npm - auditor-lambda - Versions diffs - 0.10.3 → 0.10.7 - Mend

auditor-lambda 0.10.3 → 0.10.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (183) hide show

package/audit-code-wrapper-build.mjs +198 -0
package/audit-code-wrapper-install-hosts.mjs +1140 -0
package/audit-code-wrapper-io.mjs +155 -0
package/audit-code-wrapper-legacy.mjs +125 -0
package/audit-code-wrapper-lib.mjs +17 -1801
package/audit-code-wrapper-opencode.mjs +256 -0
package/dispatch/merge-results.mjs +5 -3
package/dispatch/validate-result.mjs +2 -2
package/dist/adapters/coverageSummary.js +6 -2
package/dist/adapters/normalizeExternal.js +16 -1
package/dist/adapters/npmAudit.js +20 -9
package/dist/adapters/semgrep.js +26 -1
package/dist/cli/advanceAuditCommand.d.ts +1 -0
package/dist/cli/advanceAuditCommand.js +95 -0
package/dist/cli/args.js +1 -2
package/dist/cli/auditStep.js +2 -2
package/dist/cli/cleanup.d.ts +11 -1
package/dist/cli/cleanup.js +25 -5
package/dist/cli/cleanupCommand.d.ts +1 -0
package/dist/cli/cleanupCommand.js +24 -0
package/dist/cli/dispatch.d.ts +55 -31
package/dist/cli/dispatch.js +298 -241
package/dist/cli/dispatchStatusCommand.d.ts +1 -0
package/dist/cli/dispatchStatusCommand.js +68 -0
package/dist/cli/explainTaskCommand.d.ts +1 -0
package/dist/cli/explainTaskCommand.js +33 -0
package/dist/cli/importExternalAnalyzerCommand.d.ts +1 -0
package/dist/cli/importExternalAnalyzerCommand.js +20 -0
package/dist/cli/ingestResultsCommand.d.ts +1 -0
package/dist/cli/ingestResultsCommand.js +34 -0
package/dist/cli/intakeCommand.d.ts +1 -0
package/dist/cli/intakeCommand.js +17 -0
package/dist/cli/lineIndex.js +19 -12
package/dist/cli/nextStepCommand.d.ts +139 -0
package/dist/cli/nextStepCommand.js +281 -232
package/dist/cli/planCommand.d.ts +1 -0
package/dist/cli/planCommand.js +16 -0
package/dist/cli/prepareDispatchCommand.d.ts +1 -0
package/dist/cli/prepareDispatchCommand.js +25 -0
package/dist/cli/quotaCommand.d.ts +1 -0
package/dist/cli/quotaCommand.js +56 -0
package/dist/cli/requeueCommand.d.ts +1 -0
package/dist/cli/requeueCommand.js +10 -0
package/dist/cli/runToCompletion.js +451 -412
package/dist/cli/sampleRunCommand.d.ts +1 -0
package/dist/cli/sampleRunCommand.js +93 -0
package/dist/cli/statusCommand.js +1 -1
package/dist/cli/steps.js +4 -1
package/dist/cli/submitPacketCommand.js +16 -15
package/dist/cli/synthesizeCommand.d.ts +1 -0
package/dist/cli/synthesizeCommand.js +15 -0
package/dist/cli/updateRuntimeValidationCommand.d.ts +1 -0
package/dist/cli/updateRuntimeValidationCommand.js +16 -0
package/dist/cli/validateCommand.d.ts +1 -0
package/dist/cli/validateCommand.js +41 -0
package/dist/cli/validateResultCommand.d.ts +1 -0
package/dist/cli/validateResultCommand.js +63 -0
package/dist/cli/validateResultsCommand.d.ts +1 -0
package/dist/cli/validateResultsCommand.js +31 -0
package/dist/cli/workerRunCommand.d.ts +15 -1
package/dist/cli/workerRunCommand.js +40 -4
package/dist/cli.d.ts +3 -2
package/dist/cli.js +21 -628
package/dist/coverage.js +7 -3
package/dist/extractors/analyzers/css.js +2 -2
package/dist/extractors/analyzers/html.js +2 -2
package/dist/extractors/analyzers/python.js +2 -2
package/dist/extractors/analyzers/registry.js +17 -36
package/dist/extractors/analyzers/treeSitter.d.ts +10 -1
package/dist/extractors/analyzers/treeSitter.js +28 -6
package/dist/extractors/analyzers/typescript.js +104 -85
package/dist/extractors/browserExtension.js +4 -1
package/dist/extractors/designAssessment.js +21 -21
