mustflow 2.75.2 → 2.85.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (70) hide show
  1. package/README.md +40 -3
  2. package/dist/cli/commands/docs.js +86 -2
  3. package/dist/cli/commands/script-pack.js +9 -0
  4. package/dist/cli/i18n/en.js +180 -2
  5. package/dist/cli/i18n/es.js +180 -2
  6. package/dist/cli/i18n/fr.js +180 -2
  7. package/dist/cli/i18n/hi.js +180 -2
  8. package/dist/cli/i18n/ko.js +180 -2
  9. package/dist/cli/i18n/zh.js +180 -2
  10. package/dist/cli/lib/repo-map.js +27 -6
  11. package/dist/cli/lib/run-root-trust.js +15 -1
  12. package/dist/cli/lib/script-pack-registry.js +275 -6
  13. package/dist/cli/lib/validation/index.js +2 -2
  14. package/dist/cli/lib/validation/primitives.js +4 -1
  15. package/dist/cli/script-packs/code-change-impact.js +172 -0
  16. package/dist/cli/script-packs/code-dependency-graph.js +181 -0
  17. package/dist/cli/script-packs/code-export-diff.js +160 -0
  18. package/dist/cli/script-packs/code-outline.js +33 -5
  19. package/dist/cli/script-packs/code-route-outline.js +155 -0
  20. package/dist/cli/script-packs/docs-reference-drift.js +150 -0
  21. package/dist/cli/script-packs/repo-config-chain.js +163 -0
  22. package/dist/cli/script-packs/repo-env-contract.js +156 -0
  23. package/dist/cli/script-packs/repo-related-files.js +161 -0
  24. package/dist/cli/script-packs/repo-secret-risk-scan.js +147 -0
  25. package/dist/core/change-impact.js +383 -0
  26. package/dist/core/change-verification.js +32 -5
  27. package/dist/core/code-outline.js +460 -79
  28. package/dist/core/config-chain.js +595 -0
  29. package/dist/core/config-loading.js +121 -4
  30. package/dist/core/dependency-graph.js +490 -0
  31. package/dist/core/env-contract.js +450 -0
  32. package/dist/core/export-diff.js +359 -0
  33. package/dist/core/line-endings.js +26 -13
  34. package/dist/core/public-json-contracts.js +126 -0
  35. package/dist/core/reference-drift.js +388 -0
  36. package/dist/core/related-files.js +493 -0
  37. package/dist/core/route-outline.js +964 -0
  38. package/dist/core/script-pack-suggestions.js +131 -5
  39. package/dist/core/secret-risk-scan.js +440 -0
  40. package/dist/core/source-anchors.js +13 -1
  41. package/package.json +1 -1
  42. package/schemas/README.md +44 -6
  43. package/schemas/change-impact-report.schema.json +150 -0
  44. package/schemas/code-outline-report.schema.json +1 -1
  45. package/schemas/code-symbol-read-report.schema.json +64 -4
  46. package/schemas/commands.schema.json +12 -0
  47. package/schemas/config-chain-report.schema.json +187 -0
  48. package/schemas/dependency-graph-report.schema.json +149 -0
  49. package/schemas/env-contract-report.schema.json +203 -0
  50. package/schemas/export-diff-report.schema.json +220 -0
  51. package/schemas/reference-drift-report.schema.json +166 -0
  52. package/schemas/related-files-report.schema.json +145 -0
  53. package/schemas/route-outline-report.schema.json +200 -0
  54. package/schemas/secret-risk-scan-report.schema.json +152 -0
  55. package/templates/default/common/.mustflow/config/commands.toml +21 -0
  56. package/templates/default/i18n.toml +21 -9
  57. package/templates/default/locales/en/.mustflow/docs/agent-workflow.md +1 -1
  58. package/templates/default/locales/en/.mustflow/skills/INDEX.md +8 -2
  59. package/templates/default/locales/en/.mustflow/skills/architecture-deepening-review/SKILL.md +28 -11
  60. package/templates/default/locales/en/.mustflow/skills/astro-code-change/SKILL.md +71 -27
  61. package/templates/default/locales/en/.mustflow/skills/cross-agent-session-reference/SKILL.md +146 -0
