@kevinrabun/judges 3.48.0 → 3.50.0

package/dist/commands/secret-scan.js

@@ -0,0 +1,245 @@
+/**
+ * Secret scan — entropy-based and regex-based secret detection
+ * in source files. Optimized for CI gates and pre-commit hooks.
+ *
+ * All analysis local — no external services.
+ */
+import { existsSync, readFileSync, readdirSync, mkdirSync, writeFileSync } from "fs";
+import { join, extname } from "path";
+// ─── Patterns ───────────────────────────────────────────────────────────────
+const SECRET_PATTERNS = [
+    { id: "aws-access-key", name: "AWS Access Key", regex: /AKIA[0-9A-Z]{16}/, severity: "critical" },
+    {
+        id: "aws-secret-key",
+        name: "AWS Secret Key",
+        regex: /(?:aws_secret_access_key|AWS_SECRET_ACCESS_KEY)\s*[=:]\s*['"]?([A-Za-z0-9/+=]{40})/,
+        severity: "critical",
+    },
+    {
+        id: "github-token",
+        name: "GitHub Token",
+        regex: /ghp_[A-Za-z0-9]{36}|github_pat_[A-Za-z0-9_]{82}/,
+        severity: "critical",
+    },
+    { id: "github-oauth", name: "GitHub OAuth", regex: /gho_[A-Za-z0-9]{36}/, severity: "critical" },
+    {
+        id: "generic-api-key",
+        name: "Generic API Key",
+        regex: /(?:api[_-]?key|apikey)\s*[=:]\s*['"]([A-Za-z0-9_-]{20,})['"]/,
+        severity: "high",
+    },
+    {
+        id: "generic-secret",
+        name: "Generic Secret",
+        regex: /(?:secret|password|passwd|pwd)\s*[=:]\s*['"]([^'"]{8,})['"]/,
+        severity: "high",
+    },
+    {
+        id: "private-key",
+        name: "Private Key",
+        regex: /-----BEGIN (?:RSA |EC |DSA )?PRIVATE KEY-----/,
+        severity: "critical",
+    },
+    {
+        id: "gcp-service-account",
+        name: "GCP Service Account",
+        regex: /"type"\s*:\s*"service_account"/,
+        severity: "critical",
+    },
+    { id: "stripe-key", name: "Stripe API Key", regex: /sk_live_[A-Za-z0-9]{24,}/, severity: "critical" },
+    { id: "stripe-test", name: "Stripe Test Key", regex: /sk_test_[A-Za-z0-9]{24,}/, severity: "medium" },
+    {
+        id: "slack-webhook",
+        name: "Slack Webhook",
+        regex: /hooks\.slack\.com\/services\/T[A-Z0-9]+\/B[A-Z0-9]+\/[A-Za-z0-9]+/,
+        severity: "high",
+    },
+    { id: "slack-token", name: "Slack Token", regex: /xox[bprs]-[A-Za-z0-9-]+/, severity: "high" },
+    { id: "npm-token", name: "NPM Token", regex: /npm_[A-Za-z0-9]{36}/, severity: "critical" },
+    {
+        id: "sendgrid-key",
+        name: "SendGrid API Key",
+        regex: /SG\.[A-Za-z0-9_-]{22}\.[A-Za-z0-9_-]{43}/,
+        severity: "critical",
+    },
+    {
+        id: "jwt-token",
+        name: "JWT Token",
+        regex: /eyJ[A-Za-z0-9_-]{10,}\.eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}/,
+        severity: "high",
+    },
+    {
+        id: "connection-string",
+        name: "Database Connection String",
+        regex: /(?:mongodb|postgres|mysql|redis):\/\/[^:]+:[^@]+@[^\s'"]+/,
+        severity: "critical",
+    },
+];
+// ─── Scanner ────────────────────────────────────────────────────────────────
+const SKIP_EXTENSIONS = new Set([
+    ".png",
+    ".jpg",
+    ".jpeg",
+    ".gif",
+    ".ico",
+    ".svg",
+    ".woff",
+    ".woff2",
+    ".ttf",
+    ".eot",
+    ".zip",
+    ".tar",
+    ".gz",
+]);
+const SKIP_DIRS = new Set(["node_modules", ".git", "dist", "build", "coverage", ".next"]);
+function collectFiles(dir, maxFiles) {
+    const result = [];
+    function walk(d) {
+        if (result.length >= maxFiles)
+            return;
+        let entries;
+        try {
+            entries = readdirSync(d);
+        }
+        catch {
+            return;
+        }
+        for (const name of entries) {
+            if (result.length >= maxFiles)
+                return;
+            if (SKIP_DIRS.has(name))
+                continue;
+            const full = join(d, name);
+            if (SKIP_EXTENSIONS.has(extname(name)))
+                continue;
+            try {
+                const sub = readdirSync(full);
+                void sub;
+                walk(full);
+            }
+            catch {
+                result.push(full);
+            }
+        }
+    }
+    walk(dir);
