@kevinrabun/judges 3.88.0 → 3.90.0

package/dist/commands/finding-auto-tag.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Finding-auto-tag — Automatically tag findings based on content analysis.
+ */
+export declare function runFindingAutoTag(argv: string[]): void;
+//# sourceMappingURL=finding-auto-tag.d.ts.map

package/dist/commands/finding-auto-tag.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-auto-tag.d.ts","sourceRoot":"","sources":["../../src/commands/finding-auto-tag.ts"],"names":[],"mappings":"AAAA;;GAEG;AAuDH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAiFtD"}

package/dist/commands/finding-auto-tag.js

@@ -0,0 +1,114 @@
+/**
+ * Finding-auto-tag — Automatically tag findings based on content analysis.
+ */
+import { readFileSync, existsSync } from "fs";
+// ─── Tag Rules ──────────────────────────────────────────────────────────────
+const TAG_PATTERNS = [
+    { tag: "security", patterns: ["auth", "crypt", "inject", "xss", "csrf", "vuln", "secret", "password"] },
+    { tag: "performance", patterns: ["perf", "optim", "cache", "memory", "latency", "n+1"] },
+    { tag: "data-validation", patterns: ["valid", "sanitiz", "input", "schema", "type-check"] },
+    { tag: "error-handling", patterns: ["error", "exception", "catch", "throw", "fault"] },
+    { tag: "dependency", patterns: ["depend", "import", "require", "package", "vulnerab"] },
+    { tag: "configuration", patterns: ["config", "env", "setting", "option", "flag"] },
+    { tag: "api", patterns: ["api", "endpoint", "route", "request", "response"] },
+    { tag: "database", patterns: ["sql", "query", "database", "orm", "migration"] },
+    { tag: "testing", patterns: ["test", "mock", "stub", "assert", "coverage"] },
+    { tag: "logging", patterns: ["log", "monitor", "trace", "debug", "audit"] },
+];
+// ─── Analysis ───────────────────────────────────────────────────────────────
+function autoTag(verdict) {
+    return verdict.findings.map((f) => {
+        const combined = `${f.ruleId} ${f.title} ${f.description}`.toLowerCase();
+        const tags = [];
+        for (const rule of TAG_PATTERNS) {
+            if (rule.patterns.some((p) => combined.includes(p))) {
+                tags.push(rule.tag);
+            }
+        }
+        if (tags.length === 0)
+            tags.push("general");
+        return {
+            ruleId: f.ruleId,
+            title: f.title,
+            severity: (f.severity || "medium").toLowerCase(),
+            tags,
+        };
+    });
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runFindingAutoTag(argv) {
+    const fileIdx = argv.indexOf("--file");
+    const tagIdx = argv.indexOf("--tag");
+    const formatIdx = argv.indexOf("--format");
+    const filePath = fileIdx >= 0 ? argv[fileIdx + 1] : undefined;
+    const filterTag = tagIdx >= 0 ? argv[tagIdx + 1] : undefined;
+    const format = formatIdx >= 0 ? argv[formatIdx + 1] : "table";
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges finding-auto-tag — Auto-tag findings by content
+
+Usage:
+  judges finding-auto-tag --file <verdict.json> [--tag <filter>]
+                          [--format table|json]
+
+Options:
+  --file <path>      Path to verdict JSON file (required)
+  --tag <tag>        Filter by tag (e.g., security, performance)
+  --format <fmt>     Output format: table (default), json
+  --help, -h         Show this help
+`);
+        return;
+    }
+    if (!filePath) {
+        console.error("Error: --file required");
+        process.exitCode = 1;
+        return;
+    }
+    if (!existsSync(filePath)) {
+        console.error(`Error: not found: ${filePath}`);
+        process.exitCode = 1;
+        return;
+    }
+    let verdict;
+    try {
+        verdict = JSON.parse(readFileSync(filePath, "utf-8"));
+    }
+    catch {
+        console.error("Error: invalid JSON");
+        process.exitCode = 1;
+        return;
+    }
+    let tagged = autoTag(verdict);
+    if (filterTag) {
+        tagged = tagged.filter((t) => t.tags.includes(filterTag));
+    }
+    if (format === "json") {
+        console.log(JSON.stringify(tagged, null, 2));
+        return;
+    }
+    // tag summary
+    const tagCounts = new Map();
+    for (const t of tagged) {
+        for (const tag of t.tags) {
+            tagCounts.set(tag, (tagCounts.get(tag) || 0) + 1);
+        }
+    }
+    console.log(`\nAuto-Tagged Findings (${tagged.length})`);
+    console.log("═".repeat(70));
+    console.log("  Tag Summary:");
+    for (const [tag, count] of [...tagCounts.entries()].sort((a, b) => b[1] - a[1])) {
+        console.log(`    ${tag.padEnd(20)} ${count}`);
+    }
+    console.log("─".repeat(70));
+    console.log(`${"Rule".padEnd(20)} ${"Severity".padEnd(10)} ${"Tags".padEnd(30)} Title`);
+    console.log("─".repeat(70));
+    for (const t of tagged) {
+        const rule = t.ruleId.length > 18 ? t.ruleId.slice(0, 18) + "…" : t.ruleId;
+        const title = t.title.length > 20 ? t.title.slice(0, 20) + "…" : t.title;
+        const tags = t.tags.join(", ");
+        const tagsStr = tags.length > 28 ? tags.slice(0, 28) + "…" : tags;
+        console.log(`${rule.padEnd(20)} ${t.severity.padEnd(10)} ${tagsStr.padEnd(30)} ${title}`);
+    }
+    console.log("═".repeat(70));
+}
+//# sourceMappingURL=finding-auto-tag.js.map

