vaspera 2.11.0 → 2.13.0

package/dist/persistence/json-fallback.js

@@ -0,0 +1,283 @@
+/**
+ * JSON File Fallback Storage
+ *
+ * Provides fallback storage when SQLite is unavailable.
+ * Uses atomic writes (temp file → rename) for data safety.
+ *
+ * @module persistence/json-fallback
+ */
+import { readFile, writeFile, rename, mkdir } from "fs/promises";
+import { existsSync } from "fs";
+import { join } from "path";
+import { randomUUID } from "crypto";
+import { tmpdir } from "os";
+import { logger } from "../logger.js";
+const FALLBACK_VERSION = 1;
+export class JsonFallbackStorage {
+    data;
+    filePath;
+    isDirty = false;
+    constructor(filePath, data) {
+        this.filePath = filePath;
+        this.data = data;
+    }
+    static async create(projectPath) {
+        const fallbackDir = join(projectPath, ".vaspera");
+        const filePath = join(fallbackDir, "findings-fallback.json");
+        await mkdir(fallbackDir, { recursive: true });
+        let data;
+        if (existsSync(filePath)) {
+            try {
+                const content = await readFile(filePath, "utf-8");
+                data = JSON.parse(content);
+                if (data.version !== FALLBACK_VERSION) {
+                    data = createEmptyData();
+                }
+            }
+            catch {
+                data = createEmptyData();
+            }
+        }
+        else {
+            data = createEmptyData();
+        }
+        logger.info("persistence.fallback.initialized", { path: filePath });
+        return new JsonFallbackStorage(filePath, data);
+    }
+    async save() {
+        if (!this.isDirty)
+            return;
+        this.data.lastUpdated = new Date().toISOString();
+        const tempPath = join(tmpdir(), `vaspera-fallback-${randomUUID()}.json`);
+        await writeFile(tempPath, JSON.stringify(this.data, null, 2), "utf-8");
+        await rename(tempPath, this.filePath);
+        this.isDirty = false;
+    }
+    findOrCreateProject(path) {
+        const existing = Object.values(this.data.projects).find((p) => p.path === path);
+        if (existing)
+            return existing;
+        const project = {
+            id: randomUUID(),
+            path,
+            name: path.split("/").pop() || path,
+            createdAt: new Date().toISOString(),
+        };
+        this.data.projects[project.id] = project;
+        this.isDirty = true;
+        return project;
+    }
+    findProjectByPath(path) {
+        return Object.values(this.data.projects).find((p) => p.path === path);
+    }
+    updateProjectLastScan(projectId) {
+        const project = this.data.projects[projectId];
+        if (project) {
+            project.lastScanAt = new Date().toISOString();
+            this.isDirty = true;
+        }
+    }
+    createFinding(finding) {
+        const now = new Date().toISOString();
+        const persisted = {
+            ...finding,
+            id: randomUUID(),
+            firstSeenAt: now,
+            lastSeenAt: now,
+            status: finding.status || "open",
+        };
+        this.data.findings[persisted.id] = persisted;
+        this.isDirty = true;
+        return persisted;
+    }
+    upsertFinding(finding) {
+        const existing = this.findBySignature(finding.projectId, finding.file, finding.line, finding.category, finding.scannerSource);
+        if (existing) {
+            existing.lastSeenAt = new Date().toISOString();
+            this.isDirty = true;
+            return { finding: existing, isNew: false };
+        }
+        const created = this.createFinding({ ...finding, status: "open" });
+        return { finding: created, isNew: true };
+    }
+    findBySignature(projectId, file, line, category, scannerSource) {
+        return Object.values(this.data.findings).find((f) => f.projectId === projectId &&
+            f.file === file &&
+            f.line === line &&
