@shipsafe/cli 0.1.0

package/dist/src/mcp/tools/check-package.js

@@ -0,0 +1,196 @@
+// Popular packages to check for typosquatting
+const POPULAR_PACKAGES = [
+    'react',
+    'express',
+    'lodash',
+    'axios',
+    'moment',
+    'chalk',
+    'commander',
+    'next',
+    'vue',
+    'angular',
+    'webpack',
+    'typescript',
+    'zod',
+    'prisma',
+    'drizzle',
+    'hono',
+    'fastify',
+];
+// Licenses generally considered compatible with most projects
+const COMPATIBLE_LICENSES = [
+    'MIT',
+    'ISC',
+    'BSD-2-Clause',
+    'BSD-3-Clause',
+    'Apache-2.0',
+    '0BSD',
+    'Unlicense',
+    'CC0-1.0',
+    'BlueOak-1.0.0',
+];
+/**
+ * Compute Levenshtein edit distance between two strings.
+ */
+export function editDistance(a, b) {
+    const m = a.length;
+    const n = b.length;
+    // Create a 2D array for dynamic programming
+    const dp = Array.from({ length: m + 1 }, () => Array.from({ length: n + 1 }, () => 0));
+    for (let i = 0; i <= m; i++)
+        dp[i][0] = i;
+    for (let j = 0; j <= n; j++)
+        dp[0][j] = j;
+    for (let i = 1; i <= m; i++) {
+        for (let j = 1; j <= n; j++) {
+            if (a[i - 1] === b[j - 1]) {
+                dp[i][j] = dp[i - 1][j - 1];
+            }
+            else {
+                dp[i][j] = 1 + Math.min(dp[i - 1][j], dp[i][j - 1], dp[i - 1][j - 1]);
+            }
+        }
+    }
+    return dp[m][n];
+}
+/**
+ * Check if a package name looks like a typosquat of a popular package.
+ */
+export function checkTyposquat(name) {
+    for (const popular of POPULAR_PACKAGES) {
+        if (name === popular) {
+            // Exact match — not a typosquat
+            continue;
+        }
+        const distance = editDistance(name.toLowerCase(), popular.toLowerCase());
+        if (distance <= 2) {
+            return { isTyposquat: true, similarTo: popular };
+        }
+    }
+    return { isTyposquat: false };
+}
+export async function handleCheckPackage(params) {
+    const { name, version, registry = 'npm' } = params;
+    // Currently only npm is supported
+    if (registry !== 'npm') {
+        return {
+            name,
+            version: version ?? 'latest',
+            safe: false,
+            cves: [],
+            license: 'unknown',
+            license_compatible: false,
+            maintained: false,
+            last_publish: 'unknown',
+            typosquat_warning: false,
+            recommendation: `Registry "${registry}" is not yet supported. Only npm is currently available.`,
+        };
+    }
+    // Check typosquatting first (doesn't need network)
+    const typosquatCheck = checkTyposquat(name);
+    // Fetch package info from npm registry
+    let npmData;
+    try {
+        const registryUrl = `https://registry.npmjs.org/${encodeURIComponent(name)}`;
+        const response = await fetch(registryUrl);
+        if (!response.ok) {
+            if (response.status === 404) {
+                return {
+                    name,
+                    version: version ?? 'latest',
+                    safe: false,
+                    cves: [],
+                    license: 'unknown',
+                    license_compatible: false,
+                    maintained: false,
+                    last_publish: 'unknown',
+                    typosquat_warning: typosquatCheck.isTyposquat,
+                    recommendation: `Package "${name}" not found on npm registry.${typosquatCheck.isTyposquat
+                        ? ` WARNING: This name is similar to "${typosquatCheck.similarTo}" — possible typosquat.`
+                        : ''}`,
+                };
+            }
+            return {
+                name,
+                version: version ?? 'latest',
+                safe: false,
+                cves: [],
+                license: 'unknown',
+                license_compatible: false,
+                maintained: false,
+                last_publish: 'unknown',
+                typosquat_warning: typosquatCheck.isTyposquat,
+                recommendation: `Failed to fetch package info: HTTP ${response.status}`,
+            };
+        }
+        npmData = (await response.json());
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        return {
+            name,
+            version: version ?? 'latest',
+            safe: false,
+            cves: [],
+            license: 'unknown',
+            license_compatible: false,
+            maintained: false,
+            last_publish: 'unknown',
+            typosquat_warning: typosquatCheck.isTyposquat,
+            recommendation: `Failed to fetch package info: ${message}`,
+        };
+    }
+    // Determine version
+    const resolvedVersion = version ?? npmData['dist-tags']?.latest ?? 'unknown';
+    // Check license
+    const license = npmData.license ?? 'unknown';
+    const licenseCompatible = COMPATIBLE_LICENSES.includes(license);
+    // Check maintenance — last publish date
+    const timeEntries = npmData.time ?? {};
+    const modified = timeEntries.modified ?? timeEntries[resolvedVersion];
+    const lastPublish = modified ?? 'unknown';
+    let maintained = true;
+    if (lastPublish !== 'unknown') {
+        const lastPublishDate = new Date(lastPublish);
+        const twoYearsAgo = new Date();
+        twoYearsAgo.setFullYear(twoYearsAgo.getFullYear() - 2);
+        maintained = lastPublishDate > twoYearsAgo;
+    }
+    // Check if the resolved version is deprecated
+    const isDeprecated = !!(npmData.versions?.[resolvedVersion]?.deprecated);
+    // Build recommendation
+    const warnings = [];
+    if (typosquatCheck.isTyposquat) {
+        warnings.push(`TYPOSQUAT WARNING: "${name}" is similar to "${typosquatCheck.similarTo}". Verify this is the intended package.`);
+    }
+    if (!maintained) {
+        warnings.push('Package has not been updated in over 2 years.');
+    }
+    if (!licenseCompatible) {
+        warnings.push(`License "${license}" may not be compatible with your project.`);
+    }
+    if (isDeprecated) {
+        warnings.push('This version is deprecated.');
+    }
+    const safe = !typosquatCheck.isTyposquat &&
+        maintained &&
+        licenseCompatible &&
+        !isDeprecated;
+    const recommendation = warnings.length === 0
+        ? `Package "${name}@${resolvedVersion}" appears safe to install.`
+        : warnings.join(' ');
+    return {
+        name,
+        version: resolvedVersion,
+        safe,
+        cves: [], // CVE checking will be expanded in future phases
+        license,
+        license_compatible: licenseCompatible,
+        maintained,
+        last_publish: lastPublish,
+        typosquat_warning: typosquatCheck.isTyposquat,
+        recommendation,
+    };
+}
+//# sourceMappingURL=check-package.js.map

