@wrongstack/tools 0.155.0 → 0.236.0

package/dist/audit.js

@@ -29,6 +29,7 @@ function resolveWin32Command(cmd) {
 async function* spawnStream(opts) {
   const max = opts.maxBytes;
   const flushAt = opts.flushBytes ?? 4 * 1024;
+  const maxQueue = opts.maxQueueSize ?? 500;
   let stdout = "";
   let stderr = "";
   let pending = "";
@@ -44,6 +45,7 @@ async function* spawnStream(opts) {
   });
   const queue = [];
   let waiter;
+  let paused = false;
   const wake = () => {
     if (waiter) {
       const w = waiter;
@@ -51,17 +53,34 @@ async function* spawnStream(opts) {
       w();
     }
   };
+  const resume = () => {
+    if (paused && queue.length < maxQueue) {
+      paused = false;
+      child.stdout?.resume();
+      child.stderr?.resume();
+    }
+  };
   child.stdout?.on("data", (c) => {
     const s = c.toString();
     if (stdout.length < max) stdout += s;
     queue.push({ kind: "out", data: s });
     wake();
+    if (!paused && queue.length >= maxQueue) {
+      paused = true;
+      child.stdout?.pause();
+      child.stderr?.pause();
+    }
   });
   child.stderr?.on("data", (c) => {
     const s = c.toString();
     if (stderr.length < max) stderr += s;
     queue.push({ kind: "err", data: s });
     wake();
+    if (!paused && queue.length >= maxQueue) {
+      paused = true;
+      child.stdout?.pause();
+      child.stderr?.pause();
+    }
   });
   child.on("error", (e) => {
     error = e.message;
@@ -81,6 +100,7 @@ async function* spawnStream(opts) {
       });
     }
     const chunk = queue.shift();
+    resume();
     if (chunk.kind === "close") {
       if (!spawnFailed) exitCode = chunk.code ?? 0;
       break;
@@ -122,7 +142,7 @@ async function detectPackageManager(cwd) {
   return "npm";
 }
 function resolvePath(input, ctx) {
-  return path2.isAbsolute(input) ? path2.normalize(input) : path2.resolve(ctx.cwd, input);
+  return path2.isAbsolute(input) ? path2.normalize(input) : path2.resolve(ctx.workingDir ?? ctx.cwd, input);
 }
 function ensureInsideRoot(absPath, ctx) {
   const root = path2.resolve(ctx.projectRoot);

package/dist/audit.js.map

@@ -1 +1 @@
-{"version":3,"sources":["../src/_win32-resolve.ts","../src/_spawn-stream.ts","../src/_util.ts","../src/audit.ts"],"names":["path","resolve"],"mappings":";;;;;;AAYO,SAAS,oBAAoB,GAAA,EAAqB;AACvD,EAAA,IAAI,OAAA,CAAQ,QAAA,KAAa,OAAA,EAAS,OAAO,GAAA;AAGzC,EAAA,IAAI,GAAA,CAAI,QAAA,CAAS,GAAG,CAAA,IAAK,GAAA,CAAI,SAAS,IAAI,CAAA,IAAUA,KAAA,CAAA,OAAA,CAAQ,GAAG,CAAA,EAAG;AAChE,IAAA,OAAO,GAAA;AAAA,EACT;AAEA,EAAA,MAAM,OAAA,GAAA,CAAW,QAAQ,GAAA,CAAI,SAAS,KAAK,uCAAA,EACxC,WAAA,EAAY,CACZ,KAAA,CAAM,GAAG,CAAA;AAEZ,EAAA,MAAM,YAAY,OAAA,CAAQ,GAAA,CAAI,MAAM,CAAA,IAAK,EAAA,EAAI,MAAWA,KAAA,CAAA,SAAS,CAAA;AAEjE,EAAA,KAAA,MAAW,OAAO,QAAA,EAAU;AAC1B,IAAA,MAAM,IAAA,GAAYA,KAAA,CAAA,IAAA,CAAK,GAAA,EAAK,GAAG,CAAA;AAG/B,IAAA,KAAA,MAAW,OAAO,OAAA,EAAS;AACzB,MAAA,MAAM,IAAA,GAAO,CAAA,EAAG,IAAI,CAAA,EAAG,GAAG,CAAA,CAAA;AAC1B,MAAA,IAAI;AACF,QAAG,EAAA,CAAA,UAAA,CAAW,IAAA,EAAS,EAAA,CAAA,SAAA,CAAU,IAAI,CAAA;AACrC,QAAA,OAAO,IAAA;AAAA,MACT,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AAAA,EACF;AAIA,EAAA,OAAO,GAAA;AACT;;;ACfA,gBAAuB,YACrB,IAAA,EACsD;AACtD,EAAA,MAAM,GAAA,GAAM,KAAK,QAAY;AAC7B,EAAA,MAAM,OAAA,GAAU,IAAA,CAAK,UAAA,IAAc,CAAA,GAAI,IAAA;AACvC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,IAAI,OAAA,GAAU,EAAA;AACd,EAAA,IAAI,KAAA;AAEJ,EAAA,MAAM,GAAA,GAAM,mBAAA,CAAoB,IAAA,CAAK,GAAG,CAAA;AACxC,EAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,QAAA,KAAa,OAAA,KAAY,GAAA,CAAI,SAAS,MAAM,CAAA,IAAK,GAAA,CAAI,QAAA,CAAS,MAAM,CAAA,CAAA;AAE/F,EAAA,MAAM,KAAA,GAAQ,KAAA,CAAM,GAAA,EAAK,IAAA,CAAK,IAAA,EAAM;AAAA,IAClC,KAAK,IAAA,CAAK,GAAA;AAAA,IACV,QAAQ,IAAA,CAAK,MAAA;AAAA,IACb,KAAK,aAAA,EAAc;AAAA,IACnB,KAAA,EAAO,CAAC,QAAA,EAAU,MAAA,EAAQ,MAAM,CAAA;AAAA,IAChC,GAAI,aAAa,EAAE,KAAA,EAAO,MAAM,wBAAA,EAA0B,IAAA,KAAS;AAAC,GACrE,CAAA;AAGD,EAAA,MAAM,QAAiB,EAAC;AACxB,EAAA,IAAI,MAAA;AACJ,EAAA,MAAM,OAAO,MAAM;AACjB,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,MAAM,CAAA,GAAI,MAAA;AACV,MAAA,MAAA,GAAS,MAAA;AACT,MAAA,CAAA,EAAE;AAAA,IACJ;AAAA,EACF,CAAA;AAEA,EAAA,KAAA,CAAM,MAAA,EAAQ,EAAA,CAAG,MAAA,EAAQ,CAAC,CAAA,KAAM;AAC9B,IAAA,MAAM,CAAA,GAAI,EAAE,QAAA,EAAS;AACrB,IAAA,IAAI,MAAA,CAAO,MAAA,GAAS,GAAA,EAAK,MAAA,IAAU,CAAA;AACnC,IAAA,KAAA,CAAM,KAAK,EAAE,IAAA,EAAM,KAAA,EAAO,IAAA,EAAM,GAAG,CAAA;AACnC,IAAA,IAAA,EAAK;AAAA,EACP,CAAC,CAAA;AACD,EAAA,KAAA,CAAM,MAAA,EAAQ,EAAA,CAAG,MAAA,EAAQ,CAAC,CAAA,KAAM;AAC9B,IAAA,MAAM,CAAA,GAAI,EAAE,QAAA,EAAS;AACrB,IAAA,IAAI,MAAA,CAAO,MAAA,GAAS,GAAA,EAAK,MAAA,IAAU,CAAA;AACnC,IAAA,KAAA,CAAM,KAAK,EAAE,IAAA,EAAM,KAAA,EAAO,IAAA,EAAM,GAAG,CAAA;AACnC,IAAA,IAAA,EAAK;AAAA,EACP,CAAC,CAAA;AACD,EAAA,KAAA,CAAM,EAAA,CAAG,OAAA,EAAS,CAAC,CAAA,KAAM;AACvB,IAAA,KAAA,GAAQ,CAAA,CAAE,OAAA;AACV,IAAA,KAAA,CAAM,KAAK,EAAE,IAAA,EAAM,SAAS,IAAA,EAAM,CAAA,CAAE,SAAS,CAAA;AAC7C,IAAA,IAAA,EAAK;AAAA,EACP,CAAC,CAAA;AACD,EAAA,KAAA,CAAM,EAAA,CAAG,OAAA,EAAS,CAAC,IAAA,KAAS;AAC1B,IAAA,KAAA,CAAM,IAAA,CAAK,EAAE,IAAA,EAAM,OAAA,EAAS,MAAM,EAAA,EAAI,IAAA,EAAM,IAAA,IAAQ,CAAA,EAAG,CAAA;AACvD,IAAA,IAAA,EAAK;AAAA,EACP,CAAC,CAAA;AAED,EAAA,IAAI,QAAA,GAAW,CAAA;AACf,EAAA,IAAI,WAAA,GAAc,KAAA;AAClB,EAAA,WAAS;AACP,IAAA,OAAO,KAAA,CAAM,WAAW,CAAA,EAAG;AACzB,MAAA,MAAM,IAAI,OAAA,CAAc,CAACC,QAAAA,KAAY;AACnC,QAAA,MAAA,GAASA,QAAAA;AAAA,MACX,CAAC,CAAA;AAAA,IACH;AACA,IAAA,MAAM,KAAA,GAAQ,MAAM,KAAA,EAAM;AAC1B,IAAA,IAAI,KAAA,CAAM,SAAS,OAAA,EAAS;AAG1B,MAAA,IAAI,CAAC,WAAA,EAAa,QAAA,GAAW,KAAA,CAAM,IAAA,IAAQ,CAAA;AAC3C,MAAA;AAAA,IACF;AACA,IAAA,IAAI,KAAA,CAAM,SAAS,OAAA,EAAS;AAC1B,MAAA,WAAA,GAAc,IAAA;AACd,MAAA,QAAA,GAAW,CAAA;AAEX,MAAA;AAAA,IACF;AACA,IAAA,OAAA,IAAW,KAAA,CAAM,IAAA;AACjB,IAAA,IAAI,OAAA,CAAQ,UAAU,OAAA,EAAS;AAC7B,MAAA,MAAM,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,OAAA,EAAQ;AAC9C,MAAA,OAAA,GAAU,EAAA;AAAA,IACZ;AAAA,EACF;AACA,EAAA,IAAI,OAAA,CAAQ,SAAS,CAAA,EAAG;AACtB,IAAA,MAAM,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,OAAA,EAAQ;AAAA,EAChD;AAEA,EAAA,OAAO;AAAA,IACL,MAAA;AAAA,IACA,MAAA;AAAA,IACA,QAAA;AAAA,IACA,SAAA,EAAW,MAAA,CAAO,MAAA,IAAU,GAAA,IAAO,OAAO,MAAA,IAAU,GAAA;AAAA,IACpD;AAAA,GACF;AACF;AC5GA,eAAsB,qBAAqB,GAAA,EAAsC;AAC/E,EAAA,MAAM,EAAE,IAAA,EAAK,GAAI,MAAM,OAAO,kBAAkB,CAAA;AAChD,EAAA,IAAI;AACF,IAAA,MAAM,IAAA,CAAK,CAAA,EAAG,GAAG,CAAA,eAAA,CAAiB,CAAA;AAClC,IAAA,OAAO,MAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,IAAI;AACF,IAAA,MAAM,IAAA,CAAK,CAAA,EAAG,GAAG,CAAA,UAAA,CAAY,CAAA;AAC7B,IAAA,OAAO,MAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,OAAO,KAAA;AACT;AAEO,SAAS,WAAA,CAAY,OAAe,GAAA,EAAsB;AAC/D,EAAA,OAAY,KAAA,CAAA,UAAA,CAAW,KAAK,CAAA,GAAS,KAAA,CAAA,SAAA,CAAU,KAAK,CAAA,GAAS,KAAA,CAAA,OAAA,CAAQ,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AACrF;AAEO,SAAS,gBAAA,CAAiB,SAAiB,GAAA,EAAsB;AACtE,EAAA,MAAM,IAAA,GAAY,KAAA,CAAA,OAAA,CAAQ,GAAA,CAAI,WAAW,CAAA;AACzC,EAAA,MAAM,MAAA,GAAc,cAAQ,OAAO,CAAA;AACnC,EAAA,MAAM,GAAA,GAAW,KAAA,CAAA,QAAA,CAAS,IAAA,EAAM,MAAM,CAAA;AACtC,EAAA,IAAI,IAAI,UAAA,CAAW,IAAI,CAAA,IAAU,KAAA,CAAA,UAAA,CAAW,GAAG,CAAA,EAAG;AAChD,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,MAAA,EAAS,OAAO,CAAA,2BAAA,EAA8B,IAAI,CAAA,CAAA,CAAG,CAAA;AAAA,EACvE;AACA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,WAAA,CAAY,OAAe,GAAA,EAAsB;AAC/D,EAAA,OAAO,gBAAA,CAAiB,WAAA,CAAY,KAAA,EAAO,GAAG,GAAG,GAAG,CAAA;AACtD;;;ACnBO,IAAM,SAAA,GAA2C;AAAA,EACtD,IAAA,EAAM,OAAA;AAAA,EACN,QAAA,EAAU,oBAAA;AAAA,EACV,WAAA,EACE,wHAAA;AAAA,EACF,SAAA,EACE,yQAAA;AAAA,EAKF,UAAA,EAAY,SAAA;AAAA,EACZ,QAAA,EAAU,KAAA;AAAA,EACV,SAAA,EAAW,GAAA;AAAA,EACX,WAAA,EAAa;AAAA,IACX,IAAA,EAAM,QAAA;AAAA,IACN,UAAA,EAAY;AAAA,MACV,GAAA,EAAK,EAAE,IAAA,EAAM,QAAA,EAAU,aAAa,kCAAA,EAAmC;AAAA,MACvE,KAAA,EAAO;AAAA,QACL,IAAA,EAAM,QAAA;AAAA,QACN,IAAA,EAAM,CAAC,KAAA,EAAO,UAAA,EAAY,QAAQ,UAAU,CAAA;AAAA,QAC5C,WAAA,EAAa;AAAA,OACf;AAAA,MACA,GAAA,EAAK,EAAE,IAAA,EAAM,SAAA,EAAW,aAAa,iDAAA,EAAkD;AAAA,MACvF,QAAA,EAAU,EAAE,IAAA,EAAM,QAAA,EAAU,aAAa,gDAAA;AAAiD;AAC5F,GACF;AAAA,EACA,MAAM,OAAA,CAAQ,KAAA,EAAO,GAAA,EAAK,IAAA,EAAM;AAC9B,IAAA,IAAI,KAAA;AACJ,IAAA,MAAM,gBAAgB,SAAA,CAAU,aAAA;AAChC,IAAA,IAAI,CAAC,aAAA,EAAe,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAC7E,IAAA,WAAA,MAAiB,EAAA,IAAM,aAAA,CAAc,KAAA,EAAO,GAAA,EAAK,IAAI,CAAA,EAAG;AACtD,MAAA,IAAI,EAAA,CAAG,IAAA,KAAS,OAAA,EAAS,KAAA,GAAQ,EAAA,CAAG,MAAA;AAAA,IACtC;AACA,IAAA,IAAI,CAAC,KAAA,EAAO,MAAM,IAAI,MAAM,yCAAyC,CAAA;AACrE,IAAA,OAAO,KAAA;AAAA,EACT,CAAA;AAAA,EACA,OAAO,aAAA,CAAc,KAAA,