failproofai 0.0.10 → 0.0.11-beta.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.next/standalone/.next/BUILD_ID +1 -1
- package/.next/standalone/.next/app-path-routes-manifest.json +9 -1
- package/.next/standalone/.next/build-manifest.json +10 -10
- package/.next/standalone/.next/prerender-manifest.json +3 -32
- package/.next/standalone/.next/required-server-files.json +2 -1
- package/.next/standalone/.next/routes-manifest.json +51 -3
- package/.next/standalone/.next/server/app/_global-error/page/build-manifest.json +7 -7
- package/.next/standalone/.next/server/app/_global-error/page/server-reference-manifest.json +1 -1
- package/.next/standalone/.next/server/app/_global-error/page.js +6 -6
- package/.next/standalone/.next/server/app/_global-error/page.js.nft.json +1 -1
- package/.next/standalone/.next/server/app/_global-error/page_client-reference-manifest.js +1 -1
- package/.next/standalone/.next/server/app/_global-error.html +1 -1
- package/.next/standalone/.next/server/app/_global-error.rsc +7 -7
- package/.next/standalone/.next/server/app/_global-error.segments/__PAGE__.segment.rsc +2 -2
- package/.next/standalone/.next/server/app/_global-error.segments/_full.segment.rsc +7 -7
- package/.next/standalone/.next/server/app/_global-error.segments/_head.segment.rsc +3 -3
- package/.next/standalone/.next/server/app/_global-error.segments/_index.segment.rsc +3 -3
- package/.next/standalone/.next/server/app/_global-error.segments/_tree.segment.rsc +1 -1
- package/.next/standalone/.next/server/app/_not-found/page/build-manifest.json +7 -7
- package/.next/standalone/.next/server/app/_not-found/page/next-font-manifest.json +2 -6
- package/.next/standalone/.next/server/app/_not-found/page/server-reference-manifest.json +1 -1
- package/.next/standalone/.next/server/app/_not-found/page.js +12 -13
- package/.next/standalone/.next/server/app/_not-found/page.js.nft.json +1 -1
- package/.next/standalone/.next/server/app/_not-found/page_client-reference-manifest.js +1 -1
- package/.next/standalone/.next/server/app/_not-found.html +1 -1
- package/.next/standalone/.next/server/app/_not-found.rsc +16 -16
- package/.next/standalone/.next/server/app/_not-found.segments/_full.segment.rsc +16 -16
- package/.next/standalone/.next/server/app/_not-found.segments/_head.segment.rsc +4 -4
- package/.next/standalone/.next/server/app/_not-found.segments/_index.segment.rsc +10 -10
- package/.next/standalone/.next/server/app/_not-found.segments/_not-found/__PAGE__.segment.rsc +2 -2
- package/.next/standalone/.next/server/app/_not-found.segments/_not-found.segment.rsc +3 -3
- package/.next/standalone/.next/server/app/_not-found.segments/_tree.segment.rsc +2 -2
- package/.next/standalone/.next/server/app/api/audit/invite/route/app-paths-manifest.json +3 -0
- package/.next/standalone/.next/server/app/api/audit/invite/route/server-reference-manifest.json +4 -0
- package/.next/standalone/.next/server/app/api/audit/invite/route.js +7 -0
- package/.next/standalone/.next/server/app/api/audit/invite/route.js.nft.json +1 -0
- package/.next/standalone/.next/server/app/api/audit/invite/route_client-reference-manifest.js +3 -0
- package/.next/standalone/.next/server/app/api/audit/run/route/app-paths-manifest.json +3 -0
- package/.next/standalone/.next/server/app/api/audit/run/route/build-manifest.json +9 -0
- package/.next/standalone/.next/server/app/api/audit/run/route/server-reference-manifest.json +4 -0
- package/.next/standalone/.next/server/app/api/audit/run/route.js +8 -0
- package/.next/standalone/.next/server/app/api/audit/run/route.js.map +5 -0
- package/.next/standalone/.next/server/app/api/audit/run/route.js.nft.json +1 -0
- package/.next/standalone/.next/server/app/api/audit/run/route_client-reference-manifest.js +3 -0
- package/.next/standalone/.next/server/app/api/audit/status/route/app-paths-manifest.json +3 -0
- package/.next/standalone/.next/server/app/api/audit/status/route/build-manifest.json +9 -0
- package/.next/standalone/.next/server/app/api/audit/status/route/server-reference-manifest.json +4 -0
- package/.next/standalone/.next/server/app/api/audit/status/route.js +6 -0
- package/.next/standalone/.next/server/app/api/audit/status/route.js.map +5 -0
- package/.next/standalone/.next/server/app/api/audit/status/route.js.nft.json +1 -0
- package/.next/standalone/.next/server/app/api/audit/status/route_client-reference-manifest.js +3 -0
- package/.next/standalone/.next/server/app/api/auth/login-request/route/app-paths-manifest.json +3 -0
- package/.next/standalone/.next/server/app/api/auth/login-request/route/build-manifest.json +9 -0
- package/.next/standalone/.next/server/app/api/auth/login-request/route/server-reference-manifest.json +4 -0
- package/.next/standalone/.next/server/app/api/auth/login-request/route.js +6 -0
- package/.next/standalone/.next/server/app/api/auth/login-request/route.js.map +5 -0
- package/.next/standalone/.next/server/app/api/auth/login-request/route.js.nft.json +1 -0
- package/.next/standalone/.next/server/app/api/auth/login-request/route_client-reference-manifest.js +3 -0
- package/.next/standalone/.next/server/app/api/auth/login-verify/route/app-paths-manifest.json +3 -0
- package/.next/standalone/.next/server/app/api/auth/login-verify/route/build-manifest.json +9 -0
- package/.next/standalone/.next/server/app/api/auth/login-verify/route/server-reference-manifest.json +4 -0
- package/.next/standalone/.next/server/app/api/auth/login-verify/route.js +7 -0
- package/.next/standalone/.next/server/app/api/auth/login-verify/route.js.map +5 -0
- package/.next/standalone/.next/server/app/api/auth/login-verify/route.js.nft.json +1 -0
- package/.next/standalone/.next/server/app/api/auth/login-verify/route_client-reference-manifest.js +3 -0
- package/.next/standalone/.next/server/app/api/auth/logout/route/app-paths-manifest.json +3 -0
- package/.next/standalone/.next/server/app/api/auth/logout/route/build-manifest.json +9 -0
- package/.next/standalone/.next/server/app/api/auth/logout/route/server-reference-manifest.json +4 -0
- package/.next/standalone/.next/server/app/api/auth/logout/route.js +7 -0
- package/.next/standalone/.next/server/app/api/auth/logout/route.js.map +5 -0
- package/.next/standalone/.next/server/app/api/auth/logout/route.js.nft.json +1 -0
- package/.next/standalone/.next/server/app/api/auth/logout/route_client-reference-manifest.js +3 -0
- package/.next/standalone/.next/server/app/api/auth/reminder/route/app-paths-manifest.json +3 -0
- package/.next/standalone/.next/server/app/api/auth/reminder/route/build-manifest.json +9 -0
- package/.next/standalone/.next/server/app/api/auth/reminder/route/server-reference-manifest.json +4 -0
- package/.next/standalone/.next/server/app/api/auth/reminder/route.js +7 -0
- package/.next/standalone/.next/server/app/api/auth/reminder/route.js.map +5 -0
- package/.next/standalone/.next/server/app/api/auth/reminder/route.js.nft.json +1 -0
- package/.next/standalone/.next/server/app/api/auth/reminder/route_client-reference-manifest.js +3 -0
- package/.next/standalone/.next/server/app/api/auth/status/route/app-paths-manifest.json +3 -0
- package/.next/standalone/.next/server/app/api/auth/status/route/build-manifest.json +9 -0
- package/.next/standalone/.next/server/app/api/auth/status/route/server-reference-manifest.json +4 -0
- package/.next/standalone/.next/server/app/api/auth/status/route.js +7 -0
- package/.next/standalone/.next/server/app/api/auth/status/route.js.map +5 -0
- package/.next/standalone/.next/server/app/api/auth/status/route.js.nft.json +1 -0
- package/.next/standalone/.next/server/app/api/auth/status/route_client-reference-manifest.js +3 -0
- package/.next/standalone/.next/server/app/api/download/[project]/[session]/route.js +3 -3
- package/.next/standalone/.next/server/app/api/download/[project]/[session]/route.js.nft.json +1 -1
- package/.next/standalone/.next/server/app/audit/page/app-paths-manifest.json +3 -0
- package/.next/standalone/.next/server/app/audit/page/build-manifest.json +18 -0
- package/.next/standalone/.next/server/app/audit/page/next-font-manifest.json +6 -0
- package/.next/standalone/.next/server/app/audit/page/react-loadable-manifest.json +1 -0
- package/.next/standalone/.next/server/app/audit/page/server-reference-manifest.json +29 -0
- package/.next/standalone/.next/server/app/audit/page.js +17 -0
- package/.next/standalone/.next/server/app/audit/page.js.map +5 -0
- package/.next/standalone/.next/server/app/audit/page.js.nft.json +1 -0
- package/.next/standalone/.next/server/app/audit/page_client-reference-manifest.js +3 -0
- package/.next/standalone/.next/server/app/index.html +1 -1
- package/.next/standalone/.next/server/app/index.rsc +16 -17
- package/.next/standalone/.next/server/app/index.segments/__PAGE__.segment.rsc +2 -2
- package/.next/standalone/.next/server/app/index.segments/_full.segment.rsc +16 -17
- package/.next/standalone/.next/server/app/index.segments/_head.segment.rsc +4 -4
- package/.next/standalone/.next/server/app/index.segments/_index.segment.rsc +10 -10
- package/.next/standalone/.next/server/app/index.segments/_tree.segment.rsc +2 -3
- package/.next/standalone/.next/server/app/page/build-manifest.json +7 -7
- package/.next/standalone/.next/server/app/page/next-font-manifest.json +2 -6
- package/.next/standalone/.next/server/app/page/server-reference-manifest.json +1 -1
- package/.next/standalone/.next/server/app/page.js +14 -15
- package/.next/standalone/.next/server/app/page.js.nft.json +1 -1
- package/.next/standalone/.next/server/app/page_client-reference-manifest.js +1 -1
- package/.next/standalone/.next/server/app/policies/page/build-manifest.json +7 -7
- package/.next/standalone/.next/server/app/policies/page/next-font-manifest.json +2 -6
- package/.next/standalone/.next/server/app/policies/page/server-reference-manifest.json +8 -8
- package/.next/standalone/.next/server/app/policies/page.js +16 -16
- package/.next/standalone/.next/server/app/policies/page.js.nft.json +1 -1
- package/.next/standalone/.next/server/app/policies/page_client-reference-manifest.js +1 -1
- package/.next/standalone/.next/server/app/project/[name]/page/build-manifest.json +7 -7
- package/.next/standalone/.next/server/app/project/[name]/page/next-font-manifest.json +2 -6
- package/.next/standalone/.next/server/app/project/[name]/page/server-reference-manifest.json +1 -1
- package/.next/standalone/.next/server/app/project/[name]/page.js +16 -17
- package/.next/standalone/.next/server/app/project/[name]/page.js.nft.json +1 -1
- package/.next/standalone/.next/server/app/project/[name]/page_client-reference-manifest.js +1 -1
- package/.next/standalone/.next/server/app/project/[name]/session/[sessionId]/page/build-manifest.json +7 -7
- package/.next/standalone/.next/server/app/project/[name]/session/[sessionId]/page/next-font-manifest.json +2 -6
- package/.next/standalone/.next/server/app/project/[name]/session/[sessionId]/page/react-loadable-manifest.json +2 -2
- package/.next/standalone/.next/server/app/project/[name]/session/[sessionId]/page/server-reference-manifest.json +2 -2
- package/.next/standalone/.next/server/app/project/[name]/session/[sessionId]/page.js +19 -20
- package/.next/standalone/.next/server/app/project/[name]/session/[sessionId]/page.js.nft.json +1 -1
- package/.next/standalone/.next/server/app/project/[name]/session/[sessionId]/page_client-reference-manifest.js +1 -1
- package/.next/standalone/.next/server/app/projects/page/build-manifest.json +7 -7
