ferret-scan 2.2.0 → 2.3.0

package/dist/__tests__/customRules.extra.test.js

@@ -0,0 +1,245 @@
+/**
+ * Additional Custom Rules Tests
+ * Focuses on loadCustomRulesFile, loadCustomRulesSource, generateExampleRulesFile
+ */
+import { loadCustomRulesFile, loadCustomRulesSource, loadCustomRules, generateExampleRulesFile, validateCustomRulesFile, } from '../features/customRules.js';
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+import * as os from 'node:os';
+const VALID_RULE_JSON = JSON.stringify({
+    version: '1.0',
+    description: 'Test rules',
+    rules: [
+        {
+            id: 'CUSTOM-001',
+            name: 'Test Rule',
+            category: 'injection',
+            severity: 'HIGH',
+            description: 'Detects test patterns',
+            patterns: ['test.*pattern'],
+            fileTypes: ['md', 'json'],
+            components: ['agent', 'skill'],
+            remediation: 'Fix it',
+        },
+    ],
+});
+const VALID_RULE_YAML = `
+version: "1.0"
+description: Test rules
+rules:
+  - id: CUSTOM-001
+    name: Test Rule
+    category: injection
+    severity: HIGH
+    description: Detects test patterns
+    patterns:
+      - "test.*pattern"
+    fileTypes:
+      - md
+      - json
+    components:
+      - agent
+    remediation: Fix it
+`;
+describe('loadCustomRulesFile', () => {
+    let tmpDir;
+    beforeEach(() => {
+        tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'ferret-rules-'));
+    });
+    afterEach(() => {
+        fs.rmSync(tmpDir, { recursive: true, force: true });
+    });
+    it('returns error for non-existent file', () => {
+        const result = loadCustomRulesFile('/nonexistent/rules.json');
+        expect(result.success).toBe(false);
+        expect(result.rules).toHaveLength(0);
+        expect(result.errors.length).toBeGreaterThan(0);
+        expect(result.errors[0]).toContain('not found');
+    });
+    it('loads valid JSON rules file', () => {
+        const filePath = path.join(tmpDir, 'rules.json');
+        fs.writeFileSync(filePath, VALID_RULE_JSON);
+        const result = loadCustomRulesFile(filePath);
+        expect(result.success).toBe(true);
+        expect(result.rules).toHaveLength(1);
+        expect(result.rules[0]?.id).toBe('CUSTOM-001');
+        // RE2 instances satisfy the RegExp interface but are not instanceof RegExp.
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        expect(typeof result.rules[0]?.patterns[0]?.exec).toBe('function');
+    });
+    it('loads valid YAML rules file', () => {
+        const filePath = path.join(tmpDir, 'rules.yaml');
+        fs.writeFileSync(filePath, VALID_RULE_YAML);
+        const result = loadCustomRulesFile(filePath);
+        expect(result.success).toBe(true);
+        expect(result.rules).toHaveLength(1);
+        expect(result.rules[0]?.id).toBe('CUSTOM-001');
+    });
+    it('loads valid .yml rules file', () => {
+        const filePath = path.join(tmpDir, 'rules.yml');
+        fs.writeFileSync(filePath, VALID_RULE_YAML);
+        const result = loadCustomRulesFile(filePath);
+        expect(result.success).toBe(true);
+        expect(result.rules).toHaveLength(1);
+    });
+    it('returns error for unsupported file format', () => {
+        const filePath = path.join(tmpDir, 'rules.txt');
+        fs.writeFileSync(filePath, VALID_RULE_JSON);
+        const result = loadCustomRulesFile(filePath);
+        expect(result.success).toBe(false);
+        expect(result.errors[0]).toContain('Unsupported file format');
+    });
+    it('returns error for invalid JSON', () => {
+        const filePath = path.join(tmpDir, 'rules.json');
+        fs.writeFileSync(filePath, 'invalid json {{{');
+        const result = loadCustomRulesFile(filePath);
+        expect(result.success).toBe(false);
+        expect(result.errors.length).toBeGreaterThan(0);
+    });
+    it('returns error for schema validation failure', () => {
+        const filePath = path.join(tmpDir, 'rules.json');
+        fs.writeFileSync(filePath, JSON.stringify({ rules: [] })); // empty rules array fails min(1)
+        const result = loadCustomRulesFile(filePath);
+        expect(result.success).toBe(false);
+        expect(result.errors.length).toBeGreaterThan(0);
+    });
+    it('returns error for invalid rule id format', () => {
+        const filePath = path.join(tmpDir, 'rules.json');
