npm - projscan - Versions diffs - 4.3.1 → 4.5.0 - Mend

projscan 4.3.1 → 4.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (699) hide show

package/CONTRIBUTING.md +5 -1
package/PRIVACY.md +1 -0
package/README.md +278 -231
package/THIRD-PARTY-NOTICES.md +31 -31
package/dist/analyzers/architectureCheck.js.map +1 -1
package/dist/analyzers/crossPackageImportCheck.js +3 -2
package/dist/analyzers/crossPackageImportCheck.js.map +1 -1
package/dist/analyzers/deadCodeCheck.js +10 -2
package/dist/analyzers/deadCodeCheck.js.map +1 -1
package/dist/analyzers/dependencyRiskCheck.js +1 -5
package/dist/analyzers/dependencyRiskCheck.js.map +1 -1
package/dist/analyzers/eslintCheck.js +3 -1
package/dist/analyzers/eslintCheck.js.map +1 -1
package/dist/analyzers/prettierCheck.js +16 -3
package/dist/analyzers/prettierCheck.js.map +1 -1
package/dist/analyzers/pythonDependencyRiskCheck.js +4 -17
package/dist/analyzers/pythonDependencyRiskCheck.js.map +1 -1
package/dist/analyzers/pythonLinterCheck.js +2 -12
package/dist/analyzers/pythonLinterCheck.js.map +1 -1
package/dist/analyzers/securityCheck.js +26 -9
package/dist/analyzers/securityCheck.js.map +1 -1
package/dist/analyzers/supplyChainCheck.js +6 -2
package/dist/analyzers/supplyChainCheck.js.map +1 -1
package/dist/analyzers/testCheck.js +10 -1
package/dist/analyzers/testCheck.js.map +1 -1
package/dist/analyzers/unusedDependencyCheck.js +8 -8
package/dist/analyzers/unusedDependencyCheck.js.map +1 -1
package/dist/cli/_shared.d.ts +2 -1
package/dist/cli/_shared.js +14 -2
package/dist/cli/_shared.js.map +1 -1
package/dist/cli/commands/agentBrief.js +7 -1
package/dist/cli/commands/agentBrief.js.map +1 -1
package/dist/cli/commands/analyze.js +12 -2
package/dist/cli/commands/analyze.js.map +1 -1
package/dist/cli/commands/applyFix.js +1 -1
package/dist/cli/commands/applyFix.js.map +1 -1
package/dist/cli/commands/audit.js +4 -2
package/dist/cli/commands/audit.js.map +1 -1
package/dist/cli/commands/badge.js.map +1 -1
package/dist/cli/commands/bugHunt.js +2 -2
package/dist/cli/commands/bugHunt.js.map +1 -1
package/dist/cli/commands/ci.js +11 -0
package/dist/cli/commands/ci.js.map +1 -1
package/dist/cli/commands/claim.js +3 -3
package/dist/cli/commands/claim.js.map +1 -1
package/dist/cli/commands/collision.js +4 -2
package/dist/cli/commands/collision.js.map +1 -1
package/dist/cli/commands/coordinate.js +4 -2
package/dist/cli/commands/coordinate.js.map +1 -1
package/dist/cli/commands/coupling.js.map +1 -1
package/dist/cli/commands/coverage.js.map +1 -1
package/dist/cli/commands/dataflow.js.map +1 -1
package/dist/cli/commands/dependencies.js +1 -1
package/dist/cli/commands/dependencies.js.map +1 -1
package/dist/cli/commands/diff.js.map +1 -1
package/dist/cli/commands/doctor.js +11 -0
package/dist/cli/commands/doctor.js.map +1 -1
package/dist/cli/commands/dogfood.js +30 -5
package/dist/cli/commands/dogfood.js.map +1 -1
package/dist/cli/commands/evidencePack.js.map +1 -1
package/dist/cli/commands/explainIssue.js +1 -1
package/dist/cli/commands/explainIssue.js.map +1 -1
package/dist/cli/commands/feedback.js +19 -5
package/dist/cli/commands/feedback.js.map +1 -1
package/dist/cli/commands/file.js +1 -1
package/dist/cli/commands/file.js.map +1 -1
package/dist/cli/commands/fix.js.map +1 -1
package/dist/cli/commands/fixSuggest.js +12 -4
package/dist/cli/commands/fixSuggest.js.map +1 -1
package/dist/cli/commands/hotspots.js.map +1 -1
package/dist/cli/commands/impact.js +1 -1
package/dist/cli/commands/impact.js.map +1 -1
package/dist/cli/commands/init.js +13 -5
package/dist/cli/commands/init.js.map +1 -1
package/dist/cli/commands/installHook.js +2 -2
package/dist/cli/commands/installHook.js.map +1 -1
package/dist/cli/commands/mcp.js.map +1 -1
package/dist/cli/commands/memory.js +5 -2
package/dist/cli/commands/memory.js.map +1 -1
package/dist/cli/commands/mergeRisk.js +1 -1
package/dist/cli/commands/mergeRisk.js.map +1 -1
package/dist/cli/commands/missionProof.js +13 -12
package/dist/cli/commands/missionProof.js.map +1 -1
package/dist/cli/commands/outdated.js +1 -1
package/dist/cli/commands/outdated.js.map +1 -1
package/dist/cli/commands/plugin.js +10 -6
package/dist/cli/commands/plugin.js.map +1 -1
package/dist/cli/commands/prDiff.js +1 -1
package/dist/cli/commands/prDiff.js.map +1 -1
package/dist/cli/commands/preflight.js +1 -5
package/dist/cli/commands/preflight.js.map +1 -1
package/dist/cli/commands/privacyCheck.js +3 -1
package/dist/cli/commands/privacyCheck.js.map +1 -1
package/dist/cli/commands/qualityScorecard.js.map +1 -1
package/dist/cli/commands/recipes.js.map +1 -1
package/dist/cli/commands/regressionPlan.js.map +1 -1
package/dist/cli/commands/releaseTrain.js.map +1 -1
package/dist/cli/commands/review.js +1 -1
package/dist/cli/commands/review.js.map +1 -1
package/dist/cli/commands/route.js.map +1 -1
package/dist/cli/commands/search.js +5 -2
package/dist/cli/commands/search.js.map +1 -1
package/dist/cli/commands/semanticGraph.js.map +1 -1
package/dist/cli/commands/session.js +2 -2
package/dist/cli/commands/session.js.map +1 -1
package/dist/cli/commands/start.js +3 -1177
package/dist/cli/commands/start.js.map +1 -1
package/dist/cli/commands/startAction.d.ts +36 -0
package/dist/cli/commands/startAction.js +70 -0
package/dist/cli/commands/startAction.js.map +1 -0
package/dist/cli/commands/startConsole.d.ts +7 -0
package/dist/cli/commands/startConsole.js +309 -0
package/dist/cli/commands/startConsole.js.map +1 -0
package/dist/cli/commands/startMissionBundle.d.ts +41 -0
package/dist/cli/commands/startMissionBundle.js +645 -0
package/dist/cli/commands/startMissionBundle.js.map +1 -0
package/dist/cli/commands/startOutput.d.ts +31 -0
package/dist/cli/commands/startOutput.js +232 -0
package/dist/cli/commands/startOutput.js.map +1 -0
package/dist/cli/commands/startShortcuts.d.ts +26 -0
package/dist/cli/commands/startShortcuts.js +117 -0
package/dist/cli/commands/startShortcuts.js.map +1 -0
package/dist/cli/commands/telemetry.js +2 -1
package/dist/cli/commands/telemetry.js.map +1 -1
package/dist/cli/commands/trial.js +19 -4
package/dist/cli/commands/trial.js.map +1 -1
package/dist/cli/commands/understand.js +3 -1
package/dist/cli/commands/understand.js.map +1 -1
package/dist/cli/commands/upgrade.js +1 -1
package/dist/cli/commands/upgrade.js.map +1 -1
package/dist/cli/commands/watch.js +1 -1
package/dist/cli/commands/watch.js.map +1 -1
package/dist/cli/commands/workplan.js.map +1 -1
package/dist/cli/commands/workspace.js +1 -1
package/dist/cli/commands/workspace.js.map +1 -1
package/dist/cli/commands/workspaces.js +1 -1
package/dist/cli/commands/workspaces.js.map +1 -1
package/dist/cli/index.js +2 -117
package/dist/cli/index.js.map +1 -1
