al-sem 0.0.1

package/src/cli/format-html.ts

@@ -0,0 +1,503 @@
+import type { AnalyzeWorkspaceResult } from "../index.ts";
+import type { ObjectDecl, Routine, Table } from "../model/entities.ts";
+import type { Finding } from "../model/finding.ts";
+import type { EventSymbol } from "../model/graph.ts";
+import type { SourceAnchor } from "../model/identity.ts";
+import type { SemanticModel } from "../model/model.ts";
+
+const SEV_ORDER = ["critical", "high", "medium", "low", "info"] as const;
+type Sev = (typeof SEV_ORDER)[number];
+
+// Committed severity palette (OKLCH). Severity IS the data, so it carries color.
+const SEV_COLOR: Record<Sev, string> = {
+	critical: "oklch(0.52 0.20 25)",
+	high: "oklch(0.62 0.18 45)",
+	medium: "oklch(0.74 0.14 80)",
+	low: "oklch(0.62 0.11 240)",
+	info: "oklch(0.62 0.02 255)",
+};
+
+// Tally digit foreground per severity. Amber `medium` needs dark text for
+// WCAG contrast; the darker fills read fine with near-white.
+const SEV_FG: Record<Sev, string> = {
+	critical: "oklch(0.99 0 0)",
+	high: "oklch(0.99 0 0)",
+	medium: "oklch(0.26 0.04 80)",
+	low: "oklch(0.99 0 0)",
+	info: "oklch(0.99 0 0)",
+};
+
+const CONF_COLOR: Record<string, string> = {
+	confirmed: "oklch(0.58 0.13 150)",
+	likely: "oklch(0.60 0.11 240)",
+	possible: "oklch(0.72 0.13 80)",
+};
+
+// Fixed code-unit comparator — deterministic across locales/ICU versions,
+// unlike String.prototype.localeCompare (byte-stable output is a contract).
+const cmp = (a: string, b: string): number => (a < b ? -1 : a > b ? 1 : 0);
+
+const SAFETY_RANK = { high: 3, medium: 2, low: 1 } as const;
+
+function h(s: string): string {
+	return s
+		.replace(/&/g, "&amp;")
+		.replace(/</g, "&lt;")
+		.replace(/>/g, "&gt;")
+		.replace(/"/g, "&quot;")
+		.replace(/'/g, "&#39;");
+}
+
+function shortFile(sourceUnitId: string): string {
+	const colon = sourceUnitId.indexOf(":");
+	return colon >= 0 ? sourceUnitId.slice(colon + 1) : sourceUnitId;
+}
+
+function trunc(s: string, n: number): string {
+	return s.length > n ? `${s.slice(0, n - 1)}…` : s;
+}
+
+interface Maps {
+	routines: Map<string, Routine>;
+	objects: Map<string, ObjectDecl>;
+	tables: Map<string, Table>;
+}
+
+function buildMaps(model: SemanticModel): Maps {
+	return {
+		routines: new Map(model.routines.map((r) => [r.id, r])),
+		objects: new Map(model.objects.map((o) => [o.id, o])),
+		tables: new Map(model.tables.map((t) => [t.id, t])),
+	};
+}
+
+function routineLabel(routineId: string, m: Maps): string {
+	const r = m.routines.get(routineId);
+	if (!r) return trunc(routineId, 24);
+	const o = m.objects.get(r.objectId);
+	return o ? `${o.name} :: ${r.name}` : r.name;
+}
+
+function tableLabel(tableId: string, m: Maps): string {
+	const t = m.tables.get(tableId);
+	if (t) return t.name;
+	const parts = tableId.split("/");
+	return parts[parts.length - 1] ?? tableId;
+}
+
+function anchorLine(a: SourceAnchor): string {
+	return `${shortFile(a.sourceUnitId)}:${a.range.startLine + 1}`;
+}
+
+// One evidence-path node. The last node is the culprit (terminal op).
