@vyuhlabs/dxkit 2.13.3 → 2.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. package/CHANGELOG.md +66 -0
  2. package/README.md +85 -58
  3. package/dist/analyzers/cache.d.ts +9 -0
  4. package/dist/analyzers/cache.d.ts.map +1 -1
  5. package/dist/analyzers/cache.js +27 -15
  6. package/dist/analyzers/cache.js.map +1 -1
  7. package/dist/analyzers/health.d.ts +19 -0
  8. package/dist/analyzers/health.d.ts.map +1 -1
  9. package/dist/analyzers/health.js +72 -26
  10. package/dist/analyzers/health.js.map +1 -1
  11. package/dist/analyzers/tests/types.d.ts +9 -0
  12. package/dist/analyzers/tests/types.d.ts.map +1 -1
  13. package/dist/analyzers/tests/types.js +34 -0
  14. package/dist/analyzers/tests/types.js.map +1 -1
  15. package/dist/analyzers/tools/parallel.d.ts +2 -1
  16. package/dist/analyzers/tools/parallel.d.ts.map +1 -1
  17. package/dist/analyzers/tools/parallel.js +38 -24
  18. package/dist/analyzers/tools/parallel.js.map +1 -1
  19. package/dist/analyzers/tools/semgrep.d.ts +15 -1
  20. package/dist/analyzers/tools/semgrep.d.ts.map +1 -1
  21. package/dist/analyzers/tools/semgrep.js +49 -3
  22. package/dist/analyzers/tools/semgrep.js.map +1 -1
  23. package/dist/baseline/changed-files.d.ts +12 -0
  24. package/dist/baseline/changed-files.d.ts.map +1 -0
  25. package/dist/baseline/changed-files.js +100 -0
  26. package/dist/baseline/changed-files.js.map +1 -0
  27. package/dist/baseline/check.d.ts +30 -0
  28. package/dist/baseline/check.d.ts.map +1 -1
  29. package/dist/baseline/check.js +71 -4
  30. package/dist/baseline/check.js.map +1 -1
  31. package/dist/baseline/create.d.ts +10 -0
  32. package/dist/baseline/create.d.ts.map +1 -1
  33. package/dist/baseline/create.js +19 -15
  34. package/dist/baseline/create.js.map +1 -1
  35. package/dist/baseline/gather-scope.d.ts +116 -0
  36. package/dist/baseline/gather-scope.d.ts.map +1 -0
  37. package/dist/baseline/gather-scope.js +105 -0
  38. package/dist/baseline/gather-scope.js.map +1 -0
  39. package/dist/baseline/ref-baseline.d.ts +17 -2
  40. package/dist/baseline/ref-baseline.d.ts.map +1 -1
  41. package/dist/baseline/ref-baseline.js +27 -4
  42. package/dist/baseline/ref-baseline.js.map +1 -1
  43. package/dist/baseline/scoped-inputs.d.ts +21 -0
  44. package/dist/baseline/scoped-inputs.d.ts.map +1 -0
  45. package/dist/baseline/scoped-inputs.js +53 -0
  46. package/dist/baseline/scoped-inputs.js.map +1 -0
  47. package/dist/cli.d.ts.map +1 -1
  48. package/dist/cli.js +7 -2
  49. package/dist/cli.js.map +1 -1
  50. package/dist/loop/stop-gate.d.ts.map +1 -1
  51. package/dist/loop/stop-gate.js +12 -1
  52. package/dist/loop/stop-gate.js.map +1 -1
  53. package/package.json +2 -2
package/CHANGELOG.md CHANGED
@@ -7,6 +7,72 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
7
7
 
8
8
  ## [Unreleased]
9
9
 
10
+ ## [2.15.0] - 2026-06-22
11
+
12
+ ### Fixed — ref-based guardrail no longer false-blocks on `secret-hmac`
13
+
14
+ In ref-based mode (the default for public repos), dxkit mints a locator-less
15
+ `secret-hmac` companion alongside each located `secret` for cross-file
16
+ relocation matching. On a fresh or shallow checkout the two sides of the diff
17
+ can derive different salts, so the companions never match and read as net-new —
18
+ a **false block**, even though the located `secret` twins match correctly.
19
+ `secret-hmac` now joins `duplication` and `test-gap` in the set of kinds
20
+ excluded from the ref-based diff (they can't be gathered comparably across a
21
+ detached worktree). The located `secret` kind still gates net-new credentials;
22
+ only the redundant companion is dropped. **Committed modes are unaffected.**
23
+
24
+ ### Added — opt-in `--incremental` for `guardrail check`
25
+
26
+ `vyuh-dxkit guardrail check --incremental` scopes the gather to the analyzers
27
+ the active policy can actually block on (reusing the loop Stop-gate's
28
+ `scopeForPolicy`) and, in ref-based mode, scopes semgrep to the changed files
29
+ on both sides. Same verdict, far less work — the check scales with PR size
30
+ rather than repo size. **Opt-in and verdict-preserving:** without the flag,
31
+ behavior is byte-identical to 2.14; it falls back to a full scan whenever the
32
+ changed set can't be computed completely. The CLI flag exposes what the loop
33
+ Stop-gate already did internally, so a ref-based CI guardrail (or a hosted
34
+ PR-gate) can run the fast path too.
35
+
36
+ ### Changed — positioning: two pillars (context + gate)
37
+
38
+ - README hero, package description, and `--help` tagline now lead with both
39
+ pillars: **"a deterministic stop condition and code-graph context layer for
40
+ AI coding agents."** The README opening + "What dxkit does" foreground the
41
+ code graph (callers, callees, blast radius) the agent uses *while making a
42
+ change*, then the deterministic stop-gate that blocks net-new regressions
43
+ *before it exits* — so the graph is no longer undersold as a footnote.
44
+
45
+ ## [2.14.0] - 2026-06-22
46
+
47
+ ### Changed — the loop Stop-gate gathers far less work per stop
48
+
49
+ After 2.13.3 made the gate cache-aware, two further optimizations cut what an
50
+ unattended loop's `security-only` Stop-gate actually scans on every stop.
51
+ Both are **opt-in** (only the loop Stop-gate enables them) and **verdict-
52
+ preserving** — CI `baseline check`, `createBaseline`, and the `health` report
53
+ are byte-identical and still render every warning. End-to-end on a 3,748-file
54
+ repo with a realistic 2-file loop diff (separate processes), the security-only
55
+ gather dropped from **42.8s → 11.3s (74%)** while still blocking the same
56
+ net-new finding with identical blocking pairs.
57
+
58
+ - **Preset-scoped gather.** A guardrail can only block on the finding kinds its
59
+ policy escalates, so a `security-only` posture no longer runs the analyzers
60
+ that feed only non-blockable kinds (jscpd, lint, coverage, cloc, test-gaps,
61
+ graphify, licenses). The scope is derived declaratively from the policy
62
+ (`scopeForPolicy`): a `full-debt` posture, CI, and `health` all resolve to
63
+ the full scan. A scoped result is partial by construction and never enters
64
+ the shared `AnalysisResult` cache. (~42.8s → 24.0s.)
65
+ - **Incremental file-scoped scanning.** The current side's semgrep now scans
66
+ only the files that changed vs the baseline commit. Sound because semgrep is
67
+ intraprocedural — a net-new code finding can only appear in a file the diff
68
+ touched. The changed-file set is computed completely or falls back to a full
69
+ scan on any uncertainty (base unreachable, not a git repo), so a scan can
70
+ only ever over-cover, never under-cover. The ref/baseline side stays full.
71
+ (~24.0s → 11.3s.)
72
+
73
+ Both behaviors are confined to the loop Stop-gate; nothing about the CI
74
+ guardrail or the standalone reports changes.
75
+
10
76
  ## [2.13.3] - 2026-06-22
11
77
 
