npm - tryassay - Versions diffs - 0.33.1 → 0.34.0 - Mend

tryassay 0.33.1 → 0.34.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (126) hide show

package/dist/cli.js +20 -0
package/dist/cli.js.map +1 -1
package/dist/commands/hunt.d.ts +2 -0
package/dist/commands/hunt.js +58 -7
package/dist/commands/hunt.js.map +1 -1
package/dist/commands/mcp.d.ts +14 -0
package/dist/commands/mcp.js +18 -0
package/dist/commands/mcp.js.map +1 -0
package/dist/commands/watch.d.ts +19 -0
package/dist/commands/watch.js +158 -0
package/dist/commands/watch.js.map +1 -0
package/dist/hunt/__tests__/finding-to-template.test.d.ts +1 -0
package/dist/hunt/__tests__/finding-to-template.test.js +213 -0
package/dist/hunt/__tests__/finding-to-template.test.js.map +1 -0
package/dist/hunt/__tests__/parse-utils.test.js +28 -1
package/dist/hunt/__tests__/parse-utils.test.js.map +1 -1
package/dist/hunt/__tests__/taint-analysis.test.d.ts +1 -0
package/dist/hunt/__tests__/taint-analysis.test.js +556 -0
package/dist/hunt/__tests__/taint-analysis.test.js.map +1 -0
package/dist/hunt/__tests__/templates.test.js +2 -2
package/dist/hunt/__tests__/templates.test.js.map +1 -1
package/dist/hunt/deep-dive.d.ts +2 -2
package/dist/hunt/deep-dive.js +4 -4
package/dist/hunt/deep-dive.js.map +1 -1
package/dist/hunt/discovery.js +2 -2
package/dist/hunt/discovery.js.map +1 -1
package/dist/hunt/finding-to-template.d.ts +47 -0
package/dist/hunt/finding-to-template.js +288 -0
package/dist/hunt/finding-to-template.js.map +1 -0
package/dist/hunt/orchestrator.d.ts +3 -0
package/dist/hunt/orchestrator.js +20 -5
package/dist/hunt/orchestrator.js.map +1 -1
package/dist/hunt/taint-analysis.d.ts +49 -0
package/dist/hunt/taint-analysis.js +429 -0
package/dist/hunt/taint-analysis.js.map +1 -0
package/dist/hunt/templates/csv-injection.d.ts +2 -0
package/dist/hunt/templates/csv-injection.js +148 -0
package/dist/hunt/templates/csv-injection.js.map +1 -0
package/dist/hunt/templates/django-misconfig.d.ts +2 -0
package/dist/hunt/templates/django-misconfig.js +172 -0
package/dist/hunt/templates/django-misconfig.js.map +1 -0
package/dist/hunt/templates/express-misconfig.d.ts +2 -0
package/dist/hunt/templates/express-misconfig.js +156 -0
package/dist/hunt/templates/express-misconfig.js.map +1 -0
package/dist/hunt/templates/file-upload.d.ts +2 -0
package/dist/hunt/templates/file-upload.js +131 -0
package/dist/hunt/templates/file-upload.js.map +1 -0
package/dist/hunt/templates/graphql-abuse.d.ts +2 -0
package/dist/hunt/templates/graphql-abuse.js +161 -0
package/dist/hunt/templates/graphql-abuse.js.map +1 -0
package/dist/hunt/templates/hardcoded-credentials.d.ts +2 -0
package/dist/hunt/templates/hardcoded-credentials.js +109 -0
package/dist/hunt/templates/hardcoded-credentials.js.map +1 -0
package/dist/hunt/templates/idor.d.ts +2 -0
package/dist/hunt/templates/idor.js +102 -0
package/dist/hunt/templates/idor.js.map +1 -0
package/dist/hunt/templates/index.d.ts +2 -2
package/dist/hunt/templates/index.js +38 -5
package/dist/hunt/templates/index.js.map +1 -1
package/dist/hunt/templates/insecure-deserialization.d.ts +2 -0
package/dist/hunt/templates/insecure-deserialization.js +131 -0
package/dist/hunt/templates/insecure-deserialization.js.map +1 -0
package/dist/hunt/templates/mass-assignment.d.ts +2 -0
package/dist/hunt/templates/mass-assignment.js +101 -0
package/dist/hunt/templates/mass-assignment.js.map +1 -0
package/dist/hunt/templates/nextjs-misconfig.d.ts +2 -0
package/dist/hunt/templates/nextjs-misconfig.js +127 -0
package/dist/hunt/templates/nextjs-misconfig.js.map +1 -0
package/dist/hunt/templates/postmessage.d.ts +2 -0
package/dist/hunt/templates/postmessage.js +180 -0
package/dist/hunt/templates/postmessage.js.map +1 -0
package/dist/hunt/templates/race-condition.d.ts +2 -0
package/dist/hunt/templates/race-condition.js +138 -0
package/dist/hunt/templates/race-condition.js.map +1 -0
package/dist/hunt/templates/spring-misconfig.d.ts +2 -0
package/dist/hunt/templates/spring-misconfig.js +177 -0
package/dist/hunt/templates/spring-misconfig.js.map +1 -0
package/dist/hunt/templates/xxe.d.ts +2 -0
package/dist/hunt/templates/xxe.js +187 -0
package/dist/hunt/templates/xxe.js.map +1 -0
package/dist/hunt/triage.d.ts +2 -2
package/dist/hunt/triage.js +4 -4
package/dist/hunt/triage.js.map +1 -1
package/dist/realtime/__tests__/catch-real-bugs.test.d.ts +9 -0
package/dist/realtime/__tests__/catch-real-bugs.test.js +205 -0
package/dist/realtime/__tests__/catch-real-bugs.test.js.map +1 -0
package/dist/realtime/__tests__/code-buffer.test.d.ts +1 -0
package/dist/realtime/__tests__/code-buffer.test.js +202 -0
package/dist/realtime/__tests__/code-buffer.test.js.map +1 -0
package/dist/realtime/__tests__/correction-injector.test.d.ts +1 -0
package/dist/realtime/__tests__/correction-injector.test.js +168 -0
package/dist/realtime/__tests__/correction-injector.test.js.map +1 -0
package/dist/realtime/__tests__/stream-interceptor.test.d.ts +1 -0
package/dist/realtime/__tests__/stream-interceptor.test.js +193 -0
package/dist/realtime/__tests__/stream-interceptor.test.js.map +1 -0
package/dist/realtime/__tests__/streaming-checks.test.d.ts +1 -0
package/dist/realtime/__tests__/streaming-checks.test.js +479 -0
package/dist/realtime/__tests__/streaming-checks.test.js.map +1 -0
package/dist/realtime/__tests__/streaming-verifier.test.d.ts +1 -0
package/dist/realtime/__tests__/streaming-verifier.test.js +157 -0
package/dist/realtime/__tests__/streaming-verifier.test.js.map +1 -0
package/dist/realtime/code-buffer.d.ts +52 -0
package/dist/realtime/code-buffer.js +276 -0
package/dist/realtime/code-buffer.js.map +1 -0
package/dist/realtime/correction-injector.d.ts +56 -0
package/dist/realtime/correction-injector.js +96 -0
package/dist/realtime/correction-injector.js.map +1 -0
package/dist/realtime/index.d.ts +14 -0
package/dist/realtime/index.js +11 -0
package/dist/realtime/index.js.map +1 -0
package/dist/realtime/mcp-server.d.ts +14 -0
package/dist/realtime/mcp-server.js +200 -0
package/dist/realtime/mcp-server.js.map +1 -0
package/dist/realtime/stream-interceptor.d.ts +65 -0
package/dist/realtime/stream-interceptor.js +174 -0
package/dist/realtime/stream-interceptor.js.map +1 -0
package/dist/realtime/streaming-checks.d.ts +55 -0
package/dist/realtime/streaming-checks.js +452 -0
package/dist/realtime/streaming-checks.js.map +1 -0
package/dist/realtime/streaming-verifier.d.ts +57 -0
package/dist/realtime/streaming-verifier.js +134 -0
package/dist/realtime/streaming-verifier.js.map +1 -0
package/dist/realtime/types.d.ts +99 -0
package/dist/realtime/types.js +8 -0
package/dist/realtime/types.js.map +1 -0
package/package.json +2 -1

