clone-alert 0.3.0 → 0.4.0

package/dist/cli.js

@@ -34,12 +34,16 @@ var __importStar = (this && this.__importStar) || (function () {
     };
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.collectFiles = collectFiles;
+exports.collectFiles = void 0;
 exports.main = main;
 exports.parseArgs = parseArgs;
 const fs = __importStar(require("node:fs"));
 const path = __importStar(require("node:path"));
+const baseline_1 = require("./baseline");
+const files_1 = require("./files");
+Object.defineProperty(exports, "collectFiles", { enumerable: true, get: function () { return files_1.collectFiles; } });
 const index_1 = require("./index");
+const stats_1 = require("./stats");
 const DEFAULT_EXTENSIONS = [
     '.ts',
     '.tsx',
@@ -60,11 +64,25 @@ PMD CPD-like copy-paste detector for TS/JS and common frontend templates.
 
 Options:
   --files <path[,path...]>        Files or directories to scan. Can be repeated.
+  --file-list <path>              Read newline-separated paths to scan from a file.
   --minimum-tokens <n>            Minimum duplicated token span. Default: 50.
   --minimum-tile-size <n>         Alias for --minimum-tokens.
-  --format <text|xml|json>        Report format. Default: text.
+  --format <fmt>                  Report format: text (default), xml, json, sarif,
+                                  csv, csv_with_linecount_per_file, markdown, ai.
+                                  sarif targets GitHub Code Scanning; xml/json/
+                                  markdown embed the duplicated code; ai is a
+                                  compact, token-frugal listing for LLM pipelines;
+                                  shields prints a shields.io endpoint JSON for a
+                                  duplication badge.
   --extensions <ext[,ext...]>     Extensions to include. Default: ts,tsx,js,jsx,vue,svelte,html.
   --exclude <glob[,glob...]>      Exclude files or directories. Can be repeated.
+  --non-recursive                 Scan only the top level of each directory.
+  --gitignore                     Skip files ignored by .gitignore (nested files
+                                  honored, within the git repo). Default.
+  --no-gitignore                  Scan files even if .gitignore would ignore them.
+  --skip-duplicate-files          Skip files with the same name and byte length.
+  --skip-lexical-errors           Skip files that fail to tokenize instead of
+                                  aborting the whole run.
   --ignore-identifiers            Normalize identifiers.
   --no-ignore-identifiers         Compare exact identifiers. Default.
   --ignore-literals               Normalize literals.
@@ -87,13 +105,23 @@ Options:
                                   alone (handy for a code-only threshold pass).
   --angular-inline-templates      Also scan Angular @Component inline templates.
   --skip-angular-inline-templates Do not scan inline Angular templates. Default.
-  --fail-on-violation             Exit with code 4 when duplications are found.
+  --fail-on-violation             Exit with code 4 when duplications are found. Default.
+  --no-fail-on-violation          Always exit 0 even when duplications are found.
+  --baseline <path>               Ignore duplications recorded in this baseline
+                                  file; report and fail only on new ones. Match is
+                                  by content fingerprint, so accepted clones stay
+                                  suppressed even after the code moves.
+  --update-baseline               Write/regenerate the baseline file at --baseline
+                                  with all current duplications, then exit 0. Run
+                                  this once to adopt the existing debt.
   -h, --help                      Show this help.
   -V, --version                   Show version.
 
 Examples:
   clone-alert --minimum-tokens 50 --files src
   clone-alert --minimum-tokens 30 --format xml src test
+  clone-alert src --baseline .clone-alert-baseline.json --update-baseline
+  clone-alert src --baseline .clone-alert-baseline.json --fail-on-violation
 `;
 function main(argv) {
     let options;
@@ -110,9 +138,13 @@ function main(argv) {
         console.error("Try 'clone-alert --help' for more information.");
         return 2;
     }
+    if (options.updateBaseline && !options.baselinePath) {
+        console.error('clone-alert: --update-baseline requires --baseline <path>');
+        return 2;
+    }
     let files;
     try {
-        files = collectFiles(options.paths, options.extensions, options.excludePatterns);
+        files = (0, files_1.collectFiles)(options.paths, options.extensions, options.excludePatterns, options.respectGitignore, options.nonRecursive);
     }
     catch (error) {
         console.error(`clone-alert: ${error.message}`);
@@ -123,17 +155,76 @@ function main(argv) {
         return 2;
     }
     const cpd = new index_1.Cpd(options);
+    // PMD's --skip-duplicate-files keys on basename + byte length, not content.
