patchdrill 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (169) hide show
  1. package/.patchdrill.yml +33 -0
  2. package/CHANGELOG.md +150 -0
  3. package/CONTRIBUTING.md +59 -0
  4. package/LICENSE +21 -0
  5. package/README.md +601 -0
  6. package/SECURITY.md +28 -0
  7. package/action.yml +338 -0
  8. package/dist/baseline.d.ts +9 -0
  9. package/dist/baseline.js +38 -0
  10. package/dist/baseline.js.map +1 -0
  11. package/dist/cli.d.ts +19 -0
  12. package/dist/cli.js +662 -0
  13. package/dist/cli.js.map +1 -0
  14. package/dist/codeowners.d.ts +14 -0
  15. package/dist/codeowners.js +104 -0
  16. package/dist/codeowners.js.map +1 -0
  17. package/dist/command-plan.d.ts +3 -0
  18. package/dist/command-plan.js +26 -0
  19. package/dist/command-plan.js.map +1 -0
  20. package/dist/demo.d.ts +5 -0
  21. package/dist/demo.js +525 -0
  22. package/dist/demo.js.map +1 -0
  23. package/dist/dependency.d.ts +4 -0
  24. package/dist/dependency.js +1424 -0
  25. package/dist/dependency.js.map +1 -0
  26. package/dist/doctor.d.ts +26 -0
  27. package/dist/doctor.js +183 -0
  28. package/dist/doctor.js.map +1 -0
  29. package/dist/evidence.d.ts +64 -0
  30. package/dist/evidence.js +352 -0
  31. package/dist/evidence.js.map +1 -0
  32. package/dist/git.d.ts +16 -0
  33. package/dist/git.js +349 -0
  34. package/dist/git.js.map +1 -0
  35. package/dist/i18n-catalog.d.ts +8 -0
  36. package/dist/i18n-catalog.js +446 -0
  37. package/dist/i18n-catalog.js.map +1 -0
  38. package/dist/i18n.d.ts +20 -0
  39. package/dist/i18n.js +67 -0
  40. package/dist/i18n.js.map +1 -0
  41. package/dist/init.d.ts +13 -0
  42. package/dist/init.js +312 -0
  43. package/dist/init.js.map +1 -0
  44. package/dist/markdown-links.d.ts +18 -0
  45. package/dist/markdown-links.js +180 -0
  46. package/dist/markdown-links.js.map +1 -0
  47. package/dist/package-scripts.d.ts +3 -0
  48. package/dist/package-scripts.js +55 -0
  49. package/dist/package-scripts.js.map +1 -0
  50. package/dist/planner.d.ts +8 -0
  51. package/dist/planner.js +2351 -0
  52. package/dist/planner.js.map +1 -0
  53. package/dist/policy.d.ts +12 -0
  54. package/dist/policy.js +255 -0
  55. package/dist/policy.js.map +1 -0
  56. package/dist/project.d.ts +2 -0
  57. package/dist/project.js +1085 -0
  58. package/dist/project.js.map +1 -0
  59. package/dist/release-readiness.d.ts +25 -0
  60. package/dist/release-readiness.js +426 -0
  61. package/dist/release-readiness.js.map +1 -0
  62. package/dist/report-annotations.d.ts +3 -0
  63. package/dist/report-annotations.js +28 -0
  64. package/dist/report-annotations.js.map +1 -0
  65. package/dist/report-contract.d.ts +2 -0
  66. package/dist/report-contract.js +82 -0
  67. package/dist/report-contract.js.map +1 -0
  68. package/dist/report-html.d.ts +7 -0
  69. package/dist/report-html.js +706 -0
  70. package/dist/report-html.js.map +1 -0
  71. package/dist/report-sarif.d.ts +2 -0
  72. package/dist/report-sarif.js +90 -0
  73. package/dist/report-sarif.js.map +1 -0
  74. package/dist/report.d.ts +14 -0
  75. package/dist/report.js +310 -0
  76. package/dist/report.js.map +1 -0
  77. package/dist/risk.d.ts +19 -0
  78. package/dist/risk.js +1226 -0
