npm - @vibecheckai/cli - Versions diffs - 3.5.0 → 3.5.2 - Mend

@vibecheckai/cli 3.5.0 → 3.5.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (224) hide show

package/bin/registry.js +214 -237
package/bin/runners/cli-utils.js +33 -2
package/bin/runners/context/analyzer.js +52 -1
package/bin/runners/context/generators/cursor.js +2 -49
package/bin/runners/context/git-context.js +3 -1
package/bin/runners/context/team-conventions.js +33 -7
package/bin/runners/lib/analysis-core.js +25 -5
package/bin/runners/lib/analyzers.js +431 -481
package/bin/runners/lib/default-config.js +127 -0
package/bin/runners/lib/doctor/modules/security.js +3 -1
package/bin/runners/lib/engine/ast-cache.js +210 -0
package/bin/runners/lib/engine/auth-extractor.js +211 -0
package/bin/runners/lib/engine/billing-extractor.js +112 -0
package/bin/runners/lib/engine/enforcement-extractor.js +100 -0
package/bin/runners/lib/engine/env-extractor.js +207 -0
package/bin/runners/lib/engine/express-extractor.js +208 -0
package/bin/runners/lib/engine/extractors.js +849 -0
package/bin/runners/lib/engine/index.js +207 -0
package/bin/runners/lib/engine/repo-index.js +514 -0
package/bin/runners/lib/engine/types.js +124 -0
package/bin/runners/lib/engines/accessibility-engine.js +18 -218
package/bin/runners/lib/engines/api-consistency-engine.js +30 -335
package/bin/runners/lib/engines/cross-file-analysis-engine.js +27 -292
package/bin/runners/lib/engines/empty-catch-engine.js +17 -127
package/bin/runners/lib/engines/mock-data-engine.js +10 -53
package/bin/runners/lib/engines/performance-issues-engine.js +36 -176
package/bin/runners/lib/engines/security-vulnerabilities-engine.js +54 -382
package/bin/runners/lib/engines/type-aware-engine.js +39 -263
package/bin/runners/lib/engines/vibecheck-engines/index.js +13 -122
package/bin/runners/lib/engines/vibecheck-engines/lib/ast-cache.js +164 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/code-quality-engine.js +291 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/console-logs-engine.js +83 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/dead-code-engine.js +198 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/deprecated-api-engine.js +275 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/empty-catch-engine.js +167 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/file-filter.js +217 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/hardcoded-secrets-engine.js +73 -373
package/bin/runners/lib/engines/vibecheck-engines/lib/mock-data-engine.js +140 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/parallel-processor.js +164 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/performance-issues-engine.js +234 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/type-aware-engine.js +217 -0
package/bin/runners/lib/engines/vibecheck-engines/lib/unsafe-regex-engine.js +78 -0
package/bin/runners/lib/entitlements-v2.js +73 -97
package/bin/runners/lib/error-handler.js +44 -3
package/bin/runners/lib/error-messages.js +289 -0
package/bin/runners/lib/evidence-pack.js +7 -1
package/bin/runners/lib/finding-id.js +69 -0
package/bin/runners/lib/finding-sorter.js +89 -0
package/bin/runners/lib/html-proof-report.js +700 -350
package/bin/runners/lib/missions/plan.js +6 -46
package/bin/runners/lib/missions/templates.js +0 -232
package/bin/runners/lib/next-action.js +560 -0
package/bin/runners/lib/prerequisites.js +149 -0
package/bin/runners/lib/route-detection.js +137 -68
package/bin/runners/lib/scan-output.js +91 -76
package/bin/runners/lib/scan-runner.js +135 -0
package/bin/runners/lib/schemas/ajv-validator.js +464 -0
