autoremediator 0.3.0 → 0.4.0

package/README.md

@@ -56,6 +56,17 @@ Primary sources:
 - [GitHub Advisory Database](https://github.com/advisories)
 - [NVD](https://nvd.nist.gov)
 
+Supplemental enrichment and prioritization sources:
+
+- [CISA KEV](https://www.cisa.gov/known-exploited-vulnerabilities-catalog)
+- [FIRST EPSS](https://www.first.org/epss/)
+- [CVE Services](https://www.cve.org/)
+- [GitLab Advisory Database](https://advisories.gitlab.com)
+- [CERT/CC Vulnerability Notes](https://www.kb.cert.org/vuls/)
+- [deps.dev](https://deps.dev)
+- [OpenSSF Scorecard](https://securityscorecards.dev)
+- Optional vendor and commercial feeds via environment-configured connectors
+
 Trust controls:
 
 - correlate advisory data with local dependency inventory before action
@@ -70,6 +81,8 @@ Trust controls:
 - MCP: AI host integrations
 - OpenAPI: service-based automation
 
+Public API naming canon: `runTests`, `policy`, `evidence`, `patchCount`, and `patchesDir`.
+
 ## Documentation
 
 - [Docs Home](https://rawlings.github.io/autoremediator/)

package/dist/{chunk-URM53GSJ.js → chunk-GBOD3DV6.js}

@@ -64,6 +64,19 @@ function getNvdConfig() {
 function getGitHubToken() {
   return process.env.GITHUB_TOKEN;
 }
+function getIntelligenceSourceConfig() {
+  return {
+    gitLabAdvisoryApi: process.env.AUTOREMEDIATOR_GITLAB_ADVISORY_API ?? "https://advisories.gitlab.com/api/v1/advisories",
+    certCcSearchUrl: process.env.AUTOREMEDIATOR_CERTCC_SEARCH_URL ?? "https://www.kb.cert.org/vuls/search",
+    epssApi: process.env.AUTOREMEDIATOR_EPSS_API ?? "https://api.first.org/data/v1/epss",
+    cveServicesApi: process.env.AUTOREMEDIATOR_CVE_SERVICES_API ?? "https://cveawg.mitre.org/api/cve",
+    depsDevApi: process.env.AUTOREMEDIATOR_DEPSDEV_API ?? "https://api.deps.dev/v3",
+    scorecardApi: process.env.AUTOREMEDIATOR_SCORECARD_API ?? "https://api.securityscorecards.dev",
+    vendorAdvisoryFeeds: (process.env.AUTOREMEDIATOR_VENDOR_ADVISORY_FEEDS ?? "").split(",").map((v) => v.trim()).filter(Boolean),
+    commercialFeeds: (process.env.AUTOREMEDIATOR_COMMERCIAL_FEEDS ?? "").split(",").map((v) => v.trim()).filter(Boolean),
+    commercialFeedToken: process.env.AUTOREMEDIATOR_COMMERCIAL_FEED_TOKEN
+  };
+}
 
 // src/platform/package-manager.ts
 import { existsSync } from "fs";
@@ -343,6 +356,288 @@ async function enrichWithNvd(details) {
   return details;
 }
 
