@vyuhlabs/dxkit 2.6.0 → 2.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +54 -13
- package/README.md +208 -459
- package/dist/analyzers/bom/discovery.d.ts +3 -4
- package/dist/analyzers/bom/discovery.d.ts.map +1 -1
- package/dist/analyzers/bom/discovery.js +3 -4
- package/dist/analyzers/bom/discovery.js.map +1 -1
- package/dist/analyzers/bom/types.d.ts +1 -1
- package/dist/analyzers/dashboard/index.d.ts.map +1 -1
- package/dist/analyzers/dashboard/index.js +42 -5
- package/dist/analyzers/dashboard/index.js.map +1 -1
- package/dist/analyzers/quality/detailed.d.ts +8 -1
- package/dist/analyzers/quality/detailed.d.ts.map +1 -1
- package/dist/analyzers/quality/detailed.js +43 -10
- package/dist/analyzers/quality/detailed.js.map +1 -1
- package/dist/analyzers/security/detailed.d.ts +8 -1
- package/dist/analyzers/security/detailed.d.ts.map +1 -1
- package/dist/analyzers/security/detailed.js +14 -1
- package/dist/analyzers/security/detailed.js.map +1 -1
- package/dist/analyzers/tests/detailed.d.ts +8 -1
- package/dist/analyzers/tests/detailed.d.ts.map +1 -1
- package/dist/analyzers/tests/detailed.js +26 -7
- package/dist/analyzers/tests/detailed.js.map +1 -1
- package/dist/analyzers/tools/cloc.js +3 -3
- package/dist/analyzers/tools/cloc.js.map +1 -1
- package/dist/analyzers/tools/exclusions.d.ts +12 -12
- package/dist/analyzers/tools/exclusions.d.ts.map +1 -1
- package/dist/analyzers/tools/exclusions.js +27 -13
- package/dist/analyzers/tools/exclusions.js.map +1 -1
- package/dist/analyzers/tools/graphify.d.ts +39 -5
- package/dist/analyzers/tools/graphify.d.ts.map +1 -1
- package/dist/analyzers/tools/graphify.js +609 -45
- package/dist/analyzers/tools/graphify.js.map +1 -1
- package/dist/analyzers/tools/nuget-package-reference.d.ts +4 -4
- package/dist/analyzers/tools/nuget-package-reference.js +4 -4
- package/dist/analyzers/tools/osv-scanner-fix.d.ts +4 -5
- package/dist/analyzers/tools/osv-scanner-fix.d.ts.map +1 -1
- package/dist/analyzers/tools/osv-scanner-fix.js +4 -5
- package/dist/analyzers/tools/osv-scanner-fix.js.map +1 -1
- package/dist/analyzers/tools/parallel.d.ts.map +1 -1
- package/dist/analyzers/tools/parallel.js +7 -0
- package/dist/analyzers/tools/parallel.js.map +1 -1
- package/dist/analyzers/tools/vendored-advisor.d.ts.map +1 -1
- package/dist/analyzers/tools/vendored-advisor.js +3 -4
- package/dist/analyzers/tools/vendored-advisor.js.map +1 -1
- package/dist/analyzers/xlsx/licenses.d.ts +7 -7
- package/dist/analyzers/xlsx/licenses.js +7 -7
- package/dist/cli.d.ts.map +1 -1
- package/dist/cli.js +80 -3
- package/dist/cli.js.map +1 -1
- package/dist/dashboard/graph-adapter.d.ts +151 -0
- package/dist/dashboard/graph-adapter.d.ts.map +1 -0
- package/dist/dashboard/graph-adapter.js +415 -0
- package/dist/dashboard/graph-adapter.js.map +1 -0
- package/dist/dashboard/graph-tab.d.ts +109 -0
- package/dist/dashboard/graph-tab.d.ts.map +1 -0
- package/dist/dashboard/graph-tab.js +297 -0
- package/dist/dashboard/graph-tab.js.map +1 -0
- package/dist/dashboard/vendor/vis-network.min.js +34 -0
- package/dist/explore/cli/api-surface.d.ts +12 -0
- package/dist/explore/cli/api-surface.d.ts.map +1 -0
- package/dist/explore/cli/api-surface.js +57 -0
- package/dist/explore/cli/api-surface.js.map +1 -0
- package/dist/explore/cli/communities.d.ts +10 -0
- package/dist/explore/cli/communities.d.ts.map +1 -0
- package/dist/explore/cli/communities.js +47 -0
- package/dist/explore/cli/communities.js.map +1 -0
- package/dist/explore/cli/context.d.ts +16 -0
- package/dist/explore/cli/context.d.ts.map +1 -0
- package/dist/explore/cli/context.js +118 -0
- package/dist/explore/cli/context.js.map +1 -0
- package/dist/explore/cli/entry-points.d.ts +12 -0
- package/dist/explore/cli/entry-points.d.ts.map +1 -0
- package/dist/explore/cli/entry-points.js +85 -0
- package/dist/explore/cli/entry-points.js.map +1 -0
- package/dist/explore/cli/feature.d.ts +16 -0
- package/dist/explore/cli/feature.d.ts.map +1 -0
- package/dist/explore/cli/feature.js +89 -0
- package/dist/explore/cli/feature.js.map +1 -0
- package/dist/explore/cli/file.d.ts +12 -0
- package/dist/explore/cli/file.d.ts.map +1 -0
- package/dist/explore/cli/file.js +139 -0
- package/dist/explore/cli/file.js.map +1 -0
- package/dist/explore/cli/hot-files.d.ts +11 -0
- package/dist/explore/cli/hot-files.d.ts.map +1 -0
- package/dist/explore/cli/hot-files.js +63 -0
- package/dist/explore/cli/hot-files.js.map +1 -0
- package/dist/explore/context-hook.d.ts +42 -0
- package/dist/explore/context-hook.d.ts.map +1 -0
- package/dist/explore/context-hook.js +131 -0
- package/dist/explore/context-hook.js.map +1 -0
- package/dist/explore/finding-context.d.ts +69 -0
- package/dist/explore/finding-context.d.ts.map +1 -0
- package/dist/explore/finding-context.js +102 -0
- package/dist/explore/finding-context.js.map +1 -0
- package/dist/explore/format.d.ts +64 -0
- package/dist/explore/format.d.ts.map +1 -0
- package/dist/explore/format.js +99 -0
- package/dist/explore/format.js.map +1 -0
- package/dist/explore/load.d.ts +50 -0
- package/dist/explore/load.d.ts.map +1 -0
- package/dist/explore/load.js +197 -0