+    const dupKeys = options.skipDuplicateFiles ? new Set() : null;
     for (const file of files) {
-        cpd.addPath(file);
+        if (dupKeys) {
+            const key = `${path.basename(file)}_${fs.statSync(file).size}`;
+            if (dupKeys.has(key))
+                continue;
+            dupKeys.add(key);
+        }
+        try {
+            cpd.addPath(file);
+        }
+        catch (error) {
+            if (options.skipLexicalErrors) {
+                console.error(`clone-alert: skipping ${file}: ${error.message}`);
+                continue;
+            }
+            console.error(`clone-alert: ${error.message}`);
+            console.error('clone-alert: pass --skip-lexical-errors to skip files that fail to tokenize.');
+            return 2;
+        }
     }
     const matches = cpd.run();
+    if (options.baselinePath) {
+        try {
+            return runWithBaseline(options, cpd, matches);
+        }
+        catch (error) {
+            console.error(`clone-alert: ${error.message}`);
+            return 2;
+        }
+    }
     process.stdout.write(formatReport(options.format, cpd, matches));
     return options.failOnViolation && matches.length > 0 ? 4 : 0;
 }
+// Baseline handling. Detection is already done; this only writes (update) or
+// filters (read) the match set by content fingerprint, so it never touches the
+// hot path — cost is O(matches), not O(tokens).
+function runWithBaseline(options, cpd, matches) {
+    const baselinePath = options.baselinePath;
+    if (options.updateBaseline) {
+        (0, baseline_1.writeBaseline)(baselinePath, matches.map((match) => toCloneRecord(match, cpd)));
+        console.error(`clone-alert: wrote baseline with ${matches.length} duplication(s) to ${baselinePath}`);
+        return 0;
+    }
+    const known = (0, baseline_1.readBaseline)(baselinePath);
+    const fresh = matches.filter((match) => !known.has((0, baseline_1.fingerprint)(cpd, match)));
+    const suppressed = matches.length - fresh.length;
+    if (suppressed > 0) {
+        console.error(`clone-alert: ${suppressed} known duplication(s) suppressed by baseline`);
+    }
+    process.stdout.write(formatReport(options.format, cpd, fresh));
+    return options.failOnViolation && fresh.length > 0 ? 4 : 0;
+}
+// Informational context for a baseline entry: token count plus the involved file
+// paths relative to cwd (so the file is portable across machines/CI). Line/column
+// are intentionally left out — the fingerprint already pins the content, and
+// omitting them keeps the baseline diff stable when code moves.
