uneven-ai 1.1.5 → 1.1.9

package/CHANGELOG.md

@@ -5,6 +5,31 @@ All notable changes to Uneven AI will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.1.9] - 2026-04-27
+
+### Added
+- **Attacker Identification (Uneven Trace)**: Active pentester now injects a silent origin-tracking header (`X-Uneven-Origin-Trace`) containing the attacker's machine IP.
+- **Threat Detection Engine**: Terminal watcher now detects incoming Uneven pentest probes and logs a critical security alert with the source IP.
+- **Portuguese Intent Support**: Shell now recognizes "crie", "faça", "escreva" for AI tasks even in keyword-fallback mode.
+
+### Changed
+- **License Gating**: Active Pentester mode is now restricted to the **Team** plan.
+- **Shell Stability**: Improved intent classification to prevent substring collision (e.g., "mundo" no longer triggers "undo").
+- **Success Hints**: Shell now only prints success hints if the underlying command actually returns a success exit code.
+
+## [1.1.8] - 2026-04-27
+
+### Added
+- **3-Layer Privacy Protection**: Enhanced data safety suite for database analysis, featuring **Schema Filtering** (AI never sees blocked tables), **Semantic SQL Auditing** (blocks unauthorized access patterns), and **Live Result Redaction** (masks sensitive values in real-time).
+- **Forensic Audit Logs**: New `log.path` configuration that persists a detailed history of all AI actions, terminal errors, and applied fixes in a structured Markdown format for accountability.
+- **Autonomous Security Pentester**: Validated static analysis engine capable of detecting hardcoded secrets (Entropy-based), OS/SQL injections, and missing infrastructure security headers (HSTS, CSP).
+- **Universal Data Indexing**: Full support for `.csv` and `.xlsx` files, enabling seamless context delivery for automated data scripts.
+
+### Fixed
+- **Configuration Loading**: Resolved a critical issue where the `analyze` command would ignore the project's `uneven.config.ts`.
+- **Infrastructure Stability**: Fixed a build-breaking import error in the Pro feature gate (`gate.ts`).
+- **Provider Reliability**: Improved Gemini API error handling for rate-limit and overload scenarios.
+
 ## [1.1.5] - 2026-04-24
 
 ### Fixed

package/README.md

@@ -158,7 +158,7 @@ uneven-ai ci
 Run `uneven-ai` with no arguments to open the interactive shell:
 
 ```
-  ◈  Uneven AI  v1.1.1
+  ◈  Uneven AI  v1.1.9
   ────────────────────────────────────────────────────────────
   Olá! O que posso fazer por você hoje?
   (Escreva sua mensagem ou "sair" para encerrar)
@@ -334,9 +334,9 @@ Interactive workflow:
 
 | Layer | What it does |
 |---|---|
-| Schema filter | Removes sensitive tables/columns before LLM sees the schema |
-| SQL audit | Blocks DML/DDL and references to sensitive tables |
-| Result masking | Redacts values matching sensitive patterns (bcrypt, JWT, AWS keys, etc.) |
+| **1. Schema Filter** | Automatically removes sensitive tables and columns from the schema before the AI analyzes it. |
+| **2. Semantic SQL Audit** | Actively blocks suspicious queries or attempts to access unauthorized data patterns. |
+| **3. Live Result Redaction** | Dynamically masks sensitive values (Passwords, JWTs, AWS keys) in real-time before they reach your screen. |
 
 ### Pentester [Pro]
 
@@ -445,12 +445,11 @@ Privacy is not a feature — it's the foundation.
 ✅ **Absolute sovereignty** — 100% local execution available  
 ✅ **Privacy Sanity** — Development environment paths automatically stripped from distribution binaries  
 ✅ **No telemetry** — zero usage tracking or analytics  
-✅ **No data sent anywhere** — your code stays on your machine  
-✅ **Scope-enforced pentester** — active mode blocked without explicit digital authorization  
-✅ **3-layer data protection** — sensitive schema and data never reach the LLM or output  
-✅ **Ethical safety guard** — built-in protection against generating malware or exploits  
-✅ **GPU acceleration** — automatic, transparent, no cloud involved  
-✅ **Auditable diffs** — every automated change is fully logged and reversible  
+✅ **Forensic Audit Logs** — Detailed activity history with secure timestamps and auditable code diffs  
+✅ **3-layer data protection** — Sensitive schema and results are dynamically filtered and redacted  
+✅ **Scope-enforced pentester** — Active mode requires explicit authorization and digital scope signing  
+✅ **Ethical safety guard** — Built-in protection against generating malicious payloads or exploits  
