vantaverse-ai-reviewer 0.3.1 → 0.3.3

package/dist/core/security-scanner.js

@@ -5,28 +5,35 @@ import { executeCommand } from './executor.js';
 import { safeReadFile } from './security.js';
 /**
  * Secret detection patterns (regex-based, zero cost)
+ * Patterns are designed to be ReDoS-safe with:
+ * - Bounded quantifiers (no nested *)
+ * - Specific character counts where possible
+ * - Non-backtracking character classes
  */
 const SECRET_PATTERNS = [
-    // AWS
+    // AWS - specific format with exact lengths
     { pattern: /AKIA[0-9A-Z]{16}/g, type: 'AWS Access Key', severity: 'critical' },
-    { pattern: /aws[_-]?secret[_-]?access[_-]?key['":\s=]+['"]?([A-Za-z0-9/+=]{40})['"]?/gi, type: 'AWS Secret Key', severity: 'critical' },
-    // Generic API Keys
-    { pattern: /(?:api[_-]?key|apikey)['":\s=]+['"]?([A-Za-z0-9_-]{20,})['"]?/gi, type: 'API Key', severity: 'high' },
-    { pattern: /(?:secret|token)['":\s=]+['"]?([A-Za-z0-9_-]{20,})['"]?/gi, type: 'Secret/Token', severity: 'high' },
-    // JWT Tokens
-    { pattern: /eyJ[A-Za-z0-9-_]+\.eyJ[A-Za-z0-9-_]+\.[A-Za-z0-9-_.+/=]*/g, type: 'JWT Token', severity: 'medium' },
-    // GitHub
+    { pattern: /aws_secret_access_key\s*=\s*[A-Za-z0-9/+=]{40}/gi, type: 'AWS Secret Key', severity: 'critical' },
+    // Generic API Keys - bounded lengths, non-greedy
+    { pattern: /api_key\s*=\s*["'][A-Za-z0-9_-]{20,64}["']/gi, type: 'API Key', severity: 'high' },
+    { pattern: /secret\s*=\s*["'][A-Za-z0-9_-]{20,64}["']/gi, type: 'Secret/Token', severity: 'high' },
+    // JWT Tokens - use possessive-like matching with specific structure
+    { pattern: /eyJ[A-Za-z0-9_-]{10,500}\.eyJ[A-Za-z0-9_-]{10,500}\.[A-Za-z0-9_.-]{10,500}/g, type: 'JWT Token', severity: 'medium' },
+    // GitHub - exact formats
     { pattern: /ghp_[A-Za-z0-9]{36}/g, type: 'GitHub Personal Token', severity: 'critical' },
     { pattern: /github_pat_[A-Za-z0-9]{22}_[A-Za-z0-9]{59}/g, type: 'GitHub PAT', severity: 'critical' },
-    // Private Keys
+    { pattern: /ghs_[A-Za-z0-9]{36}/g, type: 'GitHub App Token', severity: 'critical' },
+    // Private Keys - simple literal match
     { pattern: /-----BEGIN (?:RSA |EC |DSA )?PRIVATE KEY-----/g, type: 'Private Key', severity: 'critical' },
-    // Database URLs
-    { pattern: /(?:mongodb|postgres|mysql|redis):\/\/[^'"\\s]+:[^'"\\s]+@[^'"\\s]+/gi, type: 'Database URL with Credentials', severity: 'critical' },
-    // Slack
+    // Database URLs - bounded non-whitespace with max length
+    { pattern: /(?:mongodb|postgres|mysql|redis):\/\/[^\s"']{10,200}/gi, type: 'Database URL with Credentials', severity: 'critical' },
+    // Slack - exact format with specific lengths
     { pattern: /xox[baprs]-[0-9]{10,13}-[0-9]{10,13}-[a-zA-Z0-9]{24}/g, type: 'Slack Token', severity: 'high' },
-    // Stripe
-    { pattern: /sk_live_[A-Za-z0-9]{24,}/g, type: 'Stripe Secret Key', severity: 'critical' },
-    { pattern: /pk_live_[A-Za-z0-9]{24,}/g, type: 'Stripe Publishable Key', severity: 'medium' },
+    // Stripe - exact prefix with bounded length
+    { pattern: /sk_live_[A-Za-z0-9]{24,50}/g, type: 'Stripe Secret Key', severity: 'critical' },
+    { pattern: /pk_live_[A-Za-z0-9]{24,50}/g, type: 'Stripe Publishable Key', severity: 'medium' },
+    // Google API Key
+    { pattern: /AIza[A-Za-z0-9_-]{35}/g, type: 'Google API Key', severity: 'high' },
 ];
 /**
  * Scan files for secrets using regex patterns