+function toCloneRecord(match, cpd) {
+    const files = Array.from(new Set(match.marks.map((mark) => (0, files_1.toPosix)(path.relative(process.cwd(), mark.token.file))))).sort();
+    return { fingerprint: (0, baseline_1.fingerprint)(cpd, match), tokens: match.tokenCount, files };
+}
 function parseArgs(argv) {
     const paths = [];
     const extensions = new Set(DEFAULT_EXTENSIONS);
     const excludePatterns = [];
+    let respectGitignore = true;
+    let nonRecursive = false;
+    let skipDuplicateFiles = false;
+    let skipLexicalErrors = false;
     let minTileSize = 50;
     let ignoreIdentifiers = false;
     let ignoreLiterals = false;
@@ -142,7 +233,9 @@ function parseArgs(argv) {
     let vueTemplates = true;
     let angularInlineTemplates = false;
     let format = 'text';
-    let failOnViolation = false;
+    let failOnViolation = true;
+    let baselinePath;
+    let updateBaseline = false;
     for (let i = 0; i < argv.length; i++) {
         const arg = argv[i];
         if (arg === '-h' || arg === '--help') {
@@ -161,6 +254,14 @@ function parseArgs(argv) {
             paths.push(...splitList(arg.slice('--files='.length)));
             continue;
         }
+        if (arg === '--file-list') {
+            paths.push(...readFileList(requireValue(argv, ++i, arg)));
+            continue;
+        }
+        if (arg.startsWith('--file-list=')) {
+            paths.push(...readFileList(arg.slice('--file-list='.length)));
+            continue;
+        }
         if (arg === '--minimum-tokens' || arg === '--minimum-tile-size') {
             minTileSize = parsePositiveInteger(requireValue(argv, ++i, arg), arg);
             continue;
@@ -197,6 +298,26 @@ function parseArgs(argv) {
             excludePatterns.push(...splitList(arg.slice('--exclude='.length)));
             continue;
         }
+        if (arg === '--gitignore') {
+            respectGitignore = true;
+            continue;
+        }
+        if (arg === '--no-gitignore') {
+            respectGitignore = false;
+            continue;
+        }
+        if (arg === '--non-recursive') {
+            nonRecursive = true;
+            continue;
+        }
+        if (arg === '--skip-duplicate-files') {
+            skipDuplicateFiles = true;
+            continue;
+        }
+        if (arg === '--skip-lexical-errors') {
+            skipLexicalErrors = true;
+            continue;
+        }
         if (arg === '--ignore-identifiers') {
             ignoreIdentifiers = true;
             continue;
@@ -249,6 +370,22 @@ function parseArgs(argv) {
             failOnViolation = true;
             continue;
         }
+        if (arg === '--no-fail-on-violation') {
+            failOnViolation = false;
+            continue;
+        }
+        if (arg === '--baseline') {
+            baselinePath = requireValue(argv, ++i, arg);
+            continue;
+        }
+        if (arg.startsWith('--baseline=')) {
+            baselinePath = arg.slice('--baseline='.length);
+            continue;
+        }
+        if (arg === '--update-baseline') {
+            updateBaseline = true;
+            continue;
+        }
         if (arg.startsWith('-')) {
             throw new Error(`unknown option: ${arg}`);
         }
@@ -258,6 +395,10 @@ function parseArgs(argv) {
         paths,
         extensions,
         excludePatterns,
+        respectGitignore,
+        nonRecursive,
+        skipDuplicateFiles,
+        skipLexicalErrors,
         minTileSize,
         ignoreIdentifiers,
         ignoreLiterals,
@@ -267,6 +408,8 @@ function parseArgs(argv) {
         angularInlineTemplates,
         format,
         failOnViolation,
+        baselinePath,
+        updateBaseline,
     };
 }
 function requireValue(argv, index, option) {
@@ -289,11 +432,35 @@ function parsePositiveInteger(value, option) {
     }
     return parsed;
 }
+const REPORT_FORMATS = [
+    'text',
+    'xml',
+    'json',
+    'sarif',
+    'csv',
+    'csv_with_linecount_per_file',
+    'markdown',
+    'ai',
+    'shields',
+];
 function parseFormat(value) {
-    if (value === 'text' || value === 'xml' || value === 'json') {
+    if (REPORT_FORMATS.includes(value)) {
         return value;
     }
-    throw new Error('--format must be one of: text, xml, json');
+    throw new Error(`--format must be one of: ${REPORT_FORMATS.join(', ')}`);
+}
+function readFileList(listPath) {
+    let contents;
+    try {