- package/dist/explore/load.js.map +1 -0
- package/dist/explore/queries.d.ts +413 -0
- package/dist/explore/queries.d.ts.map +1 -0
- package/dist/explore/queries.js +855 -0
- package/dist/explore/queries.js.map +1 -0
- package/dist/explore/types.d.ts +130 -0
- package/dist/explore/types.d.ts.map +1 -0
- package/dist/explore/types.js +28 -0
- package/dist/explore/types.js.map +1 -0
- package/dist/explore-cli.d.ts +45 -0
- package/dist/explore-cli.d.ts.map +1 -0
- package/dist/explore-cli.js +213 -0
- package/dist/explore-cli.js.map +1 -0
- package/dist/generator.d.ts.map +1 -1
- package/dist/generator.js +19 -0
- package/dist/generator.js.map +1 -1
- package/dist/languages/csharp.d.ts.map +1 -1
- package/dist/languages/csharp.js +31 -11
- package/dist/languages/csharp.js.map +1 -1
- package/dist/languages/go.d.ts.map +1 -1
- package/dist/languages/go.js +4 -0
- package/dist/languages/go.js.map +1 -1
- package/dist/languages/index.d.ts +27 -0
- package/dist/languages/index.d.ts.map +1 -1
- package/dist/languages/index.js +35 -0
- package/dist/languages/index.js.map +1 -1
- package/dist/languages/java.d.ts.map +1 -1
- package/dist/languages/java.js +4 -0
- package/dist/languages/java.js.map +1 -1
- package/dist/languages/kotlin.d.ts.map +1 -1
- package/dist/languages/kotlin.js +4 -0
- package/dist/languages/kotlin.js.map +1 -1
- package/dist/languages/python.d.ts.map +1 -1
- package/dist/languages/python.js +4 -0
- package/dist/languages/python.js.map +1 -1
- package/dist/languages/ruby.d.ts.map +1 -1
- package/dist/languages/ruby.js +4 -0
- package/dist/languages/ruby.js.map +1 -1
- package/dist/languages/rust.d.ts.map +1 -1
- package/dist/languages/rust.js +4 -0
- package/dist/languages/rust.js.map +1 -1
- package/dist/languages/types.d.ts +54 -0
- package/dist/languages/types.d.ts.map +1 -1
- package/dist/languages/typescript.d.ts.map +1 -1
- package/dist/languages/typescript.js +5 -1
- package/dist/languages/typescript.js.map +1 -1
- package/package.json +2 -1
- package/templates/.claude/skills/dxkit-action/SKILL.md +21 -1
- package/templates/.claude/skills/dxkit-reports/SKILL.md +3 -1
- package/templates/AGENTS.md.template +8 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"graphify.js","sourceRoot":"","sources":["../../../src/analyzers/tools/graphify.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"graphify.js","sourceRoot":"","sources":["../../../src/analyzers/tools/graphify.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAqsBA,oDAKC;AAmBD,kDAWC;AAsLD,sDAiBC;AA/6BD;;;;;;;;;;;;;;;;GAgBG;AACH,uCAAyB;AACzB,uCAAyB;AACzB,2CAA6B;AAC7B,qCAAuC;AACvC,mDAAsD;AACtD,6CAAsD;AACtD,mCAA4C;AAG5C,+CAAwE;AAiBxE,8EAA8E;AAC9E,SAAS,mBAAmB,CAAC,GAAW;IACtC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,aAAa,EAAE,GAAG,IAAA,mCAAsB,EAAC,GAAG,CAAC,CAAC;IAC1E,OAAO;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAqCQ,OAAO;kBACN,SAAS;uBACJ,aAAa;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA2jBnC,CAAC;AACF,CAAC;AAyBD;;;;;;;;GAQG;AACH,MAAM,eAAe,GAAG,IAAI,GAAG,EAAmC,CAAC;AACnE,MAAM,UAAU,GAAG,IAAI,GAAG,EAA8B,CAAC;AAEzD;;;;;;;GAOG;AACH,MAAM,WAAW,GAAG,IAAI,GAAG,EAAyB,CAAC;AAErD;;;;GAIG;AACI,KAAK,UAAU,oBAAoB,CAAC,GAAW;IACpD,MAAM,eAAe,CAAC,GAAG,CAAC,CAAC;IAC3B,mEAAmE;IACnE,mBAAmB;IACnB,OAAO,eAAe,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC;AACnC,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACI,KAAK,UAAU,mBAAmB,CACvC,GAAW,EACX,OAAkC,EAAE;IAEpC,MAAM,eAAe,CAAC,GAAG,CAAC,CAAC;IAC3B,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC;IACrC,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,KAAK,KAAK,CAAC;IAC/C,IAAI,WAAW,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC9C,kBAAkB,CAAC,GAAG,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;IACzC,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;;GAKG;AACH,SAAS,kBAAkB,CAAC,GAAW,EAAE,KAAgB;IACvD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,yBAAiB,CAAC,CAAC;IAClD,IAAI,CAAC;QACH,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACzD,EAAE,CAAC,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;IACnD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,0BAA0B,yBAAiB,KAAK,GAAG,IAAI,CAAC,CAAC;IAChF,CAAC;AACH,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,GAAW;IACxC,4DAA4D;IAC5D,IAAI,eAAe,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC;QAAE,OAAO;IAC5D,IAAI,CAAC,GAAG,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,CAAC,CAAC,EAAE,CAAC;QACP,CAAC,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE;YACpC,0DAA0D;YAC1D,0DAA0D;YAC1D,qDAAqD;YACrD,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAC1B,CAAC,CAAC,CAAC;QACH,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,GAAW;IACxC,MAAM,SAAS,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAClC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,MAAM,MAAM,GAAG,eAAe,CAAC;QAC/B,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QAC1D,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QACrD,OAAO;IACT,CAAC;IAED,oEAAoE;IACpE,gEAAgE;IAChE,mEAAmE;IACnE,iCAAiC;IACjC,MAAM,SAAS,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,iBAAiB,CAAC,CAAC,CAAC;IAC5E,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