@safets-org/cli 1.0.0

package/dist/index.d.ts

@@ -0,0 +1,2 @@
+#!/usr/bin/env node
+export {};

package/dist/index.js

@@ -0,0 +1,141 @@
+#!/usr/bin/env node
+import { createRequire } from "module";
+import { analyze, loadProgramRobust } from "./analyze.js";
+import { checkBaselineOptionsMismatch, isNew, loadBaseline, saveBaseline } from "./reporters/baseline.js";
+import { printBaselineMismatchWarning, printDebt, printDoctor, printFix } from "./reporters/index.js";
+import { printJsonReport } from "./reporters/json.js";
+import { c } from "./utils/colors.js";
+const COMMANDS = new Set(["doctor", "fix", "debt", "baseline"]);
+const FLAGS = new Set(["--help", "--version", "--fail-on-new", "--baseline", "--include-tests", "--json"]);
+function getVersion() {
+    const require = createRequire(import.meta.url);
+    const packageJson = require("../package.json");
+    return packageJson.version ?? "0.0.0";
+}
+function printBanner(version, includeTests) {
+    console.log(c.bold(c.cyan(`\n  SafeTS v${version}`)));
+    console.log(c.dim("  Finds common runtime crashes TypeScript can't detect\n"));
+    if (!includeTests) {
+        console.log(c.dim("  (test files excluded - use --include-tests to include them)\n"));
+    }
+}
+function printHelp(version) {
+    console.log(`SafeTS v${version}`);
+    console.log("Finds common runtime crashes TypeScript can't detect.\n");
+    console.log("Usage:");
+    console.log("  safets [command] [options]\n");
+    console.log("Commands:");
+    console.log("  doctor    Analyze the project and print potential crashes (default)");
+    console.log("  fix       Print manual fix suggestions");
+    console.log("  debt      Show grouped crash debt, with baseline deltas when compatible");
+    console.log("  baseline  Save the current crash snapshot to .safets-baseline.json\n");
+    console.log("Options:");
+    console.log("  --include-tests  Include test files in the analysis");
+    console.log("  --baseline       Save a baseline after `doctor` finishes");
+    console.log("  --fail-on-new    Exit with code 1 when `doctor` finds crashes not in the baseline");
+    console.log("  --json           Print machine-readable JSON instead of human output");
+    console.log("  --help           Show this help message");
+    console.log("  --version        Show the installed SafeTS version\n");
+    console.log("Exit codes:");
+    console.log("  0  Successful run, including `doctor` with no blocking condition");
+    console.log("  1  Invalid CLI usage, incompatible `--fail-on-new` baseline, or new crashes found\n");
+    console.log("Examples:");
+    console.log("  safets");
+    console.log("  safets doctor --fail-on-new");
+    console.log("  safets debt --include-tests");
+    console.log("  safets baseline");
+}
+const args = process.argv.slice(2);
+const version = getVersion();
+const root = process.cwd();
+const unknownFlags = args.filter((arg) => arg.startsWith("-") && !FLAGS.has(arg));
+if (unknownFlags.length > 0) {
+    console.error(c.red(`x Unknown option(s): ${unknownFlags.join(", ")}\n`));
+    printHelp(version);
+    process.exit(1);
+}
+if (args.includes("--help") || args[0] === "help") {
+    printHelp(version);
+    process.exit(0);
+}
+if (args.includes("--version") || args[0] === "version") {
+    console.log(version);
+    process.exit(0);
+}
+const nonFlagArgs = args.filter((arg) => !arg.startsWith("-"));
+const command = nonFlagArgs[0] ?? "doctor";
+if (!COMMANDS.has(command)) {
+    console.error(c.red(`x Unknown command: ${command}\n`));
+    printHelp(version);
+    process.exit(1);
+}
+const failOnNew = args.includes("--fail-on-new");
+const withBase = args.includes("--baseline");
+const includeTests = args.includes("--include-tests");
+const jsonOutput = args.includes("--json");
+if (!jsonOutput) {
+    printBanner(version, includeTests);
+}
+if (command !== "doctor" && failOnNew) {
+    console.error(c.red("x `--fail-on-new` can only be used with `doctor`.\n"));
+    process.exit(1);
+}
+if (command !== "doctor" && withBase) {
+    console.error(c.red("x `--baseline` can only be used with `doctor`.\n"));
+    process.exit(1);
+}
+const programResult = loadProgramRobust(root, includeTests);
+const crashes = analyze(programResult);
+const baseline = loadBaseline(root);
+const baselineMismatch = baseline
+    ? checkBaselineOptionsMismatch(baseline, includeTests)
+    : null;
+if (jsonOutput) {
+    const comparableBase = baselineMismatch ? null : baseline;
+    const newCrashes = comparableBase
+        ? crashes.filter((crash) => isNew(crash, comparableBase))
+        : crashes;
+    const failOnNewWillFail = command === "doctor" &&
+        failOnNew &&
+        (baselineMismatch !== null || newCrashes.length > 0);
+    const shouldSaveBaseline = command === "baseline" ||
+        (command === "doctor" && withBase && !failOnNewWillFail);
+    const savedBaseline = shouldSaveBaseline
+        ? saveBaseline(crashes, root, programResult, version, { quiet: true })
+        : null;
+    printJsonReport({
+        command: command,
+        crashes,
+        root,
+        version,
+        includeTests,
+        failOnNew,
+        baseline,
+        baselineMismatch,
+        programResult,
+        savedBaseline,
+    });
+    if (failOnNewWillFail) {
+        process.exit(1);
+    }
+    process.exit(0);
+}
+switch (command) {
+    case "debt":
+        printBaselineMismatchWarning(baselineMismatch);
+        printDebt(crashes, baseline, baselineMismatch);
+        break;
+    case "fix":
+        printFix(crashes, root);
+        break;
+    case "baseline":
+        saveBaseline(crashes, root, programResult, version);
+        break;
+    case "doctor":
+    default:
+        printDoctor(crashes, root, failOnNew, baseline, programResult, baselineMismatch);
+        if (withBase) {
+            saveBaseline(crashes, root, programResult, version);
+        }
+        break;
+}

