auditor-lambda 0.3.10 → 0.3.12

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (13) hide show
  1. package/dispatch/lens-definitions.json +8 -0
  2. package/dist/orchestrator/unitBuilder.js +4 -3
  3. package/dist/types.d.ts +1 -1
  4. package/dist/validation/auditResults.js +1 -0
  5. package/docs/agent-integrations.md +1 -1
  6. package/package.json +1 -1
  7. package/schemas/audit_result.schema.json +1 -1
  8. package/schemas/audit_task.schema.json +1 -1
  9. package/schemas/coverage_matrix.schema.json +2 -2
  10. package/schemas/finding.schema.json +2 -1
  11. package/schemas/flow_coverage.schema.json +2 -2
  12. package/schemas/unit_manifest.schema.json +1 -1
  13. package/skills/audit-code/audit-code.prompt.md +2 -0
package/dispatch/lens-definitions.json CHANGED
@@ -34,5 +34,13 @@
34
34
  "config_deployment": {
35
35
  "description": "CI/CD pipeline correctness (wrong triggers, missing branch filters, floating version pins), deployment safety (no gate before publish, missing rollback), insecure secret handling in configs, mutable action tags that should be pinned to commit SHAs.",
36
36
  "do_not_report": "Runtime code issues; findings that belong to other lenses."
37
+ },
38
+ "architecture": {
39
+ "description": "Big-picture design, conceptual elegance, over-engineering, under-engineering, appropriate use of abstractions, and identifying opportunities where custom code should be replaced by third-party tools or standard libraries. Flag structural findings that span multiple components as 'systemic: true'.",
40
+ "do_not_report": "Minor style issues, localized logic bugs, or formatting."
41
+ },
42
+ "observability": {
43
+ "description": "Logging quality, telemetry, distributed tracing context, meaningful metrics, and error reporting context.",
44
+ "do_not_report": "Correctness bugs or deployment configuration."
37
45
  }
38
46
  }
package/dist/orchestrator/unitBuilder.js CHANGED
@@ -2,11 +2,11 @@ import { bucketFile } from "../extractors/bucketing.js";
2
2
  import { isAuditExcludedStatus } from "../extractors/disposition.js";
3
3
  import { pathTokens, normalizeExtractorPath } from "../extractors/pathPatterns.js";
4
4
  const LENS_MAP = {
5
- runtime: ["correctness", "maintainability", "tests"],
6
- interface: ["correctness", "security", "reliability", "tests"],
5
+ runtime: ["correctness", "maintainability", "tests", "observability"],
6
+ interface: ["correctness", "security", "reliability", "tests", "observability"],
7
7
  data_layer: ["correctness", "data_integrity", "reliability", "tests"],
8
8
  security_sensitive: ["security", "correctness", "reliability", "tests"],
9
- concurrency_state: ["reliability", "performance", "correctness", "tests"],
9
+ concurrency_state: ["reliability", "performance", "correctness", "tests", "observability"],
10
10
  tests: ["tests", "maintainability"],
11
11
  tooling_scripts: ["correctness", "operability", "config_deployment"],
12
12
  config_deployment: ["config_deployment", "reliability", "operability"],
@@ -76,6 +76,7 @@ export const LENS_ORDER = [
76
76
  "performance",
77
77
  "operability",
78
78
  "config_deployment",
79
+ "observability",
79
80
  "maintainability",
80
81
  "tests",
81
82
  ];
package/dist/types.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- export type Lens = "correctness" | "architecture" | "maintainability" | "security" | "reliability" | "performance" | "data_integrity" | "tests" | "operability" | "config_deployment";
1
+ export type Lens = "correctness" | "architecture" | "maintainability" | "security" | "reliability" | "performance" | "data_integrity" | "tests" | "operability" | "config_deployment" | "observability";
2
2
  export interface FileRecord {
3
3
  path: string;
4
4
  language: string;
package/dist/validation/auditResults.js CHANGED
@@ -23,6 +23,7 @@ const VALID_LENSES = new Set([
23
23
  "tests",
24
24
  "operability",
25
25
  "config_deployment",
26
+ "observability",
26
27
  ]);
27
28
  function pushIssue(issues, params) {
28
29
  issues.push({
package/docs/agent-integrations.md CHANGED
@@ -275,7 +275,7 @@ No dedicated Antigravity provider adapter is shipped today.
275
275
 