  62. package/templates/default/locales/en/.mustflow/skills/dependency-upgrade-review/SKILL.md +3 -1
  63. package/templates/default/locales/en/.mustflow/skills/github-contribution-quality-gate/SKILL.md +48 -11
  64. package/templates/default/locales/en/.mustflow/skills/javascript-code-change/SKILL.md +15 -13
  65. package/templates/default/locales/en/.mustflow/skills/node-code-change/SKILL.md +16 -14
  66. package/templates/default/locales/en/.mustflow/skills/routes.toml +21 -9
  67. package/templates/default/locales/en/.mustflow/skills/security-privacy-review/SKILL.md +3 -1
  68. package/templates/default/locales/en/.mustflow/skills/test-suite-performance-review/SKILL.md +314 -0
  69. package/templates/default/locales/en/.mustflow/skills/typescript-code-change/SKILL.md +13 -10
  70. package/templates/default/manifest.toml +15 -1
package/schemas/README.md CHANGED
@@ -65,14 +65,48 @@ Current schemas:
65
65
  - `script-pack-suggestion-report.schema.json`: output of `mf script-pack suggest --json`, containing
66
66
  path, skill, phase, and changed-file evidence used to recommend optional script-pack helpers
67
67
  - `code-outline-report.schema.json`: output of
68
- `mf script-pack run code/outline scan <path...> --json`, containing a bounded TypeScript and
69
- JavaScript source outline with file hashes, symbol names, declaration kinds, line ranges,
70
- signatures, export flags, source-anchor navigation metadata, static return metadata, and stable
71
- input-limit finding codes
68
+ `mf script-pack run code/outline scan <path...> --json`, containing a bounded source outline with
69
+ file hashes, language metadata, symbol names, declaration kinds, line ranges, signatures, export
70
+ flags, source-anchor navigation metadata, static return metadata, and stable input-limit finding
71
+ codes
72
+ - `dependency-graph-report.schema.json`: output of
73
+ `mf script-pack run code/dependency-graph scan <path...> --json`, containing bounded relative
74
+ TypeScript and JavaScript import graph nodes, edges, cycle hints, target flags, depth, importer
75
+ counts, policy limits, and stable input-limit finding codes
76
+ - `change-impact-report.schema.json`: output of
77
+ `mf script-pack run code/change-impact analyze [path...] --json`, containing git-diff changed
78
+ files, surface classifications, bounded impact candidates, optional script-pack hints,
79
+ verification intent hints, policy limits, and stable git or input-limit finding codes
72
80
  - `code-symbol-read-report.schema.json`: output of
73
81
  `mf script-pack run code/symbol-read read <path> --start-line <line> --json`, containing a
74
- focused source snippet selected by outline symbol line or explicit line range with file hash,
75
- resolved line metadata, optional symbol and static return metadata, and stable range/read finding codes
82
+ focused source snippet selected by source anchor, outline symbol line, or explicit line range with
83
+ file hash, resolved line metadata, optional anchor, symbol and static return metadata, and stable
84
+ range/read finding codes
85
+ - `route-outline-report.schema.json`: output of
86
+ `mf script-pack run code/route-outline scan <path...> --json`, containing a bounded Hono,
87
+ Elysia, Axum, and NestJS route outline with file hashes, framework evidence, route methods,
88
+ route paths, optional handler names, line ranges, lifecycle-chain metadata, and stable input-limit
89
+ finding codes
90
+ - `export-diff-report.schema.json`: output of
91
+ `mf script-pack run code/export-diff compare [path...] --json`, containing a bounded git-based
92
