@kevinrabun/judges 3.97.0 → 3.98.0

package/dist/commands/finding-cwe-lookup.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Finding-cwe-lookup — Look up CWE details for finding rule IDs.
+ */
+export declare function runFindingCweLookup(argv: string[]): void;
+//# sourceMappingURL=finding-cwe-lookup.d.ts.map

package/dist/commands/finding-cwe-lookup.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-cwe-lookup.d.ts","sourceRoot":"","sources":["../../src/commands/finding-cwe-lookup.ts"],"names":[],"mappings":"AAAA;;GAEG;AA8EH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CA0FxD"}

package/dist/commands/finding-cwe-lookup.js

@@ -0,0 +1,149 @@
+/**
+ * Finding-cwe-lookup — Look up CWE details for finding rule IDs.
+ */
+import { readFileSync, existsSync } from "fs";
+// ─── CWE database (embedded subset) ────────────────────────────────────────
+const CWE_DB = {
+    "sql-injection": {
+        id: "CWE-89",
+        name: "SQL Injection",
+        description: "Improper neutralization of special elements used in an SQL command",
+        mitigation: "Use parameterized queries or prepared statements",
+    },
+    xss: {
+        id: "CWE-79",
+        name: "Cross-site Scripting",
+        description: "Improper neutralization of input during web page generation",
+        mitigation: "Sanitize output and use Content Security Policy",
+    },
+    "path-traversal": {
+        id: "CWE-22",
+        name: "Path Traversal",
+        description: "Improper limitation of a pathname to a restricted directory",
+        mitigation: "Validate and canonicalize file paths",
+    },
+    "command-injection": {
+        id: "CWE-78",
+        name: "OS Command Injection",
+        description: "Improper neutralization of special elements used in an OS command",
+        mitigation: "Avoid shell commands; use safe APIs",
+    },
+    "hardcoded-secret": {
+        id: "CWE-798",
+        name: "Hardcoded Credentials",
+        description: "Use of hard-coded credentials in source code",
+        mitigation: "Use environment variables or secret managers",
+    },
+    "insecure-deserialization": {
+        id: "CWE-502",
+        name: "Insecure Deserialization",
+        description: "Deserialization of untrusted data",
+        mitigation: "Validate serialized data or use safe alternatives",
+    },
+    "broken-auth": {
+        id: "CWE-287",
+        name: "Improper Authentication",
+        description: "Missing or improper authentication mechanism",
+        mitigation: "Implement robust authentication with MFA",
+    },
+    ssrf: {
+        id: "CWE-918",
+        name: "Server-Side Request Forgery",
+        description: "Server-side request to unintended location",
+        mitigation: "Validate and restrict outbound requests",
+    },
+    "open-redirect": {
+        id: "CWE-601",
+        name: "Open Redirect",
+        description: "URL redirection to untrusted site",
+        mitigation: "Validate redirect URLs against allowlist",
+    },
+    xxe: {
+        id: "CWE-611",
+        name: "XML External Entities",
+        description: "Improper restriction of XML external entity reference",
+        mitigation: "Disable external entity processing",
+    },
+};
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runFindingCweLookup(argv) {
+    const reportIdx = argv.indexOf("--report");
+    const ruleIdx = argv.indexOf("--rule");
+    const formatIdx = argv.indexOf("--format");
+    const format = formatIdx >= 0 ? argv[formatIdx + 1] : "table";
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges finding-cwe-lookup — Look up CWE details for findings
+
+Usage:
+  judges finding-cwe-lookup [--report <path>] [--rule <ruleId>]
+                            [--format table|json]
+
+Options:
+  --report <path>  Report file to look up CWEs for all findings
+  --rule <ruleId>  Look up a single rule ID
+  --format <fmt>   Output format: table (default), json
+  --help, -h       Show this help
+`);
+        return;
+    }
+    // Single rule lookup
+    if (ruleIdx >= 0) {
+        const ruleId = argv[ruleIdx + 1];
+        const key = ruleId.split("/").pop() ?? ruleId;
+        const cwe = CWE_DB[key] ?? null;
+        if (format === "json") {
+            console.log(JSON.stringify({ ruleId, cwe }, null, 2));
+        }
+        else if (cwe !== null) {
+            console.log(`\n  ${cwe.id}: ${cwe.name}`);
+            console.log(`  ${cwe.description}`);
+            console.log(`  Mitigation: ${cwe.mitigation}`);
+        }
+        else {
+            console.log(`  No CWE mapping found for: ${ruleId}`);
+        }
+        return;
+    }
+    // Report lookup
+    if (reportIdx < 0) {
+        console.error("Supply --report <path> or --rule <ruleId>");
+        process.exitCode = 1;
+        return;
+    }
+    const reportPath = argv[reportIdx + 1];
+    if (!existsSync(reportPath)) {
+        console.error(`Report not found: ${reportPath}`);
+        process.exitCode = 1;
+        return;
+    }
+    const report = JSON.parse(readFileSync(reportPath, "utf-8"));
+    const findings = report.findings ?? [];
+    const results = findings.map((f) => {
+        const key = f.ruleId.split("/").pop() ?? f.ruleId;
+        return { ruleId: f.ruleId, title: f.title, cwe: CWE_DB[key] ?? null };
+    });
+    if (format === "json") {
+        console.log(JSON.stringify(results, null, 2));
+        return;
+    }
+    console.log(`\nCWE Lookup`);
+    console.log("═".repeat(70));
+    const mapped = results.filter((r) => r.cwe !== null);
+    const unmapped = results.filter((r) => r.cwe === null);
+    if (mapped.length > 0) {
+        console.log("  Mapped:");
+        for (const r of mapped) {
+            console.log(`    ${r.ruleId.padEnd(25)} → ${r.cwe.id} (${r.cwe.name})`);
+        }
+    }
+    if (unmapped.length > 0) {
+        console.log("  No CWE mapping:");
+        for (const r of unmapped) {
+            console.log(`    ${r.ruleId.padEnd(25)} ${r.title}`);
+        }
+    }
+    console.log(`\n  Coverage: ${mapped.length}/${results.length} findings mapped to CWEs`);
+    console.log("═".repeat(70));
+}
+//# sourceMappingURL=finding-cwe-lookup.js.map