+    return result;
+}
+function maskSecret(value) {
+    if (value.length <= 8)
+        return "****";
+    return value.substring(0, 4) + "****" + value.substring(value.length - 4);
+}
+function scanFile(filePath) {
+    let content;
+    try {
+        content = readFileSync(filePath, "utf-8");
+    }
+    catch {
+        return [];
+    }
+    // Skip binary-looking files
+    if (content.includes("\0"))
+        return [];
+    const lines = content.split("\n");
+    const findings = [];
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        // Skip comments that are likely documentation
+        if (/^\s*(?:\/\/|#|\/\*|\*)\s*(?:example|sample|placeholder|todo|fixme)/i.test(line))
+            continue;
+        for (const pattern of SECRET_PATTERNS) {
+            const match = pattern.regex.exec(line);
+            if (match) {
+                findings.push({
+                    file: filePath,
+                    line: i + 1,
+                    patternId: pattern.id,
+                    patternName: pattern.name,
+                    severity: pattern.severity,
+                    snippet: line.trim().substring(0, 80),
+                    masked: maskSecret(match[0]),
+                });
+            }
+        }
+    }
+    return findings;
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+const STORE = ".judges-secret-scan";
+export function runSecretScan(argv) {
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges secret-scan — Detect secrets and credentials in source code
+
+Usage:
+  judges secret-scan [dir]
+  judges secret-scan src/ --severity critical
+  judges secret-scan --patterns
+  judges secret-scan --save
+
+Options:
+  --severity <level>    Filter by severity (critical, high, medium)
+  --patterns            List all secret detection patterns
+  --save                Save report to ${STORE}/
+  --format json         JSON output
+  --help, -h            Show this help
+`);
+        return;
+    }
+    const format = argv.find((_a, i) => argv[i - 1] === "--format") || "text";
+    // List patterns
+    if (argv.includes("--patterns")) {
+        if (format === "json") {
+            console.log(JSON.stringify(SECRET_PATTERNS.map(({ regex: _r, ...rest }) => rest), null, 2));
+        }
+        else {
+            console.log(`\n  Secret Patterns (${SECRET_PATTERNS.length})\n  ──────────────────────────`);
+            for (const p of SECRET_PATTERNS) {
+                console.log(`    [${p.severity.toUpperCase().padEnd(8)}] ${p.id.padEnd(25)} ${p.name}`);
+            }
+            console.log("");
+        }
+        return;
+    }
+    const scanDir = argv.find((a) => !a.startsWith("--") && !argv[argv.indexOf(a) - 1]?.startsWith("--")) || ".";
+    const sevFilter = argv.find((_a, i) => argv[i - 1] === "--severity");
+    const files = collectFiles(scanDir, 1000);
+    let findings = [];
+    for (const file of files)
+        findings.push(...scanFile(file));
+    if (sevFilter)
+        findings = findings.filter((f) => f.severity === sevFilter);
+    const report = { findings, scannedFiles: files.length, timestamp: new Date().toISOString() };
+    if (argv.includes("--save")) {
+        if (!existsSync(STORE))
+            mkdirSync(STORE, { recursive: true });
+        writeFileSync(join(STORE, "secret-report.json"), JSON.stringify(report, null, 2));
+        console.log(`  Report saved to ${STORE}/secret-report.json`);
+    }
+    if (format === "json") {
+        console.log(JSON.stringify(report, null, 2));
+    }
+    else {
+        console.log(`\n  Secret Scan — ${report.scannedFiles} files scanned`);
+        console.log(`  Found: ${findings.length} potential secrets\n  ──────────────────────────`);
+        if (findings.length === 0) {
+            console.log(`    ✅ No secrets detected\n`);
+            return;
+        }
+        for (const sev of ["critical", "high", "medium"]) {
+            const items = findings.filter((f) => f.severity === sev);
+            if (items.length === 0)
+                continue;
+            console.log(`\n    ${sev.toUpperCase()} (${items.length})`);
+            for (const f of items.slice(0, 10)) {