+ comparison of exported TypeScript and JavaScript declarations, signatures, return metadata,
93
+ package surface hints, and unresolved re-export findings
94
+ - `reference-drift-report.schema.json`: output of
95
+ `mf script-pack run docs/reference-drift check [path...] --json`, containing checked
96
+ documentation references to `mf` commands, script-pack refs, schema files, repository paths,
97
+ and stable stale-reference finding codes
98
+ - `config-chain-report.schema.json`: output of
99
+ `mf script-pack run repo/config-chain inspect <path...> --json`, containing nearby package,
100
+ TypeScript, ESLint, Prettier, Vite, Vitest, Tailwind, Jest, Playwright, and mustflow config files
101
+ with static inheritance, reference, workspace, dynamic-config, path, and content-hash metadata
102
+ - `env-contract-report.schema.json`: output of
103
+ `mf script-pack run repo/env-contract scan [path...] --json`, containing code, CI, docs, config,
104
+ and env-example references for environment-variable contract drift without reading secret env files
105
+ or printing env values
106
+ - `secret-risk-scan-report.schema.json`: output of
107
+ `mf script-pack run repo/secret-risk-scan scan [path...] --json`, containing plausible
108
+ hardcoded-secret findings with detector names, paths, line numbers, and redacted fingerprints
109
+ without printing secret values
76
110
  - `text-budget-report.schema.json`: output of
77
111
  `mf script-pack run core/text-budget check <path...> --json`, containing
78
112
  exact text-budget metrics, input content hashes, policy metadata, findings, and JSON Pointer field
@@ -80,6 +114,10 @@ Current schemas:
80
114
  - `generated-boundary-report.schema.json`: output of
81
115
  `mf script-pack run repo/generated-boundary check <path...> --json`, containing candidate path
82
116
  classifications for generated, ignored, protected, vendor, and cache boundaries before or after edits
117
+ - `related-files-report.schema.json`: output of
118
+ `mf script-pack run repo/related-files map <path...> --json`, containing conservative related-file
119
+ candidates from direct imports, importers, same-basename siblings, parent configuration files, and
120
+ package boundaries for source-oriented repository navigation
83
121
  - `skill-route-report.schema.json`: output of `mf skill route --json`, containing compact route
84
122
  candidates, selected main and adjunct skills, score breakdowns, route read plans, source route
85
123
  shards, and optional read-only script-pack helper suggestions without granting command authority
@@ -0,0 +1,150 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://mustflow.github.io/schemas/change-impact-report.schema.json",
4
+ "title": "mustflow change-impact report",
5
+ "type": "object",
6
+ "additionalProperties": false,
7
+ "required": [
8
+ "schema_version",
9
+ "command",
10
+ "pack_id",
11
+ "script_id",
12
+ "script_ref",
13
+ "action",
14
+ "status",
15
+ "ok",
16
+ "mustflow_root",
17
+ "policy",
18
+ "input_hash",
19
+ "changed_files",
20
+ "impacts",
21
+ "script_hints",
22
+ "verification_hints",
23
+ "truncated",
24
+ "findings",
25
+ "issues"
26
+ ],
27
+ "properties": {
28
+ "schema_version": { "const": "1" },
29
+ "command": { "const": "script-pack" },
30
+ "pack_id": { "const": "code" },
31
+ "script_id": { "const": "change-impact" },
32
+ "script_ref": { "const": "code/change-impact" },
33
+ "action": { "const": "analyze" },
34
+ "status": { "enum": ["passed", "failed", "error"] },
35
+ "ok": { "type": "boolean" },
36
+ "mustflow_root": { "type": "string" },
37
+ "policy": { "$ref": "#/$defs/policy" },
38
+ "input_hash": { "$ref": "#/$defs/sha256" },
