octocode-cli 1.2.8 → 1.2.10

package/skills/octocode-engineer/src/pipeline/config-loader.ts

@@ -0,0 +1,109 @@
+import fs from 'node:fs';
+import path from 'node:path';
+
+import type { AnalysisOptions } from '../types/index.js';
+
+type ConfigOverrides = Partial<Omit<AnalysisOptions, 'root' | 'packageRoot' | 'clearCache'>>;
+
+const CONFIG_NAMES = ['.octocode-scan.json', '.octocode-scan.jsonc'];
+
+/**
+ * Loads config from file, auto-discovered config, or package.json#octocode.
+ * CLI flags always win over config file values.
+ * Inspired by knip's .knip.json and eslint's flat config.
+ */
+export function loadConfigFile(
+  root: string,
+  explicitPath: string | null
+): ConfigOverrides | null {
+  if (explicitPath) {
+    const abs = path.isAbsolute(explicitPath)
+      ? explicitPath
+      : path.resolve(root, explicitPath);
+    return readJsonConfig(abs);
+  }
+
+  for (const name of CONFIG_NAMES) {
+    const candidate = path.join(root, name);
+    if (fs.existsSync(candidate)) {
+      return readJsonConfig(candidate);
+    }
+  }
+
+  const pkgJsonPath = path.join(root, 'package.json');
+  if (fs.existsSync(pkgJsonPath)) {
+    try {
+      const pkg = JSON.parse(fs.readFileSync(pkgJsonPath, 'utf8'));
+      if (pkg.octocode && typeof pkg.octocode === 'object') {
+        return normalizeConfig(pkg.octocode);
+      }
+    } catch { /* skip */ }
+  }
+
+  return null;
+}
+
+function readJsonConfig(filePath: string): ConfigOverrides | null {
+  try {
+    let raw = fs.readFileSync(filePath, 'utf8');
+    raw = raw.replace(/\/\/.*$/gm, '').replace(/\/\*[\s\S]*?\*\//g, '');
+    return normalizeConfig(JSON.parse(raw));
+  } catch {
+    return null;
+  }
+}
+
+function normalizeConfig(obj: Record<string, unknown>): ConfigOverrides {
+  const result: Record<string, unknown> = {};
+
+  for (const [key, value] of Object.entries(obj)) {
+    const camelKey = key.replace(/-([a-z])/g, (_, c: string) => c.toUpperCase());
+
+    if (camelKey === 'features' && typeof value === 'string') {
+      result[camelKey] = new Set(value.split(',').map(s => s.trim()));
+    } else if (camelKey === 'scope' && typeof value === 'string') {
+      result[camelKey] = value.split(',').map(s => s.trim());
+    } else if (camelKey === 'ignoreDirs' && Array.isArray(value)) {
+      result[camelKey] = new Set(value as string[]);
+    } else if (camelKey === 'thresholds' && typeof value === 'object' && value !== null) {
+      result[camelKey] = value;
+    } else {
+      result[camelKey] = value;
+    }
+  }
+
+  return result as ConfigOverrides;
+}
+
+/**
+ * Merges config file overrides into defaults, then CLI overrides on top.
+ * CLI args that differ from defaults always win.
+ */
+export function mergeConfigIntoDefaults(
+  defaults: AnalysisOptions,
+  config: ConfigOverrides,
+  cliArgs: AnalysisOptions
+): AnalysisOptions {
+  const merged = { ...defaults };
+
+  for (const [key, value] of Object.entries(config)) {
+    if (key === 'thresholds' && typeof value === 'object' && value !== null) {
+      merged.thresholds = {
+        ...merged.thresholds,
+        ...(value as unknown as Record<string, number>),
+      };
+    } else {
+      (merged as Record<string, unknown>)[key] = value;
+    }
+  }
+
+  for (const key of Object.keys(cliArgs)) {
+    const cliVal = (cliArgs as unknown as Record<string, unknown>)[key];
+    const defVal = (defaults as unknown as Record<string, unknown>)[key];
+    if (cliVal !== defVal) {
+      (merged as unknown as Record<string, unknown>)[key] = cliVal;
+    }
+  }
+
+  return merged;
+}

