npm - laxy-verify - Versions diffs - 1.2.2 → 1.3.0 - Mend

laxy-verify 1.2.2 → 1.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (36) hide show

package/README.md +204 -47
package/dist/a11y-deep.d.ts +20 -0
package/dist/a11y-deep.js +161 -0
package/dist/audit/broken-links.d.ts +25 -21
package/dist/audit/broken-links.js +97 -86
package/dist/badge.d.ts +2 -1
package/dist/badge.js +18 -14
package/dist/bundle-size.d.ts +14 -0
package/dist/bundle-size.js +209 -0
package/dist/cli.js +1256 -865
package/dist/config.d.ts +102 -65
package/dist/config.js +360 -255
package/dist/entitlement.d.ts +15 -11
package/dist/entitlement.js +98 -90
package/dist/init.js +153 -87
package/dist/lighthouse.d.ts +37 -7
package/dist/lighthouse.js +231 -158
package/dist/outdated-check.d.ts +17 -0
package/dist/outdated-check.js +123 -0
package/dist/report-markdown.d.ts +53 -39
package/dist/report-markdown.js +407 -386
package/dist/secret-scan.d.ts +15 -0
package/dist/secret-scan.js +218 -0
package/dist/security-audit.d.ts +17 -9
package/dist/security-audit.js +127 -64
package/dist/seo-deep.d.ts +24 -0
package/dist/seo-deep.js +147 -0
package/dist/typecheck.d.ts +8 -0
package/dist/typecheck.js +99 -0
package/dist/verification-core/report.js +526 -409
package/dist/verification-core/types.d.ts +164 -108
package/dist/visual-diff.d.ts +33 -26
package/dist/visual-diff.js +223 -178
package/dist/vitals-budget.d.ts +23 -0
package/dist/vitals-budget.js +168 -0
package/package.json +1 -1

package/dist/verification-core/report.js CHANGED Viewed

@@ -1,409 +1,526 @@
-"use strict";
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.DEFAULT_LH_THRESHOLDS = void 0;
-exports.getLighthousePass = getLighthousePass;
-exports.getVerificationGrade = getVerificationGrade;
-exports.buildVerificationEvidence = buildVerificationEvidence;
-exports.getImprovementRecommendations = getImprovementRecommendations;
-exports.buildVerificationReport = buildVerificationReport;
-exports.buildTierVerificationView = buildTierVerificationView;
-const tier_policy_js_1 = require("./tier-policy.js");
-exports.DEFAULT_LH_THRESHOLDS = {
-    performance: 70,
-    accessibility: 85,
-    seo: 80,
-    bestPractices: 80,
-};
-function getLighthousePass(lighthouseScores, thresholds = exports.DEFAULT_LH_THRESHOLDS) {
-    if (!lighthouseScores)
-        return false;
-    return (lighthouseScores.performance >= thresholds.performance &&
-        lighthouseScores.accessibility >= thresholds.accessibility &&
-        lighthouseScores.seo >= thresholds.seo &&
-        lighthouseScores.bestPractices >= thresholds.bestPractices);
-}
-function getVerificationGrade(input, thresholds = exports.DEFAULT_LH_THRESHOLDS) {
-    const buildPassed = input.buildSuccess === true;
-    const e2ePassedAll = typeof input.e2ePassed === "number" &&
-        typeof input.e2eTotal === "number" &&
-        input.e2eTotal > 0 &&
-        input.e2ePassed === input.e2eTotal;
-    const lighthousePassed = getLighthousePass(input.lighthouseScores, thresholds);
-    // Gold disqualifiers: console errors or critical security vulnerabilities
-    // mean the app has known problems — Gold should require a clean run.
-    const hasConsoleErrors = typeof input.e2eConsoleErrorCount === "number" && input.e2eConsoleErrorCount > 0;
-    const hasCriticalSecurity = !!input.securityAudit && input.securityAudit.critical > 0;
-    const goldDisqualified = hasConsoleErrors || hasCriticalSecurity;
-    if (buildPassed && e2ePassedAll && lighthousePassed && !goldDisqualified)
-        return "gold";
-    if (buildPassed && e2ePassedAll)
-        return "silver";
-    if (buildPassed)
-        return "bronze";
-    return "unverified";
-}
-function buildVerificationEvidence(input, thresholds = exports.DEFAULT_LH_THRESHOLDS) {
-    const buildPassed = input.buildSuccess === true;
-    const hasE2EData = typeof input.e2eTotal === "number" && input.e2eTotal > 0;
-    const hasLighthouseData = !!input.lighthouseScores;
-    const lighthouseSkipped = input.lighthouseSkipped === true;
-    const e2ePassedAll = hasE2EData &&
-        typeof input.e2ePassed === "number" &&
-        typeof input.e2eTotal === "number" &&
-        input.e2ePassed === input.e2eTotal;
-    const hasMultiViewportData = typeof input.viewportIssues === "number" || typeof input.multiViewportPassed === "boolean";
-    const multiViewportPassed = hasMultiViewportData
-        ? input.multiViewportPassed === true ||
-            (input.multiViewportPassed !== false && (input.viewportIssues ?? 0) <= 0)
-        : false;
-    const hasVisualDiffData = typeof input.visualDiffVerdict === "string";
-    const hasComparableVisualDiffData = hasVisualDiffData && input.hasVisualBaseline === true;
-    const visualDiffPassed = hasComparableVisualDiffData &&
-        input.visualDiffVerdict !== "warn" &&
-        input.visualDiffVerdict !== "rollback";
-    const lighthousePassed = getLighthousePass(input.lighthouseScores, thresholds);
-    const e2eStabilityPassed = input.e2eStabilityPassed !== false;