  79. package/dist/risk.js.map +1 -0
  80. package/dist/runner.d.ts +8 -0
  81. package/dist/runner.js +113 -0
  82. package/dist/runner.js.map +1 -0
  83. package/dist/scan.d.ts +2 -0
  84. package/dist/scan.js +195 -0
  85. package/dist/scan.js.map +1 -0
  86. package/dist/schema.d.ts +12 -0
  87. package/dist/schema.js +30 -0
  88. package/dist/schema.js.map +1 -0
  89. package/dist/stack-coverage.d.ts +8 -0
  90. package/dist/stack-coverage.js +94 -0
  91. package/dist/stack-coverage.js.map +1 -0
  92. package/dist/types.d.ts +206 -0
  93. package/dist/types.js +2 -0
  94. package/dist/types.js.map +1 -0
  95. package/dist/verification.d.ts +11 -0
  96. package/dist/verification.js +108 -0
  97. package/dist/verification.js.map +1 -0
  98. package/docs/ANNOTATIONS.md +34 -0
  99. package/docs/ARCHITECTURE.md +79 -0
  100. package/docs/BASELINES.md +32 -0
  101. package/docs/CASE_STUDIES.md +106 -0
  102. package/docs/CODEOWNERS.md +23 -0
  103. package/docs/DASHBOARD.md +87 -0
  104. package/docs/EVIDENCE.md +55 -0
  105. package/docs/LAUNCH_PLAYBOOK.md +103 -0
  106. package/docs/MONOREPOS.md +74 -0
  107. package/docs/POLICY.md +98 -0
  108. package/docs/PROOF_PACKS.md +57 -0
  109. package/docs/PR_COMMENTS.md +56 -0
  110. package/docs/RELEASE.md +35 -0
  111. package/docs/ROADMAP.md +152 -0
  112. package/docs/RULE_CATALOG.md +90 -0
  113. package/docs/SARIF.md +74 -0
  114. package/docs/SCHEMAS.md +49 -0
  115. package/docs/SECURITY_POSTURE.md +32 -0
  116. package/docs/STACK_COVERAGE.md +20 -0
  117. package/docs/assets/patchdrill-demo.svg +21 -0
  118. package/docs/media/patchdrill-dashboard.png +0 -0
  119. package/docs/media/patchdrill-demo.gif +0 -0
  120. package/examples/case-studies/README.md +20 -0
  121. package/examples/demo/README.md +21 -0
  122. package/examples/demo/patchdrill-demo-summary.md +35 -0
  123. package/examples/demo/patchdrill-demo.html +623 -0
  124. package/examples/demo/patchdrill-demo.json +355 -0
  125. package/examples/demo/patchdrill-demo.md +120 -0
  126. package/examples/demo/patchdrill-demo.sarif +195 -0
  127. package/examples/report.md +128 -0
  128. package/examples/risky-agent-pr/README.md +15 -0
  129. package/examples/risky-agent-pr/patchdrill-demo-summary.md +41 -0
  130. package/examples/risky-agent-pr/patchdrill-demo.html +681 -0
  131. package/examples/risky-agent-pr/patchdrill-demo.json +483 -0
  132. package/examples/risky-agent-pr/patchdrill-demo.md +140 -0
  133. package/examples/risky-agent-pr/patchdrill-demo.sarif +398 -0
  134. package/fixtures/stacks/README.md +4 -0
  135. package/fixtures/stacks/android-gradle/fixture.json +33 -0
  136. package/fixtures/stacks/aspnet-core-service/fixture.json +36 -0
  137. package/fixtures/stacks/bazel-workspace/fixture.json +30 -0
  138. package/fixtures/stacks/buck2-workspace/fixture.json +30 -0
  139. package/fixtures/stacks/cargo-workspace/fixture.json +48 -0
  140. package/fixtures/stacks/django-app/fixture.json +25 -0
  141. package/fixtures/stacks/docker-compose/fixture.json +17 -0
  142. package/fixtures/stacks/dockerfile-service/fixture.json +17 -0
  143. package/fixtures/stacks/dotnet-service/fixture.json +36 -0
  144. package/fixtures/stacks/dotnet-solution-filter/fixture.json +62 -0