+        contents = fs.readFileSync(listPath, 'utf-8');
+    }
+    catch {
+        throw new Error(`--file-list not readable: ${listPath}`);
+    }
+    return contents
+        .split('\n')
+        .map((line) => line.trim())
+        .filter(Boolean);
 }
 function replaceExtensions(target, value) {
     target.clear();
@@ -301,41 +468,6 @@ function replaceExtensions(target, value) {
         target.add(ext.startsWith('.') ? ext.toLowerCase() : `.${ext.toLowerCase()}`);
     }
 }
-function collectFiles(paths, extensions, excludePatterns = []) {
-    const files = [];
-    const seen = new Set();
-    const excludeMatchers = excludePatterns.map((pattern) => globToRegExp(toPosix(pattern)));
-    const visit = (entry) => {
-        const full = path.resolve(entry);
-        if (!fs.existsSync(full)) {
-            throw new Error(`path does not exist: ${entry}`);
-        }
-        const stat = fs.statSync(full);
-        if (stat.isDirectory()) {
-            if (isExcluded(`${full}${path.sep}`, excludeMatchers))
-                return;
-            for (const child of fs.readdirSync(full).sort()) {
-                if (child === 'node_modules' || child === '.git' || child === 'dist')
-                    continue;
-                visit(path.join(full, child));
-            }
-            return;
-        }
-        if (!stat.isFile())
-            return;
-        if (isExcluded(full, excludeMatchers))
-            return;
-        if (!extensions.has(path.extname(full).toLowerCase()))
-            return;
-        if (seen.has(full))
-            return;
-        seen.add(full);
-        files.push(full);
-    };
-    for (const entry of paths)
-        visit(entry);
-    return files;
-}
 function formatReport(format, cpd, matches) {
     if (format === 'json') {
         return `${JSON.stringify({ duplicates: matches.map((match) => matchToJson(match, cpd)) }, null, 2)}\n`;
@@ -343,13 +475,132 @@ function formatReport(format, cpd, matches) {
     if (format === 'xml') {
         return formatXml(matches, cpd);
     }
-    return cpd.report(matches);
+    if (format === 'sarif') {
+        return formatSarif(matches, cpd);
+    }
+    if (format === 'csv') {
+        return formatCsv(matches, cpd);
+    }
+    if (format === 'csv_with_linecount_per_file') {
+        return formatCsvWithLinecountPerFile(matches, cpd);
+    }
+    if (format === 'markdown') {
+        return formatMarkdown(matches, cpd);
+    }
+    if (format === 'ai') {
+        return formatAi(matches, cpd);
+    }
+    if (format === 'shields') {
+        return formatShields(matches, cpd);
+    }
+    const text = cpd.report(matches);
+    if (matches.length === 0) {
+        return text;
+    }
+    // Footer with the aggregate duplication stats, like jscpd's summary line.
+    return `${text}${(0, stats_1.formatStatsLine)((0, stats_1.computeStats)(matches, cpd))}\n`;
+}
+// Mirrors PMD's CSVRenderer: a `lines,tokens,occurrences` header, then per
+// duplication `<lines>,<tokens>,<occurrences>` followed by `<startLine>,"<file>"`
+// for each occurrence.
+function formatCsv(matches, cpd) {
+    const rows = ['lines,tokens,occurrences'];
+    for (const match of matches) {
+        const duplicate = matchToJson(match, cpd);
+        const cells = [String(duplicate.lines), String(match.tokenCount), String(match.markCount)];
+        for (const mark of match.marks) {
+            const location = cpd.locationForMark(mark, match.tokenCount);
+            cells.push(String(location.startLine), `"${location.path}"`);
+        }
+        rows.push(cells.join(','));
+    }
+    return `${rows.join('\n')}\n`;
+}
+// Mirrors PMD's CSVWithLinecountPerFileRenderer: no header; per duplication
+// `<occurrences>,<tokens>` then `<startLine>,<lineCount>,"<file>"` per occurrence.
+function formatCsvWithLinecountPerFile(matches, cpd) {
+    const rows = [];
+    for (const match of matches) {
+        const cells = [String(match.markCount), String(match.tokenCount)];
+        for (const mark of match.marks) {
+            const location = cpd.locationForMark(mark, match.tokenCount);
+            const lineCount = location.endLine - location.startLine + 1;
+            cells.push(String(location.startLine), String(lineCount), `"${location.path}"`);
+        }
+        rows.push(cells.join(','));
+    }
+    return `${rows.join('\n')}\n`;
+}
+// SARIF 2.1.0 for GitHub Code Scanning (`github/codeql-action/upload-sarif`).
