auditor-lambda 0.3.12 → 0.3.14

package/dist/extractors/graphPathUtils.d.ts

@@ -0,0 +1,5 @@
+import type { GraphEdge } from "../types/graph.js";
+export declare function normalizeGraphPath(path: string): string;
+export declare function graphLookupKey(path: string): string;
+export declare function resolveCandidate(candidate: string, pathLookup: Map<string, string>): string | undefined;
+export declare function graphEdge(params: GraphEdge): GraphEdge;

package/dist/extractors/graphPathUtils.js

@@ -0,0 +1,75 @@
+import { posix } from "node:path";
+const RESOLVABLE_EXTENSIONS = [
+    "",
+    ".ts",
+    ".tsx",
+    ".mts",
+    ".cts",
+    ".js",
+    ".jsx",
+    ".mjs",
+    ".cjs",
+    ".json",
+    ".py",
+    ".pyi",
+];
+const INDEX_EXTENSIONS = [
+    "index.ts",
+    "index.tsx",
+    "index.mts",
+    "index.cts",
+    "index.js",
+    "index.jsx",
+    "index.mjs",
+    "index.cjs",
+    "index.json",
+    "__init__.py",
+    "__init__.pyi",
+];
+const RUNTIME_SOURCE_EXTENSION_ALIASES = {
+    ".js": [".ts", ".tsx", ".jsx"],
+    ".mjs": [".mts"],
+    ".cjs": [".cts"],
+};
+export function normalizeGraphPath(path) {
+    return posix
+        .normalize(path.replace(/\\/g, "/"))
+        .replace(/^\.\//, "");
+}
+export function graphLookupKey(path) {
+    return normalizeGraphPath(path).toLowerCase();
+}
+export function resolveCandidate(candidate, pathLookup) {
+    const normalized = normalizeGraphPath(candidate);
+    const direct = pathLookup.get(normalized.toLowerCase());
+    if (direct)
+        return direct;
+    const runtimeExtension = posix.extname(normalized).toLowerCase();
+    const sourceExtensionAliases = RUNTIME_SOURCE_EXTENSION_ALIASES[runtimeExtension];
+    if (sourceExtensionAliases) {
+        const withoutRuntimeExtension = normalized.slice(0, -runtimeExtension.length);
+        for (const sourceExtension of sourceExtensionAliases) {
+            const match = pathLookup.get(`${withoutRuntimeExtension}${sourceExtension}`.toLowerCase());
+            if (match)
+                return match;
+        }
+    }
+    for (const extension of RESOLVABLE_EXTENSIONS) {
+        const withExtension = `${normalized}${extension}`;
+        const match = pathLookup.get(withExtension.toLowerCase());
+        if (match)
+            return match;
+    }
+    for (const indexFile of INDEX_EXTENSIONS) {
+        const match = pathLookup.get(posix.join(normalized, indexFile).toLowerCase());
+        if (match)
+            return match;
+    }
+    return undefined;
+}
+export function graphEdge(params) {
+    return {
+        ...params,
+        direction: params.direction ?? "directed",
+    };
+}

package/dist/extractors/pathPatterns.d.ts

@@ -16,6 +16,7 @@ export declare function isLicensePath(normalized: string): boolean;
 export declare function isLockfilePath(normalized: string): boolean;
 export declare function isDocPath(normalized: string): boolean;
 export declare function isGeneratedInstallArtifactPath(normalized: string): boolean;
+export declare function isGeneratedTestArtifactPath(normalized: string): boolean;
 export declare function isAuditArtifactPath(normalized: string): boolean;
 export declare function isTestPath(normalized: string): boolean;
 export declare function isInterfacePath(normalized: string): boolean;

package/dist/extractors/pathPatterns.js

@@ -173,6 +173,9 @@ export function isDocPath(normalized) {
 export function isGeneratedInstallArtifactPath(normalized) {
     return normalized.startsWith(".audit-code/install/");
 }
+export function isGeneratedTestArtifactPath(normalized) {
+    return splitSegments(normalized).some((segment) => segment.startsWith(".test-") && segment.endsWith("-artifacts"));
+}
 export function isAuditArtifactPath(normalized) {
     return splitSegments(normalized).some((segment) => segment.startsWith(".audit-artifacts"));
 }

package/dist/io/artifacts.d.ts

@@ -1,3 +1,4 @@
+import { cp, rm } from "node:fs/promises";
 import type { AuditResult, AuditTask, CoverageMatrix, RepoManifest, UnitManifest } from "../types.js";
 import type { AuditState } from "../types/auditState.js";
 import type { ArtifactMetadataManifest } from "../types/artifactMetadata.js";
@@ -80,5 +81,13 @@ export declare function cleanupIntermediateArtifacts(root: string): Promise<stri
 export declare function promoteFinalAuditReport(params: {
     artifactsDir: string;
     repoRoot: string;
-}): Promise<void>;
+}, options?: {
+    copy?: typeof cp;
+    remove?: typeof rm;
+    warn?: (message: string) => void;
+}): Promise<{
+    promoted: boolean;
+    cleaned: boolean;
+    warning?: string;
+}>;
 export {};