12
78
  ### Fixed — the loop Stop-gate no longer pays a full re-scan on every stop
package/README.md CHANGED
@@ -1,11 +1,16 @@
1
1
  # dxkit
2
2
 
3
- **A deterministic Stop-gate for autonomous coding loops.**
3
+ **A deterministic stop condition and code-graph context layer for AI coding agents.**
4
4
 
5
- Coding agents keep editing until they decide to stop. Tests and linters catch
6
- broken code, but they do not know whether the agent made the repo worse than
7
- the baseline. So loops can quietly ship new secrets, untested paths, and other
8
- detector-backed regressions, then report success.
5
+ Autonomous coding loops face two control problems: orienting in the code while
6
+ they make a change, and deciding whether that change made the repository worse
7
+ before they stop.
8
+
9
+ dxkit addresses both. While the agent works, it provides a code graph of
10
+ callers, callees, blast radius, and the files a change touches. Then, when the
11
+ agent tries to stop, dxkit baselines existing findings, reruns trusted checks,
12
+ and blocks only net-new detector-backed regressions with a concrete repair
13
+ reason.
9
14
 
10
15
  In our loop benchmark, vanilla Claude Code-style loops stopped with net-new
11
16
  debt in **11 of 16 runs**. A prompt that told the agent to self-check still
@@ -20,9 +25,10 @@ finding, and the agent repaired before stopping clean.
20
25
 
21
26
  dxkit does not reinvent detection. It runs trusted open source scanners
22
27
  (gitleaks, Semgrep, OSV, npm audit, and more), and it can ingest results from
23
- Snyk and CodeQL. What it adds is the piece those tools were not built for: a
24
- deterministic check, on every stop, of whether this change introduced a new
25
- finding compared with a baseline.
28
+ Snyk and CodeQL. What dxkit adds is the agent-loop layer around those tools: a
29
+ per-stop, baseline-relative verdict of whether this change introduced a new
30
+ finding, returned to the agent with the exact repair reason while the loop is
31
+ still warm.
26
32
 
27
33
  ```bash
28
34
  npm init @vyuhlabs/dxkit -- --claude-loop --yes # install dxkit + register the Claude Code Stop hook
@@ -30,12 +36,12 @@ npx vyuh-dxkit baseline create # grandfather today's findings
30
36
  npx vyuh-dxkit loop doctor # verify the gate is wired
31
37
  ```
32
38
 
33
- The gate runs locally with no model: same input, same verdict, in seconds.
39
+ The stop verdict has no model in the path: same input, same verdict.
34
40
  Existing debt stays grandfathered; only net-new regressions block. Want to
35
41
  watch the flow first, on a sandbox dxkit creates? See the
36
- [walkthrough](#see-it-without-touching-your-repo).
42
+ [fixture gate](#run-a-local-fixture-gate).
37
43
 
38
- [Read the benchmark](docs/benchmarks.md) · [Try it on your repo](#try-it-on-your-repo)
44
+ [Read the benchmark](docs/benchmarks.md) · [Try it on your repo](#try-it-on-your-repo) · [Run the fixture gate](#run-a-local-fixture-gate)
39
45
 
40
46
  <p>
41
47
  <a href="https://www.npmjs.com/package/@vyuhlabs/dxkit"><img alt="npm" src="https://img.shields.io/npm/v/@vyuhlabs/dxkit"></a>
@@ -48,23 +54,27 @@ watch the flow first, on a sandbox dxkit creates? See the
48
54
 
49
55
  ## The problem: loops do not know when they made things worse
50
56
 
51
- An autonomous loop runs until the agent decides it is done. The only checks in
52
- that loop today are tests and linters, and those catch broken code, not
53
- regressed code. There is no notion of "worse than the baseline." So an agent
54
- can add a feature, leave a new untested path or a hardcoded credential behind,
55
- run the tests, see green, and declare success.
57
+ An autonomous loop runs until the agent decides it is done. The common checks in
58
+ that loop (tests, linters, scanners, CI-style commands) usually answer whether
59
+ something is broken or flagged. They do not, by themselves, maintain a
60
+ brownfield baseline and answer the loop-level question: did this change
61
+ introduce something net-new? So an agent can add a feature, leave a new untested
62
+ path or a hardcoded credential behind, run the tests, see green, and declare
63
+ success.
56
64
 
57
65
  In our benchmark this happened in most vanilla runs, and telling the agent to
58
66
  check its own work only helped a little.
59
67
 
60
68
  ## What dxkit does
61
69
 
62
- 1. **Baseline today's debt.** `baseline create` records every current finding,
63
- so pre-existing issues are grandfathered and never block.
64
- 2. **Run a deterministic Stop-gate on every stop.** A Claude Code Stop hook
65
- re-runs the guardrail against that baseline. Same input gives the same
66
- verdict, in seconds, offline, with no model in the loop.
67
- 3. **Feed net-new findings back to the agent.** If the change introduced a
70
+ 1. **Build a structural code graph.** dxkit gives the agent callers, callees,
71
+ blast radius, and relevant files so it can orient before editing.
72
+ 2. **Baseline today's debt.** `baseline create` records current findings, so
73
+ pre-existing issues are grandfathered and never block.
74
+ 3. **Run a deterministic Stop-gate on every stop.** A Claude Code Stop hook
75
+ reruns the guardrail against that baseline. Same input gives the same
76
+ verdict; no model decides whether the gate passes.
77
+ 4. **Feed net-new findings back to the agent.** If the change introduced a
68
78
  finding, the gate blocks the stop and hands the agent the exact finding to
69
79
  fix: do not refresh the baseline, do not touch unrelated debt, fix what this
70
80
  branch introduced. The loop stops only when clean.
@@ -78,11 +88,27 @@ Use dxkit if you let coding agents:
78
88
  - touch brownfield repos that already carry debt,
79
89
  - or work where "new debt" matters more than "all debt."
80
90
 
91
+ ## What dxkit is, and is not
92
+
93
+ **It is a deterministic verification layer.** It baselines today's findings,
94
+ fingerprints them across churn, and blocks only net-new regressions.
95
+
96
+ **It is not a scanner replacement.** It runs and ingests scanners (gitleaks,
97
+ Semgrep, CodeQL, Snyk, SARIF) and makes their findings enforceable. It does not
98
+ claim to find more bugs than they do.
99
+
100
+ **It is not an LLM judge.** No model decides whether the gate passes. The model
101
+ can repair findings. The gate itself is deterministic, and the prompt does not
102
+ grow as the baseline grows.
103
+
104
+ **It is not a guarantee of safe code.** It blocks detector-backed net-new
105
+ findings it can observe. You still need tests, review, scanners, and judgment.
106
+
81
107
  ## Built on tools you already trust
82
108
 
83
109
  dxkit is an orchestration and enforcement layer, not another scanner. It runs
84
110
  established open source tools and treats their output as one stream. Which tools
85
- run depends on the languages in your repo dxkit covers **8 ecosystems**
111
+ run depends on the languages in your repo. dxkit covers **8 ecosystems**
86
112
  (TypeScript / JavaScript, Python, Go, Rust, C# / .NET, Java, Kotlin, Ruby).
87
113
 
88
114
  Universal, on every repo:
@@ -92,8 +118,8 @@ Universal, on every repo:
92
118
  - dependency advisories: OSV.dev
93
119
  - size, duplication, and the code graph: cloc, jscpd, graphify
94
120
 
