@kevinrabun/judges 3.96.0 → 3.98.0

package/dist/commands/finding-annotation-layer.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Finding-annotation-layer — Add contextual annotations to findings.
+ */
+export declare function runFindingAnnotationLayer(argv: string[]): void;
+//# sourceMappingURL=finding-annotation-layer.d.ts.map

package/dist/commands/finding-annotation-layer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-annotation-layer.d.ts","sourceRoot":"","sources":["../../src/commands/finding-annotation-layer.ts"],"names":[],"mappings":"AAAA;;GAEG;AAsBH,wBAAgB,yBAAyB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAwI9D"}

package/dist/commands/finding-annotation-layer.js

@@ -0,0 +1,129 @@
+/**
+ * Finding-annotation-layer — Add contextual annotations to findings.
+ */
+import { readFileSync, writeFileSync, existsSync } from "fs";
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runFindingAnnotationLayer(argv) {
+    const storeIdx = argv.indexOf("--store");
+    const storePath = storeIdx >= 0 ? argv[storeIdx + 1] : ".judges-annotations.json";
+    const formatIdx = argv.indexOf("--format");
+    const format = formatIdx >= 0 ? argv[formatIdx + 1] : "table";
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges finding-annotation-layer — Add annotations to findings
+
+Usage:
+  judges finding-annotation-layer [--store <path>]
+    [--annotate <ruleId> --note <text> --author <name> --type <type>]
+    [--report <path>] [--remove <ruleId>] [--format table|json]
+
+Options:
+  --store <path>     Annotation store (default: .judges-annotations.json)
+  --annotate <rule>  Add annotation for ruleId
+  --note <text>      Annotation text
+  --author <name>    Author name
+  --type <type>      Type: context, false-positive, accepted-risk, defer
+  --report <path>    Overlay annotations onto report findings
+  --remove <rule>    Remove annotations for ruleId
+  --format <fmt>     Output format: table (default), json
+  --help, -h         Show this help
+`);
+        return;
+    }
+    let store;
+    if (existsSync(storePath)) {
+        store = JSON.parse(readFileSync(storePath, "utf-8"));
+    }
+    else {
+        store = { annotations: [], lastUpdated: new Date().toISOString().split("T")[0] };
+    }
+    // Add annotation
+    const annotateIdx = argv.indexOf("--annotate");
+    if (annotateIdx >= 0) {
+        const ruleId = argv[annotateIdx + 1];
+        const noteIdx = argv.indexOf("--note");
+        const authorIdx = argv.indexOf("--author");
+        const typeIdx = argv.indexOf("--type");
+        const annotation = {
+            ruleId,
+            note: noteIdx >= 0 ? argv[noteIdx + 1] : "",
+            author: authorIdx >= 0 ? argv[authorIdx + 1] : "unknown",
+            type: (typeIdx >= 0 ? argv[typeIdx + 1] : "context"),
+            createdAt: new Date().toISOString().split("T")[0],
+        };
+        store.annotations.push(annotation);
+        store.lastUpdated = new Date().toISOString().split("T")[0];
+        writeFileSync(storePath, JSON.stringify(store, null, 2));
+        console.log(`Annotation added for: ${ruleId}`);
+        return;
+    }
+    // Remove annotations
+    const removeIdx = argv.indexOf("--remove");
+    if (removeIdx >= 0) {
+        const ruleId = argv[removeIdx + 1];
+        const before = store.annotations.length;
+        store.annotations = store.annotations.filter((a) => a.ruleId !== ruleId);
+        store.lastUpdated = new Date().toISOString().split("T")[0];
+        writeFileSync(storePath, JSON.stringify(store, null, 2));
+        console.log(`Removed ${before - store.annotations.length} annotation(s) for: ${ruleId}`);
+        return;
+    }
+    // Overlay on report
+    const reportIdx = argv.indexOf("--report");
+    if (reportIdx >= 0) {
+        const reportPath = argv[reportIdx + 1];
+        if (!existsSync(reportPath)) {
+            console.error(`Report not found: ${reportPath}`);
+            process.exitCode = 1;
+            return;
+        }
+        const report = JSON.parse(readFileSync(reportPath, "utf-8"));
+        const findings = report.findings ?? [];
+        const annotated = findings.map((f) => {
+            const matching = store.annotations.filter((a) => a.ruleId === f.ruleId);
+            return {
+                ruleId: f.ruleId,
+                title: f.title,
+                severity: f.severity,
+                annotations: matching,
+            };
+        });
+        if (format === "json") {
+            console.log(JSON.stringify(annotated, null, 2));
+            return;
+        }
+        console.log(`\nAnnotated Findings`);
+        console.log("═".repeat(65));
+        for (const af of annotated) {
+            console.log(`  ${af.ruleId} [${af.severity}] — ${af.title}`);
+            if (af.annotations.length > 0) {
+                for (const a of af.annotations) {
+                    console.log(`    [${a.type}] ${a.note} (by ${a.author}, ${a.createdAt})`);
+                }
+            }
+            else {
+                console.log("    (no annotations)");
+            }
+        }
+        console.log("═".repeat(65));
+        return;
+    }
+    // List all annotations
+    if (format === "json") {
+        console.log(JSON.stringify(store, null, 2));
+        return;
+    }
+    console.log(`\nFinding Annotations`);
+    console.log("═".repeat(65));
+    if (store.annotations.length === 0) {
+        console.log("  No annotations. Use --annotate <ruleId> to add one.");
+    }
+    else {
+        for (const a of store.annotations) {
+            console.log(`  ${a.ruleId.padEnd(25)} [${a.type}]`);
+            console.log(`    ${a.note} — ${a.author} (${a.createdAt})`);
+        }
+    }
+    console.log("═".repeat(65));
+}
+//# sourceMappingURL=finding-annotation-layer.js.map