package/dist/reporters/baseline.d.ts

@@ -0,0 +1,8 @@
+import type { Baseline, CrashReport, ProgramResult } from "../utils/types.ts";
+export declare const BASELINE_FILE = ".safets-baseline.json";
+export declare function saveBaseline(crashes: CrashReport[], root: string, programResult: ProgramResult, version: string, options?: {
+    quiet?: boolean;
+}): Baseline;
+export declare function loadBaseline(root: string): Baseline | null;
+export declare function isNew(crash: CrashReport, baseline: Baseline): boolean;
+export declare function checkBaselineOptionsMismatch(baseline: Baseline, includeTests: boolean): string | null;

package/dist/reporters/baseline.js

@@ -0,0 +1,53 @@
+import fs from "fs";
+import path from "path";
+import { c } from "../utils/colors.js";
+import { normalizeFilePath, toProjectRelativePath } from "../utils/files.js";
+export const BASELINE_FILE = ".safets-baseline.json";
+export function saveBaseline(crashes, root, programResult, version, options = {}) {
+    const baseline = {
+        version,
+        date: new Date().toISOString(),
+        options: { includeTests: programResult.includeTests },
+        crashes: crashes.map((crash) => ({
+            file: toProjectRelativePath(root, crash.file),
+            line: crash.line,
+            expr: crash.expr,
+            pattern: crash.pattern,
+        })),
+    };
+    fs.writeFileSync(path.join(root, BASELINE_FILE), JSON.stringify(baseline, null, 2));
+    if (!options.quiet) {
+        console.log(c.green(`\nOK Baseline saved - ${crashes.length} known crash(es) recorded.`));
+        console.log(c.dim(`  File: ${BASELINE_FILE}`));
+        console.log(c.dim(`  Options: includeTests=${programResult.includeTests}`));
+        console.log(c.dim("  Commit this file to version control for CI to work correctly.\n"));
+    }
+    return baseline;
+}
+export function loadBaseline(root) {
+    try {
+        const filePath = path.join(root, BASELINE_FILE);
+        if (!fs.existsSync(filePath)) {
+            return null;
+        }
+        return JSON.parse(fs.readFileSync(filePath, "utf-8"));
+    }
+    catch {
+        return null;
+    }
+}
+export function isNew(crash, baseline) {
+    const absoluteCrashPath = normalizeFilePath(crash.file);
+    return !baseline.crashes.some((entry) => (entry.file === absoluteCrashPath || entry.file === toProjectRelativePath(process.cwd(), crash.file)) &&
+        entry.line === crash.line &&
+        entry.expr === crash.expr);
+}
+export function checkBaselineOptionsMismatch(baseline, includeTests) {
+    if (!baseline.options) {
+        return null;
+    }
+    if (baseline.options.includeTests !== includeTests) {
+        return `baseline was saved with includeTests=${baseline.options.includeTests} but current run uses includeTests=${includeTests}. Re-run 'safets baseline' first.`;
+    }
+    return null;
+}

