@scantrix/cli 1.0.0

package/dist/scoring.js

@@ -0,0 +1,206 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.severityScore = severityScore;
+exports.computeFinalSeverity = computeFinalSeverity;
+exports.applyEscalation = applyEscalation;
+exports.isTestScoped = isTestScoped;
+exports.riskPointsToHealthScore = riskPointsToHealthScore;
+exports.gradeFromHealthScore = gradeFromHealthScore;
+exports.calculateRiskScore = calculateRiskScore;
+function severityScore(sev) {
+    return sev === "high" ? 3 : sev === "medium" ? 2 : 1;
+}
+/**
+ * Determine whether a finding's severity should be escalated based on
+ * how widespread the pattern is across the test suite.
+ *
+ * Pure function — no side-effects.
+ */
+function computeFinalSeverity(baseSeverity, occurrences, totalTestFiles) {
+    if (baseSeverity === "high") {
+        return { finalSeverity: "high", prevalence: totalTestFiles > 0 ? occurrences / totalTestFiles : null, reason: "already high" };
+    }
+    if (totalTestFiles <= 0) {
+        return { finalSeverity: baseSeverity, prevalence: null, reason: "unknown prevalence" };
+    }
+    const prevalence = occurrences / totalTestFiles;
+    if (baseSeverity === "medium") {
+        if (prevalence >= 0.25) {
+            return { finalSeverity: "high", prevalence, reason: `prevalence ${(prevalence * 100).toFixed(1)}% >= 25% threshold` };
+        }
+        if (occurrences >= 200) {
+            return { finalSeverity: "high", prevalence, reason: `${occurrences} occurrences >= 200 absolute threshold` };
+        }
+        if (prevalence >= 0.10 && occurrences >= 75) {
+            return { finalSeverity: "high", prevalence, reason: `prevalence ${(prevalence * 100).toFixed(1)}% >= 10% and ${occurrences} occurrences >= 75 (compound threshold)` };
+        }
+        return { finalSeverity: "medium", prevalence, reason: "below escalation thresholds" };
+    }
+    // baseSeverity === "low"
+    if (prevalence >= 0.25) {
+        return { finalSeverity: "medium", prevalence, reason: `prevalence ${(prevalence * 100).toFixed(1)}% >= 25% threshold` };
+    }
+    if (occurrences >= 200) {
+        return { finalSeverity: "medium", prevalence, reason: `${occurrences} occurrences >= 200 absolute threshold` };
+    }
+    return { finalSeverity: "low", prevalence, reason: "below escalation thresholds" };
+}
+/**
+ * Post-scan escalation pass: promote finding severity when a pattern is
+ * widespread across the test suite ("blast radius").
+ *
+ * Returns a new array. Non-escalated findings are returned by reference
+ * (no copy). Escalated findings get `baseSeverity` and `escalationReason` set.
+ * The original array is never mutated.
+ */
+function applyEscalation(findings, effectiveTestFiles) {
+    return findings.map((f) => {
+        const occurrences = f.totalOccurrences ?? f.evidence.length;
+        const result = computeFinalSeverity(f.severity, occurrences, effectiveTestFiles);
+        if (result.finalSeverity === f.severity) {
+            return f; // no escalation — return by reference
+        }
+        return {
+            ...f,
+            baseSeverity: f.severity,
+            severity: result.finalSeverity,
+            escalationReason: result.reason,
+        };
+    });
+}
+/**
+ * Finding prefixes that are tied to test files.
+ * Used by reports and downstream consumers to classify findings.
+ */
+const TEST_SCOPED_PREFIXES = [
+    "PW-FLAKE-",
+    "PW-STABILITY-",
+    "PW-LOC-",
+    "PW-PERF-",
+    "PW-DEPREC-",
+    "CY-",
+    "SE-",
+    "DEP-",
+];
+function isTestScoped(findingId) {
+    return TEST_SCOPED_PREFIXES.some((p) => findingId.startsWith(p));
+}
+/**
+ * Convert raw risk points (unbounded, higher = worse) to a 0–100 health score
+ * (higher = better) using exponential decay.
+ *
+ * Examples:
+ *   0 risk points → 100 (perfect)
+ *   50 risk points → 78
+ *   100 risk points → 61
+ *   200 risk points → 37
+ *   300 risk points → 22
+ *   400 risk points → 14
+ */
+function riskPointsToHealthScore(riskPoints) {
+    return Math.round(100 * Math.exp(-riskPoints / 200));
+}
+/**
+ * Map a 0–100 health score to a letter grade and human-readable level.
+ * Higher score = better grade.
+ *
+ * Default thresholds: A (≥80), B (≥60), C (≥40), D (≥30), F (<30)
+ */
+function gradeFromHealthScore(score, thresholds) {
+    const t = thresholds ?? { gradeA: 80, gradeB: 60, gradeC: 40 };
+    if (score >= t.gradeA)
+        return { grade: "A", level: "Excellent", description: "Well-structured framework with strong practices" };
+    if (score >= t.gradeB)