95
- Per language, dxkit adds that ecosystem's own linter and audit tool — for
96
- example npm audit + ESLint (JS / TS), pip-audit + ruff (Python), govulncheck +
121
+ Per language, dxkit adds that ecosystem's own linter and audit tool. For
122
+ example, npm audit + ESLint (JS / TS), pip-audit + ruff (Python), govulncheck +
97
123
  golangci-lint (Go), cargo-audit + clippy (Rust), `dotnet list --vulnerable`
98
124
  (C#), osv-scanner + PMD (Java), osv-scanner + detekt (Kotlin), and
99
125
  bundler-audit + RuboCop (Ruby). The full per-language matrix is in **Per-pack
@@ -114,7 +140,7 @@ and inside the agent loop.
114
140
  ## Try it on your repo
115
141
 
116
142
  The Stop hook runs dxkit on every stop, so install dxkit into the repo. This
117
- one command adds it as a devDependency and registers the hook additively your
143
+ one command adds it as a devDependency and registers the hook additively, so your
118
144
  existing `.claude` settings are preserved:
119
145
 
120
146
  ```bash
@@ -128,9 +154,9 @@ npx vyuh-dxkit loop ledger summarize # afterwards: blocked vs allowed, repaired
128
154
  When the agent tries to stop, dxkit runs the net-new gate against the baseline.
129
155
  Existing findings are grandfathered; only findings this change introduced block.
130
156
 
131
- ## See it without touching your repo
157
+ ## Run a local fixture gate
132
158
 
133
- Want the flow first, on a sandbox dxkit creates?
159
+ Want to see the Stop-gate before installing dxkit into your repo?
134
160
 
135
161
  ```bash
136
162
  npx -y @vyuhlabs/dxkit@latest demo loop-guardrail
@@ -141,7 +167,7 @@ net-new secret → BLOCK → repair → CLEAN, then it tears the fixture down. N
141
167
  key and no Claude Code, and your own repo is never touched. It needs gitleaks
142
168
  installed and takes about 20 seconds; without gitleaks it shows a clearly
143
169
  labelled illustration instead. (It does a one-time `npx` download, so it is not
144
- fully offline the gate itself is.)
170
+ fully offline, though the gate itself is.)
145
171
 
146
172
  ### Presets: what blocks the loop
147
173
 
@@ -192,11 +218,26 @@ ships, the graph bounds how the loop works.
192
218
  Three independent benchmark results, one theme: dxkit makes agent work more
193
219
  predictable.
194
220
 
195
- | Layer | What it bounds | Observed result |
196
- | -------------------------- | ------------------------------------ | ---------------------------------------------------------------------------------------------------------------- |
197
- | **Stop-gate** | unsafe final state | vanilla loops escaped **11/16** times, prompt-only checklist escaped **9/16**, dxkit escaped **0/16** |
198
- | **Deterministic identity** | false "net-new" findings under churn | **100% catch / 0% false-block** on seeded gate tests; **0 false net-new** on tested line shifts and renames |
199
- | **Graph context** | large-repo exploration tails | median roughly tied, but large-repo mean tokens **30% lower**, worst case **57% lower**, variance roughly halved |
221
+ | Layer | What it bounds | Observed result |
222
+ | -------------------------- | ------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------- |
223
+ | **Stop-gate** | net-new detector-backed debt | vanilla loops escaped **11/16** times, prompt-only checklist escaped **9/16**, dxkit escaped **0/16** |
224
+ | **Deterministic identity** | false "net-new" findings under churn | caught **all 3** seeded regressions with **0/2** false blocks on clean edits; **0 false net-new** on tested line shifts and renames |
225
+ | **Graph context** | large-repo exploration tails | median roughly tied, but large-repo mean tokens **30% lower**, worst case **57% lower**, variance roughly halved |
226
+
227
+ **Deferral has a re-orientation cost.** A fourth arm of the
228
+ loop-safety study measured the "detect on CI, fix later" model: on the test-gap
229
+ task, deferring a net-new finding to a cold session cost **~49% more in
230
+ equivalent cost** and **~51% more turns** than repairing it inside the warm loop,
231
+ because the cold fixer has to re-orient in a context it no longer holds. (The
232
+ secret-task premium pointed the same way but was weak (mean +19%, median
233
+ slightly negative), so we lean on the robust test-gap result.) So the gate is not
234
+ just safer than deferring, it is plausibly cheaper too.
235
+
236
+ **And the gate is fast enough to run on every stop.** dxkit 2.14.0 scopes the
237
+ Stop-gate scan to the active preset's blockable finding kinds and re-scans only
238
+ the changed files, reusing cached results for everything unchanged. The verdict
239
+ is identical to a full scan; the cost is seconds per stop, not minutes, even on
240
+ large repositories.
200
241
 
201
242
  > **Benchmark caveats:** the loop-safety study uses controlled synthetic tasks
202
243
  > plus real-repo validation, detector-backed findings, and Sonnet runs. It is
@@ -207,22 +248,6 @@ predictable.
207
248
  Full methodology, reproducibility notes, artifact status, and caveats are in
208
249
  **[docs/benchmarks.md](docs/benchmarks.md)**.
209
250
 
210
- ## What dxkit is, and is not
211
-
212
- **It is a deterministic verification layer.** It baselines today's findings,
213
- fingerprints them across churn, and blocks only net-new regressions.
214
-
215
- **It is not a scanner replacement.** It runs and ingests scanners (gitleaks,
216
- Semgrep, CodeQL, Snyk, SARIF) and makes their findings enforceable. It does not
217
- claim to find more bugs than they do.
218
-
219
- **It is not an LLM judge.** No model decides whether the gate passes. The model
220
- can repair findings. The gate itself is deterministic, and the prompt does not
221
- grow as the baseline grows.
222
-
223
- **It is not a guarantee of safe code.** It blocks detector-backed net-new
224
- findings it can observe. You still need tests, review, scanners, and judgment.
225
-
226
251
  ## Why not just Snyk, SonarQube, or CodeQL?
227
252
 
228
253
  Use them. dxkit can ingest their findings. The difference is tempo and control,
@@ -233,7 +258,7 @@ every time the agent tries to declare done.
233
258
  | Loop Stop-gate need | dxkit | Cloud or CI scanners |
234
259
  | ----------------------------------------------------------- | ----- | -------------------------------------- |
235
260
  | Runs locally on every stop, in seconds | yes | usually CI or cloud cadence |
236
- | Can run without network or auth | yes | usually requires network or auth |
261
+ | Deterministic verdict, no model in the gate | yes | varies (some add an LLM judge) |
237
262
  | Grandfathers existing debt | yes | tool-dependent |
238
263
  | Feeds the exact block reason back to the warm agent session | yes | usually a human-facing dashboard or PR |
239
264
 
@@ -266,7 +291,7 @@ cloc, jscpd, graphify).
266
291
  | Ruby | `Gemfile`, `*.rb` | RuboCop, bundler-audit |
267
292
 
268
293
  <details>
269
- <summary><strong>Per-pack capabilities</strong> coverage import, import-graph, severity tiers (click to expand)</summary>
294
+ <summary><strong>Per-pack capabilities</strong>: coverage import, import-graph, severity tiers (click to expand)</summary>
270
295
 
271
296
  | Language | Detection | Coverage import | Import-graph | Native tools | Lint severity tiers | Vuln severity tiers |
272
297
  | -------- | ------------------------------------- | ------------------- | -------------------------------------------- | ----------------------------------- | ---------------------- | --------------------------------------------- |
@@ -293,10 +318,9 @@ so it does not inflate the Code Quality score.
293
318
 
