projscan 3.4.1 → 3.6.0

package/dist/core/roadmapCatalog.js

@@ -76,23 +76,23 @@ const ROADMAP_3_2_CATALOG = {
     '3.5.x': {
         line: '3.5.x',
         track: {
-            theme: 'First 10 Minutes UX',
-            outcome: 'A new user gets a single guided path from trust boundary to first PR evidence.',
+            theme: 'Plugin Trust',
+            outcome: 'The surfaces that touch untrusted repositories cannot execute their code without explicit approval.',
             includedInPlan: true,
-            scope: ['first-ten-minutes command path', 'start report guidance', 'adoption docs alignment'],
-            successCriteria: ['start output includes the guided path', 'docs lead with the same path', 'MCP and CLI onboarding stay consistent'],
+            scope: ['fix-layer --ignore-scripts', 'plugin trust-on-first-use', 'embedding model graceful degradation'],
+            successCriteria: ['projscan fix never runs a scanned repo lifecycle script', 'plugins execute only after projscan plugin trust', 'an embedding model-load failure degrades to BM25 instead of throwing'],
         },
         tasks: [
             {
-                id: 'rt-3-5-first-10-minutes-ux',
+                id: 'rt-3-5-plugin-trust',
                 priority: 'p1',
-                title: 'Add first-ten-minutes guidance',
-                why: 'The broad command catalog should not be the first experience for a new team.',
+                title: 'Gate untrusted-repo code execution',
+                why: 'A scanned repo is untrusted input; fix-layer installs and local plugins must not execute its code without explicit, per-artifact approval.',
                 track: '3.5.x',
-                files: ['src/core/start.ts', 'src/core/adoption.ts', 'docs/FIRST-10-MINUTES.md'],
+                files: ['src/fixes/eslintFix.ts', 'src/core/pluginTrust.ts', 'src/core/plugins.ts'],
                 verification: {
-                    commands: ['projscan start --mode before_edit --format json', 'projscan first-run --format json'],
-                    expected: 'Start and first-run surfaces point to the same first-ten-minutes path.',
+                    commands: ['npm test', 'projscan plugin trust --all'],
+                    expected: 'Fix installs use --ignore-scripts and plugins run only once trusted.',
                 },
             },
         ],
@@ -100,23 +100,23 @@ const ROADMAP_3_2_CATALOG = {
     '3.6.x': {
         line: '3.6.x',
         track: {
-            theme: 'Maintainability Hardening',
-            outcome: 'Future roadmap and evidence changes land in smaller focused modules instead of growing hotspots.',
+            theme: 'Swarm Collision Detection',
+            outcome: 'When two in-flight worktrees have overlapping blast radius, an agent learns before the changes collide.',
             includedInPlan: true,
-            scope: ['roadmap catalog extraction', 'evidence formatting boundaries', 'stable public exports'],
-            successCriteria: ['core orchestration remains small and readable', 'public API exports remain stable', 'focused tests cover extracted helpers'],
+            scope: ['per-worktree changed-symbol blast radius', 'pairwise overlap detection', 'projscan_collision MCP + CLI'],
+            successCriteria: ['collision report names overlapping worktree pairs with the files and symbols at risk', 'blast radius reuses the impact graph', 'stays local-first over sibling git worktrees'],
         },
         tasks: [
             {
-                id: 'rt-3-6-maintainability-hardening',
+                id: 'rt-3-6-collision-detection',
                 priority: 'p1',
-                title: 'Extract planning and evidence helpers',
-                why: 'The product surface is large enough that static planning data and formatting helpers need clear ownership.',
+                title: 'Detect cross-worktree change collisions',
+                why: 'Parallel agents editing one repo collide when their blast radii overlap; surfacing that pre-merge is the flagship coordination value.',
                 track: '3.6.x',
-                files: ['src/core/roadmapCatalog.ts', 'src/core/releaseTrain.ts', 'src/core/releaseEvidence.ts', 'src/types.ts'],
+                files: ['src/core/collisionDetector.ts', 'src/mcp/tools/collision.ts', 'src/cli/commands/collision.ts'],
                 verification: {
-                    commands: ['npm run build', 'npm test'],
-                    expected: 'Extraction preserves stable exports, output schemas, and test behavior.',
+                    commands: ['projscan collisions --format json'],
+                    expected: 'Report lists worktree pairs whose changed-symbol blast radii overlap.',
                 },
             },
         ],
@@ -124,23 +124,23 @@ const ROADMAP_3_2_CATALOG = {
     '3.7.x': {
         line: '3.7.x',
         track: {
-            theme: 'Graph And Dataflow Precision',
-            outcome: 'Dataflow catches one more real framework source pattern while keeping false positives narrow.',
+            theme: 'Claims And Leases',
+            outcome: 'An agent can claim a file, symbol, or subsystem so the swarm sees who owns what and warns on contention.',
             includedInPlan: true,
-            scope: ['framework request-source precision', 'review-time dataflow calibration', 'false-positive guard tests'],
-            successCriteria: ['new source pattern is detected', 'unrelated helpers are not treated as request data', 'generated and test filters remain quiet by default'],
+            scope: ['local claim store under .projscan-cache', 'contention warnings', 'projscan_claim MCP + CLI'],
+            successCriteria: ['claims persist locally and are scoped to the active repo', 'overlapping claims surface a contention warning', 'claims can be released explicitly'],
         },
         tasks: [
             {
-                id: 'rt-3-7-graph-dataflow-precision',
+                id: 'rt-3-7-claims-leases',
                 priority: 'p1',
-                title: 'Add a narrow framework dataflow precision pass',
-                why: 'The graph/dataflow moat improves only when new precision comes with false-positive guardrails.',
+                title: 'Add local claims / leases for swarm work',
+                why: 'Coordination needs a lightweight ownership signal so two agents do not silently take the same file or symbol.',
                 track: '3.7.x',
-                files: ['src/core/frameworkSources.ts', 'src/core/dataflow.ts', 'tests/core/dataflow.test.ts'],
+                files: ['src/core/claims.ts', 'src/mcp/tools/claim.ts', 'src/cli/commands/claim.ts'],
                 verification: {
-                    commands: ['projscan dataflow --format json', 'npm test'],
-                    expected: 'Dataflow reports the new framework source pattern and avoids unrelated helper calls.',
+                    commands: ['projscan claim add src/auth.ts --agent a', 'projscan claim list --format json'],
+                    expected: 'Claims persist locally and overlapping claims warn on contention.',
                 },
             },
         ],
@@ -148,23 +148,23 @@ const ROADMAP_3_2_CATALOG = {
     '3.8.x': {
         line: '3.8.x',
         track: {
-            theme: 'Plugin Ecosystem',
-            outcome: 'Teams can validate local policy plugins with clearer trust and context-readiness guidance.',
+            theme: 'Merge-Risk Preflight',
+            outcome: 'Given the set of in-flight worktrees, preflight returns the safe integration order and where conflict risk concentrates.',
             includedInPlan: true,
-            scope: ['plugin test result guidance', 'trust reminder', 'gallery and authoring docs'],
-            successCriteria: ['plugin test output names trust boundaries', 'graph/dataflow context needs are visible', 'docs show copyable validation commands'],
+            scope: ['multi-branch preflight verdict', 'integration order', 'conflict-risk concentration'],
+            successCriteria: ['preflight accepts multiple in-flight worktrees', 'returns a safe integration order', 'flags files where multiple branches and blast radii concentrate'],
         },
         tasks: [
             {
-                id: 'rt-3-8-plugin-ecosystem',
+                id: 'rt-3-8-merge-risk-preflight',
                 priority: 'p1',
-                title: 'Improve local plugin authoring feedback',
-                why: 'Plugins are useful when teams can test local policy safely before enabling execution.',
+                title: 'Extend preflight to a multi-branch integration verdict',
+                why: 'Once collisions and claims exist, teams need an ordering: which in-flight branch is safe to merge first.',
                 track: '3.8.x',
-                files: ['src/core/pluginDx.ts', 'tests/core/pluginDx.test.ts', 'docs/PLUGIN-AUTHORING.md', 'docs/PLUGIN-GALLERY.md'],
+                files: ['src/core/preflight.ts', 'src/core/collisionDetector.ts'],
                 verification: {
-                    commands: ['projscan plugin test docs/examples/plugins/policy.projscan-plugin.json --format json'],
-                    expected: 'Plugin test output includes trust guidance, validation commands, and context capability notes.',
+                    commands: ['projscan preflight --mode before_merge --format json'],
+                    expected: 'Preflight returns integration order and conflict-risk concentration across in-flight worktrees.',
                 },
             },
         ],
@@ -172,23 +172,23 @@ const ROADMAP_3_2_CATALOG = {
     '3.9.x': {
         line: '3.9.x',
         track: {
-            theme: 'Multi-Agent Coordination',
-            outcome: 'Agents can tell current worktree risk from remembered session context before parallel edits continue.',
+            theme: 'Agent Ergonomics And Coordination Proof',
+            outcome: 'Agents reach the right capability through one budget-shaped entry point, and the coordination layer is measured for outcome value.',
             includedInPlan: true,
-            scope: ['coordination hints', 'session resource clarity', 'agent brief handoff commands'],
-            successCriteria: ['resources explain current-vs-remembered risk', 'agent briefs include conflict-resolution commands', 'start output keeps the distinction visible'],
+            scope: ['adaptive intent router over the tool surface', 'budget-shaped next actions', 'with/without coordination outcome metrics'],
+            successCriteria: ['a single entry tool routes to the right capability', 'router output is budget-shaped and shrinks the tool-list footprint', 'dogfood/trial reports compare task success and token cost with vs without coordination'],
         },
         tasks: [
             {
-                id: 'rt-3-9-multi-agent-coordination',
+                id: 'rt-3-9-agent-ergonomics-and-proof',
                 priority: 'p1',
-                title: 'Add compact multi-agent coordination hints',
-                why: 'Shared session state helps only when agents understand whether a signal is current worktree evidence or older remembered context.',
+                title: 'Add an intent router and coordination outcome proof',
+                why: 'A 41-tool surface costs context every turn; one adaptive entry point plus measured outcomes proves the coordination arc earns its keep.',
                 track: '3.9.x',
-                files: ['src/core/sessionResources.ts', 'src/core/agentBrief.ts', 'src/core/start.ts'],
+                files: ['src/mcp/tools', 'src/core/dogfood.ts', 'src/core/trial.ts'],
                 verification: {
-                    commands: ['projscan agent-brief --format json', 'projscan session current --format json'],
-                    expected: 'Coordination surfaces include current-vs-remembered hints and exact follow-up commands.',
+                    commands: ['projscan dogfood --format json'],
+                    expected: 'Routing shrinks the tool footprint and proof reports compare with/without coordination.',
                 },
             },
         ],