package/dist/commands/finding-annotation-layer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-annotation-layer.js","sourceRoot":"","sources":["../../src/commands/finding-annotation-layer.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAkB7D,+EAA+E;AAE/E,MAAM,UAAU,yBAAyB,CAAC,IAAc;IACtD,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACzC,MAAM,SAAS,GAAG,QAAQ,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,0BAA0B,CAAC;IAClF,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IAE9D,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;CAkBf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,IAAI,KAAsB,CAAC;IAC3B,IAAI,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC1B,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAoB,CAAC;IAC1E,CAAC;SAAM,CAAC;QACN,KAAK,GAAG,EAAE,WAAW,EAAE,EAAE,EAAE,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IACnF,CAAC;IAED,iBAAiB;IACjB,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;IAC/C,IAAI,WAAW,IAAI,CAAC,EAAE,CAAC;QACrB,MAAM,MAAM,GAAG,IAAI,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC;QACrC,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QACvC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAC3C,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAEvC,MAAM,UAAU,GAAe;YAC7B,MAAM;YACN,IAAI,EAAE,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE;YAC3C,MAAM,EAAE,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS;YACxD,IAAI,EAAE,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAuB;YAC1E,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;SAClD,CAAC;QAEF,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACnC,KAAK,CAAC,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC3D,aAAa,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACzD,OAAO,CAAC,GAAG,CAAC,yBAAyB,MAAM,EAAE,CAAC,CAAC;QAC/C,OAAO;IACT,CAAC;IAED,qBAAqB;IACrB,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC;QACnB,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;QACnC,MAAM,MAAM,GAAG,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC;QACxC,KAAK,CAAC,WAAW,GAAG,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC;QACzE,KAAK,CAAC,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC3D,aAAa,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACzD,OAAO,CAAC,GAAG,CAAC,WAAW,MAAM,GAAG,KAAK,CAAC,WAAW,CAAC,MAAM,uBAAuB,MAAM,EAAE,CAAC,CAAC;QACzF,OAAO;IACT,CAAC;IAED,oBAAoB;IACpB,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC;QACnB,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;QACvC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC5B,OAAO,CAAC,KAAK,CAAC,qBAAqB,UAAU,EAAE,CAAC,CAAC;YACjD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;YACrB,OAAO;QACT,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAA6B,CAAC;QACzF,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC;QAEvC,MAAM,SAAS,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACnC,MAAM,QAAQ,GAAG,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC;YACxE,OAAO;gBACL,MAAM,EAAE,CAAC,CAAC,MAAM;gBAChB,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,WAAW,EAAE,QAAQ;aACtB,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAChD,OAAO;QACT,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAE5B,KAAK,MAAM,EAAE,IAAI,SAAS,EAAE,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,MAAM,KAAK,EAAE,CAAC,QAAQ,OAAO,EAAE,CAAC,KAAK,EAAE,CAAC,CAAC;YAC7D,IAAI,EAAE,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC9B,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;oBAC/B,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,IAAI,QAAQ,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC;gBAC5E,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;YACtC,CAAC;QACH,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAC5B,OAAO;IACT,CAAC;IAED,uBAAuB;IACvB,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC5C,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;IACrC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAE5B,IAAI,KAAK,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,uDAAuD,CAAC,CAAC;IACvE,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,WAAW,EAAE,CAAC;YAClC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC;YACpD,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,IAAI,MAAM,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;AAC9B,CAAC"}

