@vibgrate/cli 2026.615.2 → 2026.615.3

package/dist/{baseline-WUHK4LQY.js → baseline-OK4HC3QV.js}

@@ -1,8 +1,8 @@
 import {
   baselineCommand,
   runBaseline
-} from "./chunk-HJ4D6B3B.js";
-import "./chunk-BOGC5GYS.js";
+} from "./chunk-7343XMW2.js";
+import "./chunk-4G4YRE6K.js";
 import "./chunk-5IXVOEZN.js";
 import "./chunk-C7LU6YIL.js";
 import "./chunk-JSBRDJBE.js";

package/dist/{chunk-BOGC5GYS.js → chunk-4G4YRE6K.js}

@@ -6592,6 +6592,25 @@ function formatMarkdown(artifact) {
     }
     lines.push("");
   }
+  if (artifact.extended?.standards && artifact.extended.standards.recommended.length > 0) {
+    const std = artifact.extended.standards;
+    lines.push("## Recommended Standards");
+    lines.push("");
+    const purposes = std.projectPurposes.map((p) => `${p.project} \u2192 ${p.category}`).join(", ");
+    if (purposes) lines.push(`- **Detected purpose:** ${purposes}`);
+    if (std.frameworks.length > 0) {
+      lines.push("- **Compliance framework coverage:**");
+      for (const f of std.frameworks) {
+        lines.push(`  - ${f.name}: ${f.recommendedMembers}/${f.totalMembers} member standards apply`);
+      }
+    }
+    lines.push("- **Top standards to consider:**");
+    for (const rec of std.recommended.slice(0, 10)) {
+      const flag = rec.complianceRelevant ? " _(compliance)_" : "";
+      lines.push(`  - **${rec.name}** \u2014 ${rec.reason}${flag}`);
+    }
+    lines.push("");
+  }
   if (artifact.findings.length > 0) {
     lines.push("## Findings");
     lines.push("");
@@ -11819,6 +11838,417 @@ async function scanPolyglotProjects(rootDir, cache) {
   }
   return projects;
 }
+var standardsIndex = [{ "slug": "adonet-4-8", "name": "ADO.NET 4.8 Specification", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "aicpa-soc-2-tsc", "name": "AICPA SOC 2 (Trust Services Criteria 2017, rev. 2022)", "category": "compliance", "domains": ["security", "governance", "privacy"], "frameworks": ["soc2"], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": "https://www.aicpa-cima.com/resources/landing/system-and-organization-controls-soc-suite-of-services" }, { "slug": "amqp-1-0", "name": "AMQP 1.0 (OASIS)", "category": "messaging-protocol", "domains": ["integration"], "frameworks": [], "projectTypes": ["api", "infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "archimate-3-2", "name": "Archimate 3.2", "category": "modeling", "domains": ["architecture"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "argo-cd-appspec-v1", "name": "Argo CD AppSpec v1", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "aria-1-3", "name": "W3C ARIA 1.3", "category": "accessibility", "domains": ["accessibility", "frontend"], "frameworks": [], "projectTypes": ["web-app", "mobile"], "complianceRelevant": true, "officialUrl": null }, { "slug": "asyncapi-2-6", "name": "AsyncAPI 2.6", "category": "api-spec", "domains": ["api"], "frameworks": [], "projectTypes": ["api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "avro-1-11", "name": "Apache Avro 1.11", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "aws-well-architected-2023", "name": "AWS Well-Architected Framework 2023", "category": "cloud-architecture", "domains": ["cloud", "architecture"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "azure-waf-2024", "name": "Azure Well-Architected Framework 2024", "category": "cloud-architecture", "domains": ["cloud", "architecture"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "backstage-catalog-1-3", "name": "Backstage Software Catalog 1.3", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "bgp-4", "name": "BGP-4 (RFC 4271)", "category": "network-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "bian-v10", "name": "BIAN Service Landscape v10", "category": "cloud-architecture", "domains": ["cloud", "architecture"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "bpmn-2-0-2", "name": "BPMN 2.0.2", "category": "modeling", "domains": ["architecture"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "bsimm-13", "name": "BSIMM13", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "c11", "name": "ISO/IEC 9899:2011 (C11)", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "c18", "name": "ISO/IEC 9899:2018 (C18)", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "capec-3-9", "name": "CAPEC v3.9", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "capnproto-0-9", "name": "Cap\u2019n Proto 0.9", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "cbl-mariner-2-0", "name": "CBL-Mariner OS Spec 2.0", "category": "cloud-architecture", "domains": ["cloud", "architecture"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "cbor-rfc-8949", "name": "CBOR (RFC 8949)", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "ccpa", "name": "CCPA (AB 375)", "category": "compliance", "domains": ["security", "governance"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "cis-kubernetes-1-7", "name": "CIS Benchmarks Kubernetes v1.7", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "cloudevents-1-0", "name": "CloudEvents 1.0", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "cmmi-v2-0", "name": "CMMI v2.0", "category": "software-process", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "cmmn-1-1", "name": "CMMN 1.1", "category": "modeling", "domains": ["architecture"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "cncf-cloud-native-v1", "name": "CNCF Cloud-Native Definition v1", "category": "cloud-architecture", "domains": ["cloud", "architecture"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "commonmark-0-30", "name": "CommonMark 0.30", "category": "documentation", "domains": ["documentation"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "cpp-14", "name": "ISO/IEC 14882:2014 (C++14)", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "cpp-17", "name": "ISO/IEC 14882:2017 (C++17)", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "cpp-20", "name": "ISO/IEC 14882:2020 (C++20)", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "cpp-23", "name": "ISO/IEC 14882:2023 (C++23)", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "csharp-11", "name": "ECMA-334 6th (C# 11)", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "csharp-2-0", "name": "ISO/IEC 23270:2006 (C# 2.0)", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "csv-rfc-4180", "name": "CSV (RFC 4180)", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "cwe-4-11", "name": "MITRE CWE 4.11", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "cwt-rfc-8392", "name": "CBOR Web Token (RFC 8392)", "category": "identity-auth", "domains": ["security", "identity"], "frameworks": [], "projectTypes": ["api", "web-app"], "complianceRelevant": true, "officialUrl": null }, { "slug": "cyclonedx-1-6", "name": "CycloneDX 1.6 (SBOM)", "category": "security", "domains": ["security"], "frameworks": ["nist-csf"], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "dicom-2024a", "name": "DICOM PS3.0 