+        fs.writeFileSync(filePath, JSON.stringify({
+            rules: [{
+                    id: 'invalid-id', // should be like CUSTOM-001
+                    name: 'Test',
+                    category: 'injection',
+                    severity: 'HIGH',
+                    description: 'Test',
+                    patterns: ['test'],
+                }],
+        }));
+        const result = loadCustomRulesFile(filePath);
+        expect(result.success).toBe(false);
+    });
+});
+describe('loadCustomRulesSource', () => {
+    let tmpDir;
+    beforeEach(() => {
+        tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'ferret-rules-'));
+    });
+    afterEach(() => {
+        fs.rmSync(tmpDir, { recursive: true, force: true });
+    });
+    it('loads from local file path', async () => {
+        const filePath = path.join(tmpDir, 'rules.json');
+        fs.writeFileSync(filePath, VALID_RULE_JSON);
+        const result = await loadCustomRulesSource(filePath);
+        expect(result.success).toBe(true);
+        expect(result.rules).toHaveLength(1);
+    });
+    it('returns error for non-existent local file', async () => {
+        const result = await loadCustomRulesSource('/nonexistent/rules.json');
+        expect(result.success).toBe(false);
+        expect(result.errors.length).toBeGreaterThan(0);
+    });
+    it('fetches from URL and caches', async () => {
+        globalThis.fetch = jest.fn().mockResolvedValue({
+            ok: true,
+            text: () => Promise.resolve(VALID_RULE_JSON),
+        });
+        const cacheDir = path.join(tmpDir, 'cache');
+        const result = await loadCustomRulesSource('https://example.com/rules.json', { cacheDir, cacheTtlHours: 24, timeoutMs: 5000 });
+        expect(result.success).toBe(true);
+        expect(result.rules).toHaveLength(1);
+        // Cache should exist
+        expect(fs.existsSync(cacheDir)).toBe(true);
+    });
+    it('returns error when URL fetch fails with no cache', async () => {
+        globalThis.fetch = jest.fn().mockRejectedValue(new Error('Network error'));
+        const cacheDir = path.join(tmpDir, 'empty-cache');
+        const result = await loadCustomRulesSource('https://example.com/rules.json', { cacheDir, cacheTtlHours: 24, timeoutMs: 1000 });
+        expect(result.success).toBe(false);
+        expect(result.errors[0]).toContain('Failed to fetch');
+    });
+    it('uses cached version when URL fetch fails', async () => {
+        // First create a cache file
+        const cacheDir = path.join(tmpDir, 'stale-cache');
+        fs.mkdirSync(cacheDir, { recursive: true });
+        // Write stale content to cache with hash matching the URL
+        const { createHash } = await import('node:crypto');
+        const url = 'https://example.com/stale-rules.json';
+        const cacheKey = createHash('sha256').update(url, 'utf8').digest('hex');
+        const cachePath = path.join(cacheDir, `${cacheKey}.json`);
+        fs.writeFileSync(cachePath, VALID_RULE_JSON);
+        // Set TTL to 0 so cache is always "stale" (force refetch)
+        // But fetch will fail so it should use stale cache
+        globalThis.fetch = jest.fn().mockRejectedValue(new Error('Network unreachable'));
+        const result = await loadCustomRulesSource(url, { cacheDir, cacheTtlHours: 0, timeoutMs: 1000 });
+        // Should succeed using stale cache
+        expect(result.success).toBe(true);
+        expect(result.rules).toHaveLength(1);
+    });
+});
+describe('loadCustomRules', () => {
+    it('returns empty array when no rules files found', () => {
+        const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'ferret-empty-'));
+        const rules = loadCustomRules(tmpDir);
+        expect(rules).toHaveLength(0);
+        fs.rmSync(tmpDir, { recursive: true });
+    });
+    it('loads rules from .ferret/rules.json', () => {
+        const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'ferret-rules-'));
+        const ferretDir = path.join(tmpDir, '.ferret');
+        fs.mkdirSync(ferretDir);
+        fs.writeFileSync(path.join(ferretDir, 'rules.json'), VALID_RULE_JSON);
+        const rules = loadCustomRules(tmpDir);
+        expect(rules).toHaveLength(1);
+        fs.rmSync(tmpDir, { recursive: true });
+    });
+    it('loads rules from ferret-rules.json at root', () => {