package/dist/core/security-scanner.js.map

@@ -1 +1 @@
-{"version":3,"file":"security-scanner.js","sourceRoot":"","sources":["../../src/core/security-scanner.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAyB7C;;GAEG;AACH,MAAM,eAAe,GAAkF;IACnG,MAAM;IACN,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,UAAU,EAAE;IAC9E,EAAE,OAAO,EAAE,4EAA4E,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,UAAU,EAAE;IAEvI,mBAAmB;IACnB,EAAE,OAAO,EAAE,iEAAiE,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE;IACjH,EAAE,OAAO,EAAE,2DAA2D,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,EAAE;IAEhH,aAAa;IACb,EAAE,OAAO,EAAE,2DAA2D,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAE/G,SAAS;IACT,EAAE,OAAO,EAAE,sBAAsB,EAAE,IAAI,EAAE,uBAAuB,EAAE,QAAQ,EAAE,UAAU,EAAE;IACxF,EAAE,OAAO,EAAE,6CAA6C,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,UAAU,EAAE;IAEpG,eAAe;IACf,EAAE,OAAO,EAAE,gDAAgD,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,UAAU,EAAE;IAExG,gBAAgB;IAChB,EAAE,OAAO,EAAE,sEAAsE,EAAE,IAAI,EAAE,+BAA+B,EAAE,QAAQ,EAAE,UAAU,EAAE;IAEhJ,QAAQ;IACR,EAAE,OAAO,EAAE,uDAAuD,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE;IAE3G,SAAS;IACT,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,UAAU,EAAE;IACzF,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,wBAAwB,EAAE,QAAQ,EAAE,QAAQ,EAAE;CAC/F,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAChC,KAAoB,EACpB,QAAgB;IAEhB,MAAM,QAAQ,GAAoB,EAAE,CAAC;IAErC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACvB,iCAAiC;QACjC,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC;QACzC,IAAI,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACpF,SAAS;QACb,CAAC;QAED,IAAI,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,EAAE,GAAG,GAAG,IAAI,CAAC,CAAC;YACpE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACpC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;gBAEtB,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,eAAe,EAAE,CAAC;oBACxD,oBAAoB;oBACpB,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;oBAEtB,IAAI,KAAK,CAAC;oBACV,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;wBAC3C,8BAA8B;wBAC9B,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,EAAE;4BACpC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;4BAC5E,CAAC,CAAC,KAAK,CAAC;wBAEZ,QAAQ,CAAC,IAAI,CAAC;4BACV,IAAI,EAAE,IAAI,CAAC,YAAY;4BACvB,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,IAAI;4BACJ,KAAK,EAAE,WAAW;4BAClB,QAAQ;yBACX,CAAC,CAAC;oBACP,CAAC;gBACL,CAAC;YACL,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACL,gCAAgC;QACpC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,QAAgB;IAC9C,MAAM,MAAM,GAAG,MAAM,cAAc,CAC/B,KAAK,EACL,CAAC,OAAO,EAAE,QAAQ,CAAC,EACnB,QAAQ,EACR,EAAE,OAAO,EAAE,KAAK,EAAE,CACrB,CAAC;IAEF,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QACpC,OAAO,EAAE,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACxC,MAAM,eAAe,GAAwB,EAAE,CAAC;QAEhD,8BAA8B;QAC9B,IAAI,KAAK,CAAC,eAAe,EAAE,CAAC;YACxB,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,EAAE,CAAC;gBAC/D,MAAM,QAAQ,GAAG,IAAW,CAAC;gBAC7B,eAAe,CAAC,IAAI,CAAC;oBACjB,IAAI;oBACJ,QAAQ,EAAE,QAAQ,CAAC,QAAQ,IAAI,SAAS;oBACxC,WAAW,EAAE,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,IAAI,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,gBAAgB;oBAC9E,YAAY,EAAE,QAAQ,CAAC,YAAY,IAAI,KAAK;iBAC/C,CAAC,CAAC;YACP,CAAC;QACL,CAAC;QAED,OAAO,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,6BAA6B;IACtE,CAAC;IAAC,MAAM,CAAC;QACL,OAAO,EAAE,CAAC;IACd,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACjC,KAAoB,EACpB,QAAgB;IAEhB,MAAM,CAAC,OAAO,EAAE,eAAe,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QACjD,cAAc,CAAC,KAAK,EAAE,QAAQ,CAAC;QAC/B,WAAW,CAAC,QAAQ,CAAC;KACxB,CAAC,CAAC;IAEH,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;IACvE,MAAM,aAAa,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;IAEtG,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC;IAEjE,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrB,OAAO,IAAI,MAAM,OAAO,CAAC,MAAM,4BAA4B,CAAC;IAChE,CAAC;IACD,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,OAAO,IAAI,MAAM,aAAa,CAAC,MAAM,kCAAkC,CAAC;IAC5E,CAAC;IACD,IAAI,CAAC,SAAS,EAAE,CAAC;QACb,OAAO,GAAG,oDAAoD,CAAC;IACnE,CAAC;IAED,OAAO;QACH,OAAO;QACP,eAAe;QACf,SAAS;QACT,OAAO;KACV,CAAC;AACN,CAAC"}
+{"version":3,"file":"security-scanner.js","sourceRoot":"","sources":["../../src/core/security-scanner.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAyB7C;;;;;;GAMG;AACH,MAAM,eAAe,GAAkF;IACnG,2CAA2C;IAC3C,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,UAAU,EAAE;IAC9E,EAAE,OAAO,EAAE,kDAAkD,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,UAAU,EAAE;IAE7G,iDAAiD;IACjD,EAAE,OAAO,EAAE,8CAA8C,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC9F,EAAE,OAAO,EAAE,6CAA6C,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,EAAE;IAElG,oEAAoE;IACpE,EAAE,OAAO,EAAE,6EAA6E,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAEjI,yBAAyB;IACzB,EAAE,OAAO,EAAE,sBAAsB,EAAE,IAAI,EAAE,uBAAuB,EAAE,QAAQ,EAAE,UAAU,EAAE;IACxF,EAAE,OAAO,EAAE,6CAA6C,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,UAAU,EAAE;IACpG,EAAE,OAAO,EAAE,sBAAsB,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,UAAU,EAAE;IAEnF,sCAAsC;IACtC,EAAE,OAAO,EAAE,gDAAgD,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,UAAU,EAAE;IAExG,yDAAyD;IACzD,EAAE,OAAO,EAAE,wDAAwD,EAAE,IAAI,EAAE,+BAA+B,EAAE,QAAQ,EAAE,UAAU,EAAE;IAElI,6CAA6C;IAC7C,EAAE,OAAO,EAAE,uDAAuD,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE;IAE3G,4CAA4C;IAC5C,EAAE,OAAO,EAAE,6BAA6B,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,UAAU,EAAE;IAC3F,EAAE,OAAO,EAAE,6BAA6B,EAAE,IAAI,EAAE,wBAAwB,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAE9F,iBAAiB;IACjB,EAAE,OAAO,EAAE,wBAAwB,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,MAAM,EAAE;CAClF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAChC,KAAoB,EACpB,QAAgB;IAEhB,MAAM,QAAQ,GAAoB,EAAE,CAAC;IAErC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACvB,iCAAiC;QACjC,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC;QACzC,IAAI,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACpF,SAAS;QACb,CAAC;QAED,IAAI,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,EAAE,GAAG,GAAG,IAAI,CAAC,CAAC;YACpE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACpC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;gBAEtB,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,eAAe,EAAE,CAAC;oBACxD,oBAAoB;oBACpB,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;oBAEtB,IAAI,KAAK,CAAC;oBACV,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;wBAC3C,8BAA8B;wBAC9B,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,EAAE;4BACpC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;4BAC5E,CAAC,CAAC,KAAK,CAAC;wBAEZ,QAAQ,CAAC,IAAI,CAAC;4BACV,IAAI,EAAE,IAAI,CAAC,YAAY;4BACvB,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,IAAI;4BACJ,KAAK,EAAE,WAAW;4BAClB,QAAQ;yBACX,CAAC,CAAC;oBACP,CAAC;gBACL,CAAC;YACL,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACL,gCAAgC;QACpC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,QAAgB;IAC9C,MAAM,MAAM,GAAG,MAAM,cAAc,CAC/B,KAAK,EACL,CAAC,OAAO,EAAE,QAAQ,CAAC,EACnB,QAAQ,EACR,EAAE,OAAO,EAAE,KAAK,EAAE,CACrB,CAAC;IAEF,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QACpC,OAAO,EAAE,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACxC,MAAM,eAAe,GAAwB,EAAE,CAAC;QAEhD,8BAA8B;QAC9B,IAAI,KAAK,CAAC,eAAe,EAAE,CAAC;YACxB,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,EAAE,CAAC;gBAC/D,MAAM,QAAQ,GAAG,IAAW,CAAC;gBAC7B,eAAe,CAAC,IAAI,CAAC;oBACjB,IAAI;oBACJ,QAAQ,EAAE,QAAQ,CAAC,QAAQ,IAAI,SAAS;oBACxC,WAAW,EAAE,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,IAAI,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,gBAAgB;oBAC9E,YAAY,EAAE,QAAQ,CAAC,YAAY,IAAI,KAAK;iBAC/C,CAAC,CAAC;YACP,CAAC;QACL,CAAC;QAED,OAAO,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,6BAA6B;IACtE,CAAC;IAAC,MAAM,CAAC;QACL,OAAO,EAAE,CAAC;IACd,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACjC,KAAoB,EACpB,QAAgB;IAEhB,MAAM,CAAC,OAAO,EAAE,eAAe,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QACjD,cAAc,CAAC,KAAK,EAAE,QAAQ,CAAC;QAC/B,WAAW,CAAC,QAAQ,CAAC;KACxB,CAAC,CAAC;IAEH,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;IACvE,MAAM,aAAa,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;IAEtG,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC;IAEjE,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrB,OAAO,IAAI,MAAM,OAAO,CAAC,MAAM,4BAA4B,CAAC;IAChE,CAAC;IACD,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,OAAO,IAAI,MAAM,aAAa,CAAC,MAAM,kCAAkC,CAAC;IAC5E,CAAC;IACD,IAAI,CAAC,SAAS,EAAE,CAAC;QACb,OAAO,GAAG,oDAAoD,CAAC;IACnE,CAAC;IAED,OAAO;QACH,OAAO;QACP,eAAe;QACf,SAAS;QACT,OAAO;KACV,CAAC;AACN,CAAC"}