294
319
  ## Reproduce the deterministic tier
295
320
 
296
- The deterministic results the net-new gate decision and the finding-identity
297
- matcher reproduce offline, so you do not have to trust our numbers. This is
298
- separate from the agentic benchmark, which requires running real agent sessions.
299
- The harnesses live in `benchmarks/`:
321
+ The deterministic results (the net-new gate decision and the finding-identity
322
+ matcher) reproduce offline with no API key, so you do not have to trust our
323
+ numbers. These harnesses live in `benchmarks/`:
300
324
 
301
325
  ```bash
302
326
  node benchmarks/bench-guardrail.mjs config.json # block/allow on seeded findings
@@ -304,8 +328,11 @@ node benchmarks/bench-netnew-isolation.mjs config.json # net-new isolation under
304
328
  node benchmarks/bench-matcher.mjs config.json # false net-new on line shifts + renames
305
329
  ```
306
330
 
307
- See `benchmarks/README.md` to point them at a repo, and the full methodology,
308
- caveats, and artifact status in **[docs/benchmarks.md](docs/benchmarks.md)**.
331
+ See `benchmarks/README.md` to point them at a repo. The agent-driven harnesses
332
+ (loop safety, cost of deferral, gate-vs-LLM, and the graph-context sessions) need
333
+ a model subscription or API key and are published under `benchmarks/agentic/`.
334
+ Full methodology, the per-study reports, caveats, and repro steps:
335
+ **[docs/benchmarks.md](docs/benchmarks.md)**.
309
336
 
