@kevinrabun/judges 3.46.0 → 3.48.0

package/dist/commands/auto-fix.js

@@ -0,0 +1,241 @@
+/**
+ * Auto-fix — generates safe, automated fix suggestions for
+ * common finding patterns. All processing is local.
+ */
+import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
+import { join } from "path";
+const FIX_DIR = ".judges-auto-fix";
+const FIX_FILE = join(FIX_DIR, "fix-history.json");
+// ─── Fix template library ───────────────────────────────────────────────────
+const FIX_TEMPLATES = [
+    {
+        rulePattern: "SQL-",
+        title: "Use parameterized queries",
+        description: "Replace string concatenation in SQL with parameterized queries",
+        before: 'db.query("SELECT * FROM users WHERE id = " + userId)',
+        after: 'db.query("SELECT * FROM users WHERE id = $1", [userId])',
+        language: "typescript",
+    },
+    {
+        rulePattern: "XSS-",
+        title: "Use textContent instead of innerHTML",
+        description: "Replace innerHTML with textContent to prevent XSS",
+        before: "element.innerHTML = userInput",
+        after: "element.textContent = userInput",
+        language: "typescript",
+    },
+    {
+        rulePattern: "CMD-",
+        title: "Use execFile with argument array",
+        description: "Replace exec with execFile and separate arguments",
+        before: 'exec("git " + command)',
+        after: 'execFile("git", [command])',
+        language: "typescript",
+    },
+    {
+        rulePattern: "CRYPTO-",
+        title: "Replace MD5 with SHA-256",
+        description: "Use cryptographically secure hash function",
+        before: "crypto.createHash('md5').update(data).digest('hex')",
+        after: "crypto.createHash('sha256').update(data).digest('hex')",
+        language: "typescript",
+    },
+    {
+        rulePattern: "AUTH-",
+        title: "Add bcrypt password hashing",
+        description: "Hash passwords with bcrypt instead of plaintext storage",
+        before: "user.password = password",
+        after: "user.password = await bcrypt.hash(password, 12)",
+        language: "typescript",
+    },
+    {
+        rulePattern: "SEC-",
+        title: "Validate input before use",
+        description: "Add input validation before processing user data",
+        before: "const data = req.body",
+        after: "const data = validateInput(req.body, schema)",
+        language: "typescript",
+    },
+    {
+        rulePattern: "SSRF-",
+        title: "Validate URL against allowlist",
+        description: "Check URL against trusted domains before requesting",
+        before: "await fetch(userUrl)",
+        after: "if (isAllowedUrl(userUrl)) await fetch(userUrl)",
+        language: "typescript",
+    },
+    {
+        rulePattern: "PATH-",
+        title: "Sanitize file path",
+        description: "Resolve and validate file path within allowed directory",
+        before: 'readFileSync(userPath, "utf-8")',
+        after: 'readFileSync(path.resolve(SAFE_DIR, path.basename(userPath)), "utf-8")',
+        language: "typescript",
+    },
+    {
+        rulePattern: "ERR-",
+        title: "Use safe error response",
+        description: "Return generic error message instead of stack trace",
+        before: "res.status(500).json({ error: err.stack })",
+        after: 'res.status(500).json({ error: "Internal server error" })',
+        language: "typescript",
+    },
+    {
+        rulePattern: "CORS-",
+        title: "Restrict CORS origins",
+        description: "Replace wildcard CORS with specific trusted origins",
+        before: 'cors({ origin: "*" })',
+        after: 'cors({ origin: ["https://app.example.com"] })',
+        language: "typescript",
+    },
+];
+// ─── Core ───────────────────────────────────────────────────────────────────
+function ensureDir() {
+    if (!existsSync(FIX_DIR))
+        mkdirSync(FIX_DIR, { recursive: true });
+}
+function loadStore() {
+    if (!existsSync(FIX_FILE))
+        return { suggestions: [], applied: 0, updatedAt: new Date().toISOString() };
+    try {
+        return JSON.parse(readFileSync(FIX_FILE, "utf-8"));
+    }
+    catch {