276
276
  Current recommended usage is one of these:
277
277
 
278
- - use the skill-first conversational contract as the primary surface
278
+ - use the skill-first conversational contract as the primary surface (note: do NOT use `browser_subagent` for semantic review of code unless explicitly required by the task)
279
279
  - let `/audit-code` run `audit-code ensure --quiet`, or run `audit-code install` manually so compatibility files are present
280
280
  - run `audit-code` from an Antigravity-managed terminal with `local-subprocess`
281
281
  - use `subprocess-template` if you have a reliable Antigravity-side launcher bridge
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "auditor-lambda",
3
- "version": "0.3.10",
3
+ "version": "0.3.12",
4
4
  "private": false,
5
5
  "description": "Portable hybrid code-auditing framework for arbitrary repositories.",
6
6
  "type": "module",
package/schemas/audit_result.schema.json CHANGED
@@ -25,7 +25,7 @@
25
25
  "pass_id": { "type": "string" },
26
26
  "lens": {
27
27
  "type": "string",
28
- "enum": ["correctness", "architecture", "maintainability", "security", "reliability", "performance", "data_integrity", "tests", "operability", "config_deployment"]
28
+ "enum": ["correctness", "architecture", "maintainability", "security", "reliability", "performance", "data_integrity", "tests", "operability", "config_deployment", "observability"]
29
29
  },
30
30
  "agent_role": { "type": "string" },
31
31
  "file_coverage": {
package/schemas/audit_task.schema.json CHANGED
@@ -17,7 +17,7 @@
17
17
  "pass_id": { "type": "string" },
18
18
  "lens": {
19
19
  "type": "string",
20
- "enum": ["correctness", "architecture", "maintainability", "security", "reliability", "performance", "data_integrity", "tests", "operability", "config_deployment"]
20
+ "enum": ["correctness", "architecture", "maintainability", "security", "reliability", "performance", "data_integrity", "tests", "operability", "config_deployment", "observability"]
21
21
  },
22
22
  "file_paths": {
23
23
  "type": "array",
package/schemas/coverage_matrix.schema.json CHANGED
@@ -28,14 +28,14 @@
28
28
  "type": "array",
29
29
  "items": {
30
30
  "type": "string",
31
- "enum": ["correctness", "architecture", "maintainability", "security", "reliability", "performance", "data_integrity", "tests", "operability", "config_deployment"]
31
+ "enum": ["correctness", "architecture", "maintainability", "security", "reliability", "performance", "data_integrity", "tests", "operability", "config_deployment", "observability"]
32
32
  }
33
33
  },
34
34
  "completed_lenses": {
35
35
  "type": "array",
36
36
  "items": {
37
37
  "type": "string",
38
- "enum": ["correctness", "architecture", "maintainability", "security", "reliability", "performance", "data_integrity", "tests", "operability", "config_deployment"]
38
+ "enum": ["correctness", "architecture", "maintainability", "security", "reliability", "performance", "data_integrity", "tests", "operability", "config_deployment", "observability"]
39
39
  }
40
40
  }
41
41
  },
package/schemas/finding.schema.json CHANGED
@@ -35,7 +35,8 @@
35
35
  "data_integrity",
36
36
  "tests",
37
37
  "operability",
38
- "config_deployment"
38
+ "config_deployment",
39
+ "observability"
39
40
  ]
40
41
  },
41
42
  "summary": { "type": "string" },
package/schemas/flow_coverage.schema.json CHANGED
@@ -26,14 +26,14 @@
26
26
  "type": "array",
27
27
  "items": {
28
28
  "type": "string",
29
- "enum": ["correctness", "architecture", "maintainability", "security", "reliability", "performance", "data_integrity", "tests", "operability", "config_deployment"]
29
+ "enum": ["correctness", "architecture", "maintainability", "security", "reliability", "performance", "data_integrity", "tests", "operability", "config_deployment", "observability"]
30
30
  }
31
31
  },
32
32
  "completed_lenses": {
33
33
  "type": "array",
34
34
  "items": {
35
35
  "type": "string",
36
- "enum": ["correctness", "architecture", "maintainability", "security", "reliability", "performance", "data_integrity", "tests", "operability", "config_deployment"]
36
+ "enum": ["correctness", "architecture", "maintainability", "security", "reliability", "performance", "data_integrity", "tests", "operability", "config_deployment", "observability"]
37
37
  }
38
38
  },
39
39
  "status": {
package/schemas/unit_manifest.schema.json CHANGED
@@ -28,7 +28,7 @@
28
28
  "minItems": 1,
29
29
  "items": {
30
30
  "type": "string",
31
- "enum": ["correctness", "architecture", "maintainability", "security", "reliability", "performance", "data_integrity", "tests", "operability", "config_deployment"]
31
+ "enum": ["correctness", "architecture", "maintainability", "security", "reliability", "performance", "data_integrity", "tests", "operability", "config_deployment", "observability"]
32
32
  }
33
33
  },
34
34
  "critical_flows": {
package/skills/audit-code/audit-code.prompt.md CHANGED
@@ -28,6 +28,8 @@ and ingest results mechanically.
28
28
  - CRITICAL: Do not use your `Read` tool to read `entry.prompt_path` or JSON schemas into your own context window. The subagent will read them. Pass the path literally.
29
29
  - Prefer subagent dispatch for semantic review whenever the host exposes an
30
30
  Agent/subagent tool.
31
+ - Do not use `browser_subagent` for semantic review of source code unless the
32
+ task explicitly requires browser-based validation.
31
33
  - If the host cannot dispatch subagents, complete exactly one assigned review
32
34
  task, run the provided ingestion command, then stop. The user can run
33
35
  `/audit-code` again to continue from fresh context.