package/dist/commands/finding-cwe-lookup.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-cwe-lookup.js","sourceRoot":"","sources":["../../src/commands/finding-cwe-lookup.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAG9C,8EAA8E;AAE9E,MAAM,MAAM,GAA0F;IACpG,eAAe,EAAE;QACf,EAAE,EAAE,QAAQ;QACZ,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,oEAAoE;QACjF,UAAU,EAAE,kDAAkD;KAC/D;IACD,GAAG,EAAE;QACH,EAAE,EAAE,QAAQ;QACZ,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,6DAA6D;QAC1E,UAAU,EAAE,iDAAiD;KAC9D;IACD,gBAAgB,EAAE;QAChB,EAAE,EAAE,QAAQ;QACZ,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,6DAA6D;QAC1E,UAAU,EAAE,sCAAsC;KACnD;IACD,mBAAmB,EAAE;QACnB,EAAE,EAAE,QAAQ;QACZ,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,mEAAmE;QAChF,UAAU,EAAE,qCAAqC;KAClD;IACD,kBAAkB,EAAE;QAClB,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,8CAA8C;QAC3D,UAAU,EAAE,8CAA8C;KAC3D;IACD,0BAA0B,EAAE;QAC1B,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,0BAA0B;QAChC,WAAW,EAAE,mCAAmC;QAChD,UAAU,EAAE,mDAAmD;KAChE;IACD,aAAa,EAAE;QACb,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,8CAA8C;QAC3D,UAAU,EAAE,0CAA0C;KACvD;IACD,IAAI,EAAE;QACJ,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,6BAA6B;QACnC,WAAW,EAAE,4CAA4C;QACzD,UAAU,EAAE,yCAAyC;KACtD;IACD,eAAe,EAAE;QACf,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,mCAAmC;QAChD,UAAU,EAAE,0CAA0C;KACvD;IACD,GAAG,EAAE;QACH,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,uDAAuD;QACpE,UAAU,EAAE,oCAAoC;KACjD;CACF,CAAC;AAQF,+EAA+E;AAE/E,MAAM,UAAU,mBAAmB,CAAC,IAAc;IAChD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACvC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IAE9D,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;CAYf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,qBAAqB;IACrB,IAAI,OAAO,IAAI,CAAC,EAAE,CAAC;QACjB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC;QACjC,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,MAAM,CAAC;QAC9C,MAAM,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;QAEhC,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACxD,CAAC;aAAM,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,OAAO,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC;YAC1C,OAAO,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC;YACpC,OAAO,CAAC,GAAG,CAAC,iBAAiB,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;QACjD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,+BAA+B,MAAM,EAAE,CAAC,CAAC;QACvD,CAAC;QACD,OAAO;IACT,CAAC;IAED,gBAAgB;IAChB,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC;QAC3D,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;IACvC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,qBAAqB,UAAU,EAAE,CAAC,CAAC;QACjD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAA6B,CAAC;IACzF,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC;IAEvC,MAAM,OAAO,GAAsB,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QACpD,MAAM,GAAG,GAAG,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,MAAM,CAAC;QAClD,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC;IACxE,CAAC,CAAC,CAAC;IAEH,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC9C,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAC5B,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAE5B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,IAAI,CAAC,CAAC;IACrD,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,IAAI,CAAC,CAAC;IAEvD,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACzB,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,GAAI,CAAC,EAAE,KAAK,CAAC,CAAC,GAAI,CAAC,IAAI,GAAG,CAAC,CAAC;QAC5E,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QACjC,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;QACvD,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,iBAAiB,MAAM,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,0BAA0B,CAAC,CAAC;IACxF,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;AAC9B,CAAC"}