+        return { suggestions: [], applied: 0, updatedAt: new Date().toISOString() };
+    }
+}
+function saveStore(store) {
+    ensureDir();
+    store.updatedAt = new Date().toISOString();
+    writeFileSync(FIX_FILE, JSON.stringify(store, null, 2));
+}
+export function suggestFix(ruleId, file, line) {
+    const template = FIX_TEMPLATES.find((t) => ruleId.startsWith(t.rulePattern));
+    if (!template)
+        return null;
+    const suggestion = {
+        ruleId,
+        title: template.title,
+        file,
+        line,
+        before: template.before,
+        after: template.after,
+        confidence: 75,
+        timestamp: new Date().toISOString(),
+    };
+    const store = loadStore();
+    store.suggestions.push(suggestion);
+    if (store.suggestions.length > 500)
+        store.suggestions = store.suggestions.slice(-500);
+    saveStore(store);
+    return suggestion;
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runAutoFix(argv) {
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges auto-fix — Automated fix suggestions for findings
+
+Usage:
+  judges auto-fix --rule SQL-001 --file src/db.ts --line 42
+  judges auto-fix --catalog
+  judges auto-fix --history
+  judges auto-fix --stats
+
+Options:
+  --rule <id>             Rule ID to generate fix for
+  --file <path>           File containing the finding
+  --line <n>              Line number of the finding
+  --catalog               Show all available fix templates
+  --history               Show past fix suggestions
+  --stats                 Show fix statistics
+  --format json           JSON output
+  --help, -h              Show this help
+`);
+        return;
+    }
+    const format = argv.find((_a, i) => argv[i - 1] === "--format") || "text";
+    // Catalog
+    if (argv.includes("--catalog")) {
+        if (format === "json") {
+            console.log(JSON.stringify(FIX_TEMPLATES, null, 2));
+        }
+        else {
+            console.log(`\n  Fix Template Catalog (${FIX_TEMPLATES.length})\n  ──────────────────────────`);
+            for (const t of FIX_TEMPLATES) {
+                console.log(`    [${t.rulePattern.padEnd(8)}] ${t.title}`);
+                console.log(`            Before: ${t.before}`);
+                console.log(`            After:  ${t.after}`);
+                console.log("");
+            }
+        }
+        return;
+    }
+    // History
+    if (argv.includes("--history")) {
+        const store = loadStore();
+        if (format === "json") {
+            console.log(JSON.stringify(store.suggestions.slice(-20), null, 2));
+        }
+        else {
+            console.log(`\n  Fix History (${store.suggestions.length} suggestions)\n  ──────────────────────────`);
+            for (const s of store.suggestions.slice(-15)) {
+                console.log(`    ${s.timestamp.slice(0, 16)}  ${s.ruleId.padEnd(10)} ${s.title}  ${s.file}:${s.line}`);
+            }
+            console.log("");
+        }
+        return;
+    }
+    // Stats
+    if (argv.includes("--stats")) {
+        const store = loadStore();
+        const byRule = new Map();
+        for (const s of store.suggestions) {
+            const prefix = s.ruleId.split("-")[0] + "-";
+            byRule.set(prefix, (byRule.get(prefix) || 0) + 1);
+        }
+        if (format === "json") {
+            console.log(JSON.stringify({ total: store.suggestions.length, applied: store.applied, byRule: Object.fromEntries(byRule) }, null, 2));
+        }
+        else {
+            console.log(`\n  Fix Statistics\n  ──────────────────────────`);
+            console.log(`  Total suggestions: ${store.suggestions.length}`);
+            console.log(`  Applied:           ${store.applied}`);
+            if (byRule.size > 0) {
+                console.log(`\n  By category:`);
+                for (const [rule, count] of byRule) {
+                    console.log(`    ${rule.padEnd(10)} ${count} suggestions`);
+                }
+            }
+            console.log("");
+        }
+        return;
+    }
+    // Suggest fix
+    const ruleId = argv.find((_a, i) => argv[i - 1] === "--rule");
+    const file = argv.find((_a, i) => argv[i - 1] === "--file");