310
337
  ## Credits
311
338
 
@@ -73,6 +73,15 @@ export interface ReadOrBuildOptions {
73
73
  /** Override the wall-clock used for `builtAt`. Tests use this to
74
74
  * produce deterministic timestamps. Defaults to `new Date()`. */
75
75
  now?: () => Date;
76
+ /**
77
+ * This build is a SCOPED/partial gather (some analyzers skipped — see
78
+ * `GatherScope`). Its `AnalysisResult` is incomplete, so it must never
79
+ * enter the shared cache where a later FULL consumer (`health`) could
80
+ * read it as if complete. Set by the loop guardrail path; skips both the
81
+ * in-memory and on-disk cache for read AND write. The build still runs;
82
+ * only persistence is bypassed.
83
+ */
84
+ partial?: boolean;
76
85
  }
77
86
  /**
78
87
  * Resolve provenance fields needed to compute the cache key. Reads
@@ -1 +1 @@
1
- {"version":3,"file":"cache.d.ts","sourceRoot":"","sources":["../../src/analyzers/cache.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;AAMH,OAAO,EAEL,KAAK,cAAc,EACnB,KAAK,kBAAkB,EACxB,MAAM,oBAAoB,CAAC;AAqB5B;;;;GAIG;AACH,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,YAAY,EAAE,MAAM,CAAC;IACrB,eAAe,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,gBAAgB,EAAE,OAAO,CAAC;CAC3B;AAED;;;;;GAKG;AACH,MAAM,MAAM,qBAAqB,GAAG,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,kBAAkB,CAAC,CAAC;AAEjF,MAAM,WAAW,kBAAkB;IACjC,0EAA0E;IAC1E,MAAM,CAAC,EAAE,OAAO,CAAC;IAEjB;;uCAEmC;IACnC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;kBAEc;IACd,iBAAiB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,kBAAkB,CAAC;IAExD;sEACkE;IAClE,GAAG,CAAC,EAAE,MAAM,IAAI,CAAC;CAClB;AAOD;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,kBAAkB,CAUjE;AAED;;;;GAIG;AACH,wBAAsB,yBAAyB,CAAC,IAAI,EAAE;IACpD,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,qBAAqB,CAAC;IAC7B,IAAI,CAAC,EAAE,kBAAkB,CAAC;CAC3B,GAAG,OAAO,CAAC,cAAc,CAAC,CAgD1B;AAED,iEAAiE;AACjE,wBAAgB,kBAAkB,IAAI,IAAI,CAEzC"}
1
+ {"version":3,"file":"cache.d.ts","sourceRoot":"","sources":["../../src/analyzers/cache.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;AAMH,OAAO,EAEL,KAAK,cAAc,EACnB,KAAK,kBAAkB,EACxB,MAAM,oBAAoB,CAAC;AAqB5B;;;;GAIG;AACH,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,YAAY,EAAE,MAAM,CAAC;IACrB,eAAe,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAC;IAC5B,gBAAgB,EAAE,OAAO,CAAC;CAC3B;AAED;;;;;GAKG;AACH,MAAM,MAAM,qBAAqB,GAAG,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,kBAAkB,CAAC,CAAC;AAEjF,MAAM,WAAW,kBAAkB;IACjC,0EAA0E;IAC1E,MAAM,CAAC,EAAE,OAAO,CAAC;IAEjB;;uCAEmC;IACnC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB;;kBAEc;IACd,iBAAiB,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,kBAAkB,CAAC;IAExD;sEACkE;IAClE,GAAG,CAAC,EAAE,MAAM,IAAI,CAAC;IAEjB;;;;;;;OAOG;IACH,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAOD;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,kBAAkB,CAUjE;AAED;;;;GAIG;AACH,wBAAsB,yBAAyB,CAAC,IAAI,EAAE;IACpD,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,qBAAqB,CAAC;IAC7B,IAAI,CAAC,EAAE,kBAAkB,CAAC;CAC3B,GAAG,OAAO,CAAC,cAAc,CAAC,CAyC1B;AA2BD,iEAAiE;AACjE,wBAAgB,kBAAkB,IAAI,IAAI,CAEzC"}
@@ -129,6 +129,13 @@ async function readOrBuildAnalysisResult(args) {
129
129
  const provenance = (opts.resolveProvenance ?? resolveProvenance)(cwd);
130
130
  const cacheDir = opts.cacheDir ?? path.join(provenance.cwd, CACHE_SUBDIR);
131
131
  const cacheKey = buildCacheKey(provenance);
132
+ // A scoped/partial gather must bypass the shared cache entirely — neither
133
+ // read (a full entry would mask the requested scope, but more importantly
134
+ // the inverse is the hazard) nor write (a partial result must never be
135
+ // served to a later full consumer). Build straight through.
136
+ if (opts.partial) {
137
+ return buildResult(cwd, build, provenance, opts.now);
138
+ }
132
139
  // In-memory short-circuit. Same provenance, same process: one rebuild.
133
140
  if (!opts.rescan) {
134
141
  const cached = inMemoryCache.get(cacheKey);
@@ -144,21 +151,7 @@ async function readOrBuildAnalysisResult(args) {
144
151
  if (fromDisk)
145
152
  return fromDisk;
146
153
  }
147
- // Build, stamp provenance, persist (when clean).
148
- const body = await build(cwd);
149
- const now = (opts.now ?? (() => new Date()))();
150
- const result = {
151
- ...body,
152
- commitSha: provenance.commitSha,
153
- branch: provenance.branch,
154
- cwd: provenance.cwd,
155
- builtAt: now.toISOString(),
156
- dxkitVersion: provenance.dxkitVersion,
157
- schemaVersion: analysis_result_1.ANALYSIS_RESULT_SCHEMA_VERSION,
158
- ignoreFileMtime: provenance.ignoreFileMtime,
159
- inputsDigest: provenance.inputsDigest,
160
- workingTreeDirty: provenance.workingTreeDirty,
161
- };
154
+ const result = await buildResult(cwd, build, provenance, opts.now);
162
155
  if (!provenance.workingTreeDirty) {
163
156
  writeDiskCache(cacheDir, result);
164
157
  }
@@ -170,6 +163,25 @@ async function readOrBuildAnalysisResult(args) {
170
163
  promise.catch(() => inMemoryCache.delete(cacheKey));
171
164
  return promise;
172
165
  }
166
+ /** Build + stamp provenance into a complete `AnalysisResult`. No caching —
167
+ * callers decide whether to persist. Shared by the cached and partial
168
+ * (scope-bypass) paths so they produce byte-identical result envelopes. */
169
+ async function buildResult(cwd, build, provenance, now) {
170
+ const body = await build(cwd);
171
+ const stamp = (now ?? (() => new Date()))();
172
+ return {
173
+ ...body,
174
+ commitSha: provenance.commitSha,
175
+ branch: provenance.branch,
176
+ cwd: provenance.cwd,
177
+ builtAt: stamp.toISOString(),
178
+ dxkitVersion: provenance.dxkitVersion,
179
+ schemaVersion: analysis_result_1.ANALYSIS_RESULT_SCHEMA_VERSION,
180
+ ignoreFileMtime: provenance.ignoreFileMtime,
181
+ inputsDigest: provenance.inputsDigest,
182
+ workingTreeDirty: provenance.workingTreeDirty,
183
+ };
184
+ }
173
185
  /** Test seam — drop in-memory dedup state between test cases. */
174
186
  function clearInMemoryCache() {
175
187
  inMemoryCache.clear();
@@ -1 +1 @@
1