package/dist/reporters/index.d.ts

@@ -0,0 +1,5 @@
+import type { Baseline, CrashReport, ProgramResult } from "../utils/types.ts";
+export declare function printDoctor(crashes: CrashReport[], root: string, failOnNew: boolean, base: Baseline | null, programResult: ProgramResult, baselineMismatch: string | null): void;
+export declare function printDebt(crashes: CrashReport[], base: Baseline | null, baselineMismatch: string | null): void;
+export declare function printBaselineMismatchWarning(baselineMismatch: string | null): void;
+export declare function printFix(crashes: CrashReport[], root: string): void;

package/dist/reporters/index.js

@@ -0,0 +1,208 @@
+import path from "path";
+import { isNew } from "./baseline.js";
+import { c } from "../utils/colors.js";
+function makeOptionalChainSuggestion(expr) {
+    const lastDot = expr.lastIndexOf(".");
+    if (lastDot === -1) {
+        return `${expr}?`;
+    }
+    return `${expr.slice(0, lastDot)}?.${expr.slice(lastDot + 1)}`;
+}
+export function printDoctor(crashes, root, failOnNew, base, programResult, baselineMismatch) {
+    const rel = (filePath) => path.relative(root, filePath);
+    const comparableBase = baselineMismatch ? null : base;
+    if (baselineMismatch) {
+        console.log(c.yellow(`  ! Baseline mismatch: ${baselineMismatch}\n`));
+        if (failOnNew) {
+            console.log(c.red("x Refusing --fail-on-new against an incompatible baseline.\n"));
+            process.exit(1);
+        }
+    }
+    if (programResult.warnings.length > 0) {
+        console.log(c.yellow("  ! Warnings:"));
+        programResult.warnings.forEach((warning) => console.log(c.dim(`    ${warning}`)));
+        if (programResult.fallback) {
+            console.log(c.yellow("  ! Fallback mode - partial results only\n"));
+        }
+        else {
+            console.log();
+        }
+    }
+    if (crashes.length === 0) {
+        console.log(c.green("OK No potential runtime crashes found.\n"));
+        if (programResult.fallback) {
+            console.log(c.dim("  Note: fallback mode may miss type-dependent crashes.\n"));
+        }
+        return;
+    }
+    const newCrashes = comparableBase
+        ? crashes.filter((crash) => isNew(crash, comparableBase))
+        : crashes;
+    const knownCrashes = comparableBase
+        ? crashes.filter((crash) => !isNew(crash, comparableBase))
+        : [];
+    const fallbackCount = crashes.filter((crash) => crash.fallback).length;
+    console.log(c.bold("SafeTS Runtime Safety Report"));
+    console.log(c.dim("-".repeat(44)));
+    console.log(comparableBase
+        ? `${crashes.length} potential crashes  (${c.red(`${newCrashes.length} new`)} · ${c.dim(`${knownCrashes.length} known`)})`
+        : c.red(`${crashes.length} potential crashes`));
+    if (fallbackCount > 0) {
+        console.log(c.dim(`  ${fallbackCount} in fallback mode (lower confidence)`));
+    }
+    console.log();
+    const grouped = new Map();
+    for (const crash of crashes) {
+        const key = rel(crash.file);
+        if (!grouped.has(key)) {
+            grouped.set(key, []);
+        }
+        const bucket = grouped.get(key);
+        if (bucket) {
+            bucket.push(crash);
+        }
+    }
+    for (const [file, list] of grouped) {
+        console.log(c.cyan(`  ${file}`));
+        for (const crash of list) {
+            const badge = comparableBase
+                ? isNew(crash, comparableBase)
+                    ? c.red(" [NEW]   ")
+                    : c.dim(" [known] ")
+                : "";
+            const confidence = crash.confidence === "HIGH" ? c.red("HIGH") : c.yellow("MED ");
+            const fallbackBadge = crash.fallback ? c.dim(" [fallback]") : "";
+            console.log(`\n  ${badge} ${confidence}  Line ${crash.line}:${crash.col}  ${c.bold(crash.pattern)}${fallbackBadge}`);
+            console.log(c.dim(`    ${crash.expr}`));
+            console.log(c.dim(`    type: ${crash.type}`));
+            console.log(c.dim("\n    Crash simulation:"));
+            crash.crashPath.forEach((step) => console.log(c.dim(`      -> ${step}`)));
+        }
+        console.log();
+    }
+    console.log(c.dim("-".repeat(44)));
+    console.log(c.dim("  safets fix       - fix suggestions"));
+    console.log(c.dim("  safets debt      - grouped debt report"));
+    console.log(c.dim("  safets baseline  - record current state for CI\n"));
+    if (failOnNew && newCrashes.length > 0) {
+        console.log(c.red(`x ${newCrashes.length} new crash(es) - CI blocked.\n`));
+        process.exit(1);
+    }
+}
+export function printDebt(crashes, base, baselineMismatch) {
+    const comparableBase = baselineMismatch ? null : base;
+    const currentCounts = new Map();
+    for (const crash of crashes) {
+        currentCounts.set(crash.pattern, (currentCounts.get(crash.pattern) ?? 0) + 1);
+    }
+    const baselineCounts = new Map();
+    if (comparableBase) {
+        for (const entry of comparableBase.crashes) {
+            if (entry.pattern) {