+function renderFlow(finding: Finding, m: Maps): string {
+	const steps = finding.evidencePath;
+	if (steps.length === 0) return "";
+	const nodes = steps
+		.map((step, i) => {
+			const last = i === steps.length - 1;
+			const badge = step.loopId
+				? `<span class="badge badge-loop">↻ loop</span>`
+				: step.callsiteId
+					? `<span class="badge badge-call">calls</span>`
+					: last
+						? `<span class="badge badge-op">db op</span>`
+						: "";
+			return `
+      <li class="flow-step${last ? " is-terminal" : ""}">
+        <span class="flow-rail"><span class="flow-dot"></span></span>
+        <span class="flow-body">
+          <span class="flow-head">${h(routineLabel(step.routineId, m))} ${badge}</span>
+          <span class="flow-note">${h(step.note)}</span>
+          <span class="flow-loc">${h(anchorLine(step.sourceAnchor))}</span>
+        </span>
+      </li>`;
+		})
+		.join("");
+	const extra = finding.additionalPaths?.length
+		? `<p class="flow-extra">+ ${finding.additionalPaths.length} other path${
+				finding.additionalPaths.length === 1 ? "" : "s"
+			} reach the same operation</p>`
+		: "";
+	return `<ol class="flow">${nodes}</ol>${extra}`;
+}
+
+function renderFinding(finding: Finding, m: Maps, coLocated: string[]): string {
+	const sev = finding.severity;
+	const conf = finding.confidence;
+	const confColor = CONF_COLOR[conf.level] ?? CONF_COLOR.possible;
+	const capped = conf.cappedBy?.length ? ` · capped by ${conf.cappedBy.join(", ")}` : "";
+	const tables = finding.affectedTables
+		.map((t) => `<span class="chip">${h(tableLabel(t, m))}</span>`)
+		.join("");
+	const fixes = [...finding.fixOptions]
+		.sort((a, b) => SAFETY_RANK[b.safety] - SAFETY_RANK[a.safety])
+		.map(
+			(f) =>
+				`<li><span class="safety safety-${f.safety}">${f.safety}</span> ${h(f.description)}</li>`,
+		)
+		.join("");
+	const co = coLocated.length
+		? `<div class="co">co-located: ${coLocated.map((d) => `<code>${h(d)}</code>`).join(" ")}</div>`
+		: "";
+
+	return `
+  <article class="finding" data-sev="${sev}" style="--sev:${SEV_COLOR[sev]}">
+    <header class="finding-head">
+      <span class="sev-dot"></span>
+      <code class="detector">${h(finding.detector)}</code>
+      <h3>${h(finding.title)}</h3>
+      <span class="conf" style="--conf:${confColor}">${h(conf.level)}${h(capped)}</span>
+    </header>
+    <p class="root-cause">${h(finding.rootCause)}</p>
+    ${renderFlow(finding, m)}
+    ${tables ? `<div class="tables"><span class="lbl">writes</span>${tables}</div>` : ""}
+    ${fixes ? `<details class="fix"><summary>Fix options</summary><ul>${fixes}</ul></details>` : ""}
+    ${co}
+  </article>`;
+}
+
+// Tri-column event graph: publishers → events → subscribers.
+function renderEventGraph(model: SemanticModel, m: Maps): string {
+	if (model.eventGraph.events.length === 0) return "";
+	const events = [...model.eventGraph.events].sort(
+		(a, b) =>
+			cmp(a.eventName, b.eventName) ||
+			cmp(a.publisherObjectId, b.publisherObjectId) ||
+			cmp(a.id, b.id),
+	);
+
+	const eventIds = new Set(events.map((e) => e.id));
+	const graphEdges = model.eventGraph.edges.filter((e) => eventIds.has(e.eventId));
+	const subscriberCount = new Set(graphEdges.map((e) => e.subscriberRoutineId)).size;
+
+	// Inline-SVG render budget. Past these, the SVG becomes an unreadable hairball;
+	// emit an explanatory note instead of silently dropping the section.
+	const MAX_EVENTS = 40;
+	const MAX_EDGES = 500;
+	const MAX_SUBSCRIBERS = 200;
+	if (
+		events.length > MAX_EVENTS ||
+		graphEdges.length > MAX_EDGES ||
+		subscriberCount > MAX_SUBSCRIBERS
+	) {
+		return `
+  <section class="graph-wrap">
+    <h2>Event graph</h2>
+    <p class="sub">Graph omitted: ${events.length} events · ${graphEdges.length} links · ${subscriberCount} subscribers exceed the inline render limit (${MAX_EVENTS}/${MAX_EDGES}/${MAX_SUBSCRIBERS}). Use <code>events fanout</code> / <code>events chains</code> for the full data.</p>
+  </section>`;
+	}
+
+	const subsByEvent = new Map<string, string[]>();
+	for (const e of graphEdges) {
+		const arr = subsByEvent.get(e.eventId) ?? [];
+		arr.push(e.subscriberRoutineId);
+		subsByEvent.set(e.eventId, arr);
+	}
+	// Deterministic subscriber order per event (edge order is not output-stable).