-    const hasConsoleErrors = typeof input.e2eConsoleErrorCount === "number" && input.e2eConsoleErrorCount > 0;
-    const hasSecurityData = !!input.securityAudit;
-    const securityPassed = hasSecurityData
-        ? input.securityAudit.critical === 0 && input.securityAudit.high === 0
-        : true;
-    const hasMobileLighthouseData = !!input.mobileLighthouseScores;
-    const mobileLighthousePassed = hasMobileLighthouseData
-        ? getLighthousePass(input.mobileLighthouseScores, thresholds)
-        : false;
-    return {
-        input,
-        thresholds,
-        buildPassed,
-        hasE2EData,
-        e2ePassedAll,
-        e2eStabilityPassed,
-        hasLighthouseData,
-        lighthouseSkipped,
-        hasMultiViewportData,
-        multiViewportPassed,
-        hasVisualDiffData,
-        hasComparableVisualDiffData,
-        visualDiffPassed,
-        lighthousePassed,
-        hasConsoleErrors,
-        hasSecurityData,
-        securityPassed,
-        hasMobileLighthouseData,
-        mobileLighthousePassed,
-    };
-}
-function getImprovementRecommendations(input, thresholds = exports.DEFAULT_LH_THRESHOLDS) {
-    const findings = [];
-    const errors = input.buildErrors ?? [];
-    if (input.buildSuccess === false) {
-        if (errors.some((error) => /TS\d+|type/i.test(error))) {
-            findings.push({
-                category: "build",
-                severity: "critical",
-                title: "TypeScript build errors",
-                description: "Type errors are blocking a clean production build.",
-                action: "Fix the TypeScript errors first, then rerun verification.",
-            });
-        }
-        if (errors.some((error) => /Module not found|Cannot find module|Failed to resolve/i.test(error))) {
-            findings.push({
-                category: "build",
-                severity: "critical",
-                title: "Missing or unresolved modules",
-                description: "The build cannot resolve one or more imports or packages.",
-                action: "Check import paths, package installation, and package.json consistency.",
-            });
-        }
-        if (errors.some((error) => /SyntaxError|Unexpected token/i.test(error))) {
-            findings.push({
-                category: "build",
-                severity: "critical",
-                title: "Syntax errors in source code",
-                description: "The code contains syntax issues that stop the build from completing.",
-                action: "Fix the syntax errors, then rerun the build verification.",
-            });
-        }
-        if (findings.every((finding) => finding.category !== "build")) {
-            findings.push({
-                category: "build",
-                severity: "critical",
-                title: "Build failed",
-                description: "Production build verification did not pass.",
-                action: "Inspect the build logs and resolve the blocking errors before release.",
-            });
-        }
-    }
-    if (typeof input.e2ePassed === "number" &&
-        typeof input.e2eTotal === "number" &&
-        input.e2eTotal > 0 &&
-        input.e2ePassed < input.e2eTotal) {
-        const failedCount = input.e2eTotal - input.e2ePassed;
-        findings.push({
-            category: "e2e",
-            severity: "high",
-            title: `E2E failures (${failedCount}/${input.e2eTotal})`,
-            description: "One or more verification scenarios failed.",
-            action: "Fix the broken user flow and rerun the verification scenarios.",
-        });
-    }
-    if ((input.e2eCoverageGaps?.length ?? 0) > 0) {
-        findings.push({
-            category: "e2e",
-            severity: "high",
-            title: `Verification coverage gaps (${input.e2eCoverageGaps?.length ?? 0})`,
-            description: input.e2eCoverageGaps.join(" "),
-            action: "Add or expose a stable primary user flow, then rerun verification so the checks cover real interactions.",
-        });
-    }
-    if (input.e2eStabilityPassed === false) {
-        findings.push({
-            category: "e2e",
-            severity: "high",
-            title: "E2E stability check failed",
-            description: "E2E scenarios passed on the first run but failed on the second stability run.",
-            action: "Fix flaky tests or unstable application state, then rerun verification.",
-        });
-    }
-    // Runtime console errors — answers "이거 당장 크게 터지나?"
-    if (typeof input.e2eConsoleErrorCount === "number" && input.e2eConsoleErrorCount > 0) {
-        findings.push({
-            category: "runtime",
-            severity: input.e2eConsoleErrorCount >= 3 ? "high" : "medium",
-            title: `Runtime console errors detected (${input.e2eConsoleErrorCount})`,
-            description: "The app emits console errors during E2E verification, indicating runtime issues.",
-            action: "Open browser DevTools, fix the console errors, and rerun verification.",
-        });
-    }
-    // Security audit — answers "클라이언트한테 보내도 되는 수준인가?"