;IAClD,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC;IACvD,2DAA2D;IAC3D,2DAA2D;IAC3D,+DAA+D;IAC/D,6DAA6D;IAC7D,2DAA2D;IAC3D,2DAA2D;IAC3D,8DAA8D;IAC9D,+CAA+C;IAC/C,EAAE;IACF,gEAAgE;IAChE,iEAAiE;IACjE,MAAM,OAAO,GAAG,MAAM,IAAA,oBAAW,EAAC,SAAS,EAAE,CAAC,UAAU,EAAE,GAAG,CAAC,EAAE;QAC9D,GAAG,EAAE,SAAS;QACd,SAAS,EAAE,MAAM,EAAE,6EAA6E;KACjG,CAAC,CAAC;IACH,IAAI,CAAC;QACH,EAAE,CAAC,MAAM,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,YAAY;IACd,CAAC;IACD,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;IAC9B,MAAM,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IAE5C,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,IAAI,MAAc,CAAC;QACnB,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACrB,MAAM,GAAG,gEAAgE,CAAC;QAC5E,CAAC;aAAM,CAAC;YACN,+DAA+D;YAC/D,+DAA+D;YAC/D,8DAA8D;YAC9D,iDAAiD;YACjD,MAAM,eAAe,GAAG,aAAa;iBAClC,KAAK,CAAC,IAAI,CAAC;iBACX,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC;gBACjC,EAAE,IAAI,EAAE,CAAC;YACX,MAAM,GAAG,eAAe;gBACtB,CAAC,CAAC,WAAW,eAAe,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,eAAe,EAAE;gBACrG,CAAC,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,IAAI,OAAO,CAAC,IAAI,KAAK,IAAI;oBAC3C,CAAC,CAAC,yBAAyB,OAAO,CAAC,IAAI,2DAA2D;oBAClG,CAAC,CAAC,oCAAoC,CAAC;QAC7C,CAAC;QACD,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QAC1D,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QACrD,OAAO;IACT,CAAC;IAED,mFAAmF;IACnF,MAAM,QAAQ,GAAG,MAAM;SACpB,KAAK,CAAC,IAAI,CAAC;SACX,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;SAChC,GAAG,EAAE,CAAC;IACT,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,MAAM,GAAG,gBAAgB,CAAC;QAChC,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QAC1D,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QACrD,OAAO;IACT,CAAC;IAED,IAAI,IAAyC,CAAC;IAC9C,IAAI,CAAC;QACH,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAwC,CAAC;IACrE,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,MAAM,GAAG,aAAa,CAAC;QAC7B,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QAC1D,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QACrD,OAAO;IACT,CAAC;IACD,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACf,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC;QAC1B,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QAC1D,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC;QACrD,OAAO;IACT,CAAC;IAED,qDAAqD;IACrD,eAAe,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,qBAAqB,CAAC,IAAI,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;IAE1F,+DAA+D;IAC/D,8DAA8D;IAC9D,kEAAkE;IAClE,yBAAyB;IACzB,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACf,MAAM,YAAY,GAAG,gBAAgB,EAAE,CAAC;QACxC,MAAM,aAAa,GAAc;YAC/B,GAAG,IAAI,CAAC,KAAK;YACb,IAAI,EAAE;gBACJ,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI;gBAClB,YAAY;aACb;SACF,CAAC;QACF,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC,CAAC;IACjE,CAAC;SAAM,CAAC;QACN,gEAAgE;QAChE,2DAA2D;QAC3D,0CAA0C;QAC1C,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE;YAClB,IAAI,EAAE,aAAa;YACnB,MAAM,EAAE,wDAAwD;SACjE,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,gBAAgB;IACvB,IAAI,CAAC;QACH,2DAA2D;QAC3D,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC;QAC1E,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAyB,CAAC;QAClF,OAAO,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;IACnE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC;AAED;;;;;;;;;;GAUG;AACH,SAAgB,qBAAqB,CAAC,IAAoB,EAAE,GAAW;IACrE,OAAO;QACL,aAAa,EAAE,CAAC;QAChB,IAAI,EAAE,UAAU;QAChB,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,kBAAkB,EAAE,IAAI,CAAC,kBAAkB;QAC3C,oBAAoB,EAAE,IAAI,CAAC,oBAAoB;YAC7C,CAAC,CAAC,IAAA,yBAAiB,EAAC,GAAG,EAAE,IAAI,CAAC,oBAAoB,CAAC;YACnD,CAAC,CAAC,EAAE;QACN,YAAY,EAAE,IAAI,CAAC,YAAY;QAC/B,cAAc,EAAE,IAAI,CAAC,cAAc;QACnC,WAAW,EAAE,IAAI,CAAC,WAAW;QAC7B,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;QACzC,eAAe,EAAE,IAAI,CAAC,eAAe;QACrC,kBAAkB,EAAE,IAAI,CAAC,kBAAkB;KAC5C,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,uEAAuE;AACvE,uEAAuE;AACvE,+DAA+D;AAC/D,gEAAgE;AAChE,oEAAoE;AACpE,qEAAqE;AACxD,QAAA,gBAAgB,GAEzB;IACF,MAAM,EAAE,UAAU;IAClB,KAAK,CAAC,MAAM,CAAC,GAAG;QACd,MAAM,OAAO,GAAG,MAAM,oBAAoB,CAAC,GAAG,CAAC,CAAC;QAChD,OAAO,OAAO,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC9D,CAAC;IACD,KAAK,CAAC,aAAa,CAAC,GAAG;QACrB,OAAO,oBAAoB,CAAC,GAAG,CAAC,CAAC;IACnC,CAAC;CACF,CAAC;AAEF,sFAAsF;AACtF,SAAS,UAAU,CAAC,GAAW;IAC7B,MAAM,MAAM,GAAG,IAAA,wBAAQ,EAAC,yBAAS,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;IACjD,OAAO,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;AAC/C,CAAC"}
|
|
@@ -25,10 +25,10 @@
|
|
|
25
25
|
* Microsoft-recommended non-sudo install) got dotnet discovered.
|
|
26
26
|
* That fix was necessary but not sufficient: `dotnet list package
|
|
27
27
|
* --vulnerable` still requires an explicit `.csproj`/`.sln` in cwd,
|
|
28
|
-
* and
|
|
29
|
-
* `
|
|
30
|
-
* project files
|
|
31
|
-
* `dxkit vulnerabilities
|
|
28
|
+
* and a deeply-nested .NET layout like
|
|
29
|
+
* `app/src/modules/Core/<Module>/<Module>.csproj` puts the
|
|
30
|
+
* project files several levels deeper than the natural
|
|
31
|
+
* `dxkit vulnerabilities app/src/` cwd.
