vaspera 2.5.0

package/dist/__tests__/integration/certification-flow.test.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Integration tests for the full certification flow
+ */
+export {};
+//# sourceMappingURL=certification-flow.test.d.ts.map

package/dist/__tests__/integration/certification-flow.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"certification-flow.test.d.ts","sourceRoot":"","sources":["../../../src/__tests__/integration/certification-flow.test.ts"],"names":[],"mappings":"AAAA;;GAEG"}

package/dist/__tests__/integration/certification-flow.test.js

@@ -0,0 +1,245 @@
+/**
+ * Integration tests for the full certification flow
+ */
+import { describe, it, expect, beforeEach, afterEach, afterAll } from "vitest";
+import { mkdir, rm } from "fs/promises";
+import { join } from "path";
+import { tmpdir } from "os";
+import { generateCertificationId, initializeCertification, startAgent, submitFinding, completeAgent, addCrossVerification, getCertification, saveConsensus, finalizeCertification, } from "../../certification/store.js";
+import { calculateConsensus, canFinalize, getCertificationSummary } from "../../certification/consensus.js";
+const TEST_BASE = join(tmpdir(), "vaspera-integration-" + Date.now() + "-" + Math.random().toString(36).slice(2));
+let testProjectPath;
+beforeEach(async () => {
+    testProjectPath = join(TEST_BASE, "project-" + Math.random().toString(36).slice(2));
+    await mkdir(testProjectPath, { recursive: true });
+});
+afterEach(async () => {
+    try {
+        await rm(testProjectPath, { recursive: true, force: true });
+    }
+    catch {
+        // Ignore cleanup errors
+    }
+});
+afterAll(async () => {
+    try {
+        await rm(TEST_BASE, { recursive: true, force: true });
+    }
+    catch {
+        // Ignore cleanup errors
+    }
+});
+describe("Full Certification Flow", () => {
+    it("completes a multi-agent certification", async () => {
+        const certId = generateCertificationId(testProjectPath);
+        const agents = ["security", "reliability", "quality"];
+        // Phase 1: Initialize
+        const metadata = await initializeCertification(testProjectPath, certId, [...agents]);
+        expect(metadata.status).toBe("in_progress");
+        expect(metadata.agents_requested).toEqual([...agents]);
+        // Phase 2: Run agents
+        for (const agent of agents) {
+            await startAgent(testProjectPath, certId, agent);
+            // Submit findings
+            await submitFinding(testProjectPath, certId, agent, {
+                id: `${agent.slice(0, 3)}-001`,
+                severity: "medium",
+                category: "test",
+                description: `Test finding from ${agent}`,
+                evidence: "Integration test evidence",
+                confidence: 80,
+            });
+            await completeAgent(testProjectPath, certId, agent, {
+                total_findings: 1,
+                by_severity: { critical: 0, high: 0, medium: 1, low: 0, info: 0 },
+                confidence_score: 80,
+                coverage_areas: ["test"],
+            });
+        }
+        // Phase 3: Cross-verification
+        await addCrossVerification(testProjectPath, certId, {
+            finding_id: "sec-001",
+            verifying_agent: "reliability",
+            verdict: "confirmed",
+            evidence: "Verified during reliability scan",
+        });
+        // Phase 4: Calculate consensus
+        const cert = await getCertification(testProjectPath, certId);
+        expect(cert).not.toBeNull();
+        const consensus = calculateConsensus(cert);
+        expect(consensus.total_findings).toBe(3);
+        expect(consensus.overall_score).toBeGreaterThan(0);
+        // Phase 5: Check finalization readiness
+        const { ready, missing, warnings } = canFinalize(cert);
+        expect(ready).toBe(true);
+        expect(missing).toHaveLength(0);
+        // Phase 6: Save consensus and finalize
+        await saveConsensus(testProjectPath, certId, consensus);
+        const finalMetadata = await finalizeCertification(testProjectPath, certId, consensus.certification_level, consensus.overall_score);
