@oddessentials/odd-ai-reviewers 1.7.4 → 1.9.0

package/dist/report/finding-validator.js

@@ -0,0 +1,347 @@
+/**
+ * Finding Validator Module
+ *
+ * Post-processing validation for findings before they are posted to platforms.
+ * Implements FR-011 (line validation), FR-012 (classification), FR-013 (self-contradiction),
+ * and FR-014 (validation summary).
+ */
+import { canonicalizeDiffFiles } from '../diff.js';
+import { buildLineResolver, normalizeFindingsForDiff, computeDriftSignal, computeInlineDriftSignal, } from './line-resolver.js';
+/**
+ * Patterns that indicate a finding is self-dismissing.
+ * When combined with info severity and no actionable suggestion,
+ * the finding is likely a false positive.
+ */
+/**
+ * Strip zero-width and invisible Unicode characters that can bypass word-boundary regex matching.
+ * Only strips invisible characters — visible non-Latin characters are preserved.
+ *
+ * Characters stripped: U+200B (ZWSP), U+200C (ZWNJ), U+200D (ZWJ), U+200E (LRM),
+ * U+200F (RLM), U+2028 (Line Sep), U+2029 (Para Sep), U+FEFF (BOM/ZWNBS)
+ */
+export function normalizeUnicode(text) {
+    return text.replace(/[\u200B-\u200F\u2028\u2029\uFEFF]/g, '');
+}
+const DISMISSIVE_PATTERNS = [
+    /\bno action required\b/i,
+    /\bacceptable as[- ]is\b/i,
+    /\bnot blocking\b/i,
+    /\bno change needed\b/i,
+    /\bcan be ignored\b/i,
+];
+/**
+ * Check if a suggestion is actionable (contains concrete guidance beyond dismissive language).
+ */
+function hasActionableSuggestion(suggestion) {
+    if (!suggestion || suggestion.trim().length === 0) {
+        return false;
+    }
+    const trimmed = suggestion.trim();
+    const dismissiveFragments = DISMISSIVE_PATTERNS.map((pattern) => pattern.exec(trimmed)?.[0] ?? '').filter((fragment) => fragment.length > 0);
+    if (dismissiveFragments.length === 0) {
+        return true;
+    }
+    const residual = dismissiveFragments
+        .reduce((remaining, fragment) => remaining.replace(fragment, ' '), trimmed)
+        .replace(/[.,;:()-]/g, ' ')
+        .replace(/\s+/g, ' ')
+        .trim();
+    return residual.length > 0;
+}
+/**
+ * Regex to extract action signals from PR title/description.
+ * Captures a verb (add, fix, remove, rename, update, refactor) followed by a subject.
+ */
+const PR_INTENT_PATTERN = /\b(add|fix|remove|rename|update|refactor)\s+(.+)/i;
+/**
+ * FR-014: Diagnostic PR intent contradiction logging.
+ *
+ * Extracts action signals from PR title/description and logs warnings when
+ * finding messages appear to contradict the stated PR intent.
+ * DIAGNOSTIC ONLY — no suppression, no filtering, no modification of findings.
+ *
+ * @param findings - Array of findings to check against PR intent
+ * @param prDescription - Combined PR title and description text
+ */
+export function logPRIntentContradictions(findings, prDescription) {
+    const match = PR_INTENT_PATTERN.exec(prDescription);
+    if (!match)
+        return;
+    const verb = (match[1] ?? '').toLowerCase();
+    const subject = (match[2] ?? '').toLowerCase().trim();
+    for (const finding of findings) {
+        const messageLower = finding.message.toLowerCase();
+        // Check if the finding message references the same subject as the PR intent
+        // and appears to contradict the action (e.g., PR says "add X" but finding says "remove X")
+        if (!messageLower.includes(subject.slice(0, Math.min(subject.length, 30))))
+            continue;
+        const contradictionVerbs = {
+            add: ['remove', 'delete', 'drop', 'unnecessary'],
+            fix: ['break', 'revert', 'undo'],
+            remove: ['add', 'keep', 'preserve', 'missing'],
+            rename: ['revert', 'undo', 'original name'],
+            update: ['revert', 'downgrade', 'old version'],
+            refactor: ['revert', 'undo', 'original'],
+        };
+        const opposites = contradictionVerbs[verb] ?? [];
+        const hasContradiction = opposites.some((opp) => messageLower.includes(opp));
+        if (hasContradiction) {
+            console.log('[router] [finding-validator] [pr-intent]', {
+                warning: 'Finding may contradict PR intent',
+                prIntent: `${verb} ${subject}`,
+                findingFile: finding.file,
+                findingLine: finding.line,
+                findingMessage: finding.message.slice(0, 120),
+            });
+        }
+    }
+}
+/**
+ * Stage 1: Semantic-only validation (no lineResolver needed).
+ *
+ * Performs ONLY normalization-independent checks:
+ * - Classification (inline / file-level / global / cross-file)
+ * - Self-contradiction detection (info severity + dismissive language + no suggestion)
+ * - PR intent contradiction logging (FR-014, diagnostic only)
+ * - NO line validation, NO path validation against diff
+ *
+ * Used in processFindings() BEFORE platform reporters run normalizeFindingsForDiff().
+ * This ensures renamed-file and stale-line findings survive to be salvaged by normalization.
