shiplint 0.1.0

package/README.md

@@ -0,0 +1,107 @@
+# ReviewShield
+
+🛡️ Catch App Store rejections before they happen.
+
+ReviewShield scans your iOS project for App Store Review Guideline violations and tells you exactly how to fix them.
+
+## Installation
+
+```bash
+npm install -g reviewshield
+```
+
+Or with npx (no install required):
+
+```bash
+npx reviewshield scan ./MyApp.xcodeproj
+```
+
+## The Problem
+
+App Store rejections cost time and money:
+- 2-7 day review delays
+- Missed launch windows
+- Frustrated users waiting for updates
+
+Common culprits: missing privacy descriptions, Sign in with Apple requirements, tracking compliance — all preventable.
+
+## The Solution
+
+ReviewShield catches these issues **before** you submit:
+
+```bash
+$ reviewshield scan ./MyApp.xcodeproj
+
+🛡️  ReviewShield Scan Results
+
+🔍 Found 2 issue(s):
+
+1. [CRITICAL] Missing Camera Usage Description
+   📍 Info.plist • 📋 Guideline 5.1.1
+   
+   Your app uses AVFoundation but Info.plist is missing 
+   NSCameraUsageDescription...
+   
+   How to fix:
+   Add NSCameraUsageDescription to your Info.plist...
+
+2. [CRITICAL] Third-Party Login Without Sign in with Apple
+   📍 Entitlements • 📋 Guideline 4.8
+   
+   Your app includes Google Sign-In but Sign in with Apple 
+   is not configured...
+```
+
+## What We Check
+
+| Category | Rules |
+|----------|-------|
+| **Privacy** | Camera, Location, Microphone, Photos, Contacts usage descriptions |
+| **Tracking** | ATT compliance, tracking SDK detection |
+| **Authentication** | Sign in with Apple requirements |
+| **Security** | App Transport Security, Privacy Manifests (iOS 17+) |
+
+10 rules today, more coming weekly.
+
+## Usage
+
+```bash
+# Scan an Xcode project
+reviewshield scan ./MyApp.xcodeproj
+
+# Scan a directory
+reviewshield scan ./ios
+
+# Output as JSON
+reviewshield scan ./MyApp.xcodeproj --format json
+```
+
+## Rules (10 and growing)
+
+**Privacy (Guideline 5.1.1)**
+- `missing-camera-purpose` - Camera usage without NSCameraUsageDescription
+- `missing-microphone-purpose` - Microphone usage without NSMicrophoneUsageDescription  
+- `missing-location-purpose` - Location usage without NSLocationUsageDescription
+- `missing-photo-library-purpose` - Photo library usage without NSPhotoLibraryUsageDescription
+- `missing-contacts-purpose` - Contacts usage without NSContactsUsageDescription
+- `location-always-unjustified` - "Always" location without proper justification
+- `att-tracking-mismatch` - ATT framework without NSUserTrackingUsageDescription
+
+**Authentication (Guideline 4.8)**
+- `third-party-login-no-siwa` - Third-party login without Sign in with Apple
+
+**Security (Guideline 2.1)**
+- `ats-exception-without-justification` - App Transport Security exceptions
+
+**Metadata (iOS 17+)**
+- `missing-privacy-manifest` - Missing PrivacyInfo.xcprivacy for required APIs
+
+## Coming Soon
+
+**ReviewShield GitHub App** — automatic PR checks, no setup required.
+
+Join the waitlist: [reviewshield.dev](https://reviewshield.dev)
+
+---
+
+© 2026 Signal26. All rights reserved.