+        return { grade: "B", level: "Good", description: "Solid foundation with room for improvement" };
+    if (score >= t.gradeC)
+        return { grade: "C", level: "Fair", description: "Multiple areas need attention" };
+    if (score >= 30)
+        return { grade: "D", level: "Poor", description: "Significant issues affecting reliability" };
+    return { grade: "F", level: "Critical", description: "Widespread issues requiring immediate action" };
+}
+/**
+ * Calculate the risk score and grade from a set of findings.
+ *
+ * This is the **single source of truth** for scoring — used by the CLI report
+ * and all result output.  Any change to the formula must happen here so all
+ * consumers stay in sync.
+ *
+ * ## Density normalization
+ *
+ * When `inventory` is provided, the decay constant (lambda) is scaled by suite
+ * size so that larger test suites are evaluated more leniently.  The rationale:
+ * 24 findings scattered across 981 test files is a healthier codebase than 18
+ * findings concentrated in 105 test files.
+ *
+ * The density factor scales the decay constant (λ = 200 × factor), meaning
+ * the same raw risk points produce a higher health score for larger suites.
+ * Factor is clamped to [1.0, 4.0] — small suites see no penalty, and the
+ * maximum benefit caps at 4.0× to prevent extremely large suites from
+ * masking real problems.
+ *
+ * Returns a 0–100 health score (higher = better) in the `riskScore` field.
+ */
+function calculateRiskScore(findings, inventory) {
+    // Weight findings by type and severity
+    const INSIGHT_MULTIPLIER = 1.5; // Correlated findings are higher signal
+    const CI_MULTIPLIER = 1.3; // CI issues affect entire pipeline
+    const ARCH_MULTIPLIER = 1.2; // Architecture issues compound over time
+    let riskPoints = 0;
+    for (const f of findings) {
+        const basePoints = severityScore(f.severity);
+        // Occurrence multiplier: N^0.6 power curve.
+        // Provides meaningful sensitivity across the full range — fixing 58 of 170
+        // occurrences produces a visible score improvement, unlike log₂ which
+        // compresses too aggressively at high counts.
+        // Uses totalOccurrences (true count) when available, since evidence arrays
+        // are capped for report brevity (typically 10-25 items).
+        //
+        //   1 occurrence → 1.00    25 occurrences → 6.90
+        //   5 occurrences → 2.63   50 occurrences → 10.46
+        //  10 occurrences → 3.98  100 occurrences → 15.85
+        const occurrences = f.totalOccurrences ?? f.evidence.length;
+        const evidenceMultiplier = Math.pow(Math.max(occurrences, 1), 0.6);
+        let multiplier = 1;
+        if (f.findingId.startsWith("PW-INSIGHT-"))
+            multiplier = INSIGHT_MULTIPLIER;
+        else if (f.findingId.startsWith("CI-"))
+            multiplier = CI_MULTIPLIER;
+        else if (f.findingId.startsWith("ARCH-"))
+            multiplier = ARCH_MULTIPLIER;
+        riskPoints += basePoints * evidenceMultiplier * multiplier;
+    }
+    // Density normalization: scale the decay constant by suite size.
+    // Larger suites get a higher lambda, so the same risk points yield a better score.
+    //
+    // densityFactor formula:  1.0 + 0.3 × log₂(effectiveTestFiles / 50)
+    //   50 files   → 1.0  (neutral — no adjustment)
+    //   100 files  → 1.3
+    //   200 files  → 1.6
+    //   500 files  → ~2.0
+    //   1000 files → ~2.3
+    //   5000 files → ~2.9
+    //   < 50 files → 1.0  (floor — never penalize small suites)
+    //   cap at 4.0 (reached only at ~51,000 files)
+    const BASE_LAMBDA = 200;
+    let lambda = BASE_LAMBDA;
+    let densityInfo;
+    if (inventory && findings.length > 0) {
+        const effectiveTestFiles = inventory.testFiles +
+            (inventory.cypressTestFiles ?? 0) +
+            (inventory.seleniumTestFiles ?? 0);
+        if (effectiveTestFiles > 0) {
+            const findingDensity = findings.length / effectiveTestFiles;
+            const rawFactor = 1.0 + 0.3 * Math.log2(Math.max(effectiveTestFiles / 50, 1));
+            const densityFactor = Math.min(4.0, Math.max(1.0, rawFactor));
+            lambda = BASE_LAMBDA * densityFactor;
+            densityInfo = {
+                effectiveTestFiles,
+                findingDensity: Math.round(findingDensity * 1000) / 1000,
+                densityFactor: Math.round(densityFactor * 100) / 100,
+            };
+        }
+    }
+    const healthScore = Math.round(100 * Math.exp(-riskPoints / lambda));
+    const gradeInfo = gradeFromHealthScore(healthScore);
+    return { ...gradeInfo, riskScore: healthScore, densityInfo };
+}