package/dist/realtime/correction-injector.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"correction-injector.js","sourceRoot":"","sources":["../../src/realtime/correction-injector.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAIH,8EAA8E;AAC9E,iDAAiD;AACjD,8EAA8E;AAE9E,MAAM,aAAa,GAAkC;IACnD,GAAG,EAAE,CAAC;IACN,MAAM,EAAE,CAAC;IACT,IAAI,EAAE,CAAC;IACP,QAAQ,EAAE,CAAC;CACZ,CAAC;AAsBF,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAE9E,MAAM,OAAO,kBAAkB;IACZ,WAAW,CAAgB;IAC3B,cAAc,CAAS;IAChC,eAAe,GAAG,CAAC,CAAC;IAE5B,YAAY,OAAmC;QAC7C,IAAI,CAAC,WAAW,GAAG,OAAO,EAAE,WAAW,IAAI,MAAM,CAAC;QAClD,IAAI,CAAC,cAAc,GAAG,OAAO,EAAE,cAAc,IAAI,CAAC,CAAC;IACrD,CAAC;IAED;;;;;;;OAOG;IACH,aAAa,CAAC,KAAwB;QACpC,IAAI,KAAK,CAAC,OAAO,KAAK,MAAM;YAAE,OAAO,KAAK,CAAC;QAC3C,IAAI,aAAa,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,IAAI,CAAC,WAAW,CAAC;YAAE,OAAO,KAAK,CAAC;QAClF,IAAI,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC,cAAc;YAAE,OAAO,KAAK,CAAC;QAC9D,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;;;;OASG;IACH,uBAAuB,CACrB,cAAsB,EACtB,KAAwB,EACxB,qBAA6B,EAC7B,kBAA0B;QAE1B,MAAM,cAAc,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC;QAElD,OAAO;YACL,EAAE,IAAI,EAAE,MAAe,EAAE,OAAO,EAAE,kBAAkB,EAAE;YACtD,EAAE,IAAI,EAAE,WAAoB,EAAE,OAAO,EAAE,cAAc,EAAE;YACvD,EAAE,IAAI,EAAE,MAAe,EAAE,OAAO,EAAE,cAAc,EAAE;SACnD,CAAC;IACJ,CAAC;IAED,wEAAwE;IACxE,gBAAgB,CAAC,MAAyB;QACxC,IAAI,CAAC,eAAe,EAAE,CAAC;IACzB,CAAC;IAED,6CAA6C;IAC7C,kBAAkB;QAChB,OAAO,IAAI,CAAC,eAAe,CAAC;IAC9B,CAAC;IAED,wDAAwD;IACxD,KAAK;QACH,IAAI,CAAC,eAAe,GAAG,CAAC,CAAC;IAC3B,CAAC;CACF;AAED,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E,SAAS,mBAAmB,CAAC,KAAwB;IACnD,MAAM,KAAK,GAAa;QACtB,uCAAuC;QACvC,GAAG,KAAK,CAAC,SAAS,KAAK,KAAK,CAAC,QAAQ,EAAE;KACxC,CAAC;IAEF,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;QACrB,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;IAC/B,CAAC;IAED,KAAK,CAAC,IAAI,CACR,EAAE,EACF,4JAA4J,CAC7J,CAAC;IAEF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,wBAAwB;AACxB,OAAO,EAAE,aAAa,EAAE,CAAC"}