2024a", "category": "messaging-protocol", "domains": ["integration"], "frameworks": [], "projectTypes": ["api", "infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "did-core-1-0", "name": "W3C DID Core 1.0", "category": "identity-auth", "domains": ["security", "identity"], "frameworks": [], "projectTypes": ["api", "web-app"], "complianceRelevant": true, "officialUrl": null }, { "slug": "dmn-1-4", "name": "DMN 1.4", "category": "modeling", "domains": ["architecture"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "dns-rfc-1035", "name": "DNS (RFC 1035)", "category": "network-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "docker-compose-v3", "name": "Docker Compose v3", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "dtd-1-2", "name": "DTD 1.2", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "elixir-1-17", "name": "Elixir 1.17", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "envoy-xds-v3", "name": "Envoy xDS v3", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "erlang-26", "name": "Erlang/OTP 26", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "eu-ai-act-2024", "name": "EU AI Act Proposal 2024", "category": "ai-governance", "domains": ["ai", "governance"], "frameworks": [], "projectTypes": ["ml", "any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "fedramp-moderate", "name": "FedRAMP Moderate Rev 5", "category": "compliance", "domains": ["security", "governance"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "fido2-webauthn-l2", "name": "FIDO2 WebAuthn Level 2", "category": "identity-auth", "domains": ["security", "identity"], "frameworks": [], "projectTypes": ["api", "web-app"], "complianceRelevant": true, "officialUrl": null }, { "slug": "fix-5-0-sp2", "name": "FIX Protocol 5.0 SP2", "category": "messaging-protocol", "domains": ["integration"], "frameworks": [], "projectTypes": ["api", "infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "flatbuffers-23-5", "name": "FlatBuffers 23.5", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "ftps-rfc-4217", "name": "FTPS (RFC 4217)", "category": "network-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "gcp-architecture-2023", "name": "Google Cloud Architecture Framework 2023", "category": "cloud-architecture", "domains": ["cloud", "architecture"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "gdpr-eu-2016-679", "name": "GDPR (EU 2016/679)", "category": "compliance", "domains": ["security", "governance"], "frameworks": ["gdpr"], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "git-spec", "name": "Git Spec (Distributed VC)", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "gitops-principles-v1", "name": "GitOps Principles v1", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "go-1-22", "name": "Go 1.22 Spec", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "graphql-2023", "name": "GraphQL July-2023 Spec", "category": "api-spec", "domains": ["api"], "frameworks": [], "projectTypes": ["api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "grpc-v1", "name": "gRPC Protocol v1", "category": "api-spec", "domains": ["api"], "frameworks": [], "projectTypes": ["api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "haskell-2010", "name": "Haskell 2010 Report", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "helm-chart-3-10", "name": "Helm Chart Spec v3.10", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "hipaa-security-rule", "name": "HIPAA Security Rule", "category": "compliance", "domains": ["security", "governance"], "frameworks": ["hipaa"], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "hl7-fhir-r5", "name": "HL7 FHIR R5", "category": "messaging-protocol", "domains": ["integration"], "frameworks": [], "projectTypes": ["api", "infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "http-1-0", "name": "HTTP/1.0 (RFC 1945)", "category": "web-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["web-app", "api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "http-1-1", "name": "HTTP/1.1 (RFC 7230\u20137235)", "category": "web-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["web-app", "api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "http-2", "name": "HTTP/2 (RFC 7540)", "category": "web-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["web-app", "api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "http-3", "name": "HTTP/3 (RFC 9114)", "category": "web-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["web-app", "api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "http-3-rfc-9114", "name": "HTTP/3 (RFC 9114)", "category": "web-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["web-app", "api"], "complianceRelevant": false, "officialUrl": "https://www.rfc-editor.org/rfc/rfc9114" }, { "slug": "iec-61850-ed2-1", "name": "IEC 61850 Edition 2.1", "category": "messaging-protocol", "domains": ["integration"], "frameworks": [], "projectTypes": ["api", "infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "ieee-1012-2016", "name": "IEEE 1012-2016 (Verification & Validation)", "category": "software-process", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "ieee-11073-20702", "name": "IEEE 11073-20702", "category": "messaging-protocol", "domains": ["integration"], "frameworks": [], "projectTypes": ["api", "infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "ieee-14764-2006", "name": "IEEE 14764-2006 (Software Maintenance)", "category": "software-process", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "ieee-2410-2019", "name": "IEEE 2410-2019 (Bio-Open ID)", "category": "biometric", "domains": ["security", "identity"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "ieee-7001-2021", "name": "IEEE 7001-2021 (AI Transparency)", "category": "ai-governance", "domains": ["ai", "governance"], "frameworks": [], "projectTypes": ["ml", "any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "ieee-7002-2022", "name": "IEEE 7002-2022 (AI Privacy Data)", "category": "ai-governance", "domains": ["ai", "governance"], "frameworks": [], "projectTypes": ["ml", "any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "ieee-730-2014", "name": "IEEE 730-2014 (Software Quality)", "category": "software-process", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "ieee-802-11ax", "name": "IEEE 802.11ax (Wi-Fi 6)", "category": "network-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "ieee-802-15-4-2020", "name": "IEEE 802.15.4-2020 (IoT WPAN)", "category": "network-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "ieee-802-1q-2018", "name": "IEEE 802.1Q-2018 (VLAN)", "category": "network-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "ieee-802-3-2022", "name": "IEEE 802.3-2022 (Ethernet)", "category": "network-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "ieee-829-2008", "name": "IEEE 829-2008 (Test Docs)", "category": "software-process", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "incits-459-2011", "name": "ANSI INCITS 459-2011 (JSON)", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "ipv4", "name": "IPv4 (RFC 