@oculum/scanner 1.0.0

package/dist/formatters/github-comment.js

@@ -0,0 +1,306 @@
+"use strict";
+/**
+ * GitHub Comment Formatter
+ * Formats scan results as markdown for GitHub PR comments
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.formatGitHubComment = formatGitHubComment;
+exports.formatShortStatus = formatShortStatus;
+exports.formatAnnotation = formatAnnotation;
+const grouping_1 = require("./grouping");
+/**
+ * Severity badges for GitHub markdown
+ */
+const SEVERITY_BADGE = {
+    critical: '🔴 Critical',
+    high: '🟠 High',
+    medium: '🟡 Medium',
+    low: '🔵 Low',
+    info: '⚪ Info',
+};
+/**
+ * Category documentation URLs
+ */
+const CATEGORY_DOCS = {
+    hardcoded_secret: 'https://oculum.dev/docs/rules/hardcoded-secrets',
+    ai_prompt_injection: 'https://oculum.dev/docs/rules/prompt-injection',
+    ai_unsafe_execution: 'https://oculum.dev/docs/rules/unsafe-execution',
+    ai_overpermissive_tool: 'https://oculum.dev/docs/rules/overpermissive-tools',
+    ai_rag_exfiltration: 'https://oculum.dev/docs/rules/rag-exfiltration',
+    ai_endpoint_unprotected: 'https://oculum.dev/docs/rules/unprotected-endpoints',
+    ai_schema_mismatch: 'https://oculum.dev/docs/rules/schema-validation',
+    sql_injection: 'https://oculum.dev/docs/rules/sql-injection',
+    xss: 'https://oculum.dev/docs/rules/xss',
+    missing_auth: 'https://oculum.dev/docs/rules/missing-auth',
+    data_exposure: 'https://oculum.dev/docs/rules/data-exposure',
+};
+/**
+ * Format a single finding as a markdown list item
+ */
+function formatFinding(finding, options = {}) {
+    const { showFile = true, showDocs = true } = options;
+    const badge = SEVERITY_BADGE[finding.severity];
+    const location = showFile
+        ? `\`${finding.filePath}:${finding.lineNumber}\``
+        : `Line ${finding.lineNumber}`;
+    let md = `- ${badge} **${finding.title}**\n`;
+    md += `  - 📍 ${location}\n`;
+    md += `  - ${finding.description}\n`;
+    if (finding.suggestedFix) {
+        md += `  - 💡 **Fix:** ${finding.suggestedFix}\n`;
+    }
+    // Add documentation link if available
+    const docsUrl = CATEGORY_DOCS[finding.category];
+    if (showDocs && docsUrl) {
+        md += `  - 📚 [Learn more](${docsUrl})\n`;
+    }
+    return md;
+}
+/**
+ * Format a group of findings
+ */
+function formatGroup(group, maxFindings = 5) {
+    const { themeIcon, themeName, findings, severityCounts } = group;
+    // Count summary
+    const counts = [];
+    if (severityCounts.critical > 0)
+        counts.push(`${severityCounts.critical} critical`);
+    if (severityCounts.high > 0)
+        counts.push(`${severityCounts.high} high`);
+    if (severityCounts.medium > 0)
+        counts.push(`${severityCounts.medium} medium`);
+    if (severityCounts.low > 0)
+        counts.push(`${severityCounts.low} low`);
+    if (severityCounts.info > 0)
+        counts.push(`${severityCounts.info} info`);
+    let md = `### ${themeIcon} ${themeName}\n`;
+    md += `> ${counts.join(', ')}\n\n`;
+    // Show top findings
+    const shown = findings.slice(0, maxFindings);
+    for (const finding of shown) {
+        md += formatFinding(finding) + '\n';
+    }
+    // Show truncation notice if needed
+    if (findings.length > maxFindings) {
+        md += `<details>\n<summary>+ ${findings.length - maxFindings} more ${themeName.toLowerCase()} issues</summary>\n\n`;
+        for (const finding of findings.slice(maxFindings)) {
+            md += formatFinding(finding) + '\n';
+        }
+        md += `</details>\n`;
+    }
+    return md;
+}
+/**
+ * Format scan result as GitHub PR comment
+ */
+function formatGitHubComment(result, options = {}) {
+    const { maxFindingsPerGroup = 5, showAllFindings = false, includeFooter = true, scanDepth, previousScanCounts, } = options;
+    const { vulnerabilities, severityCounts, hasBlockingIssues } = result;
+    // Professional header with Oculum branding
+    let md = `<!-- oculum-security-scan -->\n`;
+    md += `<div align="center">\n\n`;
+    md += `# 🛡️ Oculum Security Scan\n\n`;
+    md += `</div>\n\n`;
+    // Status banner
+    if (hasBlockingIssues) {
+        const blocking = severityCounts.critical + severityCounts.high;
+        md += `> 🚨 **${blocking} blocking issue${blocking === 1 ? '' : 's'} found** — These must be addressed before merging.\n\n`;
+    }
+    else if (vulnerabilities.length > 0) {
+        md += `> ⚠️ **${vulnerabilities.length} issue${vulnerabilities.length === 1 ? '' : 's'} found** — Review recommended, but no blocking issues.\n\n`;
+    }
+    else {
+        md += `> ✅ **No security issues detected** — This PR looks good!\n\n`;
+        md += formatScanMetadata(result, scanDepth);
+        if (includeFooter) {
+            md += formatFooter();
+        }
+        return md;
+    }
+    // Comparison with previous scan if available
+    if (previousScanCounts) {
+        md += formatComparison(severityCounts, previousScanCounts);
+    }
+    // Summary section
+    md += `## 📊 Summary\n\n`;
+    md += formatSummaryTable(severityCounts);
+    md += '\n';
+    // Scan metadata
+    md += formatScanMetadata(result, scanDepth);