package/skills/octocode-engineer/src/pipeline/create-options.ts

@@ -0,0 +1,55 @@
+import path from 'node:path';
+
+import { ALL_CATEGORIES, PILLAR_CATEGORIES } from '../types/index.js';
+
+import type { AnalysisOptions } from '../types/index.js';
+
+export interface CreateOptionsInput {
+  args: AnalysisOptions;
+}
+
+/**
+ * Transforms raw parsed CLI args into validated, normalized runtime options.
+ * This is Layer 2 in the 3-layer CLI pattern (args → options → engine).
+ *
+ * Responsible for:
+ * - Deriving computed fields (packageRoot)
+ * - Auto-enabling flags based on feature selection (test-quality → includeTests)
+ *
+ * Inspired by knip's create-options.ts, eslint's translate-cli-options.js,
+ * and dependency-cruiser's normalize-cli-options.mjs.
+ */
+export function createOptions({ args }: CreateOptionsInput): AnalysisOptions {
+  const opts = { ...args };
+
+  opts.packageRoot = path.join(opts.root, 'packages');
+  autoEnableTestQuality(opts);
+
+  return opts;
+}
+
+function autoEnableTestQuality(opts: AnalysisOptions): void {
+  if (opts.features === null) return;
+
+  const testQualityCats = new Set(PILLAR_CATEGORIES['test-quality']);
+  if ([...opts.features].some(f => testQualityCats.has(f))) {
+    opts.includeTests = true;
+  }
+}
+
+/**
+ * Resolves `--exclude` into a features set by subtracting from ALL_CATEGORIES.
+ * Called during CLI arg parsing when --exclude is used.
+ */
+export function resolveExcludeToFeatures(
+  excludeSet: Set<string>
+): Set<string> {
+  return new Set([...ALL_CATEGORIES].filter(c => !excludeSet.has(c)));
+}
+
+export class OptionsError extends Error {
+  constructor(message: string) {
+    super(message);
+    this.name = 'OptionsError';
+  }
+}

package/skills/octocode-engineer/src/pipeline/health-score.test.ts

@@ -0,0 +1,65 @@
+import { describe, expect, it } from 'vitest';
+
+import { computeGateScore } from './main.js';
+
+describe('computeGateScore', () => {
+  it('returns 100 for 0 findings', () => {
+    expect(computeGateScore(0, 100)).toBe(100);
+  });
+
+  it('returns 100 for 0 findings and 0 files', () => {
+    expect(computeGateScore(0, 0)).toBe(100);
+  });
+
+  it('decreases as findings increase', () => {
+    const score10 = computeGateScore(10, 100);
+    const score50 = computeGateScore(50, 100);
+    const score200 = computeGateScore(200, 100);
+
+    expect(score10).toBeGreaterThan(score50);
+    expect(score50).toBeGreaterThan(score200);
+  });
+
+  it('returns higher score for same findings with more files', () => {
+    const smallProject = computeGateScore(50, 10);
+    const bigProject = computeGateScore(50, 1000);
+
+    expect(bigProject).toBeGreaterThan(smallProject);
+  });
+
+  it('is always between 0 and 100', () => {
+    for (const [f, t] of [
+      [0, 1],
+      [1, 1],
+      [100, 10],
+      [1000, 50],
+      [10000, 100],
+    ]) {
+      const score = computeGateScore(f, t);
+      expect(score).toBeGreaterThanOrEqual(0);
+      expect(score).toBeLessThanOrEqual(100);
+    }
+  });
+
+  it('returns reasonable score for typical project (10 findings / 100 files)', () => {
+    const score = computeGateScore(10, 100);
+    expect(score).toBeGreaterThan(90);
+  });
+
+  it('returns low score for finding-heavy project (500 findings / 50 files)', () => {
+    const score = computeGateScore(500, 50);
+    expect(score).toBeLessThanOrEqual(50);
+  });
+
+  it('handles totalFiles=0 without division by zero', () => {
+    expect(() => computeGateScore(10, 0)).not.toThrow();
+    const score = computeGateScore(10, 0);
+    expect(score).toBeGreaterThanOrEqual(0);
+    expect(score).toBeLessThanOrEqual(100);
+  });
+
+  it('returns integer values', () => {
+    const score = computeGateScore(17, 33);
+    expect(Number.isInteger(score)).toBe(true);
+  });
+});

