mustflow 2.75.2 → 2.85.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +40 -3
- package/dist/cli/commands/docs.js +86 -2
- package/dist/cli/commands/script-pack.js +9 -0
- package/dist/cli/i18n/en.js +180 -2
- package/dist/cli/i18n/es.js +180 -2
- package/dist/cli/i18n/fr.js +180 -2
- package/dist/cli/i18n/hi.js +180 -2
- package/dist/cli/i18n/ko.js +180 -2
- package/dist/cli/i18n/zh.js +180 -2
- package/dist/cli/lib/repo-map.js +27 -6
- package/dist/cli/lib/run-root-trust.js +15 -1
- package/dist/cli/lib/script-pack-registry.js +275 -6
- package/dist/cli/lib/validation/index.js +2 -2
- package/dist/cli/lib/validation/primitives.js +4 -1
- package/dist/cli/script-packs/code-change-impact.js +172 -0
- package/dist/cli/script-packs/code-dependency-graph.js +181 -0
- package/dist/cli/script-packs/code-export-diff.js +160 -0
- package/dist/cli/script-packs/code-outline.js +33 -5
- package/dist/cli/script-packs/code-route-outline.js +155 -0
- package/dist/cli/script-packs/docs-reference-drift.js +150 -0
- package/dist/cli/script-packs/repo-config-chain.js +163 -0
- package/dist/cli/script-packs/repo-env-contract.js +156 -0
- package/dist/cli/script-packs/repo-related-files.js +161 -0
- package/dist/cli/script-packs/repo-secret-risk-scan.js +147 -0
- package/dist/core/change-impact.js +383 -0
- package/dist/core/change-verification.js +32 -5
- package/dist/core/code-outline.js +460 -79
- package/dist/core/config-chain.js +595 -0
- package/dist/core/config-loading.js +121 -4
- package/dist/core/dependency-graph.js +490 -0
- package/dist/core/env-contract.js +450 -0
- package/dist/core/export-diff.js +359 -0
- package/dist/core/line-endings.js +26 -13
- package/dist/core/public-json-contracts.js +126 -0
- package/dist/core/reference-drift.js +388 -0
- package/dist/core/related-files.js +493 -0
- package/dist/core/route-outline.js +964 -0
- package/dist/core/script-pack-suggestions.js +131 -5
- package/dist/core/secret-risk-scan.js +440 -0
- package/dist/core/source-anchors.js +13 -1
- package/package.json +1 -1
- package/schemas/README.md +44 -6
- package/schemas/change-impact-report.schema.json +150 -0
- package/schemas/code-outline-report.schema.json +1 -1
- package/schemas/code-symbol-read-report.schema.json +64 -4
- package/schemas/commands.schema.json +12 -0
- package/schemas/config-chain-report.schema.json +187 -0
- package/schemas/dependency-graph-report.schema.json +149 -0
- package/schemas/env-contract-report.schema.json +203 -0
- package/schemas/export-diff-report.schema.json +220 -0
- package/schemas/reference-drift-report.schema.json +166 -0
- package/schemas/related-files-report.schema.json +145 -0
- package/schemas/route-outline-report.schema.json +200 -0
- package/schemas/secret-risk-scan-report.schema.json +152 -0
- package/templates/default/common/.mustflow/config/commands.toml +21 -0
- package/templates/default/i18n.toml +21 -9
- package/templates/default/locales/en/.mustflow/docs/agent-workflow.md +1 -1
- package/templates/default/locales/en/.mustflow/skills/INDEX.md +8 -2
- package/templates/default/locales/en/.mustflow/skills/architecture-deepening-review/SKILL.md +28 -11
- package/templates/default/locales/en/.mustflow/skills/astro-code-change/SKILL.md +71 -27
- package/templates/default/locales/en/.mustflow/skills/cross-agent-session-reference/SKILL.md +146 -0
- package/templates/default/locales/en/.mustflow/skills/dependency-upgrade-review/SKILL.md +3 -1
- package/templates/default/locales/en/.mustflow/skills/github-contribution-quality-gate/SKILL.md +48 -11
