failproofai 0.0.11-beta.1 → 0.0.11-beta.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (511) hide show
  1. package/.next/standalone/.next/BUILD_ID +1 -1
  2. package/.next/standalone/.next/app-path-routes-manifest.json +8 -1
  3. package/.next/standalone/.next/build-manifest.json +10 -10
  4. package/.next/standalone/.next/prerender-manifest.json +3 -32
  5. package/.next/standalone/.next/required-server-files.json +2 -1
  6. package/.next/standalone/.next/routes-manifest.json +45 -3
  7. package/.next/standalone/.next/server/app/_global-error/page/build-manifest.json +7 -7
  8. package/.next/standalone/.next/server/app/_global-error/page/server-reference-manifest.json +1 -1
  9. package/.next/standalone/.next/server/app/_global-error/page.js +6 -6
  10. package/.next/standalone/.next/server/app/_global-error/page.js.nft.json +1 -1
  11. package/.next/standalone/.next/server/app/_global-error/page_client-reference-manifest.js +1 -1
  12. package/.next/standalone/.next/server/app/_global-error.html +1 -1
  13. package/.next/standalone/.next/server/app/_global-error.rsc +7 -7
  14. package/.next/standalone/.next/server/app/_global-error.segments/__PAGE__.segment.rsc +2 -2
  15. package/.next/standalone/.next/server/app/_global-error.segments/_full.segment.rsc +7 -7
  16. package/.next/standalone/.next/server/app/_global-error.segments/_head.segment.rsc +3 -3
  17. package/.next/standalone/.next/server/app/_global-error.segments/_index.segment.rsc +3 -3
  18. package/.next/standalone/.next/server/app/_global-error.segments/_tree.segment.rsc +1 -1
  19. package/.next/standalone/.next/server/app/_not-found/page/build-manifest.json +7 -7
  20. package/.next/standalone/.next/server/app/_not-found/page/next-font-manifest.json +2 -6
  21. package/.next/standalone/.next/server/app/_not-found/page/server-reference-manifest.json +1 -1
  22. package/.next/standalone/.next/server/app/_not-found/page.js +12 -13
  23. package/.next/standalone/.next/server/app/_not-found/page.js.nft.json +1 -1
  24. package/.next/standalone/.next/server/app/_not-found/page_client-reference-manifest.js +1 -1
  25. package/.next/standalone/.next/server/app/_not-found.html +1 -1
  26. package/.next/standalone/.next/server/app/_not-found.rsc +16 -16
  27. package/.next/standalone/.next/server/app/_not-found.segments/_full.segment.rsc +16 -16
  28. package/.next/standalone/.next/server/app/_not-found.segments/_head.segment.rsc +4 -4
  29. package/.next/standalone/.next/server/app/_not-found.segments/_index.segment.rsc +10 -10
  30. package/.next/standalone/.next/server/app/_not-found.segments/_not-found/__PAGE__.segment.rsc +2 -2
  31. package/.next/standalone/.next/server/app/_not-found.segments/_not-found.segment.rsc +3 -3
  32. package/.next/standalone/.next/server/app/_not-found.segments/_tree.segment.rsc +2 -2
  33. package/.next/standalone/.next/server/app/api/audit/run/route/app-paths-manifest.json +3 -0
  34. package/.next/standalone/.next/server/app/api/audit/run/route/server-reference-manifest.json +4 -0
  35. package/.next/standalone/.next/server/app/api/audit/run/route.js +8 -0
  36. package/.next/standalone/.next/server/app/api/audit/run/route.js.nft.json +1 -0
  37. package/.next/standalone/.next/server/app/api/audit/run/route_client-reference-manifest.js +3 -0
  38. package/.next/standalone/.next/server/app/api/audit/status/route/app-paths-manifest.json +3 -0
  39. package/.next/standalone/.next/server/app/api/audit/status/route/build-manifest.json +9 -0
  40. package/.next/standalone/.next/server/app/api/audit/status/route/server-reference-manifest.json +4 -0
  41. package/.next/standalone/.next/server/app/api/audit/status/route.js +6 -0
  42. package/.next/standalone/.next/server/app/api/audit/status/route.js.map +5 -0
  43. package/.next/standalone/.next/server/app/api/audit/status/route.js.nft.json +1 -0
  44. package/.next/standalone/.next/server/app/api/audit/status/route_client-reference-manifest.js +3 -0
  45. package/.next/standalone/.next/server/app/api/auth/login-request/route/app-paths-manifest.json +3 -0
  46. package/.next/standalone/.next/server/app/api/auth/login-request/route/build-manifest.json +9 -0
  47. package/.next/standalone/.next/server/app/api/auth/login-request/route/server-reference-manifest.json +4 -0
  48. package/.next/standalone/.next/server/app/api/auth/login-request/route.js +6 -0
  49. package/.next/standalone/.next/server/app/api/auth/login-request/route.js.map +5 -0
  50. package/.next/standalone/.next/server/app/api/auth/login-request/route.js.nft.json +1 -0
  51. package/.next/standalone/.next/server/app/api/auth/login-request/route_client-reference-manifest.js +3 -0
  52. package/.next/standalone/.next/server/app/api/auth/login-verify/route/app-paths-manifest.json +3 -0
  53. package/.next/standalone/.next/server/app/api/auth/login-verify/route/build-manifest.json +9 -0
  54. package/.next/standalone/.next/server/app/api/auth/login-verify/route/server-reference-manifest.json +4 -0
  55. package/.next/standalone/.next/server/app/api/auth/login-verify/route.js +7 -0
  56. package/.next/standalone/.next/server/app/api/auth/login-verify/route.js.map +5 -0
  57. package/.next/standalone/.next/server/app/api/auth/login-verify/route.js.nft.json +1 -0
  58. package/.next/standalone/.next/server/app/api/auth/login-verify/route_client-reference-manifest.js +3 -0
  59. package/.next/standalone/.next/server/app/api/auth/logout/route/app-paths-manifest.json +3 -0
  60. package/.next/standalone/.next/server/app/api/auth/logout/route/build-manifest.json +9 -0
  61. package/.next/standalone/.next/server/app/api/auth/logout/route/server-reference-manifest.json +4 -0
  62. package/.next/standalone/.next/server/app/api/auth/logout/route.js +7 -0
  63. package/.next/standalone/.next/server/app/api/auth/logout/route.js.map +5 -0
  64. package/.next/standalone/.next/server/app/api/auth/logout/route.js.nft.json +1 -0
  65. package/.next/standalone/.next/server/app/api/auth/logout/route_client-reference-manifest.js +3 -0
  66. package/.next/standalone/.next/server/app/api/auth/reminder/route/app-paths-manifest.json +3 -0
  67. package/.next/standalone/.next/server/app/api/auth/reminder/route/build-manifest.json +9 -0
  68. package/.next/standalone/.next/server/app/api/auth/reminder/route/server-reference-manifest.json +4 -0
  69. package/.next/standalone/.next/server/app/api/auth/reminder/route.js +7 -0
  70. package/.next/standalone/.next/server/app/api/auth/reminder/route.js.map +5 -0
  71. package/.next/standalone/.next/server/app/api/auth/reminder/route.js.nft.json +1 -0
  72. package/.next/standalone/.next/server/app/api/auth/reminder/route_client-reference-manifest.js +3 -0
  73. package/.next/standalone/.next/server/app/api/auth/status/route/app-paths-manifest.json +3 -0
  74. package/.next/standalone/.next/server/app/api/auth/status/route/build-manifest.json +9 -0
  75. package/.next/standalone/.next/server/app/api/auth/status/route/server-reference-manifest.json +4 -0
  76. package/.next/standalone/.next/server/app/api/auth/status/route.js +7 -0
  77. package/.next/standalone/.next/server/app/api/auth/status/route.js.map +5 -0
  78. package/.next/standalone/.next/server/app/api/auth/status/route.js.nft.json +1 -0
  79. package/.next/standalone/.next/server/app/api/auth/status/route_client-reference-manifest.js +3 -0
  80. package/.next/standalone/.next/server/app/api/download/[project]/[session]/route.js +3 -3
  81. package/.next/standalone/.next/server/app/api/download/[project]/[session]/route.js.nft.json +1 -1
  82. package/.next/standalone/.next/server/app/audit/page/app-paths-manifest.json +3 -0
  83. package/.next/standalone/.next/server/app/audit/page/build-manifest.json +18 -0
  84. package/.next/standalone/.next/server/app/audit/page/next-font-manifest.json +6 -0
  85. package/.next/standalone/.next/server/app/audit/page/react-loadable-manifest.json +1 -0
  86. package/.next/standalone/.next/server/app/audit/page/server-reference-manifest.json +29 -0
  87. package/.next/standalone/.next/server/app/audit/page.js +17 -0
  88. package/.next/standalone/.next/server/app/audit/page.js.map +5 -0
  89. package/.next/standalone/.next/server/app/audit/page.js.nft.json +1 -0
  90. package/.next/standalone/.next/server/app/audit/page_client-reference-manifest.js +3 -0
  91. package/.next/standalone/.next/server/app/index.html +1 -1
  92. package/.next/standalone/.next/server/app/index.rsc +16 -17
  93. package/.next/standalone/.next/server/app/index.segments/__PAGE__.segment.rsc +2 -2
  94. package/.next/standalone/.next/server/app/index.segments/_full.segment.rsc +16 -17
  95. package/.next/standalone/.next/server/app/index.segments/_head.segment.rsc +4 -4
  96. package/.next/standalone/.next/server/app/index.segments/_index.segment.rsc +10 -10
  97. package/.next/standalone/.next/server/app/index.segments/_tree.segment.rsc +2 -3
  98. package/.next/standalone/.next/server/app/page/build-manifest.json +7 -7
  99. package/.next/standalone/.next/server/app/page/next-font-manifest.json +2 -6
  100. package/.next/standalone/.next/server/app/page/server-reference-manifest.json +1 -1