package/dist/src/mcp/tools/check-package.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"check-package.js","sourceRoot":"","sources":["../../../../src/mcp/tools/check-package.ts"],"names":[],"mappings":"AAmBA,8CAA8C;AAC9C,MAAM,gBAAgB,GAAG;IACvB,OAAO;IACP,SAAS;IACT,QAAQ;IACR,OAAO;IACP,QAAQ;IACR,OAAO;IACP,WAAW;IACX,MAAM;IACN,KAAK;IACL,SAAS;IACT,SAAS;IACT,YAAY;IACZ,KAAK;IACL,QAAQ;IACR,SAAS;IACT,MAAM;IACN,SAAS;CACV,CAAC;AAEF,8DAA8D;AAC9D,MAAM,mBAAmB,GAAG;IAC1B,KAAK;IACL,KAAK;IACL,cAAc;IACd,cAAc;IACd,YAAY;IACZ,MAAM;IACN,WAAW;IACX,SAAS;IACT,eAAe;CAChB,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,CAAS,EAAE,CAAS;IAC/C,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;IACnB,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC;IAEnB,4CAA4C;IAC5C,MAAM,EAAE,GAAe,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,CACxD,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,CACvC,CAAC;IAEF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE;QAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAC1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE;QAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IAE1C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5B,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;gBAC1B,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC9B,CAAC;iBAAM,CAAC;gBACN,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YACxE,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,IAAY;IACzC,KAAK,MAAM,OAAO,IAAI,gBAAgB,EAAE,CAAC;QACvC,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC;YACrB,gCAAgC;YAChC,SAAS;QACX,CAAC;QACD,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC;QACzE,IAAI,QAAQ,IAAI,CAAC,EAAE,CAAC;YAClB,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC;QACnD,CAAC;IACH,CAAC;IACD,OAAO,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;AAChC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,MAA0B;IAE1B,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,GAAG,KAAK,EAAE,GAAG,MAAM,CAAC;IAEnD,kCAAkC;IAClC,IAAI,QAAQ,KAAK,KAAK,EAAE,CAAC;QACvB,OAAO;YACL,IAAI;YACJ,OAAO,EAAE,OAAO,IAAI,QAAQ;YAC5B,IAAI,EAAE,KAAK;YACX,IAAI,EAAE,EAAE;YACR,OAAO,EAAE,SAAS;YAClB,kBAAkB,EAAE,KAAK;YACzB,UAAU,EAAE,KAAK;YACjB,YAAY,EAAE,SAAS;YACvB,iBAAiB,EAAE,KAAK;YACxB,cAAc,EAAE,aAAa,QAAQ,0DAA0D;SAChG,CAAC;IACJ,CAAC;IAED,mDAAmD;IACnD,MAAM,cAAc,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;IAE5C,uCAAuC;IACvC,IAAI,OAMH,CAAC;IAEF,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,8BAA8B,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7E,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,WAAW,CAAC,CAAC;QAE1C,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC5B,OAAO;oBACL,IAAI;oBACJ,OAAO,EAAE,OAAO,IAAI,QAAQ;oBAC5B,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,EAAE;oBACR,OAAO,EAAE,SAAS;oBAClB,kBAAkB,EAAE,KAAK;oBACzB,UAAU,EAAE,KAAK;oBACjB,YAAY,EAAE,SAAS;oBACvB,iBAAiB,EAAE,cAAc,CAAC,WAAW;oBAC7C,cAAc,EAAE,YAAY,IAAI,+BAC9B,cAAc,CAAC,WAAW;wBACxB,CAAC,CAAC,sCAAsC,cAAc,CAAC,SAAS,yBAAyB;wBACzF,CAAC,CAAC,EACN,EAAE;iBACH,CAAC;YACJ,CAAC;YACD,OAAO;gBACL,IAAI;gBACJ,OAAO,EAAE,OAAO,IAAI,QAAQ;gBAC5B,IAAI,EAAE,KAAK;gBACX,IAAI,EAAE,EAAE;gBACR,OAAO,EAAE,SAAS;gBAClB,kBAAkB,EAAE,KAAK;gBACzB,UAAU,EAAE,KAAK;gBACjB,YAAY,EAAE,SAAS;gBACvB,iBAAiB,EAAE,cAAc,CAAC,WAAW;gBAC7C,cAAc,EAAE,sCAAsC,QAAQ,CAAC,MAAM,EAAE;aACxE,CAAC;QACJ,CAAC;QAED,OAAO,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAmB,CAAC;IACtD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,OAAO;YACL,IAAI;YACJ,OAAO,EAAE,OAAO,IAAI,QAAQ;YAC5B,IAAI,EAAE,KAAK;YACX,IAAI,EAAE,EAAE;YACR,OAAO,EAAE,SAAS;YAClB,kBAAkB,EAAE,KAAK;YACzB,UAAU,EAAE,KAAK;YACjB,YAAY,EAAE,SAAS;YACvB,iBAAiB,EAAE,cAAc,CAAC,WAAW;YAC7C,cAAc,EAAE,iCAAiC,OAAO,EAAE;SAC3D,CAAC;IACJ,CAAC;IAED,oBAAoB;IACpB,MAAM,eAAe,GAAG,OAAO,IAAI,OAAO,CAAC,WAAW,CAAC,EAAE,MAAM,IAAI,SAAS,CAAC;IAE7E,gBAAgB;IAChB,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,SAAS,CAAC;IAC7C,MAAM,iBAAiB,GAAG,mBAAmB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IAEhE,wCAAwC;IACxC,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC;IACvC,MAAM,QAAQ,GAAG,WAAW,CAAC,QAAQ,IAAI,WAAW,CAAC,eAAe,CAAC,CAAC;IACtE,MAAM,WAAW,GAAG,QAAQ,IAAI,SAAS,CAAC;IAE1C,IAAI,UAAU,GAAG,IAAI,CAAC;IACtB,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;QAC9B,MAAM,eAAe,GAAG,IAAI,IAAI,CAAC,WAAW,CAAC,CAAC;QAC9C,MAAM,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC;QAC/B,WAAW,CAAC,WAAW,CAAC,WAAW,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,CAAC;QACvD,UAAU,GAAG,eAAe,GAAG,WAAW,CAAC;IAC7C,CAAC;IAED,8CAA8C;IAC9C,MAAM,YAAY,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,eAAe,CAAC,EAAE,UAAU,CAAC,CAAC;IAEzE,uBAAuB;IACvB,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,IAAI,cAAc,CAAC,WAAW,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CACX,uBAAuB,IAAI,oBAAoB,cAAc,CAAC,SAAS,yCAAyC,CACjH,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,QAAQ,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAC;IACjE,CAAC;IACD,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvB,QAAQ,CAAC,IAAI,CAAC,YAAY,OAAO,4CAA4C,CAAC,CAAC;IACjF,CAAC;IACD,IAAI,YAAY,EAAE,CAAC;QACjB,QAAQ,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;IAC/C,CAAC;IAED,MAAM,IAAI,GACR,CAAC,cAAc,CAAC,WAAW;QAC3B,UAAU;QACV,iBAAiB;QACjB,CAAC,YAAY,CAAC;IAEhB,MAAM,cAAc,GAClB,QAAQ,CAAC,MAAM,KAAK,CAAC;QACnB,CAAC,CAAC,YAAY,IAAI,IAAI,eAAe,4BAA4B;QACjE,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAEzB,OAAO;QACL,IAAI;QACJ,OAAO,EAAE,eAAe;QACxB,IAAI;QACJ,IAAI,EAAE,EAAE,EAAE,iDAAiD;QAC3D,OAAO;QACP,kBAAkB,EAAE,iBAAiB;QACrC,UAAU;QACV,YAAY,EAAE,WAAW;QACzB,iBAAiB,EAAE,cAAc,CAAC,WAAW;QAC7C,cAAc;KACf,CAAC;AACJ,CAAC"}

