auditor-lambda 0.2.8 → 0.2.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +6 -0
- package/audit-code-wrapper-lib.mjs +1 -1
- package/dist/adapters/eslint.js +9 -5
- package/dist/cli.d.ts +42 -1
- package/dist/cli.js +234 -63
- package/dist/extractors/bucketing.d.ts +4 -0
- package/dist/extractors/bucketing.js +6 -2
- package/dist/extractors/disposition.d.ts +4 -0
- package/dist/extractors/disposition.js +6 -2
- package/dist/extractors/fileInventory.js +24 -28
- package/dist/extractors/flows.d.ts +5 -0
- package/dist/extractors/flows.js +18 -38
- package/dist/extractors/pathPatterns.d.ts +10 -3
- package/dist/extractors/pathPatterns.js +109 -61
- package/dist/extractors/surfaces.d.ts +4 -0
- package/dist/extractors/surfaces.js +11 -11
- package/dist/index.d.ts +1 -1
- package/dist/index.js +2 -1
- package/dist/io/artifacts.d.ts +55 -40
- package/dist/io/artifacts.js +73 -110
- package/dist/io/json.js +52 -21
- package/dist/io/runArtifacts.d.ts +1 -1
- package/dist/io/runArtifacts.js +26 -3
- package/dist/orchestrator/advance.js +83 -62
- package/dist/orchestrator/autoFixExecutor.js +32 -15
- package/dist/orchestrator/flowCoverage.js +11 -5
- package/dist/orchestrator/flowPlanning.d.ts +7 -2
- package/dist/orchestrator/flowPlanning.js +46 -21
- package/dist/orchestrator/flowRequeue.js +28 -8
- package/dist/orchestrator/internalExecutors.js +12 -8
- package/dist/orchestrator/localCommands.d.ts +14 -0
- package/dist/orchestrator/localCommands.js +124 -0
- package/dist/orchestrator/planning.js +25 -3
- package/dist/orchestrator/requeue.js +11 -1
- package/dist/orchestrator/syntaxResolutionExecutor.js +60 -59
- package/dist/orchestrator/taskBuilder.d.ts +4 -2
- package/dist/orchestrator/taskBuilder.js +153 -52
- package/dist/orchestrator/unitBuilder.d.ts +3 -1
- package/dist/orchestrator/unitBuilder.js +24 -16
- package/dist/prompts/renderWorkerPrompt.d.ts +1 -1
- package/dist/prompts/renderWorkerPrompt.js +16 -8
- package/dist/providers/claudeCodeProvider.d.ts +4 -1
- package/dist/providers/claudeCodeProvider.js +8 -5
- package/dist/providers/localSubprocessProvider.d.ts +4 -0
- package/dist/providers/localSubprocessProvider.js +7 -2
- package/dist/providers/spawnLoggedCommand.d.ts +9 -1
- package/dist/providers/spawnLoggedCommand.js +77 -29
- package/dist/reporting/synthesis.d.ts +2 -0
- package/dist/reporting/synthesis.js +12 -9
- package/dist/supervisor/operatorHandoff.d.ts +1 -1
- package/dist/supervisor/operatorHandoff.js +56 -18
- package/dist/supervisor/runLedger.d.ts +1 -1
- package/dist/supervisor/runLedger.js +112 -5
- package/dist/supervisor/sessionConfig.js +10 -10
- package/dist/types/externalAnalyzer.d.ts +3 -0
- package/dist/types/flowCoverage.d.ts +5 -1
- package/dist/types/flowCoverage.js +5 -1
- package/dist/types/flows.d.ts +5 -1
- package/dist/types/flows.js +1 -1
- package/dist/types/runLedger.d.ts +5 -1
- package/dist/types/runLedger.js +6 -1
- package/dist/types/runtimeValidation.d.ts +12 -3
- package/dist/types/runtimeValidation.js +16 -1
- package/dist/types/sessionConfig.d.ts +15 -2