+    const line = parseInt(argv.find((_a, i) => argv[i - 1] === "--line") || "1", 10);
+    if (!ruleId) {
+        console.error("  Use --rule <id>, --catalog, --history, or --stats. --help for usage.");
+        return;
+    }
+    const suggestion = suggestFix(ruleId, file || "unknown", line);
+    if (!suggestion) {
+        console.log(`  No fix template for rule: ${ruleId}`);
+        console.log(`  Available patterns: ${FIX_TEMPLATES.map((t) => t.rulePattern).join(", ")}`);
+        return;
+    }
+    if (format === "json") {
+        console.log(JSON.stringify(suggestion, null, 2));
+    }
+    else {
+        console.log(`\n  Fix Suggestion — ${suggestion.ruleId}`);
+        console.log(`  ──────────────────────────`);
+        console.log(`  Title: ${suggestion.title}`);
+        console.log(`  File:  ${suggestion.file}:${suggestion.line}`);
+        console.log(`\n  Before: ${suggestion.before}`);
+        console.log(`  After:  ${suggestion.after}`);
+        console.log(`\n  Confidence: ${suggestion.confidence}%\n`);
+    }
+}
+//# sourceMappingURL=auto-fix.js.map

package/dist/commands/auto-fix.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auto-fix.js","sourceRoot":"","sources":["../../src/commands/auto-fix.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,IAAI,CAAC;AACxE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AA8B5B,MAAM,OAAO,GAAG,kBAAkB,CAAC;AACnC,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,kBAAkB,CAAC,CAAC;AAEnD,+EAA+E;AAE/E,MAAM,aAAa,GAAkB;IACnC;QACE,WAAW,EAAE,MAAM;QACnB,KAAK,EAAE,2BAA2B;QAClC,WAAW,EAAE,gEAAgE;QAC7E,MAAM,EAAE,sDAAsD;QAC9D,KAAK,EAAE,yDAAyD;QAChE,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,WAAW,EAAE,MAAM;QACnB,KAAK,EAAE,sCAAsC;QAC7C,WAAW,EAAE,mDAAmD;QAChE,MAAM,EAAE,+BAA+B;QACvC,KAAK,EAAE,iCAAiC;QACxC,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,WAAW,EAAE,MAAM;QACnB,KAAK,EAAE,kCAAkC;QACzC,WAAW,EAAE,mDAAmD;QAChE,MAAM,EAAE,wBAAwB;QAChC,KAAK,EAAE,4BAA4B;QACnC,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,WAAW,EAAE,SAAS;QACtB,KAAK,EAAE,0BAA0B;QACjC,WAAW,EAAE,4CAA4C;QACzD,MAAM,EAAE,qDAAqD;QAC7D,KAAK,EAAE,wDAAwD;QAC/D,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,WAAW,EAAE,OAAO;QACpB,KAAK,EAAE,6BAA6B;QACpC,WAAW,EAAE,yDAAyD;QACtE,MAAM,EAAE,0BAA0B;QAClC,KAAK,EAAE,iDAAiD;QACxD,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,WAAW,EAAE,MAAM;QACnB,KAAK,EAAE,2BAA2B;QAClC,WAAW,EAAE,kDAAkD;QAC/D,MAAM,EAAE,uBAAuB;QAC/B,KAAK,EAAE,8CAA8C;QACrD,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,WAAW,EAAE,OAAO;QACpB,KAAK,EAAE,gCAAgC;QACvC,WAAW,EAAE,qDAAqD;QAClE,MAAM,EAAE,sBAAsB;QAC9B,KAAK,EAAE,iDAAiD;QACxD,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,WAAW,EAAE,OAAO;QACpB,KAAK,EAAE,oBAAoB;QAC3B,WAAW,EAAE,yDAAyD;QACtE,MAAM,EAAE,iCAAiC;QACzC,KAAK,EAAE,wEAAwE;QAC/E,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,WAAW,EAAE,MAAM;QACnB,KAAK,EAAE,yBAAyB;QAChC,WAAW,EAAE,qDAAqD;QAClE,MAAM,EAAE,4CAA4C;QACpD,KAAK,EAAE,0DAA0D;QACjE,QAAQ,EAAE,YAAY;KACvB;IACD;QACE,WAAW,EAAE,OAAO;QACpB,KAAK,EAAE,uBAAuB;QAC9B,WAAW,EAAE,qDAAqD;QAClE,MAAM,EAAE,uBAAuB;QAC/B,KAAK,EAAE,+CAA+C;QACtD,QAAQ,EAAE,YAAY;KACvB;CACF,CAAC;AAEF,+EAA+E;AAE/E,SAAS,SAAS;IAChB,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;AACpE,CAAC;AAED,SAAS,SAAS;IAChB,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO,EAAE,WAAW,EAAE,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;IACvG,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;IACrD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,WAAW,EAAE,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;IAC9E,CAAC;AACH,CAAC;AAED,SAAS,SAAS,CAAC,KAAe;IAChC,SAAS,EAAE,CAAC;IACZ,KAAK,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC3C,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAC1D,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,MAAc,EAAE,IAAY,EAAE,IAAY;IACnE,MAAM,QAAQ,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;IAC7E,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAE3B,MAAM,UAAU,GAAkB;QAChC,MAAM;QACN,KAAK,EAAE,QAAQ,CAAC,KAAK;QACrB,IAAI;QACJ,IAAI;QACJ,MAAM,EAAE,QAAQ,CAAC,MAAM;QACvB,KAAK,EAAE,QAAQ,CAAC,KAAK;QACrB,UAAU,EAAE,EAAE;QACd,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