package/dist/cli/registerCommands.d.ts +4 -0
package/dist/cli/registerCommands.js +125 -0
package/dist/cli/registerCommands.js.map +1 -0
package/dist/core/adoption.d.ts +2 -1
package/dist/core/adoption.js +40 -13
package/dist/core/adoption.js.map +1 -1
package/dist/core/agentBrief.js +19 -6
package/dist/core/agentBrief.js.map +1 -1
package/dist/core/applyFix.js.map +1 -1
package/dist/core/ast.d.ts +5 -0
package/dist/core/ast.js +38 -20
package/dist/core/ast.js.map +1 -1
package/dist/core/auditRunner.js.map +1 -1
package/dist/core/bugHunt.js +119 -17
package/dist/core/bugHunt.js.map +1 -1
package/dist/core/claims.js +5 -2
package/dist/core/claims.js.map +1 -1
package/dist/core/codeGraph.js +10 -0
package/dist/core/codeGraph.js.map +1 -1
package/dist/core/codeGraphReexports.d.ts +9 -0
package/dist/core/codeGraphReexports.js +59 -0
package/dist/core/codeGraphReexports.js.map +1 -0
package/dist/core/collisionDetector.js +14 -4
package/dist/core/collisionDetector.js.map +1 -1
package/dist/core/coordination.js +4 -6
package/dist/core/coordination.js.map +1 -1
package/dist/core/couplingAnalyzer.d.ts +2 -1
package/dist/core/couplingAnalyzer.js.map +1 -1
package/dist/core/coverageParser.js.map +1 -1
package/dist/core/dataflow.js +13 -3
package/dist/core/dataflow.js.map +1 -1
package/dist/core/dataflowFilters.js +8 -3
package/dist/core/dataflowFilters.js.map +1 -1
package/dist/core/dependencyAnalyzer.js +4 -1
package/dist/core/dependencyAnalyzer.js.map +1 -1
package/dist/core/dogfood.d.ts +1 -1
package/dist/core/dogfood.js +39 -5
package/dist/core/dogfood.js.map +1 -1
package/dist/core/embeddings.js.map +1 -1
package/dist/core/evidenceComment.js +34 -12
package/dist/core/evidenceComment.js.map +1 -1
package/dist/core/explainIssue.js +1 -2
package/dist/core/explainIssue.js.map +1 -1
package/dist/core/feedback.d.ts +1 -1
package/dist/core/feedback.js +15 -4
package/dist/core/feedback.js.map +1 -1
package/dist/core/fileInspector.js +8 -2
package/dist/core/fileInspector.js.map +1 -1
package/dist/core/fixFirst.d.ts +3 -1
package/dist/core/fixFirst.js +17 -4
package/dist/core/fixFirst.js.map +1 -1
package/dist/core/fixSuggest.js +20 -12
package/dist/core/fixSuggest.js.map +1 -1
package/dist/core/frameworkDetector.js +5 -3
package/dist/core/frameworkDetector.js.map +1 -1
package/dist/core/frameworkSources.d.ts +1 -1
package/dist/core/frameworkSources.js +114 -4
package/dist/core/frameworkSources.js.map +1 -1
package/dist/core/graphCorpus.d.ts +1 -1
package/dist/core/graphCorpus.js +9 -1
package/dist/core/graphCorpus.js.map +1 -1
package/dist/core/graphQuery.js.map +1 -1
package/dist/core/hotspotAnalyzer.js +26 -6
package/dist/core/hotspotAnalyzer.js.map +1 -1
package/dist/core/impact.d.ts +1 -1
package/dist/core/impact.js.map +1 -1
package/dist/core/importGraph.js.map +1 -1
package/dist/core/indexCache.js +2 -1
package/dist/core/indexCache.js.map +1 -1
package/dist/core/intent.d.ts +1 -1
package/dist/core/intent.js +143 -46
package/dist/core/intent.js.map +1 -1
package/dist/core/intentRouter.js +5467 -445
package/dist/core/intentRouter.js.map +1 -1
package/dist/core/issueEngine.js +1 -1
package/dist/core/issueEngine.js.map +1 -1
package/dist/core/languageDetector.js +1 -9
package/dist/core/languageDetector.js.map +1 -1
package/dist/core/languages/cppAdapter.js +3 -1
package/dist/core/languages/cppAdapter.js.map +1 -1
package/dist/core/languages/cppExports.js +6 -1
package/dist/core/languages/cppExports.js.map +1 -1
package/dist/core/languages/cppFunctions.js +3 -1
package/dist/core/languages/cppFunctions.js.map +1 -1
package/dist/core/languages/csharpAdapter.js.map +1 -1
package/dist/core/languages/csharpFunctions.js +3 -1
package/dist/core/languages/csharpFunctions.js.map +1 -1
package/dist/core/languages/csharpImports.js +2 -1
package/dist/core/languages/csharpImports.js.map +1 -1
package/dist/core/languages/goAdapter.js.map +1 -1
package/dist/core/languages/goExports.js.map +1 -1
package/dist/core/languages/goFunctions.js +9 -3
package/dist/core/languages/goFunctions.js.map +1 -1
package/dist/core/languages/javaAdapter.js +1 -2
package/dist/core/languages/javaAdapter.js.map +1 -1
package/dist/core/languages/javaFunctions.js +6 -2
package/dist/core/languages/javaFunctions.js.map +1 -1
package/dist/core/languages/javascriptAdapter.js +43 -8
package/dist/core/languages/javascriptAdapter.js.map +1 -1
package/dist/core/languages/kotlinAdapter.js +5 -2
package/dist/core/languages/kotlinAdapter.js.map +1 -1
package/dist/core/languages/kotlinFunctions.js +5 -6
package/dist/core/languages/kotlinFunctions.js.map +1 -1
package/dist/core/languages/kotlinImports.js +3 -1
package/dist/core/languages/kotlinImports.js.map +1 -1
package/dist/core/languages/kotlinManifests.js +7 -1
package/dist/core/languages/kotlinManifests.js.map +1 -1
package/dist/core/languages/phpAdapter.js +4 -1
package/dist/core/languages/phpAdapter.js.map +1 -1
package/dist/core/languages/phpExports.js.map +1 -1
package/dist/core/languages/phpFunctions.js +18 -6
package/dist/core/languages/phpFunctions.js.map +1 -1
package/dist/core/languages/phpManifests.js.map +1 -1
package/dist/core/languages/pythonAdapter.js.map +1 -1
package/dist/core/languages/pythonFunctions.js +9 -3
package/dist/core/languages/pythonFunctions.js.map +1 -1
package/dist/core/languages/pythonManifests.d.ts +11 -0
package/dist/core/languages/pythonManifests.js +34 -19
package/dist/core/languages/pythonManifests.js.map +1 -1
package/dist/core/languages/rubyAdapter.js.map +1 -1
package/dist/core/languages/rubyFunctions.js +6 -2
package/dist/core/languages/rubyFunctions.js.map +1 -1
package/dist/core/languages/rustAdapter.js.map +1 -1
package/dist/core/languages/rustFunctions.js +6 -2
package/dist/core/languages/rustFunctions.js.map +1 -1
package/dist/core/languages/swiftAdapter.js +3 -1
package/dist/core/languages/swiftAdapter.js.map +1 -1
package/dist/core/languages/swiftCyclomatic.js.map +1 -1
package/dist/core/languages/swiftFunctions.js +3 -1
package/dist/core/languages/swiftFunctions.js.map +1 -1
package/dist/core/languages/swiftImports.js.map +1 -1
package/dist/core/mergeRisk.js +5 -1
package/dist/core/mergeRisk.js.map +1 -1
package/dist/core/missionOutcome.d.ts +1 -1
package/dist/core/missionOutcome.js +9 -4
package/dist/core/missionOutcome.js.map +1 -1
package/dist/core/missionProof.d.ts +1 -1
package/dist/core/missionProof.js +8 -6
package/dist/core/missionProof.js.map +1 -1
package/dist/core/missionProofBaseline.d.ts +1 -1
package/dist/core/missionProofBaseline.js +8 -2
package/dist/core/missionProofBaseline.js.map +1 -1
package/dist/core/missionProofMarkdown.d.ts +1 -1
package/dist/core/missionProofMarkdown.js +4 -1