- {"version":3,"file":"cache.js","sourceRoot":"","sources":["../../src/analyzers/cache.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAoFH,8CAUC;AAOD,8DAoDC;AAGD,gDAEC;AA5JD,uCAAyB;AACzB,2CAA6B;AAC7B,mCAAoC;AACpC,iDAAyC;AACzC,wDAI4B;AAC5B,4CAAwD;AAExD,MAAM,WAAW,GAAG,eAAe,CAAC;AACpC,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;AAElD,uEAAuE;AACvE,sEAAsE;AACtE,uEAAuE;AACvE,uEAAuE;AACvE,wEAAwE;AACxE,yEAAyE;AACzE,0EAA0E;AAC1E,mEAAmE;AACnE,2EAA2E;AAC3E,yEAAyE;AACzE,4EAA4E;AAC5E,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,kBAAkB;AAChF,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;AACvD,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC,qBAAqB;AA4C9E,qEAAqE;AACrE,mEAAmE;AACnE,2DAA2D;AAC3D,MAAM,aAAa,GAAG,IAAI,GAAG,EAAmC,CAAC;AAEjE;;;;;GAKG;AACH,SAAgB,iBAAiB,CAAC,GAAW;IAC3C,OAAO;QACL,SAAS,EAAE,WAAW,CAAC,GAAG,EAAE,SAAS,EAAE,MAAM,CAAC;QAC9C,MAAM,EAAE,WAAW,CAAC,GAAG,EAAE,cAAc,EAAE,MAAM,CAAC;QAChD,GAAG,EAAE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;QACtB,YAAY,EAAE,mBAAa;QAC3B,eAAe,EAAE,mBAAmB,CAAC,GAAG,CAAC;QACzC,YAAY,EAAE,mBAAmB,CAAC,GAAG,CAAC;QACtC,gBAAgB,EAAE,kBAAkB,CAAC,GAAG,CAAC;KAC1C,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACI,KAAK,UAAU,yBAAyB,CAAC,IAI/C;IACC,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC;IAC5B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,iBAAiB,IAAI,iBAAiB,CAAC,CAAC,GAAG,CAAC,CAAC;IACtE,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;IAC1E,MAAM,QAAQ,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;IAE3C,uEAAuE;IACvE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QACjB,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC3C,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;IAC5B,CAAC;IAED,MAAM,OAAO,GAAG,CAAC,KAAK,IAAI,EAAE;QAC1B,oEAAoE;QACpE,kEAAkE;QAClE,wBAAwB;QACxB,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,gBAAgB,EAAE,CAAC;YACjD,MAAM,QAAQ,GAAG,aAAa,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;YACrD,IAAI,QAAQ;gBAAE,OAAO,QAAQ,CAAC;QAChC,CAAC;QAED,iDAAiD;QACjD,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,CAAC;QAC9B,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;QAC/C,MAAM,MAAM,GAAmB;YAC7B,GAAG,IAAI;YACP,SAAS,EAAE,UAAU,CAAC,SAAS;YAC/B,MAAM,EAAE,UAAU,CAAC,MAAM;YACzB,GAAG,EAAE,UAAU,CAAC,GAAG;YACnB,OAAO,EAAE,GAAG,CAAC,WAAW,EAAE;YAC1B,YAAY,EAAE,UAAU,CAAC,YAAY;YACrC,aAAa,EAAE,gDAA8B;YAC7C,eAAe,EAAE,UAAU,CAAC,eAAe;YAC3C,YAAY,EAAE,UAAU,CAAC,YAAY;YACrC,gBAAgB,EAAE,UAAU,CAAC,gBAAgB;SAC9C,CAAC;QACF,IAAI,CAAC,UAAU,CAAC,gBAAgB,EAAE,CAAC;YACjC,cAAc,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACnC,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC,EAAE,CAAC;IAEL,aAAa,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACrC,sEAAsE;IACtE,iEAAiE;IACjE,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;IACpD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,iEAAiE;AACjE,SAAgB,kBAAkB;IAChC,aAAa,CAAC,KAAK,EAAE,CAAC;AACxB,CAAC;AAED,6EAA6E;AAE7E,SAAS,aAAa,CAAC,CAAqB;IAC1C,qEAAqE;IACrE,mEAAmE;IACnE,qEAAqE;IACrE,2CAA2C;IAC3C,OAAO;QACL,CAAC,CAAC,GAAG;QACL,CAAC,CAAC,SAAS,IAAI,QAAQ;QACvB,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO;QACtC,CAAC,CAAC,YAAY;QACd,MAAM,CAAC,gDAA8B,CAAC;QACtC,CAAC,CAAC,eAAe,IAAI,WAAW;QAChC,CAAC,CAAC,YAAY,IAAI,WAAW;KAC9B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED,SAAS,aAAa,CAAC,QAAgB,EAAE,SAAiB;IACxD,MAAM,GAAG,GAAG,SAAS,IAAI,QAAQ,CAAC;IAClC,OAAO,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,mBAAmB,GAAG,OAAO,CAAC,CAAC;AAC5D,CAAC;AAED,SAAS,aAAa,CAAC,QAAgB,EAAE,QAA4B;IACnE,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,EAAE,QAAQ,CAAC,SAAS,CAAC,CAAC;IACzD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IACtC,IAAI,MAAsB,CAAC;IAC3B,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAmB,CAAC;IACxE,CAAC;IAAC,MAAM,CAAC;QACP,+DAA+D;QAC/D,iEAAiE;QACjE,yBAAyB;QACzB,UAAU,CAAC,IAAI,CAAC,CAAC;QACjB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,QAAQ,CAAC,EAAE,CAAC;QACzC,UAAU,CAAC,IAAI,CAAC,CAAC;QACjB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,iBAAiB,CAAC,MAAsB,EAAE,QAA4B;IAC7E,IAAI,MAAM,CAAC,aAAa,KAAK,gDAA8B;QAAE,OAAO,KAAK,CAAC;IAC1E,IAAI,MAAM,CAAC,YAAY,KAAK,QAAQ,CAAC,YAAY;QAAE,OAAO,KAAK,CAAC;IAChE,IAAI,MAAM,CAAC,SAAS,KAAK,QAAQ,CAAC,SAAS;QAAE,OAAO,KAAK,CAAC;IAC1D,IAAI,MAAM,CAAC,eAAe,KAAK,QAAQ,CAAC,eAAe;QAAE,OAAO,KAAK,CAAC;IACtE,8DAA8D;IAC9D,qEAAqE;IACrE,oEAAoE;IACpE,sEAAsE;IACtE,IAAI,CAAC,MAAM,CAAC,YAAY,IAAI,IAAI,CAAC,KAAK,QAAQ,CAAC,YAAY;QAAE,OAAO,KAAK,CAAC;IAC1E,kEAAkE;IAClE,kEAAkE;IAClE,IAAI,MAAM,CAAC,gBAAgB;QAAE,OAAO,KAAK,CAAC;IAC1C,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,cAAc,CAAC,QAAgB,EAAE,MAAsB;IAC9D,IAAI,CAAC;QACH,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5C,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;QACvD,EAAE,CAAC,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;IACnE,CAAC;IAAC,MAAM,CAAC;QACP,8DAA8D;QAC9D,0DAA0D;QAC1D,8DAA8D;QAC9D,kCAAkC;IACpC,CAAC;AACH,CAAC;AAED,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,CAAC;QACH,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IACtB,CAAC;IAAC,MAAM,CAAC;QACP,8BAA8B;IAChC,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,GAAW,EAAE,GAAG,IAAc;IACjD,IAAI,CAAC;QACH,OAAO,IAAA,wBAAQ,EAAC,iBAAiB,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE;YACjD,GAAG;YACH,QAAQ,EAAE,OAAO;YACjB,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;YAC/B,OAAO,EAAE,IAAI;SACd,CAAC,CAAC,IAAI,EAAE,CAAC;IACZ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,SAAS,kBAAkB,CAAC,GAAW;IACrC,IAAI,CAAC;QACH,kEAAkE;QAClE,iEAAiE;QACjE,4DAA4D;QAC5D,gEAAgE;QAChE,8DAA8D;QAC9D,yBAAyB;QACzB,MAAM,GAAG,GAAG,IAAA,wBAAQ,EAAC,8CAA8C,EAAE;YACnE,GAAG;YACH,QAAQ,EAAE,OAAO;YACjB,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;YAC/B,OAAO,EAAE,IAAI;SACd,CAAC,CAAC;QACH,4DAA4D;QAC5D,6DAA6D;QAC7D,iEAAiE;QACjE,4DAA4D;QAC5D,kEAAkE;QAClE,+DAA+D;QAC/D,iEAAiE;QACjE,8DAA8D;QAC9D,6DAA6D;QAC7D,EAAE;QACF,8DAA8D;QAC9D,0DAA0D;QAC1D,2DAA2D;QAC3D,gEAAgE;QAChE,gEAAgE;QAChE,yCAAyC;QACzC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE;YAC5C,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;gBAAE,OAAO,KAAK,CAAC;YAC/B,MAAM,CAAC,GAAG,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnC,IAAI,CAAC,CAAC;gBAAE,OAAO,IAAI,CAAC;YACpB,MAAM,QAAQ,GAAG,kBAAkB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACrD,6DAA6D;YAC7D,6DAA6D;YAC7D,kEAAkE;YAClE,iEAAiE;YACjE,2DAA2D;YAC3D,8DAA8D;YAC9D,4DAA4D;YAC5D,0DAA0D;YAC1D,MAAM,kBAAkB,GAAG,QAAQ,CAAC,IAAI,CACtC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,QAAQ,IAAI,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAC/D,CAAC;YACF,IAAI,kBAAkB;gBAAE,OAAO,IAAI,CAAC;YACpC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,eAAe,CAAC,CAAC;QAC9E,CAAC,CAAC,CAAC;QACH,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;IAC1B,CAAC;IAAC,MAAM,CAAC;QACP,kEAAkE;QAClE,mEAAmE;QACnE,kDAAkD;QAClD,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,kBAAkB,CAAC,CAAS;IACnC,OAAO,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC9C,CAAC;AAED,SAAS,mBAAmB,CAAC,GAAW;IACtC,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC,CAAC;QACtD,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;;;;;;GAUG;AACH,SAAS,mBAAmB,CAAC,GAAW;IACtC,wEAAwE;IACxE,kEAAkE;IAClE,MAAM,CAAC,GAAG,IAAA,mBAAU,EAAC,MAAM,CAAC,CAAC,CAAC,wBAAwB;IACtD,IAAI,GAAG,GAAG,KAAK,CAAC;IAChB,MAAM,IAAI,GAAG,CAAC,GAAW,EAAQ,EAAE;QACjC,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;YACjD,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACd,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACf,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACd,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACf,GAAG,GAAG,IAAI,CAAC;QACb,CAAC;QAAC,MAAM,CAAC;YACP,+CAA+C;QACjD,CAAC;IACH,CAAC,CAAC;IACF,IAAI,CAAC,cAAc,CAAC,CAAC;IACrB,IAAI,CAAC,WAAW,CAAC,CAAC;IAClB,sEAAsE;IACtE,iBAAiB;IACjB,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,eAAe,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACrE,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAAE,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,IAAI,CAAC,CAAC,CAAC;QACrE,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,qBAAqB;IACvB,CAAC;IACD,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACtC,CAAC"}