+        const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'ferret-rules-'));
+        fs.writeFileSync(path.join(tmpDir, 'ferret-rules.json'), VALID_RULE_JSON);
+        const rules = loadCustomRules(tmpDir);
+        expect(rules).toHaveLength(1);
+        fs.rmSync(tmpDir, { recursive: true });
+    });
+});
+describe('generateExampleRulesFile', () => {
+    it('returns a string', () => {
+        const content = generateExampleRulesFile();
+        expect(typeof content).toBe('string');
+        expect(content.length).toBeGreaterThan(0);
+    });
+    it('contains valid YAML with rules', () => {
+        const content = generateExampleRulesFile();
+        expect(content).toContain('rules:');
+        expect(content).toContain('id:');
+        expect(content).toContain('severity:');
+    });
+});
+describe('validateCustomRulesFile', () => {
+    let tmpDir;
+    beforeEach(() => {
+        tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'ferret-validate-'));
+    });
+    afterEach(() => {
+        fs.rmSync(tmpDir, { recursive: true, force: true });
+    });
+    it('validates a valid rules file', () => {
+        const filePath = path.join(tmpDir, 'rules.json');
+        fs.writeFileSync(filePath, VALID_RULE_JSON);
+        const result = validateCustomRulesFile(filePath);
+        expect(result.valid).toBe(true);
+        expect(result.errors).toHaveLength(0);
+    });
+    it('returns errors for invalid rules file', () => {
+        const filePath = path.join(tmpDir, 'rules.json');
+        fs.writeFileSync(filePath, JSON.stringify({ rules: [] }));
+        const result = validateCustomRulesFile(filePath);
+        expect(result.valid).toBe(false);
+        expect(result.errors.length).toBeGreaterThan(0);
+    });
+    it('returns error for non-existent file', () => {
+        const result = validateCustomRulesFile('/nonexistent/rules.json');
+        expect(result.valid).toBe(false);
+        expect(result.errors.length).toBeGreaterThan(0);
+    });
+});
+//# sourceMappingURL=customRules.extra.test.js.map

package/dist/__tests__/customRules.test.d.ts

@@ -0,0 +1,7 @@
+/**
+ * Custom Rules Tests
+ * Tests for customRules loader, including compileSafePattern screening,
+ * validation, and file loading/parsing logic.
+ */
+export {};
+//# sourceMappingURL=customRules.test.d.ts.map

package/dist/__tests__/customRules.test.js

@@ -0,0 +1,347 @@
+/**
+ * Custom Rules Tests
+ * Tests for customRules loader, including compileSafePattern screening,
+ * validation, and file loading/parsing logic.
+ */
+jest.mock('node:fs');
+jest.mock('yaml');
+import * as fs from 'node:fs';
+import * as yaml from 'yaml';
+import { isRE2Active } from '../../src/utils/safeRegex.js';
+import { loadCustomRulesFile, loadCustomRules, validateCustomRulesFile, generateExampleRulesFile, loadCustomRulesSource, } from '../features/customRules.js';
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+const mockFs = fs;
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+const mockYaml = yaml;
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+const VALID_RULE_JSON = JSON.stringify({
+    version: '1.0',
+    rules: [
+        {
+            id: 'CUSTOM-001',
+            name: 'Test Rule',
+            category: 'injection',
+            severity: 'HIGH',
+            description: 'A test custom rule',
+            patterns: ['test\\d+', 'foo.*bar'],
+        },
+    ],
+});
+const VALID_RULE_WITH_OPTIONS_JSON = JSON.stringify({
+    version: '1.0',
+    rules: [
+        {
+            id: 'CUSTOM-002',
+            name: 'Rule with Options',
+            category: 'credentials',
+            severity: 'CRITICAL',
+            description: 'Rule with all optional fields',
+            patterns: ['secret\\s*=\\s*\\w+'],
+            fileTypes: ['md', 'json'],
+            components: ['skill', 'agent'],
+            remediation: 'Remove the secret.',
+            references: ['https://example.com/guide'],
+            enabled: false,
+            excludePatterns: ['test.*secret'],
+            requireContext: ['config'],
+            excludeContext: ['documentation'],
+            minMatchLength: 10,
+        },
+    ],
+});
+// ---------------------------------------------------------------------------
+// loadCustomRulesFile — JSON