- package/.next/standalone/.next/server/app/projects/page/next-font-manifest.json +2 -6
- package/.next/standalone/.next/server/app/projects/page/server-reference-manifest.json +1 -1
- package/.next/standalone/.next/server/app/projects/page.js +15 -16
- package/.next/standalone/.next/server/app/projects/page.js.nft.json +1 -1
- package/.next/standalone/.next/server/app/projects/page_client-reference-manifest.js +1 -1
- package/.next/standalone/.next/server/app-paths-manifest.json +9 -1
- package/.next/standalone/.next/server/chunks/[externals]__14odj07._.js +3 -0
- package/.next/standalone/.next/server/chunks/{[externals]__0z0j--b._.js → [externals]__1nl3dvw._.js} +1 -1
- package/.next/standalone/.next/server/chunks/{[externals]__0-p9.k~._.js → [externals]__1s61mel._.js} +1 -1
- package/.next/standalone/.next/server/chunks/{[externals]_node_os_06ur78j._.js → [externals]_node_os_0by37l-._.js} +1 -1
- package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0kjo7d_._.js → [root-of-the-server]__0_0xu5z._.js} +2 -2
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__0cag8qd._.js +3 -0
- package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0z-180.._.js → [root-of-the-server]__0cycwg6._.js} +2 -2
- package/.next/standalone/.next/server/chunks/{[root-of-the-server]__08px0ym._.js → [root-of-the-server]__0f7mikp._.js} +1 -1
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__0q-v9z2._.js +3 -0
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__0rv7m0k._.js +3 -0
- package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0g48iv.._.js → [root-of-the-server]__0sb_5m8._.js} +2 -2
- package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0j8-xkl._.js → [root-of-the-server]__0xuaoik._.js} +2 -2
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__13h8pzr._.js +3 -0
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__17g9wh7._.js +3 -0
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__1_mqemn._.js +3 -0
- package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0vlhtkc._.js → [root-of-the-server]__1hgv_75._.js} +1 -1
- package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0wu7fr7._.js → [root-of-the-server]__1jm9fw6._.js} +1 -1
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__1legmza._.js +3 -0
- package/.next/standalone/.next/server/chunks/{[root-of-the-server]__044xt9.._.js → [root-of-the-server]__1m2_4t0._.js} +2 -2
- package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0yfq1yr._.js → [root-of-the-server]__1mhmdzs._.js} +1 -1
- package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0zso~62._.js → [root-of-the-server]__1ou2ehh._.js} +1 -1
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__1qxztj-._.js +3 -0
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__1r1h8v9._.js +3 -0
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__1rhmvod._.js +3 -0
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__1uatkiv._.js +3 -0
- package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0.~nmr9._.js → [root-of-the-server]__1w9zl9-._.js} +1 -1
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__1y6gxxb._.js +3 -0
- package/.next/standalone/.next/server/chunks/{_0ebx_lc._.js → _0p53ge1._.js} +2 -2
- package/.next/standalone/.next/server/chunks/_next-internal_server_app_api_audit_invite_route_actions_0-2n5sy.js +3 -0
- package/.next/standalone/.next/server/chunks/_next-internal_server_app_api_audit_run_route_actions_1qgp9io.js +3 -0
- package/.next/standalone/.next/server/chunks/_next-internal_server_app_api_audit_status_route_actions_1f7pjof.js +3 -0
- package/.next/standalone/.next/server/chunks/_next-internal_server_app_api_auth_login-request_route_actions_1c49co0.js +3 -0
- package/.next/standalone/.next/server/chunks/_next-internal_server_app_api_auth_login-verify_route_actions_1r3slzk.js +3 -0
- package/.next/standalone/.next/server/chunks/_next-internal_server_app_api_auth_logout_route_actions_0regwyr.js +3 -0
- package/.next/standalone/.next/server/chunks/_next-internal_server_app_api_auth_reminder_route_actions_1kjgxf8.js +3 -0
- package/.next/standalone/.next/server/chunks/_next-internal_server_app_api_auth_status_route_actions_1aho9zu.js +3 -0
- package/.next/standalone/.next/server/chunks/{_next-internal_server_app_api_download_[project]_[session]_route_actions_0wb00i-.js → _next-internal_server_app_api_download_[project]_[session]_route_actions_1is7vs7.js} +1 -1
- package/.next/standalone/.next/server/chunks/{lib_logger_ts_047tt9f._.js → lib_logger_ts_07e65t5._.js} +1 -1
- package/.next/standalone/.next/server/chunks/node_modules_0-tu4ot._.js +3 -0
- package/.next/standalone/.next/server/chunks/node_modules_0ttxbz7._.js +3 -0
- package/.next/standalone/.next/server/chunks/node_modules_1bnh1y0._.js +3 -0
- package/.next/standalone/.next/server/chunks/node_modules_1epycqa._.js +3 -0
- package/.next/standalone/.next/server/chunks/node_modules_1wpdcgo._.js +3 -0
- package/.next/standalone/.next/server/chunks/node_modules_next_dist_esm_build_templates_app-route_17k9e3w.js +23 -0
- package/.next/standalone/.next/server/chunks/node_modules_posthog-node_dist_entrypoints_index_node_mjs_01r25oi._.js +3 -0
- package/.next/standalone/.next/server/chunks/node_modules_posthog-node_dist_entrypoints_index_node_mjs_09z9-p7._.js +3 -0
- package/.next/standalone/.next/server/chunks/package_json_[json]_cjs_1nxcc4v._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/{[externals]__12dv.x0._.js → [externals]__1_g_b3t._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/{[externals]_node_async_hooks_0v0ln8c._.js → [externals]_node_async_hooks_1gjz99j._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__01tn1ou._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0808sha._.js +4 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0e4-6d8._.js +4 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0ehe24g._.js +4 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0f62vu9._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0g253ve._.js +4 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0h12me5._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0k65l27._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0vxf0_g._.js +4 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__11rtg6s._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__12mcauo._.js +4 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__14dd6h8._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/{[root-of-the-server]__0t5l7a5._.js → [root-of-the-server]__1d8omgc._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/{[root-of-the-server]__10xgshr._.js → [root-of-the-server]__1dky4g0._.js} +2 -2
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__1e-x7j4._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__1fax1sl._.js +19 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__1mt35_w._.js +221 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__1pcxxwg._.js +4 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__1usf8v2._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__1uvfwgr._.js +4 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__1w6v_1u._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__212nf49._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/{_03d7qyt._.js → _05whahf._.js} +2 -2
- package/.next/standalone/.next/server/chunks/ssr/_0il3fl1._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/_11_p9y8._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/{_0xb8ngh._.js → _1kje4fm._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/{_0zx~s__._.js → _1p0-leb._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/{app_04qfs8z._.js → app_087bt9w._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/{app_0uosk1e._.js → app_1fvisnp._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/{app_13f0ohr._.js → app_209u41o._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/app_audit__components_audit-dashboard_tsx_0p9ud47._.js +65 -0
- package/.next/standalone/.next/server/chunks/ssr/app_audit_loading_tsx_1j1kc6j._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/{app_error_tsx_11t4ysq._.js → app_error_tsx_1zds1ns._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/{app_global-error_tsx_0m9qisk._.js → app_global-error_tsx_113y3za._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/app_global-error_tsx_1kp6l3x._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/app_policies_hooks-client_tsx_19dqvpc._.js +8 -0
- package/.next/standalone/.next/server/chunks/ssr/{app_project_[name]_error_tsx_0.9-fod._.js → app_project_[name]_error_tsx_1v02_5n._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/{app_project_[name]_loading_tsx_03g9xy0._.js → app_project_[name]_loading_tsx_05-l4uf._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/{app_project_[name]_session_[sessionId]_error_tsx_0ler-mr._.js → app_project_[name]_session_[sessionId]_error_tsx_0-lj3nd._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/{app_project_[name]_session_[sessionId]_loading_tsx_0c0e3yx._.js → app_project_[name]_session_[sessionId]_loading_tsx_0l4aixs._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/app_projects_loading_tsx_20-3u8b._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/{lib_codex-projects_ts_0eosib~._.js → lib_codex-projects_ts_0pqlw37._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/{lib_copilot-projects_ts_0r8xkn8._.js → lib_copilot-projects_ts_19wl7tp._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/{lib_cursor-projects_ts_0qt1scg._.js → lib_cursor-projects_ts_18-iwyk._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/{lib_gemini-projects_ts_0sl~yqr._.js → lib_gemini-projects_ts_1c7bgx-._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/{lib_opencode-projects_ts_0op9gyp._.js → lib_opencode-projects_ts_15bjxkm._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/{lib_pi-projects_ts_103tsh1._.js → lib_pi-projects_ts_1wikofb._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/lib_utils_ts_0az0sfq._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/node_modules_1ynf7el._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/node_modules_html-to-image_es_index_0nye1s3.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/node_modules_html-to-image_es_index_1ao30b1.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/{node_modules_next_0rd0oc-._.js → node_modules_next_1a1kch7._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_0uboya6._.js +6 -0
- package/.next/standalone/.next/server/chunks/ssr/{node_modules_next_dist_11dij6w._.js → node_modules_next_dist_1d_onnt._.js} +2 -2
- package/.next/standalone/.next/server/chunks/ssr/{node_modules_next_dist_client_components_0inhx6q._.js → node_modules_next_dist_client_components_0wpq8j3._.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/{node_modules_next_dist_client_components_builtin_forbidden_0ghu-f7.js → node_modules_next_dist_client_components_builtin_forbidden_0symwr9.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/{node_modules_next_dist_client_components_builtin_unauthorized_0cjv-23.js → node_modules_next_dist_client_components_builtin_unauthorized_0l_sp0x.js} +1 -1
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_0-uvagv.js +4 -0
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_03c7gi5.js +4 -0
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_09p-8om.js +4 -0
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_0v-kfiu.js +4 -0
