npm - @opencodehub/cli - Versions diffs - 0.1.0 - Mend

@opencodehub/cli 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (191) hide show

package/LICENSE +202 -0
package/README.md +85 -0
package/dist/agent-context.d.ts +54 -0
package/dist/agent-context.d.ts.map +1 -0
package/dist/agent-context.js +122 -0
package/dist/agent-context.js.map +1 -0
package/dist/cobol-proleap-setup.d.ts +77 -0
package/dist/cobol-proleap-setup.d.ts.map +1 -0
package/dist/cobol-proleap-setup.js +289 -0
package/dist/cobol-proleap-setup.js.map +1 -0
package/dist/commands/analyze.d.ts +234 -0
package/dist/commands/analyze.d.ts.map +1 -0
package/dist/commands/analyze.js +1096 -0
package/dist/commands/analyze.js.map +1 -0
package/dist/commands/augment.d.ts +48 -0
package/dist/commands/augment.d.ts.map +1 -0
package/dist/commands/augment.js +249 -0
package/dist/commands/augment.js.map +1 -0
package/dist/commands/baseline.d.ts +68 -0
package/dist/commands/baseline.d.ts.map +1 -0
package/dist/commands/baseline.js +110 -0
package/dist/commands/baseline.js.map +1 -0
package/dist/commands/bench.d.ts +54 -0
package/dist/commands/bench.d.ts.map +1 -0
package/dist/commands/bench.js +283 -0
package/dist/commands/bench.js.map +1 -0
package/dist/commands/ci-init.d.ts +37 -0
package/dist/commands/ci-init.d.ts.map +1 -0
package/dist/commands/ci-init.js +115 -0
package/dist/commands/ci-init.js.map +1 -0
package/dist/commands/clean.d.ts +13 -0
package/dist/commands/clean.d.ts.map +1 -0
package/dist/commands/clean.js +38 -0
package/dist/commands/clean.js.map +1 -0
package/dist/commands/code-pack.d.ts +105 -0
package/dist/commands/code-pack.d.ts.map +1 -0
package/dist/commands/code-pack.js +187 -0
package/dist/commands/code-pack.js.map +1 -0
package/dist/commands/context.d.ts +30 -0
package/dist/commands/context.d.ts.map +1 -0
package/dist/commands/context.js +237 -0
package/dist/commands/context.js.map +1 -0
package/dist/commands/detect-changes.d.ts +26 -0
package/dist/commands/detect-changes.d.ts.map +1 -0
package/dist/commands/detect-changes.js +73 -0
package/dist/commands/detect-changes.js.map +1 -0
package/dist/commands/doctor.d.ts +52 -0
package/dist/commands/doctor.d.ts.map +1 -0
package/dist/commands/doctor.js +472 -0
package/dist/commands/doctor.js.map +1 -0
package/dist/commands/find-enclosing-symbol.d.ts +67 -0
package/dist/commands/find-enclosing-symbol.d.ts.map +1 -0
package/dist/commands/find-enclosing-symbol.js +106 -0
package/dist/commands/find-enclosing-symbol.js.map +1 -0
package/dist/commands/group.d.ts +123 -0
package/dist/commands/group.d.ts.map +1 -0
package/dist/commands/group.js +448 -0
package/dist/commands/group.js.map +1 -0
package/dist/commands/impact.d.ts +23 -0
package/dist/commands/impact.d.ts.map +1 -0
package/dist/commands/impact.js +91 -0
package/dist/commands/impact.js.map +1 -0
package/dist/commands/index-repo.d.ts +39 -0
package/dist/commands/index-repo.d.ts.map +1 -0
package/dist/commands/index-repo.js +148 -0
package/dist/commands/index-repo.js.map +1 -0
package/dist/commands/ingest-sarif.d.ts +64 -0
package/dist/commands/ingest-sarif.d.ts.map +1 -0
package/dist/commands/ingest-sarif.js +381 -0
package/dist/commands/ingest-sarif.js.map +1 -0
package/dist/commands/init.d.ts +75 -0
package/dist/commands/init.d.ts.map +1 -0
package/dist/commands/init.js +315 -0
package/dist/commands/init.js.map +1 -0
package/dist/commands/list.d.ts +17 -0
package/dist/commands/list.d.ts.map +1 -0
package/dist/commands/list.js +79 -0
package/dist/commands/list.js.map +1 -0
package/dist/commands/mcp.d.ts +8 -0
package/dist/commands/mcp.d.ts.map +1 -0
package/dist/commands/mcp.js +28 -0
package/dist/commands/mcp.js.map +1 -0
package/dist/commands/open-store.d.ts +25 -0
package/dist/commands/open-store.d.ts.map +1 -0
package/dist/commands/open-store.js +47 -0
package/dist/commands/open-store.js.map +1 -0
package/dist/commands/pack.d.ts +35 -0
package/dist/commands/pack.d.ts.map +1 -0
package/dist/commands/pack.js +83 -0
package/dist/commands/pack.js.map +1 -0
package/dist/commands/query.d.ts +85 -0
package/dist/commands/query.d.ts.map +1 -0
package/dist/commands/query.js +309 -0
package/dist/commands/query.js.map +1 -0
package/dist/commands/scan.d.ts +81 -0
package/dist/commands/scan.d.ts.map +1 -0
package/dist/commands/scan.js +407 -0
package/dist/commands/scan.js.map +1 -0
package/dist/commands/setup.d.ts +178 -0
package/dist/commands/setup.d.ts.map +1 -0
package/dist/commands/setup.js +370 -0
package/dist/commands/setup.js.map +1 -0
package/dist/commands/sql.d.ts +19 -0
package/dist/commands/sql.d.ts.map +1 -0
package/dist/commands/sql.js +51 -0
package/dist/commands/sql.js.map +1 -0
package/dist/commands/status.d.ts +13 -0
package/dist/commands/status.d.ts.map +1 -0
package/dist/commands/status.js +66 -0
package/dist/commands/status.js.map +1 -0
package/dist/commands/verdict-render.d.ts +33 -0
package/dist/commands/verdict-render.d.ts.map +1 -0
package/dist/commands/verdict-render.js +123 -0
package/dist/commands/verdict-render.js.map +1 -0
package/dist/commands/verdict.d.ts +61 -0
package/dist/commands/verdict.d.ts.map +1 -0
package/dist/commands/verdict.js +146 -0
package/dist/commands/verdict.js.map +1 -0
package/dist/commands/wiki.d.ts +26 -0
package/dist/commands/wiki.d.ts.map +1 -0
package/dist/commands/wiki.js +74 -0
package/dist/commands/wiki.js.map +1 -0
package/dist/editors/claude-code.d.ts +23 -0
package/dist/editors/claude-code.d.ts.map +1 -0
package/dist/editors/claude-code.js +58 -0
package/dist/editors/claude-code.js.map +1 -0
package/dist/editors/codex.d.ts +22 -0
package/dist/editors/codex.d.ts.map +1 -0
package/dist/editors/codex.js +59 -0
package/dist/editors/codex.js.map +1 -0
package/dist/editors/cursor.d.ts +13 -0
package/dist/editors/cursor.d.ts.map +1 -0
package/dist/editors/cursor.js +21 -0
package/dist/editors/cursor.js.map +1 -0
package/dist/editors/index.d.ts +12 -0
package/dist/editors/index.d.ts.map +1 -0
package/dist/editors/index.js +11 -0