EAAO,GAAA,EAAK,IAAA,EAAoD;AACnF,IAAA,MAAM,GAAA,GAAM,MAAM,GAAA,GAAM,WAAA,CAAY,MAAM,GAAA,EAAK,GAAG,IAAI,GAAA,CAAI,GAAA;AAC1D,IAAA,MAAM,OAAA,GAAU,MAAM,oBAAA,CAAqB,GAAG,CAAA;AAC9C,IAAA,MAAM,EAAE,IAAA,EAAM,KAAA,EAAO,IAAA,EAAM,CAAA,cAAA,EAAiB,OAAO,CAAA,MAAA,CAAA,EAAK,IAAA,EAAM,EAAE,OAAA,EAAQ,EAAE;AAE1E,IAAA,MAAM,IAAA,GAAO,CAAC,OAAA,EAAS,QAAQ,CAAA;AAC/B,IAAA,IAAI,KAAA,CAAM,GAAA,EAAK,IAAA,CAAK,IAAA,CAAK,OAAO,CAAA;AAChC,IAAA,IAAI,MAAM,QAAA,EAAU;AAClB,MAAA,MAAM,IAAA,GAAO,KAAA,CAAM,OAAA,CAAQ,KAAA,CAAM,QAAQ,CAAA,GAAI,KAAA,CAAM,QAAA,GAAW,KAAA,CAAM,QAAA,CAAS,KAAA,CAAM,GAAG,CAAA;AACtF,MAAA,IAAA,CAAK,IAAA,CAAK,GAAG,IAAA,CAAK,GAAA,CAAI,CAAC,CAAA,KAAc,CAAA,CAAE,IAAA,EAAM,CAAC,CAAA;AAAA,IAChD;AAEA,IAAA,MAAM,MAAA,GAAS,OAAO,WAAA,CAAY;AAAA,MAChC,GAAA,EAAK,OAAA;AAAA,MACL,IAAA;AAAA,MACA,GAAA;AAAA,MACA,QAAQ,IAAA,CAAK,MAAA;AAAA,MACb,QAAA,EAAU;AAAA,KACX,CAAA;AAED,IAAA,MAAM,EAAE,MAAM,OAAA,EAAS,MAAA,EAAQ,iBAAiB,MAAA,CAAO,MAAA,EAAQ,MAAA,CAAO,QAAQ,CAAA,EAAE;AAAA,EAClF;AACF;AAEA,SAAS,gBAAA,CAAiB,MAAc,QAAA,EAA+B;AACrE,EAAA,IAAI,CAAC,IAAA,EAAM;AACT,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,QAAA;AAAA,MACX,iBAAiB,EAAC;AAAA,MAClB,KAAA,EAAO,CAAA;AAAA,MACP,OAAA,EAAS,QAAA,KAAa,CAAA,GAAI,0BAAA,GAA6B,cAAA;AAAA,MACvD,MAAA,EAAQ,EAAA;AAAA,MACR,SAAA,EAAW;AAAA,KACb;AAAA,EACF;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,IAAA,GAAO,IAAA,CAAK,KAAA,CAAM,IAAI,CAAA;AAC5B,IAAA,MAAM,aAAmC,EAAC;AAC1C,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,UAAA,IAAc,EAAC;AAChC,IAAA,KAAA,MAAW,EAAA,IAAM,MAAA,CAAO,IAAA,CAAK,GAAG,CAAA,EAAG;AACjC,MAAA,MAAM,GAAA,GAAM,IAAI,EAAE,CAAA;AAClB,MAAA,UAAA,CAAW,IAAA,CAAK;AAAA,QACd,QAAA,EAAU,IAAI,QAAA,IAAY,SAAA;AAAA,QAC1B,OAAA,EAAS,IAAI,WAAA,IAAe,EAAA;AAAA,QAC5B,KAAA,EAAO,IAAI,KAAA,IAAS,uBAAA;AAAA,QACpB,GAAA,EAAK,IAAI,GAAA,IAAO;AAAA,OACjB,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,QAAQ,UAAA,CAAW,MAAA;AACzB,IAAA,MAAM,OAAA,GACJ,KAAA,KAAU,CAAA,GACN,0BAAA,GACA,CAAA,MAAA,EAAS,KAAK,CAAA,kBAAA,EAAqB,UAAA,CAAW,MAAA,CAAO,CAAC,CAAA,KAAM,CAAA,CAAE,aAAa,UAAU,CAAA,CAAE,MAAM,CAAA,WAAA,EAAc,UAAA,CAAW,MAAA,CAAO,CAAC,CAAA,KAAM,CAAA,CAAE,QAAA,KAAa,MAAM,CAAA,CAAE,MAAM,CAAA,KAAA,CAAA;AAEvK,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,QAAA;AAAA,MACX,eAAA,EAAiB,UAAA;AAAA,MACjB,KAAA;AAAA,MACA,OAAA;AAAA,MACA,MAAA,EAAQ,IAAA;AAAA,MACR,SAAA,EAAW,KAAK,MAAA,IAAU;AAAA,KAC5B;AAAA,EACF,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,QAAA;AAAA,MACX,iBAAiB,EAAC;AAAA,MAClB,KAAA,EAAO,CAAA;AAAA,MACP,OAAA,EAAS,8BAAA;AAAA,MACT,MAAA,EAAQ,IAAA;AAAA,MACR,SAAA,EAAW;AAAA,KACb;AAAA,EACF;AACF","file":"audit.js","sourcesContent":["import * as fs from 'node:fs';\nimport * as path from 'node:path';\n\n/**\n * On Windows, Node.js `spawn()` without a shell does NOT resolve .cmd/.bat\n * extensions through PATHEXT — it only auto-resolves .exe. Most Node.js CLI\n * tools (npx, pnpm, biome, tsc, vitest, etc.) ship as .cmd wrappers on\n * Windows. This function resolves the command name to its full path so spawn\n * can find it without relying on shell-mode argument concatenation.\n *\n * On non-Windows, returns the command unchanged.\n */\nexport function resolveWin32Command(cmd: string): string {\n  if (process.platform !== 'win32') return cmd;\n\n  // Already has a path or extension — use as-is\n  if (cmd.includes('/') || cmd.includes('\\\\') || path.extname(cmd)) {\n    return cmd;\n  }\n\n  const pathext = (process.env['PATHEXT'] ?? '.COM;.EXE;.BAT;.CMD;.VBS;.JS;.WS;.MSC')\n    .toLowerCase()\n    .split(';');\n\n  const pathDirs = (process.env['PATH'] ?? '').split(path.delimiter);\n\n  for (const dir of pathDirs) {\n    const base = path.join(dir, cmd);\n    // Check extensions in PATHEXT order. .EXE should win first because\n    // it's typically listed first, and .exe doesn't need shell: true.\n    for (const ext of pathext) {\n      const full = `${base}${ext}`;\n      try {\n        fs.accessSync(full, fs.constants.X_OK);\n        return full;\n      } catch {\n        // Not found with this extension — try next\n      }\n    }\n  }\n\n  // Not found — return original; let spawn report ENOENT with the\n  // expected error message so tools can surface it properly.\n  return cmd;\n}\n","import { spawn } from 'node:child_process';\nimport { buildChildEnv } from '@wrongstack/core';\nimport type { ToolProgressEvent } from '@wrongstack/core';\nimport { resolveWin32Command } from './_win32-resolve.js';\nexport interface SpawnStreamResult {\n  stdout: string;\n  stderr: string;\n  exitCode: number;\n  truncated: boolean;\n  error?: string | undefined;\n}\n\nexport interface SpawnStreamOptions {\n  cmd: string;\n  args: string[];\n  cwd: string;\n  signal: AbortSignal;\n  maxBytes?: number | undefined;\n  /** Bytes of new stdout/stderr to accumulate before yielding a `partial_output` event. */\n  flushBytes?: number | undefined;\n}\n\n/**\n * Spawn a child process and yield `partial_output` progress events as\n * stdout/stderr arrive (batched by byte threshold), then return the full\n * buffered result. Shared between install/lint/format/typecheck/test/audit\n * so the TUI live tail sees consistent progress regardless of which tool\n * is running.\n */\nexport async function* spawnStream(\n  opts: SpawnStreamOptions,\n): AsyncGenerator<ToolProgressEvent, SpawnStreamResult> {\n  const max = opts.maxBytes ?? 200_000;\n  const flushAt = opts.flushBytes ?? 4 * 1024;\n  let stdout = '';\n  let stderr = '';\n  let pending = '';\n  let error: string | undefined;\n\n  const cmd = resolveWin32Command(opts.cmd);\n  const needsShell = process.platform === 'win32' && (cmd.endsWith('.cmd') || cmd.endsWith('.bat'));\n\n  const child = spawn(cmd, opts.args, {\n    cwd: opts.cwd,\n    signal: opts.signal,\n    env: buildChildEnv(),\n    stdio: ['ignore', 'pipe', 'pipe'],\n    ...(needsShell ? { shell: true, windowsVerbatimArguments: true } : {}),\n  });\n\n  type Chunk = { kind: 'out' | 'err' | 'close' | 'error'; data: string; code?: number | undefined };\n  const queue: Chunk[] = [];\n  let waiter: (() => void) | undefined;\n  const wake = () => {\n    if (waiter) {\n      const w = waiter;\n      waiter = undefined;\n      w();\n    }\n  };\n\n  child.stdout?.on('data', (c) => {\n    const s = c.toString();\n    if (stdout.length < max) stdout += s;\n    queue.push({ kind: 'out', data: s });\n    wake();\n  });\n  child.stderr?.on('data', (c) => {\n    const s = c.toString();\n    if (stderr.length < max) stderr += s;\n    queue.push({ kind: 'err', data: s });\n    wake();\n  });\n  child.on('error', (e) => {\n    error = e.message;\n    queue.push({ kind: 'error', data: e.message });\n    wake();\n  });\n  child.on('close', (code) => {\n    queue.push({ kind: 'close', data: '', code: code ?? 0 });\n    wake();\n  });\n\n  let exitCode = 0;\n  let spawnFailed = false;\n  for (;;) {\n    while (queue.length === 0) {\n      await new Promise<void>((resolve) => {\n        waiter = resolve;\n      });\n    }\n    const chunk = queue.shift()!;\n    if (chunk.kind === 'close') {\n      // If we already saw a spawn error (ENOENT etc.), keep exitCode=1\n      // rather than the negative platform code Node fabricates.\n      if (!spawnFailed) exitCode = chunk.code ?? 0;\n      break;\n    }\n    if (chunk.kind === 'error') {\n      spawnFailed = true;\n      exitCode = 1;\n      // close usually follows\n      continue;\n    }\n    pending += chunk.data;\n    if (pending.length >= flushAt) {\n      yield { type: 'partial_output', text: pending };\n      pending = '';\n    }\n  }\n  if (pending.length > 0) {\n    yield { type: 'partial_output', text: pending };\n  }\n\n  return {\n    stdout,\n    stderr,\n    exitCode,\n    truncated: stdout.length >= max || stderr.length >= max,\n    error,\n  };\n}\n","import * as fsp from 'node:fs/promises';\nimport * as path from 'node:path';\nimport * as Core from '@wrongstack/core';\nimport type { Context } from '@wrongstack/core';\n/** Detected package manager for a project directory. */\nexport type PackageManager = 'pnpm' | 'yarn' | 'npm';\n\n/**\n * Detect the project's package manager by inspecting lockfiles in `cwd`.\n * Order: pnpm → yarn → npm (default). Missing or unreadable directories fall\n * back to `npm` rather than throwing, so a `safeResolve`-checked cwd that\n * happens to be empty never aborts the tool.