791)", "category": "network-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "ipv6", "name": "IPv6 (RFC 8200)", "category": "network-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-12207-2017", "name": "ISO/IEC 12207:2017", "category": "software-process", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-15288-2015", "name": "ISO/IEC 15288:2015", "category": "software-process", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-15408-1-2022", "name": "ISO/IEC 15408-1:2022 (Common Criteria)", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-15504", "name": "ISO/IEC 15504 (SPICE)", "category": "software-process", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-15926-2", "name": "ISO 15926 Part 2", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-18013-5-2021", "name": "ISO/IEC 18013-5:2021 (Mobile DL)", "category": "identity-auth", "domains": ["security", "identity"], "frameworks": [], "projectTypes": ["api", "web-app"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-19770-1-2017", "name": "ISO/IEC 19770-1:2017 (IT Asset)", "category": "quality-management", "domains": ["process", "governance"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-19794-5-2011", "name": "ISO/IEC 19794-5:2011 (Face Images)", "category": "biometric", "domains": ["security", "identity"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-20022", "name": "ISO 20022 (Financial Messaging)", "category": "messaging-protocol", "domains": ["integration"], "frameworks": [], "projectTypes": ["api", "infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-20922-2016", "name": "ISO/IEC 20922:2016 (AMQP 1.0)", "category": "messaging-protocol", "domains": ["integration"], "frameworks": [], "projectTypes": ["api", "infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-21502-2020", "name": "ISO 21502:2020 (Project Management)", "category": "project-management", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-21504-2022", "name": "ISO 21504:2022 (Portfolio Management)", "category": "project-management", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-21511-2018", "name": "ISO 21511:2018 (Work Breakdown Structure)", "category": "project-management", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-22989-2022", "name": "ISO/IEC 22989:2022 (AI Concepts)", "category": "ai-governance", "domains": ["ai", "governance"], "frameworks": [], "projectTypes": ["ml", "any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-23053-2022", "name": "ISO/IEC 23053:2022 (AI Lifecycle)", "category": "ai-governance", "domains": ["ai", "governance"], "frameworks": [], "projectTypes": ["ml", "any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-23659-2024", "name": "ISO/IEC 23659:2024 (AI Risk Mgmt)", "category": "ai-governance", "domains": ["ai", "governance"], "frameworks": [], "projectTypes": ["ml", "any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-2382", "name": "ISO/IEC 2382 (IT Vocabulary)", "category": "software-process", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-24772-2-2023", "name": "ISO/IEC TR 24772-2:2023 (Safer Programming)", "category": "software-process", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-25010-2023", "name": "ISO/IEC 25010:2023 (Quality Model)", "category": "software-process", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-27001-2022", "name": "ISO/IEC 27001:2022", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-27002-2022", "name": "ISO/IEC 27002:2022", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-27017-2015", "name": "ISO/IEC 27017:2015 (Cloud Controls)", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-27018-2019", "name": "ISO/IEC 27018:2019 (Cloud PII)", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-27701-2019", "name": "ISO/IEC 27701:2019 (Privacy)", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-29119-1-2022", "name": "ISO/IEC 29119-1:2022 (Software Testing)", "category": "software-process", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-29134-2017", "name": "ISO/IEC 29134:2017 (PIA)", "category": "compliance", "domains": ["security", "governance"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-29147-2018", "name": "ISO/IEC 29147:2018 (Vuln Disclosure)", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-30107-3-2017", "name": "ISO/IEC 30107-3:2017 (PAD)", "category": "biometric", "domains": ["security", "identity"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-30111-2019", "name": "ISO/IEC 30111:2019 (Vulnerability Handling)", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-38500-2015", "name": "ISO/IEC 38500:2015 (IT Governance)", "category": "quality-management", "domains": ["process", "governance"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-38505-1-2017", "name": "ISO/IEC 38505-1:2017 (Data Governance)", "category": "compliance", "domains": ["security", "governance"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-40500-2012", "name": "ISO/IEC 40500:2012 (WCAG 2.0)", "category": "accessibility", "domains": ["accessibility", "frontend"], "frameworks": [], "projectTypes": ["web-app", "mobile"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-7816-4-2020", "name": "ISO/IEC 7816-4:2020 (Smart Cards)", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-8601-2019", "name": "ISO 8601:2019 (Date/Time)", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-9001-2015", "name": "ISO 9001:2015", "category": "quality-management", "domains": ["process", "governance"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-9126", "name": "ISO 9126 (Quality Model \u2013 Superseded)", "category": "quality-management", "domains": ["process", "governance"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "iso-9798-3-2014", "name": "ISO/IEC 9798-3:2014", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "iso-iec-27001-2022", "name": "ISO/IEC 27001:2022", "category": "compliance", "domains": ["security", "governance"], "frameworks": ["gdpr", "hipaa", "iso-27001", "soc2"], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": "https://www.iso.org/standard/27001" }, { "slug": "iso-iec-27002-2022", "name": "ISO/IEC 27002:2022", "category": "compliance", "domains": ["security"], "frameworks": ["iso-27001"], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": "https://www.iso.org/standard/75652.html" }, { "slug": "iso-iec-42001-2023", "name": "ISO/IEC 42001:2023 (AI management system)", "category": "ai-governance", "domains": ["ai", "governance"], "frameworks": [], "projectTypes": ["ml", "any"], "complianceRelevant": true, "officialUrl": "https://www.iso.org/standard/81230.html" }, { "slug": "istio-api-1-21", "name": "Istio API v1.21", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "jaeger-trace-v1", "name": "Jaeger Trace Spec v1", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "java-se-17", "name": "Java SE 17 (JSR 392)", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "java-se-8", "name": "Java SE 8 (JSR 