package/dist/core/roadmapCatalog.js.map

@@ -1 +1 @@
-{"version":3,"file":"roadmapCatalog.js","sourceRoot":"","sources":["../../src/core/roadmapCatalog.ts"],"names":[],"mappings":"AAQA,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAU,CAAC;AACnH,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,OAAO,CAAU,CAAC;AAEpD,MAAM,mBAAmB,GAAwC;IAC/D,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,KAAK,EAAE;YACL,KAAK,EAAE,0BAA0B;YACjC,OAAO,EAAE,mGAAmG;YAC5G,cAAc,EAAE,IAAI;YACpB,KAAK,EAAE,CAAC,8BAA8B,EAAE,iCAAiC,EAAE,6BAA6B,CAAC;YACzG,eAAe,EAAE,CAAC,0DAA0D,EAAE,4CAA4C,EAAE,mCAAmC,CAAC;SACjK;QACD,KAAK,EAAE;YACL;gBACE,EAAE,EAAE,iCAAiC;gBACrC,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,oCAAoC;gBAC3C,GAAG,EAAE,8FAA8F;gBACnG,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,CAAC,4BAA4B,EAAE,0BAA0B,EAAE,iBAAiB,CAAC;gBACpF,YAAY,EAAE;oBACZ,QAAQ,EAAE,CAAC,sCAAsC,EAAE,UAAU,CAAC;oBAC9D,QAAQ,EAAE,8FAA8F;iBACzG;aACF;SACF;KACF;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,KAAK,EAAE;YACL,KAAK,EAAE,uBAAuB;YAC9B,OAAO,EAAE,2EAA2E;YACpF,cAAc,EAAE,IAAI;YACpB,KAAK,EAAE,CAAC,sBAAsB,EAAE,kCAAkC,EAAE,2BAA2B,CAAC;YAChG,eAAe,EAAE,CAAC,mCAAmC,EAAE,gDAAgD,EAAE,6DAA6D,CAAC;SACxK;QACD,KAAK,EAAE;YACL;gBACE,EAAE,EAAE,8BAA8B;gBAClC,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,8BAA8B;gBACrC,GAAG,EAAE,+FAA+F;gBACpG,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,CAAC,qBAAqB,EAAE,mBAAmB,EAAE,wBAAwB,EAAE,2BAA2B,CAAC;gBAC1G,YAAY,EAAE;oBACZ,QAAQ,EAAE,CAAC,mHAAmH,CAAC;oBAC/H,QAAQ,EAAE,4GAA4G;iBACvH;aACF;SACF;KACF;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,KAAK,EAAE;YACL,KAAK,EAAE,oBAAoB;YAC3B,OAAO,EAAE,gIAAgI;YACzI,cAAc,EAAE,IAAI;YACpB,KAAK,EAAE,CAAC,gBAAgB,EAAE,kBAAkB,EAAE,cAAc,EAAE,2BAA2B,EAAE,0BAA0B,CAAC;YACtH,eAAe,EAAE,CAAC,mEAAmE,EAAE,0CAA0C,EAAE,gDAAgD,CAAC;SACrL;QACD,KAAK,EAAE;YACL;gBACE,EAAE,EAAE,2BAA2B;gBAC/B,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,+BAA+B;gBACtC,GAAG,EAAE,kJAAkJ;gBACvJ,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,CAAC,wBAAwB,EAAE,gCAAgC,EAAE,6BAA6B,EAAE,WAAW,EAAE,+BAA+B,CAAC;gBAChJ,YAAY,EAAE;oBACZ,QAAQ,EAAE,CAAC,8CAA8C,EAAE,iDAAiD,EAAE,UAAU,CAAC;oBACzH,QAAQ,EAAE,6GAA6G;iBACxH;aACF;SACF;KACF;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,KAAK,EAAE;YACL,KAAK,EAAE,qBAAqB;YAC5B,OAAO,EAAE,gFAAgF;YACzF,cAAc,EAAE,IAAI;YACpB,KAAK,EAAE,CAAC,gCAAgC,EAAE,uBAAuB,EAAE,yBAAyB,CAAC;YAC7F,eAAe,EAAE,CAAC,uCAAuC,EAAE,8BAA8B,EAAE,wCAAwC,CAAC;SACrI;QACD,KAAK,EAAE;YACL;gBACE,EAAE,EAAE,4BAA4B;gBAChC,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,gCAAgC;gBACvC,GAAG,EAAE,8EAA8E;gBACnF,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,CAAC,mBAAmB,EAAE,sBAAsB,EAAE,0BAA0B,CAAC;gBAChF,YAAY,EAAE;oBACZ,QAAQ,EAAE,CAAC,iDAAiD,EAAE,kCAAkC,CAAC;oBACjG,QAAQ,EAAE,wEAAwE;iBACnF;aACF;SACF;KACF;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,KAAK,EAAE;YACL,KAAK,EAAE,2BAA2B;YAClC,OAAO,EAAE,kGAAkG;YAC3G,cAAc,EAAE,IAAI;YACpB,KAAK,EAAE,CAAC,4BAA4B,EAAE,gCAAgC,EAAE,uBAAuB,CAAC;YAChG,eAAe,EAAE,CAAC,+CAA+C,EAAE,kCAAkC,EAAE,uCAAuC,CAAC;SAChJ;QACD,KAAK,EAAE;YACL;gBACE,EAAE,EAAE,kCAAkC;gBACtC,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,uCAAuC;gBAC9C,GAAG,EAAE,4GAA4G;gBACjH,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,CAAC,4BAA4B,EAAE,0BAA0B,EAAE,6BAA6B,EAAE,cAAc,CAAC;gBAChH,YAAY,EAAE;oBACZ,QAAQ,EAAE,CAAC,eAAe,EAAE,UAAU,CAAC;oBACvC,QAAQ,EAAE,yEAAyE;iBACpF;aACF;SACF;KACF;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,KAAK,EAAE;YACL,KAAK,EAAE,8BAA8B;YACrC,OAAO,EAAE,+FAA+F;YACxG,cAAc,EAAE,IAAI;YACpB,KAAK,EAAE,CAAC,oCAAoC,EAAE,kCAAkC,EAAE,4BAA4B,CAAC;YAC/G,eAAe,EAAE,CAAC,gCAAgC,EAAE,mDAAmD,EAAE,oDAAoD,CAAC;SAC/J;QACD,KAAK,EAAE;YACL;gBACE,EAAE,EAAE,iCAAiC;gBACrC,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,gDAAgD;gBACvD,GAAG,EAAE,gGAAgG;gBACrG,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,CAAC,8BAA8B,EAAE,sBAAsB,EAAE,6BAA6B,CAAC;gBAC9F,YAAY,EAAE;oBACZ,QAAQ,EAAE,CAAC,iCAAiC,EAAE,UAAU,CAAC;oBACzD,QAAQ,EAAE,sFAAsF;iBACjG;aACF;SACF;KACF;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