package/dist/editors/index.js.map +1 -0
package/dist/editors/opencode.d.ts +23 -0
package/dist/editors/opencode.d.ts.map +1 -0
package/dist/editors/opencode.js +61 -0
package/dist/editors/opencode.js.map +1 -0
package/dist/editors/types.d.ts +33 -0
package/dist/editors/types.d.ts.map +1 -0
package/dist/editors/types.js +19 -0
package/dist/editors/types.js.map +1 -0
package/dist/editors/windows-wrap.d.ts +19 -0
package/dist/editors/windows-wrap.d.ts.map +1 -0
package/dist/editors/windows-wrap.js +28 -0
package/dist/editors/windows-wrap.js.map +1 -0
package/dist/editors/windsurf.d.ts +12 -0
package/dist/editors/windsurf.d.ts.map +1 -0
package/dist/editors/windsurf.js +21 -0
package/dist/editors/windsurf.js.map +1 -0
package/dist/embedder-downloader.d.ts +87 -0
package/dist/embedder-downloader.d.ts.map +1 -0
package/dist/embedder-downloader.js +261 -0
package/dist/embedder-downloader.js.map +1 -0
package/dist/fs-atomic.d.ts +22 -0
package/dist/fs-atomic.d.ts.map +1 -0
package/dist/fs-atomic.js +28 -0
package/dist/fs-atomic.js.map +1 -0
package/dist/groups.d.ts +64 -0
package/dist/groups.d.ts.map +1 -0
package/dist/groups.js +172 -0
package/dist/groups.js.map +1 -0
package/dist/index.d.ts +11 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +703 -0
package/dist/index.js.map +1 -0
package/dist/lib/is-indexed.d.ts +20 -0
package/dist/lib/is-indexed.d.ts.map +1 -0
package/dist/lib/is-indexed.js +35 -0
package/dist/lib/is-indexed.js.map +1 -0
package/dist/registry.d.ts +64 -0
package/dist/registry.d.ts.map +1 -0
package/dist/registry.js +145 -0
package/dist/registry.js.map +1 -0
package/dist/scip-downloader.d.ts +138 -0
package/dist/scip-downloader.d.ts.map +1 -0
package/dist/scip-downloader.js +372 -0
package/dist/scip-downloader.js.map +1 -0
package/dist/scip-pins.d.ts +99 -0
package/dist/scip-pins.d.ts.map +1 -0
package/dist/scip-pins.js +195 -0
package/dist/scip-pins.js.map +1 -0
package/dist/skills-gen.d.ts +47 -0
package/dist/skills-gen.d.ts.map +1 -0
package/dist/skills-gen.js +292 -0
package/dist/skills-gen.js.map +1 -0
package/package.json +81 -0

package/dist/commands/pack.js ADDED Viewed

@@ -0,0 +1,83 @@
+/**
+ * `codehub pack [path]` — produce a single-file repo snapshot suitable
+ * for dropping into an LLM context window, via the `repomix` CLI.
+ *
+ * Repomix is invoked with `--style xml --compress` by default so the
+ * output is Anthropic-friendly and tree-sitter-signature-compressed. The
+ * command is an OUTPUT-side convenience; OpenCodeHub does NOT use
+ * repomix for indexing or embedding (see ADR 0004).
+ *
+ * This is a thin wrapper — we shell to `npx repomix@<pin>` so operators
+ * can override by running repomix directly. The wrapper exists to make
+ * the output path discoverable and to put the produced file under
+ * `.codehub/pack/` so it's ignored by the standard gitignore pattern.
+ */
+import { spawn } from "node:child_process";
+import { existsSync, statSync } from "node:fs";
+import { mkdir } from "node:fs/promises";
+import { dirname, join, resolve } from "node:path";
+const DEFAULT_REPOMIX_VERSION = "1.14.0";
+export async function runPack(path, opts = {}) {
+    const start = Date.now();
+    const repoPath = resolve(path);
+    const style = opts.style ?? "xml";
+    const compress = opts.compress ?? true;
+    const version = opts.repomixVersion ?? DEFAULT_REPOMIX_VERSION;
+    const outputPath = opts.outputPath
+        ? resolve(opts.outputPath)
+        : join(repoPath, ".codehub", "pack", `repo.${extForStyle(style)}`);
+    await mkdir(dirname(outputPath), { recursive: true });
+    const args = [`repomix@${version}`, "--style", style, "--output", outputPath];
+    if (compress)
+        args.push("--compress");
+    if (opts.removeComments)
+        args.push("--remove-comments");
+    await new Promise((res, rej) => {
+        const child = spawn("npx", args, {
+            cwd: repoPath,
+            env: { ...process.env },
+            stdio: ["ignore", "inherit", "inherit"],
+        });
+        const timer = opts.timeoutMs
+            ? setTimeout(() => {
+                child.kill("SIGTERM");
+            }, opts.timeoutMs)
+            : undefined;
+        child.on("error", (err) => {
+            if (timer)
+                clearTimeout(timer);
+            if (err.code === "ENOENT") {
+                rej(new Error("codehub pack: `npx` not found on PATH. Install Node.js 20+."));
+            }
+            else {
+                rej(err);
+            }
+        });
+        child.on("exit", (code) => {
+            if (timer)
+                clearTimeout(timer);
+            if (code === 0)
+                res();
+            else
+                rej(new Error(`codehub pack: repomix exited ${code}`));
+        });
+    });
+    if (!existsSync(outputPath)) {
+        throw new Error(`codehub pack: repomix did not produce ${outputPath}`);
+    }
+    const bytes = statSync(outputPath).size;
+    return { outputPath, bytes, durationMs: Date.now() - start };
+}
+function extForStyle(style) {
+    switch (style) {
+        case "xml":
+            return "xml";
+        case "markdown":
+            return "md";
+        case "json":
+            return "json";
+        case "plain":
+            return "txt";
+    }
+}
+//# sourceMappingURL=pack.js.map