package/dist/cli/index.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/cli/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/cli/index.ts"],"names":[],"mappings":""}

package/dist/cli/index.js

@@ -0,0 +1,101 @@
+#!/usr/bin/env node
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+/**
+ * ReviewShield CLI
+ *
+ * App Store Review Guideline scanner for iOS projects
+ */
+const commander_1 = require("commander");
+const scanner_js_1 = require("../core/scanner.js");
+const index_js_1 = require("../formatters/index.js");
+const index_js_2 = require("../rules/index.js");
+const index_js_3 = require("../types/index.js");
+const program = new commander_1.Command();
+program
+    .name('reviewshield')
+    .description('App Store Review Guideline scanner for iOS projects')
+    .version('0.1.0');
+program
+    .command('scan')
+    .description('Scan an Xcode project for potential App Store Review issues')
+    .argument('<path>', 'Path to Xcode project, workspace, or directory')
+    .option('-f, --format <format>', 'Output format: text, json, sarif', 'text')
+    .option('-v, --verbose', 'Show verbose output', false)
+    .option('-r, --rules <rules...>', 'Only run specific rules (by ID)')
+    .option('-e, --exclude <rules...>', 'Exclude specific rules (by ID)')
+    .action(async (path, options) => {
+    try {
+        const outputFormat = parseOutputFormat(options.format);
+        const result = await (0, scanner_js_1.scan)({
+            path,
+            format: outputFormat,
+            verbose: options.verbose,
+            rules: options.rules,
+            exclude: options.exclude,
+        });
+        const output = await (0, index_js_1.format)(result, outputFormat);
+        console.log(output);
+        // Exit with error code if critical issues found
+        const hasCritical = result.findings.some(f => f.severity === 'critical');
+        if (hasCritical) {
+            process.exit(1);
+        }
+    }
+    catch (error) {
+        if (error instanceof Error) {
+            console.error(`Error: ${error.message}`);
+            if (options.verbose) {
+                console.error(error.stack);
+            }
+        }
+        else {
+            console.error('An unknown error occurred');
+        }
+        process.exit(1);
+    }
+});
+program
+    .command('rules')
+    .description('List all available rules')
+    .option('-f, --format <format>', 'Output format: text, json', 'text')
+    .action((options) => {
+    if (options.format === 'json') {
+        const rules = index_js_2.allRules.map(rule => ({
+            id: rule.id,
+            name: rule.name,
+            description: rule.description,
+            category: rule.category,
+            severity: rule.severity,
+            guideline: rule.guidelineReference,
+        }));
+        console.log(JSON.stringify(rules, null, 2));
+    }
+    else {
+        console.log('\n🛡️  ReviewShield Rules\n');
+        console.log('='.repeat(60));
+        for (const rule of index_js_2.allRules) {
+            console.log(`\n${rule.id}`);
+            console.log(`  Name:        ${rule.name}`);
+            console.log(`  Category:    ${rule.category}`);
+            console.log(`  Severity:    ${rule.severity}`);
+            console.log(`  Guideline:   ${rule.guidelineReference}`);
+            console.log(`  Description: ${rule.description}`);
+        }
+        console.log('\n');
+    }
+});
+function parseOutputFormat(format) {
+    switch (format.toLowerCase()) {
+        case 'text':
+            return index_js_3.OutputFormat.Text;
+        case 'json':
+            return index_js_3.OutputFormat.JSON;
+        case 'sarif':
+            return index_js_3.OutputFormat.SARIF;
+        default:
+            throw new Error(`Unknown output format: ${format}. Use text, json, or sarif.`);
+    }
+}
+program.parse();
+//# sourceMappingURL=index.js.map