;IAEF,MAAM,KAAK,GAAG,SAAS,EAAE,CAAC;IAC1B,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACnC,IAAI,KAAK,CAAC,WAAW,CAAC,MAAM,GAAG,GAAG;QAAE,KAAK,CAAC,WAAW,GAAG,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC;IACtF,SAAS,CAAC,KAAK,CAAC,CAAC;IAEjB,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,+EAA+E;AAE/E,MAAM,UAAU,UAAU,CAAC,IAAc;IACvC,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;CAkBf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,IAAI,MAAM,CAAC;IAE1F,UAAU;IACV,IAAI,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;QAC/B,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACtD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,6BAA6B,aAAa,CAAC,MAAM,iCAAiC,CAAC,CAAC;YAChG,KAAK,MAAM,CAAC,IAAI,aAAa,EAAE,CAAC;gBAC9B,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;gBAC3D,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;gBAC/C,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;gBAC9C,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAClB,CAAC;QACH,CAAC;QACD,OAAO;IACT,CAAC;IAED,UAAU;IACV,IAAI,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;QAC/B,MAAM,KAAK,GAAG,SAAS,EAAE,CAAC;QAC1B,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACrE,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,oBAAoB,KAAK,CAAC,WAAW,CAAC,MAAM,6CAA6C,CAAC,CAAC;YACvG,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC;gBAC7C,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;YACzG,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;QACD,OAAO;IACT,CAAC;IAED,QAAQ;IACR,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QAC7B,MAAM,KAAK,GAAG,SAAS,EAAE,CAAC;QAC1B,MAAM,MAAM,GAAG,IAAI,GAAG,EAAkB,CAAC;QACzC,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,WAAW,EAAE,CAAC;YAClC,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;YAC5C,MAAM,CAAC,GAAG,CAAC,MAAM,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACpD,CAAC;QACD,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CACT,IAAI,CAAC,SAAS,CACZ,EAAE,KAAK,EAAE,KAAK,CAAC,WAAW,CAAC,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,EAAE,EAC/F,IAAI,EACJ,CAAC,CACF,CACF,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;YAChE,OAAO,CAAC,GAAG,CAAC,wBAAwB,KAAK,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC,CAAC;YAChE,OAAO,CAAC,GAAG,CAAC,wBAAwB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACrD,IAAI,MAAM,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;gBACpB,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;gBAChC,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,EAAE,CAAC;oBACnC,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,KAAK,cAAc,CAAC,CAAC;gBAC7D,CAAC;YACH,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;QACD,OAAO;IACT,CAAC;IAED,cAAc;IACd,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC;IAC9E,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC;IAC5E,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,QAAQ,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC,CAAC;IAEjG,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,CAAC,KAAK,CAAC,wEAAwE,CAAC,CAAC;QACxF,OAAO;IACT,CAAC;IAED,MAAM,UAAU,GAAG,UAAU,CAAC,MAAM,EAAE,IAAI,IAAI,SAAS,EAAE,IAAI,CAAC,CAAC;IAC/D,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,+BAA+B,MAAM,EAAE,CAAC,CAAC;QACrD,OAAO,CAAC,GAAG,CAAC,yBAAyB,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC3F,OAAO;IACT,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACnD,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,wBAAwB,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;QACzD,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;QAC5C,OAAO,CAAC,GAAG,CAAC,YAAY,UAAU,CAAC,KAAK,EAAE,CAAC,CAAC;QAC5C,OAAO,CAAC,GAAG,CAAC,YAAY,UAAU,CAAC,IAAI,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC,CAAC;QAC9D,OAAO,CAAC,GAAG,CAAC,eAAe,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;QAChD,OAAO,CAAC,GAAG,CAAC,aAAa,UAAU,CAAC,KAAK,EAAE,CAAC,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,mBAAmB,UAAU,CAAC,UAAU,KAAK,CAAC,CAAC;IAC7D,CAAC;AACH,CAAC"}

package/dist/commands/code-owner-suggest.d.ts

@@ -0,0 +1,17 @@
+/**
+ * Code owner suggest — auto-recommend CODEOWNERS entries
+ * based on finding patterns and resolution history.
