autoremediator 0.10.0 → 0.12.0

package/dist/{chunk-F7W4EYJL.js → chunk-575GEUAY.js}

@@ -40,8 +40,21 @@ var OPTION_DESCRIPTIONS = {
   installPreferOffline: "Override prefer-offline flag behavior for install commands",
   enforceFrozenLockfile: "Override frozen lockfile behavior for install commands",
   workspace: "Workspace/package selector for scoped remediation in monorepos",
-  includeTransitive: "Include indirect/transitive dependencies in the outdated check. Default: false.",
-  updateOutdated: "Run in update-outdated mode: bump all outdated npm packages without requiring a CVE."
+  createChangeRequest: "Enable creation of native pull request / merge request after remediation",
+  changeRequestProvider: "Change request provider (github|gitlab)",
+  changeRequestGrouping: "Grouping strategy for change requests (all|per-cve|per-package)",
+  changeRequestRepository: "Repository slug override for change request creation",
+  changeRequestBaseBranch: "Base branch used for change request targeting",
+  changeRequestBranchPrefix: "Branch prefix for generated change request branches",
+  changeRequestTitlePrefix: "Title prefix for generated change requests",
+  includeTransitive: "Include transitive dependencies in the outdated check. Default: false.",
+  updateOutdated: "Run in update-outdated mode: bump all outdated npm packages without requiring a CVE.",
+  kevMandatory: "If true, CVEs with active CISA KEV status bypass severity filtering and are treated as mandatory",
+  epssThreshold: "EPSS probability threshold (0..1) above which a CVE is treated as mandatory regardless of severity",
+  suppressionsFile: "Path to a YAML file containing additional VEX suppression entries to merge with policy-inline suppressions",
+  slaCheck: "Compare CVE publication dates against configured SLA windows and include breach records in the report output",
+  skipUnreachable: "Skip remediation for CVEs where the vulnerable package cannot be reached from any project entry point (requires static import analysis)",
+  regressionCheck: "After applying a fix, verify the patched version falls outside the CVE's vulnerable range and flag any regression in the report"
 };
 function createConstraintSchemaProperties() {
   return {
@@ -97,14 +110,41 @@ function createRemediateOptionSchemaProperties(options) {
     constraints: {
       type: "object",
       properties: createConstraintSchemaProperties()
-    }
+    },
+    changeRequest: {
+      type: "object",
+      properties: {
+        enabled: { type: "boolean", description: OPTION_DESCRIPTIONS.createChangeRequest },
+        provider: {
+          type: "string",
+          enum: ["github", "gitlab"],
+          description: OPTION_DESCRIPTIONS.changeRequestProvider
+        },
+        grouping: {
+          type: "string",
+          enum: ["all", "per-cve", "per-package"],
+          description: OPTION_DESCRIPTIONS.changeRequestGrouping
+        },
+        repository: { type: "string", description: OPTION_DESCRIPTIONS.changeRequestRepository },
+        baseBranch: { type: "string", description: OPTION_DESCRIPTIONS.changeRequestBaseBranch },
+        branchPrefix: { type: "string", description: OPTION_DESCRIPTIONS.changeRequestBranchPrefix },
+        titlePrefix: { type: "string", description: OPTION_DESCRIPTIONS.changeRequestTitlePrefix }
+      }
+    },
+    kevMandatory: { type: "boolean", description: OPTION_DESCRIPTIONS.kevMandatory },
+    epssThreshold: { type: "number", minimum: 0, maximum: 1, description: OPTION_DESCRIPTIONS.epssThreshold },
+    suppressionsFile: { type: "string", description: OPTION_DESCRIPTIONS.suppressionsFile },
+    slaCheck: { type: "boolean", description: OPTION_DESCRIPTIONS.slaCheck },
+    skipUnreachable: { type: "boolean", description: OPTION_DESCRIPTIONS.skipUnreachable },
+    regressionCheck: { type: "boolean", description: OPTION_DESCRIPTIONS.regressionCheck }
   };
 }
 function createScanOptionSchemaProperties() {
   return {
     ...createRemediateOptionSchemaProperties({ includeEvidence: true }),
     format: { type: "string", enum: ["npm-audit", "yarn-audit", "sarif", "auto"], description: OPTION_DESCRIPTIONS.format },
-    audit: { type: "boolean", description: OPTION_DESCRIPTIONS.audit }
+    audit: { type: "boolean", description: OPTION_DESCRIPTIONS.audit },
+    slaCheck: { type: "boolean", description: OPTION_DESCRIPTIONS.slaCheck }
   };
 }
 function createScanReportSchemaProperties() {
@@ -139,7 +179,8 @@ function createScanReportSchemaProperties() {
     idempotencyKey: { type: "string" },
     llmUsageCount: { type: "number" },
     estimatedCostUsd: { type: "number" },
-    totalLlmLatencyMs: { type: "number" }
+    totalLlmLatencyMs: { type: "number" },
+    changeRequests: { type: "array", items: { type: "object" } }
   };
 }
 function createUpdateOutdatedOptionSchemaProperties() {
@@ -464,8 +505,13 @@ async function inspectPatchArtifact(patchFilePath, options = {}) {
   };
 }
 
-// src/remediation/tools/check-inventory.ts
+// src/remediation/tools/tool-compat.ts
 import { tool } from "ai";
+function defineTool(config) {
+  return tool(config);
+}
+
+// src/remediation/tools/check-inventory.ts
 import { z } from "zod";
 import { readFileSync as readFileSync3 } from "fs";
 import { join as join5 } from "path";
@@ -494,7 +540,11 @@ var DEFAULT_POLICY = {
   consensusModel: void 0,
   patchConfidenceThresholds: {},
   dynamicModelRouting: false,
-  dynamicRoutingThresholdChars: 18e3
+  dynamicRoutingThresholdChars: 18e3,
+  exploitSignalOverride: void 0,
+  suppressions: [],
+  sla: void 0,
+  skipUnreachable: false
 };
 function loadPolicy(cwd, explicitPath) {
   const candidate = explicitPath ?? join4(cwd, ".github", "autoremediator.yml");
@@ -527,7 +577,19 @@ function loadPolicy(cwd, explicitPath) {
         high: parsed.patchConfidenceThresholds?.high ?? DEFAULT_POLICY.patchConfidenceThresholds?.high
       },
       dynamicModelRouting: parsed.dynamicModelRouting ?? DEFAULT_POLICY.dynamicModelRouting,
-      dynamicRoutingThresholdChars: parsed.dynamicRoutingThresholdChars ?? DEFAULT_POLICY.dynamicRoutingThresholdChars
+      dynamicRoutingThresholdChars: parsed.dynamicRoutingThresholdChars ?? DEFAULT_POLICY.dynamicRoutingThresholdChars,
+      exploitSignalOverride: parsed.exploitSignalOverride ? {
+        kev: parsed.exploitSignalOverride.kev ?? void 0,
+        epss: parsed.exploitSignalOverride.epss ?? void 0
+      } : void 0,
+      suppressions: Array.isArray(parsed.suppressions) ? parsed.suppressions : DEFAULT_POLICY.suppressions,
+      sla: parsed.sla ? {
+        critical: parsed.sla.critical,
+        high: parsed.sla.high,
+        medium: parsed.sla.medium,
+        low: parsed.sla.low
+      } : void 0,
+      skipUnreachable: parsed.skipUnreachable ?? DEFAULT_POLICY.skipUnreachable
     };
   } catch {
     return DEFAULT_POLICY;
@@ -540,9 +602,40 @@ function isPackageAllowed(policy, packageName) {
   }
   return true;
 }
+function isActiveSuppression(suppression) {
+  if (!suppression.expiresAt) return true;
+  return new Date(suppression.expiresAt) > /* @__PURE__ */ new Date();
+}
+function loadSuppressionsFile(filePath) {
+  try {
+    const content = readFileSync2(filePath, "utf8");
+    const parsed = yamlParse(content);
+    return Array.isArray(parsed?.suppressions) ? parsed.suppressions : [];
+  } catch {
+    return [];
+  }
+}
+function checkSlaBreach(cveId, severity, publishedAt, slaPolicy) {
+  const severityKey = severity.toLowerCase();
+  const deadlineHours = slaPolicy[severityKey];
+  if (typeof deadlineHours !== "number") return null;
+  const publishedMs = new Date(publishedAt).getTime();
+  if (isNaN(publishedMs)) return null;
+  const deadlineMs = publishedMs + deadlineHours * 60 * 60 * 1e3;
+  const nowMs = Date.now();
+  if (nowMs <= deadlineMs) return null;
+  const hoursOverdue = Math.round((nowMs - deadlineMs) / (60 * 60 * 1e3));
+  return {
+    cveId,
+    severity,
+    publishedAt,
+    deadlineAt: new Date(deadlineMs).toISOString(),
+    hoursOverdue
+  };
+}
 
 // src/remediation/tools/check-inventory.ts
-var checkInventoryTool = tool({
+var checkInventoryTool = defineTool({
   description: "Read the project's package.json and installed dependencies to list packages and exact versions. Must be called before checking version matches.",
   parameters: z.object({
     cwd: z.string().describe("Absolute path to the consumer project's root directory"),
@@ -583,7 +676,7 @@ var checkInventoryTool = tool({
       packages.push({
         name,
         version,
-        type: isDirect ? "direct" : "indirect"
+        type: isDirect ? "direct" : "transitive"
       });
     }
     if (packages.length === 0) {
@@ -864,6 +957,9 @@ function storeIdempotentReport(cwd, idempotencyKey, cveId, report) {
 // src/remediation/pipeline.ts
 import { generateText as generateText2 } from "ai";
 
+// src/remediation/local/run.ts
+import semver5 from "semver";
+
 // src/platform/http-client.ts
 var DEFAULT_TIMEOUT_MS = 1e4;
 async function requestWithTimeout(url, init, timeoutMs) {
@@ -1124,9 +1220,214 @@ async function enrichWithNvd(details) {
   return details;
 }
 