,KAAK,EAAE;YACL,KAAK,EAAE,kBAAkB;YACzB,OAAO,EAAE,4FAA4F;YACrG,cAAc,EAAE,IAAI;YACpB,KAAK,EAAE,CAAC,6BAA6B,EAAE,gBAAgB,EAAE,4BAA4B,CAAC;YACtF,eAAe,EAAE,CAAC,2CAA2C,EAAE,0CAA0C,EAAE,wCAAwC,CAAC;SACrJ;QACD,KAAK,EAAE;YACL;gBACE,EAAE,EAAE,yBAAyB;gBAC7B,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,yCAAyC;gBAChD,GAAG,EAAE,uFAAuF;gBAC5F,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,CAAC,sBAAsB,EAAE,6BAA6B,EAAE,0BAA0B,EAAE,wBAAwB,CAAC;gBACpH,YAAY,EAAE;oBACZ,QAAQ,EAAE,CAAC,sFAAsF,CAAC;oBAClG,QAAQ,EAAE,gGAAgG;iBAC3G;aACF;SACF;KACF;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,KAAK,EAAE;YACL,KAAK,EAAE,0BAA0B;YACjC,OAAO,EAAE,uGAAuG;YAChH,cAAc,EAAE,IAAI;YACpB,KAAK,EAAE,CAAC,oBAAoB,EAAE,0BAA0B,EAAE,8BAA8B,CAAC;YACzF,eAAe,EAAE,CAAC,8CAA8C,EAAE,mDAAmD,EAAE,4CAA4C,CAAC;SACrK;QACD,KAAK,EAAE;YACL;gBACE,EAAE,EAAE,iCAAiC;gBACrC,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,4CAA4C;gBACnD,GAAG,EAAE,mIAAmI;gBACxI,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,CAAC,8BAA8B,EAAE,wBAAwB,EAAE,mBAAmB,CAAC;gBACtF,YAAY,EAAE;oBACZ,QAAQ,EAAE,CAAC,oCAAoC,EAAE,wCAAwC,CAAC;oBAC1F,QAAQ,EAAE,yFAAyF;iBACpG;aACF;SACF;KACF;CACF,CAAC;AAEF,MAAM,UAAU,6BAA6B,CAAC,OAAsB;IAClE,IAAI,CAAC,OAAO;QAAE,OAAO,SAAS,CAAC;IAC/B,MAAM,CAAC,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;IAC3F,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IACzE,IAAI,KAAK,GAAG,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;QAAE,OAAO,CAAC,GAAG,iBAAiB,CAAC,CAAC;IAC5E,IAAI,KAAK,KAAK,CAAC,IAAI,KAAK,IAAI,CAAC;QAAE,OAAO,CAAC,GAAG,iBAAiB,CAAC,CAAC;IAC7D,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,IAAY;IAC9C,MAAM,KAAK,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;IACxC,OAAO,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AAClE,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,IAAY;IAC9C,OAAO,mBAAmB,CAAC,IAAI,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,KAAK,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,YAAY,EAAE,EAAE,GAAG,IAAI,CAAC,YAAY,EAAE,QAAQ,EAAE,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;AACxL,CAAC"}
+{"version":3,"file":"roadmapCatalog.js","sourceRoot":"","sources":["../../src/core/roadmapCatalog.ts"],"names":[],"mappings":"AAQA,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAU,CAAC;AACnH,MAAM,CAAC,MAAM,iBAAiB,GAAG,CAAC,OAAO,CAAU,CAAC;AAEpD,MAAM,mBAAmB,GAAwC;IAC/D,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,KAAK,EAAE;YACL,KAAK,EAAE,0BAA0B;YACjC,OAAO,EAAE,mGAAmG;YAC5G,cAAc,EAAE,IAAI;YACpB,KAAK,EAAE,CAAC,8BAA8B,EAAE,iCAAiC,EAAE,6BAA6B,CAAC;YACzG,eAAe,EAAE,CAAC,0DAA0D,EAAE,4CAA4C,EAAE,mCAAmC,CAAC;SACjK;QACD,KAAK,EAAE;YACL;gBACE,EAAE,EAAE,iCAAiC;gBACrC,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,oCAAoC;gBAC3C,GAAG,EAAE,8FAA8F;gBACnG,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,CAAC,4BAA4B,EAAE,0BAA0B,EAAE,iBAAiB,CAAC;gBACpF,YAAY,EAAE;oBACZ,QAAQ,EAAE,CAAC,sCAAsC,EAAE,UAAU,CAAC;oBAC9D,QAAQ,EAAE,8FAA8F;iBACzG;aACF;SACF;KACF;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,KAAK,EAAE;YACL,KAAK,EAAE,uBAAuB;YAC9B,OAAO,EAAE,2EAA2E;YACpF,cAAc,EAAE,IAAI;YACpB,KAAK,EAAE,CAAC,sBAAsB,EAAE,kCAAkC,EAAE,2BAA2B,CAAC;YAChG,eAAe,EAAE,CAAC,mCAAmC,EAAE,gDAAgD,EAAE,6DAA6D,CAAC;SACxK;QACD,KAAK,EAAE;YACL;gBACE,EAAE,EAAE,8BAA8B;gBAClC,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,8BAA8B;gBACrC,GAAG,EAAE,+FAA+F;gBACpG,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,CAAC,qBAAqB,EAAE,mBAAmB,EAAE,wBAAwB,EAAE,2BAA2B,CAAC;gBAC1G,YAAY,EAAE;oBACZ,QAAQ,EAAE,CAAC,mHAAmH,CAAC;oBAC/H,QAAQ,EAAE,4GAA4G;iBACvH;aACF;SACF;KACF;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,KAAK,EAAE;YACL,KAAK,EAAE,oBAAoB;YAC3B,OAAO,EAAE,gIAAgI;YACzI,cAAc,EAAE,IAAI;YACpB,KAAK,EAAE,CAAC,gBAAgB,EAAE,kBAAkB,EAAE,cAAc,EAAE,2BAA2B,EAAE,0BAA0B,CAAC;YACtH,eAAe,EAAE,CAAC,mEAAmE,EAAE,0CAA0C,EAAE,gDAAgD,CAAC;SACrL;QACD,KAAK,EAAE;YACL;gBACE,EAAE,EAAE,2BAA2B;gBAC/B,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,+BAA+B;gBACtC,GAAG,EAAE,kJAAkJ;gBACvJ,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