mustflow 2.75.2 → 2.85.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +40 -3
- package/dist/cli/commands/docs.js +86 -2
- package/dist/cli/commands/script-pack.js +9 -0
- package/dist/cli/i18n/en.js +180 -2
- package/dist/cli/i18n/es.js +180 -2
- package/dist/cli/i18n/fr.js +180 -2
- package/dist/cli/i18n/hi.js +180 -2
- package/dist/cli/i18n/ko.js +180 -2
- package/dist/cli/i18n/zh.js +180 -2
- package/dist/cli/lib/repo-map.js +27 -6
- package/dist/cli/lib/run-root-trust.js +15 -1
- package/dist/cli/lib/script-pack-registry.js +275 -6
- package/dist/cli/lib/validation/index.js +2 -2
- package/dist/cli/lib/validation/primitives.js +4 -1
- package/dist/cli/script-packs/code-change-impact.js +172 -0
- package/dist/cli/script-packs/code-dependency-graph.js +181 -0
- package/dist/cli/script-packs/code-export-diff.js +160 -0
- package/dist/cli/script-packs/code-outline.js +33 -5
- package/dist/cli/script-packs/code-route-outline.js +155 -0
- package/dist/cli/script-packs/docs-reference-drift.js +150 -0
- package/dist/cli/script-packs/repo-config-chain.js +163 -0
- package/dist/cli/script-packs/repo-env-contract.js +156 -0
- package/dist/cli/script-packs/repo-related-files.js +161 -0
- package/dist/cli/script-packs/repo-secret-risk-scan.js +147 -0
- package/dist/core/change-impact.js +383 -0
- package/dist/core/change-verification.js +32 -5
- package/dist/core/code-outline.js +460 -79
- package/dist/core/config-chain.js +595 -0
- package/dist/core/config-loading.js +121 -4
- package/dist/core/dependency-graph.js +490 -0
- package/dist/core/env-contract.js +450 -0
- package/dist/core/export-diff.js +359 -0
- package/dist/core/line-endings.js +26 -13
- package/dist/core/public-json-contracts.js +126 -0
- package/dist/core/reference-drift.js +388 -0
- package/dist/core/related-files.js +493 -0
- package/dist/core/route-outline.js +964 -0
- package/dist/core/script-pack-suggestions.js +131 -5
- package/dist/core/secret-risk-scan.js +440 -0
- package/dist/core/source-anchors.js +13 -1
- package/package.json +1 -1
- package/schemas/README.md +44 -6
- package/schemas/change-impact-report.schema.json +150 -0
- package/schemas/code-outline-report.schema.json +1 -1
- package/schemas/code-symbol-read-report.schema.json +64 -4
- package/schemas/commands.schema.json +12 -0
- package/schemas/config-chain-report.schema.json +187 -0
- package/schemas/dependency-graph-report.schema.json +149 -0
- package/schemas/env-contract-report.schema.json +203 -0
- package/schemas/export-diff-report.schema.json +220 -0
- package/schemas/reference-drift-report.schema.json +166 -0
- package/schemas/related-files-report.schema.json +145 -0
- package/schemas/route-outline-report.schema.json +200 -0
- package/schemas/secret-risk-scan-report.schema.json +152 -0
- package/templates/default/common/.mustflow/config/commands.toml +21 -0
- package/templates/default/i18n.toml +21 -9
- package/templates/default/locales/en/.mustflow/docs/agent-workflow.md +1 -1
- package/templates/default/locales/en/.mustflow/skills/INDEX.md +8 -2
- package/templates/default/locales/en/.mustflow/skills/architecture-deepening-review/SKILL.md +28 -11