-    if (input.securityAudit) {
-        const audit = input.securityAudit;
-        if (audit.critical > 0) {
-            findings.push({
-                category: "security",
-                severity: "critical",
-                title: `Critical security vulnerabilities (${audit.critical})`,
-                description: `npm audit found ${audit.critical} critical vulnerabilities: ${audit.summary}`,
-                action: "Run npm audit fix or update the vulnerable packages before deployment.",
-            });
-        }
-        else if (audit.high > 0) {
-            findings.push({
-                category: "security",
-                severity: "high",
-                title: `High security vulnerabilities (${audit.high})`,
-                description: `npm audit found ${audit.high} high-severity vulnerabilities: ${audit.summary}`,
-                action: "Run npm audit fix or update the vulnerable packages.",
-            });
-        }
-        else if (audit.totalVulnerabilities > 0) {
-            findings.push({
-                category: "security",
-                severity: "medium",
-                title: `Security vulnerabilities (${audit.totalVulnerabilities})`,
-                description: `npm audit found moderate/low vulnerabilities: ${audit.summary}`,
-                action: "Review npm audit output and update packages when convenient.",
-            });
-        }
-    }
-    // Broken links audit
-    if (input.brokenLinksAudit && input.brokenLinksAudit.brokenCount > 0) {
-        findings.push({
-            category: "security",
-            severity: "high",
-            title: `Broken links detected (${input.brokenLinksAudit.brokenCount}/${input.brokenLinksAudit.checkedCount})`,
-            description: `${input.brokenLinksAudit.brokenCount} link(s) returned non-OK status codes. Users will hit 404/500 errors.`,
-            action: "Fix or remove the broken links and rerun the verification.",
-        });
-    }
-    // Mobile Lighthouse — Pro tier mobile check
-    if (input.mobileLighthouseScores) {
-        const mobileScores = input.mobileLighthouseScores;
-        if (mobileScores.performance < thresholds.performance) {
-            findings.push({
-                category: "performance",
-                severity: "high",
-                title: `Mobile performance below threshold (${mobileScores.performance} / ${thresholds.performance})`,
-                description: "Mobile users will experience slow load times or poor interactivity.",
-                action: "Optimize mobile performance: reduce JS bundles, defer non-critical assets, optimize images.",
-            });
-        }
-        if (mobileScores.accessibility < thresholds.accessibility) {
-            findings.push({
-                category: "accessibility",
-                severity: "high",
-                title: `Mobile accessibility below threshold (${mobileScores.accessibility} / ${thresholds.accessibility})`,
-                description: "Mobile accessibility issues detected that may block users.",
-                action: "Fix touch targets, contrast, and semantic structure for mobile layouts.",
-            });
-        }
-    }
-    const hasMultiViewportData = typeof input.viewportIssues === "number" || typeof input.multiViewportPassed === "boolean";
-    const multiViewportPassed = input.multiViewportPassed === true ||
-        (input.multiViewportPassed !== false && (input.viewportIssues ?? 0) <= 0);
-    if (hasMultiViewportData && !multiViewportPassed) {
-        findings.push({
-            category: "viewport",
-            severity: "high",
-            title: `Multi-viewport issues detected (${input.viewportIssues ?? 0})`,
-            description: input.multiViewportSummary ||
-                "One or more responsive layout or viewport-specific verification issues were found.",
-            action: "Fix the responsive layout issues and rerun the multi-viewport verification pass.",
-        });
-    }
-    if (input.visualDiffVerdict === "rollback") {
-        findings.push({
-            category: "visual",
-            severity: "high",
-            title: `Visual regression detected (${input.visualDiffPercentage ?? 0}%)`,
-            description: "The visual diff is large enough to recommend a rollback or release hold.",
-            action: "Review the visual diff artifacts and fix the unintended UI regression before release.",
-        });
-    }
-    else if (input.visualDiffVerdict === "warn") {
-        findings.push({
-            category: "visual",
-            severity: "medium",
-            title: `Visual change needs review (${input.visualDiffPercentage ?? 0}%)`,
-            description: "The visual diff changed enough to require a manual review before release.",
-            action: "Check the visual diff and confirm the UI change is intentional.",
-        });
-    }
-    if ((input.lighthouseErrorCount ?? 0) > 0) {
-        findings.push({
-            category: "performance",
-            severity: "medium",
-            title: `Lighthouse instability detected (${input.lighthouseErrorCount})`,
-            description: "One or more Lighthouse runs errored even though a report was recovered.",
-            action: "Rerun Lighthouse and inspect the failing run logs before trusting this result in CI.",
-        });
-    }
-    const lighthouseScores = input.lighthouseScores;
-    if (!lighthouseScores) {
-        return findings;
-    }
-    const lighthouseFinding = (category, actual, required, title, description, action) => ({
-        category,
-        severity: required - actual >= 20 ? "high" : "medium",
-        title: `${title} (${actual} / ${required})`,
-        description,
-        action,
-    });
-    if (lighthouseScores.performance < thresholds.performance) {
-        findings.push(lighthouseFinding("performance", lighthouseScores.performance, thresholds.performance, "Performance below threshold", "Runtime performance is below the minimum verification threshold.", "Reduce heavy assets, expensive scripts, and blocking work on initial load."));
-    }
-    if (lighthouseScores.accessibility < thresholds.accessibility) {
-        findings.push(lighthouseFinding("accessibility", lighthouseScores.accessibility, thresholds.accessibility, "Accessibility below threshold", "Accessibility checks are below the minimum verification threshold.", "Fix labels, semantics, contrast, and keyboard accessibility issues."));
-    }
-    if (lighthouseScores.seo < thresholds.seo) {
-        findings.push(lighthouseFinding("seo", lighthouseScores.seo, thresholds.seo, "SEO below threshold", "SEO checks are below the minimum verification threshold.", "Fix title, description, crawl settings, and indexable metadata."));
-    }