+        expect(finalMetadata.status).toBe("completed");
+        expect(finalMetadata.final_score).toBe(consensus.overall_score);
+        expect(finalMetadata.expires_at).toBeDefined();
+        // Phase 7: Generate summary
+        const summary = getCertificationSummary(consensus);
+        expect(summary).toContain("Score:");
+        expect(summary).toContain("Findings:");
+    });
+    it("handles critical findings requiring cross-verification", async () => {
+        const certId = generateCertificationId(testProjectPath);
+        await initializeCertification(testProjectPath, certId, ["security"]);
+        await startAgent(testProjectPath, certId, "security");
+        // Submit a critical finding
+        await submitFinding(testProjectPath, certId, "security", {
+            id: "sec-001",
+            severity: "critical",
+            category: "auth",
+            description: "Missing authentication",
+            evidence: "No auth check on endpoint",
+            confidence: 95,
+        });
+        await completeAgent(testProjectPath, certId, "security", {
+            total_findings: 1,
+            by_severity: { critical: 1, high: 0, medium: 0, low: 0, info: 0 },
+            confidence_score: 95,
+            coverage_areas: ["auth"],
+        });
+        const cert = await getCertification(testProjectPath, certId);
+        const { ready, missing } = canFinalize(cert);
+        // Critical finding without cross-verification blocks finalization
+        expect(ready).toBe(false);
+        expect(missing).toContain("Critical finding sec-001 not cross-verified");
+        // After cross-verification, should be ready
+        await addCrossVerification(testProjectPath, certId, {
+            finding_id: "sec-001",
+            verifying_agent: "reliability",
+            verdict: "confirmed",
+            evidence: "Confirmed - auth is missing",
+        });
+        const certAfter = await getCertification(testProjectPath, certId);
+        const { ready: readyAfter } = canFinalize(certAfter);
+        expect(readyAfter).toBe(true);
+    });
+    it("calculates weighted scores correctly", async () => {
+        const certId = generateCertificationId(testProjectPath);
+        const agents = ["security", "reliability", "typesafety", "performance", "quality", "redteam"];
+        await initializeCertification(testProjectPath, certId, [...agents]);
+        // Security (30% weight) - has critical issue
+        await startAgent(testProjectPath, certId, "security");
+        await submitFinding(testProjectPath, certId, "security", {
+            id: "sec-001",
+            severity: "high",
+            category: "auth",
+            description: "High severity auth issue",
+            evidence: "Auth vulnerability",
+            confidence: 90,
+        });
+        await completeAgent(testProjectPath, certId, "security", {
+            total_findings: 1,
+            by_severity: { critical: 0, high: 1, medium: 0, low: 0, info: 0 },
+            confidence_score: 90,
+            coverage_areas: ["auth"],
+        });
+        // Other agents - clean
+        for (const agent of ["reliability", "typesafety", "performance", "quality", "redteam"]) {
+            await startAgent(testProjectPath, certId, agent);
+            await submitFinding(testProjectPath, certId, agent, {
+                id: `${agent.slice(0, 3)}-001`,
+                severity: "info",
+                category: "test",
+                description: "Informational only",
+                evidence: "No issues",
+                confidence: 100,
+            });
+            await completeAgent(testProjectPath, certId, agent, {
+                total_findings: 1,
+                by_severity: { critical: 0, high: 0, medium: 0, low: 0, info: 1 },
+                confidence_score: 100,
+                coverage_areas: [],
+            });
+        }
+        const cert = await getCertification(testProjectPath, certId);
+        const consensus = calculateConsensus(cert);
+        // Security has high finding (10 point penalty * 0.9 confidence = 9 point penalty)
+        // Security score: 100 - 9 = 91