+                baselineCounts.set(entry.pattern, (baselineCounts.get(entry.pattern) ?? 0) + 1);
+            }
+        }
+    }
+    console.log(c.bold("SafeTS Debt Report"));
+    console.log(c.dim("-".repeat(50)));
+    const patterns = new Set([
+        ...currentCounts.keys(),
+        ...baselineCounts.keys(),
+    ]);
+    for (const pattern of patterns) {
+        const currentCount = currentCounts.get(pattern) ?? 0;
+        if (!comparableBase) {
+            console.log(`  ${pattern.padEnd(40)} ${c.red(String(currentCount))}`);
+            continue;
+        }
+        const baselineCount = baselineCounts.get(pattern) ?? 0;
+        const delta = currentCount - baselineCount;
+        let deltaText = c.dim("  (same)");
+        if (delta > 0) {
+            deltaText = c.red(`  (↑${delta} new)`);
+        }
+        else if (delta < 0) {
+            deltaText = c.green(`  (↓${Math.abs(delta)} fixed)`);
+        }
+        console.log(`  ${pattern.padEnd(40)} ${c.red(String(currentCount))}${deltaText}`);
+    }
+    console.log(c.dim("-".repeat(50)));
+    const total = crashes.length;
+    if (comparableBase) {
+        const delta = total - comparableBase.crashes.length;
+        let deltaText = c.dim(" (same as baseline)");
+        if (delta > 0) {
+            deltaText = c.red(` (+${delta} since baseline)`);
+        }
+        else if (delta < 0) {
+            deltaText = c.green(` (-${Math.abs(delta)} since baseline)`);
+        }
+        console.log(`  ${"Total".padEnd(40)} ${c.red(String(total))}${deltaText}`);
+    }
+    else {
+        console.log(`  ${"Total".padEnd(40)} ${c.red(String(total))}`);
+        if (baselineMismatch) {
+            console.log(c.dim("\n  Showing current debt only because baseline comparison was skipped."));
+            console.log(c.dim("  Re-run 'safets baseline' with matching options to track debt deltas."));
+        }
+        else {
+            console.log(c.dim("\n  Run 'safets baseline' to track debt over time."));
+        }
+    }
+    console.log();
+}
+export function printBaselineMismatchWarning(baselineMismatch) {
+    if (baselineMismatch) {
+        console.log(c.yellow(`  ! Baseline mismatch: ${baselineMismatch}\n`));
+    }
+}
+export function printFix(crashes, root) {
+    const rel = (filePath) => path.relative(root, filePath);
+    console.log(c.bold("SafeTS Fix Suggestions"));
+    console.log(c.dim("-".repeat(44)));
+    console.log(c.dim("  SafeTS is read-only - it never modifies your source code."));
+    console.log(c.dim("  Apply these suggestions manually.\n"));
+    if (crashes.length === 0) {
+        console.log(c.green("  No manual fixes to suggest right now."));
+        console.log(c.dim("  SafeTS did not find any supported runtime-crash patterns in the scanned files."));
+        console.log(c.dim("  If you expected findings, try 'safets doctor --include-tests'."));
+        console.log();
+        return;
+    }
+    for (const crash of crashes) {
+        console.log(c.cyan(`\n  ${rel(crash.file)}:${crash.line}  ${crash.pattern}`));
+        console.log(c.dim(`  ${crash.expr}`));
+        switch (crash.pattern) {
+            case "Unsafe property access":
+                console.log(c.green(`\n  -> ${makeOptionalChainSuggestion(crash.expr)}`));
+                console.log(c.green(`  -> if (!${crash.rootExpr}) return;`));
+                break;
+            case "Unsafe destructuring":
+                console.log(c.green(`\n  -> if (!${crash.rootExpr}) return;\n     ${crash.expr}`));
+                break;
+            case "Unsafe array index access":
+            case "Unsafe Map/Record access":
+                console.log(c.green(`\n  -> const item = ${crash.rootExpr}; if (!item) return;`));
+                console.log(c.green(`  -> ${crash.rootExpr}?.${crash.expr.split(".").pop()}`));
+                break;
+            case "Unprotected JSON.parse":
+                console.log(c.green(`\n  -> try { ${crash.expr} } catch (e) { /* handle SyntaxError */ }`));
+                break;
+            case "Unsafe process.env access":
+                console.log(c.green(`\n  -> const val = process.env.${crash.rootExpr.split(".")[2]} ?? "default";`));
+                console.log(c.green("  -> Validate all env vars at startup in a dedicated config.ts"));
+                break;
+            case "Non-null assertion on nullable":
+                console.log(c.green(`\n  -> Replace ! with: if (!${crash.rootExpr}) return;`));
+                console.log(c.green(`  -> Or: ${crash.rootExpr}?.yourMethod()`));
+                break;
+            case "Unsafe access after await":
+                console.log(c.green(`\n  -> Re-check after await:\n     await doSomething();\n     if (!${crash.rootExpr}) return;`));
+                break;
+            case "Unsafe Promise.all destructuring":
+                console.log(c.green(`\n  -> const [item] = await Promise.all([...]);\n     if (!item) return;`));
+                break;
+        }
+    }
+    console.log();
+}