,CAAC,wBAAwB,EAAE,gCAAgC,EAAE,6BAA6B,EAAE,WAAW,EAAE,+BAA+B,CAAC;gBAChJ,YAAY,EAAE;oBACZ,QAAQ,EAAE,CAAC,8CAA8C,EAAE,iDAAiD,EAAE,UAAU,CAAC;oBACzH,QAAQ,EAAE,6GAA6G;iBACxH;aACF;SACF;KACF;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,KAAK,EAAE;YACL,KAAK,EAAE,cAAc;YACrB,OAAO,EAAE,qGAAqG;YAC9G,cAAc,EAAE,IAAI;YACpB,KAAK,EAAE,CAAC,4BAA4B,EAAE,2BAA2B,EAAE,sCAAsC,CAAC;YAC1G,eAAe,EAAE,CAAC,yDAAyD,EAAE,kDAAkD,EAAE,sEAAsE,CAAC;SACzM;QACD,KAAK,EAAE;YACL;gBACE,EAAE,EAAE,qBAAqB;gBACzB,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,oCAAoC;gBAC3C,GAAG,EAAE,4IAA4I;gBACjJ,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,CAAC,wBAAwB,EAAE,yBAAyB,EAAE,qBAAqB,CAAC;gBACnF,YAAY,EAAE;oBACZ,QAAQ,EAAE,CAAC,UAAU,EAAE,6BAA6B,CAAC;oBACrD,QAAQ,EAAE,sEAAsE;iBACjF;aACF;SACF;KACF;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,KAAK,EAAE;YACL,KAAK,EAAE,2BAA2B;YAClC,OAAO,EAAE,yGAAyG;YAClH,cAAc,EAAE,IAAI;YACpB,KAAK,EAAE,CAAC,0CAA0C,EAAE,4BAA4B,EAAE,8BAA8B,CAAC;YACjH,eAAe,EAAE,CAAC,sFAAsF,EAAE,sCAAsC,EAAE,8CAA8C,CAAC;SAClM;QACD,KAAK,EAAE;YACL;gBACE,EAAE,EAAE,4BAA4B;gBAChC,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,yCAAyC;gBAChD,GAAG,EAAE,uIAAuI;gBAC5I,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,CAAC,+BAA+B,EAAE,4BAA4B,EAAE,+BAA+B,CAAC;gBACvG,YAAY,EAAE;oBACZ,QAAQ,EAAE,CAAC,mCAAmC,CAAC;oBAC/C,QAAQ,EAAE,uEAAuE;iBAClF;aACF;SACF;KACF;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,KAAK,EAAE;YACL,KAAK,EAAE,mBAAmB;YAC1B,OAAO,EAAE,0GAA0G;YACnH,cAAc,EAAE,IAAI;YACpB,KAAK,EAAE,CAAC,yCAAyC,EAAE,qBAAqB,EAAE,0BAA0B,CAAC;YACrG,eAAe,EAAE,CAAC,0DAA0D,EAAE,iDAAiD,EAAE,mCAAmC,CAAC;SACtK;QACD,KAAK,EAAE;YACL;gBACE,EAAE,EAAE,sBAAsB;gBAC1B,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,0CAA0C;gBACjD,GAAG,EAAE,+GAA+G;gBACpH,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,CAAC,oBAAoB,EAAE,wBAAwB,EAAE,2BAA2B,CAAC;gBACpF,YAAY,EAAE;oBACZ,QAAQ,EAAE,CAAC,0CAA0C,EAAE,mCAAmC,CAAC;oBAC3F,QAAQ,EAAE,mEAAmE;iBAC9E;aACF;SACF;KACF;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,KAAK,EAAE;YACL,KAAK,EAAE,sBAAsB;YAC7B,OAAO,EAAE,0HAA0H;YACnI,cAAc,EAAE,IAAI;YACpB,KAAK,EAAE,CAAC,gCAAgC,EAAE,mBAAmB,EAAE,6BAA6B,CAAC;YAC7F,eAAe,EAAE,CAAC,gDAAgD,EAAE,kCAAkC,EAAE,iEAAiE,CAAC;SAC3K;QACD,KAAK,EAAE;YACL;gBACE,EAAE,EAAE,6BAA6B;gBACjC,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,wDAAwD;gBAC/D,GAAG,EAAE,0GAA0G;gBAC/G,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,CAAC,uBAAuB,EAAE,+BAA+B,CAAC;gBACjE,YAAY,EAAE;oBACZ,QAAQ,EAAE,CAAC,sDAAsD,CAAC;oBAClE,QAAQ,EAAE,iGAAiG;iBAC5G;aACF;SACF;KACF;IACD,OAAO,EAAE;QACP,IAAI,EAAE,OAAO;QACb,KAAK,EAAE;YACL,KAAK,EAAE,yCAAyC;YAChD,OAAO,EAAE,oIAAoI;YAC7I,cAAc,EAAE,IAAI;YACpB,KAAK,EAAE,CAAC,8CAA8C,EAAE,4BAA4B,EAAE,2CAA2C,CAAC;YAClI,eAAe,EAAE,CAAC,oDAAoD,EAAE,oEAAoE,EAAE,wFAAwF,CAAC;SACxO;QACD,KAAK,EAAE;YACL;gBACE,EAAE,EAAE,mCAAmC;gBACvC,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,qDAAqD;gBAC5D,GAAG,EAAE,yIAAyI;gBAC9I,KAAK,EAAE,OAAO;gBACd,KAAK,EAAE,CAAC,eAAe,EAAE,qBAAqB,EAAE,mBAAmB,CAAC;gBACpE,YAAY,EAAE;oBACZ,QAAQ,EAAE,CAAC,gCAAgC,CAAC;oBAC5C,QAAQ,EAAE,yFAAyF;iBACpG;aACF;SACF;KACF;CACF,CAAC;AAEF,MAAM,UAAU,6BAA6B,CAAC,OAAsB;IAClE,IAAI,CAAC,OAAO;QAAE,OAAO,SAAS,CAAC;IAC/B,MAAM,CAAC,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;IAC3F,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IACzE,IAAI,KAAK,GAAG,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;QAAE,OAAO,CAAC,GAAG,iBAAiB,CAAC,CAAC;IAC5E,IAAI,KAAK,KAAK,CAAC,IAAI,KAAK,IAAI,CAAC;QAAE,OAAO,CAAC,GAAG,iBAAiB,CAAC,CAAC;IAC7D,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,IAAY;IAC9C,MAAM,KAAK,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;IACxC,OAAO,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;AAClE,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,IAAY;IAC9C,OAAO,mBAAmB,CAAC,IAAI,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,KAAK,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,YAAY,EAAE,EAAE,GAAG,IAAI,CAAC,YAAY,EAAE,QAAQ,EAAE,CAAC,GAAG,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;AACxL,CAAC"}