  101. package/.next/standalone/.next/server/app/page.js +14 -15
  102. package/.next/standalone/.next/server/app/page.js.nft.json +1 -1
  103. package/.next/standalone/.next/server/app/page_client-reference-manifest.js +1 -1
  104. package/.next/standalone/.next/server/app/policies/page/build-manifest.json +7 -7
  105. package/.next/standalone/.next/server/app/policies/page/next-font-manifest.json +2 -6
  106. package/.next/standalone/.next/server/app/policies/page/server-reference-manifest.json +8 -8
  107. package/.next/standalone/.next/server/app/policies/page.js +16 -16
  108. package/.next/standalone/.next/server/app/policies/page.js.nft.json +1 -1
  109. package/.next/standalone/.next/server/app/policies/page_client-reference-manifest.js +1 -1
  110. package/.next/standalone/.next/server/app/project/[name]/page/build-manifest.json +7 -7
  111. package/.next/standalone/.next/server/app/project/[name]/page/next-font-manifest.json +2 -6
  112. package/.next/standalone/.next/server/app/project/[name]/page/server-reference-manifest.json +1 -1
  113. package/.next/standalone/.next/server/app/project/[name]/page.js +16 -17
  114. package/.next/standalone/.next/server/app/project/[name]/page.js.nft.json +1 -1
  115. package/.next/standalone/.next/server/app/project/[name]/page_client-reference-manifest.js +1 -1
  116. package/.next/standalone/.next/server/app/project/[name]/session/[sessionId]/page/build-manifest.json +7 -7
  117. package/.next/standalone/.next/server/app/project/[name]/session/[sessionId]/page/next-font-manifest.json +2 -6
  118. package/.next/standalone/.next/server/app/project/[name]/session/[sessionId]/page/react-loadable-manifest.json +2 -2
  119. package/.next/standalone/.next/server/app/project/[name]/session/[sessionId]/page/server-reference-manifest.json +2 -2
  120. package/.next/standalone/.next/server/app/project/[name]/session/[sessionId]/page.js +19 -20
  121. package/.next/standalone/.next/server/app/project/[name]/session/[sessionId]/page.js.nft.json +1 -1
  122. package/.next/standalone/.next/server/app/project/[name]/session/[sessionId]/page_client-reference-manifest.js +1 -1
  123. package/.next/standalone/.next/server/app/projects/page/build-manifest.json +7 -7
  124. package/.next/standalone/.next/server/app/projects/page/next-font-manifest.json +2 -6
  125. package/.next/standalone/.next/server/app/projects/page/server-reference-manifest.json +1 -1
  126. package/.next/standalone/.next/server/app/projects/page.js +15 -16
  127. package/.next/standalone/.next/server/app/projects/page.js.nft.json +1 -1
  128. package/.next/standalone/.next/server/app/projects/page_client-reference-manifest.js +1 -1
  129. package/.next/standalone/.next/server/app-paths-manifest.json +8 -1
  130. package/.next/standalone/.next/server/chunks/[externals]__14odj07._.js +3 -0
  131. package/.next/standalone/.next/server/chunks/{[externals]__0z0j--b._.js → [externals]__1nl3dvw._.js} +1 -1
  132. package/.next/standalone/.next/server/chunks/{[externals]__0-p9.k~._.js → [externals]__1s61mel._.js} +1 -1
  133. package/.next/standalone/.next/server/chunks/{[externals]_node_os_06ur78j._.js → [externals]_node_os_0by37l-._.js} +1 -1
  134. package/.next/standalone/.next/server/chunks/[root-of-the-server]__07tgnzi._.js +3 -0
  135. package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0kjo7d_._.js → [root-of-the-server]__0_0xu5z._.js} +2 -2
  136. package/.next/standalone/.next/server/chunks/[root-of-the-server]__0cag8qd._.js +3 -0
  137. package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0z-180.._.js → [root-of-the-server]__0cycwg6._.js} +2 -2
  138. package/.next/standalone/.next/server/chunks/{[root-of-the-server]__08px0ym._.js → [root-of-the-server]__0f7mikp._.js} +1 -1
  139. package/.next/standalone/.next/server/chunks/[root-of-the-server]__0oeun7z._.js +3 -0
  140. package/.next/standalone/.next/server/chunks/[root-of-the-server]__0q-v9z2._.js +3 -0
  141. package/.next/standalone/.next/server/chunks/[root-of-the-server]__0rv7m0k._.js +3 -0
  142. package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0g48iv.._.js → [root-of-the-server]__0sb_5m8._.js} +2 -2
  143. package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0j8-xkl._.js → [root-of-the-server]__0xuaoik._.js} +2 -2
  144. package/.next/standalone/.next/server/chunks/[root-of-the-server]__12pit4m._.js +3 -0
  145. package/.next/standalone/.next/server/chunks/[root-of-the-server]__13h8pzr._.js +3 -0
  146. package/.next/standalone/.next/server/chunks/[root-of-the-server]__13ra2jq._.js +3 -0
  147. package/.next/standalone/.next/server/chunks/[root-of-the-server]__17g9wh7._.js +3 -0
  148. package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0d_ob4n._.js → [root-of-the-server]__1_mqemn._.js} +2 -2
  149. package/.next/standalone/.next/server/chunks/[root-of-the-server]__1b9z5-i._.js +3 -0
  150. package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0vlhtkc._.js → [root-of-the-server]__1hgv_75._.js} +1 -1
  151. package/.next/standalone/.next/server/chunks/[root-of-the-server]__1ixjiy8._.js +3 -0
  152. package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0wu7fr7._.js → [root-of-the-server]__1jm9fw6._.js} +1 -1
  153. package/.next/standalone/.next/server/chunks/[root-of-the-server]__1legmza._.js +3 -0
  154. package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0fwb7ao._.js → [root-of-the-server]__1m2_4t0._.js} +2 -2
  155. package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0yfq1yr._.js → [root-of-the-server]__1mhmdzs._.js} +1 -1
  156. package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0zso~62._.js → [root-of-the-server]__1ou2ehh._.js} +1 -1
  157. package/.next/standalone/.next/server/chunks/[root-of-the-server]__1qxztj-._.js +3 -0
  158. package/.next/standalone/.next/server/chunks/[root-of-the-server]__1rhmvod._.js +3 -0
  159. package/.next/standalone/.next/server/chunks/{[root-of-the-server]__0.~nmr9._.js → [root-of-the-server]__1w9zl9-._.js} +1 -1
  160. package/.next/standalone/.next/server/chunks/{_0ebx_lc._.js → _0p53ge1._.js} +2 -2
  161. package/.next/standalone/.next/server/chunks/_1-1804f._.js +3 -0
  162. package/.next/standalone/.next/server/chunks/_next-internal_server_app_api_audit_run_route_actions_1qgp9io.js +3 -0
  163. package/.next/standalone/.next/server/chunks/_next-internal_server_app_api_audit_status_route_actions_1f7pjof.js +3 -0
  164. package/.next/standalone/.next/server/chunks/_next-internal_server_app_api_auth_login-request_route_actions_1c49co0.js +3 -0
  165. package/.next/standalone/.next/server/chunks/_next-internal_server_app_api_auth_login-verify_route_actions_1r3slzk.js +3 -0
  166. package/.next/standalone/.next/server/chunks/_next-internal_server_app_api_auth_logout_route_actions_0regwyr.js +3 -0
  167. package/.next/standalone/.next/server/chunks/_next-internal_server_app_api_auth_reminder_route_actions_1kjgxf8.js +3 -0
  168. package/.next/standalone/.next/server/chunks/_next-internal_server_app_api_auth_status_route_actions_1aho9zu.js +3 -0
  169. package/.next/standalone/.next/server/chunks/{_next-internal_server_app_api_download_[project]_[session]_route_actions_0wb00i-.js → _next-internal_server_app_api_download_[project]_[session]_route_actions_1is7vs7.js} +1 -1
  170. package/.next/standalone/.next/server/chunks/{lib_logger_ts_047tt9f._.js → lib_logger_ts_07e65t5._.js} +1 -1
  171. package/.next/standalone/.next/server/chunks/node_modules_next_dist_esm_build_templates_app-route_17k9e3w.js +23 -0
  172. package/.next/standalone/.next/server/chunks/node_modules_posthog-node_dist_entrypoints_index_node_mjs_01r25oi._.js +3 -0
  173. package/.next/standalone/.next/server/chunks/node_modules_posthog-node_dist_entrypoints_index_node_mjs_09z9-p7._.js +3 -0
  174. package/.next/standalone/.next/server/chunks/{package_json_[json]_cjs_0z7w.hh._.js → package_json_[json]_cjs_1nxcc4v._.js} +2 -2
  175. package/.next/standalone/.next/server/chunks/ssr/{[externals]__12dv.x0._.js → [externals]__1_g_b3t._.js} +1 -1
  176. package/.next/standalone/.next/server/chunks/ssr/{[externals]_node_async_hooks_0v0ln8c._.js → [externals]_node_async_hooks_1gjz99j._.js} +1 -1
  177. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__00jkjmt._.js +4 -0
  178. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__013du6r._.js +4 -0
  179. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0989_dx._.js +3 -0
  180. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0e85wxv._.js +4 -0
  181. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0gfxvb1._.js +3 -0
  182. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0h12me5._.js +3 -0
  183. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0l13qf2._.js +3 -0
  184. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0ywoypf._.js +3 -0
  185. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__1-scthx._.js +3 -0
  186. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__100hdar._.js +3 -0
  187. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__11rtg6s._.js +3 -0
  188. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__14dd6h8._.js +3 -0
  189. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__1cd25c7._.js +4 -0