  145. package/fixtures/stacks/fastapi-app/fixture.json +29 -0
  146. package/fixtures/stacks/go-workspace/fixture.json +48 -0
  147. package/fixtures/stacks/java-gradle/fixture.json +29 -0
  148. package/fixtures/stacks/java-maven/fixture.json +32 -0
  149. package/fixtures/stacks/kubernetes-helm/fixture.json +25 -0
  150. package/fixtures/stacks/kubernetes-kustomize/fixture.json +21 -0
  151. package/fixtures/stacks/nested-go-workspace/fixture.json +51 -0
  152. package/fixtures/stacks/nextjs-app/fixture.json +34 -0
  153. package/fixtures/stacks/node-turbo-workspace/fixture.json +39 -0
  154. package/fixtures/stacks/pants-python/fixture.json +33 -0
  155. package/fixtures/stacks/php-composer/fixture.json +31 -0
  156. package/fixtures/stacks/python-service/fixture.json +21 -0
  157. package/fixtures/stacks/rails-app/fixture.json +25 -0
  158. package/fixtures/stacks/spring-boot-gradle/fixture.json +29 -0
  159. package/fixtures/stacks/spring-boot-maven/fixture.json +43 -0
  160. package/fixtures/stacks/swift-package/fixture.json +21 -0
  161. package/fixtures/stacks/terraform-module/fixture.json +17 -0
  162. package/fixtures/stacks/uv-python-service/fixture.json +47 -0
  163. package/fixtures/stacks/xcode-app/fixture.json +72 -0
  164. package/package.json +80 -0
  165. package/schemas/patchdrill-doctor.schema.json +171 -0
  166. package/schemas/patchdrill-evidence.schema.json +239 -0
  167. package/schemas/patchdrill-policy.schema.json +170 -0
  168. package/schemas/patchdrill-release-check.schema.json +78 -0
  169. package/schemas/patchdrill-report.schema.json +647 -0
package/fixtures/stacks/uv-python-service/fixture.json ADDED
@@ -0,0 +1,47 @@
1
+ {
2
+ "name": "uv-python-service",
3
+ "expectedEcosystems": ["python"],
4
+ "expectedCommands": [
5
+ "uv run pytest tests/test_service.py",
6
+ "python -m compileall .",
7
+ "uv run ruff check .",
8
+ "uv run mypy .",
9
+ "uv run pyright"
10
+ ],
11
+ "baseFiles": [
12
+ {
13
+ "path": "pyproject.toml",
14
+ "lines": [
15
+ "[project]",
16
+ "dependencies = [\"pytest\", \"ruff\", \"mypy\", \"pyright\"]",
17
+ "",
18
+ "[tool.ruff]",
19
+ "line-length = 120",
20
+ "",
21
+ "[tool.mypy]",
22
+ "strict = true",
23
+ "",
24
+ "[tool.pyright]",
25
+ "typeCheckingMode = \"strict\""
26
+ ]
27
+ },
28
+ {
29
+ "path": "uv.lock",
30
+ "lines": []
31
+ },
32
+ {
33
+ "path": "app/service.py",
34
+ "lines": ["def ok():", " return True"]
35
+ },
36
+ {
37
+ "path": "tests/test_service.py",
38
+ "lines": ["def test_ok():", " assert True"]
39
+ }
40
+ ],
41
+ "changeFiles": [
42
+ {
43
+ "path": "app/service.py",
44
+ "lines": ["def ok():", " return False"]
45
+ }
46
+ ]
47
+ }
package/fixtures/stacks/xcode-app/fixture.json ADDED
@@ -0,0 +1,72 @@
1
+ {
2
+ "name": "xcode-app",
3
+ "expectedEcosystems": ["xcode"],
4
+ "expectedCommands": [
5
+ "xcodebuild -project App.xcodeproj -scheme App -testPlan AppTests test",
6
+ "xcodebuild -project App.xcodeproj -scheme App -showdestinations",
7
+ "xcodebuild -project App.xcodeproj -scheme App -destination generic/platform=iOS build"
8
+ ],
9
+ "baseFiles": [
10
+ {
11
+ "path": "App.xcodeproj/project.pbxproj",
12
+ "lines": [
13
+ "// !$*UTF8*$!",
14
+ "{",
15
+ " objects = {",