+            f.category === category &&
+            f.scannerSource === scannerSource &&
+            f.status !== "fixed");
+    }
+    findById(id) {
+        return this.data.findings[id];
+    }
+    findFindings(filter) {
+        let results = Object.values(this.data.findings);
+        if (filter.projectId) {
+            results = results.filter((f) => f.projectId === filter.projectId);
+        }
+        if (filter.certificationId) {
+            results = results.filter((f) => f.certificationId === filter.certificationId);
+        }
+        if (filter.severity) {
+            const severities = Array.isArray(filter.severity) ? filter.severity : [filter.severity];
+            results = results.filter((f) => severities.includes(f.severity));
+        }
+        if (filter.status) {
+            const statuses = Array.isArray(filter.status) ? filter.status : [filter.status];
+            results = results.filter((f) => statuses.includes(f.status));
+        }
+        if (filter.category) {
+            const categories = Array.isArray(filter.category) ? filter.category : [filter.category];
+            results = results.filter((f) => categories.includes(f.category));
+        }
+        if (filter.file) {
+            results = results.filter((f) => f.file.includes(filter.file));
+        }
+        if (filter.scannerSource) {
+            results = results.filter((f) => f.scannerSource === filter.scannerSource);
+        }
+        if (filter.sinceDate) {
+            results = results.filter((f) => f.firstSeenAt >= filter.sinceDate);
+        }
+        if (filter.untilDate) {
+            results = results.filter((f) => f.firstSeenAt <= filter.untilDate);
+        }
+        results.sort((a, b) => b.firstSeenAt.localeCompare(a.firstSeenAt));
+        if (filter.offset) {
+            results = results.slice(filter.offset);
+        }
+        if (filter.limit) {
+            results = results.slice(0, filter.limit);
+        }
+        return results;
+    }
+    updateFindingStatus(id, status, fixedBy) {
+        const finding = this.data.findings[id];
+        if (!finding)
+            return false;
+        finding.status = status;
+        if (status === "fixed") {
+            finding.fixedAt = new Date().toISOString();
+            if (fixedBy) {
+                finding.fixedBy = fixedBy;
+            }
+        }
+        this.isDirty = true;
+        return true;
+    }
+    markFixed(ids, fixedBy) {
+        let count = 0;
+        for (const id of ids) {
+            if (this.updateFindingStatus(id, "fixed", fixedBy)) {
+                count++;
+            }
+        }
+        return count;
+    }
+    markFalsePositive(id, reason) {
+        const finding = this.data.findings[id];
+        if (!finding)
+            return false;
+        finding.status = "false_positive";
+        finding.falsePositive = true;
+        finding.falsePositiveReason = reason;
+        this.isDirty = true;
+        return true;
+    }
+    getStats(projectId) {
+        const findings = Object.values(this.data.findings).filter((f) => f.projectId === projectId);
+        const openFindings = findings.filter((f) => f.status === "open");
+        const fixedFindings = findings.filter((f) => f.status === "fixed");
+        const falsePositives = findings.filter((f) => f.status === "false_positive");
+        const bySeverity = {
+            critical: 0,
+            high: 0,
+            medium: 0,
+            low: 0,
+            info: 0,
+        };
+        const byCategory = {};
+        const byScanner = {};
+        for (const f of openFindings) {
+            bySeverity[f.severity] = (bySeverity[f.severity] || 0) + 1;
+            byCategory[f.category] = (byCategory[f.category] || 0) + 1;
+        }
+        for (const f of findings) {
+            byScanner[f.scannerSource] = (byScanner[f.scannerSource] || 0) + 1;
+        }