+        // Other agents: 100 (info has 0 penalty)
+        // Weighted: (91 * 0.30) + (100 * 0.25) + (100 * 0.15) + (100 * 0.15) + (100 * 0.10) + (100 * 0.05)
+        //         = 27.3 + 25 + 15 + 15 + 10 + 5 = 97.3 ≈ 97 (rounded)
+        expect(consensus.overall_score).toBeGreaterThanOrEqual(95);
+        expect(consensus.overall_score).toBeLessThanOrEqual(98);
+        expect(consensus.by_severity.high).toBe(1);
+    });
+});
+describe("Certification Levels", () => {
+    it("assigns BLOCKED for critical findings", async () => {
+        const certId = generateCertificationId(testProjectPath);
+        await initializeCertification(testProjectPath, certId, ["security"]);
+        await startAgent(testProjectPath, certId, "security");
+        await submitFinding(testProjectPath, certId, "security", {
+            id: "sec-001",
+            severity: "critical",
+            category: "auth",
+            description: "Critical vulnerability",
+            evidence: "SQL injection",
+            confidence: 100,
+        });
+        await completeAgent(testProjectPath, certId, "security", {
+            total_findings: 1,
+            by_severity: { critical: 1, high: 0, medium: 0, low: 0, info: 0 },
+            confidence_score: 100,
+            coverage_areas: [],
+        });
+        const cert = await getCertification(testProjectPath, certId);
+        const consensus = calculateConsensus(cert);
+        expect(consensus.certification_level).toBe("BLOCKED");
+    });
+    it("assigns APPROVED for good score with high findings", async () => {
+        const certId = generateCertificationId(testProjectPath);
+        await initializeCertification(testProjectPath, certId, ["security", "reliability"]);
+        // Security with high finding
+        await startAgent(testProjectPath, certId, "security");
+        await submitFinding(testProjectPath, certId, "security", {
+            id: "sec-001",
+            severity: "high",
+            category: "auth",
+            description: "High severity issue",
+            evidence: "Needs attention",
+            confidence: 70,
+        });
+        await submitFinding(testProjectPath, certId, "security", {
+            id: "sec-002",
+            severity: "info",
+            category: "logging",
+            description: "Consider adding logs",
+            evidence: "Suggestion",
+            confidence: 50,
+        });
+        await completeAgent(testProjectPath, certId, "security", {
+            total_findings: 2,
+            by_severity: { critical: 0, high: 1, medium: 0, low: 0, info: 1 },
+            confidence_score: 60,
+            coverage_areas: [],
+        });
+        // Reliability clean
+        await startAgent(testProjectPath, certId, "reliability");
+        await submitFinding(testProjectPath, certId, "reliability", {
+            id: "rel-001",
+            severity: "info",
+            category: "test",
+            description: "All good",
+            evidence: "Clean audit",
+            confidence: 100,
+        });
+        await completeAgent(testProjectPath, certId, "reliability", {
+            total_findings: 1,
+            by_severity: { critical: 0, high: 0, medium: 0, low: 0, info: 1 },
+            confidence_score: 100,
+            coverage_areas: [],
+        });
+        const cert = await getCertification(testProjectPath, certId);
+        const consensus = calculateConsensus(cert);
+        // Score should be >= 70 but < 90 due to high finding
+        expect(consensus.certification_level).toBe("APPROVED");
+        expect(consensus.by_severity.high).toBe(1);
+    });
+});
+//# sourceMappingURL=certification-flow.test.js.map

package/dist/__tests__/integration/certification-flow.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"certification-flow.test.js","sourceRoot":"","sources":["../../../src/__tests__/integration/certification-flow.test.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,QAAQ,CAAC;AAC/E,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,MAAM,EAAE,MAAM,IAAI,CAAC;AAC5B,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,UAAU,EACV,aAAa,EACb,aAAa,EACb,oBAAoB,EACpB,gBAAgB,EAChB,aAAa,EACb,qBAAqB,GACtB,MAAM,8BAA8B,CAAC;AACtC,OAAO,EAAE,kBAAkB,EAAE,WAAW,EAAE,uBAAuB,EAAE,MAAM,kCAAkC,CAAC;AAE5G,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,EAAE,EAAE,sBAAsB,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,GAAG,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;AAClH,IAAI,eAAuB,CAAC;AAE5B,UAAU,CAAC,KAAK,IAAI,EAAE;IACpB,eAAe,GAAG,IAAI,CAAC,SAAS,EAAE,UAAU,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IACpF,MAAM,KAAK,CAAC,eAAe,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;AACpD,CAAC,CAAC,CAAC;AAEH,SAAS,CAAC,KAAK,IAAI,EAAE;IACnB,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,eAAe,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IAC9D,CAAC;IAAC,MAAM,CAAC;QACP,wBAAwB;IAC1B,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,KAAK,IAAI,EAAE;IAClB,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACxD,CAAC;IAAC,MAAM,CAAC;QACP,wBAAwB;IAC1B,CAAC;AACH,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,yBAAyB,EAAE,GAAG,EAAE;IACvC,EAAE,CAAC,uCAAuC,EAAE,KAAK,IAAI,EAAE;QACrD,MAAM,MAAM,GAAG,uBAAuB,CAAC,eAAe,CAAC,CAAC;QACxD,MAAM,MAAM,GAAG,CAAC,UAAU,EAAE,aAAa,EAAE,SAAS,CAAU,CAAC;QAE/D,sBAAsB;QACtB,MAAM,QAAQ,GAAG,MAAM,uBAAuB,CAAC,eAAe,EAAE,MAAM,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC;QACrF,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC5C,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC;QAEvD,sBAAsB;QACtB,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,MAAM,UAAU,CAAC,eAAe,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;YAEjD,kBAAkB;YAClB,MAAM,aAAa,CAAC,eAAe,EAAE,MAAM,EAAE,KAAK,EAAE;gBAClD,EAAE,EAAE,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM;gBAC9B,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,MAAM;gBAChB,WAAW,EAAE,qBAAqB,KAAK,EAAE;gBACzC,QAAQ,EAAE,2BAA2B;gBACrC,UAAU,EAAE,EAAE;aACf,CAAC,CAAC;YAEH,MAAM,aAAa,CAAC,eAAe,EAAE,MAAM,EAAE,KAAK,EAAE;gBAClD,cAAc,EAAE,CAAC;gBACjB,WAAW,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE;gBACjE,gBAAgB,EAAE,EAAE;gBACpB,cAAc,EAAE,CAAC,MAAM,CAAC;aACzB,CAAC,CAAC;QACL,CAAC;QAED,8BAA8B;QAC9B,MAAM,oBAAoB,CAAC,eAAe,EAAE,MAAM,EAAE;YAClD,UAAU,EAAE,SAAS;YACrB,eAAe,EAAE,aAAa;YAC9B,OAAO,EAAE,WAAW;YACpB,QAAQ,EAAE,kCAAkC;SAC7C,CAAC,CAAC;QAEH,+BAA+B;QAC/B,MAAM,IAAI,GAAG,MAAM,gBAAgB,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;QAC7D,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;QAE5B,MAAM,SAAS,GAAG,kBAAkB,CAAC,IAAK,CAAC,CAAC;QAC5C,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACzC,MAAM,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAEnD,wCAAwC;QACxC,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,WAAW,CAAC,IAAK,CAAC,CAAC;QACxD,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzB,MAAM,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAEhC,uCAAuC;QACvC,MAAM,aAAa,CAAC,eAAe,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;QAExD,MAAM,aAAa,GAAG,MAAM,qBAAqB,CAC/C,eAAe,EACf,MAAM,EACN,SAAS,CAAC,mBAAmB,EAC7B,SAAS,CAAC,aAAa,CACxB,CAAC;QAEF,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC/C,MAAM,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;QAChE,MAAM,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;QAE/C,4BAA4B;QAC5B,MAAM,OAAO,GAAG,uBAAuB,CAAC,SAAS,CAAC,CAAC;QACnD,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACpC,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wDAAwD,EAAE,KAAK,IAAI,EAAE;QACtE,MAAM,MAAM,GAAG,uBAAuB,CAAC,eAAe,CAAC,CAAC;QAExD,MAAM,uBAAuB,CAAC,eAAe,EAAE,MAAM,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC;QACrE,MAAM,UAAU,CAAC,eAAe,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;QAEtD,4BAA4B;QAC5B,MAAM,aAAa,CAAC,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE;YACvD,EAAE,EAAE,SAAS;YACb,QAAQ,EAAE,UAAU;YACpB,QAAQ,EAAE,MAAM;YAChB,WAAW,EAAE,wBAAwB;YACrC,QAAQ,EAAE,2BAA2B;YACrC,UAAU,EAAE,EAAE;SACf,CAAC,CAAC;QAEH,MAAM,aAAa,CAAC,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE;YACvD,cAAc,EAAE,CAAC;YACjB,WAAW,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE;YACjE,gBAAgB,EAAE,EAAE;YACpB,cAAc,EAAE,CAAC,MAAM,CAAC;SACzB,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,MAAM,gBAAgB,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;QAC7D,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,WAAW,CAAC,IAAK,CAAC,CAAC;QAE9C,kEAAkE;QAClE,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC1B,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,6CAA6C,CAAC,CAAC;QAEzE,4CAA4C;QAC5C,MAAM,oBAAoB,CAAC,eAAe,EAAE,MAAM,EAAE;YAClD,UAAU,EAAE,SAAS;YACrB,eAAe,EAAE,aAAa;YAC9B,OAAO,EAAE,WAAW;YACpB,QAAQ,EAAE,6BAA6B;SACxC,CAAC,CAAC;QAEH,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;QAClE,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,GAAG,WAAW,CAAC,SAAU,CAAC,CAAC;QACtD,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,KAAK,IAAI,EAAE;QACpD,MAAM,MAAM,GAAG,uBAAuB,CAAC,eAAe,CAAC,CAAC;QACxD,MAAM,MAAM,GAAG,CAAC,UAAU,EAAE,aAAa,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,EAAE,SAAS,CAAU,CAAC;QAEvG,MAAM,uBAAuB,CAAC,eAAe,EAAE,MAAM,EAAE,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC;QAEpE,6CAA6C;QAC7C,MAAM,UAAU,CAAC,eAAe,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;QACtD,MAAM,aAAa,CAAC,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE;YACvD,EAAE,EAAE,SAAS;YACb,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,MAAM;YAChB,WAAW,EAAE,0BAA0B;YACvC,QAAQ,EAAE,oBAAoB;YAC9B,UAAU,EAAE,EAAE;SACf,CAAC,CAAC;QACH,MAAM,aAAa,CAAC,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE;YACvD,cAAc,EAAE,CAAC;YACjB,WAAW,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE;YACjE,gBAAgB,EAAE,EAAE;YACpB,cAAc,EAAE,CAAC,MAAM,CAAC;SACzB,CAAC,CAAC;QAEH,uBAAuB;QACvB,KAAK,MAAM,KAAK,IAAI,CAAC,aAAa,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,EAAE,SAAS,CAAU,EAAE,CAAC;YAChG,MAAM,UAAU,CAAC,eAAe,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;YACjD,MAAM,aAAa,CAAC,eAAe,EAAE,MAAM,EAAE,KAAK,EAAE;gBAClD,EAAE,EAAE,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,MAAM;gBAC9B,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,MAAM;gBAChB,WAAW,EAAE,oBAAoB;gBACjC,QAAQ,EAAE,WAAW;gBACrB,UAAU,EAAE,GAAG;aAChB,CAAC,CAAC;YACH,MAAM,aAAa,CAAC,eAAe,EAAE,MAAM,EAAE,KAAK,EAAE;gBAClD,cAAc,EAAE,CAAC;gBACjB,WAAW,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE;gBACjE,gBAAgB,EAAE,GAAG;gBACrB,cAAc,EAAE,EAAE;aACnB,CAAC,CAAC;QACL,CAAC;QAED,MAAM,IAAI,GAAG,MAAM,gBAAgB,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;QAC7D,MAAM,SAAS,GAAG,kBAAkB,CAAC,IAAK,CAAC,CAAC;QAE5C,kFAAkF;QAClF,+BAA+B;QAC/B,yCAAyC;QACzC,mGAAmG;QACnG,+DAA+D;QAC/D,MAAM,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,sBAAsB,CAAC,EAAE,CAAC,CAAC;QAC3D,MAAM,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,mBAAmB,CAAC,EAAE,CAAC,CAAC;QACxD,MAAM,CAAC,SAAS,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;IACpC,EAAE,CAAC,uCAAuC,EAAE,KAAK,IAAI,EAAE;QACrD,MAAM,MAAM,GAAG,uBAAuB,CAAC,eAAe,CAAC,CAAC;QAExD,MAAM,uBAAuB,CAAC,eAAe,EAAE,MAAM,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC;QACrE,MAAM,UAAU,CAAC,eAAe,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;QACtD,MAAM,aAAa,CAAC,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE;YACvD,EAAE,EAAE,SAAS;YACb,QAAQ,EAAE,UAAU;YACpB,QAAQ,EAAE,MAAM;YAChB,WAAW,EAAE,wBAAwB;YACrC,QAAQ,EAAE,eAAe;YACzB,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;QACH,MAAM,aAAa,CAAC,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE;YACvD,cAAc,EAAE,CAAC;YACjB,WAAW,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE;YACjE,gBAAgB,EAAE,GAAG;YACrB,cAAc,EAAE,EAAE;SACnB,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,MAAM,gBAAgB,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;QAC7D,MAAM,SAAS,GAAG,kBAAkB,CAAC,IAAK,CAAC,CAAC;QAE5C,MAAM,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oDAAoD,EAAE,KAAK,IAAI,EAAE;QAClE,MAAM,MAAM,GAAG,uBAAuB,CAAC,eAAe,CAAC,CAAC;QAExD,MAAM,uBAAuB,CAAC,eAAe,EAAE,MAAM,EAAE,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC,CAAC;QAEpF,6BAA6B;QAC7B,MAAM,UAAU,CAAC,eAAe,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;QACtD,MAAM,aAAa,CAAC,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE;YACvD,EAAE,EAAE,SAAS;YACb,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,MAAM;YAChB,WAAW,EAAE,qBAAqB;YAClC,QAAQ,EAAE,iBAAiB;YAC3B,UAAU,EAAE,EAAE;SACf,CAAC,CAAC;QACH,MAAM,aAAa,CAAC,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE;YACvD,EAAE,EAAE,SAAS;YACb,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,SAAS;YACnB,WAAW,EAAE,sBAAsB;YACnC,QAAQ,EAAE,YAAY;YACtB,UAAU,EAAE,EAAE;SACf,CAAC,CAAC;QACH,MAAM,aAAa,CAAC,eAAe,EAAE,MAAM,EAAE,UAAU,EAAE;YACvD,cAAc,EAAE,CAAC;YACjB,WAAW,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE;YACjE,gBAAgB,EAAE,EAAE;YACpB,cAAc,EAAE,EAAE;SACnB,CAAC,CAAC;QAEH,oBAAoB;QACpB,MAAM,UAAU,CAAC,eAAe,EAAE,MAAM,EAAE,aAAa,CAAC,CAAC;QACzD,MAAM,aAAa,CAAC,eAAe,EAAE,MAAM,EAAE,aAAa,EAAE;YAC1D,EAAE,EAAE,SAAS;YACb,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,MAAM;YAChB,WAAW,EAAE,UAAU;YACvB,QAAQ,EAAE,aAAa;YACvB,UAAU,EAAE,GAAG;SAChB,CAAC,CAAC;QACH,MAAM,aAAa,CAAC,eAAe,EAAE,MAAM,EAAE,aAAa,EAAE;YAC1D,cAAc,EAAE,CAAC;YACjB,WAAW,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE;YACjE,gBAAgB,EAAE,GAAG;YACrB,cAAc,EAAE,EAAE;SACnB,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG,MAAM,gBAAgB,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC;QAC7D,MAAM,SAAS,GAAG,kBAAkB,CAAC,IAAK,CAAC,CAAC;QAE5C,qDAAqD;QACrD,MAAM,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACvD,MAAM,CAAC,SAAS,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/__tests__/integration/commands.test.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Integration tests for command registry
+ */
+export {};
+//# sourceMappingURL=commands.test.d.ts.map

package/dist/__tests__/integration/commands.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"commands.test.d.ts","sourceRoot":"","sources":["../../../src/__tests__/integration/commands.test.ts"],"names":[],"mappings":"AAAA;;GAEG"}

package/dist/__tests__/integration/commands.test.js

@@ -0,0 +1,93 @@
+/**
+ * Integration tests for command registry
+ */
+import { describe, it, expect } from "vitest";
+import { COMMANDS, getCommand, listCommands } from "../../commands/index.js";
+describe("Command Registry", () => {
+    it("exports all expected commands", () => {
+        const commandNames = Object.keys(COMMANDS);
+        // Core commands (9)
+        expect(commandNames).toContain("audit");
+        expect(commandNames).toContain("fix-critical");
+        expect(commandNames).toContain("fix-high");
+        expect(commandNames).toContain("fix-medium");
+        expect(commandNames).toContain("fix-rls");
+        expect(commandNames).toContain("add-tests");
+        expect(commandNames).toContain("verify");
+        expect(commandNames).toContain("harden");
+        expect(commandNames).toContain("preflight");
+        // Audit commands (6)
+        expect(commandNames).toContain("deps");
+        expect(commandNames).toContain("deadcode");
+        expect(commandNames).toContain("errors");
+        expect(commandNames).toContain("secrets");
+        expect(commandNames).toContain("api-check");
+        expect(commandNames).toContain("perf");
+        // Certification commands (7)
+        expect(commandNames).toContain("certification-security");
+        expect(commandNames).toContain("certification-reliability");
+        expect(commandNames).toContain("certification-typesafety");
+        expect(commandNames).toContain("certification-performance");
+        expect(commandNames).toContain("certification-quality");
+        expect(commandNames).toContain("certification-redteam");
+        expect(commandNames).toContain("certify");
+        // Total: 22 commands
+        expect(commandNames.length).toBe(22);
+    });
+    it("getCommand returns correct command", () => {
+        const audit = getCommand("audit");
+        expect(audit).toBeDefined();
+        expect(audit?.name).toBe("audit");
+        expect(audit?.description).toContain("production readiness audit");
+        expect(audit?.content).toContain("AUDIT.md");
+        const certify = getCommand("certify");
+        expect(certify).toBeDefined();
+        expect(certify?.name).toBe("certify");
+        expect(certify?.content).toContain("enterprise certification");
+    });
+    it("getCommand returns undefined for unknown command", () => {
+        const unknown = getCommand("nonexistent-command");
+        expect(unknown).toBeUndefined();
+    });
+    it("listCommands returns all commands", () => {
+        const commands = listCommands();
+        expect(commands.length).toBe(22);
+        expect(commands.every((cmd) => cmd.name && cmd.description && cmd.content)).toBe(true);
+    });
+    it("each command has required fields", () => {
+        for (const [name, command] of Object.entries(COMMANDS)) {
+            expect(command.name).toBe(name.replace("certification-", "certification-"));
+            expect(command.description).toBeTruthy();
+            expect(command.description.length).toBeGreaterThan(10);
+            expect(command.content).toBeTruthy();
+            expect(command.content.length).toBeGreaterThan(100);
+        }
+    });
+    it("core commands reference AUDIT.md or related files", () => {
+        const audit = getCommand("audit");
+        expect(audit?.content).toContain("AUDIT.md");
+        const fixCritical = getCommand("fix-critical");
+        expect(fixCritical?.content).toContain("AUDIT.md");
+        expect(fixCritical?.content).toContain("CRITICAL");
+        const verify = getCommand("verify");
+        expect(verify?.content).toContain("HARDENING-REPORT.md");
+    });
+    it("certification commands reference agent tools", () => {
+        const security = getCommand("certification-security");
+        expect(security?.content).toContain("agent_submit_finding");
+        expect(security?.content).toContain("agent_complete");
+        const redteam = getCommand("certification-redteam");
+        expect(redteam?.content).toContain("redteam_challenge");
+        expect(redteam?.content).toContain("agent_cross_verify");
+    });
+    it("certify command references all phases", () => {
+        const certify = getCommand("certify");
+        expect(certify?.content).toContain("Phase 1:");
+        expect(certify?.content).toContain("Phase 2:");
+        expect(certify?.content).toContain("Phase 3:");
+        expect(certify?.content).toContain("certification_start");
+        expect(certify?.content).toContain("certification_consensus");
+        expect(certify?.content).toContain("certification_finalize");
+    });
+});
+//# sourceMappingURL=commands.test.js.map

package/dist/__tests__/integration/commands.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"commands.test.js","sourceRoot":"","sources":["../../../src/__tests__/integration/commands.test.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AAE7E,QAAQ,CAAC,kBAAkB,EAAE,GAAG,EAAE;IAChC,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;QACvC,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAE3C,oBAAoB;QACpB,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACxC,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC;QAC/C,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAC3C,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;QAC7C,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAC1C,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAC5C,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACzC,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACzC,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAE5C,qBAAqB;QACrB,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACvC,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAC3C,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACzC,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAC1C,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAC5C,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QAEvC,6BAA6B;QAC7B,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,wBAAwB,CAAC,CAAC;QACzD,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,2BAA2B,CAAC,CAAC;QAC5D,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;QAC3D,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,2BAA2B,CAAC,CAAC;QAC5D,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,uBAAuB,CAAC,CAAC;QACxD,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,uBAAuB,CAAC,CAAC;QACxD,MAAM,CAAC,YAAY,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QAE1C,qBAAqB;QACrB,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,MAAM,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;QAClC,MAAM,CAAC,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;QAC5B,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAClC,MAAM,