@synkro-sh/cli 1.3.48 → 1.3.50

package/dist/bootstrap.js

@@ -605,9 +605,7 @@ SYNKRO_INFERENCE_TIER="\${SYNKRO_INFERENCE_TIER:-fast}"
 SYNKRO_CAPTURE_DEPTH="\${SYNKRO_CAPTURE_DEPTH:-full}"
 
 USE_LOCAL=false
-if [ "$SYNKRO_CAPTURE_DEPTH" = "local_only" ] && command -v claude >/dev/null 2>&1; then
-  USE_LOCAL=true
-elif [ "$SYNKRO_INFERENCE_TIER" = "free" ] && command -v claude >/dev/null 2>&1; then
+if command -v claude >/dev/null 2>&1; then
   USE_LOCAL=true
 fi
 
@@ -818,16 +816,22 @@ if [ "$USE_LOCAL" = "true" ] && [ -n "$VERDICT_KIND" ]; then
       --arg severity "$SEVERITY" \\
       --arg risk_level "\${RISK_LEVEL:-low}" \\
       --arg category "$CATEGORY" \\
+      --arg cc_model "\${CC_MODEL:-}" \\
       --arg model "\${CC_MODEL:-claude-sonnet-4-6}" \\
       --arg tool_name "$TOOL_NAME" \\
       --arg repo "\${GIT_REPO:-}" \\
       --arg session_id "$SESSION_ID" \\
+      --arg tool_use_id "\${TOOL_USE_ID:-}" \\
+      --arg cwd "\${CWD:-}" \\
       --arg mech_cat "$MECH_CAT" \\
       --arg biz_cat "$BIZ_CAT" \\
       --arg capture_depth "$SYNKRO_CAPTURE_DEPTH" \\
       --arg command "$COMMAND" \\
       --arg reasoning "$REASONING" \\
       --arg alternative "$ALTERNATIVE" \\
+      --argjson cc_usage "\${CC_USAGE:-{}}" \\
+      --argjson rules_checked "\${ORG_RULES:-[]}" \\
+      --argjson recent_user_messages "\${RECENT_USER_MESSAGES:-[]}" \\
       '{
         event_id: $event_id,
         timestamp: $timestamp,
@@ -838,12 +842,17 @@ if [ "$USE_LOCAL" = "true" ] && [ -n "$VERDICT_KIND" ]; then
         category: $category,
         model: $model,
         tool_name: $tool_name,
-        capture_depth: $capture_depth
+        capture_depth: $capture_depth,
+        rules_checked: $rules_checked,
+        cc_model: (if ($cc_model | length) > 0 then $cc_model else null end),
+        cc_usage: $cc_usage
       } + (if $repo != "" then {repo: $repo} else {} end)
         + (if $session_id != "" then {session_id: $session_id} else {} end)
+        + (if $tool_use_id != "" then {tool_use_id: $tool_use_id} else {} end)
+        + (if $cwd != "" then {cwd: $cwd} else {} end)
         + (if $mech_cat != "" then {mechanism_category: $mech_cat} else {} end)
         + (if $biz_cat != "" then {business_category: $biz_cat} else {} end)
-        + (if $capture_depth != "local_only" then {command: $command, reasoning: $reasoning} + (if $alternative != "" then {alternative: $alternative} else {} end) else {} end)')
+        + (if $capture_depth != "local_only" then {command: $command, reasoning: $reasoning, recent_user_messages: $recent_user_messages} + (if $alternative != "" then {alternative: $alternative} else {} end) else {} end)')
     curl -sS -X POST "\${GATEWAY_URL}/api/v1/events/local-verdict" \\
       -H "Content-Type: application/json" \\
       -H "Authorization: Bearer $JWT" \\
@@ -898,6 +907,21 @@ SESSION_ID=$(echo "$PAYLOAD" | jq -r '.session_id // empty' 2>/dev/null)
 TOOL_USE_ID=$(echo "$PAYLOAD" | jq -r '.tool_use_id // empty' 2>/dev/null)
 CWD=$(echo "$PAYLOAD" | jq -r '.cwd // empty' 2>/dev/null)
 TRANSCRIPT_PATH=$(echo "$PAYLOAD" | jq -r '.transcript_path // empty' 2>/dev/null)
+
+CC_MODEL=""
+CC_USAGE="{}"
+if [ -n "$TRANSCRIPT_PATH" ] && [ -f "$TRANSCRIPT_PATH" ]; then
+  _LAST_ASSISTANT=$(tail -50 "$TRANSCRIPT_PATH" | jq -c 'select(.type == "assistant")' 2>/dev/null | tail -1)
+  if [ -n "$_LAST_ASSISTANT" ]; then
+    CC_MODEL=$(echo "$_LAST_ASSISTANT" | jq -r '.message.model // empty' 2>/dev/null)
+    CC_USAGE=$(echo "$_LAST_ASSISTANT" | jq -c '{
+      input_tokens: .message.usage.input_tokens,
+      output_tokens: .message.usage.output_tokens,
+      cache_creation_input_tokens: .message.usage.cache_creation_input_tokens,
+      cache_read_input_tokens: .message.usage.cache_read_input_tokens
+    }' 2>/dev/null || echo "{}")
+  fi
+fi
 # Detect git remote origin \u2192 repo identity (e.g. "owner/repo")
 GIT_REPO=""
 if command -v git >/dev/null 2>&1; then
@@ -1107,9 +1131,7 @@ SYNKRO_INFERENCE_TIER="\${SYNKRO_INFERENCE_TIER:-fast}"
 SYNKRO_CAPTURE_DEPTH="\${SYNKRO_CAPTURE_DEPTH:-full}"
 