package/dist/commands/finding-auto-tag.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-auto-tag.js","sourceRoot":"","sources":["../../src/commands/finding-auto-tag.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAY9C,+EAA+E;AAE/E,MAAM,YAAY,GAA+C;IAC/D,EAAE,GAAG,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,CAAC,EAAE;IACvG,EAAE,GAAG,EAAE,aAAa,EAAE,QAAQ,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,CAAC,EAAE;IACxF,EAAE,GAAG,EAAE,iBAAiB,EAAE,QAAQ,EAAE,CAAC,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,YAAY,CAAC,EAAE;IAC3F,EAAE,GAAG,EAAE,gBAAgB,EAAE,QAAQ,EAAE,CAAC,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE;IACtF,EAAE,GAAG,EAAE,YAAY,EAAE,QAAQ,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE;IACvF,EAAE,GAAG,EAAE,eAAe,EAAE,QAAQ,EAAE,CAAC,QAAQ,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,CAAC,EAAE;IAClF,EAAE,GAAG,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,UAAU,CAAC,EAAE;IAC7E,EAAE,GAAG,EAAE,UAAU,EAAE,QAAQ,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,WAAW,CAAC,EAAE;IAC/E,EAAE,GAAG,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,CAAC,EAAE;IAC5E,EAAE,GAAG,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE;CAC5E,CAAC;AAEF,+EAA+E;AAE/E,SAAS,OAAO,CAAC,OAAwB;IACvC,OAAO,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QAChC,MAAM,QAAQ,GAAG,GAAG,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,WAAW,EAAE,CAAC;QACzE,MAAM,IAAI,GAAa,EAAE,CAAC;QAE1B,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;YAChC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACpD,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACtB,CAAC;QACH,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAE5C,OAAO;YACL,MAAM,EAAE,CAAC,CAAC,MAAM;YAChB,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,QAAQ,EAAE,CAAC,CAAC,CAAC,QAAQ,IAAI,QAAQ,CAAC,CAAC,WAAW,EAAE;YAChD,IAAI;SACL,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,+EAA+E;AAE/E,MAAM,UAAU,iBAAiB,CAAC,IAAc;IAC9C,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACvC,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,QAAQ,GAAG,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAC9D,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAC7D,MAAM,MAAM,GAAG,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IAE9D,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;CAYf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;QACxC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IACD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,KAAK,CAAC,qBAAqB,QAAQ,EAAE,CAAC,CAAC;QAC/C,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,IAAI,OAAwB,CAAC;IAC7B,IAAI,CAAC;QACH,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;IACxD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACrC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,IAAI,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;IAC9B,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC;IAC5D,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7C,OAAO;IACT,CAAC;IAED,cAAc;IACd,MAAM,SAAS,GAAG,IAAI,GAAG,EAAkB,CAAC;IAC5C,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,KAAK,MAAM,GAAG,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC;YACzB,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,2BAA2B,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC;IACzD,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5B,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAC9B,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAChF,OAAO,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,KAAK,EAAE,CAAC,CAAC;IAChD,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5B,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC;IACxF,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAE5B,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,MAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;QAC3E,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;QACzE,MAAM,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC/B,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;QAClE,OAAO,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,KAAK,EAAE,CAAC,CAAC;IAC5F,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;AAC9B,CAAC"}

package/dist/commands/finding-category-map.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Finding-category-map — Map findings to categories and display category breakdown.
+ */
+export declare function runFindingCategoryMap(argv: string[]): void;
+//# sourceMappingURL=finding-category-map.d.ts.map

package/dist/commands/finding-category-map.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-category-map.d.ts","sourceRoot":"","sources":["../../src/commands/finding-category-map.ts"],"names":[],"mappings":"AAAA;;GAEG;AA+DH,wBAAgB,qBAAqB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAkE1D"}