+                console.log(`      ${f.file}:${f.line} — ${f.patternName}`);
+                console.log(`        ${f.masked}`);
+            }
+            if (items.length > 10)
+                console.log(`      ... and ${items.length - 10} more`);
+        }
+        console.log("");
+    }
+}
+//# sourceMappingURL=secret-scan.js.map

package/dist/commands/secret-scan.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"secret-scan.js","sourceRoot":"","sources":["../../src/commands/secret-scan.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,WAAW,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,IAAI,CAAC;AACrF,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AA2BrC,+EAA+E;AAE/E,MAAM,eAAe,GAAoB;IACvC,EAAE,EAAE,EAAE,gBAAgB,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,kBAAkB,EAAE,QAAQ,EAAE,UAAU,EAAE;IACjG;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,KAAK,EAAE,oFAAoF;QAC3F,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,EAAE,EAAE,cAAc;QAClB,IAAI,EAAE,cAAc;QACpB,KAAK,EAAE,iDAAiD;QACxD,QAAQ,EAAE,UAAU;KACrB;IACD,EAAE,EAAE,EAAE,cAAc,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,qBAAqB,EAAE,QAAQ,EAAE,UAAU,EAAE;IAChG;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,KAAK,EAAE,8DAA8D;QACrE,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,KAAK,EAAE,6DAA6D;QACpE,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,aAAa;QACnB,KAAK,EAAE,+CAA+C;QACtD,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,qBAAqB;QAC3B,KAAK,EAAE,gCAAgC;QACvC,QAAQ,EAAE,UAAU;KACrB;IACD,EAAE,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,0BAA0B,EAAE,QAAQ,EAAE,UAAU,EAAE;IACrG,EAAE,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,iBAAiB,EAAE,KAAK,EAAE,0BAA0B,EAAE,QAAQ,EAAE,QAAQ,EAAE;IACrG;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,eAAe;QACrB,KAAK,EAAE,mEAAmE;QAC1E,QAAQ,EAAE,MAAM;KACjB;IACD,EAAE,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,aAAa,EAAE,KAAK,EAAE,yBAAyB,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC9F,EAAE,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,qBAAqB,EAAE,QAAQ,EAAE,UAAU,EAAE;IAC1F;QACE,EAAE,EAAE,cAAc;QAClB,IAAI,EAAE,kBAAkB;QACxB,KAAK,EAAE,0CAA0C;QACjD,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,EAAE,EAAE,WAAW;QACf,IAAI,EAAE,WAAW;QACjB,KAAK,EAAE,kEAAkE;QACzE,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,4BAA4B;QAClC,KAAK,EAAE,2DAA2D;QAClE,QAAQ,EAAE,UAAU;KACrB;CACF,CAAC;AAEF,+EAA+E;AAE/E,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC;IAC9B,MAAM;IACN,MAAM;IACN,OAAO;IACP,MAAM;IACN,MAAM;IACN,MAAM;IACN,OAAO;IACP,QAAQ;IACR,MAAM;IACN,MAAM;IACN,MAAM;IACN,MAAM;IACN,KAAK;CACN,CAAC,CAAC;AACH,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,CAAC,cAAc,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;AAE1F,SAAS,YAAY,CAAC,GAAW,EAAE,QAAgB;IACjD,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,SAAS,IAAI,CAAC,CAAS;QACrB,IAAI,MAAM,CAAC,MAAM,IAAI,QAAQ;YAAE,OAAO;QACtC,IAAI,OAAiB,CAAC;QACtB,IAAI,CAAC;YACH,OAAO,GAAG,WAAW,CAAC,CAAC,CAAwB,CAAC;QAClD,CAAC;QAAC,MAAM,CAAC;YACP,OAAO;QACT,CAAC;QAED,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;YAC3B,IAAI,MAAM,CAAC,MAAM,IAAI,QAAQ;gBAAE,OAAO;YACtC,IAAI,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC;gBAAE,SAAS;YAClC,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;YAC3B,IAAI,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;gBAAE,SAAS;YACjD,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;gBAC9B,KAAK,GAAG,CAAC;gBACT,IAAI,CAAC,IAAI,CAAC,CAAC;YACb,CAAC;YAAC,MAAM,CAAC;gBACP,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACpB,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,UAAU,CAAC,KAAa;IAC/B,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC;QAAE,OAAO,MAAM,CAAC;IACrC,OAAO,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,GAAG,KAAK,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;AAC5E,CAAC;AAED,SAAS,QAAQ,CAAC,QAAgB;IAChC,IAAI,OAAe,CAAC;IACpB,IAAI,CAAC;QACH,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC5C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,4BAA4B;IAC5B,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;QAAE,OAAO,EAAE,CAAC;IAEtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,QAAQ,GAAoB,EAAE,CAAC;IAErC