autoremediator 0.10.0 → 0.11.0

package/dist/{chunk-F7W4EYJL.js → chunk-GYCZ6L3O.js}

@@ -41,7 +41,13 @@ var OPTION_DESCRIPTIONS = {
   enforceFrozenLockfile: "Override frozen lockfile behavior for install commands",
   workspace: "Workspace/package selector for scoped remediation in monorepos",
   includeTransitive: "Include indirect/transitive dependencies in the outdated check. Default: false.",
-  updateOutdated: "Run in update-outdated mode: bump all outdated npm packages without requiring a CVE."
+  updateOutdated: "Run in update-outdated mode: bump all outdated npm packages without requiring a CVE.",
+  kevMandatory: "If true, CVEs with active CISA KEV status bypass severity filtering and are treated as mandatory",
+  epssThreshold: "EPSS probability threshold (0..1) above which a CVE is treated as mandatory regardless of severity",
+  suppressionsFile: "Path to a YAML file containing additional VEX suppression entries to merge with policy-inline suppressions",
+  slaCheck: "Compare CVE publication dates against configured SLA windows and include breach records in the report output",
+  skipUnreachable: "Skip remediation for CVEs where the vulnerable package cannot be reached from any project entry point (requires static import analysis)",
+  regressionCheck: "After applying a fix, verify the patched version falls outside the CVE's vulnerable range and flag any regression in the report"
 };
 function createConstraintSchemaProperties() {
   return {
@@ -97,14 +103,21 @@ function createRemediateOptionSchemaProperties(options) {
     constraints: {
       type: "object",
       properties: createConstraintSchemaProperties()
-    }
+    },
+    kevMandatory: { type: "boolean", description: OPTION_DESCRIPTIONS.kevMandatory },
+    epssThreshold: { type: "number", minimum: 0, maximum: 1, description: OPTION_DESCRIPTIONS.epssThreshold },
+    suppressionsFile: { type: "string", description: OPTION_DESCRIPTIONS.suppressionsFile },
+    slaCheck: { type: "boolean", description: OPTION_DESCRIPTIONS.slaCheck },
+    skipUnreachable: { type: "boolean", description: OPTION_DESCRIPTIONS.skipUnreachable },
+    regressionCheck: { type: "boolean", description: OPTION_DESCRIPTIONS.regressionCheck }
   };
 }
 function createScanOptionSchemaProperties() {
   return {
     ...createRemediateOptionSchemaProperties({ includeEvidence: true }),
     format: { type: "string", enum: ["npm-audit", "yarn-audit", "sarif", "auto"], description: OPTION_DESCRIPTIONS.format },
-    audit: { type: "boolean", description: OPTION_DESCRIPTIONS.audit }
+    audit: { type: "boolean", description: OPTION_DESCRIPTIONS.audit },
+    slaCheck: { type: "boolean", description: OPTION_DESCRIPTIONS.slaCheck }
   };
 }
 function createScanReportSchemaProperties() {
@@ -494,7 +507,11 @@ var DEFAULT_POLICY = {
   consensusModel: void 0,
   patchConfidenceThresholds: {},
   dynamicModelRouting: false,
-  dynamicRoutingThresholdChars: 18e3
+  dynamicRoutingThresholdChars: 18e3,
+  exploitSignalOverride: void 0,
+  suppressions: [],
+  sla: void 0,
+  skipUnreachable: false
 };
 function loadPolicy(cwd, explicitPath) {
   const candidate = explicitPath ?? join4(cwd, ".github", "autoremediator.yml");
@@ -527,7 +544,19 @@ function loadPolicy(cwd, explicitPath) {
         high: parsed.patchConfidenceThresholds?.high ?? DEFAULT_POLICY.patchConfidenceThresholds?.high
       },
       dynamicModelRouting: parsed.dynamicModelRouting ?? DEFAULT_POLICY.dynamicModelRouting,
-      dynamicRoutingThresholdChars: parsed.dynamicRoutingThresholdChars ?? DEFAULT_POLICY.dynamicRoutingThresholdChars
+      dynamicRoutingThresholdChars: parsed.dynamicRoutingThresholdChars ?? DEFAULT_POLICY.dynamicRoutingThresholdChars,
+      exploitSignalOverride: parsed.exploitSignalOverride ? {
+        kev: parsed.exploitSignalOverride.kev ?? void 0,
+        epss: parsed.exploitSignalOverride.epss ?? void 0
+      } : void 0,
+      suppressions: Array.isArray(parsed.suppressions) ? parsed.suppressions : DEFAULT_POLICY.suppressions,
+      sla: parsed.sla ? {
+        critical: parsed.sla.critical,
+        high: parsed.sla.high,
+        medium: parsed.sla.medium,
+        low: parsed.sla.low
+      } : void 0,
+      skipUnreachable: parsed.skipUnreachable ?? DEFAULT_POLICY.skipUnreachable
     };
   } catch {
     return DEFAULT_POLICY;
@@ -540,6 +569,37 @@ function isPackageAllowed(policy, packageName) {
   }
   return true;
 }
+function isActiveSuppression(suppression) {
+  if (!suppression.expiresAt) return true;
+  return new Date(suppression.expiresAt) > /* @__PURE__ */ new Date();
+}
+function loadSuppressionsFile(filePath) {
+  try {
+    const content = readFileSync2(filePath, "utf8");
+    const parsed = yamlParse(content);
+    return Array.isArray(parsed?.suppressions) ? parsed.suppressions : [];
+  } catch {
+    return [];
+  }
+}
+function checkSlaBreach(cveId, severity, publishedAt, slaPolicy) {
+  const severityKey = severity.toLowerCase();
+  const deadlineHours = slaPolicy[severityKey];
+  if (typeof deadlineHours !== "number") return null;
+  const publishedMs = new Date(publishedAt).getTime();
+  if (isNaN(publishedMs)) return null;
+  const deadlineMs = publishedMs + deadlineHours * 60 * 60 * 1e3;
+  const nowMs = Date.now();
+  if (nowMs <= deadlineMs) return null;
+  const hoursOverdue = Math.round((nowMs - deadlineMs) / (60 * 60 * 1e3));
+  return {
+    cveId,
+    severity,
+    publishedAt,
+    deadlineAt: new Date(deadlineMs).toISOString(),
+    hoursOverdue
+  };
+}
 
 // src/remediation/tools/check-inventory.ts
 var checkInventoryTool = tool({
@@ -864,6 +924,9 @@ function storeIdempotentReport(cwd, idempotencyKey, cveId, report) {
 // src/remediation/pipeline.ts
 import { generateText as generateText2 } from "ai";
 
+// src/remediation/local/run.ts
+import semver5 from "semver";
+
 // src/platform/http-client.ts
 var DEFAULT_TIMEOUT_MS = 1e4;
 async function requestWithTimeout(url, init, timeoutMs) {
@@ -1124,9 +1187,216 @@ async function enrichWithNvd(details) {
   return details;
 }
 