|
|
32
32
|
*
|
|
33
33
|
* D025f sidesteps the dotnet CLI entirely. We walk every `.csproj`
|
|
34
34
|
* reachable from cwd (depth 5, matching csharp.detect()), parse
|
|
@@ -26,10 +26,10 @@
|
|
|
26
26
|
* Microsoft-recommended non-sudo install) got dotnet discovered.
|
|
27
27
|
* That fix was necessary but not sufficient: `dotnet list package
|
|
28
28
|
* --vulnerable` still requires an explicit `.csproj`/`.sln` in cwd,
|
|
29
|
-
* and
|
|
30
|
-
* `
|
|
31
|
-
* project files
|
|
32
|
-
* `dxkit vulnerabilities
|
|
29
|
+
* and a deeply-nested .NET layout like
|
|
30
|
+
* `app/src/modules/Core/<Module>/<Module>.csproj` puts the
|
|
31
|
+
* project files several levels deeper than the natural
|
|
32
|
+
* `dxkit vulnerabilities app/src/` cwd.
|
|
33
33
|
*
|
|
34
34
|
* D025f sidesteps the dotnet CLI entirely. We walk every `.csproj`
|
|
35
35
|
* reachable from cwd (depth 5, matching csharp.detect()), parse
|
|
@@ -41,11 +41,10 @@ import type { DepVulnFinding, DepVulnUpgradePlan } from '../../languages/capabil
|
|
|
41
41
|
* cleanly). On dxkit's own repo this caused subsequent dxkit subcommand
|
|
42
42
|
* invocations to crash with `Cannot find module 'hosted-git-info'`
|
|
43
43
|
* because osv-scanner's reinstall left an incomplete tree. On
|
|
44
|
-
*
|
|
45
|
-
* succeed but still mutated state silently — a
|
|
46
|
-
* bug shipped since 2.4.0
|
|
47
|
-
*
|
|
48
|
-
* and tripped the chain.
|
|
44
|
+
* a large reference repo (~800MB node_modules) the reinstall happened to
|
|
45
|
+
* succeed but still mutated state silently — a long-standing data-mutation
|
|
46
|
+
* bug shipped since 2.4.0 and only caught when a pre-ship regression ran
|
|
47
|
+
* reports back-to-back on dxkit's own repo and tripped the chain.
|
|
49
48
|
*
|
|
50
49
|
* Mitigation: we copy `package.json` + `package-lock.json` to a fresh
|
|
51
50
|
* temp dir, run osv-scanner there, and discard the temp dir afterward.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"osv-scanner-fix.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/osv-scanner-fix.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAKH,OAAO,KAAK,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,oCAAoC,CAAC;AAsC7F
|
|
1
|
+
{"version":3,"file":"osv-scanner-fix.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/osv-scanner-fix.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAKH,OAAO,KAAK,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,oCAAoC,CAAC;AAsC7F;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACH,wBAAsB,wBAAwB,CAC5C,GAAG,EAAE,MAAM,GACV,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAAC,CAwC1C;AAED;;;;;;;;;GASG;AACH,wBAAgB,wBAAwB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAwCrF;AAED;;;;GAIG;AACH,wBAAgB,sBAAsB,CACpC,QAAQ,EAAE,cAAc,EAAE,EAC1B,KAAK,EAAE,GAAG,CAAC,MAAM,EAAE,kBAAkB,CAAC,GACrC,MAAM,CAaR;AAED;;;;;;;4BAO4B;AAC5B,wBAAgB,OAAO,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM,CAEhF"}
|
|
@@ -85,11 +85,10 @@ const tool_registry_1 = require("./tool-registry");
|
|
|
85
85
|
* cleanly). On dxkit's own repo this caused subsequent dxkit subcommand
|
|
86
86
|
* invocations to crash with `Cannot find module 'hosted-git-info'`
|
|
87
87
|
* because osv-scanner's reinstall left an incomplete tree. On
|
|
88
|
-
*
|
|
89
|
-
* succeed but still mutated state silently — a
|
|
90
|
-
* bug shipped since 2.4.0
|
|
91
|
-
*
|
|
92
|
-
* and tripped the chain.
|
|
88
|
+
* a large reference repo (~800MB node_modules) the reinstall happened to
|
|
89
|
+
* succeed but still mutated state silently — a long-standing data-mutation
|
|
90
|
+
* bug shipped since 2.4.0 and only caught when a pre-ship regression ran
|
|
91
|
+
* reports back-to-back on dxkit's own repo and tripped the chain.