+✅ **GPU acceleration** — Automatic, transparent, and completely private hardware utilization  
 
 ---
 

package/dist/application/analysis/active/helpers.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../../src/application/analysis/active/helpers.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,IAAI,MAAM,MAAM,CAAA;AAG5B,wBAAgB,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAO1F;AAED,wBAAgB,WAAW,CAAC,OAAO,EAAE,IAAI,CAAC,cAAc,EAAE,QAAQ,EAAE,OAAO,GAAG,OAAO,CAAC;IACpF,UAAU,EAAE,MAAM,CAAA;IAClB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC,CAAA;IACtD,IAAI,EAAE,MAAM,CAAA;CACb,CAAC,CAmBD;AAED,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC;IAChE,KAAK,EAAE,OAAO,CAAA;IACd,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,EAAE,OAAO,CAAA;IACnB,YAAY,EAAE,MAAM,CAAA;IACpB,QAAQ,EAAE,MAAM,CAAA;IAChB,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,EAAE,MAAM,CAAA;CACf,GAAG,IAAI,CAAC,CA8BR;AAED,wBAAgB,eAAe,CAAC,MAAM,EAAE,MAAM,GAAG;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,OAAO,CAAA;CAAE,CAY9F"}
+{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../../src/application/analysis/active/helpers.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,IAAI,MAAM,MAAM,CAAA;AAI5B,wBAAgB,UAAU,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAO1F;AAED,wBAAsB,WAAW,CAAC,OAAO,EAAE,IAAI,CAAC,cAAc,EAAE,QAAQ,EAAE,OAAO,GAAG,OAAO,CAAC;IAC1F,UAAU,EAAE,MAAM,CAAA;IAClB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,EAAE,GAAG,SAAS,CAAC,CAAA;IACtD,IAAI,EAAE,MAAM,CAAA;CACb,CAAC,CA0BD;AAED,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC;IAChE,KAAK,EAAE,OAAO,CAAA;IACd,OAAO,EAAE,OAAO,CAAA;IAChB,UAAU,EAAE,OAAO,CAAA;IACnB,YAAY,EAAE,MAAM,CAAA;IACpB,QAAQ,EAAE,MAAM,CAAA;IAChB,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,EAAE,MAAM,CAAA;CACf,GAAG,IAAI,CAAC,CA8BR;AAED,wBAAgB,eAAe,CAAC,MAAM,EAAE,MAAM,GAAG;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,OAAO,CAAA;CAAE,CAY9F"}

package/dist/application/analysis/active/helpers.js

@@ -3,6 +3,7 @@ import * as tls from 'tls';
 import * as https from 'https';
 import * as http from 'http';
 import { CONNECT_TIMEOUT_MS, HTTP_TIMEOUT_MS } from './context.js';
+import { getPublicIp } from '../../../infrastructure/utils/network.js';
 export function tcpConnect(host, port, timeoutMs) {
     return new Promise(resolve => {
         const sock = net.createConnection({ host, port });
@@ -11,10 +12,16 @@ export function tcpConnect(host, port, timeoutMs) {
         sock.on('error', () => { clearTimeout(timer); resolve(false); });
     });
 }
-export function httpRequest(options, useHttps) {
+export async function httpRequest(options, useHttps) {
+    const ip = await getPublicIp();
+    const customHeaders = {
+        ...options.headers,
+        'User-Agent': 'Uneven-Pentester/1.1.9',
+        ...(ip ? { 'X-Uneven-Origin-Trace': ip } : {})
+    };
     return new Promise((resolve, reject) => {
         const mod = useHttps ? https : http;
-        const req = mod.request({ ...options, rejectUnauthorized: false }, res => {
+        const req = mod.request({ ...options, headers: customHeaders, rejectUnauthorized: false }, res => {
             let body = '';
             res.on('data', (chunk) => { body += chunk.toString('utf-8'); });
             res.on('end', () => resolve({

package/dist/application/analysis/active/index.js

@@ -16,7 +16,7 @@ export class ActiveScanner {
     }
     async flushAuditLog() {
         try {
-            const logPath = path.join(process.cwd(), '.uneven', 'pentest-audit.log');
+            const logPath = path.join(this.ctx.projectRoot, '.uneven', 'pentest-audit.log');
             await fs.mkdir(path.dirname(logPath), { recursive: true });
             await fs.appendFile(logPath, this.auditLog.join('\n') + '\n', 'utf-8');
             this.auditLog = [];

package/dist/application/analysis/data-security/context.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../../../../src/application/analysis/data-security/context.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAA;AACxE,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAIxD;;GAEG;AACH,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,MAAM,CAA0B;IACxC,OAAO,CAAC,cAAc,CAAyC;IAC/D,OAAO,CAAC,aAAa,CAA2C;gBAEpD,MAAM,GAAE,OAAO,CAAC,cAAc,CAAM;IA8BhD;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,WAAW,EAAE,GAAG;QAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;QAAC,KAAK,EAAE,WAAW,CAAA;KAAE;IA2BpF;;OAEG;IACH,QAAQ,CAAC,GAAG,EAAE,MAAM,GAAG,WAAW;IAkClC;;OAEG;IACH,UAAU,CAAC,MAAM,EAAE,WAAW,GAAG;QAAE,MAAM,EAAE,WAAW,CAAC;QAAC,KAAK,EAAE,WAAW,CAAA;KAAE;IA0C5E,gBAAgB,IAAI,MAAM;IAiB1B,SAAS,IAAI,QAAQ,CAAC,cAAc,CAAC;IAErC,OAAO,CAAC,eAAe;IAUvB,OAAO,CAAC,cAAc;CAGvB"}