-    if (lighthouseScores.bestPractices < thresholds.bestPractices) {
-        findings.push(lighthouseFinding("bestPractices", lighthouseScores.bestPractices, thresholds.bestPractices, "Best practices below threshold", "Best practices checks are below the minimum verification threshold.", "Fix browser warnings, unsafe patterns, and platform-level issues."));
-    }
-    return findings.sort((a, b) => {
-        const priority = { critical: 0, high: 1, medium: 2 };
-        return priority[a.severity] - priority[b.severity];
-    });
-}
-function buildVerificationReport(input, options) {
-    const thresholds = options?.thresholds ?? exports.DEFAULT_LH_THRESHOLDS;
-    const tier = options?.tier ?? "free";
-    const evidence = buildVerificationEvidence(input, thresholds);
-    const findings = getImprovementRecommendations(input, thresholds);
-    const blockers = findings.filter((finding) => finding.severity === "critical" || finding.severity === "high");
-    const warnings = findings.filter((finding) => finding.severity === "medium");
-    const hasWarnings = warnings.length > 0;
-    const coreChecksPassed = evidence.buildPassed && evidence.e2ePassedAll && evidence.lighthousePassed;
-    const teamEvidenceComplete = evidence.hasMultiViewportData &&
-        evidence.multiViewportPassed &&
-        evidence.hasComparableVisualDiffData &&
-        evidence.visualDiffPassed;
-    const grade = getVerificationGrade(input, thresholds);
-    const failureEvidence = (input.failureEvidence ?? []).filter(Boolean).slice(0, 5);
-    let verdict;
-    let confidence;
-    let summary;
-    if (!evidence.buildPassed) {
-        verdict = "build-failed";
-        confidence = "low";
-        summary = "Build failed. Fix the blocking build errors before relying on this verification result.";
-    }
-    else if (blockers.length > 0) {
-        verdict = "hold";
-        confidence = "medium";
-        summary = "Blocking verification issues were found. Hold release until the blockers are fixed.";
-    }
-    else if (tier === "team" && coreChecksPassed && !hasWarnings && teamEvidenceComplete) {
-        verdict = "release-ready";
-        confidence = "high";
-        summary = "All core checks and release-evidence checks passed. This run is strong enough to call release-ready.";
-    }
-    else if (coreChecksPassed && !hasWarnings) {
-        verdict = "client-ready";
-        confidence = "high";
-        summary = "No blocking issues found. Build, E2E, and Lighthouse checks passed.";
-    }
-    else if (coreChecksPassed && hasWarnings) {
-        verdict = "investigate";
-        confidence = "medium";
-        summary = "Core checks passed, but warning-level risks remain. Review warnings before calling this run client-ready.";
-    }
-    else {
-        verdict = "quick-pass";
-        confidence = evidence.hasLighthouseData && evidence.lighthousePassed ? "medium" : "low";
-        summary = "No immediate hard blockers were found in the quick verification pass.";
-    }
-    const passes = [
-        { key: "build", label: "Production build", passed: evidence.buildPassed },
-        ...(evidence.hasE2EData
-            ? [{ key: "e2e", label: `E2E ${input.e2ePassed ?? 0}/${input.e2eTotal ?? 0}`, passed: evidence.e2ePassedAll }]
-            : []),
-        ...(evidence.hasConsoleErrors
-            ? [{ key: "console-errors", label: `Console errors (${input.e2eConsoleErrorCount ?? 0})`, passed: false }]
-            : [{ key: "console-errors", label: "No console errors", passed: true }]),
-        ...(evidence.hasSecurityData
-            ? [{ key: "security", label: `Security (${input.securityAudit?.summary ?? "unknown"})`, passed: evidence.securityPassed }]
-            : []),
-        ...(evidence.hasMobileLighthouseData
-            ? [{ key: "mobile-lh", label: "Mobile Lighthouse", passed: evidence.mobileLighthousePassed }]
-            : []),
-        ...(evidence.hasMultiViewportData
-            ? [{
-                    key: "viewport",
-                    label: `Viewport ${input.viewportIssues ?? 0} issues`,
-                    passed: evidence.multiViewportPassed,
-                }]
-            : []),
-        ...(evidence.hasVisualDiffData
-            ? [{
-                    key: "visual",
-                    label: input.hasVisualBaseline
-                        ? `Visual diff ${input.visualDiffPercentage ?? 0}%`
-                        : "Visual baseline seeded",
-                    passed: evidence.visualDiffPassed,
-                }]
-            : []),
-        ...(evidence.hasLighthouseData
-            ? [{ key: "lighthouse", label: "Lighthouse thresholds", passed: evidence.lighthousePassed }]
-            : []),
-    ];
-    const nextActions = [...blockers, ...warnings].slice(0, 4).map((finding) => finding.action);
-    return {
-        tier,
-        verdict,
-        confidence,
-        summary,
-        grade,
-        blockers,
-        warnings,
-        passes,
-        nextActions,
-        failureEvidence,
-        evidence,
-    };
-}
-function buildTierVerificationView(input, options) {
-    return (0, tier_policy_js_1.getTierVerificationView)(buildVerificationReport(input, options));
-}
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.DEFAULT_LH_THRESHOLDS = void 0;
+exports.getLighthousePass = getLighthousePass;
+exports.getVerificationGrade = getVerificationGrade;
+exports.buildVerificationEvidence = buildVerificationEvidence;
+exports.getImprovementRecommendations = getImprovementRecommendations;
+exports.buildVerificationReport = buildVerificationReport;
+exports.buildTierVerificationView = buildTierVerificationView;
+const tier_policy_js_1 = require("./tier-policy.js");
+exports.DEFAULT_LH_THRESHOLDS = {
+    performance: 70,
+    accessibility: 85,
+    seo: 80,
+    bestPractices: 80,
+};
+function getLighthousePass(lighthouseScores, thresholds = exports.DEFAULT_LH_THRESHOLDS) {
+    if (!lighthouseScores)
+        return false;
+    return (lighthouseScores.performance >= thresholds.performance &&
+        lighthouseScores.accessibility >= thresholds.accessibility &&
+        lighthouseScores.seo >= thresholds.seo &&
+        lighthouseScores.bestPractices >= thresholds.bestPractices);
+}
+function getVerificationGrade(input, thresholds = exports.DEFAULT_LH_THRESHOLDS) {
+    const buildPassed = input.buildSuccess === true;
+    const e2ePassedAll = typeof input.e2ePassed === "number" &&
+        typeof input.e2eTotal === "number" &&
+        input.e2eTotal > 0 &&
+        input.e2ePassed === input.e2eTotal;
+    const lighthousePassed = getLighthousePass(input.lighthouseScores, thresholds);
+    // Gold disqualifiers: console errors or critical security vulnerabilities
+    // mean the app has known problems — Gold should require a clean run.