+        let avgMttrHours;
+        const fixedWithTime = fixedFindings.filter((f) => f.fixedAt);
+        if (fixedWithTime.length > 0) {
+            const totalHours = fixedWithTime.reduce((sum, f) => {
+                const fixed = new Date(f.fixedAt).getTime();
+                const seen = new Date(f.firstSeenAt).getTime();
+                return sum + (fixed - seen) / (1000 * 60 * 60);
+            }, 0);
+            avgMttrHours = totalHours / fixedWithTime.length;
+        }
+        const scans = Object.values(this.data.scans).filter((s) => s.projectId === projectId);
+        const scanDates = scans.map((s) => s.startedAt).sort();
+        return {
+            projectId,
+            totalFindings: findings.length,
+            openFindings: openFindings.length,
+            fixedFindings: fixedFindings.length,
+            falsePositives: falsePositives.length,
+            bySeverity,
+            byCategory,
+            byScanner,
+            avgMttrHours,
+            firstScanAt: scanDates[0],
+            lastScanAt: scanDates[scanDates.length - 1],
+        };
+    }
+    createScan(projectId, certificationId) {
+        const scan = {
+            id: randomUUID(),
+            projectId,
+            certificationId,
+            startedAt: new Date().toISOString(),
+            status: "running",
+            totalFindings: 0,
+            newFindings: 0,
+            fixedFindings: 0,
+            bySeverity: { critical: 0, high: 0, medium: 0, low: 0, info: 0 },
+            byScanner: {},
+        };
+        this.data.scans[scan.id] = scan;
+        this.isDirty = true;
+        return scan;
+    }
+    completeScan(scanId, results) {
+        const scan = this.data.scans[scanId];
+        if (!scan)
+            return;
+        scan.completedAt = new Date().toISOString();
+        scan.status = "completed";
+        scan.totalFindings = results.totalFindings;
+        scan.newFindings = results.newFindings;
+        scan.fixedFindings = results.fixedFindings;
+        scan.bySeverity = results.bySeverity;
+        scan.byScanner = results.byScanner;
+        scan.duration = results.duration;
+        this.isDirty = true;
+    }
+    close() {
+        // Sync save on close
+        if (this.isDirty) {
+            const content = JSON.stringify(this.data, null, 2);
+            require("fs").writeFileSync(this.filePath, content, "utf-8");
+        }
+    }
+}
+function createEmptyData() {
+    return {
+        version: FALLBACK_VERSION,
+        projects: {},
+        findings: {},
+        scans: {},
+        lastUpdated: new Date().toISOString(),
+    };
+}
+//# sourceMappingURL=json-fallback.js.map

package/dist/persistence/json-fallback.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"json-fallback.js","sourceRoot":"","sources":["../../src/persistence/json-fallback.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,aAAa,CAAC;AACjE,OAAO,EAAE,UAAU,EAAE,MAAM,IAAI,CAAC;AAChC,OAAO,EAAE,IAAI,EAAW,MAAM,MAAM,CAAC;AACrC,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AACpC,OAAO,EAAE,MAAM,EAAE,MAAM,IAAI,CAAC;AAC5B,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAmBtC,MAAM,gBAAgB,GAAG,CAAC,CAAC;AAE3B,MAAM,OAAO,mBAAmB;IACtB,IAAI,CAAe;IACnB,QAAQ,CAAS;IACjB,OAAO,GAAG,KAAK,CAAC;IAExB,YAAoB,QAAgB,EAAE,IAAkB;QACtD,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,WAAmB;QACrC,MAAM,WAAW,GAAG,IAAI,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;QAClD,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,wBAAwB,CAAC,CAAC;QAE7D,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAE9C,IAAI,IAAkB,CAAC;QAEvB,IAAI,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YACzB,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;gBAClD,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;gBAC3B,IAAI,IAAI,CAAC,OAAO,KAAK,gBAAgB,EAAE,CAAC;oBACtC,IAAI,GAAG,eAAe,EAAE,CAAC;gBAC3B,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