package/dist/realtime/index.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+/**
+ * Real-time verification pipeline — verify code as it streams from the LLM.
+ *
+ * Phase 2 of the 10x roadmap.
+ */
+export { CodeBuffer } from './code-buffer.js';
+export { getFormalChecks, loadLearnedChecks, compileCheckSet, runChecks, } from './streaming-checks.js';
+export { StreamingVerifier } from './streaming-verifier.js';
+export type { StreamingVerifierOptions } from './streaming-verifier.js';
+export { CorrectionInjector } from './correction-injector.js';
+export type { CorrectionInjectorOptions, CorrectionMessage } from './correction-injector.js';
+export { createVerifiedStream, createVerifiedStreamFromTokens, } from './stream-interceptor.js';
+export type { VerifiedStreamOptions, VerifiedStreamResult, } from './stream-interceptor.js';
+export type { CheckSeverity, CodeUnit, CodeUnitKind, CompiledCheckSet, CorrectionResult, StreamingCheck, StreamingVerifierStats, VerificationEvent, } from './types.js';

package/dist/realtime/index.js ADDED Viewed

@@ -0,0 +1,11 @@
+/**
+ * Real-time verification pipeline — verify code as it streams from the LLM.
+ *
+ * Phase 2 of the 10x roadmap.
+ */
+export { CodeBuffer } from './code-buffer.js';
+export { getFormalChecks, loadLearnedChecks, compileCheckSet, runChecks, } from './streaming-checks.js';
+export { StreamingVerifier } from './streaming-verifier.js';
+export { CorrectionInjector } from './correction-injector.js';
+export { createVerifiedStream, createVerifiedStreamFromTokens, } from './stream-interceptor.js';
+//# sourceMappingURL=index.js.map

package/dist/realtime/index.js.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/realtime/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EACL,eAAe,EACf,iBAAiB,EACjB,eAAe,EACf,SAAS,GACV,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAE5D,OAAO,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAE9D,OAAO,EACL,oBAAoB,EACpB,8BAA8B,GAC/B,MAAM,yBAAyB,CAAC"}

package/dist/realtime/mcp-server.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+/**
+ * MCP Server for Assay real-time verification.
+ *
+ * Exposes two tools over stdio transport:
+ * - verify_code: One-shot verification of a code snippet
+ * - verify_and_fix: Verify code and return fix suggestions
+ *
+ * Usage with Claude Code:
+ *   npx tryassay mcp
+ *
+ * Claude Code config (~/.claude.json):
+ *   { "mcpServers": { "assay": { "command": "npx", "args": ["tryassay", "mcp"] } } }
+ */
+export declare function startMcpServer(): Promise<void>;

package/dist/realtime/mcp-server.js ADDED Viewed

@@ -0,0 +1,200 @@
+/**
+ * MCP Server for Assay real-time verification.
+ *
+ * Exposes two tools over stdio transport:
+ * - verify_code: One-shot verification of a code snippet
+ * - verify_and_fix: Verify code and return fix suggestions
+ *
+ * Usage with Claude Code:
+ *   npx tryassay mcp
+ *
+ * Claude Code config (~/.claude.json):
+ *   { "mcpServers": { "assay": { "command": "npx", "args": ["tryassay", "mcp"] } } }
+ */
+import { Server } from '@modelcontextprotocol/sdk/server/index.js';
+import { StdioServerTransport } from '@modelcontextprotocol/sdk/server/stdio.js';
+import { CallToolRequestSchema, ListToolsRequestSchema, } from '@modelcontextprotocol/sdk/types.js';
+import { StreamingVerifier } from './streaming-verifier.js';
+// ── Core verification logic ─────────────────────────────────
+function verifyCode(code, language, projectPath) {
+    const verifier = new StreamingVerifier({
+        language,
+        projectPath: projectPath || undefined,
+    });
+    verifier.push(code);
+    verifier.flush();
+    const rawFindings = verifier.getFindings();
+    const stats = verifier.getStats();
+    const findings = rawFindings.map((f) => ({
+        checkName: f.checkName,
+        severity: f.severity,
+        evidence: f.evidence,
+        suggestion: f.suggestion,
+    }));
+    return {
+        findings,
+        stats: {
+            unitsProcessed: stats.unitsProcessed,
+            checksRun: stats.checksRun,
+            findings: stats.findings,
+            avgLatencyMs: Math.round(stats.avgLatencyMs * 100) / 100,
+        },
+        clean: findings.length === 0,
+    };
+}
+function buildFixInstructions(findings) {
+    if (findings.length === 0) {
+        return 'No issues found. Code is clean.';
+    }
+    const lines = [
+        `Found ${findings.length} issue${findings.length > 1 ? 's' : ''} to fix:`,
+        '',
+    ];
+    for (let i = 0; i < findings.length; i++) {
+        const f = findings[i];
+        lines.push(`${i + 1}. [${f.severity.toUpperCase()}] ${f.checkName}`);
+        lines.push(`   Problem: ${f.evidence}`);
+        if (f.suggestion) {
+            lines.push(`   Fix: ${f.suggestion}`);
+        }
+        lines.push('');
+    }
+    lines.push('Apply the fixes above and re-verify to confirm resolution.');
+    return lines.join('\n');
+}
+// ── MCP Server ──────────────────────────────────────────────
+export async function startMcpServer() {
+    const server = new Server({
+        name: 'assay',
+        version: '0.33.2',
+    }, {
+        capabilities: {
+            tools: {},
+        },
+    });
+    // List available tools
+    server.setRequestHandler(ListToolsRequestSchema, async () => ({
+        tools: [
+            {
+                name: 'verify_code',
+                description: 'Verify a code snippet for security vulnerabilities, error handling gaps, and common bugs. Returns structured findings with severity levels. Use this after generating code to catch issues before they ship.',
+                inputSchema: {
+                    type: 'object',
+                    properties: {
+                        code: {
+                            type: 'string',
+                            description: 'The code to verify',
+                        },
+                        language: {
+                            type: 'string',
+                            description: 'Language of the code (typescript, javascript, python, etc.)',
+                        },
+                        projectPath: {
+                            type: 'string',
+                            description: 'Optional project path for loading learned verification rules',
+                        },
+                    },
+                    required: ['code', 'language'],
+                },
+            },
+            {
+                name: 'verify_and_fix',
+                description: 'Verify a code snippet and return actionable fix instructions. Use this to self-correct generated code. Returns findings plus step-by-step fix instructions.',
+                inputSchema: {
+                    type: 'object',
+                    properties: {
+                        code: {
+                            type: 'string',
+                            description: 'The code to verify',
+                        },
+                        language: {
+                            type: 'string',
+                            description: 'Language of the code (typescript, javascript, python, etc.)',
+                        },
+                        projectPath: {
+                            type: 'string',
+                            description: 'Optional project path for loading learned verification rules',
+                        },
+                    },
+                    required: ['code', 'language'],
+                },
+            },
+        ],
+    }));
+    // Handle tool calls
+    server.setRequestHandler(CallToolRequestSchema, async (request) => {
+        const { name, arguments: args } = request.params;
+        if (name === 'verify_code') {
+            const code = args?.code;
+            const language = args?.language;
+            const projectPath = args?.projectPath;
+            if (!code || !language) {
+                return {
+                    content: [
+                        {
+                            type: 'text',
+                            text: JSON.stringify({
+                                error: 'Both "code" and "language" are required',
+                            }),
+                        },
+                    ],
+                    isError: true,
+                };
+            }
+            const result = verifyCode(code, language, projectPath);
+            return {
+                content: [
+                    {
+                        type: 'text',
+                        text: JSON.stringify(result, null, 2),
+                    },
+                ],
+            };
+        }
+        if (name === 'verify_and_fix') {
+            const code = args?.code;
+            const language = args?.language;
+            const projectPath = args?.projectPath;
+            if (!code || !language) {
+                return {
+                    content: [
+                        {
+                            type: 'text',
+                            text: JSON.stringify({
+                                error: 'Both "code" and "language" are required',
+                            }),
+                        },
+                    ],
+                    isError: true,
+                };
+            }
+            const verifyResult = verifyCode(code, language, projectPath);
+            const fixInstructions = buildFixInstructions(verifyResult.findings);
+            const result = {
+                ...verifyResult,
+                fixInstructions,
+            };
+            return {
+                content: [
+                    {
+                        type: 'text',
+                        text: JSON.stringify(result, null, 2),
+                    },
+                ],
+            };
+        }
+        return {
+            content: [
+                {
+                    type: 'text',
+                    text: JSON.stringify({ error: `Unknown tool: ${name}` }),
+                },
+            ],
+            isError: true,
+        };
+    });
+    // Connect via stdio
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+}
+//# sourceMappingURL=mcp-server.js.map

