npm - @oculum/scanner - Versions diffs - 1.0.11 → 1.0.12 - Mend

@oculum/scanner 1.0.11 → 1.0.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (309) hide show

package/dist/ai-context/index.d.ts +6 -0
package/dist/ai-context/index.d.ts.map +1 -0
package/dist/ai-context/index.js +13 -0
package/dist/ai-context/index.js.map +1 -0
package/dist/ai-context/manager.d.ts +67 -0
package/dist/ai-context/manager.d.ts.map +1 -0
package/dist/ai-context/manager.js +104 -0
package/dist/ai-context/manager.js.map +1 -0
package/dist/category-filter.d.ts +125 -0
package/dist/category-filter.d.ts.map +1 -0
package/dist/category-filter.js +360 -0
package/dist/category-filter.js.map +1 -0
package/dist/filtering/context-adjustments.d.ts +23 -0
package/dist/filtering/context-adjustments.d.ts.map +1 -0
package/dist/filtering/context-adjustments.js +100 -0
package/dist/filtering/context-adjustments.js.map +1 -0
package/dist/filtering/index.d.ts +3 -0
package/dist/filtering/index.d.ts.map +1 -0
package/dist/filtering/index.js +8 -0
package/dist/filtering/index.js.map +1 -0
package/dist/filtering/pipeline.d.ts +48 -0
package/dist/filtering/pipeline.d.ts.map +1 -0
package/dist/filtering/pipeline.js +76 -0
package/dist/filtering/pipeline.js.map +1 -0
package/dist/formatters/ai-context.d.ts +23 -0
package/dist/formatters/ai-context.d.ts.map +1 -0
package/dist/formatters/ai-context.js +238 -0
package/dist/formatters/ai-context.js.map +1 -0
package/dist/formatters/github-comment.d.ts +1 -1
package/dist/formatters/github-comment.d.ts.map +1 -1
package/dist/formatters/github-comment.js +2 -2
package/dist/formatters/github-comment.js.map +1 -1
package/dist/formatters/ide/claude-code.d.ts +17 -0
package/dist/formatters/ide/claude-code.d.ts.map +1 -0
package/dist/formatters/ide/claude-code.js +94 -0
package/dist/formatters/ide/claude-code.js.map +1 -0
package/dist/formatters/ide/cursor.d.ts +13 -0
package/dist/formatters/ide/cursor.d.ts.map +1 -0
package/dist/formatters/ide/cursor.js +125 -0
package/dist/formatters/ide/cursor.js.map +1 -0
package/dist/formatters/ide/index.d.ts +62 -0
package/dist/formatters/ide/index.d.ts.map +1 -0
package/dist/formatters/ide/index.js +184 -0
package/dist/formatters/ide/index.js.map +1 -0
package/dist/formatters/ide/windsurf.d.ts +13 -0
package/dist/formatters/ide/windsurf.d.ts.map +1 -0
package/dist/formatters/ide/windsurf.js +117 -0
package/dist/formatters/ide/windsurf.js.map +1 -0
package/dist/formatters/index.d.ts +2 -0
package/dist/formatters/index.d.ts.map +1 -1
package/dist/formatters/index.js +17 -1
package/dist/formatters/index.js.map +1 -1
package/dist/index.d.ts +4 -0
package/dist/index.d.ts.map +1 -1
package/dist/index.js +272 -44
package/dist/index.js.map +1 -1
package/dist/layer1/comments.d.ts +4 -1
package/dist/layer1/comments.d.ts.map +1 -1
package/dist/layer1/comments.js +1 -1
package/dist/layer1/comments.js.map +1 -1
package/dist/layer1/config-audit.d.ts +4 -1
package/dist/layer1/config-audit.d.ts.map +1 -1
package/dist/layer1/config-audit.js +45 -11
package/dist/layer1/config-audit.js.map +1 -1
package/dist/layer1/config-mcp-audit.d.ts +4 -1
package/dist/layer1/config-mcp-audit.d.ts.map +1 -1
package/dist/layer1/config-mcp-audit.js +2 -2
package/dist/layer1/config-mcp-audit.js.map +1 -1
