@kevinrabun/judges 3.55.0 → 3.57.0

package/dist/commands/ownership-map.js

@@ -0,0 +1,229 @@
+/**
+ * Ownership map — generate and validate code ownership coverage from
+ * CODEOWNERS, git history, and module boundaries.
+ */
+import { readFileSync, readdirSync, statSync, existsSync } from "fs";
+import { join, extname, relative } from "path";
+import { execSync } from "child_process";
+// ─── CODEOWNERS Parsing ─────────────────────────────────────────────────────
+function parseCodeowners(dir) {
+    const candidates = [join(dir, "CODEOWNERS"), join(dir, ".github", "CODEOWNERS"), join(dir, "docs", "CODEOWNERS")];
+    for (const path of candidates) {
+        if (existsSync(path)) {
+            const content = readFileSync(path, "utf-8");
+            const entries = [];
+            for (const line of content.split("\n")) {
+                const trimmed = line.trim();
+                if (!trimmed || trimmed.startsWith("#"))
+                    continue;
+                const parts = trimmed.split(/\s+/);
+                if (parts.length >= 2) {
+                    entries.push({ pattern: parts[0], owners: parts.slice(1) });
+                }
+            }
+            return entries;
+        }
+    }
+    return [];
+}
+// ─── File Collection ────────────────────────────────────────────────────────
+const CODE_EXTS = new Set([".ts", ".tsx", ".js", ".jsx", ".py", ".java", ".go", ".rs", ".cs", ".rb"]);
+function collectSourceFiles(dir, max = 500) {
+    const files = [];
+    function walk(d) {
+        if (files.length >= max)
+            return;
+        let entries;
+        try {
+            entries = readdirSync(d);
+        }
+        catch {
+            return;
+        }
+        for (const e of entries) {
+            if (files.length >= max)
+                return;
+            if (e.startsWith(".") || e === "node_modules" || e === "dist" || e === "build")
+                continue;
+            const full = join(d, e);
+            try {
+                if (statSync(full).isDirectory())
+                    walk(full);
+                else if (CODE_EXTS.has(extname(full)))
+                    files.push(full);
+            }
+            catch {
+                /* skip */
+            }
+        }
+    }
+    walk(dir);
+    return files;
+}
+// ─── Analysis ───────────────────────────────────────────────────────────────
+function matchesPattern(filepath, pattern) {
+    if (pattern.endsWith("*")) {
+        return filepath.startsWith(pattern.slice(0, -1));
+    }
+    if (pattern.startsWith("*")) {
+        return filepath.endsWith(pattern.slice(1));
+    }
+    if (pattern.includes("*")) {
+        const regex = new RegExp("^" + pattern.replace(/\*/g, ".*") + "$");
+        return regex.test(filepath);
+    }
+    return filepath.startsWith(pattern) || filepath === pattern;
+}
+function getRecentAuthors(dir, filepath, months = 6) {
+    try {
+        const since = new Date();
+        since.setMonth(since.getMonth() - months);
+        const dateStr = since.toISOString().split("T")[0];
+        const output = execSync(`git log --since="${dateStr}" --format="%ae" -- "${filepath}"`, {
+            cwd: dir,
+            encoding: "utf-8",
+            timeout: 5000,
+        }).trim();
+        if (!output)
+            return [];
+        return [...new Set(output.split("\n"))];
+    }
+    catch {
+        return [];
+    }
+}
+function analyze(dir) {
+    const gaps = [];
+    const entries = parseCodeowners(dir);
+    const files = collectSourceFiles(dir);
+    if (entries.length === 0) {
+        gaps.push({
+            path: "CODEOWNERS",
+            issue: "No CODEOWNERS file",
+            severity: "high",
+            detail: "Create a CODEOWNERS file to formalize code ownership",
+        });
+        return { gaps, stats: { total: files.length, owned: 0, orphaned: files.length, stale: 0 } };
+    }
+    let owned = 0;
+    let orphaned = 0;
+    let stale = 0;
+    // Check top-level directories for ownership
+    const dirs = new Set();
+    for (const f of files) {
+        const rel = relative(dir, f).replace(/\\/g, "/");
+        const topDir = rel.split("/")[0];
+        dirs.add(topDir);
+        // Check if file has an owner
+        const hasOwner = entries.some((e) => matchesPattern(rel, e.pattern));
+        if (hasOwner) {
+            owned++;
+        }