package/skills/{octocode-code-engineer → octocode-engineer}/src/pipeline/main.ts

@@ -15,6 +15,12 @@ import {
   setCacheEntry,
 } from './cache.js';
 import { parseArgs } from './cli.js';
+import { loadConfigFile, mergeConfigIntoDefaults } from './config-loader.js';
+import { createOptions, OptionsError } from './create-options.js';
+import { attachConsoleFeedback, bus } from './progress.js';
+import { resolveAffectedFiles } from './affected.js';
+import { saveBaseline, filterKnownFindings } from './baseline.js';
+import { formatFindings } from './reporters.js';
 import { collectDependencyProfile } from '../analysis/dependencies.js';
 import { buildDependencySummary } from '../analysis/dependency-summary.js';
 import {
@@ -52,6 +58,7 @@ import {
 } from '../reporting/analysis.js';
 import { diverseTopRecommendations } from '../reporting/summary-md.js';
 import { generateMermaidGraph, writeMultiFileReport } from '../reporting/writer.js';
+import type { GraphRenderOptions } from '../reporting/writer.js';
 import { PILLAR_CATEGORIES, SEMANTIC_CATEGORIES } from '../types/index.js';
 
 import type { SemanticProfile } from '../analysis/semantic.js';
@@ -211,8 +218,8 @@ function runSemanticPhase(
       }
     }
     return runSemanticDetectors(semanticCtx, profiles, {
-      overrideChainThreshold: options.overrideChainThreshold,
-      shotgunThreshold: options.shotgunThreshold,
+      overrideChainThreshold: options.thresholds.overrideChainThreshold,
+      shotgunThreshold: options.thresholds.shotgunThreshold,
     });
   } catch (err: unknown) {
     parseErrors.push({
@@ -415,8 +422,26 @@ interface ScanState {
   treeSitterError: string | null;
 }
 
-async function initScanState(): Promise<ScanState | null> {
-  const options = parseArgs(process.argv.slice(2));
+async function initScanState(
+  prebuiltOptions?: AnalysisOptions
+): Promise<ScanState | null> {
+  let options: AnalysisOptions;
+  if (prebuiltOptions) {
+    options = prebuiltOptions;
+  } else {
+    const { DEFAULT_OPTS } = await import('../types/constants.js');
+    const cliArgs = createOptions({ args: parseArgs(process.argv.slice(2)) });
+    const config = loadConfigFile(cliArgs.root, cliArgs.configFile);
+    options = config
+      ? mergeConfigIntoDefaults(DEFAULT_OPTS, config, cliArgs)
+      : cliArgs;
+  }
+
+  if (!options.json && !prebuiltOptions) {
+    attachConsoleFeedback();
+  }
+
+  bus.progress('startup', 'Options parsed', `root=${options.root}`);
 
   if (options.clearCache) {
     clearCache(options.root);
@@ -472,6 +497,8 @@ async function initScanState(): Promise<ScanState | null> {
     }
   }
 
+  bus.progress('discovery', `Found ${packages.length} package(s)`, packages.map(p => p.name).join(', '));
+
   return {
     options,
     packages,
@@ -537,6 +564,7 @@ type CachedResult = {
 
 function collectFileData(state: ScanState): void {
   const { options, packages, useTreeSitter, summary, flowMap, controlMap, trees, fileSummaries, parseErrors, dependencyState, packageFileStats } = state;
+  bus.progress('cache-check', options.noCache ? 'Cache disabled' : 'Loading cache');
   const cache = options.noCache ? null : loadCache(options.root);
   const newCache = createEmptyCache(options.root);
 
@@ -785,13 +813,15 @@ function collectFileData(state: ScanState): void {
   }
 
   summary.totalDependencyFiles = dependencyState.files.size;
+  bus.progress('parse', `Parsed ${fileSummaries.length} files`, `${state.cacheHits} cache hits`);
 }
 