package/dist/src/mcp/tools/fix.d.ts

@@ -0,0 +1,41 @@
+export interface FixParams {
+    finding_id: string;
+    strategy?: 'suggested' | 'custom';
+}
+export interface FixResult {
+    status: 'fixed' | 'suggestion_only';
+    files_modified: string[];
+    description: string;
+}
+declare let lastScanFindings: Array<{
+    id: string;
+    type: string;
+    file: string;
+    line: number;
+    description: string;
+    fix_suggestion: string;
+    auto_fixable: boolean;
+}>;
+/**
+ * Store findings from the most recent scan for lookup by the fix tool.
+ */
+export declare function cacheFindings(findings: Array<{
+    id: string;
+    type: string;
+    file: string;
+    line: number;
+    description: string;
+    fix_suggestion: string;
+    auto_fixable: boolean;
+}>): void;
+/**
+ * Clear the findings cache (useful for tests).
+ */
+export declare function clearFindingsCache(): void;
+/**
+ * Get cached findings (useful for tests).
+ */
+export declare function getCachedFindings(): typeof lastScanFindings;
+export declare function handleFix(params: FixParams): Promise<FixResult>;
+export {};
+//# sourceMappingURL=fix.d.ts.map

package/dist/src/mcp/tools/fix.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fix.d.ts","sourceRoot":"","sources":["../../../../src/mcp/tools/fix.ts"],"names":[],"mappings":"AAKA,MAAM,WAAW,SAAS;IACxB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,CAAC,EAAE,WAAW,GAAG,QAAQ,CAAC;CACnC;AAED,MAAM,WAAW,SAAS;IACxB,MAAM,EAAE,OAAO,GAAG,iBAAiB,CAAC;IACpC,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;CACrB;AAGD,QAAA,IAAI,gBAAgB,EAAE,KAAK,CAAC;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,OAAO,CAAC;CACvB,CAAM,CAAC;AAER;;GAEG;AACH,wBAAgB,aAAa,CAC3B,QAAQ,EAAE,KAAK,CAAC;IACd,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,OAAO,CAAC;CACvB,CAAC,GACD,IAAI,CAEN;AAED;;GAEG;AACH,wBAAgB,kBAAkB,IAAI,IAAI,CAEzC;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAI,OAAO,gBAAgB,CAE3D;AAED,wBAAsB,SAAS,CAAC,MAAM,EAAE,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC,CA4ErE"}

package/dist/src/mcp/tools/fix.js

@@ -0,0 +1,98 @@
+import { fixHardcodedSecret } from '../../autofix/secret-fixer.js';
+import { generateFix } from '../../autofix/pr-generator.js';
+import * as fs from 'node:fs/promises';
+import * as path from 'node:path';
+// In-memory cache of findings from the last scan
+let lastScanFindings = [];
+/**
+ * Store findings from the most recent scan for lookup by the fix tool.
+ */
+export function cacheFindings(findings) {
+    lastScanFindings = [...findings];
+}
+/**
+ * Clear the findings cache (useful for tests).
+ */
+export function clearFindingsCache() {
+    lastScanFindings = [];
+}
+/**
+ * Get cached findings (useful for tests).
+ */
+export function getCachedFindings() {
+    return lastScanFindings;
+}
+export async function handleFix(params) {
+    const { finding_id, strategy = 'suggested' } = params;
+    // Look up the finding
+    const finding = lastScanFindings.find((f) => f.id === finding_id);
+    if (!finding) {
+        return {
+            status: 'suggestion_only',
+            files_modified: [],
+            description: `Finding ${finding_id} not found in last scan results. Run shipsafe_scan first.`,
+        };
+    }
+    // For hardcoded secrets with suggested strategy, use the autofix secret-fixer
+    if (strategy === 'suggested' && finding.type === 'hardcoded-secret') {
+        try {
+            const result = await fixHardcodedSecret({
+                id: finding.id,
+                engine: 'pattern',
+                severity: 'high',
+                type: finding.type,
+                file: finding.file,
+                line: finding.line,
+                description: finding.description,
+                fix_suggestion: finding.fix_suggestion,
+                auto_fixable: finding.auto_fixable,
+            });
+            return {
+                status: 'fixed',
+                files_modified: result.filesModified,
+                description: `Moved hardcoded secret to .env as ${result.envVarName} and replaced with process.env.${result.envVarName}`,
+            };
+        }
+        catch (err) {
+            const message = err instanceof Error ? err.message : String(err);
+            return {
+                status: 'suggestion_only',
+                files_modified: [],
+                description: `Auto-fix failed: ${message}. Apply fix manually: move secret to .env and use process.env reference.`,
+            };
+        }
+    }
+    // For other auto-fixable findings, try the generateFix engine
+    if (strategy === 'suggested' && finding.auto_fixable) {
+        try {
+            const filePath = path.resolve(process.cwd(), finding.file);
+            const content = await fs.readFile(filePath, 'utf-8');
+            const error = {
+                id: finding.id,
+                message: finding.description,
+                severity: 'high',
+                file: finding.file,
+                line: finding.line,
+            };
+            const patch = generateFix(error, content);
+            if (patch) {
+                await fs.writeFile(filePath, patch.fixed, 'utf-8');
+                return {
+                    status: 'fixed',
+                    files_modified: [finding.file],
+                    description: patch.description,
+                };
+            }
+        }
+        catch {
+            // Fall through to suggestion_only
+        }
+    }
+    // For all other findings, return the suggestion for manual implementation
+    return {
+        status: 'suggestion_only',
+        files_modified: [],
+        description: finding.fix_suggestion,
+    };
+}
+//# sourceMappingURL=fix.js.map