package/dist/commands/finding-cwe-lookup.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Finding-cwe-lookup — Look up CWE details for finding rule IDs.
+ */
+export declare function runFindingCweLookup(argv: string[]): void;
+//# sourceMappingURL=finding-cwe-lookup.d.ts.map

package/dist/commands/finding-cwe-lookup.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-cwe-lookup.d.ts","sourceRoot":"","sources":["../../src/commands/finding-cwe-lookup.ts"],"names":[],"mappings":"AAAA;;GAEG;AA8EH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CA0FxD"}

package/dist/commands/finding-cwe-lookup.js

@@ -0,0 +1,149 @@
+/**
+ * Finding-cwe-lookup — Look up CWE details for finding rule IDs.
+ */
+import { readFileSync, existsSync } from "fs";
+// ─── CWE database (embedded subset) ────────────────────────────────────────
+const CWE_DB = {
+    "sql-injection": {
+        id: "CWE-89",
+        name: "SQL Injection",
+        description: "Improper neutralization of special elements used in an SQL command",
+        mitigation: "Use parameterized queries or prepared statements",
+    },
+    xss: {
+        id: "CWE-79",
+        name: "Cross-site Scripting",
+        description: "Improper neutralization of input during web page generation",
+        mitigation: "Sanitize output and use Content Security Policy",
+    },
+    "path-traversal": {
+        id: "CWE-22",
+        name: "Path Traversal",
+        description: "Improper limitation of a pathname to a restricted directory",
+        mitigation: "Validate and canonicalize file paths",
+    },
+    "command-injection": {
+        id: "CWE-78",
+        name: "OS Command Injection",
+        description: "Improper neutralization of special elements used in an OS command",
+        mitigation: "Avoid shell commands; use safe APIs",
+    },
+    "hardcoded-secret": {
+        id: "CWE-798",
+        name: "Hardcoded Credentials",
+        description: "Use of hard-coded credentials in source code",
+        mitigation: "Use environment variables or secret managers",
+    },
+    "insecure-deserialization": {
+        id: "CWE-502",
+        name: "Insecure Deserialization",
+        description: "Deserialization of untrusted data",
+        mitigation: "Validate serialized data or use safe alternatives",
+    },
+    "broken-auth": {
+        id: "CWE-287",
+        name: "Improper Authentication",
+        description: "Missing or improper authentication mechanism",
+        mitigation: "Implement robust authentication with MFA",
+    },
+    ssrf: {
+        id: "CWE-918",
+        name: "Server-Side Request Forgery",
+        description: "Server-side request to unintended location",
+        mitigation: "Validate and restrict outbound requests",
+    },
+    "open-redirect": {
+        id: "CWE-601",
+        name: "Open Redirect",
+        description: "URL redirection to untrusted site",
+        mitigation: "Validate redirect URLs against allowlist",
+    },
+    xxe: {
+        id: "CWE-611",
+        name: "XML External Entities",
+        description: "Improper restriction of XML external entity reference",
+        mitigation: "Disable external entity processing",
+    },
+};
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runFindingCweLookup(argv) {
+    const reportIdx = argv.indexOf("--report");
+    const ruleIdx = argv.indexOf("--rule");
+    const formatIdx = argv.indexOf("--format");
+    const format = formatIdx >= 0 ? argv[formatIdx + 1] : "table";
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges finding-cwe-lookup — Look up CWE details for findings
+
+Usage:
+  judges finding-cwe-lookup [--report <path>] [--rule <ruleId>]
+                            [--format table|json]
+
+Options:
+  --report <path>  Report file to look up CWEs for all findings
+  --rule <ruleId>  Look up a single rule ID
+  --format <fmt>   Output format: table (default), json
+  --help, -h       Show this help
+`);
+        return;
+    }
+    // Single rule lookup
+    if (ruleIdx >= 0) {
+        const ruleId = argv[ruleIdx + 1];
+        const key = ruleId.split("/").pop() ?? ruleId;
+        const cwe = CWE_DB[key] ?? null;
+        if (format === "json") {
+            console.log(JSON.stringify({ ruleId, cwe }, null, 2));
+        }
+        else if (cwe !== null) {
+            console.log(`\n  ${cwe.id}: ${cwe.name}`);
+            console.log(`  ${cwe.description}`);
+            console.log(`  Mitigation: ${cwe.mitigation}`);
+        }
+        else {
+            console.log(`  No CWE mapping found for: ${ruleId}`);
+        }
+        return;
+    }
+    // Report lookup
+    if (reportIdx < 0) {
+        console.error("Supply --report <path> or --rule <ruleId>");
+        process.exitCode = 1;
+        return;
+    }
+    const reportPath = argv[reportIdx + 1];
+    if (!existsSync(reportPath)) {
+        console.error(`Report not found: ${reportPath}`);
+        process.exitCode = 1;
+        return;
+    }
+    const report = JSON.parse(readFileSync(reportPath, "utf-8"));
+    const findings = report.findings ?? [];
+    const results = findings.map((f) => {
+        const key = f.ruleId.split("/").pop() ?? f.ruleId;
+        return { ruleId: f.ruleId, title: f.title, cwe: CWE_DB[key] ?? null };
+    });
+    if (format === "json") {
+        console.log(JSON.stringify(results, null, 2));
+        return;
+    }
+    console.log(`\nCWE Lookup`);
+    console.log("═".repeat(70));
+    const mapped = results.filter((r) => r.cwe !== null);
+    const unmapped = results.filter((r) => r.cwe === null);
+    if (mapped.length > 0) {
+        console.log("  Mapped:");
+        for (const r of mapped) {
+            console.log(`    ${r.ruleId.padEnd(25)} → ${r.cwe.id} (${r.cwe.name})`);
+        }
+    }
+    if (unmapped.length > 0) {
+        console.log("  No CWE mapping:");
+        for (const r of unmapped) {
+            console.log(`    ${r.ruleId.padEnd(25)} ${r.title}`);
+        }
+    }
+    console.log(`\n  Coverage: ${mapped.length}/${results.length} findings mapped to CWEs`);
+    console.log("═".repeat(70));
+}
+//# sourceMappingURL=finding-cwe-lookup.js.map

