vaspera 2.5.0

package/dist/certification/summary.js

@@ -0,0 +1,296 @@
+/**
+ * Progressive Summary Tool
+ *
+ * Provides grouped and filtered views of certification findings
+ * to make large result sets more actionable.
+ *
+ * @module certification/summary
+ */
+/**
+ * Effort estimates per severity (in hours)
+ */
+const EFFORT_PER_SEVERITY = {
+    critical: 2,
+    high: 1,
+    medium: 0.5,
+    low: 0.25,
+    info: 0,
+};
+/**
+ * Generate a comprehensive summary of certification findings
+ */
+export function generateSummary(certification) {
+    const allFindings = [];
+    // Collect all findings
+    for (const [agent, agentData] of Object.entries(certification.agents)) {
+        if (agentData) {
+            for (const finding of agentData.findings) {
+                allFindings.push({ agent: agent, finding });
+            }
+        }
+    }
+    // Group by severity
+    const bySeverity = groupBySeverity(allFindings);
+    // Group by agent
+    const byAgent = groupByAgent(allFindings, certification);
+    // Group by file
+    const byFile = groupByFile(allFindings);
+    // Group by category
+    const byCategory = groupByCategory(allFindings);
+    // Calculate effort
+    const estimatedEffort = calculateEffort(allFindings);
+    // Get top priority findings (critical + high)
+    const topPriority = allFindings
+        .filter((f) => f.finding.severity === "critical" || f.finding.severity === "high")
+        .sort((a, b) => {
+        const severityOrder = {
+            critical: 0,
+            high: 1,
+            medium: 2,
+            low: 3,
+            info: 4,
+        };
+        return (severityOrder[a.finding.severity] - severityOrder[b.finding.severity] ||
+            b.finding.confidence - a.finding.confidence);
+    })
+        .slice(0, 10)
+        .map((f) => f.finding);
+    return {
+        totalFindings: allFindings.length,
+        bySeverity,
+        byAgent,
+        byFile,
+        byCategory,
+        estimatedEffort,
+        topPriority,
+    };
+}
+function groupBySeverity(findings) {
+    const result = {
+        critical: { count: 0, files: 0, findings: [], estimatedHours: "0" },
+        high: { count: 0, files: 0, findings: [], estimatedHours: "0" },
+        medium: { count: 0, files: 0, findings: [], estimatedHours: "0" },
+        low: { count: 0, files: 0, findings: [], estimatedHours: "0" },
+        info: { count: 0, files: 0, findings: [], estimatedHours: "0" },
+    };
+    const filesBySeverity = {
+        critical: new Set(),
+        high: new Set(),
+        medium: new Set(),
+        low: new Set(),
+        info: new Set(),
+    };
+    for (const { finding } of findings) {
+        result[finding.severity].count++;
+        result[finding.severity].findings.push(finding.id);
+        if (finding.file) {
+            filesBySeverity[finding.severity].add(finding.file);
+        }
+    }
+    for (const severity of Object.keys(result)) {
+        result[severity].files = filesBySeverity[severity].size;
+        const hours = result[severity].count * EFFORT_PER_SEVERITY[severity];
+        result[severity].estimatedHours = formatHours(hours);
+    }
+    return result;
+}
+function groupByAgent(findings, certification) {
+    const result = {};
+    const byAgent = new Map();
+    for (const { agent, finding } of findings) {
+        if (!byAgent.has(agent))
+            byAgent.set(agent, []);
+        byAgent.get(agent).push(finding);
+    }
+    for (const [agent, agentFindings] of byAgent) {
+        result[agent] = {
+            count: agentFindings.length,
+            score: certification.consensus?.agent_scores[agent] ?? 0,
+            confidence: certification.consensus?.agent_confidences[agent] ?? 0,
+            topFindings: agentFindings
+                .sort((a, b) => {
+                const severityOrder = {
+                    critical: 0,
+                    high: 1,
+                    medium: 2,
+                    low: 3,
+                    info: 4,
+                };
+                return severityOrder[a.severity] - severityOrder[b.severity];
+            })
+                .slice(0, 5)
+                .map((f) => f.id),
+        };
+    }
+    return result;
+}
+function groupByFile(findings) {
+    const byFile = new Map();
+    for (const { finding } of findings) {
+        const file = finding.file || "(no file)";
+        if (!byFile.has(file)) {
+            byFile.set(file, {
+                severities: { critical: 0, high: 0, medium: 0, low: 0, info: 0 },
+                findings: [],
+            });
+        }
+        byFile.get(file).severities[finding.severity]++;
+        byFile.get(file).findings.push(finding.id);
+    }
+    return Array.from(byFile.entries())
+        .map(([file, data]) => ({
+        file,
+        issueCount: data.findings.length,
+        severities: data.severities,
+        findings: data.findings,
+    }))
+        .sort((a, b) => {
+        // Sort by critical count, then high, then total
+        const critDiff = b.severities.critical - a.severities.critical;
+        if (critDiff !== 0)