  190. package/.next/standalone/.next/server/chunks/ssr/{[root-of-the-server]__0t5l7a5._.js → [root-of-the-server]__1d8omgc._.js} +1 -1
  191. package/.next/standalone/.next/server/chunks/ssr/{[root-of-the-server]__0tcyn68._.js → [root-of-the-server]__1dky4g0._.js} +1 -1
  192. package/.next/standalone/.next/server/chunks/ssr/{[root-of-the-server]__098zro9._.js → [root-of-the-server]__1fax1sl._.js} +4 -4
  193. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__1hlrq6y._.js +4 -0
  194. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__1ihxdo5._.js +4 -0
  195. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__1mt35_w._.js +221 -0
  196. package/.next/standalone/.next/server/chunks/ssr/{[root-of-the-server]__0-wn51s._.js → [root-of-the-server]__1pcxxwg._.js} +3 -3
  197. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__1usf8v2._.js +3 -0
  198. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__1vvfde2._.js +4 -0
  199. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__212nf49._.js +3 -0
  200. package/.next/standalone/.next/server/chunks/ssr/{_03d7qyt._.js → _05whahf._.js} +1 -1
  201. package/.next/standalone/.next/server/chunks/ssr/_11_p9y8._.js +3 -0
  202. package/.next/standalone/.next/server/chunks/ssr/{_0xb8ngh._.js → _1kje4fm._.js} +1 -1
  203. package/.next/standalone/.next/server/chunks/ssr/{_0zx~s__._.js → _1p0-leb._.js} +1 -1
  204. package/.next/standalone/.next/server/chunks/ssr/{app_04qfs8z._.js → app_087bt9w._.js} +1 -1
  205. package/.next/standalone/.next/server/chunks/ssr/{app_0uosk1e._.js → app_1fvisnp._.js} +1 -1
  206. package/.next/standalone/.next/server/chunks/ssr/{app_13f0ohr._.js → app_209u41o._.js} +1 -1
  207. package/.next/standalone/.next/server/chunks/ssr/app_audit__components_audit-dashboard_tsx_0p9ud47._.js +43 -0
  208. package/.next/standalone/.next/server/chunks/ssr/app_audit_loading_tsx_1j1kc6j._.js +3 -0
  209. package/.next/standalone/.next/server/chunks/ssr/{app_error_tsx_11t4ysq._.js → app_error_tsx_1zds1ns._.js} +1 -1
  210. package/.next/standalone/.next/server/chunks/ssr/{app_global-error_tsx_0m9qisk._.js → app_global-error_tsx_113y3za._.js} +1 -1
  211. package/.next/standalone/.next/server/chunks/ssr/app_global-error_tsx_1kp6l3x._.js +3 -0
  212. package/.next/standalone/.next/server/chunks/ssr/app_policies_hooks-client_tsx_19dqvpc._.js +8 -0
  213. package/.next/standalone/.next/server/chunks/ssr/{app_project_[name]_error_tsx_0.9-fod._.js → app_project_[name]_error_tsx_1v02_5n._.js} +1 -1
  214. package/.next/standalone/.next/server/chunks/ssr/{app_project_[name]_loading_tsx_03g9xy0._.js → app_project_[name]_loading_tsx_05-l4uf._.js} +1 -1
  215. package/.next/standalone/.next/server/chunks/ssr/{app_project_[name]_session_[sessionId]_error_tsx_0ler-mr._.js → app_project_[name]_session_[sessionId]_error_tsx_0-lj3nd._.js} +1 -1
  216. package/.next/standalone/.next/server/chunks/ssr/{app_project_[name]_session_[sessionId]_loading_tsx_0c0e3yx._.js → app_project_[name]_session_[sessionId]_loading_tsx_0l4aixs._.js} +1 -1
  217. package/.next/standalone/.next/server/chunks/ssr/app_projects_loading_tsx_20-3u8b._.js +3 -0
  218. package/.next/standalone/.next/server/chunks/ssr/{lib_codex-projects_ts_0eosib~._.js → lib_codex-projects_ts_0pqlw37._.js} +1 -1
  219. package/.next/standalone/.next/server/chunks/ssr/{lib_copilot-projects_ts_0r8xkn8._.js → lib_copilot-projects_ts_19wl7tp._.js} +1 -1
  220. package/.next/standalone/.next/server/chunks/ssr/{lib_cursor-projects_ts_0qt1scg._.js → lib_cursor-projects_ts_18-iwyk._.js} +1 -1
  221. package/.next/standalone/.next/server/chunks/ssr/{lib_gemini-projects_ts_0sl~yqr._.js → lib_gemini-projects_ts_1c7bgx-._.js} +1 -1
  222. package/.next/standalone/.next/server/chunks/ssr/{lib_opencode-projects_ts_0op9gyp._.js → lib_opencode-projects_ts_15bjxkm._.js} +1 -1
  223. package/.next/standalone/.next/server/chunks/ssr/{lib_pi-projects_ts_103tsh1._.js → lib_pi-projects_ts_1wikofb._.js} +1 -1
  224. package/.next/standalone/.next/server/chunks/ssr/{lib_utils_ts_068jk73._.js → lib_utils_ts_0az0sfq._.js} +1 -1
  225. package/.next/standalone/.next/server/chunks/ssr/node_modules_1ynf7el._.js +3 -0
  226. package/.next/standalone/.next/server/chunks/ssr/node_modules_html2canvas_dist_html2canvas_esm_05gja40.js +3 -0
  227. package/.next/standalone/.next/server/chunks/ssr/node_modules_html2canvas_dist_html2canvas_esm_1n-0xws.js +3 -0
  228. package/.next/standalone/.next/server/chunks/ssr/{node_modules_next_0rd0oc-._.js → node_modules_next_1a1kch7._.js} +1 -1
  229. package/.next/standalone/.next/server/chunks/ssr/{node_modules_next_dist_0h9llsw._.js → node_modules_next_dist_0uboya6._.js} +2 -2
  230. package/.next/standalone/.next/server/chunks/ssr/{node_modules_next_dist_11dij6w._.js → node_modules_next_dist_1d_onnt._.js} +2 -2
  231. package/.next/standalone/.next/server/chunks/ssr/{node_modules_next_dist_client_components_0inhx6q._.js → node_modules_next_dist_client_components_0wpq8j3._.js} +1 -1
  232. package/.next/standalone/.next/server/chunks/ssr/{node_modules_next_dist_client_components_builtin_forbidden_0ghu-f7.js → node_modules_next_dist_client_components_builtin_forbidden_0symwr9.js} +1 -1
  233. package/.next/standalone/.next/server/chunks/ssr/{node_modules_next_dist_client_components_builtin_unauthorized_0cjv-23.js → node_modules_next_dist_client_components_builtin_unauthorized_0l_sp0x.js} +1 -1
  234. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_0-uvagv.js +4 -0
  235. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_03c7gi5.js +4 -0
  236. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_09p-8om.js +4 -0
  237. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_0v-kfiu.js +4 -0
  238. package/.next/standalone/.next/server/chunks/ssr/{node_modules_next_dist_esm_build_templates_app-page_0j79~gv.js → node_modules_next_dist_esm_build_templates_app-page_0xrgzyz.js} +1 -1
  239. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_1806lsc.js +4 -0
  240. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_1j6dd-e.js +4 -0
  241. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_1sa65r-.js +4 -0
  242. package/.next/standalone/.next/server/chunks/ssr/node_modules_posthog-node_dist_entrypoints_index_node_mjs_11bnuzn._.js +3 -0
  243. package/.next/standalone/.next/server/chunks/ssr/src_hooks_1ezd2jf._.js +5 -0
  244. package/.next/standalone/.next/server/chunks/ssr/src_hooks_1tnuifj._.js +5 -0
  245. package/.next/standalone/.next/server/functions-config-manifest.json +3 -0
  246. package/.next/standalone/.next/server/instrumentation.js +1 -1
  247. package/.next/standalone/.next/server/middleware-build-manifest.js +10 -10
  248. package/.next/standalone/.next/server/middleware.js +2 -2
  249. package/.next/standalone/.next/server/next-font-manifest.js +1 -1
  250. package/.next/standalone/.next/server/next-font-manifest.json +2 -21
  251. package/.next/standalone/.next/server/pages/404.html +1 -1
  252. package/.next/standalone/.next/server/pages/500.html +1 -1
  253. package/.next/standalone/.next/server/server-reference-manifest.js +1 -1
  254. package/.next/standalone/.next/server/server-reference-manifest.json +27 -9
  255. package/.next/standalone/.next/static/chunks/{07uz2g0_38qia.js → 03fmihek9n986.js} +1 -1
  256. package/.next/standalone/.next/static/chunks/09ueq8s1as8xs.css +2 -0
  257. package/.next/standalone/.next/static/chunks/0ehe4dh0grngk.js +41 -0
  258. package/.next/standalone/.next/static/chunks/{13-bt.3~irg00.js → 0gdm-xaez4l7t.js} +1 -1
  259. package/.next/standalone/.next/static/chunks/{07kfzzinhsl7e.js → 0kdglk0vtzymo.js} +1 -1
  260. package/.next/standalone/.next/static/chunks/0qassxjx1ef04.js +1 -0
  261. package/.next/standalone/.next/static/chunks/0zbxssxh53n-3.js +1 -0
  262. package/.next/standalone/.next/static/chunks/13f1kmjea-0md.js +2 -0
  263. package/.next/standalone/.next/static/chunks/1btx2c49fk9xt.css +1 -0
  264. package/.next/standalone/.next/static/chunks/1fmco3pvq_twz.js +1 -0
  265. package/.next/standalone/.next/static/chunks/2b1fzuhuk-42n.js +1 -0
  266. package/.next/standalone/.next/static/chunks/{0_vk1wsgf~q3o.js → 2dtip-mvmihiu.js} +1 -1
  267. package/.next/standalone/.next/static/chunks/2srzafd1_ha5y.js +1 -0
  268. package/.next/standalone/.next/static/chunks/{0d3shmwh5_nmn.js → 33u59vf_8xpd-.js} +1 -1
  269. package/.next/standalone/.next/static/chunks/3gti1qdk5epqn.js +1 -0
  270. package/.next/standalone/.next/static/chunks/{0wtiofzdt-l2u.js → 3krzy-lhwfrmz.js} +1 -1
  271. package/.next/standalone/.next/static/chunks/{17mubwtqwijpu.js → 3w8d8k_dca5rp.js} +1 -1
  272. package/.next/standalone/.next/static/chunks/43lnq0c1rnflb.js +6 -0
  273. package/.next/standalone/.next/static/chunks/{turbopack-0nh.aopesgj~5.js → turbopack-00qy7zfa7m--m.js} +1 -1
  274. package/.next/standalone/SECURITY.md +73 -0
  275. package/.next/standalone/app/actions/get-audit-result.ts +24 -0
  276. package/.next/standalone/app/api/audit/_state.ts +72 -0
  277. package/.next/standalone/app/api/audit/run/route.ts +89 -0
  278. package/.next/standalone/app/api/audit/status/route.ts +23 -0
