@lbroth/rothunter 1.0.0-rc.1

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 rothunter contributors
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,141 @@
+<p align="center">
+  <img src="logo.png" alt="RotHunter" width="160" />
+</p>
+
+<h1 align="center">RotHunter</h1>
+
+<p align="center">
+  Self-hosted code-hygiene engine for TypeScript / JavaScript codebases.<br/>
+  Deterministic detectors + local LLM verdicts + dashboard.
+</p>
+
+## What it catches
+
+24 detectors out of the box:
+
+- Duplicate types / functions, dead modules / exports / handlers / api
+- Race-condition / mutation / shared-db-write / api-race
+- TSConfig / ESLint / Biome anti-patterns
+- Silent catch, skip-tests (`.skip` / `.only`), TODO / FIXME / HACK comments
+- Long files / functions, deep nesting
+- Public `any`, mutable globals, unused deps, hot-hub files
+- Similar functions (fuzzy clusters with canonical-pick + npm-package suggestion)
+
+**Cross-service race detection** — `shared-db-write` and `api-race` run cross-workspace in monorepo mode, catching DB-column writes and write-endpoint calls that span service / repository boundaries. See [`docs/RACE-DETECTION.md`](./docs/RACE-DETECTION.md) for a walkthrough with three concrete scenarios.
+
+Full detector list with severities + tunables: [`docs/DETECTORS.md`](./docs/DETECTORS.md).
+
+### Coverage by mode
+
+| Mode | Detectors |
+|---|---|
+| Single-workspace | All 24 |
+| Multi-workspace (cross-repo via `rothunter.config.json`) | 9 cross-repo always-on (duplicate-type, duplicate-function, dead-module, dead-export, dead-api, long-function, deep-nesting, public-any, hot-hub-file) + the remaining 15 looped per workspace with workspace-namespaced fingerprints |
+
+## Quick start
+
+```bash
+npm install
+npm run dev:full     # auto-picks the fastest LLM backend + server + UI
+# → server on :3000, UI on :5173, LLM on :8080
+```
+
+`dev:full` runs `scripts/start-llm.mjs` which auto-detects the best
+available LLM backend on your host and starts it alongside the server +
+UI. Selection order:
+
+| # | Backend | When picked | Notes |
+|---|---------|-------------|-------|
+| 1 | **llama.cpp native** (`llama-server`) | `llama-server` on PATH | Uses Metal on macOS / CUDA on Linux when the binary was built with GPU support. |
+| 2 | **Docker** (`docker compose up rothunter-llm`) | Docker Desktop available | Slower on macOS (no Metal inside the Linux VM) but works on any platform. |
+
+Force a specific backend:
+
+```bash
+ROTHUNTER_LLM_BACKEND=llamacpp npm run dev:full   # or docker
+ROTHUNTER_LLM_MODEL=bartowski/Qwen2.5-Coder-7B-Instruct-GGUF npm run dev:full
+```
+
+### Install an LLM backend
+
+Pick ONE — `dev:full` picks the first available.
+
+```bash
+# Native llama.cpp (recommended — uses Metal on macOS, CUDA on Linux)
+brew install llama.cpp           # macOS
+# Linux: see https://github.com/ggml-org/llama.cpp
+
+# Cross-platform sandbox: Docker (slower on macOS — no GPU passthrough)
+docker --version
+```
+
+### Run pieces individually
+
+```bash
+npm run dev        # server + UI only (assumes the LLM is already up)
+npm run llm        # auto-detected LLM only
+npm run docker     # full docker-compose stack (server + llama.cpp sidecar)
+```
+
+### Or point at a remote LLM
+
+If you already have an OpenAI-compatible endpoint (vLLM, OpenRouter, LM
+Studio, an on-prem cluster …) skip the auto-launch entirely:
+
+```bash
+export ROTHUNTER_LLM_BASE_URL=https://my-llm.internal/v1
+export ROTHUNTER_LLM_MODEL=Qwen2.5-Coder-14B-Instruct
+export ROTHUNTER_LLM_API_KEY=...           # if the endpoint needs auth
+export ROTHUNTER_LLM_CONCURRENCY=4         # 1 = sequential, raise for vLLM / llama.cpp --parallel N
+npm run dev
+```
+
+## Layout
+
+```
+src/
+  detectors/    — 24 deterministic detectors
+  extraction/   — LLM confirmers
+  parsers/      — ts-morph symbol + import graph
+  graph/        — import-graph + entry-point resolution
+  server/       — Fastify HTTP API + SSE scan stream
+  ui/           — React / Vite / Tailwind dashboard
+  docker/       — compose + Dockerfile
+```
+
+## Configuration
+
+Every knob is an environment variable; see [`.env.example`](./.env.example) for the full list with defaults. The most common:
+
+| Variable | Default | Purpose |
+|---|---|---|
+| `ROTHUNTER_PORT` | `3000` | HTTP API port |
+| `ROTHUNTER_HOST` | `127.0.0.1` | Bind address — `0.0.0.0` exposes the API to LAN |
+| `ROTHUNTER_FS_ROOTS` | `$HOME` (+ `/workspace` in docker) | Colon-separated allow-roots for workspace switches |
+| `ROTHUNTER_LLM_BASE_URL` | `http://127.0.0.1:8080/v1` | OpenAI-compatible LLM endpoint |
+| `ROTHUNTER_LLM_MODEL` | `bartowski/Qwen2.5-Coder-14B-Instruct-GGUF` | HF repo id |
+| `ROTHUNTER_LLM_CONCURRENCY` | `min(8, cores / 2)` | Parallel verdict requests |
+
+## Security model
+
+The HTTP API has no authentication — it relies on the loopback bind. Treat rothunter as a single-tenant developer tool, not a hosted service.
+
+- Server binds `127.0.0.1` by default. Setting `ROTHUNTER_HOST=0.0.0.0` exposes the API to anyone on the network.
+- The server can only read / write paths under `ROTHUNTER_FS_ROOTS`. Workspace switches outside this set return HTTP 403.
+- LLM confirmers send code excerpts (±8 lines around the finding plus the enclosing signature) to the configured endpoint. Default is a loopback `llama.cpp` instance — nothing leaves the host. Verify the data-retention policy before pointing at a remote endpoint.
+
+Full threat model + vulnerability reporting in [`SECURITY.md`](./SECURITY.md).
+
+## Roadmap
+
+See [`ROADMAP.md`](./ROADMAP.md) for planned detectors (TypeScript misuse:
+`any-leak` / `god-type` / `everything-optional` / `wide-string-type` /
+`boolean-trap`) and other queued improvements.
+
+## Contributing
+
+PRs welcome. See [`CONTRIBUTING.md`](./CONTRIBUTING.md) for the detector-author checklist and quality bar.
+
+## License
+
+MIT — see [`LICENSE`](./LICENSE).