+// src/remediation/tools/check-reachability.ts
+import { z as z2 } from "zod";
+import { readdirSync, readFileSync as readFileSync5, statSync } from "fs";
+import { join as join7, extname } from "path";
+var SOURCE_EXTENSIONS = /* @__PURE__ */ new Set([".ts", ".tsx", ".js", ".jsx", ".mjs", ".cjs"]);
+var SKIP_DIRS = /* @__PURE__ */ new Set(["node_modules", "dist", "build", "out", ".git", "coverage", ".cache"]);
+var MAX_FILES = 500;
+function collectSourceFiles(dir, files = []) {
+  if (files.length >= MAX_FILES) return files;
+  let entries;
+  try {
+    entries = readdirSync(dir);
+  } catch {
+    return files;
+  }
+  for (const entry of entries) {
+    if (files.length >= MAX_FILES) break;
+    const full = join7(dir, entry);
+    let stat2;
+    try {
+      stat2 = statSync(full);
+    } catch {
+      continue;
+    }
+    if (stat2.isDirectory()) {
+      if (!SKIP_DIRS.has(entry)) collectSourceFiles(full, files);
+    } else if (SOURCE_EXTENSIONS.has(extname(entry))) {
+      files.push(full);
+    }
+  }
+  return files;
+}
+function assessPackageReachability(cwd, packageName) {
+  const files = collectSourceFiles(cwd);
+  if (files.length === 0) {
+    return {
+      packageName,
+      status: "unknown",
+      reason: "No source files found to scan."
+    };
+  }
+  const escaped = packageName.replace(/[.*+?^${}()|[\]\\]/g, "\\$&");
+  const pattern = new RegExp(
+    `(?:import\\s[^'"]*from\\s['"]${escaped}(?:/[^'"]*)?['"]|require\\(['"]${escaped}(?:/[^'"]*)?['"]\\)|from\\s['"]${escaped}(?:/[^'"]*)?['"])`,
+    "m"
+  );
+  const evidence = [];
+  for (const filePath of files) {
+    let content;
+    try {
+      content = readFileSync5(filePath, "utf8");
+    } catch {
+      continue;
+    }
+    if (pattern.test(content)) {
+      const relative = filePath.startsWith(cwd) ? filePath.slice(cwd.length + 1) : filePath;
+      const matchType = content.includes(`require('${packageName}`) || content.includes(`require("${packageName}`) ? "require" : content.includes(`import(`) ? "dynamic-import" : "import";
+      evidence.push({ filePath: relative, matchType });
+      if (evidence.length >= 3) break;
+    }
+  }
+  if (evidence.length > 0) {
+    return {
+      packageName,
+      status: "reachable",
+      reason: `Found ${evidence.length} import reference(s) in source files.`,
+      reachabilityBasis: "import-present",
+      evidence
+    };
+  }
+  return {
+    packageName,
+    status: "not-reachable",
+    reason: `No import or require of '${packageName}' found in ${files.length} source file(s).`
+  };
+}
+var checkReachabilityTool = defineTool({
+  description: "Assess whether an npm package is statically reachable (imported) from the project's source files. Returns reachable, not-reachable, or unknown.",
+  parameters: z2.object({
+    cwd: z2.string().describe("Project root directory"),
+    packageName: z2.string().describe("The npm package name to search for")
+  }),
+  execute: async ({ cwd, packageName }) => {
+    return assessPackageReachability(cwd, packageName);
+  }
+});
+
+// src/remediation/tools/check-exploit-signal.ts
+import { z as z3 } from "zod";
+var kevSchema = z3.object({
+  knownExploited: z3.boolean(),
+  dateAdded: z3.string().optional(),
+  dueDate: z3.string().optional(),
+  requiredAction: z3.string().optional(),
+  knownRansomwareCampaignUse: z3.string().optional()
+}).passthrough();
+var epssSchema = z3.object({
+  score: z3.number(),
+  percentile: z3.number(),
+  date: z3.string().optional()
+}).passthrough();
+var exploitSignalPolicySchema = z3.object({
+  kev: z3.object({ mandatory: z3.boolean() }).optional(),
+  epss: z3.object({ mandatory: z3.boolean(), threshold: z3.number() }).optional()
+}).optional();
+var checkExploitSignalTool = defineTool({
+  description: "Evaluate KEV and EPSS exploit signals for a CVE against policy thresholds. Returns whether the exploit signal overrides severity filtering (mandatory gate).",
+  parameters: z3.object({
+    cveDetails: z3.object({
+      id: z3.string(),
+      kev: kevSchema.optional(),
+      epss: epssSchema.optional()
+    }).passthrough().describe("CveDetails object from lookup-cve"),
+    policy: z3.object({
+      exploitSignalOverride: exploitSignalPolicySchema
+    }).passthrough().describe("Policy object containing exploitSignalOverride configuration")
+  }),
+  execute: async ({ cveDetails, policy }) => {
+    const override = policy.exploitSignalOverride;
+    if (!override) {
+      return {
+        exploitSignalTriggered: false,
+        reason: "No exploitSignalOverride policy configured."
+      };
+    }
+    if (override.kev?.mandatory && cveDetails.kev?.knownExploited === true) {
+      return {
+        exploitSignalTriggered: true,
+        reason: `CVE ${cveDetails.id} is in the CISA Known Exploited Vulnerabilities (KEV) catalog and kev.mandatory is enabled.`
+      };
+    }
+    if (override.epss?.mandatory && typeof override.epss.threshold === "number" && typeof cveDetails.epss?.score === "number" && cveDetails.epss.score >= override.epss.threshold) {
+      return {
+        exploitSignalTriggered: true,
+        reason: `CVE ${cveDetails.id} EPSS score ${cveDetails.epss.score} meets or exceeds threshold ${override.epss.threshold} and epss.mandatory is enabled.`
+      };
+    }
+    return {
+      exploitSignalTriggered: false,
+      reason: "Exploit signal thresholds not met."
+    };
+  }
+});
+
+// src/remediation/local/secops-preflight.ts
+async function runSecOpsPreflight(normalizedId, cveDetails, opts) {
+  const allSuppressions = opts.suppressionsFile ? [...opts.suppressions, ...loadSuppressionsFile(opts.suppressionsFile)] : opts.suppressions;
+  const activeSuppression = allSuppressions.find(
+    (s) => s.cveId === normalizedId && isActiveSuppression(s)
+  );
+  if (activeSuppression) {
+    return {
+      suppressed: true,
+      summary: `CVE ${normalizedId} suppressed by VEX policy: ${activeSuppression.justification}${activeSuppression.notes ? ` \u2014 ${activeSuppression.notes}` : ""}`
+    };
+  }
+  let exploitSignalTriggered;
+  if (opts.exploitSignalOverride) {
+    const result = await checkExploitSignalTool.execute({
+      cveDetails,
+      policy: { exploitSignalOverride: opts.exploitSignalOverride }
+    });
+    if (result.exploitSignalTriggered) {
+      exploitSignalTriggered = true;
+    }
+  }
+  let slaBreaches;
+  if (opts.slaCheck && opts.slaPolicy && cveDetails.publishedAt) {
+    const breach = checkSlaBreach(normalizedId, cveDetails.severity, cveDetails.publishedAt, opts.slaPolicy);
+    if (breach) {
+      slaBreaches = [breach];
+    }
+  }
+  return { suppressed: false, exploitSignalTriggered, slaBreaches };
+}
+
+// src/remediation/local/sbom.ts
+function buildSbom(packages, vulnerableNames, results) {
+  const statusByPackage = /* @__PURE__ */ new Map();
+  for (const result of results) {
+    if (!vulnerableNames.has(result.packageName)) continue;
+    if (result.suppressedBy) {
+      statusByPackage.set(result.packageName, "suppressed");
+    } else if (!result.applied && result.strategy === "none") {
+      statusByPackage.set(result.packageName, "skipped");
+    } else if (result.applied) {
+      statusByPackage.set(result.packageName, "patched");
+    } else {
+      statusByPackage.set(result.packageName, "unpatched");
+    }
+  }
+  return packages.map((pkg) => {
+    const isVulnerable = vulnerableNames.has(pkg.name);
+    const entry = {
+      name: pkg.name,
+      version: pkg.version,
+      scope: pkg.type === "direct" ? "direct" : "transitive"
+    };
+    if (isVulnerable) {
+      entry.status = statusByPackage.get(pkg.name) ?? "unpatched";
+    }
+    return entry;
+  });
+}
+
 // src/intelligence/sources/registry.ts
-import { readFileSync as readFileSync5 } from "fs";
-import { join as join7 } from "path";
+import { readFileSync as readFileSync6 } from "fs";
+import { join as join8 } from "path";
 import { execa as execa4 } from "execa";
 import semver from "semver";
 var NPM_REGISTRY = "https://registry.npmjs.org";
@@ -1295,7 +1596,7 @@ async function queryOutdatedPackages(cwd, options = {}) {
   }
   let directDeps;
   try {
-    const pkgRaw = JSON.parse(readFileSync5(join7(cwd, "package.json"), "utf8"));
+    const pkgRaw = JSON.parse(readFileSync6(join8(cwd, "package.json"), "utf8"));
     directDeps = /* @__PURE__ */ new Set([
       ...Object.keys(pkgRaw.dependencies ?? {}),
       ...Object.keys(pkgRaw.devDependencies ?? {})
@@ -1309,8 +1610,8 @@ async function queryOutdatedPackages(cwd, options = {}) {
     const wantedVersion = entry.wanted ?? currentVersion;
     const latestVersion = entry.latest ?? currentVersion;
     if (!currentVersion || !latestVersion) continue;
-    const dependencyScope = directDeps.has(name) ? "direct" : "indirect";
-    if (!options.includeTransitive && dependencyScope === "indirect") continue;
+    const dependencyScope = directDeps.has(name) ? "direct" : "transitive";
+    if (!options.includeTransitive && dependencyScope === "transitive") continue;
     const isMajorBump = semver.valid(currentVersion) !== null && semver.valid(latestVersion) !== null && semver.major(latestVersion) > semver.major(currentVersion);
     result.set(name, {
       currentVersion,
@@ -1324,24 +1625,23 @@ async function queryOutdatedPackages(cwd, options = {}) {
 }
 
 // src/remediation/tools/apply-version-bump.ts
-import { tool as tool2 } from "ai";
-import { z as z2 } from "zod";
-import { join as join9 } from "path";
-import { readFileSync as readFileSync6, writeFileSync as writeFileSync3 } from "fs";
+import { z as z4 } from "zod";
+import { join as join10 } from "path";
+import { readFileSync as readFileSync7, writeFileSync as writeFileSync3 } from "fs";
 import { execa as execa5 } from "execa";
 import semver2 from "semver";
 