39
+ "changed_files": { "type": "array", "items": { "$ref": "#/$defs/changedFile" } },
40
+ "impacts": { "type": "array", "items": { "$ref": "#/$defs/impact" } },
41
+ "script_hints": { "type": "array", "items": { "$ref": "#/$defs/scriptHint" } },
42
+ "verification_hints": { "type": "array", "items": { "$ref": "#/$defs/verificationHint" } },
43
+ "truncated": { "type": "boolean" },
44
+ "findings": { "type": "array", "items": { "$ref": "#/$defs/finding" } },
45
+ "issues": { "type": "array", "items": { "type": "string" } }
46
+ },
47
+ "$defs": {
48
+ "sha256": { "type": "string", "pattern": "^sha256:[a-f0-9]{64}$" },
49
+ "surface": {
50
+ "enum": ["source", "test", "docs", "schema", "config", "package", "template", "workflow", "i18n", "unknown"]
51
+ },
52
+ "policy": {
53
+ "type": "object",
54
+ "additionalProperties": false,
55
+ "required": [
56
+ "base_ref",
57
+ "head_ref",
58
+ "compare_worktree",
59
+ "max_files",
60
+ "max_impacts",
61
+ "max_file_bytes",
62
+ "path_filters"
63
+ ],
64
+ "properties": {
65
+ "base_ref": { "type": "string" },
66
+ "head_ref": { "type": ["string", "null"] },
67
+ "compare_worktree": { "type": "boolean" },
68
+ "max_files": { "type": "integer", "minimum": 1 },
69
+ "max_impacts": { "type": "integer", "minimum": 1 },
70
+ "max_file_bytes": { "type": "integer", "minimum": 1 },
71
+ "path_filters": { "type": "array", "items": { "type": "string" } }
72
+ }
73
+ },
74
+ "changedFile": {
75
+ "type": "object",
76
+ "additionalProperties": false,
77
+ "required": ["path", "previous_path", "status", "surface"],
78
+ "properties": {
79
+ "path": { "type": "string" },
80
+ "previous_path": { "type": ["string", "null"] },
81
+ "status": { "enum": ["added", "modified", "deleted", "renamed", "type_changed", "untracked"] },
82
+ "surface": { "$ref": "#/$defs/surface" }
83
+ }
84
+ },
85
+ "impact": {
86
+ "type": "object",
87
+ "additionalProperties": false,
88
+ "required": ["path", "exists", "surface", "relationship", "confidence", "reason", "source_path"],
89
+ "properties": {
90
+ "path": { "type": "string" },
91
+ "exists": { "type": "boolean" },
92
+ "surface": { "$ref": "#/$defs/surface" },
93
+ "relationship": {
94
+ "enum": [
95
+ "changed_file",
96
+ "imports_changed_file",
97
+ "sibling_test",
98
+ "sibling_source",
99
+ "contract_doc",
100
+ "contract_test",
101
+ "package_surface",
102
+ "workflow_surface"
103
+ ]
104
+ },
105
+ "confidence": { "type": "number", "minimum": 0, "maximum": 1 },
106
+ "reason": { "type": "string" },
107
+ "source_path": { "type": "string" }
108
+ }
109
+ },
110
+ "scriptHint": {
111
+ "type": "object",
112
+ "additionalProperties": false,
113
+ "required": ["script_ref", "command", "reason", "confidence"],
114
+ "properties": {
115
+ "script_ref": { "type": "string" },
116
+ "command": { "type": "string" },
117
+ "reason": { "type": "string" },
118
+ "confidence": { "type": "number", "minimum": 0, "maximum": 1 }
119
+ }
120
+ },
121
+ "verificationHint": {
122
+ "type": "object",
123
+ "additionalProperties": false,
124
+ "required": ["intent", "reason", "confidence"],
125
+ "properties": {
126
+ "intent": { "type": "string" },
127
+ "reason": { "type": "string" },
128
+ "confidence": { "type": "number", "minimum": 0, "maximum": 1 }
129
+ }
130
+ },
131
+ "finding": {
132
+ "type": "object",
133
+ "additionalProperties": false,
134
+ "required": ["code", "severity", "message", "path"],
135
+ "properties": {
136
+ "code": {
137
+ "enum": [
138
+ "change_impact_git_unavailable",
139
+ "change_impact_invalid_ref",
140
+ "change_impact_max_files_exceeded",
141