+// One result per duplication, anchored at its first occurrence; the other
+// occurrences are relatedLocations. URIs are relative to cwd so GitHub maps them
+// to the checked-out tree. The content fingerprint goes into partialFingerprints,
+// so GitHub tracks an alert across commits even when the clone moves.
+function formatSarif(matches, cpd) {
+    const cwd = process.cwd();
+    const physicalLocation = (location) => ({
+        physicalLocation: {
+            artifactLocation: { uri: (0, files_1.toPosix)(path.relative(cwd, location.path)) },
+            region: {
+                startLine: location.startLine,
+                startColumn: location.startColumn,
+                endLine: location.endLine,
+                endColumn: location.endColumn,
+            },
+        },
+    });
+    const results = matches.map((match) => {
+        const [primary, ...others] = match.marks.map((mark) => cpd.locationForMark(mark, match.tokenCount));
+        const elsewhere = others
+            .map((location) => `${(0, files_1.toPosix)(path.relative(cwd, location.path))}:${location.startLine}`)
+            .join(', ');
+        return {
+            ruleId: 'duplication',
+            ruleIndex: 0,
+            level: 'warning',
+            message: {
+                text: `Found a ${match.tokenCount} token (${match.markCount} occurrences) duplication${elsewhere ? `; also at ${elsewhere}` : ''}.`,
+            },
+            locations: [physicalLocation(primary)],
+            relatedLocations: others.map((location, index) => ({ id: index, ...physicalLocation(location) })),
+            partialFingerprints: { 'cloneAlert/contentV1': (0, baseline_1.fingerprint)(cpd, match) },
+        };
+    });
+    const log = {
+        $schema: 'https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json',
+        version: '2.1.0',
+        runs: [
+            {
+                tool: {
+                    driver: {
+                        name: 'clone-alert',
+                        informationUri: 'https://github.com/BaryshevRS/clone-alert',
+                        version: readVersion(),
+                        rules: [
+                            {
+                                id: 'duplication',
+                                name: 'Duplication',
+                                shortDescription: { text: 'Duplicated code' },
+                                fullDescription: { text: 'A span of duplicated tokens detected by clone-alert.' },
+                                helpUri: 'https://github.com/BaryshevRS/clone-alert#readme',
+                                defaultConfiguration: { level: 'warning' },
+                            },
+                        ],
+                    },
+                },
+                results,
+            },
+        ],
+    };
+    return `${JSON.stringify(log, null, 2)}\n`;
 }
 function matchToJson(match, cpd) {
     const files = match.marks.map((mark) => cpd.locationForMark(mark, match.tokenCount));
     return {
         lines: Math.max(0, ...files.map((file) => file.endLine - file.startLine + 1)),
         tokens: match.tokenCount,
+        // The duplicated source itself, like jscpd's `fragment` field.
+        fragment: cpd.codeFragment(match),
         files,
     };
 }
@@ -362,41 +613,91 @@ function formatXml(matches, cpd) {
             const location = cpd.locationForMark(mark, match.tokenCount);
             lines.push(`    <file path="${escapeXml(location.path)}" line="${location.startLine}" endline="${location.endLine}" column="${location.startColumn}" endcolumn="${location.endColumn}" />`);
         }
+        // Like PMD's XMLRenderer: one <codefragment> per duplication with the source
+        // slice of the first occurrence, after the <file> elements.
+        lines.push(`    <codefragment><![CDATA[${escapeCdata(cpd.codeFragment(match))}]]></codefragment>`);
         lines.push('  </duplication>');
     }
     lines.push('</pmd-cpd>');
     return `${lines.join('\n')}\n`;
 }
-function isExcluded(filePath, matchers) {
-    const normalized = toPosix(filePath);
-    return matchers.some((matcher) => matcher.test(normalized));
+function escapeXml(value) {
+    return value.replace(/&/g, '&amp;').replace(/"/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
 }
-function toPosix(value) {
-    return value.split(path.sep).join('/');
+// CDATA cannot contain the `]]>` terminator; split it across two sections so the
+// embedded source survives verbatim.