 // src/platform/repo-lock.ts
 import { mkdir, rm } from "fs/promises";
-import { join as join8 } from "path";
+import { join as join9 } from "path";
 async function sleep(ms) {
   await new Promise((resolve2) => setTimeout(resolve2, ms));
 }
 async function acquireRepoLock(cwd, options = {}) {
   const timeoutMs = options.timeoutMs ?? 15e3;
   const retryDelayMs = options.retryDelayMs ?? 125;
-  const lockRoot = join8(cwd, ".autoremediator", "locks");
-  const lockPath = join8(cwd, ".autoremediator", "locks", "remediation.lock");
+  const lockRoot = join9(cwd, ".autoremediator", "locks");
+  const lockPath = join9(cwd, ".autoremediator", "locks", "remediation.lock");
   const startedAt = Date.now();
   await mkdir(lockRoot, { recursive: true });
   while (true) {
@@ -1371,21 +1671,21 @@ async function withRepoLock(cwd, fn, options) {
 }
 
 // src/remediation/tools/apply-version-bump.ts
-var applyVersionBumpTool = tool2({
+var applyVersionBumpTool = defineTool({
   description: "Update package.json to use the safe version of a vulnerable package and run the project's package manager install. In dry-run mode, only reports what would change.",
-  parameters: z2.object({
-    cwd: z2.string().describe("Absolute path to the consumer project root"),
-    packageManager: z2.enum(["npm", "pnpm", "yarn"]).optional().describe("Package manager used by the target project (auto-detected if omitted)"),
-    packageName: z2.string().describe("The npm package to upgrade"),
-    fromVersion: z2.string().describe("The currently installed vulnerable version"),
-    toVersion: z2.string().describe("The safe target version to upgrade to"),
-    dryRun: z2.boolean().default(false).describe("If true, report changes but do not write"),
-    policy: z2.string().optional().describe("Optional path to .autoremediator policy file"),
-    runTests: z2.boolean().default(false).describe("If true, run test validation after applying the fix"),
-    installMode: z2.enum(["standard", "prefer-offline", "deterministic"]).optional(),
-    installPreferOffline: z2.boolean().optional(),
-    enforceFrozenLockfile: z2.boolean().optional(),
-    workspace: z2.string().optional()
+  parameters: z4.object({
+    cwd: z4.string().describe("Absolute path to the consumer project root"),
+    packageManager: z4.enum(["npm", "pnpm", "yarn"]).optional().describe("Package manager used by the target project (auto-detected if omitted)"),
+    packageName: z4.string().describe("The npm package to upgrade"),
+    fromVersion: z4.string().describe("The currently installed vulnerable version"),
+    toVersion: z4.string().describe("The safe target version to upgrade to"),
+    dryRun: z4.boolean().default(false).describe("If true, report changes but do not write"),
+    policy: z4.string().optional().describe("Optional path to .autoremediator policy file"),
+    runTests: z4.boolean().default(false).describe("If true, run test validation after applying the fix"),
+    installMode: z4.enum(["standard", "prefer-offline", "deterministic"]).optional(),
+    installPreferOffline: z4.boolean().optional(),
+    enforceFrozenLockfile: z4.boolean().optional(),
+    workspace: z4.string().optional()
   }),
   execute: async ({
     cwd,
@@ -1402,7 +1702,7 @@ var applyVersionBumpTool = tool2({
     workspace
   }) => {
     const pm = packageManager ?? detectPackageManager(cwd);
-    const pkgPath = join9(cwd, "package.json");
+    const pkgPath = join10(cwd, "package.json");
     const loadedPolicy = loadPolicy(cwd, policy);
     const commandConstraints = {
       ...loadedPolicy.constraints,
@@ -1442,7 +1742,7 @@ var applyVersionBumpTool = tool2({
     }
     let pkgJson;
     try {
-      pkgJson = JSON.parse(readFileSync6(pkgPath, "utf8"));
+      pkgJson = JSON.parse(readFileSync7(pkgPath, "utf8"));
     } catch {
       return {
         packageName,
@@ -1464,8 +1764,8 @@ var applyVersionBumpTool = tool2({
         fromVersion,
         applied: false,
         dryRun,
-        unresolvedReason: "indirect-dependency",
-        message: `"${packageName}" was not found in package.json dependencies (it may be a transitive dep). Cannot auto-bump.`
+        unresolvedReason: "transitive-dependency",
+        message: `"${packageName}" was not found in package.json dependencies (it may be a transitive dependency). Cannot auto-bump.`
       };
     }
     const currentRange = pkgJson[depField][packageName];
@@ -1565,10 +1865,9 @@ var applyVersionBumpTool = tool2({
 });
 
 // src/remediation/tools/apply-package-override/index.ts
-import { tool as tool3 } from "ai";
-import { z as z3 } from "zod";
-import { join as join10 } from "path";
-import { readFileSync as readFileSync7, writeFileSync as writeFileSync4 } from "fs";
+import { z as z5 } from "zod";
+import { join as join11 } from "path";
+import { readFileSync as readFileSync8, writeFileSync as writeFileSync4 } from "fs";
 import { execa as execa7 } from "execa";
 import semver3 from "semver";
 
@@ -1648,22 +1947,22 @@ function restoreRecord(record, key, previousValue) {
 }
 
 // src/remediation/tools/apply-package-override/index.ts
-var applyPackageOverrideTool = tool3({
+var applyPackageOverrideTool = defineTool({
   description: "Apply a package-manager-native package.json override for a vulnerable transitive dependency and reinstall. Uses npm overrides, pnpm.overrides, or yarn resolutions.",
-  parameters: z3.object({
-    cwd: z3.string().describe("Absolute path to the consumer project root"),
-    packageManager: z3.enum(["npm", "pnpm", "yarn"]).optional().describe("Package manager used by the target project (auto-detected if omitted)"),
-    packageName: z3.string().describe("The npm package to override"),
-    selector: z3.string().optional().describe("Optional manager-native override selector key (for nested or scoped overrides)"),
-    fromVersion: z3.string().describe("The currently installed vulnerable version"),
-    toVersion: z3.string().describe("The safe target version to override to"),
-    dryRun: z3.boolean().default(false).describe("If true, report changes but do not write"),
-    policy: z3.string().optional().describe("Optional path to .autoremediator policy file"),
-    runTests: z3.boolean().default(false).describe("If true, run test validation after applying the override"),
-    installMode: z3.enum(["standard", "prefer-offline", "deterministic"]).optional(),
-    installPreferOffline: z3.boolean().optional(),
-    enforceFrozenLockfile: z3.boolean().optional(),
-    workspace: z3.string().optional()
+  parameters: z5.object({
+    cwd: z5.string().describe("Absolute path to the consumer project root"),
+    packageManager: z5.enum(["npm", "pnpm", "yarn"]).optional().describe("Package manager used by the target project (auto-detected if omitted)"),
+    packageName: z5.string().describe("The npm package to override"),
+    selector: z5.string().optional().describe("Optional manager-native override selector key (for nested or scoped overrides)"),
+    fromVersion: z5.string().describe("The currently installed vulnerable version"),
+    toVersion: z5.string().describe("The safe target version to override to"),
+    dryRun: z5.boolean().default(false).describe("If true, report changes but do not write"),
+    policy: z5.string().optional().describe("Optional path to .autoremediator policy file"),
+    runTests: z5.boolean().default(false).describe("If true, run test validation after applying the override"),
+    installMode: z5.enum(["standard", "prefer-offline", "deterministic"]).optional(),
+    installPreferOffline: z5.boolean().optional(),
+    enforceFrozenLockfile: z5.boolean().optional(),
+    workspace: z5.string().optional()
   }),
   execute: async ({
     cwd,
@@ -1681,7 +1980,7 @@ var applyPackageOverrideTool = tool3({
     workspace
   }) => {
     const pm = packageManager ?? detectPackageManager(cwd);
-    const pkgPath = join10(cwd, "package.json");
+    const pkgPath = join11(cwd, "package.json");
     const loadedPolicy = loadPolicy(cwd, policy);
     const commandConstraints = {
       ...loadedPolicy.constraints,
@@ -1722,7 +2021,7 @@ var applyPackageOverrideTool = tool3({
     }
     let pkgJson;
     try {
-      pkgJson = JSON.parse(readFileSync7(pkgPath, "utf8"));
+      pkgJson = JSON.parse(readFileSync8(pkgPath, "utf8"));
     } catch {
       return {
         packageName,
@@ -1822,7 +2121,7 @@ async function resolvePrimaryResult(params) {
   const { vulnerable, cwd, packageManager, dryRun, policy, runTests, constraints } = params;
   const pkg = vulnerable.installed;
   const firstPatchedVersion = vulnerable.affected.firstPatchedVersion;
-  if (pkg.type === "indirect") {
+  if (pkg.type === "transitive") {
     if (constraints.directDependenciesOnly) {
       return {
         steps: 0,
@@ -1833,7 +2132,7 @@ async function resolvePrimaryResult(params) {
           applied: false,
           dryRun,
           unresolvedReason: "constraint-blocked",
-          message: `Constraint blocked remediation for indirect dependency "${pkg.name}".`
+          message: `Constraint blocked remediation for transitive dependency "${pkg.name}".`
         }
       };
     }
@@ -1959,17 +2258,16 @@ async function resolvePrimaryResult(params) {
 }
 