package/dist/commands/finding-category-map.js

@@ -0,0 +1,104 @@
+/**
+ * Finding-category-map — Map findings to categories and display category breakdown.
+ */
+import { readFileSync, existsSync } from "fs";
+import { defaultRegistry } from "../judge-registry.js";
+// ─── Category Mapping ──────────────────────────────────────────────────────
+const CATEGORY_KEYWORDS = {
+    security: ["auth", "crypt", "inject", "xss", "csrf", "vuln", "secret", "password", "token", "session"],
+    performance: ["perf", "optim", "cache", "memory", "latency", "throughput", "bottleneck"],
+    quality: ["quality", "complex", "duplic", "maintai", "readab", "smell", "debt"],
+    compliance: ["compl", "gdpr", "hipaa", "sox", "pci", "regulat", "policy", "privacy"],
+    reliability: ["error", "exception", "fault", "retry", "timeout", "availab", "resilien"],
+    data: ["data", "validat", "sanitiz", "input", "schema", "format"],
+};
+function categorize(ruleId, title, description, domain) {
+    const combined = `${ruleId} ${title} ${description} ${domain}`.toLowerCase();
+    for (const [category, keywords] of Object.entries(CATEGORY_KEYWORDS)) {
+        if (keywords.some((kw) => combined.includes(kw))) {
+            return category;
+        }
+    }
+    return "general";
+}
+// ─── Analysis ───────────────────────────────────────────────────────────────
+function buildCategoryMap(verdict) {
+    const judges = defaultRegistry.getJudges();
+    const catMap = new Map();
+    for (const f of verdict.findings) {
+        const judge = judges.find((j) => f.ruleId.startsWith(j.rulePrefix));
+        const domain = judge ? judge.domain : "unknown";
+        const category = categorize(f.ruleId, f.title, f.description, domain);
+        const entry = catMap.get(category) || { category, domain, findings: [], count: 0 };
+        entry.findings.push({
+            ruleId: f.ruleId,
+            title: f.title,
+            severity: (f.severity || "medium").toLowerCase(),
+        });
+        entry.count++;
+        catMap.set(category, entry);
+    }
+    return [...catMap.values()].sort((a, b) => b.count - a.count);
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runFindingCategoryMap(argv) {
+    const fileIdx = argv.indexOf("--file");
+    const formatIdx = argv.indexOf("--format");
+    const filePath = fileIdx >= 0 ? argv[fileIdx + 1] : undefined;
+    const format = formatIdx >= 0 ? argv[formatIdx + 1] : "table";
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges finding-category-map — Map findings to categories
+
+Usage:
+  judges finding-category-map --file <verdict.json> [--format table|json]
+
+Options:
+  --file <path>      Path to verdict JSON file (required)
+  --format <fmt>     Output format: table (default), json
+  --help, -h         Show this help
+`);
+        return;
+    }
+    if (!filePath) {
+        console.error("Error: --file required");
+        process.exitCode = 1;
+        return;
+    }
+    if (!existsSync(filePath)) {
+        console.error(`Error: not found: ${filePath}`);
+        process.exitCode = 1;
+        return;
+    }
+    let verdict;
+    try {
+        verdict = JSON.parse(readFileSync(filePath, "utf-8"));
+    }
+    catch {
+        console.error("Error: invalid JSON");
+        process.exitCode = 1;
+        return;
+    }
+    const categories = buildCategoryMap(verdict);
+    if (format === "json") {
+        console.log(JSON.stringify(categories, null, 2));
+        return;
+    }
+    console.log(`\nFinding Category Map (${verdict.findings.length} findings)`);
+    console.log("═".repeat(65));
+    for (const cat of categories) {
+        const pct = ((cat.count / verdict.findings.length) * 100).toFixed(0);
+        console.log(`\n  ${cat.category.toUpperCase()} (${cat.count} findings, ${pct}%)`);
+        console.log("  " + "─".repeat(60));
+        for (const f of cat.findings.slice(0, 5)) {
+            const rule = f.ruleId.length > 18 ? f.ruleId.slice(0, 18) + "…" : f.ruleId;
+            const title = f.title.length > 35 ? f.title.slice(0, 35) + "…" : f.title;
+            console.log(`    [${f.severity.padEnd(8)}] ${rule.padEnd(20)} ${title}`);
+        }
+        if (cat.findings.length > 5) {
+            console.log(`    ... +${cat.findings.length - 5} more`);
+        }
+    }
+    console.log("\n" + "═".repeat(65));
+}
+//# sourceMappingURL=finding-category-map.js.map