+    // Blocking issues section (critical + high)
+    const blockingIssues = (0, grouping_1.getBlockingIssues)(vulnerabilities);
+    if (blockingIssues.length > 0) {
+        md += `## 🚨 Blocking Issues\n\n`;
+        md += `> These issues must be fixed before merging.\n\n`;
+        for (const finding of blockingIssues.slice(0, 10)) {
+            md += formatFinding(finding) + '\n';
+        }
+        if (blockingIssues.length > 10) {
+            md += `<details>\n<summary>+ ${blockingIssues.length - 10} more blocking issues</summary>\n\n`;
+            for (const finding of blockingIssues.slice(10)) {
+                md += formatFinding(finding, { showDocs: false }) + '\n';
+            }
+            md += `</details>\n`;
+        }
+        md += '\n';
+    }
+    // All findings grouped by theme
+    const grouped = (0, grouping_1.groupByTheme)(vulnerabilities);
+    const limited = showAllFindings ? grouped : (0, grouping_1.limitPerGroup)(grouped, 10);
+    // Only show non-blocking findings in "All Findings" section
+    const hasNonBlockingFindings = vulnerabilities.some(v => v.severity !== 'critical' && v.severity !== 'high');
+    if (hasNonBlockingFindings) {
+        md += `## 📋 All Findings by Category\n\n`;
+        for (const group of limited) {
+            // Skip groups with only blocking issues (already shown above)
+            const nonBlockingInGroup = group.findings.filter(f => f.severity !== 'critical' && f.severity !== 'high');
+            if (nonBlockingInGroup.length === 0)
+                continue;
+            md += formatGroup(group, maxFindingsPerGroup) + '\n';
+        }
+    }
+    // Quick actions
+    md += formatQuickActions(hasBlockingIssues);
+    // Footer
+    if (includeFooter) {
+        md += formatFooter();
+    }
+    return md;
+}
+/**
+ * Format summary table
+ */
+function formatSummaryTable(severityCounts) {
+    let md = `| Severity | Count | Status |\n`;
+    md += `|:---------|:-----:|:------:|\n`;
+    if (severityCounts.critical > 0) {
+        md += `| 🔴 **Critical** | ${severityCounts.critical} | ❌ Blocking |\n`;
+    }
+    if (severityCounts.high > 0) {
+        md += `| 🟠 **High** | ${severityCounts.high} | ❌ Blocking |\n`;
+    }
+    if (severityCounts.medium > 0) {
+        md += `| 🟡 Medium | ${severityCounts.medium} | ⚠️ Review |\n`;
+    }
+    if (severityCounts.low > 0) {
+        md += `| 🔵 Low | ${severityCounts.low} | ℹ️ Info |\n`;
+    }
+    if (severityCounts.info > 0) {
+        md += `| ⚪ Info | ${severityCounts.info} | ℹ️ Info |\n`;
+    }
+    return md;
+}
+/**
+ * Format comparison with previous scan
+ */
+function formatComparison(current, previous) {
+    const currentTotal = Object.values(current).reduce((a, b) => a + b, 0);
+    const previousTotal = Object.values(previous).reduce((a, b) => a + b, 0);
+    const diff = currentTotal - previousTotal;
+    const currentBlocking = current.critical + current.high;
+    const previousBlocking = previous.critical + previous.high;
+    const blockingDiff = currentBlocking - previousBlocking;
+    let md = `### 📈 Changes from Previous Scan\n\n`;
+    if (diff === 0 && blockingDiff === 0) {
+        md += `No change in findings.\n\n`;
+    }
+    else {
+        const parts = [];
+        if (blockingDiff > 0) {
+            parts.push(`🔺 **${blockingDiff} new blocking issue${blockingDiff === 1 ? '' : 's'}**`);
+        }
+        else if (blockingDiff < 0) {
+            parts.push(`🔻 **${Math.abs(blockingDiff)} blocking issue${Math.abs(blockingDiff) === 1 ? '' : 's'} resolved**`);
+        }
+        if (diff > 0 && diff !== blockingDiff) {
+            parts.push(`${diff - blockingDiff} new non-blocking issue${diff - blockingDiff === 1 ? '' : 's'}`);
+        }
+        else if (diff < 0 && diff !== blockingDiff) {
+            parts.push(`${Math.abs(diff - blockingDiff)} non-blocking issue${Math.abs(diff - blockingDiff) === 1 ? '' : 's'} resolved`);
+        }
+        md += parts.join(' • ') + '\n\n';
+    }
+    return md;
+}
+/**
+ * Format scan metadata
+ */
+function formatScanMetadata(result, scanDepth) {
+    let md = `<details>\n<summary>📋 Scan Details</summary>\n\n`;
+    md += `| Metric | Value |\n`;
+    md += `|--------|-------|\n`;
+    md += `| Files scanned | ${result.filesScanned} |\n`;
+    md += `| Files skipped | ${result.filesSkipped} |\n`;
+    md += `| Scan duration | ${(result.scanDuration / 1000).toFixed(1)}s |\n`;
+    if (scanDepth) {
+        const depthLabels = {
+            cheap: 'Fast (pattern matching)',
+            validated: 'Validated (AI-assisted)',
+            deep: 'Deep (full semantic)',
+        };
+        md += `| Scan depth | ${depthLabels[scanDepth] || scanDepth} |\n`;
+    }
+    md += `| Timestamp | ${result.timestamp} |\n`;
+    md += `\n</details>\n\n`;
+    return md;
+}
+/**
+ * Format quick actions section
+ */
+function formatQuickActions(hasBlockingIssues) {
+    let md = `## 🎯 Quick Actions\n\n`;
+    if (hasBlockingIssues) {
+        md += `- [ ] Fix all blocking issues before merging\n`;
+        md += `- [ ] Review medium/low severity findings\n`;
+    }
+    else {
+        md += `- [ ] Review findings and address as needed\n`;