package/dist/commands/pack.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"pack.js","sourceRoot":"","sources":["../../src/commands/pack.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAC3C,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAC/C,OAAO,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAiBnD,MAAM,uBAAuB,GAAG,QAAQ,CAAC;AAQzC,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,IAAY,EAAE,OAAoB,EAAE;IAChE,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACzB,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC;IAClC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC;IACvC,MAAM,OAAO,GAAG,IAAI,CAAC,cAAc,IAAI,uBAAuB,CAAC;IAC/D,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU;QAChC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC;QAC1B,CAAC,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,WAAW,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAErE,MAAM,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAEtD,MAAM,IAAI,GAAG,CAAC,WAAW,OAAO,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC;IAC9E,IAAI,QAAQ;QAAE,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACtC,IAAI,IAAI,CAAC,cAAc;QAAE,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IAExD,MAAM,IAAI,OAAO,CAAO,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;QACnC,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE;YAC/B,GAAG,EAAE,QAAQ;YACb,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE;YACvB,KAAK,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,SAAS,CAAC;SACxC,CAAC,CAAC;QACH,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS;YAC1B,CAAC,CAAC,UAAU,CAAC,GAAG,EAAE;gBACd,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACxB,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC;YACpB,CAAC,CAAC,SAAS,CAAC;QACd,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAA0B,EAAE,EAAE;YAC/C,IAAI,KAAK;gBAAE,YAAY,CAAC,KAAK,CAAC,CAAC;YAC/B,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC1B,GAAG,CAAC,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAC,CAAC;YAChF,CAAC;iBAAM,CAAC;gBACN,GAAG,CAAC,GAAG,CAAC,CAAC;YACX,CAAC;QACH,CAAC,CAAC,CAAC;QACH,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;YACxB,IAAI,KAAK;gBAAE,YAAY,CAAC,KAAK,CAAC,CAAC;YAC/B,IAAI,IAAI,KAAK,CAAC;gBAAE,GAAG,EAAE,CAAC;;gBACjB,GAAG,CAAC,IAAI,KAAK,CAAC,gCAAgC,IAAI,EAAE,CAAC,CAAC,CAAC;QAC9D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,KAAK,CAAC,yCAAyC,UAAU,EAAE,CAAC,CAAC;IACzE,CAAC;IACD,MAAM,KAAK,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC;IACxC,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,EAAE,CAAC;AAC/D,CAAC;AAED,SAAS,WAAW,CAAC,KAA4C;IAC/D,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,KAAK;YACR,OAAO,KAAK,CAAC;QACf,KAAK,UAAU;YACb,OAAO,IAAI,CAAC;QACd,KAAK,MAAM;YACT,OAAO,MAAM,CAAC;QAChB,KAAK,OAAO;YACV,OAAO,KAAK,CAAC;IACjB,CAAC;AACH,CAAC"}

package/dist/commands/query.d.ts ADDED Viewed

@@ -0,0 +1,85 @@
+/**
+ * `codehub query <text>` — hybrid BM25 + vector search.
+ *
+ * Mirrors the MCP `query` tool's smart path: probe the `embeddings` table,
+ * try to open an embedder, run `hybridSearch` when both succeed, and
+ * collapse to BM25 with a single stderr warning on any failure. Shares the
+ * probe + open helpers (`embeddingsPopulated`, `tryOpenEmbedder`) via
+ * `@opencodehub/search` so CLI and MCP surfaces cannot drift.
+ *
+ * Flags:
+ *   - `--bm25-only` — skip the embedder probe entirely.
+ *   - `--rerank-top-k <n>` — number of fused hits RRF returns (default
+ *     `DEFAULT_RRF_TOP_K = 50`); clamped by `--limit` at print time.
+ *   - `--context <text>` + `--goal <text>` — prefixed to the search text.
+ *   - `--content` — attach capped symbol source to each hit.
+ *   - `--json` — emit machine-readable output.
+ *   - `--zoom` — P03 coarse-to-fine retrieval (file tier → symbol tier).
+ *   - `--fanout <n>` — files to shortlist at the coarse step for `--zoom`.
+ *   - `--granularity <tier>` — restrict ANN to one hierarchical tier
+ *     (symbol/file/community). Defaults to "symbol".
+ *
+ * Hybrid ranking priority matches the MCP tool:
+ *   1. `CODEHUB_EMBEDDING_URL` + `CODEHUB_EMBEDDING_MODEL` → HTTP embedder.
+ *   2. Otherwise local ONNX gte-modernbert-base weights.
+ *   3. On failure to open (missing weights, unreachable HTTP) → warn + BM25.
+ */
+import { type Embedder } from "@opencodehub/embedder";
+import { type OpenStoreResult } from "./open-store.js";
+/**
+ * Hook for tests to inject a pre-built store without touching DuckDB. The
+ * default implementation delegates to {@link openStoreForCommand}. Kept
+ * separate from the public `QueryOptions` interface so end-user CLI callers
+ * aren't tempted to pass an in-process store.
+ */
+export interface QueryRuntimeHooks {
+    readonly openStore?: (opts: QueryOptions) => Promise<OpenStoreResult>;
+    /**
+     * Embedder factory — production uses the default lazy-import path; tests
+     * inject a fake so they don't need gte-modernbert-base weights on disk. Any
+     * throw is caught by {@link tryOpenEmbedder} and collapses to BM25.
+     */
+    readonly openEmbedder?: () => Promise<Embedder>;
+}
+export interface QueryOptions {
+    readonly limit?: number;
+    readonly repo?: string;
+    readonly home?: string;
+    readonly json?: boolean;
+    /** `--content` — attach the symbol body (capped at 2000 chars) to each hit. */
+    readonly content?: boolean;
+    /** `--context <text>` — prefix to the search text before BM25 + embedding. */
+    readonly context?: string;
+    /** `--goal <text>` — additional prefix to the search text (steers ranking). */
+    readonly goal?: string;
+    /** `--max-symbols <n>` — cap on process-grouped symbols. Today: no-op. */
+    readonly maxSymbols?: number;
+    /** `--bm25-only` — skip the embedder probe, go straight to BM25. */
+    readonly bm25Only?: boolean;
+    /** `--rerank-top-k <n>` — number of fused hits RRF should return. */
+    readonly rerankTopK?: number;
+    /**
+     * `--zoom` — enable P03 coarse-to-fine retrieval. Requires the index to
+     * have been built with `--granularity symbol,file,community` AND an
+     * embedder to be available (weights on disk or `CODEHUB_EMBEDDING_URL`
+     * set). Falls back to BM25 when no embedder is available.
+     */
+    readonly zoom?: boolean;
+    /** `--fanout <n>` — files to shortlist at the coarse step when `--zoom` is on. */
+    readonly fanout?: number;
+    /**
+     * `--granularity <tier>` — restrict the ANN leg to this hierarchical
+     * tier. Defaults to "symbol". Pass "community" for architectural
+     * queries that should land on Community nodes.