+            return critDiff;
+        const highDiff = b.severities.high - a.severities.high;
+        if (highDiff !== 0)
+            return highDiff;
+        return b.issueCount - a.issueCount;
+    })
+        .slice(0, 20);
+}
+function groupByCategory(findings) {
+    const byCategory = new Map();
+    for (const { finding } of findings) {
+        const category = finding.category || "uncategorized";
+        if (!byCategory.has(category)) {
+            byCategory.set(category, { findings: [] });
+        }
+        byCategory.get(category).findings.push(finding);
+    }
+    return Array.from(byCategory.entries())
+        .map(([category, data]) => {
+        // Determine highest severity in category
+        const severityOrder = {
+            critical: 0,
+            high: 1,
+            medium: 2,
+            low: 3,
+            info: 4,
+        };
+        const highestSeverity = data.findings.reduce((highest, f) => severityOrder[f.severity] < severityOrder[highest] ? f.severity : highest, "info");
+        return {
+            category,
+            count: data.findings.length,
+            severity: highestSeverity,
+            findings: data.findings.map((f) => f.id),
+        };
+    })
+        .sort((a, b) => {
+        const severityOrder = {
+            critical: 0,
+            high: 1,
+            medium: 2,
+            low: 3,
+            info: 4,
+        };
+        return severityOrder[a.severity] - severityOrder[b.severity] || b.count - a.count;
+    });
+}
+function calculateEffort(findings) {
+    const hours = {
+        critical: 0,
+        high: 0,
+        medium: 0,
+        low: 0,
+        info: 0,
+    };
+    for (const { finding } of findings) {
+        hours[finding.severity] += EFFORT_PER_SEVERITY[finding.severity];
+    }
+    const total = Object.values(hours).reduce((sum, h) => sum + h, 0);
+    return {
+        totalHours: formatHours(total),
+        critical: formatHours(hours.critical),
+        high: formatHours(hours.high),
+        medium: formatHours(hours.medium),
+        low: formatHours(hours.low),
+    };
+}
+function formatHours(hours) {
+    if (hours === 0)
+        return "0 hours";
+    if (hours < 1)
+        return `${Math.round(hours * 60)} minutes`;
+    if (hours === 1)
+        return "1 hour";
+    if (hours < 8)
+        return `${hours.toFixed(1)} hours`;
+    const days = hours / 8;
+    if (days < 5)
+        return `${days.toFixed(1)} days`;
+    return `${Math.round(days / 5)} weeks`;
+}
+/**
+ * Filter findings by various criteria
+ */
+export function filterFindings(certification, options) {
+    const results = [];
+    for (const [agent, agentData] of Object.entries(certification.agents)) {
+        if (options.agents && !options.agents.includes(agent)) {
+            continue;
+        }
+        if (agentData) {
+            for (const finding of agentData.findings) {
+                // Filter by severity
+                if (options.severity && !options.severity.includes(finding.severity)) {
+                    continue;
+                }
+                // Filter by category
+                if (options.categories && !options.categories.includes(finding.category)) {
+                    continue;
+                }
+                // Filter by file
+                if (options.files && finding.file && !options.files.some((f) => finding.file.includes(f))) {
+                    continue;
+                }
+                // Filter by confidence
+                if (options.minConfidence && finding.confidence < options.minConfidence) {
+                    continue;
+                }
+                // Filter by instances
+                if (options.hasInstances && (!finding.instances || finding.instances.length === 0)) {
+                    continue;
+                }
+                results.push(finding);
+            }
+        }
+    }
+    return results;
+}
+/**
+ * Get actionable next steps based on findings
+ */
+export function getActionItems(certification) {
+    const summary = generateSummary(certification);
+    const actions = [];
+    if (summary.bySeverity.critical.count > 0) {
+        actions.push(`🚨 Fix ${summary.bySeverity.critical.count} critical issues immediately (${summary.bySeverity.critical.estimatedHours})`);
+    }
+    if (summary.bySeverity.high.count > 0) {
+        actions.push(`⚠️ Address ${summary.bySeverity.high.count} high-priority issues (${summary.bySeverity.high.estimatedHours})`);
+    }
+    // Top files needing attention
+    const topFiles = summary.byFile.slice(0, 3);
+    if (topFiles.length > 0) {
+        actions.push(`📁 Focus on these files first: ${topFiles.map((f) => `${f.file} (${f.issueCount} issues)`).join(", ")}`);
+    }
+    // Agent recommendations
+    for (const [agent, data] of Object.entries(summary.byAgent)) {
+        if (data.score < 70) {
+            actions.push(`🔧 ${agent}: Score ${data.score}/100 - needs attention`);
+        }
+    }
+    if (actions.length === 0) {
+        actions.push("✅ No critical actions required");
+    }
+    return actions;
+}
+//# sourceMappingURL=summary.js.map