- package/templates/default/locales/en/.mustflow/skills/astro-code-change/SKILL.md +71 -27
- package/templates/default/locales/en/.mustflow/skills/cross-agent-session-reference/SKILL.md +146 -0
- package/templates/default/locales/en/.mustflow/skills/dependency-upgrade-review/SKILL.md +3 -1
- package/templates/default/locales/en/.mustflow/skills/github-contribution-quality-gate/SKILL.md +48 -11
- package/templates/default/locales/en/.mustflow/skills/javascript-code-change/SKILL.md +15 -13
- package/templates/default/locales/en/.mustflow/skills/node-code-change/SKILL.md +16 -14
- package/templates/default/locales/en/.mustflow/skills/routes.toml +21 -9
- package/templates/default/locales/en/.mustflow/skills/security-privacy-review/SKILL.md +3 -1
- package/templates/default/locales/en/.mustflow/skills/test-suite-performance-review/SKILL.md +314 -0
- package/templates/default/locales/en/.mustflow/skills/typescript-code-change/SKILL.md +13 -10
- package/templates/default/manifest.toml +15 -1
|
@@ -0,0 +1,149 @@
|
|
|
1
|
+
{
|
|
2
|
+
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
3
|
+
"$id": "https://mustflow.github.io/schemas/dependency-graph-report.schema.json",
|
|
4
|
+
"title": "mustflow dependency-graph report",
|
|
5
|
+
"type": "object",
|
|
6
|
+
"additionalProperties": false,
|
|
7
|
+
"required": [
|
|
8
|
+
"schema_version",
|
|
9
|
+
"command",
|
|
10
|
+
"pack_id",
|
|
11
|
+
"script_id",
|
|
12
|
+
"script_ref",
|
|
13
|
+
"action",
|
|
14
|
+
"status",
|
|
15
|
+
"ok",
|
|
16
|
+
"mustflow_root",
|
|
17
|
+
"policy",
|
|
18
|
+
"input_hash",
|
|
19
|
+
"targets",
|
|
20
|
+
"nodes",
|
|
21
|
+
"edges",
|
|
22
|
+
"cycles",
|
|
23
|
+
"truncated",
|
|
24
|
+
"findings",
|
|
25
|
+
"issues"
|
|
26
|
+
],
|
|
27
|
+
"properties": {
|
|
28
|
+
"schema_version": { "const": "1" },
|
|
29
|
+
"command": { "const": "script-pack" },
|
|
30
|
+
"pack_id": { "const": "code" },
|
|
31
|
+
"script_id": { "const": "dependency-graph" },
|
|
32
|
+
"script_ref": { "const": "code/dependency-graph" },
|
|
33
|
+
"action": { "const": "scan" },
|
|
34
|
+
"status": { "enum": ["passed", "failed", "error"] },
|
|
35
|
+
"ok": { "type": "boolean" },
|
|
36
|
+
"mustflow_root": { "type": "string" },
|
|
37
|
+
"policy": { "$ref": "#/$defs/policy" },
|
|
38
|
+
"input_hash": { "$ref": "#/$defs/sha256" },
|
|
39
|
+
"targets": { "type": "array", "items": { "$ref": "#/$defs/target" } },
|
|
40
|
+
"nodes": { "type": "array", "items": { "$ref": "#/$defs/node" } },
|
|
41
|
+
"edges": { "type": "array", "items": { "$ref": "#/$defs/edge" } },
|
|
42
|
+
"cycles": {
|
|
43
|
+
"type": "array",
|
|
44
|
+
"items": {
|
|
45
|
+
"type": "array",
|
|
46
|
+
"items": { "type": "string" }
|
|
47
|
+
}
|
|
48
|
+
},
|
|
49
|
+
"truncated": { "type": "boolean" },
|
|
50
|
+
"findings": { "type": "array", "items": { "$ref": "#/$defs/finding" } },
|
|
51
|
+
"issues": { "type": "array", "items": { "type": "string" } }
|
|
52
|
+
},
|
|
53
|
+
"$defs": {
|
|
54
|
+
"sha256": { "type": "string", "pattern": "^sha256:[a-f0-9]{64}$" },
|
|
55
|
+