package/dist/commands/finding-duplicate-detect.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Finding-duplicate-detect — Detect duplicate or near-duplicate findings.
+ */
+export declare function runFindingDuplicateDetect(argv: string[]): void;
+//# sourceMappingURL=finding-duplicate-detect.d.ts.map

package/dist/commands/finding-duplicate-detect.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-duplicate-detect.d.ts","sourceRoot":"","sources":["../../src/commands/finding-duplicate-detect.ts"],"names":[],"mappings":"AAAA;;GAEG;AAgBH,wBAAgB,yBAAyB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CA+G9D"}

package/dist/commands/finding-duplicate-detect.js

@@ -0,0 +1,114 @@
+/**
+ * Finding-duplicate-detect — Detect duplicate or near-duplicate findings.
+ */
+import { readFileSync, existsSync } from "fs";
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runFindingDuplicateDetect(argv) {
+    const reportIdx = argv.indexOf("--report");
+    const thresholdIdx = argv.indexOf("--threshold");
+    const formatIdx = argv.indexOf("--format");
+    const format = formatIdx >= 0 ? argv[formatIdx + 1] : "table";
+    const threshold = thresholdIdx >= 0 ? parseFloat(argv[thresholdIdx + 1]) : 0.8;
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges finding-duplicate-detect — Detect duplicate findings
+
+Usage:
+  judges finding-duplicate-detect --report <path> [--threshold <n>]
+                                  [--format table|json]
+
+Options:
+  --report <path>     Report file with findings
+  --threshold <n>     Similarity threshold 0-1 (default: 0.8)
+  --format <fmt>      Output format: table (default), json
+  --help, -h          Show this help
+`);
+        return;
+    }
+    if (reportIdx < 0) {
+        console.error("Missing --report <path>");
+        process.exitCode = 1;
+        return;
+    }
+    const reportPath = argv[reportIdx + 1];
+    if (!existsSync(reportPath)) {
+        console.error(`Report not found: ${reportPath}`);
+        process.exitCode = 1;
+        return;
+    }
+    const report = JSON.parse(readFileSync(reportPath, "utf-8"));
+    const findings = report.findings ?? [];
+    if (findings.length < 2) {
+        console.log("Need at least 2 findings to detect duplicates.");
+        return;
+    }
+    // Group by exact ruleId match first
+    const ruleGroups = {};
+    for (let i = 0; i < findings.length; i++) {
+        const key = findings[i].ruleId;
+        if (ruleGroups[key] === undefined) {
+            ruleGroups[key] = [];
+        }
+        ruleGroups[key].push(i);
+    }
+    // Then check title similarity within different rules
+    const duplicates = [];
+    // Exact rule duplicates
+    for (const [ruleId, indices] of Object.entries(ruleGroups)) {
+        if (indices.length > 1) {
+            duplicates.push({
+                representativeRule: ruleId,
+                title: findings[indices[0]].title,
+                count: indices.length,
+                indices,
+            });
+        }
+    }
+    // Near-duplicate by title similarity across different rules
+    const checked = new Set();
+    for (let i = 0; i < findings.length; i++) {
+        for (let j = i + 1; j < findings.length; j++) {
+            if (findings[i].ruleId === findings[j].ruleId)
+                continue;
+            const key = `${i}:${j}`;
+            if (checked.has(key))
+                continue;
+            checked.add(key);
+            const sim = jaccardSimilarity(findings[i].title, findings[j].title);
+            if (sim >= threshold) {
+                duplicates.push({
+                    representativeRule: `${findings[i].ruleId} ~ ${findings[j].ruleId}`,
+                    title: findings[i].title,
+                    count: 2,
+                    indices: [i, j],
+                });
+            }
+        }
+    }
+    if (format === "json") {
+        console.log(JSON.stringify({ threshold, duplicates }, null, 2));
+        return;
+    }
+    console.log(`\nDuplicate Detection (threshold: ${threshold})`);
+    console.log("═".repeat(65));
+    if (duplicates.length === 0) {
+        console.log("  No duplicates detected.");
+    }
+    else {
+        for (const d of duplicates) {
+            console.log(`  [${d.count}x] ${d.representativeRule}`);
+            console.log(`    "${d.title}"`);
+            console.log(`    Indices: ${d.indices.join(", ")}`);
+        }
+    }
+    console.log(`\n  Total findings: ${findings.length} | Duplicate groups: ${duplicates.length}`);
+    console.log("═".repeat(65));
+}
+function jaccardSimilarity(a, b) {
+    const setA = new Set(a.toLowerCase().split(/\s+/));
+    const setB = new Set(b.toLowerCase().split(/\s+/));
+    const intersection = new Set([...setA].filter((x) => setB.has(x)));
+    const union = new Set([...setA, ...setB]);
+    return union.size === 0 ? 0 : intersection.size / union.size;
+}
+//# sourceMappingURL=finding-duplicate-detect.js.map

package/dist/commands/finding-duplicate-detect.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-duplicate-detect.js","sourceRoot":"","sources":["../../src/commands/finding-duplicate-detect.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAY9C,+EAA+E;AAE/E,MAAM,UAAU,yBAAyB,CAAC,IAAc;IACtD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;IACjD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IAC9D,MAAM,SAAS,GAAG,YAAY,IAAI,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,YAAY,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAE/E,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;CAYf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;QACzC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;IACvC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,qBAAqB,UAAU,EAAE,CAAC,CAAC;QACjD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAA6B,CAAC;IACzF,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC;IAEvC,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;QAC9D,OAAO;IACT,CAAC;IAED,oCAAoC;IACpC,MAAM,UAAU,GAA6B,EAAE,CAAC;IAChD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;QAC/B,IAAI,UAAU,CAAC,GAAG,CAAC,KAAK,SAAS,EAAE,CAAC;YAClC,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC;QACvB,CAAC;QACD,UAAU,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC1B,CAAC;IAED,qDAAqD;IACrD,MAAM,UAAU,GAAqB,EAAE,CAAC;IAExC,wBAAwB;IACxB,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;QAC3D,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvB,UAAU,CAAC,IAAI,CAAC;gBACd,kBAAkB,EAAE,MAAM;gBAC1B,KAAK,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK;gBACjC,KAAK,EAAE,OAAO,CAAC,MAAM;gBACrB,OAAO;aACR,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,4DAA4D;IAC5D,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;IAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,KAAK,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YAC7C,IAAI,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM;gBAAE,SAAS;YACxD,MAAM,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC;gBAAE,SAAS;YAC/B,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YAEjB,MAAM,GAAG,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;YACpE,IAAI,GAAG,IAAI,SAAS,EAAE,CAAC;gBACrB,UAAU,CAAC,IAAI,CAAC;oBACd,kBAAkB,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,MAAM,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,EAAE;oBACnE,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK;oBACxB,KAAK,EAAE,CAAC;oBACR,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;iBAChB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,SAAS,EAAE,UAAU,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAChE,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,qCAAqC,SAAS,GAAG,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAE5B,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;IAC3C,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,KAAK,MAAM,CAAC,CAAC,kBAAkB,EAAE,CAAC,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC;YAChC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,uBAAuB,QAAQ,CAAC,MAAM,wBAAwB,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;IAC/F,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;AAC9B,CAAC;AAED,SAAS,iBAAiB,CAAC,CAAS,EAAE,CAAS;IAC7C,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC;IACnD,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC;IACnD,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACnE,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,IAAI,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC;IAC1C,OAAO,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC;AAC/D,CAAC"}