16
+ " APP_TARGET /* App */ = {",
17
+ " isa = PBXNativeTarget;",
18
+ " buildConfigurationList = APP_CONFIGS /* Build configuration list for PBXNativeTarget App */;",
19
+ " productType = \"com.apple.product-type.application\";",
20
+ " };",
21
+ " APP_CONFIGS /* Build configuration list for PBXNativeTarget App */ = {",
22
+ " isa = XCConfigurationList;",
23
+ " buildConfigurations = (",
24
+ " APP_DEBUG /* Debug */,",
25
+ " );",
26
+ " };",
27
+ " APP_DEBUG /* Debug */ = {",
28
+ " isa = XCBuildConfiguration;",
29
+ " buildSettings = {",
30
+ " SDKROOT = iphoneos;",
31
+ " SUPPORTED_PLATFORMS = \"iphoneos iphonesimulator\";",
32
+ " };",
33
+ " };",
34
+ " };",
35
+ "}"
36
+ ]
37
+ },
38
+ {
39
+ "path": "App.xcodeproj/xcshareddata/xcschemes/App.xcscheme",
40
+ "lines": [
41
+ "<Scheme LastUpgradeVersion=\"1600\" version=\"1.7\">",
42
+ " <BuildAction>",
43
+ " <BuildActionEntries>",
44
+ " <BuildActionEntry>",
45
+ " <BuildableReference BlueprintIdentifier=\"APP_TARGET\" ReferencedContainer=\"container:App.xcodeproj\" />",
46
+ " </BuildActionEntry>",
47
+ " </BuildActionEntries>",
48
+ " </BuildAction>",
49
+ " <TestAction>",
50
+ " <TestPlans>",
51
+ " <TestPlanReference reference=\"container:AppTests.xctestplan\" default=\"YES\" />",
52
+ " </TestPlans>",
53
+ " </TestAction>",
54
+ "</Scheme>"
55
+ ]
56
+ },
57
+ {
58
+ "path": "AppTests/AppTests.xctestplan",
59
+ "lines": ["{", " \"version\": 1", "}"]
60
+ },
61
+ {
62
+ "path": "App/ContentView.swift",
63
+ "lines": ["import SwiftUI", "struct ContentView: View {", " var body: some View { Text(\"Hello\") }", "}"]
64
+ }
65
+ ],
66
+ "changeFiles": [
67
+ {
68
+ "path": "App/ContentView.swift",
69
+ "lines": ["import SwiftUI", "struct ContentView: View {", " var body: some View { Text(\"Hello, PatchDrill\") }", "}"]
70
+ }
71
+ ]
72
+ }
package/package.json ADDED
@@ -0,0 +1,80 @@
1
+ {
2
+ "name": "patchdrill",
3
+ "version": "0.1.0",
4
+ "description": "A deterministic proof layer for verifying AI-generated and human patches before merge.",
5
+ "type": "module",
6
+ "bin": {
7
+ "patchdrill": "./dist/cli.js"
8
+ },
9
+ "files": [
10
+ "dist",
11
+ "schemas",
12
+ "docs",
13
+ "examples",
14
+ "fixtures",
15
+ ".patchdrill.yml",
16
+ "README.md",
17
+ "LICENSE",
18
+ "action.yml",
19
+ "CHANGELOG.md",
20
+ "CONTRIBUTING.md",
21
+ "SECURITY.md"
22
+ ],
23
+ "scripts": {
24
+ "build": "tsc -p tsconfig.json",
25
+ "typecheck": "tsc -p tsconfig.eslint.json",
26
+ "lint": "eslint .",
27
+ "lint:fix": "eslint . --fix",
28
+ "test": "vitest run",
29
+ "test:fast": "vitest run --exclude tests/dependency.test.ts --exclude tests/fixtures.test.ts --exclude tests/scan.test.ts",
30
+ "test:integration": "vitest run tests/dependency.test.ts tests/fixtures.test.ts tests/scan.test.ts",
31
+ "test:coverage": "vitest run --coverage",
32
+ "check": "npm run build && npm run typecheck && npm run lint && npm test",
33
+ "prepare": "npm run build",
34
+ "prepack": "npm run check"
35
+ },
36
+ "keywords": [
37
+ "ai-coding",
38
+ "ci",
39
+ "developer-tools",
40
+ "git",
41
+ "code-review",
42
+ "testing",
43
+ "agentic-coding",
44
+ "evidence",
45
+ "sarif",
46
+ "codeowners",
47
+ "monorepo",
48
+ "turborepo",
49
+ "nx",
50