+        else {
+            orphaned++;
+            if (orphaned <= 15) {
+                gaps.push({
+                    path: rel,
+                    issue: "No code owner",
+                    severity: "medium",
+                    detail: "File has no matching CODEOWNERS entry",
+                });
+            }
+        }
+    }
+    if (orphaned > 15) {
+        gaps.push({
+            path: "(multiple)",
+            issue: `${orphaned - 15} more unowned files`,
+            severity: "medium",
+            detail: "Add broader patterns to CODEOWNERS",
+        });
+    }
+    // Check for stale owners (paths with owner but no recent commits)
+    for (const entry of entries) {
+        const matchingFiles = files.filter((f) => matchesPattern(relative(dir, f).replace(/\\/g, "/"), entry.pattern));
+        if (matchingFiles.length === 0) {
+            gaps.push({
+                path: entry.pattern,
+                issue: "CODEOWNERS pattern matches no files",
+                severity: "low",
+                detail: `Pattern "${entry.pattern}" → ${entry.owners.join(", ")} matches nothing`,
+            });
+            continue;
+        }
+        // Sample one file for recency
+        const sample = matchingFiles[0];
+        const authors = getRecentAuthors(dir, sample);
+        if (authors.length === 0) {
+            stale++;
+            gaps.push({
+                path: entry.pattern,
+                issue: "Stale ownership",
+                severity: "medium",
+                detail: `No commits in 6 months for "${entry.pattern}" (owners: ${entry.owners.join(", ")})`,
+            });
+        }
+    }
+    // Check for overlapping patterns
+    for (let i = 0; i < entries.length; i++) {
+        for (let j = i + 1; j < entries.length; j++) {
+            const iFiles = files.filter((f) => matchesPattern(relative(dir, f).replace(/\\/g, "/"), entries[i].pattern));
+            const jFiles = files.filter((f) => matchesPattern(relative(dir, f).replace(/\\/g, "/"), entries[j].pattern));
+            const overlap = iFiles.filter((f) => jFiles.includes(f));
+            if (overlap.length > 0) {
+                gaps.push({
+                    path: `${entries[i].pattern} ∩ ${entries[j].pattern}`,
+                    issue: "Overlapping ownership patterns",
+                    severity: "low",
+                    detail: `${overlap.length} files match both patterns — later pattern takes precedence`,
+                });
+            }
+        }
+    }
+    return { gaps, stats: { total: files.length, owned, orphaned, stale } };
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runOwnershipMap(argv) {
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges ownership-map — Generate and validate code ownership coverage
+
+Usage:
+  judges ownership-map [dir]
+  judges ownership-map --format json
+
+Options:
+  [dir]                 Directory to scan (default: .)
+  --format json         JSON output
+  --help, -h            Show this help
+
+Checks: CODEOWNERS coverage, orphaned files, stale owners, overlapping patterns.
+`);
+        return;
+    }
+    const format = argv.find((_a, i) => argv[i - 1] === "--format") || "text";
+    const dir = argv.find((a) => !a.startsWith("-") && argv.indexOf(a) > 0) || ".";
+    const { gaps, stats } = analyze(dir);
+    const coveragePct = stats.total > 0 ? Math.round((stats.owned / stats.total) * 100) : 100;
+    const score = Math.max(0, coveragePct - stats.stale * 5);
+    if (format === "json") {
+        console.log(JSON.stringify({ gaps, stats, coverage: coveragePct, score, timestamp: new Date().toISOString() }, null, 2));
+    }
+    else {
+        const badge = coveragePct >= 90 ? "✅ GOOD" : coveragePct >= 60 ? "⚠️  PARTIAL" : "❌ LOW";
+        console.log(`\n  Ownership Coverage: ${badge} (${coveragePct}%)\n  ──────────────────────────────`);
+        console.log(`    Total files: ${stats.total} | Owned: ${stats.owned} | Orphaned: ${stats.orphaned} | Stale: ${stats.stale}\n`);
+        if (gaps.length === 0) {
+            console.log("    No ownership issues detected.\n");
+            return;
+        }
+        for (const g of gaps) {
+            const icon = g.severity === "high" ? "🔴" : g.severity === "medium" ? "🟡" : "🔵";
+            console.log(`    ${icon} ${g.issue}`);
+            console.log(`        ${g.path}`);
+            console.log(`        ${g.detail}`);
+        }
+        console.log(`\n    Score: ${score}/100\n`);
+    }
+}
+//# sourceMappingURL=ownership-map.js.map

package/dist/commands/ownership-map.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ownership-map.js","sourceRoot":"","sources":["../../src/commands/ownership-map.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AACrE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,MAAM,CAAC;AAC/C,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAgBzC,+EAA+E;AAE/E,SAAS,eAAe,CAAC,GAAW;IAClC,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,YAAY,CAAC,EAAE,IAAI,CAAC,GAAG,EAAE,SAAS,EAAE,YAAY,CAAC,EAAE,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,YAAY,CAAC,CAAC,CAAC;IAClH,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;QAC9B,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACrB,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YAC5C,MAAM,OAAO,GAAiB,EAAE,CAAC;YACjC,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC5B,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,SAAS;gBAClD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;gBACnC,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;oBACtB,OAAO,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBAC9D,CAAC;YACH,CAAC;YACD,OAAO,OAAO,CAAC;QACjB,CAAC;IACH,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,+EAA+E;AAE/E,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;AAEtG,SAAS,kBAAkB,CAAC,GAAW,EAAE,GAAG,GAAG,GAAG;IAChD,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,SAAS,IAAI,CAAC,CAAS;QACrB,IAAI,KAAK,CAAC,MAAM,IAAI,GAAG;YAAE,OAAO;QAChC,IAAI,OAAiB,CAAC;QACtB,IAAI,CAAC;YACH,OAAO,GAAG,WAAW,CAAC,CAAC,CAAwB,CAAC;QAClD,CAAC;QAAC,MAAM,CAAC;YACP,OAAO;QACT,CAAC;QACD,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;YACxB,IAAI,KAAK,CAAC,MAAM,IAAI,GAAG;gBAAE,OAAO;YAChC,IAAI,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,cAAc,IAAI,CAAC,KAAK,MAAM,IAAI,CAAC,KAAK,OAAO;gBAAE,SAAS;YACzF,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACxB,IAAI,CAAC;gBACH,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE;oBAAE,IAAI,CAAC,IAAI,CAAC,CAAC;qBACxC,IAAI,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;oBAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1D,CAAC;YAAC,MAAM,CAAC;gBACP,UAAU;YACZ,CAAC;QACH,CAAC;IACH,CAAC;IACD,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,OAAO,KAAK,CAAC;AACf,CAAC;AAED,+EAA+E;AAE/E,SAAS,cAAc,CAAC,QAAgB,EAAE,OAAe;IACvD,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC1B,OAAO,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;IACnD,CAAC;IACD,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC5B,OAAO,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7C,CAAC;IACD,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAC1B,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;QACnE,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC9B,CAAC;IACD,OAAO,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,QAAQ,KAAK,OAAO,CAAC;AAC9D,CAAC;AAED,SAAS,gBAAgB,CAAC,GAAW,EAAE,QAAgB,EAAE,MAAM,GAAG,CAAC;IACjE,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,IAAI,IAAI,EAAE,CAAC;QACzB,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG,MAAM,CAAC,CAAC;QAC1C,MAAM,OAAO,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAClD,MAAM,MAAM,GAAG,QAAQ,CAAC,oBAAoB,OAAO,wBAAwB,QAAQ,GAAG,EAAE;YACtF,GAAG,EAAE,GAAG;YACR,QAAQ,EAAE,OAAO;YACjB,OAAO,EAAE,IAAI;SACd,CAAC,CAAC,IAAI,EAAE,CAAC;QACV,IAAI,CAAC,MAAM;YAAE,OAAO,EAAE,CAAC;QACvB,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC1C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,SAAS,OAAO,CAAC,GAAW;IAI1B,MAAM,IAAI,GAAmB,EAAE,CAAC;IAChC,MAAM,OAAO,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;IACrC,MAAM,KAAK,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;IAEtC,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,YAAY;YAClB,KAAK,EAAE,oBAAoB;YAC3B,QAAQ,EAAE,MAAM;YAChB,MAAM,EAAE,sDAAsD;SAC/D,CAAC,CAAC;QACH,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,KAAK,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC;IAC9F,CAAC;IAED,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,QAAQ,GAAG,CAAC,CAAC;IACjB,IAAI,KAAK,GAAG,CAAC,CAAC;IAEd,4CAA4C;IAC5C,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,MAAM,GAAG,GAAG,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QACjD,MAAM,MAAM,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACjC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAEjB,6BAA6B;QAC7B,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;QACrE,IAAI,QAAQ,EAAE,CAAC;YACb,KAAK,EAAE,CAAC;QACV,CAAC;aAAM,CAAC;YACN,QAAQ,EAAE,CAAC;YACX,IAAI,QAAQ,IAAI,EAAE,EAAE,CAAC;gBACnB,IAAI,CAAC,IAAI,CAAC;oBACR,IAAI,EAAE,GAAG;oBACT,KAAK,EAAE,eAAe;oBACtB,QAAQ,EAAE,QAAQ;oBAClB,MAAM,EAAE,uCAAuC;iBAChD,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,GAAG,EAAE,EAAE,CAAC;QAClB,IAAI,CAAC,IAAI,CAAC;YACR,IAAI,EAAE,YAAY;YAClB,KAAK,EAAE,GAAG,QAAQ,GAAG,EAAE,qBAAqB;YAC5C,QAAQ,EAAE,QAAQ;YAClB,MAAM,EAAE,oCAAoC;SAC7C,CAAC,CAAC;IACL,CAAC;IAED,kEAAkE;IAClE,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,aAAa,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;QAC/G,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC/B,IAAI,CAAC,IAAI,CAAC;gBACR,IAAI,EAAE,KAAK,CAAC,OAAO;gBACnB,KAAK,EAAE,qCAAqC;gBAC5C,QAAQ,EAAE,KAAK;gBACf,MAAM,EAAE,YAAY,KAAK,CAAC,OAAO,OAAO,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,kBAAkB;aAClF,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QACD,8BAA8B;QAC9B,MAAM,MAAM,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,OAAO,GAAG,gBAAgB,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAC9C,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,KAAK,EAAE,CAAC;YACR,IAAI,CAAC,IAAI,CAAC;gBACR,IAAI,EAAE,KAAK,CAAC,OAAO;gBACnB,KAAK,EAAE,iBAAiB;gBACxB,QAAQ,EAAE,QAAQ;gBAClB,MAAM,EAAE,+BAA+B,KAAK,CAAC,OAAO,cAAc,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG;aAC7F,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,iCAAiC;IACjC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,KAAK,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5C,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;YAC7G,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;YAC7G,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YACzD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACvB,IAAI,CAAC,IAAI,CAAC;oBACR,IAAI,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,MAAM,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE;oBACrD,KAAK,EAAE,gCAAgC;oBACvC,QAAQ,EAAE,KAAK;oBACf,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,6DAA6D;iBACvF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,EAAE,CAAC;AAC1E,CAAC;AAED,+EAA+E;AAE/E,MAAM,UAAU,eAAe,CAAC,IAAc;IAC5C,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;CAaf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,IAAI,MAAM,CAAC;IAC1F,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC;IAE/E,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC;IACrC,MAAM,WAAW,GAAG,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAC1F,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,GAAG,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;IAEzD,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CACT,IAAI,CAAC,SAAS,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAC5G,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,KAAK,GAAG,WAAW,IAAI,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,CAAC;QACzF,OAAO,CAAC,GAAG,CAAC,2BAA2B,KAAK,KAAK,WAAW,sCAAsC,CAAC,CAAC;QACpG,OAAO,CAAC,GAAG,CACT,oBAAoB,KAAK,CAAC,KAAK,aAAa,KAAK,CAAC,KAAK,gBAAgB,KAAK,CAAC,QAAQ,aAAa,KAAK,CAAC,KAAK,IAAI,CAClH,CAAC;QAEF,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;YACnD,OAAO;QACT,CAAC;QAED,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;YACrB,MAAM,IAAI,GAAG,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;YAClF,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;YACtC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;YACjC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC;QACrC,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,gBAAgB,KAAK,QAAQ,CAAC,CAAC;IAC7C,CAAC;AACH,CAAC"}

package/dist/commands/privilege-path.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Privilege path — model authorization flows to find privilege-escalation paths.
+ */
+export declare function runPrivilegePath(argv: string[]): void;
+//# sourceMappingURL=privilege-path.d.ts.map

package/dist/commands/privilege-path.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"privilege-path.d.ts","sourceRoot":"","sources":["../../src/commands/privilege-path.ts"],"names":[],"mappings":"AAAA;;GAEG;AAgNH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CA+DrD"}

package/dist/commands/privilege-path.js

@@ -0,0 +1,234 @@
+/**
+ * Privilege path — model authorization flows to find privilege-escalation paths.
+ */
+import { readFileSync, readdirSync, statSync } from "fs";
+import { join, extname } from "path";
+// ─── File Collection ────────────────────────────────────────────────────────
+const CODE_EXTS = new Set([".ts", ".tsx", ".js", ".jsx", ".py", ".java", ".go", ".rs"]);
+function collectFiles(dir, max = 300) {
+    const files = [];
+    function walk(d) {
+        if (files.length >= max)
+            return;
+        let entries;
+        try {
+            entries = readdirSync(d);
+        }
+        catch {
+            return;
+        }
+        for (const e of entries) {
+            if (files.length >= max)
+                return;
+            if (e.startsWith(".") || e === "node_modules" || e === "dist" || e === "build")
+                continue;
+            const full = join(d, e);
+            try {
+                if (statSync(full).isDirectory())
+                    walk(full);
+                else if (CODE_EXTS.has(extname(full)))
+                    files.push(full);
+            }
+            catch {
+                /* skip */
+            }
+        }
+    }
+    walk(dir);
+    return files;
+}
+// ─── Analysis ───────────────────────────────────────────────────────────────
+function analyzeFile(filepath) {
+    const issues = [];
+    let content;
+    try {
+        content = readFileSync(filepath, "utf-8");
+    }
+    catch {
+        return issues;
+    }
+    const lines = content.split("\n");
+    const fullText = content;
+    // Detect route/endpoint definitions
+    const isRouteFile = /(?:router|app)\.\s*(?:get|post|put|delete|patch|all)\s*\(|@(?:GET|POST|PUT|DELETE|PATCH|Controller|RequestMapping)/i.test(fullText);
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        // Route without auth middleware
+        if (/(?:router|app)\.\s*(?:get|post|put|delete|patch)\s*\(\s*['"]([^'"]+)['"]/.test(line)) {
+            const routeMatch = line.match(/(?:router|app)\.\s*(?:get|post|put|delete|patch)\s*\(\s*['"]([^'"]+)['"]/);
+            if (routeMatch) {
+                const route = routeMatch[1];
+                const block = lines.slice(i, Math.min(i + 3, lines.length)).join("\n");
+                // Skip public routes
+                if (!/(?:health|status|ping|public|login|register|signup|webhook|callback)/i.test(route)) {
+                    if (!/auth|authenticate|authorize|requireAuth|isAuthenticated|passport|guard|protect|jwt|token|session/i.test(block)) {
+                        issues.push({
+                            file: filepath,
+                            line: i + 1,
+                            issue: "Route without authentication middleware",
+                            severity: "high",
+                            detail: `${route} — no auth middleware detected; endpoint may be publicly accessible`,
+                        });
+                    }
+                }
+            }
+        }
+        // IDOR: user ID from request used directly in query
+        if (/(?:req\.params|req\.query|req\.body|request\.\w+)\.\s*(?:id|userId|user_id)/i.test(line)) {
+            const block = lines.slice(i, Math.min(i + 8, lines.length)).join("\n");
+            if (/(?:findById|findOne|where|SELECT|DELETE|UPDATE)\s*\(/i.test(block)) {
+                if (!/req\.user|currentUser|session\.user|token\.sub|auth\.user/i.test(block)) {
+                    issues.push({
+                        file: filepath,
+                        line: i + 1,
+                        issue: "Potential IDOR — user ID from request without ownership check",
+                        severity: "high",
+                        detail: "User-supplied ID used in query without verifying ownership — attacker can access other users' data",
+                    });
+                }
+            }
+        }
+        // Role check using string comparison (fragile)
+        if (/role\s*===?\s*['"]admin['"]|role\s*===?\s*['"]superadmin['"]/i.test(line)) {
+            if (!/enum|const\s+ROLES|Role\./i.test(fullText)) {
+                issues.push({
+                    file: filepath,
+                    line: i + 1,
+                    issue: "Role check with magic string",
+                    severity: "medium",
+                    detail: "Role comparison uses magic string — use enum/constant to prevent typo-based bypass",
+                });
+            }
+        }
+        // Privilege escalation: self-assign role
+        if (/role|isAdmin|is_admin|permissions/i.test(line) && /req\.body|request\.body/i.test(line)) {
+            issues.push({
+                file: filepath,