- package/templates/default/locales/en/.mustflow/skills/javascript-code-change/SKILL.md +15 -13
- package/templates/default/locales/en/.mustflow/skills/node-code-change/SKILL.md +16 -14
- package/templates/default/locales/en/.mustflow/skills/routes.toml +21 -9
- package/templates/default/locales/en/.mustflow/skills/security-privacy-review/SKILL.md +3 -1
- package/templates/default/locales/en/.mustflow/skills/test-suite-performance-review/SKILL.md +314 -0
- package/templates/default/locales/en/.mustflow/skills/typescript-code-change/SKILL.md +13 -10
- package/templates/default/manifest.toml +15 -1
package/schemas/README.md
CHANGED
|
@@ -65,14 +65,48 @@ Current schemas:
|
|
|
65
65
|
- `script-pack-suggestion-report.schema.json`: output of `mf script-pack suggest --json`, containing
|
|
66
66
|
path, skill, phase, and changed-file evidence used to recommend optional script-pack helpers
|
|
67
67
|
- `code-outline-report.schema.json`: output of
|
|
68
|
-
`mf script-pack run code/outline scan <path...> --json`, containing a bounded
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
68
|
+
`mf script-pack run code/outline scan <path...> --json`, containing a bounded source outline with
|
|
69
|
+
file hashes, language metadata, symbol names, declaration kinds, line ranges, signatures, export
|
|
70
|
+
flags, source-anchor navigation metadata, static return metadata, and stable input-limit finding
|
|
71
|
+
codes
|
|
72
|
+
- `dependency-graph-report.schema.json`: output of
|
|
73
|
+
`mf script-pack run code/dependency-graph scan <path...> --json`, containing bounded relative
|
|
74
|
+
TypeScript and JavaScript import graph nodes, edges, cycle hints, target flags, depth, importer
|
|
75
|
+
counts, policy limits, and stable input-limit finding codes
|
|
76
|
+
- `change-impact-report.schema.json`: output of
|
|
77
|
+
`mf script-pack run code/change-impact analyze [path...] --json`, containing git-diff changed
|
|
78
|
+
files, surface classifications, bounded impact candidates, optional script-pack hints,
|
|
79
|
+
verification intent hints, policy limits, and stable git or input-limit finding codes
|
|
72
80
|
- `code-symbol-read-report.schema.json`: output of
|
|
73
81
|
`mf script-pack run code/symbol-read read <path> --start-line <line> --json`, containing a
|
|
74
|
-
focused source snippet selected by outline symbol line or explicit line range with
|
|
75
|
-
resolved line metadata, optional symbol and static return metadata, and stable
|
|
82
|
+
focused source snippet selected by source anchor, outline symbol line, or explicit line range with
|
|
83
|
+
file hash, resolved line metadata, optional anchor, symbol and static return metadata, and stable
|
|
84
|
+
range/read finding codes
|
|
85
|
+
- `route-outline-report.schema.json`: output of
|
|
86
|
+
`mf script-pack run code/route-outline scan <path...> --json`, containing a bounded Hono,
|
|
87
|
+
Elysia, Axum, and NestJS route outline with file hashes, framework evidence, route methods,
|
|
88
|
+
route paths, optional handler names, line ranges, lifecycle-chain metadata, and stable input-limit
|
|
89
|
+
finding codes
|
|
90
|
+
- `export-diff-report.schema.json`: output of
|
|
91
|
+
`mf script-pack run code/export-diff compare [path...] --json`, containing a bounded git-based
|
|
92
|
+
comparison of exported TypeScript and JavaScript declarations, signatures, return metadata,
|
|
93
|
+