+ *
+ * All analysis uses local data only.
+ */
+interface OwnerSuggestion {
+    path: string;
+    suggestedOwner: string;
+    reason: string;
+    confidence: number;
+    ruleCategories: string[];
+}
+export declare function suggestOwner(path: string, author: string, ruleCategories: string[]): OwnerSuggestion;
+export declare function runCodeOwnerSuggest(argv: string[]): void;
+export {};
+//# sourceMappingURL=code-owner-suggest.d.ts.map

package/dist/commands/code-owner-suggest.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"code-owner-suggest.d.ts","sourceRoot":"","sources":["../../src/commands/code-owner-suggest.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAOH,UAAU,eAAe;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,cAAc,EAAE,MAAM,CAAC;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,EAAE,CAAC;CAC1B;AAuDD,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,EAAE,GAAG,eAAe,CAkBpG;AAwBD,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CA2HxD"}

package/dist/commands/code-owner-suggest.js

@@ -0,0 +1,215 @@
+/**
+ * Code owner suggest — auto-recommend CODEOWNERS entries
+ * based on finding patterns and resolution history.
+ *
+ * All analysis uses local data only.
+ */
+import { readFileSync, writeFileSync, existsSync, mkdirSync } from "fs";
+import { join } from "path";
+const OWNER_DIR = ".judges-code-owners";
+const OWNER_FILE = join(OWNER_DIR, "suggestions.json");
+// ─── Core ───────────────────────────────────────────────────────────────────
+function ensureDir() {
+    if (!existsSync(OWNER_DIR))
+        mkdirSync(OWNER_DIR, { recursive: true });
+}
+function loadStore() {
+    if (!existsSync(OWNER_FILE))
+        return { suggestions: [], updatedAt: new Date().toISOString() };
+    try {
+        return JSON.parse(readFileSync(OWNER_FILE, "utf-8"));
+    }
+    catch {
+        return { suggestions: [], updatedAt: new Date().toISOString() };
+    }
+}
+function saveStore(store) {
+    ensureDir();
+    store.updatedAt = new Date().toISOString();
+    writeFileSync(OWNER_FILE, JSON.stringify(store, null, 2));
+}
+function loadScoreData() {
+    // Try to load from dev-score data
+    const scoreDir = ".judges-scores";
+    if (!existsSync(scoreDir))
+        return [];
+    try {
+        const { readdirSync: rds } = require("fs");
+        const files = rds(scoreDir).filter((f) => f.endsWith(".json"));
+        return files.map((f) => {
+            try {
+                const data = JSON.parse(readFileSync(join(scoreDir, f), "utf-8"));
+                return {
+                    author: data.author || f.replace(".json", ""),
+                    findingsFixed: data.findingsFixed || data.score || 0,
+                    categories: data.topCategories || [],
+                };
+            }
+            catch {
+                return { author: f.replace(".json", ""), findingsFixed: 0, categories: [] };
+            }
+        });
+    }
+    catch {
+        return [];
+    }
+}
+export function suggestOwner(path, author, ruleCategories) {
+    const suggestion = {
+        path,
+        suggestedOwner: author,
+        reason: `Most active reviewer for ${ruleCategories.join(", ")} findings`,
+        confidence: Math.min(100, 50 + ruleCategories.length * 10),
+        ruleCategories,
+    };
+    const store = loadStore();
+    // Replace existing suggestion for same path
+    const idx = store.suggestions.findIndex((s) => s.path === path);
+    if (idx >= 0)
+        store.suggestions[idx] = suggestion;
+    else
+        store.suggestions.push(suggestion);
+    if (store.suggestions.length > 200)
+        store.suggestions = store.suggestions.slice(-200);
+    saveStore(store);
+    return suggestion;
+}
+function generateCodeowners(suggestions) {
+    const lines = [
+        "# CODEOWNERS — Generated by judges code-owner-suggest",
+        "# Review and customize before committing",
+        "",
+    ];
+    const grouped = new Map();
+    for (const s of suggestions) {
+        const existing = grouped.get(s.suggestedOwner) || [];
+        existing.push(s.path);
+        grouped.set(s.suggestedOwner, existing);
+    }
+    for (const [owner, paths] of grouped) {