package/dist/commands/finding-patch-preview.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Finding-patch-preview — Preview how patches would modify source files.
+ */
+export declare function runFindingPatchPreview(argv: string[]): void;
+//# sourceMappingURL=finding-patch-preview.d.ts.map

package/dist/commands/finding-patch-preview.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-patch-preview.d.ts","sourceRoot":"","sources":["../../src/commands/finding-patch-preview.ts"],"names":[],"mappings":"AAAA;;GAEG;AAOH,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CA0H3D"}

package/dist/commands/finding-patch-preview.js

@@ -0,0 +1,104 @@
+/**
+ * Finding-patch-preview — Preview how patches would modify source files.
+ */
+import { readFileSync, existsSync } from "fs";
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runFindingPatchPreview(argv) {
+    const reportIdx = argv.indexOf("--report");
+    const sourceIdx = argv.indexOf("--source");
+    const contextIdx = argv.indexOf("--context");
+    const formatIdx = argv.indexOf("--format");
+    const format = formatIdx >= 0 ? argv[formatIdx + 1] : "table";
+    const contextLines = contextIdx >= 0 ? parseInt(argv[contextIdx + 1], 10) : 3;
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges finding-patch-preview — Preview patch modifications
+
+Usage:
+  judges finding-patch-preview --report <path> --source <path>
+                               [--context <n>] [--format table|json]
+
+Options:
+  --report <path>   Report file with findings
+  --source <path>   Source file to preview patches against
+  --context <n>     Context lines around changes (default: 3)
+  --format <fmt>    Output format: table (default), json
+  --help, -h        Show this help
+`);
+        return;
+    }
+    if (reportIdx < 0 || sourceIdx < 0) {
+        console.error("Missing --report <path> and --source <path>");
+        process.exitCode = 1;
+        return;
+    }
+    const reportPath = argv[reportIdx + 1];
+    const sourcePath = argv[sourceIdx + 1];
+    if (!existsSync(reportPath)) {
+        console.error(`Report not found: ${reportPath}`);
+        process.exitCode = 1;
+        return;
+    }
+    if (!existsSync(sourcePath)) {
+        console.error(`Source not found: ${sourcePath}`);
+        process.exitCode = 1;
+        return;
+    }
+    const report = JSON.parse(readFileSync(reportPath, "utf-8"));
+    const findings = (report.findings ?? []).filter((f) => f.patch !== undefined && f.patch !== null);
+    const sourceContent = readFileSync(sourcePath, "utf-8");
+    const sourceLines = sourceContent.split("\n");
+    if (findings.length === 0) {
+        console.log("No findings with patches to preview.");
+        return;
+    }
+    const previews = [];
+    for (const f of findings) {
+        const patchStr = String(f.patch);
+        const patchLines = patchStr.split("\n");
+        const firstLine = patchLines[0] ?? "";
+        const lineIdx = sourceLines.findIndex((l) => l.includes(firstLine.trim()));
+        const applicable = lineIdx >= 0;
+        const start = Math.max(0, lineIdx - contextLines);
+        const end = Math.min(sourceLines.length - 1, lineIdx + contextLines);
+        const affectedLines = [];
+        if (applicable) {
+            for (let i = start; i <= end; i++) {
+                affectedLines.push(i + 1);
+            }
+        }
+        const snippet = applicable
+            ? sourceLines
+                .slice(start, end + 1)
+                .map((l, i) => {
+                const lineNum = start + i + 1;
+                const marker = lineNum === lineIdx + 1 ? ">" : " ";
+                return `${marker} ${String(lineNum).padStart(4)} | ${l}`;
+            })
+                .join("\n")
+            : "(patch target not found in source)";
+        previews.push({
+            ruleId: f.ruleId,
+            title: f.title,
+            patchSnippet: snippet,
+            applicable,
+            affectedLines,
+        });
+    }
+    if (format === "json") {
+        console.log(JSON.stringify(previews, null, 2));
+        return;
+    }
+    console.log(`\nPatch Preview — ${sourcePath}`);
+    console.log("═".repeat(70));
+    for (const p of previews) {
+        const status = p.applicable ? "APPLICABLE" : "NOT FOUND";
+        console.log(`\n  [${status}] ${p.ruleId} — ${p.title}`);
+        console.log("  " + "─".repeat(60));
+        console.log(p.patchSnippet);
+    }
+    const applicableCount = previews.filter((p) => p.applicable).length;
+    console.log(`\n  ${applicableCount}/${previews.length} patches applicable`);
+    console.log("═".repeat(70));
+}
+//# sourceMappingURL=finding-patch-preview.js.map