package/dist/core/missionProofMarkdown.js.map +1 -1
package/dist/core/missionProofSummary.d.ts +1 -1
package/dist/core/monorepo.d.ts +1 -1
package/dist/core/monorepo.js +4 -2
package/dist/core/monorepo.js.map +1 -1
package/dist/core/onboarding.d.ts +2 -1
package/dist/core/onboarding.js.map +1 -1
package/dist/core/outdatedDetector.js +5 -1
package/dist/core/outdatedDetector.js.map +1 -1
package/dist/core/ownership.js +3 -1
package/dist/core/ownership.js.map +1 -1
package/dist/core/pathClassifiers.js.map +1 -1
package/dist/core/pluginDx.js +2 -1
package/dist/core/pluginDx.js.map +1 -1
package/dist/core/pluginTrust.js +1 -3
package/dist/core/pluginTrust.js.map +1 -1
package/dist/core/plugins.js +5 -5
package/dist/core/plugins.js.map +1 -1
package/dist/core/prDiff.d.ts +1 -2
package/dist/core/prDiff.js +5 -1
package/dist/core/prDiff.js.map +1 -1
package/dist/core/preflight.js +15 -6
package/dist/core/preflight.js.map +1 -1
package/dist/core/privacy.js.map +1 -1
package/dist/core/qualityScorecard.d.ts +1 -1
package/dist/core/qualityScorecard.js +43 -11
package/dist/core/qualityScorecard.js.map +1 -1
package/dist/core/regressionPlan.js +25 -7
package/dist/core/regressionPlan.js.map +1 -1
package/dist/core/releaseEvidence.js +41 -17
package/dist/core/releaseEvidence.js.map +1 -1
package/dist/core/releaseTrain.js +66 -38
package/dist/core/releaseTrain.js.map +1 -1
package/dist/core/reportScope.d.ts +17 -0
package/dist/core/reportScope.js +143 -0
package/dist/core/reportScope.js.map +1 -0
package/dist/core/repositoryScanner.js +1 -3
package/dist/core/repositoryScanner.js.map +1 -1
package/dist/core/review.d.ts +1 -1
package/dist/core/review.js +72 -10
package/dist/core/review.js.map +1 -1
package/dist/core/reviewDataflow.js +7 -1
package/dist/core/reviewDataflow.js.map +1 -1
package/dist/core/reviewPublicSurface.d.ts +13 -0
package/dist/core/reviewPublicSurface.js +134 -0
package/dist/core/reviewPublicSurface.js.map +1 -0
package/dist/core/roadmapCatalog.d.ts +1 -0
package/dist/core/roadmapCatalog.js +349 -30
package/dist/core/roadmapCatalog.js.map +1 -1
package/dist/core/searchIndex.js +124 -17
package/dist/core/searchIndex.js.map +1 -1
package/dist/core/semanticGraph.js.map +1 -1
package/dist/core/semanticSearch.js +20 -4
package/dist/core/semanticSearch.js.map +1 -1
package/dist/core/session.js +1 -2
package/dist/core/session.js.map +1 -1
package/dist/core/sessionResources.js +6 -2
package/dist/core/sessionResources.js.map +1 -1
package/dist/core/start.d.ts +3 -9
package/dist/core/start.js +23 -3237
package/dist/core/start.js.map +1 -1
package/dist/core/startAdoptionLoop.d.ts +2 -0
package/dist/core/startAdoptionLoop.js +41 -0
package/dist/core/startAdoptionLoop.js.map +1 -0
package/dist/core/startEvidence.d.ts +5 -0
package/dist/core/startEvidence.js +62 -0
package/dist/core/startEvidence.js.map +1 -0
package/dist/core/startExecutionPlan.d.ts +16 -0
package/dist/core/startExecutionPlan.js +185 -0
package/dist/core/startExecutionPlan.js.map +1 -0
package/dist/core/startHarness.d.ts +3 -0
package/dist/core/startHarness.js +47 -0
package/dist/core/startHarness.js.map +1 -0
package/dist/core/startIntentTargets.d.ts +24 -0
package/dist/core/startIntentTargets.js +1106 -0
package/dist/core/startIntentTargets.js.map +1 -0
package/dist/core/startMissionControl.d.ts +16 -0
package/dist/core/startMissionControl.js +145 -0
package/dist/core/startMissionControl.js.map +1 -0
package/dist/core/startMissionPolicy.d.ts +19 -0
package/dist/core/startMissionPolicy.js +246 -0
package/dist/core/startMissionPolicy.js.map +1 -0
package/dist/core/startMode.d.ts +11 -0
package/dist/core/startMode.js +139 -0
package/dist/core/startMode.js.map +1 -0
package/dist/core/startNextActions.d.ts +13 -0
package/dist/core/startNextActions.js +19 -0
package/dist/core/startNextActions.js.map +1 -0
package/dist/core/startOptions.d.ts +18 -0
package/dist/core/startOptions.js +29 -0
package/dist/core/startOptions.js.map +1 -0
package/dist/core/startResume.d.ts +7 -0
package/dist/core/startResume.js +468 -0
package/dist/core/startResume.js.map +1 -0
package/dist/core/startReviewGate.d.ts +11 -0
package/dist/core/startReviewGate.js +200 -0
package/dist/core/startReviewGate.js.map +1 -0
package/dist/core/startRouteActions.d.ts +7 -0
package/dist/core/startRouteActions.js +497 -0
package/dist/core/startRouteActions.js.map +1 -0
package/dist/core/startRunbook.d.ts +24 -0
package/dist/core/startRunbook.js +271 -0
package/dist/core/startRunbook.js.map +1 -0
package/dist/core/startSuccessCriteria.d.ts +14 -0
package/dist/core/startSuccessCriteria.js +497 -0
package/dist/core/startSuccessCriteria.js.map +1 -0
package/dist/core/taint.js +22 -12
package/dist/core/taint.js.map +1 -1
package/dist/core/telemetry.js +19 -5
package/dist/core/telemetry.js.map +1 -1
package/dist/core/trial.d.ts +1 -1
package/dist/core/trial.js +15 -6
package/dist/core/trial.js.map +1 -1
package/dist/core/understand.d.ts +1 -1
package/dist/core/understand.js +165 -51
package/dist/core/understand.js.map +1 -1
package/dist/core/upgradePreview.js +73 -1
package/dist/core/upgradePreview.js.map +1 -1
package/dist/core/watcher.js +18 -3
package/dist/core/watcher.js.map +1 -1
package/dist/core/workplan.js +87 -17
package/dist/core/workplan.js.map +1 -1
package/dist/core/workspace.js.map +1 -1
package/dist/index.d.ts +9 -9
package/dist/index.js +7 -7
package/dist/index.js.map +1 -1
package/dist/mcp/pagination.js.map +1 -1
package/dist/mcp/prompts.js +28 -20
package/dist/mcp/prompts.js.map +1 -1
package/dist/mcp/server.js +6 -74
package/dist/mcp/server.js.map +1 -1
package/dist/mcp/serverPayload.d.ts +13 -0
package/dist/mcp/serverPayload.js +61 -0
package/dist/mcp/serverPayload.js.map +1 -0
package/dist/mcp/tokenBudget.js.map +1 -1
package/dist/mcp/tools/_shared.js.map +1 -1
package/dist/mcp/tools/agentBrief.js +7 -1
package/dist/mcp/tools/agentBrief.js.map +1 -1
package/dist/mcp/tools/applyFix.js +1 -1
package/dist/mcp/tools/applyFix.js.map +1 -1
package/dist/mcp/tools/audit.js.map +1 -1
package/dist/mcp/tools/bugHunt.js +2 -2
package/dist/mcp/tools/bugHunt.js.map +1 -1
package/dist/mcp/tools/claim.js +8 -3
package/dist/mcp/tools/claim.js.map +1 -1
package/dist/mcp/tools/collision.js +3 -1
package/dist/mcp/tools/collision.js.map +1 -1
package/dist/mcp/tools/coordinate.js.map +1 -1
package/dist/mcp/tools/coordinateWatch.js +5 -2
package/dist/mcp/tools/coordinateWatch.js.map +1 -1
package/dist/mcp/tools/costSummary.js.map +1 -1
package/dist/mcp/tools/coupling.js.map +1 -1
package/dist/mcp/tools/coverage.js.map +1 -1
package/dist/mcp/tools/dataflow.js.map +1 -1
package/dist/mcp/tools/dependencies.js +4 -1
package/dist/mcp/tools/dependencies.js.map +1 -1