package/dist/src/mcp/tools/fix.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"fix.js","sourceRoot":"","sources":["../../../../src/mcp/tools/fix.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AACnE,OAAO,EAAE,WAAW,EAAuB,MAAM,+BAA+B,CAAC;AACjF,OAAO,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACvC,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAalC,iDAAiD;AACjD,IAAI,gBAAgB,GAQf,EAAE,CAAC;AAER;;GAEG;AACH,MAAM,UAAU,aAAa,CAC3B,QAQE;IAEF,gBAAgB,GAAG,CAAC,GAAG,QAAQ,CAAC,CAAC;AACnC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB;IAChC,gBAAgB,GAAG,EAAE,CAAC;AACxB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB;IAC/B,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,MAAiB;IAC/C,MAAM,EAAE,UAAU,EAAE,QAAQ,GAAG,WAAW,EAAE,GAAG,MAAM,CAAC;IAEtD,sBAAsB;IACtB,MAAM,OAAO,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,UAAU,CAAC,CAAC;IAClE,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO;YACL,MAAM,EAAE,iBAAiB;YACzB,cAAc,EAAE,EAAE;YAClB,WAAW,EAAE,WAAW,UAAU,2DAA2D;SAC9F,CAAC;IACJ,CAAC;IAED,8EAA8E;IAC9E,IAAI,QAAQ,KAAK,WAAW,IAAI,OAAO,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;QACpE,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC;gBACtC,EAAE,EAAE,OAAO,CAAC,EAAE;gBACd,MAAM,EAAE,SAAS;gBACjB,QAAQ,EAAE,MAAM;gBAChB,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,cAAc,EAAE,OAAO,CAAC,cAAc;gBACtC,YAAY,EAAE,OAAO,CAAC,YAAY;aACnC,CAAC,CAAC;YACH,OAAO;gBACL,MAAM,EAAE,OAAO;gBACf,cAAc,EAAE,MAAM,CAAC,aAAa;gBACpC,WAAW,EAAE,qCAAqC,MAAM,CAAC,UAAU,kCAAkC,MAAM,CAAC,UAAU,EAAE;aACzH,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACjE,OAAO;gBACL,MAAM,EAAE,iBAAiB;gBACzB,cAAc,EAAE,EAAE;gBAClB,WAAW,EAAE,oBAAoB,OAAO,0EAA0E;aACnH,CAAC;QACJ,CAAC;IACH,CAAC;IAED,8DAA8D;IAC9D,IAAI,QAAQ,KAAK,WAAW,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;QACrD,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;YAC3D,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAErD,MAAM,KAAK,GAAmB;gBAC5B,EAAE,EAAE,OAAO,CAAC,EAAE;gBACd,OAAO,EAAE,OAAO,CAAC,WAAW;gBAC5B,QAAQ,EAAE,MAAM;gBAChB,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,IAAI,EAAE,OAAO,CAAC,IAAI;aACnB,CAAC;YAEF,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;YAC1C,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,KAAK,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBACnD,OAAO;oBACL,MAAM,EAAE,OAAO;oBACf,cAAc,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;oBAC9B,WAAW,EAAE,KAAK,CAAC,WAAW;iBAC/B,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,kCAAkC;QACpC,CAAC;IACH,CAAC;IAED,0EAA0E;IAC1E,OAAO;QACL,MAAM,EAAE,iBAAiB;QACzB,cAAc,EAAE,EAAE;QAClB,WAAW,EAAE,OAAO,CAAC,cAAc;KACpC,CAAC;AACJ,CAAC"}

package/dist/src/mcp/tools/graph-query.d.ts

@@ -0,0 +1,7 @@
+export interface GraphQueryParams {
+    query_type: 'callers' | 'callees' | 'data_flow' | 'attack_paths' | 'blast_radius' | 'auth_chain';
+    target?: string;
+    depth?: number;
+}
+export declare function handleGraphQuery(params: GraphQueryParams): Promise<object>;
+//# sourceMappingURL=graph-query.d.ts.map

package/dist/src/mcp/tools/graph-query.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"graph-query.d.ts","sourceRoot":"","sources":["../../../../src/mcp/tools/graph-query.ts"],"names":[],"mappings":"AAcA,MAAM,WAAW,gBAAgB;IAC/B,UAAU,EAAE,SAAS,GAAG,SAAS,GAAG,WAAW,GAAG,cAAc,GAAG,cAAc,GAAG,YAAY,CAAC;IACjG,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAID,wBAAsB,gBAAgB,CAAC,MAAM,EAAE,gBAAgB,GAAG,OAAO,CAAC,MAAM,CAAC,CA0IhF"}

package/dist/src/mcp/tools/graph-query.js

@@ -0,0 +1,139 @@
+import os from 'node:os';
+import path from 'node:path';
+import { rm, mkdir } from 'node:fs/promises';
+import { randomUUID } from 'node:crypto';
+import { initParser, parseProject } from '../../engines/graph/parser.js';
+import { createGraphStore } from '../../engines/graph/store.js';
+import { findAttackPaths, findBlastRadius, findMissingAuth, } from '../../engines/graph/queries.js';
+// ── Handler ──
+export async function handleGraphQuery(params) {
+    const { query_type, target, depth } = params;
+    const projectDir = process.cwd();
+    // Initialize parser
+    await initParser();
+    // Parse the project
+    const parsedFiles = await parseProject(projectDir);
+    // Create a temporary graph store
+    const tmpDir = path.join(os.tmpdir(), `shipsafe-graph-query-${randomUUID()}`);
+    await mkdir(tmpDir, { recursive: true });
+    const store = await createGraphStore(tmpDir);
+    try {
+        // Build the graph
+        await store.buildGraph(parsedFiles);
+        switch (query_type) {