+    }
+    md += `- [ ] Mark false positives with \`// oculum-ignore\` comment\n`;
+    md += `- 📖 [View documentation](https://oculum.dev/docs)\n`;
+    md += `- 🐛 [Report false positive](https://github.com/oculum-security/oculum/issues/new?template=false-positive.md)\n\n`;
+    return md;
+}
+/**
+ * Format footer
+ */
+function formatFooter() {
+    let md = `---\n\n`;
+    md += `<div align="center">\n\n`;
+    md += `🛡️ Powered by [Oculum Security Scanner](https://oculum.dev) • `;
+    md += `[Documentation](https://oculum.dev/docs) • `;
+    md += `[Get Pro](https://oculum.dev/pricing)\n\n`;
+    md += `</div>\n`;
+    return md;
+}
+/**
+ * Format scan result as a short status comment (for check run summary)
+ */
+function formatShortStatus(result) {
+    const { severityCounts, hasBlockingIssues, filesScanned, scanDuration } = result;
+    if (hasBlockingIssues) {
+        const blocking = severityCounts.critical + severityCounts.high;
+        return `🚨 Found ${blocking} blocking security issue${blocking === 1 ? '' : 's'} (${severityCounts.critical} critical, ${severityCounts.high} high)`;
+    }
+    const total = Object.values(severityCounts).reduce((a, b) => a + b, 0);
+    if (total > 0) {
+        return `⚠️ Found ${total} issue${total === 1 ? '' : 's'} (${severityCounts.medium} medium, ${severityCounts.low} low, ${severityCounts.info} info)`;
+    }
+    return `✅ No security issues found (scanned ${filesScanned} files in ${(scanDuration / 1000).toFixed(1)}s)`;
+}
+/**
+ * Format as inline annotation for GitHub check run
+ */
+function formatAnnotation(finding) {
+    const level = finding.severity === 'critical' || finding.severity === 'high' ? 'failure' :
+        finding.severity === 'medium' ? 'warning' : 'notice';
+    return {
+        path: finding.filePath,
+        start_line: finding.lineNumber,
+        end_line: finding.lineNumber,
+        annotation_level: level,
+        title: `${SEVERITY_BADGE[finding.severity]} ${finding.title}`,
+        message: finding.description + (finding.suggestedFix ? `\n\n💡 Fix: ${finding.suggestedFix}` : ''),
+    };
+}
+//# sourceMappingURL=github-comment.js.map

package/dist/formatters/github-comment.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"github-comment.js","sourceRoot":"","sources":["../../src/formatters/github-comment.ts"],"names":[],"mappings":";AAAA;;;GAGG;;AAmHH,kDAiGC;AA+HD,8CAcC;AAKD,4CAoBC;AAvXD,yCAA4F;AAE5F;;GAEG;AACH,MAAM,cAAc,GAA0C;IAC5D,QAAQ,EAAE,aAAa;IACvB,IAAI,EAAE,SAAS;IACf,MAAM,EAAE,WAAW;IACnB,GAAG,EAAE,QAAQ;IACb,IAAI,EAAE,QAAQ;CACf,CAAA;AAED;;GAEG;AACH,MAAM,aAAa,GAAmD;IACpE,gBAAgB,EAAE,iDAAiD;IACnE,mBAAmB,EAAE,gDAAgD;IACrE,mBAAmB,EAAE,gDAAgD;IACrE,sBAAsB,EAAE,oDAAoD;IAC5E,mBAAmB,EAAE,gDAAgD;IACrE,uBAAuB,EAAE,qDAAqD;IAC9E,kBAAkB,EAAE,iDAAiD;IACrE,aAAa,EAAE,6CAA6C;IAC5D,GAAG,EAAE,mCAAmC;IACxC,YAAY,EAAE,4CAA4C;IAC1D,aAAa,EAAE,6CAA6C;CAC7D,CAAA;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,OAAsB,EAAE,UAAsD,EAAE;IACrG,MAAM,EAAE,QAAQ,GAAG,IAAI,EAAE,QAAQ,GAAG,IAAI,EAAE,GAAG,OAAO,CAAA;IACpD,MAAM,KAAK,GAAG,cAAc,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAC9C,MAAM,QAAQ,GAAG,QAAQ;QACvB,CAAC,CAAC,KAAK,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,UAAU,IAAI;QACjD,CAAC,CAAC,QAAQ,OAAO,CAAC,UAAU,EAAE,CAAA;IAEhC,IAAI,EAAE,GAAG,KAAK,KAAK,MAAM,OAAO,CAAC,KAAK,MAAM,CAAA;IAC5C,EAAE,IAAI,UAAU,QAAQ,IAAI,CAAA;IAC5B,EAAE,IAAI,OAAO,OAAO,CAAC,WAAW,IAAI,CAAA;IAEpC,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;QACzB,EAAE,IAAI,mBAAmB,OAAO,CAAC,YAAY,IAAI,CAAA;IACnD,CAAC;IAED,sCAAsC;IACtC,MAAM,OAAO,GAAG,aAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IAC/C,IAAI,QAAQ,IAAI,OAAO,EAAE,CAAC;QACxB,EAAE,IAAI,uBAAuB,OAAO,KAAK,CAAA;IAC3C,CAAC;IAED,OAAO,EAAE,CAAA;AACX,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,KAAsB,EAAE,cAAsB,CAAC;IAClE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,QAAQ,EAAE,cAAc,EAAE,GAAG,KAAK,CAAA;IAEhE,gBAAgB;IAChB,MAAM,MAAM,GAAa,EAAE,CAAA;IAC3B,IAAI,cAAc,CAAC,QAAQ,GAAG,CAAC;QAAE,MAAM,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,QAAQ,WAAW,CAAC,CAAA;IACnF,IAAI,cAAc,CAAC,IAAI,GAAG,CAAC;QAAE,MAAM,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,IAAI,OAAO,CAAC,CAAA;IACvE,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC;QAAE,MAAM,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,MAAM,SAAS,CAAC,CAAA;IAC7E,IAAI,cAAc,CAAC,GAAG,GAAG,CAAC;QAAE,MAAM,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,GAAG,MAAM,CAAC,CAAA;IACpE,IAAI,cAAc,CAAC,IAAI,GAAG,CAAC;QAAE,MAAM,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,IAAI,OAAO,CAAC,CAAA;IAEvE,IAAI,EAAE,GAAG,OAAO,SAAS,IAAI,SAAS,IAAI,CAAA;IAC1C,EAAE,IAAI,KAAK,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAA;IAElC,oBAAoB;IACpB,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,WAAW,CAAC,CAAA;IAC5C,KAAK,MAAM,OAAO,IAAI,KAAK,EAAE,CAAC;QAC5B,EAAE,IAAI,aAAa,CAAC,OAAO,CAAC,GAAG,IAAI,CAAA;IACrC,CAAC;IAED,mCAAmC;IACnC,IAAI,QAAQ,CAAC,MAAM,GAAG,WAAW,EAAE,CAAC;QAClC,EAAE,IAAI,yBAAyB,QAAQ,CAAC,MAAM,GAAG,WAAW,SAAS,SAAS,CAAC,WAAW,EAAE,uBAAuB,CAAA;QACnH,KAAK,MAAM,OAAO,IAAI,QAAQ,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC;YAClD,EAAE,IAAI,aAAa,CAAC,OAAO,CAAC,GAAG,IAAI,CAAA;QACrC,CAAC;QACD,EAAE,IAAI,cAAc,CAAA;IACtB,CAAC;IAED,OAAO,EAAE,CAAA;AACX,CAAC;AAmBD;;GAEG;AACH,SAAgB,mBAAmB,CAAC,MAAkB,EAAE,UAAgC,EAAE;IACxF,MAAM,EACJ,mBAAmB,GAAG,CAAC,EACvB,eAAe,GAAG,KAAK,EACvB,aAAa,GAAG,IAAI,EACpB,SAAS,EACT,kBAAkB,GACnB,GAAG,OAAO,CAAA;IAEX,MAAM,EAAE,eAAe,EAAE,cAAc,EAAE,iBAAiB,EAAE,GAAG,MAAM,CAAA;IAErE,2CAA2C;IAC3C,IAAI,EAAE,GAAG,iCAAiC,CAAA;IAC1C,EAAE,IAAI,0BAA0B,CAAA;IAChC,EAAE,IAAI,gCAAgC,CAAA;IACtC,EAAE,IAAI,YAAY,CAAA;IAElB,gBAAgB;IAChB,IAAI,iBAAiB,EAAE,CAAC;QACtB,MAAM,QAAQ,GAAG,cAAc,CAAC,QAAQ,GAAG,cAAc,CAAC,IAAI,CAAA;QAC9D,EAAE,IAAI,UAAU,QAAQ,kBAAkB,QAAQ,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,wDAAwD,CAAA;IAC7H,CAAC;SAAM,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtC,EAAE,IAAI,UAAU,eAAe,CAAC,MAAM,SAAS,eAAe,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,4DAA4D,CAAA;IACpJ,CAAC;SAAM,CAAC;QACN,EAAE,IAAI,+DAA+D,CAAA;QACrE,EAAE,IAAI,kBAAkB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;QAC3C,IAAI,aAAa,EAAE,CAAC;YAClB,EAAE,IAAI,YAAY,EAAE,CAAA;QACtB,CAAC;QACD,OAAO,EAAE,CAAA;IACX,CAAC;IAED,6CAA6C;IAC7C,IAAI,kBAAkB,EAAE,CAAC;QACvB,EAAE,IAAI,gBAAgB,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAA;IAC5D,CAAC;IAED,kBAAkB;IAClB,EAAE,IAAI,mBAAmB,CAAA;IACzB,EAAE,IAAI,kBAAkB,CAAC,cAAc,CAAC,CAAA;IACxC,EAAE,IAAI,IAAI,CAAA;IAEV,gBAAgB;IAChB,EAAE,IAAI,kBAAkB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAA;IAE3C,4CAA4C;IAC5C,MAAM,cAAc,GAAG,IAAA,4BAAiB,EAAC,eAAe,CAAC,CAAA;IACzD,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,EAAE,IAAI,2BAA2B,CAAA;QACjC,EAAE,IAAI,kDAAkD,CAAA;QAExD,KAAK,MAAM,OAAO,IAAI,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;YAClD,EAAE,IAAI,aAAa,CAAC,OAAO,CAAC,GAAG,IAAI,CAAA;QACrC,CAAC;QAED,IAAI,cAAc,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;YAC/B,EAAE,IAAI,yBAAyB,cAAc,CAAC,MAAM,GAAG,EAAE,qCAAqC,CAAA;YAC9F,KAAK,MAAM,OAAO,IAAI,cAAc,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC;gBAC/C,EAAE,IAAI,aAAa,CAAC,OAAO,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,GAAG,IAAI,CAAA;YAC1D,CAAC;YACD,EAAE,IAAI,cAAc,CAAA;QACtB,CAAC;QACD,EAAE,IAAI,IAAI,CAAA;IACZ,CAAC;IAED,gCAAgC;IAChC,MAAM,OAAO,GAAG,IAAA,uBAAY,EAAC,eAAe,CAAC,CAAA;IAC7C,MAAM,OAAO,GAAG,eAAe,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAA,wBAAa,EAAC,OAAO,EAAE,EAAE,CAAC,CAAA;IAEtE,4DAA4D;IAC5D,MAAM,sBAAsB,GAAG,eAAe,CAAC,IAAI,CACjD,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CACxD,CAAA;IAED,IAAI,sBAAsB,EAAE,CAAC;QAC3B,EAAE,IAAI,oCAAoC,CAAA;QAE1C,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,8DAA8D;YAC9D,MAAM,kBAAkB,GAAG,KAAK,CAAC,QAAQ,CAAC,MAAM,CAC9C,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CACxD,CAAA;YACD,IAAI,kBAAkB,CAAC,MAAM,KAAK,CAAC;gBAAE,SAAQ;YAE7C,EAAE,IAAI,WAAW,CAAC,KAAK,EAAE,mBAAmB,CAAC,GAAG,IAAI,CAAA;QACtD,CAAC;IACH,CAAC;IAED,gBAAgB;IAChB,EAAE,IAAI,kBAAkB,CAAC,iBAAiB,CAAC,CAAA;IAE3C,SAAS;IACT,IAAI,aAAa,EAAE,CAAC;QAClB,EAAE,IAAI,YAAY,EAAE,CAAA;IACtB,CAAC;IAED,OAAO,EAAE,CAAA;AACX,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,cAAqD;IAC/E,IAAI,EAAE,GAAG,iCAAiC,CAAA;IAC1C,EAAE,IAAI,iCAAiC,CAAA;IAEvC,IAAI,cAAc,CAAC,QAAQ,GAAG,CAAC,EAAE,CAAC;QAChC,EAAE,IAAI,uBAAuB,cAAc,CAAC,QAAQ,mBAAmB,CAAA;IACzE,CAAC;IACD,IAAI,cAAc,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QAC5B,EAAE,IAAI,mBAAmB,cAAc,CAAC,IAAI,mBAAmB,CAAA;IACjE,CAAC;IACD,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,EAAE,IAAI,iBAAiB,cAAc,CAAC,MAAM,kBAAkB,CAAA;IAChE,CAAC;IACD,IAAI,cAAc,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC;QAC3B,EAAE,IAAI,cAAc,cAAc,CAAC,GAAG,gBAAgB,CAAA;IACxD,CAAC;IACD,IAAI,cAAc,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QAC5B,EAAE,IAAI,cAAc,cAAc,CAAC,IAAI,gBAAgB,CAAA;IACzD,CAAC;IAED,OAAO,EAAE,CAAA;AACX,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CACvB,OAA8C,EAC9C,QAA+C;IAE/C,MAAM,YAAY,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAA;IACtE,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAA;IACxE,MAAM,IAAI,GAAG,YAAY,GAAG,aAAa,CAAA;IAEzC,MAAM,eAAe,GAAG,OAAO,CAAC,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAA;IACvD,MAAM,gBAAgB,GAAG,QAAQ,CAAC,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAA;IAC1D,MAAM,YAAY,GAAG,eAAe,GAAG,gBAAgB,CAAA;IAEvD,IAAI,EAAE,GAAG,uCAAuC,CAAA;IAEhD,IAAI,IAAI,KAAK,CAAC,IAAI,YAAY,KAAK,CAAC,EAAE,CAAC;QACrC,EAAE,IAAI,4BAA4B,CAAA;IACpC,CAAC;SAAM,CAAC;QACN,MAAM,KAAK,GAAa,EAAE,CAAA;QAE1B,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;YACrB,KAAK,CAAC,IAAI,CAAC,QAAQ,YAAY,sBAAsB,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAA;QACzF,CAAC;aAAM,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;YAC5B,KAAK,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,kBAAkB,IAAI,CAAC,GAAG,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,aAAa,CAAC,CAAA;QAClH,CAAC;QAED,IAAI,IAAI,GAAG,CAAC,IAAI,IAAI,KAAK,YAAY,EAAE,CAAC;YACtC,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,GAAG,YAAY,0BAA0B,IAAI,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAA;QACpG,CAAC;aAAM,IAAI,IAAI,GAAG,CAAC,IAAI,IAAI,KAAK,YAAY,EAAE,CAAC;YAC7C,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,YAAY,CAAC,sBAAsB,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,WAAW,CAAC,CAAA;QAC7H,CAAC;QAED,EAAE,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