+ *
+ * @param findings - Array of findings to validate
+ * @param prDescription - Optional PR title/description for intent contradiction logging
+ * @returns Validation summary with valid findings, filtered findings, and stats
+ */
+export function validateFindingsSemantics(findings, prDescription) {
+    const results = [];
+    const stats = {
+        total: findings.length,
+        valid: 0,
+        filteredByLine: 0,
+        filteredBySelfContradiction: 0,
+        byClassification: {
+            inline: 0,
+            'file-level': 0,
+            global: 0,
+            'cross-file': 0,
+        },
+    };
+    // Pass 1: Classify each finding (no diff file set — classification is best-effort)
+    for (const finding of findings) {
+        let classification;
+        if (!finding.file) {
+            classification = 'global';
+        }
+        else if (finding.line === undefined) {
+            classification = 'file-level';
+        }
+        else {
+            classification = 'inline';
+        }
+        stats.byClassification[classification]++;
+        results.push({
+            finding,
+            classification,
+            valid: true,
+        });
+    }
+    // Pass 2 (line validation): SKIPPED — deferred to Stage 2 after normalization
+    // Pass 3: Self-contradiction detection
+    for (const result of results) {
+        if (!result.valid)
+            continue;
+        // Only filter info severity - NEVER filter warning/error
+        if (result.finding.severity !== 'info')
+            continue;
+        // FR-015: Normalize Unicode before matching to prevent zero-width character bypass
+        const normalizedMessage = normalizeUnicode(result.finding.message);
+        const matchedPattern = DISMISSIVE_PATTERNS.find((p) => p.test(normalizedMessage));
+        if (!matchedPattern)
+            continue;
+        const normalizedSuggestion = result.finding.suggestion
+            ? normalizeUnicode(result.finding.suggestion)
+            : undefined;
+        if (hasActionableSuggestion(normalizedSuggestion))
+            continue;
+        // All 3 conditions met: info + dismissive + no actionable suggestion
+        result.valid = false;
+        result.filterReason = `Self-contradicting: info severity with dismissive language (${matchedPattern.source})`;
+        result.filterType = 'self_contradicting';
+        stats.filteredBySelfContradiction++;
+        console.log('[router] [finding-validator] [filtered:semantic]', {
+            file: result.finding.file,
+            line: result.finding.line,
+            reason: result.filterReason,
+        });
+    }
+    // Build final arrays
+    const validFindings = [];
+    const filtered = [];
+    for (const result of results) {
+        if (result.valid) {
+            validFindings.push(result.finding);
+            stats.valid++;
+        }
+        else {
+            filtered.push(result);
+        }
+    }
+    // FR-014: Diagnostic PR intent logging (no suppression, no filtering)
+    if (prDescription) {
+        logPRIntentContradictions(validFindings, prDescription);
+    }
+    return { validFindings, filtered, stats };
+}
+/**
+ * Stage 2: Diff-bound validation (for use AFTER normalizeFindingsForDiff()).
+ *
+ * Performs line validation against normalized diff positions and path validation.
+ * Runs only after normalization has had a chance to remap renamed paths and snap stale lines.
+ *
+ * @param findings - Array of findings (already normalized by normalizeFindingsForDiff)
+ * @param lineResolver - Resolver for validating line numbers against diff
+ * @param diffFiles - Array of file paths present in the diff
+ * @returns Validation summary with valid findings, filtered findings, and stats
+ */
+export function validateNormalizedFindings(findings, lineResolver, diffFiles) {
+    const diffFileSet = new Set(diffFiles ?? []);
+    const results = [];
+    const stats = {
+        total: findings.length,
+        valid: 0,
+        filteredByLine: 0,
+        filteredBySelfContradiction: 0,
+        byClassification: {
+            inline: 0,
+            'file-level': 0,
+            global: 0,
+            'cross-file': 0,
+        },
+    };
+    // Pass 1: Classify each finding
+    for (const finding of findings) {
+        let classification;
+        if (!finding.file) {
+            classification = 'global';
+        }
+        else if (diffFileSet.size > 0 && !diffFileSet.has(finding.file)) {
+            classification = 'cross-file';
+            console.log(`[router] [finding-validator] cross-file finding for ${finding.file}`);
+        }
+        else if (finding.line === undefined) {
+            classification = 'file-level';
+        }
+        else {
+            classification = 'inline';
+        }
+        stats.byClassification[classification]++;
+        results.push({
+            finding,
+            classification,
+            valid: true,
+        });
+    }
+    // Pass 2: Line validation (inline findings only)
+    for (const result of results) {
+        if (result.classification === 'inline' && result.finding.line !== undefined) {
+            const validation = lineResolver.validateLine(result.finding.file, result.finding.line);
+            if (!validation.valid) {
+                result.valid = false;
+                result.filterReason = `Line ${result.finding.line} not in diff range for ${result.finding.file}`;
+                result.filterType = 'invalid_line';
+                stats.filteredByLine++;
+                console.log('[router] [finding-validator] [filtered:unplaceable]', {
+                    file: result.finding.file,
+                    line: result.finding.line,
+                    reason: result.filterReason,
+                });
+            }
+        }
+    }
+    // Pass 3: Self-contradiction detection (all findings that passed Pass 2)
+    for (const result of results) {
+        if (!result.valid)
+            continue;
+        if (result.finding.severity !== 'info')
+            continue;
+        // FR-015: Normalize Unicode before matching to prevent zero-width character bypass
+        const normalizedMessage = normalizeUnicode(result.finding.message);
+        const matchedPattern = DISMISSIVE_PATTERNS.find((p) => p.test(normalizedMessage));
+        if (!matchedPattern)
+            continue;
+        const normalizedSuggestion = result.finding.suggestion
+            ? normalizeUnicode(result.finding.suggestion)
+            : undefined;
+        if (hasActionableSuggestion(normalizedSuggestion))
+            continue;
+        result.valid = false;
+        result.filterReason = `Self-contradicting: info severity with dismissive language (${matchedPattern.source})`;
+        result.filterType = 'self_contradicting';
+        stats.filteredBySelfContradiction++;
+        console.log('[router] [finding-validator] [filtered:semantic]', {
+            file: result.finding.file,
+            line: result.finding.line,
+            reason: result.filterReason,
+        });
+    }
+    // Build final arrays
+    const validFindings = [];
+    const filtered = [];
+    for (const result of results) {
+        if (result.valid) {
+            validFindings.push(result.finding);
+            stats.valid++;
+        }
+        else {
+            filtered.push(result);
+        }
+    }
+    return { validFindings, filtered, stats };
+}
+export function normalizeAndValidateFindings(findings, diffFiles, platform) {
+    const canonicalFiles = canonicalizeDiffFiles(diffFiles);
+    const lineResolver = buildLineResolver(canonicalFiles);
+    const normalizationResult = normalizeFindingsForDiff(findings, lineResolver);
+    if (normalizationResult.stats.dropped > 0 || normalizationResult.stats.normalized > 0) {
+        console.log(`[${platform}] Line validation: ${normalizationResult.stats.valid} valid, ` +
+            `${normalizationResult.stats.normalized} normalized, ${normalizationResult.stats.dropped} dropped`);
+    }
+    const diffFilePaths = canonicalFiles.map((f) => f.path);
+    const stage2Result = validateNormalizedFindings(normalizationResult.findings, lineResolver, diffFilePaths);
+    if (stage2Result.filtered.length > 0) {
+        console.log(`[${platform}] Stage 2 validation: ${stage2Result.stats.valid} valid, ` +
+            `${stage2Result.stats.filteredByLine} filtered by line, ` +
+            `${stage2Result.stats.filteredBySelfContradiction} self-contradicting`);
+    }
+    const driftSignal = computeDriftSignal(normalizationResult.stats, normalizationResult.invalidDetails);
+    const inlineDriftSignal = computeInlineDriftSignal(normalizationResult.stats, normalizationResult.invalidDetails);
+    return {
+        validatedFindings: stage2Result.validFindings,
+        canonicalFiles,
+        driftSignal,
+        inlineDriftSignal,
+        normalizationStats: normalizationResult.stats,
+        invalidDetails: normalizationResult.invalidDetails,
+    };
+}
+/**
+ * Validate and classify findings, filtering out invalid lines and self-contradicting findings.