337)", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "javascript-es2024", "name": "ECMA-262 2024 (ES2024)", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "javascript-es6", "name": "ECMA-262 2015 (ES6)", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "jdbc-4-3", "name": "JDBC 4.3", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "json-api-1-1", "name": "JSON:API 1.1", "category": "api-spec", "domains": ["api"], "frameworks": [], "projectTypes": ["api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "json-rfc-8259", "name": "JSON (RFC 8259)", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "json-rpc-2-0", "name": "JSON-RPC 2.0", "category": "api-spec", "domains": ["api"], "frameworks": [], "projectTypes": ["api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "json-schema-2020-12", "name": "JSON Schema 2020-12", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "jws-rfc-7515", "name": "RFC 7515 (JWS)", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "jwt-rfc-7519", "name": "JWT (RFC 7519)", "category": "identity-auth", "domains": ["security", "identity"], "frameworks": [], "projectTypes": ["api", "web-app"], "complianceRelevant": true, "officialUrl": null }, { "slug": "kafka-protocol-3-7", "name": "Kafka Protocol 3.7", "category": "messaging-protocol", "domains": ["integration"], "frameworks": [], "projectTypes": ["api", "infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "kotlin-2-0", "name": "Kotlin 2.0 Spec", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "kubernetes-1-28", "name": "Kubernetes API v1.28", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "matter-1-3", "name": "Matter 1.3", "category": "network-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "messagepack-2-3", "name": "MessagePack 2.3", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "mitre-attack-v14", "name": "MITRE ATT&CK v14", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "modbus-tcp-1-1b", "name": "Modbus TCP 1.1b", "category": "messaging-protocol", "domains": ["integration"], "frameworks": [], "projectTypes": ["api", "infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "mqtt-5-0", "name": "MQTT 5.0 (OASIS)", "category": "messaging-protocol", "domains": ["integration"], "frameworks": [], "projectTypes": ["api", "infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "nats-2-9", "name": "NATS Protocol 2.9", "category": "messaging-protocol", "domains": ["integration"], "frameworks": [], "projectTypes": ["api", "infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "nfs-4-1", "name": "NFS 4.1 (RFC 8881)", "category": "network-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "nist-800-171-r3", "name": "NIST SP 800-171 Rev 3", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "nist-800-53-r5", "name": "NIST SP 800-53 Rev 5", "category": "security", "domains": ["security"], "frameworks": ["nist-csf"], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "nist-ai-rmf-1-0", "name": "NIST AI RMF 1.0", "category": "ai-governance", "domains": ["ai", "governance"], "frameworks": [], "projectTypes": ["ml", "any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "nist-ccra", "name": "NIST Cloud Computing Ref Arch SP 500-292", "category": "cloud-architecture", "domains": ["cloud", "architecture"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "nist-csf-2-0", "name": "NIST Cybersecurity Framework (CSF) 2.0", "category": "security", "domains": ["security", "governance"], "frameworks": ["nist-csf"], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": "https://www.nist.gov/cyberframework" }, { "slug": "oas-json-schema-2020-12", "name": "OpenAPI JSON Schema Dialect 2020-12", "category": "api-spec", "domains": ["api"], "frameworks": [], "projectTypes": ["api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "oauth-1-0a", "name": "OAuth 1.0a (RFC 5849)", "category": "identity-auth", "domains": ["security", "identity"], "frameworks": [], "projectTypes": ["api", "web-app"], "complianceRelevant": true, "officialUrl": null }, { "slug": "oauth-2-0", "name": "OAuth 2.0 (RFC 6749)", "category": "identity-auth", "domains": ["security", "identity"], "frameworks": [], "projectTypes": ["api", "web-app"], "complianceRelevant": true, "officialUrl": null }, { "slug": "oauth-2-1", "name": "OAuth 2.1 (Draft)", "category": "identity-auth", "domains": ["security", "identity"], "frameworks": ["iso-27001", "soc2"], "projectTypes": ["api", "web-app"], "complianceRelevant": true, "officialUrl": null }, { "slug": "ocaml-5-2", "name": "OCaml 5.2 Spec", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "oci-image-1-1", "name": "OCI Image Spec 1.1", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "oci-runtime-1-1", "name": "OCI Runtime Spec 1.1", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "odata-4-01", "name": "OData 4.01", "category": "api-spec", "domains": ["api"], "frameworks": [], "projectTypes": ["api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "odbc-3-8", "name": "ODBC 3.8", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "odf-1-3", "name": "OpenDocument 1.3 (ISO/IEC 26300-1)", "category": "document-format", "domains": ["data"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "omg-mda-1-1", "name": "OMG MDA Guide v1.1", "category": "cloud-architecture", "domains": ["cloud", "architecture"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "ooxml-ecma-376-4", "name": "Office Open XML (ECMA-376 4th)", "category": "document-format", "domains": ["data"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "opc-ua-1-05", "name": "OPC UA 1.05", "category": "messaging-protocol", "domains": ["integration"], "frameworks": [], "projectTypes": ["api", "infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "openapi-2-0", "name": "OpenAPI Specification 2.0 (Swagger)", "category": "api-spec", "domains": ["api"], "frameworks": [], "projectTypes": ["api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "openapi-3-0", "name": "OpenAPI Specification 3.0", "category": "api-spec", "domains": ["api"], "frameworks": [], "projectTypes": ["api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "openapi-3-1", "name": "OpenAPI Specification 3.1", "category": "api-spec", "domains": ["api"], "frameworks": [], "projectTypes": ["api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "openapi-specification-3-1-0", "name": "OpenAPI Specification 3.1.0", "category": "api-spec", "domains": ["api"], "frameworks": [], "projectTypes": ["api"], "complianceRelevant": false, "officialUrl": "https://spec.openapis.org/oas/v3.1.0" }, { "slug": "openflow-1-5", "name": "OpenFlow 1.5", "category": "network-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "openid-connect-1-0", "name": "OpenID Connect 1.0", "category": "identity-auth", "domains": ["security", "identity"], "frameworks": [], "projectTypes": ["api", "web-app"], "complianceRelevant": true, "officialUrl": null }, { "slug": "openssf-scorecard-4-10", "name": "OpenSSF Scorecard 4.10", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "opentelemetry-1-0-0", "name": "OpenTelemetry 