package/dist/reporters/json.d.ts

@@ -0,0 +1,71 @@
+import type { Baseline, CrashReport, PatternName, ProgramResult } from "../utils/types.ts";
+type JsonCommand = "doctor" | "fix" | "debt" | "baseline";
+interface BuildJsonReportOptions {
+    command: JsonCommand;
+    crashes: CrashReport[];
+    root: string;
+    version: string;
+    includeTests: boolean;
+    failOnNew: boolean;
+    baseline: Baseline | null;
+    baselineMismatch: string | null;
+    programResult: ProgramResult;
+    savedBaseline?: Baseline | null;
+}
+export declare function buildJsonReport(options: BuildJsonReportOptions): {
+    schemaVersion: number;
+    safetsVersion: string;
+    command: JsonCommand;
+    options: {
+        includeTests: boolean;
+        failOnNew: boolean;
+    };
+    program: {
+        fallback: boolean;
+        warnings: string[];
+        strategy: "root-tsconfig" | "workspace-tsconfigs" | "direct-scan" | "fallback";
+        configFiles: string[];
+        rootFileCount: number;
+        filteredFileCount: number;
+    };
+    baseline: {
+        present: boolean;
+        compatible: boolean | null;
+        mismatch: string | null;
+        crashCount: number | null;
+        saved: {
+            file: string;
+            crashCount: number;
+            options: import("../utils/types.ts").BaselineOptions | null;
+        } | null;
+    };
+    summary: {
+        total: number;
+        new: number;
+        known: number;
+        byPattern: Partial<Record<PatternName, number>>;
+        fallback: number;
+    };
+    debt: {
+        pattern: PatternName;
+        current: number;
+        baseline: number | null;
+        delta: number | null;
+    }[];
+    crashes: {
+        file: string;
+        line: number;
+        col: number;
+        expr: string;
+        rootExpr: string;
+        type: string;
+        pattern: PatternName;
+        confidence: "HIGH" | "MEDIUM";
+        fallback: boolean;
+        status: string;
+        crashPath: string[];
+        suggestions: string[];
+    }[];
+};
+export declare function printJsonReport(options: BuildJsonReportOptions): void;
+export {};