package/dist/realtime/mcp-server.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"mcp-server.js","sourceRoot":"","sources":["../../src/realtime/mcp-server.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,2CAA2C,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EACL,qBAAqB,EACrB,sBAAsB,GACvB,MAAM,oCAAoC,CAAC;AAC5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AA2B5D,+DAA+D;AAE/D,SAAS,UAAU,CACjB,IAAY,EACZ,QAAgB,EAChB,WAAoB;IAEpB,MAAM,QAAQ,GAAG,IAAI,iBAAiB,CAAC;QACrC,QAAQ;QACR,WAAW,EAAE,WAAW,IAAI,SAAS;KACtC,CAAC,CAAC;IAEH,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACpB,QAAQ,CAAC,KAAK,EAAE,CAAC;IAEjB,MAAM,WAAW,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IAC3C,MAAM,KAAK,GAAG,QAAQ,CAAC,QAAQ,EAAE,CAAC;IAElC,MAAM,QAAQ,GAAc,WAAW,CAAC,GAAG,CAAC,CAAC,CAAoB,EAAE,EAAE,CAAC,CAAC;QACrE,SAAS,EAAE,CAAC,CAAC,SAAS;QACtB,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,UAAU,EAAE,CAAC,CAAC,UAAU;KACzB,CAAC,CAAC,CAAC;IAEJ,OAAO;QACL,QAAQ;QACR,KAAK,EAAE;YACL,cAAc,EAAE,KAAK,CAAC,cAAc;YACpC,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,YAAY,GAAG,GAAG,CAAC,GAAG,GAAG;SACzD;QACD,KAAK,EAAE,QAAQ,CAAC,MAAM,KAAK,CAAC;KAC7B,CAAC;AACJ,CAAC;AAED,SAAS,oBAAoB,CAAC,QAAmB;IAC/C,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,iCAAiC,CAAC;IAC3C,CAAC;IAED,MAAM,KAAK,GAAa;QACtB,SAAS,QAAQ,CAAC,MAAM,SAAS,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,UAAU;QACzE,EAAE;KACH,CAAC;IAEF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QACtB,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;QACrE,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;QACxC,IAAI,CAAC,CAAC,UAAU,EAAE,CAAC;YACjB,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC;QACxC,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAC;IACzE,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,+DAA+D;AAE/D,MAAM,CAAC,KAAK,UAAU,cAAc;IAClC,MAAM,MAAM,GAAG,IAAI,MAAM,CACvB;QACE,IAAI,EAAE,OAAO;QACb,OAAO,EAAE,QAAQ;KAClB,EACD;QACE,YAAY,EAAE;YACZ,KAAK,EAAE,EAAE;SACV;KACF,CACF,CAAC;IAEF,uBAAuB;IACvB,MAAM,CAAC,iBAAiB,CAAC,sBAAsB,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC;QAC5D,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,aAAa;gBACnB,WAAW,EACT,8MAA8M;gBAChN,WAAW,EAAE;oBACX,IAAI,EAAE,QAAiB;oBACvB,UAAU,EAAE;wBACV,IAAI,EAAE;4BACJ,IAAI,EAAE,QAAQ;4BACd,WAAW,EAAE,oBAAoB;yBAClC;wBACD,QAAQ,EAAE;4BACR,IAAI,EAAE,QAAQ;4BACd,WAAW,EACT,6DAA6D;yBAChE;wBACD,WAAW,EAAE;4BACX,IAAI,EAAE,QAAQ;4BACd,WAAW,EACT,8DAA8D;yBACjE;qBACF;oBACD,QAAQ,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;iBAC/B;aACF;YACD;gBACE,IAAI,EAAE,gBAAgB;gBACtB,WAAW,EACT,6JAA6J;gBAC/J,WAAW,EAAE;oBACX,IAAI,EAAE,QAAiB;oBACvB,UAAU,EAAE;wBACV,IAAI,EAAE;4BACJ,IAAI,EAAE,QAAQ;4BACd,WAAW,EAAE,oBAAoB;yBAClC;wBACD,QAAQ,EAAE;4BACR,IAAI,EAAE,QAAQ;4BACd,WAAW,EACT,6DAA6D;yBAChE;wBACD,WAAW,EAAE;4BACX,IAAI,EAAE,QAAQ;4BACd,WAAW,EACT,8DAA8D;yBACjE;qBACF;oBACD,QAAQ,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;iBAC/B;aACF;SACF;KACF,CAAC,CAAC,CAAC;IAEJ,oBAAoB;IACpB,MAAM,CAAC,iBAAiB,CAAC,qBAAqB,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE;QAChE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC;QAEjD,IAAI,IAAI,KAAK,aAAa,EAAE,CAAC;YAC3B,MAAM,IAAI,GAAG,IAAI,EAAE,IAAc,CAAC;YAClC,MAAM,QAAQ,GAAG,IAAI,EAAE,QAAkB,CAAC;YAC1C,MAAM,WAAW,GAAG,IAAI,EAAE,WAAiC,CAAC;YAE5D,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACvB,OAAO;oBACL,OAAO,EAAE;wBACP;4BACE,IAAI,EAAE,MAAe;4BACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gCACnB,KAAK,EAAE,yCAAyC;6BACjD,CAAC;yBACH;qBACF;oBACD,OAAO,EAAE,IAAI;iBACd,CAAC;YACJ,CAAC;YAED,MAAM,MAAM,GAAG,UAAU,CAAC,IAAI,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC;YACvD,OAAO;gBACL,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,MAAe;wBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;qBACtC;iBACF;aACF,CAAC;QACJ,CAAC;QAED,IAAI,IAAI,KAAK,gBAAgB,EAAE,CAAC;YAC9B,MAAM,IAAI,GAAG,IAAI,EAAE,IAAc,CAAC;YAClC,MAAM,QAAQ,GAAG,IAAI,EAAE,QAAkB,CAAC;YAC1C,MAAM,WAAW,GAAG,IAAI,EAAE,WAAiC,CAAC;YAE5D,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACvB,OAAO;oBACL,OAAO,EAAE;wBACP;4BACE,IAAI,EAAE,MAAe;4BACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gCACnB,KAAK,EAAE,yCAAyC;6BACjD,CAAC;yBACH;qBACF;oBACD,OAAO,EAAE,IAAI;iBACd,CAAC;YACJ,CAAC;YAED,MAAM,YAAY,GAAG,UAAU,CAAC,IAAI,EAAE,QAAQ,EAAE,WAAW,CAAC,CAAC;YAC7D,MAAM,eAAe,GAAG,oBAAoB,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC;YAEpE,MAAM,MAAM,GAAuB;gBACjC,GAAG,YAAY;gBACf,eAAe;aAChB,CAAC;YAEF,OAAO;gBACL,OAAO,EAAE;oBACP;wBACE,IAAI,EAAE,MAAe;wBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;qBACtC;iBACF;aACF,CAAC;QACJ,CAAC;QAED,OAAO;YACL,OAAO,EAAE;gBACP;oBACE,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,iBAAiB,IAAI,EAAE,EAAE,CAAC;iBACzD;aACF;YACD,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,oBAAoB;IACpB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AAClC,CAAC"}