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_0xrgzyz.js +4 -0
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_1806lsc.js +4 -0
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_1j6dd-e.js +4 -0
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_1sa65r-.js +4 -0
- package/.next/standalone/.next/server/chunks/ssr/node_modules_posthog-node_dist_entrypoints_index_node_mjs_11bnuzn._.js +3 -0
- package/.next/standalone/.next/server/chunks/ssr/src_hooks_1ezd2jf._.js +5 -0
- package/.next/standalone/.next/server/chunks/ssr/src_hooks_1tnuifj._.js +5 -0
- package/.next/standalone/.next/server/functions-config-manifest.json +2 -2
- package/.next/standalone/.next/server/instrumentation.js +1 -1
- package/.next/standalone/.next/server/middleware-build-manifest.js +10 -10
- package/.next/standalone/.next/server/middleware.js +2 -2
- package/.next/standalone/.next/server/next-font-manifest.js +1 -1
- package/.next/standalone/.next/server/next-font-manifest.json +2 -21
- package/.next/standalone/.next/server/pages/404.html +1 -1
- package/.next/standalone/.next/server/pages/500.html +1 -1
- package/.next/standalone/.next/server/server-reference-manifest.js +1 -1
- package/.next/standalone/.next/server/server-reference-manifest.json +27 -9
- package/.next/standalone/.next/static/{dAuQps6jUwCz9X1Q5FFOO → DOSSF5hRUtt3-QZEm-ZIk}/_clientMiddlewareManifest.js +2 -2
- package/.next/standalone/.next/static/chunks/{0pkl..xgo-qox.js → 02e80j0576qfu.js} +1 -1
- package/.next/standalone/.next/static/chunks/{07uz2g0_38qia.js → 03fmihek9n986.js} +1 -1
- package/.next/standalone/.next/static/chunks/0f7d7hnbh4djs.js +1 -0
- package/.next/standalone/.next/static/chunks/0h7auy7hzjyhw.js +1 -0
- package/.next/standalone/.next/static/chunks/0wwt5o04i4zwh.js +1 -0
- package/.next/standalone/.next/static/chunks/0zbxssxh53n-3.js +1 -0
- package/.next/standalone/.next/static/chunks/13f1kmjea-0md.js +2 -0
- package/.next/standalone/.next/static/chunks/13xzda05yw19e.js +1 -0
- package/.next/standalone/.next/static/chunks/{150i0n26fnvso.js → 1__i9af9g78vd.js} +1 -1
- package/.next/standalone/.next/static/chunks/1uxa5lm6yco79.js +1 -0
- package/.next/standalone/.next/static/chunks/20dqelk3xz_ya.css +1 -0
- package/.next/standalone/.next/static/chunks/{0j171xiqge4rv.js → 29lzaddhez98q.js} +1 -1
- package/.next/standalone/.next/static/chunks/29nrs5xs9c4hx.css +2 -0
- package/.next/standalone/.next/static/chunks/{0lt8ko3lw.5yt.js → 2b_e9tyly10lo.js} +1 -1
- package/.next/standalone/.next/static/chunks/{0rnqmir4cd5p9.js → 2h0dkzyy0vocp.js} +1 -1
- package/.next/standalone/.next/static/chunks/2lp3a3a3_4_9o.js +63 -0
- package/.next/standalone/.next/static/chunks/{179yytvmam0ug.js → 2nt_slonrn0rw.js} +1 -1
- package/.next/standalone/.next/static/chunks/2plcgtv_tkv9t.js +1 -0
- package/.next/standalone/.next/static/chunks/33k2epr1iz8_z.js +6 -0
- package/.next/standalone/.next/static/chunks/{0d3shmwh5_nmn.js → 33u59vf_8xpd-.js} +1 -1
- package/.next/standalone/.next/static/chunks/3zkg2s2vzxc3d.js +1 -0
- package/.next/standalone/.next/static/chunks/{turbopack-05z7a19q43zfq.js → turbopack-3lrm4f20fz89b.js} +1 -1
- package/.next/standalone/SECURITY.md +73 -0
- package/.next/standalone/app/actions/get-audit-result.ts +35 -0
- package/.next/standalone/app/api/audit/_state.ts +79 -0
- package/.next/standalone/app/api/audit/invite/route.ts +183 -0
- package/.next/standalone/app/api/audit/run/route.ts +103 -0
- package/.next/standalone/app/api/audit/status/route.ts +24 -0
- package/.next/standalone/app/api/auth/login-request/route.ts +91 -0
- package/.next/standalone/app/api/auth/login-verify/route.ts +98 -0
- package/.next/standalone/app/api/auth/logout/route.ts +48 -0
- package/.next/standalone/app/api/auth/reminder/route.ts +213 -0
- package/.next/standalone/app/api/auth/status/route.ts +42 -0
- package/.next/standalone/app/audit/_components/audit-dashboard.tsx +397 -0
- package/.next/standalone/app/audit/_components/audit-poster.tsx +326 -0
- package/.next/standalone/app/audit/_components/audit-progress-strip.tsx +98 -0
- package/.next/standalone/app/audit/_components/auth-dialog.tsx +375 -0
- package/.next/standalone/app/audit/_components/come-back-better-section.tsx +333 -0
- package/.next/standalone/app/audit/_components/empty-state.tsx +152 -0
- package/.next/standalone/app/audit/_components/how-to-improve-section.tsx +187 -0
- package/.next/standalone/app/audit/_components/invite-dialog.tsx +227 -0
- package/.next/standalone/app/audit/_components/quirks-section.tsx +75 -0
- package/.next/standalone/app/audit/_components/report-footer.tsx +35 -0
- package/.next/standalone/app/audit/_components/rerun-button.tsx +119 -0
- package/.next/standalone/app/audit/_components/run-progress.tsx +120 -0
- package/.next/standalone/app/audit/_components/share-templates.ts +94 -0
- package/.next/standalone/app/audit/_components/sigil.tsx +36 -0
- package/.next/standalone/app/audit/_components/strengths-section.tsx +45 -0
- package/.next/standalone/app/audit/audit-styles.css +1178 -0
- package/.next/standalone/app/audit/loading.tsx +24 -0
- package/.next/standalone/app/audit/page.tsx +63 -0
- package/.next/standalone/app/components/sessions-list.tsx +77 -80
- package/.next/standalone/app/globals.css +754 -139
- package/.next/standalone/app/layout.tsx +6 -8
- package/.next/standalone/app/policies/hooks-client.tsx +340 -141
- package/.next/standalone/app/project/[name]/page.tsx +31 -37
- package/.next/standalone/app/projects/loading.tsx +30 -8
- package/.next/standalone/app/projects/page.tsx +66 -17
- package/.next/standalone/assets/audit/Audit Report.html +22 -0
- package/.next/standalone/assets/audit/Show Off Your Agent.html +22 -0
- package/.next/standalone/assets/audit/archetypes.jsx +277 -0
- package/.next/standalone/assets/audit/assets/fonts/bitcount-prop-single.woff2 +0 -0
- package/.next/standalone/assets/audit/audit.jsx +825 -0
- package/.next/standalone/assets/audit/poster-styles.css +424 -0
- package/.next/standalone/assets/audit/poster.jsx +247 -0
- package/.next/standalone/assets/audit/screenshots/poster-optimist.png +0 -0
- package/.next/standalone/assets/audit/screenshots/poster-scrolled.png +0 -0
- package/.next/standalone/assets/audit/styles.css +1225 -0
- package/.next/standalone/assets/audit/tweaks-panel.jsx +425 -0
- package/.next/standalone/assets/logos/company/icon.svg +1 -0
- package/.next/standalone/assets/logos/company/logo.svg +1 -0
- package/.next/standalone/components/navbar.tsx +119 -65
- package/.next/standalone/components/reach-developers.tsx +39 -11
- package/.next/standalone/lib/atomic-write.ts +67 -0
- package/.next/standalone/lib/auth/api-server-client.ts +306 -0
- package/.next/standalone/lib/auth/auth-store.ts +250 -0
- package/.next/standalone/lib/claude-sessions.ts +181 -0
- package/.next/standalone/lib/client-telemetry.ts +2 -0
- package/.next/standalone/lib/fetch-with-timeout.ts +59 -0
- package/.next/standalone/lib/share-card.ts +144 -0
- package/.next/standalone/lib/telemetry.ts +12 -7
- package/.next/standalone/node_modules/@next/env/package.json +2 -2
- package/.next/standalone/node_modules/next/dist/build/static-paths/app.js +2 -1
- package/.next/standalone/node_modules/next/dist/build/swc/index.js +1 -1
- package/.next/standalone/node_modules/next/dist/build/utils.js +2 -1
- package/.next/standalone/node_modules/next/dist/client/components/router-reducer/fetch-server-response.js +2 -2
- package/.next/standalone/node_modules/next/dist/client/components/router-reducer/set-cache-busting-search-param.js +8 -2
- package/.next/standalone/node_modules/next/dist/client/dev/debug-channel.js +102 -2
- package/.next/standalone/node_modules/next/dist/client/route-params.js +23 -6
- package/.next/standalone/node_modules/next/dist/compiled/next-server/app-page-turbo-experimental.runtime.prod.js +13 -13
- package/.next/standalone/node_modules/next/dist/compiled/next-server/app-page-turbo.runtime.prod.js +13 -13
- package/.next/standalone/node_modules/next/dist/compiled/next-server/app-route-turbo.runtime.prod.js +2 -2
- package/.next/standalone/node_modules/next/dist/compiled/next-server/pages-turbo.runtime.prod.js +10 -10
- package/.next/standalone/node_modules/next/dist/lib/patch-incorrect-lockfile.js +3 -3
- package/.next/standalone/node_modules/next/dist/server/app-render/action-handler.js +21 -14
- package/.next/standalone/node_modules/next/dist/server/app-render/app-render.js +62 -9
- package/.next/standalone/node_modules/next/dist/server/app-render/collect-segment-data.js +16 -0
- package/.next/standalone/node_modules/next/dist/server/app-render/create-component-tree.js +49 -19
- package/.next/standalone/node_modules/next/dist/server/app-render/get-script-nonce-from-header.js +8 -20
- package/.next/standalone/node_modules/next/dist/server/app-render/metadata-insertion/create-server-inserted-metadata.js +8 -7
- package/.next/standalone/node_modules/next/dist/server/app-render/use-flight-response.js +2 -2
- package/.next/standalone/node_modules/next/dist/server/async-storage/work-store.js +2 -1
- package/.next/standalone/node_modules/next/dist/server/base-server.js +13 -5
- package/.next/standalone/node_modules/next/dist/server/config-schema.js +1 -0
- package/.next/standalone/node_modules/next/dist/server/config.js +1 -1
- package/.next/standalone/node_modules/next/dist/server/dev/hot-reloader-turbopack.js +2 -2
- package/.next/standalone/node_modules/next/dist/server/dev/hot-reloader-webpack.js +1 -1
- package/.next/standalone/node_modules/next/dist/server/dev/static-paths-worker.js +2 -1
- package/.next/standalone/node_modules/next/dist/server/image-optimizer.js +22 -2
- package/.next/standalone/node_modules/next/dist/server/lib/app-info-log.js +1 -1
- package/.next/standalone/node_modules/next/dist/server/lib/encode-cache-tag.js +45 -0
- package/.next/standalone/node_modules/next/dist/server/lib/implicit-tags.js +6 -3
- package/.next/standalone/node_modules/next/dist/server/lib/is-rsc-request.js +18 -0
- package/.next/standalone/node_modules/next/dist/server/lib/mock-request.js +30 -5
- package/.next/standalone/node_modules/next/dist/server/lib/patch-fetch.js +5 -1
- package/.next/standalone/node_modules/next/dist/server/lib/patch-set-header.js +7 -0
- package/.next/standalone/node_modules/next/dist/server/lib/router-server.js +6 -3
- package/.next/standalone/node_modules/next/dist/server/lib/router-utils/resolve-routes.js +18 -4
- package/.next/standalone/node_modules/next/dist/server/lib/server-ipc/utils.js +3 -1
- package/.next/standalone/node_modules/next/dist/server/lib/start-server.js +1 -1
- package/.next/standalone/node_modules/next/dist/server/next-server.js +1 -1
- package/.next/standalone/node_modules/next/dist/server/request/fallback-params.js +27 -1
- package/.next/standalone/node_modules/next/dist/server/route-modules/app-route/module.js +1 -0
- package/.next/standalone/node_modules/next/dist/server/route-modules/route-module.js +11 -1
- package/.next/standalone/node_modules/next/dist/server/server-utils.js +19 -2
- package/.next/standalone/node_modules/next/dist/server/stream-utils/node-web-streams-helper.js +5 -5
- package/.next/standalone/node_modules/next/dist/server/use-cache/use-cache-wrapper.js +1 -1
- package/.next/standalone/node_modules/next/dist/server/web/adapter.js +4 -1
- package/.next/standalone/node_modules/next/dist/server/web/edge-route-module-wrapper.js +2 -1
- package/.next/standalone/node_modules/next/dist/server/web/spec-extension/revalidate.js +4 -3