package/dist/certification/summary.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"summary.js","sourceRoot":"","sources":["../../src/certification/summary.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAqDH;;GAEG;AACH,MAAM,mBAAmB,GAA6B;IACpD,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,GAAG;IACX,GAAG,EAAE,IAAI;IACT,IAAI,EAAE,CAAC;CACR,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,aAA4B;IAC1D,MAAM,WAAW,GAAkD,EAAE,CAAC;IAEtE,uBAAuB;IACvB,KAAK,MAAM,CAAC,KAAK,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC;QACtE,IAAI,SAAS,EAAE,CAAC;YACd,KAAK,MAAM,OAAO,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;gBACzC,WAAW,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAkB,EAAE,OAAO,EAAE,CAAC,CAAC;YAC3D,CAAC;QACH,CAAC;IACH,CAAC;IAED,oBAAoB;IACpB,MAAM,UAAU,GAAG,eAAe,CAAC,WAAW,CAAC,CAAC;IAEhD,iBAAiB;IACjB,MAAM,OAAO,GAAG,YAAY,CAAC,WAAW,EAAE,aAAa,CAAC,CAAC;IAEzD,gBAAgB;IAChB,MAAM,MAAM,GAAG,WAAW,CAAC,WAAW,CAAC,CAAC;IAExC,oBAAoB;IACpB,MAAM,UAAU,GAAG,eAAe,CAAC,WAAW,CAAC,CAAC;IAEhD,mBAAmB;IACnB,MAAM,eAAe,GAAG,eAAe,CAAC,WAAW,CAAC,CAAC;IAErD,8CAA8C;IAC9C,MAAM,WAAW,GAAG,WAAW;SAC5B,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,KAAK,MAAM,CAAC;SACjF,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACb,MAAM,aAAa,GAA6B;YAC9C,QAAQ,EAAE,CAAC;YACX,IAAI,EAAE,CAAC;YACP,MAAM,EAAE,CAAC;YACT,GAAG,EAAE,CAAC;YACN,IAAI,EAAE,CAAC;SACR,CAAC;QACF,OAAO,CACL,aAAa,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;YACrE,CAAC,CAAC,OAAO,CAAC,UAAU,GAAG,CAAC,CAAC,OAAO,CAAC,UAAU,CAC5C,CAAC;IACJ,CAAC,CAAC;SACD,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;SACZ,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;IAEzB,OAAO;QACL,aAAa,EAAE,WAAW,CAAC,MAAM;QACjC,UAAU;QACV,OAAO;QACP,MAAM;QACN,UAAU;QACV,eAAe;QACf,WAAW;KACZ,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CACtB,QAAuD;IAEvD,MAAM,MAAM,GAAsC;QAChD,QAAQ,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,cAAc,EAAE,GAAG,EAAE;QACnE,IAAI,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,cAAc,EAAE,GAAG,EAAE;QAC/D,MAAM,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,cAAc,EAAE,GAAG,EAAE;QACjE,GAAG,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,cAAc,EAAE,GAAG,EAAE;QAC9D,IAAI,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,cAAc,EAAE,GAAG,EAAE;KAChE,CAAC;IAEF,MAAM,eAAe,GAAkC;QACrD,QAAQ,EAAE,IAAI,GAAG,EAAE;QACnB,IAAI,EAAE,IAAI,GAAG,EAAE;QACf,MAAM,EAAE,IAAI,GAAG,EAAE;QACjB,GAAG,EAAE,IAAI,GAAG,EAAE;QACd,IAAI,EAAE,IAAI,GAAG,EAAE;KAChB,CAAC;IAEF,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,QAAQ,EAAE,CAAC;QACnC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,KAAK,EAAE,CAAC;QACjC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QACnD,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;IAED,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,MAAM,CAAe,EAAE,CAAC;QACzD,MAAM,CAAC,QAAQ,CAAC,CAAC,KAAK,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC;QACxD,MAAM,KAAK,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,KAAK,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;QACrE,MAAM,CAAC,QAAQ,CAAC,CAAC,cAAc,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;IACvD,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,YAAY,CACnB,QAAuD,EACvD,aAA4B;IAE5B,MAAM,MAAM,GAAqC,EAAE,CAAC;IAEpD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAwB,CAAC;IAChD,KAAK,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,QAAQ,EAAE,CAAC;QAC1C,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC;YAAE,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAChD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACpC,CAAC;IAED,KAAK,MAAM,CAAC,KAAK,EAAE,aAAa,CAAC,IAAI,OAAO,EAAE,CAAC;QAC7C,MAAM,CAAC,KAAK,CAAC,GAAG;YACd,KAAK,EAAE,aAAa,CAAC,MAAM;YAC3B,KAAK,EAAE,aAAa,CAAC,SAAS,EAAE,YAAY,CAAC,KAAK,CAAC,IAAI,CAAC;YACxD,UAAU,EAAE,aAAa,CAAC,SAAS,EAAE,iBAAiB,CAAC,KAAK,CAAC,IAAI,CAAC;YAClE,WAAW,EAAE,aAAa;iBACvB,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;gBACb,MAAM,aAAa,GAA6B;oBAC9C,QAAQ,EAAE,CAAC;oBACX,IAAI,EAAE,CAAC;oBACP,MAAM,EAAE,CAAC;oBACT,GAAG,EAAE,CAAC;oBACN,IAAI,EAAE,CAAC;iBACR,CAAC;gBACF,OAAO,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;YAC/D,CAAC,CAAC;iBACD,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;iBACX,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACpB,CAAC;IACJ,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,WAAW,CAAC,QAAuD;IAC1E,MAAM,MAAM,GAAG,IAAI,GAAG,EAAwE,CAAC;IAE/F,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,QAAQ,EAAE,CAAC;QACnC,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,IAAI,WAAW,CAAC;QACzC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACtB,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE;gBACf,UAAU,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE;gBAChE,QAAQ,EAAE,EAAE;aACb,CAAC,CAAC;QACL,CAAC;QACD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAE,CAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QACjD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC9C,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;SAChC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,EAAE,EAAE,CAAC,CAAC;QACtB,IAAI;QACJ,UAAU,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM;QAChC,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ;KACxB,CAAC,CAAC;SACF,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACb,gDAAgD;QAChD,MAAM,QAAQ,GAAG,CAAC,CAAC,UAAU,CAAC,QAAQ,GAAG,CAAC,CAAC,UAAU,CAAC,QAAQ,CAAC;QAC/D,IAAI,QAAQ,KAAK,CAAC;YAAE,OAAO,QAAQ,CAAC;QACpC,MAAM,QAAQ,GAAG,CAAC,CAAC,UAAU,CAAC,IAAI,GAAG,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC;QACvD,IAAI,QAAQ,KAAK,CAAC;YAAE,OAAO,QAAQ,CAAC;QACpC,OAAO,CAAC,CAAC,UAAU,GAAG,CAAC,CAAC,UAAU,CAAC;IACrC,CAAC,CAAC;SACD,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AAClB,CAAC;AAED,SAAS,eAAe,CACtB,QAAuD;IAEvD,MAAM,UAAU,GAAG,IAAI,GAAG,EAAmC,CAAC;IAE9D,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,QAAQ,EAAE,CAAC;QACnC,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,eAAe,CAAC;QACrD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC9B,UAAU,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC;QAC7C,CAAC;QACD,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACnD,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,EAAE,CAAC;SACpC,GAAG,CAAC,CAAC,CAAC,QAAQ,EAAE,IAAI,CAAC,EAAE,EAAE;QACxB,yCAAyC;QACzC,MAAM,aAAa,GAA6B;YAC9C,QAAQ,EAAE,CAAC;YACX,IAAI,EAAE,CAAC;YACP,MAAM,EAAE,CAAC;YACT,GAAG,EAAE,CAAC;YACN,IAAI,EAAE,CAAC;SACR,CAAC;QACF,MAAM,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAC1C,CAAC,OAAO,EAAE,CAAC,EAAE,EAAE,CACb,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,EAC3E,MAAkB,CACnB,CAAC;QAEF,OAAO;YACL,QAAQ;YACR,KAAK,EAAE,IAAI,CAAC,QAAQ,CAAC,MAAM;YAC3B,QAAQ,EAAE,eAAe;YACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACzC,CAAC;IACJ,CAAC,CAAC;SACD,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACb,MAAM,aAAa,GAA6B;YAC9C,QAAQ,EAAE,CAAC;YACX,IAAI,EAAE,CAAC;YACP,MAAM,EAAE,CAAC;YACT,GAAG,EAAE,CAAC;YACN,IAAI,EAAE,CAAC;SACR,CAAC;QACF,OAAO,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC;IACpF,CAAC,CAAC,CAAC;AACP,CAAC;AAED,SAAS,eAAe,CACtB,QAAuD;IAEvD,MAAM,KAAK,GAA6B;QACtC,QAAQ,EAAE,CAAC;QACX,IAAI,EAAE,CAAC;QACP,MAAM,EAAE,CAAC;QACT,GAAG,EAAE,CAAC;QACN,IAAI,EAAE,CAAC;KACR,CAAC;IAEF,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,QAAQ,EAAE,CAAC;QACnC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,mBAAmB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;IAElE,OAAO;QACL,UAAU,EAAE,WAAW,CAAC,KAAK,CAAC;QAC9B,QAAQ,EAAE,WAAW,CAAC,KAAK,CAAC,QAAQ,CAAC;QACrC,IAAI,EAAE,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC;QAC7B,MAAM,EAAE,WAAW,CAAC,KAAK,CAAC,MAAM,CAAC;QACjC,GAAG,EAAE,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC;KAC5B,CAAC;AACJ,CAAC;AAED,SAAS,WAAW,CAAC,KAAa;IAChC,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IAClC,IAAI,KAAK,GAAG,CAAC;QAAE,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,GAAG,EAAE,CAAC,UAAU,CAAC;IAC1D,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,QAAQ,CAAC;IACjC,IAAI,KAAK,GAAG,CAAC;QAAE,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC;IAClD,MAAM,IAAI,GAAG,KAAK,GAAG,CAAC,CAAC;IACvB,IAAI,IAAI,GAAG,CAAC;QAAE,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC;IAC/C,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC,QAAQ,CAAC;AACzC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAC5B,aAA4B,EAC5B,OAOC;IAED,MAAM,OAAO,GAAc,EAAE,CAAC;IAE9B,KAAK,MAAM,CAAC,KAAK,EAAE,SAAS,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC;QACtE,IAAI,OAAO,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAkB,CAAC,EAAE,CAAC;YACnE,SAAS;QACX,CAAC;QAED,IAAI,SAAS,EAAE,CAAC;YACd,KAAK,MAAM,OAAO,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;gBACzC,qBAAqB;gBACrB,IAAI,OAAO,CAAC,QAAQ,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACrE,SAAS;gBACX,CAAC;gBAED,qBAAqB;gBACrB,IAAI,OAAO,CAAC,UAAU,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACzE,SAAS;gBACX,CAAC;gBAED,iBAAiB;gBACjB,IAAI,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,IAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC3F,SAAS;gBACX,CAAC;gBAED,uBAAuB;gBACvB,IAAI,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,UAAU,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;oBACxE,SAAS;gBACX,CAAC;gBAED,sBAAsB;gBACtB,IAAI,OAAO,CAAC,YAAY,IAAI,CAAC,CAAC,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,CAAC,EAAE,CAAC;oBACnF,SAAS;gBACX,CAAC;gBAED,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACxB,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,aAA4B;IACzD,MAAM,OAAO,GAAG,eAAe,CAAC,aAAa,CAAC,CAAC;IAC/C,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,IAAI,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,KAAK,GAAG,CAAC,EAAE,CAAC;QAC1C,OAAO,CAAC,IAAI,CACV,UAAU,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,KAAK,iCAAiC,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,cAAc,GAAG,CAC1H,CAAC;IACJ,CAAC;IAED,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,EAAE,CAAC;QACtC,OAAO,CAAC,IAAI,CACV,cAAc,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,0BAA0B,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,cAAc,GAAG,CAC/G,CAAC;IACJ,CAAC;IAED,8BAA8B;IAC9B,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5C,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,IAAI,CACV,kCAAkC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,UAAU,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACzG,CAAC;IACJ,CAAC;IAED,wBAAwB;IACxB,KAAK,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5D,IAAI,IAAI,CAAC,KAAK,GAAG,EAAE,EAAE,CAAC;YACpB,OAAO,CAAC,IAAI,CAAC,MAAM,KAAK,WAAW,IAAI,CAAC,KAAK,wBAAwB,CAAC,CAAC;QACzE,CAAC;IACH,CAAC;IAED,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;IACjD,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC"}