+function escapeCdata(value) {
+    return value.replace(/]]>/g, ']]]]><![CDATA[>');
 }
-function globToRegExp(pattern) {
-    let source = '';
-    for (let index = 0; index < pattern.length; index++) {
-        const char = pattern[index];
-        if (char === '*') {
-            if (pattern[index + 1] === '*') {
-                source += '.*';
-                index++;
-            }
-            else {
-                source += '[^/]*';
-            }
-            continue;
+// jscpd-style markdown: a title, a one-line summary, then per duplication two
+// occurrence locations and a fenced code block with the duplicated source.
+function formatMarkdown(matches, cpd) {
+    const out = ['# Copy/paste detection report', ''];
+    if (matches.length === 0) {
+        out.push('No duplicates found.', '');
+        return `${out.join('\n')}\n`;
+    }
+    out.push(`> Found ${matches.length} ${matches.length === 1 ? 'clone' : 'clones'}.`, '');
+    for (const match of matches) {
+        const locations = match.marks.map((mark) => cpd.locationForMark(mark, match.tokenCount));
+        out.push(`## Clone (${match.tokenCount} tokens, ${match.markCount} occurrences)`, '');
+        for (const location of locations) {
+            out.push(` - \`${(0, files_1.toPosix)(location.path)}\` [${location.startLine}:${location.startColumn} - ${location.endLine}:${location.endColumn}]`);
         }
-        source += escapeRegExp(char);
+        out.push('', '```', cpd.codeFragment(match), '```', '');
     }
-    return new RegExp(`^${source}$`);
+    return `${out.join('\n')}\n`;
 }
-function escapeRegExp(char) {
-    return /[\\^$+?.()|[\]{}]/.test(char) ? `\\${char}` : char;
+// Compact, token-frugal listing for LLM/agent pipelines, modelled on jscpd's `ai`
+// reporter: one line per duplication (occurrences joined by ` ~ `), a shared
+// directory prefix stripped to save tokens, then a `---` and the stats summary.
+// No code, no colors.
+function formatAi(matches, cpd) {
+    if (matches.length === 0) {
+        return '';
+    }
+    const locationsByMatch = matches.map((match) => match.marks.map((mark) => cpd.locationForMark(mark, match.tokenCount)));
+    const prefix = commonDirPrefix(locationsByMatch.flat().map((location) => (0, files_1.toPosix)(location.path)));
+    const lines = locationsByMatch.map((locations) => locations
+        .map((location) => `${(0, files_1.toPosix)(location.path).slice(prefix.length)}:${location.startLine}-${location.endLine}`)
+        .join(' ~ '));
+    lines.push('---', (0, stats_1.formatStatsLine)((0, stats_1.computeStats)(matches, cpd)));
+    return `${lines.join('\n')}\n`;
 }
-function escapeXml(value) {
-    return value.replace(/&/g, '&amp;').replace(/"/g, '&quot;').replace(/</g, '&lt;').replace(/>/g, '&gt;');
+// A shields.io endpoint payload (https://shields.io/badges/endpoint-badge):
+// host this JSON anywhere and point `img.shields.io/endpoint?url=...` at it, so
+// shields renders the badge. Marketing trinket, not a gate: color from a fixed
+// scale rewarding near-zero, with zero clones as the bright-green hero state.
+function formatShields(matches, cpd) {
+    const stats = (0, stats_1.computeStats)(matches, cpd);
+    const message = stats.clones === 0 ? '0 clones' : `${stats.percentage.toFixed(1)}%`;
+    const color = stats.clones === 0
+        ? 'brightgreen' // the flex
+        : stats.percentage <= 3
+            ? 'green' // clean
+            : stats.percentage <= 10
+                ? 'yellow' // has debt
+                : 'red'; // bad
+    const payload = { schemaVersion: 1, label: 'clone-alert', message, color };
+    return `${JSON.stringify(payload, null, 2)}\n`;
+}
+// Longest shared directory prefix (ending at a `/`) of posix paths, so we strip
+// whole directories rather than a partial filename.