"stringArray": { "type": "array", "items": { "type": "string" } },
|
|
56
|
+
"language": {
|
|
57
|
+
"enum": [
|
|
58
|
+
"typescript",
|
|
59
|
+
"tsx",
|
|
60
|
+
"javascript",
|
|
61
|
+
"jsx",
|
|
62
|
+
"javascript-module",
|
|
63
|
+
"javascript-commonjs",
|
|
64
|
+
"json",
|
|
65
|
+
"other"
|
|
66
|
+
]
|
|
67
|
+
},
|
|
68
|
+
"targetKind": { "enum": ["file", "directory", "missing", "other", "unknown"] },
|
|
69
|
+
"edgeKind": { "enum": ["static_import", "static_export", "dynamic_import", "require"] },
|
|
70
|
+
"policy": {
|
|
71
|
+
"type": "object",
|
|
72
|
+
"additionalProperties": false,
|
|
73
|
+
"required": [
|
|
74
|
+
"max_file_bytes",
|
|
75
|
+
"max_files",
|
|
76
|
+
"max_depth",
|
|
77
|
+
"max_nodes",
|
|
78
|
+
"max_edges",
|
|
79
|
+
"extensions",
|
|
80
|
+
"ignored_directories"
|
|
81
|
+
],
|
|
82
|
+
"properties": {
|
|
83
|
+
"max_file_bytes": { "type": "integer", "minimum": 1 },
|
|
84
|
+
"max_files": { "type": "integer", "minimum": 1 },
|
|
85
|
+
"max_depth": { "type": "integer", "minimum": 1 },
|
|
86
|
+
"max_nodes": { "type": "integer", "minimum": 1 },
|
|
87
|
+
"max_edges": { "type": "integer", "minimum": 1 },
|
|
88
|
+
"extensions": { "$ref": "#/$defs/stringArray" },
|
|
89
|
+
"ignored_directories": { "$ref": "#/$defs/stringArray" }
|
|
90
|
+
}
|
|
91
|
+
},
|
|
92
|
+
"target": {
|
|
93
|
+
"type": "object",
|
|
94
|
+
"additionalProperties": false,
|
|
95
|
+
"required": ["input", "path", "exists", "kind", "language"],
|
|
96
|
+
"properties": {
|
|
97
|
+
"input": { "type": "string" },
|
|
98
|
+
"path": { "type": "string" },
|
|
99
|
+
"exists": { "type": ["boolean", "null"] },
|
|
100
|
+
"kind": { "$ref": "#/$defs/targetKind" },
|
|
101
|
+
"language": { "$ref": "#/$defs/language" }
|
|
102
|
+
}
|
|
103
|
+
},
|
|
104
|
+
"node": {
|
|
105
|
+
"type": "object",
|
|
106
|
+
"additionalProperties": false,
|
|
107
|
+
"required": ["path", "language", "target", "depth", "import_count", "importer_count"],
|
|
108
|
+
"properties": {
|
|
109
|
+
"path": { "type": "string" },
|
|
110
|
+
"language": { "$ref": "#/$defs/language" },
|
|
111
|
+
"target": { "type": "boolean" },
|
|
112
|
+
"depth": { "type": "integer", "minimum": 0 },
|
|
113
|
+
"import_count": { "type": "integer", "minimum": 0 },
|
|
114
|
+
"importer_count": { "type": "integer", "minimum": 0 }
|
|
115
|
+
}
|
|
116
|
+
},
|
|
117
|
+
"edge": {
|
|
118
|
+
"type": "object",
|
|
119
|
+
"additionalProperties": false,
|
|
120
|
+
"required": ["source_path", "target_path", "specifier", "line", "kind"],
|
|
121
|
+
"properties": {
|
|
122
|
+
"source_path": { "type": "string" },
|
|
123
|
+
"target_path": { "type": "string" },
|
|
124
|
+
"specifier": { "type": "string" },
|
|
125
|
+
"line": { "type": "integer", "minimum": 1 },
|
|
126
|
+
"kind": { "$ref": "#/$defs/edgeKind" }
|
|
127
|
+
}
|
|
128
|
+
},
|
|
129
|
+
"finding": {
|
|
130
|
+
"type": "object",
|
|
131
|
+
"additionalProperties": false,
|
|
132
|
+
"required": ["code", "severity", "message", "path"],
|
|
133
|
+
"properties": {
|
|
134
|
+
"code": {
|
|
135
|
+
"enum": [
|
|
136
|
+
"dependency_graph_path_outside_root",
|