+// src/intelligence/sources/cisa-kev.ts
+var CISA_KEV_URL = "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json";
+async function fetchCisaKevFeed() {
+  try {
+    const res = await fetch(CISA_KEV_URL, {
+      headers: { Accept: "application/json" }
+    });
+    if (!res.ok) return void 0;
+    return await res.json();
+  } catch {
+    return void 0;
+  }
+}
+function findKevEntry(feed, cveId) {
+  if (!feed?.vulnerabilities?.length) return void 0;
+  const normalized = cveId.toUpperCase();
+  return feed.vulnerabilities.find((v) => v.cveID.toUpperCase() === normalized);
+}
+async function enrichWithCisaKev(details) {
+  const feed = await fetchCisaKevFeed();
+  const entry = findKevEntry(feed, details.id);
+  if (!entry) return details;
+  details.kev = {
+    knownExploited: true,
+    dateAdded: entry.dateAdded,
+    dueDate: entry.dueDate,
+    requiredAction: entry.requiredAction,
+    knownRansomwareCampaignUse: entry.knownRansomwareCampaignUse
+  };
+  if (!details.references.includes(CISA_KEV_URL)) {
+    details.references.push(CISA_KEV_URL);
+  }
+  return details;
+}
+
+// src/intelligence/sources/epss.ts
+async function fetchEpss(cveId) {
+  const { epssApi } = getIntelligenceSourceConfig();
+  if (!epssApi) return void 0;
+  try {
+    const url = new URL(epssApi);
+    url.searchParams.set("cve", cveId);
+    const res = await fetch(url.toString(), {
+      headers: { Accept: "application/json" }
+    });
+    if (!res.ok) return void 0;
+    const body = await res.json();
+    return body.data?.[0];
+  } catch {
+    return void 0;
+  }
+}
+async function enrichWithEpss(details) {
+  const row = await fetchEpss(details.id);
+  if (!row) return details;
+  const score = Number.parseFloat(row.epss);
+  const percentile = Number.parseFloat(row.percentile);
+  if (!Number.isFinite(score) || !Number.isFinite(percentile)) {
+    return details;
+  }
+  details.epss = {
+    score,
+    percentile,
+    date: row.date
+  };
+  return details;
+}
+
+// src/intelligence/sources/cve-services.ts
+function pickEnglishDescription(container) {
+  if (!container?.descriptions?.length) return void 0;
+  const en = container.descriptions.find((d) => d.lang === "en" && d.value);
+  return (en?.value ?? container.descriptions[0]?.value)?.trim() || void 0;
+}
+function collectReferences(record) {
+  const refs = /* @__PURE__ */ new Set();
+  const cnaRefs = record.containers?.cna?.references ?? [];
+  const adpRefs = (record.containers?.adp ?? []).flatMap((c) => c.references ?? []);
+  for (const ref of [...cnaRefs, ...adpRefs]) {
+    if (ref.url) refs.add(ref.url);
+  }
+  return Array.from(refs);
+}
+async function fetchCveServicesRecord(cveId) {
+  const { cveServicesApi } = getIntelligenceSourceConfig();
+  if (!cveServicesApi) return void 0;
+  try {
+    const res = await fetch(`${cveServicesApi}/${encodeURIComponent(cveId)}`, {
+      headers: { Accept: "application/json" }
+    });
+    if (!res.ok) return void 0;
+    return await res.json();
+  } catch {
+    return void 0;
+  }
+}
+async function enrichWithCveServices(details) {
+  const record = await fetchCveServicesRecord(details.id);
+  if (!record) return details;
+  const summary = pickEnglishDescription(record.containers?.cna);
+  if (summary && (!details.summary || details.summary.includes("No summary available"))) {
+    details.summary = summary;
+  }
+  const refs = collectReferences(record);
+  if (refs.length > 0) {
+    const merged = /* @__PURE__ */ new Set([...details.references, ...refs]);
+    details.references = Array.from(merged);
+  }
+  details.intelligence = {
+    ...details.intelligence ?? {},
+    cveServicesEnriched: true
+  };
+  return details;
+}
+
+// src/intelligence/sources/gitlab-advisory.ts
+function advisoryMatchesCve(advisory, cveId) {
+  const normalized = cveId.toUpperCase();
+  return (advisory.identifiers ?? []).some(
+    (id) => id.type?.toUpperCase() === "CVE" && id.value?.toUpperCase() === normalized
+  );
+}
+async function fetchGitLabAdvisories(cveId) {
+  const { gitLabAdvisoryApi } = getIntelligenceSourceConfig();