package/dist/core/security.d.ts

@@ -17,12 +17,9 @@ export declare function isWithinRepo(filePath: string, repoRoot: string): boolea
  * Validate a path and throw if it's outside the repo
  */
 export declare function validatePath(filePath: string, repoRoot: string): string;
-/**
- * Check if path is a symlink pointing outside repo
- */
-export declare function isSymlinkEscape(filePath: string, repoRoot: string): Promise<boolean>;
 /**
  * Safe file read with security validation
+ * Resolves symlinks FIRST to prevent TOCTOU race conditions
  */
 export declare function safeReadFile(filePath: string, repoRoot: string, maxSizeBytes?: number): Promise<string>;
 /**
@@ -30,11 +27,25 @@ export declare function safeReadFile(filePath: string, repoRoot: string, maxSize
  */
 export declare const SECURITY_IGNORE_PATTERNS: string[];
 /**
- * Validate that a command is safe to execute
+ * Validate that a command and its first argument are in the allowlist
  */
-export declare function isAllowedCommand(command: string): boolean;
+export declare function isAllowedCommand(command: string, args?: string[]): boolean;
 /**
- * Sanitize command arguments to prevent injection
+ * Comprehensive argument sanitization to prevent shell injection
+ * Strips ALL potentially dangerous characters for both Unix and Windows shells
  */
 export declare function sanitizeArgs(args: string[]): string[];
+/**
+ * Validate that an output path is safe to write to
+ * Must be within the working directory or a subdirectory
+ */
+export declare function validateOutputPath(outputPath: string, cwd: string): string;
+/**
+ * Validate git branch name to prevent command injection
+ */
+export declare function validateBranchName(branchName: string): string;
+/**
+ * Sanitize error messages to prevent credential leakage
+ */
+export declare function sanitizeErrorMessage(error: unknown): string;
 //# sourceMappingURL=security.d.ts.map

package/dist/core/security.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../../src/core/security.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,qBAAa,aAAc,SAAQ,KAAK;gBACxB,OAAO,EAAE,MAAM;CAI9B;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAEtD;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAOxE;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM,CAUvE;AAED;;GAEG;AACH,wBAAsB,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAa1F;AAED;;GAEG;AACH,wBAAsB,YAAY,CAC9B,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,YAAY,GAAE,MAAoB,GACnC,OAAO,CAAC,MAAM,CAAC,CAmBjB;AAED;;GAEG;AACH,eAAO,MAAM,wBAAwB,UAUpC,CAAC;AAEF;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAoBzD;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,CAKrD"}
+{"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../../src/core/security.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,qBAAa,aAAc,SAAQ,KAAK;gBACxB,OAAO,EAAE,MAAM;CAI9B;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAEtD;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAOxE;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,MAAM,CAUvE;AAED;;;GAGG;AACH,wBAAsB,YAAY,CAC9B,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,EAChB,YAAY,GAAE,MAAoB,GACnC,OAAO,CAAC,MAAM,CAAC,CA2BjB;AAED;;GAEG;AACH,eAAO,MAAM,wBAAwB,UAUpC,CAAC;AAYF;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,GAAE,MAAM,EAAO,GAAG,OAAO,CAmB9E;AAED;;;GAGG;AACH,wBAAgB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,CAwBrD;AAED;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,UAAU,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,MAAM,CAoB1E;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,MAAM,CA0B7D;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,CAqB3D"}