|
|
93
92
|
*
|
|
94
93
|
* Mitigation: we copy `package.json` + `package-lock.json` to a fresh
|
|
95
94
|
* temp dir, run osv-scanner there, and discard the temp dir afterward.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"osv-scanner-fix.js","sourceRoot":"","sources":["../../../src/analyzers/tools/osv-scanner-fix.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"osv-scanner-fix.js","sourceRoot":"","sources":["../../../src/analyzers/tools/osv-scanner-fix.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA2EH,4DA0CC;AAYD,4DAwCC;AAOD,wDAgBC;AAUD,0BAEC;AA1MD,uCAAyB;AACzB,uCAAyB;AACzB,2CAA6B;AAE7B,qCAAuC;AACvC,+CAA4C;AAC5C,mDAAsD;AAmCtD;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA+BG;AACI,KAAK,UAAU,wBAAwB,CAC5C,GAAW;IAEX,MAAM,WAAW,GAAG,cAAc,CAAC;IACnC,MAAM,WAAW,GAAG,mBAAmB,CAAC;IACxC,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;IAChD,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;IAChD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;QAC/D,OAAO,IAAI,GAAG,EAAE,CAAC;IACnB,CAAC;IACD,MAAM,IAAI,GAAG,IAAA,wBAAQ,EAAC,yBAAS,CAAC,aAAa,CAAC,EAAE,GAAG,CAAC,CAAC;IACrD,IAAI,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,CAAC,IAAI;QAAE,OAAO,IAAI,GAAG,EAAE,CAAC;IAEpD,qEAAqE;IACrE,mEAAmE;IACnE,sDAAsD;IACtD,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,gBAAgB,CAAC,CAAC,CAAC;IACzE,IAAI,CAAC;QACH,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,CAAC;QAC9D,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,CAAC;QAE9D,oEAAoE;QACpE,qEAAqE;QACrE,+DAA+D;QAC/D,iEAAiE;QACjE,iEAAiE;QACjE,iEAAiE;QACjE,yDAAyD;QACzD,wBAAwB;QACxB,MAAM,OAAO,GAAG,MAAM,IAAA,oBAAW,EAC/B,IAAI,CAAC,IAAI,EACT,CAAC,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,YAAY,EAAE,WAAW,EAAE,YAAY,EAAE,WAAW,CAAC,EACjF,EAAE,GAAG,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,CACrC,CAAC;QACF,kEAAkE;QAClE,kEAAkE;QAClE,kEAAkE;QAClE,IAAI,CAAC,OAAO,CAAC,MAAM;YAAE,OAAO,IAAI,GAAG,EAAE,CAAC;QACtC,OAAO,wBAAwB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAClD,CAAC;YAAS,CAAC;QACT,EAAE,CAAC,MAAM,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACvD,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,SAAgB,wBAAwB,CAAC,GAAW;IAClD,MAAM,KAAK,GAAG,IAAI,GAAG,EAA8B,CAAC;IACpD,MAAM,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACnC,IAAI,SAAS,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAChC,IAAI,MAAoB,CAAC;IACzB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAiB,CAAC;IAC5D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;IAED,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,OAAO,IAAI,EAAE,EAAE,CAAC;QACzC,MAAM,OAAO,GAAG,KAAK,CAAC,cAAc,CAAC;QACrC,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAC/C,MAAM,QAAQ,GAAG,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAC7D,oEAAoE;QACpE,oEAAoE;QACpE,mEAAmE;QACnE,gEAAgE;QAChE,gEAAgE;QAChE,uBAAuB;QACvB,MAAM,YAAY,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC,CAAC;QACtE,MAAM,IAAI,GAAuB;YAC/B,MAAM,EAAE,YAAY,CAAC,IAAI;YACzB,aAAa,EAAE,gBAAgB,CAAC,YAAY,CAAC,SAAS,CAAC;YACvD,OAAO,EAAE,QAAQ;YACjB,QAAQ,EAAE,IAAA,yBAAW,EACnB,gBAAgB,CAAC,YAAY,CAAC,WAAW,CAAC,EAC1C,gBAAgB,CAAC,YAAY,CAAC,SAAS,CAAC,CACzC;SACF,CAAC;QACF,mEAAmE;QACnE,2BAA2B;QAC3B,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,KAAK,IAAI,EAAE,EAAE,CAAC;YACtC,KAAK,MAAM,GAAG,IAAI,KAAK,CAAC,QAAQ,IAAI,EAAE,EAAE,CAAC;gBACvC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,EAAE,KAAK,CAAC,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC;YAC5D,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;GAIG;AACH,SAAgB,sBAAsB,CACpC,QAA0B,EAC1B,KAAsC;IAEtC,IAAI,KAAK,CAAC,IAAI,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC;IAC/B,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,CAAC,gBAAgB;YAAE,SAAS;QAClC,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,gBAAgB,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;QACzD,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC5B,IAAI,IAAI,EAAE,CAAC;YACT,CAAC,CAAC,WAAW,GAAG,IAAI,CAAC;YACrB,KAAK,EAAE,CAAC;QACV,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;;4BAO4B;AAC5B,SAAgB,OAAO,CAAC,GAAW,EAAE,OAAe,EAAE,UAAkB;IACtE,OAAO,GAAG,GAAG,KAAK,OAAO,KAAK,UAAU,CAAC,WAAW,EAAE,EAAE,CAAC;AAC3D,CAAC;AAED;;;qCAGqC;AACrC,SAAS,gBAAgB,CAAC,CAAS;IACjC,OAAO,CAAC,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;AAC9C,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"parallel.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/parallel.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAKzC,wBAAsB,oBAAoB,CACxC,GAAG,EAAE,MAAM,EACX,QAAQ,UAAQ,GACf,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,
|
|
1
|
+
{"version":3,"file":"parallel.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/parallel.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAKzC,wBAAsB,oBAAoB,CACxC,GAAG,EAAE,MAAM,EACX,QAAQ,UAAQ,GACf,OAAO,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAwCjC"}
|
|
@@ -25,6 +25,13 @@ async function gatherLayer2Parallel(cwd, _verbose = false) {
|
|
|
25
25
|
else {
|
|
26
26
|
toolsUnavailable.push(`graphify (${graphify.reason})`);
|
|
27
27
|
}
|
|
28
|
+
// Trigger the graph.json side-effect write. Shares the Python
|
|
29
|
+
// invocation with gatherGraphifyResult above via the promise-
|
|
30
|
+
// coalesced cache — no second shell-out. The disk write powers
|
|
31
|
+
// the explore CLI (Sprint 2) + dashboard viz (Sprint 3) + future
|
|
32
|
+
// 2.8 context CLI + reachability flows, all of which read from
|
|
33
|
+
// .dxkit/reports/graph.json via the canonical loader.