+// src/remediation/tools/check-reachability.ts
+import { tool as tool2 } from "ai";
+import { z as z2 } from "zod";
+import { readdirSync, readFileSync as readFileSync5, statSync } from "fs";
+import { join as join7, extname } from "path";
+var SOURCE_EXTENSIONS = /* @__PURE__ */ new Set([".ts", ".tsx", ".js", ".jsx", ".mjs", ".cjs"]);
+var SKIP_DIRS = /* @__PURE__ */ new Set(["node_modules", "dist", "build", "out", ".git", "coverage", ".cache"]);
+var MAX_FILES = 500;
+function collectSourceFiles(dir, files = []) {
+  if (files.length >= MAX_FILES) return files;
+  let entries;
+  try {
+    entries = readdirSync(dir);
+  } catch {
+    return files;
+  }
+  for (const entry of entries) {
+    if (files.length >= MAX_FILES) break;
+    const full = join7(dir, entry);
+    let stat2;
+    try {
+      stat2 = statSync(full);
+    } catch {
+      continue;
+    }
+    if (stat2.isDirectory()) {
+      if (!SKIP_DIRS.has(entry)) collectSourceFiles(full, files);
+    } else if (SOURCE_EXTENSIONS.has(extname(entry))) {
+      files.push(full);
+    }
+  }
+  return files;
+}
+function assessPackageReachability(cwd, packageName) {
+  const files = collectSourceFiles(cwd);
+  if (files.length === 0) {
+    return {
+      packageName,
+      status: "unknown",
+      reason: "No source files found to scan."
+    };
+  }
+  const escaped = packageName.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+  const pattern = new RegExp(
+    `(?:import\\s[^'"]*from\\s['"]${escaped}(?:/[^'"]*)?['"]|require\\(['"]${escaped}(?:/[^'"]*)?['"]\\)|from\\s['"]${escaped}(?:/[^'"]*)?['"])`,
+    "m"
+  );
+  const evidence = [];
+  for (const filePath of files) {
+    let content;
+    try {
+      content = readFileSync5(filePath, "utf8");
+    } catch {
+      continue;
+    }
+    if (pattern.test(content)) {
+      const relative = filePath.startsWith(cwd) ? filePath.slice(cwd.length + 1) : filePath;
+      const matchType = content.includes(`require('${packageName}`) || content.includes(`require("${packageName}`) ? "require" : content.includes(`import(`) ? "dynamic-import" : "import";
+      evidence.push({ filePath: relative, matchType });
+      if (evidence.length >= 3) break;
+    }
+  }
+  if (evidence.length > 0) {
+    return {
+      packageName,
+      status: "reachable",
+      reason: `Found ${evidence.length} import reference(s) in source files.`,
+      reachabilityBasis: "import-present",
+      evidence
+    };
+  }
+  return {
+    packageName,
+    status: "not-reachable",
+    reason: `No import or require of '${packageName}' found in ${files.length} source file(s).`
+  };
+}
+var checkReachabilityTool = tool2({
+  description: "Assess whether an npm package is statically reachable (imported) from the project's source files. Returns reachable, not-reachable, or unknown.",
+  parameters: z2.object({
+    cwd: z2.string().describe("Project root directory"),
+    packageName: z2.string().describe("The npm package name to search for")
+  }),
+  execute: async ({ cwd, packageName }) => {
+    return assessPackageReachability(cwd, packageName);
+  }
+});
+
+// src/remediation/tools/check-exploit-signal.ts
+import { tool as tool3 } from "ai";
+import { z as z3 } from "zod";
+var kevSchema = z3.object({
+  knownExploited: z3.boolean(),
+  dateAdded: z3.string().optional(),
+  dueDate: z3.string().optional(),
+  requiredAction: z3.string().optional(),
+  knownRansomwareCampaignUse: z3.string().optional()
+}).passthrough();
+var epssSchema = z3.object({
+  score: z3.number(),
+  percentile: z3.number(),
+  date: z3.string().optional()
+}).passthrough();
+var exploitSignalPolicySchema = z3.object({
+  kev: z3.object({ mandatory: z3.boolean() }).optional(),
+  epss: z3.object({ mandatory: z3.boolean(), threshold: z3.number() }).optional()
+}).optional();
+var checkExploitSignalTool = tool3({
+  description: "Evaluate KEV and EPSS exploit signals for a CVE against policy thresholds. Returns whether the exploit signal overrides severity filtering (mandatory gate).",
+  parameters: z3.object({
+    cveDetails: z3.object({
+      id: z3.string(),
+      kev: kevSchema.optional(),
+      epss: epssSchema.optional()
+    }).passthrough().describe("CveDetails object from lookup-cve"),
+    policy: z3.object({
+      exploitSignalOverride: exploitSignalPolicySchema
+    }).passthrough().describe("Policy object containing exploitSignalOverride configuration")
+  }),
+  execute: async ({ cveDetails, policy }) => {
+    const override = policy.exploitSignalOverride;
+    if (!override) {
+      return {
+        exploitSignalTriggered: false,
+        reason: "No exploitSignalOverride policy configured."
+      };
+    }
+    if (override.kev?.mandatory && cveDetails.kev?.knownExploited === true) {
+      return {
+        exploitSignalTriggered: true,
+        reason: `CVE ${cveDetails.id} is in the CISA Known Exploited Vulnerabilities (KEV) catalog and kev.mandatory is enabled.`
+      };
+    }
+    if (override.epss?.mandatory && typeof override.epss.threshold === "number" && typeof cveDetails.epss?.score === "number" && cveDetails.epss.score >= override.epss.threshold) {
+      return {
+        exploitSignalTriggered: true,
+        reason: `CVE ${cveDetails.id} EPSS score ${cveDetails.epss.score} meets or exceeds threshold ${override.epss.threshold} and epss.mandatory is enabled.`
+      };
+    }
+    return {
+      exploitSignalTriggered: false,
+      reason: "Exploit signal thresholds not met."
+    };
+  }
+});
+
+// src/remediation/local/secops-preflight.ts
+async function runSecOpsPreflight(normalizedId, cveDetails, opts) {
+  const allSuppressions = opts.suppressionsFile ? [...opts.suppressions, ...loadSuppressionsFile(opts.suppressionsFile)] : opts.suppressions;
+  const activeSuppression = allSuppressions.find(
+    (s) => s.cveId === normalizedId && isActiveSuppression(s)
+  );
+  if (activeSuppression) {
+    return {
+      suppressed: true,
+      summary: `CVE ${normalizedId} suppressed by VEX policy: ${activeSuppression.justification}${activeSuppression.notes ? ` \u2014 ${activeSuppression.notes}` : ""}`
+    };
+  }
+  let exploitSignalTriggered;
+  if (opts.exploitSignalOverride) {
+    const result = await checkExploitSignalTool.execute({
+      cveDetails,
+      policy: { exploitSignalOverride: opts.exploitSignalOverride }
+    });
+    if (result.exploitSignalTriggered) {
+      exploitSignalTriggered = true;
+    }
+  }
+  let slaBreaches;
+  if (opts.slaCheck && opts.slaPolicy && cveDetails.publishedAt) {
+    const breach = checkSlaBreach(normalizedId, cveDetails.severity, cveDetails.publishedAt, opts.slaPolicy);
+    if (breach) {
+      slaBreaches = [breach];
+    }
+  }
+  return { suppressed: false, exploitSignalTriggered, slaBreaches };
+}
+
+// src/remediation/local/sbom.ts
+function buildSbom(packages, vulnerableNames, results) {
+  const statusByPackage = /* @__PURE__ */ new Map();
+  for (const result of results) {
+    if (!vulnerableNames.has(result.packageName)) continue;
+    if (result.suppressedBy) {
+      statusByPackage.set(result.packageName, "suppressed");
+    } else if (!result.applied && result.strategy === "none") {
+      statusByPackage.set(result.packageName, "skipped");
+    } else if (result.applied) {
+      statusByPackage.set(result.packageName, "patched");
+    } else {
+      statusByPackage.set(result.packageName, "unpatched");
+    }
+  }
+  return packages.map((pkg) => {
+    const isVulnerable = vulnerableNames.has(pkg.name);
+    const entry = {
+      name: pkg.name,
+      version: pkg.version,
+      scope: pkg.type === "direct" ? "direct" : "indirect"
+    };
+    if (isVulnerable) {
+      entry.status = statusByPackage.get(pkg.name) ?? "unpatched";
+    }
+    return entry;
+  });
+}
+
 // src/intelligence/sources/registry.ts
-import { readFileSync as readFileSync5 } from "fs";
-import { join as join7 } from "path";
+import { readFileSync as readFileSync6 } from "fs";
+import { join as join8 } from "path";
 import { execa as execa4 } from "execa";
 import semver from "semver";
 var NPM_REGISTRY = "https://registry.npmjs.org";
@@ -1295,7 +1565,7 @@ async function queryOutdatedPackages(cwd, options = {}) {
   }
   let directDeps;
   try {
-    const pkgRaw = JSON.parse(readFileSync5(join7(cwd, "package.json"), "utf8"));
+    const pkgRaw = JSON.parse(readFileSync6(join8(cwd, "package.json"), "utf8"));
     directDeps = /* @__PURE__ */ new Set([
       ...Object.keys(pkgRaw.dependencies ?? {}),
       ...Object.keys(pkgRaw.devDependencies ?? {})
@@ -1324,24 +1594,24 @@ async function queryOutdatedPackages(cwd, options = {}) {
 }
 