 // src/remediation/tools/fetch-package-source.ts
-import { tool as tool4 } from "ai";
-import { z as z4 } from "zod";
+import { z as z6 } from "zod";
 import { mkdir as mkdir2, readdir as readdir2, readFile as readFile3, rm as rm2 } from "fs/promises";
-import { join as join11 } from "path";
+import { join as join12 } from "path";
 import { execa as execa8 } from "execa";
-var fetchPackageSourceTool = tool4({
+var fetchPackageSourceTool = defineTool({
   description: "Download package tarball from npm and extract source files for CVE analysis. Supports custom file patterns (default: *.js, *.ts).",
-  parameters: z4.object({
-    packageName: z4.string().min(1).describe("The npm package name (e.g., 'lodash', '@scope/package')"),
-    version: z4.string().regex(/^\d+\.\d+\.\d+/, "Must be a valid semver version").describe("Exact package version to download"),
-    filePatterns: z4.array(z4.string()).optional().default(["*.js", "*.ts"]).describe(
+  parameters: z6.object({
+    packageName: z6.string().min(1).describe("The npm package name (e.g., 'lodash', '@scope/package')"),
+    version: z6.string().regex(/^\d+\.\d+\.\d+/, "Must be a valid semver version").describe("Exact package version to download"),
+    filePatterns: z6.array(z6.string()).optional().default(["*.js", "*.ts"]).describe(
       "File patterns to extract (glob patterns, default: *.js, *.ts)"
     )
   }),
@@ -1979,23 +2277,23 @@ var fetchPackageSourceTool = tool4({
     filePatterns
   }) => {
     const tempBaseDir = `/tmp/autoremediator-pkg-${Date.now()}`;
-    const extractDir = join11(tempBaseDir, "out");
+    const extractDir = join12(tempBaseDir, "out");
     try {
       const npmUrl = `https://registry.npmjs.org/${packageName}/-/${packageName.split("/").pop()}-${version}.tgz`;
       await mkdir2(tempBaseDir, { recursive: true });
-      const tarballPath = join11(tempBaseDir, "package.tgz");
+      const tarballPath = join12(tempBaseDir, "package.tgz");
       await execa8("curl", ["-L", "-o", tarballPath, npmUrl]);
       await mkdir2(extractDir, { recursive: true });
       await execa8("tar", ["-xzf", tarballPath, "-C", extractDir]);
       const extractedContents = await readdir2(extractDir);
-      const packageRootDir = extractedContents.includes("package") ? join11(extractDir, "package") : extractDir;
+      const packageRootDir = extractedContents.includes("package") ? join12(extractDir, "package") : extractDir;
       const sourceCode = {};
       async function walkDir(dir, relativeBase) {
         try {
           const files = await readdir2(dir, { withFileTypes: true });
           for (const file of files) {
-            const fullPath = join11(dir, file.name);
-            const relPath = join11(relativeBase, file.name);
+            const fullPath = join12(dir, file.name);
+            const relPath = join12(relativeBase, file.name);
             if (file.isDirectory()) {
               if (![
                 "node_modules",
@@ -2058,8 +2356,7 @@ var fetchPackageSourceTool = tool4({
 });
 
 // src/remediation/tools/generate-patch/index.ts
-import { tool as tool5 } from "ai";
-import { z as z5 } from "zod";
+import { z as z7 } from "zod";
 import { generateText } from "ai";
 
 // src/remediation/strategies/patch-synthesis-prompt.ts
@@ -2192,31 +2489,31 @@ function generateUnifiedDiff(original, fixed, filePath) {
 }
 
 // src/remediation/tools/generate-patch/index.ts
-var generatePatchTool = tool5({
+var generatePatchTool = defineTool({
   description: "Generate a unified diff patch for a CVE using LLM analysis of vulnerable source code.",
-  parameters: z5.object({
-    packageName: z5.string().min(1).describe("The npm package name"),
-    vulnerableVersion: z5.string().describe("The vulnerable version string"),
-    cveId: z5.string().regex(/^CVE-\d{4}-\d+$/i).describe("CVE ID (e.g., CVE-2021-23337)"),
-    cveSummary: z5.string().min(10).describe("CVE description and impact"),
-    sourceFiles: z5.record(z5.string()).describe(
+  parameters: z7.object({
+    packageName: z7.string().min(1).describe("The npm package name"),
+    vulnerableVersion: z7.string().describe("The vulnerable version string"),
+    cveId: z7.string().regex(/^CVE-\d{4}-\d+$/i).describe("CVE ID (e.g., CVE-2021-23337)"),
+    cveSummary: z7.string().min(10).describe("CVE description and impact"),
+    sourceFiles: z7.record(z7.string(), z7.string()).describe(
       "Map of file paths to source code contents from fetch-package-source"
     ),
-    vulnerabilityCategory: z5.enum(["redos", "code-injection", "path-traversal", "unknown"]).optional().default("unknown").describe("Category of the vulnerability for better context"),
-    dryRun: z5.boolean().optional().default(false).describe("If true, return analysis without generating patches"),
-    llmProvider: z5.enum(["remote", "local"]).optional().describe("Optional provider override for patch generation"),
-    model: z5.string().optional().describe("Optional model override for patch generation"),
-    policy: z5.string().optional().describe("Optional policy file path for model default resolution"),
-    cwd: z5.string().optional().describe("Optional working directory for policy/model resolution"),
-    providerSafetyProfile: z5.enum(["strict", "relaxed"]).optional().describe("Confidence threshold profile for patch acceptance"),
-    patchConfidenceThresholds: z5.object({
-      low: z5.number().min(0).max(1).optional(),
-      medium: z5.number().min(0).max(1).optional(),
-      high: z5.number().min(0).max(1).optional()
+    vulnerabilityCategory: z7.enum(["redos", "code-injection", "path-traversal", "unknown"]).optional().default("unknown").describe("Category of the vulnerability for better context"),
+    dryRun: z7.boolean().optional().default(false).describe("If true, return analysis without generating patches"),
+    llmProvider: z7.enum(["remote", "local"]).optional().describe("Optional provider override for patch generation"),
+    model: z7.string().optional().describe("Optional model override for patch generation"),
+    policy: z7.string().optional().describe("Optional policy file path for model default resolution"),
+    cwd: z7.string().optional().describe("Optional working directory for policy/model resolution"),
+    providerSafetyProfile: z7.enum(["strict", "relaxed"]).optional().describe("Confidence threshold profile for patch acceptance"),
+    patchConfidenceThresholds: z7.object({
+      low: z7.number().min(0).max(1).optional(),
+      medium: z7.number().min(0).max(1).optional(),
+      high: z7.number().min(0).max(1).optional()
     }).optional().describe("Optional per-risk confidence thresholds for patch acceptance"),
-    dynamicModelRouting: z5.boolean().optional().describe("Enable dynamic model routing by input size"),
-    dynamicRoutingThresholdChars: z5.number().int().positive().optional().describe("Threshold for dynamic model routing"),
-    modelPersonality: z5.enum(["analytical", "pragmatic", "balanced"]).optional().describe("Prompt personality for patch-generation guidance")
+    dynamicModelRouting: z7.boolean().optional().describe("Enable dynamic model routing by input size"),
+    dynamicRoutingThresholdChars: z7.number().int().positive().optional().describe("Threshold for dynamic model routing"),
+    modelPersonality: z7.enum(["analytical", "pragmatic", "balanced"]).optional().describe("Prompt personality for patch-generation guidance")
   }),
   execute: async ({
     packageName,
@@ -2261,7 +2558,7 @@ var generatePatchTool = tool5({
       }
       const inputChars = JSON.stringify(resolvedSourceFiles).length + cveSummary.length;
       const modelInstance = await createModel(effectiveOptions, { inputChars });
-      const modelName = modelInstance.modelId || "unknown-model";
+      const modelName = typeof modelInstance === "string" ? modelInstance : "modelId" in modelInstance && typeof modelInstance.modelId === "string" ? modelInstance.modelId : "unknown-model";
       const prompt = buildPatchPrompt({
         cveId,
         packageName,
@@ -2366,17 +2663,17 @@ var generatePatchTool = tool5({
 });
 
 // src/remediation/tools/apply-patch-file/index.ts
-import { tool as tool6 } from "ai";
-import { z as z6 } from "zod";
+import { z as z8 } from "zod";
 import { mkdir as mkdir3, writeFile as writeFile2 } from "fs/promises";
-import { join as join13 } from "path";
+import { join as join14 } from "path";
 import { execa as execa10 } from "execa";
 
 // src/remediation/tools/apply-patch-file/helpers.ts
 import { existsSync as existsSync7 } from "fs";
 import { mkdtemp, readFile as readFile4, rm as rm3, writeFile } from "fs/promises";
+import { createHash } from "crypto";
 import { tmpdir } from "os";
-import { join as join12 } from "path";
+import { join as join13 } from "path";
 import { execa as execa9 } from "execa";
 async function resolvePatchMode(packageManager, cwd) {
   if (packageManager === "npm") return "patch-package";
@@ -2403,11 +2700,15 @@ function extractPatchedFiles(patchContent) {
 function countPatchHunks(patchContent) {
   return patchContent.split(/\r?\n/).filter((line) => line.startsWith("@@ ")).length;
 }
+function computePatchIntegrity(patchContent) {
+  const hex = createHash("sha256").update(patchContent, "utf8").digest("hex");
+  return `sha256:${hex}`;
+}
 async function writePatchManifest(manifestFilePath, artifact) {
   await writeFile(manifestFilePath, JSON.stringify(artifact, null, 2) + "\n", "utf8");
 }
 async function configurePatchPackagePostinstall(cwd, packageManager) {
-  const pkgJsonPath = join12(cwd, "package.json");
+  const pkgJsonPath = join13(cwd, "package.json");
   let pkgJson;
   try {
     pkgJson = JSON.parse(await readFile4(pkgJsonPath, "utf8"));
@@ -2447,7 +2748,7 @@ async function configurePatchPackagePostinstall(cwd, packageManager) {
   return { success: true };
 }
 async function capturePackageJsonSnapshot(cwd) {
-  const path = join12(cwd, "package.json");
+  const path = join13(cwd, "package.json");
   try {
     const content = await readFile4(path, "utf8");
     return { path, content };
@@ -2517,8 +2818,8 @@ ${createResult.stderr}`);
       error: `Could not determine native patch directory for ${packageSpec}.`
     };
   }
-  const tempPatchDir = await mkdtemp(join12(tmpdir(), "autoremediator-native-patch-"));
-  const tempPatchFile = join12(tempPatchDir, "change.patch");
+  const tempPatchDir = await mkdtemp(join13(tmpdir(), "autoremediator-native-patch-"));
+  const tempPatchFile = join13(tempPatchDir, "change.patch");
   try {
     await writeFile(tempPatchFile, patchContent, "utf8");
     await execa9("patch", ["-p1", "-i", tempPatchFile], {
@@ -2603,31 +2904,31 @@ function extractFailedTests(output) {
 }
 