package/dist/certification/types.d.ts

@@ -0,0 +1,138 @@
+/**
+ * Enterprise Certification System - Type Definitions
+ */
+export type AgentType = "security" | "reliability" | "typesafety" | "performance" | "quality" | "redteam" | "agent-redteam" | "agent-privacy" | "agent-integrity";
+export type Severity = "critical" | "high" | "medium" | "low" | "info";
+export type CertificationLevel = "CERTIFIED" | "APPROVED" | "REVIEW_REQUIRED" | "BLOCKED";
+export type CertificationStatus = "not_started" | "in_progress" | "completed" | "failed";
+export type VerificationVerdict = "confirmed" | "disputed" | "inconclusive";
+/**
+ * Standard finding categories
+ */
+export type FindingCategory = "sql-injection" | "xss" | "auth-bypass" | "broken-access-control" | "session-management" | "cryptographic-failure" | "injection" | "insecure-design" | "security-misconfiguration" | "vulnerable-component" | "identification-failure" | "integrity-failure" | "logging-failure" | "ssrf" | "path-traversal" | "command-injection" | "code-injection" | "hardcoded-secret" | "weak-password" | "insecure-random" | "missing-encryption" | "pii-exposure" | "dependency-vuln" | "type-safety" | "error-handling" | "resource-exhaustion" | "race-condition" | "prompt-injection" | "insecure-output" | "training-data-poisoning" | "model-denial-of-service" | "supply-chain-vuln" | "sensitive-disclosure" | "insecure-plugin" | "excessive-agency" | "overreliance" | "model-theft" | "manifest-drift" | "exfil-path" | "overscoped-permission" | "missing-sandbox" | "credential-overscoped" | "tool-drift" | "unsigned-change" | "consensus-manipulation" | "binary-security" | "memory-safety" | "logic-flaw" | "exploit-chain" | "zero-day" | "authentication" | "authorization" | "cryptography" | "input-validation" | "api-security" | "resource-management" | "deserialization" | "open-redirect" | "secret-management" | "code-quality" | "other";
+/**
+ * Location of a finding instance
+ */
+export interface FindingInstance {
+    file: string;
+    line?: number;
+    evidence?: string;
+}
+export interface Finding {
+    id: string;
+    severity: Severity;
+    category: FindingCategory | string;
+    file?: string;
+    line?: number;
+    description: string;
+    evidence: string;
+    confidence: number;
+    cross_references?: string[];
+    verifications: Verification[];
+    created_at: string;
+    /** Multiple instances of the same finding (for deduplication) */
+    instances?: FindingInstance[];
+    /** Source scanner if this is a deterministic finding (confidence: 100) */
+    scanner_source?: "semgrep" | "npm-audit" | "gitleaks" | "tsc" | "eslint" | "bandit" | "gosec" | "brakeman" | "trivy" | "binary-analysis" | "memory-safety" | "race-condition" | "zero-day-hunter" | "logic-flaw-detector" | "exploit-chain-analyzer" | "manifest-audit" | "tool-description-drift" | "prompt-injection-fuzzer" | "exfil-path-graph" | "permission-minimiser" | "supply-chain-mcp" | "sandbox-audit" | "credential-scope-audit";
+    /** Original rule ID from the scanner */
+    scanner_rule_id?: string;
+    /** CWE IDs from scanner */
+    cwe_ids?: string[];
+    /** CVE IDs from scanner (for dependency vulns) */
+    cve_ids?: string[];
+    /** Additional metadata from scanner/agent */
+    metadata?: Record<string, unknown>;
+}
+export interface Verification {
+    verifying_agent: AgentType;
+    verdict: VerificationVerdict;
+    evidence: string;
+    adjusted_confidence?: number;
+    created_at: string;
+}
+export interface AgentSummary {
+    total_findings: number;
+    by_severity: Record<Severity, number>;
+    confidence_score: number;
+    coverage_areas: string[];
+    notes?: string;
+}
+export interface AgentFindings {
+    agent: AgentType;
+    started_at: string;
+    completed_at?: string;
+    status: "running" | "completed" | "failed";
+    findings: Finding[];
+    summary?: AgentSummary;
+}
+export interface RedTeamChallenge {
+    id: string;
+    target_agent: AgentType;
+    area: string;
+    challenge_type: "missed_issue" | "false_negative" | "incomplete_coverage" | "edge_case";
+    evidence: string;
+    severity_if_valid: Severity;
+    resolution?: {
+        accepted: boolean;
+        response: string;
+    };
+    created_at: string;
+}
+export interface CrossVerification {
+    finding_id: string;
+    verifying_agent: AgentType;
+    verdict: VerificationVerdict;
+    evidence: string;
+    adjusted_confidence?: number;
+    created_at: string;
+}
+export interface ConsensusResult {
+    overall_score: number;
+    certification_level: CertificationLevel;
+    agent_scores: Record<AgentType, number>;
+    agent_confidences: Record<AgentType, number>;
+    total_findings: number;
+    by_severity: Record<Severity, number>;
+    cross_verification_rate: number;
+    red_team_challenges_accepted: number;
+    red_team_challenges_total: number;
+    calculated_at: string;
+}
+export interface CertificationMetadata {
+    id: string;
+    project_name: string;
+    project_path: string;
+    started_at: string;
+    completed_at?: string;
+    status: CertificationStatus;
+    agents_requested: AgentType[];
+    agents_completed: AgentType[];
+    certification_level?: CertificationLevel;
+    final_score?: number;
+    expires_at?: string;
+    /** SHA-256 hash of project files at certification time */
+    project_hash?: string;
+    /** Whether deterministic scanners were run */
+    scanners_run?: boolean;
+    /** Timestamp when scanners completed */
+    scanners_completed_at?: string;
+    /** Count of findings from deterministic scanners */
+    scanner_findings_count?: number;
+}
+export interface Certification {
+    metadata: CertificationMetadata;
+    agents: Partial<Record<AgentType, AgentFindings>>;
+    cross_verifications: CrossVerification[];
+    red_team_challenges: RedTeamChallenge[];
+    consensus?: ConsensusResult;
+}
+export declare const AGENT_WEIGHTS: Record<AgentType, number>;
+export declare const SEVERITY_PENALTIES: Record<Severity, number>;
+export declare const CERTIFICATION_THRESHOLDS: {
+    CERTIFIED: number;
+    APPROVED: number;
+    REVIEW_REQUIRED: number;
+    BLOCKED: number;
+};
+export declare const CERTIFICATION_VALIDITY_DAYS = 30;
+//# sourceMappingURL=types.d.ts.map