|
137
|
+
"dependency_graph_unreadable_path",
|
|
138
|
+
"dependency_graph_max_files_exceeded",
|
|
139
|
+
"dependency_graph_max_nodes_exceeded",
|
|
140
|
+
"dependency_graph_max_edges_exceeded"
|
|
141
|
+
]
|
|
142
|
+
},
|
|
143
|
+
"severity": { "enum": ["low", "medium", "high", "critical"] },
|
|
144
|
+
"message": { "type": "string" },
|
|
145
|
+
"path": { "type": "string" }
|
|
146
|
+
}
|
|
147
|
+
}
|
|
148
|
+
}
|
|
149
|
+
}
|
|
@@ -0,0 +1,203 @@
|
|
|
1
|
+
{
|
|
2
|
+
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
3
|
+
"$id": "https://mustflow.github.io/schemas/env-contract-report.schema.json",
|
|
4
|
+
"title": "mustflow env-contract report",
|
|
5
|
+
"type": "object",
|
|
6
|
+
"additionalProperties": false,
|
|
7
|
+
"required": [
|
|
8
|
+
"schema_version",
|
|
9
|
+
"command",
|
|
10
|
+
"pack_id",
|
|
11
|
+
"script_id",
|
|
12
|
+
"script_ref",
|
|
13
|
+
"action",
|
|
14
|
+
"status",
|
|
15
|
+
"ok",
|
|
16
|
+
"mustflow_root",
|
|
17
|
+
"policy",
|
|
18
|
+
"input_hash",
|
|
19
|
+
"targets",
|
|
20
|
+
"summary",
|
|
21
|
+
"keys",
|
|
22
|
+
"truncated",
|
|
23
|
+
"findings",
|
|
24
|
+
"issues"
|
|
25
|
+
],
|
|
26
|
+
"properties": {
|
|
27
|
+
"schema_version": { "const": "1" },
|
|
28
|
+
"command": { "const": "script-pack" },
|
|
29
|
+
"pack_id": { "const": "repo" },
|
|
30
|
+
"script_id": { "const": "env-contract" },
|
|
31
|
+
"script_ref": { "const": "repo/env-contract" },
|
|
32
|
+
"action": { "const": "scan" },
|
|
33
|
+
"status": { "enum": ["passed", "failed", "error"] },
|
|
34
|
+
"ok": { "type": "boolean" },
|
|
35
|
+
"mustflow_root": { "type": "string" },
|
|
36
|
+
"policy": { "$ref": "#/$defs/policy" },
|
|
37
|
+
"input_hash": { "$ref": "#/$defs/sha256" },
|
|
38
|
+
"targets": {
|
|
39
|
+
"type": "array",
|
|
40
|
+
"items": { "$ref": "#/$defs/target" }
|
|
41
|
+
},
|
|
42
|
+
"summary": { "$ref": "#/$defs/summary" },
|
|
43
|
+
"keys": {
|
|
44
|
+
"type": "array",
|
|
45
|
+
"items": { "$ref": "#/$defs/envKey" }
|
|
46
|
+
},
|
|
47
|
+
"truncated": { "type": "boolean" },
|
|
48
|
+
"findings": {
|
|
49
|
+
"type": "array",
|
|
50
|
+
"items": { "$ref": "#/$defs/finding" }
|
|
51
|
+
},
|
|
52
|
+
"issues": {
|
|
53
|
+
"type": "array",
|
|
54
|
+
"items": { "type": "string" }
|
|
55
|
+
}
|
|
56
|
+
},
|
|
57
|
+
"$defs": {
|
|
58
|
+
"sha256": {
|
|
59
|
+
"type": "string",
|
|
60
|
+
"pattern": "^sha256:[a-f0-9]{64}$"
|
|
61
|
+
},
|
|
62
|
+
"stringArray": {
|
|
63
|
+
"type": "array",
|
|
64
|
+
"items": { "type": "string" }
|
|
65
|
+
},
|
|
66
|
+
"policy": {
|
|
67
|
+
"type": "object",
|
|
68
|
+
"additionalProperties": false,
|
|
69
|
+
"required": [
|
|
70
|
+
"max_file_bytes",
|
|
71
|
+
"max_files",
|
|
72
|
+
"max_keys",
|
|
73
|
+
"extensions",
|
|
74
|
+
"env_example_names",
|
|
75
|
+
"skipped_secret_names",
|
|
76
|
+
"ignored_directories"
|
|
77
|
+
],
|
|
78
|
+
"properties": {
|
|
79
|
+
"max_file_bytes": { "type": "integer", "minimum": 1 },
|
|
80
|
+
"max_files": { "type": "integer", "minimum": 1 },
|
|
81
|
+
"max_keys": { "type": "integer", "minimum": 1 },
|
|
82
|
+