 // src/remediation/tools/apply-patch-file/index.ts
-var applyPatchFileTool = tool6({
+var applyPatchFileTool = defineTool({
   description: "Write generated patch file and apply it using package-manager-native patch flow when available, falling back to patch-package when needed.",
-  parameters: z6.object({
-    packageName: z6.string().min(1).describe("The npm package name"),
-    vulnerableVersion: z6.string().describe("The vulnerable version string"),
-    patchContent: z6.string().min(10).optional().describe("Unified diff patch content from generate-patch"),
-    cveId: z6.string().optional().describe("Optional CVE ID associated with this patch artifact"),
-    confidence: z6.number().min(0).max(1).optional().describe("Optional patch confidence score from generate-patch"),
-    riskLevel: z6.enum(["low", "medium", "high"]).optional().describe("Optional risk level from generate-patch"),
-    patches: z6.array(
-      z6.object({
-        filePath: z6.string().min(1),
-        unifiedDiff: z6.string().min(10)
+  parameters: z8.object({
+    packageName: z8.string().min(1).describe("The npm package name"),
+    vulnerableVersion: z8.string().describe("The vulnerable version string"),
+    patchContent: z8.string().min(10).optional().describe("Unified diff patch content from generate-patch"),
+    cveId: z8.string().optional().describe("Optional CVE ID associated with this patch artifact"),
+    confidence: z8.number().min(0).max(1).optional().describe("Optional patch confidence score from generate-patch"),
+    riskLevel: z8.enum(["low", "medium", "high"]).optional().describe("Optional risk level from generate-patch"),
+    patches: z8.array(
+      z8.object({
+        filePath: z8.string().min(1),
+        unifiedDiff: z8.string().min(10)
       })
     ).optional().describe("Patch list from generate-patch; first patch is applied"),
-    patchesDir: z6.string().optional().default("./patches").describe("Directory to store patch files"),
-    cwd: z6.string().describe("Project root directory (for package.json)"),
-    packageManager: z6.enum(["npm", "pnpm", "yarn"]).optional().describe("Package manager used by the target project (auto-detected if omitted)"),
-    policy: z6.string().optional().describe("Optional path to .autoremediator policy file"),
-    installMode: z6.enum(["standard", "prefer-offline", "deterministic"]).optional(),
-    installPreferOffline: z6.boolean().optional(),
-    enforceFrozenLockfile: z6.boolean().optional(),
-    workspace: z6.string().optional(),
-    validateWithTests: z6.boolean().optional().default(true).describe("Run package manager test command to validate patch doesn't break anything"),
-    dryRun: z6.boolean().optional().default(false).describe("If true, report but do not mutate files")
+    patchesDir: z8.string().optional().default("./patches").describe("Directory to store patch files"),
+    cwd: z8.string().describe("Project root directory (for package.json)"),
+    packageManager: z8.enum(["npm", "pnpm", "yarn"]).optional().describe("Package manager used by the target project (auto-detected if omitted)"),
+    policy: z8.string().optional().describe("Optional path to .autoremediator policy file"),
+    installMode: z8.enum(["standard", "prefer-offline", "deterministic"]).optional(),
+    installPreferOffline: z8.boolean().optional(),
+    enforceFrozenLockfile: z8.boolean().optional(),
+    workspace: z8.string().optional(),
+    validateWithTests: z8.boolean().optional().default(true).describe("Run package manager test command to validate patch doesn't break anything"),
+    dryRun: z8.boolean().optional().default(false).describe("If true, report but do not mutate files")
   }).refine((value) => Boolean(value.patchContent || value.patches && value.patches.length > 0), {
     message: "Either patchContent or patches must be provided"
   }),
@@ -2698,7 +2999,7 @@ var applyPatchFileTool = tool6({
         };
       }
       const patchFileName = buildPatchFileName(packageName, vulnerableVersion);
-      const patchFilePath = join13(cwd, patchesDir, patchFileName);
+      const patchFilePath = join14(cwd, patchesDir, patchFileName);
       const manifestFilePath = `${patchFilePath}.json`;
       const generatedAt = (/* @__PURE__ */ new Date()).toISOString();
       const baseArtifact = {
@@ -2717,6 +3018,7 @@ var applyPatchFileTool = tool6({
         hunkCount,
         applied: false,
         dryRun,
+        integrity: computePatchIntegrity(selectedPatch),
         validationPhases
       };
       if (dryRun) {
@@ -2736,7 +3038,7 @@ var applyPatchFileTool = tool6({
       }
       return withRepoLock(cwd, async () => {
         const packageJsonSnapshot = patchModeRequiresPackageJsonSnapshot(pm) ? await capturePackageJsonSnapshot(cwd) : void 0;
-        const patchesDirPath = join13(cwd, patchesDir);
+        const patchesDirPath = join14(cwd, patchesDir);
         await mkdir3(patchesDirPath, { recursive: true });
         await writeFile2(patchFilePath, selectedPatch, "utf8");
         validationPhases.push({
@@ -2948,7 +3250,7 @@ function resolvePatchProvider(provider) {
 function shouldAttemptPatchFallback(result, preferVersionBump) {
   if (preferVersionBump) return false;
   if (result.applied || result.dryRun) return false;
-  return result.unresolvedReason === "no-safe-version" || result.unresolvedReason === "install-failed" || result.unresolvedReason === "override-apply-failed" || result.unresolvedReason === "validation-failed" || result.unresolvedReason === "major-bump-required" || result.unresolvedReason === "indirect-dependency";
+  return result.unresolvedReason === "no-safe-version" || result.unresolvedReason === "install-failed" || result.unresolvedReason === "override-apply-failed" || result.unresolvedReason === "validation-failed" || result.unresolvedReason === "major-bump-required" || result.unresolvedReason === "transitive-dependency";
 }
 async function tryLocalPatchFallback(params) {
   const usage = [];
@@ -3171,7 +3473,14 @@ function resolveLocalRunOptions(options) {
       ...options.patchConfidenceThresholds
     },
     dynamicModelRouting: options.dynamicModelRouting ?? loadedPolicy.dynamicModelRouting ?? false,
-    dynamicRoutingThresholdChars: options.dynamicRoutingThresholdChars ?? loadedPolicy.dynamicRoutingThresholdChars
+    dynamicRoutingThresholdChars: options.dynamicRoutingThresholdChars ?? loadedPolicy.dynamicRoutingThresholdChars,
+    exploitSignalOverride: options.exploitSignalOverride ?? loadedPolicy.exploitSignalOverride,
+    suppressions: loadedPolicy.suppressions ?? [],
+    suppressionsFile: options.suppressionsFile,
+    slaCheck: options.slaCheck ?? false,
+    slaPolicy: loadedPolicy.sla,
+    skipUnreachable: options.skipUnreachable ?? loadedPolicy.skipUnreachable ?? false,
+    regressionCheck: options.regressionCheck ?? false
   };
 }
 
@@ -3228,7 +3537,14 @@ async function runLocalRemediationPipeline(cveId, options = {}) {
     consensusModel,
     patchConfidenceThresholds,
     dynamicModelRouting,
-    dynamicRoutingThresholdChars
+    dynamicRoutingThresholdChars,
+    exploitSignalOverride,
+    suppressions,
+    suppressionsFile,
+    slaCheck,
+    slaPolicy,
+    skipUnreachable,
+    regressionCheck
   } = resolved;
   const collectedResults = [];
   const llmUsage = [];
@@ -3267,6 +3583,29 @@ async function runLocalRemediationPipeline(cveId, options = {}) {
     cveDetails = mergeGhDataIntoCveDetails(cveDetails, ghPackages);
   }
   cveDetails = await enrichWithNvd(cveDetails);
+  const preflight = await runSecOpsPreflight(normalizedId, cveDetails, {
+    suppressions,
+    suppressionsFile,
+    exploitSignalOverride,
+    slaCheck,
+    slaPolicy
+  });
+  if (preflight.suppressed) {
+    return {
+      cveId,
+      cveDetails,
+      vulnerablePackages: [],
+      results: [],
+      agentSteps,
+      summary: preflight.summary,
+      correlation: {
+        requestId: options.requestId,
+        sessionId: options.sessionId,
+        parentRunId: options.parentRunId
+      }
+    };
+  }
+  const { exploitSignalTriggered, slaBreaches } = preflight;
   if (cveDetails.affectedPackages.length === 0) {
     return {
       cveId,
@@ -3275,6 +3614,8 @@ async function runLocalRemediationPipeline(cveId, options = {}) {
       results: collectedResults,
       agentSteps,
       summary: `Local mode lookup succeeded but no npm affected packages were found for ${normalizedId}.`,
+      exploitSignalTriggered,
+      slaBreaches,
       correlation: {
         requestId: options.requestId,
         sessionId: options.sessionId,
@@ -3297,6 +3638,8 @@ async function runLocalRemediationPipeline(cveId, options = {}) {
       results: collectedResults,
       agentSteps,
       summary: `Local mode failed at check-inventory: ${inventory.error}`,
+      exploitSignalTriggered,
+      slaBreaches,
       correlation: {
         requestId: options.requestId,
         sessionId: options.sessionId,
@@ -3308,6 +3651,21 @@ async function runLocalRemediationPipeline(cveId, options = {}) {
   vulnerablePackages = findVulnerablePackages(cveDetails, installedPackages);
   agentSteps += 1;
   for (const vulnerable of vulnerablePackages) {
+    if (skipUnreachable) {
+      const reach = assessPackageReachability(cwd, vulnerable.installed.name);
+      if (reach.status === "not-reachable") {
+        collectedResults.push({
+          packageName: vulnerable.installed.name,
+          fromVersion: vulnerable.installed.version,
+          strategy: "none",
+          applied: false,
+          dryRun,
+          message: `Skipped: '${vulnerable.installed.name}' is not reachable from source code.`,
+          reachability: reach
+        });
+        continue;
+      }
+    }
     const primary = await resolvePrimaryResult({
       vulnerable,
       cwd,
@@ -3353,11 +3711,22 @@ async function runLocalRemediationPipeline(cveId, options = {}) {
       }
       continue;
     }
-    collectedResults.push({
+    const primaryResult = {
       ...primary.result,
       dependencyScope: vulnerable.installed.type === "direct" ? "direct" : "transitive"
-    });
+    };
+    if (regressionCheck && primaryResult.applied && !dryRun && primaryResult.toVersion) {
+      try {
+        if (semver5.satisfies(primaryResult.toVersion, vulnerable.affected.vulnerableRange, { includePrerelease: false })) {
+          primaryResult.regressionDetected = true;
+        }
+      } catch {
+      }
+    }
+    collectedResults.push(primaryResult);
   }
+  const vulnerableNames = new Set(vulnerablePackages.map((v) => v.installed.name));
+  const sbom = buildSbom(installedPackages, vulnerableNames, collectedResults);
   return {
     cveId,
     cveDetails,
@@ -3366,6 +3735,9 @@ async function runLocalRemediationPipeline(cveId, options = {}) {
     agentSteps,
     summary: buildLocalSummary(vulnerablePackages, collectedResults),
     llmUsage: llmUsage.length > 0 ? llmUsage : void 0,
+    exploitSignalTriggered,
+    slaBreaches,
+    sbom,
     correlation: {
       requestId: options.requestId,
       sessionId: options.sessionId,
@@ -3440,8 +3812,8 @@ function accumulateStepResults(params) {
 }
 
