auditor-lambda 0.10.7 → 0.10.8

package/audit-code-wrapper-install-hosts.mjs

@@ -720,7 +720,7 @@ export async function installBootstrap(argv, options = {}) {
   );
   results.push(await writeGeneratedJson(installManifestPath, installManifest));
 
-  const sessionConfigPath = join(root, '.audit-artifacts', 'session-config.json');
+  const sessionConfigPath = join(root, '.audit-tools', 'audit', 'session-config.json');
   if (!(await fileExists(sessionConfigPath))) {
     const defaultConfig = { provider: 'local-subprocess' };
     await mkdir(dirname(sessionConfigPath), { recursive: true });

package/audit-code-wrapper-lib.mjs

@@ -123,7 +123,7 @@ function printHelp({ usageName, preferredEntrypoint }) {
     '- verify-install smoke-tests the generated host assets after install',
     '- mcp starts the local stdio MCP server for repo-local IDE integrations',
     '- install-host --host copilot keeps the narrower Copilot-focused install path available',
-    '- next-step advances deterministic audit state and writes .audit-artifacts/steps/current-step.json plus current-prompt.md',
+    '- next-step advances deterministic audit state and writes .audit-tools/audit/steps/current-step.json plus current-prompt.md',
     '- validate checks the current artifact bundle plus session-config/provider readiness and exits non-zero when issues exist',
     '- validate-results --results FILE validates AuditResult payloads against the active task manifest without ingesting them',
     '- explain-task <task_id> prints the resolved file coverage and current status for a task id',
@@ -141,7 +141,7 @@ function printHelp({ usageName, preferredEntrypoint }) {
     '',
     'Defaults:',
     '- --root .',
-    '- --artifacts-dir <root>/.audit-artifacts',
+    '- --artifacts-dir <root>/.audit-tools/audit',
     '',
     'Completion signals:',
     '- done: audit_state.status is complete',
@@ -166,7 +166,7 @@ async function printPromptPath() {
 async function runDistCommand(commandName, argv, { ensureArtifactsDir = false } = {}) {
   const commandArgs = [...argv];
   const rootValue = resolve(getFlag(commandArgs, '--root') ?? '.');
-  const artifactsDir = resolve(getFlag(commandArgs, '--artifacts-dir') ?? join(rootValue, '.audit-artifacts'));
+  const artifactsDir = resolve(getFlag(commandArgs, '--artifacts-dir') ?? join(rootValue, '.audit-tools', 'audit'));
 
   setDefaultFlag(commandArgs, '--root', rootValue);
   setDefaultFlag(commandArgs, '--artifacts-dir', artifactsDir);
@@ -184,7 +184,7 @@ async function runDistCommand(commandName, argv, { ensureArtifactsDir = false }
 async function runDistCommandInline(commandName, argv) {
   const commandArgs = [...argv];
   const rootValue = resolve(getFlag(commandArgs, '--root') ?? '.');
-  const artifactsDir = resolve(getFlag(commandArgs, '--artifacts-dir') ?? join(rootValue, '.audit-artifacts'));
+  const artifactsDir = resolve(getFlag(commandArgs, '--artifacts-dir') ?? join(rootValue, '.audit-tools', 'audit'));
 
   setDefaultFlag(commandArgs, '--root', rootValue);
   setDefaultFlag(commandArgs, '--artifacts-dir', artifactsDir);
@@ -305,7 +305,7 @@ export async function runAuditCodeWrapper({
     wrapperArgs.push('--single-step');
   }
   const rootValue = resolve(getFlag(wrapperArgs, '--root') ?? '.');
-  const artifactsDir = resolve(getFlag(wrapperArgs, '--artifacts-dir') ?? join(rootValue, '.audit-artifacts'));
+  const artifactsDir = resolve(getFlag(wrapperArgs, '--artifacts-dir') ?? join(rootValue, '.audit-tools', 'audit'));
 
   setDefaultFlag(wrapperArgs, '--root', rootValue);
   setDefaultFlag(wrapperArgs, '--artifacts-dir', artifactsDir);

package/audit-code-wrapper-opencode.mjs

@@ -1,8 +1,7 @@
 export const OPENCODE_AUDIT_EDIT_PERMISSION = {
   '*': 'ask',
   '.audit-code/**': 'allow',
-  '.audit-artifacts/**': 'allow',
-  'audit-report.md': 'allow',
+  '.audit-tools/**': 'allow',
 };
 
 export const OPENCODE_AUDIT_EXTERNAL_DIRECTORY_PERMISSION = { '*': 'allow' };
@@ -176,7 +175,7 @@ export function assertOpenCodeAuditPermissionConfig(permissionConfig, label) {
   if (!edit || typeof edit !== 'object' || Array.isArray(edit)) {
     throw new Error(`OpenCode ${label}.edit must allow audit-owned file paths. Run "audit-code install --host opencode".`);
   }
-  for (const pattern of ['.audit-code/**', '.audit-artifacts/**', 'audit-report.md']) {
+  for (const pattern of ['.audit-code/**', '.audit-tools/**']) {
     if (edit[pattern] !== 'allow') {
       throw new Error(`OpenCode ${label}.edit must allow ${pattern}. Run "audit-code install --host opencode".`);
     }