,MAAM,CAAA;IAClC,CAAC;IAED,OAAO,EAAE,CAAA;AACX,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,MAAkB,EAAE,SAAkB;IAChE,IAAI,EAAE,GAAG,mDAAmD,CAAA;IAC5D,EAAE,IAAI,sBAAsB,CAAA;IAC5B,EAAE,IAAI,sBAAsB,CAAA;IAC5B,EAAE,IAAI,qBAAqB,MAAM,CAAC,YAAY,MAAM,CAAA;IACpD,EAAE,IAAI,qBAAqB,MAAM,CAAC,YAAY,MAAM,CAAA;IACpD,EAAE,IAAI,qBAAqB,CAAC,MAAM,CAAC,YAAY,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAA;IACzE,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,WAAW,GAA2B;YAC1C,KAAK,EAAE,yBAAyB;YAChC,SAAS,EAAE,yBAAyB;YACpC,IAAI,EAAE,sBAAsB;SAC7B,CAAA;QACD,EAAE,IAAI,kBAAkB,WAAW,CAAC,SAAS,CAAC,IAAI,SAAS,MAAM,CAAA;IACnE,CAAC;IACD,EAAE,IAAI,iBAAiB,MAAM,CAAC,SAAS,MAAM,CAAA;IAC7C,EAAE,IAAI,kBAAkB,CAAA;IACxB,OAAO,EAAE,CAAA;AACX,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,iBAA0B;IACpD,IAAI,EAAE,GAAG,yBAAyB,CAAA;IAElC,IAAI,iBAAiB,EAAE,CAAC;QACtB,EAAE,IAAI,gDAAgD,CAAA;QACtD,EAAE,IAAI,6CAA6C,CAAA;IACrD,CAAC;SAAM,CAAC;QACN,EAAE,IAAI,+CAA+C,CAAA;IACvD,CAAC;IAED,EAAE,IAAI,gEAAgE,CAAA;IACtE,EAAE,IAAI,sDAAsD,CAAA;IAC5D,EAAE,IAAI,mHAAmH,CAAA;IAEzH,OAAO,EAAE,CAAA;AACX,CAAC;AAED;;GAEG;AACH,SAAS,YAAY;IACnB,IAAI,EAAE,GAAG,SAAS,CAAA;IAClB,EAAE,IAAI,0BAA0B,CAAA;IAChC,EAAE,IAAI,iEAAiE,CAAA;IACvE,EAAE,IAAI,6CAA6C,CAAA;IACnD,EAAE,IAAI,2CAA2C,CAAA;IACjD,EAAE,IAAI,UAAU,CAAA;IAChB,OAAO,EAAE,CAAA;AACX,CAAC;AAED;;GAEG;AACH,SAAgB,iBAAiB,CAAC,MAAkB;IAClD,MAAM,EAAE,cAAc,EAAE,iBAAiB,EAAE,YAAY,EAAE,YAAY,EAAE,GAAG,MAAM,CAAA;IAEhF,IAAI,iBAAiB,EAAE,CAAC;QACtB,MAAM,QAAQ,GAAG,cAAc,CAAC,QAAQ,GAAG,cAAc,CAAC,IAAI,CAAA;QAC9D,OAAO,YAAY,QAAQ,2BAA2B,QAAQ,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,cAAc,CAAC,QAAQ,cAAc,cAAc,CAAC,IAAI,QAAQ,CAAA;IACtJ,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAA;IACtE,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;QACd,OAAO,YAAY,KAAK,SAAS,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,KAAK,cAAc,CAAC,MAAM,YAAY,cAAc,CAAC,GAAG,SAAS,cAAc,CAAC,IAAI,QAAQ,CAAA;IACrJ,CAAC;IAED,OAAO,uCAAuC,YAAY,aAAa,CAAC,YAAY,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAA;AAC7G,CAAC;AAED;;GAEG;AACH,SAAgB,gBAAgB,CAAC,OAAsB;IAQrD,MAAM,KAAK,GACT,OAAO,CAAC,QAAQ,KAAK,UAAU,IAAI,OAAO,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QAC5E,OAAO,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAA;IAEtD,OAAO;QACL,IAAI,EAAE,OAAO,CAAC,QAAQ;QACtB,UAAU,EAAE,OAAO,CAAC,UAAU;QAC9B,QAAQ,EAAE,OAAO,CAAC,UAAU;QAC5B,gBAAgB,EAAE,KAAK;QACvB,KAAK,EAAE,GAAG,cAAc,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,KAAK,EAAE;QAC7D,OAAO,EAAE,OAAO,CAAC,WAAW,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,eAAe,OAAO,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACnG,CAAA;AACH,CAAC"}

package/dist/formatters/grouping.d.ts

@@ -0,0 +1,52 @@
+/**
+ * Finding Grouping Logic
+ * Groups and sorts vulnerabilities for workflow-friendly output
+ */
+import type { Vulnerability, VulnerabilitySeverity, VulnerabilityCategory } from '../types';
+/**
+ * Risk themes for grouping findings
+ */
+export type RiskTheme = 'secrets' | 'injection' | 'auth' | 'ai' | 'config' | 'data' | 'other';
+/**
+ * Map categories to risk themes
+ */
+export declare function getRiskTheme(category: VulnerabilityCategory): RiskTheme;
+/**
+ * Theme display names and icons
+ */
+export declare const THEME_CONFIG: Record<RiskTheme, {
+    name: string;
+    icon: string;
+    priority: number;
+}>;
+/**
+ * Grouped findings by risk theme
+ */
+export interface GroupedFindings {
+    theme: RiskTheme;
+    themeName: string;
+    themeIcon: string;
+    findings: Vulnerability[];
+    severityCounts: Record<VulnerabilitySeverity, number>;
+}
+/**
+ * Group vulnerabilities by risk theme
+ */
+export declare function groupByTheme(vulnerabilities: Vulnerability[]): GroupedFindings[];
+/**
+ * Limit findings per group to avoid overwhelming output
+ */
+export declare function limitPerGroup(groups: GroupedFindings[], maxPerGroup?: number): GroupedFindings[];
+/**
+ * Get findings sorted by severity across all groups
+ */
+export declare function sortBySeverity(vulnerabilities: Vulnerability[]): Vulnerability[];
+/**
+ * Filter to only blocking issues (critical/high)
+ */
+export declare function getBlockingIssues(vulnerabilities: Vulnerability[]): Vulnerability[];
+/**
+ * Filter to actionable issues (medium and above)
+ */
+export declare function getActionableIssues(vulnerabilities: Vulnerability[]): Vulnerability[];
+//# sourceMappingURL=grouping.d.ts.map

package/dist/formatters/grouping.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"grouping.d.ts","sourceRoot":"","sources":["../../src/formatters/grouping.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,qBAAqB,EAAE,qBAAqB,EAAE,MAAM,UAAU,CAAA;AAE3F;;GAEG;AACH,MAAM,MAAM,SAAS,GACjB,SAAS,GACT,WAAW,GACX,MAAM,GACN,IAAI,GACJ,QAAQ,GACR,MAAM,GACN,OAAO,CAAA;AAEX;;GAEG;AACH,wBAAgB,YAAY,CAAC,QAAQ,EAAE,qBAAqB,GAAG,SAAS,CAqCvE;AAED;;GAEG;AACH,eAAO,MAAM,YAAY,EAAE,MAAM,CAAC,SAAS,EAAE;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,CAQ5F,CAAA;AAaD;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,SAAS,CAAA;IAChB,SAAS,EAAE,MAAM,CAAA;IACjB,SAAS,EAAE,MAAM,CAAA;IACjB,QAAQ,EAAE,aAAa,EAAE,CAAA;IACzB,cAAc,EAAE,MAAM,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAA;CACtD;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,eAAe,EAAE,aAAa,EAAE,GAAG,eAAe,EAAE,CAmDhF;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,MAAM,EAAE,eAAe,EAAE,EAAE,WAAW,GAAE,MAAW,GAAG,eAAe,EAAE,CAKpG;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,eAAe,EAAE,aAAa,EAAE,GAAG,aAAa,EAAE,CAQhF;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,eAAe,EAAE,aAAa,EAAE,GAAG,aAAa,EAAE,CAEnF;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,eAAe,EAAE,aAAa,EAAE,GAAG,aAAa,EAAE,CAIrF"}