package/dist/io/artifacts.js

@@ -96,9 +96,29 @@ export async function cleanupIntermediateArtifacts(root) {
     }
     return deleted;
 }
-export async function promoteFinalAuditReport(params) {
+export async function promoteFinalAuditReport(params, options = {}) {
     const source = join(params.artifactsDir, "audit-report.md");
     const destination = join(params.repoRoot, "audit-report.md");
-    await cp(source, destination, { force: true });
-    await rm(params.artifactsDir, { recursive: true, force: true });
+    const copy = options.copy ?? cp;
+    const remove = options.remove ?? rm;
+    const warn = options.warn ?? ((message) => process.stderr.write(`${message}\n`));
+    try {
+        await copy(source, destination, { force: true });
+    }
+    catch (error) {
+        const warning = `audit-code: completed audit but could not promote final report to ${destination}: ` +
+            (error instanceof Error ? error.message : String(error));
+        warn(warning);
+        return { promoted: false, cleaned: false, warning };
+    }
+    try {
+        await remove(params.artifactsDir, { recursive: true, force: true });
+        return { promoted: true, cleaned: true };
+    }
+    catch (error) {
+        const warning = `audit-code: promoted final report to ${destination}, but could not remove ${params.artifactsDir}: ` +
+            (error instanceof Error ? error.message : String(error));
+        warn(warning);
+        return { promoted: true, cleaned: false, warning };
+    }
 }

package/dist/orchestrator/internalExecutors.d.ts

@@ -7,6 +7,10 @@ export interface ExecutorRunResult {
     artifacts_written: string[];
     progress_summary: string;
 }
+export declare function resolveRuntimeValidationSpawnCommand(command: string[], platform?: NodeJS.Platform, shellCommand?: string): {
+    command: string;
+    args: string[];
+};
 export declare function runIntakeExecutor(bundle: ArtifactBundle, root: string): Promise<ExecutorRunResult>;
 export declare function runStructureExecutor(bundle: ArtifactBundle, root?: string): Promise<ExecutorRunResult>;
 export declare function runPlanningExecutor(bundle: ArtifactBundle, root: string, lineIndex?: Record<string, number>): Promise<ExecutorRunResult>;

package/dist/orchestrator/internalExecutors.js

@@ -56,8 +56,10 @@ function appendSelectiveDeepeningTasks(params) {
     };
 }
 async function runCommand(command, cwd) {
+    const spawnCommand = resolveRuntimeValidationSpawnCommand(command);
+    const displayCommand = command.join(" ");
     return await new Promise((resolve) => {
-        const child = spawn(command[0], command.slice(1), {
+        const child = spawn(spawnCommand.command, spawnCommand.args, {
             cwd,
             env: process.env,
             stdio: ["ignore", "pipe", "pipe"],
@@ -73,7 +75,7 @@ async function runCommand(command, cwd) {
         child.on("error", (error) => {
             resolve({
                 status: "inconclusive",
-                summary: `Failed to execute ${command.join(" ")}: ${error.message}`,
+                summary: `Failed to execute ${displayCommand}: ${error.message}`,
                 evidence: [],
             });
         });
@@ -83,13 +85,36 @@ async function runCommand(command, cwd) {
             resolve({
                 status: code === 0 ? "confirmed" : "not_confirmed",
                 summary: code === 0
-                    ? `Deterministic runtime command succeeded: ${command.join(" ")}`
-                    : `Deterministic runtime command failed with exit code ${code}: ${command.join(" ")}`,
+                    ? `Deterministic runtime command succeeded: ${displayCommand}`
+                    : `Deterministic runtime command failed with exit code ${code}: ${displayCommand}`,
                 evidence,
             });
         });
     });
 }
+export function resolveRuntimeValidationSpawnCommand(command, platform = process.platform, shellCommand = process.env.ComSpec ?? "cmd.exe") {
+    const [executable, ...args] = command;
+    if (!executable) {
+        return { command: "", args: [] };
+    }
+    if (platform !== "win32") {
+        return { command: executable, args };
+    }
+    const packageManager = executable.replace(/\.(cmd|bat)$/i, "").toLowerCase();
+    if (["npm", "npx", "pnpm", "yarn"].includes(packageManager)) {
+        return {
+            command: shellCommand,
+            args: ["/d", "/s", "/c", command.map(quoteCmdArg).join(" ")],
+        };
+    }
+    return { command: executable, args };
+}
+function quoteCmdArg(value) {
+    if (/^[A-Za-z0-9_./:=+-]+$/.test(value)) {
+        return value;
+    }
+    return `"${value.replace(/(["^&|<>%])/g, "^$1")}"`;
+}
 export async function runIntakeExecutor(bundle, root) {
     const ignore = await loadIgnoreFile(root);
     const repoManifest = await buildRepoManifestFromFs({
@@ -117,8 +142,12 @@ export async function runStructureExecutor(bundle, root) {
     const unitManifest = buildUnitManifest(bundle.repo_manifest, disposition);
     const surfaceManifest = buildSurfaceManifest(bundle.repo_manifest, disposition);
     const graphBundle = root
-        ? await buildGraphBundleFromFs(bundle.repo_manifest, root, disposition)
-        : buildGraphBundle(bundle.repo_manifest, disposition);
+        ? await buildGraphBundleFromFs(bundle.repo_manifest, root, disposition, {
+            externalAnalyzerResults,
+        })
+        : buildGraphBundle(bundle.repo_manifest, disposition, {
+            externalAnalyzerResults,
+        });
     const criticalFlows = buildCriticalFlowManifest(bundle.repo_manifest, surfaceManifest, disposition);
     const riskRegister = buildRiskRegister(unitManifest, criticalFlows, externalAnalyzerResults);
     return {