npm - @neurcode-ai/cli - Versions diffs - 0.9.63 → 0.9.65 - Mend

@neurcode-ai/cli 0.9.63 → 0.9.65

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (308) hide show

package/dist/patch-engine/index.js CHANGED Viewed

@@ -6,58 +6,122 @@ exports.generatePatchForSuggestion = generatePatchForSuggestion;
 const patterns_1 = require("./patterns");
 const generator_1 = require("./generator");
 const diff_1 = require("./diff");
-// Patterns that must appear in original content for a patch to be considered safe.
-const PATCHABLE_PATTERN_RE = /db\.(query|execute|run|find[A-Za-z]*)\b|prisma\.\w+\.\w+\b|new\s+Pool\s*\(|knex\s*\(|TODO|FIXME|\bvalidat/i;
-/**
- * A patch is safe when:
- *  - updated content is non-empty
- *  - the diff is non-empty (something actually changed)
- *  - total added + removed lines ≤ 5 (not a full-file rewrite)
- *  - the original file contains at least one recognizable patchable pattern
- */
-function isPatchSafe(original, updated) {
-    if (!updated || !updated.trim())
-        return false;
-    const diff = (0, diff_1.generateUnifiedDiff)('', original, updated);
-    if (!diff)
-        return false;
-    let changed = 0;
-    for (const line of diff.split('\n')) {
-        if (line.startsWith('-') && !line.startsWith('---'))
-            changed++;
-        if (line.startsWith('+') && !line.startsWith('+++'))
-            changed++;
+const transaction_1 = require("./transaction");
+const safety_1 = require("./safety");
+function scorePatchConfidence(kind) {
+    switch (kind) {
+        case 'missing_validation':
+        case 'missing_timeout_handling':
+        case 'unsafe_inner_html_usage':
+            return 'high';
+        case 'missing_auth_middleware':
+        case 'missing_rate_limiting':
+        case 'unsafe_fetch_without_retries':
+        case 'missing_idempotency_keys':
+        case 'unsafe_file_uploads':
+        case 'missing_token_expiry':
+        case 'unsafe_sensitive_logging':
+            return 'medium';
+        case 'db_in_ui':
+        case 'todo_fixme':
+            return 'low';
+        default:
+            return 'low';
     }
-    if (changed > 5)
-        return false;
-    if (!PATCHABLE_PATTERN_RE.test(original))
-        return false;
-    return true;
 }
-function scorePatchConfidence(kind) {
-    if (kind === 'db_in_ui')
-        return 'high';
-    if (kind === 'missing_validation')
-        return 'medium';
-    return 'low'; // todo_fixme — simple removal, lowest confidence
+function patchPriorityKinds() {
+    return [
+        'missing_validation',
+        'missing_timeout_handling',
+        'unsafe_fetch_without_retries',
+        'missing_idempotency_keys',
+        'unsafe_file_uploads',
+        'unsafe_inner_html_usage',
+        'missing_token_expiry',
+        'missing_auth_middleware',
+        'missing_rate_limiting',
+        'unsafe_sensitive_logging',
+        'db_in_ui',
+        'todo_fixme',
+    ];
+}
+function buildPatchTokenPayload(input) {
+    return {
+        schemaVersion: 'neurcode.patch-preview-token.v1',
+        file: input.filePath,
+        createdAt: new Date().toISOString(),
+        beforeHash: input.beforeHash,
+        afterHash: input.afterHash,
+        diffHash: input.diffHash,
+        patchHash: input.patchHash,
+        patternKind: input.patternKind,
+        confidence: input.patchConfidence,
+    };
+}
+function buildPatchBundle(input) {
+    const generated = (0, generator_1.generatePatch)({
+        filePath: input.filePath,
+        issue: '',
+        policy: '',
+        fileContent: input.fileContent,
+        patternKind: input.patternKind,
+    });
+    if (!generated)
+        return null;
+    const diff = (0, diff_1.generateUnifiedDiff)(input.filePath, input.fileContent, generated.updatedContent);
+    if (!diff)
+        return null;
+    const patchConfidence = scorePatchConfidence(input.patternKind);
+    const validation = (0, safety_1.validatePatchCandidate)({
+        originalContent: input.fileContent,
+        updatedContent: generated.updatedContent,
+        diff,
+        kind: input.patternKind,
+        confidence: patchConfidence,
+    });
+    const beforeHash = (0, transaction_1.hashPatchValue)(input.fileContent);
+    const afterHash = (0, transaction_1.hashPatchValue)(generated.updatedContent);
+    const patchHash = (0, transaction_1.buildPatchHash)({
+        file: input.filePath,
+        beforeHash,
+        afterHash,
+        diffHash: validation.diffHash,
+        patternKind: input.patternKind,
+    });
+    const previewToken = (0, transaction_1.createPatchPreviewToken)(buildPatchTokenPayload({
+        filePath: input.filePath,
+        patternKind: input.patternKind,
+        patchConfidence,
+        beforeHash,
+        afterHash,
+        diffHash: validation.diffHash,
+        patchHash,
+    }));
+    return {
+        updatedContent: generated.updatedContent,
+        patternKind: input.patternKind,
+        patchConfidence,
+        diff,
+        validation,
+        previewToken,
+        patchHash,
+        recipe: generated.metadata,
+        beforeHash,
+        afterHash,
+    };
 }
 /**
  * Apply a unified diff (as produced by generateUnifiedDiff) to fileContent.