- package/dist/types/sessionConfig.js +15 -1
- package/dist/types/surfaces.d.ts +4 -1
- package/dist/types/surfaces.js +1 -1
- package/dist/types/workerSession.d.ts +9 -0
- package/dist/types/workerSession.js +5 -1
- package/dist/validation/artifacts.d.ts +1 -1
- package/dist/validation/artifacts.js +33 -20
- package/dist/validation/auditResults.d.ts +2 -2
- package/dist/validation/auditResults.js +7 -15
- package/dist/validation/basic.d.ts +9 -1
- package/dist/validation/basic.js +40 -3
- package/dist/validation/sessionConfig.d.ts +4 -2
- package/dist/validation/sessionConfig.js +62 -15
- package/docs/agent-integrations.md +31 -11
- package/docs/next-steps.md +21 -4
- package/docs/packaging.md +14 -0
- package/docs/product-direction.md +22 -0
- package/docs/production-launch-bar.md +2 -0
- package/docs/releasing.md +17 -0
- package/docs/remediation-baseline.md +75 -0
- package/docs/run-flow.md +23 -11
- package/docs/session-config.md +53 -6
- package/docs/supervisor.md +7 -0
- package/docs/workflow-refactor-brief.md +177 -0
- package/package.json +1 -1
- package/schemas/audit-code-v1alpha1.schema.json +1 -0
- package/schemas/audit_result.schema.json +4 -1
- package/schemas/audit_task.schema.json +3 -1
- package/schemas/coverage_matrix.schema.json +3 -3
- package/schemas/critical_flows.schema.json +6 -2
- package/schemas/file_disposition.schema.json +2 -2
- package/schemas/finding.schema.json +9 -4
- package/schemas/flow_coverage.schema.json +2 -2
- package/schemas/repo_manifest.schema.json +4 -4
- package/schemas/risk_register.schema.json +2 -2
- package/schemas/runtime_validation_report.schema.json +2 -2
- package/schemas/runtime_validation_tasks.schema.json +8 -2
- package/schemas/surface_manifest.schema.json +6 -3
- package/schemas/unit_manifest.schema.json +3 -2
- package/skills/audit-code/SKILL.md +5 -0
|
@@ -13,7 +13,7 @@
|
|
|
13
13
|
"root": { "type": "string" },
|
|
14
14
|
"default_branch": { "type": "string" }
|
|
15
15
|
},
|
|
16
|
-
"additionalProperties":
|
|
16
|
+
"additionalProperties": false
|
|
17
17
|
},
|
|
18
18
|
"generated_at": { "type": "string" },
|
|
19
19
|
"files": {
|
|
@@ -24,14 +24,14 @@
|
|
|
24
24
|
"properties": {
|
|
25
25
|
"path": { "type": "string" },
|
|
26
26
|
"language": { "type": "string" },
|
|
27
|
-
"size_bytes": { "type": "integer" },
|
|
27
|
+
"size_bytes": { "type": "integer", "minimum": 0 },
|
|
28
28
|
"hash": { "type": "string" },
|
|
29
29
|
"excluded": { "type": "boolean" },
|
|
30
30
|
"exclusion_reason": { "type": "string" }
|
|
31
31
|
},
|
|
32
|
-
"additionalProperties":
|
|
32
|
+
"additionalProperties": false
|
|
33
33
|
}
|
|
34
34
|
}
|
|
35
35
|
},
|
|
36
|
-
"additionalProperties":
|
|
36
|
+
"additionalProperties": false
|
|
37
37
|
}
|
|
@@ -18,10 +18,16 @@
|
|
|
18
18
|
},
|
|
19
19
|
"target_paths": {
|
|
20
20
|
"type": "array",
|
|
21
|
+
"minItems": 1,
|
|
21
22
|
"items": { "type": "string" }
|
|
22
23
|
},
|
|
23
24
|
"reason": { "type": "string" },
|
|
24
25
|
"priority": { "type": "string", "enum": ["high", "medium", "low"] },