package/dist/commands/finding-category-map.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-category-map.js","sourceRoot":"","sources":["../../src/commands/finding-category-map.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAE9C,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AAWvD,8EAA8E;AAE9E,MAAM,iBAAiB,GAA6B;IAClD,QAAQ,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,SAAS,CAAC;IACtG,WAAW,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,YAAY,EAAE,YAAY,CAAC;IACxF,OAAO,EAAE,CAAC,SAAS,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,CAAC;IAC/E,UAAU,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,CAAC;IACpF,WAAW,EAAE,CAAC,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU,CAAC;IACvF,IAAI,EAAE,CAAC,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,CAAC;CAClE,CAAC;AAEF,SAAS,UAAU,CAAC,MAAc,EAAE,KAAa,EAAE,WAAmB,EAAE,MAAc;IACpF,MAAM,QAAQ,GAAG,GAAG,MAAM,IAAI,KAAK,IAAI,WAAW,IAAI,MAAM,EAAE,CAAC,WAAW,EAAE,CAAC;IAE7E,KAAK,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,iBAAiB,CAAC,EAAE,CAAC;QACrE,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;YACjD,OAAO,QAAQ,CAAC;QAClB,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,+EAA+E;AAE/E,SAAS,gBAAgB,CAAC,OAAwB;IAChD,MAAM,MAAM,GAAG,eAAe,CAAC,SAAS,EAAE,CAAC;IAC3C,MAAM,MAAM,GAAG,IAAI,GAAG,EAAyB,CAAC;IAEhD,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACjC,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC;QACpE,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;QAChD,MAAM,QAAQ,GAAG,UAAU,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;QAEtE,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;QACnF,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC;YAClB,MAAM,EAAE,CAAC,CAAC,MAAM;YAChB,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,QAAQ,EAAE,CAAC,CAAC,CAAC,QAAQ,IAAI,QAAQ,CAAC,CAAC,WAAW,EAAE;SACjD,CAAC,CAAC;QACH,KAAK,CAAC,KAAK,EAAE,CAAC;QACd,MAAM,CAAC,GAAG,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IAC9B,CAAC;IAED,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;AAChE,CAAC;AAED,+EAA+E;AAE/E,MAAM,UAAU,qBAAqB,CAAC,IAAc;IAClD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACvC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,QAAQ,GAAG,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAC9D,MAAM,MAAM,GAAG,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IAE9D,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;CAUf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;QACxC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IACD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,KAAK,CAAC,qBAAqB,QAAQ,EAAE,CAAC,CAAC;QAC/C,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,IAAI,OAAwB,CAAC;IAC7B,IAAI,CAAC;QACH,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;IACxD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACrC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,UAAU,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAE7C,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACjD,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,2BAA2B,OAAO,CAAC,QAAQ,CAAC,MAAM,YAAY,CAAC,CAAC;IAC5E,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAE5B,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;QAC7B,MAAM,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,GAAG,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QACrE,OAAO,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,GAAG,CAAC,KAAK,cAAc,GAAG,IAAI,CAAC,CAAC;QAClF,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAEnC,KAAK,MAAM,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;YACzC,MAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;YAC3E,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;YACzE,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,KAAK,EAAE,CAAC,CAAC;QAC3E,CAAC;QACD,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5B,OAAO,CAAC,GAAG,CAAC,YAAY,GAAG,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,OAAO,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;AACrC,CAAC"}

package/dist/commands/finding-cluster-group.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Finding-cluster-group — Group findings into clusters based on similarity.
+ */
+export declare function runFindingClusterGroup(argv: string[]): void;
+//# sourceMappingURL=finding-cluster-group.d.ts.map

package/dist/commands/finding-cluster-group.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-cluster-group.d.ts","sourceRoot":"","sources":["../../src/commands/finding-cluster-group.ts"],"names":[],"mappings":"AAAA;;GAEG;AAoDH,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CA0E3D"}