-function analyzeAndReport(state: ScanState): void {
+function analyzeAndReport(state: ScanState): number {
+  bus.progress('detect', 'Running detectors');
   const { options, effectiveParser, summary, flowMap, controlMap, trees, fileSummaries, parseErrors, dependencyState, allPkgJsonDeps, allPkgJsonDevDeps, isLegacyMode, outputDir, outputPath, treeSitterAvailable, treeSitterError } = state;
 
   const { duplicateFunctions, redundantFlows, duplicateFlowHints } =
-    groupDuplicates(flowMap, controlMap, options.flowDupThreshold);
+    groupDuplicates(flowMap, controlMap, options.thresholds.flowDupThreshold);
 
   const fileCriticalityByPath = new Map<string, FileCriticality>(
     fileSummaries.map(item => [
@@ -804,6 +834,7 @@ function analyzeAndReport(state: ScanState): void {
     fileCriticalityByPath,
     options
   );
+  bus.progress('graph', 'Computing graph analytics');
   const graphAnalytics = computeGraphAnalytics(
     dependencyState,
     dependencySummary,
@@ -813,6 +844,7 @@ function analyzeAndReport(state: ScanState): void {
     ? buildAdvancedGraphFindings(graphAnalytics, dependencyState, fileSummaries)
     : [];
 
+  bus.progress('semantic', options.semantic ? 'Running semantic analysis' : 'Skipping semantic (not requested)');
   const semanticFindings = runSemanticPhase(
     fileSummaries,
     dependencyState,
@@ -863,6 +895,27 @@ function analyzeAndReport(state: ScanState): void {
     graphAnalytics,
     { flowEnabled: !!options.flow }
   );
+  if (options.affected) {
+    const affectedPaths = resolveAffectedFiles(
+      options.root, options.affected, dependencyState
+    );
+    if (affectedPaths.length > 0) {
+      const affectedSet = new Set(affectedPaths);
+      findings = findings.filter(f => affectedSet.has(f.file));
+      bus.progress('detect', `--affected: ${affectedPaths.length} files in scope, ${findings.length} findings`);
+    }
+  }
+
+  if (options.ignoreKnown) {
+    const { filtered, suppressedCount } = filterKnownFindings(
+      findings, options.ignoreKnown, options.root
+    );
+    if (suppressedCount > 0) {
+      bus.progress('detect', `--ignore-known: suppressed ${suppressedCount} known findings`);
+    }
+    findings = filtered;
+  }
+
   const reportAnalysis = computeReportAnalysisSummary(
     findings,
     enrichedFileSummaries,
@@ -948,7 +1001,19 @@ function analyzeAndReport(state: ScanState): void {
     report.astTrees = trees;
   }
 
-  if (options.json) {
+  bus.progress('report', `${findings.length} findings generated`);
+
+  if (options.saveBaseline) {
+    const baselinePath = saveBaseline(options.root, findings);
+    if (!options.json) {
+      console.error(`Baseline saved: ${path.relative(options.root, baselinePath)} (${findings.length} findings)`);
+    }
+  }
+
+  if (options.reporter !== 'default') {
+    const formatted = formatFindings(findings, options.reporter, options.root);
+    process.stdout.write(formatted + '\n');
+  } else if (options.json) {
     console.log(JSON.stringify(report));
   } else {
     printConsoleResults(
@@ -972,10 +1037,16 @@ function analyzeAndReport(state: ScanState): void {
       );
     }
     if (options.graph) {
+      const gOpts: GraphRenderOptions = {
+        focus: options.focus,
+        focusDepth: options.focusDepth,
+        collapse: options.collapse,
+      };
       const graphMd = generateMermaidGraph(
         dependencyState,
         dependencySummary,
-        fileCriticalityByPath
+        fileCriticalityByPath,
+        gOpts
       );
       const graphPath = outputPath.replace(/\.json$/, '-graph.md');
       fs.writeFileSync(graphPath, graphMd, 'utf8');
@@ -986,13 +1057,20 @@ function analyzeAndReport(state: ScanState): void {
       }
     }
   } else if (outputDir) {
+    bus.progress('write', `Writing report to ${path.relative(options.root, outputDir)}`);
+    const gOpts: GraphRenderOptions = {
+      focus: options.focus,
+      focusDepth: options.focusDepth,
+      collapse: options.collapse,
+    };
     const outputFiles = writeMultiFileReport(
       outputDir,
       report,
       options,
       dependencyState,
       dependencySummary,
-      fileCriticalityByPath
+      fileCriticalityByPath,
+      gOpts
     );
     if (!options.json) {
       const relDir = path.relative(options.root, outputDir);
@@ -1002,13 +1080,39 @@ function analyzeAndReport(state: ScanState): void {
       }
     }
   }
+
+  bus.progress('done', 'Scan complete', `${findings.length} findings`);
+
+  if (options.atLeast != null) {
+    const totalFiles = summary.totalFiles ?? 1;
+    const gateScore = computeGateScore(findings.length, totalFiles);
+    if (gateScore < options.atLeast) {
+      console.error(
+        `Gate score ${gateScore} is below --at-least threshold ${options.atLeast}`
+      );
+      return -1;
+    }
+  }
+
+  return findings.length;
+}
+
+export function computeGateScore(findingsCount: number, totalFiles: number): number {
+  const ratio = findingsCount / Math.max(totalFiles, 1);
+  return Math.round(100 / (1 + ratio / 10));
 }
 