package/dist/extractors/fsIntake.js +34 -10
package/dist/extractors/graph.js +17 -7
package/dist/extractors/graphManifestEdges/cargo.d.ts +4 -0
package/dist/extractors/graphManifestEdges/cargo.js +107 -0
package/dist/extractors/graphManifestEdges/go.d.ts +5 -0
package/dist/extractors/graphManifestEdges/go.js +151 -0
package/dist/extractors/graphManifestEdges/index.d.ts +8 -0
package/dist/extractors/graphManifestEdges/index.js +11 -0
package/dist/extractors/graphManifestEdges/jsonc.d.ts +3 -0
package/dist/extractors/graphManifestEdges/jsonc.js +97 -0
package/dist/extractors/graphManifestEdges/maven.d.ts +3 -0
package/dist/extractors/graphManifestEdges/maven.js +73 -0
package/dist/extractors/graphManifestEdges/packageJson.d.ts +19 -0
package/dist/extractors/graphManifestEdges/packageJson.js +204 -0
package/dist/extractors/graphManifestEdges/pnpm.d.ts +2 -0
package/dist/extractors/graphManifestEdges/pnpm.js +42 -0
package/dist/extractors/graphManifestEdges/pyproject.d.ts +3 -0
package/dist/extractors/graphManifestEdges/pyproject.js +83 -0
package/dist/extractors/graphManifestEdges/toml.d.ts +4 -0
package/dist/extractors/graphManifestEdges/toml.js +68 -0
package/dist/extractors/graphManifestEdges/typescript.d.ts +3 -0
package/dist/extractors/graphManifestEdges/typescript.js +56 -0
package/dist/extractors/graphManifestEdges/workspace.d.ts +10 -0
package/dist/extractors/graphManifestEdges/workspace.js +72 -0
package/dist/extractors/graphManifestEdges/yaml.d.ts +3 -0
package/dist/extractors/graphManifestEdges/yaml.js +59 -0
package/dist/extractors/graphManifestEdges/yamlPaths.d.ts +4 -0
package/dist/extractors/graphManifestEdges/yamlPaths.js +89 -0
package/dist/extractors/graphPythonImports.js +4 -20
package/dist/extractors/pathPatterns.js +3 -13
package/dist/io/artifacts.d.ts +1 -1
package/dist/io/artifacts.js +4 -1
package/dist/io/runArtifacts.d.ts +8 -2
package/dist/io/runArtifacts.js +103 -69
package/dist/io/toolingManifest.js +2 -1
package/dist/orchestrator/advance.js +36 -0
package/dist/orchestrator/artifactFreshness.d.ts +1 -1
package/dist/orchestrator/artifactFreshness.js +1 -1
package/dist/orchestrator/artifactMetadata.js +5 -5
package/dist/orchestrator/auditTaskUtils.d.ts +4 -0
package/dist/orchestrator/auditTaskUtils.js +8 -12
package/dist/orchestrator/autoFixExecutor.js +40 -26
package/dist/orchestrator/dependencyMap.js +1 -1
package/dist/orchestrator/executorResult.d.ts +33 -0
package/dist/orchestrator/executors.d.ts +7 -0
package/dist/orchestrator/executors.js +24 -0
package/dist/orchestrator/fileAnchors.js +42 -29
package/dist/orchestrator/fileIntegrity.js +6 -1
package/dist/orchestrator/flowCoverage.js +1 -2
package/dist/orchestrator/flowPlanning.js +8 -4
package/dist/orchestrator/graphEnrichmentExecutor.js +67 -45
package/dist/orchestrator/ingestionExecutors.js +9 -1
package/dist/orchestrator/intakeExecutors.d.ts +0 -4
package/dist/orchestrator/intakeExecutors.js +24 -14
package/dist/orchestrator/localCommands.d.ts +1 -0
package/dist/orchestrator/localCommands.js +10 -17
package/dist/orchestrator/nextStep.js +3 -1
package/dist/orchestrator/requeueCommand.js +4 -0
package/dist/orchestrator/reviewPacketGraph.js +50 -18
package/dist/orchestrator/reviewPackets.js +10 -8
package/dist/orchestrator/runtimeCommand.js +35 -7
package/dist/orchestrator/runtimeValidationUpdate.js +6 -0
package/dist/orchestrator/selectiveDeepening/highRiskClean.js +3 -2
package/dist/orchestrator/selectiveDeepening/lensVerification.js +44 -18