package/dist/commands/finding-cluster-group.js

@@ -0,0 +1,106 @@
+/**
+ * Finding-cluster-group — Group findings into clusters based on similarity.
+ */
+import { readFileSync, existsSync } from "fs";
+// ─── Analysis ───────────────────────────────────────────────────────────────
+function clusterFindings(verdict) {
+    const clusters = new Map();
+    for (const f of verdict.findings) {
+        // cluster by rule prefix (e.g., AUTH-001 → AUTH)
+        const prefix = f.ruleId.split("-")[0] || "OTHER";
+        const existing = clusters.get(prefix);
+        if (existing) {
+            existing.findings.push({
+                ruleId: f.ruleId,
+                title: f.title,
+                severity: (f.severity || "medium").toLowerCase(),
+            });
+            existing.count++;
+        }
+        else {
+            clusters.set(prefix, {
+                clusterId: prefix,
+                label: `${prefix} cluster`,
+                findings: [
+                    {
+                        ruleId: f.ruleId,
+                        title: f.title,
+                        severity: (f.severity || "medium").toLowerCase(),
+                    },
+                ],
+                count: 1,
+            });
+        }
+    }
+    return [...clusters.values()].sort((a, b) => b.count - a.count);
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runFindingClusterGroup(argv) {
+    const fileIdx = argv.indexOf("--file");
+    const clusterIdx = argv.indexOf("--cluster");
+    const formatIdx = argv.indexOf("--format");
+    const filePath = fileIdx >= 0 ? argv[fileIdx + 1] : undefined;
+    const clusterFilter = clusterIdx >= 0 ? argv[clusterIdx + 1] : undefined;
+    const format = formatIdx >= 0 ? argv[formatIdx + 1] : "table";
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges finding-cluster-group — Group findings into clusters
+
+Usage:
+  judges finding-cluster-group --file <verdict.json> [--cluster <id>]
+                               [--format table|json]
+
+Options:
+  --file <path>      Path to verdict JSON file (required)
+  --cluster <id>     Filter by cluster ID (e.g., AUTH)
+  --format <fmt>     Output format: table (default), json
+  --help, -h         Show this help
+`);
+        return;
+    }
+    if (!filePath) {
+        console.error("Error: --file required");
+        process.exitCode = 1;
+        return;
+    }
+    if (!existsSync(filePath)) {
+        console.error(`Error: not found: ${filePath}`);
+        process.exitCode = 1;
+        return;
+    }
+    let verdict;
+    try {
+        verdict = JSON.parse(readFileSync(filePath, "utf-8"));
+    }
+    catch {
+        console.error("Error: invalid JSON");
+        process.exitCode = 1;
+        return;
+    }
+    let clusters = clusterFindings(verdict);
+    if (clusterFilter) {
+        clusters = clusters.filter((c) => c.clusterId === clusterFilter);
+    }
+    if (format === "json") {
+        console.log(JSON.stringify(clusters, null, 2));
+        return;
+    }
+    const totalFindings = clusters.reduce((s, c) => s + c.count, 0);
+    console.log(`\nFinding Clusters (${clusters.length} clusters, ${totalFindings} findings)`);
+    console.log("═".repeat(70));
+    for (const cluster of clusters) {
+        const pct = totalFindings > 0 ? ((cluster.count / totalFindings) * 100).toFixed(0) : "0";
+        console.log(`\n  ${cluster.clusterId} (${cluster.count} findings, ${pct}%)`);
+        console.log("  " + "─".repeat(63));
+        for (const f of cluster.findings.slice(0, 5)) {
+            const rule = f.ruleId.length > 18 ? f.ruleId.slice(0, 18) + "…" : f.ruleId;
+            const title = f.title.length > 35 ? f.title.slice(0, 35) + "…" : f.title;
+            console.log(`    [${f.severity.padEnd(8)}] ${rule.padEnd(20)} ${title}`);
+        }
+        if (cluster.findings.length > 5) {
+            console.log(`    ... +${cluster.findings.length - 5} more`);
+        }
+    }
+    console.log("\n" + "═".repeat(70));
+}
+//# sourceMappingURL=finding-cluster-group.js.map