+  if (!gitLabAdvisoryApi) return [];
+  try {
+    const url = new URL(gitLabAdvisoryApi);
+    url.searchParams.set("identifier", cveId);
+    url.searchParams.set("ecosystem", "npm");
+    const res = await fetch(url.toString(), {
+      headers: { Accept: "application/json" }
+    });
+    if (!res.ok) return [];
+    const body = await res.json();
+    return Array.isArray(body) ? body : [];
+  } catch {
+    return [];
+  }
+}
+async function enrichWithGitLabAdvisory(details) {
+  const advisories = await fetchGitLabAdvisories(details.id);
+  const matched = advisories.filter((a) => advisoryMatchesCve(a, details.id));
+  if (matched.length === 0) return details;
+  const refs = matched.flatMap((m) => m.references ?? []);
+  if (refs.length > 0) {
+    const merged = /* @__PURE__ */ new Set([...details.references, ...refs]);
+    details.references = Array.from(merged);
+  }
+  details.intelligence = {
+    ...details.intelligence ?? {},
+    gitlabAdvisoryMatched: true
+  };
+  return details;
+}
+
+// src/intelligence/sources/certcc.ts
+var CERTCC_HOME = "https://www.kb.cert.org/vuls/";
+async function findCertCcReference(cveId) {
+  const { certCcSearchUrl } = getIntelligenceSourceConfig();
+  if (!certCcSearchUrl) return void 0;
+  try {
+    const url = new URL(certCcSearchUrl);
+    url.searchParams.set("query", cveId);
+    const res = await fetch(url.toString(), {
+      headers: { Accept: "text/html" }
+    });
+    if (!res.ok) return void 0;
+    const html = await res.text();
+    const match = html.match(/https:\/\/www\.kb\.cert\.org\/vuls\/id\/\d+/i);
+    return match?.[0] ?? void 0;
+  } catch {
+    return void 0;
+  }
+}
+async function enrichWithCertCc(details) {
+  const ref = await findCertCcReference(details.id);
+  if (!ref) return details;
+  if (!details.references.includes(ref)) {
+    details.references.push(ref);
+  }
+  details.intelligence = {
+    ...details.intelligence ?? {},
+    certCcMatched: true
+  };
+  if (!details.references.includes(CERTCC_HOME)) {
+    details.references.push(CERTCC_HOME);
+  }
+  return details;
+}
+
+// src/intelligence/sources/deps-dev.ts
+async function fetchDepsDevPackage(name) {
+  const { depsDevApi } = getIntelligenceSourceConfig();
+  if (!depsDevApi) return false;
+  try {
+    const url = `${depsDevApi}/systems/npm/packages/${encodeURIComponent(name)}`;
+    const res = await fetch(url, { headers: { Accept: "application/json" } });
+    return res.ok;
+  } catch {
+    return false;
+  }
+}
+async function enrichWithDepsDev(details) {
+  const names = Array.from(new Set(details.affectedPackages.map((p) => p.name))).slice(0, 20);
+  if (names.length === 0) return details;
+  const checks = await Promise.all(names.map((name) => fetchDepsDevPackage(name)));
+  const matched = checks.filter(Boolean).length;
+  if (matched === 0) return details;
+  details.intelligence = {
+    ...details.intelligence ?? {},
+    depsDevEnrichedPackages: matched
+  };
+  return details;
+}
+
+// src/intelligence/sources/ossf-scorecard.ts
+async function checkProject(project) {
+  const { scorecardApi } = getIntelligenceSourceConfig();
+  if (!scorecardApi) return false;
+  try {
+    const url = new URL(`${scorecardApi}/projects`);
+    url.searchParams.set("project", project);
+    const res = await fetch(url.toString(), {
+      headers: { Accept: "application/json" }
+    });
+    return res.ok;
+  } catch {
+    return false;
+  }
+}
+async function enrichWithOssfScorecard(details) {
+  const projects = Array.from(
+    new Set(details.affectedPackages.map((p) => `github.com/${p.name}/${p.name}`))
+  ).slice(0, 10);
+  if (projects.length === 0) return details;
+  const checks = await Promise.all(projects.map((project) => checkProject(project)));
+  const matched = checks.filter(Boolean).length;
+  if (matched === 0) return details;
+  details.intelligence = {
+    ...details.intelligence ?? {},
+    scorecardProjects: matched
+  };
+  return details;
+}
+
+// src/intelligence/sources/external-feeds.ts
+async function probeFeed(url, cveId, token) {
+  try {
+    const feedUrl = new URL(url);