package/dist/certification/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/certification/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,MAAM,SAAS,GACjB,UAAU,GACV,aAAa,GACb,YAAY,GACZ,aAAa,GACb,SAAS,GACT,SAAS,GACT,eAAe,GACf,eAAe,GACf,iBAAiB,CAAC;AAEtB,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AAEvE,MAAM,MAAM,kBAAkB,GAC1B,WAAW,GACX,UAAU,GACV,iBAAiB,GACjB,SAAS,CAAC;AAEd,MAAM,MAAM,mBAAmB,GAC3B,aAAa,GACb,aAAa,GACb,WAAW,GACX,QAAQ,CAAC;AAEb,MAAM,MAAM,mBAAmB,GAAG,WAAW,GAAG,UAAU,GAAG,cAAc,CAAC;AAE5E;;GAEG;AACH,MAAM,MAAM,eAAe,GAEvB,eAAe,GACf,KAAK,GACL,aAAa,GACb,uBAAuB,GACvB,oBAAoB,GACpB,uBAAuB,GACvB,WAAW,GACX,iBAAiB,GACjB,2BAA2B,GAC3B,sBAAsB,GACtB,wBAAwB,GACxB,mBAAmB,GACnB,iBAAiB,GACjB,MAAM,GACN,gBAAgB,GAChB,mBAAmB,GACnB,gBAAgB,GAChB,kBAAkB,GAClB,eAAe,GACf,iBAAiB,GACjB,oBAAoB,GACpB,cAAc,GACd,iBAAiB,GACjB,aAAa,GACb,gBAAgB,GAChB,qBAAqB,GACrB,gBAAgB,GAEhB,kBAAkB,GAClB,iBAAiB,GACjB,yBAAyB,GACzB,yBAAyB,GACzB,mBAAmB,GACnB,sBAAsB,GACtB,iBAAiB,GACjB,kBAAkB,GAClB,cAAc,GACd,aAAa,GAEb,gBAAgB,GAChB,YAAY,GACZ,uBAAuB,GACvB,iBAAiB,GACjB,uBAAuB,GACvB,YAAY,GACZ,iBAAiB,GACjB,wBAAwB,GAExB,iBAAiB,GACjB,eAAe,GACf,YAAY,GACZ,eAAe,GACf,UAAU,GACV,gBAAgB,GAChB,eAAe,GACf,cAAc,GACd,kBAAkB,GAClB,cAAc,GACd,qBAAqB,GACrB,iBAAiB,GACjB,eAAe,GACf,mBAAmB,GACnB,cAAc,GAEd,OAAO,CAAC;AAEZ;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,QAAQ,CAAC;IACnB,QAAQ,EAAE,eAAe,GAAG,MAAM,CAAC;IACnC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,aAAa,EAAE,YAAY,EAAE,CAAC;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,iEAAiE;IACjE,SAAS,CAAC,EAAE,eAAe,EAAE,CAAC;IAC9B,0EAA0E;IAC1E,cAAc,CAAC,EACX,SAAS,GACT,WAAW,GACX,UAAU,GACV,KAAK,GACL,QAAQ,GACR,QAAQ,GACR,OAAO,GACP,UAAU,GACV,OAAO,GAEP,iBAAiB,GACjB,eAAe,GACf,gBAAgB,GAEhB,iBAAiB,GACjB,qBAAqB,GACrB,wBAAwB,GAExB,gBAAgB,GAChB,wBAAwB,GACxB,yBAAyB,GACzB,kBAAkB,GAClB,sBAAsB,GACtB,kBAAkB,GAClB,eAAe,GACf,wBAAwB,CAAC;IAC7B,wCAAwC;IACxC,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,2BAA2B;IAC3B,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,kDAAkD;IAClD,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,6CAA6C;IAC7C,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,YAAY;IAC3B,eAAe,EAAE,SAAS,CAAC;IAC3B,OAAO,EAAE,mBAAmB,CAAC;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,YAAY;IAC3B,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACtC,gBAAgB,EAAE,MAAM,CAAC;IACzB,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE,SAAS,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,SAAS,GAAG,WAAW,GAAG,QAAQ,CAAC;IAC3C,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,OAAO,CAAC,EAAE,YAAY,CAAC;CACxB;AAED,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,YAAY,EAAE,SAAS,CAAC;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,cAAc,EAAE,cAAc,GAAG,gBAAgB,GAAG,qBAAqB,GAAG,WAAW,CAAC;IACxF,QAAQ,EAAE,MAAM,CAAC;IACjB,iBAAiB,EAAE,QAAQ,CAAC;IAC5B,UAAU,CAAC,EAAE;QACX,QAAQ,EAAE,OAAO,CAAC;QAClB,QAAQ,EAAE,MAAM,CAAC;KAClB,CAAC;IACF,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,iBAAiB;IAChC,UAAU,EAAE,MAAM,CAAC;IACnB,eAAe,EAAE,SAAS,CAAC;IAC3B,OAAO,EAAE,mBAAmB,CAAC;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,eAAe;IAC9B,aAAa,EAAE,MAAM,CAAC;IACtB,mBAAmB,EAAE,kBAAkB,CAAC;IACxC,YAAY,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IACxC,iBAAiB,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;IAC7C,cAAc,EAAE,MAAM,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACtC,uBAAuB,EAAE,MAAM,CAAC;IAChC,4BAA4B,EAAE,MAAM,CAAC;IACrC,yBAAyB,EAAE,MAAM,CAAC;IAClC,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,qBAAqB;IACpC,EAAE,EAAE,MAAM,CAAC;IACX,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,mBAAmB,CAAC;IAC5B,gBAAgB,EAAE,SAAS,EAAE,CAAC;IAC9B,gBAAgB,EAAE,SAAS,EAAE,CAAC;IAC9B,mBAAmB,CAAC,EAAE,kBAAkB,CAAC;IACzC,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,0DAA0D;IAC1D,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,8CAA8C;IAC9C,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,wCAAwC;IACxC,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,oDAAoD;IACpD,sBAAsB,CAAC,EAAE,MAAM,CAAC;CACjC;AAED,MAAM,WAAW,aAAa;IAC5B,QAAQ,EAAE,qBAAqB,CAAC;IAChC,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC,CAAC;IAClD,mBAAmB,EAAE,iBAAiB,EAAE,CAAC;IACzC,mBAAmB,EAAE,gBAAgB,EAAE,CAAC;IACxC,SAAS,CAAC,EAAE,eAAe,CAAC;CAC7B;AAGD,eAAO,MAAM,aAAa,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAWnD,CAAC;AAGF,eAAO,MAAM,kBAAkB,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAMvD,CAAC;AAGF,eAAO,MAAM,wBAAwB;;;;;CAKpC,CAAC;AAGF,eAAO,MAAM,2BAA2B,KAAK,CAAC"}