package/dist/formatters/grouping.js

@@ -0,0 +1,152 @@
+"use strict";
+/**
+ * Finding Grouping Logic
+ * Groups and sorts vulnerabilities for workflow-friendly output
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.THEME_CONFIG = void 0;
+exports.getRiskTheme = getRiskTheme;
+exports.groupByTheme = groupByTheme;
+exports.limitPerGroup = limitPerGroup;
+exports.sortBySeverity = sortBySeverity;
+exports.getBlockingIssues = getBlockingIssues;
+exports.getActionableIssues = getActionableIssues;
+/**
+ * Map categories to risk themes
+ */
+function getRiskTheme(category) {
+    switch (category) {
+        case 'hardcoded_secret':
+        case 'high_entropy_string':
+        case 'sensitive_url':
+            return 'secrets';
+        case 'sql_injection':
+        case 'xss':
+        case 'command_injection':
+        case 'dangerous_function':
+            return 'injection';
+        case 'missing_auth':
+        case 'security_bypass':
+            return 'auth';
+        case 'ai_pattern':
+        case 'ai_prompt_injection':
+        case 'ai_unsafe_execution':
+        case 'ai_overpermissive_tool':
+            return 'ai';
+        case 'insecure_config':
+        case 'cors_misconfiguration':
+        case 'root_container':
+        case 'dangerous_file':
+        case 'weak_crypto':
+            return 'config';
+        case 'data_exposure':
+        case 'sensitive_variable':
+            return 'data';
+        default:
+            return 'other';
+    }
+}
+/**
+ * Theme display names and icons
+ */
+exports.THEME_CONFIG = {
+    secrets: { name: 'Secrets & Credentials', icon: '🔑', priority: 1 },
+    injection: { name: 'Injection Vulnerabilities', icon: '💉', priority: 2 },
+    auth: { name: 'Authentication Issues', icon: '🔒', priority: 3 },
+    ai: { name: 'AI Security', icon: '🤖', priority: 4 },
+    config: { name: 'Configuration Issues', icon: '⚙️', priority: 5 },
+    data: { name: 'Data Exposure', icon: '📊', priority: 6 },
+    other: { name: 'Other Issues', icon: '⚠️', priority: 7 },
+};
+/**
+ * Severity sort order (higher = more severe)
+ */
+const SEVERITY_ORDER = {
+    critical: 5,
+    high: 4,
+    medium: 3,
+    low: 2,
+    info: 1,
+};
+/**
+ * Group vulnerabilities by risk theme
+ */
+function groupByTheme(vulnerabilities) {
+    // Group by theme
+    const groups = new Map();
+    for (const vuln of vulnerabilities) {
+        const theme = getRiskTheme(vuln.category);
+        if (!groups.has(theme)) {
+            groups.set(theme, []);
+        }
+        groups.get(theme).push(vuln);
+    }
+    // Convert to array and sort
+    const result = [];
+    for (const [theme, findings] of groups) {
+        // Sort findings within group: severity desc, then confidence desc
+        findings.sort((a, b) => {
+            const severityDiff = SEVERITY_ORDER[b.severity] - SEVERITY_ORDER[a.severity];
+            if (severityDiff !== 0)
+                return severityDiff;
+            const confidenceOrder = { high: 3, medium: 2, low: 1 };
+            return confidenceOrder[b.confidence] - confidenceOrder[a.confidence];
+        });
+        // Count severities
+        const severityCounts = {
+            critical: 0,
+            high: 0,
+            medium: 0,
+            low: 0,
+            info: 0,
+        };
+        for (const f of findings) {
+            severityCounts[f.severity]++;
+        }
+        const config = exports.THEME_CONFIG[theme];
+        result.push({
+            theme,
+            themeName: config.name,
+            themeIcon: config.icon,
+            findings,
+            severityCounts,
+        });
+    }
+    // Sort groups by theme priority
+    result.sort((a, b) => exports.THEME_CONFIG[a.theme].priority - exports.THEME_CONFIG[b.theme].priority);
+    return result;
+}
+/**
+ * Limit findings per group to avoid overwhelming output
+ */
+function limitPerGroup(groups, maxPerGroup = 10) {
+    return groups.map(group => ({
+        ...group,
+        findings: group.findings.slice(0, maxPerGroup),
+    }));
+}
+/**
+ * Get findings sorted by severity across all groups
+ */
+function sortBySeverity(vulnerabilities) {
+    return [...vulnerabilities].sort((a, b) => {
+        const severityDiff = SEVERITY_ORDER[b.severity] - SEVERITY_ORDER[a.severity];
+        if (severityDiff !== 0)
+            return severityDiff;
+        const confidenceOrder = { high: 3, medium: 2, low: 1 };
+        return confidenceOrder[b.confidence] - confidenceOrder[a.confidence];
+    });
+}
+/**
+ * Filter to only blocking issues (critical/high)
+ */
+function getBlockingIssues(vulnerabilities) {