package/dist/commands/finding-cluster-group.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-cluster-group.js","sourceRoot":"","sources":["../../src/commands/finding-cluster-group.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAY9C,+EAA+E;AAE/E,SAAS,eAAe,CAAC,OAAwB;IAC/C,MAAM,QAAQ,GAAG,IAAI,GAAG,EAA0B,CAAC;IAEnD,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACjC,iDAAiD;QACjD,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC;QACjD,MAAM,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAEtC,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC;gBACrB,MAAM,EAAE,CAAC,CAAC,MAAM;gBAChB,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,QAAQ,EAAE,CAAC,CAAC,CAAC,QAAQ,IAAI,QAAQ,CAAC,CAAC,WAAW,EAAE;aACjD,CAAC,CAAC;YACH,QAAQ,CAAC,KAAK,EAAE,CAAC;QACnB,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,GAAG,CAAC,MAAM,EAAE;gBACnB,SAAS,EAAE,MAAM;gBACjB,KAAK,EAAE,GAAG,MAAM,UAAU;gBAC1B,QAAQ,EAAE;oBACR;wBACE,MAAM,EAAE,CAAC,CAAC,MAAM;wBAChB,KAAK,EAAE,CAAC,CAAC,KAAK;wBACd,QAAQ,EAAE,CAAC,CAAC,CAAC,QAAQ,IAAI,QAAQ,CAAC,CAAC,WAAW,EAAE;qBACjD;iBACF;gBACD,KAAK,EAAE,CAAC;aACT,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;AAClE,CAAC;AAED,+EAA+E;AAE/E,MAAM,UAAU,sBAAsB,CAAC,IAAc;IACnD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACvC,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,QAAQ,GAAG,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAC9D,MAAM,aAAa,GAAG,UAAU,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IACzE,MAAM,MAAM,GAAG,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IAE9D,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;CAYf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;QACxC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IACD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,KAAK,CAAC,qBAAqB,QAAQ,EAAE,CAAC,CAAC;QAC/C,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,IAAI,OAAwB,CAAC;IAC7B,IAAI,CAAC;QACH,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;IACxD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACrC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,IAAI,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;IACxC,IAAI,aAAa,EAAE,CAAC;QAClB,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,aAAa,CAAC,CAAC;IACnE,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC/C,OAAO;IACT,CAAC;IAED,MAAM,aAAa,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IAChE,OAAO,CAAC,GAAG,CAAC,uBAAuB,QAAQ,CAAC,MAAM,cAAc,aAAa,YAAY,CAAC,CAAC;IAC3F,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAE5B,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,GAAG,GAAG,aAAa,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,GAAG,aAAa,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QACzF,OAAO,CAAC,GAAG,CAAC,OAAO,OAAO,CAAC,SAAS,KAAK,OAAO,CAAC,KAAK,cAAc,GAAG,IAAI,CAAC,CAAC;QAC7E,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAEnC,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;YAC7C,MAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;YAC3E,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;YACzE,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,KAAK,EAAE,CAAC,CAAC;QAC3E,CAAC;QACD,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,OAAO,CAAC,GAAG,CAAC,YAAY,OAAO,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,OAAO,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;AACrC,CAAC"}

package/dist/commands/finding-dedup-report.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Finding-dedup-report — Generate a deduplicated findings report.
+ */
+export declare function runFindingDedupReport(argv: string[]): void;
+//# sourceMappingURL=finding-dedup-report.d.ts.map

package/dist/commands/finding-dedup-report.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-dedup-report.d.ts","sourceRoot":"","sources":["../../src/commands/finding-dedup-report.ts"],"names":[],"mappings":"AAAA;;GAEG;AA+DH,wBAAgB,qBAAqB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAmE1D"}

package/dist/commands/finding-dedup-report.js

@@ -0,0 +1,102 @@
+/**
+ * Finding-dedup-report — Generate a deduplicated findings report.
+ */
+import { readFileSync, existsSync } from "fs";
+// ─── Analysis ───────────────────────────────────────────────────────────────
+function deduplicateFindings(verdict) {
+    const grouped = new Map();
+    for (const f of verdict.findings) {
+        const existing = grouped.get(f.ruleId);
+        if (existing) {
+            existing.occurrences++;
+            const newLines = f.lineNumbers || [];
+            for (const ln of newLines) {
+                if (!existing.lineNumbers.includes(ln)) {
+                    existing.lineNumbers.push(ln);
+                }
+            }
+        }
+        else {
+            grouped.set(f.ruleId, {
+                title: f.title,
+                severity: (f.severity || "medium").toLowerCase(),
+                occurrences: 1,
+                lineNumbers: [...(f.lineNumbers || [])],
+            });
+        }
+    }
+    const findings = [...grouped.entries()]
+        .map(([ruleId, data]) => ({
+        ruleId,
+        title: data.title,
+        severity: data.severity,
+        occurrences: data.occurrences,
+        lineNumbers: data.lineNumbers.sort((a, b) => a - b),
+    }))
+        .sort((a, b) => b.occurrences - a.occurrences);
+    return {
+        uniqueFindings: findings.length,
+        duplicatesRemoved: verdict.findings.length - findings.length,
+        findings,
+    };
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runFindingDedupReport(argv) {
+    const fileIdx = argv.indexOf("--file");
+    const formatIdx = argv.indexOf("--format");
+    const filePath = fileIdx >= 0 ? argv[fileIdx + 1] : undefined;
+    const format = formatIdx >= 0 ? argv[formatIdx + 1] : "table";
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges finding-dedup-report — Deduplicated findings report
+
+Usage:
+  judges finding-dedup-report --file <verdict.json> [--format table|json]
+
+Options:
+  --file <path>      Path to verdict JSON file (required)
+  --format <fmt>     Output format: table (default), json
+  --help, -h         Show this help
+`);
+        return;
+    }
+    if (!filePath) {
+        console.error("Error: --file required");
+        process.exitCode = 1;
+        return;
+    }
+    if (!existsSync(filePath)) {
+        console.error(`Error: not found: ${filePath}`);
+        process.exitCode = 1;
+        return;
+    }
+    let verdict;
+    try {
+        verdict = JSON.parse(readFileSync(filePath, "utf-8"));
+    }
+    catch {
+        console.error("Error: invalid JSON");
+        process.exitCode = 1;
+        return;
+    }
+    const result = deduplicateFindings(verdict);
+    if (format === "json") {
+        console.log(JSON.stringify(result, null, 2));
+        return;
+    }
+    console.log(`\nDeduplicated Findings Report`);
+    console.log("═".repeat(70));
+    console.log(`  Original: ${verdict.findings.length}  →  Unique: ${result.uniqueFindings}  (removed: ${result.duplicatesRemoved})`);
+    console.log("─".repeat(70));
+    console.log(`${"Rule".padEnd(20)} ${"Severity".padEnd(10)} ${"Occurs".padEnd(8)} ${"Lines".padEnd(15)} Title`);
+    console.log("─".repeat(70));
+    for (const f of result.findings) {
+        const rule = f.ruleId.length > 18 ? f.ruleId.slice(0, 18) + "…" : f.ruleId;
+        const title = f.title.length > 20 ? f.title.slice(0, 20) + "…" : f.title;
+        const lines = f.lineNumbers.length > 0 ? f.lineNumbers.slice(0, 3).join(",") : "—";
+        const linesStr = f.lineNumbers.length > 3 ? lines + "…" : lines;
+        console.log(`${rule.padEnd(20)} ${f.severity.padEnd(10)} ${String(f.occurrences).padEnd(8)} ${linesStr.padEnd(15)} ${title}`);
+    }
+    console.log("═".repeat(70));
+}
+//# sourceMappingURL=finding-dedup-report.js.map