package/bin/runners/lib/schemas/error-envelope.schema.json +105 -0
package/bin/runners/lib/schemas/finding-v3.schema.json +151 -0
package/bin/runners/lib/schemas/report-artifact.schema.json +120 -0
package/bin/runners/lib/schemas/run-request.schema.json +108 -0
package/bin/runners/lib/schemas/validator.js +27 -0
package/bin/runners/lib/schemas/verdict.schema.json +140 -0
package/bin/runners/lib/ship-output-enterprise.js +23 -23
package/bin/runners/lib/ship-output.js +75 -31
package/bin/runners/lib/terminal-ui.js +6 -113
package/bin/runners/lib/truth.js +351 -10
package/bin/runners/lib/unified-cli-output.js +430 -603
package/bin/runners/lib/unified-output.js +13 -9
package/bin/runners/runAIAgent.js +10 -5
package/bin/runners/runAgent.js +0 -3
package/bin/runners/runAllowlist.js +389 -0
package/bin/runners/runApprove.js +0 -33
package/bin/runners/runAuth.js +73 -45
package/bin/runners/runCheckpoint.js +51 -11
package/bin/runners/runClassify.js +85 -21
package/bin/runners/runContext.js +0 -3
package/bin/runners/runDoctor.js +41 -28
package/bin/runners/runEvidencePack.js +362 -0
package/bin/runners/runFirewall.js +0 -3
package/bin/runners/runFirewallHook.js +0 -3
package/bin/runners/runFix.js +66 -76
package/bin/runners/runGuard.js +18 -411
package/bin/runners/runInit.js +113 -30
package/bin/runners/runLabs.js +424 -0
package/bin/runners/runMcp.js +19 -25
package/bin/runners/runPolish.js +64 -240
package/bin/runners/runPromptFirewall.js +12 -5
package/bin/runners/runProve.js +57 -22
package/bin/runners/runQuickstart.js +531 -0
package/bin/runners/runReality.js +59 -68
package/bin/runners/runReport.js +38 -33
package/bin/runners/runRuntime.js +8 -5
package/bin/runners/runScan.js +1413 -190
package/bin/runners/runShip.js +113 -719
package/bin/runners/runTruth.js +0 -3
package/bin/runners/runValidate.js +13 -9
package/bin/runners/runWatch.js +23 -14
package/bin/scan.js +6 -1
package/bin/vibecheck.js +204 -185
package/mcp-server/deprecation-middleware.js +282 -0
package/mcp-server/handlers/index.ts +15 -0
package/mcp-server/handlers/tool-handler.ts +554 -0
package/mcp-server/index-v1.js +698 -0
package/mcp-server/index.js +210 -238
package/mcp-server/lib/cache-wrapper.cjs +383 -0
package/mcp-server/lib/error-envelope.js +138 -0
package/mcp-server/lib/executor.ts +499 -0
package/mcp-server/lib/index.ts +19 -0
package/mcp-server/lib/rate-limiter.js +166 -0
package/mcp-server/lib/sandbox.test.ts +519 -0
package/mcp-server/lib/sandbox.ts +395 -0
package/mcp-server/lib/types.ts +267 -0
package/mcp-server/package.json +12 -3
package/mcp-server/registry/tool-registry.js +794 -0
package/mcp-server/registry/tools.json +605 -0
package/mcp-server/registry.test.ts +334 -0
package/mcp-server/tests/tier-gating.test.js +297 -0
package/mcp-server/tier-auth.js +378 -45
package/mcp-server/tools-v3.js +353 -442
package/mcp-server/tsconfig.json +37 -0
package/mcp-server/vibecheck-2.0-tools.js +14 -1
package/package.json +1 -1
package/bin/runners/lib/agent-firewall/learning/learning-engine.js +0 -849
package/bin/runners/lib/audit-logger.js +0 -532
package/bin/runners/lib/authority/authorities/architecture.js +0 -364
package/bin/runners/lib/authority/authorities/compliance.js +0 -341
package/bin/runners/lib/authority/authorities/human.js +0 -343
package/bin/runners/lib/authority/authorities/quality.js +0 -420
package/bin/runners/lib/authority/authorities/security.js +0 -228
package/bin/runners/lib/authority/index.js +0 -293
package/bin/runners/lib/bundle/bundle-intelligence.js +0 -846
package/bin/runners/lib/cli-charts.js +0 -368
package/bin/runners/lib/cli-config-display.js +0 -405
package/bin/runners/lib/cli-demo.js +0 -275