  *
- * Parses the single-hunk diff format, verifies every context and removal line
- * matches the current file, then reconstructs the updated content.
- *
- * Returns null when:
- *  - no hunk header found
- *  - a context or removal line does not match current file content (file changed)
+ * Parses a single-hunk diff format, verifies every context/removal line matches
+ * the current file, then reconstructs updated content.
  */
 function applyUnifiedDiff(fileContent, diff) {
     if (!diff)
         return null;
     const diffLines = diff.split('\n');
-    // Locate the hunk header (skip --- / +++ file headers)
     let hunkIdx = -1;
-    for (let i = 0; i < diffLines.length; i++) {
+    for (let i = 0; i < diffLines.length; i += 1) {
         if (diffLines[i].startsWith('@@')) {
             hunkIdx = i;
             break;
@@ -65,118 +129,101 @@ function applyUnifiedDiff(fileContent, diff) {
     }
     if (hunkIdx === -1)
         return null;
-    // Parse @@ -oldStart[,oldCount] +newStart[,newCount] @@
     const match = diffLines[hunkIdx].match(/^@@ -(\d+)(?:,\d+)? \+(\d+)(?:,\d+)? @@/);
     if (!match)
         return null;
-    // Diff uses 1-indexed lines; convert to 0-indexed
     const origStart = parseInt(match[1], 10) - 1;
     const origLines = fileContent.split('\n');
     const output = [];
-    // Lines before the hunk are copied unchanged
-    for (let i = 0; i < origStart; i++) {
+    for (let i = 0; i < origStart; i += 1) {
         output.push(origLines[i] ?? '');
     }
     let origIdx = origStart;
-    for (let i = hunkIdx + 1; i < diffLines.length; i++) {
+    for (let i = hunkIdx + 1; i < diffLines.length; i += 1) {
         const line = diffLines[i];
-        // A trailing empty string from split('\n') signals end of diff
         if (line.length === 0 && i === diffLines.length - 1)
             break;
         const prefix = line[0];
         const content = line.slice(1);
         if (prefix === ' ') {
-            // Context: must match current file — abort on mismatch (file changed)
             if (origIdx >= origLines.length || origLines[origIdx] !== content)
                 return null;
             output.push(content);
-            origIdx++;
+            origIdx += 1;
         }
         else if (prefix === '-') {
-            // Removal: must match current file — abort on mismatch
             if (origIdx >= origLines.length || origLines[origIdx] !== content)
                 return null;
-            origIdx++; // consume original line without adding to output
+            origIdx += 1;
         }
         else if (prefix === '+') {
-            // Addition: inject into output without consuming original
             output.push(content);
         }
         else {
-            break; // unexpected prefix — stop hunk processing
+            break;
         }
     }
-    // Copy remaining original lines after the hunk
     while (origIdx < origLines.length) {
         output.push(origLines[origIdx]);
-        origIdx++;
+        origIdx += 1;
     }
     return output.join('\n');
 }
 /**
- * Detect the first matching patchable pattern in fileContent and return the
- * updated content. Tries patterns in priority order: db_in_ui → missing_validation
- * → todo_fixme. Validates safety before returning.
+ * Deterministically build a patch bundle for the first matching remediation kind.
