projscan 2.9.0 → 3.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (76) hide show
  1. package/README.md +31 -23
  2. package/dist/cli/commands/dataflow.d.ts +1 -0
  3. package/dist/cli/commands/dataflow.js +81 -0
  4. package/dist/cli/commands/dataflow.js.map +1 -0
  5. package/dist/cli/commands/semanticGraph.d.ts +1 -0
  6. package/dist/cli/commands/semanticGraph.js +55 -0
  7. package/dist/cli/commands/semanticGraph.js.map +1 -0
  8. package/dist/cli/index.js +4 -0
  9. package/dist/cli/index.js.map +1 -1
  10. package/dist/core/agentBrief.js +31 -1
  11. package/dist/core/agentBrief.js.map +1 -1
  12. package/dist/core/dataflow.d.ts +11 -0
  13. package/dist/core/dataflow.js +277 -0
  14. package/dist/core/dataflow.js.map +1 -0
  15. package/dist/core/dataflowFilters.d.ts +10 -0
  16. package/dist/core/dataflowFilters.js +44 -0
  17. package/dist/core/dataflowFilters.js.map +1 -0
  18. package/dist/core/graphCorpus.d.ts +5 -0
  19. package/dist/core/graphCorpus.js +46 -0
  20. package/dist/core/graphCorpus.js.map +1 -0
  21. package/dist/core/impact.js +34 -0
  22. package/dist/core/impact.js.map +1 -1
  23. package/dist/core/intent.d.ts +1 -1
  24. package/dist/core/intent.js +16 -0
  25. package/dist/core/intent.js.map +1 -1
  26. package/dist/core/issueEngine.js +25 -1
  27. package/dist/core/issueEngine.js.map +1 -1
  28. package/dist/core/plugins.d.ts +10 -3
  29. package/dist/core/plugins.js +2 -2
  30. package/dist/core/plugins.js.map +1 -1
  31. package/dist/core/prDiff.js +25 -1
  32. package/dist/core/prDiff.js.map +1 -1
  33. package/dist/core/preflight.js +75 -6
  34. package/dist/core/preflight.js.map +1 -1
  35. package/dist/core/regressionPlan.js +2 -0
  36. package/dist/core/regressionPlan.js.map +1 -1
  37. package/dist/core/review.js +109 -3
  38. package/dist/core/review.js.map +1 -1
  39. package/dist/core/reviewDataflow.d.ts +6 -0
  40. package/dist/core/reviewDataflow.js +21 -0
  41. package/dist/core/reviewDataflow.js.map +1 -0
  42. package/dist/core/semanticGraph.d.ts +7 -0
  43. package/dist/core/semanticGraph.js +167 -0
  44. package/dist/core/semanticGraph.js.map +1 -0
  45. package/dist/core/taint.d.ts +5 -5
  46. package/dist/core/taint.js +35 -6
  47. package/dist/core/taint.js.map +1 -1
  48. package/dist/core/watcher.d.ts +2 -2
  49. package/dist/core/watcher.js +103 -17
  50. package/dist/core/watcher.js.map +1 -1
  51. package/dist/core/workplan.js +8 -8
  52. package/dist/core/workplan.js.map +1 -1
  53. package/dist/index.d.ts +4 -1
  54. package/dist/index.js +3 -0
  55. package/dist/index.js.map +1 -1
  56. package/dist/mcp/tools/costSummary.js +2 -0
  57. package/dist/mcp/tools/costSummary.js.map +1 -1
  58. package/dist/mcp/tools/dataflow.d.ts +2 -0
  59. package/dist/mcp/tools/dataflow.js +69 -0
  60. package/dist/mcp/tools/dataflow.js.map +1 -0
  61. package/dist/mcp/tools/semanticGraph.d.ts +2 -0
  62. package/dist/mcp/tools/semanticGraph.js +40 -0
  63. package/dist/mcp/tools/semanticGraph.js.map +1 -0
  64. package/dist/mcp/tools.js +4 -0
  65. package/dist/mcp/tools.js.map +1 -1
  66. package/dist/projscan-sbom.cdx.json +6 -6
  67. package/dist/tool-manifest.json +63 -3
  68. package/dist/types.d.ts +144 -3
  69. package/dist/utils/formatSupport.d.ts +2 -0
  70. package/dist/utils/formatSupport.js +2 -0
  71. package/dist/utils/formatSupport.js.map +1 -1
  72. package/docs/PLUGIN-AUTHORING.md +11 -3
  73. package/docs/PLUGIN-GALLERY.md +8 -0
  74. package/docs/examples/plugins/graph-context.mjs +27 -0
  75. package/docs/examples/plugins/graph-context.projscan-plugin.json +8 -0
  76. package/package.json +4 -3
package/docs/examples/plugins/graph-context.projscan-plugin.json ADDED
@@ -0,0 +1,8 @@
1
+ {
2
+ "schemaVersion": 1,
3
+ "name": "graph-context",
4
+ "kind": "analyzer",
5
+ "module": "./graph-context.mjs",
6
+ "category": "architecture",
7
+ "description": "Demonstrates analyzer access to semantic graph and dataflow context"
8
+ }
package/package.json CHANGED
@@ -1,8 +1,8 @@
1
1
  {
2
2
  "name": "projscan",
3
3
  "mcpName": "io.github.abhiyoheswaran1/projscan",
4
- "version": "2.9.0",
5