+     */
+    readonly granularity?: "symbol" | "file" | "community";
+    /**
+     * `--force-backend-mismatch` — bypass the embedder fingerprint refusal.
+     * Lets a query proceed against an `embeddings` table that was populated
+     * by a different embedder than the one currently active. The vectors
+     * may be stale; results may misrank. Default `false`.
+     */
+    readonly forceBackendMismatch?: boolean;
+}
+export declare function runQuery(text: string, opts?: QueryOptions, hooks?: QueryRuntimeHooks): Promise<void>;
+//# sourceMappingURL=query.d.ts.map

package/dist/commands/query.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"query.d.ts","sourceRoot":"","sources":["../../src/commands/query.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAIH,OAAO,EAEL,KAAK,QAAQ,EAEd,MAAM,uBAAuB,CAAC;AAW/B,OAAO,EAAE,KAAK,eAAe,EAAuB,MAAM,iBAAiB,CAAC;AAO5E;;;;;GAKG;AACH,MAAM,WAAW,iBAAiB;IAChC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,IAAI,EAAE,YAAY,KAAK,OAAO,CAAC,eAAe,CAAC,CAAC;IACtE;;;;OAIG;IACH,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,OAAO,CAAC,QAAQ,CAAC,CAAC;CACjD;AAED,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,IAAI,CAAC,EAAE,OAAO,CAAC;IACxB,+EAA+E;IAC/E,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC;IAC3B,8EAA8E;IAC9E,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAC1B,+EAA+E;IAC/E,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,0EAA0E;IAC1E,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B,oEAAoE;IACpE,QAAQ,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC;IAC5B,qEAAqE;IACrE,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;IAC7B;;;;;OAKG;IACH,QAAQ,CAAC,IAAI,CAAC,EAAE,OAAO,CAAC;IACxB,kFAAkF;IAClF,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB;;;;OAIG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,QAAQ,GAAG,MAAM,GAAG,WAAW,CAAC;IACvD;;;;;OAKG;IACH,QAAQ,CAAC,oBAAoB,CAAC,EAAE,OAAO,CAAC;CACzC;AAoBD,wBAAsB,QAAQ,CAC5B,IAAI,EAAE,MAAM,EACZ,IAAI,GAAE,YAAiB,EACvB,KAAK,GAAE,iBAAsB,GAC5B,OAAO,CAAC,IAAI,CAAC,CAiHf"}

package/dist/commands/query.js ADDED Viewed

@@ -0,0 +1,309 @@
+/**
+ * `codehub query <text>` — hybrid BM25 + vector search.
+ *
+ * Mirrors the MCP `query` tool's smart path: probe the `embeddings` table,
+ * try to open an embedder, run `hybridSearch` when both succeed, and
+ * collapse to BM25 with a single stderr warning on any failure. Shares the
+ * probe + open helpers (`embeddingsPopulated`, `tryOpenEmbedder`) via
+ * `@opencodehub/search` so CLI and MCP surfaces cannot drift.
+ *
+ * Flags:
+ *   - `--bm25-only` — skip the embedder probe entirely.
+ *   - `--rerank-top-k <n>` — number of fused hits RRF returns (default
+ *     `DEFAULT_RRF_TOP_K = 50`); clamped by `--limit` at print time.
+ *   - `--context <text>` + `--goal <text>` — prefixed to the search text.
+ *   - `--content` — attach capped symbol source to each hit.
+ *   - `--json` — emit machine-readable output.
+ *   - `--zoom` — P03 coarse-to-fine retrieval (file tier → symbol tier).
+ *   - `--fanout <n>` — files to shortlist at the coarse step for `--zoom`.
+ *   - `--granularity <tier>` — restrict ANN to one hierarchical tier
+ *     (symbol/file/community). Defaults to "symbol".
+ *
+ * Hybrid ranking priority matches the MCP tool:
+ *   1. `CODEHUB_EMBEDDING_URL` + `CODEHUB_EMBEDDING_MODEL` → HTTP embedder.
+ *   2. Otherwise local ONNX gte-modernbert-base weights.
+ *   3. On failure to open (missing weights, unreachable HTTP) → warn + BM25.
+ */
+import { readFile } from "node:fs/promises";
+import { isAbsolute, resolve } from "node:path";
+import { assertEmbedderCompatible, openDefaultEmbedder, } from "@opencodehub/embedder";
+import { bm25Search, DEFAULT_RRF_TOP_K, embeddingsPopulated, hybridSearch, tryOpenEmbedder, } from "@opencodehub/search";
+import { openStoreForCommand } from "./open-store.js";
+/** Per-symbol cap for `--content`. Matches the MCP `query` tool contract. */
+const INCLUDE_CONTENT_CHAR_CAP = 2000;
+/** Truncation cap for the text-mode SUMMARY column. Matches the MCP snippet cap. */
+const SUMMARY_COLUMN_CHAR_CAP = 120;
+export async function runQuery(text, opts = {}, hooks = {}) {
+    const limit = opts.limit ?? 10;
+    const rerankTopK = opts.rerankTopK ?? DEFAULT_RRF_TOP_K;
+    const openStore = hooks.openStore ?? openStoreForCommand;
+    // Shared HTTP-priority + ONNX-fallback factory. ONNX binding only loads
+    // on the fallback branch, so plain (non-dynamic) import is fine here.
+    const openEmbedder = hooks.openEmbedder ?? (() => openDefaultEmbedder());
+    const { store, repoPath } = await openStore(opts);
+    const graph = store.graph;
+    try {
+        const searchText = buildSearchText(text, opts.context, opts.goal);
+        let ranked;
+        let mode;
+        if (opts.bm25Only === true) {
+            // Explicit opt-out: never touch the embedder probe.
+            ranked = await runBm25(graph, searchText, limit);
+            mode = "bm25";
+        }
+        else if (await embeddingsPopulated(graph)) {
+            const embedder = await tryOpenEmbedder(openEmbedder, "[cli:query]");
+            if (embedder !== null) {
+                try {
+                    // Refuse the hybrid path when the persisted embedder modelId
+                    // differs from the current one. Same-dim vectors from different
+                    // embedders silently corrupt ranking. `--force-backend-mismatch`
+                    // lets the operator override; legacy stores have
+                    // `embedderModelId === undefined` and the check passes.