package/dist/commands/finding-dedup-report.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-dedup-report.js","sourceRoot":"","sources":["../../src/commands/finding-dedup-report.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAiB9C,+EAA+E;AAE/E,SAAS,mBAAmB,CAAC,OAAwB;IACnD,MAAM,OAAO,GAAG,IAAI,GAAG,EAA2F,CAAC;IAEnH,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACjC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QACvC,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,WAAW,EAAE,CAAC;YACvB,MAAM,QAAQ,GAAG,CAAC,CAAC,WAAW,IAAI,EAAE,CAAC;YACrC,KAAK,MAAM,EAAE,IAAI,QAAQ,EAAE,CAAC;gBAC1B,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC;oBACvC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAChC,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE;gBACpB,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,QAAQ,EAAE,CAAC,CAAC,CAAC,QAAQ,IAAI,QAAQ,CAAC,CAAC,WAAW,EAAE;gBAChD,WAAW,EAAE,CAAC;gBACd,WAAW,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;aACxC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,CAAC,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC;SACpC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;QACxB,MAAM;QACN,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,WAAW,EAAE,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC;KACpD,CAAC,CAAC;SACF,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,GAAG,CAAC,CAAC,WAAW,CAAC,CAAC;IAEjD,OAAO;QACL,cAAc,EAAE,QAAQ,CAAC,MAAM;QAC/B,iBAAiB,EAAE,OAAO,CAAC,QAAQ,CAAC,MAAM,GAAG,QAAQ,CAAC,MAAM;QAC5D,QAAQ;KACT,CAAC;AACJ,CAAC;AAED,+EAA+E;AAE/E,MAAM,UAAU,qBAAqB,CAAC,IAAc;IAClD,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACvC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,QAAQ,GAAG,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;IAC9D,MAAM,MAAM,GAAG,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IAE9D,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;CAUf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;QACxC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IACD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,KAAK,CAAC,qBAAqB,QAAQ,EAAE,CAAC,CAAC;QAC/C,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,IAAI,OAAwB,CAAC;IAC7B,IAAI,CAAC;QACH,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;IACxD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;QACrC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;IAE5C,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7C,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC;IAC9C,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5B,OAAO,CAAC,GAAG,CACT,eAAe,OAAO,CAAC,QAAQ,CAAC,MAAM,gBAAgB,MAAM,CAAC,cAAc,eAAe,MAAM,CAAC,iBAAiB,GAAG,CACtH,CAAC;IACF,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5B,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC;IAC/G,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAE5B,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QAChC,MAAM,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;QAC3E,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;QACzE,MAAM,KAAK,GAAG,CAAC,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QACnF,MAAM,QAAQ,GAAG,CAAC,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC;QAChE,OAAO,CAAC,GAAG,CACT,GAAG,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,KAAK,EAAE,CACjH,CAAC;IACJ,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;AAC9B,CAAC"}

package/dist/commands/finding-evidence-collect.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Finding-evidence-collect — Collect evidence for findings from source files.
+ */
+export declare function runFindingEvidenceCollect(argv: string[]): void;
+//# sourceMappingURL=finding-evidence-collect.d.ts.map