  *
- * Used by `neurcode patch --file` to apply a patch without needing suggestion metadata.
+ * Returns null when no deterministic recipe matches the target file.
  */
 function applyFirstMatchingPatch(filePath, fileContent) {
-    const kinds = ['db_in_ui', 'missing_validation', 'todo_fixme'];
-    for (const kind of kinds) {
-        const result = (0, generator_1.generatePatch)({
+    for (const kind of patchPriorityKinds()) {
+        const bundle = buildPatchBundle({
             filePath,
-            issue: '',
-            policy: '',
             fileContent,
             patternKind: kind,
         });
-        if (!result)
+        if (!bundle)
             continue;
-        const diff = (0, diff_1.generateUnifiedDiff)(filePath, fileContent, result.updatedContent);
-        if (!diff)
-            continue;
-        if (!isPatchSafe(fileContent, result.updatedContent))
-            continue;
-        return {
-            updatedContent: result.updatedContent,
-            patternKind: kind,
-            patchConfidence: scorePatchConfidence(kind),
-        };
+        return bundle;
     }
     return null;
 }
 /**
- * Given a fix suggestion and the current content of suggestion.file,
- * attempts to generate a deterministic, safety-validated code patch.
- *
- * Returns null when:
- *  - the violation type has no patchable pattern
- *  - the pattern is not found in the file content
- *  - the generated patch produces no diff
- *  - the patch fails the safety gate (isPatchSafe)
+ * Generate a deterministic patch for a specific verify/fix suggestion.
  */
 function generatePatchForSuggestion(suggestion, fileContent) {
     const kind = (0, patterns_1.classifyViolation)(suggestion.issue, suggestion.policy);
     if (!kind)
         return null;
-    const result = (0, generator_1.generatePatch)({
+    const generated = (0, generator_1.generatePatch)({
         filePath: suggestion.file,
         issue: suggestion.issue,
         policy: suggestion.policy,
         fileContent,
         patternKind: kind,
     });
-    if (!result)
+    if (!generated)
         return null;
-    const diff = (0, diff_1.generateUnifiedDiff)(suggestion.file, fileContent, result.updatedContent);
+    const diff = (0, diff_1.generateUnifiedDiff)(suggestion.file, fileContent, generated.updatedContent);
     if (!diff)
         return null;
-    if (!isPatchSafe(fileContent, result.updatedContent))
+    const patchConfidence = scorePatchConfidence(kind);
+    const validation = (0, safety_1.validatePatchCandidate)({
+        originalContent: fileContent,
+        updatedContent: generated.updatedContent,
+        diff,
+        kind,
+        confidence: patchConfidence,
+    });
+    // Keep low-confidence / unsafe transforms out of auto-fix suggestions.