|
|
34
|
+
await (0, graphify_1.gatherGraphifyGraph)(cwd);
|
|
28
35
|
return {
|
|
29
36
|
sourceFiles: clocPartial.sourceFiles,
|
|
30
37
|
totalLines: clocPartial.totalLines,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"parallel.js","sourceRoot":"","sources":["../../../src/analyzers/tools/parallel.ts"],"names":[],"mappings":";;AA2BA,
|
|
1
|
+
{"version":3,"file":"parallel.js","sourceRoot":"","sources":["../../../src/analyzers/tools/parallel.ts"],"names":[],"mappings":";;AA2BA,oDA2CC;AA/CD,iCAA2C;AAC3C,yCAAkD;AAClD,yCAAuE;AAEhE,KAAK,UAAU,oBAAoB,CACxC,GAAW,EACX,QAAQ,GAAG,KAAK;IAEhB,MAAM,WAAW,GAAG,IAAA,wBAAiB,EAAC,GAAG,CAAC,CAAC;IAE3C,MAAM,SAAS,GAAa,CAAC,GAAG,CAAC,WAAW,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,CAAC;IAC/D,MAAM,gBAAgB,GAAa,CAAC,GAAG,CAAC,WAAW,CAAC,gBAAgB,IAAI,EAAE,CAAC,CAAC,CAAC;IAE7E,MAAM,QAAQ,GAAG,IAAA,+BAAoB,EAAC,GAAG,CAAC,CAAC;IAC3C,IAAI,QAAQ,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAChC,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC7B,CAAC;SAAM,CAAC;QACN,kEAAkE;QAClE,iEAAiE;QACjE,0CAA0C;QAC1C,gBAAgB,CAAC,IAAI,CACnB,QAAQ,CAAC,MAAM,KAAK,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,aAAa,QAAQ,CAAC,MAAM,GAAG,CACnF,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,IAAA,+BAAoB,EAAC,GAAG,CAAC,CAAC;IACjD,IAAI,QAAQ,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAChC,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC7B,CAAC;SAAM,CAAC;QACN,gBAAgB,CAAC,IAAI,CAAC,aAAa,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;IACzD,CAAC;IAED,8DAA8D;IAC9D,8DAA8D;IAC9D,+DAA+D;IAC/D,iEAAiE;IACjE,+DAA+D;IAC/D,sDAAsD;IACtD,MAAM,IAAA,8BAAmB,EAAC,GAAG,CAAC,CAAC;IAE/B,OAAO;QACL,WAAW,EAAE,WAAW,CAAC,WAAW;QACpC,UAAU,EAAE,WAAW,CAAC,UAAU;QAClC,aAAa,EAAE,WAAW,CAAC,aAAa;QACxC,SAAS;QACT,gBAAgB;KACjB,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"vendored-advisor.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/vendored-advisor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;
|
|
1
|
+
{"version":3,"file":"vendored-advisor.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/vendored-advisor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AA4DH;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAGtD;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,CAAC,SAAS;IAAE,IAAI,EAAE,MAAM,CAAA;CAAE,EAAE,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAE/F"}
|
|
@@ -60,10 +60,9 @@ const SUSPECT_VENDORED_TOKENS = [
|
|
|
60
60
|
'/cesium/',
|
|
61
61
|
'/map/js/',
|
|
62
62
|
'/map/lib/',
|
|
63
|
-
// SAP Business One / ByDesign SDK proxy classes
|
|
64
|
-
//
|
|
65
|
-
//
|
|
66
|
-
// code by extension alone. Project-team doesn't author them.
|
|
63
|
+
// SAP Business One / ByDesign SDK proxy classes — generated/vendored
|
|
64
|
+
// property-bag DTOs with hundreds of classes and zero method bodies,
|
|
65
|
+
// indistinguishable from hand-written code by extension alone.
|
|
67
66
|
'/sapb1/',
|
|
68
67
|
'/sapbyd/',
|
|
69
68
|
'/odata/',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"vendored-advisor.js","sourceRoot":"","sources":["../../../src/analyzers/tools/vendored-advisor.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;;
|
|
1
|
+
{"version":3,"file":"vendored-advisor.js","sourceRoot":"","sources":["../../../src/analyzers/tools/vendored-advisor.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;;AAiEH,sCAGC;AAQD,wDAEC;AA5ED;;;;;;;;;;;GAWG;AACH,MAAM,uBAAuB,GAAG;IAC9B,QAAQ;IACR,eAAe;IACf,cAAc;IACd,sBAAsB;IACtB,WAAW;IACX,YAAY;IACZ,WAAW;IACX,eAAe;IACf,eAAe;IACf,YAAY;IACZ,gEAAgE;IAChE,kEAAkE;IAClE,gEAAgE;IAChE,aAAa;IACb,WAAW;IACX,UAAU;IACV,UAAU;IACV,WAAW;IACX,qEAAqE;IACrE,qEAAqE;IACrE,+DAA+D;IAC/D,SAAS;IACT,UAAU;IACV,SAAS;IACT,mEAAmE;IACnE,kEAAkE;IAClE,0CAA0C;IAC1C,qBAAqB;IACrB,oBAAoB;IACpB,iBAAiB;IACjB,kBAAkB;CACnB,CAAC;AAEF,+DAA+D;AAC/D,kEAAkE;AAClE,sEAAsE;AACtE,8DAA8D;AAC9D,gEAAgE;AAChE,oEAAoE;AACpE,+DAA+D;AAC/D,6DAA6D;AAC7D,kEAAkE;AAClE,gEAAgE;AAChE,4CAA4C;AAE5C;;;;GAIG;AACH,SAAgB,aAAa,CAAC,OAAe;IAC3C,MAAM,QAAQ,GAAG,CAAC,GAAG,GAAG,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;IAC/C,OAAO,uBAAuB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;AACnE,CAAC;AAED;;;;;GAKG;AACH,SAAgB,sBAAsB,CAA6B,KAAuB;IACxF,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;AACpD,CAAC"}
|
|
@@ -1,18 +1,18 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* XLSX converter — licenses report.
|
|
3
3
|
*
|
|
4
|
-
* Produces the 15-column spreadsheet format
|
|
5
|
-
*
|
|
6
|
-
*
|
|
4
|
+
* Produces the 15-column spreadsheet format common to enterprise BOM
|
|
5
|
+
* artifacts (a per-row dependency listing with license + version
|
|
6
|
+
* columns). Header text is byte-identical to the reference sheet,
|
|
7
7
|
* including the quirky `"Component Name"` double-space and
|
|
8
8
|
* `"Component version "` trailing-space.
|
|
9
9
|
*
|
|
10
10
|
* Drop-in replacement: a reviewer who previously received the hand-built
|
|
11
11
|
* sheet can open a dxkit-generated one and see the same column layout,
|
|
12
|
-
* now with up to 10 columns mechanically populated (vs the
|
|
13
|
-
*
|
|
14
|
-
* (11, 12, 13 — filled by `vyuh-dxkit bom
|
|
15
|
-
* workflow state (5, 14).
|
|
12
|
+
* now with up to 10 columns mechanically populated (vs the 7 a
|
|
13
|
+
* hand-built sheet typically fills). The remaining 5 columns are either
|
|
14
|
+
* vulnerability-derived (11, 12, 13 — filled by `vyuh-dxkit bom`) or
|
|
15
|
+
* human workflow state (5, 14).
|
|
16
16
|
*
|
|
17
17
|
* Status column (5) auto-fills with `"Reported YYYY-MM-DD"` from
|
|
18
18
|
* `report.analyzedAt` — a freshness stamp the reviewer overwrites when
|
|
@@ -2,18 +2,18 @@
|
|
|
2
2
|
/**
|
|
3
3
|
* XLSX converter — licenses report.