"extensions": { "$ref": "#/$defs/stringArray" },
|
|
83
|
+
"env_example_names": { "$ref": "#/$defs/stringArray" },
|
|
84
|
+
"skipped_secret_names": { "$ref": "#/$defs/stringArray" },
|
|
85
|
+
"ignored_directories": { "$ref": "#/$defs/stringArray" }
|
|
86
|
+
}
|
|
87
|
+
},
|
|
88
|
+
"target": {
|
|
89
|
+
"type": "object",
|
|
90
|
+
"additionalProperties": false,
|
|
91
|
+
"required": ["input", "path", "exists", "kind"],
|
|
92
|
+
"properties": {
|
|
93
|
+
"input": { "type": "string" },
|
|
94
|
+
"path": { "type": "string" },
|
|
95
|
+
"exists": { "type": ["boolean", "null"] },
|
|
96
|
+
"kind": { "enum": ["file", "directory", "missing", "other", "unknown"] }
|
|
97
|
+
}
|
|
98
|
+
},
|
|
99
|
+
"summary": {
|
|
100
|
+
"type": "object",
|
|
101
|
+
"additionalProperties": false,
|
|
102
|
+
"required": [
|
|
103
|
+
"target_count",
|
|
104
|
+
"file_count",
|
|
105
|
+
"key_count",
|
|
106
|
+
"code_key_count",
|
|
107
|
+
"example_key_count",
|
|
108
|
+
"documented_key_count",
|
|
109
|
+
"ci_key_count"
|
|
110
|
+
],
|
|
111
|
+
"properties": {
|
|
112
|
+
"target_count": { "type": "integer", "minimum": 0 },
|
|
113
|
+
"file_count": { "type": "integer", "minimum": 0 },
|
|
114
|
+
"key_count": { "type": "integer", "minimum": 0 },
|
|
115
|
+
"code_key_count": { "type": "integer", "minimum": 0 },
|
|
116
|
+
"example_key_count": { "type": "integer", "minimum": 0 },
|
|
117
|
+
"documented_key_count": { "type": "integer", "minimum": 0 },
|
|
118
|
+
"ci_key_count": { "type": "integer", "minimum": 0 }
|
|
119
|
+
}
|
|
120
|
+
},
|
|
121
|
+
"surface": {
|
|
122
|
+
"enum": ["code", "config", "ci", "docs", "example"]
|
|
123
|
+
},
|
|
124
|
+
"referenceKind": {
|
|
125
|
+
"enum": [
|
|
126
|
+
"process_env_dot",
|
|
127
|
+
"process_env_bracket",
|
|
128
|
+
"process_env_destructure",
|
|
129
|
+
"bun_env_dot",
|
|
130
|
+
"import_meta_env",
|
|
131
|
+
"env_example",
|
|
132
|
+
"ci_secret",
|
|
133
|
+
"ci_var",
|
|
134
|
+
"ci_env",
|
|
135
|
+
"documented"
|
|
136
|
+
]
|
|
137
|
+
},
|
|
138
|
+
"reference": {
|
|
139
|
+
"type": "object",
|
|
140
|
+
"additionalProperties": false,
|
|
141
|
+
"required": ["key", "path", "line", "surface", "kind"],
|
|
142
|
+
"properties": {
|
|
143
|
+
"key": { "type": "string" },
|
|
144
|
+
"path": { "type": "string" },
|
|
145
|
+
"line": { "type": "integer", "minimum": 1 },
|
|
146
|
+
"surface": { "$ref": "#/$defs/surface" },
|
|
147
|
+
"kind": { "$ref": "#/$defs/referenceKind" }
|
|
148
|
+
}
|
|
149
|
+
},
|
|
150
|
+
"envKey": {
|
|
151
|
+
"type": "object",
|
|
152
|
+
"additionalProperties": false,
|
|
153
|
+
"required": [
|
|
154
|
+
"key",
|
|
155
|
+
"used_in_code",
|
|
156
|
+
"declared_in_example",
|
|
157
|
+
"referenced_in_ci",
|
|
158
|
+
"documented",
|
|
159
|
+
"secret_like",
|
|
160
|
+
"public_like",
|
|
161
|
+
"source_count",
|
|
162
|
+
"sources"
|
|
163
|
+
],
|
|
164
|
+
"properties": {
|
|
165
|
+
"key": { "type": "string" },
|
|
166
|
+
"used_in_code": { "type": "boolean" },
|
|
167
|
+
"declared_in_example": { "type": "boolean" },
|
|
168
|
+
"referenced_in_ci": { "type": "boolean" },
|
|