package/dist/commands/finding-cwe-lookup.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-cwe-lookup.js","sourceRoot":"","sources":["../../src/commands/finding-cwe-lookup.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAG9C,8EAA8E;AAE9E,MAAM,MAAM,GAA0F;IACpG,eAAe,EAAE;QACf,EAAE,EAAE,QAAQ;QACZ,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,oEAAoE;QACjF,UAAU,EAAE,kDAAkD;KAC/D;IACD,GAAG,EAAE;QACH,EAAE,EAAE,QAAQ;QACZ,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,6DAA6D;QAC1E,UAAU,EAAE,iDAAiD;KAC9D;IACD,gBAAgB,EAAE;QAChB,EAAE,EAAE,QAAQ;QACZ,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,6DAA6D;QAC1E,UAAU,EAAE,sCAAsC;KACnD;IACD,mBAAmB,EAAE;QACnB,EAAE,EAAE,QAAQ;QACZ,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,mEAAmE;QAChF,UAAU,EAAE,qCAAqC;KAClD;IACD,kBAAkB,EAAE;QAClB,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,8CAA8C;QAC3D,UAAU,EAAE,8CAA8C;KAC3D;IACD,0BAA0B,EAAE;QAC1B,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,mCAAmC;QAChD,UAAU,EAAE,mDAAmD;KAChE;IACD,aAAa,EAAE;QACb,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,8CAA8C;QAC3D,UAAU,EAAE,0CAA0C;KACvD;IACD,IAAI,EAAE;QACJ,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,6BAA6B;QACnC,WAAW,EAAE,4CAA4C;QACzD,UAAU,EAAE,yCAAyC;KACtD;IACD,eAAe,EAAE;QACf,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,mCAAmC;QAChD,UAAU,EAAE,0CAA0C;KACvD;IACD,GAAG,EAAE;QACH,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,uDAAuD;QACpE,UAAU,EAAE,oCAAoC;KACjD;CACF,CAAC;AAQF,+EAA+E;AAE/E,MAAM,UAAU,mBAAmB,CAAC,IAAc;IAChD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACvC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IAE9D,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;CAYf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,qBAAqB;IACrB,IAAI,OAAO,IAAI,CAAC,EAAE,CAAC;QACjB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC;QACjC,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,MAAM,CAAC;QAC9C,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;QAEhC,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACxD,CAAC;aAAM,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YAC1C,OAAO,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC;YACpC,OAAO,CAAC,GAAG,CAAC,iBAAiB,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;QACjD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,+BAA+B,MAAM,EAAE,CAAC,CAAC;QACvD,CAAC;QACD,OAAO;IACT,CAAC;IAED,gBAAgB;IAChB,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC3D,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;IACvC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,qBAAqB,UAAU,EAAE,CAAC,CAAC;QACjD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAA6B,CAAC;IACzF,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC;IAEvC,MAAM,OAAO,GAAsB,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QACpD,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,MAAM,CAAC;QAClD,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC;IACxE,CAAC,CAAC,CAAC;IAEH,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC9C,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAC5B,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAE5B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,IAAI,CAAC,CAAC;IACrD,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,IAAI,CAAC,CAAC;IAEvD,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACzB,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,GAAI,CAAC,EAAE,KAAK,CAAC,CAAC,GAAI,CAAC,IAAI,GAAG,CAAC,CAAC;QAC5E,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QACjC,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;QACvD,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,iBAAiB,MAAM,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,0BAA0B,CAAC,CAAC;IACxF,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;AAC9B,CAAC"}

package/dist/commands/finding-duplicate-detect.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Finding-duplicate-detect — Detect duplicate or near-duplicate findings.
+ */
+export declare function runFindingDuplicateDetect(argv: string[]): void;
+//# sourceMappingURL=finding-duplicate-detect.d.ts.map

package/dist/commands/finding-duplicate-detect.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-duplicate-detect.d.ts","sourceRoot":"","sources":["../../src/commands/finding-duplicate-detect.ts"],"names":[],"mappings":"AAAA;;GAEG;AAgBH,wBAAgB,yBAAyB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CA+G9D"}