+ *
+ * Three-pass validation:
+ * 1. Classify each finding (inline, file-level, global, cross-file)
+ * 2. Validate line numbers for inline findings
+ * 3. Detect self-contradicting findings (info + dismissive + no suggestion)
+ *
+ * @deprecated Use validateFindingsSemantics() in processFindings and
+ * validateNormalizedFindings() in platform reporters after normalization.
+ * Kept for backward compatibility (benchmark adapter).
+ *
+ * @param findings - Array of findings to validate
+ * @param lineResolver - Resolver for validating line numbers against diff
+ * @param diffFiles - Array of file paths present in the diff
+ * @returns Validation summary with valid findings, filtered findings, and stats
+ */
+export function validateFindings(findings, lineResolver, diffFiles) {
+    return validateNormalizedFindings(findings, lineResolver, diffFiles);
+}
+//# sourceMappingURL=finding-validator.js.map

package/dist/report/finding-validator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"finding-validator.js","sourceRoot":"","sources":["../../src/report/finding-validator.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,OAAO,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AACnD,OAAO,EACL,iBAAiB,EACjB,wBAAwB,EACxB,kBAAkB,EAClB,wBAAwB,GAIzB,MAAM,oBAAoB,CAAC;AAqC5B;;;;GAIG;AACH;;;;;;GAMG;AACH,MAAM,UAAU,gBAAgB,CAAC,IAAY;IAC3C,OAAO,IAAI,CAAC,OAAO,CAAC,oCAAoC,EAAE,EAAE,CAAC,CAAC;AAChE,CAAC;AAED,MAAM,mBAAmB,GAAa;IACpC,yBAAyB;IACzB,0BAA0B;IAC1B,mBAAmB;IACnB,uBAAuB;IACvB,qBAAqB;CACtB,CAAC;AAEF;;GAEG;AACH,SAAS,uBAAuB,CAAC,UAA8B;IAC7D,IAAI,CAAC,UAAU,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAClD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,EAAE,CAAC;IAClC,MAAM,mBAAmB,GAAG,mBAAmB,CAAC,GAAG,CACjD,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAC9C,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAE5C,IAAI,mBAAmB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACrC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,QAAQ,GAAG,mBAAmB;SACjC,MAAM,CAAC,CAAC,SAAS,EAAE,QAAQ,EAAE,EAAE,CAAC,SAAS,CAAC,OAAO,CAAC,QAAQ,EAAE,GAAG,CAAC,EAAE,OAAO,CAAC;SAC1E,OAAO,CAAC,YAAY,EAAE,GAAG,CAAC;SAC1B,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;SACpB,IAAI,EAAE,CAAC;IAEV,OAAO,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;AAC7B,CAAC;AAED;;;GAGG;AACH,MAAM,iBAAiB,GAAG,mDAAmD,CAAC;AAE9E;;;;;;;;;GASG;AACH,MAAM,UAAU,yBAAyB,CAAC,QAAmB,EAAE,aAAqB;IAClF,MAAM,KAAK,GAAG,iBAAiB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IACpD,IAAI,CAAC,KAAK;QAAE,OAAO;IAEnB,MAAM,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;IAC5C,MAAM,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAC;IAEtD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;QAEnD,4EAA4E;QAC5E,2FAA2F;QAC3F,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,CAAC;YAAE,SAAS;QAErF,MAAM,kBAAkB,GAA6B;YACnD,GAAG,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,aAAa,CAAC;YAChD,GAAG,EAAE,CAAC,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC;YAChC,MAAM,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,CAAC;YAC9C,MAAM,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,eAAe,CAAC;YAC3C,MAAM,EAAE,CAAC,QAAQ,EAAE,WAAW,EAAE,aAAa,CAAC;YAC9C,QAAQ,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC;SACzC,CAAC;QAEF,MAAM,SAAS,GAAG,kBAAkB,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QACjD,MAAM,gBAAgB,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;QAE7E,IAAI,gBAAgB,EAAE,CAAC;YACrB,OAAO,CAAC,GAAG,CAAC,0CAA0C,EAAE;gBACtD,OAAO,EAAE,kCAAkC;gBAC3C,QAAQ,EAAE,GAAG,IAAI,IAAI,OAAO,EAAE;gBAC9B,WAAW,EAAE,OAAO,CAAC,IAAI;gBACzB,WAAW,EAAE,OAAO,CAAC,IAAI;gBACzB,cAAc,EAAE,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;aAC9C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,yBAAyB,CACvC,QAAmB,EACnB,aAAsB;IAEtB,MAAM,OAAO,GAA8B,EAAE,CAAC;IAC9C,MAAM,KAAK,GAAG;QACZ,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,KAAK,EAAE,CAAC;QACR,cAAc,EAAE,CAAC;QACjB,2BAA2B,EAAE,CAAC;QAC9B,gBAAgB,EAAE;YAChB,MAAM,EAAE,CAAC;YACT,YAAY,EAAE,CAAC;YACf,MAAM,EAAE,CAAC;YACT,YAAY,EAAE,CAAC;SACyB;KAC3C,CAAC;IAEF,mFAAmF;IACnF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,cAAqC,CAAC;QAE1C,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;YAClB,cAAc,GAAG,QAAQ,CAAC;QAC5B,CAAC;aAAM,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YACtC,cAAc,GAAG,YAAY,CAAC;QAChC,CAAC;aAAM,CAAC;YACN,cAAc,GAAG,QAAQ,CAAC;QAC5B,CAAC;QAED,KAAK,CAAC,gBAAgB,CAAC,cAAc,CAAC,EAAE,CAAC;QAEzC,OAAO,CAAC,IAAI,CAAC;YACX,OAAO;YACP,cAAc;YACd,KAAK,EAAE,IAAI;SACZ,CAAC,CAAC;IACL,CAAC;IAED,8EAA8E;IAE9E,uCAAuC;IACvC,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,IAAI,CAAC,MAAM,CAAC,KAAK;YAAE,SAAS;QAE5B,yDAAyD;QACzD,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,KAAK,MAAM;YAAE,SAAS;QAEjD,mFAAmF;QACnF,