 USE_LOCAL=false
-if [ "$SYNKRO_CAPTURE_DEPTH" = "local_only" ] && command -v claude >/dev/null 2>&1; then
-  USE_LOCAL=true
-elif [ "$SYNKRO_INFERENCE_TIER" = "free" ] && command -v claude >/dev/null 2>&1; then
+if command -v claude >/dev/null 2>&1; then
   USE_LOCAL=true
 fi
 
@@ -1334,11 +1356,13 @@ if [ "$SYNKRO_CAPTURE_DEPTH" = "local_only" ] && [ -n "$DECISION" ]; then
       --arg severity "$LOCAL_SEVERITY" \\
       --arg category "$LOCAL_CATEGORY" \\
       --arg model "\${CC_MODEL:-claude-sonnet-4-6}" \\
+      --arg cc_model "\${CC_MODEL:-}" \\
       --arg tool_name "$TOOL_NAME" \\
       --arg repo "\${GIT_REPO:-}" \\
       --arg session_id "$SESSION_ID" \\
       --arg mech_cat "$MECH_CAT" \\
       --arg biz_cat "$BIZ_CAT" \\
+      --argjson cc_usage "\${CC_USAGE:-{}}" \\
       '{
         event_id: $event_id,
         timestamp: $timestamp,
@@ -1347,9 +1371,11 @@ if [ "$SYNKRO_CAPTURE_DEPTH" = "local_only" ] && [ -n "$DECISION" ]; then
         severity: $severity,
         category: $category,
         model: $model,
-        tool_name: $tool_name
+        tool_name: $tool_name,
+        cc_usage: $cc_usage
       } + (if $repo != "" then {repo: $repo} else {} end)
         + (if $session_id != "" then {session_id: $session_id} else {} end)
+        + (if $cc_model != "" then {cc_model: $cc_model} else {} end)
         + (if $mech_cat != "" then {mechanism_category: $mech_cat} else {} end)
         + (if $biz_cat != "" then {business_category: $biz_cat} else {} end)')
     curl -sS -X POST "\${GATEWAY_URL}/api/v1/events/local-verdict" \\
@@ -1406,6 +1432,22 @@ TOOL_INPUT=$(echo "$PAYLOAD" | jq -c '.tool_input // {}' 2>/dev/null)
 SESSION_ID=$(echo "$PAYLOAD" | jq -r '.session_id // empty' 2>/dev/null)
 TOOL_USE_ID=$(echo "$PAYLOAD" | jq -r '.tool_use_id // empty' 2>/dev/null)
 CWD=$(echo "$PAYLOAD" | jq -r '.cwd // empty' 2>/dev/null)
+TRANSCRIPT_PATH=$(echo "$PAYLOAD" | jq -r '.transcript_path // empty' 2>/dev/null)
+
+CC_MODEL=""
+CC_USAGE="{}"
+if [ -n "$TRANSCRIPT_PATH" ] && [ -f "$TRANSCRIPT_PATH" ]; then
+  _LAST_ASSISTANT=$(tail -50 "$TRANSCRIPT_PATH" | jq -c 'select(.type == "assistant")' 2>/dev/null | tail -1)
+  if [ -n "$_LAST_ASSISTANT" ]; then
+    CC_MODEL=$(echo "$_LAST_ASSISTANT" | jq -r '.message.model // empty' 2>/dev/null)
+    CC_USAGE=$(echo "$_LAST_ASSISTANT" | jq -c '{
+      input_tokens: .message.usage.input_tokens,
+      output_tokens: .message.usage.output_tokens,
+      cache_creation_input_tokens: .message.usage.cache_creation_input_tokens,
+      cache_read_input_tokens: .message.usage.cache_read_input_tokens
+    }' 2>/dev/null || echo "{}")
+  fi
+fi
 # Detect git remote origin \u2192 repo identity (e.g. "owner/repo")
 GIT_REPO=""
 if command -v git >/dev/null 2>&1; then
@@ -1436,10 +1478,32 @@ if [ -z "$DIFF_FIELD" ] || [ "$DIFF_FIELD" = "null" ] || [ "$DIFF_FIELD" = "{}"
   DIFF_FIELD="null"
 fi
 