-async function main(): Promise<void> {
-  const state = await initScanState();
-  if (!state) return;
+export const EXIT_SUCCESS = 0;
+export const EXIT_FINDINGS = 1;
+export const EXIT_ERROR = 2;
+
+async function main(options?: AnalysisOptions): Promise<number> {
+  const state = await initScanState(options);
+  if (!state) return EXIT_SUCCESS;
   collectFileData(state);
-  analyzeAndReport(state);
+  const findingsCount = analyzeAndReport(state);
+  if (findingsCount < 0) return EXIT_FINDINGS;
+  return findingsCount > 0 ? EXIT_FINDINGS : EXIT_SUCCESS;
 }
 
 export { main };
@@ -1067,8 +1171,17 @@ function buildFindingStats(
 }
 
 if (isDirectRun(import.meta.url)) {
-  main().catch((error: unknown) => {
-    console.error(error);
-    process.exit(1);
-  });
+  main()
+    .then(code => {
+      process.exitCode = code;
+    })
+    .catch((error: unknown) => {
+      if (error instanceof OptionsError) {
+        console.error(error.message);
+        process.exitCode = EXIT_ERROR;
+      } else {
+        console.error(error);
+        process.exitCode = EXIT_ERROR;
+      }
+    });
 }

package/skills/octocode-engineer/src/pipeline/progress.ts

@@ -0,0 +1,51 @@
+import { EventEmitter } from 'node:events';
+
+export type ProgressPhase =
+  | 'startup'
+  | 'cache-check'
+  | 'discovery'
+  | 'parse'
+  | 'dependencies'
+  | 'semantic'
+  | 'detect'
+  | 'graph'
+  | 'report'
+  | 'write'
+  | 'done';
+
+export interface ProgressEvent {
+  phase: ProgressPhase;
+  message: string;
+  progress?: number;
+  detail?: string;
+}
+
+class ScanBus extends EventEmitter {
+  progress(phase: ProgressPhase, message: string, detail?: string): void {
+    this.emit('progress', { phase, message, detail } satisfies ProgressEvent);
+  }
+
+  summary(message: string): void {
+    this.emit('summary', message);
+  }
+
+  error(message: string, detail?: string): void {
+    this.emit('error', { message, detail });
+  }
+
+  reset(): void {
+    this.removeAllListeners();
+  }
+}
+
+export const bus = new ScanBus();
+
+export function attachConsoleFeedback(): void {
+  bus.on('progress', (event: ProgressEvent) => {
+    if (event.detail) {
+      process.stderr.write(`[${event.phase}] ${event.message}: ${event.detail}\n`);
+    } else {
+      process.stderr.write(`[${event.phase}] ${event.message}\n`);
+    }
+  });
+}