+	for (const ids of subsByEvent.values()) {
+		ids.sort((a, b) => cmp(routineLabel(a, m), routineLabel(b, m)) || cmp(a, b));
+	}
+
+	// Publisher column = the owning object (codeunit). Multiple events from one
+	// codeunit collapse to a single node, so its true fan-out is visible. Fall
+	// back to the stable object id (not a shared literal) if the object is missing.
+	const pubLabel = (ev: EventSymbol): string =>
+		m.objects.get(ev.publisherObjectId)?.name ?? ev.publisherObjectId;
+
+	// Distinct nodes per column, deterministic order.
+	const pubs = [...new Set(events.map(pubLabel))].sort(cmp);
+	const subSet = new Set<string>();
+	for (const subs of subsByEvent.values()) for (const s of subs) subSet.add(routineLabel(s, m));
+	const subsCol = [...subSet].sort(cmp);
+
+	const ROW = 46;
+	const NODE_H = 30;
+	const W = 1040;
+	const colX = { pub: 16, ev: 400, sub: 760 };
+	const colW = { pub: 250, ev: 250, sub: 264 };
+	const rows = Math.max(pubs.length, events.length, subsCol.length, 1);
+	const H = rows * ROW + 40;
+	const yOf = (i: number, count: number): number => {
+		const blockH = count * ROW;
+		const top = (H - blockH) / 2 + 20;
+		return top + i * ROW;
+	};
+	const pubY = new Map(pubs.map((p, i) => [p, yOf(i, pubs.length)]));
+	const subY = new Map(subsCol.map((s, i) => [s, yOf(i, subsCol.length)]));
+
+	const edges: string[] = [];
+	const nodes: string[] = [];
+
+	events.forEach((ev, i) => {
+		const ey = yOf(i, events.length);
+		const subs = subsByEvent.get(ev.id) ?? [];
+		const dead = subs.length === 0;
+		const evCenterY = ey + NODE_H / 2;
+
+		// publisher -> event
+		const py = (pubY.get(pubLabel(ev)) ?? ey) + NODE_H / 2;
+		edges.push(bezier(colX.pub + colW.pub, py, colX.ev, evCenterY, "oklch(0.78 0.02 255)"));
+
+		// event -> subscribers
+		for (const s of subs) {
+			const sl = routineLabel(s, m);
+			const sy = (subY.get(sl) ?? ey) + NODE_H / 2;
+			edges.push(bezier(colX.ev + colW.ev, evCenterY, colX.sub, sy, "oklch(0.7 0.08 240)"));
+		}
+
+		const fill = dead ? "oklch(0.96 0.04 25)" : "oklch(0.97 0.02 240)";
+		const stroke = dead ? SEV_COLOR.high : "oklch(0.62 0.10 240)";
+		nodes.push(
+			node(
+				colX.ev,
+				ey,
+				colW.ev,
+				NODE_H,
+				trunc(ev.eventName, 30),
+				fill,
+				stroke,
+				dead ? `${subs.length} subs` : `${subs.length}`,
+				dead,
+				ev.eventName,
+			),
+		);
+	});
+
+	for (const p of pubs) {
+		const y = pubY.get(p) ?? 0;
+		nodes.push(
+			node(
+				colX.pub,
+				y,
+				colW.pub,
+				NODE_H,
+				trunc(p, 30),
+				"oklch(0.98 0.005 255)",
+				"oklch(0.78 0.02 255)",
+				undefined,
+				false,
+				p,
+			),
+		);
+	}
+	for (const s of subsCol) {
+		const y = subY.get(s) ?? 0;
+		nodes.push(
+			node(
+				colX.sub,
+				y,
+				colW.sub,
+				NODE_H,
+				trunc(s, 32),
+				"oklch(0.98 0.01 240)",
+				"oklch(0.7 0.08 240)",
+				undefined,
+				false,
+				s,
+			),
+		);
+	}
+
+	const headers = `
+    <text x="${colX.pub}" y="16" class="g-col">PUBLISHER</text>
+    <text x="${colX.ev}" y="16" class="g-col">EVENT</text>
+    <text x="${colX.sub}" y="16" class="g-col">SUBSCRIBER</text>`;
+
+	return `
+  <section class="graph-wrap">
+    <h2>Event graph</h2>
+    <p class="sub">Publishers fan out to subscribers across files. Events outlined in red have no subscribers (dead extension points).</p>