package/bin/runners/lib/cli-errors.js +0 -438
package/bin/runners/lib/cli-help-formatter.js +0 -439
package/bin/runners/lib/cli-interactive-menu.js +0 -509
package/bin/runners/lib/cli-prompts.js +0 -441
package/bin/runners/lib/cli-scan-cards.js +0 -362
package/bin/runners/lib/compliance-reporter.js +0 -710
package/bin/runners/lib/conductor/index.js +0 -671
package/bin/runners/lib/easy/README.md +0 -123
package/bin/runners/lib/easy/index.js +0 -140
package/bin/runners/lib/easy/interactive-wizard.js +0 -788
package/bin/runners/lib/easy/one-click-firewall.js +0 -564
package/bin/runners/lib/easy/zero-config-reality.js +0 -714
package/bin/runners/lib/engines/async-patterns-engine.js +0 -444
package/bin/runners/lib/engines/bundle-size-engine.js +0 -433
package/bin/runners/lib/engines/confidence-scoring.js +0 -276
package/bin/runners/lib/engines/context-detection.js +0 -264
package/bin/runners/lib/engines/database-patterns-engine.js +0 -429
package/bin/runners/lib/engines/duplicate-code-engine.js +0 -354
package/bin/runners/lib/engines/env-variables-engine.js +0 -458
package/bin/runners/lib/engines/error-handling-engine.js +0 -437
package/bin/runners/lib/engines/false-positive-prevention.js +0 -630
package/bin/runners/lib/engines/framework-adapters/index.js +0 -607
package/bin/runners/lib/engines/framework-detection.js +0 -508
package/bin/runners/lib/engines/import-order-engine.js +0 -429
package/bin/runners/lib/engines/naming-conventions-engine.js +0 -544
package/bin/runners/lib/engines/noise-reduction-engine.js +0 -452
package/bin/runners/lib/engines/orchestrator.js +0 -334
package/bin/runners/lib/engines/react-patterns-engine.js +0 -457
package/bin/runners/lib/engines/vibecheck-engines/lib/ai-hallucination-engine.js +0 -806
package/bin/runners/lib/engines/vibecheck-engines/lib/smart-fix-engine.js +0 -577
package/bin/runners/lib/engines/vibecheck-engines/lib/vibe-score-engine.js +0 -543
package/bin/runners/lib/engines/vibecheck-engines.js +0 -514
package/bin/runners/lib/enhanced-features/index.js +0 -305
package/bin/runners/lib/enhanced-output.js +0 -631
package/bin/runners/lib/enterprise.js +0 -300
package/bin/runners/lib/firewall/command-validator.js +0 -351
package/bin/runners/lib/firewall/config.js +0 -341
package/bin/runners/lib/firewall/content-validator.js +0 -519
package/bin/runners/lib/firewall/index.js +0 -101
package/bin/runners/lib/firewall/path-validator.js +0 -256
package/bin/runners/lib/intelligence/cross-repo-intelligence.js +0 -817
package/bin/runners/lib/mcp-utils.js +0 -425
package/bin/runners/lib/output/index.js +0 -1022
package/bin/runners/lib/policy-engine.js +0 -652
package/bin/runners/lib/polish/autofix/accessibility-fixes.js +0 -333
package/bin/runners/lib/polish/autofix/async-handlers.js +0 -273
package/bin/runners/lib/polish/autofix/dead-code.js +0 -280
package/bin/runners/lib/polish/autofix/imports-optimizer.js +0 -344
package/bin/runners/lib/polish/autofix/index.js +0 -200
package/bin/runners/lib/polish/autofix/remove-consoles.js +0 -209
package/bin/runners/lib/polish/autofix/strengthen-types.js +0 -245
package/bin/runners/lib/polish/backend-checks.js +0 -148
package/bin/runners/lib/polish/documentation-checks.js +0 -111
package/bin/runners/lib/polish/frontend-checks.js +0 -168
package/bin/runners/lib/polish/index.js +0 -71
package/bin/runners/lib/polish/infrastructure-checks.js +0 -131
package/bin/runners/lib/polish/library-detection.js +0 -175
package/bin/runners/lib/polish/performance-checks.js +0 -100
package/bin/runners/lib/polish/security-checks.js +0 -148
package/bin/runners/lib/polish/utils.js +0 -203