package/dist/fixes/eslintFix.js

@@ -1,4 +1,4 @@
-import { execSync } from 'node:child_process';
+import { execFileSync } from 'node:child_process';
 import fs from 'node:fs/promises';
 import path from 'node:path';
 import { fileExists } from '../utils/fileHelpers.js';
@@ -13,7 +13,11 @@ export const eslintFix = {
         if (hasTypeScript) {
             packages.push('@typescript-eslint/parser', '@typescript-eslint/eslint-plugin');
         }
-        execSync(`npm install --save-dev ${packages.join(' ')}`, {
+        // execFile (no shell) keeps the package names off any shell command line,
+        // and `--ignore-scripts` blocks the scanned repo's npm lifecycle scripts —
+        // rootPath is potentially untrusted, so a plain `npm install` here would be
+        // an RCE vector the moment a user runs `projscan fix`. See testFix.
+        execFileSync('npm', ['install', '--save-dev', '--ignore-scripts', ...packages], {
             cwd: rootPath,
             stdio: 'pipe',
             timeout: 60_000,

package/dist/fixes/eslintFix.js.map

@@ -1 +1 @@
-{"version":3,"file":"eslintFix.js","sourceRoot":"","sources":["../../src/fixes/eslintFix.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAErD,MAAM,CAAC,MAAM,SAAS,GAAQ;IAC5B,EAAE,EAAE,YAAY;IAChB,KAAK,EAAE,8BAA8B;IACrC,WAAW,EAAE,kDAAkD;IAC/D,OAAO,EAAE,gBAAgB;IAEzB,KAAK,CAAC,KAAK,CAAC,QAAgB;QAC1B,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC,CAAC;QAE7E,MAAM,QAAQ,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC5B,IAAI,aAAa,EAAE,CAAC;YAClB,QAAQ,CAAC,IAAI,CAAC,2BAA2B,EAAE,kCAAkC,CAAC,CAAC;QACjF,CAAC;QAED,QAAQ,CAAC,0BAA0B,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE;YACvD,GAAG,EAAE,QAAQ;YACb,KAAK,EAAE,MAAM;YACb,OAAO,EAAE,MAAM;SAChB,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,aAAa;YAC1B,CAAC,CAAC;gBACE,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;gBACjC,MAAM,EAAE,2BAA2B;gBACnC,OAAO,EAAE,CAAC,oBAAoB,CAAC;gBAC/B,OAAO,EAAE,CAAC,oBAAoB,EAAE,uCAAuC,CAAC;gBACxE,aAAa,EAAE,EAAE,WAAW,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE;gBAC9D,KAAK,EAAE,EAAE;aACV;YACH,CAAC,CAAC;gBACE,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;gBACjC,OAAO,EAAE,CAAC,oBAAoB,CAAC;gBAC/B,aAAa,EAAE,EAAE,WAAW,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE;gBAC9D,KAAK,EAAE,EAAE;aACV,CAAC;QAEN,MAAM,EAAE,CAAC,SAAS,CAChB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,CAAC,EACrC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EACtC,OAAO,CACR,CAAC;IACJ,CAAC;CACF,CAAC"}
+{"version":3,"file":"eslintFix.js","sourceRoot":"","sources":["../../src/fixes/eslintFix.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAErD,MAAM,CAAC,MAAM,SAAS,GAAQ;IAC5B,EAAE,EAAE,YAAY;IAChB,KAAK,EAAE,8BAA8B;IACrC,WAAW,EAAE,kDAAkD;IAC/D,OAAO,EAAE,gBAAgB;IAEzB,KAAK,CAAC,KAAK,CAAC,QAAgB;QAC1B,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC,CAAC;QAE7E,MAAM,QAAQ,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC5B,IAAI,aAAa,EAAE,CAAC;YAClB,QAAQ,CAAC,IAAI,CAAC,2BAA2B,EAAE,kCAAkC,CAAC,CAAC;QACjF,CAAC;QAED,0EAA0E;QAC1E,2EAA2E;QAC3E,4EAA4E;QAC5E,oEAAoE;QACpE,YAAY,CAAC,KAAK,EAAE,CAAC,SAAS,EAAE,YAAY,EAAE,kBAAkB,EAAE,GAAG,QAAQ,CAAC,EAAE;YAC9E,GAAG,EAAE,QAAQ;YACb,KAAK,EAAE,MAAM;YACb,OAAO,EAAE,MAAM;SAChB,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,aAAa;YAC1B,CAAC,CAAC;gBACE,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;gBACjC,MAAM,EAAE,2BAA2B;gBACnC,OAAO,EAAE,CAAC,oBAAoB,CAAC;gBAC/B,OAAO,EAAE,CAAC,oBAAoB,EAAE,uCAAuC,CAAC;gBACxE,aAAa,EAAE,EAAE,WAAW,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE;gBAC9D,KAAK,EAAE,EAAE;aACV;YACH,CAAC,CAAC;gBACE,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;gBACjC,OAAO,EAAE,CAAC,oBAAoB,CAAC;gBAC/B,aAAa,EAAE,EAAE,WAAW,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE;gBAC9D,KAAK,EAAE,EAAE;aACV,CAAC;QAEN,MAAM,EAAE,CAAC,SAAS,CAChB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,CAAC,EACrC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EACtC,OAAO,CACR,CAAC;IACJ,CAAC;CACF,CAAC"}

package/dist/fixes/prettierFix.js

@@ -1,4 +1,4 @@
-import { execSync } from 'node:child_process';
+import { execFileSync } from 'node:child_process';
 import fs from 'node:fs/promises';
 import path from 'node:path';
 export const prettierFix = {
@@ -7,7 +7,10 @@ export const prettierFix = {
     description: 'Installs Prettier and creates a configuration file',
     issueId: 'missing-prettier',
     async apply(rootPath) {
-        execSync('npm install --save-dev prettier', {
+        // `--ignore-scripts`: see testFix — rootPath is untrusted, so block the
+        // scanned repo's npm lifecycle scripts (RCE vector). execFile (no shell)
+        // avoids putting anything on a shell command line.
+        execFileSync('npm', ['install', '--save-dev', '--ignore-scripts', 'prettier'], {
             cwd: rootPath,
             stdio: 'pipe',
             timeout: 60_000,

package/dist/fixes/prettierFix.js.map

@@ -1 +1 @@
-{"version":3,"file":"prettierFix.js","sourceRoot":"","sources":["../../src/fixes/prettierFix.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAG7B,MAAM,CAAC,MAAM,WAAW,GAAQ;IAC9B,EAAE,EAAE,cAAc;IAClB,KAAK,EAAE,gCAAgC;IACvC,WAAW,EAAE,oDAAoD;IACjE,OAAO,EAAE,kBAAkB;IAE3B,KAAK,CAAC,KAAK,CAAC,QAAgB;QAC1B,QAAQ,CAAC,iCAAiC,EAAE;YAC1C,GAAG,EAAE,QAAQ;YACb,KAAK,EAAE,MAAM;YACb,OAAO,EAAE,MAAM;SAChB,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG;YACb,IAAI,EAAE,IAAI;YACV,WAAW,EAAE,IAAI;YACjB,aAAa,EAAE,KAAK;YACpB,UAAU,EAAE,GAAG;YACf,QAAQ,EAAE,CAAC;SACZ,CAAC;QAEF,MAAM,EAAE,CAAC,SAAS,CAChB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,EAClC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EACtC,OAAO,CACR,CAAC;QAEF,mDAAmD;QACnD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;QACpD,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAChD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAE5B,IAAI,CAAC,GAAG,CAAC,OAAO;gBAAE,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC;YACnC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;gBACxB,GAAG,CAAC,OAAO,CAAC,MAAM,GAAG,oBAAoB,CAAC;gBAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;YAC5E,CAAC;QACH,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,IAAI,GAAG,YAAY,KAAK,IAAI,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACnE,OAAO,CAAC,sCAAsC;YAChD,CAAC;YACD,MAAM,GAAG,CAAC,CAAC,oDAAoD;QACjE,CAAC;IACH,CAAC;CACF,CAAC"}
+{"version":3,"file":"prettierFix.js","sourceRoot":"","sources":["../../src/fixes/prettierFix.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAG7B,MAAM,CAAC,MAAM,WAAW,GAAQ;IAC9B,EAAE,EAAE,cAAc;IAClB,KAAK,EAAE,gCAAgC;IACvC,WAAW,EAAE,oDAAoD;IACjE,OAAO,EAAE,kBAAkB;IAE3B,KAAK,CAAC,KAAK,CAAC,QAAgB;QAC1B,wEAAwE;QACxE,yEAAyE;QACzE,mDAAmD;QACnD,YAAY,CAAC,KAAK,EAAE,CAAC,SAAS,EAAE,YAAY,EAAE,kBAAkB,EAAE,UAAU,CAAC,EAAE;YAC7E,GAAG,EAAE,QAAQ;YACb,KAAK,EAAE,MAAM;YACb,OAAO,EAAE,MAAM;SAChB,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG;YACb,IAAI,EAAE,IAAI;YACV,WAAW,EAAE,IAAI;YACjB,aAAa,EAAE,KAAK;YACpB,UAAU,EAAE,GAAG;YACf,QAAQ,EAAE,CAAC;SACZ,CAAC;QAEF,MAAM,EAAE,CAAC,SAAS,CAChB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,EAClC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EACtC,OAAO,CACR,CAAC;QAEF,mDAAmD;QACnD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;QACpD,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAChD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAE5B,IAAI,CAAC,GAAG,CAAC,OAAO;gBAAE,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC;YACnC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;gBACxB,GAAG,CAAC,OAAO,CAAC,MAAM,GAAG,oBAAoB,CAAC;gBAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;YAC5E,CAAC;QACH,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,IAAI,GAAG,YAAY,KAAK,IAAI,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACnE,OAAO,CAAC,sCAAsC;YAChD,CAAC;YACD,MAAM,GAAG,CAAC,CAAC,oDAAoD;QACjE,CAAC;IACH,CAAC;CACF,CAAC"}

