@runhalo/engine 0.4.0 → 0.6.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (64) hide show
  1. package/dist/ast-engine.d.ts +60 -0
  2. package/dist/ast-engine.js +653 -0
  3. package/dist/ast-engine.js.map +1 -0
  4. package/dist/context-analyzer.d.ts +209 -0
  5. package/dist/context-analyzer.js +408 -0
  6. package/dist/context-analyzer.js.map +1 -0
  7. package/dist/data-flow-tracer.d.ts +106 -0
  8. package/dist/data-flow-tracer.js +506 -0
  9. package/dist/data-flow-tracer.js.map +1 -0
  10. package/dist/fp-patterns.d.ts +36 -0
  11. package/dist/fp-patterns.js +426 -0
  12. package/dist/fp-patterns.js.map +1 -0
  13. package/dist/frameworks/angular.d.ts +11 -0
  14. package/dist/frameworks/angular.js +41 -0
  15. package/dist/frameworks/angular.js.map +1 -0
  16. package/dist/frameworks/django.d.ts +11 -0
  17. package/dist/frameworks/django.js +57 -0
  18. package/dist/frameworks/django.js.map +1 -0
  19. package/dist/frameworks/index.d.ts +59 -0
  20. package/dist/frameworks/index.js +99 -0
  21. package/dist/frameworks/index.js.map +1 -0
  22. package/dist/frameworks/nextjs.d.ts +11 -0
  23. package/dist/frameworks/nextjs.js +59 -0
  24. package/dist/frameworks/nextjs.js.map +1 -0
  25. package/dist/frameworks/rails.d.ts +11 -0
  26. package/dist/frameworks/rails.js +58 -0
  27. package/dist/frameworks/rails.js.map +1 -0
  28. package/dist/frameworks/react.d.ts +13 -0
  29. package/dist/frameworks/react.js +36 -0
  30. package/dist/frameworks/react.js.map +1 -0
  31. package/dist/frameworks/types.d.ts +29 -0
  32. package/dist/frameworks/types.js +11 -0
  33. package/dist/frameworks/types.js.map +1 -0
  34. package/dist/frameworks/vue.d.ts +9 -0
  35. package/dist/frameworks/vue.js +39 -0
  36. package/dist/frameworks/vue.js.map +1 -0
  37. package/dist/graduation/fp-verdict-logger.d.ts +81 -0
  38. package/dist/graduation/fp-verdict-logger.js +130 -0
  39. package/dist/graduation/fp-verdict-logger.js.map +1 -0
  40. package/dist/graduation/graduation-codifier.d.ts +37 -0
  41. package/dist/graduation/graduation-codifier.js +205 -0
  42. package/dist/graduation/graduation-codifier.js.map +1 -0
  43. package/dist/graduation/graduation-validator.d.ts +73 -0
  44. package/dist/graduation/graduation-validator.js +204 -0
  45. package/dist/graduation/graduation-validator.js.map +1 -0
  46. package/dist/graduation/index.d.ts +71 -0
  47. package/dist/graduation/index.js +105 -0
  48. package/dist/graduation/index.js.map +1 -0
  49. package/dist/graduation/pattern-aggregator.d.ts +77 -0
  50. package/dist/graduation/pattern-aggregator.js +154 -0
  51. package/dist/graduation/pattern-aggregator.js.map +1 -0
  52. package/dist/index.d.ts +99 -0
  53. package/dist/index.js +718 -61
  54. package/dist/index.js.map +1 -1
  55. package/dist/review-board/two-agent-review.d.ts +152 -0
  56. package/dist/review-board/two-agent-review.js +463 -0
  57. package/dist/review-board/two-agent-review.js.map +1 -0
  58. package/dist/scope-analyzer.d.ts +91 -0
  59. package/dist/scope-analyzer.js +300 -0
  60. package/dist/scope-analyzer.js.map +1 -0
  61. package/package.json +9 -2
  62. package/rules/coppa-tier-1.yaml +17 -10
  63. package/rules/rules.json +2094 -99
  64. package/rules/validation-report.json +58 -0
package/rules/validation-report.json ADDED
@@ -0,0 +1,58 @@
1
+ {
2
+ "audit": "Richard CCO Validation Pass",
3
+ "date": "2026-03-03",
4
+ "auditor": "Richard (CCO Agent)",
5
+ "methodology": "Audit A — Rule Validity: regex pattern analysis against regulation text. Static confidence scoring.",
6
+ "summary": {
7
+ "total_rules": 42,
8
+ "validity": { "valid": 18, "overly_broad": 10, "too_narrow": 8, "misaligned": 1 },
9
+ "confidence": { "high": 7, "medium": 16, "low": 19 },
10
+ "recommendation": { "none": 6, "refine_pattern": 17, "add_context": 14, "deprecate": 0 },
11
+ "estimated_fp_rate": "12-18% (weighted by scan volume — high-fire rules like tracking-003, geo-004, notif-013 carry low confidence)",
12
+ "gate_status": "CONDITIONAL PASS — FP rate exceeds 5% target. Mitigations: confidence scores displayed in output, low-confidence rules flagged as advisory"
13
+ },
14
+ "rules": [
15
+ { "rule_id": "coppa-auth-001", "validity": "overly_broad", "confidence": "low", "recommendation": "refine_pattern" },
16
+ { "rule_id": "coppa-data-002", "validity": "valid", "confidence": "medium", "recommendation": "refine_pattern" },
17
+ { "rule_id": "coppa-tracking-003", "validity": "valid", "confidence": "low", "recommendation": "add_context" },
18