+function commonDirPrefix(paths) {
+    if (paths.length === 0) {
+        return '';
+    }
+    let prefix = paths[0];
+    for (const candidate of paths) {
+        while (!candidate.startsWith(prefix)) {
+            prefix = prefix.slice(0, -1);
+        }
+        if (prefix === '') {
+            return '';
+        }
+    }
+    const slash = prefix.lastIndexOf('/');
+    return slash >= 0 ? prefix.slice(0, slash + 1) : '';
 }
 function readVersion() {
     const pkg = JSON.parse(fs.readFileSync(path.resolve(__dirname, '..', 'package.json'), 'utf-8'));

package/dist/core.d.ts

@@ -93,6 +93,8 @@ export declare class CpdCore {
     get idColumn(): Int32Array;
     /** Materialize a TokenEntry by absolute index. Returns undefined when out of range. */
     entryAt(index: number): TokenEntry | undefined;
+    /** Interned image of the token at an absolute index. Caller guarantees range. */
+    imageAt(index: number): string;
     analyze(): Match[];
     private hash;
 }

package/dist/core.js

@@ -174,6 +174,10 @@ class CpdCore {
         const id = this.ids[index];
         return new TokenEntry(this.idImages[id], id, index, this.fileNames[this.fileIds[index]], this.beginLines[index], this.beginColumns[index], this.endLines[index], this.endColumns[index]);
     }
+    /** Interned image of the token at an absolute index. Caller guarantees range. */
+    imageAt(index) {
+        return this.idImages[this.ids[index]];
+    }
     analyze() {
         if (this.size < this.minTileSize)
             return [];
@@ -415,28 +419,31 @@ class MatchCollector {
         }
         return result;
     }
+    // Inlined matchEnded(mark1-1, mark2-1). Within a bucket mark2 > mark1, so when
+    // mark1 > 0 both predecessors are valid indices in [0, tokenCount) — no bounds
+    // check needed. !matchEnded reduces to "ids equal and not EOF".
     hasPreviousDupe(mark1, mark2) {
         if (mark1 === 0)
             return false;
-        return !this.matchEnded(mark1 - 1, mark2 - 1);
+        const id1 = this.ids[mark1 - 1];
+        const id2 = this.ids[mark2 - 1];
+        return id1 === id2 && id1 !== 0;
     }
+    // Inlined matchEnded in the hot scan. Bounds checks are unnecessary: every file
+    // ends with an EOF sentinel (id 0) that marks never sit on, so the larger index
+    // (mark2) reads a 0 and breaks before running off the end. (An out-of-range
+    // typed-array read yields undefined and also breaks, so the tail is safe.)
+    // id2 === 0 needs no separate test: if id1 === id2 === 0 the id1 === 0 test fires.
     countDuplicateTokens(mark1, mark2) {
+        const ids = this.ids;
         let index = 0;
         for (;;) {
-            if (this.matchEnded(mark1 + index, mark2 + index))
+            const id1 = ids[mark1 + index];
+            const id2 = ids[mark2 + index];
+            if (id1 !== id2 || id1 === 0)
                 break;
             index++;
         }
         return index;
     }
-    // True once the windows diverge: one of the indices is out of range, the ids
-    // differ, or it is EOF (id === 0). Equivalent to matchEnded(token1, token2) on
-    // TokenEntry.
-    matchEnded(a, b) {
-        if (a < 0 || b < 0 || a >= this.tokenCount || b >= this.tokenCount)
-            return true;
-        const id1 = this.ids[a];
-        const id2 = this.ids[b];
-        return id1 !== id2 || id1 === 0 || id2 === 0;
-    }
 }

package/dist/files.d.ts

@@ -0,0 +1,2 @@
+export declare function collectFiles(paths: string[], extensions: Set<string>, excludePatterns?: string[], respectGitignore?: boolean, nonRecursive?: boolean): string[];
+export declare function toPosix(value: string): string;