package/bin/runners/lib/prompt-builder.js +0 -540
package/bin/runners/lib/proof-certificate.js +0 -634
package/bin/runners/lib/reality/accessibility-audit.js +0 -946
package/bin/runners/lib/reality/api-contract-validator.js +0 -1012
package/bin/runners/lib/reality/chaos-engineering.js +0 -1084
package/bin/runners/lib/reality/performance-tracker.js +0 -1077
package/bin/runners/lib/reality/scenario-generator.js +0 -1404
package/bin/runners/lib/reality/visual-regression.js +0 -852
package/bin/runners/lib/reality-profiler.js +0 -717
package/bin/runners/lib/replay/flight-recorder-viewer.js +0 -1160
package/bin/runners/lib/review/ai-code-review.js +0 -832
package/bin/runners/lib/rules/custom-rule-engine.js +0 -985
package/bin/runners/lib/sbom-generator.js +0 -641
package/bin/runners/lib/scan-output-enhanced.js +0 -512
package/bin/runners/lib/security/owasp-scanner.js +0 -939
package/bin/runners/lib/validators/contract-validator.js +0 -283
package/bin/runners/lib/validators/dead-export-detector.js +0 -279
package/bin/runners/lib/validators/dep-audit.js +0 -245
package/bin/runners/lib/validators/env-validator.js +0 -319
package/bin/runners/lib/validators/index.js +0 -120
package/bin/runners/lib/validators/license-checker.js +0 -252
package/bin/runners/lib/validators/route-validator.js +0 -290
package/bin/runners/runAuthority.js +0 -528
package/bin/runners/runConductor.js +0 -772
package/bin/runners/runContainer.js +0 -366
package/bin/runners/runEasy.js +0 -410
package/bin/runners/runIaC.js +0 -372
package/bin/runners/runVibe.js +0 -791
package/mcp-server/tools.js +0 -495

package/bin/runners/lib/engines/noise-reduction-engine.js DELETED Viewed

@@ -1,452 +0,0 @@
-/**
- * Noise Reduction Engine - Bulletproof Signal-to-Noise Ratio
- *
- * This engine ensures vibecheck findings are high-signal and actionable.
- * It addresses alert fatigue through:
- *
- * 1. ADAPTIVE CAPS - Project size determines finding limits
- * 2. QUALITY SCORING - Each finding gets a signal quality score
- * 3. SMART DEDUPLICATION - Similar findings are grouped
- * 4. PRIORITY RANKING - Critical path findings surface first
- * 5. CONFIGURABLE THRESHOLDS - Per-rule severity/confidence tuning
- */
-"use strict";
-// ═══════════════════════════════════════════════════════════════════════════════
-// ADAPTIVE FINDING CAPS
-// Based on project size to prevent overwhelming large codebases
-// ═══════════════════════════════════════════════════════════════════════════════
-const PROJECT_SIZE_THRESHOLDS = {
-  tiny: { files: 50, lines: 5000 },      // Small scripts, MVPs
-  small: { files: 200, lines: 20000 },   // Side projects
-  medium: { files: 500, lines: 50000 },  // Standard apps
-  large: { files: 1500, lines: 150000 }, // Production apps
-  huge: { files: 5000, lines: 500000 },  // Enterprise/monorepos
-};
-const ADAPTIVE_CAPS = {
-  tiny:   { blockers: 5,  warnings: 10, info: 5,  total: 20 },
-  small:  { blockers: 10, warnings: 20, info: 10, total: 40 },
-  medium: { blockers: 15, warnings: 35, info: 15, total: 65 },
-  large:  { blockers: 25, warnings: 50, info: 25, total: 100 },
-  huge:   { blockers: 40, warnings: 80, info: 40, total: 160 },
-};
-function detectProjectSize(stats) {
-  const { fileCount = 0, lineCount = 0 } = stats;
-  if (fileCount <= PROJECT_SIZE_THRESHOLDS.tiny.files && lineCount <= PROJECT_SIZE_THRESHOLDS.tiny.lines) return 'tiny';
-  if (fileCount <= PROJECT_SIZE_THRESHOLDS.small.files && lineCount <= PROJECT_SIZE_THRESHOLDS.small.lines) return 'small';
-  if (fileCount <= PROJECT_SIZE_THRESHOLDS.medium.files && lineCount <= PROJECT_SIZE_THRESHOLDS.medium.lines) return 'medium';