 // src/remediation/orchestration-prompt.ts
-import { existsSync as existsSync8, readFileSync as readFileSync8 } from "fs";
-import { join as join14 } from "path";
+import { existsSync as existsSync8, readFileSync as readFileSync9 } from "fs";
+import { join as join15 } from "path";
 function buildProviderAddendum(provider, personality = "balanced") {
   const personalityDirective = personality === "analytical" ? "Use concise, explicit rationale for tool decisions and unresolved outcomes." : personality === "pragmatic" ? "Prefer the smallest safe remediation path while preserving policy and validation gates." : "Balance concise execution with brief rationale for risky or unresolved outcomes.";
   const providerDirective = provider === "remote" ? "Use strict structured output and deterministic reporting fields." : "Use deterministic-first behavior and only rely on remote model fallback when required by patch generation.";
@@ -3452,7 +3824,7 @@ Provider profile:
 - ${personalityDirective}`;
 }
 function loadOrchestrationPrompt(ctx) {
-  const promptPath = join14(process.cwd(), ".github", "instructions", "orchestration.instructions.md");
+  const promptPath = join15(process.cwd(), ".github", "instructions", "orchestration.instructions.md");
   if (!existsSync8(promptPath)) {
     return `You are autoremediator, an agentic security remediation system for Node.js package dependencies.
 Working directory: ${ctx.cwd}
@@ -3479,7 +3851,7 @@ Fallback sequence (when neither version bump nor override can be applied):
 
 Always respect dryRun and policy constraints.`;
   }
-  const template = readFileSync8(promptPath, "utf8");
+  const template = readFileSync9(promptPath, "utf8");
   return template.replaceAll("{{cveId}}", ctx.cveId).replaceAll("{{cwd}}", ctx.cwd).replaceAll("{{packageManager}}", ctx.packageManager).replaceAll("{{dryRun}}", String(ctx.dryRun)).replaceAll("{{runTests}}", String(ctx.runTests)).replaceAll("{{policy}}", ctx.policy || "undefined").replaceAll("{{patchesDir}}", ctx.patchesDir).replaceAll("{{directDependenciesOnly}}", String(ctx.constraints.directDependenciesOnly ?? false)).replaceAll("{{preferVersionBump}}", String(ctx.constraints.preferVersionBump ?? false)) + buildProviderAddendum(ctx.llmProvider, ctx.modelPersonality);
 }
 
@@ -3498,8 +3870,7 @@ function createProgressEmitter(options) {
 }
 
 // src/remediation/tools/lookup-cve.ts
-import { tool as tool7 } from "ai";
-import { z as z7 } from "zod";
+import { z as z9 } from "zod";
 
 // src/intelligence/sources/cisa-kev.ts
 var CISA_KEV_URL = "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json";
@@ -3777,10 +4148,10 @@ async function enrichWithExternalFeeds(details) {
 }
 
 // src/remediation/tools/lookup-cve.ts
-var lookupCveTool = tool7({
+var lookupCveTool = defineTool({
   description: "Look up a CVE ID and return the list of affected npm packages, their vulnerable version ranges, and the first patched version. Always call this first.",
-  parameters: z7.object({
-    cveId: z7.string().regex(/^CVE-\d{4}-\d+$/i, "Must be a valid CVE ID like CVE-2021-23337")
+  parameters: z9.object({
+    cveId: z9.string().regex(/^CVE-\d{4}-\d+$/i, "Must be a valid CVE ID like CVE-2021-23337")
   }),
   execute: async ({ cveId }) => {
     const normalizedId = cveId.toUpperCase();
@@ -3846,26 +4217,25 @@ var lookupCveTool = tool7({
 });
 
 // src/remediation/tools/check-version-match.ts
-import { tool as tool8 } from "ai";
-import { z as z8 } from "zod";
-import semver5 from "semver";
-var affectedPackageSchema = z8.object({
-  name: z8.string(),
-  ecosystem: z8.literal("npm"),
-  vulnerableRange: z8.string(),
-  firstPatchedVersion: z8.string().optional(),
-  source: z8.enum(["osv", "github-advisory"])
+import { z as z10 } from "zod";
+import semver6 from "semver";
+var affectedPackageSchema = z10.object({
+  name: z10.string(),
+  ecosystem: z10.literal("npm"),
+  vulnerableRange: z10.string(),
+  firstPatchedVersion: z10.string().optional(),
+  source: z10.enum(["osv", "github-advisory"])
 });
-var inventoryPackageSchema = z8.object({
-  name: z8.string(),
-  version: z8.string(),
-  type: z8.enum(["direct", "indirect"])
+var inventoryPackageSchema = z10.object({
+  name: z10.string(),
+  version: z10.string(),
+  type: z10.enum(["direct", "transitive"])
 });
-var checkVersionMatchTool = tool8({
+var checkVersionMatchTool = defineTool({
   description: "Check which of the project's installed packages fall within the CVE's vulnerable version ranges. Returns only the packages that are actually vulnerable.",
-  parameters: z8.object({
-    installedPackages: z8.array(inventoryPackageSchema).describe("Output from the check-inventory tool"),
-    affectedPackages: z8.array(affectedPackageSchema).describe("affectedPackages array from the lookup-cve tool result")
+  parameters: z10.object({
+    installedPackages: z10.array(inventoryPackageSchema).describe("Output from the check-inventory tool"),
+    affectedPackages: z10.array(affectedPackageSchema).describe("affectedPackages array from the lookup-cve tool result")
   }),
   execute: async ({ installedPackages, affectedPackages }) => {
     const vulnerable = [];
@@ -3874,10 +4244,10 @@ var checkVersionMatchTool = tool8({
         (p) => p.name === affected.name
       );
       for (const installed of matches) {
-        if (!semver5.valid(installed.version)) continue;
+        if (!semver6.valid(installed.version)) continue;
         let isVulnerable = false;
         try {
-          isVulnerable = semver5.satisfies(installed.version, affected.vulnerableRange, {
+          isVulnerable = semver6.satisfies(installed.version, affected.vulnerableRange, {
             includePrerelease: false
           });
         } catch {
@@ -3896,17 +4266,16 @@ var checkVersionMatchTool = tool8({
 });
 
 // src/remediation/tools/find-fixed-version.ts
-import { tool as tool9 } from "ai";
-import { z as z9 } from "zod";
-var findFixedVersionTool = tool9({
+import { z as z11 } from "zod";
+var findFixedVersionTool = defineTool({
   description: "Query the npm registry to find the safest published upgrade version for a package that is >= the first patched version. Prefer patch upgrades first, then minor, and only fall back to major when no same-major fix exists.",
-  parameters: z9.object({
-    packageName: z9.string().describe("The npm package name"),
-    installedVersion: z9.string().describe("The currently installed version (exact semver)"),
-    firstPatchedVersion: z9.string().describe(
+  parameters: z11.object({
+    packageName: z11.string().describe("The npm package name"),
+    installedVersion: z11.string().describe("The currently installed version (exact semver)"),
+    firstPatchedVersion: z11.string().describe(
       "The first version that is NOT vulnerable (from lookup-cve). Use this as the floor."
     ),
-    vulnerableRange: z9.string().optional().describe("Optional vulnerable semver range used to exclude still-vulnerable versions")
+    vulnerableRange: z11.string().optional().describe("Optional vulnerable semver range used to exclude still-vulnerable versions")
   }),
   execute: async ({
     packageName,
@@ -3943,6 +4312,35 @@ var findFixedVersionTool = tool9({
   }
 });
 
+// src/remediation/tools/check-suppression.ts
+import { z as z12 } from "zod";
+var suppressionSchema = z12.object({
+  cveId: z12.string(),
+  justification: z12.enum(["not_affected", "fixed", "mitigated", "under_investigation"]),
+  notes: z12.string().optional(),
+  expiresAt: z12.string().optional()
+});
+var checkSuppressionTool = defineTool({
+  description: "Check whether a CVE is suppressed by an active VEX suppression entry in the policy. Returns suppressed=true and the justification if an active match is found. Call this after check-version-match.",
+  parameters: z12.object({
+    cveId: z12.string().describe("The CVE ID to look up in suppressions"),
+    suppressions: z12.array(suppressionSchema).describe("The suppressions array from the loaded policy")
+  }),
+  execute: async ({ cveId, suppressions }) => {
+    const match = suppressions.find(
+      (s) => s.cveId === cveId && isActiveSuppression(s)
+    );
+    if (!match) {
+      return { suppressed: false };
+    }
+    return {
+      suppressed: true,
+      justification: match.justification,
+      notes: match.notes
+    };
+  }
+});
+
 // src/remediation/runtime-tools.ts
 function buildRuntimeTools(ctx) {
   const tools = {
@@ -3950,7 +4348,10 @@ function buildRuntimeTools(ctx) {
     "check-inventory": ctx.checkInventoryToolForRun,
     "check-version-match": checkVersionMatchTool,
     "find-fixed-version": findFixedVersionTool,
-    "apply-version-bump": ctx.applyVersionBumpToolForRun
+    "apply-version-bump": ctx.applyVersionBumpToolForRun,
+    "check-suppression": checkSuppressionTool,
+    "check-exploit-signal": checkExploitSignalTool,
+    "check-reachability": checkReachabilityTool
   };
   if (!ctx.constraints.directDependenciesOnly && !ctx.constraints.preferVersionBump) {
     tools["apply-package-override"] = ctx.applyPackageOverrideToolForRun;
@@ -4034,7 +4435,7 @@ async function createPipelineRuntime(cveId, options) {
   const constraints = options.constraints ?? {};
   const prompt = `Patch vulnerable dependencies affected by ${cveId} in the project at: ${cwd}. Package manager: ${packageManager}.`;
   const model = await createModel(options, { inputChars: prompt.length });
-  const modelName = model.modelId ?? "unknown-model";
+  const modelName = typeof model === "string" ? model : "modelId" in model && typeof model.modelId === "string" ? model.modelId : "unknown-model";
   const systemPrompt = loadOrchestrationPrompt({
     cveId,
     cwd,
@@ -4086,7 +4487,7 @@ async function runRemediationPipeline(cveId, options = {}) {
     system: systemPrompt,
     prompt,
     tools,
-    maxSteps: 25,
+    stopWhen: ({ steps }) => steps.length >= 25,
     onStepFinish(stepResult) {
       agentSteps += 1;
       const toolResults = stepResult.toolResults ?? [];
@@ -4141,6 +4542,188 @@ async function runRemediationPipeline(cveId, options = {}) {
   };
 }
 