+                    const meta = await store.graph.getMeta();
+                    const compat = assertEmbedderCompatible(meta?.embedderModelId, embedder.modelId, opts.forceBackendMismatch === true);
+                    if (!compat.ok) {
+                        process.stderr.write(`Embedder mismatch: store was indexed with '${compat.persistedModelId}', ` +
+                            `current embedder is '${compat.currentModelId}'.\n${compat.hint}\n`);
+                        process.exit(2);
+                    }
+                    const fused = await hybridSearch(graph, {
+                        text: searchText,
+                        limit: rerankTopK,
+                        ...(opts.zoom === true ? { mode: "zoom" } : {}),
+                        ...(opts.fanout !== undefined ? { zoomFanout: opts.fanout } : {}),
+                        ...(opts.granularity !== undefined ? { granularity: opts.granularity } : {}),
+                    }, embedder);
+                    ranked = await hydrateFused(graph, fused, limit);
+                    mode = "hybrid";
+                }
+                finally {
+                    // Always release the native session — even on error — so the ONNX
+                    // runtime resources aren't leaked between CLI invocations.
+                    await embedder.close();
+                }
+            }
+            else {
+                ranked = await runBm25(graph, searchText, limit);
+                mode = "bm25";
+            }
+        }
+        else {
+            ranked = await runBm25(graph, searchText, limit);
+            mode = "bm25";
+        }
+        // Merge P04 summary-hydration onto the P02 hybrid/BM25 rows. Single
+        // round trip via the temporal-tier `lookupSymbolSummariesByNode`
+        // finder; missing table / missing rows / lookup failures all degrade
+        // silently — summaries are enrichment, not load-bearing.
+        const summaryMap = await joinSummaries(store, ranked.map((r) => r.nodeId));
+        const rows = summaryMap.size === 0
+            ? ranked
+            : ranked.map((r) => {
+                const row = summaryMap.get(r.nodeId);
+                if (row === undefined)
+                    return r;
+                return {
+                    ...r,
+                    summary: row.summaryText,
+                    ...(row.signatureSummary !== undefined
+                        ? { signatureSummary: row.signatureSummary }
+                        : {}),
+                };
+            });
+        // Best-effort `--content` attachment runs the same way for BM25 and
+        // hybrid; the store-native BM25 path already surfaces filePath but not
+        // line ranges, so the CLI reads the whole file (capped) — matching the
+        // previous CLI contract.
+        const withContent = opts.content === true
+            ? await Promise.all(rows.map(async (r) => {
+                const content = await readSymbolContent(repoPath, r);
+                return content !== null ? { ...r, content } : r;
+            }))
+            : rows;
+        if (opts.json === true) {
+            console.log(JSON.stringify({ repoPath, mode, results: withContent }, null, 2));
+            return;
+        }
+        printResults(withContent, text, repoPath, mode);
+    }
+    finally {
+        await store.close();
+    }
+}
+/**
+ * Run the BM25-only leg directly through `@opencodehub/search`. Same
+ * parameters the MCP tool passes, so ranking parity is automatic.
+ */
+async function runBm25(graph, searchText, limit) {
+    const hits = await bm25Search(graph, { text: searchText, limit });
+    return hits.map((h) => ({
+        nodeId: h.nodeId,
+        name: h.name,
+        kind: h.kind,
+        filePath: h.filePath,
+        score: h.score,
+        sources: ["bm25"],
+    }));
+}
+/**
+ * Hybrid ranking returns `FusedHit`s which carry only `{ nodeId, score,
+ * sources }` — the CLI needs name/kind/filePath for each hit too. Re-read
+ * them from the `nodes` table in one round trip. Missing ids (stale
+ * embeddings) are silently dropped. Input order is preserved.
+ */
+async function hydrateFused(graph, fused, limit) {
+    if (fused.length === 0)
+        return [];
+    const capped = fused.slice(0, limit);
+    const ids = Array.from(new Set(capped.map((f) => f.nodeId)));
+    const meta = new Map();
+    try {
+        // Typed-finder hydration replaces the legacy `SELECT id, name, kind,
+        // file_path FROM nodes WHERE id IN (...)`. `listNodes({ids})`
+        // already returns the rehydrated `GraphNode` shape with name + kind
+        // + filePath populated.
+        const nodes = await graph.listNodes({ ids });
+        for (const n of nodes) {
+            meta.set(n.id, { name: n.name, kind: n.kind, filePath: n.filePath });
+        }
+    }
+    catch {
+        // Any metadata-hydration failure collapses to "hit with blank fields"
+        // rather than aborting the whole query — we still have valid nodeIds
+        // + scores + sources. The agent can call `context` on the nodeId to
+        // recover the details.
+    }
+    const out = [];
+    for (const f of capped) {
+        const m = meta.get(f.nodeId);
+        if (m === undefined)
+            continue;
+        out.push({
+            nodeId: f.nodeId,
+            name: m.name,
+            kind: m.kind,
+            filePath: m.filePath,
+            score: f.score,
+            sources: f.sources,
+        });
+    }
+    return out;
+}
+/**
+ * Fetch `symbol_summaries` rows for every hit nodeId in a single query.
+ * Collapses multiple prompt-version rows per node by keeping the last
+ * row in the storage layer's documented `(node_id ASC, prompt_version
+ * ASC, content_hash ASC)` order, which deterministically selects the
+ * newest prompt version. Returns an empty map on any failure so a
+ * missing `symbol_summaries` table never blocks a query. Test fakes
+ * without `lookupSymbolSummariesByNode` get an empty join transparently.
+ */
+async function joinSummaries(store, nodeIds) {
+    const out = new Map();
+    if (nodeIds.length === 0)
+        return out;
+    // Test fakes that omit a real temporal view (or set it to a partial
+    // shape) get an empty join transparently — `lookupSymbolSummariesByNode`
+    // is required on `ITemporalStore` but we still duck-check at runtime so
+    // a hand-rolled mock without the method doesn't blow up.
+    const temporal = store.temporal;
+    if (typeof temporal.lookupSymbolSummariesByNode !== "function")
+        return out;
+    const uniqIds = Array.from(new Set(nodeIds));
+    try {
+        const rows = await temporal.lookupSymbolSummariesByNode.call(store.temporal, uniqIds);
+        for (const row of rows) {
+            // Overwriting per node id keeps the newest prompt version because of
+            // the storage layer's ORDER BY contract on `lookupSymbolSummariesByNode`.
+            out.set(row.nodeId, row);
+        }
+    }
+    catch {
+        // Degrade silently — summaries are enrichment, not load-bearing.
+    }
+    return out;
+}
+/**
+ * Join `context — goal — text` with whitespace-safe em-dash separators.
+ * Missing / blank parts are dropped so the ranker never sees a dangling
+ * separator.
+ */
+function buildSearchText(text, context, goal) {
+    const parts = [];
+    if (context !== undefined && context.trim() !== "")
+        parts.push(context.trim());
+    if (goal !== undefined && goal.trim() !== "")
+        parts.push(goal.trim());
+    parts.push(text);
+    return parts.join(" — ");
+}
+/**
+ * Read the symbol body from disk. The CLI `QueryRow` doesn't carry
+ * startLine / endLine, so on the CLI path we return the first
+ * {@link INCLUDE_CONTENT_CHAR_CAP} characters of the whole file — the MCP
+ * tool has access to the richer node metadata and can slice more tightly.