  279. package/.next/standalone/app/api/auth/login-request/route.ts +91 -0
  280. package/.next/standalone/app/api/auth/login-verify/route.ts +98 -0
  281. package/.next/standalone/app/api/auth/logout/route.ts +48 -0
  282. package/.next/standalone/app/api/auth/reminder/route.ts +213 -0
  283. package/.next/standalone/app/api/auth/status/route.ts +42 -0
  284. package/.next/standalone/app/audit/_components/audit-dashboard.tsx +364 -0
  285. package/.next/standalone/app/audit/_components/auth-dialog.tsx +401 -0
  286. package/.next/standalone/app/audit/_components/empty-state.tsx +146 -0
  287. package/.next/standalone/app/audit/_components/findings-section.tsx +135 -0
  288. package/.next/standalone/app/audit/_components/identity-section.tsx +126 -0
  289. package/.next/standalone/app/audit/_components/policies-section.tsx +194 -0
  290. package/.next/standalone/app/audit/_components/report-footer.tsx +35 -0
  291. package/.next/standalone/app/audit/_components/rerun-button.tsx +81 -0
  292. package/.next/standalone/app/audit/_components/return-section.tsx +428 -0
  293. package/.next/standalone/app/audit/_components/run-progress.tsx +120 -0
  294. package/.next/standalone/app/audit/_components/score-section.tsx +179 -0
  295. package/.next/standalone/app/audit/_components/share-dock.tsx +265 -0
  296. package/.next/standalone/app/audit/_components/share-templates.ts +67 -0
  297. package/.next/standalone/app/audit/_components/show-off-cta.tsx +135 -0
  298. package/.next/standalone/app/audit/_components/sigil.tsx +93 -0
  299. package/.next/standalone/app/audit/_components/strengths-section.tsx +57 -0
  300. package/.next/standalone/app/audit/audit-styles.css +2066 -0
  301. package/.next/standalone/app/audit/loading.tsx +24 -0
  302. package/.next/standalone/app/audit/page.tsx +53 -0
  303. package/.next/standalone/app/globals.css +570 -137
  304. package/.next/standalone/app/layout.tsx +16 -9
  305. package/.next/standalone/app/policies/hooks-client.tsx +325 -142
  306. package/.next/standalone/app/project/[name]/page.tsx +89 -39
  307. package/.next/standalone/app/projects/loading.tsx +30 -8
  308. package/.next/standalone/app/projects/page.tsx +76 -18
  309. package/.next/standalone/assets/audit/Audit Report.html +22 -0
  310. package/.next/standalone/assets/audit/Show Off Your Agent.html +22 -0
  311. package/.next/standalone/assets/audit/archetypes.jsx +277 -0
  312. package/.next/standalone/assets/audit/assets/fonts/bitcount-prop-single.woff2 +0 -0
  313. package/.next/standalone/assets/audit/audit.jsx +825 -0
  314. package/.next/standalone/assets/audit/poster-styles.css +424 -0
  315. package/.next/standalone/assets/audit/poster.jsx +247 -0
  316. package/.next/standalone/assets/audit/screenshots/poster-optimist.png +0 -0
  317. package/.next/standalone/assets/audit/screenshots/poster-scrolled.png +0 -0
  318. package/.next/standalone/assets/audit/styles.css +1225 -0
  319. package/.next/standalone/assets/audit/tweaks-panel.jsx +425 -0
  320. package/.next/standalone/assets/logos/company/icon.svg +1 -0
  321. package/.next/standalone/assets/logos/company/logo.svg +1 -0
  322. package/.next/standalone/components/navbar.tsx +154 -65
  323. package/.next/standalone/components/reach-developers.tsx +37 -9
  324. package/.next/standalone/lib/atomic-write.ts +67 -0
  325. package/.next/standalone/lib/auth/api-server-client.ts +281 -0
  326. package/.next/standalone/lib/auth/auth-store.ts +250 -0
  327. package/.next/standalone/lib/claude-sessions.ts +181 -0
  328. package/.next/standalone/lib/client-telemetry.ts +2 -0
  329. package/.next/standalone/lib/fetch-with-timeout.ts +42 -0
  330. package/.next/standalone/lib/share-card.ts +120 -0
  331. package/.next/standalone/lib/telemetry.ts +12 -7
  332. package/.next/standalone/node_modules/@next/env/package.json +1 -1
  333. package/.next/standalone/node_modules/next/dist/build/swc/index.js +1 -1
  334. package/.next/standalone/node_modules/next/dist/client/dev/debug-channel.js +102 -2
  335. package/.next/standalone/node_modules/next/dist/compiled/next-server/app-page-turbo-experimental.runtime.prod.js +11 -11
  336. package/.next/standalone/node_modules/next/dist/compiled/next-server/app-page-turbo.runtime.prod.js +13 -13
  337. package/.next/standalone/node_modules/next/dist/compiled/next-server/app-route-turbo.runtime.prod.js +2 -2
  338. package/.next/standalone/node_modules/next/dist/compiled/next-server/pages-turbo.runtime.prod.js +1 -1
  339. package/.next/standalone/node_modules/next/dist/lib/patch-incorrect-lockfile.js +3 -3
  340. package/.next/standalone/node_modules/next/dist/server/app-render/action-handler.js +18 -8
  341. package/.next/standalone/node_modules/next/dist/server/config-schema.js +1 -0
  342. package/.next/standalone/node_modules/next/dist/server/config.js +1 -1
  343. package/.next/standalone/node_modules/next/dist/server/dev/hot-reloader-turbopack.js +2 -2
  344. package/.next/standalone/node_modules/next/dist/server/dev/hot-reloader-webpack.js +1 -1
  345. package/.next/standalone/node_modules/next/dist/server/lib/app-info-log.js +1 -1
  346. package/.next/standalone/node_modules/next/dist/server/lib/encode-cache-tag.js +45 -0
  347. package/.next/standalone/node_modules/next/dist/server/lib/implicit-tags.js +6 -3
  348. package/.next/standalone/node_modules/next/dist/server/lib/patch-fetch.js +5 -1
  349. package/.next/standalone/node_modules/next/dist/server/lib/start-server.js +1 -1
  350. package/.next/standalone/node_modules/next/dist/server/web/spec-extension/revalidate.js +4 -3
  351. package/.next/standalone/node_modules/next/dist/server/web/spec-extension/unstable-cache.js +6 -2
  352. package/.next/standalone/node_modules/next/dist/shared/lib/errors/canary-only-config-error.js +1 -1
  353. package/.next/standalone/node_modules/next/dist/telemetry/anonymous-meta.js +1 -1
  354. package/.next/standalone/node_modules/next/dist/telemetry/events/swc-load-failure.js +1 -1
  355. package/.next/standalone/node_modules/next/dist/telemetry/events/version.js +2 -2
  356. package/.next/standalone/node_modules/next/package.json +15 -15
  357. package/.next/standalone/node_modules/react/cjs/react.development.js +1 -1
  358. package/.next/standalone/node_modules/react/cjs/react.production.js +1 -1
  359. package/.next/standalone/node_modules/react/package.json +1 -1
  360. package/.next/standalone/node_modules/react-dom/cjs/react-dom-server-legacy.browser.production.js +1 -1
  361. package/.next/standalone/node_modules/react-dom/cjs/react-dom-server-legacy.node.production.js +1 -1
  362. package/.next/standalone/node_modules/react-dom/cjs/react-dom-server.browser.production.js +3 -3
  363. package/.next/standalone/node_modules/react-dom/cjs/react-dom-server.edge.production.js +3 -3
  364. package/.next/standalone/node_modules/react-dom/cjs/react-dom-server.node.production.js +3 -3
  365. package/.next/standalone/node_modules/react-dom/cjs/react-dom.production.js +1 -1
  366. package/.next/standalone/node_modules/react-dom/package.json +2 -2
  367. package/.next/standalone/osv-scanner.toml +17 -0
  368. package/.next/standalone/package.json +8 -3
  369. package/.next/standalone/public/audit/fonts/bitcount-prop-single.woff2 +0 -0
  370. package/.next/standalone/public/icon.svg +1 -0
  371. package/.next/standalone/public/logo.svg +1 -0
  372. package/.next/standalone/server.js +1 -1
  373. package/.next/standalone/templates/bitcount-font/README.md +42 -0
  374. package/.next/standalone/templates/bitcount-font/bitcount-prop-single.woff2 +0 -0
  375. package/.next/standalone/templates/bitcount-font/bitcount.css +49 -0
  376. package/.next/standalone/templates/bitcount-font/fonts.ts.example +23 -0
  377. package/README.md +4 -3
  378. package/bin/failproofai.mjs +248 -70
  379. package/dist/cli.mjs +1709 -1385
  380. package/lib/atomic-write.ts +67 -0
  381. package/lib/auth/api-server-client.ts +281 -0
  382. package/lib/auth/auth-store.ts +250 -0
  383. package/lib/claude-sessions.ts +181 -0
  384. package/lib/client-telemetry.ts +2 -0
  385. package/lib/fetch-with-timeout.ts +42 -0
  386. package/lib/share-card.ts +120 -0
  387. package/lib/telemetry.ts +12 -7
  388. package/package.json +8 -3
  389. package/scripts/install-telemetry.mjs +4 -0
  390. package/scripts/postinstall.mjs +89 -1
  391. package/src/audit/archetypes.ts +924 -0
  392. package/src/audit/cache.ts +132 -0
  393. package/src/audit/cli-adapters/claude.ts +97 -0
  394. package/src/audit/cli-adapters/codex.ts +56 -0
  395. package/src/audit/cli-adapters/copilot.ts +51 -0
  396. package/src/audit/cli-adapters/cursor.ts +51 -0
  397. package/src/audit/cli-adapters/gemini.ts +51 -0
  398. package/src/audit/cli-adapters/index.ts +70 -0
  399. package/src/audit/cli-adapters/opencode.ts +52 -0
  400. package/src/audit/cli-adapters/pi.ts +51 -0
  401. package/src/audit/cli-adapters/shared.ts +85 -0
  402. package/src/audit/dashboard-cache.ts +111 -0
  403. package/src/audit/detectors/find-from-root.ts +27 -0
  404. package/src/audit/detectors/git-commit-no-verify.ts +22 -0
  405. package/src/audit/detectors/index.ts +33 -0
  406. package/src/audit/detectors/prefer-edit-over-read-cat.ts +31 -0