+    const hasConsoleErrors = typeof input.e2eConsoleErrorCount === "number" && input.e2eConsoleErrorCount > 0;
+    const hasCriticalSecurity = !!input.securityAudit && input.securityAudit.critical > 0;
+    const goldDisqualified = hasConsoleErrors || hasCriticalSecurity;
+    if (buildPassed && e2ePassedAll && lighthousePassed && !goldDisqualified)
+        return "gold";
+    if (buildPassed && e2ePassedAll)
+        return "silver";
+    if (buildPassed)
+        return "bronze";
+    return "unverified";
+}
+function buildVerificationEvidence(input, thresholds = exports.DEFAULT_LH_THRESHOLDS) {
+    const buildPassed = input.buildSuccess === true;
+    const hasE2EData = typeof input.e2eTotal === "number" && input.e2eTotal > 0;
+    const hasLighthouseData = !!input.lighthouseScores;
+    const lighthouseSkipped = input.lighthouseSkipped === true;
+    const e2ePassedAll = hasE2EData &&
+        typeof input.e2ePassed === "number" &&
+        typeof input.e2eTotal === "number" &&
+        input.e2ePassed === input.e2eTotal;
+    const hasMultiViewportData = typeof input.viewportIssues === "number" || typeof input.multiViewportPassed === "boolean";
+    const multiViewportPassed = hasMultiViewportData
+        ? input.multiViewportPassed === true ||
+            (input.multiViewportPassed !== false && (input.viewportIssues ?? 0) <= 0)
+        : false;
+    const hasVisualDiffData = typeof input.visualDiffVerdict === "string";
+    const hasComparableVisualDiffData = hasVisualDiffData && input.hasVisualBaseline === true;
+    const visualDiffPassed = hasComparableVisualDiffData &&
+        input.visualDiffVerdict !== "warn" &&
+        input.visualDiffVerdict !== "rollback";
+    const lighthousePassed = getLighthousePass(input.lighthouseScores, thresholds);
+    const e2eStabilityPassed = input.e2eStabilityPassed !== false;
+    const hasConsoleErrors = typeof input.e2eConsoleErrorCount === "number" && input.e2eConsoleErrorCount > 0;
+    const hasSecurityData = !!input.securityAudit;
+    const securityPassed = hasSecurityData
+        ? input.securityAudit.critical === 0 && input.securityAudit.high === 0
+        : true;
+    const hasMobileLighthouseData = !!input.mobileLighthouseScores;
+    const mobileLighthousePassed = hasMobileLighthouseData
+        ? getLighthousePass(input.mobileLighthouseScores, thresholds)
+        : false;
+    const hasTypecheckData = !!input.typecheck && !input.typecheck.skipped;
+    const typecheckPassed = hasTypecheckData ? input.typecheck.passed : true;
+    const hasSecretScanData = !!input.secretScan && !input.secretScan.skipped;
+    const secretScanPassed = hasSecretScanData ? input.secretScan.passed : true;
+    const hasA11yDeepData = !!input.a11yDeep && !input.a11yDeep.skipped;
+    const a11yDeepPassed = hasA11yDeepData ? input.a11yDeep.passed : true;
+    const hasSeoDeepData = !!input.seoDeep && !input.seoDeep.skipped;
+    const seoDeepPassed = hasSeoDeepData ? input.seoDeep.passed : true;
+    const hasVitalsBudgetData = !!input.vitalsBudget && !input.vitalsBudget.skipped;
+    const vitalsBudgetPassed = hasVitalsBudgetData ? input.vitalsBudget.passed : true;
+    return {
+        input,
+        thresholds,
+        buildPassed,
+        hasE2EData,
+        e2ePassedAll,
+        e2eStabilityPassed,
+        hasLighthouseData,
+        lighthouseSkipped,
+        hasMultiViewportData,
+        multiViewportPassed,
+        hasVisualDiffData,
+        hasComparableVisualDiffData,
+        visualDiffPassed,
+        lighthousePassed,
+        hasConsoleErrors,
+        hasSecurityData,
+        securityPassed,
+        hasMobileLighthouseData,
+        mobileLighthousePassed,
+        hasTypecheckData,
+        typecheckPassed,
+        hasSecretScanData,
+        secretScanPassed,
+        hasA11yDeepData,
+        a11yDeepPassed,
+        hasSeoDeepData,
+        seoDeepPassed,
+        hasVitalsBudgetData,
+        vitalsBudgetPassed,
+    };
+}
+function getImprovementRecommendations(input, thresholds = exports.DEFAULT_LH_THRESHOLDS) {
+    const findings = [];
+    const errors = input.buildErrors ?? [];
+    if (input.buildSuccess === false) {
+        if (errors.some((error) => /TS\d+|type/i.test(error))) {
+            findings.push({
+                category: "build",
+                severity: "critical",
+                title: "TypeScript build errors",
+                description: "Type errors are blocking a clean production build.",
+                action: "Fix the TypeScript errors first, then rerun verification.",
+            });
+        }
+        if (errors.some((error) => /Module not found|Cannot find module|Failed to resolve/i.test(error))) {
+            findings.push({
+                category: "build",
+                severity: "critical",
+                title: "Missing or unresolved modules",
+                description: "The build cannot resolve one or more imports or packages.",
+                action: "Check import paths, package installation, and package.json consistency.",
+            });
+        }
+        if (errors.some((error) => /SyntaxError|Unexpected token/i.test(error))) {
+            findings.push({
+                category: "build",
+                severity: "critical",
+                title: "Syntax errors in source code",
+                description: "The code contains syntax issues that stop the build from completing.",
+                action: "Fix the syntax errors, then rerun the build verification.",
+            });
+        }
+        if (findings.every((finding) => finding.category !== "build")) {
+            findings.push({
+                category: "build",
+                severity: "critical",
+                title: "Build failed",
+                description: "Production build verification did not pass.",
+                action: "Inspect the build logs and resolve the blocking errors before release.",
+            });
+        }
+    }
+    if (typeof input.e2ePassed === "number" &&
+        typeof input.e2eTotal === "number" &&
+        input.e2eTotal > 0 &&
+        input.e2ePassed < input.e2eTotal) {
+        const failedCount = input.e2eTotal - input.e2ePassed;
+        findings.push({
+            category: "e2e",
+            severity: "high",
+            title: `E2E failures (${failedCount}/${input.e2eTotal})`,
+            description: "One or more verification scenarios failed.",
+            action: "Fix the broken user flow and rerun the verification scenarios.",
+        });
+    }
+    if ((input.e2eCoverageGaps?.length ?? 0) > 0) {
+        findings.push({
+            category: "e2e",
+            severity: "high",
+            title: `Verification coverage gaps (${input.e2eCoverageGaps?.length ?? 0})`,
+            description: input.e2eCoverageGaps.join(" "),
+            action: "Add or expose a stable primary user flow, then rerun verification so the checks cover real interactions.",
+        });
+    }
+    if (input.e2eStabilityPassed === false) {
+        findings.push({
+            category: "e2e",
+            severity: "high",
+            title: "E2E stability check failed",
+            description: "E2E scenarios passed on the first run but failed on the second stability run.",
+            action: "Fix flaky tests or unstable application state, then rerun verification.",
+        });
+    }
+    // Runtime console errors — answers "이거 당장 크게 터지나?"