package/skills/octocode-engineer/src/pipeline/reporters.test.ts

@@ -0,0 +1,155 @@
+import { describe, expect, it } from 'vitest';
+
+import { formatFindings } from './reporters.js';
+import type { Finding } from '../types/index.js';
+
+function makeFinding(overrides: Partial<Finding>): Finding {
+  return {
+    id: 'f1',
+    severity: 'high',
+    category: 'dead-export',
+    file: '/repo/src/a.ts',
+    lineStart: 10,
+    lineEnd: 15,
+    title: 'Unused export foo',
+    reason: 'No consumers',
+    files: ['/repo/src/a.ts'],
+    suggestedFix: { strategy: 'remove', steps: ['Delete'] },
+    ...overrides,
+  };
+}
+
+describe('formatFindings', () => {
+  describe('compact reporter', () => {
+    it('formats one-line per finding with line number', () => {
+      const findings = [
+        makeFinding({
+          severity: 'high',
+          file: '/repo/src/a.ts',
+          lineStart: 10,
+          category: 'dead-export',
+          title: 'Unused foo',
+        }),
+      ];
+
+      const result = formatFindings(findings, 'compact', '/repo');
+      expect(result).toBe('high:src/a.ts:10 - [dead-export] Unused foo');
+    });
+
+    it('omits line number when lineStart is 0', () => {
+      const findings = [
+        makeFinding({
+          severity: 'low',
+          file: '/repo/src/b.ts',
+          lineStart: 0,
+          category: 'god-function',
+          title: 'Big func',
+        }),
+      ];
+
+      const result = formatFindings(findings, 'compact', '/repo');
+      expect(result).toBe('low:src/b.ts - [god-function] Big func');
+    });
+
+    it('handles empty findings list', () => {
+      expect(formatFindings([], 'compact', '/repo')).toBe('');
+    });
+
+    it('formats multiple findings separated by newlines', () => {
+      const findings = [
+        makeFinding({ severity: 'critical', title: 'A' }),
+        makeFinding({ severity: 'low', title: 'B' }),
+      ];
+      const lines = formatFindings(findings, 'compact', '/repo').split('\n');
+      expect(lines).toHaveLength(2);
+    });
+
+    it('handles file paths not under root', () => {
+      const findings = [
+        makeFinding({ file: '/other/place/x.ts', lineStart: 5, title: 'Out' }),
+      ];
+      const result = formatFindings(findings, 'compact', '/repo');
+      expect(result).toContain('/other/place/x.ts:5');
+    });
+  });
+
+  describe('github-actions reporter', () => {
+    it('maps critical severity to ::error', () => {
+      const findings = [
+        makeFinding({ severity: 'critical', lineStart: 5, title: 'Leak' }),
+      ];
+      const result = formatFindings(findings, 'github-actions', '/repo');
+      expect(result.startsWith('::error ')).toBe(true);
+    });
+
+    it('maps high severity to ::error', () => {
+      const findings = [
+        makeFinding({ severity: 'high', lineStart: 5, title: 'Bad' }),
+      ];
+      const result = formatFindings(findings, 'github-actions', '/repo');
+      expect(result.startsWith('::error ')).toBe(true);
+    });
+
+    it('maps medium severity to ::warning', () => {
+      const findings = [
+        makeFinding({ severity: 'medium', lineStart: 5, title: 'Warn' }),
+      ];
+      const result = formatFindings(findings, 'github-actions', '/repo');
+      expect(result.startsWith('::warning ')).toBe(true);
+    });
+
+    it('maps low severity to ::notice', () => {
+      const findings = [
+        makeFinding({ severity: 'low', lineStart: 5, title: 'Info' }),
+      ];
+      const result = formatFindings(findings, 'github-actions', '/repo');
+      expect(result.startsWith('::notice ')).toBe(true);
+    });
+
+    it('maps info severity to ::warning (default)', () => {
+      const findings = [
+        makeFinding({ severity: 'info', lineStart: 5, title: 'Note' }),
+      ];
+      const result = formatFindings(findings, 'github-actions', '/repo');
+      expect(result.startsWith('::warning ')).toBe(true);
+    });
+
+    it('includes file and line in annotation', () => {
+      const findings = [
+        makeFinding({
+          severity: 'high',
+          file: '/repo/src/a.ts',
+          lineStart: 42,
+          title: 'Found it',
+          category: 'unsafe-any',
+        }),
+      ];
+      const result = formatFindings(findings, 'github-actions', '/repo');
+      expect(result).toBe(
+        '::error file=src/a.ts,line=42::Found it [unsafe-any]'
+      );
+    });
+
+    it('defaults to line 1 when lineStart is 0', () => {
+      const findings = [
+        makeFinding({ severity: 'medium', lineStart: 0, title: 'X' }),
+      ];
+      const result = formatFindings(findings, 'github-actions', '/repo');
+      expect(result).toContain('line=1');
+    });
+
+    it('handles empty findings list', () => {
+      expect(formatFindings([], 'github-actions', '/repo')).toBe('');
+    });
+  });
+
+  describe('default reporter', () => {
+    it('returns empty string for default format', () => {
+      expect(formatFindings([], 'default', '/repo')).toBe('');
+    });
+
+    it('returns empty string even with findings', () => {
+      expect(formatFindings([makeFinding({})], 'default', '/repo')).toBe('');
+    });
+  });
+});