package/dist/realtime/stream-interceptor.d.ts ADDED Viewed

@@ -0,0 +1,65 @@
+/**
+ * StreamInterceptor — wraps the Anthropic streaming API to pipe tokens
+ * through the real-time verification pipeline transparently.
+ *
+ * Consumers get a verified text stream: code with bugs gets flagged
+ * (and optionally corrected) mid-generation.
+ *
+ * Phase 2, Milestone 3 of the 10x roadmap.
+ */
+import type { CheckSeverity, StreamingVerifierStats, VerificationEvent } from './types.js';
+export interface VerifiedStreamOptions {
+    /** Anthropic API key (falls back to ANTHROPIC_API_KEY env) */
+    apiKey?: string;
+    /** Model to use. Default: 'claude-sonnet-4-20250514' */
+    model?: string;
+    /** System prompt for code generation */
+    systemPrompt?: string;
+    /** User prompt (the code request) */
+    userPrompt: string;
+    /** Language of the code being generated */
+    language: string;
+    /** Max tokens. Default: 4096 */
+    maxTokens?: number;
+    /** Project path for loading learned rules */
+    projectPath?: string;
+    /** Callback for each text chunk */
+    onText?: (text: string) => void;
+    /** Callback for each verification event */
+    onVerification?: (event: VerificationEvent) => void;
+    /** Callback when a correction is triggered */
+    onCorrection?: (info: {
+        finding: VerificationEvent;
+        generatedSoFar: string;
+    }) => void;
+    /** Enable auto-correction. Default: false for MVP */
+    autoCorrect?: boolean;
+    /** Min severity for auto-correction. Default: 'high' */
+    minCorrectionSeverity?: CheckSeverity;
+}
+export interface VerifiedStreamResult {
+    /** The full generated text */
+    text: string;
+    /** All verification events */
+    events: VerificationEvent[];
+    /** Only the findings (FAIL events) */
+    findings: VerificationEvent[];
+    /** Verifier statistics */
+    stats: StreamingVerifierStats;
+    /** API usage */
+    inputTokens: number;
+    outputTokens: number;
+    /** Total wall time */
+    durationMs: number;
+}
+/**
+ * Create and run a verified stream using the Anthropic API.
+ * Returns when generation is complete.
+ */
+export declare function createVerifiedStream(options: VerifiedStreamOptions): Promise<VerifiedStreamResult>;
+/**
+ * Simulate a verified stream by pushing an array of token strings through
+ * the verification pipeline. Same logic as createVerifiedStream but without
+ * the Anthropic client. Useful for deterministic testing.
+ */
+export declare function createVerifiedStreamFromTokens(tokens: string[], options: Omit<VerifiedStreamOptions, 'userPrompt' | 'apiKey' | 'model' | 'systemPrompt' | 'maxTokens'>): VerifiedStreamResult;