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACnE,MAAM,cAAc,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC;QAClF,IAAI,CAAC,cAAc;YAAE,SAAS;QAE9B,MAAM,oBAAoB,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU;YACpD,CAAC,CAAC,gBAAgB,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAC;QACd,IAAI,uBAAuB,CAAC,oBAAoB,CAAC;YAAE,SAAS;QAE5D,qEAAqE;QACrE,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC;QACrB,MAAM,CAAC,YAAY,GAAG,+DAA+D,cAAc,CAAC,MAAM,GAAG,CAAC;QAC9G,MAAM,CAAC,UAAU,GAAG,oBAAoB,CAAC;QACzC,KAAK,CAAC,2BAA2B,EAAE,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,kDAAkD,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,IAAI;YACzB,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,IAAI;YACzB,MAAM,EAAE,MAAM,CAAC,YAAY;SAC5B,CAAC,CAAC;IACL,CAAC;IAED,qBAAqB;IACrB,MAAM,aAAa,GAAc,EAAE,CAAC;IACpC,MAAM,QAAQ,GAA8B,EAAE,CAAC;IAE/C,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YACjB,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACnC,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACxB,CAAC;IACH,CAAC;IAED,sEAAsE;IACtE,IAAI,aAAa,EAAE,CAAC;QAClB,yBAAyB,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;IAC1D,CAAC;IAED,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;AAC5C,CAAC;AAED;;;;;;;;;;GAUG;AACH,MAAM,UAAU,0BAA0B,CACxC,QAAmB,EACnB,YAAiC,EACjC,SAAoB;IAEpB,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC;IAC7C,MAAM,OAAO,GAA8B,EAAE,CAAC;IAC9C,MAAM,KAAK,GAAG;QACZ,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,KAAK,EAAE,CAAC;QACR,cAAc,EAAE,CAAC;QACjB,2BAA2B,EAAE,CAAC;QAC9B,gBAAgB,EAAE;YAChB,MAAM,EAAE,CAAC;YACT,YAAY,EAAE,CAAC;YACf,MAAM,EAAE,CAAC;YACT,YAAY,EAAE,CAAC;SACyB;KAC3C,CAAC;IAEF,gCAAgC;IAChC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,cAAqC,CAAC;QAE1C,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;YAClB,cAAc,GAAG,QAAQ,CAAC;QAC5B,CAAC;aAAM,IAAI,WAAW,CAAC,IAAI,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;YAClE,cAAc,GAAG,YAAY,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,uDAAuD,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QACrF,CAAC;aAAM,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YACtC,cAAc,GAAG,YAAY,CAAC;QAChC,CAAC;aAAM,CAAC;YACN,cAAc,GAAG,QAAQ,CAAC;QAC5B,CAAC;QAED,KAAK,CAAC,gBAAgB,CAAC,cAAc,CAAC,EAAE,CAAC;QAEzC,OAAO,CAAC,IAAI,CAAC;YACX,OAAO;YACP,cAAc;YACd,KAAK,EAAE,IAAI;SACZ,CAAC,CAAC;IACL,CAAC;IAED,iDAAiD;IACjD,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,IAAI,MAAM,CAAC,cAAc,KAAK,QAAQ,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAC5E,MAAM,UAAU,GAAG,YAAY,CAAC,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACvF,IAAI,CAAC,UAAU,CAAC,KAAK,EAAE,CAAC;gBACtB,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC;gBACrB,MAAM,CAAC,YAAY,GAAG,QAAQ,MAAM,CAAC,OAAO,CAAC,IAAI,0BAA0B,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;gBACjG,MAAM,CAAC,UAAU,GAAG,cAAc,CAAC;gBACnC,KAAK,CAAC,cAAc,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,qDAAqD,EAAE;oBACjE,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,IAAI;oBACzB,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,IAAI;oBACzB,MAAM,EAAE,MAAM,CAAC,YAAY;iBAC5B,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,yEAAyE;IACzE,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,IAAI,CAAC,MAAM,CAAC,KAAK;YAAE,SAAS;QAE5B,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,KAAK,MAAM;YAAE,SAAS;QAEjD,mFAAmF;QACnF,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACnE,MAAM,cAAc,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC;QAClF,IAAI,CAAC,cAAc;YAAE,SAAS;QAE9B,MAAM,oBAAoB,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU;YACpD,CAAC,CAAC,gBAAgB,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC;YAC7C,CAAC,CAAC,SAAS,CAAC;QACd,IAAI,uBAAuB,CAAC,oBAAoB,CAAC;YAAE,SAAS;QAE5D,MAAM,CAAC,KAAK,GAAG,KAAK,CAAC;QACrB,MAAM,CAAC,YAAY,GAAG,+DAA+D,cAAc,CAAC,MAAM,GAAG,CAAC;QAC9G,MAAM,CAAC,UAAU,GAAG,oBAAoB,CAAC;QACzC,KAAK,CAAC,2BAA2B,EAAE,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,kDAAkD,EAAE;YAC9D,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,IAAI;YACzB,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,IAAI;YACzB,MAAM,EAAE,MAAM,CAAC,YAAY;SAC5B,CAAC,CAAC;IACL,CAAC;IAED,qBAAqB;IACrB,MAAM,aAAa,GAAc,EAAE,CAAC;IACpC,MAAM,QAAQ,GAA8B,EAAE,CAAC;IAE/C,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YACjB,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACnC,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACxB,CAAC;IACH,CAAC;IAED,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC;AAC5C,CAAC;AAkBD,MAAM,UAAU,4BAA4B,CAC1C,QAAmB,EACnB,SAAqB,EACrB,QAAgB;IAEhB,MAAM,cAAc,GAAG,qBAAqB,CAAC,SAAS,CAAC,CAAC;IACxD,MAAM,YAAY,GAAG,iBAAiB,CAAC,cAAc,CAAC,CAAC;IACvD,MAAM,mBAAmB,GAAG,wBAAwB,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAE7E,IAAI,mBAAmB,CAAC,KAAK,CAAC,OAAO