+            case 'callers': {
+                if (!target) {
+                    return { error: 'target is required for callers query' };
+                }
+                const callers = await store.getCallers(target, depth ?? 3);
+                return {
+                    query_type,
+                    target,
+                    depth: depth ?? 3,
+                    results: callers.map((fn) => ({
+                        name: fn.name,
+                        filePath: fn.filePath,
+                        startLine: fn.startLine,
+                        endLine: fn.endLine,
+                        isAsync: fn.isAsync,
+                        isExported: fn.isExported,
+                        className: fn.className || undefined,
+                    })),
+                };
+            }
+            case 'callees': {
+                if (!target) {
+                    return { error: 'target is required for callees query' };
+                }
+                const callees = await store.getCallees(target, depth ?? 3);
+                return {
+                    query_type,
+                    target,
+                    depth: depth ?? 3,
+                    results: callees.map((fn) => ({
+                        name: fn.name,
+                        filePath: fn.filePath,
+                        startLine: fn.startLine,
+                        endLine: fn.endLine,
+                        isAsync: fn.isAsync,
+                        isExported: fn.isExported,
+                        className: fn.className || undefined,
+                    })),
+                };
+            }
+            case 'data_flow': {
+                if (!target) {
+                    return { error: 'target is required for data_flow query' };
+                }
+                // data_flow combines callers + callees for a complete picture
+                const dfCallers = await store.getCallers(target, depth ?? 5);
+                const dfCallees = await store.getCallees(target, depth ?? 5);
+                return {
+                    query_type,
+                    target,
+                    depth: depth ?? 5,
+                    callers: dfCallers.map((fn) => ({
+                        name: fn.name,
+                        filePath: fn.filePath,
+                        startLine: fn.startLine,
+                    })),
+                    callees: dfCallees.map((fn) => ({
+                        name: fn.name,
+                        filePath: fn.filePath,
+                        startLine: fn.startLine,
+                    })),
+                };
+            }
+            case 'attack_paths': {
+                const attackPaths = await findAttackPaths(store);
+                return {
+                    query_type,
+                    results: attackPaths.map((ap) => ({
+                        entryPoint: ap.entryPoint,
+                        sink: ap.sink,
+                        path: ap.path,
+                        hasValidation: ap.hasValidation,
+                    })),
+                    total: attackPaths.length,
+                };
+            }
+            case 'blast_radius': {
+                if (!target) {
+                    return { error: 'target is required for blast_radius query' };
+                }
+                const br = await findBlastRadius(store, target);
+                return {
+                    query_type,
+                    target,
+                    affectedFunctions: br.affectedFunctions,
+                    affectedEndpoints: br.affectedEndpoints,
+                    totalAffected: br.totalAffected,
+                };
+            }
+            case 'auth_chain': {
+                const missingAuth = await findMissingAuth(store);
+                return {
+                    query_type,
+                    results: missingAuth.map((ma) => ({
+                        endpoint: ma.endpoint,
+                        reason: ma.reason,
+                    })),
+                    total: missingAuth.length,
+                };
+            }
+            default:
+                return { error: `Unknown query_type: ${query_type}` };
+        }
+    }
+    finally {
+        // Clean up
+        await store.close();
+        try {
+            await rm(tmpDir, { recursive: true, force: true });
+        }
+        catch {
+            // Best-effort cleanup
+        }
+    }
+}
+//# sourceMappingURL=graph-query.js.map