 // src/remediation/tools/apply-version-bump.ts
-import { tool as tool2 } from "ai";
-import { z as z2 } from "zod";
-import { join as join9 } from "path";
-import { readFileSync as readFileSync6, writeFileSync as writeFileSync3 } from "fs";
+import { tool as tool4 } from "ai";
+import { z as z4 } from "zod";
+import { join as join10 } from "path";
+import { readFileSync as readFileSync7, writeFileSync as writeFileSync3 } from "fs";
 import { execa as execa5 } from "execa";
 import semver2 from "semver";
 
 // src/platform/repo-lock.ts
 import { mkdir, rm } from "fs/promises";
-import { join as join8 } from "path";
+import { join as join9 } from "path";
 async function sleep(ms) {
   await new Promise((resolve2) => setTimeout(resolve2, ms));
 }
 async function acquireRepoLock(cwd, options = {}) {
   const timeoutMs = options.timeoutMs ?? 15e3;
   const retryDelayMs = options.retryDelayMs ?? 125;
-  const lockRoot = join8(cwd, ".autoremediator", "locks");
-  const lockPath = join8(cwd, ".autoremediator", "locks", "remediation.lock");
+  const lockRoot = join9(cwd, ".autoremediator", "locks");
+  const lockPath = join9(cwd, ".autoremediator", "locks", "remediation.lock");
   const startedAt = Date.now();
   await mkdir(lockRoot, { recursive: true });
   while (true) {
@@ -1371,21 +1641,21 @@ async function withRepoLock(cwd, fn, options) {
 }
 
 // src/remediation/tools/apply-version-bump.ts
-var applyVersionBumpTool = tool2({
+var applyVersionBumpTool = tool4({
   description: "Update package.json to use the safe version of a vulnerable package and run the project's package manager install. In dry-run mode, only reports what would change.",
-  parameters: z2.object({
-    cwd: z2.string().describe("Absolute path to the consumer project root"),
-    packageManager: z2.enum(["npm", "pnpm", "yarn"]).optional().describe("Package manager used by the target project (auto-detected if omitted)"),
-    packageName: z2.string().describe("The npm package to upgrade"),
-    fromVersion: z2.string().describe("The currently installed vulnerable version"),
-    toVersion: z2.string().describe("The safe target version to upgrade to"),
-    dryRun: z2.boolean().default(false).describe("If true, report changes but do not write"),
-    policy: z2.string().optional().describe("Optional path to .autoremediator policy file"),
-    runTests: z2.boolean().default(false).describe("If true, run test validation after applying the fix"),
-    installMode: z2.enum(["standard", "prefer-offline", "deterministic"]).optional(),
-    installPreferOffline: z2.boolean().optional(),
-    enforceFrozenLockfile: z2.boolean().optional(),
-    workspace: z2.string().optional()
+  parameters: z4.object({
+    cwd: z4.string().describe("Absolute path to the consumer project root"),
+    packageManager: z4.enum(["npm", "pnpm", "yarn"]).optional().describe("Package manager used by the target project (auto-detected if omitted)"),
+    packageName: z4.string().describe("The npm package to upgrade"),
+    fromVersion: z4.string().describe("The currently installed vulnerable version"),
+    toVersion: z4.string().describe("The safe target version to upgrade to"),
+    dryRun: z4.boolean().default(false).describe("If true, report changes but do not write"),
+    policy: z4.string().optional().describe("Optional path to .autoremediator policy file"),
+    runTests: z4.boolean().default(false).describe("If true, run test validation after applying the fix"),
+    installMode: z4.enum(["standard", "prefer-offline", "deterministic"]).optional(),
+    installPreferOffline: z4.boolean().optional(),
+    enforceFrozenLockfile: z4.boolean().optional(),
+    workspace: z4.string().optional()
   }),
   execute: async ({
     cwd,
@@ -1402,7 +1672,7 @@ var applyVersionBumpTool = tool2({
     workspace
   }) => {
     const pm = packageManager ?? detectPackageManager(cwd);
-    const pkgPath = join9(cwd, "package.json");
+    const pkgPath = join10(cwd, "package.json");
     const loadedPolicy = loadPolicy(cwd, policy);
     const commandConstraints = {
       ...loadedPolicy.constraints,
@@ -1442,7 +1712,7 @@ var applyVersionBumpTool = tool2({
     }
     let pkgJson;
     try {
-      pkgJson = JSON.parse(readFileSync6(pkgPath, "utf8"));
+      pkgJson = JSON.parse(readFileSync7(pkgPath, "utf8"));
     } catch {
       return {
         packageName,
@@ -1565,10 +1835,10 @@ var applyVersionBumpTool = tool2({
 });
 
 // src/remediation/tools/apply-package-override/index.ts
-import { tool as tool3 } from "ai";
-import { z as z3 } from "zod";
-import { join as join10 } from "path";
-import { readFileSync as readFileSync7, writeFileSync as writeFileSync4 } from "fs";
+import { tool as tool5 } from "ai";
+import { z as z5 } from "zod";
+import { join as join11 } from "path";
+import { readFileSync as readFileSync8, writeFileSync as writeFileSync4 } from "fs";
 import { execa as execa7 } from "execa";
 import semver3 from "semver";
 
@@ -1648,22 +1918,22 @@ function restoreRecord(record, key, previousValue) {
 }
 
 // src/remediation/tools/apply-package-override/index.ts
-var applyPackageOverrideTool = tool3({
+var applyPackageOverrideTool = tool5({
   description: "Apply a package-manager-native package.json override for a vulnerable transitive dependency and reinstall. Uses npm overrides, pnpm.overrides, or yarn resolutions.",
-  parameters: z3.object({
-    cwd: z3.string().describe("Absolute path to the consumer project root"),
-    packageManager: z3.enum(["npm", "pnpm", "yarn"]).optional().describe("Package manager used by the target project (auto-detected if omitted)"),
-    packageName: z3.string().describe("The npm package to override"),
-    selector: z3.string().optional().describe("Optional manager-native override selector key (for nested or scoped overrides)"),
-    fromVersion: z3.string().describe("The currently installed vulnerable version"),
-    toVersion: z3.string().describe("The safe target version to override to"),
-    dryRun: z3.boolean().default(false).describe("If true, report changes but do not write"),
-    policy: z3.string().optional().describe("Optional path to .autoremediator policy file"),
-    runTests: z3.boolean().default(false).describe("If true, run test validation after applying the override"),
-    installMode: z3.enum(["standard", "prefer-offline", "deterministic"]).optional(),
-    installPreferOffline: z3.boolean().optional(),
-    enforceFrozenLockfile: z3.boolean().optional(),
-    workspace: z3.string().optional()
+  parameters: z5.object({
+    cwd: z5.string().describe("Absolute path to the consumer project root"),
+    packageManager: z5.enum(["npm", "pnpm", "yarn"]).optional().describe("Package manager used by the target project (auto-detected if omitted)"),
+    packageName: z5.string().describe("The npm package to override"),
+    selector: z5.string().optional().describe("Optional manager-native override selector key (for nested or scoped overrides)"),
+    fromVersion: z5.string().describe("The currently installed vulnerable version"),
+    toVersion: z5.string().describe("The safe target version to override to"),
+    dryRun: z5.boolean().default(false).describe("If true, report changes but do not write"),
+    policy: z5.string().optional().describe("Optional path to .autoremediator policy file"),
+    runTests: z5.boolean().default(false).describe("If true, run test validation after applying the override"),
+    installMode: z5.enum(["standard", "prefer-offline", "deterministic"]).optional(),
+    installPreferOffline: z5.boolean().optional(),
+    enforceFrozenLockfile: z5.boolean().optional(),
+    workspace: z5.string().optional()
   }),
   execute: async ({
     cwd,
@@ -1681,7 +1951,7 @@ var applyPackageOverrideTool = tool3({
     workspace
   }) => {
     const pm = packageManager ?? detectPackageManager(cwd);
-    const pkgPath = join10(cwd, "package.json");
+    const pkgPath = join11(cwd, "package.json");
     const loadedPolicy = loadPolicy(cwd, policy);
     const commandConstraints = {
       ...loadedPolicy.constraints,
@@ -1722,7 +1992,7 @@ var applyPackageOverrideTool = tool3({
     }
     let pkgJson;
     try {
-      pkgJson = JSON.parse(readFileSync7(pkgPath, "utf8"));
+      pkgJson = JSON.parse(readFileSync8(pkgPath, "utf8"));
     } catch {
       return {
         packageName,
@@ -1959,17 +2229,17 @@ async function resolvePrimaryResult(params) {
 }
 
