lula2 0.6.3-nightly.0 → 0.6.3-nightly.1

package/dist/index.js

@@ -1881,6 +1881,17 @@ var init_fileStore = __esm({
         if (!existsSync2(this.controlsDir)) {
           return [];
         }
+        let controlOrder = null;
+        try {
+          const lulaConfigPath = join2(this.baseDir, "lula.yaml");
+          if (existsSync2(lulaConfigPath)) {
+            const content = readFileSync2(lulaConfigPath, "utf8");
+            const metadata = yaml2.load(content);
+            controlOrder = metadata?.controlOrder || null;
+          }
+        } catch (error) {
+          console.error("Failed to load lula.yaml for controlOrder:", error);
+        }
         const entries = readdirSync(this.controlsDir);
         const yamlFiles = entries.filter((file) => file.endsWith(".yaml"));
         if (yamlFiles.length > 0) {
@@ -1899,7 +1910,11 @@ var init_fileStore = __esm({
             }
           });
           const results2 = await Promise.all(promises);
-          return results2.filter((c) => c !== null);
+          const controls2 = results2.filter((c) => c !== null);
+          if (controlOrder && controlOrder.length > 0) {
+            return this.sortControlsByOrder(controls2, controlOrder);
+          }
+          return controls2;
         }
         const families = entries.filter((name) => {
           const familyPath = join2(this.controlsDir, name);
@@ -1922,7 +1937,25 @@ var init_fileStore = __esm({
           allPromises.push(...familyPromises);
         }
         const results = await Promise.all(allPromises);
-        return results.filter((c) => c !== null);
+        const controls = results.filter((c) => c !== null);
+        if (controlOrder && controlOrder.length > 0) {
+          return this.sortControlsByOrder(controls, controlOrder);
+        }
+        return controls;
+      }
+      /**
+       * Sort controls based on the provided order array
+       */
+      sortControlsByOrder(controls, controlOrder) {
+        const orderMap = /* @__PURE__ */ new Map();
+        controlOrder.forEach((controlId, index) => {
+          orderMap.set(controlId, index);
+        });
+        return controls.sort((a, b) => {
+          const aIndex = orderMap.get(a.id) ?? Number.MAX_SAFE_INTEGER;
+          const bIndex = orderMap.get(b.id) ?? Number.MAX_SAFE_INTEGER;
+          return aIndex - bIndex;
+        });
       }
       /**
        * Load mappings from mappings directory
@@ -3042,6 +3075,7 @@ function processSpreadsheetData(rawData, headers, startRowIndex, params) {
         continue;
       }
       const family = extractFamilyFromControlId(controlId);
+      control._originalRowIndex = i;
       control.family = family;
       controls.push(control);
       if (!families.has(family)) {
@@ -3164,6 +3198,7 @@ async function createOutputStructure(processedData, fieldSchema, params) {
     params.controlIdField,
     params.namingConvention
   );
+  const controlOrder = controls.sort((a, b) => (a._originalRowIndex || 0) - (b._originalRowIndex || 0)).map((control) => control[controlIdFieldNameClean]);
   const controlSetData = {
     name: params.controlSetName,
     description: params.controlSetDescription,
@@ -3171,12 +3206,16 @@ async function createOutputStructure(processedData, fieldSchema, params) {
     control_id_field: controlIdFieldNameClean,
     controlCount: controls.length,
     families: uniqueFamilies,
+    controlOrder,
     fieldSchema
   };
   writeFileSync2(join4(baseDir, "lula.yaml"), yaml4.dump(controlSetData));
   const controlsDir = join4(baseDir, "controls");
   const mappingsDir = join4(baseDir, "mappings");
-  families.forEach((familyControls, family) => {
+  const sortedFamilies = Array.from(families.entries()).sort(
+    (a, b) => a[0].localeCompare(b[0])
+  );
+  sortedFamilies.forEach(([family, familyControls]) => {
     const familyDir = join4(controlsDir, family);
     const familyMappingsDir = join4(mappingsDir, family);
     if (!existsSync3(familyDir)) {
@@ -3185,7 +3224,10 @@ async function createOutputStructure(processedData, fieldSchema, params) {
     if (!existsSync3(familyMappingsDir)) {
       mkdirSync2(familyMappingsDir, { recursive: true });
     }
-    familyControls.forEach((control) => {
+    const sortedFamilyControls = familyControls.sort(
+      (a, b) => (a._originalRowIndex || 0) - (b._originalRowIndex || 0)
+    );
+    sortedFamilyControls.forEach((control) => {
       const controlId = control[controlIdFieldNameClean];
       if (!controlId) {
         console.error("Missing control ID for control:", control);
@@ -3207,7 +3249,7 @@ async function createOutputStructure(processedData, fieldSchema, params) {
         filteredControl.family = control.family;
       }
       Object.keys(control).forEach((fieldName) => {
-        if (fieldName === "family") return;
+        if (fieldName === "family" || fieldName === "_originalRowIndex") return;
         if (params.justificationFields.includes(fieldName) && control[fieldName] !== void 0 && control[fieldName] !== null) {
           justificationContents.push(control[fieldName]);
         }
@@ -5638,155 +5680,209 @@ function containsLulaAnnotations(text) {
   const lines = text.split("\n");
   return lines.some((line) => line.includes("@lulaStart") || line.includes("@lulaEnd"));
 }
-function crawlCommand() {
-  return new Command().command("crawl").description("Detect compliance-related changes between @lulaStart and @lulaEnd in PR files").addOption(
-    new Option("--post-mode <mode>", "How to post findings").choices(["review", "comment"]).default("review")
-  ).action(async (opts) => {
-    let leavePost = false;
-    const { owner, repo, pull_number } = getPRContext();
-    console.log(`Analyzing PR #${pull_number} in ${owner}/${repo} for compliance changes...`);
-    const octokit = new Octokit({ auth: process.env.GITHUB_TOKEN });
-    const pr = await octokit.pulls.get({ owner, repo, pull_number });
-    const prBranch = pr.data.head.ref;
-    const { data: files } = await octokit.pulls.listFiles({ owner, repo, pull_number });
-    let commentBody = `${LULA_SIGNATURE}
+function createInitialCommentBody(filesCount) {
+  return `${LULA_SIGNATURE}
 ## Lula Compliance Overview
 
