patchdrill 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (169) hide show
  1. package/.patchdrill.yml +33 -0
  2. package/CHANGELOG.md +150 -0
  3. package/CONTRIBUTING.md +59 -0
  4. package/LICENSE +21 -0
  5. package/README.md +601 -0
  6. package/SECURITY.md +28 -0
  7. package/action.yml +338 -0
  8. package/dist/baseline.d.ts +9 -0
  9. package/dist/baseline.js +38 -0
  10. package/dist/baseline.js.map +1 -0
  11. package/dist/cli.d.ts +19 -0
  12. package/dist/cli.js +662 -0
  13. package/dist/cli.js.map +1 -0
  14. package/dist/codeowners.d.ts +14 -0
  15. package/dist/codeowners.js +104 -0
  16. package/dist/codeowners.js.map +1 -0
  17. package/dist/command-plan.d.ts +3 -0
  18. package/dist/command-plan.js +26 -0
  19. package/dist/command-plan.js.map +1 -0
  20. package/dist/demo.d.ts +5 -0
  21. package/dist/demo.js +525 -0
  22. package/dist/demo.js.map +1 -0
  23. package/dist/dependency.d.ts +4 -0
  24. package/dist/dependency.js +1424 -0
  25. package/dist/dependency.js.map +1 -0
  26. package/dist/doctor.d.ts +26 -0
  27. package/dist/doctor.js +183 -0
  28. package/dist/doctor.js.map +1 -0
  29. package/dist/evidence.d.ts +64 -0
  30. package/dist/evidence.js +352 -0
  31. package/dist/evidence.js.map +1 -0
  32. package/dist/git.d.ts +16 -0
  33. package/dist/git.js +349 -0
  34. package/dist/git.js.map +1 -0
  35. package/dist/i18n-catalog.d.ts +8 -0
  36. package/dist/i18n-catalog.js +446 -0
  37. package/dist/i18n-catalog.js.map +1 -0
  38. package/dist/i18n.d.ts +20 -0
  39. package/dist/i18n.js +67 -0
  40. package/dist/i18n.js.map +1 -0
  41. package/dist/init.d.ts +13 -0
  42. package/dist/init.js +312 -0
  43. package/dist/init.js.map +1 -0
  44. package/dist/markdown-links.d.ts +18 -0
  45. package/dist/markdown-links.js +180 -0
  46. package/dist/markdown-links.js.map +1 -0
  47. package/dist/package-scripts.d.ts +3 -0
  48. package/dist/package-scripts.js +55 -0
  49. package/dist/package-scripts.js.map +1 -0
  50. package/dist/planner.d.ts +8 -0
  51. package/dist/planner.js +2351 -0
  52. package/dist/planner.js.map +1 -0
  53. package/dist/policy.d.ts +12 -0
  54. package/dist/policy.js +255 -0
  55. package/dist/policy.js.map +1 -0
  56. package/dist/project.d.ts +2 -0
  57. package/dist/project.js +1085 -0
  58. package/dist/project.js.map +1 -0
  59. package/dist/release-readiness.d.ts +25 -0
  60. package/dist/release-readiness.js +426 -0
  61. package/dist/release-readiness.js.map +1 -0
  62. package/dist/report-annotations.d.ts +3 -0
  63. package/dist/report-annotations.js +28 -0
  64. package/dist/report-annotations.js.map +1 -0
  65. package/dist/report-contract.d.ts +2 -0
  66. package/dist/report-contract.js +82 -0
  67. package/dist/report-contract.js.map +1 -0
  68. package/dist/report-html.d.ts +7 -0
  69. package/dist/report-html.js +706 -0
  70. package/dist/report-html.js.map +1 -0
  71. package/dist/report-sarif.d.ts +2 -0
  72. package/dist/report-sarif.js +90 -0
  73. package/dist/report-sarif.js.map +1 -0
  74. package/dist/report.d.ts +14 -0
  75. package/dist/report.js +310 -0
  76. package/dist/report.js.map +1 -0
  77. package/dist/risk.d.ts +19 -0
  78. package/dist/risk.js +1226 -0
  79. package/dist/risk.js.map +1 -0
  80. package/dist/runner.d.ts +8 -0
  81. package/dist/runner.js +113 -0
  82. package/dist/runner.js.map +1 -0
  83. package/dist/scan.d.ts +2 -0
  84. package/dist/scan.js +195 -0
  85. package/dist/scan.js.map +1 -0
  86. package/dist/schema.d.ts +12 -0
  87. package/dist/schema.js +30 -0
  88. package/dist/schema.js.map +1 -0
  89. package/dist/stack-coverage.d.ts +8 -0
  90. package/dist/stack-coverage.js +94 -0
  91. package/dist/stack-coverage.js.map +1 -0
  92. package/dist/types.d.ts +206 -0
  93. package/dist/types.js +2 -0
  94. package/dist/types.js.map +1 -0
