAC5C,OAAO,CAAC,GAAG,CAAC,YAAY,MAAM,CAAC,KAAK,MAAM,CAAC,CAAC;YAC5C,OAAO,CAAC,GAAG,CACT,iBAAiB,MAAM,CAAC,QAAQ,MAAM,MAAM,CAAC,IAAI,MAAM,MAAM,CAAC,MAAM,MAAM,MAAM,CAAC,GAAG,YAAY,MAAM,CAAC,KAAK,GAAG,CAChH,CAAC;YACF,OAAO,CAAC,GAAG,CAAC,aAAa,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;YAC1C,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;QAED,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;YACnB,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACvB,CAAC;QACD,OAAO;IACT,CAAC;IAED,OAAO,CAAC,KAAK,CAAC,wEAAwE,CAAC,CAAC;AAC1F,CAAC"}

package/dist/commands/reg-watch.d.ts

@@ -0,0 +1,21 @@
+/**
+ * Regulatory change monitor — track security standards versions
+ * and map coverage changes to the current rule set.
+ *
+ * Uses local versioned data files in .judges-reg-watch.json.
+ */
+interface StandardVersion {
+    standard: string;
+    version: string;
+    lastChecked: string;
+    items: {
+        id: string;
+        title: string;
+        covered: boolean;
+        coveredBy?: string;
+    }[];
+}
+export declare function updateWatch(standards: string[]): StandardVersion[];
+export declare function runRegWatch(argv: string[]): void;
+export {};
+//# sourceMappingURL=reg-watch.d.ts.map

package/dist/commands/reg-watch.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"reg-watch.d.ts","sourceRoot":"","sources":["../../src/commands/reg-watch.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAMH,UAAU,eAAe;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,OAAO,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;CAC9E;AA4HD,wBAAgB,WAAW,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,eAAe,EAAE,CAgBlE;AAID,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAuGhD"}

package/dist/commands/reg-watch.js

@@ -0,0 +1,220 @@
+/**
+ * Regulatory change monitor — track security standards versions
+ * and map coverage changes to the current rule set.
+ *
+ * Uses local versioned data files in .judges-reg-watch.json.
+ */
+import { readFileSync, writeFileSync, existsSync } from "fs";
+const REG_FILE = ".judges-reg-watch.json";
+// ─── Built-in standards ─────────────────────────────────────────────────────
+const STANDARDS = {
+    "owasp-top10": {
+        version: "2021",
+        items: [
+            { id: "A01", title: "Broken Access Control", rulePrefix: "AUTH" },
+            { id: "A02", title: "Cryptographic Failures", rulePrefix: "CRYPTO" },
+            { id: "A03", title: "Injection", rulePrefix: "INJECT" },
+            { id: "A04", title: "Insecure Design", rulePrefix: "SEC" },
+            { id: "A05", title: "Security Misconfiguration", rulePrefix: "SEC" },
+            { id: "A06", title: "Vulnerable Components", rulePrefix: "DEP" },
+            { id: "A07", title: "Authentication Failures", rulePrefix: "AUTH" },
+            { id: "A08", title: "Software Integrity Failures", rulePrefix: "SEC" },
+            { id: "A09", title: "Logging & Monitoring Failures", rulePrefix: "ERR" },
+            { id: "A10", title: "Server-Side Request Forgery", rulePrefix: "SSRF" },
+        ],
+    },
+    "cwe-top25": {
+        version: "2024",
+        items: [
+            { id: "CWE-787", title: "Out-of-bounds Write", rulePrefix: "MEM" },
+            { id: "CWE-79", title: "Cross-site Scripting (XSS)", rulePrefix: "INJECT" },
+            { id: "CWE-89", title: "SQL Injection", rulePrefix: "INJECT" },
+            { id: "CWE-416", title: "Use After Free", rulePrefix: "MEM" },
+            { id: "CWE-78", title: "OS Command Injection", rulePrefix: "INJECT" },
+            { id: "CWE-20", title: "Improper Input Validation", rulePrefix: "SEC" },
+            { id: "CWE-125", title: "Out-of-bounds Read", rulePrefix: "MEM" },
+            { id: "CWE-22", title: "Path Traversal", rulePrefix: "SEC" },