package/dist/layer1/entropy.d.ts +4 -1
package/dist/layer1/entropy.d.ts.map +1 -1
package/dist/layer1/entropy.js +212 -1
package/dist/layer1/entropy.js.map +1 -1
package/dist/layer1/file-flags.d.ts +4 -1
package/dist/layer1/file-flags.d.ts.map +1 -1
package/dist/layer1/file-flags.js +12 -5
package/dist/layer1/file-flags.js.map +1 -1
package/dist/layer1/index.d.ts.map +1 -1
package/dist/layer1/index.js +14 -19
package/dist/layer1/index.js.map +1 -1
package/dist/layer1/patterns.d.ts +4 -1
package/dist/layer1/patterns.d.ts.map +1 -1
package/dist/layer1/patterns.js +34 -4
package/dist/layer1/patterns.js.map +1 -1
package/dist/layer1/urls.d.ts +4 -1
package/dist/layer1/urls.d.ts.map +1 -1
package/dist/layer1/urls.js +162 -14
package/dist/layer1/urls.js.map +1 -1
package/dist/layer1/weak-crypto.d.ts +4 -1
package/dist/layer1/weak-crypto.d.ts.map +1 -1
package/dist/layer1/weak-crypto.js +144 -7
package/dist/layer1/weak-crypto.js.map +1 -1
package/dist/layer2/ai-agent-tools.d.ts +4 -1
package/dist/layer2/ai-agent-tools.d.ts.map +1 -1
package/dist/layer2/ai-agent-tools.js +661 -2
package/dist/layer2/ai-agent-tools.js.map +1 -1
package/dist/layer2/ai-endpoint-protection.d.ts +2 -0
package/dist/layer2/ai-endpoint-protection.d.ts.map +1 -1
package/dist/layer2/ai-endpoint-protection.js +1 -1
package/dist/layer2/ai-endpoint-protection.js.map +1 -1
package/dist/layer2/ai-execution-sinks.d.ts +4 -1
package/dist/layer2/ai-execution-sinks.d.ts.map +1 -1
package/dist/layer2/ai-execution-sinks.js +252 -43
package/dist/layer2/ai-execution-sinks.js.map +1 -1
package/dist/layer2/ai-fingerprinting.d.ts +4 -1
package/dist/layer2/ai-fingerprinting.d.ts.map +1 -1
package/dist/layer2/ai-fingerprinting.js +25 -32
package/dist/layer2/ai-fingerprinting.js.map +1 -1
package/dist/layer2/ai-mcp-security.d.ts +4 -1
package/dist/layer2/ai-mcp-security.d.ts.map +1 -1
package/dist/layer2/ai-mcp-security.js +200 -2
package/dist/layer2/ai-mcp-security.js.map +1 -1
package/dist/layer2/ai-package-hallucination.d.ts +4 -1
package/dist/layer2/ai-package-hallucination.d.ts.map +1 -1
package/dist/layer2/ai-package-hallucination.js +136 -4
package/dist/layer2/ai-package-hallucination.js.map +1 -1
package/dist/layer2/ai-prompt-hygiene.d.ts +4 -1
package/dist/layer2/ai-prompt-hygiene.d.ts.map +1 -1
package/dist/layer2/ai-prompt-hygiene.js +342 -28
package/dist/layer2/ai-prompt-hygiene.js.map +1 -1
package/dist/layer2/ai-rag-safety.d.ts +4 -1
package/dist/layer2/ai-rag-safety.d.ts.map +1 -1
package/dist/layer2/ai-rag-safety.js +82 -2
package/dist/layer2/ai-rag-safety.js.map +1 -1
package/dist/layer2/ai-schema-validation.d.ts +4 -1
package/dist/layer2/ai-schema-validation.d.ts.map +1 -1
package/dist/layer2/ai-schema-validation.js +2 -2
package/dist/layer2/ai-schema-validation.js.map +1 -1
package/dist/layer2/auth-antipatterns.d.ts +2 -0
package/dist/layer2/auth-antipatterns.d.ts.map +1 -1
package/dist/layer2/auth-antipatterns.js +205 -20
package/dist/layer2/auth-antipatterns.js.map +1 -1
package/dist/layer2/byok-patterns.d.ts +4 -1
package/dist/layer2/byok-patterns.d.ts.map +1 -1
package/dist/layer2/byok-patterns.js +2 -2
package/dist/layer2/byok-patterns.js.map +1 -1
package/dist/layer2/dangerous-functions/dom-xss.d.ts +9 -4