1.0.0", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "opentracing-1-3", "name": "OpenTracing 1.3", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "orc-1-8", "name": "Apache ORC 1.8", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "owasp-api-top-10-2023", "name": "OWASP API Security Top 10 (2023)", "category": "security", "domains": ["security"], "frameworks": ["pci-dss", "soc2"], "projectTypes": ["api"], "complianceRelevant": true, "officialUrl": "https://owasp.org/API-Security/editions/2023/en/0x11-t10/" }, { "slug": "owasp-asvs-4-0", "name": "OWASP ASVS 4.0", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "owasp-asvs-5-0", "name": "OWASP Application Security Verification Standard (ASVS) 5.0", "category": "security", "domains": ["security"], "frameworks": ["hipaa", "iso-27001", "pci-dss", "soc2"], "projectTypes": ["web-app", "api"], "complianceRelevant": true, "officialUrl": "https://owasp.org/www-project-application-security-verification-standard/" }, { "slug": "owasp-top10-2023", "name": "OWASP Top 10 2023", "category": "security", "domains": ["security"], "frameworks": ["pci-dss"], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "parquet-2-0", "name": "Apache Parquet 2.0", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "pci-dss-4-0", "name": "PCI-DSS 4.0", "category": "compliance", "domains": ["security", "governance"], "frameworks": ["pci-dss"], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "pdf-1-7", "name": "PDF 1.7 (ISO 32000-1)", "category": "document-format", "domains": ["data"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "pdfa-4", "name": "PDF/A-4 (ISO 19005-4:2020)", "category": "document-format", "domains": ["data"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "pep-8", "name": "Python PEP 8 (Style Guide)", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "perl-5-38", "name": "Perl 5.38 Syntax", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "php-8-3", "name": "PHP 8.3 Spec", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "pkcs12-v1-1", "name": "PKCS #12 v1.1", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "pkcs7-rfc-5652", "name": "PKCS #7 / CMS (RFC 5652)", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "pmi-pmbok-7", "name": "PMI PMBOK 7th Edition", "category": "project-management", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "prince2-7", "name": "PRINCE2 7", "category": "project-management", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "prolog-1995", "name": "ISO/IEC 13211-1:1995 (Prolog)", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "prometheus-expo-0-0-4", "name": "Prometheus Exposition Format 0.0.4", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "protobuf-v3", "name": "Protocol Buffers v3", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "python-3-12", "name": "Python 3.12 (PEP 693)", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "restructuredtext-1-0", "name": "reStructuredText 1.0", "category": "documentation", "domains": ["documentation"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "rfc-2119", "name": "RFC 2119 (Keyword Conventions)", "category": "documentation", "domains": ["documentation"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "rfc-3339", "name": "RFC 3339 (Date/Time Format)", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "rfc-5280", "name": "RFC 5280 (PKIX)", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "rfc-6962", "name": "RFC 6962 (Cert Transparency)", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "rfc-7636", "name": "RFC 7636 (PKCE)", "category": "identity-auth", "domains": ["security", "identity"], "frameworks": [], "projectTypes": ["api", "web-app"], "complianceRelevant": true, "officialUrl": null }, { "slug": "rfc-9081", "name": "RFC 9081 (IPFS HTTP Gateway)", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "rfc-9193", "name": "RFC 9193 (SFrame Media Encryption)", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "ruby-3-1", "name": "ISO/IEC 30170:2022 (Ruby 3.1)", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "rust-2024", "name": "Rust 1.78 Edition 2024", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "safe-6-0", "name": "SAFe 6.0", "category": "project-management", "domains": ["process"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "saml-2-0", "name": "SAML 2.0 (OASIS)", "category": "identity-auth", "domains": ["security", "identity"], "frameworks": [], "projectTypes": ["api", "web-app"], "complianceRelevant": true, "officialUrl": null }, { "slug": "sbvr-1-5", "name": "SBVR 1.5", "category": "modeling", "domains": ["architecture"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "scala-3-4", "name": "Scala 3.4 Reference", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "scim-2-0", "name": "SCIM 2.0 (RFC 7644)", "category": "identity-auth", "domains": ["security", "identity"], "frameworks": [], "projectTypes": ["api", "web-app"], "complianceRelevant": true, "officialUrl": null }, { "slug": "section-508-2017", "name": "Section 508 Refresh (2017)", "category": "accessibility", "domains": ["accessibility", "frontend"], "frameworks": [], "projectTypes": ["web-app", "mobile"], "complianceRelevant": true, "officialUrl": null }, { "slug": "semver-2-0-0", "name": "SemVer 2.0.0", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sftp-rfc-9134", "name": "SFTP (RFC 9134)", "category": "network-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "slsa-v1", "name": "SLSA v1 (Supply-Chain Levels)", "category": "security", "domains": ["security"], "frameworks": ["iso-27001", "nist-csf"], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "smb-3-1-1", "name": "SMB 3.1.1", "category": "network-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "snmp-v3", "name": "SNMP v3 (RFC 3411-3418)", "category": "network-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "soap-1-2", "name": "SOAP 1.2", "category": "api-spec", "domains": ["api"], "frameworks": [], "projectTypes": ["api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "spdx-3-0", "name": "SPDX 3.0", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "spinnaker-spec", "name": "Spinnaker Deployment Spec", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sql-1986", "name": "ANSI SQL-86", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sql-1987", "name": "ISO/IEC 9075:1987 (SQL-87)", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sql-1989", "name": "ANSI SQL-89", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sql-1992", "name": "ISO/IEC 9075:1992 (SQL-92)", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sql-1999", "name": "ISO/IEC 9075:1999 (SQL:1999)", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sql-2003", "name": "ISO/IEC 9075:2003 (SQL:2003)", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sql-2006", "name": "ISO/IEC 9075:2006 (SQL:2006)", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sql-2008", "name": "ISO/IEC 