|
|
26
|
+
"command": {
|
|
27
|
+
"type": "array",
|
|
28
|
+
"minItems": 1,
|
|
29
|
+
"items": { "type": "string" }
|
|
30
|
+
},
|
|
25
31
|
"suggested_checks": {
|
|
26
32
|
"type": "array",
|
|
27
33
|
"items": { "type": "string" }
|
|
@@ -31,9 +37,9 @@
|
|
|
31
37
|
"items": { "type": "string" }
|
|
32
38
|
}
|
|
33
39
|
},
|
|
34
|
-
"additionalProperties":
|
|
40
|
+
"additionalProperties": false
|
|
35
41
|
}
|
|
36
42
|
}
|
|
37
43
|
},
|
|
38
|
-
"additionalProperties":
|
|
44
|
+
"additionalProperties": false
|
|
39
45
|
}
|
|
@@ -17,7 +17,10 @@
|
|
|
17
17
|
"enum": ["interface", "background"]
|
|
18
18
|
},
|
|
19
19
|
"entrypoint": { "type": "string" },
|
|
20
|
-
"exposure": {
|
|
20
|
+
"exposure": {
|
|
21
|
+
"type": "string",
|
|
22
|
+
"enum": ["network", "local"]
|
|
23
|
+
},
|
|
21
24
|
"methods": {
|
|
22
25
|
"type": "array",
|
|
23
26
|
"items": { "type": "string" }
|
|
@@ -27,9 +30,9 @@
|
|
|
27
30
|
"items": { "type": "string" }
|
|
28
31
|
}
|
|
29
32
|
},
|
|
30
|
-
"additionalProperties":
|
|
33
|
+
"additionalProperties": false
|
|
31
34
|
}
|
|
32
35
|
}
|
|
33
36
|
},
|
|
34
|
-
"additionalProperties":
|
|
37
|
+
"additionalProperties": false
|
|
35
38
|
}
|
|
@@ -25,6 +25,7 @@
|
|
|
25
25
|
},
|
|
26
26
|
"required_lenses": {
|
|
27
27
|
"type": "array",
|
|
28
|
+
"minItems": 1,
|
|
28
29
|
"items": {
|
|
29
30
|
"type": "string",
|
|
30
31
|
"enum": ["correctness", "architecture", "maintainability", "security", "reliability", "performance", "data_integrity", "tests", "operability", "config_deployment"]
|
|
@@ -35,9 +36,9 @@
|
|
|
35
36
|
"items": { "type": "string" }
|
|
36
37
|
}
|
|
37
38
|
},
|
|
38
|
-
"additionalProperties":
|
|
39
|
+
"additionalProperties": false
|
|
39
40
|
}
|
|
40
41
|
}
|
|
41
42
|
},
|
|
42
|
-
"additionalProperties":
|
|
43
|
+
"additionalProperties": false
|
|
43
44
|
}
|
|
@@ -17,6 +17,9 @@ Normal usage should:
|
|
|
17
17
|
- avoid manual paths, provider flags, and model-selection arguments
|
|
18
18
|
- advance the audit automatically until it completes or no further automatic progress is possible
|
|
19
19
|
|
|
20
|
+
Semantic review should stay with the active conversation agent by default.
|
|
21
|
+
If the host can delegate to subagents, that fan-out belongs to the host agent runtime rather than to repo-local backend provider settings.
|
|
22
|
+
|
|
20
23
|
Bounded steps are a backend implementation detail, not the intended user experience.
|
|
21
24
|
|
|
22
25
|
## Embedded Prompt Payload
|
|
@@ -58,6 +61,8 @@ For repo-local backend usage:
|
|
|
58
61
|
- `provider: "auto"` is the explicit opt-in best-effort routing mode
|
|
59
62
|
- explicit provider names remain available when an operator wants a specific backend
|
|
60
63
|
|
|
64
|
+
Those explicit provider names are backend compatibility bridges, not the intended default review owner.
|
|
65
|
+
|
|
61
66
|
## Development rule
|
|
62
67
|
|
|
63
68
|
Prefer the skill-first conversational contract over the CLI-first backend shape.
|