pruneguard 0.2.1 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/README.md +234 -120
  2. package/bin/pruneguard +0 -0
  3. package/configuration_schema.json +110 -0
  4. package/dist/bin.mjs +5 -1
  5. package/dist/index.d.mts +177 -4
  6. package/dist/index.mjs +64 -5
  7. package/dist/{runtime-BxlGT_W-.mjs → runtime-BSHQsTbN.mjs} +71 -9
  8. package/package.json +11 -9
  9. package/report_schema.json +216 -0
  10. package/review_report_schema.json +624 -0
  11. package/safe_delete_report_schema.json +200 -0
package/review_report_schema.json ADDED
@@ -0,0 +1,624 @@
1
+ {
2
+ "$schema": "http://json-schema.org/draft-07/schema#",
3
+ "title": "ReviewReport",
4
+ "description": "Branch review report for CI/agent branch gating.",
5
+ "type": "object",
6
+ "required": [
7
+ "advisoryFindings",
8
+ "blockingFindings",
9
+ "changedFiles",
10
+ "newFindings",
11
+ "trust"
12
+ ],
13
+ "properties": {
14
+ "advisoryFindings": {
15
+ "description": "Findings that are advisory (medium/low confidence, or info severity).",
16
+ "type": "array",
17
+ "items": {
18
+ "$ref": "#/definitions/Finding"
19
+ }
20
+ },
21
+ "baseRef": {
22
+ "description": "Base ref used for comparison.",
23
+ "type": [
24
+ "string",
25
+ "null"
26
+ ]
27
+ },
28
+ "blockingFindings": {
29
+ "description": "Findings that should block merge (high confidence errors/warnings).",
30
+ "type": "array",
31
+ "items": {
32
+ "$ref": "#/definitions/Finding"
33
+ }
34
+ },
35
+ "changedFiles": {
36
+ "description": "Files changed on this branch.",
37
+ "type": "array",
38
+ "items": {
39
+ "type": "string"
40
+ }
41
+ },
42
+ "compatibilityWarnings": {
43
+ "description": "Compatibility warnings from framework detection.",
44
+ "type": "array",
45
+ "items": {
46
+ "type": "string"
47
+ }
48
+ },
49
+ "executionMode": {
50
+ "description": "Execution mode used for this review.",
51
+ "anyOf": [
52
+ {
53
+ "$ref": "#/definitions/ExecutionMode"
54
+ },
55
+ {
56
+ "type": "null"
57
+ }
58
+ ]
59
+ },
60
+ "latencyMs": {
61
+ "description": "Wall-clock latency in milliseconds.",
62
+ "type": [
63
+ "integer",
64
+ "null"
65
+ ],
66
+ "format": "uint64",
67
+ "minimum": 0.0
68
+ },
69
+ "newFindings": {
70
+ "description": "All new findings introduced on this branch.",
71
+ "type": "array",
72
+ "items": {
73
+ "$ref": "#/definitions/Finding"
74
+ }
75
+ },
76
+ "proposedActions": {
77
+ "description": "Proposed remediation actions for blocking findings.",
78
+ "type": "array",
79
+ "items": {
80
+ "$ref": "#/definitions/RemediationAction"
81
+ }
82
+ },
83
+ "recommendations": {
84
+ "description": "Concise recommendations for the branch author.",
85
+ "type": "array",
86
+ "items": {
87
+ "type": "string"
88
+ }
89
+ },
90
+ "recommendedActions": {
91
+ "description": "Machine-readable recommended next actions for agents.",
92
+ "type": "array",
93
+ "items": {
94
+ "$ref": "#/definitions/RecommendedAction"
95
+ }
96
+ },
97
+ "strictTrustApplied": {
98
+ "description": "Whether strict trust mode was applied.",
99
+ "default": false,
100
+ "type": "boolean"
101
+ },
102
+ "trust": {
103
+ "description": "Trust summary for this review.",
104
+ "allOf": [
105
+ {
106
+ "$ref": "#/definitions/ReviewTrust"
107
+ }
108
+ ]
109
+ }
110
+ },
111
+ "definitions": {
112
+ "ConfidenceCounts": {
113
+ "type": "object",
114
+ "required": [
115
+ "high",
116
+ "low",
117
+ "medium"
118
+ ],
119
+ "properties": {
120
+ "high": {
121
+ "type": "integer",
122
+ "format": "uint",
123
+ "minimum": 0.0
124
+ },
125
+ "low": {
126
+ "type": "integer",
127
+ "format": "uint",
128
+ "minimum": 0.0
129
+ },
130
+ "medium": {
131
+ "type": "integer",