package/dist/adapters/llm.d.ts

@@ -0,0 +1,68 @@
+export interface ChatMessage {
+    role: 'system' | 'user' | 'assistant';
+    content: string;
+}
+export interface ChatOptions {
+    temperature?: number;
+    json?: boolean;
+    timeoutMs?: number;
+    maxTokens?: number;
+}
+export interface LlmClientOptions {
+    baseUrl?: string;
+    model?: string;
+    apiKey?: string;
+    defaultTimeoutMs?: number;
+}
+export declare class LlmClient {
+    private readonly baseUrl;
+    private readonly modelOverride;
+    private readonly apiKey?;
+    private readonly defaultTimeoutMs;
+    /**
+     * Resolved model id used in actual requests. Populated either from
+     * the explicit override (env / constructor) or via a one-shot probe
+     * of `GET /v1/models` against the configured base URL. The probe
+     * keeps `npm run dev:full` working when the operator's env override
+     * doesn't match what the backend actually has loaded.
+     */
+    private resolvedModel;
+    /** Tag of the backend we resolved against — exposed for the settings UI. */
+    resolvedBackend: 'llamacpp' | 'remote' | 'unknown';
+    /**
+     * Pure constructor — never reads process.env. Pass explicit opts
+     * (typical production wiring is via `createDefaultLlmClient()`, which
+     * collects env defaults). Keeping the constructor env-free makes the
+     * class trivially mockable + test-isolated.
+     */
+    constructor(opts?: LlmClientOptions);
+    /**
+     * One-shot model discovery against `/v1/models`. Picks a sensible
+     * default when the operator hasn't set `ROTHUNTER_LLM_MODEL` or when
+     * the operator's override is no longer loaded on the backend.
+     * Idempotent — repeat calls reuse `resolvedModel`.
+     */
+    private resolveModel;
+    chat(messages: ChatMessage[], options?: ChatOptions): Promise<string>;
+    /**
+     * Issues a tiny completion to ensure the model is loaded into memory
+     * and the first forward pass is compiled. Uses a short timeout
+     * (5 s) so the orchestrator can detect "no LLM available" quickly
+     * and skip the confirmation pass instead of spending the full
+     * verdict timeout on every finding.
+     *
+     * Returns `true` on success, `false` on any failure — let the caller
+     * decide whether to continue, retry, or fall back to deterministic
+     * verdicts only.
+     */
+    warmup(): Promise<boolean>;
+}
+/**
+ * Build an LlmClient from `ROTHUNTER_LLM_*` env vars (with the standard
+ * fallback chain for the API key: ROTHUNTER_LLM_API_KEY →
+ * OPENROUTER_API_KEY → OPENAI_API_KEY). All production call sites route
+ * through here so env coupling lives in one place. Tests construct
+ * `LlmClient` directly with explicit opts to bypass env reads.
+ */
+export declare function createDefaultLlmClient(): LlmClient;
+//# sourceMappingURL=llm.d.ts.map