+            { id: "CWE-352", title: "Cross-Site Request Forgery", rulePrefix: "SEC" },
+            { id: "CWE-434", title: "Unrestricted Upload", rulePrefix: "SEC" },
+            { id: "CWE-862", title: "Missing Authorization", rulePrefix: "AUTH" },
+            { id: "CWE-476", title: "NULL Pointer Dereference", rulePrefix: "ERR" },
+            { id: "CWE-287", title: "Improper Authentication", rulePrefix: "AUTH" },
+            { id: "CWE-190", title: "Integer Overflow", rulePrefix: "SEC" },
+            { id: "CWE-502", title: "Deserialization of Untrusted Data", rulePrefix: "SEC" },
+            { id: "CWE-77", title: "Command Injection", rulePrefix: "INJECT" },
+            { id: "CWE-119", title: "Buffer Overflow", rulePrefix: "MEM" },
+            { id: "CWE-798", title: "Hardcoded Credentials", rulePrefix: "AUTH" },
+            { id: "CWE-918", title: "Server-Side Request Forgery", rulePrefix: "SSRF" },
+            { id: "CWE-306", title: "Missing Authentication", rulePrefix: "AUTH" },
+            { id: "CWE-362", title: "Race Condition", rulePrefix: "CONCUR" },
+            { id: "CWE-269", title: "Improper Privilege Management", rulePrefix: "AUTH" },
+            { id: "CWE-94", title: "Code Injection", rulePrefix: "INJECT" },
+            { id: "CWE-863", title: "Incorrect Authorization", rulePrefix: "AUTH" },
+            { id: "CWE-276", title: "Incorrect Default Permissions", rulePrefix: "SEC" },
+        ],
+    },
+    "nist-ssdf": {
+        version: "1.1",
+        items: [
+            { id: "PO.1", title: "Define Security Requirements", rulePrefix: "SEC" },
+            { id: "PS.1", title: "Protect Software", rulePrefix: "SEC" },
+            { id: "PS.2", title: "Protect Development Environment", rulePrefix: "SEC" },
+            { id: "PW.1", title: "Design for Security", rulePrefix: "SEC" },
+            { id: "PW.5", title: "Create Source Code with Security Practices", rulePrefix: "SEC" },
+            { id: "PW.6", title: "Configure the Build to Find Issues", rulePrefix: "SEC" },
+            { id: "PW.7", title: "Review and Audit Software", rulePrefix: "SEC" },
+            { id: "PW.8", title: "Test Executable Code", rulePrefix: "SEC" },
+            { id: "RV.1", title: "Identify and Confirm Vulnerabilities", rulePrefix: "SEC" },
+            { id: "RV.2", title: "Assess, Prioritize, and Remediate", rulePrefix: "SEC" },
+        ],
+    },
+};
+// ─── Core ───────────────────────────────────────────────────────────────────
+function loadDb() {
+    if (!existsSync(REG_FILE))
+        return { standards: [], lastUpdated: "" };
+    return JSON.parse(readFileSync(REG_FILE, "utf-8"));
+}
+function saveDb(db) {
+    writeFileSync(REG_FILE, JSON.stringify(db, null, 2));
+}
+function checkCoverage(standard) {
+    const std = STANDARDS[standard];
+    if (!std)
+        return null;
+    // Check which rules are covered via config
+    let config = {};
+    if (existsSync(".judgesrc")) {
+        try {
+            config = JSON.parse(readFileSync(".judgesrc", "utf-8"));
+        }
+        catch {
+            /* empty */
+        }
+    }
+    const disabledRules = new Set(config.disabledRules || []);
+    const _disabledJudges = new Set(config.disabledJudges || []);
+    const items = std.items.map((item) => {
+        // Check if the rule prefix is disabled
+        const isDisabled = [...disabledRules].some((r) => r.startsWith(item.rulePrefix));
+        const judgeMapped = !["MEM", "CONCUR", "SSRF", "DEP"].includes(item.rulePrefix);
+        const covered = judgeMapped && !isDisabled;
+        return {
+            id: item.id,
+            title: item.title,
+            covered,
+            coveredBy: covered ? `${item.rulePrefix}*` : undefined,
+        };
+    });
+    return {
+        standard,
+        version: std.version,