-  if (fileCount <= PROJECT_SIZE_THRESHOLDS.large.files && lineCount <= PROJECT_SIZE_THRESHOLDS.large.lines) return 'large';
-  return 'huge';
-}
-function getAdaptiveCaps(projectStats) {
-  const size = detectProjectSize(projectStats);
-  return { size, caps: ADAPTIVE_CAPS[size] };
-}
-// ═══════════════════════════════════════════════════════════════════════════════
-// FINDING QUALITY SCORING
-// Determines how "actionable" a finding is (0.0 - 1.0)
-// ═══════════════════════════════════════════════════════════════════════════════
-const QUALITY_FACTORS = {
-  // Positive factors (increase quality)
-  hasEvidence: 0.15,           // Finding includes evidence
-  hasFixHint: 0.10,            // Finding includes fix suggestion
-  astVerified: 0.20,           // Verified via AST, not just regex
-  highConfidence: 0.15,        // Confidence >= 0.8
-  criticalPath: 0.15,          // In critical code path (routes, auth, payments)
-  multipleOccurrences: 0.05,   // Pattern appears multiple times
-  recentlyIntroduced: 0.10,    // New in recent commit (if git info available)
-  // Negative factors (decrease quality)
-  inTestFile: -0.30,           // In test file
-  inConfigFile: -0.15,         // In config file
-  inGeneratedCode: -0.40,      // In generated/vendored code
-  lowConfidence: -0.20,        // Confidence < 0.5
-  commonFalsePositive: -0.25,  // Known false positive pattern
-  inComment: -0.30,            // In a comment
-  inString: -0.15,             // In a string literal
-};
-// Critical path patterns - findings here are more important
-const CRITICAL_PATH_PATTERNS = [
-  /\/(api|routes|pages|app)\//i,
-  /\/(auth|login|logout|session|oauth)\//i,
-  /\/(payment|billing|checkout|stripe|subscription)\//i,
-  /\/(admin|dashboard|settings)\//i,
-  /middleware\.(ts|js)$/i,
-  /route\.(ts|js)$/i,
-  /\[(.*?)\]\.(ts|js|tsx|jsx)$/i, // Dynamic routes
-];
-// Known false positive patterns to penalize
-const KNOWN_FALSE_POSITIVE_PATTERNS = [
-  // Tailwind placeholder classes
-  /placeholder:[a-zA-Z-]+/,
-  // Environment variable checks
-  /process\.env\.\w+\s*===?\s*['"]true['"]/,
-  // Test data in test utilities
-  /createMock|mockData|testData|fixtureData/i,
-  // Documentation examples
-  /example\.com|localhost:3000|127\.0\.0\.1/,
-];
-function calculateQualityScore(finding, context = {}) {
-  let score = 0.5; // Base score
-  // Positive factors
-  if (finding.evidence?.length > 0) score += QUALITY_FACTORS.hasEvidence;
-  if (finding.fixHint || finding.fixHints?.length > 0) score += QUALITY_FACTORS.hasFixHint;
-  if (finding.astVerified || finding.verificationMethod === 'ast') score += QUALITY_FACTORS.astVerified;
-  if ((finding.confidence || finding.confidenceScore || 0) >= 0.8) score += QUALITY_FACTORS.highConfidence;
-  if (finding.occurrenceCount > 1) score += QUALITY_FACTORS.multipleOccurrences;
-  if (context.recentCommit) score += QUALITY_FACTORS.recentlyIntroduced;
-  // Check critical path
-  const filePath = finding.file || finding.filePath || '';
-  if (CRITICAL_PATH_PATTERNS.some(p => p.test(filePath))) {
-    score += QUALITY_FACTORS.criticalPath;
-  }
-  // Negative factors
-  if (context.isTestFile || /\.(test|spec)\.(ts|tsx|js|jsx)$/.test(filePath)) {
-    score += QUALITY_FACTORS.inTestFile;
-  }
-  if (context.isConfigFile || /\.config\.(ts|js|mjs|cjs)$/.test(filePath)) {
-    score += QUALITY_FACTORS.inConfigFile;
-  }
-  if (context.isGeneratedCode || /\/(generated|__generated__|codegen)\//i.test(filePath)) {
-    score += QUALITY_FACTORS.inGeneratedCode;
-  }
-  if ((finding.confidence || finding.confidenceScore || 0.5) < 0.5) {