 Please review the changes to ensure they meet compliance standards.
 
 ### Reviewed Changes
 
-Lula reviewed ${files.length} files changed that affect compliance.
+Lula reviewed ${filesCount} files changed that affect compliance.
 
 `;
-    const deletedFilesWithAnnotations = [];
-    for (const file of files) {
-      if (file.status === "removed") {
-        try {
-          const oldText = await fetchRawFileViaAPI({
-            octokit,
-            owner,
-            repo,
-            path: file.filename,
-            ref: "main"
-          });
-          if (containsLulaAnnotations(oldText)) {
-            deletedFilesWithAnnotations.push(file.filename);
-          }
-        } catch (err) {
-          console.error(`Error checking deleted file ${file.filename}: ${err}`);
+}
+async function analyzeDeletedFiles(context) {
+  const { octokit, owner, repo, files } = context;
+  const deletedFilesWithAnnotations = [];
+  for (const file of files) {
+    if (file.status === "removed") {
+      try {
+        const oldText = await fetchRawFileViaAPI({
+          octokit,
+          owner,
+          repo,
+          path: file.filename,
+          ref: "main"
+        });
+        if (containsLulaAnnotations(oldText)) {
+          deletedFilesWithAnnotations.push(file.filename);
         }
+      } catch (err) {
+        console.error(`Error checking deleted file ${file.filename}: ${err}`);
       }
     }
-    if (deletedFilesWithAnnotations.length > 0) {
-      leavePost = true;
-      commentBody += `
+  }
+  if (deletedFilesWithAnnotations.length === 0) {
+    return { hasFindings: false, warningContent: "" };
+  }
+  let warningContent = `
 
 **Compliance Warning: Files with Lula annotations were deleted**
 
 `;
-      commentBody += `The following files contained compliance annotations (\`@lulaStart\`/\`@lulaEnd\`) and were deleted in this PR. This may affect compliance coverage:
+  warningContent += `The following files contained compliance annotations (\`@lulaStart\`/\`@lulaEnd\`) and were deleted in this PR. This may affect compliance coverage:
 
 `;
-      for (const filename of deletedFilesWithAnnotations) {
-        commentBody += `- \`${filename}\`
+  for (const filename of deletedFilesWithAnnotations) {
+    warningContent += `- \`${filename}\`
 `;
-      }
-      commentBody += `
+  }
+  warningContent += `
 Please review whether:
 `;
-      commentBody += `- The compliance coverage provided by these files is still needed
+  warningContent += `- The compliance coverage provided by these files is still needed
 `;
-      commentBody += `- Alternative compliance measures have been implemented
+  warningContent += `- Alternative compliance measures have been implemented
 `;
-      commentBody += `- The deletion is intentional and compliance-approved
+  warningContent += `- The deletion is intentional and compliance-approved
 