package/dist/cli/advanceAuditCommand.js

@@ -54,7 +54,7 @@ export async function cmdAdvanceAudit(argv) {
             providerName,
         });
         if (result.audit_state.status === "complete") {
-            await promoteFinalAuditReport({ artifactsDir, repoRoot: root });
+            await promoteFinalAuditReport({ artifactsDir });
         }
         return;
     }
@@ -90,6 +90,6 @@ export async function cmdAdvanceAudit(argv) {
         providerName,
     });
     if (result.audit_state.status === "complete") {
-        await promoteFinalAuditReport({ artifactsDir, repoRoot: root });
+        await promoteFinalAuditReport({ artifactsDir });
     }
 }

package/dist/cli/args.js

@@ -6,7 +6,7 @@ import { join, resolve } from "node:path";
 import { resolveFreshSessionProviderName } from "../providers/index.js";
 export const DIRECT_CLI_DEFAULTS = {
     rootDir: ".",
-    artifactsDir: ".artifacts",
+    artifactsDir: ".audit-tools/audit",
     maxRuns: 1000,
     agentBatchSize: 6,
     parallelWorkers: 1,

package/dist/cli/nextStepCommand.js

@@ -1,5 +1,5 @@
 import { mkdir, unlink, writeFile } from "node:fs/promises";
-import { join, resolve } from "node:path";
+import { dirname, join, resolve } from "node:path";
 import { isFileMissingError, readJsonFile, writeJsonFile, } from "@audit-tools/shared";
 import { loadArtifactBundle, promoteFinalAuditReport, writeCoreArtifacts, AUDIT_REPORT_FILENAME, } from "../io/artifacts.js";
 import { advanceAudit } from "../orchestrator/advance.js";
@@ -71,14 +71,13 @@ export async function buildTerminalStep(params, bundle, state, blockedReason) {
     }
     const promoted = await promoteFinalAuditReport({
         artifactsDir: params.artifactsDir,
-        repoRoot: params.root,
     });
     return {
         kind: "complete",
         state,
         bundle,
         finalReportPath: promoted.promoted
-            ? join(params.root, AUDIT_REPORT_FILENAME)
+            ? join(dirname(params.artifactsDir), AUDIT_REPORT_FILENAME)
             : join(params.artifactsDir, AUDIT_REPORT_FILENAME),
     };
 }
@@ -293,7 +292,6 @@ async function runDeterministicForNextStep(params) {
             });
             const promoted = await promoteFinalAuditReport({
                 artifactsDir: params.artifactsDir,
-                repoRoot: params.root,
             });
             return {
                 kind: "complete",

package/dist/cli/runToCompletion.js

@@ -671,7 +671,7 @@ async function handleNoExecutor(params) {
         providerName,
     });
     if (state.status === "complete") {
-        await promoteFinalAuditReport({ artifactsDir, repoRoot: root });
+        await promoteFinalAuditReport({ artifactsDir });
     }
 }
 async function runParallelWaveStep(params) {
@@ -869,7 +869,7 @@ async function handleMaxRunsReached(params) {
         providerName,
     });
     if (reportRendered) {
-        await promoteFinalAuditReport({ artifactsDir, repoRoot: root });
+        await promoteFinalAuditReport({ artifactsDir });
     }
 }
 export async function cmdRunToCompletion(argv) {

package/dist/extractors/fsIntake.js

@@ -10,7 +10,7 @@ const DEFAULT_IGNORES = [
     ".next",
     ".turbo",
     ".artifacts",
-    ".audit-artifacts",
+    ".audit-tools",
     ".audit-code/install",
     ".agent",
     ".claude",

package/dist/extractors/pathPatterns.js

@@ -204,7 +204,7 @@ export function isGeneratedTestArtifactPath(normalized) {
     return splitSegments(normalized).some((segment) => segment.startsWith(".test-") && segment.endsWith("-artifacts"));
 }
 export function isAuditArtifactPath(normalized) {
-    return hasSegment(normalized, ".audit-artifacts");
+    return hasSegment(normalized, ".audit-tools");
 }
 export function isTestPath(normalized) {
     const segments = splitSegments(normalized);

package/dist/io/artifacts.d.ts

@@ -103,7 +103,6 @@ export declare function writeCoreArtifacts(root: string, bundle: ArtifactBundle,
 export declare function cleanupIntermediateArtifacts(root: string): Promise<string[]>;
 export declare function promoteFinalAuditReport(params: {
     artifactsDir: string;
-    repoRoot: string;
 }, options?: {
     copy?: typeof cp;
     remove?: typeof rm;