package/dist/realtime/stream-interceptor.js ADDED Viewed

@@ -0,0 +1,174 @@
+/**
+ * StreamInterceptor — wraps the Anthropic streaming API to pipe tokens
+ * through the real-time verification pipeline transparently.
+ *
+ * Consumers get a verified text stream: code with bugs gets flagged
+ * (and optionally corrected) mid-generation.
+ *
+ * Phase 2, Milestone 3 of the 10x roadmap.
+ */
+import Anthropic from '@anthropic-ai/sdk';
+import { StreamingVerifier } from './streaming-verifier.js';
+// ---------------------------------------------------------------------------
+// Severity ordering for comparison
+// ---------------------------------------------------------------------------
+const SEVERITY_RANK = {
+    critical: 4,
+    high: 3,
+    medium: 2,
+    low: 1,
+};
+function meetsMinSeverity(severity, minSeverity) {
+    return SEVERITY_RANK[severity] >= SEVERITY_RANK[minSeverity];
+}
+// ---------------------------------------------------------------------------
+// Core pipeline logic (shared between real and test entrypoints)
+// ---------------------------------------------------------------------------
+/**
+ * Process a sequence of text chunks through the verification pipeline.
+ * This is the shared core used by both createVerifiedStream (real API)
+ * and createVerifiedStreamFromTokens (test helper).
+ */
+function processTokensThroughPipeline(tokens, verifier, options) {
+    const allEvents = [];
+    const autoCorrect = options.autoCorrect ?? false;
+    const minCorrectionSeverity = options.minCorrectionSeverity ?? 'high';
+    for (const chunk of tokens) {
+        // Fire text callback
+        options.onText?.(chunk);
+        // Push through verifier
+        const events = verifier.push(chunk);
+        for (const event of events) {
+            allEvents.push(event);
+            options.onVerification?.(event);
+            // Auto-correction callback for critical/high findings
+            if (autoCorrect &&
+                event.verdict === 'FAIL' &&
+                meetsMinSeverity(event.severity, minCorrectionSeverity)) {
+                options.onCorrection?.({
+                    finding: event,
+                    generatedSoFar: verifier.getGeneratedCode(),
+                });
+            }
+        }
+    }
+    // Flush trailing code that never hit a structural boundary
+    const flushEvents = verifier.flush();
+    for (const event of flushEvents) {
+        allEvents.push(event);
+        options.onVerification?.(event);
+        if (autoCorrect &&
+            event.verdict === 'FAIL' &&
+            meetsMinSeverity(event.severity, minCorrectionSeverity)) {
+            options.onCorrection?.({
+                finding: event,
+                generatedSoFar: verifier.getGeneratedCode(),
+            });
+        }
+    }
+    return { allEvents };
+}
+// ---------------------------------------------------------------------------
+// createVerifiedStream — real Anthropic API
+// ---------------------------------------------------------------------------
+/**
+ * Create and run a verified stream using the Anthropic API.
+ * Returns when generation is complete.
+ */
+export async function createVerifiedStream(options) {
+    const start = Date.now();
+    const model = options.model ?? 'claude-sonnet-4-20250514';
+    const maxTokens = options.maxTokens ?? 4096;
+    // Create verifier
+    const verifier = new StreamingVerifier({
+        language: options.language,
+        projectPath: options.projectPath,
+    });
+    // Create Anthropic client
+    const apiKey = options.apiKey ?? process.env.ANTHROPIC_API_KEY;
+    if (!apiKey) {
+        throw new Error('ANTHROPIC_API_KEY is required for createVerifiedStream.\n' +
+            'Set it via the apiKey option or ANTHROPIC_API_KEY env var.');
+    }
+    const client = new Anthropic({ apiKey });
+    // Start streaming
+    const stream = client.messages.stream({
+        model,
+        max_tokens: maxTokens,
+        ...(options.systemPrompt ? { system: options.systemPrompt } : {}),
+        messages: [{ role: 'user', content: options.userPrompt }],
+    });
+    // Collect text events into an array, then process them
+    const allEvents = [];
+    const autoCorrect = options.autoCorrect ?? false;
+    const minCorrectionSeverity = options.minCorrectionSeverity ?? 'high';
+    stream.on('text', (text) => {
+        options.onText?.(text);
+        const events = verifier.push(text);
+        for (const event of events) {
+            allEvents.push(event);
+            options.onVerification?.(event);
+            if (autoCorrect &&
+                event.verdict === 'FAIL' &&
+                meetsMinSeverity(event.severity, minCorrectionSeverity)) {
+                options.onCorrection?.({
+                    finding: event,
+                    generatedSoFar: verifier.getGeneratedCode(),
+                });
+            }
+        }
+    });
+    // Wait for stream to complete
+    const finalMessage = await stream.finalMessage();
+    // Flush trailing code
+    const flushEvents = verifier.flush();
+    for (const event of flushEvents) {
+        allEvents.push(event);
+        options.onVerification?.(event);
+        if (autoCorrect &&
+            event.verdict === 'FAIL' &&
+            meetsMinSeverity(event.severity, minCorrectionSeverity)) {
+            options.onCorrection?.({
+                finding: event,
+                generatedSoFar: verifier.getGeneratedCode(),
+            });
+        }
+    }
+    const findings = allEvents.filter(e => e.verdict === 'FAIL');
+    return {
+        text: verifier.getGeneratedCode(),
+        events: allEvents,
+        findings,
+        stats: verifier.getStats(),
+        inputTokens: finalMessage.usage.input_tokens,
+        outputTokens: finalMessage.usage.output_tokens,
+        durationMs: Date.now() - start,
+    };
+}
+// ---------------------------------------------------------------------------
+// createVerifiedStreamFromTokens — test helper (no API calls)
+// ---------------------------------------------------------------------------
+/**
+ * Simulate a verified stream by pushing an array of token strings through
+ * the verification pipeline. Same logic as createVerifiedStream but without
+ * the Anthropic client. Useful for deterministic testing.
+ */
+export function createVerifiedStreamFromTokens(tokens, options) {
+    const start = Date.now();
+    const verifier = new StreamingVerifier({
+        language: options.language,
+        projectPath: options.projectPath,
+    });
+    const { allEvents } = processTokensThroughPipeline(tokens, verifier, options);
+    const findings = allEvents.filter(e => e.verdict === 'FAIL');
+    return {
+        text: verifier.getGeneratedCode(),
+        events: allEvents,
+        findings,
+        stats: verifier.getStats(),
+        inputTokens: 0,
+        outputTokens: 0,
+        durationMs: Date.now() - start,
+    };
+}
+//# sourceMappingURL=stream-interceptor.js.map