package/dist/src/mcp/tools/graph-query.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"graph-query.js","sourceRoot":"","sources":["../../../../src/mcp/tools/graph-query.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,+BAA+B,CAAC;AACzE,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EACL,eAAe,EACf,eAAe,EACf,eAAe,GAChB,MAAM,gCAAgC,CAAC;AAUxC,gBAAgB;AAEhB,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,MAAwB;IAC7D,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,KAAK,EAAE,GAAG,MAAM,CAAC;IAC7C,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAEjC,oBAAoB;IACpB,MAAM,UAAU,EAAE,CAAC;IAEnB,oBAAoB;IACpB,MAAM,WAAW,GAAG,MAAM,YAAY,CAAC,UAAU,CAAC,CAAC;IAEnD,iCAAiC;IACjC,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,wBAAwB,UAAU,EAAE,EAAE,CAAC,CAAC;IAC9E,MAAM,KAAK,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACzC,MAAM,KAAK,GAAG,MAAM,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAE7C,IAAI,CAAC;QACH,kBAAkB;QAClB,MAAM,KAAK,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QAEpC,QAAQ,UAAU,EAAE,CAAC;YACnB,KAAK,SAAS,CAAC,CAAC,CAAC;gBACf,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,OAAO,EAAE,KAAK,EAAE,sCAAsC,EAAE,CAAC;gBAC3D,CAAC;gBACD,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,UAAU,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,CAAC,CAAC;gBAC3D,OAAO;oBACL,UAAU;oBACV,MAAM;oBACN,KAAK,EAAE,KAAK,IAAI,CAAC;oBACjB,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;wBAC5B,IAAI,EAAE,EAAE,CAAC,IAAI;wBACb,QAAQ,EAAE,EAAE,CAAC,QAAQ;wBACrB,SAAS,EAAE,EAAE,CAAC,SAAS;wBACvB,OAAO,EAAE,EAAE,CAAC,OAAO;wBACnB,OAAO,EAAE,EAAE,CAAC,OAAO;wBACnB,UAAU,EAAE,EAAE,CAAC,UAAU;wBACzB,SAAS,EAAE,EAAE,CAAC,SAAS,IAAI,SAAS;qBACrC,CAAC,CAAC;iBACJ,CAAC;YACJ,CAAC;YAED,KAAK,SAAS,CAAC,CAAC,CAAC;gBACf,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,OAAO,EAAE,KAAK,EAAE,sCAAsC,EAAE,CAAC;gBAC3D,CAAC;gBACD,MAAM,OAAO,GAAG,MAAM,KAAK,CAAC,UAAU,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,CAAC,CAAC;gBAC3D,OAAO;oBACL,UAAU;oBACV,MAAM;oBACN,KAAK,EAAE,KAAK,IAAI,CAAC;oBACjB,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;wBAC5B,IAAI,EAAE,EAAE,CAAC,IAAI;wBACb,QAAQ,EAAE,EAAE,CAAC,QAAQ;wBACrB,SAAS,EAAE,EAAE,CAAC,SAAS;wBACvB,OAAO,EAAE,EAAE,CAAC,OAAO;wBACnB,OAAO,EAAE,EAAE,CAAC,OAAO;wBACnB,UAAU,EAAE,EAAE,CAAC,UAAU;wBACzB,SAAS,EAAE,EAAE,CAAC,SAAS,IAAI,SAAS;qBACrC,CAAC,CAAC;iBACJ,CAAC;YACJ,CAAC;YAED,KAAK,WAAW,CAAC,CAAC,CAAC;gBACjB,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,OAAO,EAAE,KAAK,EAAE,wCAAwC,EAAE,CAAC;gBAC7D,CAAC;gBACD,8DAA8D;gBAC9D,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,UAAU,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,CAAC,CAAC;gBAC7D,MAAM,SAAS,GAAG,MAAM,KAAK,CAAC,UAAU,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,CAAC,CAAC;gBAC7D,OAAO;oBACL,UAAU;oBACV,MAAM;oBACN,KAAK,EAAE,KAAK,IAAI,CAAC;oBACjB,OAAO,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;wBAC9B,IAAI,EAAE,EAAE,CAAC,IAAI;wBACb,QAAQ,EAAE,EAAE,CAAC,QAAQ;wBACrB,SAAS,EAAE,EAAE,CAAC,SAAS;qBACxB,CAAC,CAAC;oBACH,OAAO,EAAE,SAAS,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;wBAC9B,IAAI,EAAE,EAAE,CAAC,IAAI;wBACb,QAAQ,EAAE,EAAE,CAAC,QAAQ;wBACrB,SAAS,EAAE,EAAE,CAAC,SAAS;qBACxB,CAAC,CAAC;iBACJ,CAAC;YACJ,CAAC;YAED,KAAK,cAAc,CAAC,CAAC,CAAC;gBACpB,MAAM,WAAW,GAAG,MAAM,eAAe,CAAC,KAAK,CAAC,CAAC;gBACjD,OAAO;oBACL,UAAU;oBACV,OAAO,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;wBAChC,UAAU,EAAE,EAAE,CAAC,UAAU;wBACzB,IAAI,EAAE,EAAE,CAAC,IAAI;wBACb,IAAI,EAAE,EAAE,CAAC,IAAI;wBACb,aAAa,EAAE,EAAE,CAAC,aAAa;qBAChC,CAAC,CAAC;oBACH,KAAK,EAAE,WAAW,CAAC,MAAM;iBAC1B,CAAC;YACJ,CAAC;YAED,KAAK,cAAc,CAAC,CAAC,CAAC;gBACpB,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,OAAO,EAAE,KAAK,EAAE,2CAA2C,EAAE,CAAC;gBAChE,CAAC;gBACD,MAAM,EAAE,GAAG,MAAM,eAAe,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;gBAChD,OAAO;oBACL,UAAU;oBACV,MAAM;oBACN,iBAAiB,EAAE,EAAE,CAAC,iBAAiB;oBACvC,iBAAiB,EAAE,EAAE,CAAC,iBAAiB;oBACvC,aAAa,EAAE,EAAE,CAAC,aAAa;iBAChC,CAAC;YACJ,CAAC;YAED,KAAK,YAAY,CAAC,CAAC,CAAC;gBAClB,MAAM,WAAW,GAAG,MAAM,eAAe,CAAC,KAAK,CAAC,CAAC;gBACjD,OAAO;oBACL,UAAU;oBACV,OAAO,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;wBAChC,QAAQ,EAAE,EAAE,CAAC,QAAQ;wBACrB,MAAM,EAAE,EAAE,CAAC,MAAM;qBAClB,CAAC,CAAC;oBACH,KAAK,EAAE,WAAW,CAAC,MAAM;iBAC1B,CAAC;YACJ,CAAC;YAED;gBACE,OAAO,EAAE,KAAK,EAAE,uBAAuB,UAAU,EAAE,EAAE,CAAC;QAC1D,CAAC;IACH,CAAC;YAAS,CAAC;QACT,WAAW;QACX,MAAM,KAAK,CAAC,KAAK,EAAE,CAAC;QACpB,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACrD,CAAC;QAAC,MAAM,CAAC;YACP,sBAAsB;QACxB,CAAC;IACH,CAAC;AACH,CAAC"}