9075:2008 (SQL:2008)", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sql-2011", "name": "ISO/IEC 9075:2011 (SQL:2011)", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sql-2016", "name": "ISO/IEC 9075:2016 (SQL:2016)", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sql-2019", "name": "ISO/IEC 9075:2019 (SQL:2019)", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sql-2023", "name": "SQL:2023 (ISO/IEC 9075:2023)", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": "https://www.iso.org/standard/76583.html" }, { "slug": "sql-foundation-2016", "name": "SQL Foundation Part 2:2016", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sql-json-2019", "name": "SQL/JSON Part 15:2019", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sql-object-2023", "name": "SQL/Object Language Part 10:2023", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sql-psm-2016", "name": "SQL/PSM Part 4:2016", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sql-xml-2011", "name": "SQL/XML Part 14:2011", "category": "database-sql", "domains": ["data"], "frameworks": [], "projectTypes": ["data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "ssh-2-0", "name": "SSH 2.0 (RFC 4251)", "category": "network-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "stomp-1-2", "name": "STOMP 1.2", "category": "messaging-protocol", "domains": ["integration"], "frameworks": [], "projectTypes": ["api", "infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "swagger-1-2", "name": "Swagger 1.2", "category": "api-spec", "domains": ["api"], "frameworks": [], "projectTypes": ["api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "swift-5-9", "name": "Swift 5.9 Language Guide", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "sysml-1-6", "name": "SysML 1.6", "category": "modeling", "domains": ["architecture"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "terraform-hcl-2-0", "name": "Terraform HCL 2.0", "category": "devops", "domains": ["devops"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "thrift-0-16", "name": "Apache Thrift 0.16", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "tls-1-0", "name": "TLS 1.0 (RFC 2246)", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "tls-1-1", "name": "TLS 1.1 (RFC 4346)", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "tls-1-2", "name": "TLS 1.2 (RFC 5246)", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "tls-1-3", "name": "TLS 1.3 (RFC 8446)", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "togaf-10", "name": "TOGAF 10", "category": "cloud-architecture", "domains": ["cloud", "architecture"], "frameworks": [], "projectTypes": ["infra", "any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "typescript-5-4", "name": "TypeScript 5.4 Spec", "category": "programming-language", "domains": ["language"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "uk-gdpr-2021", "name": "UK GDPR 2021", "category": "compliance", "domains": ["security", "governance"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "uml-2-5-1", "name": "UML 2.5.1", "category": "modeling", "domains": ["architecture"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": false, "officialUrl": null }, { "slug": "unicode-15-1", "name": "Unicode 15.1", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "utf8-rfc-3629", "name": "UTF-8 (RFC 3629)", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "vc-data-2-0", "name": "VC Data Model 2.0", "category": "identity-auth", "domains": ["security", "identity"], "frameworks": [], "projectTypes": ["api", "web-app"], "complianceRelevant": true, "officialUrl": null }, { "slug": "wcag-2-2", "name": "W3C WCAG 2.2", "category": "accessibility", "domains": ["accessibility", "frontend"], "frameworks": [], "projectTypes": ["web-app", "mobile"], "complianceRelevant": true, "officialUrl": null }, { "slug": "websocket-rfc-6455", "name": "WebSocket (RFC 6455)", "category": "web-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["web-app", "api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "ws-security-1-2", "name": "WS-Security 1.2", "category": "api-spec", "domains": ["api"], "frameworks": [], "projectTypes": ["api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "wsdl-2-0", "name": "WSDL 2.0", "category": "api-spec", "domains": ["api"], "frameworks": [], "projectTypes": ["api"], "complianceRelevant": false, "officialUrl": null }, { "slug": "x509-2017", "name": "ISO/IEC 9594-8:2017 (X.509)", "category": "security", "domains": ["security"], "frameworks": [], "projectTypes": ["any"], "complianceRelevant": true, "officialUrl": null }, { "slug": "xml-1-0", "name": "XML 1.0 (Fifth Edition)", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "xml-namespaces-1-1", "name": "XML Namespaces 1.1", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "xsd-1-0", "name": "XML Schema Definition 1.0", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "xsd-1-1", "name": "XML Schema Definition 1.1", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "xslt-1-0", "name": "XSLT 1.0", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "xslt-2-0", "name": "XSLT 2.0", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "xslt-3-0", "name": "XSLT 3.0", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "yaml-1-2", "name": "YAML 1.2", "category": "data-format", "domains": ["data"], "frameworks": [], "projectTypes": ["api", "data"], "complianceRelevant": false, "officialUrl": null }, { "slug": "zigbee-3-0", "name": "Zigbee 3.0", "category": "network-protocol", "domains": ["networking"], "frameworks": [], "projectTypes": ["infra"], "complianceRelevant": false, "officialUrl": null }, { "slug": "zmtp-3-1", "name": "ZeroMQ ZMTP 3.1", "category": "messaging-protocol", "domains": ["integration"], "frameworks": [], "projectTypes": ["api", "infra"], "complianceRelevant": false, "officialUrl": null }];
+var complianceFrameworks = [{ "id": "iso-27001", "name": "ISO/IEC 27001:2022", "memberStandards": ["iso-iec-27001-2022", "iso-iec-27002-2022", "owasp-asvs-5-0", "oauth-2-1", "slsa-v1"] }, { "id": "soc2", "name": "SOC 2 (Trust Services Criteria)", "memberStandards": ["aicpa-soc-2-tsc", "iso-iec-27001-2022", "owasp-asvs-5-0", "owasp-api-top-10-2023", "oauth-2-1"] }, { "id": "pci-dss", "name": "PCI DSS 4.0", "memberStandards": ["pci-dss-4-0", "owasp-asvs-5-0", "owasp-api-top-10-2023", "owasp-top10-2023"] }, { "id": "nist-csf", "name": "NIST Cybersecurity Framework 2.0", "memberStandards": ["nist-csf-2-0", "nist-800-53-r5", "slsa-v1", "cyclonedx-1-6"] }, { "id": "hipaa", "name": "HIPAA Security Rule", "memberStandards": ["hipaa-security-rule", "iso-iec-27001-2022", "owasp-asvs-5-0"] }, { "id": "gdpr", "name": "GDPR (EU 2016/679)", "memberStandards": ["gdpr-eu-2016-679", "iso-iec-27001-2022"] }];
+var WEB_FRAMEWORK_RE = new RegExp(
+  "\\b(" + [
+    // JS/TS UI
+    "react",
+    "preact",
+    "next(?:\\.?js)?",
+    "remix",
+    "gatsby",
+    "vue",
+    "nuxt",
+    "angular",
+    "svelte(?:kit)?",
+    "solid(?:js|start)?",