,IAAI,GAAG,eAAe,EAAE,CAAC;YAC3B,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,GAAG,eAAe,EAAE,CAAC;QAC3B,CAAC;QAED,MAAM,CAAC,IAAI,CAAC,kCAAkC,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;QACpE,OAAO,IAAI,mBAAmB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IACjD,CAAC;IAED,KAAK,CAAC,IAAI;QACR,IAAI,CAAC,IAAI,CAAC,OAAO;YAAE,OAAO;QAE1B,IAAI,CAAC,IAAI,CAAC,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAEjD,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,EAAE,EAAE,oBAAoB,UAAU,EAAE,OAAO,CAAC,CAAC;QACzE,MAAM,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;QACvE,MAAM,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;QAEtC,IAAI,CAAC,OAAO,GAAG,KAAK,CAAC;IACvB,CAAC;IAED,mBAAmB,CAAC,IAAY;QAC9B,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;QAChF,IAAI,QAAQ;YAAE,OAAO,QAAQ,CAAC;QAE9B,MAAM,OAAO,GAAY;YACvB,EAAE,EAAE,UAAU,EAAE;YAChB,IAAI;YACJ,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,IAAI;YACnC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,CAAC;QAEF,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC;QACzC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;QACpB,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,iBAAiB,CAAC,IAAY;QAC5B,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;IACxE,CAAC;IAED,qBAAqB,CAAC,SAAiB;QACrC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;QAC9C,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,CAAC,UAAU,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;YAC9C,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;QACtB,CAAC;IACH,CAAC;IAED,aAAa,CACX,OAAoE;QAEpE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,SAAS,GAAqB;YAClC,GAAG,OAAO;YACV,EAAE,EAAE,UAAU,EAAE;YAChB,WAAW,EAAE,GAAG;YAChB,UAAU,EAAE,GAAG;YACf,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,MAAM;SACjC,CAAC;QAEF,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC,GAAG,SAAS,CAAC;QAC7C,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;QACpB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,aAAa,CACX,OAA+E;QAE/E,MAAM,QAAQ,GAAG,IAAI,CAAC,eAAe,CACnC,OAAO,CAAC,SAAS,EACjB,OAAO,CAAC,IAAI,EACZ,OAAO,CAAC,IAAI,EACZ,OAAO,CAAC,QAAQ,EAChB,OAAO,CAAC,aAAa,CACtB,CAAC;QAEF,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,UAAU,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;YAC/C,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;YACpB,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;QAC7C,CAAC;QAED,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,EAAE,GAAG,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;QACnE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IAC3C,CAAC;IAED,eAAe,CACb,SAAiB,EACjB,IAAY,EACZ,IAAY,EACZ,QAAgB,EAChB,aAAqB;QAErB,OAAO,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,IAAI,CAC3C,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC,CAAC,SAAS,KAAK,SAAS;YACzB,CAAC,CAAC,IAAI,KAAK,IAAI;YACf,CAAC,CAAC,IAAI,KAAK,IAAI;YACf,CAAC,CAAC,QAAQ,KAAK,QAAQ;YACvB,CAAC,CAAC,aAAa,KAAK,aAAa;YACjC,CAAC,CAAC,MAAM,KAAK,OAAO,CACvB,CAAC;IACJ,CAAC;IAED,QAAQ,CAAC,EAAU;QACjB,OAAO,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IAChC,CAAC;IAED,YAAY,CAAC,MAAqB;QAChC,IAAI,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAEhD,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YACrB,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,MAAM,CAAC,SAAS,CAAC,CAAC;QACpE,CAAC;QAED,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;YAC3B,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,KAAK,MAAM,CAAC,eAAe,CAAC,CAAC;QAChF,CAAC;QAED,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACpB,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACxF,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;QACnE,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;YAClB,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;YAChF,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC;QAC/D,CAAC;QAED,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACpB,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YACxF,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;QACnE,CAAC;QAED,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;YAChB,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAK,CAAC,CAAC,CAAC;QACjE,CAAC;QAED,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;YACzB,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,KAAK,MAAM,CAAC,aAAa,CAAC,CAAC;QAC5E,CAAC;QAED,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YACrB,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,IAAI,MAAM,CAAC,SAAU,CAAC,CAAC;QACtE,CAAC;QAED,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YACrB,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,IAAI,MAAM,CAAC,SAAU,CAAC,CAAC;QACtE,CAAC;QAED,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC;QAEnE,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;YAClB,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACzC,CAAC;QAED,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YACjB,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC;QAC3C,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,mBAAmB,CAAC,EAAU,EAAE,MAAqB,EAAE,OAAgB;QACrE,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QACvC,IAAI,CAAC,OAAO;YAAE,OAAO,KAAK,CAAC;QAE3B,OAAO,CAAC,MAAM,GAAG,MAAM,CAAC;QACxB,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;YACvB,OAAO,CAAC,OAAO,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;YAC3C,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC;YAC5B,CAAC;QACH,CAAC;QAED,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;QACpB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,SAAS,CAAC,GAAa,EAAE,OAAgB;QACvC,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE,CAAC;YACrB,IAAI,IAAI,CAAC,mBAAmB,CAAC,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,EAAE,CAAC;gBACnD,KAAK,EAAE,CAAC;YACV,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,iBAAiB,CAAC,EAAU,EAAE,MAAe;QAC3C,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QACvC,IAAI,CAAC,OAAO;YAAE,OAAO,KAAK,CAAC;QAE3B,OAAO,CAAC,MAAM,GAAG,gBAAgB,CAAC;QAClC,OAAO,CAAC,aAAa,GAAG,IAAI,CAAC;QAC7B,OAAO,CAAC,mBAAmB,GAAG,MAAM,CAAC;QACrC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;QACpB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,QAAQ,CAAC,SAAiB;QACxB,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,MAAM,CACvD,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,CACjC,CAAC;QAEF,MAAM,YAAY,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC;QACjE,MAAM,aAAa,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,OAAO,CAAC,CAAC;QACnE,MAAM,cAAc,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,gBAAgB,CAAC,CAAC;QAE7E,MAAM,UAAU,GAA6B;YAC3C,QAAQ,EAAE,CAAC;YACX,IAAI,EAAE,CAAC;YACP,MAAM,EAAE,CAAC;YACT,GAAG,EAAE,CAAC;YACN,IAAI,EAAE,CAAC;SACR,CAAC;QACF,MAAM,UAAU,GAA2B,EAAE,CAAC;QAC9C,MAAM,SAAS,GAA2B,EAAE,CAAC;QAE7C,KAAK,MAAM,CAAC,IAAI,YAAY,EAAE,CAAC;YAC7B,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YAC3D,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QAC7D,CAAC;QAED,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QACrE,CAAC;QAED,IAAI,YAAgC,CAAC;QACrC,MAAM,aAAa,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAC7D,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC7B,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE;gBACjD,MAAM,KAAK,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,OAAQ,CAAC,CAAC,OAAO,EAAE,CAAC;gBAC7C,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,OAAO,EAAE,CAAC;gBAC/C,OAAO,GAAG,GAAG,CAAC,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;YACjD,CAAC,EAAE,CAAC,CAAC,CAAC;YACN,YAAY,GAAG,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC;QACnD,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CACjD,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,SAAS,CACjC,CAAC;QACF,MAAM,SAAS,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,IAAI,EAAE,CAAC;QAEvD,OAAO;YACL,SAAS;YACT,aAAa,EAAE,QAAQ,CAAC,MAAM;YAC9B,YAAY,EAAE,YAAY,CAAC,MAAM;YACjC,aAAa,EAAE,aAAa,CAAC,MAAM;YACnC,cAAc,EAAE,cAAc,CAAC,MAAM;YACrC,UAAU;YACV,UAAU;YACV,SAAS;YACT,YAAY;YACZ,WAAW,EAAE,SAAS,CAAC,CAAC,CAAC;YACzB,UAAU,EAAE,SAAS,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC;SAC5C,CAAC;IACJ,CAAC;IAED,UAAU,CAAC,SAAiB,EAAE,eAAwB;QACpD,MAAM,IAAI,GAAS;YACjB,EAAE,EAAE,UAAU,EAAE;YAChB,SAAS;YACT,eAAe;YACf,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,MAAM,EAAE,SAAS;YACjB,aAAa,EAAE,CAAC;YAChB,WAAW,EAAE,CAAC;YACd,aAAa,EAAE,CAAC;YAChB,UAAU,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE;YAChE,SAAS,EAAE,EAAE;SACd,CAAC;QAEF,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC;QAChC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;QACpB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,YAAY,CACV,MAAc,EACd,OAOC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACrC,IAAI,CAAC,IAAI;YAAE,OAAO;QAElB,IAAI,CAAC,WAAW,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAC5C,IAAI,CAAC,MAAM,GAAG,WAAW,CAAC;QAC1B,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;QAC3C,IAAI,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC;QACvC,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,CAAC;QAC3C,IAAI,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;QACrC,IAAI,CAAC,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC;QACnC,IAAI,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;QAEjC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC;IACtB,CAAC;IAED,KAAK;QACH,qBAAqB;QACrB,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;YACnD,OAAO,CAAC,IAAI,CAAC,CAAC,aAAa,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC,CAAC;QAC/D,CAAC;IACH,CAAC;CACF;AAED,SAAS,eAAe;IACtB,OAAO;QACL,OAAO,EAAE,gBAAgB;QACzB,QAAQ,EAAE,EAAE;QACZ,QAAQ,EAAE,EAAE;QACZ,KAAK,EAAE,EAAE;QACT,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACtC,CAAC;AACJ,CAAC"}

package/dist/persistence/migrations/index.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Database Migrations
+ *
+ * Schema migrations for the SQLite database.
+ *
+ * @module persistence/migrations
+ */
+import type { Migration } from "../types.js";
+export declare const MIGRATIONS: Migration[];
+//# sourceMappingURL=index.d.ts.map

package/dist/persistence/migrations/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/persistence/migrations/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAE7C,eAAO,MAAM,UAAU,EAAE,SAAS,EAoHjC,CAAC"}

package/dist/persistence/migrations/index.js

@@ -0,0 +1,125 @@
+/**
+ * Database Migrations
+ *
+ * Schema migrations for the SQLite database.
+ *
+ * @module persistence/migrations
+ */
+export const MIGRATIONS = [
+    {
+        version: 1,
+        name: "initial_schema",
+        up: `
+      -- Projects table
+      CREATE TABLE IF NOT EXISTS projects (
+        id TEXT PRIMARY KEY,
+        path TEXT UNIQUE NOT NULL,
+        name TEXT NOT NULL,
+        created_at TEXT NOT NULL DEFAULT (datetime('now')),
+        last_scan_at TEXT,
+        metadata TEXT
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_projects_path ON projects(path);
+
+      -- Findings table
+      CREATE TABLE IF NOT EXISTS findings (
+        id TEXT PRIMARY KEY,
+        project_id TEXT NOT NULL REFERENCES projects(id) ON DELETE CASCADE,
+        certification_id TEXT,
+        severity TEXT NOT NULL CHECK (severity IN ('critical', 'high', 'medium', 'low', 'info')),
+        category TEXT NOT NULL,
+        file TEXT NOT NULL,
+        line INTEGER NOT NULL,
+        column_num INTEGER,
+        description TEXT NOT NULL,
+        scanner_source TEXT NOT NULL,
+        rule_id TEXT,
+        status TEXT NOT NULL DEFAULT 'open' CHECK (status IN ('open', 'fixed', 'wontfix', 'false_positive', 'in_progress')),
+        confidence INTEGER NOT NULL DEFAULT 100,
+        cwe_ids TEXT,
+        first_seen_at TEXT NOT NULL DEFAULT (datetime('now')),
+        last_seen_at TEXT NOT NULL DEFAULT (datetime('now')),