+        for (const p of paths) {
+            lines.push(`${p} @${owner}`);
+        }
+    }
+    return lines.join("\n") + "\n";
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runCodeOwnerSuggest(argv) {
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges code-owner-suggest — Auto-recommend CODEOWNERS entries
+
+Usage:
+  judges code-owner-suggest --analyze
+  judges code-owner-suggest --suggest --path "src/auth/" --owner "alice@co.com" --rules SEC,AUTH
+  judges code-owner-suggest --export
+  judges code-owner-suggest --export --out CODEOWNERS
+
+Options:
+  --analyze               Auto-suggest from dev-score and finding data
+  --suggest               Manually add a suggestion
+  --path <path>           File/directory path for suggestion
+  --owner <name>          Owner email/username
+  --rules <csv>           Rule categories (comma-separated)
+  --export                Export as CODEOWNERS format
+  --out <file>            Write CODEOWNERS to file
+  --format json           JSON output
+  --help, -h              Show this help
+`);
+        return;
+    }
+    const format = argv.find((_a, i) => argv[i - 1] === "--format") || "text";
+    // Manual suggestion
+    if (argv.includes("--suggest")) {
+        const path = argv.find((_a, i) => argv[i - 1] === "--path");
+        const owner = argv.find((_a, i) => argv[i - 1] === "--owner");
+        const rulesStr = argv.find((_a, i) => argv[i - 1] === "--rules");
+        if (!path || !owner) {
+            console.error("  --path and --owner required for --suggest");
+            return;
+        }
+        const rules = rulesStr ? rulesStr.split(",") : [];
+        const suggestion = suggestOwner(path, owner, rules);
+        if (format === "json") {
+            console.log(JSON.stringify(suggestion, null, 2));
+        }
+        else {
+            console.log(`\n  ✅ Suggestion recorded:`);
+            console.log(`     ${suggestion.path} → @${suggestion.suggestedOwner} (${suggestion.confidence}% confidence)`);
+            console.log(`     Reason: ${suggestion.reason}\n`);
+        }
+        return;
+    }
+    // Auto-analyze
+    if (argv.includes("--analyze")) {
+        const devs = loadScoreData();
+        if (devs.length === 0) {
+            console.log("  No dev-score data found. Record developer activity with `judges dev-score` first.");
+            return;
+        }
+        const suggestions = [];
+        // Map categories to path prefixes
+        const categoryPaths = {
+            SEC: "src/security/",
+            AUTH: "src/auth/",
+            SQL: "src/database/",
+            XSS: "src/frontend/",
+            CRYPTO: "src/crypto/",
+            SSRF: "src/network/",
+            CMD: "src/commands/",
+        };
+        for (const dev of devs) {
+            for (const cat of dev.categories) {
+                const path = categoryPaths[cat] || `src/${cat.toLowerCase()}/`;
+                suggestions.push(suggestOwner(path, dev.author, [cat]));
+            }
+        }
+        if (format === "json") {
+            console.log(JSON.stringify(suggestions, null, 2));
+        }
+        else {
+            console.log(`\n  Auto-Analyzed Code Owners (${suggestions.length} suggestions)\n  ──────────────────────────`);
+            for (const s of suggestions) {
+                console.log(`    ${s.path.padEnd(25)} → @${s.suggestedOwner.padEnd(20)} ${s.ruleCategories.join(",")}`);
+            }
+            console.log(`\n  Export with: judges code-owner-suggest --export\n`);
+        }
+        return;
+    }
+    // Export
+    if (argv.includes("--export")) {
+        const store = loadStore();
+        if (store.suggestions.length === 0) {
+            console.log("  No suggestions yet. Use --analyze or --suggest first.");
+            return;
+        }
+        const content = generateCodeowners(store.suggestions);
+        const outPath = argv.find((_a, i) => argv[i - 1] === "--out");
+        if (outPath) {
+            writeFileSync(outPath, content);
+            console.log(`  ✅ Written to ${outPath} (${store.suggestions.length} entries)`);
+        }
+        else {