 // src/remediation/tools/fetch-package-source.ts
-import { tool as tool4 } from "ai";
-import { z as z4 } from "zod";
+import { tool as tool6 } from "ai";
+import { z as z6 } from "zod";
 import { mkdir as mkdir2, readdir as readdir2, readFile as readFile3, rm as rm2 } from "fs/promises";
-import { join as join11 } from "path";
+import { join as join12 } from "path";
 import { execa as execa8 } from "execa";
-var fetchPackageSourceTool = tool4({
+var fetchPackageSourceTool = tool6({
   description: "Download package tarball from npm and extract source files for CVE analysis. Supports custom file patterns (default: *.js, *.ts).",
-  parameters: z4.object({
-    packageName: z4.string().min(1).describe("The npm package name (e.g., 'lodash', '@scope/package')"),
-    version: z4.string().regex(/^\d+\.\d+\.\d+/, "Must be a valid semver version").describe("Exact package version to download"),
-    filePatterns: z4.array(z4.string()).optional().default(["*.js", "*.ts"]).describe(
+  parameters: z6.object({
+    packageName: z6.string().min(1).describe("The npm package name (e.g., 'lodash', '@scope/package')"),
+    version: z6.string().regex(/^\d+\.\d+\.\d+/, "Must be a valid semver version").describe("Exact package version to download"),
+    filePatterns: z6.array(z6.string()).optional().default(["*.js", "*.ts"]).describe(
       "File patterns to extract (glob patterns, default: *.js, *.ts)"
     )
   }),
@@ -1979,23 +2249,23 @@ var fetchPackageSourceTool = tool4({
     filePatterns
   }) => {
     const tempBaseDir = `/tmp/autoremediator-pkg-${Date.now()}`;
-    const extractDir = join11(tempBaseDir, "out");
+    const extractDir = join12(tempBaseDir, "out");
     try {
       const npmUrl = `https://registry.npmjs.org/${packageName}/-/${packageName.split("/").pop()}-${version}.tgz`;
       await mkdir2(tempBaseDir, { recursive: true });
-      const tarballPath = join11(tempBaseDir, "package.tgz");
+      const tarballPath = join12(tempBaseDir, "package.tgz");
       await execa8("curl", ["-L", "-o", tarballPath, npmUrl]);
       await mkdir2(extractDir, { recursive: true });
       await execa8("tar", ["-xzf", tarballPath, "-C", extractDir]);
       const extractedContents = await readdir2(extractDir);
-      const packageRootDir = extractedContents.includes("package") ? join11(extractDir, "package") : extractDir;
+      const packageRootDir = extractedContents.includes("package") ? join12(extractDir, "package") : extractDir;
       const sourceCode = {};
       async function walkDir(dir, relativeBase) {
         try {
           const files = await readdir2(dir, { withFileTypes: true });
           for (const file of files) {
-            const fullPath = join11(dir, file.name);
-            const relPath = join11(relativeBase, file.name);
+            const fullPath = join12(dir, file.name);
+            const relPath = join12(relativeBase, file.name);
             if (file.isDirectory()) {
               if (![
                 "node_modules",
@@ -2058,8 +2328,8 @@ var fetchPackageSourceTool = tool4({
 });
 
 // src/remediation/tools/generate-patch/index.ts
-import { tool as tool5 } from "ai";
-import { z as z5 } from "zod";
+import { tool as tool7 } from "ai";
+import { z as z7 } from "zod";
 import { generateText } from "ai";
 
 // src/remediation/strategies/patch-synthesis-prompt.ts
@@ -2192,31 +2462,31 @@ function generateUnifiedDiff(original, fixed, filePath) {
 }
 
 // src/remediation/tools/generate-patch/index.ts
-var generatePatchTool = tool5({
+var generatePatchTool = tool7({
   description: "Generate a unified diff patch for a CVE using LLM analysis of vulnerable source code.",
-  parameters: z5.object({
-    packageName: z5.string().min(1).describe("The npm package name"),
-    vulnerableVersion: z5.string().describe("The vulnerable version string"),
-    cveId: z5.string().regex(/^CVE-\d{4}-\d+$/i).describe("CVE ID (e.g., CVE-2021-23337)"),
-    cveSummary: z5.string().min(10).describe("CVE description and impact"),
-    sourceFiles: z5.record(z5.string()).describe(
+  parameters: z7.object({
+    packageName: z7.string().min(1).describe("The npm package name"),
+    vulnerableVersion: z7.string().describe("The vulnerable version string"),
+    cveId: z7.string().regex(/^CVE-\d{4}-\d+$/i).describe("CVE ID (e.g., CVE-2021-23337)"),
+    cveSummary: z7.string().min(10).describe("CVE description and impact"),
+    sourceFiles: z7.record(z7.string()).describe(
       "Map of file paths to source code contents from fetch-package-source"
     ),
-    vulnerabilityCategory: z5.enum(["redos", "code-injection", "path-traversal", "unknown"]).optional().default("unknown").describe("Category of the vulnerability for better context"),
-    dryRun: z5.boolean().optional().default(false).describe("If true, return analysis without generating patches"),
-    llmProvider: z5.enum(["remote", "local"]).optional().describe("Optional provider override for patch generation"),
-    model: z5.string().optional().describe("Optional model override for patch generation"),
-    policy: z5.string().optional().describe("Optional policy file path for model default resolution"),
-    cwd: z5.string().optional().describe("Optional working directory for policy/model resolution"),
-    providerSafetyProfile: z5.enum(["strict", "relaxed"]).optional().describe("Confidence threshold profile for patch acceptance"),
-    patchConfidenceThresholds: z5.object({
-      low: z5.number().min(0).max(1).optional(),
-      medium: z5.number().min(0).max(1).optional(),
-      high: z5.number().min(0).max(1).optional()
+    vulnerabilityCategory: z7.enum(["redos", "code-injection", "path-traversal", "unknown"]).optional().default("unknown").describe("Category of the vulnerability for better context"),
+    dryRun: z7.boolean().optional().default(false).describe("If true, return analysis without generating patches"),
+    llmProvider: z7.enum(["remote", "local"]).optional().describe("Optional provider override for patch generation"),
+    model: z7.string().optional().describe("Optional model override for patch generation"),
+    policy: z7.string().optional().describe("Optional policy file path for model default resolution"),
+    cwd: z7.string().optional().describe("Optional working directory for policy/model resolution"),
+    providerSafetyProfile: z7.enum(["strict", "relaxed"]).optional().describe("Confidence threshold profile for patch acceptance"),
+    patchConfidenceThresholds: z7.object({
+      low: z7.number().min(0).max(1).optional(),
+      medium: z7.number().min(0).max(1).optional(),
+      high: z7.number().min(0).max(1).optional()
     }).optional().describe("Optional per-risk confidence thresholds for patch acceptance"),
-    dynamicModelRouting: z5.boolean().optional().describe("Enable dynamic model routing by input size"),
-    dynamicRoutingThresholdChars: z5.number().int().positive().optional().describe("Threshold for dynamic model routing"),
-    modelPersonality: z5.enum(["analytical", "pragmatic", "balanced"]).optional().describe("Prompt personality for patch-generation guidance")
+    dynamicModelRouting: z7.boolean().optional().describe("Enable dynamic model routing by input size"),
+    dynamicRoutingThresholdChars: z7.number().int().positive().optional().describe("Threshold for dynamic model routing"),
+    modelPersonality: z7.enum(["analytical", "pragmatic", "balanced"]).optional().describe("Prompt personality for patch-generation guidance")
   }),
   execute: async ({
     packageName,
@@ -2366,17 +2636,18 @@ var generatePatchTool = tool5({
 });
 