+    if (typeof input.e2eConsoleErrorCount === "number" && input.e2eConsoleErrorCount > 0) {
+        findings.push({
+            category: "runtime",
+            severity: input.e2eConsoleErrorCount >= 3 ? "high" : "medium",
+            title: `Runtime console errors detected (${input.e2eConsoleErrorCount})`,
+            description: "The app emits console errors during E2E verification, indicating runtime issues.",
+            action: "Open browser DevTools, fix the console errors, and rerun verification.",
+        });
+    }
+    // Security audit — answers "클라이언트한테 보내도 되는 수준인가?"
+    if (input.securityAudit) {
+        const audit = input.securityAudit;
+        if (audit.critical > 0) {
+            findings.push({
+                category: "security",
+                severity: "critical",
+                title: `Critical security vulnerabilities (${audit.critical})`,
+                description: `npm audit found ${audit.critical} critical vulnerabilities: ${audit.summary}`,
+                action: "Run npm audit fix or update the vulnerable packages before deployment.",
+            });
+        }
+        else if (audit.high > 0) {
+            findings.push({
+                category: "security",
+                severity: "high",
+                title: `High security vulnerabilities (${audit.high})`,
+                description: `npm audit found ${audit.high} high-severity vulnerabilities: ${audit.summary}`,
+                action: "Run npm audit fix or update the vulnerable packages.",
+            });
+        }
+        else if (audit.totalVulnerabilities > 0) {
+            findings.push({
+                category: "security",
+                severity: "medium",
+                title: `Security vulnerabilities (${audit.totalVulnerabilities})`,
+                description: `npm audit found moderate/low vulnerabilities: ${audit.summary}`,
+                action: "Review npm audit output and update packages when convenient.",
+            });
+        }
+    }
+    // Broken links audit
+    if (input.brokenLinksAudit && input.brokenLinksAudit.brokenCount > 0) {
+        findings.push({
+            category: "security",
+            severity: "high",
+            title: `Broken links detected (${input.brokenLinksAudit.brokenCount}/${input.brokenLinksAudit.checkedCount})`,
+            description: `${input.brokenLinksAudit.brokenCount} link(s) returned non-OK status codes. Users will hit 404/500 errors.`,
+            action: "Fix or remove the broken links and rerun the verification.",
+        });
+    }
+    // Mobile Lighthouse — Pro tier mobile check
+    if (input.mobileLighthouseScores) {
+        const mobileScores = input.mobileLighthouseScores;
+        if (mobileScores.performance < thresholds.performance) {
+            findings.push({
+                category: "performance",
+                severity: "high",
+                title: `Mobile performance below threshold (${mobileScores.performance} / ${thresholds.performance})`,
+                description: "Mobile users will experience slow load times or poor interactivity.",
+                action: "Optimize mobile performance: reduce JS bundles, defer non-critical assets, optimize images.",
+            });
+        }
+        if (mobileScores.accessibility < thresholds.accessibility) {
+            findings.push({
+                category: "accessibility",
+                severity: "high",
+                title: `Mobile accessibility below threshold (${mobileScores.accessibility} / ${thresholds.accessibility})`,
+                description: "Mobile accessibility issues detected that may block users.",
+                action: "Fix touch targets, contrast, and semantic structure for mobile layouts.",
+            });
+        }
+    }
+    const hasMultiViewportData = typeof input.viewportIssues === "number" || typeof input.multiViewportPassed === "boolean";
+    const multiViewportPassed = input.multiViewportPassed === true ||
+        (input.multiViewportPassed !== false && (input.viewportIssues ?? 0) <= 0);
+    if (hasMultiViewportData && !multiViewportPassed) {
+        findings.push({
+            category: "viewport",
+            severity: "high",
+            title: `Multi-viewport issues detected (${input.viewportIssues ?? 0})`,
+            description: input.multiViewportSummary ||
+                "One or more responsive layout or viewport-specific verification issues were found.",
+            action: "Fix the responsive layout issues and rerun the multi-viewport verification pass.",
+        });
+    }
+    if (input.visualDiffVerdict === "rollback") {
+        findings.push({
+            category: "visual",
+            severity: "high",
+            title: `Visual regression detected (${input.visualDiffPercentage ?? 0}%)`,
+            description: "The visual diff is large enough to recommend a rollback or release hold.",
+            action: "Review the visual diff artifacts and fix the unintended UI regression before release.",
+        });
+    }
+    else if (input.visualDiffVerdict === "warn") {
+        findings.push({
+            category: "visual",
+            severity: "medium",
+            title: `Visual change needs review (${input.visualDiffPercentage ?? 0}%)`,
+            description: "The visual diff changed enough to require a manual review before release.",
+            action: "Check the visual diff and confirm the UI change is intentional.",
+        });
+    }
+    if ((input.lighthouseErrorCount ?? 0) > 0) {
+        findings.push({
+            category: "performance",
+            severity: "medium",
+            title: `Lighthouse instability detected (${input.lighthouseErrorCount})`,
+            description: "One or more Lighthouse runs errored even though a report was recovered.",
+            action: "Rerun Lighthouse and inspect the failing run logs before trusting this result in CI.",
+        });