- package/.next/standalone/node_modules/next/dist/server/web/spec-extension/unstable-cache.js +6 -2
- package/.next/standalone/node_modules/next/dist/shared/lib/errors/canary-only-config-error.js +1 -1
- package/.next/standalone/node_modules/next/dist/{server → shared/lib}/htmlescape.js +15 -0
- package/.next/standalone/node_modules/next/dist/shared/lib/router/routes/app.js +13 -1
- package/.next/standalone/node_modules/next/dist/shared/lib/router/utils/cache-busting-search-param.js +56 -10
- package/.next/standalone/node_modules/next/dist/telemetry/anonymous-meta.js +1 -1
- package/.next/standalone/node_modules/next/dist/telemetry/events/swc-load-failure.js +1 -1
- package/.next/standalone/node_modules/next/dist/telemetry/events/version.js +2 -2
- package/.next/standalone/node_modules/next/package.json +15 -15
- package/.next/standalone/node_modules/react/cjs/react.development.js +1 -1
- package/.next/standalone/node_modules/react/cjs/react.production.js +1 -1
- package/.next/standalone/node_modules/react/package.json +1 -1
- package/.next/standalone/node_modules/react-dom/cjs/react-dom-server-legacy.browser.production.js +1 -1
- package/.next/standalone/node_modules/react-dom/cjs/react-dom-server-legacy.node.production.js +1 -1
- package/.next/standalone/node_modules/react-dom/cjs/react-dom-server.browser.production.js +3 -3
- package/.next/standalone/node_modules/react-dom/cjs/react-dom-server.edge.production.js +3 -3
- package/.next/standalone/node_modules/react-dom/cjs/react-dom-server.node.production.js +3 -3
- package/.next/standalone/node_modules/react-dom/cjs/react-dom.production.js +1 -1
- package/.next/standalone/node_modules/react-dom/package.json +2 -2
- package/.next/standalone/osv-scanner.toml +17 -0
- package/.next/standalone/package.json +26 -18
- package/.next/standalone/proxy.ts +1 -1
- package/.next/standalone/public/audit/fonts/bitcount-prop-single.woff2 +0 -0
- package/.next/standalone/public/icon.svg +1 -0
- package/.next/standalone/public/logo.svg +1 -0
- package/.next/standalone/server.js +1 -1
- package/.next/standalone/templates/bitcount-font/README.md +42 -0
- package/.next/standalone/templates/bitcount-font/bitcount-prop-single.woff2 +0 -0
- package/.next/standalone/templates/bitcount-font/bitcount.css +49 -0
- package/.next/standalone/templates/bitcount-font/fonts.ts.example +23 -0
- package/README.md +12 -5
- package/bin/failproofai.mjs +263 -70
- package/dist/cli.mjs +3830 -1617
- package/lib/atomic-write.ts +67 -0
- package/lib/auth/api-server-client.ts +306 -0
- package/lib/auth/auth-store.ts +250 -0
- package/lib/claude-sessions.ts +181 -0
- package/lib/client-telemetry.ts +2 -0
- package/lib/fetch-with-timeout.ts +59 -0
- package/lib/share-card.ts +144 -0
- package/lib/telemetry.ts +12 -7
- package/package.json +26 -18
- package/scripts/install-telemetry.mjs +4 -0
- package/scripts/launch.ts +2 -2
- package/scripts/postinstall.mjs +89 -1
- package/src/audit/archetypes.ts +944 -0
- package/src/audit/cache.ts +151 -0
- package/src/audit/cli-adapters/claude.ts +97 -0
- package/src/audit/cli-adapters/codex.ts +56 -0
- package/src/audit/cli-adapters/copilot.ts +51 -0
- package/src/audit/cli-adapters/cursor.ts +51 -0
- package/src/audit/cli-adapters/gemini.ts +51 -0
- package/src/audit/cli-adapters/index.ts +70 -0
- package/src/audit/cli-adapters/opencode.ts +52 -0
- package/src/audit/cli-adapters/pi.ts +51 -0
- package/src/audit/cli-adapters/shared.ts +85 -0
- package/src/audit/cli.ts +319 -0
- package/src/audit/dashboard-cache.ts +158 -0
- package/src/audit/detectors/find-from-root.ts +27 -0
- package/src/audit/detectors/git-commit-no-verify.ts +22 -0
- package/src/audit/detectors/index.ts +33 -0
- package/src/audit/detectors/prefer-edit-over-read-cat.ts +31 -0
- package/src/audit/detectors/prefer-edit-over-sed-awk.ts +27 -0
- package/src/audit/detectors/prefer-write-over-heredoc.ts +36 -0
- package/src/audit/detectors/redundant-cd-cwd.ts +28 -0
- package/src/audit/detectors/reread-after-edit.ts +58 -0
- package/src/audit/detectors/sleep-polling-loop.ts +34 -0
- package/src/audit/features.ts +314 -0
- package/src/audit/findings.ts +298 -0
- package/src/audit/index.ts +387 -0
- package/src/audit/open-browser.ts +69 -0
- package/src/audit/replay.ts +147 -0
- package/src/audit/report.ts +349 -0
- package/src/audit/scoring.ts +174 -0
- package/src/audit/social-proof.ts +34 -0
- package/src/audit/strengths.ts +138 -0
- package/src/audit/types.ts +216 -0
- package/src/auth/cli.ts +359 -0
- package/src/hooks/builtin-policies.ts +81 -2
- package/src/hooks/custom-hooks-loader.ts +19 -3
- package/src/hooks/first-run-nudge.ts +146 -0
- package/src/hooks/handler.ts +21 -102
- package/src/hooks/hook-telemetry.ts +2 -2
- package/src/hooks/install-prompt.ts +34 -4
- package/src/hooks/manager.ts +72 -5
- package/src/hooks/policy-evaluator.ts +19 -4
- package/src/hooks/policy-registry.ts +21 -1
- package/src/hooks/policy-types.ts +9 -0
- package/src/hooks/tool-name-canonicalize.ts +65 -0
- package/src/posthog-key.ts +9 -0
- package/.next/standalone/.next/server/app/icon.png/route/app-paths-manifest.json +0 -3
- package/.next/standalone/.next/server/app/icon.png/route.js +0 -7
- package/.next/standalone/.next/server/app/icon.png/route.js.nft.json +0 -1
- package/.next/standalone/.next/server/app/icon.png.body +0 -0
- package/.next/standalone/.next/server/app/icon.png.meta +0 -1
- package/.next/standalone/.next/server/chunks/[externals]_next_dist_0sqmaqd._.js +0 -3
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__06.arfm._.js +0 -3
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__0__i0h0._.js +0 -3
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__0d_ob4n._.js +0 -3
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__0fe7_q_._.js +0 -3
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__0fw.e.h._.js +0 -3
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__0pxn0e1._.js +0 -3
- package/.next/standalone/.next/server/chunks/[root-of-the-server]__0xv0jh2._.js +0 -3
- package/.next/standalone/.next/server/chunks/_next-internal_server_app_icon_png_route_actions_12.gv.r.js +0 -3
- package/.next/standalone/.next/server/chunks/node_modules_next_dist_esm_build_templates_app-route_0bdfoky.js +0 -3
- package/.next/standalone/.next/server/chunks/node_modules_posthog-node_dist_entrypoints_index_node_mjs_05pz9._._.js +0 -3
- package/.next/standalone/.next/server/chunks/package_json_[json]_cjs_0z7w.hh._.js +0 -3
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__02r.cjq._.js +0 -3
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0370~qj._.js +0 -3
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0609ezh._.js +0 -3
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__07_-mkc._.js +0 -3
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__09z7o2x._.js +0 -19
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0_sh2n0._.js +0 -3
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0e9o9ri._.js +0 -4
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0l6swv1._.js +0 -3
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0logebz._.js +0 -3
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0mi5ejy._.js +0 -4
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0odijkc._.js +0 -3
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0podumr._.js +0 -4
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0rkxer-._.js +0 -3
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0rl2kwi._.js +0 -4
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0vg0uey._.js +0 -4
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0x5limi._.js +0 -3
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0ye1w50._.js +0 -4
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0ymlddl._.js +0 -223
- package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__10._f0s._.js +0 -4
- package/.next/standalone/.next/server/chunks/ssr/app_0cdqd9w._.js +0 -3
- package/.next/standalone/.next/server/chunks/ssr/app_global-error_tsx_0xerkr6._.js +0 -3
- package/.next/standalone/.next/server/chunks/ssr/app_policies_hooks-client_tsx_0q-m0y-._.js +0 -8
- package/.next/standalone/.next/server/chunks/ssr/app_projects_loading_tsx_13veom4._.js +0 -3
- package/.next/standalone/.next/server/chunks/ssr/lib_utils_ts_068jk73._.js +0 -3
- package/.next/standalone/.next/server/chunks/ssr/node_modules_0ttbz1~._.js +0 -3
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_06u0kr8._.js +0 -3
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_0h9llsw._.js +0 -6
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_0a_7sdg.js +0 -4
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_0ef3uwk.js +0 -4
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_0j79~gv.js +0 -4
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_0pbja1x.js +0 -4
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_0r6o0i2.js +0 -4
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_11y81~_.js +0 -4
- package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_12or2kf.js +0 -4
- package/.next/standalone/.next/server/chunks/ssr/node_modules_posthog-node_dist_entrypoints_index_node_mjs_0mebn66._.js +0 -3
- package/.next/standalone/.next/static/chunks/01q52wg_amm60.js +0 -2
- package/.next/standalone/.next/static/chunks/0kqar56yl~41o.js +0 -6
- package/.next/standalone/.next/static/chunks/0ml1.ck_5t36i.js +0 -1
- package/.next/standalone/.next/static/chunks/0w6fzf.07a24u.js +0 -1
- package/.next/standalone/.next/static/chunks/0zig0fh30t6ou.js +0 -1
- package/.next/standalone/.next/static/chunks/12l2t63hkyo2q.js +0 -1
- package/.next/standalone/.next/static/chunks/12pt~2f.c1sha.js +0 -1
- package/.next/standalone/.next/static/chunks/14lii11wmo450.js +0 -4
- package/.next/standalone/.next/static/chunks/17rm86uz2nd5a.css +0 -2
- package/.next/standalone/.next/static/media/4fa387ec64143e14-s.0q3udbd2bu5yp.woff2 +0 -0
- package/.next/standalone/.next/static/media/797e433ab948586e-s.p.0.q-h669a_dqa.woff2 +0 -0
- package/.next/standalone/.next/static/media/bbc41e54d2fcbd21-s.0gw~uztddq1df.woff2 +0 -0
- package/.next/standalone/.next/static/media/icon.0a.gigb3_x5pd.png +0 -0
- package/.next/standalone/app/icon.png +0 -0
- package/src/auth/login.ts +0 -104
- package/src/auth/logout.ts +0 -50
- package/src/auth/token-store.ts +0 -64
- package/src/relay/daemon.ts +0 -362
- package/src/relay/pid.ts +0 -76
- package/src/relay/queue.ts +0 -225
- /package/.next/standalone/.next/server/app/{icon.png → api/audit/invite}/route/build-manifest.json +0 -0
- /package/.next/standalone/.next/server/app/{icon.png → api/audit/invite}/route.js.map +0 -0
- /package/.next/standalone/.next/static/{dAuQps6jUwCz9X1Q5FFOO → DOSSF5hRUtt3-QZEm-ZIk}/_buildManifest.js +0 -0
- /package/.next/standalone/.next/static/{dAuQps6jUwCz9X1Q5FFOO → DOSSF5hRUtt3-QZEm-ZIk}/_ssgManifest.js +0 -0
- /package/.next/standalone/.next/static/chunks/{03~yq9q893hmn.js → 0cz1d0mv5g_q7.js} +0 -0
- /package/.next/standalone/.next/static/chunks/{0xbo5nl6w4lka.js → 2wbuxnsvux4di.js} +0 -0
- /package/.next/standalone/.next/static/chunks/{0_s0luks5tay-.js → 35fgpd_feci6x.js} +0 -0
- /package/.next/standalone/.next/static/chunks/{15fklyav5py5m.js → 3xpjn3cdgm-7m.js} +0 -0
- /package/.next/standalone/.next/static/chunks/{17.b3suj8zjjj.js → 4448_qq7bd963.js} +0 -0
|
@@ -0,0 +1,298 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Build the FindingsSection cards from a live AuditResult.