+ { "rule_id": "coppa-geo-004", "validity": "valid", "confidence": "low", "recommendation": "add_context" },
19
+ { "rule_id": "coppa-retention-005", "validity": "too_narrow", "confidence": "low", "recommendation": "refine_pattern" },
20
+ { "rule_id": "coppa-sec-006", "validity": "overly_broad", "confidence": "medium", "recommendation": "refine_pattern" },
21
+ { "rule_id": "coppa-audio-007", "validity": "valid", "confidence": "low", "recommendation": "add_context" },
22
+ { "rule_id": "coppa-ui-008", "validity": "too_narrow", "confidence": "medium", "recommendation": "refine_pattern" },
23
+ { "rule_id": "coppa-flow-009", "validity": "valid", "confidence": "high", "recommendation": "none" },
24
+ { "rule_id": "coppa-sec-010", "validity": "valid", "confidence": "high", "recommendation": "none" },
25
+ { "rule_id": "coppa-ext-011", "validity": "valid", "confidence": "medium", "recommendation": "add_context" },
26
+ { "rule_id": "coppa-bio-012", "validity": "valid", "confidence": "medium", "recommendation": "refine_pattern" },
27
+ { "rule_id": "coppa-notif-013", "validity": "overly_broad", "confidence": "low", "recommendation": "add_context" },
28
+ { "rule_id": "coppa-ugc-014", "validity": "overly_broad", "confidence": "low", "recommendation": "add_context" },
29
+ { "rule_id": "coppa-sec-015", "validity": "valid", "confidence": "medium", "recommendation": "refine_pattern" },
30
+ { "rule_id": "coppa-cookies-016", "validity": "overly_broad", "confidence": "low", "recommendation": "refine_pattern" },
31
+ { "rule_id": "coppa-ext-017", "validity": "misaligned", "confidence": "medium", "recommendation": "refine_pattern" },
32
+ { "rule_id": "coppa-analytics-018", "validity": "valid", "confidence": "medium", "recommendation": "add_context" },
33
+ { "rule_id": "coppa-edu-019", "validity": "too_narrow", "confidence": "low", "recommendation": "refine_pattern" },
34
+ { "rule_id": "coppa-default-020", "validity": "valid", "confidence": "medium", "recommendation": "add_context" },
35
+ { "rule_id": "ETHICAL-001", "validity": "valid", "confidence": "medium", "recommendation": "refine_pattern" },
36
+ { "rule_id": "ETHICAL-002", "validity": "valid", "confidence": "medium", "recommendation": "refine_pattern" },
37
+ { "rule_id": "ETHICAL-003", "validity": "valid", "confidence": "medium", "recommendation": "add_context" },
38
+ { "rule_id": "ETHICAL-004", "validity": "overly_broad", "confidence": "low", "recommendation": "refine_pattern" },
39
+ { "rule_id": "ETHICAL-005", "validity": "overly_broad", "confidence": "low", "recommendation": "add_context" },
40
+ { "rule_id": "AI-AUDIT-001", "validity": "valid", "confidence": "high", "recommendation": "none" },
41
+ { "rule_id": "AI-AUDIT-002", "validity": "valid", "confidence": "medium", "recommendation": "refine_pattern" },
42
+ { "rule_id": "AI-AUDIT-003", "validity": "valid", "confidence": "high", "recommendation": "none" },
43
+ { "rule_id": "AI-AUDIT-004", "validity": "valid", "confidence": "medium", "recommendation": "refine_pattern" },
44
+ { "rule_id": "AI-AUDIT-005", "validity": "valid", "confidence": "high", "recommendation": "none" },
45
+ { "rule_id": "AI-AUDIT-006", "validity": "valid", "confidence": "high", "recommendation": "none" },
46
+ { "rule_id": "AU-SBD-001", "validity": "overly_broad", "confidence": "low", "recommendation": "add_context" },
47
+ { "rule_id": "AU-SBD-002", "validity": "overly_broad", "confidence": "low", "recommendation": "refine_pattern" },
48
+ { "rule_id": "AU-SBD-003", "validity": "overly_broad", "confidence": "low", "recommendation": "add_context" },
49
+ { "rule_id": "AU-SBD-004", "validity": "overly_broad", "confidence": "low", "recommendation": "add_context" },
50
+ { "rule_id": "AU-SBD-005", "validity": "overly_broad", "confidence": "low", "recommendation": "add_context" },
51
+ { "rule_id": "AU-SBD-006", "validity": "overly_broad", "confidence": "low", "recommendation": "refine_pattern" },
52
+ { "rule_id": "ut-sb142-001", "validity": "too_narrow", "confidence": "low", "recommendation": "refine_pattern" },
53
+ { "rule_id": "ut-sb142-002", "validity": "too_narrow", "confidence": "low", "recommendation": "refine_pattern" },
54
+ { "rule_id": "ut-sb142-003", "validity": "valid", "confidence": "medium", "recommendation": "add_context" },
55
+ { "rule_id": "ut-sb142-004", "validity": "too_narrow", "confidence": "low", "recommendation": "refine_pattern" },
56
+ { "rule_id": "ut-sb142-005", "validity": "valid", "confidence": "medium", "recommendation": "refine_pattern" }
57
+ ]
58
+ }