+{"version":3,"file":"context.d.ts","sourceRoot":"","sources":["../../../../src/application/analysis/data-security/context.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAA;AACxE,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AAIxD;;GAEG;AACH,qBAAa,mBAAmB;IAC9B,OAAO,CAAC,MAAM,CAA0B;IACxC,OAAO,CAAC,cAAc,CAAyC;IAC/D,OAAO,CAAC,aAAa,CAA2C;gBAEpD,MAAM,GAAE,OAAO,CAAC,cAAc,CAAM;IAgChD;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,WAAW,EAAE,GAAG;QAAE,QAAQ,EAAE,WAAW,EAAE,CAAC;QAAC,KAAK,EAAE,WAAW,CAAA;KAAE;IA2BpF;;OAEG;IACH,QAAQ,CAAC,GAAG,EAAE,MAAM,GAAG,WAAW;IAkClC;;OAEG;IACH,UAAU,CAAC,MAAM,EAAE,WAAW,GAAG;QAAE,MAAM,EAAE,WAAW,CAAC;QAAC,KAAK,EAAE,WAAW,CAAA;KAAE;IA0C5E,gBAAgB,IAAI,MAAM;IAiB1B,SAAS,IAAI,QAAQ,CAAC,cAAc,CAAC;IAErC,OAAO,CAAC,eAAe;IAUvB,OAAO,CAAC,cAAc;CAGvB"}

package/dist/application/analysis/data-security/context.js

@@ -12,10 +12,12 @@ export class DataSecurityContext {
             blockedColumns: [
                 ...DEFAULT_POLICY.blockedColumns,
                 ...(policy.blockedColumns ?? []),
+                ...policy.mask ?? [],
             ],
             blockedTables: [
                 ...DEFAULT_POLICY.blockedTables,
                 ...(policy.blockedTables ?? []),
+                ...policy.block ?? [],
             ],
             sensitiveValuePatterns: [
                 ...DEFAULT_POLICY.sensitiveValuePatterns,

package/dist/application/analysis/pentest-security-context.d.ts

@@ -63,6 +63,7 @@ export interface ScopePass {
 }
 export type ScopeCheck = ScopeViolation | ScopePass;
 export declare class PentestSecurityContext {
+    projectRoot: string;
     private scopePath;
     private auditPath;
     private scope;

package/dist/application/analysis/pentest-security-context.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"pentest-security-context.d.ts","sourceRoot":"","sources":["../../../src/application/analysis/pentest-security-context.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAQH,MAAM,WAAW,gBAAgB;IAC/B,0CAA0C;IAC1C,KAAK,EAAE,MAAM,CAAA;IACb,qCAAqC;IACrC,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AAED,MAAM,WAAW,YAAY;IAC3B,8CAA8C;IAC9C,YAAY,EAAE,MAAM,CAAA;IACpB,4CAA4C;IAC5C,YAAY,EAAE,MAAM,CAAA;IACpB,sDAAsD;IACtD,SAAS,EAAE,MAAM,CAAA;IACjB,yBAAyB;IACzB,OAAO,EAAE,gBAAgB,EAAE,CAAA;IAC3B,yBAAyB;IACzB,YAAY,EAAE,KAAK,CAAC,QAAQ,GAAG,QAAQ,CAAC,CAAA;IACxC,kDAAkD;IAClD,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,IAAI,CAAA;IACb,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;IACd,UAAU,EAAE,MAAM,CAAA;CACnB;AAED,MAAM,WAAW,SAAS;IACxB,OAAO,EAAE,KAAK,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;CACf;AAED,MAAM,MAAM,UAAU,GAAG,cAAc,GAAG,SAAS,CAAA;AAuFnD,qBAAa,sBAAsB;IACjC,OAAO,CAAC,SAAS,CAAQ;IACzB,OAAO,CAAC,SAAS,CAAQ;IACzB,OAAO,CAAC,KAAK,CAA4B;gBAE7B,WAAW,GAAE,MAAsB;IAO/C;;;OAGG;IACG,YAAY,CAChB,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,gBAAgB,EAAE,EAC3B,YAAY,GAAE,YAAY,CAAC,cAAc,CAAc,EACvD,YAAY,GAAE,MAAiB,GAC9B,OAAO,CAAC,YAAY,CAAC;IAqBxB;;;OAGG;IACG,SAAS,IAAI,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC;IA0B/C,mCAAmC;IAC7B,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAUjC;;;OAGG;IACG,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAiDtD;;;OAGG;IACG,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAqBhF;;;OAGG;IACH,sBAAsB,CAAC,IAAI,EAAE,QAAQ,GAAG,QAAQ,GAAG,MAAM;IAkCzD,QAAQ,IAAI,YAAY,GAAG,IAAI;IAE/B,cAAc,IAAI;QAAE,MAAM,EAAE,OAAO,CAAC;QAAC,OAAO,EAAE,MAAM,EAAE,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,OAAO,CAAA;KAAE;YAajF,KAAK;IASnB,OAAO,CAAC,WAAW;CAIpB"}
+{"version":3,"file":"pentest-security-context.d.ts","sourceRoot":"","sources":["../../../src/application/analysis/pentest-security-context.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AAQH,MAAM,WAAW,gBAAgB;IAC/B,0CAA0C;IAC1C,KAAK,EAAE,MAAM,CAAA;IACb,qCAAqC;IACrC,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AAED,MAAM,WAAW,YAAY;IAC3B,8CAA8C;IAC9C,YAAY,EAAE,MAAM,CAAA;IACpB,4CAA4C;IAC5C,YAAY,EAAE,MAAM,CAAA;IACpB,sDAAsD;IACtD,SAAS,EAAE,MAAM,CAAA;IACjB,yBAAyB;IACzB,OAAO,EAAE,gBAAgB,EAAE,CAAA;IAC3B,yBAAyB;IACzB,YAAY,EAAE,KAAK,CAAC,QAAQ,GAAG,QAAQ,CAAC,CAAA;IACxC,kDAAkD;IAClD,SAAS,EAAE,MAAM,CAAA;CAClB;AAED,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE,IAAI,CAAA;IACb,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;IACd,UAAU,EAAE,MAAM,CAAA;CACnB;AAED,MAAM,WAAW,SAAS;IACxB,OAAO,EAAE,KAAK,CAAA;IACd,MAAM,EAAE,MAAM,CAAA;CACf;AAED,MAAM,MAAM,UAAU,GAAG,cAAc,