auditor-lambda 0.2.5 → 0.2.8

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (71) hide show
  1. package/README.md +35 -7
  2. package/audit-code-wrapper-lib.mjs +1612 -331
  3. package/dist/cli.js +397 -38
  4. package/dist/coverage.d.ts +2 -2
  5. package/dist/coverage.js +5 -5
  6. package/dist/extractors/disposition.js +10 -1
  7. package/dist/extractors/flows.js +7 -1
  8. package/dist/extractors/pathPatterns.d.ts +3 -0
  9. package/dist/extractors/pathPatterns.js +15 -0
  10. package/dist/extractors/risk.js +7 -1
  11. package/dist/io/artifacts.d.ts +6 -6
  12. package/dist/io/artifacts.js +14 -17
  13. package/dist/io/json.d.ts +2 -0
  14. package/dist/io/json.js +15 -0
  15. package/dist/io/runArtifacts.d.ts +3 -1
  16. package/dist/io/runArtifacts.js +20 -5
  17. package/dist/mcp/server.d.ts +1 -0
  18. package/dist/mcp/server.js +579 -0
  19. package/dist/orchestrator/advance.js +9 -2
  20. package/dist/orchestrator/dependencyMap.js +9 -13
  21. package/dist/orchestrator/executors.js +7 -2
  22. package/dist/orchestrator/flowRequeue.d.ts +2 -2
  23. package/dist/orchestrator/flowRequeue.js +16 -3
  24. package/dist/orchestrator/internalExecutors.d.ts +2 -1
  25. package/dist/orchestrator/internalExecutors.js +129 -48
  26. package/dist/orchestrator/requeue.js +10 -4
  27. package/dist/orchestrator/requeueCommand.js +15 -2
  28. package/dist/orchestrator/resultIngestion.d.ts +2 -1
  29. package/dist/orchestrator/resultIngestion.js +26 -6
  30. package/dist/orchestrator/runtimeValidation.d.ts +7 -2
  31. package/dist/orchestrator/runtimeValidation.js +61 -49
  32. package/dist/orchestrator/runtimeValidationUpdate.js +2 -4
  33. package/dist/orchestrator/state.js +28 -14
  34. package/dist/orchestrator/taskBuilder.js +4 -2
  35. package/dist/orchestrator/trivialAudit.d.ts +4 -0
  36. package/dist/orchestrator/trivialAudit.js +49 -0
  37. package/dist/prompts/renderWorkerPrompt.js +6 -2
  38. package/dist/providers/spawnLoggedCommand.js +17 -0
  39. package/dist/reporting/mergeFindings.js +3 -11
  40. package/dist/reporting/rootCause.js +92 -9
  41. package/dist/reporting/synthesis.d.ts +25 -22
  42. package/dist/reporting/synthesis.js +92 -59
  43. package/dist/reporting/workBlocks.d.ts +12 -3
  44. package/dist/reporting/workBlocks.js +124 -70
  45. package/dist/supervisor/sessionConfig.js +4 -2
  46. package/dist/types/flows.d.ts +2 -0
  47. package/dist/types/runtimeValidation.d.ts +2 -1
  48. package/dist/types.d.ts +8 -6
  49. package/dist/validation/auditResults.d.ts +5 -2
  50. package/dist/validation/auditResults.js +335 -43
  51. package/docs/agent-integrations.md +38 -29
  52. package/docs/artifacts.md +18 -51
  53. package/docs/bootstrap-install.md +60 -30
  54. package/docs/contract.md +25 -117
  55. package/docs/field-trial-bug-report.md +237 -0
  56. package/docs/next-steps.md +59 -44
  57. package/docs/packaging.md +13 -3
  58. package/docs/production-launch-bar.md +2 -2
  59. package/docs/production-readiness.md +9 -5
  60. package/docs/releasing.md +81 -0
  61. package/docs/session-config.md +20 -1
  62. package/docs/usage.md +22 -0
  63. package/package.json +4 -1
  64. package/schemas/audit_result.schema.json +4 -5
  65. package/schemas/audit_task.schema.json +10 -0
  66. package/schemas/runtime_validation_report.schema.json +1 -1
  67. package/skills/audit-code/SKILL.md +11 -2
  68. package/skills/audit-code/audit-code.prompt.md +11 -10
  69. package/schemas/merged_findings.schema.json +0 -19
  70. package/schemas/root_cause_clusters.schema.json +0 -28
  71. package/schemas/synthesis_report.schema.json +0 -61
package/README.md CHANGED
@@ -29,10 +29,17 @@ audit-code install
29
29
 