package/dist/mcp/tools/doctor.js.map +1 -1
package/dist/mcp/tools/explainIssue.js +4 -1
package/dist/mcp/tools/explainIssue.js.map +1 -1
package/dist/mcp/tools/fixSuggest.js +5 -2
package/dist/mcp/tools/fixSuggest.js.map +1 -1
package/dist/mcp/tools/hotspots.js +4 -1
package/dist/mcp/tools/hotspots.js.map +1 -1
package/dist/mcp/tools/impact.js +10 -3
package/dist/mcp/tools/impact.js.map +1 -1
package/dist/mcp/tools/mergeRisk.js.map +1 -1
package/dist/mcp/tools/plugin.js +6 -1
package/dist/mcp/tools/plugin.js.map +1 -1
package/dist/mcp/tools/prDiff.js.map +1 -1
package/dist/mcp/tools/preflight.js +1 -5
package/dist/mcp/tools/preflight.js.map +1 -1
package/dist/mcp/tools/review.js.map +1 -1
package/dist/mcp/tools/reviewWatch.d.ts +1 -1
package/dist/mcp/tools/reviewWatch.js +9 -9
package/dist/mcp/tools/reviewWatch.js.map +1 -1
package/dist/mcp/tools/route.js +1 -1
package/dist/mcp/tools/route.js.map +1 -1
package/dist/mcp/tools/search.js.map +1 -1
package/dist/mcp/tools/semanticGraph.js +8 -2
package/dist/mcp/tools/semanticGraph.js.map +1 -1
package/dist/mcp/tools/start.js.map +1 -1
package/dist/mcp/tools/structure.js +7 -1
package/dist/mcp/tools/structure.js.map +1 -1
package/dist/mcp/tools/understand.js.map +1 -1
package/dist/mcp/tools/upgrade.d.ts +1 -1
package/dist/mcp/tools/upgrade.js +2 -16
package/dist/mcp/tools/upgrade.js.map +1 -1
package/dist/mcp/tools/workspaceGraph.js +10 -1
package/dist/mcp/tools/workspaceGraph.js.map +1 -1
package/dist/mcp/tools.js +3 -1
package/dist/mcp/tools.js.map +1 -1
package/dist/projscan-sbom.cdx.json +2136 -904
package/dist/reporters/consoleAnalysisReporter.d.ts +2 -0
package/dist/reporters/consoleAnalysisReporter.js +89 -0
package/dist/reporters/consoleAnalysisReporter.js.map +1 -0
package/dist/reporters/consoleArchitectureReporter.d.ts +3 -0
package/dist/reporters/consoleArchitectureReporter.js +47 -0
package/dist/reporters/consoleArchitectureReporter.js.map +1 -0
package/dist/reporters/consoleAuditReporter.d.ts +2 -0
package/dist/reporters/consoleAuditReporter.js +46 -0
package/dist/reporters/consoleAuditReporter.js.map +1 -0
package/dist/reporters/consoleCiReporter.d.ts +2 -0
package/dist/reporters/consoleCiReporter.js +27 -0
package/dist/reporters/consoleCiReporter.js.map +1 -0
package/dist/reporters/consoleCouplingReporter.d.ts +2 -0
package/dist/reporters/consoleCouplingReporter.js +53 -0
package/dist/reporters/consoleCouplingReporter.js.map +1 -0
package/dist/reporters/consoleCoverageReporter.d.ts +2 -0
package/dist/reporters/consoleCoverageReporter.js +62 -0
package/dist/reporters/consoleCoverageReporter.js.map +1 -0
package/dist/reporters/consoleDependencyReporter.d.ts +2 -0
package/dist/reporters/consoleDependencyReporter.js +64 -0
package/dist/reporters/consoleDependencyReporter.js.map +1 -0
package/dist/reporters/consoleDiffReporter.d.ts +2 -0
package/dist/reporters/consoleDiffReporter.js +80 -0
package/dist/reporters/consoleDiffReporter.js.map +1 -0
package/dist/reporters/consoleExplanationReporter.d.ts +2 -0
package/dist/reporters/consoleExplanationReporter.js +33 -0
package/dist/reporters/consoleExplanationReporter.js.map +1 -0
package/dist/reporters/consoleFileReporter.d.ts +2 -0
package/dist/reporters/consoleFileReporter.js +133 -0
package/dist/reporters/consoleFileReporter.js.map +1 -0
package/dist/reporters/consoleFixGuidanceReporter.d.ts +8 -0
package/dist/reporters/consoleFixGuidanceReporter.js +135 -0
package/dist/reporters/consoleFixGuidanceReporter.js.map +1 -0
package/dist/reporters/consoleHealthReporter.d.ts +13 -0
package/dist/reporters/consoleHealthReporter.js +111 -0
package/dist/reporters/consoleHealthReporter.js.map +1 -0
package/dist/reporters/consoleHotspotReporter.d.ts +2 -0
package/dist/reporters/consoleHotspotReporter.js +68 -0
package/dist/reporters/consoleHotspotReporter.js.map +1 -0
package/dist/reporters/consoleImpactReporter.d.ts +2 -0
package/dist/reporters/consoleImpactReporter.js +65 -0
package/dist/reporters/consoleImpactReporter.js.map +1 -0
package/dist/reporters/consoleOutdatedReporter.d.ts +2 -0
package/dist/reporters/consoleOutdatedReporter.js +54 -0
package/dist/reporters/consoleOutdatedReporter.js.map +1 -0
package/dist/reporters/consolePrDiffReporter.d.ts +2 -0
package/dist/reporters/consolePrDiffReporter.js +75 -0
package/dist/reporters/consolePrDiffReporter.js.map +1 -0
package/dist/reporters/consoleReporter.d.ts +21 -38
package/dist/reporters/consoleReporter.js +19 -1000
package/dist/reporters/consoleReporter.js.map +1 -1
package/dist/reporters/consoleReviewReporter.d.ts +2 -0
package/dist/reporters/consoleReviewReporter.js +101 -0
package/dist/reporters/consoleReviewReporter.js.map +1 -0
package/dist/reporters/consoleUpgradeReporter.d.ts +2 -0
package/dist/reporters/consoleUpgradeReporter.js +89 -0
package/dist/reporters/consoleUpgradeReporter.js.map +1 -0
package/dist/reporters/consoleWorkspaceReporter.d.ts +2 -0
package/dist/reporters/consoleWorkspaceReporter.js +24 -0
package/dist/reporters/consoleWorkspaceReporter.js.map +1 -0
package/dist/reporters/htmlReporter.d.ts +2 -1
package/dist/reporters/htmlReporter.js +9 -3
package/dist/reporters/htmlReporter.js.map +1 -1
package/dist/reporters/jsonReporter.d.ts +2 -1
package/dist/reporters/jsonReporter.js.map +1 -1
package/dist/reporters/markdownAnalysisReporter.d.ts +2 -0
package/dist/reporters/markdownAnalysisReporter.js +40 -0
package/dist/reporters/markdownAnalysisReporter.js.map +1 -0
package/dist/reporters/markdownAuditReporter.d.ts +2 -0
package/dist/reporters/markdownAuditReporter.js +27 -0
package/dist/reporters/markdownAuditReporter.js.map +1 -0
package/dist/reporters/markdownDependencyReporter.d.ts +2 -0
package/dist/reporters/markdownDependencyReporter.js +33 -0
package/dist/reporters/markdownDependencyReporter.js.map +1 -0
package/dist/reporters/markdownDiffReporter.d.ts +2 -0
package/dist/reporters/markdownDiffReporter.js +65 -0
package/dist/reporters/markdownDiffReporter.js.map +1 -0
package/dist/reporters/markdownFileReporter.d.ts +2 -0
package/dist/reporters/markdownFileReporter.js +92 -0
package/dist/reporters/markdownFileReporter.js.map +1 -0
package/dist/reporters/markdownFixGuidanceReporter.d.ts +8 -0
package/dist/reporters/markdownFixGuidanceReporter.js +95 -0
package/dist/reporters/markdownFixGuidanceReporter.js.map +1 -0
package/dist/reporters/markdownImpactReporter.d.ts +2 -0
package/dist/reporters/markdownImpactReporter.js +52 -0
package/dist/reporters/markdownImpactReporter.js.map +1 -0
package/dist/reporters/markdownReporter.d.ts +10 -16
package/dist/reporters/markdownReporter.js +9 -452
package/dist/reporters/markdownReporter.js.map +1 -1
package/dist/reporters/markdownReviewReporter.d.ts +2 -0