package/dist/cli/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/cli/index.ts"],"names":[],"mappings":";;;AACA;;;;GAIG;AACH,yCAAoC;AACpC,mDAA0C;AAC1C,qDAAgD;AAChD,gDAA6C;AAC7C,gDAAiD;AAEjD,MAAM,OAAO,GAAG,IAAI,mBAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,cAAc,CAAC;KACpB,WAAW,CAAC,qDAAqD,CAAC;KAClE,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpB,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,6DAA6D,CAAC;KAC1E,QAAQ,CAAC,QAAQ,EAAE,gDAAgD,CAAC;KACpE,MAAM,CAAC,uBAAuB,EAAE,kCAAkC,EAAE,MAAM,CAAC;KAC3E,MAAM,CAAC,eAAe,EAAE,qBAAqB,EAAE,KAAK,CAAC;KACrD,MAAM,CAAC,wBAAwB,EAAE,iCAAiC,CAAC;KACnE,MAAM,CAAC,0BAA0B,EAAE,gCAAgC,CAAC;KACpE,MAAM,CAAC,KAAK,EAAE,IAAY,EAAE,OAAO,EAAE,EAAE;IACtC,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,iBAAiB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAEvD,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAI,EAAC;YACxB,IAAI;YACJ,MAAM,EAAE,YAAY;YACpB,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,OAAO,EAAE,OAAO,CAAC,OAAO;SACzB,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAM,EAAC,MAAM,EAAE,YAAY,CAAC,CAAC;QAClD,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAEpB,gDAAgD;QAChD,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QACzE,IAAI,WAAW,EAAE,CAAC;YAChB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;YAC3B,OAAO,CAAC,KAAK,CAAC,UAAU,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACzC,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;gBACpB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;YAC7B,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;QAC7C,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,0BAA0B,CAAC;KACvC,MAAM,CAAC,uBAAuB,EAAE,2BAA2B,EAAE,MAAM,CAAC;KACpE,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE;IAClB,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC9B,MAAM,KAAK,GAAG,mBAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAClC,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,SAAS,EAAE,IAAI,CAAC,kBAAkB;SACnC,CAAC,CAAC,CAAC;QACJ,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC9C,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;QAC3C,OAAO,CAAC,GAAG,CAAC,GAAG,CAAE,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAE7B,KAAK,MAAM,IAAI,IAAI,mBAAQ,EAAE,CAAC;YAC5B,OAAO,CAAC,GAAG,CAAC,KAAK,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;YAC5B,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;YAC3C,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC/C,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC/C,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,CAAC,kBAAkB,EAAE,CAAC,CAAC;YACzD,OAAO,CAAC,GAAG,CAAC,kBAAkB,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;QACpD,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACpB,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,SAAS,iBAAiB,CAAC,MAAc;IACvC,QAAQ,MAAM,CAAC,WAAW,EAAE,EAAE,CAAC;QAC7B,KAAK,MAAM;YACT,OAAO,uBAAY,CAAC,IAAI,CAAC;QAC3B,KAAK,MAAM;YACT,OAAO,uBAAY,CAAC,IAAI,CAAC;QAC3B,KAAK,OAAO;YACV,OAAO,uBAAY,CAAC,KAAK,CAAC;QAC5B;YACE,MAAM,IAAI,KAAK,CAAC,0BAA0B,MAAM,6BAA6B,CAAC,CAAC;IACnF,CAAC;AACH,CAAC;AAED,OAAO,CAAC,KAAK,EAAE,CAAC"}

package/dist/core/index.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Core module exports
+ */
+export * from './scanner.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/core/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/core/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,cAAc,cAAc,CAAC"}

package/dist/core/index.js

@@ -0,0 +1,21 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+/**
+ * Core module exports
+ */
+__exportStar(require("./scanner.js"), exports);
+//# sourceMappingURL=index.js.map

package/dist/core/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/core/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA;;GAEG;AACH,+CAA6B"}

package/dist/core/scanner.d.ts

@@ -0,0 +1,27 @@
+/**
+ * Core scan engine
+ */
+import type { Rule, Finding, ScanResult, ScanContext, ScanOptions } from '../types/index.js';
+/**
+ * Error thrown when invalid rule IDs are specified
+ */
+export declare class InvalidRulesError extends Error {
+    unknownIds: string[];
+    availableIds: string[];
+    constructor(unknownIds: string[], availableIds: string[]);
+}
+/**
+ * Error thrown when no rules would be run
+ */
+export declare class NoRulesError extends Error {
+    constructor(message: string);
+}
+/**
+ * Run a scan on the given path
+ */
+export declare function scan(options: ScanOptions): Promise<ScanResult>;
+/**
+ * Run a scan with a pre-built context (for testing)
+ */
+export declare function scanWithContext(context: ScanContext, rules?: Rule[]): Promise<Finding[]>;
+//# sourceMappingURL=scanner.d.ts.map