package/dist/core/security.js

@@ -32,42 +32,34 @@ export function isWithinRepo(filePath, repoRoot) {
 export function validatePath(filePath, repoRoot) {
     const normalized = normalizePath(filePath);
     if (!isWithinRepo(normalized, repoRoot)) {
-        throw new SecurityError(`Access denied: "${filePath}" is outside the repository boundary`);
+        throw new SecurityError(`Access denied: Path is outside the repository boundary`);
     }
     return normalized;
 }
-/**
- * Check if path is a symlink pointing outside repo
- */
-export async function isSymlinkEscape(filePath, repoRoot) {
-    try {
-        const stats = await fs.promises.lstat(filePath);
-        if (stats.isSymbolicLink()) {
-            const realPath = await fs.promises.realpath(filePath);
-            return !isWithinRepo(realPath, repoRoot);
-        }
-        return false;
-    }
-    catch {
-        return false;
-    }
-}
 /**
  * Safe file read with security validation
+ * Resolves symlinks FIRST to prevent TOCTOU race conditions
  */
 export async function safeReadFile(filePath, repoRoot, maxSizeBytes = 1024 * 1024 // 1MB default
 ) {
-    const validated = validatePath(filePath, repoRoot);
-    // Check for symlink escape
-    if (await isSymlinkEscape(validated, repoRoot)) {
-        throw new SecurityError(`Access denied: "${filePath}" is a symlink pointing outside the repository`);
+    // First, resolve to real path (follows symlinks)
+    let realPath;
+    try {
+        realPath = await fs.promises.realpath(filePath);
+    }
+    catch (error) {
+        throw new SecurityError(`Cannot resolve path: File does not exist or is inaccessible`);
+    }
+    // Validate the REAL path is within repo (prevents symlink escape)
+    if (!isWithinRepo(realPath, repoRoot)) {
+        throw new SecurityError(`Access denied: Path resolves outside the repository boundary`);
     }
     // Check file size
-    const stats = await fs.promises.stat(validated);
+    const stats = await fs.promises.stat(realPath);
     if (stats.size > maxSizeBytes) {
-        throw new SecurityError(`File too large: "${filePath}" (${(stats.size / 1024 / 1024).toFixed(2)}MB > ${(maxSizeBytes / 1024 / 1024).toFixed(2)}MB limit)`);
+        throw new SecurityError(`File too large: ${(stats.size / 1024 / 1024).toFixed(2)}MB exceeds ${(maxSizeBytes / 1024 / 1024).toFixed(2)}MB limit`);
     }
-    return fs.promises.readFile(validated, 'utf-8');
+    return fs.promises.readFile(realPath, 'utf-8');
 }
 /**
  * Default patterns to always ignore (security sensitive)
@@ -84,35 +76,115 @@ export const SECURITY_IGNORE_PATTERNS = [
     '**/.ssh/**',
 ];
 /**
- * Validate that a command is safe to execute
+ * Allowed commands with their permitted subcommands
+ * This provides defense-in-depth against command injection
+ */
+const ALLOWED_COMMANDS = new Map([
+    ['git', new Set(['status', 'log', 'diff', 'branch', 'grep', 'show-current'])],
+    ['npm', new Set(['outdated', 'list', 'audit'])],
+    ['npx', new Set(['tsc', 'eslint'])], // Only specific trusted packages
+]);
+/**
+ * Validate that a command and its first argument are in the allowlist
  */
-export function isAllowedCommand(command) {
-    const allowedCommands = [
-        'git',
-        'npm',
-        'npx',
-        'node',
-        'tsc',
-        'eslint',
-        'prettier',
-        'cat',
-        'head',
-        'tail',
-        'wc',
-        'find',
-        'ls',
-        'dir',
-    ];
-    const baseCommand = command.trim().split(/\s+/)[0];
-    return allowedCommands.includes(baseCommand);
+export function isAllowedCommand(command, args = []) {
+    const baseCommand = command.trim().split(/\s+/)[0].toLowerCase();
+    // Check if command is in allowlist
+    const allowedSubcommands = ALLOWED_COMMANDS.get(baseCommand);
+    if (!allowedSubcommands) {
+        return false;
+    }
+    // For commands with subcommands, validate the first arg
+    if (args.length > 0 && allowedSubcommands.size > 0) {
+        const firstArg = args[0].replace(/^-+/, ''); // Remove leading dashes
+        // Allow if it's in the subcommand list OR if it starts with - (flags)
+        if (!args[0].startsWith('-') && !allowedSubcommands.has(args[0])) {
+            return false;
+        }
+    }
+    return true;
 }
 /**
- * Sanitize command arguments to prevent injection
+ * Comprehensive argument sanitization to prevent shell injection
+ * Strips ALL potentially dangerous characters for both Unix and Windows shells
  */
 export function sanitizeArgs(args) {
-    return args.map(arg => {
-        // Remove shell metacharacters
-        return arg.replace(/[;&|`$(){}[\]<>]/g, '');
+    // Dangerous characters for shell injection
+    const DANGEROUS_CHARS = /[;&|`$(){}[\]<>"'%^@#\r\n\t\\!?*~]/g;
+    // Additional validation patterns
+    const OPTION_INJECTION = /^-/; // Arguments starting with - could be interpreted as options
+    return args.map((arg, index) => {
+        // Remove all dangerous characters
+        let sanitized = arg.replace(DANGEROUS_CHARS, '');
+        // Prevent null byte injection
+        sanitized = sanitized.replace(/\0/g, '');
+        // Trim whitespace
+        sanitized = sanitized.trim();
+        // Prevent empty arguments after sanitization
+        if (sanitized.length === 0 && arg.length > 0) {
+            throw new SecurityError(`Argument ${index} contains only unsafe characters`);
+        }
+        return sanitized;
     });
 }
+/**
+ * Validate that an output path is safe to write to
+ * Must be within the working directory or a subdirectory
+ */
+export function validateOutputPath(outputPath, cwd) {
+    const resolved = path.resolve(cwd, outputPath);
+    const normalizedCwd = normalizePath(cwd);
+    if (!resolved.startsWith(normalizedCwd + path.sep) && resolved !== normalizedCwd) {
+        throw new SecurityError(`Output path must be within the current working directory`);
+    }
+    // Prevent writing to sensitive files
+    const basename = path.basename(resolved).toLowerCase();
+    const sensitiveNames = ['.env', '.gitignore', 'package.json', 'package-lock.json', '.npmrc'];
+    if (sensitiveNames.includes(basename)) {
+        throw new SecurityError(`Cannot write to sensitive file: ${basename}`);
+    }
+    return resolved;
+}
+/**
+ * Validate git branch name to prevent command injection
+ */
+export function validateBranchName(branchName) {
+    // Git branch naming rules: alphanumeric, dash, underscore, slash, dot
+    const SAFE_BRANCH_PATTERN = /^[a-zA-Z0-9][a-zA-Z0-9_.\-\/]*$/;
+    if (!SAFE_BRANCH_PATTERN.test(branchName)) {
+        throw new SecurityError(`Invalid branch name. Use only: letters, numbers, _, ., -, /`);
+    }
+    // Prevent option injection
+    if (branchName.startsWith('-')) {
+        throw new SecurityError(`Branch name cannot start with a hyphen`);
+    }
+    // Prevent path traversal
+    if (branchName.includes('..')) {
+        throw new SecurityError(`Branch name cannot contain '..'`);
+    }
+    // Max length check
+    if (branchName.length > 255) {
+        throw new SecurityError(`Branch name too long (max 255 characters)`);
+    }
+    return branchName;
+}
+/**
+ * Sanitize error messages to prevent credential leakage
+ */
+export function sanitizeErrorMessage(error) {
+    let message = 'Unknown error';
+    if (error instanceof Error) {
+        message = error.message;
+        // Remove potential API keys (30+ alphanumeric characters)
+        message = message.replace(/[A-Za-z0-9_-]{30,}/g, '[REDACTED]');
+        // Remove URL query parameters that might contain keys
+        message = message.replace(/[?&](key|token|api_key|apikey|secret)=[^&\s]*/gi, '?$1=[REDACTED]');
+        // Remove bearer tokens
+        message = message.replace(/Bearer\s+[A-Za-z0-9._-]+/gi, 'Bearer [REDACTED]');
+        // Remove file paths that might reveal system info
+        message = message.replace(/[A-Z]:\\[^\s:]+/gi, '[PATH]'); // Windows paths
+        message = message.replace(/\/home\/[^\s:]+/g, '[PATH]'); // Unix home paths
+    }
+    return message;
+}
 //# sourceMappingURL=security.js.map