package/dist/fixes/testFix.js

@@ -1,4 +1,4 @@
-import { execSync } from 'node:child_process';
+import { execFileSync } from 'node:child_process';
 import fs from 'node:fs/promises';
 import path from 'node:path';
 import { fileExists } from '../utils/fileHelpers.js';
@@ -8,7 +8,13 @@ export const testFix = {
     description: 'Installs Vitest and creates a sample test file',
     issueId: 'missing-test-framework',
     async apply(rootPath) {
-        execSync('npm install --save-dev vitest', {
+        // `--ignore-scripts`: rootPath is the scanned (potentially untrusted) repo.
+        // Without it, `npm install` would run that repo's preinstall/install/
+        // postinstall/prepare lifecycle scripts — and any installed dependency's
+        // install scripts — turning `projscan fix` into arbitrary code execution
+        // on a hostile repo. execFile (no shell) also keeps package names off any
+        // shell command line.
+        execFileSync('npm', ['install', '--save-dev', '--ignore-scripts', 'vitest'], {
             cwd: rootPath,
             stdio: 'pipe',
             timeout: 60_000,

package/dist/fixes/testFix.js.map

@@ -1 +1 @@
-{"version":3,"file":"testFix.js","sourceRoot":"","sources":["../../src/fixes/testFix.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAErD,MAAM,CAAC,MAAM,OAAO,GAAQ;IAC1B,EAAE,EAAE,WAAW;IACf,KAAK,EAAE,8BAA8B;IACrC,WAAW,EAAE,gDAAgD;IAC7D,OAAO,EAAE,wBAAwB;IAEjC,KAAK,CAAC,KAAK,CAAC,QAAgB;QAC1B,QAAQ,CAAC,+BAA+B,EAAE;YACxC,GAAG,EAAE,QAAQ;YACb,KAAK,EAAE,MAAM;YACb,OAAO,EAAE,MAAM;SAChB,CAAC,CAAC;QAEH,kCAAkC;QAClC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;QACpD,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAChD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAE5B,IAAI,CAAC,GAAG,CAAC,OAAO;gBAAE,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC;YACnC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;gBACtB,GAAG,CAAC,OAAO,CAAC,IAAI,GAAG,YAAY,CAAC;YAClC,CAAC;YACD,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;gBAC/B,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,QAAQ,CAAC;YACvC,CAAC;YAED,MAAM,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;QAC5E,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,IAAI,GAAG,YAAY,KAAK,IAAI,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACnE,OAAO,CAAC,sCAAsC;YAChD,CAAC;YACD,MAAM,GAAG,CAAC,CAAC,oDAAoD;QACjE,CAAC;QAED,yCAAyC;QACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC9C,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAE9C,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC,CAAC;QAC7E,MAAM,GAAG,GAAG,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;QAExC,MAAM,UAAU,GAAG;;;;;;;CAOtB,CAAC;QAEE,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,GAAG,EAAE,CAAC,CAAC;QAChE,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,YAAY,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,EAAE,CAAC,SAAS,CAAC,YAAY,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;CACF,CAAC"}
+{"version":3,"file":"testFix.js","sourceRoot":"","sources":["../../src/fixes/testFix.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAErD,MAAM,CAAC,MAAM,OAAO,GAAQ;IAC1B,EAAE,EAAE,WAAW;IACf,KAAK,EAAE,8BAA8B;IACrC,WAAW,EAAE,gDAAgD;IAC7D,OAAO,EAAE,wBAAwB;IAEjC,KAAK,CAAC,KAAK,CAAC,QAAgB;QAC1B,4EAA4E;QAC5E,sEAAsE;QACtE,yEAAyE;QACzE,yEAAyE;QACzE,0EAA0E;QAC1E,sBAAsB;QACtB,YAAY,CAAC,KAAK,EAAE,CAAC,SAAS,EAAE,YAAY,EAAE,kBAAkB,EAAE,QAAQ,CAAC,EAAE;YAC3E,GAAG,EAAE,QAAQ;YACb,KAAK,EAAE,MAAM;YACb,OAAO,EAAE,MAAM;SAChB,CAAC,CAAC;QAEH,kCAAkC;QAClC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;QACpD,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAChD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAE5B,IAAI,CAAC,GAAG,CAAC,OAAO;gBAAE,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC;YACnC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;gBACtB,GAAG,CAAC,OAAO,CAAC,IAAI,GAAG,YAAY,CAAC;YAClC,CAAC;YACD,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;gBAC/B,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,QAAQ,CAAC;YACvC,CAAC;YAED,MAAM,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;QAC5E,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,IAAI,GAAG,YAAY,KAAK,IAAI,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACnE,OAAO,CAAC,sCAAsC;YAChD,CAAC;YACD,MAAM,GAAG,CAAC,CAAC,oDAAoD;QACjE,CAAC;QAED,yCAAyC;QACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC9C,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAE9C,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC,CAAC;QAC7E,MAAM,GAAG,GAAG,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;QAExC,MAAM,UAAU,GAAG;;;;;;;CAOtB,CAAC;QAEE,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,GAAG,EAAE,CAAC,CAAC;QAChE,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,YAAY,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,EAAE,CAAC,SAAS,CAAC,YAAY,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;CACF,CAAC"}

package/dist/mcp/tools/claim.d.ts

@@ -0,0 +1,7 @@
+import type { McpTool } from './_shared.js';
+/**
+ * `projscan_claim` (4.x coordination arc) — advisory claims / leases so parallel
+ * agents see who owns which file, directory, or symbol. Shared across the
+ * repo's git worktrees; local-first.
+ */
+export declare const claimTool: McpTool;

package/dist/mcp/tools/claim.js

@@ -0,0 +1,69 @@
+import { addClaim, listClaims, releaseClaim, pruneClaims } from '../../core/claims.js';
+/**
+ * `projscan_claim` (4.x coordination arc) — advisory claims / leases so parallel
+ * agents see who owns which file, directory, or symbol. Shared across the
+ * repo's git worktrees; local-first.
+ */
+export const claimTool = {
+    name: 'projscan_claim',
+    description: "Coordinate parallel agents with advisory claims/leases over files, directories, or symbols, shared across the repo's git worktrees. action:\"add\" records a claim (optionally a lease with `ttl_seconds`) and returns any `contention` (another agent already holding an overlapping, non-expired claim); \"list\" returns claims; \"release\" drops a claim by `id`, by `target`, or all of an `agent`'s; \"prune\" removes expired-lease claims. Local-first and advisory — claiming an already-claimed target still succeeds, but surfaces contention so the swarm can coordinate.",
+    inputSchema: {
+        type: 'object',
+        properties: {
+            action: {
+                type: 'string',
+                enum: ['add', 'list', 'release', 'prune'],
+                description: 'Default "list". "add" records a claim; "release" drops one; "prune" removes expired leases.',
+            },
+            target: {
+                type: 'string',
+                description: '"add"/"release" — a repo-relative file or directory path, or a symbol name.',
+            },
+            agent: {
+                type: 'string',
+                description: '"add" — who holds the claim. "release" — scope the release to this agent.',
+            },
+            note: { type: 'string', description: '"add" — optional human-readable note.' },
+            ttl_seconds: { type: 'number', description: '"add" — lease duration in seconds; the claim expires after it. Omit for a permanent claim.' },
+            id: { type: 'string', description: '"release" — the claim id to drop.' },
+        },
+    },
+    handler: async (args, rootPath) => {
+        const action = typeof args.action === 'string' ? args.action : 'list';
+        switch (action) {
+            case 'add': {
+                const target = typeof args.target === 'string' ? args.target : '';
+                const agent = typeof args.agent === 'string' ? args.agent : '';
+                if (!target || !agent) {
+                    throw new Error('projscan_claim add requires both `target` and `agent`.');
+                }
+                const note = typeof args.note === 'string' && args.note.length > 0 ? args.note : undefined;
+                const ttlSeconds = typeof args.ttl_seconds === 'number' && args.ttl_seconds > 0 ? args.ttl_seconds : undefined;
+                return addClaim(rootPath, {
+                    target,
+                    agent,
+                    ...(note ? { note } : {}),
+                    ...(ttlSeconds !== undefined ? { ttlSeconds } : {}),
+                });
+            }
+            case 'release': {
+                const selector = {
+                    id: typeof args.id === 'string' && args.id.length > 0 ? args.id : undefined,
+                    target: typeof args.target === 'string' && args.target.length > 0 ? args.target : undefined,
+                    agent: typeof args.agent === 'string' && args.agent.length > 0 ? args.agent : undefined,
+                };
+                if (!selector.id && !selector.target && !selector.agent) {
+                    throw new Error('projscan_claim release requires one of `id`, `target`, or `agent`.');
+                }
+                return { released: await releaseClaim(rootPath, selector) };
+            }
+            case 'prune':
+                return { pruned: await pruneClaims(rootPath) };
+            case 'list':
+                return { claims: await listClaims(rootPath) };
+            default:
+                throw new Error(`Unknown action "${action}". Known: add, list, release, prune.`);
+        }
+    },
+};
+//# sourceMappingURL=claim.js.map