package/dist/commands/finding-duplicate-detect.js

@@ -0,0 +1,114 @@
+/**
+ * Finding-duplicate-detect — Detect duplicate or near-duplicate findings.
+ */
+import { readFileSync, existsSync } from "fs";
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runFindingDuplicateDetect(argv) {
+    const reportIdx = argv.indexOf("--report");
+    const thresholdIdx = argv.indexOf("--threshold");
+    const formatIdx = argv.indexOf("--format");
+    const format = formatIdx >= 0 ? argv[formatIdx + 1] : "table";
+    const threshold = thresholdIdx >= 0 ? parseFloat(argv[thresholdIdx + 1]) : 0.8;
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges finding-duplicate-detect — Detect duplicate findings
+
+Usage:
+  judges finding-duplicate-detect --report <path> [--threshold <n>]
+                                  [--format table|json]
+
+Options:
+  --report <path>     Report file with findings
+  --threshold <n>     Similarity threshold 0-1 (default: 0.8)
+  --format <fmt>      Output format: table (default), json
+  --help, -h          Show this help
+`);
+        return;
+    }
+    if (reportIdx < 0) {
+        console.error("Missing --report <path>");
+        process.exitCode = 1;
+        return;
+    }
+    const reportPath = argv[reportIdx + 1];
+    if (!existsSync(reportPath)) {
+        console.error(`Report not found: ${reportPath}`);
+        process.exitCode = 1;
+        return;
+    }
+    const report = JSON.parse(readFileSync(reportPath, "utf-8"));
+    const findings = report.findings ?? [];
+    if (findings.length < 2) {
+        console.log("Need at least 2 findings to detect duplicates.");
+        return;
+    }
+    // Group by exact ruleId match first
+    const ruleGroups = {};
+    for (let i = 0; i < findings.length; i++) {
+        const key = findings[i].ruleId;
+        if (ruleGroups[key] === undefined) {
+            ruleGroups[key] = [];
+        }
+        ruleGroups[key].push(i);
+    }
+    // Then check title similarity within different rules
+    const duplicates = [];
+    // Exact rule duplicates
+    for (const [ruleId, indices] of Object.entries(ruleGroups)) {
+        if (indices.length > 1) {
+            duplicates.push({
+                representativeRule: ruleId,
+                title: findings[indices[0]].title,
+                count: indices.length,
+                indices,
+            });
+        }
+    }
+    // Near-duplicate by title similarity across different rules
+    const checked = new Set();
+    for (let i = 0; i < findings.length; i++) {
+        for (let j = i + 1; j < findings.length; j++) {
+            if (findings[i].ruleId === findings[j].ruleId)
+                continue;
+            const key = `${i}:${j}`;
+            if (checked.has(key))
+                continue;
+            checked.add(key);
+            const sim = jaccardSimilarity(findings[i].title, findings[j].title);
+            if (sim >= threshold) {
+                duplicates.push({
+                    representativeRule: `${findings[i].ruleId} ~ ${findings[j].ruleId}`,
+                    title: findings[i].title,
+                    count: 2,
+                    indices: [i, j],
+                });
+            }
+        }
+    }
+    if (format === "json") {
+        console.log(JSON.stringify({ threshold, duplicates }, null, 2));
+        return;
+    }
+    console.log(`\nDuplicate Detection (threshold: ${threshold})`);
+    console.log("═".repeat(65));
+    if (duplicates.length === 0) {
+        console.log("  No duplicates detected.");
+    }
+    else {
+        for (const d of duplicates) {
+            console.log(`  [${d.count}x] ${d.representativeRule}`);
+            console.log(`    "${d.title}"`);
+            console.log(`    Indices: ${d.indices.join(", ")}`);
+        }
+    }
+    console.log(`\n  Total findings: ${findings.length} | Duplicate groups: ${duplicates.length}`);
+    console.log("═".repeat(65));
+}
+function jaccardSimilarity(a, b) {
+    const setA = new Set(a.toLowerCase().split(/\s+/));
+    const setB = new Set(b.toLowerCase().split(/\s+/));
+    const intersection = new Set([...setA].filter((x) => setB.has(x)));
+    const union = new Set([...setA, ...setB]);
+    return union.size === 0 ? 0 : intersection.size / union.size;
+}
+//# sourceMappingURL=finding-duplicate-detect.js.map