package/dist/orchestrator/staleness.js +3 -3
package/dist/orchestrator/state.js +1 -1
package/dist/orchestrator/syntaxResolutionExecutor.js +17 -24
package/dist/orchestrator/synthesisExecutors.js +1 -0
package/dist/orchestrator/taskBuilder.js +5 -4
package/dist/providers/claudeCodeProvider.js +4 -1
package/dist/providers/opencodeProvider.js +4 -1
package/dist/quota/discoveredLimits.js +3 -3
package/dist/quota/headerExtraction.js +5 -2
package/dist/quota/headerExtractors/claudeCodeHeaderExtractor.js +3 -0
package/dist/quota/headerExtractors/index.js +3 -3
package/dist/quota/index.d.ts +3 -1
package/dist/quota/index.js +3 -0
package/dist/reporting/findingRanks.d.ts +3 -0
package/dist/reporting/findingRanks.js +24 -0
package/dist/reporting/mergeFindings.js +1 -24
package/dist/reporting/synthesis.d.ts +3 -1
package/dist/reporting/synthesis.js +30 -6
package/dist/reporting/synthesisNarrativePrompt.js +3 -0
package/dist/reporting/workBlocks.js +1 -14
package/dist/supervisor/operatorHandoff.js +2 -6
package/dist/supervisor/runLedger.js +30 -41
package/dist/types/activeDispatch.d.ts +31 -0
package/dist/types/activeDispatch.js +2 -0
package/dist/types.d.ts +21 -4
package/dist/types.js +24 -16
package/dist/validation/artifacts.js +3 -0
package/dist/validation/auditResults.js +8 -2
package/package.json +2 -2
package/schemas/audit_findings.schema.json +5 -1
package/schemas/audit_plan_metrics.schema.json +1 -1
package/schemas/audit_result.schema.json +5 -6
package/schemas/audit_task.schema.json +1 -4
package/schemas/blind_spot_register.schema.json +1 -1
package/schemas/coverage_matrix.schema.json +2 -8
package/schemas/finding.schema.json +1 -16
package/schemas/flow_coverage.schema.json +2 -8
package/schemas/graph_bundle.schema.json +31 -0
package/schemas/lens.schema.json +7 -0
package/schemas/review_packets.schema.json +6 -17
package/schemas/step_contract.schema.json +8 -2
package/schemas/unit_manifest.schema.json +1 -4
package/scripts/postinstall.mjs +3 -1
package/skills/audit-code/audit-code.prompt.md +2 -3
package/dist/extractors/graphManifestEdges.d.ts +0 -12
package/dist/extractors/graphManifestEdges.js +0 -1135

package/dist/cli/dispatch.d.ts CHANGED Viewed

@@ -1,6 +1,8 @@
 import type { ProviderRateLimits, SessionConfig, DispatchModelHint } from "@audit-tools/shared";
+import type { DispatchResultMapEntry, DispatchResultMap } from "../types/activeDispatch.js";
 import type { ArtifactBundle } from "../io/artifacts.js";
 import type { AuditTask } from "../types.js";
+import { buildReviewPackets } from "../orchestrator/reviewPackets.js";
 export declare const LARGE_FILE_PACKET_TARGET_LINES = 2500;
 export declare const SMALL_MODEL_HINT_MAX_LINES = 500;
 export declare const SMALL_MODEL_HINT_MAX_ESTIMATED_TOKENS = 3000;
@@ -15,37 +17,8 @@ export interface DispatchComplexity {
     tags: string[];
     large_file_mode: boolean;
 }
-export declare const DISPATCH_RESULT_MAP_FILENAME = "dispatch-result-map.json";
-export declare const ACTIVE_DISPATCH_FILENAME = "active-dispatch.json";
-export interface ActiveDispatchState {
-    run_id: string;
-    created_at: string;
-    /** Emitted packets only (after canary/budget filtering). */
-    packet_count: number;
-    /** Tasks remaining this round (not-yet-done), not just emitted-packet tasks. */
-    task_count: number;
-    status: "active" | "merged";
-    /** "canary" on first contact when only the top packet was emitted; "fan_out" otherwise. */