  95. package/dist/verification.d.ts +11 -0
  96. package/dist/verification.js +108 -0
  97. package/dist/verification.js.map +1 -0
  98. package/docs/ANNOTATIONS.md +34 -0
  99. package/docs/ARCHITECTURE.md +79 -0
  100. package/docs/BASELINES.md +32 -0
  101. package/docs/CASE_STUDIES.md +106 -0
  102. package/docs/CODEOWNERS.md +23 -0
  103. package/docs/DASHBOARD.md +87 -0
  104. package/docs/EVIDENCE.md +55 -0
  105. package/docs/LAUNCH_PLAYBOOK.md +103 -0
  106. package/docs/MONOREPOS.md +74 -0
  107. package/docs/POLICY.md +98 -0
  108. package/docs/PROOF_PACKS.md +57 -0
  109. package/docs/PR_COMMENTS.md +56 -0
  110. package/docs/RELEASE.md +35 -0
  111. package/docs/ROADMAP.md +152 -0
  112. package/docs/RULE_CATALOG.md +90 -0
  113. package/docs/SARIF.md +74 -0
  114. package/docs/SCHEMAS.md +49 -0
  115. package/docs/SECURITY_POSTURE.md +32 -0
  116. package/docs/STACK_COVERAGE.md +20 -0
  117. package/docs/assets/patchdrill-demo.svg +21 -0
  118. package/docs/media/patchdrill-dashboard.png +0 -0
  119. package/docs/media/patchdrill-demo.gif +0 -0
  120. package/examples/case-studies/README.md +20 -0
  121. package/examples/demo/README.md +21 -0
  122. package/examples/demo/patchdrill-demo-summary.md +35 -0
  123. package/examples/demo/patchdrill-demo.html +623 -0
  124. package/examples/demo/patchdrill-demo.json +355 -0
  125. package/examples/demo/patchdrill-demo.md +120 -0
  126. package/examples/demo/patchdrill-demo.sarif +195 -0
  127. package/examples/report.md +128 -0
  128. package/examples/risky-agent-pr/README.md +15 -0
  129. package/examples/risky-agent-pr/patchdrill-demo-summary.md +41 -0
  130. package/examples/risky-agent-pr/patchdrill-demo.html +681 -0
  131. package/examples/risky-agent-pr/patchdrill-demo.json +483 -0
  132. package/examples/risky-agent-pr/patchdrill-demo.md +140 -0
  133. package/examples/risky-agent-pr/patchdrill-demo.sarif +398 -0
  134. package/fixtures/stacks/README.md +4 -0
  135. package/fixtures/stacks/android-gradle/fixture.json +33 -0
  136. package/fixtures/stacks/aspnet-core-service/fixture.json +36 -0
  137. package/fixtures/stacks/bazel-workspace/fixture.json +30 -0
  138. package/fixtures/stacks/buck2-workspace/fixture.json +30 -0
  139. package/fixtures/stacks/cargo-workspace/fixture.json +48 -0
  140. package/fixtures/stacks/django-app/fixture.json +25 -0
  141. package/fixtures/stacks/docker-compose/fixture.json +17 -0
  142. package/fixtures/stacks/dockerfile-service/fixture.json +17 -0
  143. package/fixtures/stacks/dotnet-service/fixture.json +36 -0
  144. package/fixtures/stacks/dotnet-solution-filter/fixture.json +62 -0
  145. package/fixtures/stacks/fastapi-app/fixture.json +29 -0
  146. package/fixtures/stacks/go-workspace/fixture.json +48 -0
  147. package/fixtures/stacks/java-gradle/fixture.json +29 -0
  148. package/fixtures/stacks/java-maven/fixture.json +32 -0
  149. package/fixtures/stacks/kubernetes-helm/fixture.json +25 -0
  150. package/fixtures/stacks/kubernetes-kustomize/fixture.json +21 -0
  151. package/fixtures/stacks/nested-go-workspace/fixture.json +51 -0
  152. package/fixtures/stacks/nextjs-app/fixture.json +34 -0
  153. package/fixtures/stacks/node-turbo-workspace/fixture.json +39 -0
  154. package/fixtures/stacks/pants-python/fixture.json +33 -0
  155. package/fixtures/stacks/php-composer/fixture.json +31 -0
  156. package/fixtures/stacks/python-service/fixture.json +21 -0
  157. package/fixtures/stacks/rails-app/fixture.json +25 -0
  158. package/fixtures/stacks/spring-boot-gradle/fixture.json +29 -0
  159. package/fixtures/stacks/spring-boot-maven/fixture.json +43 -0
  160. package/fixtures/stacks/swift-package/fixture.json +21 -0
  161. package/fixtures/stacks/terraform-module/fixture.json +17 -0