package surface hints, and unresolved re-export findings
|
|
94
|
+
- `reference-drift-report.schema.json`: output of
|
|
95
|
+
`mf script-pack run docs/reference-drift check [path...] --json`, containing checked
|
|
96
|
+
documentation references to `mf` commands, script-pack refs, schema files, repository paths,
|
|
97
|
+
and stable stale-reference finding codes
|
|
98
|
+
- `config-chain-report.schema.json`: output of
|
|
99
|
+
`mf script-pack run repo/config-chain inspect <path...> --json`, containing nearby package,
|
|
100
|
+
TypeScript, ESLint, Prettier, Vite, Vitest, Tailwind, Jest, Playwright, and mustflow config files
|
|
101
|
+
with static inheritance, reference, workspace, dynamic-config, path, and content-hash metadata
|
|
102
|
+
- `env-contract-report.schema.json`: output of
|
|
103
|
+
`mf script-pack run repo/env-contract scan [path...] --json`, containing code, CI, docs, config,
|
|
104
|
+
and env-example references for environment-variable contract drift without reading secret env files
|
|
105
|
+
or printing env values
|
|
106
|
+
- `secret-risk-scan-report.schema.json`: output of
|
|
107
|
+
`mf script-pack run repo/secret-risk-scan scan [path...] --json`, containing plausible
|
|
108
|
+
hardcoded-secret findings with detector names, paths, line numbers, and redacted fingerprints
|
|
109
|
+
without printing secret values
|
|
76
110
|
- `text-budget-report.schema.json`: output of
|
|
77
111
|
`mf script-pack run core/text-budget check <path...> --json`, containing
|
|
78
112
|
exact text-budget metrics, input content hashes, policy metadata, findings, and JSON Pointer field
|
|
@@ -80,6 +114,10 @@ Current schemas:
|
|
|
80
114
|
- `generated-boundary-report.schema.json`: output of
|
|
81
115
|
`mf script-pack run repo/generated-boundary check <path...> --json`, containing candidate path
|
|
82
116
|
classifications for generated, ignored, protected, vendor, and cache boundaries before or after edits
|
|
117
|
+
- `related-files-report.schema.json`: output of
|
|
118
|
+
`mf script-pack run repo/related-files map <path...> --json`, containing conservative related-file
|
|
119
|
+
candidates from direct imports, importers, same-basename siblings, parent configuration files, and
|
|
120
|
+
package boundaries for source-oriented repository navigation
|
|
83
121
|
- `skill-route-report.schema.json`: output of `mf skill route --json`, containing compact route
|
|
84
122
|
candidates, selected main and adjunct skills, score breakdowns, route read plans, source route
|
|
85
123
|
shards, and optional read-only script-pack helper suggestions without granting command authority
|
|
@@ -0,0 +1,150 @@
|
|
|
1
|
+
{
|
|
2
|
+
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
3
|
+
"$id": "https://mustflow.github.io/schemas/change-impact-report.schema.json",
|
|
4
|
+
"title": "mustflow change-impact report",
|
|
5
|
+
"type": "object",
|
|
6
|
+
"additionalProperties": false,
|
|
7
|
+
"required": [
|
|
8
|
+
"schema_version",
|
|
9
|
+
"command",
|
|
10
|
+
"pack_id",
|
|
11
|
+
"script_id",
|
|
12
|
+
"script_ref",
|
|
13
|
+
"action",
|
|
14
|
+
"status",
|
|
15
|
+
"ok",
|
|
16
|
+
"mustflow_root",
|
|
17
|
+
"policy",
|
|
18
|
+
"input_hash",
|
|
19
|
+
"changed_files",
|
|
20
|
+
"impacts",
|
|
21
|
+
"script_hints",
|
|
22
|
+
"verification_hints",
|
|
23
|
+
"truncated",
|
|
24
|
+
"findings",
|
|
25
|
+
"issues"
|
|
26
|
+
],
|
|
27
|
+
"properties": {
|
|
28
|
+
"schema_version": { "const": "1" },
|
|
29
|
+