-    score += QUALITY_FACTORS.lowConfidence;
-  }
-  if (finding.inComment) score += QUALITY_FACTORS.inComment;
-  if (finding.inString) score += QUALITY_FACTORS.inString;
-  // Check for known false positive patterns
-  const message = finding.message || finding.title || '';
-  const code = finding.codeSnippet || finding.evidence?.[0]?.snippet || '';
-  if (KNOWN_FALSE_POSITIVE_PATTERNS.some(p => p.test(message) || p.test(code))) {
-    score += QUALITY_FACTORS.commonFalsePositive;
-  }
-  // Clamp to 0.0 - 1.0
-  return Math.max(0, Math.min(1, score));
-}
-// ═══════════════════════════════════════════════════════════════════════════════
-// SMART DEDUPLICATION
-// Groups similar findings to reduce noise
-// ═══════════════════════════════════════════════════════════════════════════════
-function normalizeMessage(message) {
-  return (message || '')
-    .toLowerCase()
-    .replace(/[`'"]/g, '')
-    .replace(/\s+/g, ' ')
-    .replace(/line \d+/gi, 'line N')
-    .replace(/\d+/g, 'N')
-    .trim();
-}
-function generateDedupeKey(finding) {
-  const file = (finding.file || finding.filePath || '').replace(/\\/g, '/');
-  const type = finding.type || finding.category || 'unknown';
-  const line = finding.line || 0;
-  return `${type}:${file}:${line}`;
-}
-function generateSimilarityKey(finding) {
-  const type = finding.type || finding.category || 'unknown';
-  const normalizedMsg = normalizeMessage(finding.message || finding.title);
-  // Group by type + similar message
-  return `${type}:${normalizedMsg.slice(0, 50)}`;
-}
-function deduplicateFindings(findings, options = {}) {
-  const { groupSimilar = true, keepHighestQuality = true } = options;
-  // Exact deduplication
-  const exactDedupeMap = new Map();
-  for (const finding of findings) {
-    const key = generateDedupeKey(finding);
-    if (exactDedupeMap.has(key)) {
-      const existing = exactDedupeMap.get(key);
-      // Keep highest quality/confidence
-      if (keepHighestQuality) {
-        const existingScore = existing.qualityScore || calculateQualityScore(existing);
-        const newScore = finding.qualityScore || calculateQualityScore(finding);
-        if (newScore > existingScore) {
-          finding.occurrenceCount = (existing.occurrenceCount || 1) + 1;
-          exactDedupeMap.set(key, finding);
-        } else {
-          existing.occurrenceCount = (existing.occurrenceCount || 1) + 1;
-        }
-      }
-    } else {
-      exactDedupeMap.set(key, { ...finding, occurrenceCount: finding.occurrenceCount || 1 });
-    }
-  }
-  let dedupedFindings = Array.from(exactDedupeMap.values());
-  // Group similar findings
-  if (groupSimilar) {
-    const similarityMap = new Map();
-    for (const finding of dedupedFindings) {
-      const key = generateSimilarityKey(finding);
-      if (!similarityMap.has(key)) {
-        similarityMap.set(key, { primary: finding, similar: [] });
-      } else {
-        similarityMap.get(key).similar.push(finding);
-      }
-    }
-    // For groups with many similar findings, show count instead of all
-    dedupedFindings = [];
-    for (const [, group] of similarityMap) {
-      if (group.similar.length >= 3) {
-        // Collapse into single finding with count
-        group.primary.similarCount = group.similar.length;
-        group.primary.collapsedFiles = group.similar.map(f => f.file || f.filePath).filter(Boolean);
-        dedupedFindings.push(group.primary);
-      } else {
-        dedupedFindings.push(group.primary, ...group.similar);
-      }
-    }
-  }
-  return dedupedFindings;
-}
-// ═══════════════════════════════════════════════════════════════════════════════