|
|
3
|
+
*
|
|
4
|
+
* Each card has four blocks (per reference design):
|
|
5
|
+
* - what happened (prose summary, hand-written per policy)
|
|
6
|
+
* - what this costs (severity / radius framing)
|
|
7
|
+
* - evidence (real examples from the AuditResult)
|
|
8
|
+
* - the fix (policy slug + install command — only when not enabled)
|
|
9
|
+
*
|
|
10
|
+
* The body / cost copy is hand-curated per policy/detector when we have
|
|
11
|
+
* good copy for it; otherwise we fall back to the policy's authored
|
|
12
|
+
* `displayTitle` + `impact` strings.
|
|
13
|
+
*/
|
|
14
|
+
import type { AuditCount, AuditResult } from "./types";
|
|
15
|
+
|
|
16
|
+
/** Plain-text body so this module stays JSX-free and can be imported
|
|
17
|
+
* server-side. The React layer renders these as paragraphs. */
|
|
18
|
+
export interface FindingCopy {
|
|
19
|
+
body: string;
|
|
20
|
+
cost: string;
|
|
21
|
+
}
|
|
22
|
+
|
|
23
|
+
/**
|
|
24
|
+
* Audit-detector → builtin-policy mapping.
|
|
25
|
+
*
|
|
26
|
+
* Each audit-only detector is paired with the closest real-time policy
|
|
27
|
+
* that catches the same class of behavior. The detector still does the
|
|
28
|
+
* specific pattern-matching; the "fix" prescribed in the report is the
|
|
29
|
+
* builtin policy. Removes the "audit-only — no real-time policy yet"
|
|
30
|
+
* framing so every finding looks like it has a failproofai fix.
|
|
31
|
+
*
|
|
32
|
+
* Mappings authored against the policy catalog in src/hooks/builtin-policies.ts.
|
|
33
|
+
* The first entry is the primary fix (shown in the "$ install" block);
|
|
34
|
+
* additional entries are listed alongside as "also covered by".
|
|
35
|
+
*/
|
|
36
|
+
const DETECTOR_TO_POLICY: Record<string, { primary: string; also?: string }> = {
|
|
37
|
+
// wasteful shell: repetitive cd && cmd burns tokens — same class as
|
|
38
|
+
// 3+ identical tool calls
|
|
39
|
+
"redundant-cd-cwd": { primary: "warn-repeated-tool-calls" },
|
|
40
|
+
// wrong tool choice: bash cat/head/tail on source files crosses the
|
|
41
|
+
// same file-read surface block-read-outside-cwd gates; the repetition
|
|
42
|
+
// is what warn-repeated-tool-calls would have caught
|
|
43
|
+
"prefer-edit-over-read-cat":{ primary: "block-read-outside-cwd", also: "warn-repeated-tool-calls" },
|
|
44
|
+
// wrong tool choice: sed -i / awk > file route a write through the
|
|
45
|
+
// shell — same class as the repeated-mis-use pattern
|
|
46
|
+
"prefer-edit-over-sed-awk": { primary: "warn-repeated-tool-calls" },
|
|
47
|
+
// bash file bypass: heredoc / echo > file is the layer that bypasses
|
|
48
|
+
// the Write tool — both .env and secret-key writes route through it
|
|
49
|
+
"prefer-write-over-heredoc":{ primary: "block-env-files", also: "block-secrets-write" },
|
|
50
|
+
// wasted execution: long sleeps + while-sleep loops are the same
|
|
51
|
+
// shape as backgrounded processes that never get cleaned up
|
|
52
|
+
"sleep-polling-loop": { primary: "warn-background-process" },
|
|
53
|
+
// risky filesystem: find /, /home, /usr is exactly the class of
|
|
54
|
+
// out-of-cwd reads that block-read-outside-cwd gates
|
|
55
|
+
"find-from-root": { primary: "block-read-outside-cwd" },
|
|
56
|
+
// hook bypass: --no-verify is a dangerous-commit-flag pattern; the
|
|
57
|
+
// bypass means CI / hooks never ran — both warn-git-amend's "rewriting
|
|
58
|
+
// history" class and the require-ci-green stop-gate cover this
|
|
59
|
+
"git-commit-no-verify": { primary: "warn-git-amend", also: "require-ci-green-before-stop" },
|
|
60
|
+
// wasteful reads: read after edit/write is identical-tool-call
|
|
61
|
+
// overhead — same redundant-invocation class
|
|
62
|
+
"reread-after-edit": { primary: "warn-repeated-tool-calls" },
|
|
63
|
+
};
|
|
64
|
+
|
|
65
|
+
const FINDING_COPY: Record<string, FindingCopy> = {
|
|
66
|
+
"redundant-cd-cwd": {
|
|
67
|
+
body: "the agent runs `cd <cwd>` before commands it would have run from the same directory anyway. mostly harmless. occasionally it gets the path wrong and manufactures a new bug.",
|
|
68
|
+
cost: "tokens burned on redundant navigation. low security risk. high noise.",
|
|
69
|
+
},
|
|
70
|
+
"block-push-master": {
|
|
71
|
+
body: "attempts to push directly to main. branch protection caught some, but the agent kept going. each retry costs a round-trip and pollutes the audit log.",
|
|
72
|
+
cost: "branch protection saved you most of the time. the rest landed or required a revert.",
|
|
73
|
+
},
|
|
74
|
+
"block-force-push": {
|
|
75
|
+
body: "force pushes to non-main branches. fast-forward errors rewritten by overwriting remote history — risky on shared branches even when not main.",
|
|
76
|
+
cost: "lost commits, broken PR diffs, confused reviewers downstream.",
|
|
77
|
+
},
|
|
78
|
+
"block-work-on-main": {
|
|
79
|
+
body: "commits or merges made while the agent was sitting on main / master. work that should land via PR skipped review.",
|
|
80
|
+
cost: "code that didn't pass review made it into the default branch.",
|
|
81
|
+
},
|
|
82
|
+
"block-read-outside-cwd": {
|
|
83
|
+
body: "reads outside the project root. some hit credential files (~/.aws/credentials, ~/.config/openai/key, out-of-tree .env). none made it back to stdout — but they made it into context.",
|
|
84
|
+
cost: "credential exposure risk. data crossed project boundaries into the agent's context window.",
|
|
85
|
+
},
|
|
86
|
+
"block-env-files": {
|
|
87
|
+
body: "the agent tried to read or write `.env` files directly. these typically contain API keys and database credentials in plaintext.",
|
|
88
|
+
cost: "high exposure risk. secrets one tool-call away from leaving the project.",
|
|
89
|
+
},
|
|
90
|
+
"block-secrets-write": {
|
|
91
|
+
body: "attempts to write credential-shaped strings to files that aren't typically credential stores.",
|
|
92
|
+
cost: "could have committed live secrets to the repo.",
|
|
93
|
+
},
|
|
94
|
+
"block-rm-rf": {
|
|
95
|
+
body: "recursive deletes against paths that could plausibly take out unrelated work. `rm -rf` is the agent's preferred way of cleaning up — even when it shouldn't be.",
|
|
96
|
+
cost: "irreversible. one wrong path argument = lost work.",
|
|
97
|
+
},
|
|
98
|
+
"block-sudo": {
|
|
99
|
+
body: "sudo invocations from inside the agent shell. escalating to root inside an unsupervised tool call is rarely the answer.",
|
|
100
|
+
cost: "privilege escalation in a context where the agent isn't meant to have it.",
|
|
101
|
+
},
|
|
102
|
+
"block-curl-pipe-sh": {
|
|
103
|
+
body: "curl | sh patterns — fetching a remote script and piping it straight into the shell. no checksum, no review, no rollback.",
|
|
104
|
+
cost: "supply-chain attack surface. arbitrary code execution from a URL.",
|
|
105
|
+
},
|
|
106
|
+
"warn-repeated-tool-calls": {
|
|
107
|
+
body: "same call, same args, multiple times under 90 seconds. no diagnosis between attempts. the call's been failing for the same reason every time.",
|
|
108
|
+
cost: "retry overhead. sessions stall before manual correction.",
|
|
109
|
+
},
|
|
110
|
+
"sleep-polling-loop": {
|
|
111
|
+
body: "long sleeps or busy-wait loops where the agent waits for a state it has no reason to expect.",
|
|
112
|
+
cost: "wall-clock burned. better to wait for an explicit signal.",
|
|
113
|
+
},
|
|
114
|
+
"find-from-root": {
|
|
115
|
+
body: "`find` invoked against `/`, `/home`, `/usr`, etc. — searching the whole filesystem when a project-scoped query would have answered the question.",
|
|
116
|
+
cost: "exhausts resources. surfaces files outside the project that taint context.",
|
|
117
|
+
},
|
|
118
|
+
"git-commit-no-verify": {
|
|
119
|
+
body: "commits made with `--no-verify` / `-n`, skipping pre-commit hooks. the hooks exist to catch lint errors, broken types, malformed configs — bypassing them means those checks never ran.",
|
|
120
|
+
cost: "broken or unsafe code lands without the safety net.",
|
|
121
|
+
},
|
|
122
|
+
"prefer-edit-over-read-cat": {
|
|
123
|
+
body: "`cat` / `head` / `tail` on source files routed through Bash output instead of the Read tool. round-trips the file through a less efficient channel.",
|
|
124
|
+
cost: "burns tokens on shell output that the Read tool would have returned cleanly.",
|
|
125
|
+
},
|
|
126
|
+
"prefer-edit-over-sed-awk": {
|
|
127
|
+
body: "in-place edits via `sed -i` or `awk … > file`. no diff to inspect, no rollback if the regex was wrong.",
|
|
128
|
+
cost: "destructive when the regex matches more than expected. no verification surface.",
|
|
129
|
+
},
|
|
130
|
+
"prefer-write-over-heredoc": {
|
|
131
|
+