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,8CAA8C;QAC9C,IAAI,qEAAqE,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,SAAS;QAE/F,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;YACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACvC,IAAI,KAAK,EAAE,CAAC;gBACV,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,SAAS,EAAE,OAAO,CAAC,EAAE;oBACrB,WAAW,EAAE,OAAO,CAAC,IAAI;oBACzB,QAAQ,EAAE,OAAO,CAAC,QAAQ;oBAC1B,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC;oBACrC,MAAM,EAAE,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;iBAC7B,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,+EAA+E;AAE/E,MAAM,KAAK,GAAG,qBAAqB,CAAC;AAEpC,MAAM,UAAU,aAAa,CAAC,IAAc;IAC1C,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;yCAYyB,KAAK;;;CAG7C,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,IAAI,MAAM,CAAC;IAE1F,gBAAgB;IAChB,IAAI,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;QAChC,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CACT,IAAI,CAAC,SAAS,CACZ,eAAe,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,CAAC,IAAI,CAAC,EACrD,IAAI,EACJ,CAAC,CACF,CACF,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,wBAAwB,eAAe,CAAC,MAAM,iCAAiC,CAAC,CAAC;YAC7F,KAAK,MAAM,CAAC,IAAI,eAAe,EAAE,CAAC;gBAChC,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;YAC1F,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;QACD,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC,IAAI,GAAG,CAAC;IACrH,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,YAAY,CAAC,CAAC;IAErF,MAAM,KAAK,GAAG,YAAY,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAC1C,IAAI,QAAQ,GAAoB,EAAE,CAAC;IACnC,KAAK,MAAM,IAAI,IAAI,KAAK;QAAE,QAAQ,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IAE3D,IAAI,SAAS;QAAE,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;IAE3E,MAAM,MAAM,GAAiB,EAAE,QAAQ,EAAE,YAAY,EAAE,KAAK,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;IAE3G,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5B,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC;YAAE,SAAS,CAAC,KAAK,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC9D,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE,oBAAoB,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAClF,OAAO,CAAC,GAAG,CAAC,qBAAqB,KAAK,qBAAqB,CAAC,CAAC;IAC/D,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC/C,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,qBAAqB,MAAM,CAAC,YAAY,gBAAgB,CAAC,CAAC;QACtE,OAAO,CAAC,GAAG,CAAC,YAAY,QAAQ,CAAC,MAAM,kDAAkD,CAAC,CAAC;QAE3F,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1B,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;YAC3C,OAAO;QACT,CAAC;QAED,KAAK,MAAM,GAAG,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,CAAC;YACjD,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,GAAG,CAAC,CAAC;YACzD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;gBAAE,SAAS;YACjC,OAAO,CAAC,GAAG,CAAC,SAAS,GAAG,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;YAC5D,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;gBACnC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;gBAC5D,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;YACrC,CAAC;YACD,IAAI,KAAK,CAAC,MAAM,GAAG,EAAE;gBAAE,OAAO,CAAC,GAAG,CAAC,iBAAiB,KAAK,CAAC,MAAM,GAAG,EAAE,OAAO,CAAC,CAAC;QAChF,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}

package/dist/commands/test-correlate.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Test correlate — ingests test coverage data and cross-references
+ * with security findings to prioritize high-risk untested areas.
+ *
+ * All data from local coverage files.
+ */
+export declare function runTestCorrelate(argv: string[]): void;
+//# sourceMappingURL=test-correlate.d.ts.map

package/dist/commands/test-correlate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"test-correlate.d.ts","sourceRoot":"","sources":["../../src/commands/test-correlate.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAsLH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CA6ErD"}

package/dist/commands/test-correlate.js

@@ -0,0 +1,222 @@
+/**
+ * Test correlate — ingests test coverage data and cross-references
+ * with security findings to prioritize high-risk untested areas.
+ *
+ * All data from local coverage files.