-// PRIORITY RANKING
-// Sort findings by importance
-// ═══════════════════════════════════════════════════════════════════════════════
-const SEVERITY_ORDER = {
-  'BLOCK': 0, 'block': 0, 'critical': 0, 'error': 0,
-  'WARN': 1, 'warn': 1, 'warning': 1, 'high': 1, 'medium': 1,
-  'INFO': 2, 'info': 2, 'low': 2, 'hint': 2,
-};
-function rankFindings(findings) {
-  return findings.sort((a, b) => {
-    // 1. Severity (BLOCK > WARN > INFO)
-    const sevA = SEVERITY_ORDER[a.severity] ?? 3;
-    const sevB = SEVERITY_ORDER[b.severity] ?? 3;
-    if (sevA !== sevB) return sevA - sevB;
-    // 2. Quality score (higher is better)
-    const qualA = a.qualityScore || calculateQualityScore(a);
-    const qualB = b.qualityScore || calculateQualityScore(b);
-    if (Math.abs(qualA - qualB) > 0.1) return qualB - qualA;
-    // 3. Confidence (higher is better)
-    const confA = a.confidence || a.confidenceScore || 0.5;
-    const confB = b.confidence || b.confidenceScore || 0.5;
-    if (Math.abs(confA - confB) > 0.1) return confB - confA;
-    // 4. Critical path first
-    const fileA = a.file || a.filePath || '';
-    const fileB = b.file || b.filePath || '';
-    const critA = CRITICAL_PATH_PATTERNS.some(p => p.test(fileA)) ? 0 : 1;
-    const critB = CRITICAL_PATH_PATTERNS.some(p => p.test(fileB)) ? 0 : 1;
-    if (critA !== critB) return critA - critB;
-    // 5. File path (alphabetical for stability)
-    return fileA.localeCompare(fileB);
-  });
-}
-// ═══════════════════════════════════════════════════════════════════════════════
-// CONFIGURABLE THRESHOLDS
-// Per-rule severity and confidence tuning
-// ═══════════════════════════════════════════════════════════════════════════════
-const DEFAULT_RULE_CONFIG = {
-  minConfidence: 0.5,      // Minimum confidence to report
-  maxPerFile: 5,           // Maximum findings per file per rule
-  maxTotal: 50,            // Maximum total findings for this rule
-  severity: null,          // Override severity (null = use engine default)
-  enabled: true,           // Enable/disable rule
-};
-function loadRuleConfig(config, ruleName) {
-  const rules = config?.rules || {};
-  const ruleConfig = rules[ruleName] || {};
-  return {
-    ...DEFAULT_RULE_CONFIG,
-    ...ruleConfig,
-    // Handle legacy config formats
-    minConfidence: ruleConfig.minConfidence ?? ruleConfig.confidence ?? DEFAULT_RULE_CONFIG.minConfidence,
-    enabled: ruleConfig.enabled !== false,
-  };
-}
-function applyRuleConfig(findings, config) {
-  const ruleGroups = new Map();
-  // Group by rule
-  for (const finding of findings) {
-    const rule = finding.type || finding.category || finding.ruleId || 'unknown';
-    if (!ruleGroups.has(rule)) ruleGroups.set(rule, []);
-    ruleGroups.get(rule).push(finding);
-  }
-  const filtered = [];
-  for (const [rule, ruleFindings] of ruleGroups) {
-    const ruleConfig = loadRuleConfig(config, rule);
-    // Skip disabled rules
-    if (!ruleConfig.enabled) continue;
-    // Filter by confidence
-    let applicable = ruleFindings.filter(f => {
-      const conf = f.confidence || f.confidenceScore || 0.5;
-      return conf >= ruleConfig.minConfidence;
-    });
-    // Override severity if configured
-    if (ruleConfig.severity) {
-      applicable = applicable.map(f => ({ ...f, severity: ruleConfig.severity }));
-    }
-    // Apply per-file limit
-    if (ruleConfig.maxPerFile) {
-      const byFile = new Map();
-      applicable = applicable.filter(f => {
-        const file = f.file || f.filePath || '';
-        const count = byFile.get(file) || 0;