,GAAG,CAAC,IAAI,mBAAmB,CAAC,KAAK,CAAC,UAAU,GAAG,CAAC,EAAE,CAAC;QACtF,OAAO,CAAC,GAAG,CACT,IAAI,QAAQ,sBAAsB,mBAAmB,CAAC,KAAK,CAAC,KAAK,UAAU;YACzE,GAAG,mBAAmB,CAAC,KAAK,CAAC,UAAU,gBAAgB,mBAAmB,CAAC,KAAK,CAAC,OAAO,UAAU,CACrG,CAAC;IACJ,CAAC;IAED,MAAM,aAAa,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IACxD,MAAM,YAAY,GAAG,0BAA0B,CAC7C,mBAAmB,CAAC,QAAQ,EAC5B,YAAY,EACZ,aAAa,CACd,CAAC;IAEF,IAAI,YAAY,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrC,OAAO,CAAC,GAAG,CACT,IAAI,QAAQ,yBAAyB,YAAY,CAAC,KAAK,CAAC,KAAK,UAAU;YACrE,GAAG,YAAY,CAAC,KAAK,CAAC,cAAc,qBAAqB;YACzD,GAAG,YAAY,CAAC,KAAK,CAAC,2BAA2B,qBAAqB,CACzE,CAAC;IACJ,CAAC;IAED,MAAM,WAAW,GAAG,kBAAkB,CACpC,mBAAmB,CAAC,KAAK,EACzB,mBAAmB,CAAC,cAAc,CACnC,CAAC;IAEF,MAAM,iBAAiB,GAAG,wBAAwB,CAChD,mBAAmB,CAAC,KAAK,EACzB,mBAAmB,CAAC,cAAc,CACnC,CAAC;IAEF,OAAO;QACL,iBAAiB,EAAE,YAAY,CAAC,aAAa;QAC7C,cAAc;QACd,WAAW;QACX,iBAAiB;QACjB,kBAAkB,EAAE,mBAAmB,CAAC,KAAK;QAC7C,cAAc,EAAE,mBAAmB,CAAC,cAAc;KACnD,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,UAAU,gBAAgB,CAC9B,QAAmB,EACnB,YAAiC,EACjC,SAAoB;IAEpB,OAAO,0BAA0B,CAAC,QAAQ,EAAE,YAAY,EAAE,SAAS,CAAC,CAAC;AACvE,CAAC"}

package/dist/report/framework-pattern-filter.d.ts

@@ -0,0 +1,53 @@
+/**
+ * Framework Pattern Filter (FR-013)
+ *
+ * Deterministic post-processing filter that catches Pattern B false positives
+ * using a closed, default-deny matcher table. Runs in Stage 1 validation
+ * (after self-contradiction filter, before Stage 2 diff-bound validation).
+ *
+ * The matcher table is CLOSED: only these 3 matchers exist.
+ * Adding a new matcher requires a spec amendment.
+ */
+import type { Finding } from '../agents/types.js';
+export interface FrameworkPatternMatcher {
+    /** Unique matcher identifier */
+    readonly id: string;
+    /** Human-readable name */
+    readonly name: string;
+    /** Regex that triggers evaluation when matched against finding.message */
+    readonly messagePattern: RegExp;
+    /**
+     * Validates structural evidence in diff content.
+     * Returns true if evidence confirms the framework pattern (suppress finding).
+     * Returns false if evidence is missing or ambiguous (pass finding through).
+     */
+    evidenceValidator: (finding: Finding, diffContent: string) => boolean;
+    /** Diagnostic reason logged when finding is suppressed */
+    readonly suppressionReason: string;
+}
+export interface FrameworkFilterResult {
+    finding: Finding;
+    suppressed: boolean;
+    matcherId?: string;
+    reason?: string;
+}
+export interface FrameworkFilterSummary {
+    total: number;
+    suppressed: number;
+    passed: number;
+    results: FrameworkFilterResult[];
+}
+/**
+ * Evaluate findings against the closed matcher table.
+ * Default-deny: only exact matches with validated evidence are suppressed.
+ *
+ * @param findings - Findings that passed Stage 1 semantic validation
+ * @param diffContent - Raw diff content for evidence validation
+ * @returns Summary with suppressed/passed findings and diagnostic details
+ */
+export declare function filterFrameworkConventionFindings(findings: Finding[], diffContent: string): FrameworkFilterSummary;
+/**
+ * Get the list of valid findings (non-suppressed) from a filter summary.
+ */
+export declare function getValidFindings(summary: FrameworkFilterSummary): Finding[];
+//# sourceMappingURL=framework-pattern-filter.d.ts.map

package/dist/report/framework-pattern-filter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"framework-pattern-filter.d.ts","sourceRoot":"","sources":["../../src/report/framework-pattern-filter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAMlD,MAAM,WAAW,uBAAuB;IACtC,gCAAgC;IAChC,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,0BAA0B;IAC1B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,0EAA0E;IAC1E,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC;;;;OAIG;IACH,iBAAiB,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,KAAK,OAAO,CAAC;IACtE,0DAA0D;IAC1D,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC;CACpC;AAED,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,OAAO,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,sBAAsB;IACrC,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,qBAAqB,EAAE,CAAC;CAClC;AAkKD;;;;;;;GAOG;AACH,wBAAgB,iCAAiC,CAC/C,QAAQ,EAAE,OAAO,EAAE,EACnB,WAAW,EAAE,MAAM,GAClB,sBAAsB,CAuCxB;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,sBAAsB,GAAG,OAAO,EAAE,CAE3E"}

package/dist/report/framework-pattern-filter.js

@@ -0,0 +1,189 @@
+/**
+ * Framework Pattern Filter (FR-013)
+ *
+ * Deterministic post-processing filter that catches Pattern B false positives
+ * using a closed, default-deny matcher table. Runs in Stage 1 validation
+ * (after self-contradiction filter, before Stage 2 diff-bound validation).