\n */\nexport async function detectPackageManager(cwd: string): Promise<PackageManager> {\n  const { stat } = await import('node:fs/promises');\n  try {\n    await stat(`${cwd}/pnpm-lock.yaml`);\n    return 'pnpm';\n  } catch {\n    /* not pnpm */\n  }\n  try {\n    await stat(`${cwd}/yarn.lock`);\n    return 'yarn';\n  } catch {\n    /* not yarn */\n  }\n  return 'npm';\n}\n\nexport function resolvePath(input: string, ctx: Context): string {\n  return path.isAbsolute(input) ? path.normalize(input) : path.resolve(ctx.cwd, input);\n}\n\nexport function ensureInsideRoot(absPath: string, ctx: Context): string {\n  const root = path.resolve(ctx.projectRoot);\n  const target = path.resolve(absPath);\n  const rel = path.relative(root, target);\n  if (rel.startsWith('..') || path.isAbsolute(rel)) {\n    throw new Error(`Path \"${absPath}\" is outside project root \"${root}\"`);\n  }\n  return target;\n}\n\nexport function safeResolve(input: string, ctx: Context): string {\n  return ensureInsideRoot(resolvePath(input, ctx), ctx);\n}\n\n/**\n * Defense against in-root→out-of-root symlink escape (CWE-59). `safeResolve`\n * only does a syntactic `../` check, so a symlink that lives *inside* the\n * project root but points outside still passes it. This resolves the path\n * through `fs.realpath` and re-verifies containment against the realpath of\n * the project root (comparing like-for-like, since the root itself may be a\n * symlink — macOS `/var`→`/private/var`, Windows 8.3 short names). For a path\n * that does not exist yet (e.g. a `write` to a new file) the nearest existing\n * ancestor directory is checked instead. Throws if the real target escapes.\n *\n * Mirrors the per-file guard already used in `replace.ts`/`grep.ts`; applied\n * to single-file `read`/`edit`/`write` it throws (rather than skips) because\n * the caller named exactly one file.\n */\nexport async function assertRealInsideRoot(absPath: string, ctx: Context): Promise<void> {\n  const realRoot = await fsp.realpath(ctx.projectRoot).catch(() => path.resolve(ctx.projectRoot));\n  let probe = absPath;\n  for (;;) {\n    let real: string;\n    try {\n      real = await fsp.realpath(probe);\n    } catch (err) {\n      if ((err as NodeJS.ErrnoException).code === 'ENOENT') {\n        const parent = path.dirname(probe);\n        if (parent === probe) return; // reached fs root without escaping\n        probe = parent;\n        continue;\n      }\n      throw err;\n    }\n    const rel = path.relative(realRoot, real);\n    if (rel.startsWith('..') || path.isAbsolute(rel)) {\n      throw new Error(\n        `Path \"${absPath}\" resolves through a symlink outside project root \"${realRoot}\"`,\n      );\n    }\n    return;\n  }\n}\n\n/** `safeResolve` + symlink realpath containment check. Async. */\nexport async function safeResolveReal(input: string, ctx: Context): Promise<string> {\n  const abs = safeResolve(input, ctx);\n  await assertRealInsideRoot(abs, ctx);\n  return abs;\n}\n\nexport function truncateMiddle(s: string, max: number): string {\n  if (Buffer.byteLength(s, 'utf8') <= max) return s;\n  const half = Math.floor(max / 2);\n  return (\n    s.slice(0, half) +\n    `\\n…[truncated ${Buffer.byteLength(s, 'utf8') - max} bytes from middle]…\\n` +\n    s.slice(-half)\n  );\n}\n\nexport function isBinaryBuffer(buf: Buffer): boolean {\n  const len = Math.min(buf.length, 8192);\n  for (let i = 0; i < len; i++) {\n    if (buf[i] === 0) return true;\n  }\n  return false;\n}\n\n// ─── Command-output normalization (token-saving) ────────────────────────────\n//\n// Raw process output is full of tokens the model gains nothing from: ANSI\n// escapes, carriage-return progress spam, runs of identical warning lines, and\n// huge tails of build noise. These helpers strip that noise before the output\n// reaches the LLM. They are scoped to COMMAND tools (bash/git/exec and the\n// _spawn-stream consumers) — never applied to structured/code outputs.\n\n/** Unified byte cap for all command tool output fed to the model. */\nexport const COMMAND_OUTPUT_MAX_BYTES = 32_768;\n\n/** Runs of >= this many identical consecutive lines are collapsed. */\nconst REPEAT_RUN_THRESHOLD = 3;\n\n/**\n * Collapse carriage-return overwrites the way a terminal would: `\\r\\n` becomes\n * `\\n`, and a bare `\\r` (progress redraw) keeps only the text after the LAST\n * `\\r` on its physical line. Without this, a single progress bar that redraws\n * 200 times explodes into 200 lines.\n */\nexport function collapseCarriageReturns(text: string): string {\n  const lf = text.replace(/\\r\\n/g, '\\n');\n  if (!lf.includes('\\r')) return lf;\n  return lf\n    .split('\\n')\n    .map((line) => (line.includes('\\r') ? line.slice(line.lastIndexOf('\\r') + 1) : line))\n    .join('\\n');\n}\n\n/**\n * Collapse a run of `minRun`+ identical consecutive lines into the line once\n * plus a marker. Consecutive-only — it never reorders or dedups non-adjacent\n * lines, so diffs/source stay intact.\n */\nexport function collapseConsecutiveDuplicates(text: string, minRun = REPEAT_RUN_THRESHOLD): string {\n  const lines = text.split('\\n');\n  const out: string[] = [];\n  let i = 0;\n  while (i < lines.length) {\n    let j = i + 1;\n    while (j < lines.length && lines[j] === lines[i]) j++;\n    const run = j - i;\n    if (run >= minRun) {\n      out.push(lines[i]!, `… ⟨repeated ${run}×⟩`);\n    } else {\n      for (let k = i; k < j; k++) out.push(lines[k]!);\n    }\n    i = j;\n  }\n  return out.join('\\n');\n}\n\n/** Largest prefix of `s` whose UTF-8 byte length is <= `maxBytes`. */\nfunction takeHeadBytes(s: string, maxBytes: number): string {\n  if (maxBytes <= 0) return '';\n  if (Buffer.byteLength(s, 'utf8') <= maxBytes) return s;\n  let lo = 0;\n  let hi = s.length;\n  while (lo < hi) {\n    const mid = Math.ceil((lo + hi) / 2);\n    if (Buffer.byteLength(s.slice(0, mid), 'utf8') <= maxBytes) lo = mid;\n    else hi = mid - 1;\n  }\n  return s.slice(0, lo);\n}\n\n/** Largest suffix of `s` whose UTF-8 byte length is <= `maxBytes`. */\nfunction takeTailBytes(s: string, maxBytes: number): string {\n  if (maxBytes <= 0) return '';\n  if (Buffer.byteLength(s, 'utf8') <= maxBytes) return s;\n  let lo = 0;\n  let hi = s.length;\n  while (lo < hi) {\n    const mid = Math.ceil((lo + hi) / 2);\n    if (Buffer.byteLength(s.slice(s.length - mid), 'utf8') <= maxBytes) lo = mid;\n    else hi = mid - 1;\n  }\n  return s.slice(s.length - lo);\n}\n\n/**\n * Truncate to `maxBytes` keeping BOTH ends — the head (what ran / early context)\n * and the tail (errors and summaries usually land last), biased ~45/55 toward\n * the tail. The result never exceeds `maxBytes`.\n */\nexport function truncateHeadTail(s: string, maxBytes: number): string {\n  const total = Buffer.byteLength(s, 'utf8');\n  if (total <= maxBytes) return s;\n  // Reserve a fixed allowance for the marker so the final string can't exceed\n  // the cap even though the dropped-byte count's digit width varies.\n  const MARKER_RESERVE = 64;\n  const avail = Math.max(0, maxBytes - MARKER_RESERVE);\n  const headBudget = Math.floor(avail * 0.45);\n  const head = takeHeadBytes(s, headBudget);\n  const tail = takeTailBytes(s, avail - Buffer.byteLength(head, 'utf8'));\n  const kept = Buffer.byteLength(head, 'utf8') + Buffer.byteLength(tail, 'utf8');\n  return `${head}\\n…[truncated ${total - kept} bytes]…\\n${tail}`;\n}\n\n/**\n * Full token-saving pipeline for command tool output: strip ANSI → collapse\n * carriage-return progress → trim trailing whitespace → collapse identical\n * consecutive lines → squeeze blank-line runs → head+tail truncate to the cap.