+ "change_impact_max_impacts_exceeded"
142
+ ]
143
+ },
144
+ "severity": { "enum": ["low", "medium", "high", "critical"] },
145
+ "message": { "type": "string" },
146
+ "path": { "type": "string" }
147
+ }
148
+ }
149
+ }
150
+ }
@@ -61,7 +61,7 @@
61
61
  "pattern": "^sha256:[a-f0-9]{64}$"
62
62
  },
63
63
  "language": {
64
- "enum": ["typescript", "tsx", "javascript", "jsx", "javascript-module", "javascript-commonjs"]
64
+ "enum": ["typescript", "tsx", "javascript", "jsx", "javascript-module", "javascript-commonjs", "astro", "svelte", "go", "rust", "python"]
65
65
  },
66
66
  "symbolKind": {
67
67
  "enum": ["function", "class", "interface", "type", "enum", "variable"]
@@ -60,7 +60,7 @@
60
60
  "pattern": "^sha256:[a-f0-9]{64}$"
61
61
  },
62
62
  "language": {
63
- "enum": ["typescript", "tsx", "javascript", "jsx", "javascript-module", "javascript-commonjs"]
63
+ "enum": ["typescript", "tsx", "javascript", "jsx", "javascript-module", "javascript-commonjs", "astro", "svelte", "go", "rust", "python"]
64
64
  },
65
65
  "symbolKind": {
66
66
  "enum": ["function", "class", "interface", "type", "enum", "variable"]
@@ -68,9 +68,10 @@
68
68
  "policy": {
69
69
  "type": "object",
70
70
  "additionalProperties": false,
71
- "required": ["start_line", "end_line", "context_lines", "max_file_bytes", "max_snippet_lines"],
71
+ "required": ["anchor_id", "start_line", "end_line", "context_lines", "max_file_bytes", "max_snippet_lines"],
72
72
  "properties": {
73
- "start_line": { "type": "integer", "minimum": 1 },
73
+ "anchor_id": { "type": ["string", "null"] },
74
+ "start_line": { "type": ["integer", "null"], "minimum": 1 },
74
75
  "end_line": { "type": ["integer", "null"], "minimum": 1 },
75
76
  "context_lines": { "type": "integer", "minimum": 0 },
76
77
  "max_file_bytes": { "type": "integer", "minimum": 1 },
@@ -124,6 +125,53 @@
124
125
  "content_sha256": { "$ref": "#/$defs/sha256" }
125
126
  }
126
127
  },
128
+ "anchor": {
129
+ "type": "object",
130
+ "additionalProperties": false,
131
+ "required": [
132
+ "id",
133
+ "path",
134
+ "line_start",
135
+ "line_end",
136
+ "purpose",
137
+ "search",
138
+ "invariant",
139
+ "risk",
140
+ "navigation_only",
141
+ "can_instruct_agent",
142
+ "target_symbol_id",
143
+ "target_kind",
144
+ "target_name",
145
+ "target_start_line"
146
+ ],
147
+ "properties": {
148
+ "id": { "type": "string" },
149
+ "path": { "type": "string" },
150
+ "line_start": { "type": "integer", "minimum": 1 },
151
+ "line_end": { "type": "integer", "minimum": 1 },
152
+ "purpose": { "type": ["string", "null"] },
153
+ "search": {
154
+ "type": "array",
155
+ "items": { "type": "string" }
156
+ },
157
+ "invariant": { "type": ["string", "null"] },
158
+ "risk": {
159
+ "type": "array",
160
+ "items": { "type": "string" }
161
+ },
162
+ "navigation_only": { "const": true },
163
+ "can_instruct_agent": { "const": false },
164
+ "target_symbol_id": { "type": ["string", "null"] },
165
+ "target_kind": {
166
+ "anyOf": [
167
+ { "$ref": "#/$defs/symbolKind" },
168
+ { "type": "null" }
169
+ ]
170
+ },
171
+ "target_name": { "type": ["string", "null"] },
172
+ "target_start_line": { "type": ["integer", "null"], "minimum": 1 }
173
+ }
174
+ },
127
175
  "target": {
128
176
  "type": "object",
129
177
  "additionalProperties": false,
@@ -133,12 +181,14 @@
133
181
  "sha256",
134
182
  "size_bytes",
135
183
  "line_count",
184
+ "requested_anchor_id",
136
185
  "requested_start_line",
137
186
  "requested_end_line",
138
187
  "resolved_start_line",
139
188
  "resolved_end_line",
140
189
  "context_start_line",
141
190
  "context_end_line",
191
+ "anchor",
142