package/dist/core/scanner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../src/core/scanner.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAI7F;;GAEG;AACH,qBAAa,iBAAkB,SAAQ,KAAK;IACvB,UAAU,EAAE,MAAM,EAAE;IAAS,YAAY,EAAE,MAAM,EAAE;gBAAnD,UAAU,EAAE,MAAM,EAAE,EAAS,YAAY,EAAE,MAAM,EAAE;CAOvE;AAED;;GAEG;AACH,qBAAa,YAAa,SAAQ,KAAK;gBACzB,OAAO,EAAE,MAAM;CAI5B;AAED;;GAEG;AACH,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CA0EpE;AAED;;GAEG;AACH,wBAAsB,eAAe,CACnC,OAAO,EAAE,WAAW,EACpB,KAAK,CAAC,EAAE,IAAI,EAAE,GACb,OAAO,CAAC,OAAO,EAAE,CAAC,CAUpB"}

package/dist/core/scanner.js

@@ -0,0 +1,104 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.NoRulesError = exports.InvalidRulesError = void 0;
+exports.scan = scan;
+exports.scanWithContext = scanWithContext;
+const project_parser_js_1 = require("../parsers/project-parser.js");
+const index_js_1 = require("../rules/index.js");
+/**
+ * Error thrown when invalid rule IDs are specified
+ */
+class InvalidRulesError extends Error {
+    unknownIds;
+    availableIds;
+    constructor(unknownIds, availableIds) {
+        super(`Unknown rule ID(s): ${unknownIds.join(', ')}. ` +
+            `Available rules: ${availableIds.join(', ')}`);
+        this.unknownIds = unknownIds;
+        this.availableIds = availableIds;
+        this.name = 'InvalidRulesError';
+    }
+}
+exports.InvalidRulesError = InvalidRulesError;
+/**
+ * Error thrown when no rules would be run
+ */
+class NoRulesError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'NoRulesError';
+    }
+}
+exports.NoRulesError = NoRulesError;
+/**
+ * Run a scan on the given path
+ */
+async function scan(options) {
+    const startTime = Date.now();
+    // Discover project structure
+    const discovery = (0, project_parser_js_1.discoverProject)(options.path);
+    // Create scan context
+    const context = (0, project_parser_js_1.createScanContext)(discovery);
+    // Determine which rules to run
+    let rules;
+    if (options.rules && options.rules.length > 0) {
+        // BUG FIX #2: Validate rule IDs and error on unknown
+        const { rules: foundRules, unknownIds } = (0, index_js_1.getRulesWithValidation)(options.rules);
+        if (unknownIds.length > 0) {
+            throw new InvalidRulesError(unknownIds, index_js_1.allRules.map(r => r.id));
+        }
+        if (foundRules.length === 0) {
+            throw new NoRulesError('No valid rules to run. Check your --rules argument.');
+        }
+        rules = foundRules;
+    }
+    else if (options.exclude && options.exclude.length > 0) {
+        rules = (0, index_js_1.getRulesExcluding)(options.exclude);
+        if (rules.length === 0) {
+            throw new NoRulesError('All rules were excluded. At least one rule must run.');
+        }
+    }
+    else {
+        rules = index_js_1.allRules;
+    }
+    // Final safety check: never run with zero rules
+    if (rules.length === 0) {
+        throw new NoRulesError('No rules available to run. This should not happen - please report this bug.');
+    }
+    // Run all rules
+    const findings = [];
+    const rulesRun = [];
+    for (const rule of rules) {
+        try {
+            const ruleFindings = await rule.evaluate(context);
+            findings.push(...ruleFindings);
+            rulesRun.push(rule.id);
+        }
+        catch (error) {
+            if (options.verbose) {
+                console.error(`Error running rule ${rule.id}:`, error);
+            }
+        }
+    }
+    const duration = Date.now() - startTime;
+    return {
+        projectPath: options.path,
+        timestamp: new Date(),
+        findings,
+        rulesRun,
+        duration,
+    };
+}
+/**
+ * Run a scan with a pre-built context (for testing)
+ */
+async function scanWithContext(context, rules) {
+    const rulesToRun = rules ?? index_js_1.allRules;
+    const findings = [];
+    for (const rule of rulesToRun) {
+        const ruleFindings = await rule.evaluate(context);
+        findings.push(...ruleFindings);
+    }
+    return findings;
+}
+//# sourceMappingURL=scanner.js.map