 // src/remediation/tools/apply-patch-file/index.ts
-import { tool as tool6 } from "ai";
-import { z as z6 } from "zod";
+import { tool as tool8 } from "ai";
+import { z as z8 } from "zod";
 import { mkdir as mkdir3, writeFile as writeFile2 } from "fs/promises";
-import { join as join13 } from "path";
+import { join as join14 } from "path";
 import { execa as execa10 } from "execa";
 
 // src/remediation/tools/apply-patch-file/helpers.ts
 import { existsSync as existsSync7 } from "fs";
 import { mkdtemp, readFile as readFile4, rm as rm3, writeFile } from "fs/promises";
+import { createHash } from "crypto";
 import { tmpdir } from "os";
-import { join as join12 } from "path";
+import { join as join13 } from "path";
 import { execa as execa9 } from "execa";
 async function resolvePatchMode(packageManager, cwd) {
   if (packageManager === "npm") return "patch-package";
@@ -2403,11 +2674,15 @@ function extractPatchedFiles(patchContent) {
 function countPatchHunks(patchContent) {
   return patchContent.split(/\r?\n/).filter((line) => line.startsWith("@@ ")).length;
 }
+function computePatchIntegrity(patchContent) {
+  const hex = createHash("sha256").update(patchContent, "utf8").digest("hex");
+  return `sha256:${hex}`;
+}
 async function writePatchManifest(manifestFilePath, artifact) {
   await writeFile(manifestFilePath, JSON.stringify(artifact, null, 2) + "\n", "utf8");
 }
 async function configurePatchPackagePostinstall(cwd, packageManager) {
-  const pkgJsonPath = join12(cwd, "package.json");
+  const pkgJsonPath = join13(cwd, "package.json");
   let pkgJson;
   try {
     pkgJson = JSON.parse(await readFile4(pkgJsonPath, "utf8"));
@@ -2447,7 +2722,7 @@ async function configurePatchPackagePostinstall(cwd, packageManager) {
   return { success: true };
 }
 async function capturePackageJsonSnapshot(cwd) {
-  const path = join12(cwd, "package.json");
+  const path = join13(cwd, "package.json");
   try {
     const content = await readFile4(path, "utf8");
     return { path, content };
@@ -2517,8 +2792,8 @@ ${createResult.stderr}`);
       error: `Could not determine native patch directory for ${packageSpec}.`
     };
   }
-  const tempPatchDir = await mkdtemp(join12(tmpdir(), "autoremediator-native-patch-"));
-  const tempPatchFile = join12(tempPatchDir, "change.patch");
+  const tempPatchDir = await mkdtemp(join13(tmpdir(), "autoremediator-native-patch-"));
+  const tempPatchFile = join13(tempPatchDir, "change.patch");
   try {
     await writeFile(tempPatchFile, patchContent, "utf8");
     await execa9("patch", ["-p1", "-i", tempPatchFile], {
@@ -2603,31 +2878,31 @@ function extractFailedTests(output) {
 }
 
 // src/remediation/tools/apply-patch-file/index.ts
-var applyPatchFileTool = tool6({
+var applyPatchFileTool = tool8({
   description: "Write generated patch file and apply it using package-manager-native patch flow when available, falling back to patch-package when needed.",
-  parameters: z6.object({
-    packageName: z6.string().min(1).describe("The npm package name"),
-    vulnerableVersion: z6.string().describe("The vulnerable version string"),
-    patchContent: z6.string().min(10).optional().describe("Unified diff patch content from generate-patch"),
-    cveId: z6.string().optional().describe("Optional CVE ID associated with this patch artifact"),
-    confidence: z6.number().min(0).max(1).optional().describe("Optional patch confidence score from generate-patch"),
-    riskLevel: z6.enum(["low", "medium", "high"]).optional().describe("Optional risk level from generate-patch"),
-    patches: z6.array(
-      z6.object({
-        filePath: z6.string().min(1),
-        unifiedDiff: z6.string().min(10)
+  parameters: z8.object({
+    packageName: z8.string().min(1).describe("The npm package name"),
+    vulnerableVersion: z8.string().describe("The vulnerable version string"),
+    patchContent: z8.string().min(10).optional().describe("Unified diff patch content from generate-patch"),
+    cveId: z8.string().optional().describe("Optional CVE ID associated with this patch artifact"),
+    confidence: z8.number().min(0).max(1).optional().describe("Optional patch confidence score from generate-patch"),
+    riskLevel: z8.enum(["low", "medium", "high"]).optional().describe("Optional risk level from generate-patch"),
+    patches: z8.array(
+      z8.object({
+        filePath: z8.string().min(1),
+        unifiedDiff: z8.string().min(10)
       })
     ).optional().describe("Patch list from generate-patch; first patch is applied"),
-    patchesDir: z6.string().optional().default("./patches").describe("Directory to store patch files"),
-    cwd: z6.string().describe("Project root directory (for package.json)"),
-    packageManager: z6.enum(["npm", "pnpm", "yarn"]).optional().describe("Package manager used by the target project (auto-detected if omitted)"),
-    policy: z6.string().optional().describe("Optional path to .autoremediator policy file"),
-    installMode: z6.enum(["standard", "prefer-offline", "deterministic"]).optional(),
-    installPreferOffline: z6.boolean().optional(),
-    enforceFrozenLockfile: z6.boolean().optional(),
-    workspace: z6.string().optional(),
-    validateWithTests: z6.boolean().optional().default(true).describe("Run package manager test command to validate patch doesn't break anything"),
-    dryRun: z6.boolean().optional().default(false).describe("If true, report but do not mutate files")
+    patchesDir: z8.string().optional().default("./patches").describe("Directory to store patch files"),
+    cwd: z8.string().describe("Project root directory (for package.json)"),
+    packageManager: z8.enum(["npm", "pnpm", "yarn"]).optional().describe("Package manager used by the target project (auto-detected if omitted)"),
+    policy: z8.string().optional().describe("Optional path to .autoremediator policy file"),
+    installMode: z8.enum(["standard", "prefer-offline", "deterministic"]).optional(),
+    installPreferOffline: z8.boolean().optional(),
+    enforceFrozenLockfile: z8.boolean().optional(),
+    workspace: z8.string().optional(),
+    validateWithTests: z8.boolean().optional().default(true).describe("Run package manager test command to validate patch doesn't break anything"),
+    dryRun: z8.boolean().optional().default(false).describe("If true, report but do not mutate files")
   }).refine((value) => Boolean(value.patchContent || value.patches && value.patches.length > 0), {
     message: "Either patchContent or patches must be provided"
   }),
@@ -2698,7 +2973,7 @@ var applyPatchFileTool = tool6({
         };
       }
       const patchFileName = buildPatchFileName(packageName, vulnerableVersion);
-      const patchFilePath = join13(cwd, patchesDir, patchFileName);
+      const patchFilePath = join14(cwd, patchesDir, patchFileName);
       const manifestFilePath = `${patchFilePath}.json`;
       const generatedAt = (/* @__PURE__ */ new Date()).toISOString();
       const baseArtifact = {
@@ -2717,6 +2992,7 @@ var applyPatchFileTool = tool6({
         hunkCount,
         applied: false,
         dryRun,
+        integrity: computePatchIntegrity(selectedPatch),
         validationPhases
       };
       if (dryRun) {
@@ -2736,7 +3012,7 @@ var applyPatchFileTool = tool6({
       }
       return withRepoLock(cwd, async () => {
         const packageJsonSnapshot = patchModeRequiresPackageJsonSnapshot(pm) ? await capturePackageJsonSnapshot(cwd) : void 0;
-        const patchesDirPath = join13(cwd, patchesDir);
+        const patchesDirPath = join14(cwd, patchesDir);
         await mkdir3(patchesDirPath, { recursive: true });
         await writeFile2(patchFilePath, selectedPatch, "utf8");
         validationPhases.push({
@@ -3171,7 +3447,14 @@ function resolveLocalRunOptions(options) {
       ...options.patchConfidenceThresholds
     },
     dynamicModelRouting: options.dynamicModelRouting ?? loadedPolicy.dynamicModelRouting ?? false,
-    dynamicRoutingThresholdChars: options.dynamicRoutingThresholdChars ?? loadedPolicy.dynamicRoutingThresholdChars
+    dynamicRoutingThresholdChars: options.dynamicRoutingThresholdChars ?? loadedPolicy.dynamicRoutingThresholdChars,
+    exploitSignalOverride: options.exploitSignalOverride ?? loadedPolicy.exploitSignalOverride,
+    suppressions: loadedPolicy.suppressions ?? [],
+    suppressionsFile: options.suppressionsFile,
+    slaCheck: options.slaCheck ?? false,
+    slaPolicy: loadedPolicy.sla,
+    skipUnreachable: options.skipUnreachable ?? loadedPolicy.skipUnreachable ?? false,
+    regressionCheck: options.regressionCheck ?? false
   };
 }
 