30
30
  That bootstraps repo-local `/audit-code` surfaces for the hosts we can automate today, including:
31
31
 
32
- - VS Code / GitHub Copilot prompt files
33
- - OpenCode custom commands
34
- - Claude Code custom slash commands
35
- - compatibility instruction files such as `AGENTS.md` and `CLAUDE.md`
32
+ - Codex skill bundle, `AGENTS.md` guidance, and MCP setup notes
33
+ - Claude Desktop local MCP bundle artifacts and project template guidance
34
+ - OpenCode command, skill, and `opencode.json` surfaces
35
+ - VS Code prompt, custom agent, Copilot instructions, and `.vscode/mcp.json`
36
+ - Antigravity planning-mode guidance plus the shared repo-local MCP launcher
37
+
38
+ After bootstrap, you can smoke-test the generated host assets and launcher from the repository root:
39
+
40
+ ```bash
41
+ audit-code verify-install
42
+ ```
36
43
 
37
44
  After that, open a supported conversation surface in the repository and invoke `/audit-code`.
38
45
 
@@ -42,7 +49,7 @@ If a host still needs manual prompt import after bootstrap, open:
42
49
  .audit-code/install/GETTING-STARTED.md
43
50
  ```
44
51
 
45
- That repo-local guide now includes dedicated quick-start sections for VS Code, OpenCode, Claude Code, Claude Desktop, and Antigravity, plus the installed canonical prompt asset path for manual-import hosts.
52
+ That repo-local guide now includes dedicated quick-start sections for Codex, Claude Desktop, OpenCode, VS Code, and Antigravity, plus the installed canonical prompt asset path for prompt-import fallback flows.
46
53
 
47
54
  For narrower compatibility, `audit-code install-host --host copilot` still exists.
48
55
 
@@ -102,6 +109,24 @@ audit-code validate
102
109
 
103
110
  That check now covers the artifact bundle plus `session-config.json` and explicit provider readiness.
104
111
 
112
+ For native batch ingestion of multiple result files:
113
+
114
+ ```bash
115
+ audit-code --batch-results /path/to/audit-results-dir
116
+ ```
117
+
118
+ For task-to-coverage inspection without reverse-engineering multiple artifacts:
119
+
120
+ ```bash
121
+ audit-code explain-task <task_id>
122
+ ```
123
+
124
+ For a local stdio MCP server entrypoint:
125
+
126
+ ```bash
127
+ audit-code mcp
128
+ ```
129
+
105
130
  The backend wrapper response schema is `schemas/audit-code-v1alpha1.schema.json`.
106
131
 
107
132
  ## Backend Provider Modes
@@ -144,8 +169,8 @@ The next implementation work is tracked in:
144
169
 
145
170
  The short version is:
146
171
 
147
- - reduce prompt-import friction in the conversation setup flow
148
- - make the conversation route feel more native in the first target hosts
172
+ - prove the generated Codex, Claude Desktop, OpenCode, VS Code, and Antigravity guidance in real host flows
173
+ - tighten the repo-local MCP-first bootstrap where host smoke tests expose friction
149
174
  - polish provider-assisted continuation and failure guidance
150
175
  - finish publish and release hardening for packaged installs
151
176
 
@@ -156,9 +181,12 @@ npm install
156
181
  npm run verify:release
157
182
  ```
158
183
 
184
+ For GitHub Actions publication and npm Trusted Publishing setup, see `docs/releasing.md`.
185
+
159
186
  ## Key Docs
160
187
 
161
188
  - `docs/product-direction.md`
189
+ - `docs/releasing.md`
162
190
  - `docs/production-readiness.md`
163
191
  - `docs/production-launch-bar.md`
164
192
  - `docs/next-steps.md`