+                line: i + 1,
+                issue: "Role/permission from user input",
+                severity: "high",
+                detail: "Role or permission value taken from request body — user can self-escalate privileges",
+            });
+        }
+        // Missing authorization on destructive operations
+        if (/\.(?:delete|destroy|remove|drop|truncate)\s*\(/i.test(line) && isRouteFile) {
+            const contextBlock = lines.slice(Math.max(0, i - 10), i + 1).join("\n");
+            if (!/authorize|permission|role|isAdmin|canDelete|allowed/i.test(contextBlock)) {
+                issues.push({
+                    file: filepath,
+                    line: i + 1,
+                    issue: "Destructive operation without authorization check",
+                    severity: "high",
+                    detail: "Delete/destroy called without prior authorization — any authenticated user may execute it",
+                });
+            }
+        }
+        // JWT token without signature verification
+        if (/jwt\.decode\s*\(/.test(line)) {
+            if (!/jwt\.verify|jsonwebtoken.*verify/i.test(fullText)) {
+                issues.push({
+                    file: filepath,
+                    line: i + 1,
+                    issue: "JWT decoded without verification",
+                    severity: "high",
+                    detail: "jwt.decode() does NOT verify signature — use jwt.verify() to prevent token forgery",
+                });
+            }
+        }
+        // Hardcoded secrets/tokens in auth logic
+        if (/(?:secret|password|token|apiKey|api_key)\s*[:=]\s*['"][^'"]{8,}['"]/i.test(line)) {
+            if (!/test|spec|mock|fixture|example|sample/i.test(filepath)) {
+                issues.push({
+                    file: filepath,
+                    line: i + 1,
+                    issue: "Hardcoded credential in auth logic",
+                    severity: "high",
+                    detail: "Secret/token hardcoded in source — extract to environment variable or secret manager",
+                });
+            }
+        }
+        // Session fixation: session ID not regenerated after login
+        if (/login|authenticate|signIn/i.test(line) && /function|=>|async/.test(line)) {
+            const funcBlock = lines.slice(i, Math.min(i + 30, lines.length)).join("\n");
+            if (/session/i.test(funcBlock) && !/regenerate|destroy.*session|req\.session\s*=\s*null/i.test(funcBlock)) {
+                issues.push({
+                    file: filepath,
+                    line: i + 1,
+                    issue: "Session not regenerated after login",
+                    severity: "medium",
+                    detail: "Session ID persists across auth boundary — regenerate to prevent session fixation",
+                });
+            }
+        }
+        // CORS: wildcard origin with credentials
+        if (/origin\s*:\s*['"]\*['"]|origin\s*:\s*true/.test(line)) {
+            const block = lines.slice(i, Math.min(i + 5, lines.length)).join("\n");
+            if (/credentials\s*:\s*true/i.test(block)) {
+                issues.push({
+                    file: filepath,
+                    line: i + 1,
+                    issue: "CORS wildcard with credentials",
+                    severity: "high",
+                    detail: "Wildcard origin with credentials allows any site to make authenticated requests",
+                });
+            }
+        }
+    }
+    return issues;
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runPrivilegePath(argv) {
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges privilege-path — Model authorization flows to find escalation paths
+
+Usage:
+  judges privilege-path [dir]
+  judges privilege-path src/ --format json
+
+Options:
+  [dir]                 Directory to scan (default: .)
+  --format json         JSON output
+  --help, -h            Show this help
+
+Checks: routes without auth, IDOR patterns, magic-string role checks, self-assigned roles,
+unprotected destructive ops, JWT decode without verify, hardcoded secrets, session fixation, CORS.
+`);
+        return;
+    }
+    const format = argv.find((_a, i) => argv[i - 1] === "--format") || "text";
+    const dir = argv.find((a) => !a.startsWith("-") && argv.indexOf(a) > 0) || ".";
+    const files = collectFiles(dir);
+    const allIssues = [];
+    for (const f of files)
+        allIssues.push(...analyzeFile(f));
+    const highCount = allIssues.filter((i) => i.severity === "high").length;
+    const medCount = allIssues.filter((i) => i.severity === "medium").length;