\n */\nexport function normalizeCommandOutput(\n  raw: string,\n  opts: { maxBytes?: number | undefined } = {},\n): string {\n  if (!raw) return raw;\n  let text = Core.stripAnsi(raw);\n  text = collapseCarriageReturns(text);\n  text = text.replace(/[ \\t]+$/gm, ''); // trailing whitespace per line\n  text = collapseConsecutiveDuplicates(text);\n  text = text.replace(/\\n{3,}/g, '\\n\\n'); // >=2 blank lines → 1\n  return truncateHeadTail(text, opts.maxBytes ?? COMMAND_OUTPUT_MAX_BYTES);\n}\n","import type { Tool, ToolStreamEvent } from '@wrongstack/core';\nimport { spawnStream } from './_spawn-stream.js';\nimport { detectPackageManager, safeResolve } from './_util.js';\n\ninterface AuditInput {\n  cwd?: string | undefined;\n  level?: 'low' | 'moderate' | 'high' | 'critical' | undefined;\n  fix?: boolean | undefined;\n  packages?: string | string[] | undefined;\n}\n\ninterface AuditVulnerability {\n  severity: string;\n  package: string;\n  title: string;\n  url: string;\n}\n\ninterface AuditOutput {\n  exit_code: number;\n  vulnerabilities: AuditVulnerability[];\n  total: number;\n  summary: string;\n  output: string;\n  truncated: boolean;\n}\n\nexport const auditTool: Tool<AuditInput, AuditOutput> = {\n  name: 'audit',\n  category: 'Package Management',\n  description:\n    'Run a security audit against project dependencies (using pnpm/npm audit). Reports known vulnerabilities with severity.',\n  usageHint:\n    'CRITICAL SECURITY TOOL:\\n\\n' +\n    '- Run regularly and especially before any release.\\n' +\n    '- Use `level` to focus on high/critical issues.\\n' +\n    '- `fix` can attempt automatic remediation for some vulnerabilities.\\n' +\n    'This is one of the most important tools for supply chain security.',\n  permission: 'confirm',\n  mutating: false,\n  timeoutMs: 60_000,\n  inputSchema: {\n    type: 'object',\n    properties: {\n      cwd: { type: 'string', description: 'Working directory (default: cwd)' },\n      level: {\n        type: 'string',\n        enum: ['low', 'moderate', 'high', 'critical'],\n        description: 'Minimum severity level to report',\n      },\n      fix: { type: 'boolean', description: 'Attempt to fix vulnerabilities (default: false)' },\n      packages: { type: 'string', description: 'Specific package(s) to audit (comma-separated)' },\n    },\n  },\n  async execute(input, ctx, opts) {\n    let final: AuditOutput | undefined;\n    const executeStream = auditTool.executeStream;\n    if (!executeStream) throw new Error('auditTool: stream execution unavailable');\n    for await (const ev of executeStream(input, ctx, opts)) {\n      if (ev.type === 'final') final = ev.output;\n    }\n    if (!final) throw new Error('audit: stream ended without final event');\n    return final;\n  },\n  async *executeStream(input, ctx, opts): AsyncGenerator<ToolStreamEvent<AuditOutput>> {\n    const cwd = input.cwd ? safeResolve(input.cwd, ctx) : ctx.cwd;\n    const manager = await detectPackageManager(cwd);\n    yield { type: 'log', text: `Auditing with ${manager}…`, data: { manager } };\n\n    const args = ['audit', '--json'];\n    if (input.fix) args.push('--fix');\n    if (input.packages) {\n      const pkgs = Array.isArray(input.packages) ? input.packages : input.packages.split(',');\n      args.push(...pkgs.map((p: string) => p.trim()));\n    }\n\n    const result = yield* spawnStream({\n      cmd: manager,\n      args,\n      cwd,\n      signal: opts.signal,\n      maxBytes: 100_000,\n    });\n\n    yield { type: 'final', output: parseAuditOutput(result.stdout, result.exitCode) };\n  },\n};\n\nfunction parseAuditOutput(json: string, exitCode: number): AuditOutput {\n  if (!json) {\n    return {\n      exit_code: exitCode,\n      vulnerabilities: [],\n      total: 0,\n      summary: exitCode === 0 ? 'No vulnerabilities found' : 'Audit failed',\n      output: '',\n      truncated: false,\n    };\n  }\n\n  try {\n    const data = JSON.parse(json);\n    const advisories: AuditVulnerability[] = [];\n    const ads = data.advisories ?? {};\n    for (const id of Object.keys(ads)) {\n      const adv = ads[id];\n      advisories.push({\n        severity: adv.severity ?? 'unknown',\n        package: adv.module_name ?? id,\n        title: adv.title ?? 'Unknown vulnerability',\n        url: adv.url ?? '',\n      });\n    }\n\n    const total = advisories.length;\n    const summary =\n      total === 0\n        ? 'No vulnerabilities found'\n        : `Found ${total} vulnerabilities: ${advisories.filter((a) => a.severity === 'critical').length} critical, ${advisories.filter((a) => a.severity === 'high').length} high`;\n\n    return {\n      exit_code: exitCode,\n      vulnerabilities: advisories,\n      total,\n      summary,\n      output: json,\n      truncated: json.length >= 100_000,\n    };\n  } catch {\n    return {\n      exit_code: exitCode,\n      vulnerabilities: [],\n      total: 0,\n      summary: 'Could not parse audit output',\n      output: json,\n      truncated: false,\n    };\n  }\n}\n"]}
+{"version":3,"sources":["../src/_win32-resolve.ts","../src/_spawn-stream.ts","../src/_util.ts","../src/audit.ts"],"names":["path","resolve"],"mappings":";;;;;;AAYO,SAAS,oBAAoB,GAAA,EAAqB;AACvD,EAAA,IAAI,OAAA,CAAQ,QAAA,KAAa,OAAA,EAAS,OAAO,GAAA;AAGzC,EAAA,IAAI,GAAA,CAAI,QAAA,CAAS,GAAG,CAAA,IAAK,GAAA,CAAI,SAAS,IAAI,CAAA,IAAUA,KAAA,CAAA,OAAA,CAAQ,GAAG,CAAA,EAAG;AAChE,IAAA,OAAO,GAAA;AAAA,EACT;AAEA,EAAA,MAAM,OAAA,GAAA,CAAW,QAAQ,GAAA,CAAI,SAAS,KAAK,uCAAA,EACxC,WAAA,EAAY,CACZ,KAAA,CAAM,GAAG,CAAA;AAEZ,EAAA,MAAM,YAAY,OAAA,CAAQ,GAAA,CAAI,MAAM,CAAA,IAAK,EAAA,EAAI,MAAWA,KAAA,CAAA,SAAS,CAAA;AAEjE,EAAA,KAAA,MAAW,OAAO,QAAA,EAAU;AAC1B,IAAA,MAAM,IAAA,GAAYA,KAAA,CAAA,IAAA,CAAK,GAAA,EAAK,GAAG,CAAA;AAG/B,IAAA,KAAA,MAAW,OAAO,OAAA,EAAS;AACzB,MAAA,MAAM,IAAA,GAAO,CAAA,EAAG,IAAI,CAAA,EAAG,GAAG,CAAA,CAAA;AAC1B,MAAA,IAAI;AACF,QAAG,EAAA,CAAA,UAAA,CAAW,IAAA,EAAS,EAAA,CAAA,SAAA,CAAU,IAAI,CAAA;AACrC,QAAA,OAAO,IAAA;AAAA,MACT,CAAA,CAAA,MAAQ;AAAA,MAER;AAAA,IACF;AAAA,EACF;AAIA,EAAA,OAAO,GAAA;AACT;;;ACbA,gBAAuB,YACrB,IAAA,EACsD;AACtD,EAAA,MAAM,GAAA,GAAM,KAAK,QAAY;AAC7B,EAAA,MAAM,OAAA,GAAU,IAAA,CAAK,UAAA,IAAc,CAAA,GAAI,IAAA;AACvC,EAAA,MAAM,QAAA,GAAW,KAAK,YAAA,IAAgB,GAAA;AACtC,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,IAAI,MAAA,GAAS,EAAA;AACb,EAAA,IAAI,OAAA,GAAU,EAAA;AACd,EAAA,IAAI,KAAA;AAEJ,EAAA,MAAM,GAAA,GAAM,mBAAA,CAAoB,IAAA,CAAK,GAAG,CAAA;AACxC,EAAA,MAAM,UAAA,GAAa,OAAA,CAAQ,QAAA,KAAa,OAAA,KAAY,GAAA,CAAI,SAAS,MAAM,CAAA,IAAK,GAAA,CAAI,QAAA,CAAS,MAAM,CAAA,CAAA;AAE/F,EAAA,MAAM,KAAA,GAAQ,KAAA,CAAM,GAAA,EAAK,IAAA,CAAK,IAAA,EAAM;AAAA,IAClC,KAAK,IAAA,CAAK,GAAA;AAAA,IACV,QAAQ,IAAA,CAAK,MAAA;AAAA,IACb,KAAK,aAAA,EAAc;AAAA,IACnB,KAAA,EAAO,CAAC,QAAA,EAAU,MAAA,EAAQ,MAAM,CAAA;AAAA,IAChC,GAAI,aAAa,EAAE,KAAA,EAAO,MAAM,wBAAA,EAA0B,IAAA,KAAS;AAAC,GACrE,CAAA;AAGD,EAAA,MAAM,QAAiB,EAAC;AACxB,EAAA,IAAI,MAAA;AACJ,EAAA,IAAI,MAAA,GAAS,KAAA;AACb,EAAA,MAAM,OAAO,MAAM;AACjB,IAAA,IAAI,MAAA,EAAQ;AACV,MAAA,MAAM,CAAA,GAAI,MAAA;AACV,MAAA,MAAA,GAAS,MAAA;AACT,MAAA,CAAA,EAAE;AAAA,IACJ;AAAA,EACF,CAAA;AAGA,EAAA,MAAM,SAAS,MAAM;AACnB,IAAA,IAAI,MAAA,IAAU,KAAA,CAAM,MAAA,GAAS,QAAA,EAAU;AACrC,MAAA,MAAA,GAAS,KAAA;AACT,MAAA,KAAA,CAAM,QAAQ,MAAA,EAAO;AACrB,MAAA,KAAA,CAAM,QAAQ,MAAA,EAAO;AAAA,IACvB;AAAA,EACF,CAAA;AAKA,EAAA,KAAA,CAAM,MAAA,EAAQ,EAAA,CAAG,MAAA,EAAQ,CAAC,CAAA,KAAM;AAC9B,IAAA,MAAM,CAAA,GAAI,EAAE,QAAA,EAAS;AACrB,IAAA,IAAI,MAAA,CAAO,MAAA,GAAS,GAAA,EAAK,MAAA,IAAU,CAAA;AACnC,IAAA,KAAA,CAAM,KAAK,EAAE,IAAA,EAAM,KAAA,EAAO,IAAA,EAAM,GAAG,CAAA;AACnC,IAAA,IAAA,EAAK;AAEL,IAAA,IAAI,CAAC,MAAA,IAAU,KAAA,CAAM,MAAA,IAAU,QAAA,EAAU;AACvC,MAAA,MAAA,GAAS,IAAA;AACT,MAAA,KAAA,CAAM,QAAQ,KAAA,EAAM;AACpB,MAAA,KAAA,CAAM,QAAQ,KAAA,EAAM;AAAA,IACtB;AAAA,EACF,CAAC,CAAA;AACD,EAAA,KAAA,CAAM,MAAA,EAAQ,EAAA,CAAG,MAAA,EAAQ,CAAC,CAAA,KAAM;AAC9B,IAAA,MAAM,CAAA,GAAI,EAAE,QAAA,EAAS;AACrB,IAAA,IAAI,MAAA,CAAO,MAAA,GAAS,GAAA,EAAK,MAAA,IAAU,CAAA;AACnC,IAAA,KAAA,CAAM,KAAK,EAAE,IAAA,EAAM,KAAA,EAAO,IAAA,EAAM,GAAG,CAAA;AACnC,IAAA,IAAA,EAAK;AACL,IAAA,IAAI,CAAC,MAAA,IAAU,KAAA,CAAM,MAAA,IAAU,QAAA,EAAU;AACvC,MAAA,MAAA,GAAS,IAAA;AACT,MAAA,KAAA,CAAM,QAAQ,KAAA,EAAM;AACpB,MAAA,KAAA,CAAM,QAAQ,KAAA,EAAM;AAAA,IACtB;AAAA,EACF,CAAC,CAAA;AACD,EAAA,KAAA,CAAM,EAAA,CAAG,OAAA,EAAS,CAAC,CAAA,KAAM;AACvB,IAAA,KAAA,GAAQ,CAAA,CAAE,OAAA;AACV,IAAA,KAAA,CAAM,KAAK,EAAE,IAAA,EAAM,SAAS,IAAA,EAAM,CAAA,CAAE,SAAS,CAAA;AAC7C,IAAA,IAAA,EAAK;AAAA,EACP,CAAC,CAAA;AACD,EAAA,KAAA,CAAM,EAAA,CAAG,OAAA,EAAS,CAAC,IAAA,KAAS;AAC1B,IAAA,KAAA,CAAM,IAAA,CAAK,EAAE,IAAA,EAAM,OAAA,EAAS,MAAM,EAAA,EAAI,IAAA,EAAM,IAAA,IAAQ,CAAA,EAAG,CAAA;AACvD,IAAA,IAAA,EAAK;AAAA,EACP,CAAC,CAAA;AAED,EAAA,IAAI,QAAA,GAAW,CAAA;AACf,EAAA,IAAI,WAAA,GAAc,KAAA;AAClB,EAAA,WAAS;AACP,IAAA,OAAO,KAAA,CAAM,WAAW,CAAA,EAAG;AACzB,MAAA,MAAM,IAAI,OAAA,CAAc,CAACC,QAAAA,KAAY;AACnC,QAAA,MAAA,GAASA,QAAAA;AAAA,MACX,CAAC,CAAA;AAAA,IACH;AACA,IAAA,MAAM,KAAA,GAAQ,MAAM,KAAA,EAAM;AAE1B,IAAA,MAAA,EAAO;AACP,IAAA,IAAI,KAAA,CAAM,SAAS,OAAA,EAAS;AAG1B,MAAA,IAAI,CAAC,WAAA,EAAa,QAAA,GAAW,KAAA,CAAM,IAAA,IAAQ,CAAA;AAC3C,MAAA;AAAA,