package/dist/commands/finding-duplicate-detect.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-duplicate-detect.js","sourceRoot":"","sources":["../../src/commands/finding-duplicate-detect.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAY9C,+EAA+E;AAE/E,MAAM,UAAU,yBAAyB,CAAC,IAAc;IACtD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;IACjD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IAC9D,MAAM,SAAS,GAAG,YAAY,IAAI,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAE/E,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;CAYf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;QACzC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;IACvC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,qBAAqB,UAAU,EAAE,CAAC,CAAC;QACjD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAA6B,CAAC;IACzF,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC;IAEvC,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;QAC9D,OAAO;IACT,CAAC;IAED,oCAAoC;IACpC,MAAM,UAAU,GAA6B,EAAE,CAAC;IAChD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;QAC/B,IAAI,UAAU,CAAC,GAAG,CAAC,KAAK,SAAS,EAAE,CAAC;YAClC,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;QACvB,CAAC;QACD,UAAU,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC1B,CAAC;IAED,qDAAqD;IACrD,MAAM,UAAU,GAAqB,EAAE,CAAC;IAExC,wBAAwB;IACxB,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;QAC3D,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvB,UAAU,CAAC,IAAI,CAAC;gBACd,kBAAkB,EAAE,MAAM;gBAC1B,KAAK,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK;gBACjC,KAAK,EAAE,OAAO,CAAC,MAAM;gBACrB,OAAO;aACR,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,4DAA4D;IAC5D,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;IAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,KAAK,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC7C,IAAI,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM;gBAAE,SAAS;YACxD,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC;gBAAE,SAAS;YAC/B,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YAEjB,MAAM,GAAG,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;YACpE,IAAI,GAAG,IAAI,SAAS,EAAE,CAAC;gBACrB,UAAU,CAAC,IAAI,CAAC;oBACd,kBAAkB,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,MAAM,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE;oBACnE,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK;oBACxB,KAAK,EAAE,CAAC;oBACR,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;iBAChB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAChE,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,qCAAqC,SAAS,GAAG,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAE5B,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;IAC3C,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,KAAK,MAAM,CAAC,CAAC,kBAAkB,EAAE,CAAC,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC;YAChC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,uBAAuB,QAAQ,CAAC,MAAM,wBAAwB,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;IAC/F,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;AAC9B,CAAC;AAED,SAAS,iBAAiB,CAAC,CAAS,EAAE,CAAS;IAC7C,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC;IACnD,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC;IACnD,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACnE,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC;IAC1C,OAAO,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC;AAC/D,CAAC"}

package/dist/commands/finding-impact-rank.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Finding-impact-rank — Rank findings by estimated business impact.
+ */