package/dist/adapters/llm.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"llm.d.ts","sourceRoot":"","sources":["../../src/adapters/llm.ts"],"names":[],"mappings":"AAUA,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,QAAQ,GAAG,MAAM,GAAG,WAAW,CAAC;IACtC,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,WAAW;IAC1B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAcD,qBAAa,SAAS;IACpB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAqB;IACnD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAS;IACjC,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAS;IAC1C;;;;;;OAMG;IACH,OAAO,CAAC,aAAa,CAAqB;IAC1C,4EAA4E;IACrE,eAAe,EAAE,UAAU,GAAG,QAAQ,GAAG,SAAS,CAAa;IAEtE;;;;;OAKG;gBACS,IAAI,GAAE,gBAAqB;IAQvC;;;;;OAKG;YACW,YAAY;IA2BpB,IAAI,CAAC,QAAQ,EAAE,WAAW,EAAE,EAAE,OAAO,GAAE,WAAgB,GAAG,OAAO,CAAC,MAAM,CAAC;IA0C/E;;;;;;;;;;OAUG;IACG,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC;CAWjC;AAkBD;;;;;;GAMG;AACH,wBAAgB,sBAAsB,IAAI,SAAS,CA2BlD"}

package/dist/adapters/llm.js

@@ -0,0 +1,189 @@
+// OpenAI-compat /v1/chat/completions client. Works with llama-server,
+// vLLM, OpenRouter, LM Studio, and any other backend that speaks the
+// OpenAI chat-completion schema.
+//
+// Env: ROTHUNTER_LLM_BASE_URL / _MODEL / _API_KEY / _TIMEOUT_MS.
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import * as os from 'node:os';
+const DEFAULT_BASE_URL = 'http://127.0.0.1:8080/v1';
+// Qwen2.5-Coder-14B Q4_K_M (~8GB) hits 8/8 on the golden eval — the
+// smallest local model we evaluated that gets every borderline pair
+// right.
+const DEFAULT_MODEL = 'bartowski/Qwen2.5-Coder-14B-Instruct-GGUF';
+const DEFAULT_TIMEOUT_MS = 120_000;
+export class LlmClient {
+    baseUrl;
+    modelOverride;
+    apiKey;
+    defaultTimeoutMs;
+    /**
+     * Resolved model id used in actual requests. Populated either from
+     * the explicit override (env / constructor) or via a one-shot probe
+     * of `GET /v1/models` against the configured base URL. The probe
+     * keeps `npm run dev:full` working when the operator's env override
+     * doesn't match what the backend actually has loaded.
+     */
+    resolvedModel;
+    /** Tag of the backend we resolved against — exposed for the settings UI. */
+    resolvedBackend = 'unknown';
+    /**
+     * Pure constructor — never reads process.env. Pass explicit opts
+     * (typical production wiring is via `createDefaultLlmClient()`, which
+     * collects env defaults). Keeping the constructor env-free makes the
+     * class trivially mockable + test-isolated.
+     */
+    constructor(opts = {}) {
+        this.baseUrl = (opts.baseUrl ?? DEFAULT_BASE_URL).replace(/\/+$/, '');
+        this.modelOverride = opts.model;
+        this.resolvedModel = opts.model;
+        this.apiKey = opts.apiKey;
+        this.defaultTimeoutMs = opts.defaultTimeoutMs ?? DEFAULT_TIMEOUT_MS;
+    }
+    /**
+     * One-shot model discovery against `/v1/models`. Picks a sensible
+     * default when the operator hasn't set `ROTHUNTER_LLM_MODEL` or when
+     * the operator's override is no longer loaded on the backend.
+     * Idempotent — repeat calls reuse `resolvedModel`.
+     */
+    async resolveModel() {
+        if (this.resolvedModel && this.resolvedBackend !== 'unknown')
+            return this.resolvedModel;
+        try {
+            const res = await fetch(`${this.baseUrl}/models`, {
+                signal: AbortSignal.timeout(5000),
+                headers: this.apiKey ? { authorization: `Bearer ${this.apiKey}` } : undefined,
+            });
+            if (!res.ok)
+                return this.resolvedModel;
+            const data = (await res.json());
+            const ids = (data.data ?? []).map((m) => m.id).filter((id) => typeof id === 'string');
+            if (ids.length === 0)
+                return this.resolvedModel;
+            const looksLocal = /127\.0\.0\.1|localhost|0\.0\.0\.0|host\.docker\.internal/.test(this.baseUrl);
+            this.resolvedBackend = looksLocal ? 'llamacpp' : 'remote';
+            // Honour the operator override when set + still reachable;
+            // otherwise fall back to the first reported id.
+            if (this.modelOverride && ids.includes(this.modelOverride)) {
+                this.resolvedModel = this.modelOverride;
+            }
+            else {
+                this.resolvedModel = ids[0];
+            }
+            return this.resolvedModel;
+        }
+        catch {
+            return this.resolvedModel;
+        }
+    }
+    async chat(messages, options = {}) {
+        const controller = new AbortController();
+        const timeoutMs = options.timeoutMs ?? this.defaultTimeoutMs;