+// ---------------------------------------------------------------------------
+describe('loadCustomRulesFile', () => {
+    beforeEach(() => {
+        jest.clearAllMocks();
+    });
+    it('returns error when file does not exist', () => {
+        mockFs.existsSync.mockReturnValue(false);
+        const result = loadCustomRulesFile('/nonexistent/rules.json');
+        expect(result.success).toBe(false);
+        expect(result.rules).toHaveLength(0);
+        expect(result.errors[0]).toContain('not found');
+    });
+    it('loads valid JSON rules file successfully', () => {
+        mockFs.existsSync.mockReturnValue(true);
+        mockFs.readFileSync.mockReturnValue(VALID_RULE_JSON);
+        const result = loadCustomRulesFile('/path/rules.json');
+        expect(result.success).toBe(true);
+        expect(result.rules).toHaveLength(1);
+        expect(result.rules[0].id).toBe('CUSTOM-001');
+        expect(result.rules[0].severity).toBe('HIGH');
+        expect(result.errors).toHaveLength(0);
+    });
+    it('loads YAML rules file successfully', () => {
+        mockFs.existsSync.mockReturnValue(true);
+        mockFs.readFileSync.mockReturnValue('content');
+        mockYaml.parse.mockReturnValue(JSON.parse(VALID_RULE_JSON));
+        const result = loadCustomRulesFile('/path/rules.yaml');
+        expect(result.success).toBe(true);
+        expect(result.rules).toHaveLength(1);
+    });
+    it('loads .yml extension', () => {
+        mockFs.existsSync.mockReturnValue(true);
+        mockFs.readFileSync.mockReturnValue('content');
+        mockYaml.parse.mockReturnValue(JSON.parse(VALID_RULE_JSON));
+        const result = loadCustomRulesFile('/path/rules.yml');
+        expect(result.success).toBe(true);
+        expect(result.rules).toHaveLength(1);
+    });
+    it('returns error for unsupported file extension', () => {
+        mockFs.existsSync.mockReturnValue(true);
+        const result = loadCustomRulesFile('/path/rules.xml');
+        expect(result.success).toBe(false);
+        expect(result.errors[0]).toContain('Unsupported file format');
+    });
+    it('returns error when schema validation fails', () => {
+        mockFs.existsSync.mockReturnValue(true);
+        mockFs.readFileSync.mockReturnValue(JSON.stringify({ rules: [] }));
+        const result = loadCustomRulesFile('/path/rules.json');
+        expect(result.success).toBe(false);
+        expect(result.errors.length).toBeGreaterThan(0);
+    });
+    it('returns error when JSON is malformed', () => {
+        mockFs.existsSync.mockReturnValue(true);
+        mockFs.readFileSync.mockReturnValue('{ invalid json');
+        const result = loadCustomRulesFile('/path/rules.json');
+        expect(result.success).toBe(false);
+        expect(result.errors[0]).toContain('Failed to parse');
+    });
+    it('loads rule with all optional fields', () => {
+        mockFs.existsSync.mockReturnValue(true);
+        mockFs.readFileSync.mockReturnValue(VALID_RULE_WITH_OPTIONS_JSON);
+        const result = loadCustomRulesFile('/path/rules.json');
+        expect(result.success).toBe(true);
+        const rule = result.rules[0];
+        expect(rule.enabled).toBe(false);
+        expect(rule.fileTypes).toContain('md');
+        expect(rule.components).toContain('skill');
+        expect(rule.remediation).toBe('Remove the secret.');
+        expect(rule.excludePatterns).toHaveLength(1);
+        expect(rule.requireContext).toHaveLength(1);
+        expect(rule.excludeContext).toHaveLength(1);
+        expect(rule.minMatchLength).toBe(10);
+    });
+    it('skips rules with invalid (ReDoS) patterns and tracks errors (native) or loads them (RE2)', () => {
+        const withReDoS = JSON.stringify({
+            rules: [
+                {
+                    id: 'CUSTOM-001',
+                    name: 'ReDoS Rule',
+                    category: 'injection',
+                    severity: 'HIGH',
+                    description: 'rule with unsafe pattern',
+                    patterns: ['(a+)+b'], // ReDoS pattern — unsafe in native JS, safe in RE2
+                },
+            ],
+        });
+        mockFs.existsSync.mockReturnValue(true);
+        mockFs.readFileSync.mockReturnValue(withReDoS);
+        const result = loadCustomRulesFile('/path/rules.json');
+        if (isRE2Active()) {
+            // RE2 compiles this safely — rule should load successfully