+        lastChecked: new Date().toISOString(),
+        items,
+    };
+}
+export function updateWatch(standards) {
+    const db = loadDb();
+    const results = [];
+    for (const std of standards) {
+        const result = checkCoverage(std);
+        if (result) {
+            db.standards = db.standards.filter((s) => s.standard !== std);
+            db.standards.push(result);
+            results.push(result);
+        }
+    }
+    db.lastUpdated = new Date().toISOString();
+    saveDb(db);
+    return results;
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runRegWatch(argv) {
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges reg-watch — Regulatory change monitoring
+
+Usage:
+  judges reg-watch --standards owasp-top10,cwe-top25
+  judges reg-watch --check owasp-top10
+  judges reg-watch --list
+  judges reg-watch --status
+
+Options:
+  --standards <csv>    Check coverage for standards (comma-separated)
+  --check <name>       Check single standard coverage
+  --list               List available standards
+  --status             Show last check status
+  --format json        JSON output
+  --help, -h           Show this help
+
+Available standards:
+  owasp-top10   OWASP Top 10 (2021)
+  cwe-top25     CWE Top 25 (2024)
+  nist-ssdf     NIST SSDF v1.1
+`);
+        return;
+    }
+    const format = argv.find((_a, i) => argv[i - 1] === "--format") || "text";
+    // List standards
+    if (argv.includes("--list")) {
+        if (format === "json") {
+            console.log(JSON.stringify(Object.entries(STANDARDS).map(([k, v]) => ({ name: k, version: v.version, items: v.items.length })), null, 2));
+        }
+        else {
+            console.log("\n  Available Standards\n  ───────────────────");
+            for (const [name, std] of Object.entries(STANDARDS)) {
+                console.log(`    ${name.padEnd(15)} v${std.version} (${std.items.length} items)`);
+            }
+            console.log("");
+        }
+        return;
+    }
+    // Check standards
+    const standardsStr = argv.find((_a, i) => argv[i - 1] === "--standards");
+    const singleCheck = argv.find((_a, i) => argv[i - 1] === "--check");
+    const toCheck = standardsStr ? standardsStr.split(",") : singleCheck ? [singleCheck] : [];
+    if (toCheck.length > 0) {
+        const results = updateWatch(toCheck);
+        for (const result of results) {
+            const covered = result.items.filter((i) => i.covered).length;
+            const total = result.items.length;
+            const pct = Math.round((covered / total) * 100);
+            if (format === "json") {
+                console.log(JSON.stringify(result, null, 2));
+            }
+            else {
+                console.log(`\n  ${result.standard} v${result.version} — Coverage: ${pct}% (${covered}/${total})\n  ──────────────────────────────────────`);
+                for (const item of result.items) {
+                    const icon = item.covered ? "✅" : "❌";
+                    console.log(`    ${icon} ${item.id.padEnd(10)} ${item.title.padEnd(40)} ${item.coveredBy || "NOT COVERED"}`);
+                }
+                console.log("");
+            }
+        }
+        return;
+    }
+    // Status
+    if (argv.includes("--status")) {
+        const db = loadDb();
+        if (db.standards.length === 0) {
+            console.log("\n  No standards monitored. Use --standards to start.\n");
+            return;
+        }
+        if (format === "json") {
+            console.log(JSON.stringify(db, null, 2));
+        }
+        else {
+            console.log(`\n  Regulatory Watch Status\n  ───────────────────────`);
+            console.log(`  Last updated: ${db.lastUpdated}`);
+            for (const s of db.standards) {
+                const covered = s.items.filter((i) => i.covered).length;