+    feedUrl.searchParams.set("cve", cveId);
+    const headers = { Accept: "application/json" };
+    if (token) headers.Authorization = `Bearer ${token}`;
+    const res = await fetch(feedUrl.toString(), { headers });
+    if (!res.ok) return void 0;
+    return feedUrl.toString();
+  } catch {
+    return void 0;
+  }
+}
+async function enrichWithExternalFeeds(details) {
+  const {
+    vendorAdvisoryFeeds,
+    commercialFeeds,
+    commercialFeedToken
+  } = getIntelligenceSourceConfig();
+  const vendorHits = (await Promise.all(vendorAdvisoryFeeds.map((url) => probeFeed(url, details.id)))).filter((v) => Boolean(v));
+  const commercialHits = (await Promise.all(
+    commercialFeeds.map((url) => probeFeed(url, details.id, commercialFeedToken))
+  )).filter((v) => Boolean(v));
+  if (vendorHits.length === 0 && commercialHits.length === 0) {
+    return details;
+  }
+  details.intelligence = {
+    ...details.intelligence ?? {},
+    vendorAdvisories: vendorHits.length > 0 ? vendorHits : details.intelligence?.vendorAdvisories,
+    commercialFeeds: commercialHits.length > 0 ? commercialHits : details.intelligence?.commercialFeeds
+  };
+  const mergedRefs = /* @__PURE__ */ new Set([...details.references, ...vendorHits, ...commercialHits]);
+  details.references = Array.from(mergedRefs);
+  return details;
+}
+
 // src/remediation/tools/lookup-cve.ts
 var lookupCveTool = tool({
   description: "Look up a CVE ID and return the list of affected npm packages, their vulnerable version ranges, and the first patched version. Always call this first.",
@@ -371,7 +666,37 @@ var lookupCveTool = tool({
     if (ghPackages.length > 0) {
       details = mergeGhDataIntoCveDetails(details, ghPackages);
     }
-    details = await enrichWithNvd(details);
+    const sourceHealth = {};
+    const applyEnricher = async (sourceName, enricher) => {
+      const before = JSON.stringify(details);
+      try {
+        details = await enricher(details);
+        const after = JSON.stringify(details);
+        sourceHealth[sourceName] = {
+          attempted: true,
+          changed: before !== after
+        };
+      } catch (error) {
+        sourceHealth[sourceName] = {
+          attempted: true,
+          changed: false,
+          error: error instanceof Error ? error.message : String(error)
+        };
+      }
+    };
+    await applyEnricher("nvd", enrichWithNvd);
+    await applyEnricher("cisa-kev", enrichWithCisaKev);
+    await applyEnricher("epss", enrichWithEpss);
+    await applyEnricher("cve-services", enrichWithCveServices);
+    await applyEnricher("gitlab-advisory", enrichWithGitLabAdvisory);
+    await applyEnricher("certcc", enrichWithCertCc);
+    await applyEnricher("deps-dev", enrichWithDepsDev);
+    await applyEnricher("ossf-scorecard", enrichWithOssfScorecard);
+    await applyEnricher("external-feeds", enrichWithExternalFeeds);
+    details.intelligence = {
+      ...details.intelligence ?? {},
+      sourceHealth
+    };
     if (details.affectedPackages.length === 0) {
       return {
         success: false,
@@ -666,8 +991,8 @@ var applyVersionBumpTool = tool5({
     fromVersion: z5.string().describe("The currently installed vulnerable version"),
     toVersion: z5.string().describe("The safe target version to upgrade to"),
     dryRun: z5.boolean().default(false).describe("If true, report changes but do not write"),
-    policyPath: z5.string().optional().describe("Optional path to .autoremediator policy file"),
-    skipTests: z5.boolean().default(true).describe("If true, skip test validation after applying the fix")
+    policy: z5.string().optional().describe("Optional path to .autoremediator policy file"),
+    runTests: z5.boolean().default(false).describe("If true, run test validation after applying the fix")
   }),
   execute: async ({
     cwd,
@@ -676,14 +1001,14 @@ var applyVersionBumpTool = tool5({
     fromVersion,
     toVersion,
     dryRun,
-    policyPath,
-    skipTests
+    policy,
+    runTests
   }) => {
     const pm = packageManager ?? detectPackageManager(cwd);
     const commands = getPackageManagerCommands(pm);