body: "multi-line file writes via heredoc or `echo > file`. the Write tool handles escaping and produces a verifiable diff.",
|
|
132
|
+
cost: "subtle escape bugs. content arrives in the file with quoting drift.",
|
|
133
|
+
},
|
|
134
|
+
"reread-after-edit": {
|
|
135
|
+
body: "reads of files that were Edit'd or Write'n earlier in the same session. the editor already returned the updated content — the second read is wasted.",
|
|
136
|
+
cost: "tokens spent re-fetching content the tool already returned.",
|
|
137
|
+
},
|
|
138
|
+
"warn-large-file-write": {
|
|
139
|
+
body: "writes to files significantly larger than typical for the project. blast radius increases with file size; large writes deserve a second look.",
|
|
140
|
+
cost: "harder to review, harder to roll back, easier to break something downstream.",
|
|
141
|
+
},
|
|
142
|
+
"warn-background-process": {
|
|
143
|
+
body: "spawned a background process and moved on. nothing watches the process; if it crashes the agent doesn't know.",
|
|
144
|
+
cost: "silent failures. resource leaks if the process never exits.",
|
|
145
|
+
},
|
|
146
|
+
"require-commit-before-stop": {
|
|
147
|
+
body: "the agent reported a task complete while changes were still uncommitted in the working tree.",
|
|
148
|
+
cost: "unsaved work. next session starts with a dirty checkout the agent thinks is clean.",
|
|
149
|
+
},
|
|
150
|
+
"require-push-before-stop": {
|
|
151
|
+
body: "the agent stopped with commits sitting only on the local branch — nothing pushed to the remote.",
|
|
152
|
+
cost: "no one else can see the work. silent loss if the machine dies.",
|
|
153
|
+
},
|
|
154
|
+
"require-pr-before-stop": {
|
|
155
|
+
body: "the agent stopped without opening a PR. the commits are on a branch nobody reviewed.",
|
|
156
|
+
cost: "no review, no merge path, no record that the work happened.",
|
|
157
|
+
},
|
|
158
|
+
"require-ci-green-before-stop": {
|
|
159
|
+
body: "the agent declared completion before CI returned green (or while CI was already failing).",
|
|
160
|
+
cost: "false completion signal. broken main if anyone trusts the agent's word.",
|
|
161
|
+
},
|
|
162
|
+
};
|
|
163
|
+
|
|
164
|
+
function shortName(name: string): string {
|
|
165
|
+
const slash = name.indexOf("/");
|
|
166
|
+
return slash >= 0 ? name.slice(slash + 1) : name;
|
|
167
|
+
}
|
|
168
|
+
|
|
169
|
+
function relTimeAgo(iso?: string): string {
|
|
170
|
+
if (!iso) return "—";
|
|
171
|
+
const ms = Date.now() - new Date(iso).getTime();
|
|
172
|
+
if (Number.isNaN(ms) || ms < 0) return "—";
|
|
173
|
+
const m = Math.floor(ms / 60_000);
|
|
174
|
+
if (m < 60) return `${Math.max(1, m)}m ago`;
|
|
175
|
+
const h = Math.floor(m / 60);
|
|
176
|
+
if (h < 24) return `${h}h ago`;
|
|
177
|
+
const d = Math.floor(h / 24);
|
|
178
|
+
if (d < 30) return `${d}d ago`;
|
|
179
|
+
const months = Math.floor(d / 30);
|
|
180
|
+
return `${months}mo ago`;
|
|
181
|
+
}
|
|
182
|
+
|
|
183
|
+
export interface FindingCard {
|
|
184
|
+
num: string;
|
|
185
|
+
title: string;
|
|
186
|
+
count: number;
|
|
187
|
+
/** Unique identifier for React keys. This is the original detector
|
|
188
|
+
* or policy short slug (e.g. "redundant-cd-cwd", "block-push-master"),
|
|
189
|
+
* NOT the prescribed-fix slug — which can repeat across cards when
|
|
190
|
+
* multiple detectors share the same fix policy. */
|
|
191
|
+
sourceSlug: string;
|
|
192
|
+
/** Slug shown in the meta line — the prescribed-fix policy. May
|
|
193
|
+
* repeat across cards (e.g. several detectors → warn-repeated-tool-calls). */
|
|
194
|
+
policy: string;
|
|
195
|
+
projects: number;
|
|
196
|
+
lastSeen: string;
|
|
197
|
+
body: string;
|
|
198
|
+
cost: string;
|
|
199
|
+
evidence: { text: string; kind: "cmd" | "comment" | "err" }[];
|
|
200
|
+
/** Prescribed fix. Always populated now — detectors route to their
|
|
201
|
+
* closest builtin policy (see DETECTOR_TO_POLICY). */
|
|
202
|
+
fix: { slug: string; desc: string; install: string; alsoCoveredBy?: string };
|
|
203
|
+
/** True when the prescribed fix policy is already in the user's
|
|
204
|
+
* enabled set. UI tones the fix block accordingly. */
|
|
205
|
+
alreadyEnabled: boolean;
|
|
206
|
+
}
|
|
207
|
+
|
|
208
|
+
/** Build the per-policy/detector finding cards. Ranks by hits desc and
|
|
209
|
+
* drops rows that would otherwise be uninformative (zero hits). */
|
|
210
|
+
export function deriveFindings(result: AuditResult): FindingCard[] {
|
|
211
|
+
const sorted = [...result.results]
|
|
212
|
+
.filter((r) => r.hits > 0)
|
|
213
|
+
.sort((a, b) => b.hits - a.hits);
|
|
214
|
+
|
|
215
|
+
const enabledSet = new Set(result.enabledBuiltinNames ?? []);
|
|
216
|
+
return sorted.map((r, i) => buildCard(r, i, enabledSet));
|
|
217
|
+
}
|
|
218
|
+
|
|
219
|
+
/** Lightweight metadata for a policy that we may need to display even
|
|
220
|
+
* when the policy didn't fire on its own (a detector pointed at it).
|
|
221
|
+
* Mirrors the relevant subset of `BuiltinPolicy` so this module stays
|
|
222
|
+
* client-bundle-safe (no node imports). */
|
|
223
|
+
const POLICY_META: Record<string, { displayTitle: string; impact: string }> = {
|
|
224
|
+
"warn-repeated-tool-calls": {
|
|
225
|
+
displayTitle: "Called the same tool 3+ times with identical arguments",
|
|
226
|
+
impact: "catches identical-arg retries before they spiral into a token-burning loop.",
|
|
227
|
+
},
|
|
228
|
+
"block-read-outside-cwd": {
|
|
229
|
+
displayTitle: "Tried to read files outside your project directory",
|
|
230
|
+
impact: "denies reads of files outside the project root, including symlinks.",
|
|
231
|
+
},
|
|
232
|
+
"block-env-files": {
|
|
233
|
+
displayTitle: "Tried to read or write a .env file",
|
|
234
|
+
impact: "blocks reads and writes of `.env` files at the tool layer.",
|
|
235
|
+
},
|
|
236
|
+
"block-secrets-write": {
|
|
237
|
+
displayTitle: "Tried to write a secret-key file",
|
|
238
|
+
impact: "blocks writes to .pem, id_rsa, credentials.json, and similar.",
|
|
239
|
+
},
|
|
240
|
+
"warn-background-process": {
|
|
241
|
+
displayTitle: "Started a long-lived background process",
|
|
242
|
+
impact: "warns on nohup / & / screen / tmux / disown patterns the agent forgets to clean up.",
|
|
243
|
+
},
|
|
244
|
+
"warn-git-amend": {
|
|
245
|
+
displayTitle: "Used git commit --amend",
|
|
246
|
+
impact: "warns before amending — same class as dangerous-commit-flag bypasses.",
|
|
247
|
+
},
|
|
248
|
+
"require-ci-green-before-stop": {
|
|
249
|
+
displayTitle: "Stopped with failing CI",
|
|
250
|
+
impact: "requires CI checks to pass on HEAD before declaring done.",
|
|
251
|
+
},
|
|
252
|
+
};
|
|
253
|
+
|
|
254
|
+
function buildCard(r: AuditCount, idx: number, enabledSet: Set<string>): FindingCard {
|
|
255
|
+
const slug = shortName(r.name);
|
|
256
|
+
const isDetector = r.source === "audit-detector";
|
|
257
|
+
const mapping = isDetector ? DETECTOR_TO_POLICY[slug] : undefined;
|
|
258
|
+
|
|
259
|
+
// For a detector, the prescribed fix points at its mapped policy.
|
|
260
|
+
// For a builtin row, it points at itself.
|
|
261
|
+
const fixSlug = mapping?.primary ?? slug;
|
|
262
|
+
const meta = POLICY_META[fixSlug];
|
|
263
|
+
const fixDesc = meta?.impact ?? r.impact ?? r.displayTitle;
|
|
264
|
+
const alsoCoveredBy = mapping?.also;
|
|
265
|
+
|
|
266
|
+
const alreadyEnabled = enabledSet.has(fixSlug)
|
|
267
|
+
|| (r.source === "builtin" && r.enabledInConfig);
|
|
268
|
+
|
|
269
|
+
const copy = FINDING_COPY[slug];
|
|
270
|
+
|
|
271
|
+
const evidence: FindingCard["evidence"] = r.examples.slice(0, 4).map((e) => ({
|
|
272
|
+
text: e.example,
|
|
273
|
+
kind: "cmd" as const,
|
|
274
|
+
}));
|
|
275
|
+
if (evidence.length === 0) {
|
|
276
|
+
evidence.push({ text: "no example commands captured.", kind: "comment" });
|
|
277
|
+
}
|
|
278
|
+
|
|
279
|
+
return {
|
|
280
|
+
num: String(idx + 1).padStart(2, "0"),
|
|
281
|
+
title: r.displayTitle.toLowerCase(),
|
|
282
|
+
count: r.hits,
|
|
283
|
+
sourceSlug: slug,
|
|
284
|
+
policy: fixSlug,
|
|
285
|
+
projects: r.projects,
|
|
286
|
+
lastSeen: relTimeAgo(r.lastSeen),
|
|
287
|
+
body: copy?.body ?? r.impact ?? r.displayTitle,
|
|
288
|
+
cost: copy?.cost ?? r.impact ?? "see policy description above.",
|
|
289
|
+
evidence,
|
|
290
|
+
fix: {
|
|
291
|
+
slug: fixSlug,
|
|
292
|
+
desc: fixDesc,
|
|
293
|
+
install: `failproofai policy add ${fixSlug}`,
|
|
294
|
+
alsoCoveredBy,
|
|
295
|
+
},
|
|
296
|
+
alreadyEnabled,
|
|
297
|
+
};
|
|
298
|
+
}
|
|
@@ -0,0 +1,387 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* `runAudit` — entry point for the `failproofai audit` command.