132
+ "format": "uint",
133
+ "minimum": 0.0
134
+ }
135
+ }
136
+ },
137
+ "Evidence": {
138
+ "description": "Evidence supporting a finding.",
139
+ "type": "object",
140
+ "required": [
141
+ "description",
142
+ "kind"
143
+ ],
144
+ "properties": {
145
+ "description": {
146
+ "description": "Description of this evidence.",
147
+ "type": "string"
148
+ },
149
+ "file": {
150
+ "description": "File path involved.",
151
+ "type": [
152
+ "string",
153
+ "null"
154
+ ]
155
+ },
156
+ "kind": {
157
+ "description": "Type of evidence.",
158
+ "type": "string"
159
+ },
160
+ "line": {
161
+ "description": "Line number, if applicable.",
162
+ "type": [
163
+ "integer",
164
+ "null"
165
+ ],
166
+ "format": "uint",
167
+ "minimum": 0.0
168
+ }
169
+ }
170
+ },
171
+ "ExecutionMode": {
172
+ "description": "Execution mode for daemon/oneshot distinction.",
173
+ "type": "string",
174
+ "enum": [
175
+ "oneshot",
176
+ "daemon"
177
+ ]
178
+ },
179
+ "Finding": {
180
+ "description": "A single finding from analysis.",
181
+ "type": "object",
182
+ "required": [
183
+ "category",
184
+ "code",
185
+ "confidence",
186
+ "id",
187
+ "message",
188
+ "severity",
189
+ "subject"
190
+ ],
191
+ "properties": {
192
+ "actionKinds": {
193
+ "description": "All applicable remediation action kinds.",
194
+ "type": "array",
195
+ "items": {
196
+ "$ref": "#/definitions/RemediationActionKind"
197
+ }
198
+ },
199
+ "category": {
200
+ "description": "Category of the finding.",
201
+ "allOf": [
202
+ {
203
+ "$ref": "#/definitions/FindingCategory"
204
+ }
205
+ ]
206
+ },
207
+ "code": {
208
+ "description": "Machine-readable code (e.g. `unused-export`, `cycle`, `boundary-violation`).",
209
+ "type": "string"
210
+ },
211
+ "confidence": {
212
+ "description": "Confidence level for this finding.",
213
+ "allOf": [
214
+ {
215
+ "$ref": "#/definitions/FindingConfidence"
216
+ }
217
+ ]
218
+ },
219
+ "evidence": {
220
+ "description": "Evidence supporting the finding.",
221
+ "type": "array",
222
+ "items": {
223
+ "$ref": "#/definitions/Evidence"
224
+ }
225
+ },
226
+ "frameworkContext": {
227
+ "description": "Framework context relevant to this finding.",
228
+ "type": [
229
+ "array",
230
+ "null"
231
+ ],
232
+ "items": {
233
+ "type": "string"
234
+ }
235
+ },
236
+ "id": {
237
+ "description": "Stable deterministic ID for this finding.",
238
+ "type": "string"
239
+ },
240
+ "message": {
241
+ "description": "Human-readable message.",
242
+ "type": "string"
243
+ },
244
+ "package": {
245
+ "description": "Package this finding belongs to, if applicable.",
246
+ "type": [
247
+ "string",
248
+ "null"
249
+ ]
250
+ },
251
+ "primaryActionKind": {
252
+ "description": "Primary remediation action kind for this finding.",
253
+ "anyOf": [
254
+ {
255
+ "$ref": "#/definitions/RemediationActionKind"
256
+ },
257
+ {
258
+ "type": "null"
259
+ }
260
+ ]
261
+ },
262
+ "ruleName": {
263
+ "description": "Name of the rule that produced this finding, if any.",
264
+ "type": [
265
+ "string",
266
+ "null"
267
+ ]
268
+ },
269
+ "severity": {
270
+ "description": "Severity level.",
271
+ "allOf": [
272
+ {
273
+ "$ref": "#/definitions/FindingSeverity"
274
+ }
275
+ ]
276
+ },
277
+ "subject": {
278
+ "description": "The subject of the finding (file path, export name, etc.).",
279
+ "type": "string"
280
+ },
281
+ "suggestion": {
282
+ "description": "Suggested fix.",
283
+ "type": [
284
+ "string",
285
+ "null"
286
+ ]
287
+ },
288
+ "trustNotes": {
289
+ "description": "Trust-related notes for this finding.",
290
+ "type": [
291
+ "array",
292
+ "null"
293
+ ],
294
+ "items": {
295
+ "type": "string"