package/dist/layer2/dangerous-functions/dom-xss.d.ts.map +1 -1
package/dist/layer2/dangerous-functions/dom-xss.js +73 -22
package/dist/layer2/dangerous-functions/dom-xss.js.map +1 -1
package/dist/layer2/dangerous-functions/index.d.ts +4 -1
package/dist/layer2/dangerous-functions/index.d.ts.map +1 -1
package/dist/layer2/dangerous-functions/index.js +551 -20
package/dist/layer2/dangerous-functions/index.js.map +1 -1
package/dist/layer2/dangerous-functions/math-random.d.ts +54 -4
package/dist/layer2/dangerous-functions/math-random.d.ts.map +1 -1
package/dist/layer2/dangerous-functions/math-random.js +241 -16
package/dist/layer2/dangerous-functions/math-random.js.map +1 -1
package/dist/layer2/dangerous-functions/patterns.d.ts.map +1 -1
package/dist/layer2/dangerous-functions/patterns.js +3 -1
package/dist/layer2/dangerous-functions/patterns.js.map +1 -1
package/dist/layer2/dangerous-functions/utils/control-flow.d.ts +3 -2
package/dist/layer2/dangerous-functions/utils/control-flow.d.ts.map +1 -1
package/dist/layer2/dangerous-functions/utils/control-flow.js +41 -120
package/dist/layer2/dangerous-functions/utils/control-flow.js.map +1 -1
package/dist/layer2/dangerous-functions/utils/helpers.d.ts.map +1 -1
package/dist/layer2/dangerous-functions/utils/helpers.js +26 -3
package/dist/layer2/dangerous-functions/utils/helpers.js.map +1 -1
package/dist/layer2/dangerous-functions/utils/schema-validation.d.ts.map +1 -1
package/dist/layer2/dangerous-functions/utils/schema-validation.js +14 -1
package/dist/layer2/dangerous-functions/utils/schema-validation.js.map +1 -1
package/dist/layer2/data-exposure.d.ts +4 -1
package/dist/layer2/data-exposure.d.ts.map +1 -1
package/dist/layer2/data-exposure.js +11 -38
package/dist/layer2/data-exposure.js.map +1 -1
package/dist/layer2/framework-checks.d.ts +4 -1
package/dist/layer2/framework-checks.d.ts.map +1 -1
package/dist/layer2/framework-checks.js +2 -2
package/dist/layer2/framework-checks.js.map +1 -1
package/dist/layer2/index.d.ts +9 -1
package/dist/layer2/index.d.ts.map +1 -1
package/dist/layer2/index.js +57 -51
package/dist/layer2/index.js.map +1 -1
package/dist/layer2/logic-gates.d.ts +4 -1
package/dist/layer2/logic-gates.d.ts.map +1 -1
package/dist/layer2/logic-gates.js +54 -20
package/dist/layer2/logic-gates.js.map +1 -1
package/dist/layer2/model-supply-chain.d.ts +4 -1
package/dist/layer2/model-supply-chain.d.ts.map +1 -1
package/dist/layer2/model-supply-chain.js +72 -4
package/dist/layer2/model-supply-chain.js.map +1 -1
package/dist/layer2/risky-imports.d.ts +4 -1
package/dist/layer2/risky-imports.d.ts.map +1 -1
package/dist/layer2/risky-imports.js +2 -2
package/dist/layer2/risky-imports.js.map +1 -1
package/dist/layer2/variables.d.ts +4 -1
package/dist/layer2/variables.d.ts.map +1 -1
package/dist/layer2/variables.js +2 -2
package/dist/layer2/variables.js.map +1 -1
package/dist/layer3/anthropic/auto-dismiss.d.ts.map +1 -1
package/dist/layer3/anthropic/auto-dismiss.js +11 -0
package/dist/layer3/anthropic/auto-dismiss.js.map +1 -1
package/dist/modes/incremental.js +1 -1
package/dist/tiers.d.ts +2 -2
package/dist/tiers.d.ts.map +1 -1
package/dist/tiers.js +7 -7
package/dist/tiers.js.map +1 -1
package/dist/types.d.ts +78 -8
package/dist/types.d.ts.map +1 -1