package/dist/sinks/index.js

@@ -0,0 +1,29 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.JsonSink = void 0;
+exports.resolveSinkConfig = resolveSinkConfig;
+exports.buildSinks = buildSinks;
+const jsonSink_1 = require("./jsonSink");
+/**
+ * Resolve sink configuration from environment variables, with optional
+ * CLI-flag overrides.
+ */
+function resolveSinkConfig(overrides) {
+    return {
+        jsonPath: overrides?.jsonPath ?? process.env.SCANTRIX_JSON_PATH ?? undefined,
+    };
+}
+/**
+ * Build the ordered list of sinks from a validated {@link SinkConfig}.
+ *
+ * JSON sink is created when `jsonPath` is set.
+ */
+function buildSinks(config) {
+    const sinks = [];
+    if (config.jsonPath) {
+        sinks.push(new jsonSink_1.JsonSink(config.jsonPath));
+    }
+    return sinks;
+}
+var jsonSink_2 = require("./jsonSink");
+Object.defineProperty(exports, "JsonSink", { enumerable: true, get: function () { return jsonSink_2.JsonSink; } });

package/dist/sinks/jsonSink.js

@@ -0,0 +1,28 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.JsonSink = void 0;
+const promises_1 = __importDefault(require("fs/promises"));
+const path_1 = __importDefault(require("path"));
+/**
+ * Writes the full {@link ScanResult} as a pretty-printed JSON file.
+ *
+ * This sink is always safe to use and has no external dependencies
+ * beyond Node's built-in `fs` module.  Recommended in every
+ * environment (local & CI) as a durable artifact / fallback.
+ */
+class JsonSink {
+    filePath;
+    name = "json";
+    constructor(filePath) {
+        this.filePath = filePath;
+    }
+    async write(result) {
+        const abs = path_1.default.resolve(this.filePath);
+        await promises_1.default.mkdir(path_1.default.dirname(abs), { recursive: true });
+        await promises_1.default.writeFile(abs, JSON.stringify(result, null, 2), "utf8");
+    }
+}
+exports.JsonSink = JsonSink;

package/dist/sinks/types.js

@@ -0,0 +1,2 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });

package/docs/high-res-icon.svg

@@ -0,0 +1,26 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 30.2.1, SVG Export Plug-In . SVG Version: 9.03 Build 0)  -->
+<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"
+	 width="512" height="512" viewBox="-1 -7.5 527 527" xml:space="preserve">
+<g id="BoxInterior">
+	<g id="Lambda_00000018955945252053725280000009118050138801679498_">
+		<polyline id="LeftLeg" fill="#4F7BE3" stroke="#4F7BE3" stroke-width="0.3673" stroke-miterlimit="10" points="241.313,228.973
+			62.719,454.627 144.574,454.599 276.345,284.973 		"/>
+		<polygon fill="#4F7BE3" stroke="#4F7BE3" stroke-width="0.3673" stroke-miterlimit="10" points="200.662,202.76 228.653,253.062
+			342.316,453.453 460.935,453.453 460.935,381.12 382.252,381.12 194.649,54.57 62.719,54.412 62.719,112.57 149.396,112.57 		"/>
+
+			<polyline id="LeftLeg_00000170258041919781009300000016929244431908451753_" fill="#4F7BE3" stroke="#4F7BE3" stroke-width="0.3673" stroke-miterlimit="10" points="
+			324.334,223.188 459.624,55.345 377.745,55.376 289.658,166.627 		"/>
+	</g>
+</g>
+<g id="BoxEdges">
+	<path id="BottomRt" fill="#808080" d="M494.925,480.929V368.497h29.502l0.19,122.857c0.017,16.859,0.19,19.32-3.021,20.31
+		L376.932,512l0.03-29.695l84.485-0.073h33.478L494.925,480.929L494.925,480.929z"/>
+	<path id="BottomLeft" fill="#808080" d="M29.698,480.929V368.497H0.197l-0.19,122.857c-0.017,16.859-0.19,19.32,3.021,20.31
+		L147.691,512l-0.03-29.695l-84.485-0.073H29.698V480.929z"/>
+	<path id="TopRt" fill="#808080" d="M494.925,31.071v112.433h29.502l0.19-122.857c0.017-16.859,0.19-19.32-3.021-20.309L376.932,0
+		l0.03,29.695l84.485,0.073h33.478L494.925,31.071L494.925,31.071z"/>
+	<path id="TopLeft" fill="#808080" d="M29.698,31.071v112.433H0.197L0.007,20.646c-0.018-16.859-0.19-19.32,3.02-20.309L147.691,0
+		l-0.03,29.695l-84.485,0.073H29.698V31.071z"/>
+</g>
+</svg>