@@ -3228,7 +3511,14 @@ async function runLocalRemediationPipeline(cveId, options = {}) {
     consensusModel,
     patchConfidenceThresholds,
     dynamicModelRouting,
-    dynamicRoutingThresholdChars
+    dynamicRoutingThresholdChars,
+    exploitSignalOverride,
+    suppressions,
+    suppressionsFile,
+    slaCheck,
+    slaPolicy,
+    skipUnreachable,
+    regressionCheck
   } = resolved;
   const collectedResults = [];
   const llmUsage = [];
@@ -3267,6 +3557,29 @@ async function runLocalRemediationPipeline(cveId, options = {}) {
     cveDetails = mergeGhDataIntoCveDetails(cveDetails, ghPackages);
   }
   cveDetails = await enrichWithNvd(cveDetails);
+  const preflight = await runSecOpsPreflight(normalizedId, cveDetails, {
+    suppressions,
+    suppressionsFile,
+    exploitSignalOverride,
+    slaCheck,
+    slaPolicy
+  });
+  if (preflight.suppressed) {
+    return {
+      cveId,
+      cveDetails,
+      vulnerablePackages: [],
+      results: [],
+      agentSteps,
+      summary: preflight.summary,
+      correlation: {
+        requestId: options.requestId,
+        sessionId: options.sessionId,
+        parentRunId: options.parentRunId
+      }
+    };
+  }
+  const { exploitSignalTriggered, slaBreaches } = preflight;
   if (cveDetails.affectedPackages.length === 0) {
     return {
       cveId,
@@ -3275,6 +3588,8 @@ async function runLocalRemediationPipeline(cveId, options = {}) {
       results: collectedResults,
       agentSteps,
       summary: `Local mode lookup succeeded but no npm affected packages were found for ${normalizedId}.`,
+      exploitSignalTriggered,
+      slaBreaches,
       correlation: {
         requestId: options.requestId,
         sessionId: options.sessionId,
@@ -3297,6 +3612,8 @@ async function runLocalRemediationPipeline(cveId, options = {}) {
       results: collectedResults,
       agentSteps,
       summary: `Local mode failed at check-inventory: ${inventory.error}`,
+      exploitSignalTriggered,
+      slaBreaches,
       correlation: {
         requestId: options.requestId,
         sessionId: options.sessionId,
@@ -3308,6 +3625,21 @@ async function runLocalRemediationPipeline(cveId, options = {}) {
   vulnerablePackages = findVulnerablePackages(cveDetails, installedPackages);
   agentSteps += 1;
   for (const vulnerable of vulnerablePackages) {
+    if (skipUnreachable) {
+      const reach = assessPackageReachability(cwd, vulnerable.installed.name);
+      if (reach.status === "not-reachable") {
+        collectedResults.push({
+          packageName: vulnerable.installed.name,
+          fromVersion: vulnerable.installed.version,
+          strategy: "none",
+          applied: false,
+          dryRun,
+          message: `Skipped: '${vulnerable.installed.name}' is not reachable from source code.`,
+          reachability: reach
+        });
+        continue;
+      }
+    }
     const primary = await resolvePrimaryResult({
       vulnerable,
       cwd,
@@ -3353,11 +3685,22 @@ async function runLocalRemediationPipeline(cveId, options = {}) {
       }
       continue;
     }
-    collectedResults.push({
+    const primaryResult = {
       ...primary.result,
       dependencyScope: vulnerable.installed.type === "direct" ? "direct" : "transitive"
-    });
+    };
+    if (regressionCheck && primaryResult.applied && !dryRun && primaryResult.toVersion) {
+      try {
+        if (semver5.satisfies(primaryResult.toVersion, vulnerable.affected.vulnerableRange, { includePrerelease: false })) {
+          primaryResult.regressionDetected = true;
+        }
+      } catch {
+      }
+    }
+    collectedResults.push(primaryResult);
   }
+  const vulnerableNames = new Set(vulnerablePackages.map((v) => v.installed.name));
+  const sbom = buildSbom(installedPackages, vulnerableNames, collectedResults);
   return {
     cveId,
     cveDetails,
@@ -3366,6 +3709,9 @@ async function runLocalRemediationPipeline(cveId, options = {}) {
     agentSteps,
     summary: buildLocalSummary(vulnerablePackages, collectedResults),
     llmUsage: llmUsage.length > 0 ? llmUsage : void 0,
+    exploitSignalTriggered,
+    slaBreaches,
+    sbom,
     correlation: {
       requestId: options.requestId,
       sessionId: options.sessionId,
@@ -3440,8 +3786,8 @@ function accumulateStepResults(params) {
 }
 
 // src/remediation/orchestration-prompt.ts
-import { existsSync as existsSync8, readFileSync as readFileSync8 } from "fs";
-import { join as join14 } from "path";
+import { existsSync as existsSync8, readFileSync as readFileSync9 } from "fs";
+import { join as join15 } from "path";
 function buildProviderAddendum(provider, personality = "balanced") {
   const personalityDirective = personality === "analytical" ? "Use concise, explicit rationale for tool decisions and unresolved outcomes." : personality === "pragmatic" ? "Prefer the smallest safe remediation path while preserving policy and validation gates." : "Balance concise execution with brief rationale for risky or unresolved outcomes.";
   const providerDirective = provider === "remote" ? "Use strict structured output and deterministic reporting fields." : "Use deterministic-first behavior and only rely on remote model fallback when required by patch generation.";
@@ -3452,7 +3798,7 @@ Provider profile:
 - ${personalityDirective}`;
 }
 function loadOrchestrationPrompt(ctx) {
-  const promptPath = join14(process.cwd(), ".github", "instructions", "orchestration.instructions.md");
+  const promptPath = join15(process.cwd(), ".github", "instructions", "orchestration.instructions.md");
   if (!existsSync8(promptPath)) {
     return `You are autoremediator, an agentic security remediation system for Node.js package dependencies.
 Working directory: ${ctx.cwd}
@@ -3479,7 +3825,7 @@ Fallback sequence (when neither version bump nor override can be applied):
 