+# Resolve dependency versions + CVE config from nearest package.json / .synkro.json
+DEPS_JSON="{}"
+CVE_ALLOWLIST="[]"
+CVE_MIN_SEVERITY="null"
+_PKG_DIR=$(dirname "$FILE_PATH")
+while [ "$_PKG_DIR" != "/" ]; do
+  if [ -f "$_PKG_DIR/package.json" ]; then
+    DEPS_JSON=$(jq -s '.[0] * .[1]' \\
+      <(jq '.dependencies // {}' "$_PKG_DIR/package.json" 2>/dev/null || echo "{}") \\
+      <(jq '.devDependencies // {}' "$_PKG_DIR/package.json" 2>/dev/null || echo "{}") 2>/dev/null || echo "{}")
+    if [ -f "$_PKG_DIR/.synkro.json" ]; then
+      CVE_ALLOWLIST=$(jq '.cve_allowlist // []' "$_PKG_DIR/.synkro.json" 2>/dev/null || echo "[]")
+      CVE_MIN_SEVERITY=$(jq '.cve_min_severity // null' "$_PKG_DIR/.synkro.json" 2>/dev/null || echo "null")
+    fi
+    break
+  fi
+  _PKG_DIR=$(dirname "$_PKG_DIR")
+done
+
 BODY=$(jq -n \\
   --arg file_path "$FILE_PATH" \\
   --arg content "$FILE_CONTENT" \\
   --argjson diff "$DIFF_FIELD" \\
+  --argjson deps "$DEPS_JSON" \\
+  --argjson cve_allowlist "$CVE_ALLOWLIST" \\
+  --argjson cve_min_severity "$CVE_MIN_SEVERITY" \\
   --arg session_id "$SESSION_ID" \\
   --arg tool_use_id "$TOOL_USE_ID" \\
   --arg cwd "$CWD" \\
@@ -1448,6 +1512,9 @@ BODY=$(jq -n \\
     file_path: $file_path,
     content: $content,
     diff: $diff,
+    dependencies: $deps,
+    cve_allowlist: $cve_allowlist,
+    cve_min_severity: $cve_min_severity,
     session_id: (if ($session_id | length) > 0 then $session_id else null end),
     tool_use_id: (if ($tool_use_id | length) > 0 then $tool_use_id else null end),
     cwd: (if ($cwd | length) > 0 then $cwd else null end),
@@ -1540,9 +1607,7 @@ SYNKRO_INFERENCE_TIER="\${SYNKRO_INFERENCE_TIER:-fast}"
 SYNKRO_CAPTURE_DEPTH="\${SYNKRO_CAPTURE_DEPTH:-full}"
 
 USE_LOCAL=false
-if [ "$SYNKRO_CAPTURE_DEPTH" = "local_only" ] && command -v claude >/dev/null 2>&1; then
-  USE_LOCAL=true
-elif [ "$SYNKRO_INFERENCE_TIER" = "free" ] && command -v claude >/dev/null 2>&1; then
+if command -v claude >/dev/null 2>&1; then
   USE_LOCAL=true
 fi
 
@@ -1550,28 +1615,43 @@ if [ "$USE_LOCAL" = "true" ]; then
   # \u2500\u2500\u2500 LOCAL GRADING: grade via the persistent claude daemon (mode=edit). \u2500\u2500\u2500
 