+ */
+import { existsSync, readFileSync, mkdirSync, writeFileSync } from "fs";
+import { join } from "path";
+// ─── Coverage parsers ───────────────────────────────────────────────────────
+function parseLcov(content) {
+    const entries = [];
+    let currentFile = "";
+    let linesFound = 0;
+    let linesHit = 0;
+    for (const line of content.split("\n")) {
+        if (line.startsWith("SF:")) {
+            currentFile = line.substring(3).trim();
+            linesFound = 0;
+            linesHit = 0;
+        }
+        else if (line.startsWith("LF:")) {
+            linesFound = parseInt(line.substring(3), 10);
+        }
+        else if (line.startsWith("LH:")) {
+            linesHit = parseInt(line.substring(3), 10);
+        }
+        else if (line === "end_of_record" && currentFile) {
+            entries.push({
+                file: currentFile,
+                lines: {
+                    covered: linesHit,
+                    total: linesFound,
+                    percentage: linesFound > 0 ? Math.round((linesHit / linesFound) * 100) : 0,
+                },
+            });
+            currentFile = "";
+        }
+    }
+    return entries;
+}
+function parseIstanbul(content) {
+    try {
+        const data = JSON.parse(content);
+        const entries = [];
+        for (const [file, info] of Object.entries(data)) {
+            const cov = info;
+            if (cov.s) {
+                const stmts = Object.values(cov.s);
+                const total = stmts.length;
+                const covered = stmts.filter((v) => v > 0).length;
+                entries.push({
+                    file,
+                    lines: { covered, total, percentage: total > 0 ? Math.round((covered / total) * 100) : 0 },
+                });
+            }
+        }
+        return entries;
+    }
+    catch {
+        return [];
+    }
+}
+function loadCoverage() {
+    const lcovPaths = ["coverage/lcov.info", "lcov.info"];
+    for (const p of lcovPaths) {
+        if (existsSync(p))
+            return parseLcov(readFileSync(p, "utf-8"));
+    }
+    const istanbulPaths = ["coverage/coverage-final.json", ".nyc_output/coverage-final.json"];
+    for (const p of istanbulPaths) {
+        if (existsSync(p))
+            return parseIstanbul(readFileSync(p, "utf-8"));
+    }
+    // Cobertura XML — simplified check
+    if (existsSync("coverage/cobertura-coverage.xml") || existsSync("coverage.xml")) {
+        const p = existsSync("coverage/cobertura-coverage.xml") ? "coverage/cobertura-coverage.xml" : "coverage.xml";
+        const content = readFileSync(p, "utf-8");
+        const entries = [];
+        const fileRegex = /filename="([^"]+)"/g;
+        const rateRegex = /line-rate="([\d.]+)"/g;
+        let fileMatch;
+        let rateMatch;
+        while ((fileMatch = fileRegex.exec(content)) && (rateMatch = rateRegex.exec(content))) {
+            entries.push({
+                file: fileMatch[1],
+                lines: { covered: 0, total: 0, percentage: Math.round(parseFloat(rateMatch[1]) * 100) },
+            });
+        }
+        return entries;
+    }
+    return [];
+}
+function loadFindings() {
+    const paths = [".judges-findings.json", "judges-report.json"];
+    for (const p of paths) {
+        if (!existsSync(p))
+            continue;
+        try {
+            const data = JSON.parse(readFileSync(p, "utf-8"));
+            if (Array.isArray(data))
+                return data;
+            if (data.findings)
+                return data.findings;
+        }
+        catch {
+            /* skip */
+        }
+    }
+    return [];
+}
+// ─── Correlation ────────────────────────────────────────────────────────────
+function correlate(coverage, findings) {
+    const coverageMap = new Map();
+    for (const c of coverage)
+        coverageMap.set(c.file, c);
+    const findingsByFile = new Map();
+    for (const f of findings) {
+        const key = f.file || "unknown";
+        if (!findingsByFile.has(key))
+            findingsByFile.set(key, []);
+        findingsByFile.get(key).push(f);
+    }
+    const correlations = [];