package/dist/core/security.js.map

@@ -1 +1 @@
-{"version":3,"file":"security.js","sourceRoot":"","sources":["../../src/core/security.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,MAAM,IAAI,CAAC;AAEpB,MAAM,OAAO,aAAc,SAAQ,KAAK;IACpC,YAAY,OAAe;QACvB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,eAAe,CAAC;IAChC,CAAC;CACJ;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,QAAgB;IAC1C,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,QAAgB,EAAE,QAAgB;IAC3D,MAAM,cAAc,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAC/C,MAAM,cAAc,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAE/C,4CAA4C;IAC5C,OAAO,cAAc,CAAC,UAAU,CAAC,cAAc,GAAG,IAAI,CAAC,GAAG,CAAC;QACvD,cAAc,KAAK,cAAc,CAAC;AAC1C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,QAAgB,EAAE,QAAgB;IAC3D,MAAM,UAAU,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAE3C,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,QAAQ,CAAC,EAAE,CAAC;QACtC,MAAM,IAAI,aAAa,CACnB,mBAAmB,QAAQ,sCAAsC,CACpE,CAAC;IACN,CAAC;IAED,OAAO,UAAU,CAAC;AACtB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,QAAgB,EAAE,QAAgB;IACpE,IAAI,CAAC;QACD,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QAEhD,IAAI,KAAK,CAAC,cAAc,EAAE,EAAE,CAAC;YACzB,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACtD,OAAO,CAAC,YAAY,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC7C,CAAC;QAED,OAAO,KAAK,CAAC;IACjB,CAAC;IAAC,MAAM,CAAC;QACL,OAAO,KAAK,CAAC;IACjB,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAC9B,QAAgB,EAChB,QAAgB,EAChB,eAAuB,IAAI,GAAG,IAAI,CAAC,cAAc;;IAEjD,MAAM,SAAS,GAAG,YAAY,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IAEnD,2BAA2B;IAC3B,IAAI,MAAM,eAAe,CAAC,SAAS,EAAE,QAAQ,CAAC,EAAE,CAAC;QAC7C,MAAM,IAAI,aAAa,CACnB,mBAAmB,QAAQ,gDAAgD,CAC9E,CAAC;IACN,CAAC;IAED,kBAAkB;IAClB,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAChD,IAAI,KAAK,CAAC,IAAI,GAAG,YAAY,EAAE,CAAC;QAC5B,MAAM,IAAI,aAAa,CACnB,oBAAoB,QAAQ,MAAM,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,YAAY,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW,CACpI,CAAC;IACN,CAAC;IAED,OAAO,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;AACpD,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACpC,YAAY;IACZ,SAAS;IACT,WAAW;IACX,oBAAoB;IACpB,UAAU;IACV,UAAU;IACV,eAAe;IACf,YAAY;IACZ,YAAY;CACf,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAAe;IAC5C,MAAM,eAAe,GAAG;QACpB,KAAK;QACL,KAAK;QACL,KAAK;QACL,MAAM;QACN,KAAK;QACL,QAAQ;QACR,UAAU;QACV,KAAK;QACL,MAAM;QACN,MAAM;QACN,IAAI;QACJ,MAAM;QACN,IAAI;QACJ,KAAK;KACR,CAAC;IAEF,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACnD,OAAO,eAAe,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;AACjD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,IAAc;IACvC,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE;QAClB,8BAA8B;QAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,mBAAmB,EAAE,EAAE,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;AACP,CAAC"}
+{"version":3,"file":"security.js","sourceRoot":"","sources":["../../src/core/security.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,MAAM,IAAI,CAAC;AAEpB,MAAM,OAAO,aAAc,SAAQ,KAAK;IACpC,YAAY,OAAe;QACvB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,eAAe,CAAC;IAChC,CAAC;CACJ;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,QAAgB;IAC1C,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,QAAgB,EAAE,QAAgB;IAC3D,MAAM,cAAc,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAC/C,MAAM,cAAc,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAE/C,4CAA4C;IAC5C,OAAO,cAAc,CAAC,UAAU,CAAC,cAAc,GAAG,IAAI,CAAC,GAAG,CAAC;QACvD,cAAc,KAAK,cAAc,CAAC;AAC1C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,QAAgB,EAAE,QAAgB;IAC3D,MAAM,UAAU,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAE3C,IAAI,CAAC,YAAY,CAAC,UAAU,EAAE,QAAQ,CAAC,EAAE,CAAC;QACtC,MAAM,IAAI,aAAa,CACnB,wDAAwD,CAC3D,CAAC;IACN,CAAC;IAED,OAAO,UAAU,CAAC;AACtB,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAC9B,QAAgB,EAChB,QAAgB,EAChB,eAAuB,IAAI,GAAG,IAAI,CAAC,cAAc;;IAEjD,iDAAiD;IACjD,IAAI,QAAgB,CAAC;IACrB,IAAI,CAAC;QACD,QAAQ,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACpD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACb,MAAM,IAAI,aAAa,CACnB,6DAA6D,CAChE,CAAC;IACN,CAAC;IAED,kEAAkE;IAClE,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,QAAQ,CAAC,EAAE,CAAC;QACpC,MAAM,IAAI,aAAa,CACnB,8DAA8D,CACjE,CAAC;IACN,CAAC;IAED,kBAAkB;IAClB,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC/C,IAAI,KAAK,CAAC,IAAI,GAAG,YAAY,EAAE,CAAC;QAC5B,MAAM,IAAI,aAAa,CACnB,mBAAmB,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,cAAc,CAAC,YAAY,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,CAC1H,CAAC;IACN,CAAC;IAED,OAAO,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;AACnD,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACpC,YAAY;IACZ,SAAS;IACT,WAAW;IACX,oBAAoB;IACpB,UAAU;IACV,UAAU;IACV,eAAe;IACf,YAAY;IACZ,YAAY;CACf,CAAC;AAEF;;;GAGG;AACH,MAAM,gBAAgB,GAA6B,IAAI,GAAG,CAAC;IACvD,CAAC,KAAK,EAAE,IAAI,GAAG,CAAC,CAAC,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,cAAc,CAAC,CAAC,CAAC;IAC7E,CAAC,KAAK,EAAE,IAAI,GAAG,CAAC,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;IAC/C,CAAC,KAAK,EAAE,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,CAAC,EAAE,iCAAiC;CACzE,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAAe,EAAE,OAAiB,EAAE;IACjE,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;IAEjE,mCAAmC;IACnC,MAAM,kBAAkB,GAAG,gBAAgB,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IAC7D,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACtB,OAAO,KAAK,CAAC;IACjB,CAAC;IAED,wDAAwD;IACxD,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,IAAI,kBAAkB,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QACjD,MAAM,QAAQ,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC,wBAAwB;QACrE,sEAAsE;QACtE,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/D,OAAO,KAAK,CAAC;QACjB,CAAC;IACL,CAAC;IAED,OAAO,IAAI,CAAC;AAChB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,YAAY,CAAC,IAAc;IACvC,2CAA2C;IAC3C,MAAM,eAAe,GAAG,qCAAqC,CAAC;IAE9D,iCAAiC;IACjC,MAAM,gBAAgB,GAAG,IAAI,CAAC,CAAC,4DAA4D;IAE3F,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE;QAC3B,kCAAkC;QAClC,IAAI,SAAS,GAAG,GAAG,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC;QAEjD,8BAA8B;QAC9B,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAEzC,kBAAkB;QAClB,SAAS,GAAG,SAAS,CAAC,IAAI,EAAE,CAAC;QAE7B,6CAA6C;QAC7C,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3C,MAAM,IAAI,aAAa,CAAC,YAAY,KAAK,kCAAkC,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,SAAS,CAAC;IACrB,CAAC,CAAC,CAAC;AACP,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAAC,UAAkB,EAAE,GAAW;IAC9D,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;IAC/C,MAAM,aAAa,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;IAEzC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,QAAQ,KAAK,aAAa,EAAE,CAAC;QAC/E,MAAM,IAAI,aAAa,CACnB,0DAA0D,CAC7D,CAAC;IACN,CAAC;IAED,qCAAqC;IACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;IACvD,MAAM,cAAc,GAAG,CAAC,MAAM,EAAE,YAAY,EAAE,cAAc,EAAE,mBAAmB,EAAE,QAAQ,CAAC,CAAC;IAC7F,IAAI,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QACpC,MAAM,IAAI,aAAa,CACnB,mCAAmC,QAAQ,EAAE,CAChD,CAAC;IACN,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,UAAkB;IACjD,sEAAsE;IACtE,MAAM,mBAAmB,GAAG,iCAAiC,CAAC;IAE9D,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;QACxC,MAAM,IAAI,aAAa,CACnB,6DAA6D,CAChE,CAAC;IACN,CAAC;IAED,2BAA2B;IAC3B,IAAI,UAAU,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,aAAa,CAAC,wCAAwC,CAAC,CAAC;IACtE,CAAC;IAED,yBAAyB;IACzB,IAAI,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC5B,MAAM,IAAI,aAAa,CAAC,iCAAiC,CAAC,CAAC;IAC/D,CAAC;IAED,mBAAmB;IACnB,IAAI,UAAU,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QAC1B,MAAM,IAAI,aAAa,CAAC,2CAA2C,CAAC,CAAC;IACzE,CAAC;IAED,OAAO,UAAU,CAAC;AACtB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,KAAc;IAC/C,IAAI,OAAO,GAAG,eAAe,CAAC;IAE9B,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;QACzB,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC;QAExB,0DAA0D;QAC1D,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,qBAAqB,EAAE,YAAY,CAAC,CAAC;QAE/D,sDAAsD;QACtD,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,iDAAiD,EAAE,gBAAgB,CAAC,CAAC;QAE/F,uBAAuB;QACvB,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,4BAA4B,EAAE,mBAAmB,CAAC,CAAC;QAE7E,kDAAkD;QAClD,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,mBAAmB,EAAE,QAAQ,CAAC,CAAC,CAAC,gBAAgB;QAC1E,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,kBAAkB,EAAE,QAAQ,CAAC,CAAC,CAAC,kBAAkB;IAC/E,CAAC;IAED,OAAO,OAAO,CAAC;AACnB,CAAC"}