GAAG,SAAS,CAAA;AAuFnD,qBAAa,sBAAsB;IAKd,WAAW,EAAE,MAAM;IAJtC,OAAO,CAAC,SAAS,CAAQ;IACzB,OAAO,CAAC,SAAS,CAAQ;IACzB,OAAO,CAAC,KAAK,CAA4B;gBAEtB,WAAW,GAAE,MAAsB;IAOtD;;;OAGG;IACG,YAAY,CAChB,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,gBAAgB,EAAE,EAC3B,YAAY,GAAE,YAAY,CAAC,cAAc,CAAc,EACvD,YAAY,GAAE,MAAiB,GAC9B,OAAO,CAAC,YAAY,CAAC;IAqBxB;;;OAGG;IACG,SAAS,IAAI,OAAO,CAAC,YAAY,GAAG,IAAI,CAAC;IA0B/C,mCAAmC;IAC7B,UAAU,IAAI,OAAO,CAAC,IAAI,CAAC;IAUjC;;;OAGG;IACG,WAAW,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC;IAiDtD;;;OAGG;IACG,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,GAAG;QAAE,QAAQ,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;IAqBhF;;;OAGG;IACH,sBAAsB,CAAC,IAAI,EAAE,QAAQ,GAAG,QAAQ,GAAG,MAAM;IAkCzD,QAAQ,IAAI,YAAY,GAAG,IAAI;IAE/B,cAAc,IAAI;QAAE,MAAM,EAAE,OAAO,CAAC;QAAC,OAAO,EAAE,MAAM,EAAE,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,OAAO,CAAA;KAAE;YAajF,KAAK;IASnB,OAAO,CAAC,WAAW;CAIpB"}

package/dist/application/analysis/pentest-security-context.js

@@ -108,10 +108,12 @@ const PRIVATE_RANGES = [
 ];
 // ─── PentestSecurityContext ───────────────────────────────────────────────────
 export class PentestSecurityContext {
+    projectRoot;
     scopePath;
     auditPath;
     scope = null;
     constructor(projectRoot = process.cwd()) {
+        this.projectRoot = projectRoot;
         this.scopePath = path.join(projectRoot, '.uneven', 'pentest-scope.json');
         this.auditPath = path.join(projectRoot, '.uneven', 'pentest-audit.log');
     }

package/dist/application/analysis/report-packager.d.ts

@@ -34,7 +34,7 @@ export interface PackageResult {
 }
 export declare class ReportPackager {
     private cacheDir;
-    constructor(cacheDir?: string);
+    constructor(projectRoot?: string);
     /**
      * Full pipeline: make offline HTML → bundle exe.
      */

package/dist/application/analysis/report-packager.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"report-packager.d.ts","sourceRoot":"","sources":["../../../src/application/analysis/report-packager.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAYH,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAA;IACjB,kCAAkC;IAClC,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,yCAAyC;IACzC,MAAM,CAAC,EAAE,SAAS,GAAG,WAAW,GAAG,WAAW,GAAG,aAAa,GAAG,WAAW,CAAA;IAC5E,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,MAAM,CAAA;IACd,OAAO,EAAE,OAAO,CAAA;CACjB;AAED,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAQ;gBAEZ,QAAQ,GAAE,MAAqD;IAI3E;;OAEG;IACG,OAAO,CAAC,YAAY,EAAE,MAAM,EAAE,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,aAAa,CAAC;IAuCpF;;;OAGG;IACG,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,OAAO,CAAA;KAAE,CAAC;IAgC5E,OAAO,CAAC,iBAAiB;YA4FX,MAAM;YA6CN,YAAY;CAyB3B"}
+{"version":3,"file":"report-packager.d.ts","sourceRoot":"","sources":["../../../src/application/analysis/report-packager.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAYH,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAA;IACjB,kCAAkC;IAClC,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,yCAAyC;IACzC,MAAM,CAAC,EAAE,SAAS,GAAG,WAAW,GAAG,WAAW,GAAG,aAAa,GAAG,WAAW,CAAA;IAC5E,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,MAAM,CAAA;IACd,OAAO,EAAE,OAAO,CAAA;CACjB;AAED,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAQ;gBAEZ,WAAW,GAAE,MAAsB;IAI/C;;OAEG;IACG,OAAO,CAAC,YAAY,EAAE,MAAM,EAAE,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,aAAa,CAAC;IAuCpF;;;OAGG;IACG,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,OAAO,CAAA;KAAE,CAAC;IAgC5E,OAAO,CAAC,iBAAiB;YA4FX,MAAM;YA6CN,YAAY;CAyB3B"}

package/dist/application/analysis/report-packager.js

@@ -27,8 +27,8 @@ const execFile = promisify(execFileCb);
 const CHARTJS_CDN = 'https://cdn.jsdelivr.net/npm/chart.js@4.4.0/dist/chart.umd.min.js';
 export class ReportPackager {
     cacheDir;
-    constructor(cacheDir = path.join(process.cwd(), '.uneven', 'cache')) {
-        this.cacheDir = cacheDir;
+    constructor(projectRoot = process.cwd()) {
+        this.cacheDir = path.join(projectRoot, '.uneven', 'cache');
     }
     /**
      * Full pipeline: make offline HTML → bundle exe.

package/dist/application/analysis/security/analyzer.d.ts

@@ -5,8 +5,9 @@ import { SecurityFinding } from './types.js';
  * Orchestrates Phase 1 and Phase 2 security audits.
  */
 export declare class SecurityAnalyzer {
+    private projectRoot;
     private logger;
-    constructor(logger: Logger);
+    constructor(logger: Logger, projectRoot?: string);
     /**
      * Runs a complete security audit (Phase 1 + Phase 2).