+        const timer = setTimeout(() => controller.abort(), timeoutMs);
+        const model = (await this.resolveModel()) ?? this.modelOverride ?? DEFAULT_MODEL;
+        const body = {
+            model,
+            messages,
+            stream: false,
+            temperature: options.temperature ?? 0,
+            // Hard cap by default. Without this the server happily generates
+            // thousands of tokens and a single request can monopolize the
+            // worker for minutes. 512 is enough for verdict JSON even when
+            // the backend is a reasoning-tuned model emitting a <think>
+            // block before the structured answer.
+            max_tokens: options.maxTokens ?? 512,
+        };
+        const headers = { 'content-type': 'application/json' };
+        if (this.apiKey)
+            headers.authorization = `Bearer ${this.apiKey}`;
+        try {
+            const res = await fetch(`${this.baseUrl}/chat/completions`, {
+                method: 'POST',
+                headers,
+                body: JSON.stringify(body),
+                signal: controller.signal,
+            });
+            if (!res.ok) {
+                const text = await res.text().catch(() => '');
+                throw new Error(`LLM HTTP ${res.status}: ${text.slice(0, 200)}`);
+            }
+            const data = (await res.json());
+            const err = typeof data.error === 'string' ? data.error : data.error?.message;
+            if (err)
+                throw new Error(`LLM error: ${err}`);
+            return data.choices?.[0]?.message?.content ?? '';
+        }
+        finally {
+            clearTimeout(timer);
+        }
+    }
+    /**
+     * Issues a tiny completion to ensure the model is loaded into memory
+     * and the first forward pass is compiled. Uses a short timeout
+     * (5 s) so the orchestrator can detect "no LLM available" quickly
+     * and skip the confirmation pass instead of spending the full
+     * verdict timeout on every finding.
+     *
+     * Returns `true` on success, `false` on any failure — let the caller
+     * decide whether to continue, retry, or fall back to deterministic
+     * verdicts only.
+     */
+    async warmup() {
+        try {
+            await this.chat([{ role: 'user', content: 'ok' }], { temperature: 0, maxTokens: 1, timeoutMs: 5_000 });
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+}
+/**
+ * Read the marker file written by `scripts/start-llm.mjs` so the server
+ * picks up the model + port that script actually launched, without
+ * needing the operator to keep ROTHUNTER_LLM_MODEL in sync by hand.
+ * Returns null when no marker exists.
+ */
+function readLlmMarker() {
+    try {
+        const p = path.join(os.homedir(), '.rothunter', 'llm-active.json');
+        if (!fs.existsSync(p))
+            return null;
+        return JSON.parse(fs.readFileSync(p, 'utf-8'));
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Build an LlmClient from `ROTHUNTER_LLM_*` env vars (with the standard
+ * fallback chain for the API key: ROTHUNTER_LLM_API_KEY →
+ * OPENROUTER_API_KEY → OPENAI_API_KEY). All production call sites route
+ * through here so env coupling lives in one place. Tests construct
+ * `LlmClient` directly with explicit opts to bypass env reads.
+ */
+export function createDefaultLlmClient() {
+    const envTimeout = Number(process.env.ROTHUNTER_LLM_TIMEOUT_MS);
+    // Marker beats the hard-coded default but loses to an explicit env
+    // override. Operator wins, automation second, default last.
+    const marker = readLlmMarker();
+    // Marker file lives under $HOME, so it could be doctored by another
+    // process running as the same user. Validate `port` is an integer
+    // in the legal TCP-port range before interpolating into a URL so a
+    // hostile marker can't redirect the engine at an arbitrary host.
+    const markerPort = marker?.port && /^\d{1,5}$/.test(marker.port) && Number(marker.port) > 0 && Number(marker.port) <= 65_535
+        ? marker.port
+        : undefined;
+    const baseUrl = process.env.ROTHUNTER_LLM_BASE_URL ??
+        (markerPort ? `http://127.0.0.1:${markerPort}/v1` : undefined);
+    const model = process.env.ROTHUNTER_LLM_MODEL ?? marker?.model;
+    return new LlmClient({
+        baseUrl,
+        model,
+        apiKey: process.env.ROTHUNTER_LLM_API_KEY ??
+            process.env.OPENROUTER_API_KEY ??
+            process.env.OPENAI_API_KEY,
+        defaultTimeoutMs: Number.isFinite(envTimeout) && envTimeout > 0 ? envTimeout : undefined,
+    });
+}
+//# sourceMappingURL=llm.js.map