192
  "symbol"
143
193
  ],
144
194
  "properties": {
@@ -147,12 +197,19 @@
147
197
  "sha256": { "$ref": "#/$defs/sha256" },
148
198
  "size_bytes": { "type": "integer", "minimum": 0 },
149
199
  "line_count": { "type": "integer", "minimum": 0 },
150
- "requested_start_line": { "type": "integer", "minimum": 1 },
200
+ "requested_anchor_id": { "type": ["string", "null"] },
201
+ "requested_start_line": { "type": ["integer", "null"], "minimum": 1 },
151
202
  "requested_end_line": { "type": ["integer", "null"], "minimum": 1 },
152
203
  "resolved_start_line": { "type": ["integer", "null"], "minimum": 1 },
153
204
  "resolved_end_line": { "type": ["integer", "null"], "minimum": 1 },
154
205
  "context_start_line": { "type": ["integer", "null"], "minimum": 1 },
155
206
  "context_end_line": { "type": ["integer", "null"], "minimum": 1 },
207
+ "anchor": {
208
+ "anyOf": [
209
+ { "$ref": "#/$defs/anchor" },
210
+ { "type": "null" }
211
+ ]
212
+ },
156
213
  "symbol": {
157
214
  "anyOf": [
158
215
  { "$ref": "#/$defs/symbol" },
@@ -183,6 +240,9 @@
183
240
  "code_symbol_read_unreadable_path",
184
241
  "code_symbol_read_invalid_range",
185
242
  "code_symbol_read_no_symbol_at_line",
243
+ "code_symbol_read_anchor_not_found",
244
+ "code_symbol_read_anchor_ambiguous",
245
+ "code_symbol_read_anchor_without_symbol",
186
246
  "code_symbol_read_snippet_too_large"
187
247
  ]
188
248
  },
@@ -47,6 +47,18 @@
47
47
  "resources": {
48
48
  "type": "object",
49
49
  "additionalProperties": { "$ref": "#/$defs/resource" }
50
+ },
51
+ "include": {
52
+ "type": "object",
53
+ "additionalProperties": false,
54
+ "required": ["files"],
55
+ "properties": {
56
+ "files": {
57
+ "type": "array",
58
+ "items": { "type": "string", "pattern": "^commands/(?:[A-Za-z0-9._-]+/)*[A-Za-z0-9._-]+\\.toml$" },
59
+ "uniqueItems": true
60
+ }
61
+ }
50
62
  }
51
63
  },
52
64
  "$defs": {
@@ -0,0 +1,187 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://mustflow.github.io/schemas/config-chain-report.schema.json",
4
+ "title": "mustflow config-chain report",
5
+ "type": "object",
6
+ "additionalProperties": false,
7
+ "required": [
8
+ "schema_version",
9
+ "command",
10
+ "pack_id",
11
+ "script_id",
12
+ "script_ref",
13
+ "action",
14
+ "status",
15
+ "ok",
16
+ "mustflow_root",
17
+ "policy",
18
+ "input_hash",
19
+ "targets",
20
+ "configs",
21
+ "edges",
22
+ "findings",
23
+ "issues"
24
+ ],
25
+ "properties": {
26
+ "schema_version": { "const": "1" },
27
+ "command": { "const": "script-pack" },
28
+ "pack_id": { "const": "repo" },
29
+ "script_id": { "const": "config-chain" },
30
+ "script_ref": { "const": "repo/config-chain" },
31
+ "action": { "const": "inspect" },
32
+ "status": { "enum": ["passed", "failed", "error"] },
33
+ "ok": { "type": "boolean" },
34
+ "mustflow_root": { "type": "string" },
35
+ "policy": { "$ref": "#/$defs/policy" },
36
+ "input_hash": { "$ref": "#/$defs/sha256" },
37
+ "targets": {
38
+ "type": "array",
39
+ "items": { "$ref": "#/$defs/target" }
40
+ },
41
+ "configs": {
42
+ "type": "array",
43
+ "items": { "$ref": "#/$defs/config" }
44
+ },
45
+ "edges": {
46
+ "type": "array",
47
+ "items": { "$ref": "#/$defs/edge" }
48
+ },
49
+ "findings": {
50
+ "type": "array",
51
+ "items": { "$ref": "#/$defs/finding" }
52
+ },
53
+ "issues": {
54
+ "type": "array",
55
+ "items": { "type": "string" }
56
+ }
57
+ },
58
+ "$defs": {
59
+ "sha256": {
60
+ "type": "string",
61
+ "pattern": "^sha256:[a-f0-9]{64}$"
62
+ },
63
+ "nullableSha256": {
64
+ "type": ["string", "null"],
65
+ "pattern": "^sha256:[a-f0-9]{64}$"
66
+ },
67
+ "stringArray": {
68
+ "type": "array",