+    return vulnerabilities.filter(v => v.severity === 'critical' || v.severity === 'high');
+}
+/**
+ * Filter to actionable issues (medium and above)
+ */
+function getActionableIssues(vulnerabilities) {
+    return vulnerabilities.filter(v => v.severity === 'critical' || v.severity === 'high' || v.severity === 'medium');
+}
+//# sourceMappingURL=grouping.js.map

package/dist/formatters/grouping.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"grouping.js","sourceRoot":"","sources":["../../src/formatters/grouping.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAmBH,oCAqCC;AAwCD,oCAmDC;AAKD,sCAKC;AAKD,wCAQC;AAKD,8CAEC;AAKD,kDAIC;AA1KD;;GAEG;AACH,SAAgB,YAAY,CAAC,QAA+B;IAC1D,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,kBAAkB,CAAC;QACxB,KAAK,qBAAqB,CAAC;QAC3B,KAAK,eAAe;YAClB,OAAO,SAAS,CAAA;QAElB,KAAK,eAAe,CAAC;QACrB,KAAK,KAAK,CAAC;QACX,KAAK,mBAAmB,CAAC;QACzB,KAAK,oBAAoB;YACvB,OAAO,WAAW,CAAA;QAEpB,KAAK,cAAc,CAAC;QACpB,KAAK,iBAAiB;YACpB,OAAO,MAAM,CAAA;QAEf,KAAK,YAAY,CAAC;QAClB,KAAK,qBAAqB,CAAC;QAC3B,KAAK,qBAAqB,CAAC;QAC3B,KAAK,wBAAwB;YAC3B,OAAO,IAAI,CAAA;QAEb,KAAK,iBAAiB,CAAC;QACvB,KAAK,uBAAuB,CAAC;QAC7B,KAAK,gBAAgB,CAAC;QACtB,KAAK,gBAAgB,CAAC;QACtB,KAAK,aAAa;YAChB,OAAO,QAAQ,CAAA;QAEjB,KAAK,eAAe,CAAC;QACrB,KAAK,oBAAoB;YACvB,OAAO,MAAM,CAAA;QAEf;YACE,OAAO,OAAO,CAAA;IAClB,CAAC;AACH,CAAC;AAED;;GAEG;AACU,QAAA,YAAY,GAAwE;IAC/F,OAAO,EAAE,EAAE,IAAI,EAAE,uBAAuB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;IACnE,SAAS,EAAE,EAAE,IAAI,EAAE,2BAA2B,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;IACzE,IAAI,EAAE,EAAE,IAAI,EAAE,uBAAuB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;IAChE,EAAE,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;IACpD,MAAM,EAAE,EAAE,IAAI,EAAE,sBAAsB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;IACjE,IAAI,EAAE,EAAE,IAAI,EAAE,eAAe,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;IACxD,KAAK,EAAE,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;CACzD,CAAA;AAED;;GAEG;AACH,MAAM,cAAc,GAA0C;IAC5D,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;IACN,IAAI,EAAE,CAAC;CACR,CAAA;AAaD;;GAEG;AACH,SAAgB,YAAY,CAAC,eAAgC;IAC3D,iBAAiB;IACjB,MAAM,MAAM,GAAG,IAAI,GAAG,EAA8B,CAAA;IAEpD,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACzC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YACvB,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;QACvB,CAAC;QACD,MAAM,CAAC,GAAG,CAAC,KAAK,CAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC/B,CAAC;IAED,4BAA4B;IAC5B,MAAM,MAAM,GAAsB,EAAE,CAAA;IAEpC,KAAK,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,IAAI,MAAM,EAAE,CAAC;QACvC,kEAAkE;QAClE,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;YACrB,MAAM,YAAY,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAA;YAC5E,IAAI,YAAY,KAAK,CAAC;gBAAE,OAAO,YAAY,CAAA;YAE3C,MAAM,eAAe,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAA;YACtD,OAAO,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,CAAA;QACtE,CAAC,CAAC,CAAA;QAEF,mBAAmB;QACnB,MAAM,cAAc,GAA0C;YAC5D,QAAQ,EAAE,CAAC;YACX,IAAI,EAAE,CAAC;YACP,MAAM,EAAE,CAAC;YACT,GAAG,EAAE,CAAC;YACN,IAAI,EAAE,CAAC;SACR,CAAA;QACD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAA;QAC9B,CAAC;QAED,MAAM,MAAM,GAAG,oBAAY,CAAC,KAAK,CAAC,CAAA;QAClC,MAAM,CAAC,IAAI,CAAC;YACV,KAAK;YACL,SAAS,EAAE,MAAM,CAAC,IAAI;YACtB,SAAS,EAAE,MAAM,CAAC,IAAI;YACtB,QAAQ;YACR,cAAc;SACf,CAAC,CAAA;IACJ,CAAC;IAED,gCAAgC;IAChC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,oBAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,QAAQ,GAAG,oBAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAA;IAEtF,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;GAEG;AACH,SAAgB,aAAa,CAAC,MAAyB,EAAE,cAAsB,EAAE;IAC/E,OAAO,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC1B,GAAG,KAAK;QACR,QAAQ,EAAE,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,WAAW,CAAC;KAC/C,CAAC,CAAC,CAAA;AACL,CAAC;AAED;;GAEG;AACH,SAAgB,cAAc,CAAC,eAAgC;IAC7D,OAAO,CAAC,GAAG,eAAe,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACxC,MAAM,YAAY,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAA;QAC5E,IAAI,YAAY,KAAK,CAAC;YAAE,OAAO,YAAY,CAAA;QAE3C,MAAM,eAAe,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAA;QACtD,OAAO,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,CAAA;IACtE,CAAC,CAAC,CAAA;AACJ,CAAC;AAED;;GAEG;AACH,SAAgB,iBAAiB,CAAC,eAAgC;IAChE,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAA;AACxF,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB,CAAC,eAAgC;IAClE,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAChC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAC9E,CAAA;AACH,CAAC"}

package/dist/formatters/index.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Output Formatters
+ * Export all formatting utilities for different workflows
+ */
+export { groupByTheme, limitPerGroup, sortBySeverity, getBlockingIssues, getActionableIssues, getRiskTheme, THEME_CONFIG, type RiskTheme, type GroupedFindings, } from './grouping';
+export { formatGitHubComment, formatShortStatus, formatAnnotation, type GitHubCommentOptions, } from './github-comment';
+export { formatDiagnostic, formatDiagnosticsByFile, generateCodeAction, formatForProblemsPanel, DiagnosticSeverity, type Diagnostic, type DiagnosticsByFile, type CodeAction, type Position, type Range, } from './vscode-diagnostic';