package/dist/types.js +34 -0
package/dist/types.js.map +1 -1
package/dist/utils/code-analysis.d.ts +39 -0
package/dist/utils/code-analysis.d.ts.map +1 -0
package/dist/utils/code-analysis.js +159 -0
package/dist/utils/code-analysis.js.map +1 -0
package/dist/utils/comment-analyzer.d.ts +38 -0
package/dist/utils/comment-analyzer.d.ts.map +1 -0
package/dist/utils/comment-analyzer.js +218 -0
package/dist/utils/comment-analyzer.js.map +1 -0
package/dist/utils/context-helpers.d.ts +108 -1
package/dist/utils/context-helpers.d.ts.map +1 -1
package/dist/utils/context-helpers.js +351 -2
package/dist/utils/context-helpers.js.map +1 -1
package/dist/utils/environment-context.d.ts +76 -0
package/dist/utils/environment-context.d.ts.map +1 -0
package/dist/utils/environment-context.js +271 -0
package/dist/utils/environment-context.js.map +1 -0
package/dist/utils/intent-detector.d.ts +66 -0
package/dist/utils/intent-detector.d.ts.map +1 -0
package/dist/utils/intent-detector.js +282 -0
package/dist/utils/intent-detector.js.map +1 -0
package/dist/utils/parsed-file.d.ts +51 -0
package/dist/utils/parsed-file.d.ts.map +1 -0
package/dist/utils/parsed-file.js +95 -0
package/dist/utils/parsed-file.js.map +1 -0
package/dist/utils/route-hierarchy.d.ts +50 -0
package/dist/utils/route-hierarchy.d.ts.map +1 -0
package/dist/utils/route-hierarchy.js +226 -0
package/dist/utils/route-hierarchy.js.map +1 -0
package/dist/utils/schema-semantics.d.ts +45 -0
package/dist/utils/schema-semantics.d.ts.map +1 -0
package/dist/utils/schema-semantics.js +193 -0
package/dist/utils/schema-semantics.js.map +1 -0
package/package.json +1 -1
package/src/__tests__/benchmark/fixtures/layer2/index.ts +12 -0
package/src/__tests__/benchmark/fixtures/layer2/phase5-excessive-agency.ts +580 -0
package/src/__tests__/benchmark/fixtures/layer2/sprint6-ai-enhancements.ts +515 -0
package/src/__tests__/benchmark/run-depth-validation.ts +9 -9
package/src/__tests__/category-filter.test.ts +478 -0
package/src/__tests__/regression/known-false-positives.test.ts +490 -0
package/src/__tests__/snapshots/__snapshots__/anthropic-validation-refactor.test.ts.snap +18 -14
package/src/__tests__/snapshots/__snapshots__/scan-depth.test.ts.snap +0 -9
package/src/__tests__/snapshots/anthropic-validation-refactor.test.ts +1 -1
package/src/__tests__/validation/run-validation.ts +7 -7
package/src/ai-context/__tests__/manager.test.ts +193 -0
package/src/ai-context/index.ts +15 -0
package/src/ai-context/manager.ts +145 -0
package/src/baseline/__tests__/manager.test.ts +2 -2
package/src/category-filter.ts +400 -0
package/src/filtering/__tests__/pipeline.test.ts +134 -0
package/src/filtering/context-adjustments.ts +111 -0
package/src/filtering/index.ts +10 -0
package/src/filtering/pipeline.ts +130 -0
package/src/formatters/__tests__/ai-context.test.ts +254 -0
package/src/formatters/ai-context.ts +302 -0
package/src/formatters/github-comment.ts +3 -3
package/src/formatters/ide/__tests__/ide.test.ts +319 -0
package/src/formatters/ide/claude-code.ts +110 -0
package/src/formatters/ide/cursor.ts +147 -0
package/src/formatters/ide/index.ts +216 -0
package/src/formatters/ide/windsurf.ts +135 -0
package/src/formatters/index.ts +24 -0
package/src/index.ts +312 -34
package/src/layer1/comments.ts +3 -1