+                console.log(`    ${s.standard.padEnd(15)} v${s.version} — ${covered}/${s.items.length} covered (${s.lastChecked.split("T")[0]})`);
+            }
+            console.log("");
+        }
+        return;
+    }
+    console.log("  Use --standards or --check to monitor. --help for usage.");
+}
+//# sourceMappingURL=reg-watch.js.map

package/dist/commands/reg-watch.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"reg-watch.js","sourceRoot":"","sources":["../../src/commands/reg-watch.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAgB7D,MAAM,QAAQ,GAAG,wBAAwB,CAAC;AAE1C,+EAA+E;AAE/E,MAAM,SAAS,GAAoG;IACjH,aAAa,EAAE;QACb,OAAO,EAAE,MAAM;QACf,KAAK,EAAE;YACL,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,uBAAuB,EAAE,UAAU,EAAE,MAAM,EAAE;YACjE,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,wBAAwB,EAAE,UAAU,EAAE,QAAQ,EAAE;YACpE,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,WAAW,EAAE,UAAU,EAAE,QAAQ,EAAE;YACvD,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,iBAAiB,EAAE,UAAU,EAAE,KAAK,EAAE;YAC1D,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,2BAA2B,EAAE,UAAU,EAAE,KAAK,EAAE;YACpE,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,uBAAuB,EAAE,UAAU,EAAE,KAAK,EAAE;YAChE,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,yBAAyB,EAAE,UAAU,EAAE,MAAM,EAAE;YACnE,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,6BAA6B,EAAE,UAAU,EAAE,KAAK,EAAE;YACtE,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,+BAA+B,EAAE,UAAU,EAAE,KAAK,EAAE;YACxE,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,6BAA6B,EAAE,UAAU,EAAE,MAAM,EAAE;SACxE;KACF;IACD,WAAW,EAAE;QACX,OAAO,EAAE,MAAM;QACf,KAAK,EAAE;YACL,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,qBAAqB,EAAE,UAAU,EAAE,KAAK,EAAE;YAClE,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,4BAA4B,EAAE,UAAU,EAAE,QAAQ,EAAE;YAC3E,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,eAAe,EAAE,UAAU,EAAE,QAAQ,EAAE;YAC9D,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,gBAAgB,EAAE,UAAU,EAAE,KAAK,EAAE;YAC7D,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,sBAAsB,EAAE,UAAU,EAAE,QAAQ,EAAE;YACrE,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,2BAA2B,EAAE,UAAU,EAAE,KAAK,EAAE;YACvE,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,oBAAoB,EAAE,UAAU,EAAE,KAAK,EAAE;YACjE,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,gBAAgB,EAAE,UAAU,EAAE,KAAK,EAAE;YAC5D,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,4BAA4B,EAAE,UAAU,EAAE,KAAK,EAAE;YACzE,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,qBAAqB,EAAE,UAAU,EAAE,KAAK,EAAE;YAClE,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,uBAAuB,EAAE,UAAU,EAAE,MAAM,EAAE;YACrE,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,0BAA0B,EAAE,UAAU,EAAE,KAAK,EAAE;YACvE,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,yBAAyB,EAAE,UAAU,EAAE,MAAM,EAAE;YACvE,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,kBAAkB,EAAE,UAAU,EAAE,KAAK,EAAE;YAC/D,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,mCAAmC,EAAE,UAAU,EAAE,KAAK,EAAE;YAChF,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,mBAAmB,EAAE,UAAU,EAAE,QAAQ,EAAE;YAClE,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,iBAAiB,EAAE,UAAU,EAAE,KAAK,EAAE;YAC9D,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,uBAAuB,EAAE,UAAU,EAAE,MAAM,EAAE;YACrE,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,6BAA6B,EAAE,UAAU,EAAE,MAAM,EAAE;YAC3E,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,wBAAwB,EAAE,UAAU,EAAE,MAAM,EAAE;YACtE,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,gBAAgB,EAAE,UAAU,EAAE,QAAQ,EAAE;YAChE,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,+BAA+B,EAAE,UAAU,EAAE,MAAM,EAAE;YAC7E,EAAE,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,gBAAgB,EAAE,UAAU,EAAE,QAAQ,EAAE;YAC/D,