+        fixed_at TEXT,
+        fixed_by TEXT,
+        false_positive INTEGER DEFAULT 0,
+        false_positive_reason TEXT,
+        metadata TEXT
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_findings_project ON findings(project_id);
+      CREATE INDEX IF NOT EXISTS idx_findings_severity ON findings(severity);
+      CREATE INDEX IF NOT EXISTS idx_findings_status ON findings(status);
+      CREATE INDEX IF NOT EXISTS idx_findings_category ON findings(category);
+      CREATE INDEX IF NOT EXISTS idx_findings_file ON findings(file);
+      CREATE INDEX IF NOT EXISTS idx_findings_first_seen ON findings(first_seen_at);
+
+      -- Scans table
+      CREATE TABLE IF NOT EXISTS scans (
+        id TEXT PRIMARY KEY,
+        project_id TEXT NOT NULL REFERENCES projects(id) ON DELETE CASCADE,
+        certification_id TEXT,
+        started_at TEXT NOT NULL DEFAULT (datetime('now')),
+        completed_at TEXT,
+        status TEXT NOT NULL DEFAULT 'running' CHECK (status IN ('running', 'completed', 'failed', 'cancelled')),
+        total_findings INTEGER DEFAULT 0,
+        new_findings INTEGER DEFAULT 0,
+        fixed_findings INTEGER DEFAULT 0,
+        by_severity TEXT,
+        by_scanner TEXT,
+        duration INTEGER,
+        error TEXT,
+        metadata TEXT
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_scans_project ON scans(project_id);
+      CREATE INDEX IF NOT EXISTS idx_scans_started ON scans(started_at);
+      CREATE INDEX IF NOT EXISTS idx_scans_status ON scans(status);
+
+      -- Trends table (pre-aggregated for performance)
+      CREATE TABLE IF NOT EXISTS trends (
+        id INTEGER PRIMARY KEY AUTOINCREMENT,
+        project_id TEXT NOT NULL REFERENCES projects(id) ON DELETE CASCADE,
+        period TEXT NOT NULL CHECK (period IN ('day', 'week', 'month')),
+        period_start TEXT NOT NULL,
+        period_end TEXT NOT NULL,
+        findings_new INTEGER DEFAULT 0,
+        findings_fixed INTEGER DEFAULT 0,
+        findings_open INTEGER DEFAULT 0,
+        mttr_hours REAL,
+        by_severity TEXT,
+        UNIQUE(project_id, period, period_start)
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_trends_project_period ON trends(project_id, period, period_start);
+    `,
+        down: `
+      DROP TABLE IF EXISTS trends;
+      DROP TABLE IF EXISTS scans;
+      DROP TABLE IF EXISTS findings;
+      DROP TABLE IF EXISTS projects;
+    `,
+    },
+    {
+        version: 2,
+        name: "add_fix_history",
+        up: `
+      -- Fix history for tracking individual fixes
+      CREATE TABLE IF NOT EXISTS fix_history (
+        id INTEGER PRIMARY KEY AUTOINCREMENT,
+        finding_id TEXT NOT NULL REFERENCES findings(id) ON DELETE CASCADE,
+        action TEXT NOT NULL CHECK (action IN ('fixed', 'reopened', 'marked_false_positive', 'unmarked_false_positive')),
+        performed_at TEXT NOT NULL DEFAULT (datetime('now')),
+        performed_by TEXT,
+        notes TEXT
+      );
+
+      CREATE INDEX IF NOT EXISTS idx_fix_history_finding ON fix_history(finding_id);
+      CREATE INDEX IF NOT EXISTS idx_fix_history_performed ON fix_history(performed_at);
+    `,
+        down: `
+      DROP TABLE IF EXISTS fix_history;
+    `,
+    },
+];
+//# sourceMappingURL=index.js.map

package/dist/persistence/migrations/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/persistence/migrations/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,MAAM,CAAC,MAAM,UAAU,GAAgB;IACrC;QACE,OAAO,EAAE,CAAC;QACV,IAAI,EAAE,gBAAgB;QACtB,EAAE,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;KAmFH;QACD,IAAI,EAAE;;;;;KAKL;KACF;IACD;QACE,OAAO,EAAE,CAAC;QACV,IAAI,EAAE,iBAAiB;QACvB,EAAE,EAAE;;;;;;;;;;;;;KAaH;QACD,IAAI,EAAE;;KAEL;KACF;CACF,CAAC"}

package/dist/persistence/repositories/findings.d.ts

@@ -0,0 +1,41 @@
+/**
+ * Findings Repository
+ *
+ * CRUD operations for security findings with status tracking.