package/dist/utils/folder-tree.d.ts

@@ -0,0 +1,22 @@
+/**
+ * Folder Tree Generator - Creates visual folder structure
+ */
+export interface TreeOptions {
+    maxDepth?: number;
+    exclude?: string[];
+    includeFiles?: boolean;
+}
+/**
+ * Generate a text-based folder tree structure
+ */
+export declare function generateFolderTree(rootDir: string, options?: TreeOptions): Promise<string>;
+/**
+ * Get a summary of the folder structure
+ */
+export declare function getFolderSummary(rootDir: string): Promise<{
+    totalFiles: number;
+    totalDirs: number;
+    byExtension: Record<string, number>;
+    topLevelDirs: string[];
+}>;
+//# sourceMappingURL=folder-tree.d.ts.map

package/dist/utils/folder-tree.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"folder-tree.d.ts","sourceRoot":"","sources":["../../src/utils/folder-tree.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,MAAM,WAAW,WAAW;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,YAAY,CAAC,EAAE,OAAO,CAAC;CAC1B;AAOD;;GAEG;AACH,wBAAsB,kBAAkB,CACpC,OAAO,EAAE,MAAM,EACf,OAAO,GAAE,WAAgB,GAC1B,OAAO,CAAC,MAAM,CAAC,CAcjB;AAwED;;GAEG;AACH,wBAAsB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC;IAC7D,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACpC,YAAY,EAAE,MAAM,EAAE,CAAC;CAC1B,CAAC,CA+BD"}