+    <svg viewBox="0 0 ${W} ${H}" class="evgraph" role="img" aria-label="Event publisher to subscriber graph">
+      ${headers}
+      ${edges.join("\n      ")}
+      ${nodes.join("\n      ")}
+    </svg>
+  </section>`;
+}
+
+function bezier(x1: number, y1: number, x2: number, y2: number, color: string): string {
+	const mx = (x1 + x2) / 2;
+	return `<path d="M ${x1} ${y1} C ${mx} ${y1}, ${mx} ${y2}, ${x2} ${y2}" fill="none" stroke="${color}" stroke-width="1.5" opacity="0.7"/>`;
+}
+
+function node(
+	x: number,
+	y: number,
+	w: number,
+	hgt: number,
+	label: string,
+	fill: string,
+	stroke: string,
+	tag?: string,
+	dead?: boolean,
+	full?: string,
+): string {
+	const tagSvg = tag
+		? `<text x="${x + w - 8}" y="${y + hgt / 2 + 4}" class="g-tag" text-anchor="end" fill="${dead ? SEV_COLOR.high : "oklch(0.55 0.02 255)"}">${h(tag)}</text>`
+		: "";
+	return `<g class="g-node"><title>${h(full ?? label)}</title><rect x="${x}" y="${y}" width="${w}" height="${hgt}" rx="7" fill="${fill}" stroke="${stroke}" stroke-width="1.5"/><text x="${x + 12}" y="${y + hgt / 2 + 4}" class="g-label">${h(label)}</text>${tagSvg}</g>`;
+}
+
+const STYLE = `
+:root{
+  --bg:oklch(0.99 0.004 255);--surface:oklch(1 0 0);--border:oklch(0.91 0.008 255);
+  --ink:oklch(0.30 0.02 260);--muted:oklch(0.52 0.015 260);--accent:oklch(0.55 0.14 262);
+  --mono:"SFMono-Regular",ui-monospace,"JetBrains Mono",Menlo,Consolas,monospace;
+  --sans:ui-sans-serif,system-ui,-apple-system,"Segoe UI",Roboto,Helvetica,Arial,sans-serif;
+}
+*{box-sizing:border-box}
+body{margin:0;background:var(--bg);color:var(--ink);font-family:var(--sans);line-height:1.5;
+  -webkit-font-smoothing:antialiased}
+.wrap{max-width:1080px;margin:0 auto;padding:48px 28px 96px}
+.masthead{display:flex;flex-wrap:wrap;align-items:baseline;gap:8px 16px;
+  border-bottom:1px solid var(--border);padding-bottom:20px;margin-bottom:8px}
+.masthead h1{font-size:1.7rem;font-weight:680;letter-spacing:-0.02em;margin:0}
+.masthead h1 b{color:var(--accent)}
+.masthead .app{font-family:var(--mono);font-size:0.85rem;color:var(--muted)}
+.coverage{color:var(--muted);font-size:0.84rem;margin:14px 0 26px}
+.tally{display:flex;height:34px;border-radius:8px;overflow:hidden;border:1px solid var(--border);margin-bottom:6px}
+.tally span{display:flex;align-items:center;justify-content:center;color:oklch(0.99 0 0);
+  font-size:0.78rem;font-weight:600;min-width:34px;font-variant-numeric:tabular-nums}
+.tally-legend{display:flex;flex-wrap:wrap;gap:14px;font-size:0.78rem;color:var(--muted);margin-bottom:40px}
+.tally-legend i{display:inline-block;width:9px;height:9px;border-radius:3px;margin-right:5px;vertical-align:baseline}
+.sev-group{margin:0 0 14px}
+.sev-group>h2{font-size:0.78rem;text-transform:uppercase;letter-spacing:0.1em;color:var(--muted);
+  font-weight:700;margin:34px 0 12px}
+.finding{background:var(--surface);border:1px solid var(--border);border-radius:12px;
+  padding:18px 20px;margin:0 0 14px}
+.finding-head{display:flex;align-items:center;gap:10px;flex-wrap:wrap}
+.sev-dot{width:11px;height:11px;border-radius:50%;background:var(--sev);flex:none;
+  box-shadow:0 0 0 4px color-mix(in oklch,var(--sev) 16%,transparent)}
+.detector{font-family:var(--mono);font-size:0.76rem;color:var(--muted);
+  background:oklch(0.96 0.006 260);padding:2px 7px;border-radius:5px}