package/src/layer1/config-audit.ts +50 -11
package/src/layer1/config-mcp-audit.ts +4 -2
package/src/layer1/entropy.ts +234 -1
package/src/layer1/file-flags.ts +17 -6
package/src/layer1/index.ts +14 -18
package/src/layer1/patterns.ts +42 -4
package/src/layer1/urls.ts +188 -14
package/src/layer1/weak-crypto.ts +168 -16
package/src/layer2/ai-agent-tools.ts +707 -2
package/src/layer2/ai-endpoint-protection.ts +3 -1
package/src/layer2/ai-execution-sinks.ts +265 -43
package/src/layer2/ai-fingerprinting.ts +28 -32
package/src/layer2/ai-mcp-security.ts +206 -3
package/src/layer2/ai-package-hallucination.ts +153 -4
package/src/layer2/ai-prompt-hygiene.ts +369 -26
package/src/layer2/ai-rag-safety.ts +85 -2
package/src/layer2/ai-schema-validation.ts +4 -2
package/src/layer2/auth-antipatterns.ts +230 -20
package/src/layer2/byok-patterns.ts +4 -2
package/src/layer2/dangerous-functions/dom-xss.ts +94 -22
package/src/layer2/dangerous-functions/index.ts +635 -51
package/src/layer2/dangerous-functions/math-random.ts +268 -16
package/src/layer2/dangerous-functions/patterns.ts +3 -1
package/src/layer2/dangerous-functions/utils/control-flow.ts +8 -135
package/src/layer2/dangerous-functions/utils/schema-validation.ts +16 -1
package/src/layer2/data-exposure.ts +13 -38
package/src/layer2/framework-checks.ts +4 -2
package/src/layer2/index.ts +69 -50
package/src/layer2/logic-gates.ts +59 -22
package/src/layer2/model-supply-chain.ts +79 -4
package/src/layer2/risky-imports.ts +4 -2
package/src/layer2/variables.ts +4 -2
package/src/layer3/anthropic/auto-dismiss.ts +11 -0
package/src/modes/incremental.ts +1 -1
package/src/tiers.ts +9 -9
package/src/types.ts +122 -8
package/src/utils/__tests__/code-analysis.test.ts +165 -0
package/src/utils/__tests__/parsed-file.test.ts +124 -0
package/src/utils/code-analysis.ts +179 -0
package/src/utils/comment-analyzer.ts +249 -0
package/src/utils/context-helpers.ts +408 -2
package/src/utils/environment-context.ts +304 -0
package/src/utils/intent-detector.ts +318 -0
package/src/utils/parsed-file.ts +103 -0
package/src/utils/route-hierarchy.ts +250 -0
package/src/utils/schema-semantics.ts +233 -0

package/src/formatters/ide/index.ts ADDED Viewed

@@ -0,0 +1,216 @@
+/**
+ * IDE Integration Module
+ * Exports formatters and utilities for IDE-specific config files
+ */
+import { existsSync, readFileSync, writeFileSync, mkdirSync, unlinkSync } from 'fs'
+import { join, dirname } from 'path'
+// Export formatters
+export { formatCursorRules } from './cursor'
+export { formatWindsurfRules } from './windsurf'
+export { formatClaudeCodeSection, OCULUM_SECTION_START, OCULUM_SECTION_END } from './claude-code'
+/** Supported IDE types */
+export type IDEType = 'cursor' | 'windsurf' | 'claude-code'
+/** Default file paths for each IDE */
+export const IDE_FILE_PATHS: Record<IDEType, string> = {
+  cursor: '.cursor/rules/security.mdc',
+  windsurf: '.windsurfrules',
+  'claude-code': 'CLAUDE.md',
+}
+/** Result of a file write operation */
+export interface WriteIDEFileResult {
+  success: boolean
+  path: string
+  error?: string
+}
+/** Result of a file clear operation */
+export interface ClearIDEFilesResult {
+  success: boolean
+  clearedFiles: string[]
+  errors: string[]
+}
+/**