 `;
-      commentBody += `---
+  warningContent += `---
 
 `;
-    }
-    for (const file of files) {
-      if (file.status === "added" || file.status === "removed") continue;
-      try {
-        const [oldText, newText] = await Promise.all([
-          fetchRawFileViaAPI({ octokit, owner, repo, path: file.filename, ref: "main" }),
-          fetchRawFileViaAPI({ octokit, owner, repo, path: file.filename, ref: prBranch })
-        ]);
-        const changedBlocks = getChangedBlocks(oldText, newText);
-        const removedBlocks = getRemovedBlocks(oldText, newText);
-        for (const block of changedBlocks) {
-          console.log(`Commenting regarding \`${file.filename}\`.`);
-          leavePost = true;
-          commentBody += `
+  return { hasFindings: true, warningContent };
+}
+function generateChangedBlocksContent(filename, changedBlocks, newText) {
+  let content = "";
+  for (const block of changedBlocks) {
+    console.log(`Commenting regarding \`${filename}\`.`);
+    content += `
 
 ---
 | File | Lines Changed |
 | ---- | ------------- |
 `;
-          const newBlockText = newText.split("\n").slice(block.startLine, block.endLine).join("\n");
-          const blockSha256 = createHash2("sha256").update(newBlockText).digest("hex");
-          commentBody += `| \`${file.filename}\` | \`${block.startLine + 1}\u2013${block.endLine}\` |
+    const newBlockText = newText.split("\n").slice(block.startLine, block.endLine).join("\n");
+    const blockSha256 = createHash2("sha256").update(newBlockText).digest("hex");
+    content += `| \`${filename}\` | \`${block.startLine + 1}\u2013${block.endLine}\` |
 > **uuid**-\`${block.uuid}\`
  **sha256** \`${blockSha256}\`
 
 `;
-        }
-        if (removedBlocks.length > 0) {
-          leavePost = true;
-          console.log(`Found removed annotations in \`${file.filename}\`.`);
-          commentBody += `
+  }
+  return content;
+}
+function generateRemovedBlocksContent(filename, removedBlocks, oldText) {
+  if (removedBlocks.length === 0) {
+    return "";
+  }
+  console.log(`Found removed annotations in \`${filename}\`.`);
+  let content = `
 
-**Compliance Warning: Lula annotations were removed from \`${file.filename}\`**
+**Compliance Warning: Lula annotations were removed from \`${filename}\`**
 
 `;
-          commentBody += `The following compliance annotation blocks were present in the original file but are missing in the updated version:
+  content += `The following compliance annotation blocks were present in the original file but are missing in the updated version:
 
 `;
-          commentBody += `| File | Original Lines | UUID |
+  content += `| File | Original Lines | UUID |
 `;
-          commentBody += `| ---- | -------------- | ---- |
+  content += `| ---- | -------------- | ---- |
 `;
-          for (const block of removedBlocks) {
-            const oldBlockText = oldText.split("\n").slice(block.startLine, block.endLine).join("\n");
-            const blockSha256 = createHash2("sha256").update(oldBlockText).digest("hex");
-            commentBody += `| \`${file.filename}\` | \`${block.startLine + 1}\u2013${block.endLine}\` | \`${block.uuid}\` |
+  for (const block of removedBlocks) {
+    const oldBlockText = oldText.split("\n").slice(block.startLine, block.endLine).join("\n");
+    const blockSha256 = createHash2("sha256").update(oldBlockText).digest("hex");
+    content += `| \`${filename}\` | \`${block.startLine + 1}\u2013${block.endLine}\` | \`${block.uuid}\` |
 `;
-            commentBody += `> **sha256** \`${blockSha256}\`
+    content += `> **sha256** \`${blockSha256}\`
 
 `;
-          }
-          commentBody += `Please review whether:
+  }
+  content += `Please review whether:
 `;
-          commentBody += `- The removal of these compliance annotations is intentional
+  content += `- The removal of these compliance annotations is intentional
 `;
-          commentBody += `- Alternative compliance measures have been implemented
+  content += `- Alternative compliance measures have been implemented
 `;
-          commentBody += `- The compliance coverage is still adequate
+  content += `- The compliance coverage is still adequate
 