+            console.log(content);
+        }
+        return;
+    }
+    // Default: show current suggestions
+    const store = loadStore();
+    if (format === "json") {
+        console.log(JSON.stringify(store, null, 2));
+    }
+    else {
+        console.log(`\n  Code Owner Suggestions (${store.suggestions.length})\n  ──────────────────────────`);
+        if (store.suggestions.length === 0) {
+            console.log("    No suggestions yet. Use --analyze or --suggest to add.");
+        }
+        else {
+            for (const s of store.suggestions) {
+                console.log(`    ${s.path.padEnd(25)} → @${s.suggestedOwner.padEnd(20)} ${s.confidence}% ${s.ruleCategories.join(",")}`);
+            }
+        }
+        console.log("");
+    }
+}
+//# sourceMappingURL=code-owner-suggest.js.map

package/dist/commands/code-owner-suggest.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"code-owner-suggest.js","sourceRoot":"","sources":["../../src/commands/code-owner-suggest.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,IAAI,CAAC;AACxE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAiB5B,MAAM,SAAS,GAAG,qBAAqB,CAAC;AACxC,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,EAAE,kBAAkB,CAAC,CAAC;AAEvD,+EAA+E;AAE/E,SAAS,SAAS;IAChB,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC;QAAE,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;AACxE,CAAC;AAED,SAAS,SAAS;IAChB,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC;QAAE,OAAO,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;IAC7F,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IACvD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;IAClE,CAAC;AACH,CAAC;AAED,SAAS,SAAS,CAAC,KAAiB;IAClC,SAAS,EAAE,CAAC;IACZ,KAAK,CAAC,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAC3C,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;AAC5D,CAAC;AAED,SAAS,aAAa;IACpB,kCAAkC;IAClC,MAAM,QAAQ,GAAG,gBAAgB,CAAC;IAClC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO,EAAE,CAAC;IACrC,IAAI,CAAC;QACH,MAAM,EAAE,WAAW,EAAE,GAAG,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QAC3C,MAAM,KAAK,GAAa,GAAG,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;QACjF,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE;YAC7B,IAAI,CAAC;gBACH,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;gBAClE,OAAO;oBACL,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC;oBAC7C,aAAa,EAAE,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,KAAK,IAAI,CAAC;oBACpD,UAAU,EAAE,IAAI,CAAC,aAAa,IAAI,EAAE;iBACrC,CAAC;YACJ,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE,UAAU,EAAE,EAAE,EAAE,CAAC;YAC9E,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,IAAY,EAAE,MAAc,EAAE,cAAwB;IACjF,MAAM,UAAU,GAAoB;QAClC,IAAI;QACJ,cAAc,EAAE,MAAM;QACtB,MAAM,EAAE,4BAA4B,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW;QACxE,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,GAAG,cAAc,CAAC,MAAM,GAAG,EAAE,CAAC;QAC1D,cAAc;KACf,CAAC;IAEF,MAAM,KAAK,GAAG,SAAS,EAAE,CAAC;IAC1B,4CAA4C;IAC5C,MAAM,GAAG,GAAG,KAAK,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;IAChE,IAAI,GAAG,IAAI,CAAC;QAAE,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC;;QAC7C,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACxC,IAAI,KAAK,CAAC,WAAW,CAAC,MAAM,GAAG,GAAG;QAAE,KAAK,CAAC,WAAW,GAAG,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC;IACtF,SAAS,CAAC,KAAK,CAAC,CAAC;IAEjB,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,SAAS,kBAAkB,CAAC,WAA8B;IACxD,MAAM,KAAK,GAAG;QACZ,uDAAuD;QACvD,0CAA0C;QAC1C,EAAE;KACH,CAAC;IACF,MAAM,OAAO,GAAG,IAAI,GAAG,EAAoB,CAAC;IAC5C,KAAK,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,cAAc,CAAC,IAAI,EAAE,CAAC;QACrD,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;IAC1C,CAAC;IACD,KAAK,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,OAAO,EAAE,CAAC;QACrC,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;YACtB,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,KAAK,EAAE,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC;AACjC,CAAC;AAED,+EAA+E;AAE/E,MAAM,UAAU,mBAAmB,CAAC,IAAc;IAChD,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;CAmBf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,IAAI,MAAM,CAAC;IAE1F,oBAAoB