+    "qwik",
+    "astro",
+    "ember",
+    "backbone",
+    "alpine",
+    "htmx",
+    "hotwire",
+    "turbo",
+    "stimulus",
+    "inertia",
+    // .NET UI
+    "blazor",
+    "razor",
+    "maui",
+    "wpf",
+    "winforms",
+    "xamarin",
+    "uno",
+    // Java/Kotlin/Scala UI
+    "jsf",
+    "thymeleaf",
+    "vaadin",
+    "wicket",
+    "gwt",
+    "compose(?: multiplatform)?",
+    // PHP UI
+    "livewire",
+    "filament",
+    "blade",
+    // Mobile / cross-platform UI
+    "flutter",
+    "swiftui",
+    "jetpack",
+    "react native"
+  ].join("|") + ")\\b"
+);
+var API_FRAMEWORK_RE = new RegExp(
+  "\\b(" + [
+    // Node/TS
+    "express",
+    "fastify",
+    "nest(?:js)?",
+    "koa",
+    "hapi",
+    "hono",
+    "adonis",
+    "sails",
+    "loopback",
+    "restify",
+    "feathers",
+    "h3",
+    "nitro",
+    "trpc",
+    // Python
+    "django",
+    "flask",
+    "fastapi",
+    "starlette",
+    "tornado",
+    "pyramid",
+    "sanic",
+    "aiohttp",
+    "bottle",
+    "falcon",
+    "cherrypy",
+    "quart",
+    "litestar",
+    "connexion",
+    // Java / Kotlin / Scala
+    "spring(?:boot)?",
+    "quarkus",
+    "micronaut",
+    "vert\\.?x",
+    "dropwizard",
+    "jersey",
+    "jax-?rs",
+    "struts",
+    "javalin",
+    "helidon",
+    "jhipster",
+    "ktor",
+    "http4s",
+    "finatra",
+    "scalatra",
+    "lagom",
+    "play",
+    "akka(?: ?http)?",
+    "spark java",
+    "ratpack",
+    // .NET
+    "asp\\.?net(?: ?core)?",
+    "signalr",
+    "nancy",
+    "servicestack",
+    "carter",
+    "minimal ?api",
+    "web ?api",
+    "mvc",
+    // Go
+    "gin",
+    "echo",
+    "fiber",
+    "chi",
+    "gorilla",
+    "beego",
+    "revel",
+    "buffalo",
+    "iris",
+    "gqlgen",
+    "mux",
+    "fasthttp",
+    // Ruby
+    "rails",
+    "sinatra",
+    "hanami",
+    "grape",
+    "padrino",
+    "roda",
+    "rack",
+    // PHP
+    "laravel",
+    "symfony",
+    "codeigniter",
+    "slim",
+    "lumen",
+    "yii",
+    "cakephp",
+    "phalcon",
+    "laminas",
+    "zend",
+    "fuel",
+    // Rust
+    "actix",
+    "axum",
+    "rocket",
+    "warp",
+    "tide",
+    "poem",
+    "salvo",
+    "hyper",
+    // Elixir
+    "phoenix",
+    "plug",
+    "cowboy",
+    // Swift / Dart
+    "vapor",
+    "kitura",
+    "hummingbird",
+    "perfect",
+    "shelf",
+    "aqueduct",
+    "conduit"
+  ].join("|") + ")\\b"
+);
+var API_DEP_STEMS = [
+  "springframework",
+  "spring-boot",
+  "springdoc",
+  "webflux",
+  "webmvc",
+  "quarkus",
+  "micronaut",
+  "dropwizard",
+  "jersey",
+  "resteasy",
+  "javalin",
+  "helidon",
+  "vertx",
+  "ratpack",
+  "restlet",
+  "django",
+  "fastapi",
+  "starlette",
+  "tornado",
+  "pyramid",
+  "sanic",
+  "aiohttp",
+  "litestar",
+  "falcon-",
+  "flask",
+  "express",
+  "fastify",
+  "nestjs",
+  "@nestjs",
+  "adonis",
+  "loopback",
+  "feathers",
+  "restify",
+  "aspnetcore",
+  "asp.net",
+  "servicestack",
+  "signalr",
+  "gin-gonic",
+  "gorilla/mux",
+  "gofiber",
+  "beego",
+  "buffalo",
+  "gqlgen",
+  "laravel",
+  "symfony",
+  "codeigniter",
+  "cakephp",
+  "phalcon",
+  "laminas",
+  "lumen",
+  "sinatra",
+  "hanami",
+  "grape",
+  "actix",
+  "axum",
+  "rocket",
+  "salvo",
+  "warp-",
+  "phoenix",
+  "cowboy",
+  "vapor",
+  "kitura",
+  "hummingbird",
+  "perfect-",
+  "aqueduct",
+  "conduit",
+  "rails",
+  "railties",
+  "actionpack"
+];
+var WEB_DEP_STEMS = [
+  "react",
+  "preact",
+  "next",
+  "nuxt",
+  "remix",
+  "gatsby",
+  "vue",
+  "angular",
+  "@angular",
+  "svelte",
+  "solid-js",
+  "qwik",
+  "astro",
+  "ember",
+  "backbone",
+  "blazor",
+  "razor",
+  "vaadin",
+  "thymeleaf",
+  "wicket",
+  "livewire",
+  "filament",
+  "inertia",
+  "flutter",
+  "jetpack",
+  "swiftui"
+];
+function matchesStem(haystack, stems) {
+  return stems.some((s) => haystack.includes(s));
+}
+var ML_RE = /\b(tensorflow|pytorch|torch|keras|jax|sklearn|scikit-?learn|pandas|numpy|scipy|xgboost|lightgbm|catboost|mxnet|spacy|transformers|huggingface|langchain|llama|onnx|mlflow|kubeflow|sagemaker|spark ?ml|mllib)\b/;
+var INFRA_RE = /\b(terraform|pulumi|kubernetes|\bk8s\b|helm|ansible|cdktf|aws cdk|\bcdk\b|bicep|crossplane|serverless framework|\bsst\b|cloudformation|packer|nomad)\b/;
+function archetypeCategory(archetype) {
+  switch (archetype) {
+    case "nextjs":
+    case "remix":
+    case "sveltekit":
+    case "nuxt":
+      return { category: "web-app", signal: `archetype:${archetype}` };
+    case "nestjs":
+    case "express":
+    case "fastify":
+    case "hono":
+    case "koa":
+    case "serverless":
+      return { category: "api", signal: `archetype:${archetype}` };
+    case "library":
+      return { category: "library", signal: "archetype:library" };
+    case "cli":
+      return { category: "cli", signal: "archetype:cli" };
+    default:
+      return null;
+  }
+}
+function inferProjectPurpose(project, uiPurpose) {
+  const signals = [];
+  const votes = {};
+  const vote = (category, weight, signal) => {
+    votes[category] = (votes[category] ?? 0) + weight;
+    signals.push(signal);
+  };
+  if (project.type === "node" || project.type === "typescript") {
+    const arch = archetypeCategory(project.architecture?.archetype);
+    if (arch) vote(arch.category, 3, arch.signal);
+  }
+  const fwNames = (project.frameworks ?? []).map((f) => f.name.toLowerCase());
+  const uiFw = (uiPurpose?.detectedFrameworks ?? []).map((f) => f.toLowerCase());
+  const fwText = [...fwNames, ...uiFw].join(" ");
+  if (WEB_FRAMEWORK_RE.test(fwText)) vote("web-app", 2, "web-framework");
+  if (API_FRAMEWORK_RE.test(fwText)) vote("api", 2, "api-framework");
+  const depText = (project.dependencies ?? []).map((d) => d.package.toLowerCase()).join(" ");
+  if (matchesStem(depText, WEB_DEP_STEMS)) vote("web-app", 1, "web-dependency");
+  if (matchesStem(depText, API_DEP_STEMS)) vote("api", 1, "api-dependency");
+  if (uiPurpose && (uiPurpose.routes?.length || uiPurpose.samples?.length)) {
+    vote("web-app", 1, "ui-evidence");
+  }
+  const haystack = `${fwText} ${depText}`;
+  if (ML_RE.test(haystack)) vote("ml", 2, "ml-libs");
+  if (INFRA_RE.test(haystack)) vote("infra", 2, "infra-tooling");
+  const entries = Object.entries(votes).sort((a, b) => b[1] - a[1]);
+  if (entries.length === 0) {
+    return { project: project.name, category: "any", confidence: 0.3, signals: ["no-strong-signal"] };
+  }
+  const [topCategory, topWeight] = entries[0];
+  const total = entries.reduce((s, [, w]) => s + w, 0);
+  const confidence = Math.min(0.95, 0.4 + topWeight / total * 0.55);
+  return {
+    project: project.name,
+    category: topCategory,
+    confidence: Number(confidence.toFixed(2)),
+    signals: [...new Set(signals)]
+  };
+}
+function appliesToPurpose(entry, category) {
+  if (!entry.projectTypes || entry.projectTypes.length === 0) return false;
+  return entry.projectTypes.includes("any") || entry.projectTypes.includes(category);