169
|
+
"documented": { "type": "boolean" },
|
|
170
|
+
"secret_like": { "type": "boolean" },
|
|
171
|
+
"public_like": { "type": "boolean" },
|
|
172
|
+
"source_count": { "type": "integer", "minimum": 0 },
|
|
173
|
+
"sources": {
|
|
174
|
+
"type": "array",
|
|
175
|
+
"items": { "$ref": "#/$defs/reference" }
|
|
176
|
+
}
|
|
177
|
+
}
|
|
178
|
+
},
|
|
179
|
+
"finding": {
|
|
180
|
+
"type": "object",
|
|
181
|
+
"additionalProperties": false,
|
|
182
|
+
"required": ["code", "severity", "message", "path"],
|
|
183
|
+
"properties": {
|
|
184
|
+
"code": {
|
|
185
|
+
"enum": [
|
|
186
|
+
"env_contract_path_outside_root",
|
|
187
|
+
"env_contract_unreadable_path",
|
|
188
|
+
"env_contract_secret_file_skipped",
|
|
189
|
+
"env_contract_max_files_exceeded",
|
|
190
|
+
"env_contract_max_keys_exceeded",
|
|
191
|
+
"env_contract_missing_example",
|
|
192
|
+
"env_contract_unused_example",
|
|
193
|
+
"env_contract_secret_like_public_name"
|
|
194
|
+
]
|
|
195
|
+
},
|
|
196
|
+
"severity": { "enum": ["low", "medium", "high", "critical"] },
|
|
197
|
+
"message": { "type": "string" },
|
|
198
|
+
"path": { "type": "string" },
|
|
199
|
+
"key": { "type": "string" }
|
|
200
|
+
}
|
|
201
|
+
}
|
|
202
|
+
}
|
|
203
|
+
}
|
|
@@ -0,0 +1,220 @@
|
|
|
1
|
+
{
|
|
2
|
+
"$schema": "https://json-schema.org/draft/2020-12/schema",
|
|
3
|
+
"$id": "https://mustflow.github.io/schemas/export-diff-report.schema.json",
|
|
4
|
+
"title": "mustflow export-diff report",
|
|
5
|
+
"type": "object",
|
|
6
|
+
"additionalProperties": false,
|
|
7
|
+
"required": [
|
|
8
|
+
"schema_version",
|
|
9
|
+
"command",
|
|
10
|
+
"pack_id",
|
|
11
|
+
"script_id",
|
|
12
|
+
"script_ref",
|
|
13
|
+
"action",
|
|
14
|
+
"status",
|
|
15
|
+
"ok",
|
|
16
|
+
"mustflow_root",
|
|
17
|
+
"policy",
|
|
18
|
+
"input_hash",
|
|
19
|
+
"package_surface",
|
|
20
|
+
"files",
|
|
21
|
+
"exports",
|
|
22
|
+
"summary",
|
|
23
|
+
"findings",
|
|
24
|
+
"issues"
|
|
25
|
+
],
|
|
26
|
+
"properties": {
|
|
27
|
+
"schema_version": { "const": "1" },
|
|
28
|
+
"command": { "const": "script-pack" },
|
|
29
|
+
"pack_id": { "const": "code" },
|
|
30
|
+
"script_id": { "const": "export-diff" },
|
|
31
|
+
"script_ref": { "const": "code/export-diff" },
|
|
32
|
+
"action": { "const": "compare" },
|
|
33
|
+
"status": { "enum": ["passed", "failed", "error"] },
|
|
34
|
+
"ok": { "type": "boolean" },
|
|
35
|
+
"mustflow_root": { "type": "string" },
|
|
36
|
+
"policy": { "$ref": "#/$defs/policy" },
|
|
37
|
+
"input_hash": { "$ref": "#/$defs/sha256" },
|
|
38
|
+
"package_surface": { "$ref": "#/$defs/packageSurface" },
|
|
39
|
+
"files": {
|
|
40
|
+
"type": "array",
|
|
41
|
+
"items": { "$ref": "#/$defs/file" }
|
|
42
|
+
},
|
|
43
|
+
"exports": {
|
|
44
|
+
"type": "array",
|
|
45
|
+
"items": { "$ref": "#/$defs/exportEntry" }
|
|
46
|
+
},
|
|
47
|
+
"summary": { "$ref": "#/$defs/summary" },
|
|
48
|
+
"findings": {
|
|
49
|
+
"type": "array",
|
|
50
|
+
"items": { "$ref": "#/$defs/finding" }
|
|
51
|
+
},
|
|
52
|
+
"issues": {
|
|
53
|
+
"type": "array",
|
|
54
|
+
"items": { "type": "string" }