+ "supply-chain",
51
+ "github-actions"
52
+ ],
53
+ "author": "PatchDrill contributors",
54
+ "repository": {
55
+ "type": "git",
56
+ "url": "git+https://github.com/seungdori/patchdrill.git"
57
+ },
58
+ "bugs": {
59
+ "url": "https://github.com/seungdori/patchdrill/issues"
60
+ },
61
+ "homepage": "https://github.com/seungdori/patchdrill#readme",
62
+ "license": "MIT",
63
+ "engines": {
64
+ "node": ">=20"
65
+ },
66
+ "devDependencies": {
67
+ "@eslint/js": "10.0.1",
68
+ "@types/node": "^25.9.1",
69
+ "@vitest/coverage-v8": "4.1.8",
70
+ "ajv": "^8.20.0",
71
+ "eslint": "10.4.1",
72
+ "globals": "17.6.0",
73
+ "typescript": "^6.0.3",
74
+ "typescript-eslint": "8.60.1",
75
+ "vitest": "^4.1.8"
76
+ },
77
+ "dependencies": {
78
+ "yaml": "^2.9.0"
79
+ }
80
+ }
package/schemas/patchdrill-doctor.schema.json ADDED
@@ -0,0 +1,171 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://patchdrill.dev/schemas/patchdrill-doctor.schema.json",
4
+ "title": "PatchDrill Doctor Report",
5
+ "description": "Machine-readable repository readiness diagnostics emitted by PatchDrill doctor --format json.",
6
+ "type": "object",
7
+ "additionalProperties": false,
8
+ "required": ["schemaVersion", "root", "summary", "projectSignals", "checks", "suggestedCommands"],
9
+ "properties": {
10
+ "schemaVersion": {
11
+ "type": "string",
12
+ "const": "1"
13
+ },
14
+ "root": {
15
+ "type": "string"
16
+ },
17
+ "summary": {
18
+ "$ref": "#/$defs/doctorSummary"
19
+ },
20
+ "projectSignals": {
21
+ "type": "array",
22
+ "items": {
23
+ "$ref": "#/$defs/projectSignal"
24
+ }
25
+ },
26
+ "checks": {
27
+ "type": "array",
28
+ "items": {
29
+ "$ref": "#/$defs/doctorCheck"
30
+ }
31
+ },
32
+ "suggestedCommands": {
33
+ "type": "array",
34
+ "items": {
35
+ "type": "string"
36
+ }
37
+ }
38
+ },
39
+ "$defs": {
40
+ "doctorStatus": {
41
+ "type": "string",
42
+ "enum": ["pass", "warn", "info"]
43
+ },
44
+ "doctorSummary": {
45
+ "type": "object",
46
+ "additionalProperties": false,
47
+ "required": ["status", "ok", "passCount", "warnCount", "infoCount", "projectSignalCount"],
48
+ "properties": {
49
+ "status": {
50
+ "type": "string",
51
+ "enum": ["pass", "warn"]
52
+ },
53
+ "ok": {
54
+ "type": "boolean"
55
+ },
56
+ "passCount": {
57
+ "type": "integer",
58
+ "minimum": 0
59
+ },
60
+ "warnCount": {
61
+ "type": "integer",
62
+ "minimum": 0
63
+ },
64
+ "infoCount": {
65
+ "type": "integer",
66
+ "minimum": 0
67
+ },
68
+ "projectSignalCount": {
69
+ "type": "integer",
70
+ "minimum": 0
71
+ }
72
+ }
73
+ },
74
+ "doctorCheck": {
75
+ "type": "object",
76
+ "additionalProperties": false,
77
+ "required": ["status", "title", "detail"],
78
+ "properties": {
79
+ "status": {
80
+ "$ref": "#/$defs/doctorStatus"
81
+ },
82
+ "title": {
83
+ "type": "string"
84
+ },
85
+ "detail": {
86
+ "type": "string"
87
+ },
88
+ "remediation": {
89
+ "type": "string"
90
+ }
91
+ }
92
+ },
93
+ "ecosystem": {
94
+ "type": "string",
95
+ "enum": ["node", "python", "rust", "go", "java", "android", "ruby", "php", "dotnet", "swift", "xcode", "terraform", "docker", "kubernetes", "bazel", "buck", "pants", "github-actions", "unknown"]
96
+ },
97
+ "workspacePackage": {
98
+ "type": "object",
99
+ "additionalProperties": false,