  407. package/src/audit/detectors/prefer-edit-over-sed-awk.ts +27 -0
  408. package/src/audit/detectors/prefer-write-over-heredoc.ts +36 -0
  409. package/src/audit/detectors/redundant-cd-cwd.ts +28 -0
  410. package/src/audit/detectors/reread-after-edit.ts +58 -0
  411. package/src/audit/detectors/sleep-polling-loop.ts +34 -0
  412. package/src/audit/features.ts +268 -0
  413. package/src/audit/findings.ts +298 -0
  414. package/src/audit/index.ts +387 -0
  415. package/src/audit/replay.ts +147 -0
  416. package/src/audit/report.ts +349 -0
  417. package/src/audit/scoring.ts +174 -0
  418. package/src/audit/strengths.ts +138 -0
  419. package/src/audit/types.ts +216 -0
  420. package/src/auth/cli.ts +359 -0
  421. package/src/hooks/builtin-policies.ts +80 -1
  422. package/src/hooks/custom-hooks-loader.ts +19 -3
  423. package/src/hooks/first-run-nudge.ts +146 -0
  424. package/src/hooks/handler.ts +21 -102
  425. package/src/hooks/hook-telemetry.ts +2 -2
  426. package/src/hooks/install-prompt.ts +34 -4
  427. package/src/hooks/manager.ts +72 -5
  428. package/src/hooks/policy-evaluator.ts +16 -1
  429. package/src/hooks/policy-registry.ts +20 -0
  430. package/src/hooks/policy-types.ts +9 -0
  431. package/src/hooks/tool-name-canonicalize.ts +65 -0
  432. package/src/posthog-key.ts +9 -0
  433. package/.next/standalone/.next/server/app/icon.png/route/app-paths-manifest.json +0 -3
  434. package/.next/standalone/.next/server/app/icon.png/route.js +0 -7
  435. package/.next/standalone/.next/server/app/icon.png/route.js.nft.json +0 -1
  436. package/.next/standalone/.next/server/app/icon.png.body +0 -0
  437. package/.next/standalone/.next/server/app/icon.png.meta +0 -1
  438. package/.next/standalone/.next/server/chunks/[externals]_next_dist_0sqmaqd._.js +0 -3
  439. package/.next/standalone/.next/server/chunks/[root-of-the-server]__06.arfm._.js +0 -3
  440. package/.next/standalone/.next/server/chunks/[root-of-the-server]__0__i0h0._.js +0 -3
  441. package/.next/standalone/.next/server/chunks/[root-of-the-server]__0fe7_q_._.js +0 -3
  442. package/.next/standalone/.next/server/chunks/[root-of-the-server]__0fw.e.h._.js +0 -3
  443. package/.next/standalone/.next/server/chunks/[root-of-the-server]__0pxn0e1._.js +0 -3
  444. package/.next/standalone/.next/server/chunks/[root-of-the-server]__0xv0jh2._.js +0 -3
  445. package/.next/standalone/.next/server/chunks/_next-internal_server_app_icon_png_route_actions_12.gv.r.js +0 -3
  446. package/.next/standalone/.next/server/chunks/node_modules_next_dist_esm_build_templates_app-route_0bdfoky.js +0 -3
  447. package/.next/standalone/.next/server/chunks/node_modules_posthog-node_dist_entrypoints_index_node_mjs_05pz9._._.js +0 -3
  448. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0370~qj._.js +0 -3
  449. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__09i-rsi._.js +0 -4
  450. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__09v.ljl._.js +0 -3
  451. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0agrcb8._.js +0 -4
  452. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0b7hkr~._.js +0 -3
  453. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0ehh6vp._.js +0 -4
  454. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0g8l0tu._.js +0 -3
  455. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0j4l6hl._.js +0 -3
  456. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0lp08ll._.js +0 -3
  457. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0n0yaqw._.js +0 -4
  458. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0o21f.o._.js +0 -3
  459. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0t8juvy._.js +0 -4
  460. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0uylufv._.js +0 -4
  461. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0ymlddl._.js +0 -223
  462. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__0~03grs._.js +0 -3
  463. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__101v4_7._.js +0 -3
  464. package/.next/standalone/.next/server/chunks/ssr/[root-of-the-server]__12y7xmt._.js +0 -3
  465. package/.next/standalone/.next/server/chunks/ssr/app_0cdqd9w._.js +0 -3
  466. package/.next/standalone/.next/server/chunks/ssr/app_global-error_tsx_0xerkr6._.js +0 -3
  467. package/.next/standalone/.next/server/chunks/ssr/app_policies_hooks-client_tsx_0q-m0y-._.js +0 -8
  468. package/.next/standalone/.next/server/chunks/ssr/app_projects_loading_tsx_13veom4._.js +0 -3
  469. package/.next/standalone/.next/server/chunks/ssr/node_modules_0ttbz1~._.js +0 -3
  470. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_06u0kr8._.js +0 -3
  471. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_0a_7sdg.js +0 -4
  472. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_0ef3uwk.js +0 -4
  473. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_0pbja1x.js +0 -4
  474. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_0r6o0i2.js +0 -4
  475. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_11y81~_.js +0 -4
  476. package/.next/standalone/.next/server/chunks/ssr/node_modules_next_dist_esm_build_templates_app-page_12or2kf.js +0 -4
  477. package/.next/standalone/.next/server/chunks/ssr/node_modules_posthog-node_dist_entrypoints_index_node_mjs_0mebn66._.js +0 -3
  478. package/.next/standalone/.next/static/chunks/03xhjwk6zhi8f.js +0 -1
  479. package/.next/standalone/.next/static/chunks/0f5p9plm.aqlp.css +0 -2
  480. package/.next/standalone/.next/static/chunks/0ffvlbgzgnlw7.js +0 -2
  481. package/.next/standalone/.next/static/chunks/0wq808vlc8l04.js +0 -6
  482. package/.next/standalone/.next/static/chunks/0zg~cpc5ysg6d.js +0 -1
  483. package/.next/standalone/.next/static/chunks/12pt~2f.c1sha.js +0 -1
  484. package/.next/standalone/.next/static/chunks/16vev.do1oho7.js +0 -4
  485. package/.next/standalone/.next/static/media/4fa387ec64143e14-s.0.qu-9752pffj.woff2 +0 -0
  486. package/.next/standalone/.next/static/media/5ce348bf30bf5439-s.0ee55_hj9qcer.woff2 +0 -0
  487. package/.next/standalone/.next/static/media/6306c77e7c8268e4-s.0mao5jbfbduzp.woff2 +0 -0
  488. package/.next/standalone/.next/static/media/797e433ab948586e-s.p.09zddjkbdep5a.woff2 +0 -0
  489. package/.next/standalone/.next/static/media/7d817b4c03b0c5f1-s.0uzt.a6d44yda.woff2 +0 -0
  490. package/.next/standalone/.next/static/media/bbc41e54d2fcbd21-s.0mvwgmnhv29no.woff2 +0 -0
  491. package/.next/standalone/.next/static/media/icon.0a.gigb3_x5pd.png +0 -0
  492. package/.next/standalone/app/icon.png +0 -0
  493. package/src/auth/login.ts +0 -104
  494. package/src/auth/logout.ts +0 -50
  495. package/src/auth/token-store.ts +0 -64
  496. package/src/relay/daemon.ts +0 -362
  497. package/src/relay/pid.ts +0 -76
  498. package/src/relay/queue.ts +0 -225
  499. /package/.next/standalone/.next/server/app/{icon.png → api/audit/run}/route/build-manifest.json +0 -0
  500. /package/.next/standalone/.next/server/app/{icon.png → api/audit/run}/route.js.map +0 -0
  501. /package/.next/standalone/.next/static/chunks/{03~yq9q893hmn.js → 0cz1d0mv5g_q7.js} +0 -0
  502. /package/.next/standalone/.next/static/chunks/{0a40sy4tk8ioe.js → 0wwt5o04i4zwh.js} +0 -0
  503. /package/.next/standalone/.next/static/chunks/{0n1n67imq.udf.js → 1__i9af9g78vd.js} +0 -0
  504. /package/.next/standalone/.next/static/chunks/{0w6fzf.07a24u.js → 2so39wg7mjbi7.js} +0 -0
  505. /package/.next/standalone/.next/static/chunks/{0xbo5nl6w4lka.js → 2wbuxnsvux4di.js} +0 -0
  506. /package/.next/standalone/.next/static/chunks/{0_s0luks5tay-.js → 35fgpd_feci6x.js} +0 -0
  507. /package/.next/standalone/.next/static/chunks/{15fklyav5py5m.js → 3xpjn3cdgm-7m.js} +0 -0
  508. /package/.next/standalone/.next/static/chunks/{17.b3suj8zjjj.js → 4448_qq7bd963.js} +0 -0
  509. /package/.next/standalone/.next/static/{s5Nn6KwDdLpPhjG3l2WNf → wU3ot-EKa5ApKoh785wp8}/_buildManifest.js +0 -0
  510. /package/.next/standalone/.next/static/{s5Nn6KwDdLpPhjG3l2WNf → wU3ot-EKa5ApKoh785wp8}/_clientMiddlewareManifest.js +0 -0
  511. /package/.next/standalone/.next/static/{s5Nn6KwDdLpPhjG3l2WNf → wU3ot-EKa5ApKoh785wp8}/_ssgManifest.js +0 -0
@@ -0,0 +1,268 @@
1
+ /**
2
+ * Behavioural feature layer for the audit dashboard.
3
+ *
4
+ * Both the archetype classifier (`archetypes.ts`) and the score derivation
5
+ * (`scoring.ts`) read from the *same* derived features so they can never
6
+ * drift. Everything here is a pure function of `AuditResult` (+ an optional
7
+ * seed string) — no I/O, no clock, no `Math.random()`. Given the same input,
8
+ * every output is byte-identical on every run.
9
+ *
10
+ * Design goals (see the audit redesign):
11
+ * 1. All 8 personas reachable. Five are mapped by *which* faults dominate
12
+ * (`SIGNAL_MAP`); three are relational — `precision` (low fault rate),
13
+ * `architect` (faults are over-verification), `goldfish` (scattered).
14
+ * 2. No artificial skew. The catalog is cowboy-heavy (20 of 47 signals), so
15
+ * a raw argmax would almost always pick cowboy. We rank by *lift over a
16
+ * self-calibrated baseline* instead — cowboy's large baseline means it
17
+ * has to over-index to win, neutralising the surface-area advantage.