IACF;AACA,IAAA,IAAI,KAAA,CAAM,SAAS,OAAA,EAAS;AAC1B,MAAA,WAAA,GAAc,IAAA;AACd,MAAA,QAAA,GAAW,CAAA;AAEX,MAAA;AAAA,IACF;AACA,IAAA,OAAA,IAAW,KAAA,CAAM,IAAA;AACjB,IAAA,IAAI,OAAA,CAAQ,UAAU,OAAA,EAAS;AAC7B,MAAA,MAAM,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,OAAA,EAAQ;AAC9C,MAAA,OAAA,GAAU,EAAA;AAAA,IACZ;AAAA,EACF;AACA,EAAA,IAAI,OAAA,CAAQ,SAAS,CAAA,EAAG;AACtB,IAAA,MAAM,EAAE,IAAA,EAAM,gBAAA,EAAkB,IAAA,EAAM,OAAA,EAAQ;AAAA,EAChD;AAEA,EAAA,OAAO;AAAA,IACL,MAAA;AAAA,IACA,MAAA;AAAA,IACA,QAAA;AAAA,IACA,SAAA,EAAW,MAAA,CAAO,MAAA,IAAU,GAAA,IAAO,OAAO,MAAA,IAAU,GAAA;AAAA,IACpD;AAAA,GACF;AACF;ACzIA,eAAsB,qBAAqB,GAAA,EAAsC;AAC/E,EAAA,MAAM,EAAE,IAAA,EAAK,GAAI,MAAM,OAAO,kBAAkB,CAAA;AAChD,EAAA,IAAI;AACF,IAAA,MAAM,IAAA,CAAK,CAAA,EAAG,GAAG,CAAA,eAAA,CAAiB,CAAA;AAClC,IAAA,OAAO,MAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,IAAI;AACF,IAAA,MAAM,IAAA,CAAK,CAAA,EAAG,GAAG,CAAA,UAAA,CAAY,CAAA;AAC7B,IAAA,OAAO,MAAA;AAAA,EACT,CAAA,CAAA,MAAQ;AAAA,EAER;AACA,EAAA,OAAO,KAAA;AACT;AAEO,SAAS,WAAA,CAAY,OAAe,GAAA,EAAsB;AAC/D,EAAA,OAAY,KAAA,CAAA,UAAA,CAAW,KAAK,CAAA,GAAS,KAAA,CAAA,SAAA,CAAU,KAAK,CAAA,GAAS,KAAA,CAAA,OAAA,CAAQ,GAAA,CAAI,UAAA,IAAc,GAAA,CAAI,GAAA,EAAK,KAAK,CAAA;AACvG;AAEO,SAAS,gBAAA,CAAiB,SAAiB,GAAA,EAAsB;AACtE,EAAA,MAAM,IAAA,GAAY,KAAA,CAAA,OAAA,CAAQ,GAAA,CAAI,WAAW,CAAA;AACzC,EAAA,MAAM,MAAA,GAAc,cAAQ,OAAO,CAAA;AACnC,EAAA,MAAM,GAAA,GAAW,KAAA,CAAA,QAAA,CAAS,IAAA,EAAM,MAAM,CAAA;AACtC,EAAA,IAAI,IAAI,UAAA,CAAW,IAAI,CAAA,IAAU,KAAA,CAAA,UAAA,CAAW,GAAG,CAAA,EAAG;AAChD,IAAA,MAAM,IAAI,KAAA,CAAM,CAAA,MAAA,EAAS,OAAO,CAAA,2BAAA,EAA8B,IAAI,CAAA,CAAA,CAAG,CAAA;AAAA,EACvE;AACA,EAAA,OAAO,MAAA;AACT;AAEO,SAAS,WAAA,CAAY,OAAe,GAAA,EAAsB;AAC/D,EAAA,OAAO,gBAAA,CAAiB,WAAA,CAAY,KAAA,EAAO,GAAG,GAAG,GAAG,CAAA;AACtD;;;ACnBO,IAAM,SAAA,GAA2C;AAAA,EACtD,IAAA,EAAM,OAAA;AAAA,EACN,QAAA,EAAU,oBAAA;AAAA,EACV,WAAA,EACE,wHAAA;AAAA,EACF,SAAA,EACE,yQAAA;AAAA,EAKF,UAAA,EAAY,SAAA;AAAA,EACZ,QAAA,EAAU,KAAA;AAAA,EACV,SAAA,EAAW,GAAA;AAAA,EACX,WAAA,EAAa;AAAA,IACX,IAAA,EAAM,QAAA;AAAA,IACN,UAAA,EAAY;AAAA,MACV,GAAA,EAAK,EAAE,IAAA,EAAM,QAAA,EAAU,aAAa,kCAAA,EAAmC;AAAA,MACvE,KAAA,EAAO;AAAA,QACL,IAAA,EAAM,QAAA;AAAA,QACN,IAAA,EAAM,CAAC,KAAA,EAAO,UAAA,EAAY,QAAQ,UAAU,CAAA;AAAA,QAC5C,WAAA,EAAa;AAAA,OACf;AAAA,MACA,GAAA,EAAK,EAAE,IAAA,EAAM,SAAA,EAAW,aAAa,iDAAA,EAAkD;AAAA,MACvF,QAAA,EAAU,EAAE,IAAA,EAAM,QAAA,EAAU,aAAa,gDAAA;AAAiD;AAC5F,GACF;AAAA,EACA,MAAM,OAAA,CAAQ,KAAA,EAAO,GAAA,EAAK,IAAA,EAAM;AAC9B,IAAA,IAAI,KAAA;AACJ,IAAA,MAAM,gBAAgB,SAAA,CAAU,aAAA;AAChC,IAAA,IAAI,CAAC,aAAA,EAAe,MAAM,IAAI,MAAM,yCAAyC,CAAA;AAC7E,IAAA,WAAA,MAAiB,EAAA,IAAM,aAAA,CAAc,KAAA,EAAO,GAAA,EAAK,IAAI,CAAA,EAAG;AACtD,MAAA,IAAI,EAAA,CAAG,IAAA,KAAS,OAAA,EAAS,KAAA,GAAQ,EAAA,CAAG,MAAA;AAAA,IACtC;AACA,IAAA,IAAI,CAAC,KAAA,EAAO,MAAM,IAAI,MAAM,yCAAyC,CAAA;AACrE,IAAA,OAAO,KAAA;AAAA,EACT,CAAA;AAAA,EACA,OAAO,aAAA,CAAc,KAAA,EAAO,GAAA,EAAK,IAAA,EAAoD;AACnF,IAAA,MAAM,GAAA,GAAM,MAAM,GAAA,GAAM,WAAA,CAAY,MAAM,GAAA,EAAK,GAAG,IAAI,GAAA,CAAI,GAAA;AAC1D,IAAA,MAAM,OAAA,GAAU,MAAM,oBAAA,CAAqB,GAAG,CAAA;AAC9C,IAAA,MAAM,EAAE,IAAA,EAAM,KAAA,EAAO,IAAA,EAAM,CAAA,cAAA,EAAiB,OAAO,CAAA,MAAA,CAAA,EAAK,IAAA,EAAM,EAAE,OAAA,EAAQ,EAAE;AAE1E,IAAA,MAAM,IAAA,GAAO,CAAC,OAAA,EAAS,QAAQ,CAAA;AAC/B,IAAA,IAAI,KAAA,CAAM,GAAA,EAAK,IAAA,CAAK,IAAA,CAAK,OAAO,CAAA;AAChC,IAAA,IAAI,MAAM,QAAA,EAAU;AAClB,MAAA,MAAM,IAAA,GAAO,KAAA,CAAM,OAAA,CAAQ,KAAA,CAAM,QAAQ,CAAA,GAAI,KAAA,CAAM,QAAA,GAAW,KAAA,CAAM,QAAA,CAAS,KAAA,CAAM,GAAG,CAAA;AACtF,MAAA,IAAA,CAAK,IAAA,CAAK,GAAG,IAAA,CAAK,GAAA,CAAI,CAAC,CAAA,KAAc,CAAA,CAAE,IAAA,EAAM,CAAC,CAAA;AAAA,IAChD;AAEA,IAAA,MAAM,MAAA,GAAS,OAAO,WAAA,CAAY;AAAA,MAChC,GAAA,EAAK,OAAA;AAAA,MACL,IAAA;AAAA,MACA,GAAA;AAAA,MACA,QAAQ,IAAA,CAAK,MAAA;AAAA,MACb,QAAA,EAAU;AAAA,KACX,CAAA;AAED,IAAA,MAAM,EAAE,MAAM,OAAA,EAAS,MAAA,EAAQ,iBAAiB,MAAA,CAAO,MAAA,EAAQ,MAAA,CAAO,QAAQ,CAAA,EAAE;AAAA,EAClF;AACF;AAEA,SAAS,gBAAA,CAAiB,MAAc,QAAA,EAA+B;AACrE,EAAA,IAAI,CAAC,IAAA,EAAM;AACT,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,QAAA;AAAA,MACX,iBAAiB,EAAC;AAAA,MAClB,KAAA,EAAO,CAAA;AAAA,MACP,OAAA,EAAS,QAAA,KAAa,CAAA,GAAI,0BAAA,GAA6B,cAAA;AAAA,MACvD,MAAA,EAAQ,EAAA;AAAA,MACR,SAAA,EAAW;AAAA,KACb;AAAA,EACF;AAEA,EAAA,IAAI;AACF,IAAA,MAAM,IAAA,GAAO,IAAA,CAAK,KAAA,CAAM,IAAI,CAAA;AAC5B,IAAA,MAAM,aAAmC,EAAC;AAC1C,IAAA,MAAM,GAAA,GAAM,IAAA,CAAK,UAAA,IAAc,EAAC;AAChC,IAAA,KAAA,MAAW,EAAA,IAAM,MAAA,CAAO,IAAA,CAAK,GAAG,CAAA,EAAG;AACjC,MAAA,MAAM,GAAA,GAAM,IAAI,EAAE,CAAA;AAClB,MAAA,UAAA,CAAW,IAAA,CAAK;AAAA,QACd,QAAA,EAAU,IAAI,QAAA,IAAY,SAAA;AAAA,QAC1B,OAAA,EAAS,IAAI,WAAA,IAAe,EAAA;AAAA,QAC5B,KAAA,EAAO,IAAI,KAAA,IAAS,uBAAA;AAAA,QACpB,GAAA,EAAK,IAAI,GAAA,IAAO;AAAA,OACjB,CAAA;AAAA,IACH;AAEA,IAAA,MAAM,QAAQ,UAAA,CAAW,MAAA;AACzB,IAAA,MAAM,OAAA,GACJ,KAAA,KAAU,CAAA,GACN,0BAAA,GACA,CAAA,MAAA,EAAS,KAAK,CAAA,kBAAA,EAAqB,UAAA,CAAW,MAAA,CAAO,CAAC,CAAA,KAAM,CAAA,CAAE,aAAa,UAAU,CAAA,CAAE,MAAM,CAAA,WAAA,EAAc,UAAA,CAAW,MAAA,CAAO,CAAC,CAAA,KAAM,CAAA,CAAE,QAAA,KAAa,MAAM,CAAA,CAAE,MAAM,CAAA,KAAA,CAAA;AAEvK,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,QAAA;AAAA,MACX,eAAA,EAAiB,UAAA;AAAA,MACjB,KAAA;AAAA,MACA,OAAA;AAAA,MACA,MAAA,EAAQ,IAAA;AAAA,MACR,SAAA,EAAW,KAAK,MAAA,IAAU;AAAA,KAC5B;AAAA,EACF,CAAA,CAAA,MAAQ;AACN,IAAA,OAAO;AAAA,MACL,SAAA,EAAW,QAAA;AAAA,MACX,iBAAiB,EAAC;AAAA,MAClB,KAAA,EAAO,CAAA;AAAA,MACP,OAAA,EAAS,8BAAA;AAAA,MACT,MAAA,EAAQ,IAAA;AAAA,MACR,SAAA,EAAW;AAAA,KACb;AAAA,EACF;AACF","file":"audit.js","sourcesContent":["import * as fs from 'node:fs';\nimport * as path from 'node:path';\n\n/**\n * On Windows, Node.js `spawn()` without a shell does NOT resolve .cmd/.bat\n * extensions through PATHEXT — it only auto-resolves .exe. Most Node.js CLI\n * tools (npx, pnpm, biome, tsc, vitest, etc.) ship as .cmd wrappers on\n * Windows. This function resolves the command name to its full path so spawn\n * can find it without relying on shell-mode argument concatenation.\n *\n * On non-Windows, returns the command unchanged.\n */\nexport function resolveWin32Command(cmd: string): string {\n  if (process.platform !== 'win32') return cmd;\n\n  // Already has a path or extension — use as-is\n  if (cmd.includes('/') || cmd.includes('\\\\') || path.extname(cmd)) {\n    return cmd;\n  }\n\n  const pathext = (process.env['PATHEXT'] ?? '.COM;.EXE;.BAT;.CMD;.VBS;.JS;.WS;.MSC')\n    .toLowerCase()\n    .split(';');\n\n  const pathDirs = (process.env['PATH'] ?? '').split(path.delimiter);\n\n  for (const dir of pathDirs) {\n    const base = path.join(dir, cmd);\n    // Check extensions in PATHEXT order. .EXE should win first because\n    // it's typically listed first, and .exe doesn't need shell: true.\n    for (const ext of pathext) {\n      const full = `${base}${ext}`;\n      try {\n        fs.accessSync(full, fs.constants.X_OK);\n        return full;\n      } catch {\n        // Not found with this extension — try next\n      }\n    }\n  }\n\n  // Not found — return original; let spawn report ENOENT with the\n  // expected error message so tools can surface it properly.\n  return cmd;\n}\n","import { spawn } from 'node:child_process';\nimport { buildChildEnv } from '@wrongstack/core';\nimport type { ToolProgressEvent } from '@wrongstack/core';\nimport { resolveWin32Command } from './_win32-resolve.js';\nexport interface SpawnStreamResult {\n  stdout: string;\n  stderr: string;\n  exitCode: number;\n  truncated: boolean;\n  error?: string | undefined;\n}\n\nexport interface SpawnStreamOptions {\n  cmd: string;\n  args: string[];\n  cwd: string;\n  signal: AbortSignal;\n  maxBytes?: number | undefined;\n  /** Bytes of new stdout/stderr to accumulate before yielding a `partial_output` event. */\n  flushBytes?: number | undefined;\n  /** Maximum chunks to buffer before applying backpressure to the child. Default 500. */\n  maxQueueSize?: number | undefined;\n}\n\n/**\n * Spawn a child process and yield `partial_output` progress events as\n * stdout/stderr arrive (batched by byte threshold), then return the full\n * buffered result. Shared between install/lint/format/typecheck/test/audit\n * so the TUI live tail sees consistent progress regardless of which tool\n * is running.\n */\nexport async function* spawnStream(\n  opts: SpawnStreamOptions,\n): AsyncGenerator<ToolProgressEvent, SpawnStreamResult> {\n  const max = opts.maxBytes ?? 200_000;\n  const flushAt = opts.flushBytes ?? 4 * 1024;\n  const maxQueue = opts.maxQueueSize ?? 