package/dist/src/mcp/tools/production-errors.d.ts

@@ -0,0 +1,23 @@
+export interface ProductionErrorsParams {
+    severity?: 'all' | 'critical' | 'high' | 'medium' | 'low';
+    status?: 'open' | 'resolved' | 'all';
+}
+export interface ProductionError {
+    id: string;
+    message: string;
+    severity: string;
+    status: string;
+    stack_trace?: string;
+    root_cause?: string;
+    suggested_fix?: string;
+    first_seen: string;
+    last_seen: string;
+    count: number;
+}
+export interface ProductionErrorsResult {
+    errors: ProductionError[];
+    total: number;
+    warning?: string;
+}
+export declare function handleProductionErrors(params: ProductionErrorsParams): Promise<ProductionErrorsResult>;
+//# sourceMappingURL=production-errors.d.ts.map

package/dist/src/mcp/tools/production-errors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"production-errors.d.ts","sourceRoot":"","sources":["../../../../src/mcp/tools/production-errors.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,sBAAsB;IACrC,QAAQ,CAAC,EAAE,KAAK,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IAC1D,MAAM,CAAC,EAAE,MAAM,GAAG,UAAU,GAAG,KAAK,CAAC;CACtC;AAED,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,sBAAsB;IACrC,MAAM,EAAE,eAAe,EAAE,CAAC;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,wBAAsB,sBAAsB,CAC1C,MAAM,EAAE,sBAAsB,GAC7B,OAAO,CAAC,sBAAsB,CAAC,CAiDjC"}