  162. package/fixtures/stacks/uv-python-service/fixture.json +47 -0
  163. package/fixtures/stacks/xcode-app/fixture.json +72 -0
  164. package/package.json +80 -0
  165. package/schemas/patchdrill-doctor.schema.json +171 -0
  166. package/schemas/patchdrill-evidence.schema.json +239 -0
  167. package/schemas/patchdrill-policy.schema.json +170 -0
  168. package/schemas/patchdrill-release-check.schema.json +78 -0
  169. package/schemas/patchdrill-report.schema.json +647 -0
package/schemas/patchdrill-policy.schema.json ADDED
@@ -0,0 +1,170 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://patchdrill.dev/schemas/patchdrill-policy.schema.json",
4
+ "title": "PatchDrill Policy",
5
+ "description": "Policy-as-code configuration for PatchDrill.",
6
+ "type": "object",
7
+ "additionalProperties": false,
8
+ "allOf": [
9
+ {
10
+ "not": {
11
+ "required": ["ignoredPaths", "ignore"]
12
+ }
13
+ }
14
+ ],
15
+ "properties": {
16
+ "$schema": {
17
+ "type": "string"
18
+ },
19
+ "ignoredPaths": {
20
+ "$ref": "#/$defs/stringArray",
21
+ "description": "Glob patterns removed from changed-file and added-line analysis. Do not combine with the legacy ignore alias."
22
+ },
23
+ "ignore": {
24
+ "$ref": "#/$defs/stringArray",
25
+ "description": "Legacy alias for ignoredPaths. Do not combine with ignoredPaths."
26
+ },
27
+ "failOn": {
28
+ "$ref": "#/$defs/severity"
29
+ },
30
+ "maxRisk": {
31
+ "type": "integer",
32
+ "minimum": 0,
33
+ "maximum": 100
34
+ },
35
+ "requiredCommands": {
36
+ "type": "array",
37
+ "description": "Commands PatchDrill runs when --run is set. Command ids and command strings must be unique across requiredCommands and optionalCommands.",
38
+ "items": {
39
+ "$ref": "#/$defs/policyCommand"
40
+ },
41
+ "default": []
42
+ },
43
+ "optionalCommands": {
44
+ "type": "array",
45
+ "description": "Commands shown in the report and run only when both --run and --run-optional are set. Command ids and command strings must be unique across requiredCommands and optionalCommands.",
46
+ "items": {
47
+ "$ref": "#/$defs/policyCommand"
48
+ },
49
+ "default": []
50
+ },
51
+ "rules": {
52
+ "type": "array",
53
+ "items": {
54
+ "$ref": "#/$defs/policyRule"
55
+ },
56
+ "default": []
57
+ }
58
+ },
59
+ "$defs": {
60
+ "severity": {
61
+ "type": "string",
62
+ "enum": ["info", "low", "medium", "high", "critical"]
63
+ },
64
+ "stringArray": {
65
+ "oneOf": [
66
+ {
67
+ "type": "string",
68
+ "minLength": 1
69
+ },
70
+ {
71
+ "type": "array",
72
+ "items": {
73
+ "type": "string",
74
+ "minLength": 1
75
+ }
76
+ }
77
+ ]
78
+ },
79
+ "pathPattern": {
80
+ "oneOf": [
81
+ {
82
+ "type": "string",
83
+ "minLength": 1
84
+ },
85
+ {
86
+ "type": "array",
87
+ "items": {
88
+ "type": "string",
89
+ "minLength": 1
90
+ },
91
+ "minItems": 1
92
+ }
93
+ ]
94
+ },
95
+ "policyCommand": {
96
+ "type": "object",
97
+ "additionalProperties": false,
98
+ "required": ["command"],
99
+ "properties": {
100
+ "id": {
101
+ "type": "string",
102
+ "minLength": 1
103
+ },
104
+ "label": {
105
+ "type": "string",
106
+ "minLength": 1
107
+ },
108
+ "command": {
109
+ "type": "string",
110
+ "minLength": 1
111
+ },
112
+ "reason": {
113
+ "type": "string",
114
+ "minLength": 1
115
+ }
116
+ }
117
+ },
118
+ "policyRule": {
119
+ "type": "object",
120
+ "additionalProperties": false,
121
+ "allOf": [
122
+ {
123
+ "not": {
124
+ "required": ["path", "paths"]
125
+ }
126
+ }
127
+ ],
128
+ "required": ["id", "title", "severity"],
129
+ "properties": {
130
+ "id": {
131
+ "type": "string",
132
+ "minLength": 1
133
+ },
134
+ "title": {
135
+ "type": "string",
136
+ "minLength": 1
137
+ },
138
+ "severity": {
139
+ "$ref": "#/$defs/severity"
140
+ },
141
+ "path": {
142
+ "$ref": "#/$defs/pathPattern",
143
+ "description": "Path glob or globs for this rule. Do not combine with paths."