500;\n  let stdout = '';\n  let stderr = '';\n  let pending = '';\n  let error: string | undefined;\n\n  const cmd = resolveWin32Command(opts.cmd);\n  const needsShell = process.platform === 'win32' && (cmd.endsWith('.cmd') || cmd.endsWith('.bat'));\n\n  const child = spawn(cmd, opts.args, {\n    cwd: opts.cwd,\n    signal: opts.signal,\n    env: buildChildEnv(),\n    stdio: ['ignore', 'pipe', 'pipe'],\n    ...(needsShell ? { shell: true, windowsVerbatimArguments: true } : {}),\n  });\n\n  type Chunk = { kind: 'out' | 'err' | 'close' | 'error'; data: string; code?: number | undefined };\n  const queue: Chunk[] = [];\n  let waiter: (() => void) | undefined;\n  let paused = false;\n  const wake = () => {\n    if (waiter) {\n      const w = waiter;\n      waiter = undefined;\n      w();\n    }\n  };\n\n  // Resume the stream when there's room in the queue\n  const resume = () => {\n    if (paused && queue.length < maxQueue) {\n      paused = false;\n      child.stdout?.resume();\n      child.stderr?.resume();\n    }\n  };\n\n  // Note: chunks may still arrive briefly after pause() (already in flight) —\n  // they are accumulated and queued rather than dropped, so the queue can\n  // overshoot maxQueue by a few entries but no output is silently lost.\n  child.stdout?.on('data', (c) => {\n    const s = c.toString();\n    if (stdout.length < max) stdout += s;\n    queue.push({ kind: 'out', data: s });\n    wake();\n    // Apply backpressure if queue is growing faster than we consume\n    if (!paused && queue.length >= maxQueue) {\n      paused = true;\n      child.stdout?.pause();\n      child.stderr?.pause();\n    }\n  });\n  child.stderr?.on('data', (c) => {\n    const s = c.toString();\n    if (stderr.length < max) stderr += s;\n    queue.push({ kind: 'err', data: s });\n    wake();\n    if (!paused && queue.length >= maxQueue) {\n      paused = true;\n      child.stdout?.pause();\n      child.stderr?.pause();\n    }\n  });\n  child.on('error', (e) => {\n    error = e.message;\n    queue.push({ kind: 'error', data: e.message });\n    wake();\n  });\n  child.on('close', (code) => {\n    queue.push({ kind: 'close', data: '', code: code ?? 0 });\n    wake();\n  });\n\n  let exitCode = 0;\n  let spawnFailed = false;\n  for (;;) {\n    while (queue.length === 0) {\n      await new Promise<void>((resolve) => {\n        waiter = resolve;\n      });\n    }\n    const chunk = queue.shift()!;\n    // Resume reading after consuming a chunk\n    resume();\n    if (chunk.kind === 'close') {\n      // If we already saw a spawn error (ENOENT etc.), keep exitCode=1\n      // rather than the negative platform code Node fabricates.\n      if (!spawnFailed) exitCode = chunk.code ?? 0;\n      break;\n    }\n    if (chunk.kind === 'error') {\n      spawnFailed = true;\n      exitCode = 1;\n      // close usually follows\n      continue;\n    }\n    pending += chunk.data;\n    if (pending.length >= flushAt) {\n      yield { type: 'partial_output', text: pending };\n      pending = '';\n    }\n  }\n  if (pending.length > 0) {\n    yield { type: 'partial_output', text: pending };\n  }\n\n  return {\n    stdout,\n    stderr,\n    exitCode,\n    truncated: stdout.length >= max || stderr.length >= max,\n    error,\n  };\n}\n","import * as fsp from 'node:fs/promises';\nimport * as path from 'node:path';\nimport * as Core from '@wrongstack/core';\nimport type { Context } from '@wrongstack/core';\n/** Detected package manager for a project directory. */\nexport type PackageManager = 'pnpm' | 'yarn' | 'npm';\n\n/**\n * Detect the project's package manager by inspecting lockfiles in `cwd`.\n * Order: pnpm → yarn → npm (default). Missing or unreadable directories fall\n * back to `npm` rather than throwing, so a `safeResolve`-checked cwd that\n * happens to be empty never aborts the tool.\n */\nexport async function detectPackageManager(cwd: string): Promise<PackageManager> {\n  const { stat } = await import('node:fs/promises');\n  try {\n    await stat(`${cwd}/pnpm-lock.yaml`);\n    return 'pnpm';\n  } catch {\n    /* not pnpm */\n  }\n  try {\n    await stat(`${cwd}/yarn.lock`);\n    return 'yarn';\n  } catch {\n    /* not yarn */\n  }\n  return 'npm';\n}\n\nexport function resolvePath(input: string, ctx: Context): string {\n  return path.isAbsolute(input) ? path.normalize(input) : path.resolve(ctx.workingDir ?? ctx.cwd, input);\n}\n\nexport function ensureInsideRoot(absPath: string, ctx: Context): string {\n  const root = path.resolve(ctx.projectRoot);\n  const target = path.resolve(absPath);\n  const rel = path.relative(root, target);\n  if (rel.startsWith('..') || path.isAbsolute(rel)) {\n    throw new Error(`Path \"${absPath}\" is outside project root \"${root}\"`);\n  }\n  return target;\n}\n\nexport function safeResolve(input: string, ctx: Context): string {\n  return ensureInsideRoot(resolvePath(input, ctx), ctx);\n}\n\n/**\n * Defense against in-root→out-of-root symlink escape (CWE-59). `safeResolve`\n * only does a syntactic `../` check, so a symlink that lives *inside* the\n * project root but points outside still passes it. This resolves the path\n * through `fs.realpath` and re-verifies containment against the realpath of\n * the project root (comparing like-for-like, since the root itself may be a\n * symlink — macOS `/var`→`/private/var`, Windows 8.3 short names). For a path\n * that does not exist yet (e.g. a `write` to a new file) the nearest existing\n * ancestor directory is checked instead. Throws if the real target escapes.\n *\n * Mirrors the per-file guard already used in `replace.ts`/`grep.ts`; applied\n * to single-file `read`/`edit`/`write` it throws (rather than skips) because\n * the caller named exactly one file.\n */\nexport async function assertRealInsideRoot(absPath: string, ctx: Context): Promise<void> {\n  const realRoot = await fsp.realpath(ctx.projectRoot).catch(() => path.resolve(ctx.projectRoot));\n  let probe = absPath;\n  for (;;) {\n    let real: string;\n    try {\n      real = await fsp.realpath(probe);\n    } catch (err) {\n      if ((err as NodeJS.ErrnoException).code === 'ENOENT') {\n        const parent = path.dirname(probe);\n        if (parent === probe) return; // reached fs root without escaping\n        probe = parent;\n        continue;\n      }\n      throw err;\n    }\n    const rel = path.relative(realRoot, real);\n    if (rel.startsWith('..') || path.isAbsolute(rel)) {\n      throw new Error(\n        `Path \"${absPath}\" resolves through a symlink outside project root \"${realRoot}\"`,\n      );\n    }\n    return;\n  }\n}\n\n/** `safeResolve` + symlink realpath containment check. Async. */\nexport async function safeResolveReal(input: string, ctx: Context): Promise<string> {\n  const abs = safeResolve(input, ctx);\n  await assertRealInsideRoot(abs, ctx);\n  return abs;\n}\n\nexport function truncateMiddle(s: string, max: number): string {\n  if (Buffer.byteLength(s, 'utf8') <= max) return s;\n  const half = Math.floor(max / 2);\n  return (\n    s.slice(0, half) +\n    `\\n…[truncated ${Buffer.byteLength(s, 'utf8') - max} bytes from middle]…\\n` +\n    s.slice(-half)\n  );\n}\n\nexport function isBinaryBuffer(buf: Buffer): boolean {\n  const len = Math.min(buf.length, 8192);\n  for (let i = 0; i < len; i++) {\n    if (buf[i] === 0) return true;\n  }\n  return false;\n}\n\n// ─── Command-output normalization (token-saving) ────────────────────────────\n//\n// Raw process output is full of tokens the model gains nothing from: ANSI\n// escapes, carriage-return progress spam, runs of identical warning lines, and\n// huge tails of build noise. These helpers strip that noise before the output\n// reaches the LLM. They are scoped to COMMAND tools (bash/git/exec and the\n// _spawn-stream consumers) — never applied to structured/code outputs.\n\n/** Unified byte cap for all command tool output fed to the model. */\nexport const COMMAND_OUTPUT_MAX_BYTES = 32_768;\n\n/** Runs of >= this many identical consecutive lines are collapsed. */\nconst REPEAT_RUN_THRESHOLD = 3;\n\n/**\n * Collapse carriage-return overwrites the way a terminal would: `\\r\\n` becomes\n * `\\n`, and a bare `\\r` (progress redraw) keeps only the text after the LAST\n * `\\r` on its physical line. Without this, a single progress bar that redraws\n * 200 times explodes into 200 lines.