;IACpB,IAAI,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC;QAC5E,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;QAC9E,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;QACjF,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;YAC7D,OAAO;QACT,CAAC;QACD,MAAM,KAAK,GAAG,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAClD,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;QACpD,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACnD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;YAC1C,OAAO,CAAC,GAAG,CAAC,QAAQ,UAAU,CAAC,IAAI,OAAO,UAAU,CAAC,cAAc,KAAK,UAAU,CAAC,UAAU,eAAe,CAAC,CAAC;YAC9G,OAAO,CAAC,GAAG,CAAC,gBAAgB,UAAU,CAAC,MAAM,IAAI,CAAC,CAAC;QACrD,CAAC;QACD,OAAO;IACT,CAAC;IAED,eAAe;IACf,IAAI,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,GAAG,aAAa,EAAE,CAAC;QAC7B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,qFAAqF,CAAC,CAAC;YACnG,OAAO;QACT,CAAC;QAED,MAAM,WAAW,GAAsB,EAAE,CAAC;QAC1C,kCAAkC;QAClC,MAAM,aAAa,GAA2B;YAC5C,GAAG,EAAE,eAAe;YACpB,IAAI,EAAE,WAAW;YACjB,GAAG,EAAE,eAAe;YACpB,GAAG,EAAE,eAAe;YACpB,MAAM,EAAE,aAAa;YACrB,IAAI,EAAE,cAAc;YACpB,GAAG,EAAE,eAAe;SACrB,CAAC;QAEF,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,KAAK,MAAM,GAAG,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC;gBACjC,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,IAAI,OAAO,GAAG,CAAC,WAAW,EAAE,GAAG,CAAC;gBAC/D,WAAW,CAAC,IAAI,CAAC,YAAY,CAAC,IAAI,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC1D,CAAC;QACH,CAAC;QAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,kCAAkC,WAAW,CAAC,MAAM,6CAA6C,CAAC,CAAC;YAC/G,KAAK,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC;gBAC5B,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAC1G,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,uDAAuD,CAAC,CAAC;QACvE,CAAC;QACD,OAAO;IACT,CAAC;IAED,SAAS;IACT,IAAI,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;QAC9B,MAAM,KAAK,GAAG,SAAS,EAAE,CAAC;QAC1B,IAAI,KAAK,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,yDAAyD,CAAC,CAAC;YACvE,OAAO;QACT,CAAC;QAED,MAAM,OAAO,GAAG,kBAAkB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QACtD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,OAAO,CAAC,CAAC;QAC9E,IAAI,OAAO,EAAE,CAAC;YACZ,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAChC,OAAO,CAAC,GAAG,CAAC,kBAAkB,OAAO,KAAK,KAAK,CAAC,WAAW,CAAC,MAAM,WAAW,CAAC,CAAC;QACjF,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACvB,CAAC;QACD,OAAO;IACT,CAAC;IAED,oCAAoC;IACpC,MAAM,KAAK,GAAG,SAAS,EAAE,CAAC;IAC1B,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC9C,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,+BAA+B,KAAK,CAAC,WAAW,CAAC,MAAM,iCAAiC,CAAC,CAAC;QACtG,IAAI,KAAK,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,4DAA4D,CAAC,CAAC;QAC5E,CAAC;aAAM,CAAC;YACN,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,WAAW,EAAE,CAAC;gBAClC,OAAO,CAAC,GAAG,CACT,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,UAAU,KAAK,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAC5G,CAAC;YACJ,CAAC;QACH,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}

package/dist/commands/cost-forecast.d.ts

@@ -0,0 +1,19 @@
+/**
+ * Cost forecast — projects 30/60/90-day security debt and
+ * remediation cost trends from local finding history.
+ *
+ * All data stays local — no upload or external services.
+ */
+interface CostSnapshot {
+    date: string;
+    critical: number;
+    high: number;
+    medium: number;
+    low: number;
+    totalFindings: number;
+    estimatedCost: number;
+}
+export declare function recordSnapshot(critical: number, high: number, medium: number, low: number): CostSnapshot;
+export declare function runCostForecast(argv: string[]): void;
+export {};
+//# sourceMappingURL=cost-forecast.d.ts.map

package/dist/commands/cost-forecast.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cost-forecast.d.ts","sourceRoot":"","sources":["../../src/commands/cost-forecast.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAOH,UAAU,YAAY;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;CACvB;AAoDD,wBAAgB,cAAc,CAAC,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,YAAY,CAkDxG;AAID,wBAAgB,eAAe,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CA6GpD"}