+ * Any read error returns `null`.
+ */
+async function readSymbolContent(repoPath, r) {
+    const abs = isAbsolute(r.filePath) ? r.filePath : resolve(repoPath, r.filePath);
+    let source;
+    try {
+        source = await readFile(abs, "utf8");
+    }
+    catch {
+        return null;
+    }
+    if (source.length <= INCLUDE_CONTENT_CHAR_CAP)
+        return source;
+    return `${source.slice(0, INCLUDE_CONTENT_CHAR_CAP - 1)}…`;
+}
+function printResults(results, text, repoPath, mode) {
+    const label = mode === "hybrid" ? "hybrid" : "BM25";
+    console.warn(`query: "${text}" in ${repoPath} (${results.length} ${label} results)`);
+    if (results.length === 0)
+        return;
+    // Only render the SUMMARY column when at least one hit carries one —
+    // skip the extra whitespace on indexes that haven't run the summarize
+    // phase yet. SOURCES stays on every row so agents can tell which ranker
+    // contributed to each hit.
+    const anySummary = results.some((r) => typeof r.summary === "string" && r.summary.length > 0);
+    const header = anySummary
+        ? ["SCORE", "KIND", "NAME", "FILE", "SOURCES", "SUMMARY"]
+        : ["SCORE", "KIND", "NAME", "FILE", "SOURCES"];
+    const rows = results.map((r) => {
+        const base = [r.score.toFixed(3), r.kind, r.name, r.filePath, r.sources.join("+")];
+        if (!anySummary)
+            return base;
+        return [...base, truncateSummary(r.summary)];
+    });
+    const widths = header.map((h, i) => Math.max(h.length, ...rows.map((row) => (row[i] ?? "").length)));
+    const line = (cols) => cols.map((c, i) => c.padEnd(widths[i] ?? 0)).join("  ");
+    console.log(line(header));
+    for (const row of rows)
+        console.log(line(row));
+    // When --content was passed, append each symbol body below the table so
+    // agents piping the output can grep/read it without JSON parsing.
+    for (const r of results) {
+        if (r.content === undefined)
+            continue;
+        console.log("");
+        console.log(`# ${r.name} [${r.kind}] — ${r.filePath}`);
+        console.log(r.content);
+    }
+}
+/**
+ * Render a summary string to fit the single-line SUMMARY column. Newlines
+ * collapse to spaces so the column width survives; anything past the cap
+ * is trimmed and closed with an ellipsis. Absent summaries render as an
+ * empty string so the column aligns.
+ */
+function truncateSummary(summary) {
+    if (summary === undefined || summary.length === 0)
+        return "";
+    const flattened = summary.replace(/\s+/g, " ").trim();
+    if (flattened.length <= SUMMARY_COLUMN_CHAR_CAP)
+        return flattened;
+    return `${flattened.slice(0, SUMMARY_COLUMN_CHAR_CAP - 1)}…`;
+}
+//# sourceMappingURL=query.js.map

package/dist/commands/query.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"query.js","sourceRoot":"","sources":["../../src/commands/query.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAChD,OAAO,EACL,wBAAwB,EAExB,mBAAmB,GACpB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EACL,UAAU,EACV,iBAAiB,EACjB,mBAAmB,EAEnB,YAAY,EAEZ,eAAe,GAChB,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EAAwB,mBAAmB,EAAE,MAAM,iBAAiB,CAAC;AAE5E,6EAA6E;AAC7E,MAAM,wBAAwB,GAAG,IAAI,CAAC;AACtC,oFAAoF;AACpF,MAAM,uBAAuB,GAAG,GAAG,CAAC;AA6EpC,MAAM,CAAC,KAAK,UAAU,QAAQ,CAC5B,IAAY,EACZ,OAAqB,EAAE,EACvB,QAA2B,EAAE;IAE7B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,IAAI,EAAE,CAAC;IAC/B,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,iBAAiB,CAAC;IACxD,MAAM,SAAS,GAAG,KAAK,CAAC,SAAS,IAAI,mBAAmB,CAAC;IACzD,wEAAwE;IACxE,sEAAsE;IACtE,MAAM,YAAY,GAAG,KAAK,CAAC,YAAY,IAAI,CAAC,GAAG,EAAE,CAAC,mBAAmB,EAAE,CAAC,CAAC;IACzE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,CAAC;IAClD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC;IAC1B,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,eAAe,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;QAElE,IAAI,MAA2B,CAAC;QAChC,IAAI,IAAuB,CAAC;QAE5B,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,EAAE,CAAC;YAC3B,oDAAoD;YACpD,MAAM,GAAG,MAAM,OAAO,CAAC,KAAK,EAAE,UAAU,EAAE,KAAK,CAAC,CAAC;YACjD,IAAI,GAAG,MAAM,CAAC;QAChB,CAAC;aAAM,IAAI,MAAM,mBAAmB,CAAC,KAAK,CAAC,EAAE,CAAC;YAC5C,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAW,YAAY,EAAE,aAAa,CAAC,CAAC;YAC9E,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;gBACtB,IAAI,CAAC;oBACH,6DAA6D;oBAC7D,gEAAgE;oBAChE,iEAAiE;oBACjE,iDAAiD;oBACjD,wDAAwD;oBACxD,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;oBACzC,MAAM,MAAM,GAAG,wBAAwB,CACrC,IAAI,EAAE,eAAe,EACrB,QAAQ,CAAC,OAAO,EAChB,IAAI,CAAC,oBAAoB,KAAK,IAAI,CACnC,CAAC;oBACF,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;wBACf,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,8CAA8C,MAAM,CAAC,gBAAgB,KAAK;4BACxE,wBAAwB,MAAM,CAAC,cAAc,OAAO,MAAM,CAAC,IAAI,IAAI,CACtE,CAAC;wBACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;oBAClB,CAAC;oBACD,MAAM,KAAK,GAAG,MAAM,YAAY,CAC9B,KAAK,EACL;wBACE,IAAI,EAAE,UAAU;wBAChB,KAAK,EAAE,UAAU;wBACjB,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBACxD,GAAG,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBACjE,GAAG,CAAC,IAAI,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;qBAC7E,EACD,QAAQ,CACT,CAAC;oBACF,MAAM,GAAG,MAAM,YAAY,CAAC,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;oBACjD,IAAI,GAAG,QAAQ,CAAC;gBAClB,CAAC;wBAAS,CAAC;oBACT,kEAAkE;oBAClE,2DAA2D;oBAC3D,MAAM,QAAQ,CAAC,KAAK,EAAE,CAAC;gBACzB,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,GAAG,MAAM,OAAO,CAAC,KAAK,EAAE,UAAU,EAAE,KAAK,CAAC,CAAC;gBACjD,IAAI,GAAG,MAAM,CAAC;YAChB,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,MAAM,OAAO,CAAC,KAAK,EAAE,UAAU,EAAE,KAAK,CAAC,CAAC;YACjD,IAAI,GAAG,MAAM,CAAC;QAChB,CAAC;QAED,oEAAoE;QACpE,iEAAiE;QACjE,qEAAqE;QACrE,yDAAyD;QACzD,MAAM,UAAU,GAAG,MAAM,aAAa,CACpC,KAAK,EACL,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAC5B,CAAC;QACF,MAAM,IAAI,GACR,UAAU,CAAC,IAAI,KAAK,CAAC;YACnB,CAAC,CAAC,MAAM;YACR,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;gBACf,MAAM,GAAG,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;gBACrC,IAAI,GAAG,KAAK,SAAS;oBAAE,OAAO,CAAC,CAAC;gBAChC,OAAO;oBACL