package/dist/utils/folder-tree.js

@@ -0,0 +1,103 @@
+/**
+ * Folder Tree Generator - Creates visual folder structure
+ */
+import fs from 'fs';
+import path from 'path';
+const DEFAULT_EXCLUDE = [
+    'node_modules', '.git', '.next', 'dist', 'build',
+    '.cache', 'coverage', '.turbo', '.vercel'
+];
+/**
+ * Generate a text-based folder tree structure
+ */
+export async function generateFolderTree(rootDir, options = {}) {
+    const { maxDepth = 5, exclude = DEFAULT_EXCLUDE, includeFiles = true } = options;
+    const lines = [];
+    const rootName = path.basename(rootDir);
+    lines.push(`📁 ${rootName}/`);
+    await walkDir(rootDir, '', 0, maxDepth, exclude, includeFiles, lines);
+    return lines.join('\n');
+}
+async function walkDir(dir, prefix, depth, maxDepth, exclude, includeFiles, lines) {
+    if (depth >= maxDepth) {
+        lines.push(`${prefix}└── ...`);
+        return;
+    }
+    let entries;
+    try {
+        entries = await fs.promises.readdir(dir, { withFileTypes: true });
+    }
+    catch {
+        return;
+    }
+    // Filter and sort: directories first, then files
+    const filtered = entries.filter(e => !exclude.includes(e.name) && !e.name.startsWith('.'));
+    const dirs = filtered.filter(e => e.isDirectory()).sort((a, b) => a.name.localeCompare(b.name));
+    const files = includeFiles
+        ? filtered.filter(e => e.isFile()).sort((a, b) => a.name.localeCompare(b.name))
+        : [];
+    const items = [...dirs, ...files];
+    for (let i = 0; i < items.length; i++) {
+        const entry = items[i];
+        const isLast = i === items.length - 1;
+        const connector = isLast ? '└── ' : '├── ';
+        const icon = entry.isDirectory() ? '📁' : getFileIcon(entry.name);
+        lines.push(`${prefix}${connector}${icon} ${entry.name}${entry.isDirectory() ? '/' : ''}`);
+        if (entry.isDirectory()) {
+            const newPrefix = prefix + (isLast ? '    ' : '│   ');
+            await walkDir(path.join(dir, entry.name), newPrefix, depth + 1, maxDepth, exclude, includeFiles, lines);
+        }
+    }
+}
+function getFileIcon(filename) {
+    const ext = path.extname(filename).toLowerCase();
+    const icons = {
+        '.ts': '📘', '.tsx': '⚛️', '.js': '📙', '.jsx': '⚛️',
+        '.py': '🐍', '.vue': '💚', '.svelte': '🧡',
+        '.css': '🎨', '.scss': '🎨', '.sass': '🎨',
+        '.html': '📄', '.json': '📋', '.md': '📝',
+        '.yaml': '⚙️', '.yml': '⚙️', '.toml': '⚙️',
+        '.env': '🔐', '.lock': '🔒',
+        '.png': '🖼️', '.jpg': '🖼️', '.svg': '🖼️',
+        '.test.ts': '🧪', '.spec.ts': '🧪'
+    };
+    if (filename.includes('.test.') || filename.includes('.spec.'))
+        return '🧪';
+    return icons[ext] || '📄';
+}
+/**
+ * Get a summary of the folder structure
+ */
+export async function getFolderSummary(rootDir) {
+    const byExtension = {};
+    let totalFiles = 0;
+    let totalDirs = 0;
+    const topLevelDirs = [];
+    async function walk(dir, isTopLevel) {
+        let entries;
+        try {
+            entries = await fs.promises.readdir(dir, { withFileTypes: true });
+        }
+        catch {
+            return;
+        }
+        for (const entry of entries) {
+            if (DEFAULT_EXCLUDE.includes(entry.name) || entry.name.startsWith('.'))
+                continue;
+            if (entry.isDirectory()) {
+                totalDirs++;
+                if (isTopLevel)
+                    topLevelDirs.push(entry.name);
+                await walk(path.join(dir, entry.name), false);
+            }
+            else if (entry.isFile()) {
+                totalFiles++;
+                const ext = path.extname(entry.name).toLowerCase() || 'no-ext';
+                byExtension[ext] = (byExtension[ext] || 0) + 1;
+            }
+        }
+    }
+    await walk(rootDir, true);
+    return { totalFiles, totalDirs, byExtension, topLevelDirs };
+}
+//# sourceMappingURL=folder-tree.js.map

package/dist/utils/folder-tree.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"folder-tree.js","sourceRoot":"","sources":["../../src/utils/folder-tree.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AAQxB,MAAM,eAAe,GAAG;IACpB,cAAc,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO;IAChD,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS;CAC5C,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACpC,OAAe,EACf,UAAuB,EAAE;IAEzB,MAAM,EACF,QAAQ,GAAG,CAAC,EACZ,OAAO,GAAG,eAAe,EACzB,YAAY,GAAG,IAAI,EACtB,GAAG,OAAO,CAAC;IAEZ,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACxC,KAAK,CAAC,IAAI,CAAC,MAAM,QAAQ,GAAG,CAAC,CAAC;IAE9B,MAAM,OAAO,CAAC,OAAO,EAAE,EAAE,EAAE,CAAC,EAAE,QAAQ,EAAE,OAAO,EAAE,YAAY,EAAE,KAAK,CAAC,CAAC;IAEtE,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC5B,CAAC;AAED,KAAK,UAAU,OAAO,CAClB,GAAW,EACX,MAAc,EACd,KAAa,EACb,QAAgB,EAChB,OAAiB,EACjB,YAAqB,EACrB,KAAe;IAEf,IAAI,KAAK,IAAI,QAAQ,EAAE,CAAC;QACpB,KAAK,CAAC,IAAI,CAAC,GAAG,MAAM,SAAS,CAAC,CAAC;QAC/B,OAAO;IACX,CAAC;IAED,IAAI,OAAoB,CAAC;IACzB,IAAI,CAAC;QACD,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;IACtE,CAAC;IAAC,MAAM,CAAC;QACL,OAAO;IACX,CAAC;IAED,iDAAiD;IACjD,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;IAC3F,MAAM,IAAI,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IAChG,MAAM,KAAK,GAAG,YAAY;QACtB,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAC/E,CAAC,CAAC,EAAE,CAAC;IAET,MAAM,KAAK,GAAG,CAAC,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACvB,MAAM,MAAM,GAAG,CAAC,KAAK,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;QACtC,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;QAC3C,MAAM,IAAI,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAElE,KAAK,CAAC,IAAI,CAAC,GAAG,MAAM,GAAG,SAAS,GAAG,IAAI,IAAI,KAAK,CAAC,IAAI,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAE1F,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;YACtB,MAAM,SAAS,GAAG,MAAM,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;YACtD,MAAM,OAAO,CACT,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,EAC1B,SAAS,EACT,KAAK,GAAG,CAAC,EACT,QAAQ,EACR,OAAO,EACP,YAAY,EACZ,KAAK,CACR,CAAC;QACN,CAAC;IACL,CAAC;AACL,CAAC;AAED,SAAS,WAAW,CAAC,QAAgB;IACjC,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;IACjD,MAAM,KAAK,GAA2B;QAClC,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI;QACpD,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI;QAC1C,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI;QAC1C,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI;QACzC,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI;QAC1C,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI;QAC3B,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK;QAC3C,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI;KACrC,CAAC;IAEF,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IAC5E,OAAO,KAAK,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;AAC9B,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,OAAe;IAMlD,MAAM,WAAW,GAA2B,EAAE,CAAC;IAC/C,IAAI,UAAU,GAAG,CAAC,CAAC;IACnB,IAAI,SAAS,GAAG,CAAC,CAAC;IAClB,MAAM,YAAY,GAAa,EAAE,CAAC;IAElC,KAAK,UAAU,IAAI,CAAC,GAAW,EAAE,UAAmB;QAChD,IAAI,OAAoB,CAAC;QACzB,IAAI,CAAC;YACD,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;QACtE,CAAC;QAAC,MAAM,CAAC;YACL,OAAO;QACX,CAAC;QAED,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC1B,IAAI,eAAe,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;gBAAE,SAAS;YAEjF,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;gBACtB,SAAS,EAAE,CAAC;gBACZ,IAAI,UAAU;oBAAE,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC9C,MAAM,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,EAAE,KAAK,CAAC,CAAC;YAClD,CAAC;iBAAM,IAAI,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;gBACxB,UAAU,EAAE,CAAC;gBACb,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,IAAI,QAAQ,CAAC;gBAC/D,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YACnD,CAAC;QACL,CAAC;IACL,CAAC;IAED,MAAM,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAC1B,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,YAAY,EAAE,CAAC;AAChE,CAAC"}