package/dist/reporters/markdownReviewReporter.js +84 -0
package/dist/reporters/markdownReviewReporter.js.map +1 -0
package/dist/reporters/markdownUpgradeReporter.d.ts +2 -0
package/dist/reporters/markdownUpgradeReporter.js +62 -0
package/dist/reporters/markdownUpgradeReporter.js.map +1 -0
package/dist/reporters/sarifReporter.js.map +1 -1
package/dist/tool-manifest.json +5 -5
package/dist/types/agentBrief.d.ts +48 -0
package/dist/types/agentBrief.js +2 -0
package/dist/types/agentBrief.js.map +1 -0
package/dist/types/analysis.d.ts +32 -0
package/dist/types/analysis.js +2 -0
package/dist/types/analysis.js.map +1 -0
package/dist/types/baseline.d.ts +59 -0
package/dist/types/baseline.js +2 -0
package/dist/types/baseline.js.map +1 -0
package/dist/types/bugHunt.d.ts +41 -0
package/dist/types/bugHunt.js +2 -0
package/dist/types/bugHunt.js.map +1 -0
package/dist/types/common.d.ts +34 -0
package/dist/types/common.js +2 -0
package/dist/types/common.js.map +1 -0
package/dist/types/config.d.ts +66 -0
package/dist/types/config.js +2 -0
package/dist/types/config.js.map +1 -0
package/dist/types/coupling.d.ts +40 -0
package/dist/types/coupling.js +2 -0
package/dist/types/coupling.js.map +1 -0
package/dist/types/coverage.d.ts +32 -0
package/dist/types/coverage.js +2 -0
package/dist/types/coverage.js.map +1 -0
package/dist/types/dependencyHealth.d.ts +73 -0
package/dist/types/dependencyHealth.js +2 -0
package/dist/types/dependencyHealth.js.map +1 -0
package/dist/types/dogfood.d.ts +185 -0
package/dist/types/dogfood.js +2 -0
package/dist/types/dogfood.js.map +1 -0
package/dist/types/evidencePack.d.ts +76 -0
package/dist/types/evidencePack.js +2 -0
package/dist/types/evidencePack.js.map +1 -0
package/dist/types/fixes.d.ts +77 -0
package/dist/types/fixes.js +2 -0
package/dist/types/fixes.js.map +1 -0
package/dist/types/graph.d.ts +80 -0
package/dist/types/graph.js +2 -0
package/dist/types/graph.js.map +1 -0
package/dist/types/graphCorpus.d.ts +16 -0
package/dist/types/graphCorpus.js +2 -0
package/dist/types/graphCorpus.js.map +1 -0
package/dist/types/hotspots.d.ts +42 -0
package/dist/types/hotspots.js +2 -0
package/dist/types/hotspots.js.map +1 -0
package/dist/types/impact.d.ts +62 -0
package/dist/types/impact.js +2 -0
package/dist/types/impact.js.map +1 -0
package/dist/types/inspection.d.ts +47 -0
package/dist/types/inspection.js +2 -0
package/dist/types/inspection.js.map +1 -0
package/dist/types/mcp.d.ts +39 -0
package/dist/types/mcp.js +2 -0
package/dist/types/mcp.js.map +1 -0
package/dist/types/pluginDx.d.ts +42 -0
package/dist/types/pluginDx.js +2 -0
package/dist/types/pluginDx.js.map +1 -0
package/dist/types/prDiff.d.ts +41 -0
package/dist/types/prDiff.js +2 -0
package/dist/types/prDiff.js.map +1 -0
package/dist/types/preflight.d.ts +122 -0
package/dist/types/preflight.js +2 -0
package/dist/types/preflight.js.map +1 -0
package/dist/types/qualityScorecard.d.ts +34 -0
package/dist/types/qualityScorecard.js +2 -0
package/dist/types/qualityScorecard.js.map +1 -0
package/dist/types/regressionPlan.d.ts +32 -0
package/dist/types/regressionPlan.js +2 -0
package/dist/types/regressionPlan.js.map +1 -0
package/dist/types/releaseTrain.d.ts +37 -0
package/dist/types/releaseTrain.js +2 -0
package/dist/types/releaseTrain.js.map +1 -0
package/dist/types/review.d.ts +203 -0
package/dist/types/review.js +2 -0
package/dist/types/review.js.map +1 -0
package/dist/types/reviewContract.d.ts +9 -0
package/dist/types/reviewContract.js +2 -0
package/dist/types/reviewContract.js.map +1 -0
package/dist/types/scanning.d.ts +111 -0
package/dist/types/scanning.js +2 -0
package/dist/types/scanning.js.map +1 -0
package/dist/types/session.d.ts +42 -0
package/dist/types/session.js +2 -0
package/dist/types/session.js.map +1 -0
package/dist/types/start.d.ts +437 -0
package/dist/types/start.js +2 -0
package/dist/types/start.js.map +1 -0
package/dist/types/trial.d.ts +27 -0
package/dist/types/trial.js +2 -0
package/dist/types/trial.js.map +1 -0
package/dist/types/understand.d.ts +153 -0
package/dist/types/understand.js +2 -0
package/dist/types/understand.js.map +1 -0
package/dist/types/workplan.d.ts +67 -0
package/dist/types/workplan.js +2 -0
package/dist/types/workplan.js.map +1 -0
package/dist/types/workplanHandoff.d.ts +11 -0
package/dist/types/workplanHandoff.js +2 -0
package/dist/types/workplanHandoff.js.map +1 -0
package/dist/types/workspace.d.ts +18 -0
package/dist/types/workspace.js +2 -0
package/dist/types/workspace.js.map +1 -0
package/dist/types.d.ts +34 -2348
package/dist/types.js +0 -1
package/dist/types.js.map +1 -1
package/dist/utils/banner.js +15 -6
package/dist/utils/banner.js.map +1 -1
package/dist/utils/baseline.js +11 -9
package/dist/utils/baseline.js.map +1 -1
package/dist/utils/changedFiles.js +1 -1
package/dist/utils/changedFiles.js.map +1 -1
package/dist/utils/config.d.ts +2 -1
package/dist/utils/config.js +32 -0
package/dist/utils/config.js.map +1 -1
package/dist/utils/formatSupport.d.ts +1 -1
package/dist/utils/formatSupport.js +7 -1
package/dist/utils/formatSupport.js.map +1 -1
package/dist/utils/packageJsonLocator.js.map +1 -1
package/docs/GUIDE.md +211 -147
package/docs/PLUGIN-GALLERY.md +9 -1
package/docs/ROADMAP.md +120 -86
package/docs/demos/projscan-4-1-demo.html +46 -79
package/docs/examples/adoption-workflows.md +128 -0
package/docs/examples/plugins/graph-context.mjs +1 -2
package/docs/examples/plugins/security-sensitive-files.mjs +2 -1
package/docs/examples/swarm-coordination.md +109 -0
package/package.json +12 -5

package/docs/demos/projscan-4-1-demo.html CHANGED Viewed

@@ -34,8 +34,13 @@
         background: var(--paper);
         color: var(--ink);
         font-family:
-          Inter, ui-sans-serif, system-ui, -apple-system, BlinkMacSystemFont,
-          "Segoe UI", sans-serif;
+          Inter,
+          ui-sans-serif,
+          system-ui,
+          -apple-system,
+          BlinkMacSystemFont,
+          'Segoe UI',
+          sans-serif;
         line-height: 1.45;
       }
@@ -181,8 +186,7 @@
       .terminal-body {
         padding: 26px;
-        font-family:
-          "SFMono-Regular", Consolas, "Liberation Mono", Menlo, monospace;
+        font-family: 'SFMono-Regular', Consolas, 'Liberation Mono', Menlo, monospace;
         font-size: 15px;
       }
@@ -425,9 +429,9 @@
             <p class="eyebrow">Mission Outcome Loop</p>
             <h1>Resume from real proof.</h1>
             <p class="lead">
-              projscan routes a developer goal, saves the mission, reads the
-              proof state, and tells the next agent what changed, what remains,
-              and whether the work is ready for version review.