|
|
55
|
+
}
|
|
56
|
+
},
|
|
57
|
+
"$defs": {
|
|
58
|
+
"sha256": {
|
|
59
|
+
"type": "string",
|
|
60
|
+
"pattern": "^sha256:[a-f0-9]{64}$"
|
|
61
|
+
},
|
|
62
|
+
"sha256Nullable": {
|
|
63
|
+
"anyOf": [
|
|
64
|
+
{ "$ref": "#/$defs/sha256" },
|
|
65
|
+
{ "type": "null" }
|
|
66
|
+
]
|
|
67
|
+
},
|
|
68
|
+
"language": {
|
|
69
|
+
"enum": ["typescript", "tsx", "javascript", "jsx", "javascript-module", "javascript-commonjs", "astro", "svelte", "go", "rust", "python"]
|
|
70
|
+
},
|
|
71
|
+
"symbolKind": {
|
|
72
|
+
"enum": ["function", "class", "interface", "type", "enum", "variable"]
|
|
73
|
+
},
|
|
74
|
+
"returnBehavior": {
|
|
75
|
+
"enum": ["value", "void", "implicit_undefined", "mixed", "throws_only", "unknown"]
|
|
76
|
+
},
|
|
77
|
+
"stringArray": {
|
|
78
|
+
"type": "array",
|
|
79
|
+
"items": { "type": "string" }
|
|
80
|
+
},
|
|
81
|
+
"policy": {
|
|
82
|
+
"type": "object",
|
|
83
|
+
"additionalProperties": false,
|
|
84
|
+
"required": [
|
|
85
|
+
"base_ref",
|
|
86
|
+
"head_ref",
|
|
87
|
+
"compare_worktree",
|
|
88
|
+
"max_files",
|
|
89
|
+
"max_file_bytes",
|
|
90
|
+
"extensions",
|
|
91
|
+
"ignored_directories",
|
|
92
|
+
"path_filters"
|
|
93
|
+
],
|
|
94
|
+
"properties": {
|
|
95
|
+
"base_ref": { "type": "string" },
|
|
96
|
+
"head_ref": { "type": ["string", "null"] },
|
|
97
|
+
"compare_worktree": { "type": "boolean" },
|
|
98
|
+
"max_files": { "type": "integer", "minimum": 1 },
|
|
99
|
+
"max_file_bytes": { "type": "integer", "minimum": 1 },
|
|
100
|
+
"extensions": { "$ref": "#/$defs/stringArray" },
|
|
101
|
+
"ignored_directories": { "$ref": "#/$defs/stringArray" },
|
|
102
|
+
"path_filters": { "$ref": "#/$defs/stringArray" }
|
|
103
|
+
}
|
|
104
|
+
},
|
|
105
|
+
"packageSurface": {
|
|
106
|
+
"type": "object",
|
|
107
|
+
"additionalProperties": false,
|
|
108
|
+
"required": ["package_json_present", "type", "exports", "bin", "types"],
|
|
109
|
+
"properties": {
|
|
110
|
+
"package_json_present": { "type": "boolean" },
|
|
111
|
+
"type": { "type": ["string", "null"] },
|
|
112
|
+
"exports": { "$ref": "#/$defs/stringArray" },
|
|
113
|
+
"bin": { "$ref": "#/$defs/stringArray" },
|
|
114
|
+
"types": { "type": ["string", "null"] }
|
|
115
|
+
}
|
|
116
|
+
},
|
|
117
|
+
"file": {
|
|
118
|
+
"type": "object",
|
|
119
|
+
"additionalProperties": false,
|
|
120
|
+
"required": [
|
|
121
|
+
"kind",
|
|
122
|
+
"path",
|
|
123
|
+
"language",
|
|
124
|
+
"base_sha256",
|
|
125
|
+
"head_sha256",
|
|
126
|
+
"base_exists",
|
|
127
|
+
"head_exists",
|
|
128
|
+
"exported_count_before",
|
|
129
|
+
"exported_count_after"
|
|
130
|
+
],
|
|
131
|
+
"properties": {
|
|
132
|
+
"kind": { "const": "source_file" },
|
|
133
|
+
"path": { "type": "string" },
|
|
134
|
+
"language": { "$ref": "#/$defs/language" },
|
|
135
|
+
"base_sha256": { "$ref": "#/$defs/sha256Nullable" },
|
|
136
|
+
"head_sha256": { "$ref": "#/$defs/sha256Nullable" },
|
|
137
|
+
"base_exists": { "type": "boolean" },
|
|
138
|
+
"head_exists": { "type": "boolean" },
|
|
139
|
+
"exported_count_before": { "type": "integer", "minimum": 0 },