+export declare function runFindingImpactRank(argv: string[]): void;
+//# sourceMappingURL=finding-impact-rank.d.ts.map

package/dist/commands/finding-impact-rank.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-impact-rank.d.ts","sourceRoot":"","sources":["../../src/commands/finding-impact-rank.ts"],"names":[],"mappings":"AAAA;;GAEG;AA0BH,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAsFzD"}

package/dist/commands/finding-impact-rank.js

@@ -0,0 +1,86 @@
+/**
+ * Finding-impact-rank — Rank findings by estimated business impact.
+ */
+import { readFileSync, existsSync } from "fs";
+// ─── Impact model ───────────────────────────────────────────────────────────
+const SEVERITY_IMPACT = {
+    critical: 100,
+    high: 70,
+    medium: 40,
+    low: 15,
+    info: 5,
+};
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runFindingImpactRank(argv) {
+    const reportIdx = argv.indexOf("--report");
+    const topIdx = argv.indexOf("--top");
+    const formatIdx = argv.indexOf("--format");
+    const format = formatIdx >= 0 ? argv[formatIdx + 1] : "table";
+    const topN = topIdx >= 0 ? parseInt(argv[topIdx + 1], 10) : 0;
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges finding-impact-rank — Rank findings by business impact
+
+Usage:
+  judges finding-impact-rank --report <path> [--top <n>] [--format table|json]
+
+Options:
+  --report <path>  Report file with findings
+  --top <n>        Show only top N findings by impact
+  --format <fmt>   Output format: table (default), json
+  --help, -h       Show this help
+`);
+        return;
+    }
+    if (reportIdx < 0) {
+        console.error("Missing --report <path>");
+        process.exitCode = 1;
+        return;
+    }
+    const reportPath = argv[reportIdx + 1];
+    if (!existsSync(reportPath)) {
+        console.error(`Report not found: ${reportPath}`);
+        process.exitCode = 1;
+        return;
+    }
+    const report = JSON.parse(readFileSync(reportPath, "utf-8"));
+    const findings = report.findings ?? [];
+    if (findings.length === 0) {
+        console.log("No findings to rank.");
+        return;
+    }
+    const ranked = findings.map((f) => {
+        const baseImpact = SEVERITY_IMPACT[f.severity] ?? 5;
+        const conf = f.confidence ?? 0.5;
+        const impactScore = Math.round(baseImpact * conf);
+        return {
+            rank: 0,
+            ruleId: f.ruleId,
+            severity: f.severity,
+            title: f.title,
+            impactScore,
+            recommendation: f.recommendation,
+        };
+    });
+    ranked.sort((a, b) => b.impactScore - a.impactScore);
+    ranked.forEach((r, i) => {
+        r.rank = i + 1;
+    });
+    const display = topN > 0 ? ranked.slice(0, topN) : ranked;
+    if (format === "json") {
+        console.log(JSON.stringify(display, null, 2));
+        return;
+    }
+    console.log(`\nFinding Impact Ranking`);
+    console.log("═".repeat(75));
+    console.log(`  ${"#".padEnd(5)} ${"Impact".padEnd(8)} ${"Severity".padEnd(10)} ${"Rule".padEnd(25)} Title`);
+    console.log("  " + "─".repeat(70));
+    for (const r of display) {
+        console.log(`  ${String(r.rank).padEnd(5)} ${String(r.impactScore).padEnd(8)} ${r.severity.padEnd(10)} ${r.ruleId.padEnd(25)} ${r.title}`);
+    }
+    const totalImpact = ranked.reduce((sum, r) => sum + r.impactScore, 0);
+    const avgImpact = Math.round(totalImpact / ranked.length);
+    console.log(`\n  Total impact: ${totalImpact} | Average: ${avgImpact} | Findings: ${ranked.length}`);
+    console.log("═".repeat(75));
+}
+//# sourceMappingURL=finding-impact-rank.js.map