package/dist/certification/types.js

@@ -0,0 +1,34 @@
+/**
+ * Enterprise Certification System - Type Definitions
+ */
+// Agent weights for scoring
+export const AGENT_WEIGHTS = {
+    security: 0.30,
+    reliability: 0.25,
+    typesafety: 0.15,
+    performance: 0.15,
+    quality: 0.10,
+    redteam: 0.05,
+    // M6: Agent-specific weights (used when certifying agent systems)
+    "agent-redteam": 0.30,
+    "agent-privacy": 0.25,
+    "agent-integrity": 0.20,
+};
+// Severity penalties for scoring
+export const SEVERITY_PENALTIES = {
+    critical: 25,
+    high: 10,
+    medium: 3,
+    low: 1,
+    info: 0,
+};
+// Certification thresholds
+export const CERTIFICATION_THRESHOLDS = {
+    CERTIFIED: 90,
+    APPROVED: 70,
+    REVIEW_REQUIRED: 40,
+    BLOCKED: 0,
+};
+// Certification validity period (30 days)
+export const CERTIFICATION_VALIDITY_DAYS = 30;
+//# sourceMappingURL=types.js.map

package/dist/certification/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/certification/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AA4PH,4BAA4B;AAC5B,MAAM,CAAC,MAAM,aAAa,GAA8B;IACtD,QAAQ,EAAE,IAAI;IACd,WAAW,EAAE,IAAI;IACjB,UAAU,EAAE,IAAI;IAChB,WAAW,EAAE,IAAI;IACjB,OAAO,EAAE,IAAI;IACb,OAAO,EAAE,IAAI;IACb,kEAAkE;IAClE,eAAe,EAAE,IAAI;IACrB,eAAe,EAAE,IAAI;IACrB,iBAAiB,EAAE,IAAI;CACxB,CAAC;AAEF,iCAAiC;AACjC,MAAM,CAAC,MAAM,kBAAkB,GAA6B;IAC1D,QAAQ,EAAE,EAAE;IACZ,IAAI,EAAE,EAAE;IACR,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;IACN,IAAI,EAAE,CAAC;CACR,CAAC;AAEF,2BAA2B;AAC3B,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACtC,SAAS,EAAE,EAAE;IACb,QAAQ,EAAE,EAAE;IACZ,eAAe,EAAE,EAAE;IACnB,OAAO,EAAE,CAAC;CACX,CAAC;AAEF,0CAA0C;AAC1C,MAAM,CAAC,MAAM,2BAA2B,GAAG,EAAE,CAAC"}

package/dist/commands/audits/api-check.d.ts

@@ -0,0 +1,3 @@
+import type { HardeningCommand } from "../types.js";
+export declare const apiCheck: HardeningCommand;
+//# sourceMappingURL=api-check.d.ts.map

package/dist/commands/audits/api-check.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"api-check.d.ts","sourceRoot":"","sources":["../../../src/commands/audits/api-check.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEpD,eAAO,MAAM,QAAQ,EAAE,gBAqEtB,CAAC"}