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,yBAAyB,EAAE,UAAU,EAAE,MAAM,EAAE;YACvE,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,+BAA+B,EAAE,UAAU,EAAE,KAAK,EAAE;SAC7E;KACF;IACD,WAAW,EAAE;QACX,OAAO,EAAE,KAAK;QACd,KAAK,EAAE;YACL,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,8BAA8B,EAAE,UAAU,EAAE,KAAK,EAAE;YACxE,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,kBAAkB,EAAE,UAAU,EAAE,KAAK,EAAE;YAC5D,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,iCAAiC,EAAE,UAAU,EAAE,KAAK,EAAE;YAC3E,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,qBAAqB,EAAE,UAAU,EAAE,KAAK,EAAE;YAC/D,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,4CAA4C,EAAE,UAAU,EAAE,KAAK,EAAE;YACtF,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,oCAAoC,EAAE,UAAU,EAAE,KAAK,EAAE;YAC9E,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,2BAA2B,EAAE,UAAU,EAAE,KAAK,EAAE;YACrE,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,sBAAsB,EAAE,UAAU,EAAE,KAAK,EAAE;YAChE,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,sCAAsC,EAAE,UAAU,EAAE,KAAK,EAAE;YAChF,EAAE,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,mCAAmC,EAAE,UAAU,EAAE,KAAK,EAAE;SAC9E;KACF;CACF,CAAC;AAEF,+EAA+E;AAE/E,SAAS,MAAM;IACb,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO,EAAE,SAAS,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,CAAC;IACrE,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,MAAM,CAAC,EAAc;IAC5B,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AACvD,CAAC;AAED,SAAS,aAAa,CAAC,QAAgB;IACrC,MAAM,GAAG,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;IAChC,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAC;IAEtB,2CAA2C;IAC3C,IAAI,MAAM,GAA4B,EAAE,CAAC;IACzC,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;QAC5B,IAAI,CAAC;YACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC,CAAC;QAC1D,CAAC;QAAC,MAAM,CAAC;YACP,WAAW;QACb,CAAC;IACH,CAAC;IAED,MAAM,aAAa,GAAG,IAAI,GAAG,CAAE,MAAM,CAAC,aAA0B,IAAI,EAAE,CAAC,CAAC;IACxE,MAAM,eAAe,GAAG,IAAI,GAAG,CAAE,MAAM,CAAC,cAA2B,IAAI,EAAE,CAAC,CAAC;IAE3E,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACnC,uCAAuC;QACvC,MAAM,UAAU,GAAG,CAAC,GAAG,aAAa,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;QACjF,MAAM,WAAW,GAAG,CAAC,CAAC,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAChF,MAAM,OAAO,GAAG,WAAW,IAAI,CAAC,UAAU,CAAC;QAE3C,OAAO;YACL,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,KAAK,EAAE,IAAI,CAAC,KAAK;YACjB,OAAO;YACP,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,SAAS;SACvD,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,QAAQ;QACR,OAAO,EAAE,GAAG,CAAC,OAAO;QACpB,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACrC,KAAK;KACN,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,SAAmB;IAC7C,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC;IACpB,MAAM,OAAO,GAAsB,EAAE,CAAC;IAEtC,KAAK,MAAM,GAAG,IAAI,SAAS,EAAE,CAAC;QAC5B,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;QAClC,IAAI,MAAM,EAAE,CAAC;YACX,EAAE,CAAC,SAAS,GAAG,EAAE,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,GAAG,CAAC,CAAC;YAC9D,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC1B,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACvB,CAAC;IACH,CAAC;IAED,EAAE,CAAC,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC1C,MAAM,CAAC,EAAE,CAAC,CAAC;IACX,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,+EAA+E;AAE/E,MAAM,UAAU,WAAW,CAAC,IAAc;IACxC,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;;;CAqBf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,IAAI,MAAM,CAAC;IAE1F,iBAAiB;IACjB,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5B,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CACT,IAAI,CAAC,SAAS,CACZ,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,EACnG,IAAI,EACJ,CAAC,CACF,CACF,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;YAC9D,KAAK,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