+    for (const [file, fileFindings] of findingsByFile) {
+        const cov = coverageMap.get(file);
+        const covPct = cov ? cov.lines.percentage : 0;
+        const sevWeights = { critical: 10, high: 7, medium: 4, low: 1 };
+        const riskScore = fileFindings.reduce((s, f) => s + (sevWeights[f.severity] || 2), 0);
+        const combinedRisk = riskScore * (1 + (100 - covPct) / 100);
+        let riskCategory = "low";
+        if (combinedRisk > 30)
+            riskCategory = "critical";
+        else if (combinedRisk > 15)
+            riskCategory = "high";
+        else if (combinedRisk > 7)
+            riskCategory = "medium";
+        correlations.push({
+            file,
+            coveragePercent: covPct,
+            findingCount: fileFindings.length,
+            riskCategory,
+            findings: fileFindings,
+        });
+    }
+    return correlations.sort((a, b) => {
+        const order = { critical: 0, high: 1, medium: 2, low: 3 };
+        return (order[a.riskCategory] || 4) - (order[b.riskCategory] || 4);
+    });
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+const STORE = ".judges-test-correlate";
+export function runTestCorrelate(argv) {
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges test-correlate — Cross-reference test coverage with findings
+
+Usage:
+  judges test-correlate
+  judges test-correlate --risk critical,high
+  judges test-correlate --save
+
+Options:
+  --risk <levels>       Filter by risk category (comma-separated)
+  --save                Save report to ${STORE}/
+  --format json         JSON output
+  --help, -h            Show this help
+
+Supports: lcov.info, coverage-final.json (Istanbul), cobertura XML
+`);
+        return;
+    }
+    const format = argv.find((_a, i) => argv[i - 1] === "--format") || "text";
+    const coverage = loadCoverage();
+    const findings = loadFindings();
+    if (coverage.length === 0) {
+        console.log("  No coverage data found. Run tests with coverage first.");
+        console.log("  Supported formats: lcov.info, coverage-final.json, cobertura XML");
+        return;
+    }
+    let correlations = correlate(coverage, findings);
+    const riskFilter = argv.find((_a, i) => argv[i - 1] === "--risk");
+    if (riskFilter) {
+        const allowed = riskFilter.split(",");
+        correlations = correlations.filter((c) => allowed.includes(c.riskCategory));
+    }
+    const avgCov = coverage.length > 0 ? Math.round(coverage.reduce((s, c) => s + c.lines.percentage, 0) / coverage.length) : 0;
+    const report = {
+        correlations,
+        totalFiles: coverage.length,
+        untestedFilesWithFindings: correlations.filter((c) => c.coveragePercent === 0).length,
+        avgCoverage: avgCov,
+        timestamp: new Date().toISOString(),
+    };
+    if (argv.includes("--save")) {
+        if (!existsSync(STORE))
+            mkdirSync(STORE, { recursive: true });
+        writeFileSync(join(STORE, "correlation-report.json"), JSON.stringify(report, null, 2));
+        console.log(`  Saved to ${STORE}/correlation-report.json`);
+    }
+    if (format === "json") {
+        console.log(JSON.stringify(report, null, 2));
+    }
+    else {
+        console.log(`\n  Test-Finding Correlation`);
+        console.log(`  Files: ${report.totalFiles}  Avg Coverage: ${report.avgCoverage}%`);
+        console.log(`  Untested files with findings: ${report.untestedFilesWithFindings}`);
+        console.log(`  ──────────────────────────`);
+        if (correlations.length === 0) {
+            console.log(`    ✅ No finding-coverage correlations\n`);
+            return;
+        }
+        for (const c of correlations.slice(0, 20)) {
+            const covBar = c.coveragePercent > 0 ? `${c.coveragePercent}%` : "0% ⚠️";
+            console.log(`    [${c.riskCategory.toUpperCase().padEnd(8)}] ${c.file}`);
+            console.log(`      Coverage: ${covBar}  Findings: ${c.findingCount}`);
+        }
+        if (correlations.length > 20)
+            console.log(`    ... and ${correlations.length - 20} more`);
+        console.log("");
+    }