+.finding-head h3{font-size:1.02rem;font-weight:620;margin:0;flex:1 1 auto;letter-spacing:-0.01em}
+.conf{font-size:0.72rem;font-weight:600;color:var(--conf);
+  border:1px solid color-mix(in oklch,var(--conf) 40%,transparent);
+  background:color-mix(in oklch,var(--conf) 10%,transparent);padding:2px 9px;border-radius:20px;white-space:nowrap}
+.root-cause{color:var(--ink);margin:11px 0 4px;max-width:74ch}
+.flow{list-style:none;margin:16px 0 4px;padding:0}
+.flow-step{display:flex;gap:14px;position:relative}
+.flow-rail{flex:none;width:14px;display:flex;justify-content:center;position:relative}
+.flow-rail::before{content:"";position:absolute;top:0;bottom:0;width:2px;background:var(--border)}
+.flow-step:first-child .flow-rail::before{top:11px}
+.flow-step:last-child .flow-rail::before{bottom:calc(100% - 11px)}
+.flow-dot{width:11px;height:11px;border-radius:50%;background:var(--surface);
+  border:2px solid var(--muted);margin-top:5px;z-index:1}
+.flow-step.is-terminal .flow-dot{background:var(--sev);border-color:var(--sev);
+  box-shadow:0 0 0 4px color-mix(in oklch,var(--sev) 16%,transparent)}
+.flow-body{display:flex;flex-direction:column;padding-bottom:18px;gap:1px}
+.flow-head{font-weight:580;font-size:0.92rem}
+.flow-note{color:var(--muted);font-size:0.86rem}
+.flow-loc{font-family:var(--mono);font-size:0.76rem;color:var(--accent)}
+.flow-extra{color:var(--muted);font-size:0.8rem;margin:2px 0 0 28px}
+.badge{font-size:0.66rem;font-weight:700;text-transform:uppercase;letter-spacing:0.04em;
+  padding:1px 6px;border-radius:5px;vertical-align:middle;margin-left:4px}
+.badge-loop{background:oklch(0.93 0.06 80);color:oklch(0.45 0.12 70)}
+.badge-call{background:oklch(0.95 0.01 260);color:var(--muted)}
+.badge-op{background:color-mix(in oklch,var(--sev) 18%,transparent);color:var(--sev)}
+.tables{display:flex;align-items:center;flex-wrap:wrap;gap:6px;margin:12px 0 2px}
+.tables .lbl{font-size:0.72rem;text-transform:uppercase;letter-spacing:0.06em;color:var(--muted);margin-right:2px}
+.chip{font-family:var(--mono);font-size:0.76rem;background:oklch(0.96 0.01 260);
+  border:1px solid var(--border);padding:2px 8px;border-radius:6px}
+.fix{margin-top:12px}
+.fix summary{font-size:0.84rem;font-weight:600;cursor:pointer;color:var(--accent)}
+.fix ul{margin:8px 0 0;padding-left:2px;list-style:none}
+.fix li{margin:6px 0;font-size:0.88rem;color:var(--ink)}
+.safety{font-size:0.66rem;font-weight:700;text-transform:uppercase;padding:1px 6px;border-radius:5px;margin-right:6px}
+.safety-high{background:oklch(0.92 0.07 150);color:oklch(0.42 0.12 155)}
+.safety-medium{background:oklch(0.93 0.06 80);color:oklch(0.45 0.12 70)}
+.safety-low{background:oklch(0.93 0.05 30);color:oklch(0.48 0.14 30)}
+.co{margin-top:11px;font-size:0.78rem;color:var(--muted)}
+.co code{font-family:var(--mono);background:oklch(0.96 0.006 260);padding:1px 5px;border-radius:4px}
+.graph-wrap{margin-top:56px;border-top:1px solid var(--border);padding-top:8px}
+.graph-wrap h2{font-size:1.15rem;font-weight:640;letter-spacing:-0.01em;margin:24px 0 4px}
+.graph-wrap .sub{color:var(--muted);font-size:0.86rem;margin:0 0 18px;max-width:70ch}
+.evgraph{width:100%;height:auto;background:var(--surface);border:1px solid var(--border);border-radius:12px;padding:8px}
+.g-col{font-family:var(--sans);font-size:11px;font-weight:700;letter-spacing:0.1em;fill:oklch(0.6 0.02 260)}
+.g-label{font-family:var(--sans);font-size:12.5px;font-weight:540;fill:var(--ink)}
+.g-tag{font-family:var(--mono);font-size:11px;font-weight:700}
+.empty{color:var(--muted);font-style:italic;margin:40px 0}
+.wrap footer{margin-top:56px;color:var(--muted);font-size:0.78rem;border-top:1px solid var(--border);padding-top:16px}
+`;
+
+export function formatHtml(result: AnalyzeWorkspaceResult): string {
+	const m = buildMaps(result.model);
+	const findings = result.findings;
+	const cov = result.model.coverage;
+	const id = result.model.identity;
+	const app = id.primaryApp;
+
+	const counts: Record<Sev, number> = { critical: 0, high: 0, medium: 0, low: 0, info: 0 };
+	for (const f of findings) counts[f.severity]++;
+	const total = findings.length || 1;
+
+	// co-location map: file:line:col -> detectors
+	const locKey = (f: Finding): string =>
+		`${f.primaryLocation.sourceUnitId}:${f.primaryLocation.range.startLine}:${f.primaryLocation.range.startColumn}`;
+	const byLoc = new Map<string, string[]>();
+	for (const f of findings) {
+		const arr = byLoc.get(locKey(f)) ?? [];
+		arr.push(f.detector);
+		byLoc.set(locKey(f), arr);
+	}
+
+	const tally = SEV_ORDER.filter((s) => counts[s] > 0)
+		.map(
+			(s) =>
+				`<span style="flex:${counts[s]};background:${SEV_COLOR[s]};color:${SEV_FG[s]}" title="${s}">${counts[s]}</span>`,
+		)
+		.join("");
+	const legend = SEV_ORDER.map(
+		(s) => `<span><i style="background:${SEV_COLOR[s]}"></i>${s} ${counts[s]}</span>`,
+	).join("");
+
+	const groups = SEV_ORDER.map((sev) => {
+		const fs = findings.filter((f) => f.severity === sev);
+		if (fs.length === 0) return "";
+		const cards = fs
+			.map((f) => {
+				const co = (byLoc.get(locKey(f)) ?? []).filter((d) => d !== f.detector);
+				return renderFinding(f, m, [...new Set(co)]);
+			})
+			.join("");
+		return `<section class="sev-group"><h2>${sev} (${fs.length})</h2>${cards}</section>`;
+	}).join("");
+
+	const body =
+		findings.length === 0
+			? `<p class="empty">No findings. (Absence of a finding is not absence of a problem — see coverage.)</p>`
+			: groups;
+
+	const appLine = app
+		? `<span class="app">${h(app.name)} · ${h(app.version)} · ${h(app.publisher)}</span>`
+		: "";
+
+	return `<!doctype html>
+<html lang="en">
+<head>
+<meta charset="utf-8">
+<meta name="viewport" content="width=device-width,initial-scale=1">
+<title>al-sem report${app ? ` — ${h(app.name)}` : ""}</title>
+<style>${STYLE}</style>
+</head>
+<body>
+<div class="wrap">
+  <div class="masthead">
+    <h1><b>al-sem</b> analysis report</h1>
+    ${appLine}
+  </div>
+  <div class="coverage">
+    ${cov.routinesTotal} routines (${cov.routinesBodyAvailable} with bodies, ${cov.routinesParseIncomplete.length} parse-incomplete) ·
+    ${cov.sourceUnitsParsed}/${cov.sourceUnitsTotal} source units parsed ·
+    ${cov.opaqueApps.length} opaque app(s)
+  </div>
+  <div class="tally">${tally}</div>
+  <div class="tally-legend">${legend}</div>
+  ${body}
+  ${renderEventGraph(result.model, m)}
+  <footer>Generated by al-sem · static semantic analysis for AL · ${findings.length} finding(s)</footer>
+</div>
+</body>
+</html>`;
+}

package/src/cli/format-json.ts

@@ -0,0 +1,13 @@
+import type { AnalyzeWorkspaceResult } from "../index.ts";
+
+/** Serialise the full analysis result as pretty-printed JSON.