package/dist/core/scanner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scanner.js","sourceRoot":"","sources":["../../src/core/scanner.ts"],"names":[],"mappings":";;;AAiCA,oBA0EC;AAKD,0CAaC;AAzHD,oEAAkF;AAClF,gDAAwF;AAExF;;GAEG;AACH,MAAa,iBAAkB,SAAQ,KAAK;IACvB;IAA6B;IAAhD,YAAmB,UAAoB,EAAS,YAAsB;QACpE,KAAK,CACH,uBAAuB,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI;YAChD,oBAAoB,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC9C,CAAC;QAJe,eAAU,GAAV,UAAU,CAAU;QAAS,iBAAY,GAAZ,YAAY,CAAU;QAKpE,IAAI,CAAC,IAAI,GAAG,mBAAmB,CAAC;IAClC,CAAC;CACF;AARD,8CAQC;AAED;;GAEG;AACH,MAAa,YAAa,SAAQ,KAAK;IACrC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,cAAc,CAAC;IAC7B,CAAC;CACF;AALD,oCAKC;AAED;;GAEG;AACI,KAAK,UAAU,IAAI,CAAC,OAAoB;IAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,6BAA6B;IAC7B,MAAM,SAAS,GAAG,IAAA,mCAAe,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IAEhD,sBAAsB;IACtB,MAAM,OAAO,GAAG,IAAA,qCAAiB,EAAC,SAAS,CAAC,CAAC;IAE7C,+BAA+B;IAC/B,IAAI,KAAa,CAAC;IAElB,IAAI,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9C,qDAAqD;QACrD,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,UAAU,EAAE,GAAG,IAAA,iCAAsB,EAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QAEhF,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1B,MAAM,IAAI,iBAAiB,CACzB,UAAU,EACV,mBAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CACxB,CAAC;QACJ,CAAC;QAED,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5B,MAAM,IAAI,YAAY,CACpB,qDAAqD,CACtD,CAAC;QACJ,CAAC;QAED,KAAK,GAAG,UAAU,CAAC;IACrB,CAAC;SAAM,IAAI,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzD,KAAK,GAAG,IAAA,4BAAiB,EAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAE3C,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,MAAM,IAAI,YAAY,CACpB,sDAAsD,CACvD,CAAC;QACJ,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,GAAG,mBAAQ,CAAC;IACnB,CAAC;IAED,gDAAgD;IAChD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,YAAY,CACpB,6EAA6E,CAC9E,CAAC;IACJ,CAAC;IAED,gBAAgB;IAChB,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,CAAC;YACH,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YAClD,QAAQ,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAC;YAC/B,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACzB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;gBACpB,OAAO,CAAC,KAAK,CAAC,sBAAsB,IAAI,CAAC,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;IAExC,OAAO;QACL,WAAW,EAAE,OAAO,CAAC,IAAI;QACzB,SAAS,EAAE,IAAI,IAAI,EAAE;QACrB,QAAQ;QACR,QAAQ;QACR,QAAQ;KACT,CAAC;AACJ,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,eAAe,CACnC,OAAoB,EACpB,KAAc;IAEd,MAAM,UAAU,GAAG,KAAK,IAAI,mBAAQ,CAAC;IACrC,MAAM,QAAQ,GAAc,EAAE,CAAC;IAE/B,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;QAC9B,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAClD,QAAQ,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAC;IACjC,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/dist/formatters/index.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Formatters module exports
+ */
+import type { ScanResult } from '../types/index.js';
+import { OutputFormat } from '../types/index.js';
+export { formatText } from './text.js';
+export { formatJSON, formatJSONCompact } from './json.js';
+export { formatSARIF } from './sarif.js';
+/**
+ * Format scan results based on output format
+ */
+export declare function format(result: ScanResult, outputFormat: OutputFormat): Promise<string>;
+//# sourceMappingURL=index.d.ts.map

package/dist/formatters/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/formatters/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAKjD,OAAO,EAAE,UAAU,EAAE,MAAM,WAAW,CAAC;AACvC,OAAO,EAAE,UAAU,EAAE,iBAAiB,EAAE,MAAM,WAAW,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAEzC;;GAEG;AACH,wBAAsB,MAAM,CAAC,MAAM,EAAE,UAAU,EAAE,YAAY,EAAE,YAAY,GAAG,OAAO,CAAC,MAAM,CAAC,CAS5F"}