package/docs/scantrix-logo-light.svg

@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg id="Layer_1" xmlns="http://www.w3.org/2000/svg" version="1.1" viewBox="0 0 5942.2 1528">
+  <!-- Generator: Adobe Illustrator 30.2.1, SVG Export Plug-In . SVG Version: 2.1.1 Build 1)  -->
+  <defs>
+    <style>
+      .st0, .st1 {
+        fill: #808080;
+      }
+
+      .st1, .st2, .st3, .st4 {
+        stroke: #4f7be3;
+        stroke-miterlimit: 10;
+      }
+
+      .st2 {
+        fill: #808080;
+      }
+
+      .st3 {
+        stroke-width: .57px;
+      }
+
+      .st3, .st5, .st4 {
+        fill: #4f7be3;
+      }
+
+      .st4 {
+        stroke-width: 5.57px;
+      }
+    </style>
+  </defs>
+  <g id="ScantrixText">
+    <g id="scantrix-text">
+      <path id="S" class="st1" d="M1723.07,1059.71v-86.2h384.81c37.73,0,55.33-18.94,55.33-53.52v-73.29c0-34.58-17.61-53.52-55.33-53.52h-260.16c-100.66,0-139.03-56.88-139.03-140.15v-33.8c0-83.26,38.38-140.15,139.03-140.15h386.81v85.21h-385.02c-39.77,0-57.39,19.1-57.39,53.98v35.71c0,34.88,17.62,53.98,55.39,53.98h260.23c100.56,0,138.91,56.84,138.91,140.04v71.67c0,83.2-38.34,140.04-138.91,140.04h-384.66Z"/>
+      <path id="C" class="st1" d="M2419.1,1059.72c-88.5,0-122.24-56.91-122.24-140.21v-300.21c0-83.3,33.74-140.21,122.24-140.21h313.62v85.77h-294.62c-33.19,0-48.68,18.97-48.68,53.61v301.86c0,34.64,15.49,53.61,48.68,53.61h294.62v85.77h-313.62Z"/>
+      <path id="A" class="st1" d="M3240.7,1059.72l-170.04-467.27-172.93,467.27h-101.24l225.67-580.17h97.52l223.22,580.17h-97.2s-5,0-5,0h0Z"/>
+      <path id="N" class="st1" d="M3847.31,1060.17l-353.93-452.32,1,452.32h-89.43l-3.08-581.08h109.07l318.62,396.68-1-396.68h90.34v581.08h-64.6s-7,0-7,0h0Z"/>
+      <path id="T" class="st1" d="M4201.58,1060.84v-495.39h-219.3v-86.37h535.36v86.37h-213.62v495.39h-102.44Z"/>
+      <path id="R" class="st1" d="M5011.92,1062.63l-101.71-240h-228.71v240h-81.76V476.63h368.47c98.59,0,136.17,57.43,136.17,141.51v42.19c0,75.64-30.21,142.67-107.26,152.64l102.33,249.66h-87.54ZM5022.63,616.92c0-35.08-17.27-54.29-54.28-54.29h-286.85v172h286.85c37.01,0,54.28-39.21,54.28-74.29v-43.43Z"/>
+      <path id="I" class="st1" d="M5171.62,1065.54V476.63h96.85l-1.08,588.91h-95.77Z"/>
+      <g id="x-symbol">
+        <g id="x-lambda">
+          <polyline id="x-left-leg" class="st4" points="5596.03 736.18 5329.86 1075.12 5448.78 1075.18 5647.7 827.16"/>
+          <polygon class="st3" points="5532.07 696.07 5572.71 772.04 5737.75 1074.7 5909.98 1074.7 5909.98 965.45 5795.74 965.45 5523.34 472.25 5331.77 472.01 5331.77 559.85 5457.63 559.85 5532.07 696.07"/>
+        </g>
+        <polygon id="x-accent" class="st2" points="5717 736.18 5912.49 471.07 5806.7 471.06 5672.99 657.44 5717 736.18"/>
+      </g>
+    </g>
+    <path id="I1" data-name="I" class="st0" d="M2991.44,806.51l157.55.44,28.07,77.38-213.92-1.36"/>
+  </g>
+  <g id="BoxInterior">
+    <g id="box-lambda">
+      <polyline id="box-left-leg" class="st1" points="779.61 686.51 248.16 1260.19 485.62 1260.3 882.79 840.51"/>
+      <polygon class="st1" points="651.9 618.63 733.05 747.22 1062.57 1259.48 1406.46 1259.48 1406.46 1074.58 1178.35 1074.58 634.47 239.81 251.99 239.4 251.99 388.08 503.28 388.08 651.9 618.63"/>
+    </g>
+    <polygon id="box-accent" class="st5" points="1000.53 702.76 1403.17 243.06 1203.13 243.15 910.13 564.66 1000.53 702.76"/>
+  </g>
+  <g id="BoxEdges">
+    <path id="BottomRt" class="st5" d="M1512.87,1380.16v-303.12h79.8l.51,331.22c.05,45.45.51,52.09-8.17,54.76l-391.29.91.08-80.06,228.52-.2h90.55v-3.51Z"/>
+    <path id="BottomLeft" class="st5" d="M151.88,1380.16v-303.12h-79.8l-.51,331.22c-.05,45.45-.51,52.09,8.17,54.76l391.29.91-.08-80.06-228.51-.2h-90.55v-3.51Z"/>
+    <path id="TopRt" class="st5" d="M1512.87,147.41v303.12h79.8l.51-331.23c.05-45.45.51-52.09-8.17-54.75l-391.29-.91.08,80.06,228.52.2h90.55v3.51Z"/>
+    <path id="TopLeft" class="st5" d="M152.88,147.41v303.12h-79.8l-.51-331.23c-.05-45.45-.51-52.09,8.17-54.75l391.29-.91-.08,80.06-228.51.2h-90.55v3.51Z"/>
+  </g>
+</svg>