package/dist/commands/finding-patch-preview.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-patch-preview.js","sourceRoot":"","sources":["../../src/commands/finding-patch-preview.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAG9C,+EAA+E;AAE/E,MAAM,UAAU,sBAAsB,CAAC,IAAc;IACnD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IAC9D,MAAM,YAAY,GAAG,UAAU,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAE9E,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;CAaf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;QACnC,OAAO,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;QAC7D,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;IACvC,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;IAEvC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,qBAAqB,UAAU,EAAE,CAAC,CAAC;QACjD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,qBAAqB,UAAU,EAAE,CAAC,CAAC;QACjD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAA6B,CAAC;IACzF,MAAM,QAAQ,GAAG,CAAC,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,KAAK,SAAS,IAAI,CAAC,CAAC,KAAK,KAAK,IAAI,CAAC,CAAC;IAClG,MAAM,aAAa,GAAG,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IACxD,MAAM,WAAW,GAAG,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAE9C,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;QACpD,OAAO;IACT,CAAC;IAUD,MAAM,QAAQ,GAAmB,EAAE,CAAC;IAEpC,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;QACjC,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACxC,MAAM,SAAS,GAAG,UAAU,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACtC,MAAM,OAAO,GAAG,WAAW,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QAE3E,MAAM,UAAU,GAAG,OAAO,IAAI,CAAC,CAAC;QAChC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,GAAG,YAAY,CAAC,CAAC;QAClD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,OAAO,GAAG,YAAY,CAAC,CAAC;QAErE,MAAM,aAAa,GAAa,EAAE,CAAC;QACnC,IAAI,UAAU,EAAE,CAAC;YACf,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,CAAC,IAAI,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;gBAClC,aAAa,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC5B,CAAC;QACH,CAAC;QAED,MAAM,OAAO,GAAG,UAAU;YACxB,CAAC,CAAC,WAAW;iBACR,KAAK,CAAC,KAAK,EAAE,GAAG,GAAG,CAAC,CAAC;iBACrB,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;gBACZ,MAAM,OAAO,GAAG,KAAK,GAAG,CAAC,GAAG,CAAC,CAAC;gBAC9B,MAAM,MAAM,GAAG,OAAO,KAAK,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;gBACnD,OAAO,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC;YAC3D,CAAC,CAAC;iBACD,IAAI,CAAC,IAAI,CAAC;YACf,CAAC,CAAC,oCAAoC,CAAC;QAEzC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,CAAC,CAAC,MAAM;YAChB,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,YAAY,EAAE,OAAO;YACrB,UAAU;YACV,aAAa;SACd,CAAC,CAAC;IACL,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC/C,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,qBAAqB,UAAU,EAAE,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAE5B,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,MAAM,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,WAAW,CAAC;QACzD,OAAO,CAAC,GAAG,CAAC,QAAQ,MAAM,KAAK,CAAC,CAAC,MAAM,MAAM,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;QACxD,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC;IAC9B,CAAC;IAED,MAAM,eAAe,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC;IACpE,OAAO,CAAC,GAAG,CAAC,OAAO,eAAe,IAAI,QAAQ,CAAC,MAAM,qBAAqB,CAAC,CAAC;IAC5E,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;AAC9B,CAAC"}