296
+ }
297
+ },
298
+ "workspace": {
299
+ "description": "Workspace this finding belongs to, if applicable.",
300
+ "type": [
301
+ "string",
302
+ "null"
303
+ ]
304
+ }
305
+ }
306
+ },
307
+ "FindingCategory": {
308
+ "type": "string",
309
+ "enum": [
310
+ "unused-export",
311
+ "unused-file",
312
+ "unused-package",
313
+ "unused-dependency",
314
+ "cycle",
315
+ "boundary-violation",
316
+ "ownership-violation",
317
+ "impact"
318
+ ]
319
+ },
320
+ "FindingConfidence": {
321
+ "type": "string",
322
+ "enum": [
323
+ "high",
324
+ "medium",
325
+ "low"
326
+ ]
327
+ },
328
+ "FindingSeverity": {
329
+ "type": "string",
330
+ "enum": [
331
+ "error",
332
+ "warn",
333
+ "info"
334
+ ]
335
+ },
336
+ "RecommendedAction": {
337
+ "description": "A machine-readable recommended next action for an AI agent or CI system.",
338
+ "type": "object",
339
+ "required": [
340
+ "description",
341
+ "kind",
342
+ "priority"
343
+ ],
344
+ "properties": {
345
+ "command": {
346
+ "description": "The pruneguard command to run, if applicable.",
347
+ "type": [
348
+ "string",
349
+ "null"
350
+ ]
351
+ },
352
+ "description": {
353
+ "description": "Human-readable description of what to do.",
354
+ "type": "string"
355
+ },
356
+ "kind": {
357
+ "description": "Machine-readable action kind.",
358
+ "allOf": [
359
+ {
360
+ "$ref": "#/definitions/RecommendedActionKind"
361
+ }
362
+ ]
363
+ },
364
+ "priority": {
365
+ "description": "Priority rank (1 = most important).",
366
+ "type": "integer",
367
+ "format": "uint",
368
+ "minimum": 0.0
369
+ },
370
+ "targets": {
371
+ "description": "Targets this action applies to.",
372
+ "type": "array",
373
+ "items": {
374
+ "type": "string"
375
+ }
376
+ }
377
+ }
378
+ },
379
+ "RecommendedActionKind": {
380
+ "description": "Kind of recommended next action.",
381
+ "oneOf": [
382
+ {
383
+ "description": "Run safe-delete on identified targets.",
384
+ "type": "string",
385
+ "enum": [
386
+ "run-safe-delete"
387
+ ]
388
+ },
389
+ {
390
+ "description": "Run fix-plan for specific findings.",
391
+ "type": "string",
392
+ "enum": [
393
+ "run-fix-plan"
394
+ ]
395
+ },
396
+ {
397
+ "description": "Resolve blocking findings before merge.",
398
+ "type": "string",
399
+ "enum": [
400
+ "resolve-blocking"
401
+ ]
402
+ },
403
+ {
404
+ "description": "Investigate unresolved specifier pressure.",
405
+ "type": "string",
406
+ "enum": [
407
+ "fix-resolver-config"
408
+ ]
409
+ },
410
+ {
411
+ "description": "Review advisory findings.",
412
+ "type": "string",
413
+ "enum": [
414
+ "review-advisory"
415
+ ]
416
+ },
417
+ {
418
+ "description": "Run a full-scope scan for higher confidence.",
419
+ "type": "string",
420
+ "enum": [
421
+ "run-full-scope"
422
+ ]
423
+ },
424
+ {
425
+ "description": "Branch is clean; no action required.",
426
+ "type": "string",
427
+ "enum": [
428
+ "none"
429
+ ]
430
+ }
431
+ ]
432
+ },
433
+ "RemediationAction": {
434
+ "description": "A remediation action describing how to fix one or more findings.",
435
+ "type": "object",
436
+ "required": [
437
+ "confidence",
438
+ "id",
439
+ "kind",
440
+ "risk",
441
+ "targets",
442
+ "why"
443
+ ],
444
+ "properties": {
445
+ "confidence": {
446
+ "description": "Confidence in this action's correctness.",
447
+ "allOf": [
448
+ {
449
+ "$ref": "#/definitions/FindingConfidence"
450
+ }
451
+ ]
452
+ },
453
+ "findingIds": {
454
+ "description": "IDs of findings this action addresses.",
455
+ "type": "array",
456
+ "items": {
457
+ "type": "string"
458
+ }
459
+ },
460
+ "id": {
461
+ "description": "Unique identifier for this action.",
462
+ "type": "string"
463
+ },
464