package/docs/scantrix-logo.svg

@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<svg id="Layer_1" xmlns="http://www.w3.org/2000/svg" version="1.1" viewBox="0 0 5942.2 1528">
+  <!-- Generator: Adobe Illustrator 30.2.1, SVG Export Plug-In . SVG Version: 2.1.1 Build 1)  -->
+  <defs>
+    <style>
+      .st0, .st1 {
+        fill: #e2e8f0;
+      }
+
+      .st1, .st2, .st3, .st4 {
+        stroke: #4f7be3;
+        stroke-miterlimit: 10;
+      }
+
+      .st2 {
+        fill: #d9d9d9;
+      }
+
+      .st3 {
+        stroke-width: .57px;
+      }
+
+      .st3, .st5, .st4 {
+        fill: #4f7be3;
+      }
+
+      .st4 {
+        stroke-width: 5.57px;
+      }
+    </style>
+  </defs>
+  <g id="ScantrixText">
+    <g id="scantrix-text">
+      <path id="S" class="st1" d="M1723.07,1059.71v-86.2h384.81c37.73,0,55.33-18.94,55.33-53.52v-73.29c0-34.58-17.61-53.52-55.33-53.52h-260.16c-100.66,0-139.03-56.88-139.03-140.15v-33.8c0-83.26,38.38-140.15,139.03-140.15h386.81v85.21h-385.02c-39.77,0-57.39,19.1-57.39,53.98v35.71c0,34.88,17.62,53.98,55.39,53.98h260.23c100.56,0,138.91,56.84,138.91,140.04v71.67c0,83.2-38.34,140.04-138.91,140.04h-384.66Z"/>
+      <path id="C" class="st1" d="M2419.1,1059.72c-88.5,0-122.24-56.91-122.24-140.21v-300.21c0-83.3,33.74-140.21,122.24-140.21h313.62v85.77h-294.62c-33.19,0-48.68,18.97-48.68,53.61v301.86c0,34.64,15.49,53.61,48.68,53.61h294.62v85.77h-313.62Z"/>
+      <path id="A" class="st1" d="M3240.7,1059.72l-170.04-467.27-172.93,467.27h-101.24l225.67-580.17h97.52l223.22,580.17h-97.2s-5,0-5,0h0Z"/>
+      <path id="N" class="st1" d="M3847.31,1060.17l-353.93-452.32,1,452.32h-89.43l-3.08-581.08h109.07l318.62,396.68-1-396.68h90.34v581.08h-64.6s-7,0-7,0h0Z"/>
+      <path id="T" class="st1" d="M4201.58,1060.84v-495.39h-219.3v-86.37h535.36v86.37h-213.62v495.39h-102.44Z"/>
+      <path id="R" class="st1" d="M5011.92,1062.63l-101.71-240h-228.71v240h-81.76V476.63h368.47c98.59,0,136.17,57.43,136.17,141.51v42.19c0,75.64-30.21,142.67-107.26,152.64l102.33,249.66h-87.54ZM5022.63,616.92c0-35.08-17.27-54.29-54.28-54.29h-286.85v172h286.85c37.01,0,54.28-39.21,54.28-74.29v-43.43Z"/>
+      <path id="I" class="st1" d="M5171.62,1065.54V476.63h96.85l-1.08,588.91h-95.77Z"/>
+      <g id="x-symbol">
+        <g id="x-lambda">
+          <polyline id="x-left-leg" class="st4" points="5596.03 736.18 5329.86 1075.12 5448.78 1075.18 5647.7 827.16"/>
+          <polygon class="st3" points="5532.07 696.07 5572.71 772.04 5737.75 1074.7 5909.98 1074.7 5909.98 965.45 5795.74 965.45 5523.34 472.25 5331.77 472.01 5331.77 559.85 5457.63 559.85 5532.07 696.07"/>
+        </g>
+        <polygon id="x-accent" class="st2" points="5717 736.18 5912.49 471.07 5806.7 471.06 5672.99 657.44 5717 736.18"/>
+      </g>
+    </g>
+    <path id="I1" data-name="I" class="st0" d="M2991.44,806.51l157.55.44,28.07,77.38-213.92-1.36"/>
+  </g>
+  <g id="BoxInterior">
+    <g id="box-lambda">
+      <polyline id="box-left-leg" class="st1" points="779.61 686.51 248.16 1260.19 485.62 1260.3 882.79 840.51"/>
+      <polygon class="st1" points="651.9 618.63 733.05 747.22 1062.57 1259.48 1406.46 1259.48 1406.46 1074.58 1178.35 1074.58 634.47 239.81 251.99 239.4 251.99 388.08 503.28 388.08 651.9 618.63"/>
+    </g>
+    <polygon id="box-accent" class="st5" points="1000.53 702.76 1403.17 243.06 1203.13 243.15 910.13 564.66 1000.53 702.76"/>
+  </g>
+  <g id="BoxEdges">
+    <path id="BottomRt" class="st5" d="M1512.87,1380.16v-303.12h79.8l.51,331.22c.05,45.45.51,52.09-8.17,54.76l-391.29.91.08-80.06,228.52-.2h90.55v-3.51Z"/>
+    <path id="BottomLeft" class="st5" d="M151.88,1380.16v-303.12h-79.8l-.51,331.22c-.05,45.45-.51,52.09,8.17,54.76l391.29.91-.08-80.06-228.51-.2h-90.55v-3.51Z"/>
+    <path id="TopRt" class="st5" d="M1512.87,147.41v303.12h79.8l.51-331.23c.05-45.45.51-52.09-8.17-54.75l-391.29-.91.08,80.06,228.52.2h90.55v3.51Z"/>
+    <path id="TopLeft" class="st5" d="M152.88,147.41v303.12h-79.8l-.51-331.23c-.05-45.45-.51-52.09,8.17-54.75l391.29-.91-.08,80.06-228.51.2h-90.55v3.51Z"/>
+  </g>
+</svg>