package/dist/mcp/tools/claim.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"claim.js","sourceRoot":"","sources":["../../../src/mcp/tools/claim.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAGvF;;;;GAIG;AACH,MAAM,CAAC,MAAM,SAAS,GAAY;IAChC,IAAI,EAAE,gBAAgB;IACtB,WAAW,EACT,wjBAAwjB;IAC1jB,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ;QACd,UAAU,EAAE;YACV,MAAM,EAAE;gBACN,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,CAAC;gBACzC,WAAW,EAAE,6FAA6F;aAC3G;YACD,MAAM,EAAE;gBACN,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,6EAA6E;aAC3F;YACD,KAAK,EAAE;gBACL,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,2EAA2E;aACzF;YACD,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,uCAAuC,EAAE;YAC9E,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4FAA4F,EAAE;YAC1I,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,mCAAmC,EAAE;SACzE;KACF;IACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;QAChC,MAAM,MAAM,GAAG,OAAO,IAAI,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;QACtE,QAAQ,MAAM,EAAE,CAAC;YACf,KAAK,KAAK,CAAC,CAAC,CAAC;gBACX,MAAM,MAAM,GAAG,OAAO,IAAI,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;gBAClE,MAAM,KAAK,GAAG,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC/D,IAAI,CAAC,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC;oBACtB,MAAM,IAAI,KAAK,CAAC,wDAAwD,CAAC,CAAC;gBAC5E,CAAC;gBACD,MAAM,IAAI,GAAG,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;gBAC3F,MAAM,UAAU,GACd,OAAO,IAAI,CAAC,WAAW,KAAK,QAAQ,IAAI,IAAI,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;gBAC9F,OAAO,QAAQ,CAAC,QAAQ,EAAE;oBACxB,MAAM;oBACN,KAAK;oBACL,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;oBACzB,GAAG,CAAC,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;iBACpD,CAAC,CAAC;YACL,CAAC;YACD,KAAK,SAAS,CAAC,CAAC,CAAC;gBACf,MAAM,QAAQ,GAAG;oBACf,EAAE,EAAE,OAAO,IAAI,CAAC,EAAE,KAAK,QAAQ,IAAI,IAAI,CAAC,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS;oBAC3E,MAAM,EAAE,OAAO,IAAI,CAAC,MAAM,KAAK,QAAQ,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;oBAC3F,KAAK,EAAE,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;iBACxF,CAAC;gBACF,IAAI,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,KAAK,EAAE,CAAC;oBACxD,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;gBACxF,CAAC;gBACD,OAAO,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC,QAAQ,EAAE,QAAQ,CAAC,EAAE,CAAC;YAC9D,CAAC;YACD,KAAK,OAAO;gBACV,OAAO,EAAE,MAAM,EAAE,MAAM,WAAW,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjD,KAAK,MAAM;gBACT,OAAO,EAAE,MAAM,EAAE,MAAM,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAChD;gBACE,MAAM,IAAI,KAAK,CAAC,mBAAmB,MAAM,sCAAsC,CAAC,CAAC;QACrF,CAAC;IACH,CAAC;CACF,CAAC"}

package/dist/mcp/tools/collision.d.ts

@@ -0,0 +1,7 @@
+import type { McpTool } from './_shared.js';
+/**
+ * `projscan_collision` (4.x coordination arc) — detect change collisions across
+ * the repo's in-flight git worktrees, so parallel agents see overlaps before
+ * their branches merge. Local-first; reads `git worktree list` only.
+ */
+export declare const collisionTool: McpTool;

package/dist/mcp/tools/collision.js

@@ -0,0 +1,24 @@
+import { detectCollisions } from '../../core/collisionDetector.js';
+/**
+ * `projscan_collision` (4.x coordination arc) — detect change collisions across
+ * the repo's in-flight git worktrees, so parallel agents see overlaps before
+ * their branches merge. Local-first; reads `git worktree list` only.
+ */
+export const collisionTool = {
+    name: 'projscan_collision',
+    description: "Detect change collisions across the repo's in-flight git worktrees (parallel agents). Reports same-file edits (two worktrees changed the same file) and dependency overlaps (one worktree changed a file another's change imports, via the import graph) BEFORE the branches merge. Local-first; needs at least two worktrees. Each collision has `kind` (same-file | dependency), `severity` (high | medium), the two worktree paths, and the files at risk. Use this when coordinating multiple agents/sub-agents working the same repo.",
+    inputSchema: {
+        type: 'object',
+        properties: {
+            base_ref: {
+                type: 'string',
+                description: 'Base ref each worktree is diffed against to compute its changed files. Default: origin/main → main → master → HEAD~1, then the working tree.',
+            },
+        },
+    },
+    handler: async (args, rootPath) => {
+        const baseRef = typeof args.base_ref === 'string' && args.base_ref.length > 0 ? args.base_ref : undefined;
+        return detectCollisions(rootPath, baseRef ? { baseRef } : {});
+    },
+};
+//# sourceMappingURL=collision.js.map

package/dist/mcp/tools/collision.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"collision.js","sourceRoot":"","sources":["../../../src/mcp/tools/collision.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,iCAAiC,CAAC;AAGnE;;;;GAIG;AACH,MAAM,CAAC,MAAM,aAAa,GAAY;IACpC,IAAI,EAAE,oBAAoB;IAC1B,WAAW,EACT,4gBAA4gB;IAC9gB,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ;QACd,UAAU,EAAE;YACV,QAAQ,EAAE;gBACR,IAAI,EAAE,QAAQ;gBACd,WAAW,EACT,8IAA8I;aACjJ;SACF;KACF;IACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;QAChC,MAAM,OAAO,GAAG,OAAO,IAAI,CAAC,QAAQ,KAAK,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;QAC1G,OAAO,gBAAgB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAChE,CAAC;CACF,CAAC"}

package/dist/mcp/tools/coordinate.d.ts

@@ -0,0 +1,7 @@
+import type { McpTool } from './_shared.js';
+/**
+ * `projscan_coordinate` (4.x arc, epic 5 — capstone) — one-call coordination
+ * read across the repo's in-flight worktrees, composing collisions, claims, and
+ * merge-risk into a single readiness verdict + counts. Local-first.
+ */
+export declare const coordinateTool: McpTool;