     const pkgPath = join5(cwd, "package.json");
-    const policy = loadPolicy(cwd, policyPath);
-    if (!isPackageAllowed(policy, packageName)) {
+    const loadedPolicy = loadPolicy(cwd, policy);
+    if (!isPackageAllowed(loadedPolicy, packageName)) {
       return {
         packageName,
         strategy: "none",
@@ -695,7 +1020,7 @@ var applyVersionBumpTool = tool5({
       };
     }
     const isMajorBump = semver3.valid(fromVersion) && semver3.valid(toVersion) && semver3.major(toVersion) > semver3.major(fromVersion);
-    if (isMajorBump && !policy.allowMajorBumps) {
+    if (isMajorBump && !loadedPolicy.allowMajorBumps) {
       return {
         packageName,
         strategy: "none",
@@ -746,7 +1071,7 @@ var applyVersionBumpTool = tool5({
         toVersion,
         applied: false,
         dryRun: true,
-        message: `[DRY RUN] Would update ${depField}.${packageName}: "${currentRange}" \u2192 "${newRange}", then run ${installCmd}${skipTests ? "" : ` and ${testCmd}`}.`
+        message: `[DRY RUN] Would update ${depField}.${packageName}: "${currentRange}" -> "${newRange}", then run ${installCmd}${runTests ? ` and ${testCmd}` : ""}.`
       };
     }
     return withRepoLock(cwd, async () => {
@@ -772,7 +1097,7 @@ var applyVersionBumpTool = tool5({
           message: `${commands.installPreferOffline.join(" ")} failed after updating "${packageName}" to ${toVersion}. Reverted. Error: ${message}`
         };
       }
-      if (!skipTests) {
+      if (runTests) {
         try {
           const [testCmd, ...testArgs] = commands.test;
           await execa2(testCmd, testArgs, {
@@ -809,7 +1134,7 @@ var applyVersionBumpTool = tool5({
         toVersion,
         applied: true,
         dryRun: false,
-        message: `Successfully upgraded "${packageName}" from ${fromVersion} to ${toVersion}, ran ${commands.installPreferOffline.join(" ")}${skipTests ? "" : `, and passed ${commands.test.join(" ")}`}.`
+        message: `Successfully upgraded "${packageName}" from ${fromVersion} to ${toVersion}, ran ${commands.installPreferOffline.join(" ")}${runTests ? `, and passed ${commands.test.join(" ")}` : ""}.`
       };
     });
   }
@@ -1442,16 +1767,16 @@ async function runRemediationPipeline(cveId, options = {}) {
   const packageManager = options.packageManager ?? detectPackageManager(cwd);
   const preview = options.preview ?? false;
   const dryRun = (options.dryRun ?? false) || preview;
-  const skipTests = options.skipTests ?? true;
-  const policyPath = options.policyPath ?? "";
+  const runTests = options.runTests ?? false;
+  const policy = options.policy ?? "";
   const patchesDir = options.patchesDir || "./patches";
   const model = await createModel(options);
   const systemPrompt = loadOrchestrationPrompt({
     cveId,
     cwd,
     dryRun,
-    skipTests,
-    policyPath,
+    runTests,
+    policy,
     patchesDir,
     packageManager
   });
@@ -1536,8 +1861,8 @@ async function runLocalRemediationPipeline(cveId, options = {}) {
   const packageManager = options.packageManager ?? detectPackageManager(cwd);
   const preview = options.preview ?? false;
   const dryRun = (options.dryRun ?? false) || preview;
-  const skipTests = options.skipTests ?? true;
-  const policyPath = options.policyPath ?? "";
+  const runTests = options.runTests ?? false;
+  const policy = options.policy ?? "";
   const collectedResults = [];
   const vulnerablePackages = [];
   let cveDetails = null;
@@ -1678,8 +2003,8 @@ async function runLocalRemediationPipeline(cveId, options = {}) {
       fromVersion: pkg.version,
       toVersion: safeVersion,
       dryRun,
-      policyPath,
-      skipTests
+      policy,
+      runTests
     });
     agentSteps += 1;
     collectedResults.push(applyResult);
@@ -1708,8 +2033,8 @@ function loadOrchestrationPrompt(ctx) {
 Working directory: ${ctx.cwd}
   Package manager: ${ctx.packageManager}
 Dry run: ${ctx.dryRun}
-Skip tests: ${ctx.skipTests}
-Policy path: ${ctx.policyPath || "undefined"}
+Run tests: ${ctx.runTests}
+Policy: ${ctx.policy || "undefined"}
 Patches dir: ${ctx.patchesDir}
 