+              projscan routes a developer goal, saves the mission, reads the proof state, and tells
+              the next agent what changed, what remains, and whether the work is ready for version
+              review.
             </p>
             <div class="pills" aria-label="Product capabilities">
               <span class="pill">Mission Control</span>
@@ -464,64 +468,41 @@
           <div class="terminal-body">
             <span class="line"
               ><span class="prompt">$</span>
-              <span class="cmd"
-                >projscan start --mission .projscan/mission</span
-              ></span
+              <span class="cmd">projscan start --mission .projscan/mission</span></span
             >
             <span class="line dim">ProjScan Mission Control</span>
             <span class="line">Mission: .projscan/mission</span>
             <span class="line">Status: <span class="success">passed</span></span>
             <span class="line"
-              >Outcome:
-              <span class="notice">proof passed after 3 commands</span></span
-            >
-            <span class="line dim"
-              >read proof-logs/summary.json and status.jsonl</span
+              >Outcome: <span class="notice">proof passed after 3 commands</span></span
             >
+            <span class="line dim">read proof-logs/summary.json and status.jsonl</span>
             <div class="term-section">
               <span class="line term-heading">What Changed</span>
-              <span class="line"
-                >- Mission proof passed after 3 command(s).</span
-              >
-              <span class="line"
-                >- 1 reviewer decision recorded.</span
-              >
+              <span class="line">- Mission proof passed after 3 command(s).</span>
+              <span class="line">- 1 reviewer decision recorded.</span>
               <span class="line">- 0 failed gates remain.</span>
             </div>
             <div class="term-section">
               <span class="line term-heading">What Remains</span>
-              <span class="line success"
-                >Run ./review.sh and choose a reviewer reply.</span
-              >
-              <span class="line success"
-                >Version candidate: review_candidate</span
-              >
+              <span class="line success">Run ./review.sh and choose a reviewer reply.</span>
+              <span class="line success">Version candidate: review_candidate</span>
             </div>
             <div class="term-section">
               <span class="line term-heading">Outcome Commands</span>
-              <span class="line success"
-                >projscan start --mission .projscan/mission</span
-              >
-              <span class="line success"
-                >projscan mission-proof --mission .projscan/mission</span
-              >
-              <span class="line success"
-                >projscan mission-proof --baseline manual-runs.json</span
-              >
+              <span class="line success">projscan start --mission .projscan/mission</span>
+              <span class="line success">projscan mission-proof --mission .projscan/mission</span>
+              <span class="line success">projscan mission-proof --baseline manual-runs.json</span>
               <span class="line dim">all source stays local</span>
             </div>
             <div class="term-section">
               <span class="line term-heading">Proof Evidence</span>
-              <span class="line success"
-                >proof-logs/summary.json: passed</span
-              >
-              <span class="line success"
-                >proof-logs/status.jsonl: 3 rows</span
-              >
+              <span class="line success">proof-logs/summary.json: passed</span>
+              <span class="line success">proof-logs/status.jsonl: 3 rows</span>
             </div>
             <div class="term-section">
@@ -540,27 +521,25 @@
           <span class="label green">Goal routing</span>
           <h2>Ask in plain language.</h2>
           <p>
-            Route privacy, merge readiness, refactor risk, local setup,
-            ownership, dependency, release, and handoff questions to the right
-            command with matched keywords and confidence.
+            Route privacy, merge readiness, refactor risk, local setup, ownership, dependency,
+            release, and handoff questions to the right command with matched keywords and
+            confidence.
           </p>
         </article>
         <article class="card">
           <span class="label blue">Outcome resume</span>
           <h2>Start from saved proof.</h2>
           <p>
-            <code>projscan start --mission</code> reads the bundle proof state
-            and gives the next agent a focused "what changed / what remains"
-            handoff.
+            <code>projscan start --mission</code> reads the bundle proof state and gives the next
+            agent a focused "what changed / what remains" handoff.
           </p>
         </article>
         <article class="card">
           <span class="label amber">Proof report</span>
           <h2>Measure the saved work.</h2>
           <p>
-            <code>projscan mission-proof</code> reports proof completion,
-            reviewer approvals, reruns, failed gates, time saved, and local
-            risk avoided.
+            <code>projscan mission-proof</code> reports proof completion, reviewer approvals,
+            reruns, failed gates, time saved, and local risk avoided.
           </p>
         </article>
       </section>
@@ -572,9 +551,9 @@
             <h2>Close the loop.</h2>
           </div>
           <p>
-            Developers and agents can resume from a saved mission bundle,
-            summarize pass/fail evidence, and compare local proof against a
-            manual baseline without sending source code anywhere.
+            Developers and agents can resume from a saved mission bundle, summarize pass/fail
+            evidence, and compare local proof against a manual baseline without sending source code
+            anywhere.
           </p>
         </div>
@@ -590,27 +569,18 @@
               <span class="line"
                 ><span class="prompt">$</span>
                 <span class="cmd"
-                  >projscan mission-proof --mission .projscan/mission --format
-                  json</span
+                  >projscan mission-proof --mission .projscan/mission --format json</span
                 ></span
               >
               <span class="line dim">Local proof summary</span>
               <span class="line">&nbsp;</span>
               <span class="line term-heading">{"passed":1,"failed":0,</span>
-              <span class="line success"
-                >&nbsp;"reruns":0,"reviewerApprovals":1}</span
-              >
+              <span class="line success">&nbsp;"reruns":0,"reviewerApprovals":1}</span>
               <span class="line">&nbsp;</span>
               <span class="line term-heading">Risk avoided</span>
-              <span class="line success"
-                >- proof gate passed before release</span
-              >
-              <span class="line success"
-                >- version review is safe to request</span
-              >
-              <span class="line notice"
-                >Next: projscan start --mission .projscan/mission</span
-              >
+              <span class="line success">- proof gate passed before release</span>
+              <span class="line success">- version review is safe to request</span>
+              <span class="line notice">Next: projscan start --mission .projscan/mission</span>
             </div>
           </section>
@@ -619,32 +589,29 @@
               <span class="tag green">Verify</span>
               <span>
                 <strong>Outcome resume</strong>
-                <code>--mission</code> reads <code>summary.json</code>, status
-                rows, and reviewer decisions.
+                <code>--mission</code> reads <code>summary.json</code>, status rows, and reviewer
+                decisions.
               </span>
             </div>
             <div class="signal">
               <span class="tag blue">MCP</span>
               <span>
                 <strong>MCP start input</strong>
-                <code>mission_dir</code> carries the same proof outcome to
-                agent clients.
+                <code>mission_dir</code> carries the same proof outcome to agent clients.
               </span>
             </div>
             <div class="signal">
               <span class="tag amber">List</span>
               <span>
                 <strong>Proof summary</strong>
-                <code>mission-proof</code> reports completion, reruns, failed
-                gates, and approvals.