package/dist/io/artifacts.js

@@ -1,5 +1,5 @@
 import { cp, rm, unlink } from "node:fs/promises";
-import { join } from "node:path";
+import { dirname, join } from "node:path";
 import { isFileMissingError, readOptionalJsonFile, readOptionalNdjsonFile, readOptionalTextFile, writeJsonFile, writeNdjsonFile, writeTextFile, } from "@audit-tools/shared";
 import { buildToolingManifest } from "./toolingManifest.js";
 // Canonical filename for the rendered findings report. Single source of truth
@@ -130,8 +130,9 @@ export async function cleanupIntermediateArtifacts(root) {
     return deleted;
 }
 export async function promoteFinalAuditReport(params, options = {}) {
+    const outputDir = dirname(params.artifactsDir);
     const source = join(params.artifactsDir, AUDIT_REPORT_FILENAME);
-    const destination = join(params.repoRoot, AUDIT_REPORT_FILENAME);
+    const destination = join(outputDir, AUDIT_REPORT_FILENAME);
     const copy = options.copy ?? cp;
     const remove = options.remove ?? rm;
     const warn = options.warn ?? ((message) => process.stderr.write(`${message}\n`));
@@ -147,12 +148,12 @@ export async function promoteFinalAuditReport(params, options = {}) {
     // Promote the canonical machine contract alongside the human report. Missing
     // (e.g. legacy bundle) or unreadable: best-effort, never blocks completion.
     try {
-        await copy(join(params.artifactsDir, "audit-findings.json"), join(params.repoRoot, "audit-findings.json"), { force: true });
+        await copy(join(params.artifactsDir, "audit-findings.json"), join(outputDir, "audit-findings.json"), { force: true });
     }
     catch (error) {
         // audit-findings.json is optional output; absence must not fail promotion.
         // Log so operators can distinguish a partial promotion from a clean one.
-        warn(`audit-code: could not promote audit-findings.json to ${join(params.repoRoot, "audit-findings.json")}: ` +
+        warn(`audit-code: could not promote audit-findings.json to ${join(outputDir, "audit-findings.json")}: ` +
             (error instanceof Error ? error.message : String(error)));
     }
     try {

package/dist/io/runArtifacts.js

@@ -187,7 +187,7 @@ export async function writeDispatchBatchFiles(artifactsDir, runs, currentTasks,
             "# audit-code parallel dispatch",
             "",
             `This batch launched ${runs.length} deferred review run(s).`,
-            "Each run keeps its own task.json, prompt.md, result.json, and status.json under .audit-artifacts/runs/<run_id>/.",
+            "Each run keeps its own task.json, prompt.md, result.json, and status.json under .audit-tools/audit/runs/<run_id>/.",
             "Use current-tasks.json for the combined task list. The per-run files below are operational references for launched workers; do not read per-run prompt or schema files unless debugging a failed dispatch.",
             "",
             "Runs:",

package/dist/providers/claudeCodeProvider.js

@@ -1,7 +1,7 @@
 import { readFile } from "node:fs/promises";
 import { readJsonFile, spawnLoggedCommand, applyWorkerTaskLaunchSettings } from "@audit-tools/shared";
 export const ACTIVE_CLAUDE_CODE_SESSION_MESSAGE = "claude-code provider cannot be used inside an active Claude Code session. " +
-    'Set provider to "local-subprocess" in .audit-artifacts/session-config.json, ' +
+    'Set provider to "local-subprocess" in .audit-tools/audit/session-config.json, ' +
     "then run /audit-code conversationally and follow the dispatch prompts manually.";
 export class ClaudeCodeProvider {
     name = "claude-code";

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "auditor-lambda",
-  "version": "0.10.7",
+  "version": "0.10.8",
   "private": false,
   "description": "Portable hybrid code-auditing framework for arbitrary repositories.",
   "type": "module",

package/scripts/postinstall.mjs

@@ -41,8 +41,7 @@ const OPENCODE_AUDIT_EXTERNAL_DIRECTORY_PERMISSION = { '*': 'allow' };
 const OPENCODE_AUDIT_EDIT_PERMISSION = {
   '*': 'ask',
   '.audit-code/**': 'allow',
-  '.audit-artifacts/**': 'allow',
-  'audit-report.md': 'allow',
+  '.audit-tools/**': 'allow',
 };
 
 const OPENCODE_AUDIT_BASH_PERMISSION = {

package/skills/audit-code/audit-code.prompt.md

@@ -58,7 +58,7 @@ If the returned step is a dispatch step, before launching subagents check
   immediately.
 
 After the **first** `next-step` (the intake step) completes, confirm the audit
-scope before proceeding. Read `scope_summary.json` from the `.audit-artifacts/`
+scope before proceeding. Read `scope_summary.json` from the `.audit-tools/audit/`
 directory. It contains `repo_root`, `auditable_file_count`, `git_available`, and
 `mis_scope_smells`. Then: