npm - altimate-receipts - Versions diffs - 0.11.0 → 0.13.0 - Mend

altimate-receipts 0.11.0 → 0.13.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (14) hide show

package/dist/{chunk-RIY4BTDX.js → chunk-55AJDHKF.js} +2 -2
package/dist/{chunk-TG5QGFHQ.js → chunk-G3YX5FUS.js} +57 -5
package/dist/chunk-G3YX5FUS.js.map +1 -0
package/dist/{chunk-7HNNVNNT.js → chunk-WANHGYFY.js} +55 -15
package/dist/chunk-WANHGYFY.js.map +1 -0
package/dist/cli.js +10 -4
package/dist/cli.js.map +1 -1
package/dist/index.js +2 -2
package/dist/mcp/server.js +2 -2
package/package.json +1 -1
package/schema/agent-execution-receipt-v1.json +17 -0
package/dist/chunk-7HNNVNNT.js.map +0 -1
package/dist/chunk-TG5QGFHQ.js.map +0 -1
/package/dist/{chunk-RIY4BTDX.js.map → chunk-55AJDHKF.js.map} +0 -0

package/dist/{chunk-RIY4BTDX.js → chunk-55AJDHKF.js} RENAMED Viewed

@@ -7,7 +7,7 @@ import {
   loadSession,
   selectSummary,
   upsertSection
-} from "./chunk-TG5QGFHQ.js";
+} from "./chunk-G3YX5FUS.js";
 // src/report/sessions.ts
 async function deriveTargets(opts) {
@@ -259,4 +259,4 @@ export {
   renderTrends,
   upsertTrendsSection
 };
-//# sourceMappingURL=chunk-RIY4BTDX.js.map
+//# sourceMappingURL=chunk-55AJDHKF.js.map

package/dist/{chunk-TG5QGFHQ.js → chunk-G3YX5FUS.js} RENAMED Viewed

@@ -2727,7 +2727,11 @@ function deriveFindings(sum) {
       id: `destructive-${sp.spanId}`,
       severity: "critical",
       title: snippet ? `Destructive op: ${snippet}${times}` : `Destructive operation ran: ${sp.name}${times}`,
-      detail: `\`${clause.slice(0, 100)}\` is irreversible${sp.status === "error" ? " (it errored)" : ""}${count > 1 ? ` and ran ${count}\xD7` : ""}. Was this intended?`,
+      // M89 — scope-frame the largest noise bucket: a destructive op is a command the
+      // agent RAN (in its workspace / against infra), not an edit to a reviewed file —
+      // say so, and show the FULL command (not a 44-char title fragment) so the reviewer
+      // can verify what ran. R2: mechanism + "confirm it was intended", never a verdict.
+      detail: `The agent ran \`${truncateClause(clause, 200)}\` during the session \u2014 a command it executed, not an edit to a file in this PR. It's irreversible${sp.status === "error" ? " (it errored)" : ""}${count > 1 ? ` and ran ${count}\xD7` : ""} \u2014 confirm it was intended (e.g. a scratch/sandbox target), not a mistake on real data.`,
       impactLabel: "data-loss risk",
       confidence: 1,
       score: scoreOf("critical", 1, 1),
@@ -3196,6 +3200,48 @@ function sha256Hex(data) {
 // src/receipt/build.ts
 import { basename } from "path";
+// src/findings/coverageClass.ts
+var GENERATED_PATTERNS = [
+  // build / output / dependency directories (any depth)
+  /(?:^|\/)(?:dist|build|out|target|node_modules|__pycache__|\.next|\.turbo|\.nuxt|coverage|vendor)\//,
+  // lockfiles (regenerated, never hand-authored line-by-line)
+  /(?:^|\/)(?:package-lock\.json|yarn\.lock|pnpm-lock\.yaml|poetry\.lock|Cargo\.lock|composer\.lock|Gemfile\.lock|go\.sum|flake\.lock|uv\.lock)$/,
+  /\.lock$/,
+  // snapshot + generated-code markers
+  /\.snap$/,
+  /\.generated\.[a-z0-9]+$/i,
+  /(?:^|\/)[^/]*\.(?:pb|pb2)\.[a-z]+$/i,
+  // *.pb.go / *.pb.py
+  /_pb2(?:_grpc)?\.py$/,
+  // protobuf python
+  /\.g\.dart$/,
+  // dart codegen
+  /\.min\.(?:js|css)$/
+  // minified bundles
+];
+function classifyUncovered(path2, extraGenerated = []) {
+  const p = path2.replace(/^\.\//, "");
+  if (GENERATED_PATTERNS.some((re) => re.test(p)) || extraGenerated.some((re) => re.test(p))) {
+    return "generated";
+  }
+  return "unwitnessed";
+}
+function globsToRegexes(globs) {
+  if (!globs?.length) {
+    return [];
+  }
+  const out = [];
+  for (const raw of globs) {
+    const g = raw.trim();
+    if (!g) {
+      continue;
+    }
+    const body = g.replace(/[.+^${}()|[\]\\]/g, "\\$&").split("**").map((seg) => seg.replace(/\*/g, "[^/]*")).join(".*");
+    out.push(new RegExp(`(?:^|/)${body}$`));
+  }
+  return out;
+}
 // src/findings/testMetrics.ts
 var intAfter = (line, re) => {
   const m = line.match(re);
@@ -3405,12 +3451,17 @@ function deriveEvidence(session, sum, scope) {
     }
   }
   let coveredFiles;
+  let coverageGaps;
   if (scope?.kind === "diff" && scope.files?.length) {
     const touched = tools.filter((s) => isEditTool(s.name) || isReadTool(s.name)).map((s) => filePathOf(s.input)).filter((f) => !!f);
     const cmdTexts = commandSpans.map((s) => commandOf(s.input)).filter(Boolean);
-    coveredFiles = scope.files.filter(
-      (f) => touched.some((t) => samePath(t, f)) || cmdTexts.some((c) => commandMentionsFile(c, [f]))
-    ).length;
+    const isCovered = (f) => touched.some((t) => samePath(t, f)) || cmdTexts.some((c) => commandMentionsFile(c, [f]));
+    coveredFiles = scope.files.filter(isCovered).length;
+    const uncovered = [...scope.files].filter((f) => !isCovered(f)).sort();
+    if (uncovered.length) {
+      const extra = globsToRegexes(scope.generatedGlobs);
+      coverageGaps = uncovered.slice(0, 30).map((path2) => ({ path: path2, kind: classifyUncovered(path2, extra) }));
+    }
   }
   const tk = session.totals.tokens;
   return {
@@ -3420,6 +3471,7 @@ function deriveEvidence(session, sum, scope) {
     reads,
     destructiveOps: sum.destructiveCount,
     ...coveredFiles != null ? { coveredFiles } : {},
+    ...coverageGaps ? { coverageGaps } : {},
     testsRan,
     ...sum.diffCostUsd != null ? {
       // sub-cent costs keep 4dp — 2dp rounding recorded $0.004 work as $0.00
@@ -5163,4 +5215,4 @@ export {
   redact,
   redactReceipt
 };
-//# sourceMappingURL=chunk-TG5QGFHQ.js.map
+//# sourceMappingURL=chunk-G3YX5FUS.js.map