package/dist/realtime/stream-interceptor.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"stream-interceptor.js","sourceRoot":"","sources":["../../src/realtime/stream-interceptor.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,SAAS,MAAM,mBAAmB,CAAC;AAC1C,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AA0D5D,8EAA8E;AAC9E,mCAAmC;AACnC,8EAA8E;AAE9E,MAAM,aAAa,GAAkC;IACnD,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;CACP,CAAC;AAEF,SAAS,gBAAgB,CACvB,QAAuB,EACvB,WAA0B;IAE1B,OAAO,aAAa,CAAC,QAAQ,CAAC,IAAI,aAAa,CAAC,WAAW,CAAC,CAAC;AAC/D,CAAC;AAED,8EAA8E;AAC9E,iEAAiE;AACjE,8EAA8E;AAE9E;;;;GAIG;AACH,SAAS,4BAA4B,CACnC,MAAwB,EACxB,QAA2B,EAC3B,OAGC;IAED,MAAM,SAAS,GAAwB,EAAE,CAAC;IAC1C,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,KAAK,CAAC;IACjD,MAAM,qBAAqB,GAAG,OAAO,CAAC,qBAAqB,IAAI,MAAM,CAAC;IAEtE,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,qBAAqB;QACrB,OAAO,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,CAAC;QAExB,wBAAwB;QACxB,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAEpC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACtB,OAAO,CAAC,cAAc,EAAE,CAAC,KAAK,CAAC,CAAC;YAEhC,sDAAsD;YACtD,IACE,WAAW;gBACX,KAAK,CAAC,OAAO,KAAK,MAAM;gBACxB,gBAAgB,CAAC,KAAK,CAAC,QAAQ,EAAE,qBAAqB,CAAC,EACvD,CAAC;gBACD,OAAO,CAAC,YAAY,EAAE,CAAC;oBACrB,OAAO,EAAE,KAAK;oBACd,cAAc,EAAE,QAAQ,CAAC,gBAAgB,EAAE;iBAC5C,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,2DAA2D;IAC3D,MAAM,WAAW,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAC;IACrC,KAAK,MAAM,KAAK,IAAI,WAAW,EAAE,CAAC;QAChC,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACtB,OAAO,CAAC,cAAc,EAAE,CAAC,KAAK,CAAC,CAAC;QAEhC,IACE,WAAW;YACX,KAAK,CAAC,OAAO,KAAK,MAAM;YACxB,gBAAgB,CAAC,KAAK,CAAC,QAAQ,EAAE,qBAAqB,CAAC,EACvD,CAAC;YACD,OAAO,CAAC,YAAY,EAAE,CAAC;gBACrB,OAAO,EAAE,KAAK;gBACd,cAAc,EAAE,QAAQ,CAAC,gBAAgB,EAAE;aAC5C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,EAAE,SAAS,EAAE,CAAC;AACvB,CAAC;AAED,8EAA8E;AAC9E,4CAA4C;AAC5C,8EAA8E;AAE9E;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,OAA8B;IAE9B,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAEzB,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,0BAA0B,CAAC;IAC1D,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,IAAI,CAAC;IAE5C,kBAAkB;IAClB,MAAM,QAAQ,GAAG,IAAI,iBAAiB,CAAC;QACrC,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,WAAW,EAAE,OAAO,CAAC,WAAW;KACjC,CAAC,CAAC;IAEH,0BAA0B;IAC1B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;IAC/D,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CACb,2DAA2D;YAC3D,4DAA4D,CAC7D,CAAC;IACJ,CAAC;IACD,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC;IAEzC,kBAAkB;IAClB,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;QACpC,KAAK;QACL,UAAU,EAAE,SAAS;QACrB,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACjE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,CAAC,UAAU,EAAE,CAAC;KAC1D,CAAC,CAAC;IAEH,uDAAuD;IACvD,MAAM,SAAS,GAAwB,EAAE,CAAC;IAC1C,MAAM,WAAW,GAAG,OAAO,CAAC,WAAW,IAAI,KAAK,CAAC;IACjD,MAAM,qBAAqB,GAAG,OAAO,CAAC,qBAAqB,IAAI,MAAM,CAAC;IAEtE,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;QACzB,OAAO,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC;QAEvB,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACnC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACtB,OAAO,CAAC,cAAc,EAAE,CAAC,KAAK,CAAC,CAAC;YAEhC,IACE,WAAW;gBACX,KAAK,CAAC,OAAO,KAAK,MAAM;gBACxB,gBAAgB,CAAC,KAAK,CAAC,QAAQ,EAAE,qBAAqB,CAAC,EACvD,CAAC;gBACD,OAAO,CAAC,YAAY,EAAE,CAAC;oBACrB,OAAO,EAAE,KAAK;oBACd,cAAc,EAAE,QAAQ,CAAC,gBAAgB,EAAE;iBAC5C,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,8BAA8B;IAC9B,MAAM,YAAY,GAAG,MAAM,MAAM,CAAC,YAAY,EAAE,CAAC;IAEjD,sBAAsB;IACtB,MAAM,WAAW,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAC;IACrC,KAAK,MAAM,KAAK,IAAI,WAAW,EAAE,CAAC;QAChC,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACtB,OAAO,CAAC,cAAc,EAAE,CAAC,KAAK,CAAC,CAAC;QAEhC,IACE,WAAW;YACX,KAAK,CAAC,OAAO,KAAK,MAAM;YACxB,gBAAgB,CAAC,KAAK,CAAC,QAAQ,EAAE,qBAAqB,CAAC,EACvD,CAAC;YACD,OAAO,CAAC,YAAY,EAAE,CAAC;gBACrB,OAAO,EAAE,KAAK;gBACd,cAAc,EAAE,QAAQ,CAAC,gBAAgB,EAAE;aAC5C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,MAAM,CAAC,CAAC;IAE7D,OAAO;QACL,IAAI,EAAE,QAAQ,CAAC,gBAAgB,EAAE;QACjC,MAAM,EAAE,SAAS;QACjB,QAAQ;QACR,KAAK,EAAE,QAAQ,CAAC,QAAQ,EAAE;QAC1B,WAAW,EAAE,YAAY,CAAC,KAAK,CAAC,YAAY;QAC5C,YAAY,EAAE,YAAY,CAAC,KAAK,CAAC,aAAa;QAC9C,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;KAC/B,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,8DAA8D;AAC9D,8EAA8E;AAE9E;;;;GAIG;AACH,MAAM,UAAU,8BAA8B,CAC5C,MAAgB,EAChB,OAAsG;IAEtG,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAEzB,MAAM,QAAQ,GAAG,IAAI,iBAAiB,CAAC;QACrC,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,WAAW,EAAE,OAAO,CAAC,WAAW;KACjC,CAAC,CAAC;IAEH,MAAM,EAAE,SAAS,EAAE,GAAG,4BAA4B,CAAC,MAAM,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC9E,MAAM,QAAQ,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,MAAM,CAAC,CAAC;IAE7D,OAAO;QACL,IAAI,EAAE,QAAQ,CAAC,gBAAgB,EAAE;QACjC,MAAM,EAAE,SAAS;QACjB,QAAQ;QACR,KAAK,EAAE,QAAQ,CAAC,QAAQ,EAAE;QAC1B,WAAW,EAAE,CAAC;QACd,YAAY,EAAE,CAAC;QACf,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;KAC/B,CAAC;AACJ,CAAC"}