,GAAG,CAAC;oBACJ,OAAO,EAAE,GAAG,CAAC,WAAW;oBACxB,GAAG,CAAC,GAAG,CAAC,gBAAgB,KAAK,SAAS;wBACpC,CAAC,CAAC,EAAE,gBAAgB,EAAE,GAAG,CAAC,gBAAgB,EAAE;wBAC5C,CAAC,CAAC,EAAE,CAAC;iBACR,CAAC;YACJ,CAAC,CAAC,CAAC;QAET,oEAAoE;QACpE,uEAAuE;QACvE,uEAAuE;QACvE,yBAAyB;QACzB,MAAM,WAAW,GACf,IAAI,CAAC,OAAO,KAAK,IAAI;YACnB,CAAC,CAAC,MAAM,OAAO,CAAC,GAAG,CACf,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAqB,EAAE;gBACtC,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;gBACrD,OAAO,OAAO,KAAK,IAAI,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;YAClD,CAAC,CAAC,CACH;YACH,CAAC,CAAC,IAAI,CAAC;QAEX,IAAI,IAAI,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;YACvB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,OAAO,EAAE,WAAW,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/E,OAAO;QACT,CAAC;QACD,YAAY,CAAC,WAAW,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;IAClD,CAAC;YAAS,CAAC;QACT,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC;IACtB,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,OAAO,CACpB,KAAqB,EACrB,UAAkB,EAClB,KAAa;IAEb,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,KAAK,EAAE,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;IAClE,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAY,EAAE,EAAE,CAAC,CAAC;QACjC,MAAM,EAAE,CAAC,CAAC,MAAM;QAChB,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,KAAK,EAAE,CAAC,CAAC,KAAK;QACd,OAAO,EAAE,CAAC,MAAe,CAAC;KAC3B,CAAC,CAAC,CAAC;AACN,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,YAAY,CACzB,KAAqB,EACrB,KAA0B,EAC1B,KAAa;IAEb,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAClC,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IACrC,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;IAC7D,MAAM,IAAI,GAAG,IAAI,GAAG,EAGjB,CAAC;IACJ,IAAI,CAAC;QACH,qEAAqE;QACrE,8DAA8D;QAC9D,oEAAoE;QACpE,wBAAwB;QACxB,MAAM,KAAK,GAAG,MAAM,KAAK,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QAC7C,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;YACtB,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,sEAAsE;QACtE,qEAAqE;QACrE,oEAAoE;QACpE,uBAAuB;IACzB,CAAC;IACD,MAAM,GAAG,GAAe,EAAE,CAAC;IAC3B,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,MAAM,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QAC7B,IAAI,CAAC,KAAK,SAAS;YAAE,SAAS;QAC9B,GAAG,CAAC,IAAI,CAAC;YACP,MAAM,EAAE,CAAC,CAAC,MAAM;YAChB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,OAAO,EAAE,CAAC,CAAC,OAAO;SACnB,CAAC,CAAC;IACL,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;;;;;GAQG;AACH,KAAK,UAAU,aAAa,CAC1B,KAAY,EACZ,OAA0B;IAE1B,MAAM,GAAG,GAAG,IAAI,GAAG,EAA4B,CAAC;IAChD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,GAAG,CAAC;IACrC,oEAAoE;IACpE,yEAAyE;IACzE,wEAAwE;IACxE,yDAAyD;IACzD,MAAM,QAAQ,GAAG,KAAK,CAAC,QAItB,CAAC;IACF,IAAI,OAAO,QAAQ,CAAC,2BAA2B,KAAK,UAAU;QAAE,OAAO,GAAG,CAAC;IAC3E,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;IAC7C,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,2BAA2B,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACtF,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,qEAAqE;YACrE,0EAA0E;YAC1E,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,iEAAiE;IACnE,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;GAIG;AACH,SAAS,eAAe,CACtB,IAAY,EACZ,OAA2B,EAC3B,IAAwB;IAExB,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,IAAI,OAAO,KAAK,SAAS,IAAI,OAAO,CAAC,IAAI,EAAE,KAAK,EAAE;QAAE,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IAC/E,IAAI,IAAI,KAAK,SAAS,IAAI,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE;QAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;IACtE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjB,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC3B,CAAC;AAED;;;;;;GAMG;AACH,KAAK,UAAU,iBAAiB,CAAC,QAAgB,EAAE,CAAW;IAC5D,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;IAChF,IAAI,MAAc,CAAC;IACnB,IAAI,CAAC;QACH,MAAM,GAAG,MAAM,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IACvC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,MAAM,CAAC,MAAM,IAAI,wBAAwB;QAAE,OAAO,MAAM,CAAC;IAC7D,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,wBAAwB,GAAG,CAAC,CAAC,GAAG,CAAC;AAC7D,CAAC;AAED,SAAS,YAAY,CACnB,OAA4B,EAC5B,IAAY,EACZ,QAAgB,EAChB,IAAuB;IAEvB,MAAM,KAAK,GAAG,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC;IACpD,OAAO,CAAC,IAAI,CAAC,WAAW,IAAI,QAAQ,QAAQ,KAAK,OAAO,CAAC,MAAM,IAAI,KAAK,WAAW,CAAC,CAAC;IACrF,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO;IACjC,qEAAqE;IACrE,sEAAsE;IACtE,wEAAwE;IACxE,2BAA2B;IAC3B,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,OAAO,KAAK,QAAQ,IAAI,CAAC,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC9F,MAAM,MAAM,GAAG,UAAU;QACvB,CAAC,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,CAAC;QACzD,CAAC,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;IACjD,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QAC7B,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QACnF,IAAI,CAAC,UAAU;YAAE,OAAO,IAAI,CAAC;QAC7B,OAAO,CAAC,GAAG,IAAI,EAAE,eAAe,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IACH,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACjC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAChE,CAAC;IACF,MAAM,IAAI,GAAG,CAAC,IAAuB,EAAU,EAAE,CAC/C,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1D,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;IAC1B,KAAK,MAAM,GAAG,IAAI,IAAI;QAAE,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAC/C,wEAAwE;IACxE,kEAAkE;IAClE,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,IAAI,CAAC,CAAC,OAAO,KAAK,SAAS;YAAE,SAAS;QACtC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;QACvD,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,eAAe,CAAC,OAA2B;IAClD,IAAI,OAAO,KAAK,SAAS,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAC7D,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IACtD,IAAI,SAAS,CAAC,MAAM,IAAI,uBAAuB;QAAE,OAAO,SAAS,CAAC;IAClE,OAAO,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,uBAAuB,GAAG,CAAC,CAAC,GAAG,CAAC;AAC/D,CAAC"}

package/dist/commands/scan.d.ts ADDED Viewed

@@ -0,0 +1,81 @@
+/**
+ * `codehub scan [path]` — run P1 + profile-gated P2 scanners, emit merged
+ * SARIF, ingest findings into the graph.