package/dist/reporters/json.js

@@ -0,0 +1,170 @@
+import { isNew } from "./baseline.js";
+import { toProjectRelativePath } from "../utils/files.js";
+function countByPattern(patterns) {
+    const counts = {};
+    for (const pattern of patterns) {
+        counts[pattern] = (counts[pattern] ?? 0) + 1;
+    }
+    return counts;
+}
+function makeOptionalChainSuggestion(expr) {
+    const lastDot = expr.lastIndexOf(".");
+    const lastBracket = expr.lastIndexOf("[");
+    if (lastBracket > lastDot) {
+        return `${expr.slice(0, lastBracket)}?.${expr.slice(lastBracket)}`;
+    }
+    if (lastDot !== -1) {
+        return `${expr.slice(0, lastDot)}?.${expr.slice(lastDot + 1)}`;
+    }
+    return expr;
+}
+function makeEnvSuggestion(rootExpr) {
+    const match = rootExpr.match(/process\.env(?:\.([A-Za-z_][A-Za-z0-9_]*)|\[["']([^"']+)["']\])/);
+    const envName = match?.[1] ?? match?.[2] ?? "VAR_NAME";
+    const isIdentifier = /^[A-Za-z_$][A-Za-z0-9_$]*$/.test(envName);
+    const envAccess = isIdentifier
+        ? `process.env.${envName}`
+        : `process.env["${envName}"]`;
+    return `const val = ${envAccess} ?? "default";`;
+}
+function makeOptionalAccessSuggestion(rootExpr, expr) {
+    const suffix = expr.startsWith(rootExpr) ? expr.slice(rootExpr.length) : "";
+    if (suffix.startsWith(".")) {
+        return `${rootExpr}?.${suffix.slice(1)}`;
+    }
+    if (suffix.startsWith("[")) {
+        return `${rootExpr}?.${suffix}`;
+    }
+    return `${rootExpr}?.${suffix || "property"}`;
+}
+function makeFixSuggestions(crash) {
+    switch (crash.pattern) {
+        case "Unsafe property access":
+            return [
+                makeOptionalChainSuggestion(crash.expr),
+                `if (!${crash.rootExpr}) return;`,
+            ];
+        case "Unsafe destructuring":
+            return [`if (!${crash.rootExpr}) return;`, crash.expr];
+        case "Unsafe array index access":
+        case "Unsafe Map/Record access":
+            return [
+                `const item = ${crash.rootExpr}; if (!item) return;`,
+                makeOptionalAccessSuggestion(crash.rootExpr, crash.expr),
+            ];
+        case "Unprotected JSON.parse":
+            return [`try { ${crash.expr} } catch (e) { /* handle SyntaxError */ }`];
+        case "Unsafe process.env access":
+            return [
+                makeEnvSuggestion(crash.rootExpr),
+                "Validate all env vars at startup in a dedicated config.ts",
+            ];
+        case "Non-null assertion on nullable":
+            return [
+                `Replace ! with: if (!${crash.rootExpr}) return;`,
+                `${crash.rootExpr}?.yourMethod()`,
+            ];
+        case "Unsafe access after await":
+            return [
+                `await doSomething(); if (!${crash.rootExpr}) return;`,
+            ];
+        case "Unsafe Promise.all destructuring":
+            return ["const [item] = await Promise.all([...]); if (!item) return;"];
+        default:
+            return [];
+    }
+}
+export function buildJsonReport(options) {
+    const effectiveBaseline = options.command === "baseline"
+        ? options.savedBaseline ?? options.baseline
+        : options.baseline;
+    const effectiveMismatch = options.command === "baseline" && options.savedBaseline
+        ? null
+        : options.baselineMismatch;
+    const comparableBaseline = effectiveMismatch ? null : effectiveBaseline;
+    const newCrashes = comparableBaseline
+        ? options.crashes.filter((crash) => isNew(crash, comparableBaseline))
+        : options.crashes;
+    const knownCrashes = comparableBaseline
+        ? options.crashes.filter((crash) => !isNew(crash, comparableBaseline))
+        : [];
+    const baselinePatternCounts = countByPattern(comparableBaseline