+}
+//# sourceMappingURL=test-correlate.js.map

package/dist/commands/test-correlate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"test-correlate.js","sourceRoot":"","sources":["../../src/commands/test-correlate.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,IAAI,CAAC;AACxE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAyB5B,+EAA+E;AAE/E,SAAS,SAAS,CAAC,OAAe;IAChC,MAAM,OAAO,GAAoB,EAAE,CAAC;IACpC,IAAI,WAAW,GAAG,EAAE,CAAC;IACrB,IAAI,UAAU,GAAG,CAAC,CAAC;IACnB,IAAI,QAAQ,GAAG,CAAC,CAAC;IAEjB,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACvC,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3B,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YACvC,UAAU,GAAG,CAAC,CAAC;YACf,QAAQ,GAAG,CAAC,CAAC;QACf,CAAC;aAAM,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;YAClC,UAAU,GAAG,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC/C,CAAC;aAAM,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;YAClC,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC7C,CAAC;aAAM,IAAI,IAAI,KAAK,eAAe,IAAI,WAAW,EAAE,CAAC;YACnD,OAAO,CAAC,IAAI,CAAC;gBACX,IAAI,EAAE,WAAW;gBACjB,KAAK,EAAE;oBACL,OAAO,EAAE,QAAQ;oBACjB,KAAK,EAAE,UAAU;oBACjB,UAAU,EAAE,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,GAAG,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;iBAC3E;aACF,CAAC,CAAC;YACH,WAAW,GAAG,EAAE,CAAC;QACnB,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,aAAa,CAAC,OAAe;IACpC,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACjC,MAAM,OAAO,GAAoB,EAAE,CAAC;QAEpC,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YAChD,MAAM,GAAG,GAAG,IAAsC,CAAC;YACnD,IAAI,GAAG,CAAC,CAAC,EAAE,CAAC;gBACV,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gBACnC,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC;gBAC3B,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC;gBAClD,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI;oBACJ,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,OAAO,GAAG,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE;iBAC3F,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,SAAS,YAAY;IACnB,MAAM,SAAS,GAAG,CAAC,oBAAoB,EAAE,WAAW,CAAC,CAAC;IACtD,KAAK,MAAM,CAAC,IAAI,SAAS,EAAE,CAAC;QAC1B,IAAI,UAAU,CAAC,CAAC,CAAC;YAAE,OAAO,SAAS,CAAC,YAAY,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,aAAa,GAAG,CAAC,8BAA8B,EAAE,iCAAiC,CAAC,CAAC;IAC1F,KAAK,MAAM,CAAC,IAAI,aAAa,EAAE,CAAC;QAC9B,IAAI,UAAU,CAAC,CAAC,CAAC;YAAE,OAAO,aAAa,CAAC,YAAY,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;IACpE,CAAC;IAED,mCAAmC;IACnC,IAAI,UAAU,CAAC,iCAAiC,CAAC,IAAI,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;QAChF,MAAM,CAAC,GAAG,UAAU,CAAC,iCAAiC,CAAC,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAC,cAAc,CAAC;QAC7G,MAAM,OAAO,GAAG,YAAY,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;QACzC,MAAM,OAAO,GAAoB,EAAE,CAAC;QACpC,MAAM,SAAS,GAAG,qBAAqB,CAAC;QACxC,MAAM,SAAS,GAAG,uBAAuB,CAAC;QAC1C,IAAI,SAAiC,CAAC;QACtC,IAAI,SAAiC,CAAC;QACtC,OAAO,CAAC,SAAS,GAAG,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YACtF,OAAO,CAAC,IAAI,CAAC;gBACX,IAAI,EAAE,SAAS,CAAC,CAAC,CAAC;gBAClB,KAAK,EAAE,EAAE,OAAO,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,UAAU,EAAE,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,EAAE;aACxF,CAAC,CAAC;QACL,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,YAAY;IACnB,MAAM,KAAK,GAAG,CAAC,uBAAuB,EAAE,oBAAoB,CAAC,CAAC;IAC9D,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;YAAE,SAAS;QAC7B,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC;YAClD,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC;gBAAE,OAAO,IAAI,CAAC;YACrC,IAAI,IAAI,CAAC,QAAQ;gBAAE,OAAO,IAAI,CAAC,QAAQ,CAAC;QAC1C,CAAC;QAAC,MAAM,CAAC;YACP,UAAU;QACZ,CAAC;IACH,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,+EAA+E;AAE/E,SAAS,SAAS,CAChB,QAAyB,EACzB,QAAmF;IAEnF,MAAM,WAAW,GAAG,IAAI,GAAG,EAAyB,CAAC;IACrD,KAAK,MAAM,CAAC,IAAI,QAAQ;QAAE,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;IAErD,MAAM,cAAc,GAAG,IAAI,GAAG,EAAsE,CAAC;IACrG,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,GAAG,GAAG,CAAC,CAAC,IAAI,IAAI,SAAS,CAAC;QAChC,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,cAAc,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAC1D,cAAc,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACnC,CAAC;IAED,MAAM,YAAY,GAAwB,EAAE,CAAC;IAE7C,KAAK,MAAM,CAAC,IAAI,EAAE,YAAY,CAAC,IAAI,cAAc,EAAE,CAAC;QAClD,MAAM,GAAG,GAAG,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;QAE9C,MAAM,UAAU,GAA2B,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QACxF,MAAM,SAAS,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACtF,MAAM,YAAY,GAAG,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,GAAG,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC;QAE5D,IAAI,YAAY,GAAsC,KAAK,CAAC;QAC5D,IAAI,YAAY,GAAG,EAAE;YAAE,YAAY,GAAG,UAAU,CAAC;aAC5C,IAAI,YAAY,GAAG,EAAE;YAAE,YAAY,GAAG,MAAM,CAAC;aAC7C,IAAI,YAAY,GAAG,CAAC;YAAE,YAAY,GAAG,QAAQ,CAAC;QAEnD,YAAY,CAAC,IAAI,CAAC;YAChB,IAAI;YACJ,eAAe,EAAE,MAAM;YACvB,YAAY,EAAE,YAAY,CAAC,MAAM;YACjC,YAAY;YACZ,QAAQ,EAAE,YAAY;SACvB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QAChC,MAAM,KAAK,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QAC1D,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;IACrE,CAAC,CAAC,CAAC;AACL,CAAC;AAED,+EAA+E;AAE/E,MAAM,KAAK,GAAG,wBAAwB,CAAC;AAEvC,MAAM,UAAU,gBAAgB,CAAC,IAAc;IAC7C,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;yCAUyB,KAAK;;;;;CAK7C,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,IAAI,MAAM,CAAC;IAC1F,MAAM,QAAQ,GAAG,YAAY,EAAE,CAAC;IAChC,MAAM,QAAQ,GAAG,YAAY,EAAE,CAAC;IAEhC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,0DAA0D,CAAC,CAAC;QACxE,OAAO,CAAC,GAAG,CAAC,oEAAoE,CAAC,CAAC;QAClF,OAAO;IACT,CAAC;IAED,IAAI,YAAY,GAAG,SAAS,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAEjD,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC;IAClF,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,OAAO,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACtC,YAAY,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;IAC9E,CAAC;IAED,MAAM,MAAM,GACV,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAE/G,MAAM,MAAM,GAAsB;QAChC,YAAY;QACZ,UAAU,EAAE,QAAQ,CAAC,MAAM;QAC3B,yBAAyB,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,KAAK,CAAC,CAAC,CAAC,MAAM;QACrF,WAAW,EAAE,MAAM;QACnB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;IAEF,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5B,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC;YAAE,SAAS,CAAC,KAAK,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC9D,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE,yBAAyB,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACvF,OAAO,CAAC,GAAG,CAAC,cAAc,KAAK,0BAA0B,CAAC,CAAC;IAC7D,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC/C,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;QAC5C,OAAO,CAAC,GAAG,CAAC,YAAY,MAAM,CAAC,UAAU,mBAAmB,MAAM,CAAC,WAAW,GAAG,CAAC,CAAC;QACnF,OAAO,CAAC,GAAG,CAAC,mCAAmC,MAAM,CAAC,yBAAyB,EAAE,CAAC,CAAC;QACnF,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;QAE5C,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;YACxD,OAAO;QACT,CAAC;QAED,KAAK,MAAM,CAAC,IAAI,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;YAC1C,MAAM,MAAM,GAAG,CAAC,CAAC,eAAe,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,eAAe,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC;YACzE,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,YAAY,CAAC,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;YACzE,OAAO,CAAC,GAAG,CAAC,mBAAmB,MAAM,eAAe,CAAC,CAAC,YAAY,EAAE,CAAC,CAAC;QACxE,CAAC;QACD,IAAI,YAAY,CAAC,MAAM,GAAG,EAAE;YAAE,OAAO,CAAC,GAAG,CAAC,eAAe,YAAY,CAAC,MAAM,GAAG,EAAE,OAAO,CAAC,CAAC;QAC1F,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@kevinrabun/judges",
-  "version": "3.48.0",
+  "version": "3.50.0",
   "description": "45 specialized judges that evaluate AI-generated code for security, cost, and quality.",
   "mcpName": "io.github.KevinRabun/judges",
   "type": "module",

package/server.json

@@ -7,12 +7,12 @@
     "url": "https://github.com/kevinrabun/judges",
     "source": "github"
   },
-  "version": "3.48.0",
+  "version": "3.50.0",
   "packages": [
     {
       "registryType": "npm",
       "identifier": "@kevinrabun/judges",
-      "version": "3.48.0",
+      "version": "3.50.0",
       "transport": {
         "type": "stdio"
       }