package/dist/formatters/index.js

@@ -0,0 +1,29 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.formatSARIF = exports.formatJSONCompact = exports.formatJSON = exports.formatText = void 0;
+exports.format = format;
+const index_js_1 = require("../types/index.js");
+const text_js_1 = require("./text.js");
+const json_js_1 = require("./json.js");
+const sarif_js_1 = require("./sarif.js");
+var text_js_2 = require("./text.js");
+Object.defineProperty(exports, "formatText", { enumerable: true, get: function () { return text_js_2.formatText; } });
+var json_js_2 = require("./json.js");
+Object.defineProperty(exports, "formatJSON", { enumerable: true, get: function () { return json_js_2.formatJSON; } });
+Object.defineProperty(exports, "formatJSONCompact", { enumerable: true, get: function () { return json_js_2.formatJSONCompact; } });
+var sarif_js_2 = require("./sarif.js");
+Object.defineProperty(exports, "formatSARIF", { enumerable: true, get: function () { return sarif_js_2.formatSARIF; } });
+/**
+ * Format scan results based on output format
+ */
+async function format(result, outputFormat) {
+    switch (outputFormat) {
+        case index_js_1.OutputFormat.Text:
+            return (0, text_js_1.formatText)(result);
+        case index_js_1.OutputFormat.JSON:
+            return (0, json_js_1.formatJSON)(result);
+        case index_js_1.OutputFormat.SARIF:
+            return (0, sarif_js_1.formatSARIF)(result);
+    }
+}
+//# sourceMappingURL=index.js.map

package/dist/formatters/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/formatters/index.ts"],"names":[],"mappings":";;;AAgBA,wBASC;AArBD,gDAAiD;AACjD,uCAAuC;AACvC,uCAAuC;AACvC,yCAAyC;AAEzC,qCAAuC;AAA9B,qGAAA,UAAU,OAAA;AACnB,qCAA0D;AAAjD,qGAAA,UAAU,OAAA;AAAE,4GAAA,iBAAiB,OAAA;AACtC,uCAAyC;AAAhC,uGAAA,WAAW,OAAA;AAEpB;;GAEG;AACI,KAAK,UAAU,MAAM,CAAC,MAAkB,EAAE,YAA0B;IACzE,QAAQ,YAAY,EAAE,CAAC;QACrB,KAAK,uBAAY,CAAC,IAAI;YACpB,OAAO,IAAA,oBAAU,EAAC,MAAM,CAAC,CAAC;QAC5B,KAAK,uBAAY,CAAC,IAAI;YACpB,OAAO,IAAA,oBAAU,EAAC,MAAM,CAAC,CAAC;QAC5B,KAAK,uBAAY,CAAC,KAAK;YACrB,OAAO,IAAA,sBAAW,EAAC,MAAM,CAAC,CAAC;IAC/B,CAAC;AACH,CAAC"}

package/dist/formatters/json.d.ts

@@ -0,0 +1,13 @@
+/**
+ * JSON formatter for machine-readable output
+ */
+import type { ScanResult } from '../types/index.js';
+/**
+ * Format scan results as JSON
+ */
+export declare function formatJSON(result: ScanResult): string;
+/**
+ * Format scan results as compact JSON (single line)
+ */
+export declare function formatJSONCompact(result: ScanResult): string;
+//# sourceMappingURL=json.d.ts.map

package/dist/formatters/json.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"json.d.ts","sourceRoot":"","sources":["../../src/formatters/json.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAEpD;;GAEG;AACH,wBAAgB,UAAU,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CAErD;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CAE5D"}

package/dist/formatters/json.js

@@ -0,0 +1,17 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.formatJSON = formatJSON;
+exports.formatJSONCompact = formatJSONCompact;
+/**
+ * Format scan results as JSON
+ */
+function formatJSON(result) {
+    return JSON.stringify(result, null, 2);
+}
+/**
+ * Format scan results as compact JSON (single line)
+ */
+function formatJSONCompact(result) {
+    return JSON.stringify(result);
+}
+//# sourceMappingURL=json.js.map