+ * @deprecated Debug-only — can exceed 500 MB. Use `formatCompactJson` for normal output.
+ *             Wire via `--dump-model` in the CLI, never as the default output.
+ */
+export function formatFullModelJson(result: AnalyzeWorkspaceResult): string {
+	return JSON.stringify(
+		{ model: result.model, findings: result.findings, diagnostics: result.diagnostics },
+		null,
+		2,
+	);
+}

package/src/cli/format-policy.ts

@@ -0,0 +1,95 @@
+import type { PolicyRunResult } from "../policy/policy-types.ts";
+
+export interface FormatPolicyOptions {
+	format: "human" | "json" | "sarif";
+	deterministic?: boolean;
+	alsemVersion?: string;
+}
+
+export function formatPolicy(result: PolicyRunResult, opts: FormatPolicyOptions): string {
+	if (opts.format === "json") {
+		return JSON.stringify(
+			{
+				al_sem_version: opts.alsemVersion ?? "0.0.0",
+				generated_at: opts.deterministic ? "0" : new Date().toISOString(),
+				kind: "policy.check",
+				policySource: result.policySource,
+				policyVersion: result.policyVersion,
+				ruleSummaries: result.ruleSummaries,
+				findings: result.findings,
+				diagnostics: result.diagnostics,
+			},
+			undefined,
+			2,
+		);
+	}
+	if (opts.format === "sarif") {
+		return JSON.stringify(
+			{
+				$schema: "https://json.schemastore.org/sarif-2.1.0.json",
+				version: "2.1.0",
+				runs: [
+					{
+						tool: {
+							driver: {
+								name: "al-sem",
+								version: opts.alsemVersion ?? "0.0.0",
+								rules: result.ruleSummaries.map((s) => ({
+									id: `policy-${s.ruleId}`,
+									name: s.ruleId,
+								})),
+							},
+						},
+						results: result.findings.map((f) => ({
+							ruleId: f.detector,
+							message: { text: f.rootCause },
+							level:
+								f.severity === "info"
+									? "note"
+									: f.severity === "low"
+										? "note"
+										: f.severity === "medium"
+											? "warning"
+											: "error",
+							locations: [
+								{
+									physicalLocation: {
+										artifactLocation: { uri: f.primaryLocation.sourceUnitId },
+										region: {
+											startLine: f.primaryLocation.range.startLine,
+											startColumn: f.primaryLocation.range.startColumn,
+										},
+									},
+								},
+							],
+							fingerprints:
+								f.fingerprint !== undefined ? { "al-sem/v1": f.fingerprint } : undefined,
+						})),
+					},
+				],
+			},
+			undefined,
+			2,
+		);
+	}
+	// human
+	const lines: string[] = [];
+	lines.push(`Policy check — ${result.policySource}`);
+	lines.push("");
+	lines.push("Rule summaries:");
+	for (const s of result.ruleSummaries) {
+		lines.push(
+			`	${s.ruleId}: evaluated=${s.routinesEvaluated} matched=${s.routinesMatched} passed=${s.routinesPassed} skipped(coverage)=${s.routinesSkippedCoverage} skipped(unknown)=${s.routinesSkippedUnknown} findings=${s.findingsEmitted}`,
+		);
+	}
+	lines.push("");
+	if (result.findings.length === 0) {
+		lines.push("No policy findings.");
+	} else {
+		lines.push(`Findings (${result.findings.length}):`);
+		for (const f of result.findings) {
+			lines.push(`	[${f.severity}] ${f.detector} — ${f.title ?? f.rootCause}`);
+		}
+	}
+	return `${lines.join("\n")}\n`;
+}