 `;
-          commentBody += `---
+  content += `---
 
 `;
-        }
-      } catch (err) {
-        console.error(`Error processing ${file.filename}: ${err}`);
-      }
-    }
-    if (opts.postMode === "comment") {
-      await deleteOldIssueComments({ octokit, owner, repo, pull_number });
-    } else {
-      await dismissOldReviews({ octokit, owner, repo, pull_number });
-      await deleteOldReviewComments({ octokit, owner, repo, pull_number });
+  return content;
+}
+async function analyzeModifiedFiles(context) {
+  const { octokit, owner, repo, prBranch, files } = context;
+  let changesContent = "";
+  let hasFindings = false;
+  for (const file of files) {
+    if (file.status === "added" || file.status === "removed") continue;
+    try {
+      const [oldText, newText] = await Promise.all([
+        fetchRawFileViaAPI({ octokit, owner, repo, path: file.filename, ref: "main" }),
+        fetchRawFileViaAPI({ octokit, owner, repo, path: file.filename, ref: prBranch })
+      ]);
+      const changedBlocks = getChangedBlocks(oldText, newText);
+      const removedBlocks = getRemovedBlocks(oldText, newText);
+      if (changedBlocks.length > 0) {
+        hasFindings = true;
+        changesContent += generateChangedBlocksContent(file.filename, changedBlocks, newText);
+      }
+      if (removedBlocks.length > 0) {
+        hasFindings = true;
+        changesContent += generateRemovedBlocksContent(file.filename, removedBlocks, oldText);
+      }
+    } catch (err) {
+      console.error(`Error processing ${file.filename}: ${err}`);
     }
-    if (leavePost) {
+  }
+  return { hasFindings, changesContent };
+}
+async function performComplianceAnalysis(context) {
+  let commentBody = createInitialCommentBody(context.files.length);
+  let hasFindings = false;
+  const deletedAnalysis = await analyzeDeletedFiles(context);
+  if (deletedAnalysis.hasFindings) {
+    hasFindings = true;
+    commentBody += deletedAnalysis.warningContent;
+  }
+  const modifiedAnalysis = await analyzeModifiedFiles(context);
+  if (modifiedAnalysis.hasFindings) {
+    hasFindings = true;
+    commentBody += modifiedAnalysis.changesContent;
+  }
+  return { hasFindings, commentBody };
+}
+async function cleanupOldPosts(context, postMode) {
+  const { octokit, owner, repo, pull_number } = context;
+  if (postMode === "comment") {
+    await deleteOldIssueComments({ octokit, owner, repo, pull_number });
+  } else {
+    await dismissOldReviews({ octokit, owner, repo, pull_number });
+    await deleteOldReviewComments({ octokit, owner, repo, pull_number });
+  }
+}
+function crawlCommand() {
+  return new Command().command("crawl").description("Detect compliance-related changes between @lulaStart and @lulaEnd in PR files").addOption(
+    new Option("--post-mode <mode>", "How to post findings").choices(["review", "comment"]).default("review")
+  ).action(async (opts) => {
+    const { owner, repo, pull_number } = getPRContext();
+    console.log(`Analyzing PR #${pull_number} in ${owner}/${repo} for compliance changes...`);
+    const octokit = new Octokit({ auth: process.env.GITHUB_TOKEN });
+    const pr = await octokit.pulls.get({ owner, repo, pull_number });
+    const prBranch = pr.data.head.ref;
+    const { data: files } = await octokit.pulls.listFiles({ owner, repo, pull_number });
+    const context = {
+      octokit,
+      owner,
+      repo,
+      pull_number,
+      prBranch,
+      files
+    };
+    const analysisResult = await performComplianceAnalysis(context);
+    await cleanupOldPosts(context, opts.postMode);
+    if (analysisResult.hasFindings) {
+      const finalBody = analysisResult.commentBody + closingBody;
       await postFinding({
         octokit,
         postMode: opts.postMode,
         owner,
         repo,
         pull_number,
-        body: commentBody + closingBody
+        body: finalBody
       });
       const header = `Posted (${opts.postMode})`;
       const underline = "-".repeat(header.length);
@@ -5794,7 +5890,7 @@ Please review whether:
 ${header}
 ${underline}
 
-${commentBody + closingBody}
+${finalBody}
 
 `);
     }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "lula2",
-  "version": "0.6.3-nightly.0",
+  "version": "0.6.3-nightly.1",
   "description": "A tool for managing compliance as code in your GitHub repositories.",
   "bin": {
     "lula2": "./dist/lula2"

package/dist/_app/immutable/entry/start.D2hMBZNv.js

@@ -1 +0,0 @@
-import{l as o,a as r}from"../chunks/rc9CiIba.js";export{o as load_css,r as start};