 Always respect dryRun and policy constraints.`;
   }
-  const template = readFileSync8(promptPath, "utf8");
+  const template = readFileSync9(promptPath, "utf8");
   return template.replaceAll("{{cveId}}", ctx.cveId).replaceAll("{{cwd}}", ctx.cwd).replaceAll("{{packageManager}}", ctx.packageManager).replaceAll("{{dryRun}}", String(ctx.dryRun)).replaceAll("{{runTests}}", String(ctx.runTests)).replaceAll("{{policy}}", ctx.policy || "undefined").replaceAll("{{patchesDir}}", ctx.patchesDir).replaceAll("{{directDependenciesOnly}}", String(ctx.constraints.directDependenciesOnly ?? false)).replaceAll("{{preferVersionBump}}", String(ctx.constraints.preferVersionBump ?? false)) + buildProviderAddendum(ctx.llmProvider, ctx.modelPersonality);
 }
 
@@ -3498,8 +3844,8 @@ function createProgressEmitter(options) {
 }
 
 // src/remediation/tools/lookup-cve.ts
-import { tool as tool7 } from "ai";
-import { z as z7 } from "zod";
+import { tool as tool9 } from "ai";
+import { z as z9 } from "zod";
 
 // src/intelligence/sources/cisa-kev.ts
 var CISA_KEV_URL = "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json";
@@ -3777,10 +4123,10 @@ async function enrichWithExternalFeeds(details) {
 }
 
 // src/remediation/tools/lookup-cve.ts
-var lookupCveTool = tool7({
+var lookupCveTool = tool9({
   description: "Look up a CVE ID and return the list of affected npm packages, their vulnerable version ranges, and the first patched version. Always call this first.",
-  parameters: z7.object({
-    cveId: z7.string().regex(/^CVE-\d{4}-\d+$/i, "Must be a valid CVE ID like CVE-2021-23337")
+  parameters: z9.object({
+    cveId: z9.string().regex(/^CVE-\d{4}-\d+$/i, "Must be a valid CVE ID like CVE-2021-23337")
   }),
   execute: async ({ cveId }) => {
     const normalizedId = cveId.toUpperCase();
@@ -3846,26 +4192,26 @@ var lookupCveTool = tool7({
 });
 
 // src/remediation/tools/check-version-match.ts
-import { tool as tool8 } from "ai";
-import { z as z8 } from "zod";
-import semver5 from "semver";
-var affectedPackageSchema = z8.object({
-  name: z8.string(),
-  ecosystem: z8.literal("npm"),
-  vulnerableRange: z8.string(),
-  firstPatchedVersion: z8.string().optional(),
-  source: z8.enum(["osv", "github-advisory"])
+import { tool as tool10 } from "ai";
+import { z as z10 } from "zod";
+import semver6 from "semver";
+var affectedPackageSchema = z10.object({
+  name: z10.string(),
+  ecosystem: z10.literal("npm"),
+  vulnerableRange: z10.string(),
+  firstPatchedVersion: z10.string().optional(),
+  source: z10.enum(["osv", "github-advisory"])
 });
-var inventoryPackageSchema = z8.object({
-  name: z8.string(),
-  version: z8.string(),
-  type: z8.enum(["direct", "indirect"])
+var inventoryPackageSchema = z10.object({
+  name: z10.string(),
+  version: z10.string(),
+  type: z10.enum(["direct", "indirect"])
 });
-var checkVersionMatchTool = tool8({
+var checkVersionMatchTool = tool10({
   description: "Check which of the project's installed packages fall within the CVE's vulnerable version ranges. Returns only the packages that are actually vulnerable.",
-  parameters: z8.object({
-    installedPackages: z8.array(inventoryPackageSchema).describe("Output from the check-inventory tool"),
-    affectedPackages: z8.array(affectedPackageSchema).describe("affectedPackages array from the lookup-cve tool result")
+  parameters: z10.object({
+    installedPackages: z10.array(inventoryPackageSchema).describe("Output from the check-inventory tool"),
+    affectedPackages: z10.array(affectedPackageSchema).describe("affectedPackages array from the lookup-cve tool result")
   }),
   execute: async ({ installedPackages, affectedPackages }) => {
     const vulnerable = [];
@@ -3874,10 +4220,10 @@ var checkVersionMatchTool = tool8({
         (p) => p.name === affected.name
       );
       for (const installed of matches) {
-        if (!semver5.valid(installed.version)) continue;
+        if (!semver6.valid(installed.version)) continue;
         let isVulnerable = false;
         try {
-          isVulnerable = semver5.satisfies(installed.version, affected.vulnerableRange, {
+          isVulnerable = semver6.satisfies(installed.version, affected.vulnerableRange, {
             includePrerelease: false
           });
         } catch {
@@ -3896,17 +4242,17 @@ var checkVersionMatchTool = tool8({
 });
 
 // src/remediation/tools/find-fixed-version.ts
-import { tool as tool9 } from "ai";
-import { z as z9 } from "zod";
-var findFixedVersionTool = tool9({
+import { tool as tool11 } from "ai";
+import { z as z11 } from "zod";
+var findFixedVersionTool = tool11({
   description: "Query the npm registry to find the safest published upgrade version for a package that is >= the first patched version. Prefer patch upgrades first, then minor, and only fall back to major when no same-major fix exists.",
-  parameters: z9.object({
-    packageName: z9.string().describe("The npm package name"),
-    installedVersion: z9.string().describe("The currently installed version (exact semver)"),
-    firstPatchedVersion: z9.string().describe(
+  parameters: z11.object({
+    packageName: z11.string().describe("The npm package name"),
+    installedVersion: z11.string().describe("The currently installed version (exact semver)"),
+    firstPatchedVersion: z11.string().describe(
       "The first version that is NOT vulnerable (from lookup-cve). Use this as the floor."
     ),
-    vulnerableRange: z9.string().optional().describe("Optional vulnerable semver range used to exclude still-vulnerable versions")
+    vulnerableRange: z11.string().optional().describe("Optional vulnerable semver range used to exclude still-vulnerable versions")
   }),
   execute: async ({
     packageName,
@@ -3943,6 +4289,36 @@ var findFixedVersionTool = tool9({
   }
 });
 