144
+ },
145
+ "paths": {
146
+ "$ref": "#/$defs/pathPattern",
147
+ "description": "Alias for path. Do not combine with path."
148
+ },
149
+ "detail": {
150
+ "type": "string"
151
+ },
152
+ "remediation": {
153
+ "type": "string"
154
+ },
155
+ "weight": {
156
+ "type": "number",
157
+ "minimum": 0
158
+ },
159
+ "tags": {
160
+ "type": "array",
161
+ "items": {
162
+ "type": "string",
163
+ "minLength": 1
164
+ },
165
+ "default": []
166
+ }
167
+ }
168
+ }
169
+ }
170
+ }
package/schemas/patchdrill-release-check.schema.json ADDED
@@ -0,0 +1,78 @@
1
+ {
2
+ "$schema": "https://json-schema.org/draft/2020-12/schema",
3
+ "$id": "https://patchdrill.dev/schemas/patchdrill-release-check.schema.json",
4
+ "title": "PatchDrill Release Check Report",
5
+ "description": "Machine-readable local release-readiness diagnostics emitted by PatchDrill release-check --format json.",
6
+ "type": "object",
7
+ "additionalProperties": false,
8
+ "required": ["schemaVersion", "ok", "summary", "checks"],
9
+ "properties": {
10
+ "schemaVersion": {
11
+ "type": "string",
12
+ "const": "1"
13
+ },
14
+ "ok": {
15
+ "type": "boolean"
16
+ },
17
+ "summary": {
18
+ "$ref": "#/$defs/releaseReadinessSummary"
19
+ },
20
+ "checks": {
21
+ "type": "array",
22
+ "items": {
23
+ "$ref": "#/$defs/releaseCheck"
24
+ }
25
+ }
26
+ },
27
+ "$defs": {
28
+ "releaseStatus": {
29
+ "type": "string",
30
+ "enum": ["pass", "warn", "fail"]
31
+ },
32
+ "releaseReadinessSummary": {
33
+ "type": "object",
34
+ "additionalProperties": false,
35
+ "required": ["status", "ok", "passCount", "warnCount", "failCount"],
36
+ "properties": {
37
+ "status": {
38
+ "type": "string",
39
+ "enum": ["pass", "fail"]
40
+ },
41
+ "ok": {
42
+ "type": "boolean"
43
+ },
44
+ "passCount": {
45
+ "type": "integer",
46
+ "minimum": 0
47
+ },
48
+ "warnCount": {
49
+ "type": "integer",
50
+ "minimum": 0
51
+ },
52
+ "failCount": {
53
+ "type": "integer",
54
+ "minimum": 0
55
+ }
56
+ }
57
+ },
58
+ "releaseCheck": {
59
+ "type": "object",
60
+ "additionalProperties": false,
61
+ "required": ["status", "title", "detail"],
62
+ "properties": {
63
+ "status": {
64
+ "$ref": "#/$defs/releaseStatus"
65
+ },
66
+ "title": {
67
+ "type": "string"
68
+ },
69
+ "detail": {
70
+ "type": "string"
71
+ },
72
+ "remediation": {
73
+ "type": "string"
74
+ }
75
+ }
76
+ }
77
+ }
78
+ }