"command": { "const": "script-pack" },
|
|
30
|
+
"pack_id": { "const": "code" },
|
|
31
|
+
"script_id": { "const": "change-impact" },
|
|
32
|
+
"script_ref": { "const": "code/change-impact" },
|
|
33
|
+
"action": { "const": "analyze" },
|
|
34
|
+
"status": { "enum": ["passed", "failed", "error"] },
|
|
35
|
+
"ok": { "type": "boolean" },
|
|
36
|
+
"mustflow_root": { "type": "string" },
|
|
37
|
+
"policy": { "$ref": "#/$defs/policy" },
|
|
38
|
+
"input_hash": { "$ref": "#/$defs/sha256" },
|
|
39
|
+
"changed_files": { "type": "array", "items": { "$ref": "#/$defs/changedFile" } },
|
|
40
|
+
"impacts": { "type": "array", "items": { "$ref": "#/$defs/impact" } },
|
|
41
|
+
"script_hints": { "type": "array", "items": { "$ref": "#/$defs/scriptHint" } },
|
|
42
|
+
"verification_hints": { "type": "array", "items": { "$ref": "#/$defs/verificationHint" } },
|
|
43
|
+
"truncated": { "type": "boolean" },
|
|
44
|
+
"findings": { "type": "array", "items": { "$ref": "#/$defs/finding" } },
|
|
45
|
+
"issues": { "type": "array", "items": { "type": "string" } }
|
|
46
|
+
},
|
|
47
|
+
"$defs": {
|
|
48
|
+
"sha256": { "type": "string", "pattern": "^sha256:[a-f0-9]{64}$" },
|
|
49
|
+
"surface": {
|
|
50
|
+
"enum": ["source", "test", "docs", "schema", "config", "package", "template", "workflow", "i18n", "unknown"]
|
|
51
|
+
},
|
|
52
|
+
"policy": {
|
|
53
|
+
"type": "object",
|
|
54
|
+
"additionalProperties": false,
|
|
55
|
+
"required": [
|
|
56
|
+
"base_ref",
|
|
57
|
+
"head_ref",
|
|
58
|
+
"compare_worktree",
|
|
59
|
+
"max_files",
|
|
60
|
+
"max_impacts",
|
|
61
|
+
"max_file_bytes",
|
|
62
|
+
"path_filters"
|
|
63
|
+
],
|
|
64
|
+
"properties": {
|
|
65
|
+
"base_ref": { "type": "string" },
|
|
66
|
+
"head_ref": { "type": ["string", "null"] },
|
|
67
|
+
"compare_worktree": { "type": "boolean" },
|
|
68
|
+
"max_files": { "type": "integer", "minimum": 1 },
|
|
69
|
+
"max_impacts": { "type": "integer", "minimum": 1 },
|
|
70
|
+
"max_file_bytes": { "type": "integer", "minimum": 1 },
|
|
71
|
+
"path_filters": { "type": "array", "items": { "type": "string" } }
|
|
72
|
+
}
|
|
73
|
+
},
|
|
74
|
+
"changedFile": {
|
|
75
|
+
"type": "object",
|
|
76
|
+
"additionalProperties": false,
|
|
77
|
+
"required": ["path", "previous_path", "status", "surface"],
|
|
78
|
+
"properties": {
|
|
79
|
+
"path": { "type": "string" },
|
|
80
|
+
"previous_path": { "type": ["string", "null"] },
|
|
81
|
+
"status": { "enum": ["added", "modified", "deleted", "renamed", "type_changed", "untracked"] },
|
|
82
|
+
"surface": { "$ref": "#/$defs/surface" }
|
|
83
|
+
}
|
|
84
|
+
},
|
|
85
|
+
"impact": {
|
|
86
|
+
"type": "object",
|
|
87
|
+
"additionalProperties": false,
|
|
88
|
+
"required": ["path", "exists", "surface", "relationship", "confidence", "reason", "source_path"],
|
|
89
|
+
"properties": {
|
|
90
|
+
"path": { "type": "string" },
|
|
91
|
+
"exists": { "type": "boolean" },
|
|
92
|
+
"surface": { "$ref": "#/$defs/surface" },
|
|
93
|
+
"relationship": {
|
|
94
|
+
"enum": [
|
|
95
|
+
"changed_file",
|
|
96
|
+
"imports_changed_file",
|
|
97
|
+
"sibling_test",
|
|
98
|
+
"sibling_source",
|
|
99
|
+
"contract_doc",
|
|
100
|
+
"contract_test",
|
|
101
|
+
"package_surface",
|
|
102
|
+
"workflow_surface"
|
|
103
|
+
]
|
|
104
|
+
},
|
|
105
|
+
"confidence": { "type": "number", "minimum": 0, "maximum": 1 },
|
|
106
|
+
"reason": { "type": "string" },
|
|
107
|
+
"source_path": { "type": "string" }
|
|
108
|
+
}
|
|
109
|
+
},
|
|
110