+ *
+ * @module persistence/repositories/findings
+ */
+import type Database from "better-sqlite3";
+import type { PersistedFinding, FindingStatus, ProjectStats } from "../types.js";
+import type { Severity } from "../../certification/types.js";
+export interface FindingFilter {
+    projectId?: string;
+    certificationId?: string;
+    severity?: Severity | Severity[];
+    status?: FindingStatus | FindingStatus[];
+    category?: string | string[];
+    file?: string;
+    scannerSource?: string;
+    sinceDate?: string;
+    untilDate?: string;
+    limit?: number;
+    offset?: number;
+}
+export declare class FindingsRepository {
+    private db;
+    constructor(db: Database.Database);
+    create(finding: Omit<PersistedFinding, "id" | "firstSeenAt" | "lastSeenAt">): PersistedFinding;
+    upsertFromScan(finding: Omit<PersistedFinding, "id" | "firstSeenAt" | "lastSeenAt" | "status">): {
+        finding: PersistedFinding;
+        isNew: boolean;
+    };
+    findById(id: string): PersistedFinding | undefined;
+    findBySignature(projectId: string, file: string, line: number, category: string, scannerSource: string): PersistedFinding | undefined;
+    find(filter: FindingFilter): PersistedFinding[];
+    updateStatus(id: string, status: FindingStatus, fixedBy?: string): boolean;
+    markFixed(ids: string[], fixedBy?: string): number;
+    markFalsePositive(id: string, reason?: string): boolean;
+    getStats(projectId: string): ProjectStats;
+    private mapRow;
+}
+//# sourceMappingURL=findings.d.ts.map

package/dist/persistence/repositories/findings.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"findings.d.ts","sourceRoot":"","sources":["../../../src/persistence/repositories/findings.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAC3C,OAAO,KAAK,EAAE,gBAAgB,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AACjF,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,8BAA8B,CAAC;AAG7D,MAAM,WAAW,aAAa;IAC5B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,EAAE,QAAQ,GAAG,QAAQ,EAAE,CAAC;IACjC,MAAM,CAAC,EAAE,aAAa,GAAG,aAAa,EAAE,CAAC;IACzC,QAAQ,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC7B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,qBAAa,kBAAkB;IACjB,OAAO,CAAC,EAAE;gBAAF,EAAE,EAAE,QAAQ,CAAC,QAAQ;IAEzC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,gBAAgB,EAAE,IAAI,GAAG,aAAa,GAAG,YAAY,CAAC,GAAG,gBAAgB;IAyC9F,cAAc,CACZ,OAAO,EAAE,IAAI,CAAC,gBAAgB,EAAE,IAAI,GAAG,aAAa,GAAG,YAAY,GAAG,QAAQ,CAAC,GAC9E;QAAE,OAAO,EAAE,gBAAgB,CAAC;QAAC,KAAK,EAAE,OAAO,CAAA;KAAE;IAwBhD,QAAQ,CAAC,EAAE,EAAE,MAAM,GAAG,gBAAgB,GAAG,SAAS;IAQlD,eAAe,CACb,SAAS,EAAE,MAAM,EACjB,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,MAAM,GACpB,gBAAgB,GAAG,SAAS;IAY/B,IAAI,CAAC,MAAM,EAAE,aAAa,GAAG,gBAAgB,EAAE;IAoE/C,YAAY,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO;IA8B1E,SAAS,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM;IAYlD,iBAAiB,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,MAAM,GAAG,OAAO;IAqBvD,QAAQ,CAAC,SAAS,EAAE,MAAM,GAAG,YAAY;IA+EzC,OAAO,CAAC,MAAM;CAyBf"}