+// src/api/change-request/index.ts
+import { execa as execa11 } from "execa";
+function sanitizeBranchToken(value) {
+  return value.toLowerCase().replace(/[^a-z0-9._/-]+/g, "-").replace(/^-+|-+$/g, "").slice(0, 80);
+}
+function buildPlan(reports) {
+  const cveIds = Array.from(new Set(reports.map((report) => report.cveId)));
+  const packageNames = Array.from(
+    new Set(
+      reports.flatMap((report) => report.results.map((result) => result.packageName))
+    )
+  );
+  const titleSuffix = cveIds.length === 1 ? cveIds[0] : `${cveIds.length} CVEs`;
+  const title = `security remediation: ${titleSuffix}`;
+  const body = [
+    "Automated remediation generated by autoremediator.",
+    "",
+    `CVEs: ${cveIds.join(", ")}`,
+    `Packages: ${packageNames.join(", ")}`
+  ].join("\n");
+  return {
+    cveIds,
+    packageNames,
+    title,
+    body
+  };
+}
+function resolveProvider2(options) {
+  return options.provider ?? "github";
+}
+function resolveGrouping(options) {
+  if (options.grouping && options.grouping !== "all") {
+    throw new Error(
+      "changeRequest.grouping currently supports only 'all' for deterministic branch creation."
+    );
+  }
+  return "all";
+}
+async function detectCurrentBranch(cwd) {
+  const result = await execa11("git", ["rev-parse", "--abbrev-ref", "HEAD"], {
+    cwd,
+    stdio: "pipe"
+  });
+  return result.stdout.trim();
+}
+async function ensureRepoHasChanges(cwd) {
+  const diff = await execa11("git", ["status", "--porcelain"], {
+    cwd,
+    stdio: "pipe"
+  });
+  return diff.stdout.trim().length > 0;
+}
+function toBranchName(prefix, cveIds) {
+  const token = sanitizeBranchToken(cveIds.join("-") || "remediation");
+  return `${sanitizeBranchToken(prefix)}/${token}-${Date.now()}`;
+}
+async function createGitHubRequest(params) {
+  const args = ["pr", "create", "--head", params.head, "--base", params.base, "--title", params.title, "--body", params.body];
+  if (params.repository) {
+    args.push("--repo", params.repository);
+  }
+  if (params.draft) {
+    args.push("--draft");
+  }
+  const result = await execa11("gh", args, {
+    cwd: params.cwd,
+    stdio: "pipe"
+  });
+  return result.stdout.trim() || void 0;
+}
+async function createGitLabRequest(params) {
+  const args = [
+    "mr",
+    "create",
+    "--source-branch",
+    params.source,
+    "--target-branch",
+    params.target,
+    "--title",
+    params.title,
+    "--description",
+    params.body
+  ];
+  if (params.repository) {
+    args.push("-R", params.repository);
+  }
+  if (params.draft) {
+    args.push("--draft");
+  }
+  const result = await execa11("glab", args, {
+    cwd: params.cwd,
+    stdio: "pipe"
+  });
+  return result.stdout.trim() || void 0;
+}
+async function createChangeRequestsForReports(params) {
+  const { cwd, options, reports } = params;
+  const provider = resolveProvider2(options);
+  const grouping = resolveGrouping(options);
+  const plan = buildPlan(reports);
+  const titlePrefix = options.titlePrefix?.trim();
+  const title = titlePrefix ? `${titlePrefix} ${plan.title}` : plan.title;
+  const body = options.bodyFooter ? `${plan.body}
+
+${options.bodyFooter}` : plan.body;
+  try {
+    const hasChanges = await ensureRepoHasChanges(cwd);
+    if (!hasChanges) {
+      return [
+        {
+          provider,
+          grouping,
+          repository: options.repository,
+          branchName: "",
+          title,
+          body,
+          created: false,
+          cveIds: plan.cveIds,
+          packageNames: plan.packageNames,
+          error: "No repository changes to include in change request."
+        }
+      ];
+    }
+    const baseBranch = options.baseBranch ?? await detectCurrentBranch(cwd);
+    const branchPrefix = options.branchPrefix ?? "autoremediator";
+    const branchName = toBranchName(branchPrefix, plan.cveIds);
+    const pushRemote = options.pushRemote ?? "origin";
+    await execa11("git", ["checkout", "-b", branchName], { cwd, stdio: "pipe" });
+    await execa11("git", ["add", "-A"], { cwd, stdio: "pipe" });
+    await execa11("git", ["commit", "-m", title], { cwd, stdio: "pipe" });
+    await execa11("git", ["push", "-u", pushRemote, branchName], { cwd, stdio: "pipe" });
+    const url = provider === "github" ? await createGitHubRequest({
+      cwd,
+      repository: options.repository,
+      head: branchName,
+      base: baseBranch,
+      title,
+      body,
+      draft: options.draft
+    }) : await createGitLabRequest({
+      cwd,
+      repository: options.repository,
+      source: branchName,
+      target: baseBranch,
+      title,
+      body,
+      draft: options.draft
+    });
+    return [
+      {
+        provider,
+        grouping,
+        repository: options.repository,
+        branchName,
+        title,
+        body,
+        created: true,
+        draft: options.draft,
+        url,
+        cveIds: plan.cveIds,
+        packageNames: plan.packageNames
+      }
+    ];
+  } catch (error) {
+    return [
+      {
+        provider,
+        grouping,
+        repository: options.repository,
+        branchName: "",
+        title,
+        body,
+        created: false,
+        draft: options.draft,
+        cveIds: plan.cveIds,
+        packageNames: plan.packageNames,
+        error: error instanceof Error ? error.message : String(error)
+      }
+    ];
+  }
+}
+
 // src/api/context.ts
 function buildRequestId() {
   return `req-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`;
@@ -4172,7 +4755,7 @@ function resolveConstraints(options, cwd) {
 
 // src/platform/evidence.ts
 import { mkdirSync as mkdirSync3, writeFileSync as writeFileSync5 } from "fs";
-import { join as join15 } from "path";
+import { join as join16 } from "path";
 function createEvidenceLog(cwd, cveIds, context = {}) {
   return {
     runId: `${Date.now()}-${Math.random().toString(36).slice(2, 8)}`,
@@ -4203,9 +4786,9 @@ function finalizeEvidence(log) {
   return log;
 }
 function writeEvidenceLog(cwd, log) {
-  const dir = join15(cwd, ".autoremediator", "evidence");
+  const dir = join16(cwd, ".autoremediator", "evidence");
   mkdirSync3(dir, { recursive: true });
-  const filePath = join15(dir, `${log.runId}.json`);
+  const filePath = join16(dir, `${log.runId}.json`);
   writeFileSync5(filePath, JSON.stringify(log, null, 2) + "\n", "utf8");
   return filePath;
 }
@@ -4261,7 +4844,9 @@ function addRemediateResultSteps(evidence, cveId, report) {
         dryRun: result.dryRun,
         unresolvedReason: result.unresolvedReason,
         reachability: result.reachability?.status,
-        hasAlternatives: Boolean(result.alternativeSuggestions?.length)
+        hasAlternatives: Boolean(result.alternativeSuggestions?.length),
+        suppressedBy: result.suppressedBy?.justification,
+        regressionDetected: result.regressionDetected
       }
     );
   }
@@ -4272,7 +4857,11 @@ function addRemediateResultSteps(evidence, cveId, report) {
     {
       resultCount: report.results.length,
       vulnerableCount: report.vulnerablePackages.length,
-      llmUsage: report.llmUsage
+      llmUsage: report.llmUsage,
+      exploitSignalTriggered: report.exploitSignalTriggered ?? false,
+      slaBreachCount: report.slaBreaches?.length ?? 0,
+      regressionDetectedCount: report.results.filter((r) => r.regressionDetected).length,
+      sbomEntryCount: report.sbom?.length ?? 0
     }
   );
   finalizeEvidence(evidence);
@@ -4367,12 +4956,24 @@ async function remediate(cveId, options = {}) {
     constraints,
     resumedFromCache: false
   };
+  if (options.changeRequest?.enabled) {
+    finalReport.changeRequests = await createChangeRequestsForReports({
+      cwd,
+      options: options.changeRequest,
+      reports: [finalReport]
+    });
+  }
   if (options.idempotencyKey && !options.dryRun && !options.preview) {
     storeIdempotentReport(cwd, options.idempotencyKey, normalizedCveId, finalReport);
   }
   return finalReport;
 }
 async function planRemediation(cveId, options = {}) {
+  if (Object.hasOwn(options, "dryRun") || Object.hasOwn(options, "preview")) {
+    throw new Error(
+      "planRemediation always runs with dryRun=true and preview=true. Remove dryRun/preview from options."
+    );
+  }
   return remediate(cveId, {
     ...options,
     preview: true,
@@ -4381,12 +4982,12 @@ async function planRemediation(cveId, options = {}) {
 }
 
 // src/scanner/parse-input.ts
-import { extname } from "path";
-import { readFileSync as readFileSync12 } from "fs";
-import { execa as execa11 } from "execa";
+import { extname as extname2 } from "path";
+import { readFileSync as readFileSync13 } from "fs";
+import { execa as execa12 } from "execa";
 
 // src/scanner/adapters/npm-audit.ts
-import { readFileSync as readFileSync9 } from "fs";
+import { readFileSync as readFileSync10 } from "fs";
 var CVE_REGEX = /CVE-\d{4}-\d+/gi;
 function normalizeSeverity(raw) {
   if (!raw) return "UNKNOWN";
@@ -4420,12 +5021,12 @@ function parseNpmAuditJsonFromString(content) {
   return findings;
 }
 function parseNpmAuditJsonFile(filePath) {
-  const content = readFileSync9(filePath, "utf8");
+  const content = readFileSync10(filePath, "utf8");
   return parseNpmAuditJsonFromString(content);
 }
 
 // src/scanner/adapters/yarn-audit.ts
-import { readFileSync as readFileSync10 } from "fs";
+import { readFileSync as readFileSync11 } from "fs";
 var CVE_REGEX2 = /CVE-\d{4}-\d+/gi;
 function normalizeSeverity2(raw) {
   if (!raw) return "UNKNOWN";
@@ -4468,12 +5069,12 @@ function parseYarnAuditJsonFromString(content) {
   return findings;
 }
 function parseYarnAuditJsonFile(filePath) {
-  const content = readFileSync10(filePath, "utf8");
+  const content = readFileSync11(filePath, "utf8");
   return parseYarnAuditJsonFromString(content);
 }
 