|
|
4
4
|
*
|
|
5
|
-
* Produces the 15-column spreadsheet format
|
|
6
|
-
*
|
|
7
|
-
*
|
|
5
|
+
* Produces the 15-column spreadsheet format common to enterprise BOM
|
|
6
|
+
* artifacts (a per-row dependency listing with license + version
|
|
7
|
+
* columns). Header text is byte-identical to the reference sheet,
|
|
8
8
|
* including the quirky `"Component Name"` double-space and
|
|
9
9
|
* `"Component version "` trailing-space.
|
|
10
10
|
*
|
|
11
11
|
* Drop-in replacement: a reviewer who previously received the hand-built
|
|
12
12
|
* sheet can open a dxkit-generated one and see the same column layout,
|
|
13
|
-
* now with up to 10 columns mechanically populated (vs the
|
|
14
|
-
*
|
|
15
|
-
* (11, 12, 13 — filled by `vyuh-dxkit bom
|
|
16
|
-
* workflow state (5, 14).
|
|
13
|
+
* now with up to 10 columns mechanically populated (vs the 7 a
|
|
14
|
+
* hand-built sheet typically fills). The remaining 5 columns are either
|
|
15
|
+
* vulnerability-derived (11, 12, 13 — filled by `vyuh-dxkit bom`) or
|
|
16
|
+
* human workflow state (5, 14).
|
|
17
17
|
*
|
|
18
18
|
* Status column (5) auto-fills with `"Reported YYYY-MM-DD"` from
|
|
19
19
|
* `report.analyzedAt` — a freshness stamp the reviewer overwrites when
|
package/dist/cli.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":"AAgPA,wBAAsB,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CA+oDvD"}
|
package/dist/cli.js
CHANGED
|
@@ -62,6 +62,26 @@ async function emitJson(payload) {
|
|
|
62
62
|
await new Promise((resolve) => process.stdout.once('drain', resolve));
|
|
63
63
|
}
|
|
64
64
|
}
|
|
65
|
+
/**
|
|
66
|
+
* Build per-finding graph context for the detailed reports when the
|
|
67
|
+
* run passed `--graph-context`. Fail-open: returns undefined when the
|
|
68
|
+
* flag is off OR the graph can't be loaded, so detailed reports render
|
|
69
|
+
* exactly as they do today. Logs a one-line coverage note so the user
|
|
70
|
+
* sees how much of the report got enriched (and why, when it didn't).
|
|
71
|
+
*/
|
|
72
|
+
async function buildGraphContextIfRequested(enabled, cwd, locations) {
|
|
73
|
+
if (!enabled)
|
|
74
|
+
return undefined;
|
|
75
|
+
const { buildFindingContextMap } = await Promise.resolve().then(() => __importStar(require('./explore/finding-context')));
|
|
76
|
+
const gc = buildFindingContextMap(cwd, locations);
|
|
77
|
+
if (!gc) {
|
|
78
|
+
logger.dim('--graph-context: no graph.json found (run `health` first) — skipped.');
|
|
79
|
+
return undefined;
|
|
80
|
+
}
|
|
81
|
+
const enriched = Object.keys(gc.contexts).length;
|
|
82
|
+
logger.dim(`--graph-context: attached to ${enriched}/${locations.length} finding location(s).`);
|
|
83
|
+
return gc;
|
|
84
|
+
}
|
|
65
85
|
/**
|
|
66
86
|
* Apply `--fail-on-score` to a higher-is-better score. Exits with
|
|
67
87
|
* code 1 + a logged reason when the gate fires. Skips when the user
|
|
@@ -119,6 +139,10 @@ function printUsage() {
|
|
|
119
139
|
vyuh-dxkit coverage [path] Run per-pack test-with-coverage (side-effecting; materializes the coverage artifact health/test-gaps read)
|
|
120
140
|
vyuh-dxkit dashboard [path] Render .dxkit/reports/ into a single HTML dashboard
|
|
121
141
|
vyuh-dxkit report [path] Run every analyzer + dashboard in one shot (full audit)
|
|
142
|
+
vyuh-dxkit explore <sub> Repo exploration via the graphify artifact
|
|
143
|
+
(hot-files / entry-points / file / feature / communities / api-surface / context)
|
|
144
|
+
vyuh-dxkit context <query> Slim structural slice for a query — token-efficient
|
|
145
|
+
codebase context for LLMs (--budget / --depth / --substring / --json)
|
|
122
146
|
vyuh-dxkit to-xlsx <json> Convert a dxkit JSON report to 15-col XLSX
|
|
123
147
|
vyuh-dxkit tools [path] Show required analysis tools status
|
|
124
148
|
vyuh-dxkit tools install Interactively install missing tools
|
|
@@ -197,6 +221,9 @@ function printUsage() {
|
|
|
197
221
|
--verbose Print per-tool timing to stderr
|
|
198
222
|
--no-save Skip writing the markdown report file
|
|
199
223
|
--detailed Also write <name>-detailed.md + .json with evidence + ranked actions
|
|
224
|
+
--graph-context Vulnerabilities/test-gaps/quality: attach per-finding graph context
|
|
225
|
+
(module + blast radius) to the detailed report. Needs a graph.json
|
|
226
|
+
(run health first); fail-open — skipped silently if absent.
|
|
200
227
|
--xlsx Licenses/bom: also write 15-col BOM XLSX
|
|
201
228
|
--since Dev-report: start date (YYYY-MM-DD)
|
|
202
229
|
--filter Bom: 'all' (default) or 'top-level' (keeps only root manifest deps;
|
|
@@ -287,6 +314,15 @@ async function run(argv) {
|
|
|
287
314
|
type: { type: 'string' },
|
|
288
315
|
about: { type: 'string' },
|
|
289
316
|
'no-browser': { type: 'boolean', default: false },
|
|
317
|
+
// explore flags
|
|
318
|
+
limit: { type: 'string' },
|
|
319
|
+
refresh: { type: 'boolean', default: false },
|
|
320
|
+
substring: { type: 'boolean', default: false },
|
|
321
|
+
// context flags
|
|
322
|
+
budget: { type: 'string' },
|
|
323
|
+
depth: { type: 'string' },
|
|
324
|
+
// graph-context enrichment for detailed reports (vuln/test-gaps/quality)
|
|
325
|
+
'graph-context': { type: 'boolean', default: false },
|
|
290
326
|
},
|
|
291
327
|
allowPositionals: true,
|
|
292
328
|
strict: false,
|
|
@@ -699,7 +735,8 @@ async function run(argv) {
|
|
|
699
735
|
logger.success(`Report saved to ${path.relative(targetPath, reportPath)}`);
|
|
700
736
|
// D032 (2.4.7): detailed JSON + MD always written so dashboard finds fresh inputs.