-    phase: "canary" | "fan_out";
-    /** packet_id of the emitted canary packet when phase==="canary", else null. */
-    canary_packet_id: string | null;
-    /** Total packets that would have been emitted before a budget cap (present only when capped). */
-    budget_packet_count?: number;
-    /** packet_ids NOT emitted due to the budget cap. */
-    deferred_packet_ids?: string[];
-    /** task_ids NOT emitted due to the budget cap. */
-    deferred_task_ids?: string[];
-}
-export interface DispatchResultMapEntry {
-    packet_id: string;
-    task_id: string;
-    result_path: string;
-}
-export interface DispatchResultMap {
-    contract_version: "audit-code-dispatch-results/v1alpha1";
-    run_id: string;
-    entries: DispatchResultMapEntry[];
-}
+export type { ActiveDispatchState, DispatchResultMapEntry, DispatchResultMap, } from "../types/activeDispatch.js";
+export { DISPATCH_RESULT_MAP_FILENAME, ACTIVE_DISPATCH_FILENAME, } from "../types/activeDispatch.js";
 export declare const DEFAULT_DISPATCH_CONFIRM_THRESHOLD = 10;
 export interface DispatchFanout {
     agent_count: number;
@@ -118,6 +91,57 @@ export declare function buildDispatchComplexity(packet: {
 export declare function buildDispatchModelHint(complexity: DispatchComplexity): DispatchModelHint;
 export declare function withinRoot(root: string, path: string): string;
 export declare function buildPendingAuditTasks(bundle: ArtifactBundle): AuditTask[];
+interface FilterPacketsResult {
+    emitPackets: ReturnType<typeof buildReviewPackets>;
+    deferredPackets: ReturnType<typeof buildReviewPackets>;
+    phase: "canary" | "fan_out";
+    canaryPacketId: string | null;
+    doCanary: boolean;
+    /** Total packets after canary filtering, before the budget cap (needed by active-dispatch state). */
+    postCanaryCount: number;
+}
+/**
+ * Encapsulates the canary and budget-cap filtering logic.
+ * Returns the subset of packets to emit this round plus deferred packets and
+ * phase metadata.
+ */
+export declare function filterPackets(packets: ReturnType<typeof buildReviewPackets>, priorDispatchThisRun: boolean, sessionConfig: SessionConfig): FilterPacketsResult;
+/**
+ * Extracts the per-task flatMap that builds task section lines.
+ */
+export declare function buildTaskSections(packetTasks: AuditTask[], lensDefs: Record<string, {
+    description: string;
+    do_not_report: string;
+}>, lineIndex: Record<string, number>): string[];
+/**
+ * Wraps the 75-line array-join block and returns the assembled prompt string.
+ */
+export declare function buildPacketPrompt(params: {
+    packet: ReturnType<typeof buildReviewPackets>[number];
+    packetTasks: AuditTask[];
+    fileList: string;
+    largeFileSection: string[];
+    taskSections: string[];
+    submitCommand: string;
+}): string;
+/**
+ * Extracts the context-budget warning loop.
+ * Returns warnings for packets whose estimated token count exceeds the context budget.
+ * When confidence is 'low', returns an empty array (limits are unreliable).
+ */
+export declare function collectOversizedWarnings(plan: Array<{
+    packet_id: string;
+    complexity: DispatchComplexity;
+}>, waveSchedule: {
+    confidence: string;
+    resolved_limits: {
+        context_tokens: number;
+        output_tokens: number;
+    };
+}): Array<{
+    code: string;
+    message: string;
+}>;
 export declare function prepareDispatchArtifacts(params: {
     packageRoot: string;
     runId: string;