+}
+var AFFINITY = {
+  api: { categories: ["security", "api-spec"], domains: ["api", "security"] },
+  "web-app": { categories: ["security", "accessibility"], domains: ["security", "accessibility", "frontend"] },
+  library: { categories: ["software-process", "programming-language"], domains: ["process", "language"] },
+  cli: { categories: ["software-process"], domains: ["process"] },
+  data: { categories: ["database-sql", "data-format"], domains: ["data"] },
+  ml: { categories: ["ai-governance"], domains: ["ai"] },
+  infra: { categories: ["devops", "cloud-architecture"], domains: ["devops", "cloud"] }
+};
+function rankStandardsForCategory(category) {
+  const affinity = AFFINITY[category] ?? { categories: [], domains: [] };
+  const ranked = standardsIndex.filter((e) => appliesToPurpose(e, category)).map((e) => {
+    const tight = e.projectTypes.includes(category) && !e.projectTypes.includes("any");
+    const catIdx = affinity.categories.indexOf(e.category);
+    const categoryAffinity = catIdx >= 0 ? (affinity.categories.length - catIdx) * 2 : 0;
+    const domainAffinity = e.domains.some((d) => affinity.domains.includes(d)) ? 1 : 0;
+    const score = categoryAffinity + domainAffinity + (e.complianceRelevant ? 2 : 0) + (tight ? 1 : 0);
+    return { e, score, tight };
+  }).sort((a, b) => b.score - a.score || a.e.slug.localeCompare(b.e.slug));
+  return ranked.map(({ e, score, tight }) => ({
+    score,
+    rec: {
+      slug: e.slug,
+      name: e.name,
+      category: e.category,
+      reason: tight ? `Applies specifically to ${category} projects` : e.complianceRelevant ? "Compliance-relevant standard applicable to this stack" : "Generally applicable standard",
+      matchedProjectTypes: [category],
+      frameworks: e.frameworks,
+      complianceRelevant: e.complianceRelevant,
+      officialUrl: e.officialUrl
+    }
+  }));
+}
+function recommendStandards(projects, extended, options = {}) {
+  const perCategoryLimit = options.perCategoryLimit ?? 10;
+  const totalLimit = options.totalLimit ?? 40;
+  const fallbackUi = extended?.uiPurpose ? {
+    samples: [],
+    categoryCounts: {},
+    originalCount: 0,
+    dependencies: [],
+    routes: [],
+    detectedFrameworks: extended.uiPurpose.detectedFrameworks ?? []
+  } : void 0;
+  const projectPurposes = projects.map((p) => inferProjectPurpose(p, p.uiPurpose ?? fallbackUi));
+  const categories = [...new Set(projectPurposes.map((p) => p.category))];
+  const bySlug = /* @__PURE__ */ new Map();
+  const scoreBySlug = /* @__PURE__ */ new Map();
+  for (const category of categories) {
+    const ranked = rankStandardsForCategory(category).slice(0, perCategoryLimit);
+    for (const { rec, score } of ranked) {
+      const existing = bySlug.get(rec.slug);
+      if (existing) {
+        if (!existing.matchedProjectTypes.includes(category)) existing.matchedProjectTypes.push(category);
+        scoreBySlug.set(rec.slug, Math.max(scoreBySlug.get(rec.slug) ?? 0, score));
+      } else {
+        bySlug.set(rec.slug, { ...rec });
+        scoreBySlug.set(rec.slug, score);
+      }
+    }
+  }
+  const recommended = [...bySlug.values()].sort(
+    (a, b) => (scoreBySlug.get(b.slug) ?? 0) - (scoreBySlug.get(a.slug) ?? 0) || b.matchedProjectTypes.length - a.matchedProjectTypes.length || a.slug.localeCompare(b.slug)
+  ).slice(0, totalLimit);
+  const recommendedSlugs = new Set(recommended.map((r) => r.slug));
+  const frameworks = complianceFrameworks.map((fw) => ({
+    id: fw.id,
+    name: fw.name,
+    recommendedMembers: fw.memberStandards.filter((s) => recommendedSlugs.has(s)).length,
+    totalMembers: fw.memberStandards.length
+  })).filter((f) => f.recommendedMembers > 0).sort((a, b) => b.recommendedMembers - a.recommendedMembers);
+  return { projectPurposes, recommended, frameworks };
+}
 var NATIVE_MODULE_PACKAGES = /* @__PURE__ */ new Set([
   // Image / media processing
   "sharp",
@@ -18318,6 +18748,7 @@ async function runScan(rootDir, opts) {
     source: resolvedRuntimeCatalog.source,
     stale: runtimeCatalogStale
   };
+  extended.standards = recommendStandards(allProjects, extended);
   progress.startStep("drift");
   const drift = computeDriftScore(allProjects);
   progress.completeStep("drift", `${drift.score}/100 \u2014 ${drift.riskLevel} risk`);

package/dist/{chunk-HJ4D6B3B.js → chunk-7343XMW2.js}

@@ -1,6 +1,6 @@
 import {
   runScan
-} from "./chunk-BOGC5GYS.js";
+} from "./chunk-4G4YRE6K.js";
 
 // src/commands/baseline.ts
 import * as path3 from "path";

package/dist/cli.js

@@ -6,7 +6,7 @@ import {
   pathExists,
   readJsonFile,
   writeTextFile
-} from "./chunk-HJ4D6B3B.js";
+} from "./chunk-7343XMW2.js";
 import {
   computeRepoFingerprint,
   detectVcs,
@@ -16,7 +16,7 @@ import {
   resolveRepositoryName,
   runScan,
   writeDefaultConfig
-} from "./chunk-BOGC5GYS.js";
+} from "./chunk-4G4YRE6K.js";
 import {
   require_semver
 } from "./chunk-5IXVOEZN.js";
@@ -49,7 +49,7 @@ var initCommand = new Command("init").description("Initialize vibgrate in a proj
     console.log(chalk.green("\u2714") + ` Created ${chalk.bold("vibgrate.config.ts")}`);
   }
   if (opts.baseline) {
-    const { runBaseline } = await import("./baseline-WUHK4LQY.js");
+    const { runBaseline } = await import("./baseline-OK4HC3QV.js");
     await runBaseline(rootDir);
   }
   console.log("");
@@ -1117,6 +1117,25 @@ function formatMarkdown(artifact) {
     }
     lines.push("");
   }
+  if (artifact.extended?.standards && artifact.extended.standards.recommended.length > 0) {
+    const std = artifact.extended.standards;
+    lines.push("## Recommended Standards");
+    lines.push("");
+    const purposes = std.projectPurposes.map((p) => `${p.project} \u2192 ${p.category}`).join(", ");
+    if (purposes) lines.push(`- **Detected purpose:** ${purposes}`);
+    if (std.frameworks.length > 0) {
+      lines.push("- **Compliance framework coverage:**");
+      for (const f of std.frameworks) {
+        lines.push(`  - ${f.name}: ${f.recommendedMembers}/${f.totalMembers} member standards apply`);
+      }
+    }
+    lines.push("- **Top standards to consider:**");
+    for (const rec of std.recommended.slice(0, 10)) {
+      const flag = rec.complianceRelevant ? " _(compliance)_" : "";
+      lines.push(`  - **${rec.name}** \u2014 ${rec.reason}${flag}`);
+    }
+    lines.push("");
+  }
   if (artifact.findings.length > 0) {
     lines.push("## Findings");
     lines.push("");

package/dist/index.js

@@ -5,7 +5,7 @@ import {
   formatText,
   generateFindings,
   runScan
-} from "./chunk-BOGC5GYS.js";
+} from "./chunk-4G4YRE6K.js";
 import "./chunk-5IXVOEZN.js";
 import "./chunk-C7LU6YIL.js";
 import "./chunk-JSBRDJBE.js";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@vibgrate/cli",
-  "version": "2026.615.2",
+  "version": "2026.615.3",
   "description": "CLI for measuring upgrade drift across Node, .NET, Python & Java projects",
   "type": "module",
   "bin": {