package/dist/adapters/llm.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"llm.js","sourceRoot":"","sources":["../../src/adapters/llm.ts"],"names":[],"mappings":"AAAA,sEAAsE;AACtE,qEAAqE;AACrE,iCAAiC;AACjC,EAAE;AACF,iEAAiE;AAEjE,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AA0B9B,MAAM,gBAAgB,GAAG,0BAA0B,CAAC;AACpD,oEAAoE;AACpE,oEAAoE;AACpE,SAAS;AACT,MAAM,aAAa,GAAG,2CAA2C,CAAC;AAClE,MAAM,kBAAkB,GAAG,OAAO,CAAC;AAEnC,MAAM,OAAO,SAAS;IACH,OAAO,CAAS;IAChB,aAAa,CAAqB;IAClC,MAAM,CAAU;IAChB,gBAAgB,CAAS;IAC1C;;;;;;OAMG;IACK,aAAa,CAAqB;IAC1C,4EAA4E;IACrE,eAAe,GAAsC,SAAS,CAAC;IAEtE;;;;;OAKG;IACH,YAAY,OAAyB,EAAE;QACrC,IAAI,CAAC,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,gBAAgB,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QACtE,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC;QAChC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC;QAChC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;QAC1B,IAAI,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,IAAI,kBAAkB,CAAC;IACtE,CAAC;IAED;;;;;OAKG;IACK,KAAK,CAAC,YAAY;QACxB,IAAI,IAAI,CAAC,aAAa,IAAI,IAAI,CAAC,eAAe,KAAK,SAAS;YAAE,OAAO,IAAI,CAAC,aAAa,CAAC;QACxF,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,SAAS,EAAE;gBAChD,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC;gBACjC,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,UAAU,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS;aAC9E,CAAC,CAAC;YACH,IAAI,CAAC,GAAG,CAAC,EAAE;gBAAE,OAAO,IAAI,CAAC,aAAa,CAAC;YACvC,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAAsC,CAAC;YACrE,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,EAAE,EAAgB,EAAE,CAAC,OAAO,EAAE,KAAK,QAAQ,CAAC,CAAC;YACpG,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,IAAI,CAAC,aAAa,CAAC;YAChD,MAAM,UAAU,GAAG,0DAA0D,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACjG,IAAI,CAAC,eAAe,GAAG,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC;YAE1D,2DAA2D;YAC3D,gDAAgD;YAChD,IAAI,IAAI,CAAC,aAAa,IAAI,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,CAAC;gBAC3D,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,aAAa,CAAC;YAC1C,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,aAAa,GAAG,GAAG,CAAC,CAAC,CAAE,CAAC;YAC/B,CAAC;YACD,OAAO,IAAI,CAAC,aAAa,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC,aAAa,CAAC;QAC5B,CAAC;IACH,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,QAAuB,EAAE,UAAuB,EAAE;QAC3D,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC,gBAAgB,CAAC;QAC7D,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,SAAS,CAAC,CAAC;QAC9D,MAAM,KAAK,GAAG,CAAC,MAAM,IAAI,CAAC,YAAY,EAAE,CAAC,IAAI,IAAI,CAAC,aAAa,IAAI,aAAa,CAAC;QAEjF,MAAM,IAAI,GAA4B;YACpC,KAAK;YACL,QAAQ;YACR,MAAM,EAAE,KAAK;YACb,WAAW,EAAE,OAAO,CAAC,WAAW,IAAI,CAAC;YACrC,iEAAiE;YACjE,8DAA8D;YAC9D,+DAA+D;YAC/D,4DAA4D;YAC5D,sCAAsC;YACtC,UAAU,EAAE,OAAO,CAAC,SAAS,IAAI,GAAG;SACrC,CAAC;QAEF,MAAM,OAAO,GAA2B,EAAE,cAAc,EAAE,kBAAkB,EAAE,CAAC;QAC/E,IAAI,IAAI,CAAC,MAAM;YAAE,OAAO,CAAC,aAAa,GAAG,UAAU,IAAI,CAAC,MAAM,EAAE,CAAC;QAEjE,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,IAAI,CAAC,OAAO,mBAAmB,EAAE;gBAC1D,MAAM,EAAE,MAAM;gBACd,OAAO;gBACP,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;gBAC1B,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YACH,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;gBACZ,MAAM,IAAI,GAAG,MAAM,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,CAAC;gBAC9C,MAAM,IAAI,KAAK,CAAC,YAAY,GAAG,CAAC,MAAM,KAAK,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;YACnE,CAAC;YACD,MAAM,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,EAAE,CAA2B,CAAC;YAC1D,MAAM,GAAG,GAAG,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC;YAC9E,IAAI,GAAG;gBAAE,MAAM,IAAI,KAAK,CAAC,cAAc,GAAG,EAAE,CAAC,CAAC;YAC9C,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,IAAI,EAAE,CAAC;QACnD,CAAC;gBAAS,CAAC;YACT,YAAY,CAAC,KAAK,CAAC,CAAC;QACtB,CAAC;IACH,CAAC;IAED;;;;;;;;;;OAUG;IACH,KAAK,CAAC,MAAM;QACV,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,IAAI,CACb,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,EACjC,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE,SAAS,EAAE,KAAK,EAAE,CACnD,CAAC;YACF,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;CACF;AAED;;;;;GAKG;AACH,SAAS,aAAa;IACpB,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,YAAY,EAAE,iBAAiB,CAAC,CAAC;QACnE,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC;YAAE,OAAO,IAAI,CAAC;QACnC,OAAO,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,CAAC,EAAE,OAAO,CAAC,CAAwD,CAAC;IACxG,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,sBAAsB;IACpC,MAAM,UAAU,GAAG,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;IAChE,mEAAmE;IACnE,4DAA4D;IAC5D,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;IAC/B,oEAAoE;IACpE,kEAAkE;IAClE,mEAAmE;IACnE,iEAAiE;IACjE,MAAM,UAAU,GACd,MAAM,EAAE,IAAI,IAAI,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,MAAM;QACvG,CAAC,CAAC,MAAM,CAAC,IAAI;QACb,CAAC,CAAC,SAAS,CAAC;IAChB,MAAM,OAAO,GACX,OAAO,CAAC,GAAG,CAAC,sBAAsB;QAClC,CAAC,UAAU,CAAC,CAAC,CAAC,oBAAoB,UAAU,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;IACjE,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,IAAI,MAAM,EAAE,KAAK,CAAC;IAC/D,OAAO,IAAI,SAAS,CAAC;QACnB,OAAO;QACP,KAAK;QACL,MAAM,EACJ,OAAO,CAAC,GAAG,CAAC,qBAAqB;YACjC,OAAO,CAAC,GAAG,CAAC,kBAAkB;YAC9B,OAAO,CAAC,GAAG,CAAC,cAAc;QAC5B,gBAAgB,EACd,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;KACzE,CAAC,CAAC;AACL,CAAC"}