+ *
+ * The matcher table is CLOSED: only these 3 matchers exist.
+ * Adding a new matcher requires a spec amendment.
+ */
+// =============================================================================
+// Evidence Helpers
+// =============================================================================
+/**
+ * Extract lines near a finding's line from diff content, scoped to the finding's file.
+ * Returns the relevant file's diff section for evidence scanning.
+ */
+function extractFileDiffSection(finding, diffContent) {
+    if (!finding.file || !diffContent)
+        return '';
+    // Normalize Windows backslashes to forward slashes for diff header matching
+    const normalizedPath = finding.file.replace(/\\/g, '/');
+    // Split diff by file boundaries
+    const fileSections = diffContent.split(/^diff --git /m);
+    for (const section of fileSections) {
+        // Match against the finding's file path (check both a/ and b/ paths)
+        if (section.includes(`a/${normalizedPath} `) ||
+            section.includes(`b/${normalizedPath}`) ||
+            section.includes(`a/${normalizedPath}\n`) ||
+            section.includes(`b/${normalizedPath}\n`)) {
+            return section;
+        }
+    }
+    return '';
+}
+/**
+ * Extract lines near a specific line number from a diff section.
+ * Returns lines within a window around the target line.
+ */
+function extractLinesNearFinding(diffSection, findingLine, windowSize = 10) {
+    if (findingLine === undefined)
+        return diffSection.split('\n');
+    const lines = diffSection.split('\n');
+    const result = [];
+    let currentLine = 0;
+    for (const line of lines) {
+        // Track line numbers from hunk headers
+        const hunkMatch = line.match(/^@@ -\d+(?:,\d+)? \+(\d+)/);
+        if (hunkMatch?.[1]) {
+            currentLine = parseInt(hunkMatch[1], 10) - 1;
+            continue;
+        }
+        if (line.startsWith('-'))
+            continue; // Skip removed lines
+        currentLine++;
+        if (currentLine >= findingLine - windowSize && currentLine <= findingLine + windowSize) {
+            // Strip diff prefix for content analysis
+            const content = line.startsWith('+')
+                ? line.slice(1)
+                : line.startsWith(' ')
+                    ? line.slice(1)
+                    : line;
+            result.push(content);
+        }
+    }
+    return result;
+}
+// =============================================================================
+// Closed Matcher Table — DEFAULT DENY
+// Only these 3 matchers. No additions without spec change.
+// =============================================================================
+const FRAMEWORK_MATCHERS = [
+    // T019: Express Error Middleware
+    {
+        id: 'express-error-mw',
+        name: 'Express Error Middleware',
+        messagePattern: /unused.*param/i,
+        evidenceValidator(finding, diffContent) {
+            const fileSection = extractFileDiffSection(finding, diffContent);
+            if (!fileSection)
+                return false;
+            // Must have a 4-parameter function near the finding line
+            // Express error middleware signature: (err, req, res, next) or variants
+            const nearbyLines = extractLinesNearFinding(fileSection, finding.line, 5);
+            const nearbyText = nearbyLines.join('\n');
+            // Match 4-param function: (param1, param2, param3, param4) with optional type annotations
+            const fourParamPattern = /\(\s*\w+\s*(?::\s*[^,)]+)?\s*,\s*\w+\s*(?::\s*[^,)]+)?\s*,\s*\w+\s*(?::\s*[^,)]+)?\s*,\s*\w+\s*(?::\s*[^,)]+)?\s*\)/;
+            const hasFourParams = fourParamPattern.test(nearbyText);
+            if (!hasFourParams)
+                return false;
+            // At least one Express indicator required (in the file section):
+            // - .use() middleware registration call
+            // - import from 'express' package
+            // - Express type annotations (Request, Response, NextFunction, ErrorRequestHandler)
+            const hasUseCall = /\.use\s*\(/.test(fileSection);
+            const hasExpressImport = /from\s+['"]express['"]/.test(fileSection);
+            const hasExpressTypes = /:\s*(?:Request|Response|NextFunction|ErrorRequestHandler)\b/.test(nearbyText);
+            return hasUseCall || hasExpressImport || hasExpressTypes;
+        },
+        suppressionReason: 'Express 4-param error middleware — unused params required by framework',
+    },
+    // T020: TypeScript Unused Prefix
+    {
+        id: 'ts-unused-prefix',
+        name: 'TypeScript Unused Prefix',
+        messagePattern: /unused.*(variable|parameter|binding|import)/i,
+        evidenceValidator(finding, _diffContent) {
+            // Extract identifier names from the finding message.
+            // Look for words that could be binding names (alphanumeric + underscore).
+            // Confirm at least one is underscore-prefixed (the TS convention).
+            const words = finding.message.match(/\b(\w+)\b/g);
+            if (!words)
+                return false;
+            // The binding name must start with underscore and have at least one more char
+            return words.some((word) => /^_\w+$/.test(word));
+        },
+        suppressionReason: 'TypeScript _prefix convention for intentionally unused bindings',
+    },
+    // T021: Exhaustive Switch
+    {
+        id: 'exhaustive-switch',
+        name: 'Exhaustive Switch',
+        messagePattern: /missing.*case|unhandled.*case|default.*unreachable/i,
+        evidenceValidator(finding, diffContent) {
+            const fileSection = extractFileDiffSection(finding, diffContent);
+            if (!fileSection)
+                return false;
+            // Scan near finding line for assertNever( or exhaustive throw
+            const nearbyLines = extractLinesNearFinding(fileSection, finding.line, 8);
+            const nearbyText = nearbyLines.join('\n');
+            const hasAssertNever = /assertNever\s*\(/.test(nearbyText);
+            const hasExhaustiveThrow = /throw\s+new\s+\w*[Ee]rror\s*\(\s*['"`].*(?:exhaustive|unreachable|unexpected)/i.test(nearbyText);
+            return hasAssertNever || hasExhaustiveThrow;
+        },
+        suppressionReason: 'Exhaustive switch with assertNever/throw — all cases handled at compile time',
+    },
+];
+// =============================================================================
+// Public API
+// =============================================================================
+/**
+ * Evaluate findings against the closed matcher table.
+ * Default-deny: only exact matches with validated evidence are suppressed.