100
+ "required": ["name", "path", "scripts"],
101
+ "properties": {
102
+ "name": {
103
+ "type": "string"
104
+ },
105
+ "projectName": {
106
+ "type": "string"
107
+ },
108
+ "path": {
109
+ "type": "string"
110
+ },
111
+ "scripts": {
112
+ "type": "object",
113
+ "additionalProperties": {
114
+ "type": "string"
115
+ }
116
+ },
117
+ "targets": {
118
+ "type": "array",
119
+ "items": {
120
+ "type": "string"
121
+ }
122
+ },
123
+ "dependencies": {
124
+ "type": "array",
125
+ "items": {
126
+ "type": "string"
127
+ }
128
+ }
129
+ }
130
+ },
131
+ "projectSignal": {
132
+ "type": "object",
133
+ "additionalProperties": false,
134
+ "required": ["ecosystem", "manifestPath"],
135
+ "properties": {
136
+ "ecosystem": {
137
+ "$ref": "#/$defs/ecosystem"
138
+ },
139
+ "manifestPath": {
140
+ "type": "string"
141
+ },
142
+ "framework": {
143
+ "type": "string",
144
+ "enum": ["django", "fastapi", "spring-boot", "rails", "laravel", "aspnet-core"]
145
+ },
146
+ "entrypoint": {
147
+ "type": "string"
148
+ },
149
+ "packageManager": {
150
+ "type": "string"
151
+ },
152
+ "taskRunner": {
153
+ "type": "string",
154
+ "enum": ["turbo", "nx"]
155
+ },
156
+ "scripts": {
157
+ "type": "object",
158
+ "additionalProperties": {
159
+ "type": "string"
160
+ }
161
+ },
162
+ "workspacePackages": {
163
+ "type": "array",
164
+ "items": {
165
+ "$ref": "#/$defs/workspacePackage"
166
+ }
167
+ }
168
+ }
169
+ }
170
+ }
171
+ }
package/schemas/patchdrill-evidence.schema.json ADDED
@@ -0,0 +1,239 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://patchdrill.dev/schemas/patchdrill-evidence.schema.json",
4
+ "title": "PatchDrill Evidence Manifest",
5
+ "description": "Audit manifest emitted by PatchDrill scan --evidence with report, artifact, and command-output digests.",
6
+ "type": "object",
7
+ "additionalProperties": false,
8
+ "required": [
9
+ "schemaVersion",
10
+ "generatedAt",
11
+ "tool",
12
+ "root",
13
+ "git",
14
+ "summary",
15
+ "report",
16
+ "artifacts",
17
+ "commands"
18
+ ],
19
+ "properties": {
20
+ "schemaVersion": {
21
+ "type": "string",
22
+ "const": "1"
23
+ },
24
+ "generatedAt": {
25
+ "type": "string",
26
+ "format": "date-time"
27
+ },
28
+ "tool": {
29
+ "type": "object",
30
+ "additionalProperties": false,
31
+ "required": ["name", "reportSchemaVersion"],
32
+ "properties": {
33
+ "name": {
34
+ "type": "string",
35
+ "const": "patchdrill"
36
+ },
37
+ "reportSchemaVersion": {
38
+ "type": "string",
39
+ "const": "1"
40
+ },
41
+ "version": {
42
+ "type": "string"
43
+ }
44
+ }
45
+ },
46
+ "root": {
47
+ "type": "string"
48
+ },
49
+ "base": {
50
+ "type": "string"
51
+ },
52
+ "head": {
53
+ "type": "string"
54
+ },
55
+ "git": {
56
+ "type": "object",
57
+ "additionalProperties": false,
58
+ "properties": {
59
+ "branch": {
60
+ "type": "string"
61
+ },
62
+ "headSha": {
63
+ "$ref": "#/$defs/sha1"
64
+ },
65
+ "baseSha": {
66
+ "$ref": "#/$defs/sha1"
67
+ }
68
+ }
69
+ },
70
+ "summary": {
71
+ "$ref": "#/$defs/patchSummary"
72
+ },
73
+ "report": {
74
+ "type": "object",
75
+ "additionalProperties": false,
76
+ "required": ["sha256", "bytes", "findingCount", "commandPlanCount", "commandResultCount"],
77
+ "properties": {
78