|
+
"scriptHint": {
|
|
111
|
+
"type": "object",
|
|
112
|
+
"additionalProperties": false,
|
|
113
|
+
"required": ["script_ref", "command", "reason", "confidence"],
|
|
114
|
+
"properties": {
|
|
115
|
+
"script_ref": { "type": "string" },
|
|
116
|
+
"command": { "type": "string" },
|
|
117
|
+
"reason": { "type": "string" },
|
|
118
|
+
"confidence": { "type": "number", "minimum": 0, "maximum": 1 }
|
|
119
|
+
}
|
|
120
|
+
},
|
|
121
|
+
"verificationHint": {
|
|
122
|
+
"type": "object",
|
|
123
|
+
"additionalProperties": false,
|
|
124
|
+
"required": ["intent", "reason", "confidence"],
|
|
125
|
+
"properties": {
|
|
126
|
+
"intent": { "type": "string" },
|
|
127
|
+
"reason": { "type": "string" },
|
|
128
|
+
"confidence": { "type": "number", "minimum": 0, "maximum": 1 }
|
|
129
|
+
}
|
|
130
|
+
},
|
|
131
|
+
"finding": {
|
|
132
|
+
"type": "object",
|
|
133
|
+
"additionalProperties": false,
|
|
134
|
+
"required": ["code", "severity", "message", "path"],
|
|
135
|
+
"properties": {
|
|
136
|
+
"code": {
|
|
137
|
+
"enum": [
|
|
138
|
+
"change_impact_git_unavailable",
|
|
139
|
+
"change_impact_invalid_ref",
|
|
140
|
+
"change_impact_max_files_exceeded",
|
|
141
|
+
"change_impact_max_impacts_exceeded"
|
|
142
|
+
]
|
|
143
|
+
},
|
|
144
|
+
"severity": { "enum": ["low", "medium", "high", "critical"] },
|
|
145
|
+
"message": { "type": "string" },
|
|
146
|
+
"path": { "type": "string" }
|
|
147
|
+
}
|
|
148
|
+
}
|
|
149
|
+
}
|
|
150
|
+
}
|
|
@@ -61,7 +61,7 @@
|
|
|
61
61
|
"pattern": "^sha256:[a-f0-9]{64}$"
|
|
62
62
|
},
|
|
63
63
|
"language": {
|
|
64
|
-
"enum": ["typescript", "tsx", "javascript", "jsx", "javascript-module", "javascript-commonjs"]
|
|
64
|
+
"enum": ["typescript", "tsx", "javascript", "jsx", "javascript-module", "javascript-commonjs", "astro", "svelte", "go", "rust", "python"]
|
|
65
65
|
},
|
|
66
66
|
"symbolKind": {
|
|
67
67
|
"enum": ["function", "class", "interface", "type", "enum", "variable"]
|
|
@@ -60,7 +60,7 @@
|
|
|
60
60
|
"pattern": "^sha256:[a-f0-9]{64}$"
|
|
61
61
|
},
|
|
62
62
|
"language": {
|
|
63
|
-
"enum": ["typescript", "tsx", "javascript", "jsx", "javascript-module", "javascript-commonjs"]
|
|
63
|
+
"enum": ["typescript", "tsx", "javascript", "jsx", "javascript-module", "javascript-commonjs", "astro", "svelte", "go", "rust", "python"]
|
|
64
64
|
},
|
|
65
65
|
"symbolKind": {
|
|
66
66
|
"enum": ["function", "class", "interface", "type", "enum", "variable"]
|
|
@@ -68,9 +68,10 @@
|
|
|
68
68
|
"policy": {
|
|
69
69
|
"type": "object",
|
|
70
70
|
"additionalProperties": false,
|
|
71
|
-
"required": ["start_line", "end_line", "context_lines", "max_file_bytes", "max_snippet_lines"],
|
|
71
|
+
"required": ["anchor_id", "start_line", "end_line", "context_lines", "max_file_bytes", "max_snippet_lines"],
|
|
72
72
|
"properties": {
|
|
73
|
-
"
|
|
73
|
+
"anchor_id": { "type": ["string", "null"] },
|
|
74
|
+
"start_line": { "type": ["integer", "null"], "minimum": 1 },
|
|
74
75
|
"end_line": { "type": ["integer", "null"], "minimum": 1 },
|
|
75
76
|
"context_lines": { "type": "integer", "minimum": 0 },
|
|
76
77
|
"max_file_bytes": { "type": "integer", "minimum": 1 },
|
|
@@ -124,6 +125,53 @@
|
|
|
124
125
|
"content_sha256": { "$ref": "#/$defs/sha256" }
|
|
125
126
|
}
|
|
126
127
|
},
|
|
128
|
+
"anchor": {
|
|
129
|
+
"type": "object",
|
|
130
|
+
"additionalProperties": false,
|
|
131
|
+
"required": [
|
|
132
|
+
"id",
|
|
133
|
+
"path",
|
|
134
|
+