69
+ "items": { "type": "string" }
70
+ },
71
+ "policy": {
72
+ "type": "object",
73
+ "additionalProperties": false,
74
+ "required": ["max_file_bytes", "max_configs", "config_names", "ignored_directories"],
75
+ "properties": {
76
+ "max_file_bytes": { "type": "integer", "minimum": 1 },
77
+ "max_configs": { "type": "integer", "minimum": 1 },
78
+ "config_names": { "$ref": "#/$defs/stringArray" },
79
+ "ignored_directories": { "$ref": "#/$defs/stringArray" }
80
+ }
81
+ },
82
+ "target": {
83
+ "type": "object",
84
+ "additionalProperties": false,
85
+ "required": ["input", "path", "exists", "kind"],
86
+ "properties": {
87
+ "input": { "type": "string" },
88
+ "path": { "type": "string" },
89
+ "exists": { "type": ["boolean", "null"] },
90
+ "kind": { "enum": ["file", "directory", "missing", "other", "unknown"] }
91
+ }
92
+ },
93
+ "kind": {
94
+ "enum": [
95
+ "package_json",
96
+ "tsconfig",
97
+ "eslint",
98
+ "prettier",
99
+ "vite",
100
+ "vitest",
101
+ "tailwind",
102
+ "jest",
103
+ "playwright",
104
+ "mustflow",
105
+ "other"
106
+ ]
107
+ },
108
+ "format": {
109
+ "enum": ["json", "jsonc", "javascript", "typescript", "yaml", "toml", "unknown"]
110
+ },
111
+ "config": {
112
+ "type": "object",
113
+ "additionalProperties": false,
114
+ "required": [
115
+ "path",
116
+ "kind",
117
+ "format",
118
+ "source",
119
+ "sha256",
120
+ "size_bytes",
121
+ "parseable",
122
+ "dynamic",
123
+ "package_name",
124
+ "workspaces",
125
+ "scripts",
126
+ "extends",
127
+ "references",
128
+ "include",
129
+ "exclude",
130
+ "compiler_options",
131
+ "summary"
132
+ ],
133
+ "properties": {
134
+ "path": { "type": "string" },
135
+ "kind": { "$ref": "#/$defs/kind" },
136
+ "format": { "$ref": "#/$defs/format" },
137
+ "source": { "enum": ["target", "parent", "discovered"] },
138
+ "sha256": { "$ref": "#/$defs/nullableSha256" },
139
+ "size_bytes": { "type": ["integer", "null"], "minimum": 0 },
140
+ "parseable": { "type": "boolean" },
141
+ "dynamic": { "type": "boolean" },
142
+ "package_name": { "type": ["string", "null"] },
143
+ "workspaces": { "$ref": "#/$defs/stringArray" },
144
+ "scripts": { "$ref": "#/$defs/stringArray" },
145
+ "extends": { "$ref": "#/$defs/stringArray" },
146
+ "references": { "$ref": "#/$defs/stringArray" },
147
+ "include": { "$ref": "#/$defs/stringArray" },
148
+ "exclude": { "$ref": "#/$defs/stringArray" },
149
+ "compiler_options": { "$ref": "#/$defs/stringArray" },
150
+ "summary": { "$ref": "#/$defs/stringArray" }
151
+ }
152
+ },
153
+ "edge": {
154
+ "type": "object",
155
+ "additionalProperties": false,
156
+ "required": ["from_path", "to_path", "kind", "specifier", "resolved"],
157
+ "properties": {
158
+ "from_path": { "type": "string" },
159
+ "to_path": { "type": ["string", "null"] },
160
+ "kind": { "enum": ["parent_config", "extends", "reference", "workspace"] },
161
+ "specifier": { "type": "string" },
162
+ "resolved": { "type": "boolean" }
163
+ }
164
+ },
165
+ "finding": {
166
+ "type": "object",
167
+ "additionalProperties": false,
168
+ "required": ["code", "severity", "message", "path"],
169
+ "properties": {
170
+ "code": {
171
+ "enum": [
172
+ "config_chain_path_outside_root",
173
+ "config_chain_unreadable_path",
174
+ "config_chain_parse_error",
175
+ "config_chain_dynamic_config",
176
+ "config_chain_external_reference",
177
+ "config_chain_missing_reference",
178
+ "config_chain_max_configs_exceeded"
179
+ ]
180
+ },
181
+ "severity": { "enum": ["low", "medium", "high", "critical"] },
182
+ "message": { "type": "string" },
183
+ "path": { "type": "string" }
184
+ }
185
+ }
186
+ }
187
+ }