package/dist/formatters/json.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"json.js","sourceRoot":"","sources":["../../src/formatters/json.ts"],"names":[],"mappings":";;AAQA,gCAEC;AAKD,8CAEC;AAZD;;GAEG;AACH,SAAgB,UAAU,CAAC,MAAkB;IAC3C,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACzC,CAAC;AAED;;GAEG;AACH,SAAgB,iBAAiB,CAAC,MAAkB;IAClD,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;AAChC,CAAC"}

package/dist/formatters/sarif.d.ts

@@ -0,0 +1,14 @@
+/**
+ * SARIF formatter for CI/CD integration
+ *
+ * SARIF (Static Analysis Results Interchange Format) is a standard format
+ * for static analysis tools. It's supported by GitHub, Azure DevOps, and others.
+ *
+ * @see https://sarifweb.azurewebsites.net/
+ */
+import type { ScanResult } from '../types/index.js';
+/**
+ * Format scan results as SARIF
+ */
+export declare function formatSARIF(result: ScanResult): string;
+//# sourceMappingURL=sarif.d.ts.map

package/dist/formatters/sarif.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sarif.d.ts","sourceRoot":"","sources":["../../src/formatters/sarif.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AACH,OAAO,KAAK,EAAE,UAAU,EAAW,MAAM,mBAAmB,CAAC;AAqF7D;;GAEG;AACH,wBAAgB,WAAW,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CA0BtD"}

package/dist/formatters/sarif.js

@@ -0,0 +1,108 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.formatSARIF = formatSARIF;
+const index_js_1 = require("../types/index.js");
+/**
+ * SARIF schema version
+ */
+const SARIF_VERSION = '2.1.0';
+const SARIF_SCHEMA = 'https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json';
+/**
+ * Convert severity to SARIF level
+ */
+function toSarifLevel(severity) {
+    switch (severity) {
+        case index_js_1.Severity.Critical:
+        case index_js_1.Severity.High:
+            return 'error';
+        case index_js_1.Severity.Medium:
+            return 'warning';
+        case index_js_1.Severity.Low:
+        case index_js_1.Severity.Info:
+            return 'note';
+    }
+}
+/**
+ * Convert finding to SARIF result
+ */
+function toSarifResult(finding) {
+    const result = {
+        ruleId: finding.ruleId,
+        level: toSarifLevel(finding.severity),
+        message: {
+            text: finding.description,
+        },
+        properties: {
+            confidence: finding.confidence,
+            guideline: finding.guideline,
+            fixGuidance: finding.fixGuidance,
+        },
+    };
+    if (finding.location) {
+        result.locations = [
+            {
+                physicalLocation: {
+                    artifactLocation: {
+                        uri: finding.location,
+                    },
+                },
+            },
+        ];
+    }
+    return result;
+}
+/**
+ * Build SARIF rules array from findings
+ */
+function buildRules(findings) {
+    const ruleMap = new Map();
+    for (const finding of findings) {
+        if (!ruleMap.has(finding.ruleId)) {
+            ruleMap.set(finding.ruleId, finding);
+        }
+    }
+    return Array.from(ruleMap.values()).map(finding => ({
+        id: finding.ruleId,
+        name: finding.title,
+        shortDescription: {
+            text: finding.title,
+        },
+        fullDescription: {
+            text: finding.description,
+        },
+        helpUri: finding.documentationURL,
+        properties: {
+            guideline: finding.guideline,
+        },
+    }));
+}
+/**
+ * Format scan results as SARIF
+ */
+function formatSARIF(result) {
+    const sarif = {
+        $schema: SARIF_SCHEMA,
+        version: SARIF_VERSION,
+        runs: [
+            {
+                tool: {
+                    driver: {
+                        name: 'ReviewShield',
+                        version: '0.1.0',
+                        informationUri: 'https://github.com/kazuochi/ReviewShield_iOS',
+                        rules: buildRules(result.findings),
+                    },
+                },
+                results: result.findings.map(toSarifResult),
+                invocations: [
+                    {
+                        executionSuccessful: true,
+                        endTimeUtc: result.timestamp.toISOString(),
+                    },
+                ],
+            },
+        ],
+    };
+    return JSON.stringify(sarif, null, 2);
+}
+//# sourceMappingURL=sarif.js.map