+    }
+    // TypeScript type errors — blocker-capable
+    if (input.typecheck && !input.typecheck.skipped && !input.typecheck.passed) {
+        findings.push({
+            category: "typecheck",
+            severity: input.typecheck.errorCount >= 5 ? "high" : "medium",
+            title: `TypeScript type errors (${input.typecheck.errorCount})`,
+            description: "Type errors indicate potential runtime bugs that the build pipeline may not catch.",
+            action: "Fix the TypeScript errors and rerun verification.",
+        });
+    }
+    // Secret scan — blocker-capable
+    if (input.secretScan && !input.secretScan.skipped && !input.secretScan.passed) {
+        findings.push({
+            category: "secrets",
+            severity: "high",
+            title: `Hardcoded secrets detected (${input.secretScan.findingsCount})`,
+            description: `Found ${input.secretScan.findingsCount} potential secret(s) in ${input.secretScan.filesScanned} scanned files. Leaked secrets are a deployment risk.`,
+            action: "Move secrets to environment variables and rotate any compromised credentials.",
+        });
+    }
+    // Deep accessibility — blocker-capable
+    if (input.a11yDeep && !input.a11yDeep.skipped && !input.a11yDeep.passed) {
+        const critical = input.a11yDeep.criticalCount;
+        const serious = input.a11yDeep.seriousCount;
+        findings.push({
+            category: "accessibility",
+            severity: critical > 0 ? "high" : "medium",
+            title: `WCAG violations found (${critical} critical, ${serious} serious)`,
+            description: input.a11yDeep.summary,
+            action: "Fix the critical and serious WCAG violations before release.",
+        });
+    }
+    // Deep SEO — advisory
+    if (input.seoDeep && !input.seoDeep.skipped && !input.seoDeep.passed) {
+        findings.push({
+            category: "seo",
+            severity: "medium",
+            title: `SEO issues detected (${input.seoDeep.errorCount} errors, ${input.seoDeep.warningCount} warnings)`,
+            description: input.seoDeep.summary,
+            action: "Fix missing or incorrect SEO meta tags.",
+        });
+    }
+    // Vitals budget — advisory
+    if (input.vitalsBudget && !input.vitalsBudget.skipped && !input.vitalsBudget.passed) {
+        findings.push({
+            category: "vitals",
+            severity: "medium",
+            title: `Core Web Vitals budget exceeded`,
+            description: input.vitalsBudget.summary,
+            action: "Optimize performance to meet the Core Web Vitals budget thresholds.",
+        });
+    }
+    // Outdated dependencies — advisory
+    if (input.outdatedCheck && !input.outdatedCheck.skipped && input.outdatedCheck.majorOutdated > 0) {
+        findings.push({
+            category: "bestPractices",
+            severity: "medium",
+            title: `${input.outdatedCheck.majorOutdated} major version(s) behind latest`,
+            description: input.outdatedCheck.advisory,
+            action: "Update outdated dependencies, especially those with major version gaps.",
+        });
+    }
+    // Bundle size — advisory (only if thresholds exceeded)
+    if (input.bundleSize && !input.bundleSize.skipped) {
+        const firstLoad = input.bundleSize.firstLoadJsKb;
+        const largest = input.bundleSize.largestChunkKb;
+        if ((firstLoad !== null && firstLoad > 200) || (largest !== null && largest > 300)) {
+            findings.push({
+                category: "performance",
+                severity: "medium",
+                title: `Bundle size advisory threshold exceeded`,
+                description: input.bundleSize.advisory,
+                action: "Reduce bundle size by code-splitting, tree-shaking, or lazy-loading large dependencies.",
+            });
+        }
+    }
+    const lighthouseScores = input.lighthouseScores;
+    if (!lighthouseScores) {
+        return findings;
+    }
+    const lighthouseFinding = (category, actual, required, title, description, action) => ({
+        category,
+        severity: required - actual >= 20 ? "high" : "medium",
+        title: `${title} (${actual} / ${required})`,
+        description,
+        action,
+    });
+    if (lighthouseScores.performance < thresholds.performance) {
+        findings.push(lighthouseFinding("performance", lighthouseScores.performance, thresholds.performance, "Performance below threshold", "Runtime performance is below the minimum verification threshold.", "Reduce heavy assets, expensive scripts, and blocking work on initial load."));
+    }
+    if (lighthouseScores.accessibility < thresholds.accessibility) {
+        findings.push(lighthouseFinding("accessibility", lighthouseScores.accessibility, thresholds.accessibility, "Accessibility below threshold", "Accessibility checks are below the minimum verification threshold.", "Fix labels, semantics, contrast, and keyboard accessibility issues."));
+    }
+    if (lighthouseScores.seo < thresholds.seo) {
+        findings.push(lighthouseFinding("seo", lighthouseScores.seo, thresholds.seo, "SEO below threshold", "SEO checks are below the minimum verification threshold.", "Fix title, description, crawl settings, and indexable metadata."));
+    }
+    if (lighthouseScores.bestPractices < thresholds.bestPractices) {
+        findings.push(lighthouseFinding("bestPractices", lighthouseScores.bestPractices, thresholds.bestPractices, "Best practices below threshold", "Best practices checks are below the minimum verification threshold.", "Fix browser warnings, unsafe patterns, and platform-level issues."));
+    }
+    return findings.sort((a, b) => {
+        const priority = { critical: 0, high: 1, medium: 2 };
+        return priority[a.severity] - priority[b.severity];
+    });
+}
+function buildVerificationReport(input, options) {
+    const thresholds = options?.thresholds ?? exports.DEFAULT_LH_THRESHOLDS;