1
+ {"version":3,"file":"cache.js","sourceRoot":"","sources":["../../src/analyzers/cache.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAsCG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA8FH,8CAUC;AAOD,8DA6CC;AA4BD,gDAEC;AAxLD,uCAAyB;AACzB,2CAA6B;AAC7B,mCAAoC;AACpC,iDAAyC;AACzC,wDAI4B;AAC5B,4CAAwD;AAExD,MAAM,WAAW,GAAG,eAAe,CAAC;AACpC,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;AAElD,uEAAuE;AACvE,sEAAsE;AACtE,uEAAuE;AACvE,uEAAuE;AACvE,wEAAwE;AACxE,yEAAyE;AACzE,0EAA0E;AAC1E,mEAAmE;AACnE,2EAA2E;AAC3E,yEAAyE;AACzE,4EAA4E;AAC5E,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAAC,kBAAkB;AAChF,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;AACvD,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC,qBAAqB;AAsD9E,qEAAqE;AACrE,mEAAmE;AACnE,2DAA2D;AAC3D,MAAM,aAAa,GAAG,IAAI,GAAG,EAAmC,CAAC;AAEjE;;;;;GAKG;AACH,SAAgB,iBAAiB,CAAC,GAAW;IAC3C,OAAO;QACL,SAAS,EAAE,WAAW,CAAC,GAAG,EAAE,SAAS,EAAE,MAAM,CAAC;QAC9C,MAAM,EAAE,WAAW,CAAC,GAAG,EAAE,cAAc,EAAE,MAAM,CAAC;QAChD,GAAG,EAAE,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC;QACtB,YAAY,EAAE,mBAAa;QAC3B,eAAe,EAAE,mBAAmB,CAAC,GAAG,CAAC;QACzC,YAAY,EAAE,mBAAmB,CAAC,GAAG,CAAC;QACtC,gBAAgB,EAAE,kBAAkB,CAAC,GAAG,CAAC;KAC1C,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACI,KAAK,UAAU,yBAAyB,CAAC,IAI/C;IACC,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,IAAI,CAAC;IAC5B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,UAAU,GAAG,CAAC,IAAI,CAAC,iBAAiB,IAAI,iBAAiB,CAAC,CAAC,GAAG,CAAC,CAAC;IACtE,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;IAC1E,MAAM,QAAQ,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;IAE3C,0EAA0E;IAC1E,0EAA0E;IAC1E,uEAAuE;IACvE,4DAA4D;IAC5D,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;QACjB,OAAO,WAAW,CAAC,GAAG,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;IACvD,CAAC;IAED,uEAAuE;IACvE,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;QACjB,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC3C,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;IAC5B,CAAC;IAED,MAAM,OAAO,GAAG,CAAC,KAAK,IAAI,EAAE;QAC1B,oEAAoE;QACpE,kEAAkE;QAClE,wBAAwB;QACxB,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,UAAU,CAAC,gBAAgB,EAAE,CAAC;YACjD,MAAM,QAAQ,GAAG,aAAa,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;YACrD,IAAI,QAAQ;gBAAE,OAAO,QAAQ,CAAC;QAChC,CAAC;QACD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,GAAG,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;QACnE,IAAI,CAAC,UAAU,CAAC,gBAAgB,EAAE,CAAC;YACjC,cAAc,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACnC,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC,EAAE,CAAC;IAEL,aAAa,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACrC,sEAAsE;IACtE,iEAAiE;IACjE,OAAO,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,aAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;IACpD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;4EAE4E;AAC5E,KAAK,UAAU,WAAW,CACxB,GAAW,EACX,KAA4B,EAC5B,UAA8B,EAC9B,GAAgB;IAEhB,MAAM,IAAI,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,CAAC;IAC9B,MAAM,KAAK,GAAG,CAAC,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;IAC5C,OAAO;QACL,GAAG,IAAI;QACP,SAAS,EAAE,UAAU,CAAC,SAAS;QAC/B,MAAM,EAAE,UAAU,CAAC,MAAM;QACzB,GAAG,EAAE,UAAU,CAAC,GAAG;QACnB,OAAO,EAAE,KAAK,CAAC,WAAW,EAAE;QAC5B,YAAY,EAAE,UAAU,CAAC,YAAY;QACrC,aAAa,EAAE,gDAA8B;QAC7C,eAAe,EAAE,UAAU,CAAC,eAAe;QAC3C,YAAY,EAAE,UAAU,CAAC,YAAY;QACrC,gBAAgB,EAAE,UAAU,CAAC,gBAAgB;KAC9C,CAAC;AACJ,CAAC;AAED,iEAAiE;AACjE,SAAgB,kBAAkB;IAChC,aAAa,CAAC,KAAK,EAAE,CAAC;AACxB,CAAC;AAED,6EAA6E;AAE7E,SAAS,aAAa,CAAC,CAAqB;IAC1C,qEAAqE;IACrE,mEAAmE;IACnE,qEAAqE;IACrE,2CAA2C;IAC3C,OAAO;QACL,CAAC,CAAC,GAAG;QACL,CAAC,CAAC,SAAS,IAAI,QAAQ;QACvB,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO;QACtC,CAAC,CAAC,YAAY;QACd,MAAM,CAAC,gDAA8B,CAAC;QACtC,CAAC,CAAC,eAAe,IAAI,WAAW;QAChC,CAAC,CAAC,YAAY,IAAI,WAAW;KAC9B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED,SAAS,aAAa,CAAC,QAAgB,EAAE,SAAiB;IACxD,MAAM,GAAG,GAAG,SAAS,IAAI,QAAQ,CAAC;IAClC,OAAO,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,mBAAmB,GAAG,OAAO,CAAC,CAAC;AAC5D,CAAC;AAED,SAAS,aAAa,CAAC,QAAgB,EAAE,QAA4B;IACnE,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,EAAE,QAAQ,CAAC,SAAS,CAAC,CAAC;IACzD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,IAAI,CAAC;IACtC,IAAI,MAAsB,CAAC;IAC3B,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAmB,CAAC;IACxE,CAAC;IAAC,MAAM,CAAC;QACP,+DAA+D;QAC/D,iEAAiE;QACjE,yBAAyB;QACzB,UAAU,CAAC,IAAI,CAAC,CAAC;QACjB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,QAAQ,CAAC,EAAE,CAAC;QACzC,UAAU,CAAC,IAAI,CAAC,CAAC;QACjB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,iBAAiB,CAAC,MAAsB,EAAE,QAA4B;IAC7E,IAAI,MAAM,CAAC,aAAa,KAAK,gDAA8B;QAAE,OAAO,KAAK,CAAC;IAC1E,IAAI,MAAM,CAAC,YAAY,KAAK,QAAQ,CAAC,YAAY;QAAE,OAAO,KAAK,CAAC;IAChE,IAAI,MAAM,CAAC,SAAS,KAAK,QAAQ,CAAC,SAAS;QAAE,OAAO,KAAK,CAAC;IAC1D,IAAI,MAAM,CAAC,eAAe,KAAK,QAAQ,CAAC,eAAe;QAAE,OAAO,KAAK,CAAC;IACtE,8DAA8D;IAC9D,qEAAqE;IACrE,oEAAoE;IACpE,sEAAsE;IACtE,IAAI,CAAC,MAAM,CAAC,YAAY,IAAI,IAAI,CAAC,KAAK,QAAQ,CAAC,YAAY;QAAE,OAAO,KAAK,CAAC;IAC1E,kEAAkE;IAClE,kEAAkE;IAClE,IAAI,MAAM,CAAC,gBAAgB;QAAE,OAAO,KAAK,CAAC;IAC1C,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,cAAc,CAAC,QAAgB,EAAE,MAAsB;IAC9D,IAAI,CAAC;QACH,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5C,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;QACvD,EAAE,CAAC,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;IACnE,CAAC;IAAC,MAAM,CAAC;QACP,8DAA8D;QAC9D,0DAA0D;QAC1D,8DAA8D;QAC9D,kCAAkC;IACpC,CAAC;AACH,CAAC;AAED,SAAS,UAAU,CAAC,IAAY;IAC9B,IAAI,CAAC;QACH,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IACtB,CAAC;IAAC,MAAM,CAAC;QACP,8BAA8B;IAChC,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,GAAW,EAAE,GAAG,IAAc;IACjD,IAAI,CAAC;QACH,OAAO,IAAA,wBAAQ,EAAC,iBAAiB,