package/dist/config.d.ts

@@ -0,0 +1,37 @@
+/**
+ * RotHunter configuration — one file per linked-workspaces group.
+ *
+ * Discovered at scan time by `loadRotHunterConfig(workspaceRoot)`. Looks for
+ * `rothunter.config.json` in the workspace root, then in `.rothunter/config.json`.
+ * Returns null if no config is present (single-workspace mode).
+ *
+ * Schema:
+ *   {
+ *     "workspaces": [
+ *       { "path": ".",            "name": "backend",  "package": "@org/backend" },
+ *       { "path": "../frontend",  "name": "frontend", "package": "@org/frontend" }
+ *     ]
+ *   }
+ *
+ *  - `path` is relative to the config file's directory (or absolute).
+ *  - `name` is a stable logical identifier used as a path prefix in
+ *    findings + fingerprints.
+ *  - `package` is optional. When set, a bare import specifier matching
+ *    that package name (e.g. `import { X } from '@org/backend'`) is
+ *    resolved into that workspace's source tree.
+ */
+export interface WorkspaceConfig {
+    /** Absolute path on disk. */
+    rootAbs: string;
+    /** Logical name used as a workspace ID + finding prefix. */
+    name: string;
+    /** Package name (npm-style) for bare-specifier resolution into this workspace. */
+    packageName?: string;
+}
+export interface RotHunterConfig {
+    workspaces: WorkspaceConfig[];
+    /** Absolute path of the config file that produced this object. */
+    configPath: string;
+}
+export declare function loadRotHunterConfig(workspaceRoot: string): RotHunterConfig | null;
+//# sourceMappingURL=config.d.ts.map

package/dist/config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAKA;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,WAAW,eAAe;IAC9B,6BAA6B;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,4DAA4D;IAC5D,IAAI,EAAE,MAAM,CAAC;IACb,kFAAkF;IAClF,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,eAAe;IAC9B,UAAU,EAAE,eAAe,EAAE,CAAC;IAC9B,kEAAkE;IAClE,UAAU,EAAE,MAAM,CAAC;CACpB;AA0BD,wBAAgB,mBAAmB,CAAC,aAAa,EAAE,MAAM,GAAG,eAAe,GAAG,IAAI,CAkBjF"}