"line_start",
|
|
135
|
+
"line_end",
|
|
136
|
+
"purpose",
|
|
137
|
+
"search",
|
|
138
|
+
"invariant",
|
|
139
|
+
"risk",
|
|
140
|
+
"navigation_only",
|
|
141
|
+
"can_instruct_agent",
|
|
142
|
+
"target_symbol_id",
|
|
143
|
+
"target_kind",
|
|
144
|
+
"target_name",
|
|
145
|
+
"target_start_line"
|
|
146
|
+
],
|
|
147
|
+
"properties": {
|
|
148
|
+
"id": { "type": "string" },
|
|
149
|
+
"path": { "type": "string" },
|
|
150
|
+
"line_start": { "type": "integer", "minimum": 1 },
|
|
151
|
+
"line_end": { "type": "integer", "minimum": 1 },
|
|
152
|
+
"purpose": { "type": ["string", "null"] },
|
|
153
|
+
"search": {
|
|
154
|
+
"type": "array",
|
|
155
|
+
"items": { "type": "string" }
|
|
156
|
+
},
|
|
157
|
+
"invariant": { "type": ["string", "null"] },
|
|
158
|
+
"risk": {
|
|
159
|
+
"type": "array",
|
|
160
|
+
"items": { "type": "string" }
|
|
161
|
+
},
|
|
162
|
+
"navigation_only": { "const": true },
|
|
163
|
+
"can_instruct_agent": { "const": false },
|
|
164
|
+
"target_symbol_id": { "type": ["string", "null"] },
|
|
165
|
+
"target_kind": {
|
|
166
|
+
"anyOf": [
|
|
167
|
+
{ "$ref": "#/$defs/symbolKind" },
|
|
168
|
+
{ "type": "null" }
|
|
169
|
+
]
|
|
170
|
+
},
|
|
171
|
+
"target_name": { "type": ["string", "null"] },
|
|
172
|
+
"target_start_line": { "type": ["integer", "null"], "minimum": 1 }
|
|
173
|
+
}
|
|
174
|
+
},
|
|
127
175
|
"target": {
|
|
128
176
|
"type": "object",
|
|
129
177
|
"additionalProperties": false,
|
|
@@ -133,12 +181,14 @@
|
|
|
133
181
|
"sha256",
|
|
134
182
|
"size_bytes",
|
|
135
183
|
"line_count",
|
|
184
|
+
"requested_anchor_id",
|
|
136
185
|
"requested_start_line",
|
|
137
186
|
"requested_end_line",
|
|
138
187
|
"resolved_start_line",
|
|
139
188
|
"resolved_end_line",
|
|
140
189
|
"context_start_line",
|
|
141
190
|
"context_end_line",
|
|
191
|
+
"anchor",
|
|
142
192
|
"symbol"
|
|
143
193
|
],
|
|
144
194
|
"properties": {
|
|
@@ -147,12 +197,19 @@
|
|
|
147
197
|
"sha256": { "$ref": "#/$defs/sha256" },
|
|
148
198
|
"size_bytes": { "type": "integer", "minimum": 0 },
|
|
149
199
|
"line_count": { "type": "integer", "minimum": 0 },
|
|
150
|
-
"
|
|
200
|
+
"requested_anchor_id": { "type": ["string", "null"] },
|
|
201
|
+
"requested_start_line": { "type": ["integer", "null"], "minimum": 1 },
|
|
151
202
|
"requested_end_line": { "type": ["integer", "null"], "minimum": 1 },
|
|
152
203
|
"resolved_start_line": { "type": ["integer", "null"], "minimum": 1 },
|
|
153
204
|
"resolved_end_line": { "type": ["integer", "null"], "minimum": 1 },
|
|
154
205
|
"context_start_line": { "type": ["integer", "null"], "minimum": 1 },
|
|
155
206
|
"context_end_line": { "type": ["integer", "null"], "minimum": 1 },
|
|
207
|
+
"anchor": {
|
|
208
|
+
"anyOf": [
|
|
209
|
+
{ "$ref": "#/$defs/anchor" },
|
|
210
|
+
{ "type": "null" }
|
|
211
|
+
]
|
|
212
|
+
},
|
|
156
213
|
"symbol": {
|
|
157
214
|
"anyOf": [
|
|
158
215
|
{ "$ref": "#/$defs/symbol" },
|
|
@@ -183,6 +240,9 @@
|
|
|
183
240
|
"code_symbol_read_unreadable_path",
|
|
184
241
|
"code_symbol_read_invalid_range",
|
|
185
242
|
"code_symbol_read_no_symbol_at_line",
|
|
243
|
+
"code_symbol_read_anchor_not_found",
|
|
244
|
+
"code_symbol_read_anchor_ambiguous",
|
|
245
|
+
"code_symbol_read_anchor_without_symbol",
|
|
186
246
|
"code_symbol_read_snippet_too_large"
|
|
187
247
|
]
|
|
188
248
|
},
|
|
@@ -47,6 +47,18 @@
|
|
|
47
47
|
"resources": {
|
|
48
48
|
"type": "object",
|
|
49
49
|