 Required sequence:
@@ -1727,7 +2052,7 @@ Fallback sequence (when strategy="none"):
 Always respect dryRun and policy constraints.`;
   }
   const template = readFileSync4(promptPath, "utf8");
-  return template.replaceAll("{{cveId}}", ctx.cveId).replaceAll("{{cwd}}", ctx.cwd).replaceAll("{{packageManager}}", ctx.packageManager).replaceAll("{{dryRun}}", String(ctx.dryRun)).replaceAll("{{skipTests}}", String(ctx.skipTests)).replaceAll("{{policyPath}}", ctx.policyPath || "undefined").replaceAll("{{patchesDir}}", ctx.patchesDir);
+  return template.replaceAll("{{cveId}}", ctx.cveId).replaceAll("{{cwd}}", ctx.cwd).replaceAll("{{packageManager}}", ctx.packageManager).replaceAll("{{dryRun}}", String(ctx.dryRun)).replaceAll("{{runTests}}", String(ctx.runTests)).replaceAll("{{policy}}", ctx.policy || "undefined").replaceAll("{{patchesDir}}", ctx.patchesDir);
 }
 
 // src/scanner/index.ts
@@ -1999,7 +2324,7 @@ function resolveProvenanceContext(options) {
   };
 }
 function resolveConstraints(options, cwd) {
-  const policy = loadPolicy(cwd, options.policyPath);
+  const policy = loadPolicy(cwd, options.policy);
   return {
     directDependenciesOnly: options.constraints?.directDependenciesOnly ?? policy.constraints?.directDependenciesOnly ?? false,
     preferVersionBump: options.constraints?.preferVersionBump ?? policy.constraints?.preferVersionBump ?? false
@@ -2090,7 +2415,7 @@ async function remediateFromScan(inputPath, options = {}) {
   const patchesDir = options.patchesDir ?? "./patches";
   const findings = parseScanInput(inputPath, format);
   const cveIds = uniqueCveIds(findings);
-  const policy = loadPolicy(cwd, options.policyPath);
+  const policy = loadPolicy(cwd, options.policy);
   const correlation = resolveCorrelationContext(options);
   const provenance = resolveProvenanceContext(options);
   const constraints = resolveConstraints(options, cwd);
@@ -2104,7 +2429,7 @@ async function remediateFromScan(inputPath, options = {}) {
   const reports = [];
   const errors = [];
   const patchValidationFailures = [];
-  let patchFileCount = 0;
+  let patchCount = 0;
   for (const cveId of cveIds) {
     try {
       addEvidenceStep(evidence, "remediate.start", { cveId });
@@ -2119,7 +2444,7 @@ async function remediateFromScan(inputPath, options = {}) {
       report.results = report.results.filter((r) => isPackageAllowed(policy, r.packageName));
       for (const result of report.results) {
         if (result.strategy === "patch-file") {
-          patchFileCount += 1;
+          patchCount += 1;
         }
         if (result.validation?.passed === false && result.validation?.error) {
           patchValidationFailures.push({
@@ -2156,7 +2481,7 @@ async function remediateFromScan(inputPath, options = {}) {
     status = "failed";
   }
   finalizeEvidence(evidence);
-  const evidenceFile = options.writeEvidence === false ? void 0 : writeEvidenceLog(cwd, evidence);
+  const evidenceFile = options.evidence === false ? void 0 : writeEvidenceLog(cwd, evidence);
   return {
     schemaVersion: "1.0",
     status,
@@ -2167,9 +2492,9 @@ async function remediateFromScan(inputPath, options = {}) {
     failedCount,
     errors,
     evidenceFile,
-    patchFileCount,
+    patchCount,
     patchValidationFailures: patchValidationFailures.length > 0 ? patchValidationFailures : void 0,
-    patchStorageDir: patchFileCount > 0 ? patchesDir : void 0,
+    patchesDir: patchCount > 0 ? patchesDir : void 0,
     correlation,
     provenance,
     constraints,
@@ -2191,9 +2516,9 @@ function toCiSummary(report) {
     failedCount: report.failedCount,
     errors: report.errors,
     evidenceFile: report.evidenceFile,
-    patchFileCount: report.patchFileCount || 0,
+    patchCount: report.patchCount || 0,
     patchValidationFailures: report.patchValidationFailures,
-    patchStorageDir: report.patchStorageDir,
+    patchesDir: report.patchesDir,
     correlation: report.correlation,
     provenance: report.provenance,
     constraints: report.constraints,
@@ -2212,4 +2537,4 @@ export {
   toCiSummary,
   ciExitCode
 };
-//# sourceMappingURL=chunk-URM53GSJ.js.map
+//# sourceMappingURL=chunk-GBOD3DV6.js.map