package/dist/config.js

@@ -0,0 +1,81 @@
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import { z } from 'zod';
+import { discoverMonorepoWorkspaces } from './graph/monorepo-detect.js';
+const CONFIG_CANDIDATES = ['rothunter.config.json', '.rothunter/config.json'];
+// Shape mirrors src/schemas/rothunter.config.schema.json — that JSON
+// Schema powers IDE autocomplete + inline validation, this zod schema
+// powers runtime validation with line-accurate error messages. Keep the
+// two in sync.
+const RawConfigSchema = z
+    .object({
+    $schema: z.string().url().optional(),
+    workspaces: z
+        .array(z
+        .object({
+        path: z.string().min(1, 'path is required'),
+        name: z.string().min(1, 'name is required'),
+        package: z.string().min(1).optional(),
+    })
+        .strict())
+        .min(1, 'workspaces must be a non-empty array'),
+})
+    .strict();
+export function loadRotHunterConfig(workspaceRoot) {
+    for (const candidate of CONFIG_CANDIDATES) {
+        const abs = path.join(workspaceRoot, candidate);
+        if (!fs.existsSync(abs))
+            continue;
+        return parseConfig(abs);
+    }
+    // Fall back to monorepo auto-detection. Reads package.json#workspaces
+    // (npm / yarn / yarn-berry / bun / Turbo / Lerna), pnpm-workspace.yaml,
+    // and nx.json. If any sibling packages exist we ingest them automatically
+    // so users don't have to write a rothunter.config.json by hand.
+    const auto = discoverMonorepoWorkspaces(workspaceRoot);
+    if (auto && auto.length > 0) {
+        return {
+            workspaces: auto,
+            configPath: `${workspaceRoot}/[auto-detected]`,
+        };
+    }
+    return null;
+}
+function parseConfig(configPath) {
+    let raw;
+    try {
+        raw = JSON.parse(fs.readFileSync(configPath, 'utf-8'));
+    }
+    catch (err) {
+        throw new Error(`${configPath}: invalid JSON — ${err.message}`, { cause: err });
+    }
+    const parsed = RawConfigSchema.safeParse(raw);
+    if (!parsed.success) {
+        const issues = parsed.error.issues
+            .map((i) => `  - ${i.path.join('.') || '(root)'}: ${i.message}`)
+            .join('\n');
+        throw new Error(`${configPath}: schema validation failed:\n${issues}`);
+    }
+    const data = parsed.data;
+    const configDir = path.dirname(configPath);
+    const workspaces = data.workspaces.map((entry, i) => {
+        const rootAbs = path.isAbsolute(entry.path) ? entry.path : path.resolve(configDir, entry.path);
+        if (!fs.existsSync(rootAbs)) {
+            throw new Error(`${configPath}: workspaces[${i}].path "${entry.path}" does not exist on disk.`);
+        }
+        return {
+            rootAbs,
+            name: entry.name,
+            packageName: entry.package,
+        };
+    });
+    const names = new Set();
+    for (const w of workspaces) {
+        if (names.has(w.name)) {
+            throw new Error(`${configPath}: duplicate workspace name "${w.name}".`);
+        }
+        names.add(w.name);
+    }
+    return { workspaces, configPath };
+}
+//# sourceMappingURL=config.js.map

package/dist/config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,0BAA0B,EAAE,MAAM,4BAA4B,CAAC;AAuCxE,MAAM,iBAAiB,GAAG,CAAC,uBAAuB,EAAE,wBAAwB,CAAC,CAAC;AAE9E,qEAAqE;AACrE,sEAAsE;AACtE,wEAAwE;AACxE,eAAe;AACf,MAAM,eAAe,GAAG,CAAC;KACtB,MAAM,CAAC;IACN,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACpC,UAAU,EAAE,CAAC;SACV,KAAK,CACJ,CAAC;SACE,MAAM,CAAC;QACN,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,kBAAkB,CAAC;QAC3C,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,kBAAkB,CAAC;QAC3C,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;KACtC,CAAC;SACD,MAAM,EAAE,CACZ;SACA,GAAG,CAAC,CAAC,EAAE,sCAAsC,CAAC;CAClD,CAAC;KACD,MAAM,EAAE,CAAC;AAGZ,MAAM,UAAU,mBAAmB,CAAC,aAAqB;IACvD,KAAK,MAAM,SAAS,IAAI,iBAAiB,EAAE,CAAC;QAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,SAAS,CAAC,CAAC;QAChD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,SAAS;QAClC,OAAO,WAAW,CAAC,GAAG,CAAC,CAAC;IAC1B,CAAC;IACD,sEAAsE;IACtE,wEAAwE;IACxE,0EAA0E;IAC1E,gEAAgE;IAChE,MAAM,IAAI,GAAG,0BAA0B,CAAC,aAAa,CAAC,CAAC;IACvD,IAAI,IAAI,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,OAAO;YACL,UAAU,EAAE,IAAI;YAChB,UAAU,EAAE,GAAG,aAAa,kBAAkB;SAC/C,CAAC;IACJ,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,WAAW,CAAC,UAAkB;IACrC,IAAI,GAAY,CAAC;IACjB,IAAI,CAAC;QACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;IACzD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,GAAG,UAAU,oBAAqB,GAAa,CAAC,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;IAC7F,CAAC;IACD,MAAM,MAAM,GAAG,eAAe,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC9C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM;aAC/B,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,QAAQ,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC;aAC/D,IAAI,CAAC,IAAI,CAAC,CAAC;QACd,MAAM,IAAI,KAAK,CAAC,GAAG,UAAU,gCAAgC,MAAM,EAAE,CAAC,CAAC;IACzE,CAAC;IACD,MAAM,IAAI,GAAc,MAAM,CAAC,IAAI,CAAC;IACpC,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAE3C,MAAM,UAAU,GAAsB,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;QACrE,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;QAC/F,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,GAAG,UAAU,gBAAgB,CAAC,WAAW,KAAK,CAAC,IAAI,2BAA2B,CAAC,CAAC;QAClG,CAAC;QACD,OAAO;YACL,OAAO;YACP,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,WAAW,EAAE,KAAK,CAAC,OAAO;SAC3B,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,MAAM,KAAK,GAAG,IAAI,GAAG,EAAU,CAAC;IAChC,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;QAC3B,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,GAAG,UAAU,+BAA+B,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC;QAC1E,CAAC;QACD,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IACpB,CAAC;IAED,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,CAAC;AACpC,CAAC"}