|
|
3
|
+
*
|
|
4
|
+
* Drives the pipeline: per-CLI adapters → tool events → (replay + audit
|
|
5
|
+
* detectors) → per-transcript results → aggregated `AuditResult`.
|
|
6
|
+
*
|
|
7
|
+
* Parallelizes transcript scans via `lib/concurrency.ts` `batchAll` (8 at a
|
|
8
|
+
* time — bounds disk I/O without overwhelming the policy engine).
|
|
9
|
+
*/
|
|
10
|
+
import { batchAll } from "../../lib/concurrency";
|
|
11
|
+
import { BUILTIN_POLICIES } from "../hooks/builtin-policies";
|
|
12
|
+
import { readMergedHooksConfig } from "../hooks/hooks-config";
|
|
13
|
+
import { normalizePolicyName } from "../hooks/policy-registry";
|
|
14
|
+
import { INTEGRATION_TYPES, type IntegrationType } from "../hooks/types";
|
|
15
|
+
import { ADAPTERS } from "./cli-adapters";
|
|
16
|
+
import { AUDIT_DETECTORS } from "./detectors";
|
|
17
|
+
import { severityForBuiltin } from "./features";
|
|
18
|
+
import { readCachedTranscriptResult, writeCachedTranscriptResult } from "./cache";
|
|
19
|
+
import { initReplay, replayEvent, restoreReplay } from "./replay";
|
|
20
|
+
import {
|
|
21
|
+
AUDIT_EXAMPLE_MAX_CHARS,
|
|
22
|
+
AUDIT_MAX_EXAMPLES_PER_NAME,
|
|
23
|
+
type AuditCount,
|
|
24
|
+
type AuditResult,
|
|
25
|
+
type DetectorSessionState,
|
|
26
|
+
type NormalizedToolEvent,
|
|
27
|
+
type RunAuditOptions,
|
|
28
|
+
type TranscriptAuditResult,
|
|
29
|
+
type TranscriptMetadata,
|
|
30
|
+
} from "./types";
|
|
31
|
+
|
|
32
|
+
const TRANSCRIPT_CONCURRENCY = 8;
|
|
33
|
+
|
|
34
|
+
/** Canonicalize a policy name to its short, qualified form for display
|
|
35
|
+
* (`failproofai/foo` → `foo`). */
|
|
36
|
+
function shortPolicyName(name: string): string {
|
|
37
|
+
const slash = name.indexOf("/");
|
|
38
|
+
return slash >= 0 ? name.slice(slash + 1) : name;
|
|
39
|
+
}
|
|
40
|
+
|
|
41
|
+
/** Look up a builtin policy definition by canonical name; null when the name
|
|
42
|
+
* doesn't match a builtin (e.g. user custom policy). */
|
|
43
|
+
function findBuiltin(name: string) {
|
|
44
|
+
const short = shortPolicyName(name);
|
|
45
|
+
for (const p of BUILTIN_POLICIES) {
|
|
46
|
+
if (p.name === name || shortPolicyName(p.name) === short) return p;
|
|
47
|
+
}
|
|
48
|
+
return null;
|
|
49
|
+
}
|
|
50
|
+
|
|
51
|
+
/** Build the per-row install hint shown in the report:
|
|
52
|
+
* - Already enabled builtin: a check phrase ("Already enforced — currently blocking these in real time")
|
|
53
|
+
* - Unenabled builtin: `failproofai policies --install <short-name>`
|
|
54
|
+
* - Audit-only detector: soft notice ("Audit-only — `failproofai audit` will keep tracking these")
|
|
55
|
+
* - Unknown / custom: empty string
|
|
56
|
+
*/
|
|
57
|
+
function buildInstallHint(
|
|
58
|
+
name: string,
|
|
59
|
+
source: "builtin" | "audit-detector",
|
|
60
|
+
enabled: boolean,
|
|
61
|
+
): string {
|
|
62
|
+
if (source === "audit-detector") {
|
|
63
|
+
return "Audit-only — `failproofai audit` will keep tracking these.";
|
|
64
|
+
}
|
|
65
|
+
if (enabled) {
|
|
66
|
+
return "Already enforced — failproofai is blocking these in real time.";
|
|
67
|
+
}
|
|
68
|
+
return `Enable in one command: failproofai policies --install ${shortPolicyName(name)}`;
|
|
69
|
+
}
|
|
70
|
+
|
|
71
|
+
function truncateExample(s: string): string {
|
|
72
|
+
if (s.length <= AUDIT_EXAMPLE_MAX_CHARS) return s;
|
|
73
|
+
return s.slice(0, AUDIT_EXAMPLE_MAX_CHARS - 1) + "…";
|
|
74
|
+
}
|
|
75
|
+
|
|
76
|
+
function parseSinceOpt(since: string | undefined): number | undefined {
|
|
77
|
+
if (!since) return undefined;
|
|
78
|
+
const m = /^(\d+)\s*([dhm])$/i.exec(since.trim());
|
|
79
|
+
if (m) {
|
|
80
|
+
const n = parseInt(m[1], 10);
|
|
81
|
+
const unit = m[2].toLowerCase();
|
|
82
|
+
const ms = unit === "d" ? 86400000 : unit === "h" ? 3600000 : 60000;
|
|
83
|
+
return Date.now() - n * ms;
|
|
84
|
+
}
|
|
85
|
+
const t = Date.parse(since);
|
|
86
|
+
if (!Number.isNaN(t)) return t;
|
|
87
|
+
throw new Error(`Invalid --since value: "${since}" (expected e.g. "7d", "30d", or "2026-04-01")`);
|
|
88
|
+
}
|
|
89
|
+
|
|
90
|
+
async function scanOneTranscript(meta: TranscriptMetadata): Promise<TranscriptAuditResult> {
|
|
91
|
+
const empty: TranscriptAuditResult = {
|
|
92
|
+
transcriptPath: meta.transcriptPath,
|
|
93
|
+
cli: meta.cli,
|
|
94
|
+
projectName: meta.projectName,
|
|
95
|
+
sessionId: meta.sessionId,
|
|
96
|
+
mtimeMs: meta.mtimeMs,
|
|
97
|
+
sizeBytes: meta.sizeBytes,
|
|
98
|
+
cwd: "",
|
|
99
|
+
eventsScanned: 0,
|
|
100
|
+
hitsByName: {},
|
|
101
|
+
examplesByName: {},
|
|
102
|
+
rangeByName: {},
|
|
103
|
+
};
|
|
104
|
+
|
|
105
|
+
// Stream failures must propagate so the orchestrator counts them in
|
|
106
|
+
// `errors` rather than silently returning an empty hits map.
|
|
107
|
+
const events = await ADAPTERS[meta.cli].streamEvents(meta);
|
|
108
|
+
if (events.length === 0) return empty;
|
|
109
|
+
|
|
110
|
+
const result = empty;
|
|
111
|
+
result.eventsScanned = events.length;
|
|
112
|
+
// Capture the session's cwd from the first event that carried one — every
|
|
113
|
+
// event in a single transcript shares the same cwd by construction.
|
|
114
|
+
result.cwd = events[0].cwd || "";
|
|
115
|
+
const sessionState: DetectorSessionState = {};
|
|
116
|
+
|
|
117
|
+
for (const event of events) {
|
|
118
|
+
// Run audit detectors first (stateful, must see every event).
|
|
119
|
+
for (const detector of AUDIT_DETECTORS) {
|
|
120
|
+
const hit = detector.detect(event, sessionState);
|
|
121
|
+
if (!hit) continue;
|
|
122
|
+
recordHit(
|
|
123
|
+
result,
|
|
124
|
+
detector.name,
|
|
125
|
+
event.timestamp,
|
|
126
|
+
event.cwd,
|
|
127
|
+
truncateExample(hit.example),
|
|
128
|
+
);
|
|
129
|
+
}
|
|
130
|
+
// Then replay through every builtin policy.
|
|
131
|
+
let replayHits;
|
|
132
|
+
try {
|
|
133
|
+
replayHits = await replayEvent(event);
|
|
134
|
+
} catch {
|
|
135
|
+
continue;
|
|
136
|
+
}
|
|
137
|
+
for (const hit of replayHits) {
|
|
138
|
+
const example = formatPolicyExample(hit.policyName, event);
|
|
139
|
+
recordHit(
|
|
140
|
+
result,
|
|
141
|
+
hit.policyName,
|
|
142
|
+
event.timestamp,
|
|
143
|
+
event.cwd,
|
|
144
|
+
truncateExample(example),
|
|
145
|
+
);
|
|
146
|
+
}
|
|
147
|
+
}
|
|
148
|
+
|
|
149
|
+
return result;
|
|
150
|
+
}
|
|
151
|
+
|
|
152
|
+
function formatPolicyExample(_policyName: string, event: NormalizedToolEvent): string {
|
|
153
|
+
if (event.toolName === "Bash") {
|
|
154
|
+
const command = (event.toolInput as { command?: unknown }).command;
|
|
155
|
+
if (typeof command === "string") return command.replace(/\s+/g, " ");
|
|
156
|
+
}
|
|
157
|
+
const filePath = (event.toolInput as { file_path?: unknown }).file_path;
|
|
158
|
+
if (typeof filePath === "string") return `${event.toolName} ${filePath}`;
|
|
159
|
+
return `${event.toolName}`;
|
|
160
|
+
}
|
|
161
|
+
|
|
162
|
+
function recordHit(
|
|
163
|
+
result: TranscriptAuditResult,
|
|
164
|
+
name: string,
|
|
165
|
+
timestamp: string,
|
|
166
|
+
cwd: string,
|
|
167
|
+
example: string,
|
|
168
|
+
): void {
|
|
169
|
+
result.hitsByName[name] = (result.hitsByName[name] ?? 0) + 1;
|
|
170
|
+
const exs = result.examplesByName[name] ?? [];
|
|
171
|
+
if (exs.length < AUDIT_MAX_EXAMPLES_PER_NAME) {
|
|
172
|
+
exs.push({ timestamp, cwd, example });
|
|
173
|
+
result.examplesByName[name] = exs;
|
|
174
|
+
}
|
|
175
|
+
const range = result.rangeByName[name];
|
|
176
|
+
if (!range) {
|
|
177
|
+
result.rangeByName[name] = { first: timestamp, last: timestamp };
|
|
178
|
+
} else {
|
|
179
|
+
if (timestamp < range.first) range.first = timestamp;
|
|
180
|
+
if (timestamp > range.last) range.last = timestamp;
|
|
181
|
+
}
|
|
182
|
+
}
|
|
183
|
+
|
|
184
|
+
function aggregateResults(
|
|
185
|
+
perTranscript: TranscriptAuditResult[],
|
|
186
|
+
enabledBuiltins: Set<string>,
|
|
187
|
+
): AuditCount[] {
|
|
188
|
+
// For each name: sum hits, count distinct projects, merge ranges + examples.