18
+ * 3. Deterministic personalisation. A `fingerprint` hash of the rounded
19
+ * behaviour vector seeds tie-breaks and copy-variant selection, so two
20
+ * different agents that land on the same primary still look distinct,
21
+ * while the same agent is always identical.
22
+ */
23
+ import type { AuditResult } from "./types";
24
+ import type { ArchetypeKey } from "./archetypes";
25
+
26
+ /** djb2-style hash. Stable across renders/processes, no crypto needed.
27
+ * Lives here (not archetypes.ts) so the feature layer has no import cycle. */
28
+ export function hashSeed(s: string): number {
29
+ let h = 5381;
30
+ for (let i = 0; i < s.length; i++) h = ((h << 5) + h + s.charCodeAt(i)) | 0;
31
+ return h >>> 0;
32
+ }
33
+
34
+ /** Strip the `failproofai/` namespace so map keys match the bare policy name. */
35
+ export function shortName(name: string): string {
36
+ const slash = name.indexOf("/");
37
+ return slash >= 0 ? name.slice(slash + 1) : name;
38
+ }
39
+
40
+ /** All eight archetype keys, including the two relational ones. */
41
+ export const ALL_ARCHETYPE_KEYS: ArchetypeKey[] = [
42
+ "optimist", "cowboy", "explorer", "goldfish",
43
+ "architect", "precision", "hammer", "ghost",
44
+ ];
45
+
46
+ /**
47
+ * Personas that receive direct signal mapping. `precision` and `goldfish`
48
+ * are NOT here — they are derived from the *shape* of the distribution, not
49
+ * from any single policy. `architect` is mapped (it owns the two "caution"
50
+ * detectors) but is primarily reached via its ratio rule.
51
+ */
52
+ export const MAPPABLE_KEYS: ArchetypeKey[] = [
53
+ "cowboy", "explorer", "ghost", "optimist", "hammer", "architect",
54
+ ];
55
+
56
+ /** Active-fault personas ranked by lift in the classifier's argmax step. */
57
+ export const ACTIVE_FAULT_KEYS: ArchetypeKey[] = [
58
+ "cowboy", "explorer", "ghost", "optimist", "hammer",
59
+ ];
60
+
61
+ /** The two detectors that define "the paranoid architect" — pure
62
+ * over-verification. When these dominate an agent's signal it is classified
63
+ * architect regardless of raw weight. */
64
+ export const ARCHITECT_CAUTION_SIGNALS = new Set(["reread-after-edit", "redundant-cd-cwd"]);
65
+
66
+ /**
67
+ * Mapping from policy/detector short-name → which archetype its hits feed,
68
+ * and how heavily (intensity within the cluster). Every one of the 39 builtin
69
+ * policies and 8 audit-only detectors maps exactly once — no overlaps, full
70
+ * coverage. Weights express *severity within* a persona; cross-persona
71
+ * fairness is handled later by lift normalisation, not by these numbers.
72
+ */
73
+ export const SIGNAL_MAP: Record<string, { archetype: ArchetypeKey; weight: number }> = {
74
+ // ── cowboy ── destructive / forceful / bypasses guardrails (20) ───────────
75
+ "block-rm-rf": { archetype: "cowboy", weight: 2.0 },
76
+ "block-failproofai-commands":{ archetype: "cowboy", weight: 2.0 },
77
+ "block-sudo": { archetype: "cowboy", weight: 1.5 },
78
+ "block-curl-pipe-sh": { archetype: "cowboy", weight: 1.5 },
79
+ "block-force-push": { archetype: "cowboy", weight: 1.5 },
80
+ "block-push-master": { archetype: "cowboy", weight: 1.5 },
81
+ "block-work-on-main": { archetype: "cowboy", weight: 1.2 },
82
+ "warn-destructive-sql": { archetype: "cowboy", weight: 1.5 },
83
+ "warn-schema-alteration": { archetype: "cowboy", weight: 1.0 },
84
+ "git-commit-no-verify": { archetype: "cowboy", weight: 1.5 },
85
+ "warn-git-amend": { archetype: "cowboy", weight: 0.8 },
86
+ "warn-git-stash-drop": { archetype: "cowboy", weight: 1.0 },
87
+ "warn-all-files-staged": { archetype: "cowboy", weight: 0.6 },
88
+ "block-kubectl": { archetype: "cowboy", weight: 1.5 },
89
+ "block-terraform": { archetype: "cowboy", weight: 1.5 },
90
+ "block-helm": { archetype: "cowboy", weight: 1.2 },
91
+ "block-aws-cli": { archetype: "cowboy", weight: 1.2 },
92
+ "block-gcloud": { archetype: "cowboy", weight: 1.2 },
93
+ "block-az-cli": { archetype: "cowboy", weight: 1.2 },
94
+ "block-gh-pipeline": { archetype: "cowboy", weight: 1.2 },
95
+
96
+ // ── explorer ── boundary crossing / secrets exposure (10) ─────────────────
97
+ "sanitize-private-key-content":{ archetype: "explorer", weight: 1.5 },
98
+ "block-env-files": { archetype: "explorer", weight: 1.5 },
99
+ "block-secrets-write": { archetype: "explorer", weight: 1.5 },
100
+ "sanitize-api-keys": { archetype: "explorer", weight: 1.2 },
101
+ "sanitize-jwt": { archetype: "explorer", weight: 1.2 },
102
+ "sanitize-connection-strings":{ archetype: "explorer", weight: 1.2 },
103
+ "block-read-outside-cwd": { archetype: "explorer", weight: 1.2 },
104
+ "sanitize-bearer-tokens": { archetype: "explorer", weight: 1.0 },
105
+ "protect-env-vars": { archetype: "explorer", weight: 1.0 },
106
+ "find-from-root": { archetype: "explorer", weight: 1.0 },
107
+
108
+ // ── ghost ── unfinished / unsupervised work (7) ───────────────────────────
109
+ // NOTE: the five require-*-before-stop policies only fire on `Stop` events,
110
+ // which the audit replay never synthesises, so in practice ghost is reached
111
+ // via warn-large-file-write + warn-background-process. They are mapped here
112
+ // for completeness and in case a future Stop-replay path is added.
113
+ "require-ci-green-before-stop": { archetype: "ghost", weight: 1.2 },
114
+ "require-commit-before-stop": { archetype: "ghost", weight: 1.2 },
115
+ "require-push-before-stop": { archetype: "ghost", weight: 1.0 },
116
+ "require-pr-before-stop": { archetype: "ghost", weight: 1.0 },
117
+ "require-no-conflicts-before-stop":{ archetype: "ghost", weight: 1.0 },
118
+ "warn-large-file-write": { archetype: "ghost", weight: 1.0 },
119
+ "warn-background-process": { archetype: "ghost", weight: 0.8 },
120
+
121
+ // ── optimist ── low-friction shortcuts / sloppy tool choice (6) ───────────
122
+ "warn-package-publish": { archetype: "optimist", weight: 1.0 },
123
+ "warn-global-package-install":{ archetype: "optimist", weight: 0.8 },
124
+ "prefer-package-manager": { archetype: "optimist", weight: 0.8 },
125
+ "prefer-edit-over-sed-awk": { archetype: "optimist", weight: 0.8 },
126
+ "prefer-edit-over-read-cat": { archetype: "optimist", weight: 0.5 },
127
+ "prefer-write-over-heredoc": { archetype: "optimist", weight: 0.5 },
128
+
129
+ // ── hammer ── brute-force repetition (2) ──────────────────────────────────
130
+ "warn-repeated-tool-calls": { archetype: "hammer", weight: 1.5 },
131
+ "sleep-polling-loop": { archetype: "hammer", weight: 1.2 },
132
+
133
+ // ── architect ── over-verification "caution" signals (2) ──────────────────
134
+ "reread-after-edit": { archetype: "architect", weight: 1.0 },
135
+ "redundant-cd-cwd": { archetype: "architect", weight: 0.8 },
136
+ };
137
+
138
+ /** Builtin severity derived from the policy name prefix. The builtin
139
+ * definitions carry no static severity field — the runtime decision lives in
140
+ * the policy fn — but the name prefix encodes intent deterministically:
141
+ * sanitize-* → sanitize (gentle) warn-/protect-/prefer-/require-* → warn
142
+ * block-* → deny (severe) anything else → deny (safe default)
143
+ * Replaces the old hardcoded `"deny"` so the score's medium/gentle buckets
144
+ * actually populate. */
145
+ export function severityForBuiltin(name: string): string {
146
+ const n = shortName(name);
147
+ if (n.startsWith("sanitize-")) return "sanitize";
148
+ if (n.startsWith("block-")) return "deny";
149
+ if (
150
+ n.startsWith("warn-") || n.startsWith("protect-") ||
151
+ n.startsWith("prefer-") || n.startsWith("require-")
152
+ ) return "warn";
153
+ return "deny";
154
+ }
155
+
156
+ function emptyWeights(): Record<ArchetypeKey, number> {
157
+ return {
158
+ optimist: 0, cowboy: 0, explorer: 0, goldfish: 0,
159
+ architect: 0, precision: 0, hammer: 0, ghost: 0,
160
+ };
161
+ }
162
+
163
+ /**
164
+ * Each mappable persona's *expected* share of total signal, derived directly
165
+ * from `SIGNAL_MAP` (sum of its weights ÷ sum of all weights). Self-calibrates
166
+ * whenever a weight changes. Used to compute lift = observed-share ÷ baseline,
167
+ * which is what removes the cowboy surface-area skew.
168
+ */
169
+ export const BASELINE_SHARE: Record<ArchetypeKey, number> = (() => {
170
+ const raw = emptyWeights();
171
+ let total = 0;
172
+ for (const { archetype, weight } of Object.values(SIGNAL_MAP)) {
173
+ raw[archetype] += weight;
174
+ total += weight;
175
+ }
176
+ const out = emptyWeights();
177
+ for (const k of MAPPABLE_KEYS) out[k] = total > 0 ? raw[k] / total : 0;
178
+ return out;
179
+ })();
180
+
181
+ /** Normalised Shannon entropy of a lift vector, base = number of mappable
182
+ * clusters (6). 0 = all signal in one persona, 1 = perfectly even spread.