+    const tier = options?.tier ?? "free";
+    const evidence = buildVerificationEvidence(input, thresholds);
+    const findings = getImprovementRecommendations(input, thresholds);
+    const blockers = findings.filter((finding) => finding.severity === "critical" || finding.severity === "high");
+    const warnings = findings.filter((finding) => finding.severity === "medium");
+    const hasWarnings = warnings.length > 0;
+    const coreChecksPassed = evidence.buildPassed && evidence.e2ePassedAll && evidence.lighthousePassed;
+    const teamEvidenceComplete = evidence.hasMultiViewportData &&
+        evidence.multiViewportPassed &&
+        evidence.hasComparableVisualDiffData &&
+        evidence.visualDiffPassed;
+    const grade = getVerificationGrade(input, thresholds);
+    const failureEvidence = (input.failureEvidence ?? []).filter(Boolean).slice(0, 5);
+    let verdict;
+    let confidence;
+    let summary;
+    if (!evidence.buildPassed) {
+        verdict = "build-failed";
+        confidence = "low";
+        summary = "Build failed. Fix the blocking build errors before relying on this verification result.";
+    }
+    else if (blockers.length > 0) {
+        verdict = "hold";
+        confidence = "medium";
+        summary = "Blocking verification issues were found. Hold release until the blockers are fixed.";
+    }
+    else if (tier === "team" && coreChecksPassed && !hasWarnings && teamEvidenceComplete) {
+        verdict = "release-ready";
+        confidence = "high";
+        summary = "All core checks and release-evidence checks passed. This run is strong enough to call release-ready.";
+    }
+    else if (coreChecksPassed && !hasWarnings) {
+        verdict = "client-ready";
+        confidence = "high";
+        summary = "No blocking issues found. Build, E2E, and Lighthouse checks passed.";
+    }
+    else if (coreChecksPassed && hasWarnings) {
+        verdict = "investigate";
+        confidence = "medium";
+        summary = "Core checks passed, but warning-level risks remain. Review warnings before calling this run client-ready.";
+    }
+    else {
+        verdict = "quick-pass";
+        confidence = evidence.hasLighthouseData && evidence.lighthousePassed ? "medium" : "low";
+        summary = "No immediate hard blockers were found in the quick verification pass.";
+    }
+    const passes = [
+        { key: "build", label: "Production build", passed: evidence.buildPassed },
+        ...(evidence.hasE2EData
+            ? [{ key: "e2e", label: `E2E ${input.e2ePassed ?? 0}/${input.e2eTotal ?? 0}`, passed: evidence.e2ePassedAll }]
+            : []),
+        ...(evidence.hasConsoleErrors
+            ? [{ key: "console-errors", label: `Console errors (${input.e2eConsoleErrorCount ?? 0})`, passed: false }]
+            : [{ key: "console-errors", label: "No console errors", passed: true }]),
+        ...(evidence.hasSecurityData
+            ? [{ key: "security", label: `Security (${input.securityAudit?.summary ?? "unknown"})`, passed: evidence.securityPassed }]
+            : []),
+        ...(evidence.hasMobileLighthouseData
+            ? [{ key: "mobile-lh", label: "Mobile Lighthouse", passed: evidence.mobileLighthousePassed }]
+            : []),
+        ...(evidence.hasMultiViewportData
+            ? [{
+                    key: "viewport",
+                    label: `Viewport ${input.viewportIssues ?? 0} issues`,
+                    passed: evidence.multiViewportPassed,
+                }]
+            : []),
+        ...(evidence.hasVisualDiffData
+            ? [{
+                    key: "visual",
+                    label: input.hasVisualBaseline
+                        ? `Visual diff ${input.visualDiffPercentage ?? 0}%`
+                        : "Visual baseline seeded",
+                    passed: evidence.visualDiffPassed,
+                }]
+            : []),
+        ...(evidence.hasLighthouseData
+            ? [{ key: "lighthouse", label: "Lighthouse thresholds", passed: evidence.lighthousePassed }]
+            : []),
+        ...(evidence.hasTypecheckData
+            ? [{ key: "typecheck", label: `TypeScript (${input.typecheck?.errorCount ?? 0} errors)`, passed: evidence.typecheckPassed }]
+            : []),
+        ...(evidence.hasSecretScanData
+            ? [{ key: "secret-scan", label: `Secret scan (${input.secretScan?.findingsCount ?? 0} findings)`, passed: evidence.secretScanPassed }]
+            : []),
+        ...(evidence.hasA11yDeepData
+            ? [{ key: "a11y-deep", label: `WCAG deep (${input.a11yDeep?.criticalCount ?? 0} critical)`, passed: evidence.a11yDeepPassed }]
+            : []),
+        ...(evidence.hasSeoDeepData
+            ? [{ key: "seo-deep", label: `SEO deep (${input.seoDeep?.errorCount ?? 0} errors)`, passed: evidence.seoDeepPassed }]
+            : []),
+        ...(evidence.hasVitalsBudgetData
+            ? [{ key: "vitals-budget", label: "Core Web Vitals budget", passed: evidence.vitalsBudgetPassed }]
+            : []),
+        ...(input.bundleSize && !input.bundleSize.skipped
+            ? [{ key: "bundle-size", label: `Bundle size (${input.bundleSize.framework})`, passed: true }]
+            : []),
+        ...(input.outdatedCheck && !input.outdatedCheck.skipped
+            ? [{ key: "outdated-check", label: `Outdated deps (${input.outdatedCheck.outdatedCount} outdated)`, passed: input.outdatedCheck.majorOutdated === 0 }]
+            : []),
+    ];
+    const nextActions = [...blockers, ...warnings].slice(0, 4).map((finding) => finding.action);
+    return {
+        tier,
+        verdict,
+        confidence,
+        summary,
+        grade,
+        blockers,
+        warnings,
+        passes,
+        nextActions,
+        failureEvidence,
+        evidence,
+    };
+}
+function buildTierVerificationView(input, options) {
+    return (0, tier_policy_js_1.getTierVerificationView)(buildVerificationReport(input, options));
+}