;gBACpD,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,KAAK,GAAG,CAAC,OAAO,KAAK,GAAG,CAAC,KAAK,CAAC,MAAM,SAAS,CAAC,CAAC;YACpF,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;QACD,OAAO;IACT,CAAC;IAED,kBAAkB;IAClB,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,aAAa,CAAC,CAAC;IACzF,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;IAEpF,MAAM,OAAO,GAAG,YAAY,CAAC,CAAC,CAAC,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAE1F,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvB,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;QAErC,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;YAC7D,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC;YAClC,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,OAAO,GAAG,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC;YAEhD,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;gBACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/C,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CACT,OAAO,MAAM,CAAC,QAAQ,KAAK,MAAM,CAAC,OAAO,gBAAgB,GAAG,MAAM,OAAO,IAAI,KAAK,6CAA6C,CAChI,CAAC;gBACF,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;oBAChC,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;oBACtC,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,SAAS,IAAI,aAAa,EAAE,CAAC,CAAC;gBAC/G,CAAC;gBACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QACD,OAAO;IACT,CAAC;IAED,SAAS;IACT,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;QAC9B,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC;QACpB,IAAI,EAAE,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,yDAAyD,CAAC,CAAC;YACvE,OAAO;QACT,CAAC;QACD,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC3C,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAC;YACtE,OAAO,CAAC,GAAG,CAAC,mBAAmB,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;YACjD,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC,SAAS,EAAE,CAAC;gBAC7B,MAAM,OAAO,GAAG,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;gBACxD,OAAO,CAAC,GAAG,CACT,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,OAAO,MAAM,OAAO,IAAI,CAAC,CAAC,KAAK,CAAC,MAAM,aAAa,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CACrH,CAAC;YACJ,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;QACD,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,4DAA4D,CAAC,CAAC;AAC5E,CAAC"}

package/dist/commands/retro.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Security incident retrospective — analyze whether Judges would have
+ * caught a specific vulnerability by running evaluation against
+ * historical code state.
+ *
+ * Uses local git history and evaluation results.
+ */
+import type { Finding } from "../types.js";
+interface RetroResult {
+    file: string;
+    commit?: string;
+    cve?: string;
+    wouldCatch: boolean;
+    matchingFindings: Finding[];
+    configWouldSuppress: boolean;
+    suppressedBy?: string[];
+    recommendedConfig?: Record<string, unknown>;
+    analysis: string;
+}
+export declare function runRetroAnalysis(file: string, commit?: string, cve?: string): RetroResult;
+export declare function runRetro(argv: string[]): void;
+export {};
+//# sourceMappingURL=retro.d.ts.map

package/dist/commands/retro.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"retro.d.ts","sourceRoot":"","sources":["../../src/commands/retro.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAI3C,UAAU,WAAW;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,OAAO,CAAC;IACpB,gBAAgB,EAAE,OAAO,EAAE,CAAC;IAC5B,mBAAmB,EAAE,OAAO,CAAC;IAC7B,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,iBAAiB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC5C,QAAQ,EAAE,MAAM,CAAC;CAClB;AAkDD,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,WAAW,CAiGzF;AAID,wBAAgB,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAgF7C"}