package/dist/realtime/streaming-checks.d.ts ADDED Viewed

@@ -0,0 +1,55 @@
+/**
+ * Streaming Checks — stateless, pre-compiled pattern matchers for real-time verification.
+ *
+ * Extracts the regex-based formal verification checks from the existing
+ * formal-verifier.ts into standalone StreamingCheck objects. Also loads
+ * learned rules from the catalog and compiles them into the same format.
+ *
+ * All regex patterns are created once at module load time and reused across
+ * invocations. The `runChecks` function targets <10ms for the full check set
+ * against a single code unit.
+ */
+import type { StreamingCheck, CompiledCheckSet, CodeUnit, VerificationEvent } from './types.js';
+import type { LearnedRule } from '../lib/learned-rules/types.js';
+/**
+ * Returns all hand-crafted formal checks as StreamingCheck objects.
+ *
+ * These cover the key vulnerability patterns from formal-verifier.ts,
+ * adapted for streaming (line/statement-level) detection during generation.
+ */
+export declare function getFormalChecks(): StreamingCheck[];
+/**
+ * Derive context keywords for a learned rule based on its name, description,
+ * and category. Returns undefined if no specific context can be inferred
+ * (the rule will run against all code units).
+ */
+declare function deriveContextKeywords(rule: LearnedRule): string[] | undefined;
+/**
+ * Extract literal substrings (4+ alphanumeric chars) from a regex pattern.
+ * These are likely the actual identifiers the rule is looking for.
+ */
+declare function extractRegexLiterals(regexStr: string): string[];
+/**
+ * Load learned rules from the catalog and convert them to StreamingCheck format.
+ *
+ * Default path: `.assay/learned/rules.json` relative to process.cwd().
+ * Falls back to an empty set if the file doesn't exist (starter rules
+ * are loaded separately by getFormalChecks equivalent in the catalog).
+ *
+ * Each rule is assigned contextKeywords for relevance filtering — the check
+ * only runs on code units that contain at least one keyword.
+ */
+export declare function loadLearnedChecks(catalogPath?: string): StreamingCheck[];
+export { deriveContextKeywords as _deriveContextKeywords, extractRegexLiterals as _extractRegexLiterals };
+/**
+ * Filter checks by language and return a pre-compiled set ready for fast execution.
+ *
+ * If no checks are provided, uses the built-in formal checks.
+ */
+export declare function compileCheckSet(language: string, checks?: StreamingCheck[]): CompiledCheckSet;
+/**
+ * Run all checks in the set against a code unit. Returns verification events.
+ *
+ * Designed to complete in <10ms for the full check set against a typical code unit.
+ */
+export declare function runChecks(unit: CodeUnit, checkSet: CompiledCheckSet): VerificationEvent[];