package/dist/formatters/sarif.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sarif.js","sourceRoot":"","sources":["../../src/formatters/sarif.ts"],"names":[],"mappings":";;AAgGA,kCA0BC;AAjHD,gDAA6C;AAE7C;;GAEG;AACH,MAAM,aAAa,GAAG,OAAO,CAAC;AAC9B,MAAM,YAAY,GAAG,gGAAgG,CAAC;AAEtH;;GAEG;AACH,SAAS,YAAY,CAAC,QAAkB;IACtC,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,mBAAQ,CAAC,QAAQ,CAAC;QACvB,KAAK,mBAAQ,CAAC,IAAI;YAChB,OAAO,OAAO,CAAC;QACjB,KAAK,mBAAQ,CAAC,MAAM;YAClB,OAAO,SAAS,CAAC;QACnB,KAAK,mBAAQ,CAAC,GAAG,CAAC;QAClB,KAAK,mBAAQ,CAAC,IAAI;YAChB,OAAO,MAAM,CAAC;IAClB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,OAAgB;IACrC,MAAM,MAAM,GAA4B;QACtC,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,KAAK,EAAE,YAAY,CAAC,OAAO,CAAC,QAAQ,CAAC;QACrC,OAAO,EAAE;YACP,IAAI,EAAE,OAAO,CAAC,WAAW;SAC1B;QACD,UAAU,EAAE;YACV,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,WAAW,EAAE,OAAO,CAAC,WAAW;SACjC;KACF,CAAC;IAEF,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACrB,MAAM,CAAC,SAAS,GAAG;YACjB;gBACE,gBAAgB,EAAE;oBAChB,gBAAgB,EAAE;wBAChB,GAAG,EAAE,OAAO,CAAC,QAAQ;qBACtB;iBACF;aACF;SACF,CAAC;IACJ,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,SAAS,UAAU,CAAC,QAAmB;IACrC,MAAM,OAAO,GAAG,IAAI,GAAG,EAAmB,CAAC;IAE3C,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YACjC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACvC,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAClD,EAAE,EAAE,OAAO,CAAC,MAAM;QAClB,IAAI,EAAE,OAAO,CAAC,KAAK;QACnB,gBAAgB,EAAE;YAChB,IAAI,EAAE,OAAO,CAAC,KAAK;SACpB;QACD,eAAe,EAAE;YACf,IAAI,EAAE,OAAO,CAAC,WAAW;SAC1B;QACD,OAAO,EAAE,OAAO,CAAC,gBAAgB;QACjC,UAAU,EAAE;YACV,SAAS,EAAE,OAAO,CAAC,SAAS;SAC7B;KACF,CAAC,CAAC,CAAC;AACN,CAAC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,MAAkB;IAC5C,MAAM,KAAK,GAAG;QACZ,OAAO,EAAE,YAAY;QACrB,OAAO,EAAE,aAAa;QACtB,IAAI,EAAE;YACJ;gBACE,IAAI,EAAE;oBACJ,MAAM,EAAE;wBACN,IAAI,EAAE,cAAc;wBACpB,OAAO,EAAE,OAAO;wBAChB,cAAc,EAAE,8CAA8C;wBAC9D,KAAK,EAAE,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC;qBACnC;iBACF;gBACD,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,aAAa,CAAC;gBAC3C,WAAW,EAAE;oBACX;wBACE,mBAAmB,EAAE,IAAI;wBACzB,UAAU,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW,EAAE;qBAC3C;iBACF;aACF;SACF;KACF,CAAC;IAEF,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACxC,CAAC"}

package/dist/formatters/text.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Text formatter for human-readable output
+ */
+import type { ScanResult } from '../types/index.js';
+/**
+ * Format scan results as text
+ */
+export declare function formatText(result: ScanResult): Promise<string>;
+//# sourceMappingURL=text.d.ts.map

package/dist/formatters/text.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"text.d.ts","sourceRoot":"","sources":["../../src/formatters/text.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,KAAK,EAAE,UAAU,EAAW,MAAM,mBAAmB,CAAC;AAyF7D;;GAEG;AACH,wBAAsB,UAAU,CAAC,MAAM,EAAE,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,CAuDpE"}