   RULES_CACHE="$HOME/.synkro/.rules-cache-edit-capture"
+  RULES_RESP=""
   if [ "$SYNKRO_CAPTURE_DEPTH" = "local_only" ]; then
-    ORG_RULES=$(curl -sS "\${GATEWAY_URL}/api/v1/cli/pr-rules" \\
-      -H "Authorization: Bearer $JWT" --max-time 3 2>/dev/null \\
-      | jq -c '[.rules[]? | {rule_id, text, severity, category}]' 2>/dev/null || echo "[]")
-    if [ -n "$ORG_RULES" ] && [ "$ORG_RULES" != "null" ] && [ "$ORG_RULES" != "[]" ]; then
-      printf '%s' "$ORG_RULES" > "$RULES_CACHE" 2>/dev/null || true
-    elif [ -f "$RULES_CACHE" ]; then
-      ORG_RULES=$(cat "$RULES_CACHE" 2>/dev/null || echo "[]")
-    fi
+    RULES_RESP=$(curl -sS "\${GATEWAY_URL}/api/v1/cli/pr-rules" \\
+      -H "Authorization: Bearer $JWT" --max-time 3 2>/dev/null || echo "")
   else
-    ORG_RULES=$(printf '%s' "$FILE_CONTENT" | head -c 8000 \\
+    RULES_RESP=$(printf '%s' "$FILE_CONTENT" | head -c 8000 \\
       | jq -Rs '{content: .}' \\
       | curl -sS "\${GATEWAY_URL}/api/v1/cli/pr-rules?top_k=20" \\
       -X POST -H "Content-Type: application/json" \\
       -H "Authorization: Bearer $JWT" \\
-      -d @- --max-time 2 2>/dev/null \\
-      | jq -c '[.rules[]? | {rule_id, text, severity, category}]' 2>/dev/null || echo "[]")
+      -d @- --max-time 2 2>/dev/null || echo "")
+  fi
+  ORG_RULES=$(echo "$RULES_RESP" | jq -c '[.rules[]? | {rule_id, text, severity, category}]' 2>/dev/null || echo "[]")
+  if [ -n "$ORG_RULES" ] && [ "$ORG_RULES" != "null" ] && [ "$ORG_RULES" != "[]" ]; then
+    printf '%s' "$ORG_RULES" > "$RULES_CACHE" 2>/dev/null || true
+  elif [ -f "$RULES_CACHE" ]; then
+    ORG_RULES=$(cat "$RULES_CACHE" 2>/dev/null || echo "[]")
   fi
   if [ -z "$ORG_RULES" ] || [ "$ORG_RULES" = "null" ]; then ORG_RULES="[]"; fi
 