      */

package/dist/application/analysis/security/analyzer.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"analyzer.d.ts","sourceRoot":"","sources":["../../../../src/application/analysis/security/analyzer.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,kCAAkC,CAAA;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAA;AAQ5C;;;GAGG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,MAAM,CAAQ;gBAEV,MAAM,EAAE,MAAM;IAI1B;;OAEG;IACG,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IAmCxD,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IAIvD,kBAAkB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IAI9D,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IAIrD,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IAI1D,kBAAkB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IAI9D,gBAAgB,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;IAI9C,wBAAwB,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;IAItD,WAAW,CAAC,IAAI,GAAE,MAAM,EAAoB,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IAI/E;;OAEG;YACW,YAAY;CAc3B"}
+{"version":3,"file":"analyzer.d.ts","sourceRoot":"","sources":["../../../../src/application/analysis/security/analyzer.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,MAAM,EAAE,MAAM,kCAAkC,CAAA;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAA;AAQ5C;;;GAGG;AACH,qBAAa,gBAAgB;IAGC,OAAO,CAAC,WAAW;IAF/C,OAAO,CAAC,MAAM,CAAQ;gBAEV,MAAM,EAAE,MAAM,EAAU,WAAW,GAAE,MAAsB;IAIvE;;OAEG;IACG,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IAmCxD,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IAIvD,kBAAkB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IAI9D,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IAIrD,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IAI1D,kBAAkB,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IAI9D,gBAAgB,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;IAI9C,wBAAwB,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;IAItD,WAAW,CAAC,IAAI,GAAE,MAAM,EAAuB,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;IAIlF;;OAEG;YACW,YAAY;CAc3B"}

package/dist/application/analysis/security/analyzer.js

@@ -10,8 +10,10 @@ import { scanHeaders } from './header-scanner.js';
  * Orchestrates Phase 1 and Phase 2 security audits.
  */
 export class SecurityAnalyzer {
+    projectRoot;
     logger;
-    constructor(logger) {
+    constructor(logger, projectRoot = process.cwd()) {
+        this.projectRoot = projectRoot;
         this.logger = logger;
     }
     /**
@@ -27,9 +29,9 @@ export class SecurityAnalyzer {
             scanOWASP(dirs, collectFiles, this.logger),
             scanInjections(dirs, collectFiles, this.logger),
             scanConfigurations(dirs, collectFiles, this.logger),
-            scanDependencies(this.logger),
-            scanDependenciesExpanded(this.logger),
-            scanHeaders(dirs, collectFiles, this.logger),
+            scanDependencies(this.logger, this.projectRoot),
+            scanDependenciesExpanded(this.logger, this.projectRoot),
+            scanHeaders(dirs, collectFiles, this.logger, this.projectRoot),
         ]);
         const all = dedup([
             ...secrets, ...entropy, ...owasp, ...injections,
@@ -59,13 +61,13 @@ export class SecurityAnalyzer {
         return scanConfigurations(dirs, this.collectFiles.bind(this), this.logger);
     }
     async scanDependencies() {
-        return scanDependencies(this.logger);
+        return scanDependencies(this.logger, this.projectRoot);
     }
     async scanDependenciesExpanded() {
-        return scanDependenciesExpanded(this.logger);
+        return scanDependenciesExpanded(this.logger, this.projectRoot);
     }
-    async scanHeaders(dirs = [process.cwd()]) {
-        return scanHeaders(dirs, this.collectFiles.bind(this), this.logger);
+    async scanHeaders(dirs = [this.projectRoot]) {
+        return scanHeaders(dirs, this.collectFiles.bind(this), this.logger, this.projectRoot);
     }
     /**
      * Internal: collect files from dirs.

package/dist/application/analysis/security/dependency-scanner.d.ts

@@ -3,9 +3,9 @@ import { Logger } from '../../../infrastructure/index.js';
 /**
  * Scans package.json for known vulnerabilities and runs npm audit.
  */
-export declare function scanDependencies(logger: Logger): Promise<SecurityFinding[]>;
+export declare function scanDependencies(logger: Logger, projectRoot?: string): Promise<SecurityFinding[]>;
 /**
  * Scans Python (requirements.txt) and Rust (Cargo.toml) for known vulnerabilities.
  */
-export declare function scanDependenciesExpanded(logger: Logger): Promise<SecurityFinding[]>;
+export declare function scanDependenciesExpanded(logger: Logger, projectRoot?: string): Promise<SecurityFinding[]>;
 //# sourceMappingURL=dependency-scanner.d.ts.map

package/dist/application/analysis/security/dependency-scanner.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"dependency-scanner.d.ts","sourceRoot":"","sources":["../../../../src/application/analysis/security/dependency-scanner.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAA;AAE5C,OAAO,EAAE,MAAM,EAAE,MAAM,kCAAkC,CAAA;AA+EzD;;GAEG;AACH,wBAAsB,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC,CAsEjF;AAED;;GAEG;AACH,wBAAsB,wBAAwB,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC,CA8EzF"}
+{"version":3,"file":"dependency-scanner.d.ts","sourceRoot":"","sources":["../../../../src/application/analysis/security/dependency-scanner.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAA;AAE5C,OAAO,EAAE,MAAM,EAAE,MAAM,kCAAkC,CAAA;AA+EzD;;GAEG;AACH,wBAAsB,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,GAAE,MAAsB,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC,CAsEtH;AAED;;GAEG;AACH,wBAAsB,wBAAwB,CAAC,MAAM,EAAE,MAAM,EAAE,WAAW,GAAE,MAAsB,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC,CA8E9H"}

package/dist/application/analysis/security/dependency-scanner.js

@@ -66,10 +66,10 @@ const CVE_DB = [
 /**
  * Scans package.json for known vulnerabilities and runs npm audit.