+ * Detect which IDE configurations exist in the project
+ *
+ * @param projectPath - Path to the project root
+ * @returns Array of detected IDE types
+ */
+export function detectIDEConfigs(projectPath: string): IDEType[] {
+  const detected: IDEType[] = []
+  // Check for Cursor
+  if (existsSync(join(projectPath, '.cursor'))) {
+    detected.push('cursor')
+  }
+  // Check for Windsurf rules
+  if (existsSync(join(projectPath, '.windsurfrules'))) {
+    detected.push('windsurf')
+  }
+  // Check for Claude Code
+  if (existsSync(join(projectPath, 'CLAUDE.md'))) {
+    detected.push('claude-code')
+  }
+  return detected
+}
+/**
+ * Write an IDE-specific file
+ *
+ * @param projectPath - Path to the project root
+ * @param relativePath - Relative path for the file
+ * @param content - Content to write
+ * @returns Result object
+ */
+export function writeIDEFile(
+  projectPath: string,
+  relativePath: string,
+  content: string
+): WriteIDEFileResult {
+  const fullPath = join(projectPath, relativePath)
+  try {
+    // Ensure directory exists
+    const dir = dirname(fullPath)
+    if (!existsSync(dir)) {
+      mkdirSync(dir, { recursive: true })
+    }
+    // Write file
+    writeFileSync(fullPath, content)
+    return { success: true, path: fullPath }
+  } catch (err) {
+    return {
+      success: false,
+      path: fullPath,
+      error: `Failed to write ${relativePath}: ${err instanceof Error ? err.message : 'Unknown error'}`,
+    }
+  }
+}
+/**
+ * Update the Oculum section in CLAUDE.md
+ * Replaces content between OCULUM_SECURITY_START and OCULUM_SECURITY_END markers
+ * If markers don't exist, appends the section at the end
+ *
+ * @param projectPath - Path to the project root
+ * @param section - The section content (including markers)
+ * @returns Result object
+ */
+export function updateClaudeMdSection(
+  projectPath: string,
+  section: string
+): WriteIDEFileResult {
+  const filePath = join(projectPath, 'CLAUDE.md')
+  try {
+    let content: string
+    if (existsSync(filePath)) {
+      content = readFileSync(filePath, 'utf-8')
+      // Check if markers exist
+      const startMarker = '<!-- OCULUM_SECURITY_START -->'
+      const endMarker = '<!-- OCULUM_SECURITY_END -->'
+      const startIndex = content.indexOf(startMarker)
+      const endIndex = content.indexOf(endMarker)
+      if (startIndex !== -1 && endIndex !== -1 && endIndex > startIndex) {
+        // Replace existing section
+        content =
+          content.substring(0, startIndex) +
+          section +
+          content.substring(endIndex + endMarker.length)
+      } else {
+        // Append section at end
+        content = content.trimEnd() + '\n\n' + section
+      }
+    } else {
+      // Create new file with section
+      content = `# CLAUDE.md\n\n${section}`
+    }
+    writeFileSync(filePath, content)
+    return { success: true, path: filePath }
+  } catch (err) {
+    return {
+      success: false,
+      path: filePath,
+      error: `Failed to update CLAUDE.md: ${err instanceof Error ? err.message : 'Unknown error'}`,
+    }
+  }
+}
+/**
+ * Clear IDE rule files
+ *
+ * @param projectPath - Path to the project root
+ * @param types - Optional array of IDE types to clear. If not provided, clears all.