+    if (!validation.safe)
         return null;
     return {
         file: suggestion.file,
         diff,
-        patchConfidence: scorePatchConfidence(kind),
+        patchConfidence,
+        patternKind: kind,
+        validation,
+        recipe: generated.metadata,
     };
 }
 //# sourceMappingURL=index.js.map

package/dist/patch-engine/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/patch-engine/index.ts"],"names":[],"mappings":";;~~AA2DA~~,~~4CAiEC~~;~~AASD~~,~~0DA6BC~~;~~AAYD~~,~~gEA0BC~~;~~AAxMD~~,yCAAiE;AACjE,~~2CAA4C~~;~~AAC5C~~,iCAA6C;~~AAY7C~~,~~mFAAmF~~;~~AACnF~~,~~MAAM~~,oBAAoB,~~GACxB~~,~~4GAA4G~~,CAAC;~~AAE~~/~~G;;;;;;GAMG~~;~~AACH~~,~~SAAS~~,~~WAAW~~,CAAC,~~QAAgB~~,~~EAAE~~,~~OAAe~~;~~IACpD~~,~~IAAI~~,CAAC,~~OAAO~~,~~IAAI~~,CAAC,OAAO,CAAC,~~IAAI~~,~~EAAE~~;~~QAAE~~,OAAO,KAAK,CAAC;~~IAE9C~~,~~MAAM~~,~~IAAI~~,~~GAAG~~,~~IAAA~~,~~0BAAmB~~,~~EAAC~~,~~EAAE~~,~~EAAE~~,~~QAAQ~~,~~EAAE~~,~~OAAO~~,CAAC,CAAC;~~IACxD~~,~~IAAI~~,CAAC,~~IAAI~~;~~QAAE~~,OAAO,~~KAAK~~,~~CAAC~~;~~IAExB~~,IAAI,~~OAAO~~,~~GAAG~~,CAAC,~~CAAC~~;~~IAChB~~,~~KAAK~~,~~MAAM~~,IAAI,IAAI,~~IAAI~~,CAAC,KAAK,CAAC,~~IAAI~~,CAAC,EAAE,CAAC;~~QACpC~~,~~IAAI~~,~~IAAI~~,CAAC,~~UAAU~~,CAAC,~~GAAG~~,CAAC,~~IAAI~~,CAAC,~~IAAI~~,CAAC,~~UAAU~~,CAAC,KAAK,CAAC;~~YAAE~~,~~OAAO~~,EAAE,CAAC;~~QAC~~/D,~~IAAI~~,IAAI,CAAC,~~UAAU~~,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,~~UAAU~~,CAAC,KAAK,CAAC;~~YAAE~~,~~OAAO~~,EAAE,CAAC;~~IACjE~~,CAAC;~~IACD~~,IAAI,~~OAAO~~,~~GAAG~~,CAAC;~~QAAE~~,~~OAAO~~,KAAK,CAAC;~~IAE9B~~,~~IAAI~~,CAAC,~~oBAAoB~~,CAAC,IAAI,CAAC,QAAQ,CAAC;~~QAAE~~,~~OAAO~~,KAAK,CAAC;~~IAEvD~~,~~OAAO~~,~~IAAI,~~CAAC;~~AACd~~,CAAC;~~AAED~~,~~SAAS~~,~~oBAAoB~~,CAAC,~~IAAiB~~;~~IAC7C~~,~~IAAI~~,~~IAAI~~,KAAK,UAAU;~~QAAE~~,~~OAAO~~,~~MAAM~~,CAAC;~~IACvC~~,~~IAAI~~,~~IAAI~~,~~KAAK~~,~~oBAAoB~~;~~QAAE~~,OAAO,~~QAAQ~~,CAAC;~~IACnD~~,~~OAAO~~,KAAK,CAAC,CAAC,~~iDAAiD~~;~~AACjE~~,CAAC;AAED~~;;;;;;;;;GASG~~;AACH,SAAgB,gBAAgB,CAAC,WAAmB,EAAE,IAAY;IAChE,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAEnC,~~uDAAuD;IACvD,~~IAAI,OAAO,GAAG,CAAC,CAAC,CAAC;IACjB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,~~EAAE~~,EAAE,CAAC;~~QAC1C~~,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YAClC,OAAO,GAAG,CAAC,CAAC;YACZ,MAAM;QACR,CAAC;IACH,CAAC;IACD,IAAI,OAAO,KAAK,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAEhC,~~wDAAwD;IACxD,~~MAAM,KAAK,GAAG,SAAS,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAClF,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IAExB,~~kDAAkD;IAClD,~~MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;IAE7C,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,~~6CAA6C;IAC7C,~~KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,~~EAAE~~,EAAE,CAAC;~~QACnC~~,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IAClC,CAAC;IAED,IAAI,OAAO,GAAG,SAAS,CAAC;IAExB,KAAK,IAAI,CAAC,GAAG,OAAO,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,~~EAAE~~,EAAE,CAAC;~~QACpD~~,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;~~QAE1B,+DAA+D;QAC/D~~,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,SAAS,CAAC,MAAM,GAAG,CAAC;YAAE,MAAM;QAE3D,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACvB,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAE9B,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;YACnB,~~sEAAsE;YACtE,~~IAAI,OAAO,IAAI,SAAS,CAAC,MAAM,IAAI,SAAS,CAAC,OAAO,CAAC,KAAK,OAAO;gBAAE,OAAO,IAAI,CAAC;YAC/E,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACrB,OAAO,~~EAAE~~,CAAC;~~QACZ~~,CAAC;aAAM,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;YAC1B,~~uDAAuD;YACvD,~~IAAI,OAAO,IAAI,SAAS,CAAC,MAAM,IAAI,SAAS,CAAC,OAAO,CAAC,KAAK,OAAO;gBAAE,OAAO,IAAI,CAAC;YAC/E,OAAO,~~EAAE~~,CAAC,CAAC~~,iDAAiD~~;~~QAC9D~~,CAAC;aAAM,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;YAC1B,~~0DAA0D;YAC1D,~~MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACvB,CAAC;aAAM,CAAC;YACN,MAAM~~,CAAC,2CAA2C~~;~~QACpD~~,CAAC;IACH,CAAC;IAED~~,+CAA+C;IAC/C~~,OAAO,OAAO,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;QAChC,OAAO,~~EAAE~~,CAAC;~~IACZ~~,CAAC;IAED,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC3B,CAAC;AAED~~;;;;;;GAMG~~;AACH,SAAgB,uBAAuB,CACrC,QAAgB,EAChB,WAAmB;IAEnB,~~MAAM,~~KAAK,~~GAAkB,CAAC,UAAU,EAAE,oBAAoB,EAAE,YAAY,CAAC,CAAC;IAE9E,KAAK,~~MAAM,IAAI,IAAI,~~KAAK~~,EAAE,CAAC;~~QACzB~~,MAAM,MAAM,GAAG,~~IAAA~~,~~yBAAa,EAAC~~;~~YAC3B~~,QAAQ;YACR,~~KAAK,EAAE,EAAE;YACT,MAAM,EAAE,EAAE;YACV,~~WAAW;YACX,WAAW,EAAE,IAAI;SAClB,CAAC,CAAC;QACH,IAAI,CAAC,MAAM;YAAE,SAAS;~~QAEtB~~,~~MAAM,IAAI,GAAG,IAAA,0BAAmB,EAAC,QAAQ,EAAE,WAAW,EAAE,MAAM,CAAC,cAAc,CAAC,CAAC;QAC/E,IAAI,CAAC,IAAI;YAAE,SAAS;QAEpB,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,MAAM,CAAC,cAAc,CAAC;YAAE,SAAS;QAE/D,~~OAAO~~;YACL~~,~~cAAc,EAAE,~~MAAM,CAAC~~,cAAc~~;~~YACrC~~,~~WAAW,EAAE,IAAI;YACjB,eAAe,EAAE,oBAAoB,~~CAAC~~,IAAI,CAAC~~;~~SAC5C~~,~~CAAC;IACJ,CAAC;IAED,~~OAAO,IAAI,CAAC;AACd,CAAC;AAED~~;;;;;;;;;GASG~~;AACH,SAAgB,0BAA0B,CACxC,UAA2D,EAC3D,WAAmB;IAEnB,MAAM,IAAI,GAAG,IAAA,4BAAiB,EAAC,UAAU,CAAC,KAAK,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC;IACpE,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,MAAM,~~MAAM~~,GAAG,IAAA,yBAAa,EAAC;~~QAC3B~~,QAAQ,EAAE,UAAU,CAAC,IAAI;QACzB,KAAK,EAAE,UAAU,CAAC,KAAK;QACvB,MAAM,EAAE,UAAU,CAAC,MAAM;QACzB,WAAW;QACX,WAAW,EAAE,IAAI;KAClB,CAAC,CAAC;IACH,IAAI,CAAC,~~MAAM~~;QAAE,OAAO,IAAI,CAAC;~~IAEzB~~,MAAM,IAAI,GAAG,IAAA,0BAAmB,EAAC,UAAU,CAAC,IAAI,EAAE,WAAW,EAAE,~~MAAM~~,CAAC,cAAc,CAAC,CAAC;~~IACtF~~,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,~~IAAI~~,CAAC,~~WAAW~~,CAAC,WAAW,EAAE,~~MAAM~~,CAAC,cAAc,CAAC;QAAE,OAAO,IAAI,CAAC;~~IAElE~~,OAAO;QACL,IAAI,EAAE,UAAU,CAAC,IAAI;QACrB,IAAI;QACJ,eAAe,EAAE,~~oBAAoB~~,~~CAAC~~,~~IAAI~~,CAAC;~~KAC5C~~,CAAC;AACJ,CAAC"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/patch-engine/index.ts"],"names":[],"mappings":";;AAsKA,4CAuDC;AAOD,0DAcC;AAKD,gEAuCC;AA9RD,yCAAiE;AACjE,2CAAsE;AACtE,iCAA6C;AAC7C,+CAKuB;AACvB,qCAIkB;AA0BlB,SAAS,oBAAoB,CAAC,IAAiB;IAC7C,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,oBAAoB,CAAC;QAC1B,KAAK,0BAA0B,CAAC;QAChC,KAAK,yBAAyB;YAC5B,OAAO,MAAM,CAAC;QAChB,KAAK,yBAAyB,CAAC;QAC/B,KAAK,uBAAuB,CAAC;QAC7B,KAAK,8BAA8B,CAAC;QACpC,KAAK,0BAA0B,CAAC;QAChC,KAAK,qBAAqB,CAAC;QAC3B,KAAK,sBAAsB,CAAC;QAC5B,KAAK,0BAA0B;YAC7B,OAAO,QAAQ,CAAC;QAClB,KAAK,UAAU,CAAC;QAChB,KAAK,YAAY;YACf,OAAO,KAAK,CAAC;QACf;YACE,OAAO,KAAK,CAAC;IACjB,CAAC;AACH,CAAC;AAED,SAAS,kBAAkB;IACzB,OAAO;QACL,oBAAoB;QACpB,0BAA0B;QAC1B,8BAA8B;QAC9B,0BAA0B;QAC1B,qBAAqB;QACrB,yBAAyB;QACzB,sBAAsB;QACtB,yBAAyB;QACzB,uBAAuB;QACvB,0BAA0B;QAC1B,UAAU;QACV,YAAY;KACb,CAAC;AACJ,CAAC;AAED,SAAS,sBAAsB,CAAC,KAQ/B;IACC,OAAO;QACL,aAAa,EAAE,iCAAiC;QAChD,IAAI,EAAE,KAAK,CAAC,QAAQ;QACpB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,UAAU,EAAE,KAAK,CAAC,UAAU;QAC5B,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,QAAQ,EAAE,KAAK,CAAC,QAAQ;QACxB,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,WAAW,EAAE,KAAK,CAAC,WAAW;QAC9B,UAAU,EAAE,KAAK,CAAC,eAAe;KAClC,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CAAC,KAIzB;IACC,MAAM,SAAS,GAAG,IAAA,yBAAa,EAAC;QAC9B,QAAQ,EAAE,KAAK,CAAC,QAAQ;QACxB,KAAK,EAAE,EAAE;QACT,MAAM,EAAE,EAAE;QACV,WAAW,EAAE,KAAK,CAAC,WAAW;QAC9B,WAAW,EAAE,KAAK,CAAC,WAAW;KAC/B,CAAC,CAAC;IACH,IAAI,CAAC,SAAS;QAAE,OAAO,IAAI,CAAC;IAE5B,MAAM,IAAI,GAAG,IAAA,0BAAmB,EAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC,WAAW,EAAE,SAAS,CAAC,cAAc,CAAC,CAAC;IAC9F,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,MAAM,eAAe,GAAG,oBAAoB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAChE,MAAM,UAAU,GAAG,IAAA,+BAAsB,EAAC;QACxC,eAAe,EAAE,KAAK,CAAC,WAAW;QAClC,cAAc,EAAE,SAAS,CAAC,cAAc;QACxC,IAAI;QACJ,IAAI,EAAE,KAAK,CAAC,WAAW;QACvB,UAAU,EAAE,eAAe;KAC5B,CAAC,CAAC;IAEH,MAAM,UAAU,GAAG,IAAA,4BAAc,EAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IACrD,MAAM,SAAS,GAAG,IAAA,4BAAc,EAAC,SAAS,CAAC,cAAc,CAAC,CAAC;IAC3D,MAAM,SAAS,GAAG,IAAA,4BAAc,EAAC;QAC/B,IAAI,EAAE,KAAK,CAAC,QAAQ;QACpB,UAAU;QACV,SAAS;QACT,QAAQ,EAAE,UAAU,CAAC,QAAQ;QAC7B,WAAW,EAAE,KAAK,CAAC,WAAW;KAC/B,CAAC,CAAC;IAEH,MAAM,YAAY,GAAG,IAAA,qCAAuB,EAAC,sBAAsB,CAAC;QAClE,QAAQ,EAAE,KAAK,CAAC,QAAQ;QACxB,WAAW,EAAE,KAAK,CAAC,WAAW;QAC9B,eAAe;QACf,UAAU;QACV,SAAS;QACT,QAAQ,EAAE,UAAU,CAAC,QAAQ;QAC7B,SAAS;KACV,CAAC,CAAC,CAAC;IAEJ,OAAO;QACL,cAAc,EAAE,SAAS,CAAC,cAAc;QACxC,WAAW,EAAE,KAAK,CAAC,WAAW;QAC9B,eAAe;QACf,IAAI;QACJ,UAAU;QACV,YAAY;QACZ,SAAS;QACT,MAAM,EAAE,SAAS,CAAC,QAAQ;QAC1B,UAAU;QACV,SAAS;KACV,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,SAAgB,gBAAgB,CAAC,WAAmB,EAAE,IAAY;IAChE,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAEnC,IAAI,OAAO,GAAG,CAAC,CAAC,CAAC;IACjB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7C,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YAClC,OAAO,GAAG,CAAC,CAAC;YACZ,MAAM;QACR,CAAC;IACH,CAAC;IACD,IAAI,OAAO,KAAK,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAEhC,MAAM,KAAK,GAAG,SAAS,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;IAClF,IAAI,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IAExB,MAAM,SAAS,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;IAE7C,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACtC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IAClC,CAAC;IAED,IAAI,OAAO,GAAG,SAAS,CAAC;IAExB,KAAK,IAAI,CAAC,GAAG,OAAO,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACvD,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;QAC1B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,SAAS,CAAC,MAAM,GAAG,CAAC;YAAE,MAAM;QAE3D,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QACvB,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAE9B,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;YACnB,IAAI,OAAO,IAAI,SAAS,CAAC,MAAM,IAAI,SAAS,CAAC,OAAO,CAAC,KAAK,OAAO;gBAAE,OAAO,IAAI,CAAC;YAC/E,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACrB,OAAO,IAAI,CAAC,CAAC;QACf,CAAC;aAAM,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;YAC1B,IAAI,OAAO,IAAI,SAAS,CAAC,MAAM,IAAI,SAAS,CAAC,OAAO,CAAC,KAAK,OAAO;gBAAE,OAAO,IAAI,CAAC;YAC/E,OAAO,IAAI,CAAC,CAAC;QACf,CAAC;aAAM,IAAI,MAAM,KAAK,GAAG,EAAE,CAAC;YAC1B,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACvB,CAAC;aAAM,CAAC;YACN,MAAM;QACR,CAAC;IACH,CAAC;IAED,OAAO,OAAO,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;QAChC,OAAO,IAAI,CAAC,CAAC;IACf,CAAC;IAED,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC3B,CAAC;AAED;;;;GAIG;AACH,SAAgB,uBAAuB,CACrC,QAAgB,EAChB,WAAmB;IAEnB,KAAK,MAAM,IAAI,IAAI,kBAAkB,EAAE,EAAE,CAAC;QACxC,MAAM,MAAM,GAAG,gBAAgB,CAAC;YAC9B,QAAQ;YACR,WAAW;YACX,WAAW,EAAE,IAAI;SAClB,CAAC,CAAC;QACH,IAAI,CAAC,MAAM;YAAE,SAAS;QACtB,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAgB,0BAA0B,CACxC,UAA2D,EAC3D,WAAmB;IAEnB,MAAM,IAAI,GAAG,IAAA,4BAAiB,EAAC,UAAU,CAAC,KAAK,EAAE,UAAU,CAAC,MAAM,CAAC,CAAC;IACpE,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,MAAM,SAAS,GAAG,IAAA,yBAAa,EAAC;QAC9B,QAAQ,EAAE,UAAU,CAAC,IAAI;QACzB,KAAK,EAAE,UAAU,CAAC,KAAK;QACvB,MAAM,EAAE,UAAU,CAAC,MAAM;QACzB,WAAW;QACX,WAAW,EAAE,IAAI;KAClB,CAAC,CAAC;IACH,IAAI,CAAC,SAAS;QAAE,OAAO,IAAI,CAAC;IAE5B,MAAM,IAAI,GAAG,IAAA,0BAAmB,EAAC,UAAU,CAAC,IAAI,EAAE,WAAW,EAAE,SAAS,CAAC,cAAc,CAAC,CAAC;IACzF,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAEvB,MAAM,eAAe,GAAG,oBAAoB,CAAC,IAAI,CAAC,CAAC;IACnD,MAAM,UAAU,GAAG,IAAA,+BAAsB,EAAC;QACxC,eAAe,EAAE,WAAW;QAC5B,cAAc,EAAE,SAAS,CAAC,cAAc;QACxC,IAAI;QACJ,IAAI;QACJ,UAAU,EAAE,eAAe;KAC5B,CAAC,CAAC;IAEH,uEAAuE;IACvE,IAAI,CAAC,UAAU,CAAC,IAAI;QAAE,OAAO,IAAI,CAAC;IAElC,OAAO;QACL,IAAI,EAAE,UAAU,CAAC,IAAI;QACrB,IAAI;QACJ,eAAe;QACf,WAAW,EAAE,IAAI;QACjB,UAAU;QACV,MAAM,EAAE,SAAS,CAAC,QAAQ;KAC3B,CAAC;AACJ,CAAC"}