  */
-export async function scanDependencies(logger) {
+export async function scanDependencies(logger, projectRoot = process.cwd()) {
     await logger.info('Dependencies: scanning package manifests');
     const findings = [];
-    const packageJsonPath = path.join(process.cwd(), 'package.json');
+    const packageJsonPath = path.join(projectRoot, 'package.json');
     let installedDeps = {};
     try {
         const raw = await fs.readFile(packageJsonPath, 'utf-8');
@@ -101,7 +101,7 @@ export async function scanDependencies(logger) {
     try {
         const auditOutput = await new Promise((resolve, reject) => {
             const { execFile } = require('child_process');
-            execFile('npm', ['audit', '--json'], { cwd: process.cwd(), timeout: 15000, encoding: 'utf-8' }, (err, stdout) => {
+            execFile('npm', ['audit', '--json'], { cwd: projectRoot, timeout: 15000, encoding: 'utf-8' }, (err, stdout) => {
                 if (err && !stdout) {
                     reject(err);
                     return;
@@ -135,12 +135,12 @@ export async function scanDependencies(logger) {
 /**
  * Scans Python (requirements.txt) and Rust (Cargo.toml) for known vulnerabilities.
  */
-export async function scanDependenciesExpanded(logger) {
+export async function scanDependenciesExpanded(logger, projectRoot = process.cwd()) {
     const findings = [];
     // Python requirements.txt
     const reqFiles = ['requirements.txt', 'requirements-dev.txt', 'requirements/base.txt'];
     for (const reqFile of reqFiles) {
-        const content = await readFileSafe(path.join(process.cwd(), reqFile));
+        const content = await readFileSafe(path.join(projectRoot, reqFile));
         if (!content)
             continue;
         const PY_CVE = [
@@ -174,7 +174,7 @@ export async function scanDependenciesExpanded(logger) {
         }
     }
     // Rust Cargo.toml
-    const cargoContent = await readFileSafe(path.join(process.cwd(), 'Cargo.toml'));
+    const cargoContent = await readFileSafe(path.join(projectRoot, 'Cargo.toml'));
     if (cargoContent) {
         const RUST_CVE = [
             { crate: 'openssl', maxVer: '0.10.47', cve: 'CVE-2022-0778', severity: 'high', cvss: 7.5, msg: 'openssl crate ≤0.10.47: infinite loop in BN_mod_sqrt() — DoS', fix: 'Upgrade to openssl ≥0.10.48' },

package/dist/application/analysis/security/header-scanner.d.ts

@@ -3,5 +3,5 @@ import { Logger } from '../../../infrastructure/index.js';
 /**
  * Scans server configuration files for missing security headers.
  */
-export declare function scanHeaders(dirs: string[], collectFiles: (dirs: string[]) => Promise<string[]>, logger: Logger): Promise<SecurityFinding[]>;
+export declare function scanHeaders(dirs: string[], collectFiles: (dirs: string[]) => Promise<string[]>, logger: Logger, projectRoot?: string): Promise<SecurityFinding[]>;
 //# sourceMappingURL=header-scanner.d.ts.map

package/dist/application/analysis/security/header-scanner.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"header-scanner.d.ts","sourceRoot":"","sources":["../../../../src/application/analysis/security/header-scanner.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAA;AAE5C,OAAO,EAAE,MAAM,EAAE,MAAM,kCAAkC,CAAA;AAEzD;;GAEG;AACH,wBAAsB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,YAAY,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC,CAiHjJ"}
+{"version":3,"file":"header-scanner.d.ts","sourceRoot":"","sources":["../../../../src/application/analysis/security/header-scanner.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,YAAY,CAAA;AAE5C,OAAO,EAAE,MAAM,EAAE,MAAM,kCAAkC,CAAA;AAEzD;;GAEG;AACH,wBAAsB,WAAW,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,YAAY,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,GAAE,MAAsB,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC,CAiHtL"}

package/dist/application/analysis/security/header-scanner.js

@@ -3,7 +3,7 @@ import { readFileSafe, dedup } from './utils.js';
 /**
  * Scans server configuration files for missing security headers.
  */
-export async function scanHeaders(dirs, collectFiles, logger) {
+export async function scanHeaders(dirs, collectFiles, logger, projectRoot = process.cwd()) {
     await logger.info('Headers: scanning server configuration files');
     const findings = [];
     const files = await collectFiles(dirs);
@@ -82,7 +82,7 @@ export async function scanHeaders(dirs, collectFiles, logger) {
         }
     }
     // Next.js / Nuxt config check
-    // Look in the provided directories first, then fallback to cwd
+    // Look in the provided directories first, then fallback to projectRoot
     let nextConfig = null;
     for (const dir of dirs) {
         nextConfig = await readFileSafe(path.join(dir, 'next.config.js'))
@@ -92,9 +92,9 @@ export async function scanHeaders(dirs, collectFiles, logger) {
             break;
     }
     if (!nextConfig) {
-        nextConfig = await readFileSafe(path.join(process.cwd(), 'next.config.js'))
-            ?? await readFileSafe(path.join(process.cwd(), 'next.config.ts'))
-            ?? await readFileSafe(path.join(process.cwd(), 'next.config.mjs'));
+        nextConfig = await readFileSafe(path.join(projectRoot, 'next.config.js'))
+            ?? await readFileSafe(path.join(projectRoot, 'next.config.ts'))
+            ?? await readFileSafe(path.join(projectRoot, 'next.config.mjs'));
     }
     if (nextConfig && !/headers\s*\(\s*\)/.test(nextConfig)) {
         findings.push({

package/dist/application/development/fix/patterns-compiled.d.ts

@@ -3,4 +3,10 @@ import type { FixSuggestion } from './context.js';
 export declare function suggestTypeScriptFix(error: ParsedError): FixSuggestion | null;
 export declare function suggestRustFix(error: ParsedError): FixSuggestion | null;
 export declare function suggestGoFix(error: ParsedError): FixSuggestion | null;
+export declare function suggestCobolFix(error: ParsedError): FixSuggestion | null;
+export declare function suggestAssemblyFix(error: ParsedError): FixSuggestion | null;
+export declare function suggestSvelteFix(error: ParsedError): FixSuggestion | null;
+export declare function suggestVueFix(error: ParsedError): FixSuggestion | null;