+                <code>mission-proof</code> reports completion, reruns, failed gates, and approvals.
               </span>
             </div>
             <div class="signal">
               <span class="tag red">Gate</span>
               <span>
                 <strong>Version review</strong>
-                Outcome data says whether to request review or keep fixing
-                failed proof.
+                Outcome data says whether to request review or keep fixing failed proof.
               </span>
             </div>
           </div>
@@ -652,10 +619,10 @@
       </section>
     </main>
     <script>
-      if (window.location.hash === "#proof") {
-        document.body.classList.add("proof-only");
+      if (window.location.hash === '#proof') {
+        document.body.classList.add('proof-only');
       }
-      document.documentElement.dataset.ready = "true";
+      document.documentElement.dataset.ready = 'true';
     </script>
   </body>
 </html>

package/docs/examples/adoption-workflows.md ADDED Viewed

@@ -0,0 +1,128 @@
+# Adoption Workflows
+These examples turn projscan from a one-off scanner into a repeatable team
+habit. They are written around the personas in `docs/PERSONAS.md`: skeptical
+senior reviewer, platform lead, product engineer, release owner, and security
+reviewer.
+## 1. Agent Orchestration
+Use this when a team is standardizing how agents start work, prove changes, and
+hand off safely.
+```bash
+projscan privacy-check --offline
+projscan start --intent "add billing webhook support" --format json
+projscan preflight --mode before_edit --format json
+projscan workplan --mode before_edit --format json
+projscan agent-brief --intent "handoff billing webhook work" --format json
+```
+Decision loop:
+| Persona | Reads | Decision |
+| --- | --- | --- |
+| Product engineer | `start.missionControl.readyActions` | What can I run now? |
+| Platform lead | `preflight.verdict`, coordination hints | Is parallel work safe? |
+| Senior reviewer | proof commands and done criteria | Is the handoff reviewable? |
+If the repo uses AgentLoopKit or AgentFlight, `projscan start` surfaces the
+local harness proof commands when their config files exist. Run those commands
+as part of the handoff proof:
+```bash
+npm exec agentloop -- status
+npm exec agentflight -- verify
+```
+## 2. Package Ownership
+Use this when a monorepo or platform team needs to know who owns a dependency,
+route review, or plan an upgrade.
+```bash
+projscan dependencies --format json
+projscan semantic-graph --query package_importers --symbol fastapi --format json
+projscan upgrade fastapi --format json
+projscan agent-brief --intent "handoff package ownership for fastapi" --format json
+```
+For Node packages, `upgrade` reads local `package.json`, `node_modules`, local
+CHANGELOG files, and importer evidence. For Python packages, it reads
+`pyproject.toml`, `setup.cfg`, `setup.py`, root `requirements*.txt` files,
+Poetry lockfiles, and pinned root requirements, then returns declared scope,
+current-version source, drift, and Python importers.
+Decision loop:
+| Persona | Reads | Decision |
+| --- | --- | --- |
+| Package owner | importer list | Which app or package needs review? |
+| Release owner | drift and importer count | Is this safe for the current train? |
+| Security reviewer | audit/dependencies plus importer evidence | Is a forced update justified? |
+## 3. Custom Policy Plugin
+Use this when team-specific rules matter more than generic static analysis,
+such as service ownership, route policy, or security-sensitive directories.
+```bash
+projscan plugin init --kind analyzer --name team-policy
+projscan plugin validate .projscan-plugins/team-policy.projscan-plugin.json
+projscan plugin test .projscan-plugins/team-policy.projscan-plugin.json
+PROJSCAN_PLUGINS_PREVIEW=1 projscan doctor --format json
+```
+Start from packaged examples:
+- `docs/examples/plugins/policy.projscan-plugin.json`
+- `docs/examples/plugins/api-route-ownership.projscan-plugin.json`
+- `docs/examples/plugins/security-sensitive-files.projscan-plugin.json`
+- `docs/examples/plugins/team-radar.projscan-plugin.json`
+Decision loop:
+| Persona | Reads | Decision |
+| --- | --- | --- |
+| Platform lead | plugin diagnostics | Is the rule trusted enough for CI? |
+| Security reviewer | emitted issues | Does the policy catch the right risky paths? |
+| Product engineer | suggested action | Can this be fixed without tribal context? |
+## 4. Shareable Evidence With Path Controls
+Use this when a team wants to share a health or CI artifact without exposing
+repo layout or sensitive paths.
+```bash
+projscan analyze --report-scope src/api --redact-paths --format json > reports/api-analysis.json
+projscan doctor --report-scope src/api --redact-paths --format markdown > reports/api-health.md
+projscan ci --report-scope src/api --redact-paths --format sarif > reports/api.sarif
+```
+`--report-scope` keeps only issues and files under the listed repo-relative
+paths. `--redact-paths` replaces file paths with stable labels such as
+`redacted-path-1`, so reviewers can correlate evidence without seeing the
+original repo structure.
+When the same evidence shape is reused by a partner review, security check, or
+release train, put it in config and select it by name:
+```json
+{
+  "reportPolicies": {
+    "apiEvidence": {
+      "reportScope": ["src/api"],
+      "redactPaths": true
+    }
+  }
+}
+```
+```bash
+projscan analyze --report-policy apiEvidence --format json > reports/api-analysis.json
+projscan doctor --report-policy apiEvidence --format markdown > reports/api-health.md
+projscan ci --report-policy apiEvidence --format sarif > reports/api.sarif
+```
+Use direct `--report-scope` or `--redact-paths` flags with `--report-policy` for
+one-off overrides without changing the shared config preset.

package/docs/examples/plugins/graph-context.mjs CHANGED Viewed

@@ -16,8 +16,7 @@ export default {
       {
         id: 'graph-context-summary',
         title: 'Graph context available',
-        description:
-          `Plugin received ${fileCount} file(s), ${functionCount} function(s), ${callEdges} semantic edge(s), and ${dataflow.riskCount} dataflow risk(s).`,
+        description: `Plugin received ${fileCount} file(s), ${functionCount} function(s), ${callEdges} semantic edge(s), and ${dataflow.riskCount} dataflow risk(s).`,
         severity,
         category: 'architecture',
         fixAvailable: false,

package/docs/examples/plugins/security-sensitive-files.mjs CHANGED Viewed

@@ -1,4 +1,5 @@
-const SECURITY_SENSITIVE = /(^|\/)(auth|crypto|security|secrets?|payments?|billing|middleware)(\/|\.)|\.env(\.|$)|(^|\/)server\.ts$/i;
+const SECURITY_SENSITIVE =
+  /(^|\/)(auth|crypto|security|secrets?|payments?|billing|middleware)(\/|\.)|\.env(\.|$)|(^|\/)server\.ts$/i;
 export default {
   check: async (_rootPath, files) => {

package/docs/examples/swarm-coordination.md ADDED Viewed

@@ -0,0 +1,109 @@
+# Swarm Coordination Workflow
+Use this recipe when two or more agents, worktrees, or developers are changing
+the same repo. The goal is not to prevent parallel work; it is to make overlap,
+claim contention, and merge order visible before code lands.
+## Personas
+- Platform lead: wants low merge conflict rate and clear ownership when several
+  agents are active.
+- Product engineer: wants to keep moving without reading every sibling branch.
+- Release owner: wants a merge order and proof that high-risk overlaps were
+  reviewed before sign-off.
+## Start of Work
+Run this before the first edit in each worktree:
+```bash
+projscan start --intent "show coordination status for parallel agents" --format json
+projscan coordinate --format json
+projscan claim list --format json
+```
+If the work has a known file, claim it with a short lease:
+```bash
+projscan claim add src/core/start.ts --agent api-agent --ttl 2700 --format json
+```
+Treat a claim conflict as a routing signal. Either choose another task, split
+the file, or ask the owner to release the claim.