+ "sha256": {
79
+ "$ref": "#/$defs/sha256"
80
+ },
81
+ "bytes": {
82
+ "type": "integer",
83
+ "minimum": 0
84
+ },
85
+ "findingCount": {
86
+ "type": "integer",
87
+ "minimum": 0
88
+ },
89
+ "commandPlanCount": {
90
+ "type": "integer",
91
+ "minimum": 0
92
+ },
93
+ "commandResultCount": {
94
+ "type": "integer",
95
+ "minimum": 0
96
+ }
97
+ }
98
+ },
99
+ "artifacts": {
100
+ "type": "array",
101
+ "items": {
102
+ "$ref": "#/$defs/artifact"
103
+ }
104
+ },
105
+ "commands": {
106
+ "type": "array",
107
+ "items": {
108
+ "$ref": "#/$defs/command"
109
+ }
110
+ }
111
+ },
112
+ "$defs": {
113
+ "sha1": {
114
+ "type": "string",
115
+ "pattern": "^[a-f0-9]{40}$"
116
+ },
117
+ "sha256": {
118
+ "type": "string",
119
+ "pattern": "^[a-f0-9]{64}$"
120
+ },
121
+ "patchStatus": {
122
+ "type": "string",
123
+ "enum": ["pass", "warn", "fail"]
124
+ },
125
+ "patchSummary": {
126
+ "type": "object",
127
+ "additionalProperties": false,
128
+ "required": [
129
+ "status",
130
+ "riskScore",
131
+ "confidenceScore",
132
+ "changedFileCount",
133
+ "additions",
134
+ "deletions",
135
+ "requiredCommandCount",
136
+ "failedCommandCount"
137
+ ],
138
+ "properties": {
139
+ "status": {
140
+ "$ref": "#/$defs/patchStatus"
141
+ },
142
+ "riskScore": {
143
+ "type": "integer",
144
+ "minimum": 0,
145
+ "maximum": 100
146
+ },
147
+ "confidenceScore": {
148
+ "type": "integer",
149
+ "minimum": 0,
150
+ "maximum": 100
151
+ },
152
+ "changedFileCount": {
153
+ "type": "integer",
154
+ "minimum": 0
155
+ },
156
+ "additions": {
157
+ "type": "integer",
158
+ "minimum": 0
159
+ },
160
+ "deletions": {
161
+ "type": "integer",
162
+ "minimum": 0
163
+ },
164
+ "requiredCommandCount": {
165
+ "type": "integer",
166
+ "minimum": 0
167
+ },
168
+ "failedCommandCount": {
169
+ "type": "integer",
170
+ "minimum": 0
171
+ }
172
+ }
173
+ },
174
+ "artifact": {
175
+ "type": "object",
176
+ "additionalProperties": false,
177
+ "required": ["kind", "path", "sha256", "bytes"],
178
+ "properties": {
179
+ "kind": {
180
+ "type": "string",
181
+ "enum": ["summary-markdown", "markdown", "json", "sarif", "html"]
182
+ },
183
+ "path": {
184
+ "type": "string"
185
+ },
186
+ "sha256": {
187
+ "$ref": "#/$defs/sha256"
188
+ },
189
+ "bytes": {
190
+ "type": "integer",
191
+ "minimum": 0
192
+ }
193
+ }
194
+ },
195
+ "digest": {
196
+ "type": "object",
197
+ "additionalProperties": false,
198
+ "required": ["sha256", "bytes"],
199
+ "properties": {
200
+ "sha256": {
201
+ "$ref": "#/$defs/sha256"
202
+ },
203
+ "bytes": {
204
+ "type": "integer",
205
+ "minimum": 0
206
+ }
207
+ }
208
+ },
209
+ "command": {
210
+ "type": "object",
211
+ "additionalProperties": false,
212
+ "required": ["id", "command", "exitCode", "durationMs", "stdout", "stderr"],
213
+ "properties": {
214
+ "id": {
215
+ "type": "string"
216
+ },
217
+ "command": {
218
+ "type": "string"
219
+ },
220
+ "exitCode": {
221
+ "type": "integer"
222
+ },
223
+ "durationMs": {
224
+ "type": "integer",
225
+ "minimum": 0
226
+ },
227
+ "timedOut": {
228
+ "type": "boolean"
229
+ },
230
+ "stdout": {
231
+ "$ref": "#/$defs/digest"
232
+ },
233
+ "stderr": {
234
+ "$ref": "#/$defs/digest"
235
+ }
236
+ }
237
+ }
238
+ }
239
+ }