package/dist/commands/finding-evidence-collect.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-evidence-collect.d.ts","sourceRoot":"","sources":["../../src/commands/finding-evidence-collect.ts"],"names":[],"mappings":"AAAA;;GAEG;AA2DH,wBAAgB,yBAAyB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAgF9D"}

package/dist/commands/finding-evidence-collect.js

@@ -0,0 +1,115 @@
+/**
+ * Finding-evidence-collect — Collect evidence for findings from source files.
+ */
+import { readFileSync, existsSync } from "fs";
+// ─── Analysis ───────────────────────────────────────────────────────────────
+function collectEvidence(verdict, sourceFile) {
+    const items = [];
+    let sourceLines = [];
+    if (sourceFile && existsSync(sourceFile)) {
+        sourceLines = readFileSync(sourceFile, "utf-8").split("\n");
+    }
+    for (const f of verdict.findings) {
+        const lines = f.lineNumbers || [];
+        let snippet = "";
+        if (sourceLines.length > 0 && lines.length > 0) {
+            const contextLines = 2;
+            const startLine = Math.max(0, lines[0] - 1 - contextLines);
+            const endLine = Math.min(sourceLines.length, lines[lines.length - 1] + contextLines);
+            snippet = sourceLines
+                .slice(startLine, endLine)
+                .map((l, i) => {
+                const lineNum = startLine + i + 1;
+                const marker = lines.includes(lineNum) ? ">>>" : "   ";
+                return `${marker} ${String(lineNum).padStart(4)}: ${l}`;
+            })
+                .join("\n");
+        }
+        items.push({
+            ruleId: f.ruleId,
+            title: f.title,
+            severity: (f.severity || "medium").toLowerCase(),
+            lineNumbers: lines,
+            codeSnippet: snippet,
+            recommendation: f.recommendation,
+        });
+    }
+    return items;
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runFindingEvidenceCollect(argv) {
+    const fileIdx = argv.indexOf("--file");
+    const sourceIdx = argv.indexOf("--source");
+    const ruleIdx = argv.indexOf("--rule");
+    const formatIdx = argv.indexOf("--format");
+    const filePath = fileIdx >= 0 ? argv[fileIdx + 1] : undefined;
+    const sourceFile = sourceIdx >= 0 ? argv[sourceIdx + 1] : undefined;
+    const ruleFilter = ruleIdx >= 0 ? argv[ruleIdx + 1] : undefined;
+    const format = formatIdx >= 0 ? argv[formatIdx + 1] : "table";
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges finding-evidence-collect — Collect evidence for findings
+
+Usage:
+  judges finding-evidence-collect --file <verdict.json> [--source <src.ts>]
+                                  [--rule <id>] [--format table|json]
+
+Options:
+  --file <path>      Path to verdict JSON file (required)
+  --source <path>    Source file for code snippets
+  --rule <id>        Filter by rule ID
+  --format <fmt>     Output format: table (default), json
+  --help, -h         Show this help
+`);
+        return;
+    }
+    if (!filePath) {
+        console.error("Error: --file required");
+        process.exitCode = 1;
+        return;
+    }
+    if (!existsSync(filePath)) {
+        console.error(`Error: not found: ${filePath}`);
+        process.exitCode = 1;
+        return;
+    }
+    let verdict;
+    try {
+        verdict = JSON.parse(readFileSync(filePath, "utf-8"));
+    }
+    catch {
+        console.error("Error: invalid JSON");
+        process.exitCode = 1;
+        return;
+    }
+    let items = collectEvidence(verdict, sourceFile);
+    if (ruleFilter) {
+        items = items.filter((i) => i.ruleId.includes(ruleFilter));
+    }
+    if (format === "json") {
+        console.log(JSON.stringify(items, null, 2));
+        return;
+    }
+    console.log(`\nEvidence Collection (${items.length} findings)`);
+    console.log("═".repeat(70));
+    for (const item of items) {
+        console.log(`\n  [${item.severity.toUpperCase()}] ${item.ruleId}: ${item.title}`);
+        if (item.lineNumbers.length > 0) {
+            console.log(`  Lines: ${item.lineNumbers.join(", ")}`);
+        }
+        if (item.codeSnippet) {
+            console.log("  Code:");
+            for (const line of item.codeSnippet.split("\n").slice(0, 8)) {
+                console.log(`    ${line}`);
+            }
+            const snippetLines = item.codeSnippet.split("\n").length;
+            if (snippetLines > 8) {
+                console.log(`    ... +${snippetLines - 8} more lines`);
+            }
+        }
+        console.log(`  Recommendation: ${item.recommendation.slice(0, 80)}`);
+        console.log("  " + "─".repeat(65));
+    }
+    console.log("═".repeat(70));
+}
+//# sourceMappingURL=finding-evidence-collect.js.map