+ * @returns Result object with list of cleared files
+ */
+export function clearIDEFiles(
+  projectPath: string,
+  types?: IDEType[]
+): ClearIDEFilesResult {
+  const toCheck = types || (['cursor', 'windsurf', 'claude-code'] as IDEType[])
+  const clearedFiles: string[] = []
+  const errors: string[] = []
+  for (const ide of toCheck) {
+    const relativePath = IDE_FILE_PATHS[ide]
+    const fullPath = join(projectPath, relativePath)
+    try {
+      if (ide === 'claude-code') {
+        // For CLAUDE.md, remove only the Oculum section, not the whole file
+        if (existsSync(fullPath)) {
+          const content = readFileSync(fullPath, 'utf-8')
+          const startMarker = '<!-- OCULUM_SECURITY_START -->'
+          const endMarker = '<!-- OCULUM_SECURITY_END -->'
+          const startIndex = content.indexOf(startMarker)
+          const endIndex = content.indexOf(endMarker)
+          if (startIndex !== -1 && endIndex !== -1) {
+            // Remove section (including potential surrounding newlines)
+            let newContent = content.substring(0, startIndex) + content.substring(endIndex + endMarker.length)
+            // Clean up extra newlines
+            newContent = newContent.replace(/\n{3,}/g, '\n\n').trimEnd() + '\n'
+            writeFileSync(fullPath, newContent)
+            clearedFiles.push(relativePath)
+          }
+        }
+      } else {
+        // For other IDEs, delete the file
+        if (existsSync(fullPath)) {
+          unlinkSync(fullPath)
+          clearedFiles.push(relativePath)
+        }
+      }
+    } catch (err) {
+      errors.push(`Failed to clear ${relativePath}: ${err instanceof Error ? err.message : 'Unknown error'}`)
+    }
+  }
+  return {
+    success: errors.length === 0,
+    clearedFiles,
+    errors,
+  }
+}
+/**
+ * Get the default file path for an IDE type
+ */
+export function getIDEFilePath(ide: IDEType): string {
+  return IDE_FILE_PATHS[ide]
+}

package/src/formatters/ide/windsurf.ts ADDED Viewed

@@ -0,0 +1,135 @@
+/**
+ * Windsurf IDE Integration
+ * Generates .windsurfrules format
+ */
+import type { ScanResult, Vulnerability, VulnerabilityCategory } from '../../types'
+import { sortBySeverity } from '../grouping'
+/**
+ * Get security pattern rule for a category
+ */
+function getPatternRule(category: VulnerabilityCategory): string | null {
+  const rules: Partial<Record<VulnerabilityCategory, string>> = {
+    sql_injection: 'ALWAYS use parameterized queries for database operations.',
+    xss: 'ALWAYS escape user input before inserting into HTML.',
+    hardcoded_secret: 'NEVER hardcode secrets, API keys, or credentials in source code.',
+    high_entropy_string: 'NEVER commit high-entropy strings that could be secrets.',
+    missing_auth: 'ALWAYS add authentication middleware to API endpoints.',
+    dangerous_function: 'NEVER use eval(), exec(), or similar functions with user input.',
+    command_injection: 'ALWAYS sanitize input before passing to shell commands.',
+    sensitive_url: 'NEVER hardcode localhost or internal URLs in production code.',
+    insecure_config: 'ALWAYS review configuration files for security issues.',
+    data_exposure: 'NEVER log or expose sensitive data in error messages.',
+    weak_crypto: 'ALWAYS use strong cryptographic algorithms (avoid MD5, SHA1).',
+    ai_prompt_injection: 'ALWAYS sanitize user input before including in AI prompts.',
+    ai_unsafe_execution: 'NEVER execute code generated by AI without validation.',
+  }
+  return rules[category] || null