- "description": "Agent-first code intelligence. MCP server (2025-03-26) with AST parsing for JavaScript, TypeScript, Python, Go, Java, Ruby, Rust, PHP, C#, Kotlin, Swift, and C++; code graph, file + per-function AST cyclomatic complexity, per-function fan-in + fan-out, coupling + cycle detection, structural PR diff with HTML reporter, coverage report with HTML reporter, intent-grounded one-call PR review (projscan_review with optional `intent` arg) and long-running PR-watch mode with structured per-bucket deltas (projscan_review_watch), agent workplans (projscan_workplan), bug-hunt queues (projscan_bug_hunt), product-line planning (projscan_release_train), evidence packs (projscan_evidence_pack), regression planning (projscan_regression_plan), agent briefs (projscan_agent_brief), quality scorecards (projscan_quality_scorecard), and preflight with supply-chain IOC evidence, rule-driven fix suggestions + mechanical apply layer with rollback (projscan_apply_fix, projscan_fix_suggest, projscan_explain_issue), source-to-sink taint analysis (projscan_taint) with truncation reporting, transitive blast-radius analysis with cross-repo mode (projscan_impact for files and symbols), cross-repo workspace registration + intelligence (projscan_workspace_graph), per-function semantic search chunks (sub-file embeddings), per-rule confidence + severity drift + cost-summary analytics with live streaming (projscan_cost_summary), stable local analyzer + reporter plugin API (projscan_plugin, CLI --reporter, opt-in via PROJSCAN_PLUGINS_PREVIEW=1), monorepo workspace awareness with cross-package import policy + per-package dependencies / outdated / audit, BM25 + optional semantic search, cursor pagination, progress notifications, context-budgeted output, and a stable-surface CI guard. CLI on the side.",
4
+ "version": "3.0.1",
5
+ "description": "Agent-first code intelligence. MCP server (2025-03-26) with AST parsing for JavaScript, TypeScript, Python, Go, Java, Ruby, Rust, PHP, C#, Kotlin, Swift, and C++; stable v3 semantic graph (projscan_semantic_graph), dataflow risk engine with bridge-helper detection (projscan_dataflow), code graph, file + per-function AST cyclomatic complexity, per-function fan-in + fan-out, coupling + cycle detection, structural PR diff with HTML reporter, coverage report with HTML reporter, intent-grounded one-call PR review (projscan_review with optional `intent` arg, new taint flows, contract changes, and newDataflowRisks) and long-running PR-watch mode with structured per-bucket deltas (projscan_review_watch), agent workplans (projscan_workplan), bug-hunt queues (projscan_bug_hunt), product-line planning (projscan_release_train), evidence packs (projscan_evidence_pack), regression planning (projscan_regression_plan), agent briefs (projscan_agent_brief), quality scorecards (projscan_quality_scorecard), and preflight with supply-chain IOC evidence, rule-driven fix suggestions + mechanical apply layer with rollback (projscan_apply_fix, projscan_fix_suggest, projscan_explain_issue), source-to-sink taint analysis (projscan_taint) with truncation reporting, transitive blast-radius analysis with cross-repo mode (projscan_impact for files and symbols), cross-repo workspace registration + intelligence (projscan_workspace_graph), per-function semantic search chunks (sub-file embeddings), per-rule confidence + severity drift + cost-summary analytics with live streaming (projscan_cost_summary), stable local analyzer + reporter plugin API (projscan_plugin, CLI --reporter, opt-in via PROJSCAN_PLUGINS_PREVIEW=1), monorepo workspace awareness with cross-package import policy + per-package dependencies / outdated / audit, BM25 + optional semantic search, cursor pagination, progress notifications, context-budgeted output, and a stable-surface CI guard. CLI on the side.",
6
6
  "type": "module",
7
7
  "main": "./dist/index.js",
8
8
  "types": "./dist/index.d.ts",
@@ -32,7 +32,8 @@
32
32
  "release:check": "node scripts/release-check.mjs",
33
33
  "security:release-gate": "node scripts/release-gate.mjs",
34
34
  "sbom:generate": "node scripts/generate-sbom.mjs",
35
- "prepare": "npm run build"
35
+ "prepare": "npm run build",
36
+ "check:graph-corpus": "node scripts/check-graph-corpus.mjs"
36
37
  },
37
38
  "keywords": [
38
39
  "cli",