package/dist/commands/finding-impact-rank.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-impact-rank.js","sourceRoot":"","sources":["../../src/commands/finding-impact-rank.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAG9C,+EAA+E;AAE/E,MAAM,eAAe,GAA6B;IAChD,QAAQ,EAAE,GAAG;IACb,IAAI,EAAE,EAAE;IACR,MAAM,EAAE,EAAE;IACV,GAAG,EAAE,EAAE;IACP,IAAI,EAAE,CAAC;CACR,CAAC;AAWF,+EAA+E;AAE/E,MAAM,UAAU,oBAAoB,CAAC,IAAc;IACjD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IAC9D,MAAM,IAAI,GAAG,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAE9D,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;CAWf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;QACzC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;IACvC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,qBAAqB,UAAU,EAAE,CAAC,CAAC;QACjD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAA6B,CAAC;IACzF,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC;IAEvC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;QACpC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAoB,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QACjD,MAAM,UAAU,GAAG,eAAe,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACpD,MAAM,IAAI,GAAG,CAAC,CAAC,UAAU,IAAI,GAAG,CAAC;QACjC,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,GAAG,IAAI,CAAC,CAAC;QAElD,OAAO;YACL,IAAI,EAAE,CAAC;YACP,MAAM,EAAE,CAAC,CAAC,MAAM;YAChB,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,WAAW;YACX,cAAc,EAAE,CAAC,CAAC,cAAc;SACjC,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,GAAG,CAAC,CAAC,WAAW,CAAC,CAAC;IACrD,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACtB,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,CAAC,CAAC,CAAC;IAEH,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IAE1D,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC9C,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5B,OAAO,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,QAAQ,CAAC,CAAC;IAC5G,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAEnC,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CACT,KAAK,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAC9H,CAAC;IACJ,CAAC;IAED,MAAM,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IACtE,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;IAC1D,OAAO,CAAC,GAAG,CAAC,qBAAqB,WAAW,eAAe,SAAS,gBAAgB,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IACrG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;AAC9B,CAAC"}

package/dist/commands/finding-patch-preview.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Finding-patch-preview — Preview how patches would modify source files.
+ */
+export declare function runFindingPatchPreview(argv: string[]): void;
+//# sourceMappingURL=finding-patch-preview.d.ts.map

package/dist/commands/finding-patch-preview.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-patch-preview.d.ts","sourceRoot":"","sources":["../../src/commands/finding-patch-preview.ts"],"names":[],"mappings":"AAAA;;GAEG;AAOH,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CA0H3D"}