-        if (count >= ruleConfig.maxPerFile) return false;
-        byFile.set(file, count + 1);
-        return true;
-      });
-    }
-    // Apply total limit
-    if (ruleConfig.maxTotal && applicable.length > ruleConfig.maxTotal) {
-      applicable = applicable.slice(0, ruleConfig.maxTotal);
-    }
-    filtered.push(...applicable);
-  }
-  return filtered;
-}
-// ═══════════════════════════════════════════════════════════════════════════════
-// MAIN NOISE REDUCTION PIPELINE
-// ═══════════════════════════════════════════════════════════════════════════════
-function reduceNoise(findings, options = {}) {
-  const {
-    projectStats = {},      // { fileCount, lineCount }
-    config = {},            // .vibecheckrc content
-    minQualityScore = 0.3,  // Minimum quality to include
-    verbose = false,
-  } = options;
-  const startCount = findings.length;
-  // Step 1: Calculate quality scores
-  let processed = findings.map(f => ({
-    ...f,
-    qualityScore: calculateQualityScore(f, options.context || {}),
-  }));
-  // Step 2: Apply rule-specific config
-  processed = applyRuleConfig(processed, config);
-  // Step 3: Filter by quality score
-  processed = processed.filter(f => f.qualityScore >= minQualityScore);
-  // Step 4: Deduplicate
-  processed = deduplicateFindings(processed, {
-    groupSimilar: options.groupSimilar !== false,
-    keepHighestQuality: true,
-  });
-  // Step 5: Rank by priority
-  processed = rankFindings(processed);
-  // Step 6: Apply adaptive caps
-  const { size, caps } = getAdaptiveCaps(projectStats);
-  const blockers = processed.filter(f => ['BLOCK', 'block', 'critical', 'error'].includes(f.severity));
-  const warnings = processed.filter(f => ['WARN', 'warn', 'warning', 'high', 'medium'].includes(f.severity));
-  const info = processed.filter(f => ['INFO', 'info', 'low', 'hint'].includes(f.severity));
-  const cappedBlockers = blockers.slice(0, caps.blockers);
-  const cappedWarnings = warnings.slice(0, caps.warnings);
-  const cappedInfo = info.slice(0, caps.info);
-  const capped = [...cappedBlockers, ...cappedWarnings, ...cappedInfo].slice(0, caps.total);
-  // Generate reduction stats
-  const stats = {
-    input: startCount,
-    output: capped.length,
-    reduction: Math.round((1 - capped.length / Math.max(startCount, 1)) * 100),
-    projectSize: size,
-    caps,
-    breakdown: {
-      blockers: { total: blockers.length, shown: cappedBlockers.length },
-      warnings: { total: warnings.length, shown: cappedWarnings.length },
-      info: { total: info.length, shown: cappedInfo.length },
-    },
-    hidden: {
-      byQuality: findings.length - processed.length,
-      byCaps: processed.length - capped.length,
-    },
-  };
-  if (verbose) {
-    console.log(`\n[Noise Reduction] ${stats.input} → ${stats.output} findings (${stats.reduction}% reduction)`);
-    console.log(`  Project size: ${size} | Caps: ${JSON.stringify(caps)}`);
-  }
-  return { findings: capped, stats };
-}
-// ═══════════════════════════════════════════════════════════════════════════════
-// EXPORTS
-// ═══════════════════════════════════════════════════════════════════════════════
-module.exports = {
-  // Main function
-  reduceNoise,
-  // Individual components (for testing/customization)
-  detectProjectSize,
-  getAdaptiveCaps,
-  calculateQualityScore,
-  deduplicateFindings,
-  rankFindings,
-  applyRuleConfig,
-  loadRuleConfig,
-  // Constants (for external configuration)
-  PROJECT_SIZE_THRESHOLDS,
-  ADAPTIVE_CAPS,
-  QUALITY_FACTORS,
-  CRITICAL_PATH_PATTERNS,
-  KNOWN_FALSE_POSITIVE_PATTERNS,
-  DEFAULT_RULE_CONFIG,
-  SEVERITY_ORDER,
-};