+  # Extract CVE config from rules response (allowlist + min_severity)
+  CVE_ALLOWLIST=$(echo "$RULES_RESP" | jq -c '.cve_config.allowlist // []' 2>/dev/null || echo "[]")
+  CVE_MIN_SEVERITY=$(echo "$RULES_RESP" | jq '.cve_config.min_severity // null' 2>/dev/null || echo "null")
+
+  # CVE scan \u2014 runs server-side in parallel with local LLM grading
+  CVE_RESULT_FILE=$(mktemp -t synkro-cve.XXXXXX)
+  (
+    CVE_BODY=$(jq -n --arg fp "$FILE_PATH" --arg c "$FILE_CONTENT" --argjson deps "$DEPS_JSON" --argjson al "$CVE_ALLOWLIST" --argjson ms "$CVE_MIN_SEVERITY" '{file_path: $fp, content: $c, dependencies: $deps, cve_allowlist: $al, cve_min_severity: $ms}')
+    curl -sS -X POST "\${GATEWAY_URL}/api/v1/cve-scan" \\
+      -H "Content-Type: application/json" \\
+      -H "Authorization: Bearer $JWT" \\
+      -d "$CVE_BODY" --max-time 4 2>/dev/null > "$CVE_RESULT_FILE"
+  ) &
+  CVE_PID=$!
+
   GRADER_PROMPT_FILE=$(mktemp -t synkro-edit-capture.XXXXXX)
-  trap "rm -f \\"$GRADER_PROMPT_FILE\\"" EXIT
+  trap "rm -f \\"$GRADER_PROMPT_FILE\\" \\"$CVE_RESULT_FILE\\"" EXIT
   printf 'File: %s\\n' "$FILE_PATH" > "$GRADER_PROMPT_FILE"
   printf 'Org rules: %s\\n\\n' "$ORG_RULES" >> "$GRADER_PROMPT_FILE"
   printf 'Content:\\n' >> "$GRADER_PROMPT_FILE"
@@ -1582,6 +1662,14 @@ if [ "$USE_LOCAL" = "true" ]; then
   else
     CC_RESP=$(claude --print --model claude-sonnet-4-6 --no-session-persistence < "$GRADER_PROMPT_FILE" 2>/dev/null || echo "")
   fi
+
+  # Wait for CVE scan
+  wait $CVE_PID 2>/dev/null
+  CVE_TEXT=""
+  if [ -s "$CVE_RESULT_FILE" ]; then
+    CVE_TEXT=$(jq -r '.summary // empty' "$CVE_RESULT_FILE" 2>/dev/null || echo "")
+  fi
+
   # Wrapper extraction (greedy \u2014 tolerates nested XML tags).
   V_INNER=$(printf '%s' "$CC_RESP" | tr '\\n' ' ' | sed -nE 's|.*<synkro-verdict>(.*)</synkro-verdict>.*|\\1|p' | tail -1)
   if [ -n "$V_INNER" ]; then
@@ -1596,6 +1684,17 @@ if [ "$USE_LOCAL" = "true" ]; then
     LOCAL_SEV=$(printf '%s' "$FIRST_V" | sed -nE 's|.*<severity>(.*)</severity>.*|\\1|p' | head -1)
     LOCAL_CAT=$(printf '%s' "$FIRST_V" | sed -nE 's|.*<category>(.*)</category>.*|\\1|p' | head -1)
     LOCAL_REASON=$(printf '%s' "$FIRST_V" | sed -nE 's|.*<reason>(.*)</reason>.*|\\1|p' | head -1)
+    # Merge CVE findings
+    if [ -n "$CVE_TEXT" ]; then
+      if [ "$LOCAL_OK" = "false" ]; then
+        LOCAL_REASON="\${LOCAL_REASON}. Vulnerable dependencies: \${CVE_TEXT}"
+      else
+        LOCAL_OK="false"
+        LOCAL_SEV="block"
+        LOCAL_CAT="vulnerable_dependency"
+        LOCAL_REASON="Vulnerable dependencies detected: \${CVE_TEXT}"
+      fi
+    fi
     # Convert to JSON shape downstream code expects.
     RESP=$(jq -n \\
       --arg ok "$LOCAL_OK" \\
@@ -1610,6 +1709,10 @@ if [ "$USE_LOCAL" = "true" ]; then
        end')
   else
     RESP=""
+    if [ -n "$CVE_TEXT" ]; then
+      RESP=$(jq -n --arg reason "Vulnerable dependencies detected: $CVE_TEXT" \\
+        '{ok: false, severity: "block", category: "vulnerable_dependency", reason: $reason}')
+    fi
   fi
 else
   # \u2500\u2500\u2500 Server-side grading. \u2500\u2500\u2500
@@ -1677,17 +1780,21 @@ if [ "$SYNKRO_CAPTURE_DEPTH" = "local_only" ]; then
       --arg risk_level "$LOCAL_RISK" \\
       --arg category "$CATEGORY" \\
       --arg model "\${CC_MODEL:-claude-sonnet-4-6}" \\
+      --arg cc_model "\${CC_MODEL:-}" \\
       --arg tool_name "$TOOL_NAME" \\
       --arg repo "\${GIT_REPO:-}" \\
       --arg session_id "$SESSION_ID" \\
       --arg mech_cat "$MECH_CAT" \\
       --arg biz_cat "$BIZ_CAT" \\
+      --argjson cc_usage "\${CC_USAGE:-{}}" \\
       '{
         event_id: $event_id, timestamp: $timestamp, hook_type: $hook_type,
         verdict: $verdict, severity: $severity, risk_level: $risk_level,
-        category: $category, model: $model, tool_name: $tool_name