\n */\nexport function collapseCarriageReturns(text: string): string {\n  const lf = text.replace(/\\r\\n/g, '\\n');\n  if (!lf.includes('\\r')) return lf;\n  return lf\n    .split('\\n')\n    .map((line) => (line.includes('\\r') ? line.slice(line.lastIndexOf('\\r') + 1) : line))\n    .join('\\n');\n}\n\n/**\n * Collapse a run of `minRun`+ identical consecutive lines into the line once\n * plus a marker. Consecutive-only — it never reorders or dedups non-adjacent\n * lines, so diffs/source stay intact.\n */\nexport function collapseConsecutiveDuplicates(text: string, minRun = REPEAT_RUN_THRESHOLD): string {\n  const lines = text.split('\\n');\n  const out: string[] = [];\n  let i = 0;\n  while (i < lines.length) {\n    let j = i + 1;\n    while (j < lines.length && lines[j] === lines[i]) j++;\n    const run = j - i;\n    if (run >= minRun) {\n      out.push(lines[i]!, `… ⟨repeated ${run}×⟩`);\n    } else {\n      for (let k = i; k < j; k++) out.push(lines[k]!);\n    }\n    i = j;\n  }\n  return out.join('\\n');\n}\n\n/** Largest prefix of `s` whose UTF-8 byte length is <= `maxBytes`. */\nfunction takeHeadBytes(s: string, maxBytes: number): string {\n  if (maxBytes <= 0) return '';\n  if (Buffer.byteLength(s, 'utf8') <= maxBytes) return s;\n  let lo = 0;\n  let hi = s.length;\n  while (lo < hi) {\n    const mid = Math.ceil((lo + hi) / 2);\n    if (Buffer.byteLength(s.slice(0, mid), 'utf8') <= maxBytes) lo = mid;\n    else hi = mid - 1;\n  }\n  return s.slice(0, lo);\n}\n\n/** Largest suffix of `s` whose UTF-8 byte length is <= `maxBytes`. */\nfunction takeTailBytes(s: string, maxBytes: number): string {\n  if (maxBytes <= 0) return '';\n  if (Buffer.byteLength(s, 'utf8') <= maxBytes) return s;\n  let lo = 0;\n  let hi = s.length;\n  while (lo < hi) {\n    const mid = Math.ceil((lo + hi) / 2);\n    if (Buffer.byteLength(s.slice(s.length - mid), 'utf8') <= maxBytes) lo = mid;\n    else hi = mid - 1;\n  }\n  return s.slice(s.length - lo);\n}\n\n/**\n * Truncate to `maxBytes` keeping BOTH ends — the head (what ran / early context)\n * and the tail (errors and summaries usually land last), biased ~45/55 toward\n * the tail. The result never exceeds `maxBytes`.\n */\nexport function truncateHeadTail(s: string, maxBytes: number): string {\n  const total = Buffer.byteLength(s, 'utf8');\n  if (total <= maxBytes) return s;\n  // Reserve a fixed allowance for the marker so the final string can't exceed\n  // the cap even though the dropped-byte count's digit width varies.\n  const MARKER_RESERVE = 64;\n  const avail = Math.max(0, maxBytes - MARKER_RESERVE);\n  const headBudget = Math.floor(avail * 0.45);\n  const head = takeHeadBytes(s, headBudget);\n  const tail = takeTailBytes(s, avail - Buffer.byteLength(head, 'utf8'));\n  const kept = Buffer.byteLength(head, 'utf8') + Buffer.byteLength(tail, 'utf8');\n  return `${head}\\n…[truncated ${total - kept} bytes]…\\n${tail}`;\n}\n\n/**\n * Full token-saving pipeline for command tool output: strip ANSI → collapse\n * carriage-return progress → trim trailing whitespace → collapse identical\n * consecutive lines → squeeze blank-line runs → head+tail truncate to the cap.\n */\nexport function normalizeCommandOutput(\n  raw: string,\n  opts: { maxBytes?: number | undefined } = {},\n): string {\n  if (!raw) return raw;\n  let text = Core.stripAnsi(raw);\n  text = collapseCarriageReturns(text);\n  text = text.replace(/[ \\t]+$/gm, ''); // trailing whitespace per line\n  text = collapseConsecutiveDuplicates(text);\n  text = text.replace(/\\n{3,}/g, '\\n\\n'); // >=2 blank lines → 1\n  return truncateHeadTail(text, opts.maxBytes ?? COMMAND_OUTPUT_MAX_BYTES);\n}\n","import type { Tool, ToolStreamEvent } from '@wrongstack/core';\nimport { spawnStream } from './_spawn-stream.js';\nimport { detectPackageManager, safeResolve } from './_util.js';\n\ninterface AuditInput {\n  cwd?: string | undefined;\n  level?: 'low' | 'moderate' | 'high' | 'critical' | undefined;\n  fix?: boolean | undefined;\n  packages?: string | string[] | undefined;\n}\n\ninterface AuditVulnerability {\n  severity: string;\n  package: string;\n  title: string;\n  url: string;\n}\n\ninterface AuditOutput {\n  exit_code: number;\n  vulnerabilities: AuditVulnerability[];\n  total: number;\n  summary: string;\n  output: string;\n  truncated: boolean;\n}\n\nexport const auditTool: Tool<AuditInput, AuditOutput> = {\n  name: 'audit',\n  category: 'Package Management',\n  description:\n    'Run a security audit against project dependencies (using pnpm/npm audit). Reports known vulnerabilities with severity.',\n  usageHint:\n    'CRITICAL SECURITY TOOL:\\n\\n' +\n    '- Run regularly and especially before any release.\\n' +\n    '- Use `level` to focus on high/critical issues.\\n' +\n    '- `fix` can attempt automatic remediation for some vulnerabilities.\\n' +\n    'This is one of the most important tools for supply chain security.',\n  permission: 'confirm',\n  mutating: false,\n  timeoutMs: 60_000,\n  inputSchema: {\n    type: 'object',\n    properties: {\n      cwd: { type: 'string', description: 'Working directory (default: cwd)' },\n      level: {\n        type: 'string',\n        enum: ['low', 'moderate', 'high', 'critical'],\n        description: 'Minimum severity level to report',\n      },\n      fix: { type: 'boolean', description: 'Attempt to fix vulnerabilities (default: false)' },\n      packages: { type: 'string', description: 'Specific package(s) to audit (comma-separated)' },\n    },\n  },\n  async execute(input, ctx, opts) {\n    let final: AuditOutput | undefined;\n    const executeStream = auditTool.executeStream;\n    if (!executeStream) throw new Error('auditTool: stream execution unavailable');\n    for await (const ev of executeStream(input, ctx, opts)) {\n      if (ev.type === 'final') final = ev.output;\n    }\n    if (!final) throw new Error('audit: stream ended without final event');\n    return final;\n  },\n  async *executeStream(input, ctx, opts): AsyncGenerator<ToolStreamEvent<AuditOutput>> {\n    const cwd = input.cwd ? safeResolve(input.cwd, ctx) : ctx.cwd;\n    const manager = await detectPackageManager(cwd);\n    yield { type: 'log', text: `Auditing with ${manager}…`, data: { manager } };\n\n    const args = ['audit', '--json'];\n    if (input.fix) args.push('--fix');\n    if (input.packages) {\n      const pkgs = Array.isArray(input.packages) ? input.packages : input.packages.split(',');\n      args.push(...pkgs.map((p: string) => p.trim()));\n    }\n\n    const result = yield* spawnStream({\n      cmd: manager,\n      args,\n      cwd,\n      signal: opts.signal,\n      maxBytes: 100_000,\n    });\n\n    yield { type: 'final', output: parseAuditOutput(result.stdout, result.exitCode) };\n  },\n};\n\nfunction parseAuditOutput(json: string, exitCode: number): AuditOutput {\n  if (!json) {\n    return {\n      exit_code: exitCode,\n      vulnerabilities: [],\n      total: 0,\n      summary: exitCode === 0 ? 'No vulnerabilities found' : 'Audit failed',\n      output: '',\n      truncated: false,\n    };\n  }\n\n  try {\n    const data = JSON.parse(json);\n    const advisories: AuditVulnerability[] = [];\n    const ads = data.advisories ?? {};\n    for (const id of Object.keys(ads)) {\n      const adv = ads[id];\n      advisories.push({\n        severity: adv.severity ?? 'unknown',\n        package: adv.module_name ?? id,\n        title: adv.title ?? 'Unknown vulnerability',\n        url: adv.url ?? '',\n      });\n    }\n\n    const total = advisories.length;\n    const summary =\n      total === 0\n        ? 'No vulnerabilities found'\n        : `Found ${total} vulnerabilities: ${advisories.filter((a) => a.severity === 'critical').length} critical, ${advisories.filter((a) => a.severity === 'high').length} high`;\n\n    return {\n      exit_code: exitCode,\n      vulnerabilities: advisories,\n      total,\n      summary,\n      output: json,\n      truncated: json.length >= 100_000,\n    };\n  } catch {\n    return {\n      exit_code: exitCode,\n      vulnerabilities: [],\n      total: 0,\n      summary: 'Could not parse audit output',\n      output: json,\n      truncated: false,\n    };\n  }\n}\n"]}

package/dist/bash.js

@@ -139,8 +139,13 @@ var CircuitBreaker = class {
    * Call this BEFORE spawning a bash/exec process.