package/dist/patch-engine/patterns.d.ts CHANGED Viewed

@@ -1,4 +1,4 @@
-export type PatternKind = 'db_in_ui' | 'missing_validation' | 'todo_fixme';
+export type PatternKind = 'db_in_ui' | 'missing_validation' | 'todo_fixme' | 'missing_auth_middleware' | 'missing_role_checks' | 'unsafe_jwt_usage' | 'missing_token_expiry' | 'unsafe_secret_exposure' | 'insecure_cookie_configuration' | 'missing_csrf_protection' | 'missing_rate_limiting' | 'missing_try_catch' | 'missing_timeout_handling' | 'unsafe_fetch_without_retries' | 'missing_idempotency_keys' | 'unsafe_webhook_verification' | 'unsafe_serialization' | 'missing_transaction_wrappers' | 'unsafe_sql_string_concatenation' | 'unsafe_file_uploads' | 'missing_mime_validation' | 'missing_size_limits' | 'unsafe_path_traversal_usage' | 'dangerous_useeffect_cleanup' | 'missing_abort_controller_cleanup' | 'unsafe_inner_html_usage' | 'unhandled_promise_chains' | 'unsafe_websocket_lifecycle' | 'missing_audit_logs' | 'unsafe_sensitive_logging' | 'missing_error_boundaries' | 'missing_tracing_wrappers' | 'deprecated_package_migration_mappings' | 'unsafe_env_usage' | 'dangerous_hardcoded_credentials';
 export declare function classifyViolation(issue: string, policy: string): PatternKind | null;
 export declare function detectPattern(content: string, kind: PatternKind): number | null;
 //# sourceMappingURL=patterns.d.ts.map

package/dist/patch-engine/patterns.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../src/patch-engine/patterns.ts"],"names":[],"mappings":"AAGA,MAAM,MAAM,WAAW,~~GAAG~~,UAAU,~~GAAG~~,oBAAoB,~~GAAG~~,YAAY,CAAC;~~AAM3E~~,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,WAAW,GAAG,IAAI,~~CAsBnF~~;~~AA2ED~~,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,GAAG,MAAM,GAAG,IAAI,~~CAO~~/E"}
1	+ {"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../src/patch-engine/patterns.ts"],"names":[],"mappings":"AAGA,MAAM,MAAM,WAAW,GACnB,UAAU,GACV,oBAAoB,GACpB,YAAY,GACZ,yBAAyB,GACzB,qBAAqB,GACrB,kBAAkB,GAClB,sBAAsB,GACtB,wBAAwB,GACxB,+BAA+B,GAC/B,yBAAyB,GACzB,uBAAuB,GACvB,mBAAmB,GACnB,0BAA0B,GAC1B,8BAA8B,GAC9B,0BAA0B,GAC1B,6BAA6B,GAC7B,sBAAsB,GACtB,8BAA8B,GAC9B,iCAAiC,GACjC,qBAAqB,GACrB,yBAAyB,GACzB,qBAAqB,GACrB,6BAA6B,GAC7B,6BAA6B,GAC7B,kCAAkC,GAClC,yBAAyB,GACzB,0BAA0B,GAC1B,4BAA4B,GAC5B,oBAAoB,GACpB,0BAA0B,GAC1B,0BAA0B,GAC1B,0BAA0B,GAC1B,uCAAuC,GACvC,kBAAkB,GAClB,iCAAiC,CAAC;AAiTtC,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,WAAW,GAAG,IAAI,CAwBnF;AAED,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,GAAG,MAAM,GAAG,IAAI,CAgC/E"}