+export { formatTerminalOutput, formatSimpleList, formatJSON, formatSARIF, } from './cli-terminal';
+//# sourceMappingURL=index.d.ts.map

package/dist/formatters/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/formatters/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EACL,YAAY,EACZ,aAAa,EACb,cAAc,EACd,iBAAiB,EACjB,mBAAmB,EACnB,YAAY,EACZ,YAAY,EACZ,KAAK,SAAS,EACd,KAAK,eAAe,GACrB,MAAM,YAAY,CAAA;AAGnB,OAAO,EACL,mBAAmB,EACnB,iBAAiB,EACjB,gBAAgB,EAChB,KAAK,oBAAoB,GAC1B,MAAM,kBAAkB,CAAA;AAGzB,OAAO,EACL,gBAAgB,EAChB,uBAAuB,EACvB,kBAAkB,EAClB,sBAAsB,EACtB,kBAAkB,EAClB,KAAK,UAAU,EACf,KAAK,iBAAiB,EACtB,KAAK,UAAU,EACf,KAAK,QAAQ,EACb,KAAK,KAAK,GACX,MAAM,qBAAqB,CAAA;AAG5B,OAAO,EACL,oBAAoB,EACpB,gBAAgB,EAChB,UAAU,EACV,WAAW,GACZ,MAAM,gBAAgB,CAAA"}

package/dist/formatters/index.js

@@ -0,0 +1,35 @@
+"use strict";
+/**
+ * Output Formatters
+ * Export all formatting utilities for different workflows
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.formatSARIF = exports.formatJSON = exports.formatSimpleList = exports.formatTerminalOutput = exports.DiagnosticSeverity = exports.formatForProblemsPanel = exports.generateCodeAction = exports.formatDiagnosticsByFile = exports.formatDiagnostic = exports.formatAnnotation = exports.formatShortStatus = exports.formatGitHubComment = exports.THEME_CONFIG = exports.getRiskTheme = exports.getActionableIssues = exports.getBlockingIssues = exports.sortBySeverity = exports.limitPerGroup = exports.groupByTheme = void 0;
+// Grouping utilities
+var grouping_1 = require("./grouping");
+Object.defineProperty(exports, "groupByTheme", { enumerable: true, get: function () { return grouping_1.groupByTheme; } });
+Object.defineProperty(exports, "limitPerGroup", { enumerable: true, get: function () { return grouping_1.limitPerGroup; } });
+Object.defineProperty(exports, "sortBySeverity", { enumerable: true, get: function () { return grouping_1.sortBySeverity; } });
+Object.defineProperty(exports, "getBlockingIssues", { enumerable: true, get: function () { return grouping_1.getBlockingIssues; } });
+Object.defineProperty(exports, "getActionableIssues", { enumerable: true, get: function () { return grouping_1.getActionableIssues; } });
+Object.defineProperty(exports, "getRiskTheme", { enumerable: true, get: function () { return grouping_1.getRiskTheme; } });
+Object.defineProperty(exports, "THEME_CONFIG", { enumerable: true, get: function () { return grouping_1.THEME_CONFIG; } });
+// GitHub comment formatter
+var github_comment_1 = require("./github-comment");
+Object.defineProperty(exports, "formatGitHubComment", { enumerable: true, get: function () { return github_comment_1.formatGitHubComment; } });
+Object.defineProperty(exports, "formatShortStatus", { enumerable: true, get: function () { return github_comment_1.formatShortStatus; } });
+Object.defineProperty(exports, "formatAnnotation", { enumerable: true, get: function () { return github_comment_1.formatAnnotation; } });
+// VS Code diagnostic formatter
+var vscode_diagnostic_1 = require("./vscode-diagnostic");
+Object.defineProperty(exports, "formatDiagnostic", { enumerable: true, get: function () { return vscode_diagnostic_1.formatDiagnostic; } });
+Object.defineProperty(exports, "formatDiagnosticsByFile", { enumerable: true, get: function () { return vscode_diagnostic_1.formatDiagnosticsByFile; } });
+Object.defineProperty(exports, "generateCodeAction", { enumerable: true, get: function () { return vscode_diagnostic_1.generateCodeAction; } });
+Object.defineProperty(exports, "formatForProblemsPanel", { enumerable: true, get: function () { return vscode_diagnostic_1.formatForProblemsPanel; } });
+Object.defineProperty(exports, "DiagnosticSeverity", { enumerable: true, get: function () { return vscode_diagnostic_1.DiagnosticSeverity; } });
+// CLI terminal formatter
+var cli_terminal_1 = require("./cli-terminal");
+Object.defineProperty(exports, "formatTerminalOutput", { enumerable: true, get: function () { return cli_terminal_1.formatTerminalOutput; } });
+Object.defineProperty(exports, "formatSimpleList", { enumerable: true, get: function () { return cli_terminal_1.formatSimpleList; } });
+Object.defineProperty(exports, "formatJSON", { enumerable: true, get: function () { return cli_terminal_1.formatJSON; } });
+Object.defineProperty(exports, "formatSARIF", { enumerable: true, get: function () { return cli_terminal_1.formatSARIF; } });
+//# sourceMappingURL=index.js.map

package/dist/formatters/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/formatters/index.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAEH,qBAAqB;AACrB,uCAUmB;AATjB,wGAAA,YAAY,OAAA;AACZ,yGAAA,aAAa,OAAA;AACb,0GAAA,cAAc,OAAA;AACd,6GAAA,iBAAiB,OAAA;AACjB,+GAAA,mBAAmB,OAAA;AACnB,wGAAA,YAAY,OAAA;AACZ,wGAAA,YAAY,OAAA;AAKd,2BAA2B;AAC3B,mDAKyB;AAJvB,qHAAA,mBAAmB,OAAA;AACnB,mHAAA,iBAAiB,OAAA;AACjB,kHAAA,gBAAgB,OAAA;AAIlB,+BAA+B;AAC/B,yDAW4B;AAV1B,qHAAA,gBAAgB,OAAA;AAChB,4HAAA,uBAAuB,OAAA;AACvB,uHAAA,kBAAkB,OAAA;AAClB,2HAAA,sBAAsB,OAAA;AACtB,uHAAA,kBAAkB,OAAA;AAQpB,yBAAyB;AACzB,+CAKuB;AAJrB,oHAAA,oBAAoB,OAAA;AACpB,gHAAA,gBAAgB,OAAA;AAChB,0GAAA,UAAU,OAAA;AACV,2GAAA,WAAW,OAAA"}