package/dist/commands/finding-priority-matrix.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Finding-priority-matrix — Create a priority matrix (urgency × impact) for findings.
+ */
+export declare function runFindingPriorityMatrix(argv: string[]): void;
+//# sourceMappingURL=finding-priority-matrix.d.ts.map

package/dist/commands/finding-priority-matrix.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-priority-matrix.d.ts","sourceRoot":"","sources":["../../src/commands/finding-priority-matrix.ts"],"names":[],"mappings":"AAAA;;GAEG;AAmCH,wBAAgB,wBAAwB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAgG7D"}

package/dist/commands/finding-priority-matrix.js

@@ -0,0 +1,103 @@
+/**
+ * Finding-priority-matrix — Create a priority matrix (urgency × impact) for findings.
+ */
+import { readFileSync, existsSync } from "fs";
+// ─── Matrix model ───────────────────────────────────────────────────────────
+const URGENCY = {
+    critical: 5,
+    high: 4,
+    medium: 3,
+    low: 2,
+    info: 1,
+};
+function classifyPriority(score) {
+    if (score >= 20)
+        return "P0-Immediate";
+    if (score >= 12)
+        return "P1-High";
+    if (score >= 6)
+        return "P2-Medium";
+    if (score >= 3)
+        return "P3-Low";
+    return "P4-Backlog";
+}
+// ─── CLI ────────────────────────────────────────────────────────────────────
+export function runFindingPriorityMatrix(argv) {
+    const reportIdx = argv.indexOf("--report");
+    const priorityIdx = argv.indexOf("--priority");
+    const formatIdx = argv.indexOf("--format");
+    const format = formatIdx >= 0 ? argv[formatIdx + 1] : "table";
+    const priorityFilter = priorityIdx >= 0 ? argv[priorityIdx + 1] : "";
+    if (argv.includes("--help") || argv.includes("-h")) {
+        console.log(`
+judges finding-priority-matrix — Create urgency × impact priority matrix
+
+Usage:
+  judges finding-priority-matrix --report <path> [--priority <level>]
+                                 [--format table|json]
+
+Options:
+  --report <path>      Report file with findings
+  --priority <level>   Filter: P0-Immediate, P1-High, P2-Medium, P3-Low, P4-Backlog
+  --format <fmt>       Output format: table (default), json
+  --help, -h           Show this help
+`);
+        return;
+    }
+    if (reportIdx < 0) {
+        console.error("Missing --report <path>");
+        process.exitCode = 1;
+        return;
+    }
+    const reportPath = argv[reportIdx + 1];
+    if (!existsSync(reportPath)) {
+        console.error(`Report not found: ${reportPath}`);
+        process.exitCode = 1;
+        return;
+    }
+    const report = JSON.parse(readFileSync(reportPath, "utf-8"));
+    const findings = report.findings ?? [];
+    if (findings.length === 0) {
+        console.log("No findings to prioritize.");
+        return;
+    }
+    const entries = findings.map((f) => {
+        const urgency = URGENCY[f.severity] ?? 1;
+        const conf = f.confidence ?? 0.5;
+        const impact = Math.round(urgency * conf * 2);
+        const score = urgency * impact;
+        return {
+            ruleId: f.ruleId,
+            title: f.title,
+            severity: f.severity,
+            urgency,
+            impact,
+            priority: classifyPriority(score),
+            score,
+        };
+    });
+    entries.sort((a, b) => b.score - a.score);
+    const display = priorityFilter.length > 0 ? entries.filter((e) => e.priority === priorityFilter) : entries;
+    if (format === "json") {
+        console.log(JSON.stringify(display, null, 2));
+        return;
+    }
+    console.log(`\nPriority Matrix`);
+    console.log("═".repeat(80));
+    console.log(`  ${"Priority".padEnd(15)} ${"Score".padEnd(7)} ${"Urgency".padEnd(9)} ${"Impact".padEnd(8)} ${"Rule".padEnd(22)} Title`);
+    console.log("  " + "─".repeat(75));
+    for (const e of display) {
+        console.log(`  ${e.priority.padEnd(15)} ${String(e.score).padEnd(7)} ${String(e.urgency).padEnd(9)} ${String(e.impact).padEnd(8)} ${e.ruleId.padEnd(22)} ${e.title}`);
+    }
+    // Summary counts
+    const counts = {};
+    for (const e of entries) {
+        counts[e.priority] = (counts[e.priority] ?? 0) + 1;
+    }
+    console.log(`\n  Summary:`);
+    for (const [p, c] of Object.entries(counts).sort()) {
+        console.log(`    ${p.padEnd(15)} ${c} finding(s)`);
+    }
+    console.log("═".repeat(80));
+}
+//# sourceMappingURL=finding-priority-matrix.js.map