+        category: $category, model: $model, tool_name: $tool_name,
+        cc_usage: $cc_usage
       } + (if $repo != "" then {repo: $repo} else {} end)
         + (if $session_id != "" then {session_id: $session_id} else {} end)
+        + (if $cc_model != "" then {cc_model: $cc_model} else {} end)
         + (if $mech_cat != "" then {mechanism_category: $mech_cat} else {} end)
         + (if $biz_cat != "" then {business_category: $biz_cat} else {} end)')
     curl -sS -X POST "\${GATEWAY_URL}/api/v1/events/local-verdict" \\
@@ -3860,7 +3967,7 @@ function writeConfigEnv(opts) {
     `SYNKRO_CREDENTIALS_PATH=${shellQuoteSingle(credsPath)}`,
     `SYNKRO_TIER=${shellQuoteSingle(safeTier)}`,
     `SYNKRO_INFERENCE=${shellQuoteSingle(safeInference)}`,
-    `SYNKRO_VERSION=${shellQuoteSingle("1.3.48")}`
+    `SYNKRO_VERSION=${shellQuoteSingle("1.3.50")}`
   ];
   if (safeUserId) lines.push(`SYNKRO_USER_ID=${shellQuoteSingle(safeUserId)}`);
   if (safeOrgId) lines.push(`SYNKRO_ORG_ID=${shellQuoteSingle(safeOrgId)}`);
@@ -4791,6 +4898,8 @@ __export(scanPr_exports, {
   scanPrCommand: () => scanPrCommand
 });
 import { execSync as execSync5, spawn } from "child_process";
+import { readFileSync as readFileSync8, existsSync as existsSync10 } from "fs";
+import { join as join9 } from "path";
 function parseMatchSpec(condition) {
   if (!condition.startsWith("match_spec:")) return null;
   try {
@@ -5268,6 +5377,70 @@ function shouldFail(findings, threshold) {
   const thresholdIdx = order.indexOf(threshold);
   return findings.some((f) => order.indexOf(f.severity) >= thresholdIdx);
 }
+function readRepoDeps() {
+  const pkgPath = join9(process.cwd(), "package.json");
+  if (!existsSync10(pkgPath)) return {};
+  try {
+    const pkg = JSON.parse(readFileSync8(pkgPath, "utf-8"));
+    return { ...pkg.dependencies ?? {}, ...pkg.devDependencies ?? {} };
+  } catch {
+    return {};
+  }
+}
+function getFullFileContent(filename) {
+  try {
+    return execSync5(`git show HEAD:${filename}`, { encoding: "utf-8", maxBuffer: 128 * 1024 });
+  } catch {
+    return null;
+  }
+}
+async function scanCves(files, gatewayUrl, apiKey) {
+  const deps = readRepoDeps();
+  if (Object.keys(deps).length === 0) return [];
+  const findings = [];
+  for (const file of files) {
+    const content = getFullFileContent(file.filename);
+    if (!content) continue;
+    try {
+      const resp = await fetch(`${gatewayUrl.replace(/\/$/, "")}/api/v1/cve-scan`, {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+          "x-synkro-api-key": apiKey
+        },
+        body: JSON.stringify({
+          file_path: file.filename,
+          content,
+          dependencies: deps
+        }),
+        signal: AbortSignal.timeout(8e3)
+      });
+      if (!resp.ok) continue;
+      const data = await resp.json();
+      if (!data.findings?.length) continue;
+      for (const pkg of data.packages ?? []) {
+        const maxSev = data.findings.filter((f) => f.package === pkg.package).reduce((max, f) => {
+          const n = parseFloat(f.severity);
+          return !isNaN(n) && n > max ? n : max;
+        }, 0);
+        const severity = maxSev >= 9 ? "critical" : maxSev >= 7 ? "high" : maxSev >= 4 ? "medium" : "low";
+        const topIds = pkg.ids.slice(0, 3).join(", ");
+        const extra = pkg.ids.length > 3 ? ` +${pkg.ids.length - 3} more` : "";
+        findings.push({
+          file: file.filename,
+          line: 1,
+          severity,
+          category: "vulnerable_dependency",
+          description: `${pkg.package} has ${pkg.count} known CVEs (${topIds}${extra}).`,
+          fix: data.findings.find((f) => f.package === pkg.package && f.fixed) ? `Upgrade ${pkg.package} to ${data.findings.find((f) => f.package === pkg.package && f.fixed).fixed}` : `Check https://osv.dev/list?q=${pkg.package} for fix versions.`