+export declare function suggestAstroFix(error: ParsedError): FixSuggestion | null;
+export declare function suggestReactFix(error: ParsedError): FixSuggestion | null;
 //# sourceMappingURL=patterns-compiled.d.ts.map

package/dist/application/development/fix/patterns-compiled.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"patterns-compiled.d.ts","sourceRoot":"","sources":["../../../../src/application/development/fix/patterns-compiled.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,qDAAqD,CAAA;AACtF,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AAEjD,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CAsC7E;AAED,wBAAgB,cAAc,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CA2BvE;AAED,wBAAgB,YAAY,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CAgErE"}
+{"version":3,"file":"patterns-compiled.d.ts","sourceRoot":"","sources":["../../../../src/application/development/fix/patterns-compiled.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,qDAAqD,CAAA;AACtF,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AAEjD,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CAsC7E;AAED,wBAAgB,cAAc,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CA2BvE;AAED,wBAAgB,YAAY,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CAgErE;AAED,wBAAgB,eAAe,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CAYxE;AAED,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CAY3E;AAED,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CASzE;AAED,wBAAgB,aAAa,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CAStE;AAED,wBAAgB,eAAe,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CASxE;AAED,wBAAgB,eAAe,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CASxE"}

package/dist/application/development/fix/patterns-compiled.js

@@ -121,3 +121,69 @@ export function suggestGoFix(error) {
     }
     return null;
 }
+export function suggestCobolFix(error) {
+    if (error.message.toLowerCase().includes('syntax error')) {
+        return {
+            error,
+            explanation: `COBOL: Syntax error near line ${error.line}`,
+            suggestedFix: `Check for missing periods (.), correct division/section headers, or invalid picture clauses`,
+            beforeCode: error.context.join('\n'),
+            afterCode: `      * Ensure valid COBOL syntax and area margins`,
+            confidence: 0.5,
+        };
+    }
+    return null;
+}
+export function suggestAssemblyFix(error) {
+    if (error.message.toLowerCase().includes('undefined') || error.message.toLowerCase().includes('symbol')) {
+        return {
+            error,
+            explanation: `Assembly: Undefined symbol or label`,
+            suggestedFix: `Ensure the label or variable is defined in the data/bss section or imported correctly`,
+            beforeCode: error.context.join('\n'),
+            afterCode: `; Define the label or variable`,
+            confidence: 0.5,
+        };
+    }
+    return null;
+}
+export function suggestSvelteFix(error) {
+    return {
+        error,
+        explanation: `Svelte: Error during compilation — ${error.message}`,
+        suggestedFix: `Check Svelte specific syntax: unclosed {#if} blocks, invalid $: reactive statements, or unclosed HTML tags`,
+        beforeCode: error.context.join('\n'),
+        afterCode: `<!-- Fix Svelte template syntax -->`,
+        confidence: 0.6,
+    };
+}
+export function suggestVueFix(error) {
+    return {
+        error,
+        explanation: `Vue: Error during compilation — ${error.message}`,
+        suggestedFix: `Check Vue specific syntax: unclosed <template> tags, invalid v-bind/v-on directives, or Setup script errors`,
+        beforeCode: error.context.join('\n'),
+        afterCode: `<!-- Fix Vue template syntax -->`,
+        confidence: 0.6,
+    };
+}
+export function suggestAstroFix(error) {
+    return {
+        error,
+        explanation: `Astro: Error during compilation — ${error.message}`,
+        suggestedFix: `Check Astro specific syntax: unclosed frontmatter (---), invalid JSX within HTML, or missing component imports`,
+        beforeCode: error.context.join('\n'),
+        afterCode: `// Fix Astro component syntax`,
+        confidence: 0.6,
+    };
+}
+export function suggestReactFix(error) {
+    return {
+        error,
+        explanation: `React/JSX: Error during compilation — ${error.message}`,
+        suggestedFix: `Check JSX specific syntax: unclosed tags, 'className' instead of 'class', or invalid inline styles`,
+        beforeCode: error.context.join('\n'),
+        afterCode: `{/* Fix JSX syntax */}`,
+        confidence: 0.6,
+    };
+}

package/dist/application/development/fix/patterns-runtime.d.ts

@@ -3,6 +3,8 @@ import type { FixSuggestion } from './context.js';
 export declare function suggestJavaFix(error: ParsedError): FixSuggestion | null;
 export declare function suggestPHPFix(error: ParsedError): FixSuggestion | null;
 export declare function suggestRubyFix(error: ParsedError): FixSuggestion | null;
+export declare function suggestPythonFix(error: ParsedError): FixSuggestion | null;
+export declare function suggestNodeFix(error: ParsedError): FixSuggestion | null;
 export declare function suggestRuntimeFix(error: ParsedError): FixSuggestion | null;
 export declare function suggestLinterFix(error: ParsedError): FixSuggestion | null;
 //# sourceMappingURL=patterns-runtime.d.ts.map

package/dist/application/development/fix/patterns-runtime.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"patterns-runtime.d.ts","sourceRoot":"","sources":["../../../../src/application/development/fix/patterns-runtime.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,qDAAqD,CAAA;AACtF,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AAEjD,wBAAgB,cAAc,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CAuEvE;AAED,wBAAgB,aAAa,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CAuDtE;AAED,wBAAgB,cAAc,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CA+DvE;AAED,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CAgC1E;AAED,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CAwBzE"}