|
|
140
|
+
"exported_count_after": { "type": "integer", "minimum": 0 }
|
|
141
|
+
}
|
|
142
|
+
},
|
|
143
|
+
"symbolSnapshot": {
|
|
144
|
+
"type": ["object", "null"],
|
|
145
|
+
"additionalProperties": false,
|
|
146
|
+
"required": [
|
|
147
|
+
"path",
|
|
148
|
+
"name",
|
|
149
|
+
"kind",
|
|
150
|
+
"language",
|
|
151
|
+
"signature",
|
|
152
|
+
"return_type",
|
|
153
|
+
"return_behavior",
|
|
154
|
+
"async",
|
|
155
|
+
"line"
|
|
156
|
+
],
|
|
157
|
+
"properties": {
|
|
158
|
+
"path": { "type": "string" },
|
|
159
|
+
"name": { "type": "string" },
|
|
160
|
+
"kind": { "$ref": "#/$defs/symbolKind" },
|
|
161
|
+
"language": { "$ref": "#/$defs/language" },
|
|
162
|
+
"signature": { "type": "string" },
|
|
163
|
+
"return_type": { "type": ["string", "null"] },
|
|
164
|
+
"return_behavior": { "$ref": "#/$defs/returnBehavior" },
|
|
165
|
+
"async": { "type": "boolean" },
|
|
166
|
+
"line": { "type": "integer", "minimum": 1 }
|
|
167
|
+
}
|
|
168
|
+
},
|
|
169
|
+
"exportEntry": {
|
|
170
|
+
"type": "object",
|
|
171
|
+
"additionalProperties": false,
|
|
172
|
+
"required": ["id", "path", "name", "kind", "change", "before", "after", "compatibility"],
|
|
173
|
+
"properties": {
|
|
174
|
+
"id": { "type": "string" },
|
|
175
|
+
"path": { "type": "string" },
|
|
176
|
+
"name": { "type": "string" },
|
|
177
|
+
"kind": { "$ref": "#/$defs/symbolKind" },
|
|
178
|
+
"change": { "enum": ["added", "removed", "changed", "unchanged"] },
|
|
179
|
+
"before": { "$ref": "#/$defs/symbolSnapshot" },
|
|
180
|
+
"after": { "$ref": "#/$defs/symbolSnapshot" },
|
|
181
|
+
"compatibility": {
|
|
182
|
+
"enum": ["additive", "removed_export", "signature_changed", "return_changed", "unchanged", "unknown"]
|
|
183
|
+
}
|
|
184
|
+
}
|
|
185
|
+
},
|
|
186
|
+
"summary": {
|
|
187
|
+
"type": "object",
|
|
188
|
+
"additionalProperties": false,
|
|
189
|
+
"required": ["files_changed", "added", "removed", "changed", "unchanged"],
|
|
190
|
+
"properties": {
|
|
191
|
+
"files_changed": { "type": "integer", "minimum": 0 },
|
|
192
|
+
"added": { "type": "integer", "minimum": 0 },
|
|
193
|
+
"removed": { "type": "integer", "minimum": 0 },
|
|
194
|
+
"changed": { "type": "integer", "minimum": 0 },
|
|
195
|
+
"unchanged": { "type": "integer", "minimum": 0 }
|
|
196
|
+
}
|
|
197
|
+
},
|
|
198
|
+
"finding": {
|
|
199
|
+
"type": "object",
|
|
200
|
+
"additionalProperties": false,
|
|
201
|
+
"required": ["code", "severity", "message", "path"],
|
|
202
|
+
"properties": {
|
|
203
|
+
"code": {
|
|
204
|
+
"enum": [
|
|
205
|
+
"export_diff_git_unavailable",
|
|
206
|
+
"export_diff_invalid_ref",
|
|
207
|
+
"export_diff_unreadable_path",
|
|
208
|
+
"export_diff_file_too_large",
|
|
209
|
+
"export_diff_max_files_exceeded",
|
|
210
|
+
"export_diff_duplicate_export",
|
|
211
|
+
"export_diff_reexport_unresolved"
|
|
212
|
+
]
|
|
213
|
+
},
|
|
214
|
+
"severity": { "enum": ["low", "medium", "high", "critical"] },
|
|
215
|
+
"message": { "type": "string" },
|
|
216
|
+
"path": { "type": "string" }
|
|
217
|
+
}
|
|
218
|
+
}
|
|
219
|
+
}
|
|
220
|
+
}
|