|
|
189
|
+
const byName = new Map<string, {
|
|
190
|
+
hits: number;
|
|
191
|
+
projects: Set<string>;
|
|
192
|
+
examples: { sessionId: string; cwd: string; timestamp: string; example: string }[];
|
|
193
|
+
first?: string;
|
|
194
|
+
last?: string;
|
|
195
|
+
}>();
|
|
196
|
+
|
|
197
|
+
for (const t of perTranscript) {
|
|
198
|
+
for (const [name, count] of Object.entries(t.hitsByName)) {
|
|
199
|
+
const bucket = byName.get(name) ?? {
|
|
200
|
+
hits: 0,
|
|
201
|
+
projects: new Set<string>(),
|
|
202
|
+
examples: [],
|
|
203
|
+
};
|
|
204
|
+
bucket.hits += count;
|
|
205
|
+
bucket.projects.add(t.projectName);
|
|
206
|
+
const tExs = t.examplesByName[name] ?? [];
|
|
207
|
+
for (const e of tExs) {
|
|
208
|
+
if (bucket.examples.length < AUDIT_MAX_EXAMPLES_PER_NAME) {
|
|
209
|
+
bucket.examples.push({ ...e, sessionId: t.sessionId });
|
|
210
|
+
}
|
|
211
|
+
}
|
|
212
|
+
const range = t.rangeByName[name];
|
|
213
|
+
if (range) {
|
|
214
|
+
if (!bucket.first || range.first < bucket.first) bucket.first = range.first;
|
|
215
|
+
if (!bucket.last || range.last > bucket.last) bucket.last = range.last;
|
|
216
|
+
}
|
|
217
|
+
byName.set(name, bucket);
|
|
218
|
+
}
|
|
219
|
+
}
|
|
220
|
+
|
|
221
|
+
const detectorByName = new Map(AUDIT_DETECTORS.map((d) => [d.name, d]));
|
|
222
|
+
const out: AuditCount[] = [];
|
|
223
|
+
for (const [name, bucket] of byName) {
|
|
224
|
+
const detector = detectorByName.get(name);
|
|
225
|
+
const isDetector = !!detector;
|
|
226
|
+
const builtin = isDetector ? null : findBuiltin(name);
|
|
227
|
+
const source: "builtin" | "audit-detector" = isDetector ? "audit-detector" : "builtin";
|
|
228
|
+
const enabled = isDetector ? false : enabledBuiltins.has(normalizePolicyName(name));
|
|
229
|
+
|
|
230
|
+
const displayTitle =
|
|
231
|
+
detector?.displayTitle
|
|
232
|
+
?? builtin?.displayTitle
|
|
233
|
+
?? detector?.description
|
|
234
|
+
?? builtin?.description
|
|
235
|
+
?? shortPolicyName(name);
|
|
236
|
+
const impact = detector?.impact ?? builtin?.impact ?? "";
|
|
237
|
+
|
|
238
|
+
out.push({
|
|
239
|
+
name,
|
|
240
|
+
source,
|
|
241
|
+
category: detector?.category ?? builtin?.category ?? "Custom",
|
|
242
|
+
// Builtins carry no static severity field — derive it from the policy
|
|
243
|
+
// name prefix (sanitize-/warn-/block-/…) so the score's gentle/medium
|
|
244
|
+
// buckets actually populate instead of everything collapsing to "deny".
|
|
245
|
+
severity: isDetector ? (detector?.severity ?? "info") : severityForBuiltin(name),
|
|
246
|
+
hits: bucket.hits,
|
|
247
|
+
projects: bucket.projects.size,
|
|
248
|
+
firstSeen: bucket.first,
|
|
249
|
+
lastSeen: bucket.last,
|
|
250
|
+
examples: bucket.examples,
|
|
251
|
+
displayTitle,
|
|
252
|
+
impact,
|
|
253
|
+
enabledInConfig: enabled,
|
|
254
|
+
installHint: buildInstallHint(name, source, enabled),
|
|
255
|
+
});
|
|
256
|
+
}
|
|
257
|
+
|
|
258
|
+
out.sort((a, b) => b.hits - a.hits);
|
|
259
|
+
return out;
|
|
260
|
+
}
|
|
261
|
+
|
|
262
|
+
export async function runAudit(opts: RunAuditOptions = {}): Promise<AuditResult> {
|
|
263
|
+
const startedAt = Date.now();
|
|
264
|
+
initReplay();
|
|
265
|
+
try {
|
|
266
|
+
return await runAuditInner(opts, startedAt);
|
|
267
|
+
} finally {
|
|
268
|
+
// Always restore the caller's policy registry, even on error. Without
|
|
269
|
+
// this, embedding runAudit() in a long-running process (e.g. the Next.js
|
|
270
|
+
// dashboard) would clobber any pre-existing policy registrations.
|
|
271
|
+
restoreReplay();
|
|
272
|
+
}
|
|
273
|
+
}
|
|
274
|
+
|
|
275
|
+
async function runAuditInner(opts: RunAuditOptions, startedAt: number): Promise<AuditResult> {
|
|
276
|
+
const clis = (opts.clis ?? Array.from(INTEGRATION_TYPES)) as IntegrationType[];
|
|
277
|
+
const sinceMs = parseSinceOpt(opts.since);
|
|
278
|
+
|
|
279
|
+
// Snapshot which builtin policies the user currently has enabled — drives
|
|
280
|
+
// the "already protected" vs "slipping through" split in the report.
|
|
281
|
+
const userConfig = readMergedHooksConfig();
|
|
282
|
+
const enabledBuiltins = new Set(
|
|
283
|
+
(userConfig.enabledPolicies ?? []).map((n) => normalizePolicyName(n)),
|
|
284
|
+
);
|
|
285
|
+
|
|
286
|
+
// 1. Discover transcripts across all selected CLIs.
|
|
287
|
+
const allTranscripts: TranscriptMetadata[] = [];
|
|
288
|
+
for (const cli of clis) {
|
|
289
|
+
const adapter = ADAPTERS[cli];
|
|
290
|
+
let list: TranscriptMetadata[];
|
|
291
|
+
try {
|
|
292
|
+
list = await adapter.listTranscripts({ projects: opts.projects, sinceMs });
|
|
293
|
+
} catch {
|
|
294
|
+
continue; // adapter failures shouldn't kill the whole audit
|
|
295
|
+
}
|
|
296
|
+
allTranscripts.push(...list);
|
|
297
|
+
}
|
|
298
|
+
|
|
299
|
+
// 2. Scan each transcript (cache-aware), 8 in parallel.
|
|
300
|
+
let skipped = 0;
|
|
301
|
+
let errors = 0;
|
|
302
|
+
const tasks = allTranscripts.map((meta) => async (): Promise<TranscriptAuditResult> => {
|
|
303
|
+
if (!opts.noCache) {
|
|
304
|
+
const cached = readCachedTranscriptResult(meta.transcriptPath, meta.mtimeMs, meta.sizeBytes);
|
|
305
|
+
if (cached) return cached;
|
|
306
|
+
}
|
|
307
|
+
try {
|
|
308
|
+
const fresh = await scanOneTranscript(meta);
|
|
309
|
+
if (!opts.noCache) {
|
|
310
|
+
writeCachedTranscriptResult(meta.transcriptPath, meta.mtimeMs, meta.sizeBytes, fresh);
|
|
311
|
+
}
|
|
312
|
+
return fresh;
|
|
313
|
+
} catch {
|
|
314
|
+
errors++;
|
|
315
|
+
// Match the empty/full result shape — `cwd` is unknowable here (we
|
|
316
|
+
// never got to scan the events that carry it), but `eventsScanned: 0`
|
|
317
|
+
// is right and keeps the aggregator's `t.eventsScanned ?? 0` shape
|
|
318
|
+
// explicit. cwd defaults to "" so `if (t.cwd)` skips it cleanly.
|
|
319
|
+
return {
|
|
320
|
+
transcriptPath: meta.transcriptPath,
|
|
321
|
+
cli: meta.cli,
|
|
322
|
+
projectName: meta.projectName,
|
|
323
|
+
cwd: "",
|
|
324
|
+
sessionId: meta.sessionId,
|
|
325
|
+
mtimeMs: meta.mtimeMs,
|
|
326
|
+
sizeBytes: meta.sizeBytes,
|
|
327
|
+
eventsScanned: 0,
|
|
328
|
+
hitsByName: {},
|
|
329
|
+
examplesByName: {},
|
|
330
|
+
rangeByName: {},
|
|
331
|
+
};
|
|
332
|
+
}
|
|
333
|
+
});
|
|
334
|
+
|
|
335
|
+
const settled = await batchAll(tasks, TRANSCRIPT_CONCURRENCY);
|
|
336
|
+
const perTranscript: TranscriptAuditResult[] = [];
|
|
337
|
+
for (const s of settled) {
|
|
338
|
+
if (s.status === "fulfilled") perTranscript.push(s.value);
|
|
339
|
+
else skipped++;
|
|
340
|
+
}
|
|
341
|
+
|
|
342
|
+
// 3. Aggregate.
|
|
343
|
+
let results = aggregateResults(perTranscript, enabledBuiltins);
|
|
344
|
+
if (opts.policies?.length) {
|
|
345
|
+
const wanted = new Set(opts.policies.map(shortPolicyName));
|
|
346
|
+
results = results.filter((r) => wanted.has(shortPolicyName(r.name)));
|
|
347
|
+
}
|
|
348
|
+
|
|
349
|
+
const totalsHits = results.reduce((sum, r) => sum + r.hits, 0);
|
|
350
|
+
const projectsWithHits = new Set<string>();
|
|
351
|
+
const projectsScannedSet = new Set<string>();
|
|
352
|
+
let eventsScanned = 0;
|
|
353
|
+
for (const t of perTranscript) {
|
|
354
|
+
if (Object.keys(t.hitsByName).length > 0) projectsWithHits.add(t.projectName);
|
|
355
|
+
if (t.cwd) projectsScannedSet.add(t.cwd);
|
|
356
|
+
eventsScanned += t.eventsScanned ?? 0;
|
|
357
|
+
}
|
|
358
|
+
|
|
359
|
+
const auditResult: AuditResult = {
|
|
360
|
+
version: 2,
|
|
361
|
+
scannedAt: new Date(startedAt).toISOString(),
|
|
362
|
+
scope: {
|
|
363
|
+
cli: clis,
|
|
364
|
+
projects: opts.projects ?? "all",
|
|
365
|
+
since: opts.since ?? null,
|
|
366
|
+
},
|
|
367
|
+
transcripts: {
|
|
368
|
+
scanned: allTranscripts.length,
|
|
369
|
+
skipped,
|
|
370
|
+
errors,
|
|
371
|
+
durationMs: Date.now() - startedAt,
|
|
372
|
+
},
|
|
373
|
+
results,
|
|
374
|
+
totals: {
|
|
375
|
+
hits: totalsHits,
|
|
376
|
+
projectsWithHits: projectsWithHits.size,
|
|
377
|
+
},
|
|
378
|
+
projectsScanned: [...projectsScannedSet].sort(),
|
|
379
|
+
eventsScanned,
|
|
380
|
+
// Pull short names off the user's enabled builtin set so the dashboard
|
|
381
|
+
// can answer "is policy X enabled?" without iterating result rows.
|
|
382
|
+
enabledBuiltinNames: [...enabledBuiltins]
|
|
383
|
+
.map((n) => (n.includes("/") ? n.slice(n.indexOf("/") + 1) : n)),
|
|
384
|
+
};
|
|
385
|
+
|
|
386
|
+
return auditResult;
|
|
387
|
+
}
|