+            expect(result.success).toBe(true);
+        }
+        else {
+            // Static screener rejects — rule should fail
+            expect(result.success).toBe(false);
+            expect(result.errors.length).toBeGreaterThan(0);
+        }
+    });
+    it('reports error for rule with missing required fields', () => {
+        const missingFields = JSON.stringify({
+            rules: [
+                {
+                    id: 'CUSTOM-001',
+                    // name missing
+                    category: 'injection',
+                    severity: 'HIGH',
+                    description: 'A rule',
+                    patterns: ['test'],
+                },
+            ],
+        });
+        mockFs.existsSync.mockReturnValue(true);
+        mockFs.readFileSync.mockReturnValue(missingFields);
+        const result = loadCustomRulesFile('/path/rules.json');
+        expect(result.success).toBe(false);
+    });
+});
+// ---------------------------------------------------------------------------
+// validateCustomRulesFile
+// ---------------------------------------------------------------------------
+describe('validateCustomRulesFile', () => {
+    beforeEach(() => {
+        jest.clearAllMocks();
+    });
+    it('returns invalid when file does not exist', () => {
+        mockFs.existsSync.mockReturnValue(false);
+        const result = validateCustomRulesFile('/nonexistent.json');
+        expect(result.valid).toBe(false);
+        expect(result.errors[0]).toContain('File not found');
+    });
+    it('validates a correct JSON file successfully', () => {
+        mockFs.existsSync.mockReturnValue(true);
+        mockFs.readFileSync.mockReturnValue(VALID_RULE_JSON);
+        const result = validateCustomRulesFile('/path/rules.json');
+        expect(result.valid).toBe(true);
+        expect(result.ruleCount).toBe(1);
+        expect(result.errors).toHaveLength(0);
+    });
+    it('rejects unsafe regex patterns (native) or validates them (RE2)', () => {
+        const withReDoS = JSON.stringify({
+            rules: [
+                {
+                    id: 'CUSTOM-001',
+                    name: 'Test',
+                    category: 'injection',
+                    severity: 'HIGH',
+                    description: 'Test rule',
+                    patterns: ['(a+)+b'],
+                },
+            ],
+        });
+        mockFs.existsSync.mockReturnValue(true);
+        mockFs.readFileSync.mockReturnValue(withReDoS);
+        const result = validateCustomRulesFile('/path/rules.json');
+        if (isRE2Active()) {
+            // RE2 handles this safely — should be valid
+            expect(result.valid).toBe(true);
+        }
+        else {
+            expect(result.valid).toBe(false);
+            expect(result.errors.some(e => e.includes('Unsafe or invalid regex'))).toBe(true);
+        }
+    });
+    it('detects duplicate rule IDs', () => {
+        const withDups = JSON.stringify({
+            rules: [
+                {
+                    id: 'CUSTOM-001',
+                    name: 'Rule 1',
+                    category: 'injection',
+                    severity: 'HIGH',
+                    description: 'First rule',
+                    patterns: ['pattern1'],
+                },
+                {
+                    id: 'CUSTOM-001',
+                    name: 'Rule 2',
+                    category: 'injection',
+                    severity: 'MEDIUM',
+                    description: 'Second rule with same id',
+                    patterns: ['pattern2'],
+                },
+            ],
+        });
+        mockFs.existsSync.mockReturnValue(true);
+        mockFs.readFileSync.mockReturnValue(withDups);
+        const result = validateCustomRulesFile('/path/rules.json');
+        expect(result.valid).toBe(false);
+        expect(result.errors.some(e => e.includes('Duplicate rule IDs'))).toBe(true);
+    });
+    it('returns unsupported format error for .xml', () => {
+        mockFs.existsSync.mockReturnValue(true);
+        const result = validateCustomRulesFile('/path/rules.xml');
+        expect(result.valid).toBe(false);
+        expect(result.errors[0]).toContain('Unsupported file format');
+    });
+    it('validates YAML file', () => {
+        mockFs.existsSync.mockReturnValue(true);