+    const score = Math.max(0, 100 - highCount * 10 - medCount * 4);
+    if (format === "json") {
+        console.log(JSON.stringify({
+            issues: allIssues,
+            score,
+            summary: { high: highCount, medium: medCount, total: allIssues.length },
+            timestamp: new Date().toISOString(),
+        }, null, 2));
+    }
+    else {
+        const badge = score >= 80 ? "✅ SECURE" : score >= 50 ? "⚠️  GAPS" : "❌ EXPOSED";
+        console.log(`\n  Privilege Safety: ${badge} (${score}/100)\n  ─────────────────────────────`);
+        if (allIssues.length === 0) {
+            console.log("    No privilege escalation paths detected.\n");
+            return;
+        }
+        for (const issue of allIssues.slice(0, 25)) {
+            const icon = issue.severity === "high" ? "🔴" : issue.severity === "medium" ? "🟡" : "🔵";
+            console.log(`    ${icon} ${issue.issue}`);
+            console.log(`        ${issue.file}:${issue.line}`);
+            console.log(`        ${issue.detail}`);
+        }
+        if (allIssues.length > 25)
+            console.log(`    ... and ${allIssues.length - 25} more`);
+        console.log(`\n    Total: ${allIssues.length} | High: ${highCount} | Medium: ${medCount} | Score: ${score}/100\n`);
+    }
+}
+//# sourceMappingURL=privilege-path.js.map

package/dist/commands/privilege-path.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"privilege-path.js","sourceRoot":"","sources":["../../src/commands/privilege-path.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,IAAI,CAAC;AACzD,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAYrC,+EAA+E;AAE/E,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC;AAExF,SAAS,YAAY,CAAC,GAAW,EAAE,GAAG,GAAG,GAAG;IAC1C,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,SAAS,IAAI,CAAC,CAAS;QACrB,IAAI,KAAK,CAAC,MAAM,IAAI,GAAG;YAAE,OAAO;QAChC,IAAI,OAAiB,CAAC;QACtB,IAAI,CAAC;YACH,OAAO,GAAG,WAAW,CAAC,CAAC,CAAwB,CAAC;QAClD,CAAC;QAAC,MAAM,CAAC;YACP,OAAO;QACT,CAAC;QACD,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;YACxB,IAAI,KAAK,CAAC,MAAM,IAAI,GAAG;gBAAE,OAAO;YAChC,IAAI,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,cAAc,IAAI,CAAC,KAAK,MAAM,IAAI,CAAC,KAAK,OAAO;gBAAE,SAAS;YACzF,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACxB,IAAI,CAAC;gBACH,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE;oBAAE,IAAI,CAAC,IAAI,CAAC,CAAC;qBACxC,IAAI,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;oBAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1D,CAAC;YAAC,MAAM,CAAC;gBACP,UAAU;YACZ,CAAC;QACH,CAAC;IACH,CAAC;IACD,IAAI,CAAC,GAAG,CAAC,CAAC;IACV,OAAO,KAAK,CAAC;AACf,CAAC;AAED,+EAA+E;AAE/E,SAAS,WAAW,CAAC,QAAgB;IACnC,MAAM,MAAM,GAAqB,EAAE,CAAC;IACpC,IAAI,OAAe,CAAC;IACpB,IAAI,CAAC;QACH,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC5C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,QAAQ,GAAG,OAAO,CAAC;IAEzB,oCAAoC;IACpC,MAAM,WAAW,GACf,qHAAqH,CAAC,IAAI,CACxH,QAAQ,CACT,CAAC;IAEJ,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAEtB,gCAAgC;QAChC,IAAI,0EAA0E,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1F,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,0EAA0E,CAAC,CAAC;YAC1G,IAAI,UAAU,EAAE,CAAC;gBACf,MAAM,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;gBAC5B,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACvE,qBAAqB;gBACrB,IAAI,CAAC,uEAAuE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;oBACzF,IACE,CAAC,mGAAmG,CAAC,IAAI,CACvG,KAAK,CACN,EACD,CAAC;wBACD,MAAM,CAAC,IAAI,CAAC;4BACV,IAAI,EAAE,QAAQ;4BACd,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,KAAK,EAAE,yCAAyC;4BAChD,QAAQ,EAAE,MAAM;4BAChB,MAAM,EAAE,GAAG,KAAK,qEAAqE;yBACtF,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,oDAAoD;QACpD,IAAI,8EAA8E,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9F,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACvE,IAAI,uDAAuD,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;gBACxE,IAAI,CAAC,4DAA4D,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC9E,MAAM,CAAC,IAAI,CAAC;wBACV,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE,CAAC,GAAG,CAAC;wBACX,KAAK,EAAE,+DAA+D;wBACtE,QAAQ,EAAE,MAAM;wBAChB,MAAM,EACJ,oGAAoG;qBACvG,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,+CAA+C;QAC/C,IAAI,+DAA+D,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/E,IAAI,CAAC,4BAA4B,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACjD,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,KAAK,EAAE,8BAA8B;oBACrC,QAAQ,EAAE,QAAQ;oBAClB,MAAM,EAAE,oFAAoF;iBAC7F,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,yCAAyC;QACzC,IAAI,oCAAoC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