 // src/scanner/adapters/sarif.ts
-import { readFileSync as readFileSync11 } from "fs";
+import { readFileSync as readFileSync12 } from "fs";
 var CVE_REGEX3 = /CVE-\d{4}-\d+/gi;
 function extractPackageName(result) {
   const pkg = result.properties?.["packageName"];
@@ -4505,7 +5106,7 @@ function parseSarifFromString(content) {
   return findings;
 }
 function parseSarifFile(filePath) {
-  const content = readFileSync11(filePath, "utf8");
+  const content = readFileSync12(filePath, "utf8");
   return parseSarifFromString(content);
 }
 
@@ -4532,7 +5133,7 @@ async function parseScanInputFromAudit(params) {
   }
   const command = resolveAuditCommand(pm, { workspace: params.workspace });
   const [cmd, ...args] = command;
-  const result = await execa11(cmd, args, {
+  const result = await execa12(cmd, args, {
     cwd: params.cwd,
     stdio: "pipe",
     reject: false
@@ -4568,10 +5169,10 @@ function ensureAuditFormatCompatibility(pm, resolved) {
   }
 }
 function inferFormat(filePath) {
-  const ext = extname(filePath).toLowerCase();
+  const ext = extname2(filePath).toLowerCase();
   if (ext === ".sarif") return "sarif";
   try {
-    const content = readFileSync12(filePath, "utf8");
+    const content = readFileSync13(filePath, "utf8");
     const firstLine = content.split("\n").find((line) => line.trim().startsWith("{"));
     if (firstLine) {
       const parsed = JSON.parse(firstLine);
@@ -4839,6 +5440,11 @@ async function remediateFromScan(inputPath, options = {}) {
   };
   finalizeEvidence(evidence);
   const evidenceFile = options.evidence === false ? void 0 : writeEvidenceLog(cwd, evidence);
+  const changeRequests = options.changeRequest?.enabled ? await createChangeRequestsForReports({
+    cwd,
+    options: options.changeRequest,
+    reports
+  }) : void 0;
   return {
     schemaVersion: "1.0",
     status,
@@ -4861,19 +5467,124 @@ async function remediateFromScan(inputPath, options = {}) {
     idempotencyKey: options.idempotencyKey,
     llmUsageCount: llmUsageTotals.llmUsageCount > 0 ? llmUsageTotals.llmUsageCount : void 0,
     estimatedCostUsd: llmUsageTotals.estimatedCostUsd,
-    totalLlmLatencyMs: llmUsageTotals.totalLlmLatencyMs
+    totalLlmLatencyMs: llmUsageTotals.totalLlmLatencyMs,
+    changeRequests
+  };
+}
+
+// src/api/portfolio/index.ts
+function toTargetStatusFromRemediation(report) {
+  const failed = report.results.some((result) => !result.applied && !result.dryRun);
+  const succeeded = report.results.some((result) => result.applied || result.dryRun);
+  if (!failed) return "ok";
+  return succeeded ? "partial" : "failed";
+}
+function normalizeTargetInput(target) {
+  return {
+    cveId: target.cveId?.trim() || void 0,
+    inputPath: target.inputPath?.trim() || void 0,
+    audit: target.audit ?? false
+  };
+}
+function validateTarget(target, index) {
+  if (!target.cwd || typeof target.cwd !== "string") {
+    throw new Error(`Invalid portfolio target at index ${index}: cwd is required.`);
+  }
+  const { cveId, inputPath, audit } = normalizeTargetInput(target);
+  const hasScanInput = Boolean(inputPath) || audit;
+  if (Boolean(cveId) === hasScanInput) {
+    throw new Error(
+      `Invalid portfolio target at index ${index}: provide exactly one mode (cveId OR inputPath/audit).`
+    );
+  }
+}
+async function remediatePortfolio(targets, options = {}) {
+  const normalizedTargets = Array.isArray(targets) ? targets : [];
+  if (normalizedTargets.length === 0) {
+    throw new Error("Portfolio requires at least one target.");
+  }
+  normalizedTargets.forEach((target, index) => validateTarget(target, index));
+  const results = [];
+  const changeRequests = [];
+  let successCount = 0;
+  let failedCount = 0;
+  for (const target of normalizedTargets) {
+    const { cveId, inputPath, audit } = normalizeTargetInput(target);
+    try {
+      if (cveId) {
+        const remediationReport = await remediate(cveId, {
+          ...options,
+          cwd: target.cwd,
+          source: options.source
+        });
+        const status = toTargetStatusFromRemediation(remediationReport);
+        results.push({
+          target,
+          status,
+          remediationReport,
+          changeRequests: remediationReport.changeRequests
+        });
+        if (remediationReport.changeRequests?.length) {
+          changeRequests.push(...remediationReport.changeRequests);
+        }
+        if (status === "failed") {
+          failedCount += 1;
+        } else {
+          successCount += 1;
+        }
+        continue;
+      }
+      const scanReport = await remediateFromScan(inputPath ?? "", {
+        ...options,
+        cwd: target.cwd,
+        audit,
+        format: target.format,
+        source: options.source
+      });
+      results.push({
+        target,
+        status: scanReport.status,
+        scanReport,
+        changeRequests: scanReport.changeRequests
+      });
+      if (scanReport.changeRequests?.length) {
+        changeRequests.push(...scanReport.changeRequests);
+      }
+      if (scanReport.status === "failed") {
+        failedCount += 1;
+      } else {
+        successCount += 1;
+      }
+    } catch (error) {
+      results.push({
+        target,
+        status: "failed",
+        error: error instanceof Error ? error.message : String(error)
+      });
+      failedCount += 1;
+    }
+  }
+  const overallStatus = failedCount === 0 ? "ok" : successCount > 0 ? "partial" : "failed";
+  return {
+    schemaVersion: "1.0",
+    status: overallStatus,
+    generatedAt: (/* @__PURE__ */ new Date()).toISOString(),
+    targets: results,
+    successCount,
+    failedCount,
+    changeRequests: changeRequests.length > 0 ? changeRequests : void 0
   };
 }
 
 // src/api/update-outdated/index.ts
-import { join as join16 } from "path";
-import { readFileSync as readFileSync13, writeFileSync as writeFileSync6 } from "fs";
-import { execa as execa12 } from "execa";
+import { join as join17 } from "path";
+import { readFileSync as readFileSync14, writeFileSync as writeFileSync6 } from "fs";
+import { execa as execa13 } from "execa";
 async function applyBump(params) {
-  const pkgPath = join16(params.cwd, "package.json");
+  const pkgPath = join17(params.cwd, "package.json");
   let pkgJson;
   try {
-    pkgJson = JSON.parse(readFileSync13(pkgPath, "utf8"));
+    pkgJson = JSON.parse(readFileSync14(pkgPath, "utf8"));
   } catch {
     return {
       applied: false,
@@ -4898,7 +5609,7 @@ async function applyBump(params) {
     writeFileSync6(pkgPath, JSON.stringify(pkgJson, null, 2) + "\n", "utf8");
     try {
       const [installCmd, ...installArgs] = params.installCommand;
-      await execa12(installCmd, installArgs, { cwd: params.cwd, stdio: "pipe" });
+      await execa13(installCmd, installArgs, { cwd: params.cwd, stdio: "pipe" });
     } catch (err) {
       pkgJson[depField][params.packageName] = currentRange;
       writeFileSync6(pkgPath, JSON.stringify(pkgJson, null, 2) + "\n", "utf8");
@@ -4911,13 +5622,13 @@ async function applyBump(params) {
     if (params.runTests) {
       try {
         const [testCmd, ...testArgs] = params.testCommand;
-        await execa12(testCmd, testArgs, { cwd: params.cwd, stdio: "pipe" });
+        await execa13(testCmd, testArgs, { cwd: params.cwd, stdio: "pipe" });
       } catch (err) {
         pkgJson[depField][params.packageName] = currentRange;
         writeFileSync6(pkgPath, JSON.stringify(pkgJson, null, 2) + "\n", "utf8");
         try {
           const [rollbackCmd, ...rollbackArgs] = params.installCommand;
-          await execa12(rollbackCmd, rollbackArgs, { cwd: params.cwd, stdio: "pipe" });
+          await execa13(rollbackCmd, rollbackArgs, { cwd: params.cwd, stdio: "pipe" });
         } catch {
         }
         const message = err instanceof Error ? err.message : String(err);
@@ -5070,6 +5781,28 @@ async function updateOutdated(options = {}) {
   };
   finalizeEvidence(evidence);
   const evidenceFile = options.evidence === false ? void 0 : writeEvidenceLog(cwd, evidence);
+  const changeRequests = options.changeRequest?.enabled && successCount > 0 ? await createChangeRequestsForReports({
+    cwd,
+    options: options.changeRequest,
+    reports: [
+      {
+        cveId: "UPDATE-OUTDATED",
+        cveDetails: null,
+        vulnerablePackages: [],
+        results: outdatedPackages.filter((pkg) => !pkg.isMajorBump).map((pkg) => ({
+          packageName: pkg.name,
+          strategy: "version-bump",
+          fromVersion: pkg.currentVersion,
+          toVersion: pkg.latestVersion,
+          applied: true,
+          dryRun: Boolean(options.dryRun),
+          message: `Updated ${pkg.name} to ${pkg.latestVersion}`
+        })),
+        agentSteps: 0,
+        summary: "update-outdated"
+      }
+    ]
+  }) : void 0;
   return {
     schemaVersion: "1.0",
     status,
@@ -5083,7 +5816,8 @@ async function updateOutdated(options = {}) {
     patchCount: 0,
     constraints,
     correlation,
-    provenance
+    provenance,
+    changeRequests
   };
 }
 
@@ -5151,9 +5885,9 @@ function toSarifOutput(report) {
 }
 
 // src/version.ts
-import { readFileSync as readFileSync14 } from "fs";
+import { readFileSync as readFileSync15 } from "fs";
 function readPackageVersion() {
-  const raw = readFileSync14(new URL("../package.json", import.meta.url), "utf8");
+  const raw = readFileSync15(new URL("../package.json", import.meta.url), "utf8");
   const metadata = JSON.parse(raw);
   if (!metadata.version) {
     throw new Error("packages/core/package.json is missing a version field.");
@@ -5177,7 +5911,8 @@ export {
   remediate,
   planRemediation,
   remediateFromScan,
+  remediatePortfolio,
   updateOutdated,
   PACKAGE_VERSION
 };
-//# sourceMappingURL=chunk-F7W4EYJL.js.map
+//# sourceMappingURL=chunk-575GEUAY.js.map