+        mockFs.readFileSync.mockReturnValue('content');
+        mockYaml.parse.mockReturnValue(JSON.parse(VALID_RULE_JSON));
+        const result = validateCustomRulesFile('/path/rules.yaml');
+        expect(result.valid).toBe(true);
+        expect(result.ruleCount).toBe(1);
+    });
+    it('returns parse error for invalid JSON', () => {
+        mockFs.existsSync.mockReturnValue(true);
+        mockFs.readFileSync.mockReturnValue('{bad json');
+        const result = validateCustomRulesFile('/path/rules.json');
+        expect(result.valid).toBe(false);
+        expect(result.errors[0]).toContain('Failed to parse');
+    });
+});
+// ---------------------------------------------------------------------------
+// loadCustomRules (search standard paths)
+// ---------------------------------------------------------------------------
+describe('loadCustomRules', () => {
+    beforeEach(() => {
+        jest.clearAllMocks();
+    });
+    it('returns empty array when no standard rules files exist', () => {
+        mockFs.existsSync.mockReturnValue(false);
+        const rules = loadCustomRules('/some/dir');
+        expect(rules).toHaveLength(0);
+    });
+    it('loads rules from first found standard path', () => {
+        // Only the first candidate exists
+        mockFs.existsSync.mockImplementation((p) => {
+            return String(p).endsWith('.ferret/rules.yaml');
+        });
+        mockFs.readFileSync.mockReturnValue('content');
+        mockYaml.parse.mockReturnValue(JSON.parse(VALID_RULE_JSON));
+        const rules = loadCustomRules('/project');
+        expect(rules.length).toBeGreaterThan(0);
+    });
+    it('accumulates rules from multiple found paths', () => {
+        // Two paths exist
+        let callCount = 0;
+        mockFs.existsSync.mockImplementation((p) => {
+            const s = String(p);
+            return s.endsWith('.ferret/rules.yaml') || s.endsWith('.ferret/custom-rules.yaml');
+        });
+        mockFs.readFileSync.mockImplementation(() => {
+            callCount++;
+            return 'content';
+        });
+        mockYaml.parse.mockReturnValue(JSON.parse(VALID_RULE_JSON));
+        const rules = loadCustomRules('/project');
+        // Should have loaded 2 sets of 1 rule each
+        expect(rules.length).toBe(2);
+    });
+});
+// ---------------------------------------------------------------------------
+// generateExampleRulesFile
+// ---------------------------------------------------------------------------
+describe('generateExampleRulesFile', () => {
+    it('returns a non-empty string', () => {
+        const content = generateExampleRulesFile();
+        expect(typeof content).toBe('string');
+        expect(content.length).toBeGreaterThan(0);
+    });
+    it('contains CUSTOM-001 example', () => {
+        const content = generateExampleRulesFile();
+        expect(content).toContain('CUSTOM-001');
+    });
+    it('is valid YAML-like structure (contains "rules:" key)', () => {
+        const content = generateExampleRulesFile();
+        expect(content).toContain('rules:');
+    });
+});
+// ---------------------------------------------------------------------------
+// loadCustomRulesSource — local file delegation
+// ---------------------------------------------------------------------------
+describe('loadCustomRulesSource', () => {
+    beforeEach(() => {
+        jest.clearAllMocks();
+    });
+    it('delegates to loadCustomRulesFile for local paths', async () => {
+        mockFs.existsSync.mockReturnValue(true);
+        mockFs.readFileSync.mockReturnValue(VALID_RULE_JSON);
+        const result = await loadCustomRulesSource('/path/rules.json');
+        expect(result.success).toBe(true);
+        expect(result.rules).toHaveLength(1);
+    });
+    it('returns error for missing local file', async () => {
+        mockFs.existsSync.mockReturnValue(false);
+        const result = await loadCustomRulesSource('/nonexistent.json');
+        expect(result.success).toBe(false);
+        expect(result.errors[0]).toContain('not found');
+    });
+});
+//# sourceMappingURL=customRules.test.js.map

package/dist/__tests__/dependencyRisk.test.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Dependency Risk Analysis Tests
+ */
+export {};
+//# sourceMappingURL=dependencyRisk.test.d.ts.map