,0BAA0B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC7F,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,CAAC,GAAG,CAAC;gBACX,KAAK,EAAE,iCAAiC;gBACxC,QAAQ,EAAE,MAAM;gBAChB,MAAM,EAAE,sFAAsF;aAC/F,CAAC,CAAC;QACL,CAAC;QAED,kDAAkD;QAClD,IAAI,iDAAiD,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,WAAW,EAAE,CAAC;YAChF,MAAM,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACxE,IAAI,CAAC,sDAAsD,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;gBAC/E,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,KAAK,EAAE,mDAAmD;oBAC1D,QAAQ,EAAE,MAAM;oBAChB,MAAM,EAAE,2FAA2F;iBACpG,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,2CAA2C;QAC3C,IAAI,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAClC,IAAI,CAAC,mCAAmC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACxD,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,KAAK,EAAE,kCAAkC;oBACzC,QAAQ,EAAE,MAAM;oBAChB,MAAM,EAAE,oFAAoF;iBAC7F,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,yCAAyC;QACzC,IAAI,sEAAsE,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACtF,IAAI,CAAC,wCAAwC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7D,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,KAAK,EAAE,oCAAoC;oBAC3C,QAAQ,EAAE,MAAM;oBAChB,MAAM,EAAE,sFAAsF;iBAC/F,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,2DAA2D;QAC3D,IAAI,4BAA4B,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9E,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC5E,IAAI,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,sDAAsD,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC1G,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,KAAK,EAAE,qCAAqC;oBAC5C,QAAQ,EAAE,QAAQ;oBAClB,MAAM,EAAE,mFAAmF;iBAC5F,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,yCAAyC;QACzC,IAAI,2CAA2C,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3D,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACvE,IAAI,yBAAyB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC1C,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,KAAK,EAAE,gCAAgC;oBACvC,QAAQ,EAAE,MAAM;oBAChB,MAAM,EAAE,iFAAiF;iBAC1F,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,+EAA+E;AAE/E,MAAM,UAAU,gBAAgB,CAAC,IAAc;IAC7C,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;CAcf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,EAAU,EAAE,CAAS,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAAC,IAAI,MAAM,CAAC;IAC1F,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC;IAE/E,MAAM,KAAK,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;IAChC,MAAM,SAAS,GAAqB,EAAE,CAAC;IACvC,KAAK,MAAM,CAAC,IAAI,KAAK;QAAE,SAAS,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;IAEzD,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;IACxE,MAAM,QAAQ,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;IACzE,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,SAAS,GAAG,EAAE,GAAG,QAAQ,GAAG,CAAC,CAAC,CAAC;IAE/D,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CACT,IAAI,CAAC,SAAS,CACZ;YACE,MAAM,EAAE,SAAS;YACjB,KAAK;YACL,OAAO,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,SAAS,CAAC,MAAM,EAAE;YACvE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,EACD,IAAI,EACJ,CAAC,CACF,CACF,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,WAAW,CAAC;QAChF,OAAO,CAAC,GAAG,CAAC,yBAAyB,KAAK,KAAK,KAAK,wCAAwC,CAAC,CAAC;QAE9F,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;YAC7D,OAAO;QACT,CAAC;QAED,KAAK,MAAM,KAAK,IAAI,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;YAC3C,MAAM,IAAI,GAAG,KAAK,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;YAC1F,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;YAC1C,OAAO,CAAC,GAAG,CAAC,WAAW,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;YACnD,OAAO,CAAC,GAAG,CAAC,WAAW,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QACzC,CAAC;QACD,IAAI,SAAS,CAAC,MAAM,GAAG,EAAE;YAAE,OAAO,CAAC,GAAG,CAAC,eAAe,SAAS,CAAC,MAAM,GAAG,EAAE,OAAO,CAAC,CAAC;QAEpF,OAAO,CAAC,GAAG,CAAC,gBAAgB,SAAS,CAAC,MAAM,YAAY,SAAS,cAAc,QAAQ,aAAa,KAAK,QAAQ,CAAC,CAAC;IACrH,CAAC;AACH,CAAC"}

package/dist/commands/retry-pattern-audit.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Retry pattern audit — analyze retry, backoff, and circuit-breaker patterns
+ * for correctness and consistency.
+ */
+export declare function runRetryPatternAudit(argv: string[]): void;
+//# sourceMappingURL=retry-pattern-audit.d.ts.map

package/dist/commands/retry-pattern-audit.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"retry-pattern-audit.d.ts","sourceRoot":"","sources":["../../src/commands/retry-pattern-audit.ts"],"names":[],"mappings":"AAAA;;;GAGG;AA2LH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAiEzD"}