package/dist/commands/audits/api-check.js

@@ -0,0 +1,71 @@
+export const apiCheck = {
+    name: "api-check",
+    description: "API contract validation — response types match reality, consistent patterns, complete error handling",
+    content: `Validate API contracts and consistency across all endpoints.
+
+## 1. Type Safety Audit
+For every API route and server action:
+- Does the response type match what's actually returned?
+- Are request body types accurate?
+- Do error responses have typed shapes?
+- Are there any as unknown as or type assertions hiding mismatches?
+
+## 2. Response Shape Consistency
+Check all API responses for:
+- Consistent success shape: { data: T } or { result: T }
+- Consistent error shape: { error: string, code: string, status: number }
+- Consistent pagination: { data: T[], pagination: { page, limit, total } }
+- No mixing of shapes (some routes return { user }, others { data: user })
+
+## 3. HTTP Status Code Audit
+For each API route, verify:
+- 200 for successful GET
+- 201 for successful POST creating a resource
+- 204 for successful DELETE
+- 400 for validation errors
+- 401 for unauthenticated
+- 403 for unauthorized (authenticated but not allowed)
+- 404 for not found
+- 500 for server errors
+- No using 200 for errors with { success: false }
+
+## 4. Input Validation Completeness
+For every route accepting input:
+- Is there Zod (or equivalent) schema validation?
+- Are all fields validated (type, format, length, range)?
+- Are optional fields properly marked?
+- Is validation happening BEFORE any database/external calls?
+
+## 5. Error Response Quality
+For every error path:
+- Does it return useful error messages?
+- Does it NOT leak internal details (stack traces, SQL queries)?
+- Does it include error codes for client-side handling?
+- Are errors logged with context?
+
+## 6. API Documentation
+- Do routes have JSDoc or similar documentation?
+- Are complex request/response shapes documented?
+- Is there an OpenAPI spec or similar?
+
+## Output: API-AUDIT.md
+
+### Type Mismatches
+| Route | Issue | Expected | Actual |
+|-------|-------|----------|--------|
+| POST /api/users | Missing field in response type | { id, email, name } | { id, email } |
+
+### Inconsistent Patterns
+- 5 routes return { data }, 3 routes return raw object
+- Error shapes vary across 8 routes
+
+### Missing Validation
+- POST /api/orders - no input validation
+- PUT /api/users/[id] - partial validation
+
+### Recommendations (prioritized)
+1. Create shared response type utilities
+2. Add validation to X routes
+3. Standardize error responses`
+};
+//# sourceMappingURL=api-check.js.map

package/dist/commands/audits/api-check.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"api-check.js","sourceRoot":"","sources":["../../../src/commands/audits/api-check.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,QAAQ,GAAqB;IACxC,IAAI,EAAE,WAAW;IACjB,WAAW,EAAE,sGAAsG;IACnH,OAAO,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;+BAiEoB;CAC9B,CAAC"}

package/dist/commands/audits/deadcode.d.ts

@@ -0,0 +1,3 @@
+import type { HardeningCommand } from "../types.js";
+export declare const deadcode: HardeningCommand;
+//# sourceMappingURL=deadcode.d.ts.map

package/dist/commands/audits/deadcode.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"deadcode.d.ts","sourceRoot":"","sources":["../../../src/commands/audits/deadcode.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAEpD,eAAO,MAAM,QAAQ,EAAE,gBA6DtB,CAAC"}

package/dist/commands/audits/deadcode.js

@@ -0,0 +1,63 @@
+export const deadcode = {
+    name: "deadcode",
+    description: "Dead code detection — unused exports, unreachable code, orphaned files",
+    content: `Find and report all dead code in the codebase.
+
+## 1. Unused Exports
+For every file in src/, app/, lib/, components/, utils/:
+- List all exported functions, classes, constants, types
+- Search codebase for imports of each export
+- Flag exports that are never imported anywhere
+- Exclude: index.ts re-exports, public API files, test utilities
+
+## 2. Unused Files
+- Find files that are never imported by any other file
+- Check: components, utilities, types, constants
+- Exclude: entry points (page.tsx, layout.tsx, route.ts), config files, test files
+
+## 3. Unreachable Code
+Scan for:
+- Code after return/throw statements
+- Conditions that are always true/false (if (false), if (true && false))
+- Switch cases that can never match
+- Catch blocks that catch impossible errors
+
+## 4. Commented-Out Code
+- Find blocks of commented-out code (not documentation comments)
+- 3+ consecutive lines of commented code = flag it
+- These should be deleted, not commented
+
+## 5. Unused Variables
+- Variables declared but never read
+- Parameters that are never used
+- Destructured properties that are never used
+
+## 6. Dead CSS/Styles
+If using CSS modules, Tailwind, or styled-components:
+- Classes defined but never applied
+- Tailwind classes in safelist that aren't used
+
+## Output: DEADCODE-REPORT.md
+
+### Summary
+- Unused exports: X
+- Orphaned files: X
+- Unreachable code blocks: X
+- Commented code blocks: X
+- Estimated dead code: X lines
+
+### Unused Exports
+| File | Export | Type |
+|------|--------|------|
+| src/utils/format.ts | formatCurrency | function |
+
+### Orphaned Files (safe to delete)
+- src/components/OldHeader.tsx
+- src/utils/deprecated.ts
+
+### Recommended Cleanup
+Prioritized list of what to remove, starting with highest confidence.
+
+DO NOT automatically delete anything. This is a report for human review.`
+};
+//# sourceMappingURL=deadcode.js.map

package/dist/commands/audits/deadcode.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"deadcode.js","sourceRoot":"","sources":["../../../src/commands/audits/deadcode.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,QAAQ,GAAqB;IACxC,IAAI,EAAE,UAAU;IAChB,WAAW,EAAE,wEAAwE;IACrF,OAAO,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;yEAyD8D;CACxE,CAAC"}

package/dist/commands/audits/deps.d.ts

@@ -0,0 +1,3 @@
+import type { HardeningCommand } from "../types.js";
+export declare const deps: HardeningCommand;
+//# sourceMappingURL=deps.d.ts.map