package/dist/commands/finding-priority-matrix.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-priority-matrix.js","sourceRoot":"","sources":["../../src/commands/finding-priority-matrix.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAG9C,+EAA+E;AAE/E,MAAM,OAAO,GAA6B;IACxC,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;IACN,IAAI,EAAE,CAAC;CACR,CAAC;AAYF,SAAS,gBAAgB,CAAC,KAAa;IACrC,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,cAAc,CAAC;IACvC,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,SAAS,CAAC;IAClC,IAAI,KAAK,IAAI,CAAC;QAAE,OAAO,WAAW,CAAC;IACnC,IAAI,KAAK,IAAI,CAAC;QAAE,OAAO,QAAQ,CAAC;IAChC,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,+EAA+E;AAE/E,MAAM,UAAU,wBAAwB,CAAC,IAAc;IACrD,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;IAC/C,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,SAAS,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IAC9D,MAAM,cAAc,GAAG,WAAW,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAErE,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;CAYf,CAAC,CAAC;QACC,OAAO;IACT,CAAC;IAED,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;QACzC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC;IACvC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,KAAK,CAAC,qBAAqB,UAAU,EAAE,CAAC,CAAC;QACjD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAA6B,CAAC;IACzF,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC;IAEvC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;QAC1C,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAkB,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QAChD,MAAM,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACzC,MAAM,IAAI,GAAG,CAAC,CAAC,UAAU,IAAI,GAAG,CAAC;QACjC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC;QAC9C,MAAM,KAAK,GAAG,OAAO,GAAG,MAAM,CAAC;QAE/B,OAAO;YACL,MAAM,EAAE,CAAC,CAAC,MAAM;YAChB,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,OAAO;YACP,MAAM;YACN,QAAQ,EAAE,gBAAgB,CAAC,KAAK,CAAC;YACjC,KAAK;SACN,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;IAE1C,MAAM,OAAO,GAAG,cAAc,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,cAAc,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IAE3G,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC9C,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IACjC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5B,OAAO,CAAC,GAAG,CACT,KAAK,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,QAAQ,CAC1H,CAAC;IACF,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAEnC,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CACzJ,CAAC;IACJ,CAAC;IAED,iBAAiB;IACjB,MAAM,MAAM,GAA2B,EAAE,CAAC;IAC1C,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IACrD,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAC5B,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IACrD,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;AAC9B,CAAC"}

package/dist/commands/review-cicd-integrate.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Review-cicd-integrate — Generate CI/CD integration configs for Judges.
+ */
+export declare function runReviewCicdIntegrate(argv: string[]): void;
+//# sourceMappingURL=review-cicd-integrate.d.ts.map

package/dist/commands/review-cicd-integrate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"review-cicd-integrate.d.ts","sourceRoot":"","sources":["../../src/commands/review-cicd-integrate.ts"],"names":[],"mappings":"AAAA;;GAEG;AAiEH,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAiE3D"}