+ *
+ * @param findings - Findings that passed Stage 1 semantic validation
+ * @param diffContent - Raw diff content for evidence validation
+ * @returns Summary with suppressed/passed findings and diagnostic details
+ */
+export function filterFrameworkConventionFindings(findings, diffContent) {
+    const results = [];
+    let suppressed = 0;
+    for (const finding of findings) {
+        let matched = false;
+        for (const matcher of FRAMEWORK_MATCHERS) {
+            // Step 1: Does the message pattern match?
+            if (!matcher.messagePattern.test(finding.message))
+                continue;
+            // Step 2: Does structural evidence confirm the pattern?
+            if (matcher.evidenceValidator(finding, diffContent)) {
+                results.push({
+                    finding,
+                    suppressed: true,
+                    matcherId: matcher.id,
+                    reason: matcher.suppressionReason,
+                });
+                suppressed++;
+                matched = true;
+                console.log(`[router] [framework-filter] Suppressed: ${matcher.id} — ${finding.file}:${finding.line ?? '?'} — ${matcher.suppressionReason}`);
+                break; // First matching matcher wins
+            }
+        }
+        if (!matched) {
+            results.push({ finding, suppressed: false });
+        }
+    }
+    return {
+        total: findings.length,
+        suppressed,
+        passed: findings.length - suppressed,
+        results,
+    };
+}
+/**
+ * Get the list of valid findings (non-suppressed) from a filter summary.
+ */
+export function getValidFindings(summary) {
+    return summary.results.filter((r) => !r.suppressed).map((r) => r.finding);
+}
+//# sourceMappingURL=framework-pattern-filter.js.map

package/dist/report/framework-pattern-filter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"framework-pattern-filter.js","sourceRoot":"","sources":["../../src/report/framework-pattern-filter.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAuCH,gFAAgF;AAChF,mBAAmB;AACnB,gFAAgF;AAEhF;;;GAGG;AACH,SAAS,sBAAsB,CAAC,OAAgB,EAAE,WAAmB;IACnE,IAAI,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,WAAW;QAAE,OAAO,EAAE,CAAC;IAE7C,4EAA4E;IAC5E,MAAM,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAExD,gCAAgC;IAChC,MAAM,YAAY,GAAG,WAAW,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;IACxD,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;QACnC,qEAAqE;QACrE,IACE,OAAO,CAAC,QAAQ,CAAC,KAAK,cAAc,GAAG,CAAC;YACxC,OAAO,CAAC,QAAQ,CAAC,KAAK,cAAc,EAAE,CAAC;YACvC,OAAO,CAAC,QAAQ,CAAC,KAAK,cAAc,IAAI,CAAC;YACzC,OAAO,CAAC,QAAQ,CAAC,KAAK,cAAc,IAAI,CAAC,EACzC,CAAC;YACD,OAAO,OAAO,CAAC;QACjB,CAAC;IACH,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;GAGG;AACH,SAAS,uBAAuB,CAC9B,WAAmB,EACnB,WAA+B,EAC/B,UAAU,GAAG,EAAE;IAEf,IAAI,WAAW,KAAK,SAAS;QAAE,OAAO,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAE9D,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACtC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,WAAW,GAAG,CAAC,CAAC;IAEpB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,uCAAuC;QACvC,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;QAC1D,IAAI,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACnB,WAAW,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;YAC7C,SAAS;QACX,CAAC;QAED,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,SAAS,CAAC,qBAAqB;QAEzD,WAAW,EAAE,CAAC;QAEd,IAAI,WAAW,IAAI,WAAW,GAAG,UAAU,IAAI,WAAW,IAAI,WAAW,GAAG,UAAU,EAAE,CAAC;YACvF,yCAAyC;YACzC,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;gBAClC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;gBACf,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;oBACpB,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;oBACf,CAAC,CAAC,IAAI,CAAC;YACX,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACvB,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,gFAAgF;AAChF,sCAAsC;AACtC,2DAA2D;AAC3D,gFAAgF;AAEhF,MAAM,kBAAkB,GAAuC;IAC7D,iCAAiC;IACjC;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,0BAA0B;QAChC,cAAc,EAAE,gBAAgB;QAChC,iBAAiB,CAAC,OAAgB,EAAE,WAAmB;YACrD,MAAM,WAAW,GAAG,sBAAsB,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;YACjE,IAAI,CAAC,WAAW;gBAAE,OAAO,KAAK,CAAC;YAE/B,yDAAyD;YACzD,wEAAwE;YACxE,MAAM,WAAW,GAAG,uBAAuB,CAAC,WAAW,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;YAC1E,MAAM,UAAU,GAAG,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAE1C,0FAA0F;YAC1F,MAAM,gBAAgB,GACpB,qHAAqH,CAAC;YACxH,MAAM,aAAa,GAAG,gBAAgB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YACxD,IAAI,CAAC,aAAa;gBAAE,OAAO,KAAK,CAAC;YAEjC,iEAAiE;YACjE,wCAAwC;YACxC,kCAAkC;YAClC,oFAAoF;YACpF,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YAClD,MAAM,gBAAgB,GAAG,wBAAwB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACpE,MAAM,eAAe,GAAG,6DAA6D,CAAC,IAAI,CACxF,UAAU,CACX,CAAC;YAEF,OAAO,UAAU,IAAI,gBAAgB,IAAI,eAAe,CAAC;QAC3D,CAAC;QACD,iBAAiB,EAAE,wEAAwE;KAC5F;IAED,iCAAiC;IACjC;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,0BAA0B;QAChC,cAAc,EAAE,8CAA8C;QAC9D,iBAAiB,CAAC,OAAgB,EAAE,YAAoB;YACtD,qDAAqD;YACrD,0EAA0E;YAC1E,mEAAmE;YACnE,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;YAClD,IAAI,CAAC,KAAK;gBAAE,OAAO,KAAK,CAAC;YAEzB,8EAA8E;YAC9E,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QACnD,CAAC;QACD,iBAAiB,EAAE,iEAAiE;KACrF;IAED,0BAA0B;IAC1B;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,cAAc,EAAE,qDAAqD;QACrE,iBAAiB,CAAC,OAAgB,EAAE,WAAmB;YACrD,MAAM,WAAW,GAAG,sBAAsB,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;YACjE,IAAI,CAAC,WAAW;gBAAE,OAAO,KAAK,CAAC;YAE/B,8DAA8D;YAC9D,MAAM,WAAW,GAAG,uBAAuB,CAAC,WAAW,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;YAC1E,MAAM,UAAU,GAAG,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAE1C,MAAM,cAAc,GAAG,kBAAkB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC3D,MAAM,kBAAkB,GACtB,gFAAgF,CAAC,IAAI,CACnF,UAAU,CACX,CAAC;YAEJ,OAAO,cAAc,IAAI,kBAAkB,CAAC;QAC9C,CAAC;QACD,iBAAiB,EACf,8EAA8E;KACjF;CACO,CAAC;AAEX,gFAAgF;AAChF,aAAa;AACb,gFAAgF;AAEhF;;;;;;;GAOG;AACH,MAAM,UAAU,iCAAiC,CAC/C,QAAmB,EACnB,WAAmB;IAEnB,MAAM,OAAO,GAA4B,EAAE,CAAC;IAC5C,IAAI,UAAU,GAAG,CAAC,CAAC;IAEnB,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,OAAO,GAAG,KAAK,CAAC;QAEpB,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;YACzC,0CAA0C;YAC1C,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC;gBAAE,SAAS;YAE5D,wDAAwD;YACxD,IAAI,OAAO,CAAC,iBAAiB,CAAC,OAAO,EAAE,WAAW,CAAC,EAAE,CAAC;gBACpD,OAAO,CAAC,IAAI,CAAC;oBACX,OAAO;oBACP,UAAU,EAAE,IAAI;oBAChB,SAAS,EAAE,OAAO,CAAC,EAAE;oBACrB,MAAM,EAAE,OAAO,CAAC,iBAAiB;iBAClC,CAAC,CAAC;gBACH,UAAU,EAAE,CAAC;gBACb,OAAO,GAAG,IAAI,CAAC;gBACf,OAAO,CAAC,GAAG,CACT,2CAA2C,OAAO,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,IAAI,IAAI,GAAG,MAAM,OAAO,CAAC,iBAAiB,EAAE,CAChI,CAAC;gBACF,MAAM,CAAC,8BAA8B;YACvC,CAAC;QACH,CAAC;QAED,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;QAC/C,CAAC;IACH,CAAC;IAED,OAAO;QACL,KAAK,EAAE,QAAQ,CAAC,MAAM;QACtB,UAAU;QACV,MAAM,EAAE,QAAQ,CAAC,MAAM,GAAG,UAAU;QACpC,OAAO;KACR,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAA+B;IAC9D,OAAO,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;AAC5E,CAAC"}

package/dist/report/github.d.ts

@@ -31,6 +31,8 @@ export interface ReportResult {
     invalidLineDetails?: InvalidLineDetail[];
     /** Whether inline comments were suppressed by drift gate */
     inlineCommentsGated?: boolean;
+    /** Post-normalization validated findings for gating (after Stage 2) */
+    postNormalizationFindings?: Finding[];
 }
 /**
  * Start a check run in 'in_progress' state

package/dist/report/github.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"github.d.ts","sourceRoot":"","sources":["../../src/report/github.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAY,MAAM,oBAAoB,CAAC;AAC5D,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAyB3C,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAU3C,OAAO,EAOL,KAAK,eAAe,EACpB,KAAK,iBAAiB,EAEvB,MAAM,oBAAoB,CAAC;AAE5B,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,qEAAqE;IACrE,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,yDAAyD;IACzD,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,sDAAsD;IACtD,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,sCAAsC;IACtC,eAAe,CAAC,EAAE,eAAe,CAAC;IAClC,gDAAgD;IAChD,kBAAkB,CAAC,EAAE,iBAAiB,EAAE,CAAC;IACzC,4DAA4D;IAC5D,mBAAmB,CAAC,EAAE,OAAO,CAAC;CAC/B;AAED;;;GAGG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC,CAkB3E;AAED;;;GAGG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,aAAa,EACtB,MAAM,EAAE;IACN,UAAU,EAAE,SAAS,GAAG,SAAS,GAAG,SAAS,CAAC;IAC9C,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;CACjB,GACA,OAAO,CAAC,IAAI,CAAC,CA0Bf;AAED;;;;;;GAMG;AACH,wBAAsB,cAAc,CAClC,QAAQ,EAAE,OAAO,EAAE,EACnB,eAAe,EAAE,OAAO,EAAE,EAC1B,OAAO,EAAE,aAAa,EACtB,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,QAAQ,EAAE,GACpB,OAAO,CAAC,YAAY,CAAC,CAuIvB"}
+{"version":3,"file":"github.d.ts","sourceRoot":"","sources":["../../src/report/github.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAY,MAAM,oBAAoB,CAAC;AAC5D,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAyB3C,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AAS3C,OAAO,EAGL,KAAK,eAAe,EACpB,KAAK,iBAAiB,EAEvB,MAAM,oBAAoB,CAAC;AAG5B,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,KAAK,EAAE,MAAM,CAAC;IACd,qEAAqE;IACrE,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,yDAAyD;IACzD,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,sDAAsD;IACtD,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,sCAAsC;IACtC,eAAe,CAAC,EAAE,eAAe,CAAC;IAClC,gDAAgD;IAChD,kBAAkB,CAAC,EAAE,iBAAiB,EAAE,CAAC;IACzC,4DAA4D;IAC5D,mBAAmB,CAAC,EAAE,OAAO,CAAC;IAC9B,uEAAuE;IACvE,yBAAyB,CAAC,EAAE,OAAO,EAAE,CAAC;CACvC;AAED;;;GAGG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC,CAkB3E;AAED;;;GAGG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,aAAa,EACtB,MAAM,EAAE;IACN,UAAU,EAAE,SAAS,GAAG,SAAS,GAAG,SAAS,CAAC;IAC9C,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;CACjB,GACA,OAAO,CAAC,IAAI,CAAC,CA0Bf;AAED;;;;;;GAMG;AACH,wBAAsB,cAAc,CAClC,QAAQ,EAAE,OAAO,EAAE,EACnB,eAAe,EAAE,OAAO,EAAE,EAC1B,OAAO,EAAE,aAAa,EACtB,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,QAAQ,EAAE,GACpB,OAAO,CAAC,YAAY,CAAC,CAmHvB"}