+{"version":3,"file":"patterns-runtime.d.ts","sourceRoot":"","sources":["../../../../src/application/development/fix/patterns-runtime.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,qDAAqD,CAAA;AACtF,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AAEjD,wBAAgB,cAAc,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CAuEvE;AAED,wBAAgB,aAAa,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CAuDtE;AAED,wBAAgB,cAAc,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CA+DvE;AAED,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CAiCzE;AAED,wBAAgB,cAAc,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CA4CvE;AAED,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CAsC1E;AAED,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,WAAW,GAAG,aAAa,GAAG,IAAI,CAwBzE"}

package/dist/application/development/fix/patterns-runtime.js

@@ -190,7 +190,91 @@ export function suggestRubyFix(error) {
     }
     return null;
 }
+export function suggestPythonFix(error) {
+    switch (error.code) {
+        case 'SyntaxError':
+            return {
+                error,
+                explanation: `Python: Syntax error — ${error.message}`,
+                suggestedFix: `Check for missing colons, mismatched brackets, or indentation issues near line ${error.line}`,
+                beforeCode: error.context.join('\n'),
+                afterCode: `# Review syntax near line ${error.line}`,
+                confidence: 0.7,
+            };
+        case 'IndentationError':
+            return {
+                error,
+                explanation: `Python: Indentation error — mismatched whitespace`,
+                suggestedFix: `Ensure consistent use of 4 spaces for indentation`,
+                beforeCode: error.context.join('\n'),
+                afterCode: `    # Use 4 spaces for this block`,
+                confidence: 0.85,
+            };
+        case 'NameError': {
+            const nameMatch = error.message.match(/name ['"](\w+)['"] is not defined/);
+            return {
+                error,
+                explanation: `Python: Variable '${nameMatch?.[1] ?? 'x'}' is not defined`,
+                suggestedFix: `Initialize the variable or check for typos`,
+                beforeCode: error.context.join('\n'),
+                afterCode: `${nameMatch?.[1] ?? 'x'} = None`,
+                confidence: 0.6,
+            };
+        }
+    }
+    return null;
+}
+export function suggestNodeFix(error) {
+    switch (error.code) {
+        case 'TypeError':
+            if (error.message.includes('is not a function')) {
+                return {
+                    error,
+                    explanation: `Node.js: Type error — ${error.message}`,
+                    suggestedFix: `Check if the variable is correctly initialized and is actually a function`,
+                    beforeCode: error.context.join('\n'),
+                    afterCode: `// Verify typeof object === 'function' before calling`,
+                    confidence: 0.65,
+                };
+            }
+            if (error.message.includes('Cannot read properties of undefined') || error.message.includes('Cannot read properties of null')) {
+                return {
+                    error,
+                    explanation: `Node.js: Cannot read property on null or undefined`,
+                    suggestedFix: `Add optional chaining (?.) or an explicit null check before accessing the property`,
+                    beforeCode: error.context.join('\n'),
+                    afterCode: `// Use optional chaining: obj?.property`,
+                    confidence: 0.85,
+                };
+            }
+            break;
+        case 'ReferenceError':
+            return {
+                error,
+                explanation: `Node.js: Reference error — ${error.message}`,
+                suggestedFix: `Ensure the variable is declared and in scope before it is accessed, or check for typos`,
+                beforeCode: error.context.join('\n'),
+                afterCode: `// Ensure variable is imported or defined`,
+                confidence: 0.75,
+            };
+        case 'SyntaxError':
+            return {
+                error,
+                explanation: `Node.js: Syntax error — ${error.message}`,
+                suggestedFix: `Check for missing brackets, quotes, or invalid syntax near line ${error.line}`,
+                beforeCode: error.context.join('\n'),
+                afterCode: `// Review syntax near line ${error.line}`,
+                confidence: 0.7,
+            };
+    }
+    return null;
+}
 export function suggestRuntimeFix(error) {
+    if (['TypeError', 'ReferenceError', 'SyntaxError', 'Error'].includes(error.code) && (error.file.endsWith('.js') || error.file.endsWith('.ts') || error.file.endsWith('.jsx') || error.file.endsWith('.tsx'))) {
+        const r = suggestNodeFix(error);
+        if (r)
+            return r;
+    }
     const isJava = error.code.startsWith('JAVA') ||
         ['NullPointerException', 'ArrayIndexOutOfBoundsException', 'ClassNotFoundException'].includes(error.code);
     if (isJava) {
@@ -208,6 +292,11 @@ export function suggestRuntimeFix(error) {
         if (r)
             return r;
     }
+    if (['SyntaxError', 'IndentationError', 'NameError', 'TypeError', 'ImportError'].includes(error.code) && error.file.endsWith('.py')) {
+        const r = suggestPythonFix(error);
+        if (r)
+            return r;
+    }
     if (error.message.match(/null|undefined|NoneType/i)) {
         return {
             error,

package/dist/application/development/fix/suggest.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"suggest.d.ts","sourceRoot":"","sources":["../../../../src/application/development/fix/suggest.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,qDAAqD,CAAA;AAItF,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AAKzD,wBAAsB,YAAY,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CA2CjG"}
+{"version":3,"file":"suggest.d.ts","sourceRoot":"","sources":["../../../../src/application/development/fix/suggest.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,qDAAqD,CAAA;AAItF,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,EAAE,MAAM,cAAc,CAAA;AAKzD,wBAAsB,YAAY,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC,CAuDjG"}