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE;YACjD,GAAG;YACH,QAAQ,EAAE,OAAO;YACjB,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;YAC/B,OAAO,EAAE,IAAI;SACd,CAAC,CAAC,IAAI,EAAE,CAAC;IACZ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,SAAS,kBAAkB,CAAC,GAAW;IACrC,IAAI,CAAC;QACH,kEAAkE;QAClE,iEAAiE;QACjE,4DAA4D;QAC5D,gEAAgE;QAChE,8DAA8D;QAC9D,yBAAyB;QACzB,MAAM,GAAG,GAAG,IAAA,wBAAQ,EAAC,8CAA8C,EAAE;YACnE,GAAG;YACH,QAAQ,EAAE,OAAO;YACjB,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;YAC/B,OAAO,EAAE,IAAI;SACd,CAAC,CAAC;QACH,4DAA4D;QAC5D,6DAA6D;QAC7D,iEAAiE;QACjE,4DAA4D;QAC5D,kEAAkE;QAClE,+DAA+D;QAC/D,iEAAiE;QACjE,8DAA8D;QAC9D,6DAA6D;QAC7D,EAAE;QACF,8DAA8D;QAC9D,0DAA0D;QAC1D,2DAA2D;QAC3D,gEAAgE;QAChE,gEAAgE;QAChE,yCAAyC;QACzC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE;YAC5C,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE;gBAAE,OAAO,KAAK,CAAC;YAC/B,MAAM,CAAC,GAAG,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnC,IAAI,CAAC,CAAC;gBAAE,OAAO,IAAI,CAAC;YACpB,MAAM,QAAQ,GAAG,kBAAkB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACrD,6DAA6D;YAC7D,6DAA6D;YAC7D,kEAAkE;YAClE,iEAAiE;YACjE,2DAA2D;YAC3D,8DAA8D;YAC9D,4DAA4D;YAC5D,0DAA0D;YAC1D,MAAM,kBAAkB,GAAG,QAAQ,CAAC,IAAI,CACtC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,QAAQ,IAAI,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,UAAU,CAC/D,CAAC;YACF,IAAI,kBAAkB;gBAAE,OAAO,IAAI,CAAC;YACpC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,eAAe,CAAC,CAAC;QAC9E,CAAC,CAAC,CAAC;QACH,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;IAC1B,CAAC;IAAC,MAAM,CAAC;QACP,kEAAkE;QAClE,mEAAmE;QACnE,kDAAkD;QAClD,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,kBAAkB,CAAC,CAAS;IACnC,OAAO,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC9C,CAAC;AAED,SAAS,mBAAmB,CAAC,GAAW;IACtC,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC,CAAC;QACtD,OAAO,IAAI,CAAC,OAAO,CAAC;IACtB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;;;;;;;;;GAUG;AACH,SAAS,mBAAmB,CAAC,GAAW;IACtC,wEAAwE;IACxE,kEAAkE;IAClE,MAAM,CAAC,GAAG,IAAA,mBAAU,EAAC,MAAM,CAAC,CAAC,CAAC,wBAAwB;IACtD,IAAI,GAAG,GAAG,KAAK,CAAC;IAChB,MAAM,IAAI,GAAG,CAAC,GAAW,EAAQ,EAAE;QACjC,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;YACjD,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACd,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACf,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACd,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;YACf,GAAG,GAAG,IAAI,CAAC;QACb,CAAC;QAAC,MAAM,CAAC;YACP,+CAA+C;QACjD,CAAC;IACH,CAAC,CAAC;IACF,IAAI,CAAC,cAAc,CAAC,CAAC;IACrB,IAAI,CAAC,WAAW,CAAC,CAAC;IAClB,sEAAsE;IACtE,iBAAiB;IACjB,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,eAAe,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACrE,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAAE,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,IAAI,CAAC,CAAC,CAAC;QACrE,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,qBAAqB;IACvB,CAAC;IACD,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACtC,CAAC"}
@@ -1,11 +1,30 @@
1
1
  import { HealthMetrics, HealthReport } from './types';
2
2
  import type { AnalysisResult, AnalysisResultBody } from '../analysis-result';
3
+ import { type GatherScope } from '../baseline/gather-scope';
3
4
  /** Default values for all HealthMetrics fields. */
4
5
  export declare function defaultMetrics(): HealthMetrics;
5
6
  /** Options for analyzeHealth. */
6
7
  export interface AnalyzeHealthOptions {
7
8
  /** Print per-tool timing to stderr. */
8
9
  verbose?: boolean;
10
+ /**
11
+ * Restrict the gather to the analyzers a scope needs. Defaults to
12
+ * `FULL_SCOPE` (every analyzer), so the `health` report and CI guardrail
13
+ * are unaffected. The loop Stop-gate passes a policy-derived scope so a
14
+ * `security-only` posture skips the analyzers it can never block on (see
15
+ * `src/baseline/gather-scope.ts`). A scoped result is partial by
16
+ * construction and is never written to the shared `AnalysisResult` cache.
17
+ */
18
+ scope?: GatherScope;
19
+ /**
20
+ * Incremental scanning (opt 3): when set, semgrep scans ONLY these
21
+ * project-relative changed files instead of the whole tree. Sound for a
22
+ * net-new gate because semgrep is intraprocedural — a net-new code
23
+ * finding can only appear in a changed file. Like `scope`, this makes the
24
+ * result partial (it never enters the shared cache). Only the loop
25
+ * Stop-gate sets it; CI / `health` leave it undefined (full scan).
26
+ */
27
+ incrementalFiles?: ReadonlyArray<string>;
9
28
  }
10
29
  /**
11
30
  * Run a full health analysis on a repository, returning both the summary
@@ -1 +1 @@
1
- {"version":3,"file":"health.d.ts","sourceRoot":"","sources":["../../src/analyzers/health.ts"],"names":[],"mappings":"AAiBA,OAAO,EAAoB,aAAa,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACxE,OAAO,KAAK,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAgC7E,mDAAmD;AACnD,wBAAgB,cAAc,IAAI,aAAa,CAiD9C;AAED,iCAAiC;AACjC,MAAM,WAAW,oBAAoB;IACnC,uCAAuC;IACvC,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED;;;;GAIG;AACH,wBAAsB,wBAAwB,CAC5C,QAAQ,EAAE,MAAM,EAChB,OAAO,GAAE,oBAAyB,GACjC,OAAO,CAAC;IAAE,MAAM,EAAE,YAAY,CAAC;IAAC,OAAO,EAAE,aAAa,CAAA;CAAE,CAAC,CAE3D;AAED,kDAAkD;AAClD,wBAAsB,aAAa,CACjC,QAAQ,EAAE,MAAM,EAChB,OAAO,GAAE,oBAAyB,GACjC,OAAO,CAAC,YAAY,CAAC,CAEvB;AAcD;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,wBAAwB,CAC5C,QAAQ,EAAE,MAAM,EAChB,OAAO,GAAE,oBAAyB,GACjC,OAAO,CAAC,kBAAkB,CAAC,CAwG7B;AAsBD;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,cAAc,GAAG,YAAY,CA0BzE"}
1
+ {"version":3,"file":"health.d.ts","sourceRoot":"","sources":["../../src/analyzers/health.ts"],"names":[],"mappings":"AAiBA,OAAO,EAAoB,aAAa,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACxE,OAAO,KAAK,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AAgC7E,OAAO,EAAE,KAAK,WAAW,EAAc,MAAM,0BAA0B,CAAC;AAExE,mDAAmD;AACnD,wBAAgB,cAAc,IAAI,aAAa,CAiD9C;AAED,iCAAiC;AACjC,MAAM,WAAW,oBAAoB;IACnC,uCAAuC;IACvC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB;;;;;;;OAOG;IACH,KAAK,CAAC,EAAE,WAAW,CAAC;IACpB;;;;;;;OAOG;IACH,gBAAgB,CAAC,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;CAC1C;AAED;;;;GAIG;AACH,wBAAsB,wBAAwB,CAC5C,QAAQ,EAAE,MAAM,EAChB,OAAO,GAAE,oBAAyB,GACjC,OAAO,CAAC;IAAE,MAAM,EAAE,YAAY,CAAC;IAAC,OAAO,EAAE,aAAa,CAAA;CAAE,CAAC,CAE3D;AAED,kDAAkD;AAClD,wBAAsB,aAAa,CACjC,QAAQ,EAAE,MAAM,EAChB,OAAO,GAAE,oBAAyB,GACjC,OAAO,CAAC,YAAY,CAAC,CAEvB;AAcD;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,wBAAwB,CAC5C,QAAQ,EAAE,MAAM,EAChB,OAAO,GAAE,oBAAyB,GACjC,OAAO,CAAC,kBAAkB,CAAC,CAiH7B;AAsBD;;;;;;;;GAQG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,cAAc,GAAG,YAAY,CA0BzE"}