package/package.json

@@ -0,0 +1,55 @@
+{
+  "name": "@scantrix/cli",
+  "version": "1.0.0",
+  "description": "Static analysis and configuration-aware auditing engine for automation repositories",
+  "main": "dist/cli.js",
+  "bin": {
+    "scantrix": "dist/cli.js"
+  },
+  "scripts": {
+    "build": "tsc",
+    "start": "node dist/cli.js",
+    "audit": "npm run build && node dist/cli.js",
+    "scan": "npm run audit",
+    "test": "vitest run",
+    "test:watch": "vitest",
+    "generate:favicons": "ts-node scripts/generate-favicons.ts"
+  },
+  "keywords": [
+    "playwright",
+    "cypress",
+    "selenium",
+    "test-automation",
+    "static-analysis",
+    "audit",
+    "ci",
+    "quality"
+  ],
+  "author": "Scantrix",
+  "license": "MIT",
+  "engines": {
+    "node": ">=18"
+  },
+  "files": [
+    "dist/",
+    "docs/*.svg",
+    "LICENSE",
+    "README.md"
+  ],
+  "type": "commonjs",
+  "dependencies": {
+    "fast-glob": "^3.3.3",
+    "markdown-it": "^14.1.0",
+    "minimist": "^1.2.8"
+  },
+  "devDependencies": {
+    "@types/markdown-it": "^14.1.2",
+    "@types/minimist": "^1.2.5",
+    "@types/node": "^25.1.0",
+    "@types/sharp": "^0.31.1",
+    "sharp": "^0.34.5",
+    "ts-node": "^10.9.2",
+    "typescript": "^5.9.3",
+    "vitest": "^3.0.0"
+  }
+}