"additionalProperties": { "$ref": "#/$defs/resource" }
|
|
50
|
+
},
|
|
51
|
+
"include": {
|
|
52
|
+
"type": "object",
|
|
53
|
+
"additionalProperties": false,
|
|
54
|
+
"required": ["files"],
|
|
55
|
+
"properties": {
|
|
56
|
+
"files": {
|
|
57
|
+
"type": "array",
|
|
58
|
+
"items": { "type": "string", "pattern": "^commands/(?:[A-Za-z0-9._-]+/)*[A-Za-z0-9._-]+\\.toml$" },
|
|
59
|
+
"uniqueItems": true
|
|
60
|
+
}
|
|
61
|
+
}
|
|
50
62
|
}
|
|
51
63
|
},
|
|
52
64
|
"$defs": {
|
|
@@ -0,0 +1,187 @@
|
|
|
1
|
+
{
|
|
2
|
+
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
3
|
+
"$id": "https://mustflow.github.io/schemas/config-chain-report.schema.json",
|
|
4
|
+
"title": "mustflow config-chain report",
|
|
5
|
+
"type": "object",
|
|
6
|
+
"additionalProperties": false,
|
|
7
|
+
"required": [
|
|
8
|
+
"schema_version",
|
|
9
|
+
"command",
|
|
10
|
+
"pack_id",
|
|
11
|
+
"script_id",
|
|
12
|
+
"script_ref",
|
|
13
|
+
"action",
|
|
14
|
+
"status",
|
|
15
|
+
"ok",
|
|
16
|
+
"mustflow_root",
|
|
17
|
+
"policy",
|
|
18
|
+
"input_hash",
|
|
19
|
+
"targets",
|
|
20
|
+
"configs",
|
|
21
|
+
"edges",
|
|
22
|
+
"findings",
|
|
23
|
+
"issues"
|
|
24
|
+
],
|
|
25
|
+
"properties": {
|
|
26
|
+
"schema_version": { "const": "1" },
|
|
27
|
+
"command": { "const": "script-pack" },
|
|
28
|
+
"pack_id": { "const": "repo" },
|
|
29
|
+
"script_id": { "const": "config-chain" },
|
|
30
|
+
"script_ref": { "const": "repo/config-chain" },
|
|
31
|
+
"action": { "const": "inspect" },
|
|
32
|
+
"status": { "enum": ["passed", "failed", "error"] },
|
|
33
|
+
"ok": { "type": "boolean" },
|
|
34
|
+
"mustflow_root": { "type": "string" },
|
|
35
|
+
"policy": { "$ref": "#/$defs/policy" },
|
|
36
|
+
"input_hash": { "$ref": "#/$defs/sha256" },
|
|
37
|
+
"targets": {
|
|
38
|
+
"type": "array",
|
|
39
|
+
"items": { "$ref": "#/$defs/target" }
|
|
40
|
+
},
|
|
41
|
+
"configs": {
|
|
42
|
+
"type": "array",
|
|
43
|
+
"items": { "$ref": "#/$defs/config" }
|
|
44
|
+
},
|
|
45
|
+
"edges": {
|
|
46
|
+
"type": "array",
|
|
47
|
+
"items": { "$ref": "#/$defs/edge" }
|
|
48
|
+
},
|
|
49
|
+
"findings": {
|
|
50
|
+
"type": "array",
|
|
51
|
+
"items": { "$ref": "#/$defs/finding" }
|
|
52
|
+
},
|
|
53
|
+
"issues": {
|
|
54
|
+
"type": "array",
|
|
55
|
+
"items": { "type": "string" }
|
|
56
|
+
}
|
|
57
|
+
},
|
|
58
|
+
"$defs": {
|
|
59
|
+
"sha256": {
|
|
60
|
+
"type": "string",
|
|
61
|
+
"pattern": "^sha256:[a-f0-9]{64}$"
|
|
62
|
+
},
|
|
63
|
+
"nullableSha256": {
|
|
64
|
+
"type": ["string", "null"],
|
|
65
|
+
"pattern": "^sha256:[a-f0-9]{64}$"
|
|
66
|
+
},
|
|
67
|
+
"stringArray": {
|
|
68
|
+
"type": "array",
|
|
69
|
+
"items": { "type": "string" }
|
|
70
|
+
},
|
|
71
|
+
"policy": {
|
|
72
|
+
"type": "object",
|
|
73
|
+
"additionalProperties": false,
|
|
74
|
+
"required": ["max_file_bytes", "max_configs", "config_names", "ignored_directories"],
|
|
75
|
+
"properties": {
|
|
76
|
+
"max_file_bytes": { "type": "integer", "minimum": 1 },
|
|
77
|
+
"max_configs": { "type": "integer", "minimum": 1 },
|
|
78
|
+
"config_names": { "$ref": "#/$defs/stringArray" },
|
|
79
|
+
"ignored_directories": { "$ref": "#/$defs/stringArray" }
|
|
80
|
+
}
|
|
81
|
+
},
|
|
82
|
+
"target": {
|
|
83
|
+
"type": "object",
|
|
84
|
+
"additionalProperties": false,
|
|
85
|
+
"required": ["input", "path", "exists", "kind"],
|
|
86
|
+
"properties": {
|
|
87
|
+
"input": { "type": "string" },
|
|
88
|
+
"path": { "type": "string" },
|
|
89
|
+