+## During Work
+Use the dedicated coordination tools for specific questions:
+```bash
+projscan collisions --format json
+projscan merge-risk --format json
+projscan coordinate --format json
+```
+Read the outputs this way:
+| Tool | Question answered | Action |
+| --- | --- | --- |
+| `collisions` | Which worktrees touch the same files or dependent files? | Move one branch first, split work, or ask for review. |
+| `claim list` | Who says they own a file, directory, or symbol right now? | Avoid edits under active leases unless agreed. |
+| `merge-risk` | Which branch should merge first? | Integrate the least-entangled branch before larger branches. |
+| `coordinate` | Is the current swarm clear, cautious, or conflicted? | Use this as the one-line status in handoffs. |
+| `agent-brief` | What should the next agent know? | Include coordination hints in the next-agent packet. |
+For MCP clients that support long-running notifications, use the watch tool:
+```text
+projscan_coordinate_watch { "action": "start" }
+projscan_coordinate_watch { "action": "list" }
+projscan_coordinate_watch { "action": "stop" }
+```
+For CLI users, `coordinate` also supports polling:
+```bash
+projscan coordinate --watch --interval 5 --format json
+```
+The watch loop should be treated as advisory evidence. A changed notification
+or emitted watch row means rerun `projscan coordinate` before editing or merging.
+## Before Handoff
+Capture a compact handoff with coordination evidence:
+```bash
+projscan agent-brief --intent "handoff current parallel-agent work" --format json
+projscan preflight --mode before_commit --format json
+projscan coordinate --format json
+```
+Handoff text should include:
+- active claims you hold
+- collision count and readiness verdict
+- merge-risk order when multiple worktrees exist
+- exact proof commands already run
+- claim release command if the next agent owns the follow-up
+## Before Merge
+```bash
+projscan preflight --mode before_merge --format json
+projscan merge-risk --format json
+projscan coordinate --format json
+```
+Merge only when the coordination verdict is `clear` or when the release owner
+has reviewed the listed conflicts. If the verdict is `conflicted`, resolve or
+split the overlap before merging.
+## Evidence Gaps To Track
+These are the next hardening targets for real swarm usage:
+- transitive collision recall: prove dependent-file conflicts are caught, not
+  only same-file conflicts
+- live watch adoption: prove agents notice and act on coordination changes
+- preflight and agent-brief integration: prove the same coordination facts show
+  up where agents already look before editing or handing off

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "projscan",
   "mcpName": "io.github.abhiyoheswaran1/projscan",
-  "version": "4.3.1",
+  "version": "4.5.0",
   "description": "Agent-first code intelligence. MCP server (2025-03-26) with 11 AST adapters covering 12 named languages: JavaScript, TypeScript, Python, Go, Java, Ruby, Rust, PHP, C#, Kotlin, Swift, and C++; repo understanding maps (projscan_understand), stable v3 semantic graph (projscan_semantic_graph), dataflow risk engine with bridge-helper detection (projscan_dataflow), code graph, file + per-function AST cyclomatic complexity, per-function fan-in + fan-out, coupling + cycle detection, structural PR diff with HTML reporter, coverage report with HTML reporter, intent-grounded one-call PR review (projscan_review with optional `intent` arg, new taint flows, contract changes, and newDataflowRisks) and long-running PR-watch mode with structured per-bucket deltas (projscan_review_watch), first-60-seconds workflow orientation (projscan_start), agent workplans (projscan_workplan), bug-hunt queues (projscan_bug_hunt), product-line planning (projscan_release_train), evidence packs (projscan_evidence_pack), regression planning (projscan_regression_plan), agent briefs (projscan_agent_brief), quality scorecards (projscan_quality_scorecard), and preflight with supply-chain IOC evidence, rule-driven fix suggestions + mechanical apply layer with rollback (projscan_apply_fix, projscan_fix_suggest, projscan_explain_issue), source-to-sink taint analysis (projscan_taint) with truncation reporting, transitive blast-radius analysis with cross-repo mode (projscan_impact for files and symbols), cross-repo workspace registration + intelligence (projscan_workspace_graph), per-function semantic search chunks (sub-file embeddings), per-rule confidence + severity drift + cost-summary analytics with live streaming (projscan_cost_summary), stable local analyzer + reporter plugin API (projscan_plugin, CLI --reporter, opt-in via PROJSCAN_PLUGINS_PREVIEW=1), monorepo workspace awareness with cross-package import policy + per-package dependencies / outdated / audit, BM25 + optional semantic search, cursor pagination, progress notifications, context-budgeted output, and a stable-surface CI guard. CLI on the side.",
   "type": "module",
   "main": "./dist/index.js",
@@ -21,6 +21,8 @@
     "docs/demos/projscan-mission-control.tape",
     "docs/demos/projscan-mission-proof.tape",
     "docs/plugin.schema.json",
+    "docs/examples/adoption-workflows.md",
+    "docs/examples/swarm-coordination.md",
     "docs/projscan-mission-control.png",
     "docs/projscan-mission-control.gif",
     "docs/projscan-proof-router.png",
@@ -42,8 +44,10 @@
   "scripts": {
     "build": "tsc && node scripts/copy-wasm.mjs && node scripts/generate-tool-manifest.mjs",
     "dev": "tsc --watch",
-    "test": "vitest run --test-timeout 60000 --hook-timeout 60000 --maxWorkers 4",
-    "test:watch": "vitest --test-timeout 60000 --hook-timeout 60000",
+    "typecheck": "tsc --noEmit",
+    "typecheck:public-types": "tsc -p tsconfig.public-types.json",
+    "test": "vitest run --exclude '.worktrees/**' --test-timeout 60000 --hook-timeout 60000 --maxWorkers 4",
+    "test:watch": "vitest --exclude '.worktrees/**' --test-timeout 60000 --hook-timeout 60000",
     "lint": "eslint src/",
     "format": "prettier --write .",
     "bench": "node scripts/bench.mjs",
@@ -58,7 +62,7 @@
     "sbom:generate": "node scripts/generate-sbom.mjs",
     "prepare": "npm run build",
     "check:graph-corpus": "node scripts/check-graph-corpus.mjs",
-    "test:trust-smoke": "vitest run tests/cli/privacyCheck.test.ts tests/cli/start.test.ts tests/cli/preflight.test.ts tests/mcp/start.test.ts tests/mcp/preflight.test.ts tests/mcp/fileChangedNotifications.test.ts tests/core/repositoryScanner.gitignore.test.ts tests/core/issueEngine.trustConfig.test.ts tests/utils/changedFiles.test.ts tests/core/auditRunner.offline.test.ts tests/core/upgradePreview.checkRegistry.test.ts tests/core/telemetry.test.ts tests/analyzers/securityCheck.test.ts --test-timeout 60000 --hook-timeout 60000"
+    "test:trust-smoke": "vitest run --exclude '.worktrees/**' tests/cli/privacyCheck.test.ts tests/cli/start.test.ts tests/cli/preflight.test.ts tests/mcp/start.test.ts tests/mcp/preflight.test.ts tests/mcp/fileChangedNotifications.test.ts tests/core/repositoryScanner.gitignore.test.ts tests/core/issueEngine.trustConfig.test.ts tests/utils/changedFiles.test.ts tests/core/auditRunner.offline.test.ts tests/core/upgradePreview.checkRegistry.test.ts tests/core/telemetry.test.ts tests/analyzers/securityCheck.test.ts --test-timeout 60000 --hook-timeout 60000"
   },
   "keywords": [
     "cli",
@@ -118,14 +122,17 @@
     "@eslint/js": "^10.0.1",
     "@types/node": "^22.0.0",
     "@xenova/transformers": "^2.17.0",
+    "agentflight": "^0.4.1",
+    "agentloopkit": "^0.33.0",
     "eslint": "^10.0.3",
+    "prettier": "^3.8.4",
     "tree-sitter-cli": "^0.26.8",
     "tree-sitter-cpp": "^0.23.4",
     "tree-sitter-kotlin": "^0.3.8",
     "tree-sitter-swift": "^0.7.1",
     "typescript": "^5.6.0",
     "typescript-eslint": "^8.57.0",
-    "vite": "^6.4.2",
+    "vite": "^8.0.16",
     "vitest": "^4.1.8"
   },
   "overrides": {