package/dist/detector-registry.d.ts

@@ -0,0 +1,32 @@
+/**
+ * Single source of truth for detector IDs.
+ *
+ * Anything that lists every detector (the server's settings UI, the CLI
+ * `--detectors` flag validation, future detector documentation) imports
+ * from here. Previously the server/index.ts hardcoded a parallel list
+ * that drifted when new detectors were wired into rothunter.ts.
+ *
+ * To register a new detector:
+ *   1. Add its id below.
+ *   2. Import + invoke it from rothunter.ts.
+ *   3. (Optional) Tag it as `singleWorkspaceOnly` if it can't run when
+ *      multi-workspace-scanner is active — see the `MULTI_WORKSPACE_*`
+ *      sets below for the current split.
+ */
+export declare const DETECTOR_IDS: readonly ["duplicate-type", "duplicate-function", "dead-module", "dead-export", "dead-api", "long-function", "deep-nesting", "public-any", "hot-hub-file", "dead-handler", "mutation", "race-condition", "shared-db-write", "api-race", "bad-config", "silent-catch", "skip-tests", "long-file", "console-log-prod", "magic-numbers", "mutable-globals", "unused-deps", "similar-functions", "todo-comments"];
+export type DetectorId = (typeof DETECTOR_IDS)[number];
+/**
+ * Detectors that need real workspace-root-relative file paths or git
+ * access on a single workspace. Multi-workspace mode skips these because
+ * multi-workspace-scanner prefixes paths with the workspace name (see
+ * the warn-log in rothunter.ts run()).
+ */
+export declare const MULTI_WORKSPACE_SKIPPED: Set<"duplicate-type" | "duplicate-function" | "dead-module" | "dead-export" | "dead-api" | "long-function" | "deep-nesting" | "public-any" | "hot-hub-file" | "dead-handler" | "mutation" | "race-condition" | "shared-db-write" | "api-race" | "bad-config" | "silent-catch" | "skip-tests" | "long-file" | "console-log-prod" | "magic-numbers" | "mutable-globals" | "unused-deps" | "similar-functions" | "todo-comments">;
+/**
+ * Cross-repo detector: only runs in multi-workspace mode (its whole
+ * purpose is to flag exported symbols that nobody imports across
+ * workspace boundaries — in single-workspace mode dead-export already
+ * covers that ground).
+ */
+export declare const MULTI_WORKSPACE_ONLY: Set<"duplicate-type" | "duplicate-function" | "dead-module" | "dead-export" | "dead-api" | "long-function" | "deep-nesting" | "public-any" | "hot-hub-file" | "dead-handler" | "mutation" | "race-condition" | "shared-db-write" | "api-race" | "bad-config" | "silent-catch" | "skip-tests" | "long-file" | "console-log-prod" | "magic-numbers" | "mutable-globals" | "unused-deps" | "similar-functions" | "todo-comments">;
+//# sourceMappingURL=detector-registry.d.ts.map

package/dist/detector-registry.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"detector-registry.d.ts","sourceRoot":"","sources":["../src/detector-registry.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,eAAO,MAAM,YAAY,+YA2Bf,CAAC;AAEX,MAAM,MAAM,UAAU,GAAG,CAAC,OAAO,YAAY,CAAC,CAAC,MAAM,CAAC,CAAC;AAEvD;;;;;GAKG;AACH,eAAO,MAAM,uBAAuB,gaAgBlC,CAAC;AAEH;;;;;GAKG;AACH,eAAO,MAAM,oBAAoB,gaAAoC,CAAC"}