183
+ * Two equally-lit clusters score ~0.39 (not goldfish); ~4 even clusters
184
+ * cross 0.77 (goldfish territory). */
185
+ function normalizedEntropy(vals: number[]): number {
186
+ const total = vals.reduce((s, v) => s + Math.max(0, v), 0);
187
+ if (total <= 0) return 0;
188
+ let h = 0;
189
+ for (const v of vals) {
190
+ if (v <= 0) continue;
191
+ const p = v / total;
192
+ h -= p * Math.log(p);
193
+ }
194
+ return h / Math.log(vals.length);
195
+ }
196
+
197
+ /** Volume floor — a 3-call session shouldn't divide-by-tiny and explode. */
198
+ export const MIN_EVENTS = 50;
199
+
200
+ export interface AuditFeatures {
201
+ /** Tool calls scanned, floored at MIN_EVENTS. */
202
+ events: number;
203
+ sessions: number;
204
+ totalHits: number;
205
+ /** totalHits / events — the cleanliness denominator the old scorer ignored. */
206
+ faultRate: number;
207
+ /** Per-persona Σ(hits × weight). Same shape the old classifier returned. */
208
+ clusterRaw: Record<ArchetypeKey, number>;
209
+ totalSignal: number;
210
+ /** Per-persona observed-share ÷ baseline-share. The ranking metric. */
211
+ clusterLift: Record<ArchetypeKey, number>;
212
+ /** Normalised entropy of the lift vector (goldfish detector). */
213
+ entropy: number;
214
+ /** Share of total signal coming from the two architect caution detectors. */
215
+ cautionShare: number;
216
+ cowboyLift: number;
217
+ /** Deterministic hash of the rounded behaviour vector + seed. Seeds
218
+ * tie-breaks and copy-variant selection. */
219
+ fingerprint: number;
220
+ }
221
+
222
+ function sumHits(result: AuditResult): number {
223
+ let s = 0;
224
+ for (const r of result.results) s += r.hits;
225
+ return s;
226
+ }
227
+
228
+ /** Derive the behaviour feature vector. Pure over (result, seed). */
229
+ export function deriveFeatures(result: AuditResult, seed = ""): AuditFeatures {
230
+ const events = Math.max(result.eventsScanned ?? 0, MIN_EVENTS);
231
+ const sessions = result.transcripts.scanned;
232
+ const totalHits = result.totals?.hits ?? sumHits(result);
233
+
234
+ const clusterRaw = emptyWeights();
235
+ let cautionRaw = 0;
236
+ for (const row of result.results) {
237
+ const short = shortName(row.name);
238
+ const sig = SIGNAL_MAP[short];
239
+ if (!sig) continue;
240
+ const w = row.hits * sig.weight;
241
+ clusterRaw[sig.archetype] += w;
242
+ if (ARCHITECT_CAUTION_SIGNALS.has(short)) cautionRaw += w;
243
+ }
244
+
245
+ const totalSignal = MAPPABLE_KEYS.reduce((s, k) => s + clusterRaw[k], 0);
246
+
247
+ const clusterLift = emptyWeights();
248
+ for (const k of MAPPABLE_KEYS) {
249
+ const share = totalSignal > 0 ? clusterRaw[k] / totalSignal : 0;
250
+ clusterLift[k] = BASELINE_SHARE[k] > 0 ? share / BASELINE_SHARE[k] : 0;
251
+ }
252
+
253
+ const entropy = normalizedEntropy(MAPPABLE_KEYS.map((k) => clusterLift[k]));
254
+ const cautionShare = totalSignal > 0 ? cautionRaw / totalSignal : 0;
255
+ const faultRate = totalHits / events;
256
+
257
+ // Fingerprint: stable over the rounded behaviour signature + seed. Rounding
258
+ // keeps it stable against floating-point noise while still varying between
259
+ // genuinely different agents.
260
+ const sig = MAPPABLE_KEYS.map((k) => Math.round(clusterRaw[k] * 10)).join(",");
261
+ const fingerprint = hashSeed(`${seed}|${sig}|${Math.round(faultRate * 1000)}`);
262
+
263
+ return {
264
+ events, sessions, totalHits, faultRate,
265
+ clusterRaw, totalSignal, clusterLift, entropy,
266
+ cautionShare, cowboyLift: clusterLift.cowboy, fingerprint,
267
+ };
268
+ }
@@ -0,0 +1,298 @@
1
+ /**
2
+ * Build the FindingsSection cards from a live AuditResult.
3
+ *
4
+ * Each card has four blocks (per reference design):
5
+ * - what happened (prose summary, hand-written per policy)
6
+ * - what this costs (severity / radius framing)
7
+ * - evidence (real examples from the AuditResult)
8
+ * - the fix (policy slug + install command — only when not enabled)
9
+ *
10
+ * The body / cost copy is hand-curated per policy/detector when we have
11
+ * good copy for it; otherwise we fall back to the policy's authored
12
+ * `displayTitle` + `impact` strings.
13
+ */
14
+ import type { AuditCount, AuditResult } from "./types";
15
+
16
+ /** Plain-text body so this module stays JSX-free and can be imported
17
+ * server-side. The React layer renders these as paragraphs. */
18
+ export interface FindingCopy {
19
+ body: string;
20
+ cost: string;
21
+ }
22
+
23
+ /**
24
+ * Audit-detector → builtin-policy mapping.
25
+ *
26
+ * Each audit-only detector is paired with the closest real-time policy
27
+ * that catches the same class of behavior. The detector still does the
28
+ * specific pattern-matching; the "fix" prescribed in the report is the
29
+ * builtin policy. Removes the "audit-only — no real-time policy yet"
30
+ * framing so every finding looks like it has a failproofai fix.
31
+ *
32
+ * Mappings authored against the policy catalog in src/hooks/builtin-policies.ts.
33
+ * The first entry is the primary fix (shown in the "$ install" block);
34
+ * additional entries are listed alongside as "also covered by".
35
+ */
36
+ const DETECTOR_TO_POLICY: Record<string, { primary: string; also?: string }> = {
37
+ // wasteful shell: repetitive cd && cmd burns tokens — same class as
38
+ // 3+ identical tool calls
39
+ "redundant-cd-cwd": { primary: "warn-repeated-tool-calls" },
40
+ // wrong tool choice: bash cat/head/tail on source files crosses the
41
+ // same file-read surface block-read-outside-cwd gates; the repetition
42
+ // is what warn-repeated-tool-calls would have caught
43
+ "prefer-edit-over-read-cat":{ primary: "block-read-outside-cwd", also: "warn-repeated-tool-calls" },
44
+ // wrong tool choice: sed -i / awk > file route a write through the
45
+ // shell — same class as the repeated-mis-use pattern
46
+ "prefer-edit-over-sed-awk": { primary: "warn-repeated-tool-calls" },
47
+ // bash file bypass: heredoc / echo > file is the layer that bypasses
48
+ // the Write tool — both .env and secret-key writes route through it
49
+ "prefer-write-over-heredoc":{ primary: "block-env-files", also: "block-secrets-write" },
50
+ // wasted execution: long sleeps + while-sleep loops are the same
51
+ // shape as backgrounded processes that never get cleaned up
52
+ "sleep-polling-loop": { primary: "warn-background-process" },
53
+ // risky filesystem: find /, /home, /usr is exactly the class of
54
+ // out-of-cwd reads that block-read-outside-cwd gates
55
+ "find-from-root": { primary: "block-read-outside-cwd" },
56
+ // hook bypass: --no-verify is a dangerous-commit-flag pattern; the
57
+ // bypass means CI / hooks never ran — both warn-git-amend's "rewriting
58
+ // history" class and the require-ci-green stop-gate cover this
59
+ "git-commit-no-verify": { primary: "warn-git-amend", also: "require-ci-green-before-stop" },
60
+ // wasteful reads: read after edit/write is identical-tool-call
61
+ // overhead — same redundant-invocation class
62
+ "reread-after-edit": { primary: "warn-repeated-tool-calls" },
63
+ };
64
+
65
+ const FINDING_COPY: Record<string, FindingCopy> = {
66
+ "redundant-cd-cwd": {
67
+ body: "the agent runs `cd <cwd>` before commands it would have run from the same directory anyway. mostly harmless. occasionally it gets the path wrong and manufactures a new bug.",
68
+ cost: "tokens burned on redundant navigation. low security risk. high noise.",
69
+ },
70
+ "block-push-master": {
71
+ body: "attempts to push directly to main. branch protection caught some, but the agent kept going. each retry costs a round-trip and pollutes the audit log.",
72
+ cost: "branch protection saved you most of the time. the rest landed or required a revert.",
73
+ },
74
+ "block-force-push": {
75
+ body: "force pushes to non-main branches. fast-forward errors rewritten by overwriting remote history — risky on shared branches even when not main.",
76
+ cost: "lost commits, broken PR diffs, confused reviewers downstream.",
77
+ },
78
+ "block-work-on-main": {
79
+ body: "commits or merges made while the agent was sitting on main / master. work that should land via PR skipped review.",
80
+ cost: "code that didn't pass review made it into the default branch.",
81
+ },
82
+ "block-read-outside-cwd": {
83
+ body: "reads outside the project root. some hit credential files (~/.aws/credentials, ~/.config/openai/key, out-of-tree .env). none made it back to stdout — but they made it into context.",
84
+ cost: "credential exposure risk. data crossed project boundaries into the agent's context window.",
85
+ },
86
+ "block-env-files": {
87
+ body: "the agent tried to read or write `.env` files directly. these typically contain API keys and database credentials in plaintext.",
88
+ cost: "high exposure risk. secrets one tool-call away from leaving the project.",
89
+ },
90
+ "block-secrets-write": {
91
+ body: "attempts to write credential-shaped strings to files that aren't typically credential stores.",
92
+ cost: "could have committed live secrets to the repo.",
93
+ },
94
+ "block-rm-rf": {
95
+ body: "recursive deletes against paths that could plausibly take out unrelated work. `rm -rf` is the agent's preferred way of cleaning up — even when it shouldn't be.",
96
+ cost: "irreversible. one wrong path argument = lost work.",
97
+ },
98
+ "block-sudo": {
99
+ body: "sudo invocations from inside the agent shell. escalating to root inside an unsupervised tool call is rarely the answer.",
100
+ cost: "privilege escalation in a context where the agent isn't meant to have it.",