+// src/remediation/tools/check-suppression.ts
+import { tool as tool12 } from "ai";
+import { z as z12 } from "zod";
+var suppressionSchema = z12.object({
+  cveId: z12.string(),
+  justification: z12.enum(["not_affected", "fixed", "mitigated", "under_investigation"]),
+  notes: z12.string().optional(),
+  expiresAt: z12.string().optional()
+});
+var checkSuppressionTool = tool12({
+  description: "Check whether a CVE is suppressed by an active VEX suppression entry in the policy. Returns suppressed=true and the justification if an active match is found. Call this after check-version-match.",
+  parameters: z12.object({
+    cveId: z12.string().describe("The CVE ID to look up in suppressions"),
+    suppressions: z12.array(suppressionSchema).describe("The suppressions array from the loaded policy")
+  }),
+  execute: async ({ cveId, suppressions }) => {
+    const match = suppressions.find(
+      (s) => s.cveId === cveId && isActiveSuppression(s)
+    );
+    if (!match) {
+      return { suppressed: false };
+    }
+    return {
+      suppressed: true,
+      justification: match.justification,
+      notes: match.notes
+    };
+  }
+});
+
 // src/remediation/runtime-tools.ts
 function buildRuntimeTools(ctx) {
   const tools = {
@@ -3950,7 +4326,10 @@ function buildRuntimeTools(ctx) {
     "check-inventory": ctx.checkInventoryToolForRun,
     "check-version-match": checkVersionMatchTool,
     "find-fixed-version": findFixedVersionTool,
-    "apply-version-bump": ctx.applyVersionBumpToolForRun
+    "apply-version-bump": ctx.applyVersionBumpToolForRun,
+    "check-suppression": checkSuppressionTool,
+    "check-exploit-signal": checkExploitSignalTool,
+    "check-reachability": checkReachabilityTool
   };
   if (!ctx.constraints.directDependenciesOnly && !ctx.constraints.preferVersionBump) {
     tools["apply-package-override"] = ctx.applyPackageOverrideToolForRun;
@@ -4172,7 +4551,7 @@ function resolveConstraints(options, cwd) {
 
 // src/platform/evidence.ts
 import { mkdirSync as mkdirSync3, writeFileSync as writeFileSync5 } from "fs";
-import { join as join15 } from "path";
+import { join as join16 } from "path";
 function createEvidenceLog(cwd, cveIds, context = {}) {
   return {
     runId: `${Date.now()}-${Math.random().toString(36).slice(2, 8)}`,
@@ -4203,9 +4582,9 @@ function finalizeEvidence(log) {
   return log;
 }
 function writeEvidenceLog(cwd, log) {
-  const dir = join15(cwd, ".autoremediator", "evidence");
+  const dir = join16(cwd, ".autoremediator", "evidence");
   mkdirSync3(dir, { recursive: true });
-  const filePath = join15(dir, `${log.runId}.json`);
+  const filePath = join16(dir, `${log.runId}.json`);
   writeFileSync5(filePath, JSON.stringify(log, null, 2) + "\n", "utf8");
   return filePath;
 }
@@ -4261,7 +4640,9 @@ function addRemediateResultSteps(evidence, cveId, report) {
         dryRun: result.dryRun,
         unresolvedReason: result.unresolvedReason,
         reachability: result.reachability?.status,
-        hasAlternatives: Boolean(result.alternativeSuggestions?.length)
+        hasAlternatives: Boolean(result.alternativeSuggestions?.length),
+        suppressedBy: result.suppressedBy?.justification,
+        regressionDetected: result.regressionDetected
       }
     );
   }
@@ -4272,7 +4653,11 @@ function addRemediateResultSteps(evidence, cveId, report) {
     {
       resultCount: report.results.length,
       vulnerableCount: report.vulnerablePackages.length,
-      llmUsage: report.llmUsage
+      llmUsage: report.llmUsage,
+      exploitSignalTriggered: report.exploitSignalTriggered ?? false,
+      slaBreachCount: report.slaBreaches?.length ?? 0,
+      regressionDetectedCount: report.results.filter((r) => r.regressionDetected).length,
+      sbomEntryCount: report.sbom?.length ?? 0
     }
   );
   finalizeEvidence(evidence);
@@ -4381,12 +4766,12 @@ async function planRemediation(cveId, options = {}) {
 }
 
 // src/scanner/parse-input.ts
-import { extname } from "path";
-import { readFileSync as readFileSync12 } from "fs";
+import { extname as extname2 } from "path";
+import { readFileSync as readFileSync13 } from "fs";
 import { execa as execa11 } from "execa";
 
 // src/scanner/adapters/npm-audit.ts
-import { readFileSync as readFileSync9 } from "fs";
+import { readFileSync as readFileSync10 } from "fs";
 var CVE_REGEX = /CVE-\d{4}-\d+/gi;
 function normalizeSeverity(raw) {
   if (!raw) return "UNKNOWN";
@@ -4420,12 +4805,12 @@ function parseNpmAuditJsonFromString(content) {
   return findings;
 }
 function parseNpmAuditJsonFile(filePath) {
-  const content = readFileSync9(filePath, "utf8");
+  const content = readFileSync10(filePath, "utf8");
   return parseNpmAuditJsonFromString(content);
 }
 
 // src/scanner/adapters/yarn-audit.ts
-import { readFileSync as readFileSync10 } from "fs";
+import { readFileSync as readFileSync11 } from "fs";
 var CVE_REGEX2 = /CVE-\d{4}-\d+/gi;
 function normalizeSeverity2(raw) {
   if (!raw) return "UNKNOWN";
@@ -4468,12 +4853,12 @@ function parseYarnAuditJsonFromString(content) {
   return findings;
 }
 function parseYarnAuditJsonFile(filePath) {
-  const content = readFileSync10(filePath, "utf8");
+  const content = readFileSync11(filePath, "utf8");
   return parseYarnAuditJsonFromString(content);
 }
 
 // src/scanner/adapters/sarif.ts
-import { readFileSync as readFileSync11 } from "fs";
+import { readFileSync as readFileSync12 } from "fs";
 var CVE_REGEX3 = /CVE-\d{4}-\d+/gi;
 function extractPackageName(result) {
   const pkg = result.properties?.["packageName"];
@@ -4505,7 +4890,7 @@ function parseSarifFromString(content) {
   return findings;
 }
 function parseSarifFile(filePath) {
-  const content = readFileSync11(filePath, "utf8");
+  const content = readFileSync12(filePath, "utf8");
   return parseSarifFromString(content);
 }
 
@@ -4568,10 +4953,10 @@ function ensureAuditFormatCompatibility(pm, resolved) {
   }
 }
 function inferFormat(filePath) {
-  const ext = extname(filePath).toLowerCase();
+  const ext = extname2(filePath).toLowerCase();
   if (ext === ".sarif") return "sarif";
   try {
-    const content = readFileSync12(filePath, "utf8");
+    const content = readFileSync13(filePath, "utf8");
     const firstLine = content.split("\n").find((line) => line.trim().startsWith("{"));
     if (firstLine) {
       const parsed = JSON.parse(firstLine);
@@ -4866,14 +5251,14 @@ async function remediateFromScan(inputPath, options = {}) {
 }
 
 // src/api/update-outdated/index.ts
-import { join as join16 } from "path";
-import { readFileSync as readFileSync13, writeFileSync as writeFileSync6 } from "fs";
+import { join as join17 } from "path";
+import { readFileSync as readFileSync14, writeFileSync as writeFileSync6 } from "fs";
 import { execa as execa12 } from "execa";
 async function applyBump(params) {
-  const pkgPath = join16(params.cwd, "package.json");
+  const pkgPath = join17(params.cwd, "package.json");
   let pkgJson;
   try {
-    pkgJson = JSON.parse(readFileSync13(pkgPath, "utf8"));
+    pkgJson = JSON.parse(readFileSync14(pkgPath, "utf8"));
   } catch {
     return {
       applied: false,
@@ -5151,9 +5536,9 @@ function toSarifOutput(report) {
 }
 
 // src/version.ts
-import { readFileSync as readFileSync14 } from "fs";
+import { readFileSync as readFileSync15 } from "fs";
 function readPackageVersion() {
-  const raw = readFileSync14(new URL("../package.json", import.meta.url), "utf8");
+  const raw = readFileSync15(new URL("../package.json", import.meta.url), "utf8");
   const metadata = JSON.parse(raw);
   if (!metadata.version) {
     throw new Error("packages/core/package.json is missing a version field.");
@@ -5180,4 +5565,4 @@ export {
   updateOutdated,
   PACKAGE_VERSION
 };
-//# sourceMappingURL=chunk-F7W4EYJL.js.map
+//# sourceMappingURL=chunk-GYCZ6L3O.js.map