+ *
+ * Flow:
+ *   1. Resolve the target repo (optionally from the registry).
+ *   2. Read the ProjectProfile row (if any) so we can gate scanners by
+ *      detected languages / iacTypes / apiContracts.
+ *   3. Filter the catalog by --scanners, --with, and the profile:
+ *      - P1 scanners are gated by language overlap (polyglot always in).
+ *      - P2 scanners (trivy, checkov, hadolint, tflint, spectral) are
+ *        opt-in via ProjectProfile fields. `--with trivy,checkov`
+ *        force-adds them regardless of profile.
+ *   4. Build per-scanner context (checkov frameworks, hadolint Dockerfile
+ *      list, spectral contract files, pip-audit requirements path) from
+ *      the profile + filesystem probe.
+ *   5. Run the selected scanners in parallel via `runScanners`.
+ *   6. Merge SARIF and write to `.codehub/scan.sarif`.
+ *   7. Ingest findings into the graph via `runIngestSarif`.
+ *   8. Exit with 0 when no HIGH+CRIT findings, 1 when any, 2 when a
+ *      scanner returned non-zero or crashed.
+ *
+ * The --severity filter gates the exit code only; every finding is
+ * still written to SARIF and the graph.
+ */
+import { P1_SPECS, type ProjectProfileGate, type ScannerSpec } from "@opencodehub/scanners";
+export interface ScanOptions {
+    /** Explicit scanner ids (--scanners=semgrep,osv). Overrides profile gating. */
+    readonly scanners?: readonly string[];
+    /** Additional scanner ids to include on top of defaults. */
+    readonly withScanners?: readonly string[];
+    /** Override output path. Defaults to `<repo>/.codehub/scan.sarif`. */
+    readonly output?: string;
+    /** Severity filter for the exit-code gate (default: HIGH,CRITICAL). */
+    readonly severity?: readonly string[];
+    /**
+     * Path to a baseline SARIF log. When supplied, every result in the
+     * scan output is tagged via `applyBaselineState` and findings with
+     * `baselineState === "unchanged"` are excluded from the severity-gate
+     * exit code — they are not new relative to the baseline.
+     */
+    readonly baseline?: string;
+    /** Override the registry home (tests). */
+    readonly home?: string;
+    /** `--repo <name>`: look up a registered repo instead of using `path`. */
+    readonly repo?: string;
+    /** Concurrency override. */
+    readonly concurrency?: number;
+    /** Per-scanner timeout override in ms. */
+    readonly timeoutMs?: number;
+}
+export interface ScanSummary {
+    readonly repoPath: string;
+    readonly outputPath: string;
+    readonly runs: readonly {
+        readonly scanner: string;
+        readonly findings: number;
+        readonly skipped?: string;
+    }[];
+    readonly totalFindings: number;
+    readonly bySeverity: Record<string, number>;
+    /** 0 = clean, 1 = findings above severity threshold, 2 = scanner error. */
+    readonly exitCode: 0 | 1 | 2;
+}
+export declare function runScan(path: string, opts?: ScanOptions): Promise<ScanSummary>;
+/**
+ * Read the ProjectProfile node (if present) so we can gate scanners by
+ * detected languages, IaC types, and API contracts. If the graph is
+ * absent, every field is returned empty — falls back to the polyglot P1
+ * subset.
+ */
+export declare function readProjectProfile(repoPath: string): Promise<ProjectProfileGate>;
+/**
+ * Exported for tests: apply --scanners / --with / profile gating to
+ * produce the final scanner list.
+ */
+export declare function selectScanners(profile: ProjectProfileGate, opts: ScanOptions): readonly ScannerSpec[];
+/** Helper exposed for tests: parse a SARIF file from disk. */
+export declare function readSarifFile(path: string): Promise<unknown>;
+export { P1_SPECS };
+//# sourceMappingURL=scan.d.ts.map

package/dist/commands/scan.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"scan.d.ts","sourceRoot":"","sources":["../../src/commands/scan.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAaH,OAAO,EAOL,QAAQ,EAER,KAAK,kBAAkB,EAEvB,KAAK,WAAW,EAGjB,MAAM,uBAAuB,CAAC;AAK/B,MAAM,WAAW,WAAW;IAC1B,+EAA+E;IAC/E,QAAQ,CAAC,QAAQ,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACtC,4DAA4D;IAC5D,QAAQ,CAAC,YAAY,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC1C,sEAAsE;IACtE,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,uEAAuE;IACvE,QAAQ,CAAC,QAAQ,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACtC;;;;;OAKG;IACH,QAAQ,CAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAC3B,0CAA0C;IAC1C,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,0EAA0E;IAC1E,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IACvB,4BAA4B;IAC5B,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,0CAA0C;IAC1C,QAAQ,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC;CAC7B;AAED,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,IAAI,EAAE,SAAS;QACtB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;QACzB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;QAC1B,QAAQ,CAAC,OAAO,CAAC,EAAE,MAAM,CAAC;KAC3B,EAAE,CAAC;IACJ,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC5C,2EAA2E;IAC3E,QAAQ,CAAC,QAAQ,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;CAC9B;AAID,wBAAsB,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,GAAE,WAAgB,GAAG,OAAO,CAAC,WAAW,CAAC,CAoIxF;AA+BD;;;;;GAKG;AACH,wBAAsB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC,CA0BtF;AAED;;;GAGG;AACH,wBAAgB,cAAc,CAC5B,OAAO,EAAE,kBAAkB,EAC3B,IAAI,EAAE,WAAW,GAChB,SAAS,WAAW,EAAE,CAuBxB;AAoID,8DAA8D;AAC9D,wBAAsB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAGlE;AAyBD,OAAO,EAAE,QAAQ,EAAE,CAAC"}