package/dist/mcp/tools/coordinate.js

@@ -0,0 +1,24 @@
+import { computeCoordination } from '../../core/coordination.js';
+/**
+ * `projscan_coordinate` (4.x arc, epic 5 — capstone) — one-call coordination
+ * read across the repo's in-flight worktrees, composing collisions, claims, and
+ * merge-risk into a single readiness verdict + counts. Local-first.
+ */
+export const coordinateTool = {
+    name: 'projscan_coordinate',
+    description: "One-call coordination read across the repo's in-flight git worktrees (parallel agents). Composes collisions, claims, and merge-risk into a `readiness` verdict (clear | caution | conflicted) plus counts (collisions by severity, contended claim targets, merge hotspots) and the recommended integration order. The single entry point for swarm coordination — use it before continuing parallel work. Local-first; needs at least two worktrees.",
+    inputSchema: {
+        type: 'object',
+        properties: {
+            base_ref: {
+                type: 'string',
+                description: 'Base ref each worktree is diffed against. Default: origin/main → main → master → HEAD~1.',
+            },
+        },
+    },
+    handler: async (args, rootPath) => {
+        const baseRef = typeof args.base_ref === 'string' && args.base_ref.length > 0 ? args.base_ref : undefined;
+        return computeCoordination(rootPath, baseRef ? { baseRef } : {});
+    },
+};
+//# sourceMappingURL=coordinate.js.map

package/dist/mcp/tools/coordinate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"coordinate.js","sourceRoot":"","sources":["../../../src/mcp/tools/coordinate.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAGjE;;;;GAIG;AACH,MAAM,CAAC,MAAM,cAAc,GAAY;IACrC,IAAI,EAAE,qBAAqB;IAC3B,WAAW,EACT,ubAAub;IACzb,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ;QACd,UAAU,EAAE;YACV,QAAQ,EAAE;gBACR,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,0FAA0F;aACxG;SACF;KACF;IACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;QAChC,MAAM,OAAO,GAAG,OAAO,IAAI,CAAC,QAAQ,KAAK,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;QAC1G,OAAO,mBAAmB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IACnE,CAAC;CACF,CAAC"}

package/dist/mcp/tools/mergeRisk.d.ts

@@ -0,0 +1,7 @@
+import type { McpTool } from './_shared.js';
+/**
+ * `projscan_merge_risk` (4.x coordination arc, epic 3) — given the repo's
+ * in-flight worktrees and their collisions, return a safe integration order and
+ * the files where conflict risk concentrates. Builds on `projscan_collision`.
+ */
+export declare const mergeRiskTool: McpTool;

package/dist/mcp/tools/mergeRisk.js

@@ -0,0 +1,24 @@
+import { computeMergeRisk } from '../../core/mergeRisk.js';
+/**
+ * `projscan_merge_risk` (4.x coordination arc, epic 3) — given the repo's
+ * in-flight worktrees and their collisions, return a safe integration order and
+ * the files where conflict risk concentrates. Builds on `projscan_collision`.
+ */
+export const mergeRiskTool = {
+    name: 'projscan_merge_risk',
+    description: "Merge-risk preflight across the repo's in-flight git worktrees (parallel agents). Given each worktree's changes and the collisions between them, returns `integrationOrder` (merge the least-entangled branch first, each with a risk score) and `hotFiles` (files changed by two or more worktrees — where merge conflict risk concentrates). Builds on projscan_collision; local-first; needs at least two worktrees.",
+    inputSchema: {
+        type: 'object',
+        properties: {
+            base_ref: {
+                type: 'string',
+                description: 'Base ref each worktree is diffed against. Default: origin/main → main → master → HEAD~1.',
+            },
+        },
+    },
+    handler: async (args, rootPath) => {
+        const baseRef = typeof args.base_ref === 'string' && args.base_ref.length > 0 ? args.base_ref : undefined;
+        return computeMergeRisk(rootPath, baseRef ? { baseRef } : {});
+    },
+};
+//# sourceMappingURL=mergeRisk.js.map

package/dist/mcp/tools/mergeRisk.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"mergeRisk.js","sourceRoot":"","sources":["../../../src/mcp/tools/mergeRisk.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAG3D;;;;GAIG;AACH,MAAM,CAAC,MAAM,aAAa,GAAY;IACpC,IAAI,EAAE,qBAAqB;IAC3B,WAAW,EACT,yZAAyZ;IAC3Z,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ;QACd,UAAU,EAAE;YACV,QAAQ,EAAE;gBACR,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,0FAA0F;aACxG;SACF;KACF;IACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;QAChC,MAAM,OAAO,GAAG,OAAO,IAAI,CAAC,QAAQ,KAAK,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC;QAC1G,OAAO,gBAAgB,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAChE,CAAC;CACF,CAAC"}

package/dist/mcp/tools/plugin.js

@@ -1,6 +1,7 @@
 import fs from 'node:fs/promises';
 import path from 'node:path';
 import { PLUGIN_DIR, PLUGIN_MANIFEST_EXT, PLUGIN_PREVIEW_FLAG, discoverPluginManifests, pluginsEnabled, readPluginManifestFile, } from '../../core/plugins.js';
+import { getPluginTrustStatus } from '../../core/pluginTrust.js';
 /**
  * `projscan_plugin` — discover and validate stable local analyzer/reporter
  * plugins under `<root>/.projscan-plugins/*.projscan-plugin.json`.
@@ -11,7 +12,7 @@ import { PLUGIN_DIR, PLUGIN_MANIFEST_EXT, PLUGIN_PREVIEW_FLAG, discoverPluginMan
  */
 export const pluginTool = {
     name: 'projscan_plugin',
-    description: 'Discover and validate stable local analyzer and reporter plugins under .projscan-plugins/. Execution is opt-in via the PROJSCAN_PLUGINS_PREVIEW=1 env flag because plugins are local code. Use action:"list" to see what is discoverable today, action:"validate" to check a manifest before committing it.',
+    description: 'Discover and validate stable local analyzer and reporter plugins under .projscan-plugins/. Execution is opt-in via the PROJSCAN_PLUGINS_PREVIEW=1 env flag AND each module must be approved with trust-on-first-use; the list reports a per-plugin `trust` status (trusted / untrusted / changed). Approving a plugin is a deliberate human action via the `projscan plugin trust <name>` CLI — it is intentionally not exposed here. Use action:"list" to see what is discoverable and whether it would run, action:"validate" to check a manifest before committing it.',
     inputSchema: {
         type: 'object',
         properties: {
@@ -31,25 +32,32 @@ export const pluginTool = {
         switch (action) {
             case 'list': {
                 const entries = await discoverPluginManifests(rootPath);
+                const plugins = await Promise.all(entries.map(async (e) => {
+                    if (!e.manifest) {
+                        return { manifestPath: e.manifestPath, ok: false, error: e.error, diagnostic: e.diagnostic };
+                    }
+                    const modulePath = path.resolve(path.dirname(e.manifestPath), e.manifest.module);
+                    const trust = await getPluginTrustStatus(modulePath);
+                    return {
+                        manifestPath: e.manifestPath,
+                        ok: true,
+                        name: e.manifest.name,
+                        kind: e.manifest.kind,
+                        module: e.manifest.module,
+                        ...(e.manifest.kind === 'analyzer'
+                            ? { category: e.manifest.category }
+                            : { commands: e.manifest.commands }),
+                        description: e.manifest.description,
+                        // Whether this module would actually execute: even with the
+                        // preview flag on, an untrusted/changed module is skipped.
+                        trust: trust.status,
+                    };
+                }));
                 return {
                     enabled: pluginsEnabled(),
                     envFlag: PLUGIN_PREVIEW_FLAG,
                     count: entries.length,
-                    plugins: entries.map((e) => ({
-                        manifestPath: e.manifestPath,
-                        ok: e.manifest !== null,
-                        ...(e.manifest
-                            ? {
-                                name: e.manifest.name,
-                                kind: e.manifest.kind,
-                                module: e.manifest.module,
-                                ...(e.manifest.kind === 'analyzer'
-                                    ? { category: e.manifest.category }
-                                    : { commands: e.manifest.commands }),
-                                description: e.manifest.description,
-                            }
-                            : { error: e.error, diagnostic: e.diagnostic }),
-                    })),
+                    plugins,
                 };
             }
             case 'validate': {