    * Returns true if the call is allowed; false if the breaker is open.
    * When false, callers MUST NOT spawn a process.
+   *
+   * @param bypass - If true, skip the circuit breaker check entirely.
+   *                  Use for background/fire-and-forget processes that should
+   *                  not affect breaker state.
    */
-  beforeCall() {
+  beforeCall(bypass = false) {
+    if (bypass) return true;
     this._checkStateTransition();
     if (this.state === "open") return false;
     return true;
@@ -150,8 +155,12 @@ var CircuitBreaker = class {
    * `durationMs` is the wall-clock time the process ran.
    * `failed` is true when the process returned a non-zero exit code or
    * threw an exception before spawning.
+   *
+   * @param bypass - If true, do not update breaker state.
+   *                  Use for background/fire-and-forget processes.
    */
-  afterCall(durationMs, failed) {
+  afterCall(durationMs, failed, bypass = false) {
+    if (bypass) return;
     const now = Date.now();
     if (this.state === "half-open") {
       if (failed) {
@@ -250,6 +259,17 @@ function redactCommand(cmd) {
   return result;
 }
 var DEFAULT_GRACE_MS = 2e3;
+function killWin32Tree(pid) {
+  try {
+    spawn("taskkill", ["/pid", String(pid), "/T", "/F"], {
+      stdio: "ignore",
+      windowsHide: true
+    }).unref();
+    return true;
+  } catch {
+    return false;
+  }
+}
 var ProcessRegistryImpl = class {
   processes = /* @__PURE__ */ new Map();
   breaker;
@@ -307,16 +327,20 @@ var ProcessRegistryImpl = class {
   /**
    * Called before spawning a process. Returns true if allowed; false if
    * the circuit breaker is open.
+   *
+   * @param bypass - If true, skip circuit breaker check (for background processes).
    */
-  beforeCall() {
-    return this.breaker.beforeCall();
+  beforeCall(bypass = false) {
+    return this.breaker.beforeCall(bypass);
   }
   /**
    * Called after a process finishes. `durationMs` is wall-clock time;
    * `failed` is true for non-zero exit codes.
+   *
+   * @param bypass - If true, do not update circuit breaker state (for background processes).
    */
-  afterCall(durationMs, failed) {
-    this.breaker.afterCall(durationMs, failed);
+  afterCall(durationMs, failed, bypass = false) {
+    this.breaker.afterCall(durationMs, failed, bypass);
   }
   /** Force-open the circuit breaker (Ctrl+C, /kill force). */
   forceBreakerOpen() {
@@ -347,9 +371,22 @@ var ProcessRegistryImpl = class {
     const { force = false, graceMs = DEFAULT_GRACE_MS } = opts;
     const isWin = os.platform() === "win32";
     if (isWin) {
-      try {
-        p.child.kill(force ? "SIGKILL" : "SIGTERM");
-      } catch {
+      const liveRealChild = p.child.exitCode === null && typeof p.child.pid === "number";
+      if (liveRealChild && killWin32Tree(pid)) {
+        const fallback = setTimeout(() => {
+          if (p.child.exitCode === null) {
+            try {
+              p.child.kill("SIGKILL");
+            } catch {
+            }
+          }
+        }, graceMs);
+        fallback.unref?.();
+      } else {
+        try {
+          p.child.kill(force ? "SIGKILL" : "SIGTERM");
+        } catch {
+        }
       }
       p.killed = true;
       return true;
@@ -425,6 +462,7 @@ var MAX_OUTPUT = 32768;
 var DEFAULT_TIMEOUT_MS = 3e5;
 var STREAM_FLUSH_INTERVAL_MS = 200;
 var STREAM_FLUSH_BYTES = 4 * 1024;
+var MAX_QUEUE_CHUNKS = 500;
 var bashTool = {
   name: "bash",
   category: "Shell",
@@ -472,7 +510,8 @@ var bashTool = {
   async *executeStream(input, ctx, opts) {
     if (!input?.command) throw new Error("bash: command is required");
     const registry = getProcessRegistry();
-    if (!registry.beforeCall()) {
+    const bypassBreaker = !!input.background;
+    if (!registry.beforeCall(bypassBreaker)) {
       yield {
         type: "final",
         output: {
@@ -485,6 +524,17 @@ var bashTool = {
       };
       return;
     }
+    const PIPE_TO_SHELL_PATTERN = /\|\s*(sh|bash|ksh|zsh|fish|cmd|powershell|pwsh)/i;
+    if (PIPE_TO_SHELL_PATTERN.test(input.command)) {
+      console.warn(JSON.stringify({
+        level: "warn",
+        event: "bash.pipe_to_shell_detected",
+        message: "Detected pipe-to-shell pattern. Consider reviewing the full command before confirming.",
+        command_prefix: input.command.slice(0, 100),
+        // Log first 100 chars for review
+        timestamp: (/* @__PURE__ */ new Date()).toISOString()
+      }));
+    }
     const timeoutMs = Math.max(1, Math.min(input.timeout_ms ?? DEFAULT_TIMEOUT_MS, 6e5));
     const isWin = os.platform() === "win32";
     const shell = (() => {
@@ -543,7 +593,7 @@ var bashTool = {
         }
       });
       child2.on("close", () => {
-        registry.afterCall(Date.now() - startedAt, false);
+        registry.afterCall(Date.now() - startedAt, false, bypassBreaker);
       });
       if (typeof pid2 === "number") child2.unref();
       yield {
@@ -562,7 +612,7 @@ var bashTool = {
       env,
       stdio: ["ignore", "pipe", "pipe"],
       detached,
-      signal: opts.signal
+      ...isWin ? {} : { signal: opts.signal }
     });
     const pid = child.pid;
     if (typeof pid === "number") {
@@ -581,9 +631,22 @@ var bashTool = {
     const timers = [];
     function killWithTimeout(child2, timeoutMs2) {
       if (isWin) {
-        try {
-          child2.kill();
-        } catch {
+        if (typeof child2.pid === "number" && child2.exitCode === null && killWin32Tree(child2.pid)) {
+          const fallback = setTimeout(() => {
+            if (child2.exitCode === null) {
+              try {
+                child2.kill();
+              } catch {
+              }
+            }
+          }, 2e3);
+          timers.push(fallback);
+          fallback.unref?.();
+        } else {
+          try {
+            child2.kill();
+          } catch {
+          }
         }
         return;
       }
@@ -622,6 +685,11 @@ var bashTool = {
     }, timeoutMs);
     timers.push(timer);
     timer.unref?.();
+    const onAbort = () => killWithTimeout(child, 2e3);
+    if (isWin) {
+      if (opts.signal.aborted) onAbort();
+      else opts.signal.addEventListener("abort", onAbort, { once: true });
+    }
     const queue = [];
     let resolveNext = null;
     const push = (c) => {
@@ -646,18 +714,32 @@ var bashTool = {
       lastFlush = Date.now();
       return text;
     };
-    child.stdout?.on("data", (chunk) => {
-      const text = chunk.toString();
-      buf += text;
-      pending += text;
-      push({ kind: "data", text });
-    });
-    child.stderr?.on("data", (chunk) => {
+    let paused = false;
+    const pauseIfFlooded = () => {
+      if (!paused && queue.length >= MAX_QUEUE_CHUNKS) {
+        paused = true;
+        child.stdout?.pause();
+        child.stderr?.pause();
+      }
+    };
+    const resumeIfDrained = () => {
+      if (paused && queue.length < MAX_QUEUE_CHUNKS) {
+        paused = false;
+        child.stdout?.resume();
+        child.stderr?.resume();
+      }
+    };
+    const onData = (chunk) => {
       const text = chunk.toString();
-      buf += text;
+      if (buf.length < MAX_OUTPUT) {
+        buf += text.slice(0, MAX_OUTPUT - buf.length);
+      }
       pending += text;
       push({ kind: "data", text });
-    });
+      pauseIfFlooded();
+    };
+    child.stdout?.on("data", onData);
+    child.stderr?.on("data", onData);
     child.on("error", (err) => {
       for (const t of timers) clearTimeout(t);
       registry.afterCall(Date.now() - startedAt, true);
@@ -672,6 +754,7 @@ var bashTool = {
     try {
       while (true) {
         const c = await next();
+        resumeIfDrained();
         if (c.kind === "error") throw c.err;
         if (c.kind === "end") {
           const remainder = flush();
@@ -696,6 +779,15 @@ var bashTool = {
       }
     } finally {
       for (const t of timers) clearTimeout(t);
+      if (isWin) opts.signal.removeEventListener("abort", onAbort);
+      child.stdout?.off("data", onData);
+      child.stderr?.off("data", onData);
+      child.stdout?.destroy();
+      child.stderr?.destroy();
+      if (child.exitCode === null && !child.killed) {
+        if (typeof pid === "number") registry.kill(pid, { force: true });
+        else killWithTimeout(child, 2e3);
+      }
     }
   }
 };