+ "kind": {
465
+ "description": "The kind of remediation to perform.",
466
+ "allOf": [
467
+ {
468
+ "$ref": "#/definitions/RemediationActionKind"
469
+ }
470
+ ]
471
+ },
472
+ "phase": {
473
+ "description": "Phase this action belongs to (dead-code, architecture, governance).",
474
+ "type": [
475
+ "string",
476
+ "null"
477
+ ]
478
+ },
479
+ "preconditions": {
480
+ "description": "Conditions that must be true before this action can be applied.",
481
+ "type": "array",
482
+ "items": {
483
+ "type": "string"
484
+ }
485
+ },
486
+ "rank": {
487
+ "description": "Ranking position within the plan (1-based, lower = do first).",
488
+ "type": [
489
+ "integer",
490
+ "null"
491
+ ],
492
+ "format": "uint",
493
+ "minimum": 0.0
494
+ },
495
+ "risk": {
496
+ "description": "Risk level of this action.",
497
+ "allOf": [
498
+ {
499
+ "$ref": "#/definitions/RiskLevel"
500
+ }
501
+ ]
502
+ },
503
+ "steps": {
504
+ "description": "Ordered steps to execute.",
505
+ "type": "array",
506
+ "items": {
507
+ "$ref": "#/definitions/RemediationStep"
508
+ }
509
+ },
510
+ "targets": {
511
+ "description": "Files or exports this action targets.",
512
+ "type": "array",
513
+ "items": {
514
+ "type": "string"
515
+ }
516
+ },
517
+ "verification": {
518
+ "description": "Verification commands to run after applying the action.",
519
+ "type": "array",
520
+ "items": {
521
+ "type": "string"
522
+ }
523
+ },
524
+ "why": {
525
+ "description": "Human-readable rationale explaining why this action is needed.",
526
+ "type": "string"
527
+ }
528
+ }
529
+ },
530
+ "RemediationActionKind": {
531
+ "description": "The kind of remediation action to take.",
532
+ "type": "string",
533
+ "enum": [
534
+ "delete-file",
535
+ "delete-export",
536
+ "remove-dependency",
537
+ "break-cycle",
538
+ "move-import",
539
+ "tighten-entrypoint",
540
+ "update-boundary-rule",
541
+ "assign-owner",
542
+ "split-package",
543
+ "acknowledge-baseline"
544
+ ]
545
+ },
546
+ "RemediationStep": {
547
+ "description": "A single step in a remediation action.",
548
+ "type": "object",
549
+ "required": [
550
+ "description"
551
+ ],
552
+ "properties": {
553
+ "action": {
554
+ "type": [
555
+ "string",
556
+ "null"
557
+ ]
558
+ },
559
+ "description": {
560
+ "type": "string"
561
+ },
562
+ "file": {
563
+ "type": [
564
+ "string",
565
+ "null"
566
+ ]
567
+ }
568
+ }
569
+ },
570
+ "ReviewTrust": {
571
+ "description": "Trust summary within a review report.",
572
+ "type": "object",
573
+ "required": [
574
+ "baselineApplied",
575
+ "confidenceCounts",
576
+ "fullScope",
577
+ "unresolvedPressure"
578
+ ],
579
+ "properties": {
580
+ "baselineApplied": {
581
+ "description": "Whether a baseline was applied.",
582
+ "type": "boolean"
583
+ },
584
+ "confidenceCounts": {
585
+ "description": "Confidence counts for new findings.",
586
+ "allOf": [
587
+ {
588
+ "$ref": "#/definitions/ConfidenceCounts"
589
+ }
590
+ ]
591
+ },
592
+ "executionMode": {
593
+ "description": "Execution mode used for this analysis.",
594
+ "anyOf": [
595
+ {
596
+ "$ref": "#/definitions/ExecutionMode"
597
+ },
598
+ {
599
+ "type": "null"
600
+ }
601
+ ]
602
+ },
603
+ "fullScope": {
604
+ "description": "Whether full-scope analysis was performed.",
605
+ "type": "boolean"
606
+ },
607
+ "unresolvedPressure": {
608
+ "description": "Unresolved specifier pressure ratio.",
609
+ "type": "number",
610
+ "format": "double"
611
+ }
612
+ }
613
+ },
614
+ "RiskLevel": {
615
+ "description": "Risk level for a remediation action or fix plan.",
616
+ "type": "string",
617
+ "enum": [
618
+ "low",
619
+ "medium",
620
+ "high"
621
+ ]
622
+ }
623
+ }
624
+ }