+        ? comparableBaseline.crashes
+            .map((crash) => crash.pattern)
+            .filter((pattern) => !!pattern)
+        : []);
+    const currentPatternCounts = countByPattern(options.crashes.map((crash) => crash.pattern));
+    const debt = Object.keys({
+        ...baselinePatternCounts,
+        ...currentPatternCounts,
+    }).map((pattern) => {
+        const name = pattern;
+        const current = currentPatternCounts[name] ?? 0;
+        const baselineCount = baselinePatternCounts[name] ?? 0;
+        return {
+            pattern: name,
+            current,
+            baseline: comparableBaseline ? baselineCount : null,
+            delta: comparableBaseline ? current - baselineCount : null,
+        };
+    });
+    return {
+        schemaVersion: 1,
+        safetsVersion: options.version,
+        command: options.command,
+        options: {
+            includeTests: options.includeTests,
+            failOnNew: options.failOnNew,
+        },
+        program: {
+            fallback: options.programResult.fallback,
+            warnings: options.programResult.warnings,
+            strategy: options.programResult.strategy,
+            configFiles: options.programResult.configFiles.map((filePath) => toProjectRelativePath(options.root, filePath)),
+            rootFileCount: options.programResult.rootFileCount,
+            filteredFileCount: options.programResult.filteredFileCount,
+        },
+        baseline: {
+            present: effectiveBaseline !== null,
+            compatible: effectiveBaseline !== null ? effectiveMismatch === null : null,
+            mismatch: effectiveMismatch,
+            crashCount: effectiveBaseline?.crashes.length ?? null,
+            saved: options.savedBaseline
+                ? {
+                    file: ".safets-baseline.json",
+                    crashCount: options.savedBaseline.crashes.length,
+                    options: options.savedBaseline.options ?? null,
+                }
+                : null,
+        },
+        summary: {
+            total: options.crashes.length,
+            new: newCrashes.length,
+            known: knownCrashes.length,
+            byPattern: currentPatternCounts,
+            fallback: options.crashes.filter((crash) => crash.fallback).length,
+        },
+        debt,
+        crashes: options.crashes.map((crash) => ({
+            file: toProjectRelativePath(options.root, crash.file),
+            line: crash.line,
+            col: crash.col,
+            expr: crash.expr,
+            rootExpr: crash.rootExpr,
+            type: crash.type,
+            pattern: crash.pattern,
+            confidence: crash.confidence,
+            fallback: crash.fallback ?? false,
+            status: comparableBaseline
+                ? isNew(crash, comparableBaseline)
+                    ? "new"
+                    : "known"
+                : "current",
+            crashPath: crash.crashPath,
+            suggestions: makeFixSuggestions(crash),
+        })),
+    };
+}
+export function printJsonReport(options) {
+    console.log(JSON.stringify(buildJsonReport(options), null, 2));
+}

package/dist/utils/ast.d.ts

@@ -0,0 +1,11 @@
+import ts from "typescript";
+export declare function isNullable(type: ts.Type): boolean;
+export declare function isInsideTryCatch(node: ts.Node): boolean;
+export declare function pos(sf: ts.SourceFile, node: ts.Node): {
+    line: number;
+    col: number;
+};
+export declare function getChainRoot(expr: ts.Expression): ts.Expression;
+export declare function isSubChainDuplicate(node: ts.PropertyAccessExpression, checker: ts.TypeChecker): boolean;
+export declare function isOptionalAccess(node: ts.PropertyAccessExpression): boolean;
+export declare function hasNonNullAssertion(node: ts.PropertyAccessExpression): boolean;