"exists": { "type": ["boolean", "null"] },
|
|
90
|
+
"kind": { "enum": ["file", "directory", "missing", "other", "unknown"] }
|
|
91
|
+
}
|
|
92
|
+
},
|
|
93
|
+
"kind": {
|
|
94
|
+
"enum": [
|
|
95
|
+
"package_json",
|
|
96
|
+
"tsconfig",
|
|
97
|
+
"eslint",
|
|
98
|
+
"prettier",
|
|
99
|
+
"vite",
|
|
100
|
+
"vitest",
|
|
101
|
+
"tailwind",
|
|
102
|
+
"jest",
|
|
103
|
+
"playwright",
|
|
104
|
+
"mustflow",
|
|
105
|
+
"other"
|
|
106
|
+
]
|
|
107
|
+
},
|
|
108
|
+
"format": {
|
|
109
|
+
"enum": ["json", "jsonc", "javascript", "typescript", "yaml", "toml", "unknown"]
|
|
110
|
+
},
|
|
111
|
+
"config": {
|
|
112
|
+
"type": "object",
|
|
113
|
+
"additionalProperties": false,
|
|
114
|
+
"required": [
|
|
115
|
+
"path",
|
|
116
|
+
"kind",
|
|
117
|
+
"format",
|
|
118
|
+
"source",
|
|
119
|
+
"sha256",
|
|
120
|
+
"size_bytes",
|
|
121
|
+
"parseable",
|
|
122
|
+
"dynamic",
|
|
123
|
+
"package_name",
|
|
124
|
+
"workspaces",
|
|
125
|
+
"scripts",
|
|
126
|
+
"extends",
|
|
127
|
+
"references",
|
|
128
|
+
"include",
|
|
129
|
+
"exclude",
|
|
130
|
+
"compiler_options",
|
|
131
|
+
"summary"
|
|
132
|
+
],
|
|
133
|
+
"properties": {
|
|
134
|
+
"path": { "type": "string" },
|
|
135
|
+
"kind": { "$ref": "#/$defs/kind" },
|
|
136
|
+
"format": { "$ref": "#/$defs/format" },
|
|
137
|
+
"source": { "enum": ["target", "parent", "discovered"] },
|
|
138
|
+
"sha256": { "$ref": "#/$defs/nullableSha256" },
|
|
139
|
+
"size_bytes": { "type": ["integer", "null"], "minimum": 0 },
|
|
140
|
+
"parseable": { "type": "boolean" },
|
|
141
|
+
"dynamic": { "type": "boolean" },
|
|
142
|
+
"package_name": { "type": ["string", "null"] },
|
|
143
|
+
"workspaces": { "$ref": "#/$defs/stringArray" },
|
|
144
|
+
"scripts": { "$ref": "#/$defs/stringArray" },
|
|
145
|
+
"extends": { "$ref": "#/$defs/stringArray" },
|
|
146
|
+
"references": { "$ref": "#/$defs/stringArray" },
|
|
147
|
+
"include": { "$ref": "#/$defs/stringArray" },
|
|
148
|
+
"exclude": { "$ref": "#/$defs/stringArray" },
|
|
149
|
+
"compiler_options": { "$ref": "#/$defs/stringArray" },
|
|
150
|
+
"summary": { "$ref": "#/$defs/stringArray" }
|
|
151
|
+
}
|
|
152
|
+
},
|
|
153
|
+
"edge": {
|
|
154
|
+
"type": "object",
|
|
155
|
+
"additionalProperties": false,
|
|
156
|
+
"required": ["from_path", "to_path", "kind", "specifier", "resolved"],
|
|
157
|
+
"properties": {
|
|
158
|
+
"from_path": { "type": "string" },
|
|
159
|
+
"to_path": { "type": ["string", "null"] },
|
|
160
|
+
"kind": { "enum": ["parent_config", "extends", "reference", "workspace"] },
|
|
161
|
+
"specifier": { "type": "string" },
|
|
162
|
+
"resolved": { "type": "boolean" }
|
|
163
|
+
}
|
|
164
|
+
},
|
|
165
|
+
"finding": {
|
|
166
|
+
"type": "object",
|
|
167
|
+
"additionalProperties": false,
|
|
168
|
+
"required": ["code", "severity", "message", "path"],
|
|
169
|
+
"properties": {
|
|
170
|
+
"code": {
|
|
171
|
+
"enum": [
|
|
172
|
+
"config_chain_path_outside_root",
|
|
173
|
+
"config_chain_unreadable_path",
|
|
174
|
+
"config_chain_parse_error",
|
|
175
|
+
"config_chain_dynamic_config",
|
|
176
|
+
"config_chain_external_reference",
|
|
177
|
+
"config_chain_missing_reference",
|
|
178
|
+
"config_chain_max_configs_exceeded"
|
|
179
|
+
]
|
|
180
|
+
},
|
|
181
|
+
"severity": { "enum": ["low", "medium", "high", "critical"] },
|
|
182
|
+
"message": { "type": "string" },
|
|
183
|
+
"path": { "type": "string" }
|
|
184
|
+
}
|
|
185
|
+
}
|
|
186
|
+
}
|
|
187
|
+
}
|