+}
+/**
+ * Format scan result as Windsurf rules
+ *
+ * @param result - The scan result to format
+ * @returns Markdown string for .windsurfrules
+ */
+export function formatWindsurfRules(result: ScanResult): string {
+  const { vulnerabilities, timestamp } = result
+  // Sort by severity
+  const sorted = sortBySeverity(vulnerabilities)
+  let md = ''
+  // Header
+  md += `# Oculum Security Rules\n\n`
+  md += `> Generated: ${timestamp}\n\n`
+  // No findings case
+  if (vulnerabilities.length === 0) {
+    md += `## Status\n\n`
+    md += `No security issues found.\n\n`
+    md += `*Run \`oculum scan --windsurf --clear\` to remove this file.*\n`
+    return md
+  }
+  // Security Issues Section
+  md += `## Security Issues\n\n`
+  md += `The following security issues were detected and need attention:\n\n`
+  // Group by file
+  const byFile = new Map<string, Vulnerability[]>()
+  for (const vuln of sorted) {
+    const group = byFile.get(vuln.filePath) || []
+    group.push(vuln)
+    byFile.set(vuln.filePath, group)
+  }
+  // List by file
+  for (const [filePath, vulns] of byFile) {
+    md += `### ${filePath}\n\n`
+    for (const vuln of vulns) {
+      const severityEmoji =
+        vuln.severity === 'critical' ? '!!' :
+        vuln.severity === 'high' ? '!' :
+        vuln.severity === 'medium' ? '*' : '-'
+      md += `- ${severityEmoji} **Line ${vuln.lineNumber}:** ${vuln.title}`
+      if (vuln.suggestedFix) {
+        md += ` - ${vuln.suggestedFix}`
+      }
+      md += '\n'
+    }
+    md += '\n'
+  }
+  // Code Patterns Section
+  md += `## Code Patterns\n\n`
+  md += `Follow these security patterns when writing code:\n\n`
+  // Collect unique pattern rules
+  const patternRules = new Set<string>()
+  for (const vuln of vulnerabilities) {
+    const rule = getPatternRule(vuln.category)
+    if (rule) {
+      patternRules.add(rule)
+    }
+  }
+  for (const rule of patternRules) {
+    md += `- ${rule}\n`
+  }
+  md += '\n'
+  // Quick Reference
+  md += `## Quick Reference\n\n`
+  md += `| Severity | Count | Action |\n`
+  md += `|----------|-------|--------|\n`
+  const { severityCounts } = result
+  if (severityCounts.critical > 0) {
+    md += `| Critical | ${severityCounts.critical} | Fix immediately |\n`
+  }
+  if (severityCounts.high > 0) {
+    md += `| High | ${severityCounts.high} | Fix before commit |\n`
+  }
+  if (severityCounts.medium > 0) {
+    md += `| Medium | ${severityCounts.medium} | Review and fix |\n`
+  }
+  if (severityCounts.low > 0) {
+    md += `| Low | ${severityCounts.low} | Consider fixing |\n`
+  }
+  if (severityCounts.info > 0) {
+    md += `| Info | ${severityCounts.info} | For awareness |\n`
+  }
+  md += '\n'
+  // Footer
+  md += `---\n\n`
+  md += `*Run \`oculum scan\` to verify fixes. Run \`oculum scan --windsurf --clear\` to remove this file.*\n`
+  return md
+}

package/src/formatters/index.ts CHANGED Viewed

@@ -16,6 +16,30 @@ export {
   type GroupedFindings,
 } from './grouping'
+// AI Context formatter
+export {
+  formatAIContext,
+  type AIContextOptions,
+} from './ai-context'
+// IDE integrations
+export {
+  formatCursorRules,
+  formatWindsurfRules,
+  formatClaudeCodeSection,
+  detectIDEConfigs,
+  writeIDEFile,
+  updateClaudeMdSection,
+  clearIDEFiles,
+  getIDEFilePath,
+  OCULUM_SECTION_START,
+  OCULUM_SECTION_END,
+  IDE_FILE_PATHS,
+  type IDEType,
+  type WriteIDEFileResult,
+  type ClearIDEFilesResult,
+} from './ide'
 // GitHub comment formatter
 export {
   formatGitHubComment,