|
|
701
737
|
const { buildSecurityDetailed, formatSecurityDetailedMarkdown } = await Promise.resolve().then(() => __importStar(require('./analyzers/security/detailed')));
|
|
702
|
-
const
|
|
738
|
+
const graphContext = await buildGraphContextIfRequested(!!values['graph-context'], targetPath, report.findings.map((f) => ({ file: f.file, line: f.line })));
|
|
739
|
+
const securityDetailed = buildSecurityDetailed(report, graphContext);
|
|
703
740
|
const securityDetailedJsonPath = path.join(reportDir, `vulnerability-scan-${date}-detailed.json`);
|
|
704
741
|
const securityDetailedMdPath = path.join(reportDir, `vulnerability-scan-${date}-detailed.md`);
|
|
705
742
|
fs.writeFileSync(securityDetailedJsonPath, JSON.stringify((0, report_schema_1.stampSchema)(securityDetailed, 'vulnerabilities-detailed'), null, 2));
|
|
@@ -776,7 +813,8 @@ async function run(argv) {
|
|
|
776
813
|
logger.success(`Report saved to ${path.relative(targetPath, reportPath)}`);
|
|
777
814
|
// D032 (2.4.7): detailed JSON + MD always written so dashboard finds fresh inputs.
|
|
778
815
|
const { buildTestGapsDetailed, formatTestGapsDetailedMarkdown } = await Promise.resolve().then(() => __importStar(require('./analyzers/tests/detailed')));
|
|
779
|
-
const
|
|
816
|
+
const testGapsGraphContext = await buildGraphContextIfRequested(!!values['graph-context'], targetPath, report.gaps.map((g) => ({ file: g.path })));
|
|
817
|
+
const testGapsDetailed = buildTestGapsDetailed(report, testGapsGraphContext);
|
|
780
818
|
const testGapsDetailedJsonPath = path.join(reportDir, `test-gaps-${date}-detailed.json`);
|
|
781
819
|
const testGapsDetailedMdPath = path.join(reportDir, `test-gaps-${date}-detailed.md`);
|
|
782
820
|
fs.writeFileSync(testGapsDetailedJsonPath, JSON.stringify((0, report_schema_1.stampSchema)(testGapsDetailed, 'test-gaps-detailed'), null, 2));
|
|
@@ -853,7 +891,8 @@ async function run(argv) {
|
|
|
853
891
|
logger.success(`Report saved to ${path.relative(targetPath, reportPath)}`);
|
|
854
892
|
// D032 (2.4.7): detailed JSON + MD always written so dashboard finds fresh inputs.
|
|
855
893
|
const { buildQualityDetailed, formatQualityDetailedMarkdown } = await Promise.resolve().then(() => __importStar(require('./analyzers/quality/detailed')));
|
|
856
|
-
const
|
|
894
|
+
const qualityGraphContext = await buildGraphContextIfRequested(!!values['graph-context'], targetPath, [...(report.metrics.topConsoleFiles ?? []), ...(report.metrics.topTodoFiles ?? [])].map((f) => ({ file: f.file })));
|
|
895
|
+
const qualityDetailed = buildQualityDetailed(report, qualityGraphContext);
|
|
857
896
|
const qualityDetailedJsonPath = path.join(reportDir, `quality-review-${date}-detailed.json`);
|
|
858
897
|
const qualityDetailedMdPath = path.join(reportDir, `quality-review-${date}-detailed.md`);
|
|
859
898
|
fs.writeFileSync(qualityDetailedJsonPath, JSON.stringify(qualityDetailed, null, 2));
|
|
@@ -1571,6 +1610,44 @@ async function run(argv) {
|
|
|
1571
1610
|
});
|
|
1572
1611
|
break;
|
|
1573
1612
|
}
|
|
1613
|
+
case 'explore': {
|
|
1614
|
+
const { runExplore } = await Promise.resolve().then(() => __importStar(require('./explore-cli')));
|
|
1615
|
+
// positionals[0] is 'explore'; positionals[1..] are the
|
|
1616
|
+
// explore subcommand name + any subcommand args.
|
|
1617
|
+
await runExplore(cwd, positionals.slice(1), {
|
|
1618
|
+
json: !!values.json,
|
|
1619
|
+
limit: values.limit,
|
|
1620
|
+
refresh: !!values.refresh,
|
|
1621
|
+
substring: !!values.substring,
|
|
1622
|
+
filter: values.filter,
|
|
1623
|
+
budget: values.budget,
|
|
1624
|
+
depth: values.depth,
|
|
1625
|
+
});
|
|
1626
|
+
break;
|
|
1627
|
+
}
|
|
1628
|
+
case 'context': {
|
|
1629
|
+
// Top-level alias for `explore context` — the token-reduction
|
|
1630
|
+
// surface gets first-class billing. positionals[0] is 'context';
|
|
1631
|
+
// positionals[1..] are the query + args. Routes through the
|
|
1632
|
+
// explore dispatcher so graph loading + --refresh are shared.
|
|
1633
|
+
const { runExplore } = await Promise.resolve().then(() => __importStar(require('./explore-cli')));
|
|
1634
|
+
await runExplore(cwd, ['context', ...positionals.slice(1)], {
|
|
1635
|
+
json: !!values.json,
|
|
1636
|
+
refresh: !!values.refresh,
|
|
1637
|
+
substring: !!values.substring,
|
|
1638
|
+
budget: values.budget,
|
|
1639
|
+
depth: values.depth,
|
|
1640
|
+
});
|
|
1641
|
+
break;
|
|
1642
|
+
}
|
|
1643
|
+
case 'context-hook': {
|
|
1644
|
+
// Internal — the Claude Code PreToolUse hook body. Reads the tool
|
|
1645
|
+
// call on stdin, injects a slim graph subgraph as additionalContext.
|
|
1646
|
+
// Fail-open: never blocks the tool, silent no-op on any problem.
|
|
1647
|
+
const { runContextHook } = await Promise.resolve().then(() => __importStar(require('./explore/context-hook')));
|
|
1648
|
+
await runContextHook(cwd);
|
|
1649
|
+
break;
|
|
1650
|
+
}
|
|
1574
1651
|
default:
|
|
1575
1652
|
console.error(`Unknown command: ${command}`);
|
|
1576
1653
|
printUsage();
|