package/dist/utils/package-analyzer.d.ts

@@ -0,0 +1,27 @@
+/**
+ * Package Analyzer - Check for outdated packages and compatibility issues
+ */
+export interface PackageInfo {
+    name: string;
+    current: string;
+    wanted: string;
+    latest: string;
+    isOutdated: boolean;
+    isMajorUpdate: boolean;
+}
+export interface PackageAnalysis {
+    total: number;
+    outdated: PackageInfo[];
+    majorUpdates: PackageInfo[];
+    devDependencies: string[];
+    dependencies: string[];
+}
+/**
+ * Analyze package.json for outdated packages
+ */
+export declare function analyzePackages(repoRoot: string, onProgress?: (message: string) => void): Promise<PackageAnalysis | null>;
+/**
+ * Format package analysis for report
+ */
+export declare function formatPackageReport(analysis: PackageAnalysis): string;
+//# sourceMappingURL=package-analyzer.d.ts.map

package/dist/utils/package-analyzer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"package-analyzer.d.ts","sourceRoot":"","sources":["../../src/utils/package-analyzer.ts"],"names":[],"mappings":"AAAA;;GAEG;AAMH,MAAM,WAAW,WAAW;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,OAAO,CAAC;IACpB,aAAa,EAAE,OAAO,CAAC;CAC1B;AAED,MAAM,WAAW,eAAe;IAC5B,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,WAAW,EAAE,CAAC;IACxB,YAAY,EAAE,WAAW,EAAE,CAAC;IAC5B,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,YAAY,EAAE,MAAM,EAAE,CAAC;CAC1B;AAED;;GAEG;AACH,wBAAsB,eAAe,CACjC,QAAQ,EAAE,MAAM,EAChB,UAAU,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,KAAK,IAAI,GACvC,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC,CA6DjC;AASD;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,eAAe,GAAG,MAAM,CA8BrE"}

package/dist/utils/package-analyzer.js

@@ -0,0 +1,102 @@
+/**
+ * Package Analyzer - Check for outdated packages and compatibility issues
+ */
+import { executeCommand } from '../core/executor.js';
+import fs from 'fs';
+import path from 'path';
+/**
+ * Analyze package.json for outdated packages
+ */
+export async function analyzePackages(repoRoot, onProgress) {
+    const pkgPath = path.join(repoRoot, 'package.json');
+    if (!fs.existsSync(pkgPath)) {
+        return null;
+    }
+    onProgress?.('🔍 Vanta is searching the internet for package updates...');
+    // Read package.json
+    let pkg;
+    try {
+        pkg = JSON.parse(fs.readFileSync(pkgPath, 'utf-8'));
+    }
+    catch {
+        return null;
+    }
+    const dependencies = Object.keys(pkg.dependencies || {});
+    const devDependencies = Object.keys(pkg.devDependencies || {});
+    // Run npm outdated
+    onProgress?.('🌐 Checking npm registry for latest versions...');
+    const result = await executeCommand('npm', ['outdated', '--json'], repoRoot, { timeout: 30000 });
+    const outdated = [];
+    const majorUpdates = [];
+    if (result.stdout) {
+        try {
+            const data = JSON.parse(result.stdout);
+            for (const [name, info] of Object.entries(data)) {
+                const pkgInfo = {
+                    name,
+                    current: info.current || 'N/A',
+                    wanted: info.wanted || 'N/A',
+                    latest: info.latest || 'N/A',
+                    isOutdated: info.current !== info.latest,
+                    isMajorUpdate: isMajorVersionDiff(info.current, info.latest)
+                };
+                if (pkgInfo.isOutdated) {
+                    outdated.push(pkgInfo);
+                    if (pkgInfo.isMajorUpdate) {
+                        majorUpdates.push(pkgInfo);
+                    }
+                }
+            }
+        }
+        catch {
+            // JSON parse error, npm outdated might have failed
+        }
+    }
+    onProgress?.(`✅ Package analysis complete (${outdated.length} updates available)`);
+    return {
+        total: dependencies.length + devDependencies.length,
+        outdated,
+        majorUpdates,
+        dependencies,
+        devDependencies
+    };
+}
+function isMajorVersionDiff(current, latest) {
+    if (!current || !latest)
+        return false;
+    const currentMajor = parseInt(current.replace(/[^0-9.]/g, '').split('.')[0], 10);
+    const latestMajor = parseInt(latest.replace(/[^0-9.]/g, '').split('.')[0], 10);
+    return latestMajor > currentMajor;
+}
+/**
+ * Format package analysis for report
+ */
+export function formatPackageReport(analysis) {
+    let report = `## 📦 Package Analysis\n\n`;
+    report += `- **Total Packages**: ${analysis.total}\n`;
+    report += `- **Dependencies**: ${analysis.dependencies.length}\n`;
+    report += `- **Dev Dependencies**: ${analysis.devDependencies.length}\n`;
+    report += `- **Outdated**: ${analysis.outdated.length}\n`;
+    report += `- **Major Updates Available**: ${analysis.majorUpdates.length}\n\n`;
+    if (analysis.majorUpdates.length > 0) {
+        report += `### ⚠️ Major Updates Available\n\n`;
+        report += `| Package | Current | Latest | Action |\n`;
+        report += `|---------|---------|--------|--------|\n`;
+        for (const pkg of analysis.majorUpdates) {
+            report += `| ${pkg.name} | ${pkg.current} | ${pkg.latest} | Review breaking changes |\n`;
+        }
+        report += `\n`;
+    }
+    if (analysis.outdated.length > 0 && analysis.outdated.length !== analysis.majorUpdates.length) {
+        report += `### 📌 Minor/Patch Updates\n\n`;
+        const minorUpdates = analysis.outdated.filter(p => !p.isMajorUpdate);
+        for (const pkg of minorUpdates.slice(0, 10)) {
+            report += `- **${pkg.name}**: ${pkg.current} → ${pkg.latest}\n`;
+        }
+        if (minorUpdates.length > 10) {
+            report += `- ... and ${minorUpdates.length - 10} more\n`;
+        }
+    }
+    return report;
+}
+//# sourceMappingURL=package-analyzer.js.map