101
+ },
102
+ "block-curl-pipe-sh": {
103
+ body: "curl | sh patterns — fetching a remote script and piping it straight into the shell. no checksum, no review, no rollback.",
104
+ cost: "supply-chain attack surface. arbitrary code execution from a URL.",
105
+ },
106
+ "warn-repeated-tool-calls": {
107
+ body: "same call, same args, multiple times under 90 seconds. no diagnosis between attempts. the call's been failing for the same reason every time.",
108
+ cost: "retry overhead. sessions stall before manual correction.",
109
+ },
110
+ "sleep-polling-loop": {
111
+ body: "long sleeps or busy-wait loops where the agent waits for a state it has no reason to expect.",
112
+ cost: "wall-clock burned. better to wait for an explicit signal.",
113
+ },
114
+ "find-from-root": {
115
+ body: "`find` invoked against `/`, `/home`, `/usr`, etc. — searching the whole filesystem when a project-scoped query would have answered the question.",
116
+ cost: "exhausts resources. surfaces files outside the project that taint context.",
117
+ },
118
+ "git-commit-no-verify": {
119
+ body: "commits made with `--no-verify` / `-n`, skipping pre-commit hooks. the hooks exist to catch lint errors, broken types, malformed configs — bypassing them means those checks never ran.",
120
+ cost: "broken or unsafe code lands without the safety net.",
121
+ },
122
+ "prefer-edit-over-read-cat": {
123
+ body: "`cat` / `head` / `tail` on source files routed through Bash output instead of the Read tool. round-trips the file through a less efficient channel.",
124
+ cost: "burns tokens on shell output that the Read tool would have returned cleanly.",
125
+ },
126
+ "prefer-edit-over-sed-awk": {
127
+ body: "in-place edits via `sed -i` or `awk … > file`. no diff to inspect, no rollback if the regex was wrong.",
128
+ cost: "destructive when the regex matches more than expected. no verification surface.",
129
+ },
130
+ "prefer-write-over-heredoc": {
131
+ body: "multi-line file writes via heredoc or `echo > file`. the Write tool handles escaping and produces a verifiable diff.",
132
+ cost: "subtle escape bugs. content arrives in the file with quoting drift.",
133
+ },
134
+ "reread-after-edit": {
135
+ body: "reads of files that were Edit'd or Write'n earlier in the same session. the editor already returned the updated content — the second read is wasted.",
136
+ cost: "tokens spent re-fetching content the tool already returned.",
137
+ },
138
+ "warn-large-file-write": {
139
+ body: "writes to files significantly larger than typical for the project. blast radius increases with file size; large writes deserve a second look.",
140
+ cost: "harder to review, harder to roll back, easier to break something downstream.",
141
+ },
142
+ "warn-background-process": {
143
+ body: "spawned a background process and moved on. nothing watches the process; if it crashes the agent doesn't know.",
144
+ cost: "silent failures. resource leaks if the process never exits.",
145
+ },
146
+ "require-commit-before-stop": {
147
+ body: "the agent reported a task complete while changes were still uncommitted in the working tree.",
148
+ cost: "unsaved work. next session starts with a dirty checkout the agent thinks is clean.",
149
+ },
150
+ "require-push-before-stop": {
151
+ body: "the agent stopped with commits sitting only on the local branch — nothing pushed to the remote.",
152
+ cost: "no one else can see the work. silent loss if the machine dies.",
153
+ },
154
+ "require-pr-before-stop": {
155
+ body: "the agent stopped without opening a PR. the commits are on a branch nobody reviewed.",
156
+ cost: "no review, no merge path, no record that the work happened.",
157
+ },
158
+ "require-ci-green-before-stop": {
159
+ body: "the agent declared completion before CI returned green (or while CI was already failing).",
160
+ cost: "false completion signal. broken main if anyone trusts the agent's word.",
161
+ },
162
+ };
163
+
164
+ function shortName(name: string): string {
165
+ const slash = name.indexOf("/");
166
+ return slash >= 0 ? name.slice(slash + 1) : name;
167
+ }
168
+
169
+ function relTimeAgo(iso?: string): string {
170
+ if (!iso) return "—";
171
+ const ms = Date.now() - new Date(iso).getTime();
172
+ if (Number.isNaN(ms) || ms < 0) return "—";
173
+ const m = Math.floor(ms / 60_000);
174
+ if (m < 60) return `${Math.max(1, m)}m ago`;
175
+ const h = Math.floor(m / 60);
176
+ if (h < 24) return `${h}h ago`;
177
+ const d = Math.floor(h / 24);
178
+ if (d < 30) return `${d}d ago`;
179
+ const months = Math.floor(d / 30);
180
+ return `${months}mo ago`;
181
+ }
182
+
183
+ export interface FindingCard {
184
+ num: string;
185
+ title: string;
186
+ count: number;
187
+ /** Unique identifier for React keys. This is the original detector
188
+ * or policy short slug (e.g. "redundant-cd-cwd", "block-push-master"),
189
+ * NOT the prescribed-fix slug — which can repeat across cards when
190
+ * multiple detectors share the same fix policy. */
191
+ sourceSlug: string;
192
+ /** Slug shown in the meta line — the prescribed-fix policy. May
193
+ * repeat across cards (e.g. several detectors → warn-repeated-tool-calls). */
194
+ policy: string;
195
+ projects: number;
196
+ lastSeen: string;
197
+ body: string;
198
+ cost: string;
199
+ evidence: { text: string; kind: "cmd" | "comment" | "err" }[];
200
+ /** Prescribed fix. Always populated now — detectors route to their
201
+ * closest builtin policy (see DETECTOR_TO_POLICY). */
202
+ fix: { slug: string; desc: string; install: string; alsoCoveredBy?: string };
203
+ /** True when the prescribed fix policy is already in the user's
204
+ * enabled set. UI tones the fix block accordingly. */
205
+ alreadyEnabled: boolean;
206
+ }
207
+
208
+ /** Build the per-policy/detector finding cards. Ranks by hits desc and
209
+ * drops rows that would otherwise be uninformative (zero hits). */
210
+ export function deriveFindings(result: AuditResult): FindingCard[] {
211
+ const sorted = [...result.results]
212
+ .filter((r) => r.hits > 0)
213
+ .sort((a, b) => b.hits - a.hits);
214
+
215
+ const enabledSet = new Set(result.enabledBuiltinNames ?? []);
216
+ return sorted.map((r, i) => buildCard(r, i, enabledSet));
217
+ }
218
+
219
+ /** Lightweight metadata for a policy that we may need to display even
220
+ * when the policy didn't fire on its own (a detector pointed at it).
221
+ * Mirrors the relevant subset of `BuiltinPolicy` so this module stays
222
+ * client-bundle-safe (no node imports). */
223
+ const POLICY_META: Record<string, { displayTitle: string; impact: string }> = {
224
+ "warn-repeated-tool-calls": {
225
+ displayTitle: "Called the same tool 3+ times with identical arguments",
226
+ impact: "catches identical-arg retries before they spiral into a token-burning loop.",
227
+ },
228
+ "block-read-outside-cwd": {
229
+ displayTitle: "Tried to read files outside your project directory",
230
+ impact: "denies reads of files outside the project root, including symlinks.",
231
+ },
232
+ "block-env-files": {
233
+ displayTitle: "Tried to read or write a .env file",
234
+ impact: "blocks reads and writes of `.env` files at the tool layer.",
235
+ },
236
+ "block-secrets-write": {
237
+ displayTitle: "Tried to write a secret-key file",
238
+ impact: "blocks writes to .pem, id_rsa, credentials.json, and similar.",
239
+ },
240
+ "warn-background-process": {
241
+ displayTitle: "Started a long-lived background process",
242
+ impact: "warns on nohup / & / screen / tmux / disown patterns the agent forgets to clean up.",
243
+ },
244
+ "warn-git-amend": {
245
+ displayTitle: "Used git commit --amend",
246
+ impact: "warns before amending — same class as dangerous-commit-flag bypasses.",
247
+ },
248
+ "require-ci-green-before-stop": {
249
+ displayTitle: "Stopped with failing CI",
250
+ impact: "requires CI checks to pass on HEAD before declaring done.",
251
+ },
252
+ };
253
+
254
+ function buildCard(r: AuditCount, idx: number, enabledSet: Set<string>): FindingCard {
255
+ const slug = shortName(r.name);
256
+ const isDetector = r.source === "audit-detector";
257
+ const mapping = isDetector ? DETECTOR_TO_POLICY[slug] : undefined;
258
+
259
+ // For a detector, the prescribed fix points at its mapped policy.
260
+ // For a builtin row, it points at itself.
261
+ const fixSlug = mapping?.primary ?? slug;
262
+ const meta = POLICY_META[fixSlug];
263
+ const fixDesc = meta?.impact ?? r.impact ?? r.displayTitle;
264
+ const alsoCoveredBy = mapping?.also;
265
+
266
+ const alreadyEnabled = enabledSet.has(fixSlug)
267
+ || (r.source === "builtin" && r.enabledInConfig);
268
+
269
+ const copy = FINDING_COPY[slug];
270
+
271
+ const evidence: FindingCard["evidence"] = r.examples.slice(0, 4).map((e) => ({
272
+ text: e.example,
273
+ kind: "cmd" as const,
274
+ }));
275
+ if (evidence.length === 0) {
276
+ evidence.push({ text: "no example commands captured.", kind: "comment" });
277
+ }
278
+
279
+ return {
280
+ num: String(idx + 1).padStart(2, "0"),
281
+ title: r.displayTitle.toLowerCase(),
282
+ count: r.hits,
283
+ sourceSlug: slug,
284
+ policy: fixSlug,
285
+ projects: r.projects,
286
+ lastSeen: relTimeAgo(r.lastSeen),
287
+ body: copy?.body ?? r.impact ?? r.displayTitle,
288
+ cost: copy?.cost ?? r.impact ?? "see policy description above.",
289
+ evidence,
290
+ fix: {
291
+ slug: fixSlug,
292
+ desc: fixDesc,
293
+ install: `failproofai policy add ${fixSlug}`,
294
+ alsoCoveredBy,
295
+ },
296
+ alreadyEnabled,
297
+ };
298
+ }