package/dist/src/mcp/tools/production-errors.js

@@ -0,0 +1,46 @@
+import { loadConfig, getApiEndpoint } from '../../config/manager.js';
+export async function handleProductionErrors(params) {
+    const projectDir = process.cwd();
+    const config = await loadConfig(projectDir);
+    if (!config.projectId) {
+        return {
+            errors: [],
+            total: 0,
+            warning: 'No project ID configured. Run `shipsafe setup` to connect this project.',
+        };
+    }
+    const apiEndpoint = getApiEndpoint(config);
+    const severity = params.severity ?? 'all';
+    const status = params.status ?? 'open';
+    const url = new URL(`/v1/errors/${config.projectId}`, apiEndpoint);
+    url.searchParams.set('severity', severity);
+    url.searchParams.set('status', status);
+    try {
+        const response = await fetch(url.toString(), {
+            headers: {
+                ...(config.licenseKey ? { Authorization: `Bearer ${config.licenseKey}` } : {}),
+            },
+        });
+        if (!response.ok) {
+            return {
+                errors: [],
+                total: 0,
+                warning: `API returned ${response.status}: ${response.statusText}`,
+            };
+        }
+        const data = (await response.json());
+        return {
+            errors: data.errors,
+            total: data.count,
+        };
+    }
+    catch (err) {
+        const message = err instanceof Error ? err.message : String(err);
+        return {
+            errors: [],
+            total: 0,
+            warning: `Failed to fetch production errors: ${message}`,
+        };
+    }
+}
+//# sourceMappingURL=production-errors.js.map

package/dist/src/mcp/tools/production-errors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"production-errors.js","sourceRoot":"","sources":["../../../../src/mcp/tools/production-errors.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AA0BrE,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,MAA8B;IAE9B,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IACjC,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,UAAU,CAAC,CAAC;IAE5C,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;QACtB,OAAO;YACL,MAAM,EAAE,EAAE;YACV,KAAK,EAAE,CAAC;YACR,OAAO,EAAE,yEAAyE;SACnF,CAAC;IACJ,CAAC;IAED,MAAM,WAAW,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;IAC3C,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,KAAK,CAAC;IAC1C,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC;IAEvC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,cAAc,MAAM,CAAC,SAAS,EAAE,EAAE,WAAW,CAAC,CAAC;IACnE,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;IAC3C,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAEvC,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE;YAC3C,OAAO,EAAE;gBACP,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,UAAU,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAC/E;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO;gBACL,MAAM,EAAE,EAAE;gBACV,KAAK,EAAE,CAAC;gBACR,OAAO,EAAE,gBAAgB,QAAQ,CAAC,MAAM,KAAK,QAAQ,CAAC,UAAU,EAAE;aACnE,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiD,CAAC;QAErF,OAAO;YACL,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,KAAK,EAAE,IAAI,CAAC,KAAK;SAClB,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,OAAO;YACL,MAAM,EAAE,EAAE;YACV,KAAK,EAAE,CAAC;YACR,OAAO,EAAE,sCAAsC,OAAO,EAAE;SACzD,CAAC;IACJ,CAAC;AACH,CAAC"}

package/dist/src/mcp/tools/scan.d.ts

@@ -0,0 +1,7 @@
+import type { ScanResult } from '../../types.js';
+export interface ScanParams {
+    scope?: string;
+    fix?: boolean;
+}
+export declare function handleScan(params: ScanParams): Promise<ScanResult>;
+//# sourceMappingURL=scan.d.ts.map

package/dist/src/mcp/tools/scan.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan.d.ts","sourceRoot":"","sources":["../../../../src/mcp/tools/scan.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAa,MAAM,gBAAgB,CAAC;AAG5D,MAAM,WAAW,UAAU;IACzB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,OAAO,CAAC;CACf;AAED,wBAAsB,UAAU,CAAC,MAAM,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,CAQxE"}

package/dist/src/mcp/tools/scan.js

@@ -0,0 +1,9 @@
+import { runPatternEngine } from '../../engines/pattern/index.js';
+export async function handleScan(params) {
+    const scope = params.scope ?? 'staged';
+    const targetPath = process.cwd();
+    // fix is a Phase 1 stub — accepted but not acted upon
+    const result = await runPatternEngine({ targetPath, scope });
+    return result;
+}
+//# sourceMappingURL=scan.js.map

package/dist/src/mcp/tools/scan.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan.js","sourceRoot":"","sources":["../../../../src/mcp/tools/scan.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAOlE,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,MAAkB;IACjD,MAAM,KAAK,GAAe,MAAM,CAAC,KAAmB,IAAI,QAAQ,CAAC;IACjE,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAEjC,sDAAsD;IACtD,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;IAE7D,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/src/mcp/tools/status.d.ts

@@ -0,0 +1,9 @@
+import type { ScannerAvailability } from '../../types.js';
+export interface McpProjectStatus {
+    project: string;
+    hooks_installed: boolean;
+    scanners: ScannerAvailability;
+    license: string;
+}
+export declare function handleStatus(): Promise<McpProjectStatus>;
+//# sourceMappingURL=status.d.ts.map

package/dist/src/mcp/tools/status.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"status.d.ts","sourceRoot":"","sources":["../../../../src/mcp/tools/status.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AAK1D,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,MAAM,CAAC;IAChB,eAAe,EAAE,OAAO,CAAC;IACzB,QAAQ,EAAE,mBAAmB,CAAC;IAC9B,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,wBAAsB,YAAY,IAAI,OAAO,CAAC,gBAAgB,CAAC,CAe9D"}