+        });
+      }
+    } catch {
+      continue;
+    }
+  }
+  return findings;
+}
 async function postEventToBackend(opts) {
   try {
     await fetch(`${opts.gatewayUrl.replace(/\/$/, "")}/api/v1/events/pr-scan`, {
@@ -5375,6 +5548,10 @@ async function scanPrCommand() {
     return;
   }
   const t0 = Date.now();
+  const cvePromise = scanCves(eligible, gatewayUrl, synkroApiKey).catch((err) => {
+    console.warn("CVE scan failed (non-fatal):", err.message);
+    return [];
+  });
   const results = await processInBatches(eligible, MAX_PARALLEL_FILES, async (file, idx, total) => {
     process.stdout.write(`[${idx + 1}/${total}] ${file.filename}...`);
     const literalFindings = applyLiteralMatchNegative(literalNegativeRules, file);
@@ -5383,8 +5560,12 @@ async function scanPrCommand() {
     console.log(` ${merged.length === 0 ? "clean" : `${merged.length} finding(s)`} (${(llmResult.latencyMs / 1e3).toFixed(1)}s)`);
     return { findings: merged, latencyMs: llmResult.latencyMs };
   });
+  const cveFindings = await cvePromise;
+  if (cveFindings.length > 0) {
+    console.log(`CVE scan: ${cveFindings.length} vulnerable dependency finding(s).`);
+  }
   const totalLatencyMs = Date.now() - t0;
-  const allFindings = results.flatMap((r) => r.findings);
+  const allFindings = [...results.flatMap((r) => r.findings), ...cveFindings];
   console.log(`
 Total: ${allFindings.length} finding(s) across ${eligible.length} file(s) in ${totalLatencyMs}ms
 `);
@@ -5462,9 +5643,9 @@ var disconnect_exports = {};
 __export(disconnect_exports, {
   disconnectCommand: () => disconnectCommand
 });
-import { existsSync as existsSync10, rmSync } from "fs";
+import { existsSync as existsSync11, rmSync } from "fs";
 import { homedir as homedir8 } from "os";
-import { join as join9 } from "path";
+import { join as join10 } from "path";
 function disconnectCommand(args2 = []) {
   const purge = args2.includes("--purge");
   console.log("Synkro disconnect starting...\n");
@@ -5482,13 +5663,13 @@ function disconnectCommand(args2 = []) {
     console.log(`${mcpRemoved ? "\u2713" : "\xB7"} MCP guardrails server: ${mcpRemoved ? "removed entry from ~/.claude.json" : "no Synkro MCP entry found"}`);
   }
   if (purge) {
-    if (existsSync10(SYNKRO_DIR5)) {
+    if (existsSync11(SYNKRO_DIR5)) {
       rmSync(SYNKRO_DIR5, { recursive: true, force: true });
       console.log(`\u2713 Removed ${SYNKRO_DIR5}`);
     } else {
       console.log(`\xB7 ${SYNKRO_DIR5} already gone, nothing to remove`);
     }
-  } else if (existsSync10(SYNKRO_DIR5)) {
+  } else if (existsSync11(SYNKRO_DIR5)) {
     console.log(`Config preserved at ${SYNKRO_DIR5}. Run with --purge to remove.`);
   }
   console.log("\nSynkro disconnected.");
@@ -5500,7 +5681,7 @@ var init_disconnect = __esm({
     init_agentDetect();
     init_ccHookConfig();
     init_mcpConfig();
-    SYNKRO_DIR5 = join9(homedir8(), ".synkro");
+    SYNKRO_DIR5 = join10(homedir8(), ".synkro");
   }
 });
 
@@ -5542,15 +5723,15 @@ var init_reinstall = __esm({
 });
 
 // cli/bootstrap.js
-import { readFileSync as readFileSync8, existsSync as existsSync11 } from "fs";
+import { readFileSync as readFileSync9, existsSync as existsSync12 } from "fs";
 import { resolve } from "path";
 var envCandidates = [
   resolve(process.cwd(), ".env"),
   resolve(process.env.HOME ?? "", ".synkro", "config.env")
 ];
 for (const envPath of envCandidates) {
-  if (!existsSync11(envPath)) continue;
-  const envContent = readFileSync8(envPath, "utf-8");
+  if (!existsSync12(envPath)) continue;
+  const envContent = readFileSync9(envPath, "utf-8");
   for (const line of envContent.split("\n")) {
     const trimmed = line.trim();
     if (!trimmed || trimmed.startsWith("#")) continue;