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC,SAAS,CAAC,4BAA4B,CAAC,CAAC;QACnE,MAAM,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAE7C,MAAM,OAAO,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC;QACtC,MAAM,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;QAC9B,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACtC,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,SAAS,CAAC,0BAA0B,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kDAAkD,EAAE,GAAG,EAAE;QAC1D,MAAM,OAAO,GAAG,UAAU,CAAC,qBAAqB,CAAC,CAAC;QAClD,MAAM,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,CAAC;IAClC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;QAC3C,MAAM,QAAQ,GAAG,YAAY,EAAE,CAAC;QAChC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,WAAW,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzF,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,KAAK,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YACvD,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,gBAAgB,EAAE,gBAAgB,CAAC,CAAC,CAAC;YAC5E,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,UAAU,EAAE,CAAC;YACzC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC;YACvD,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,CAAC;YACrC,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QACtD,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;QAC3D,MAAM,KAAK,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;QAClC,MAAM,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAE7C,MAAM,WAAW,GAAG,UAAU,CAAC,cAAc,CAAC,CAAC;QAC/C,MAAM,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QACnD,MAAM,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAEnD,MAAM,MAAM,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;QACpC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,SAAS,CAAC,qBAAqB,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;QACtD,MAAM,QAAQ,GAAG,UAAU,CAAC,wBAAwB,CAAC,CAAC;QACtD,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,SAAS,CAAC,sBAAsB,CAAC,CAAC;QAC5D,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;QAEtD,MAAM,OAAO,GAAG,UAAU,CAAC,uBAAuB,CAAC,CAAC;QACpD,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC;QACxD,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,OAAO,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC;QACtC,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAC/C,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAC/C,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAC/C,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,SAAS,CAAC,qBAAqB,CAAC,CAAC;QAC1D,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,SAAS,CAAC,yBAAyB,CAAC,CAAC;QAC9D,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,SAAS,CAAC,wBAAwB,CAAC,CAAC;IAC/D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/action/diff-mode.d.ts

@@ -0,0 +1,34 @@
+/**
+ * Diff Mode - Changed Files Detection
+ *
+ * Detects which files have changed in a PR or push event
+ * to enable incremental scanning.
+ *
+ * @module action/diff-mode
+ */
+import type { ChangedFile, GitHubContext } from "./types.js";
+/**
+ * Get changed files from GitHub API
+ *
+ * @param octokit - GitHub API client
+ * @param context - GitHub context
+ * @returns Array of changed files
+ */
+export declare function getChangedFiles(octokit: any, context: GitHubContext): Promise<ChangedFile[]>;
+/**
+ * Filter changed files to only scannable ones
+ */
+export declare function filterScannableFiles(files: ChangedFile[]): ChangedFile[];
+/**
+ * Get the list of file paths to scan
+ */
+export declare function getFilesToScan(changedFiles: ChangedFile[]): string[];
+/**
+ * Check if any security-relevant files changed
+ */
+export declare function hasSecurityRelevantChanges(changedFiles: ChangedFile[]): boolean;
+/**
+ * Generate summary of changed files
+ */
+export declare function generateChangeSummary(changedFiles: ChangedFile[]): string;
+//# sourceMappingURL=diff-mode.d.ts.map

package/dist/action/diff-mode.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"diff-mode.d.ts","sourceRoot":"","sources":["../../src/action/diff-mode.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AA6B7D;;;;;;GAMG;AACH,wBAAsB,eAAe,CAEnC,OAAO,EAAE,GAAG,EACZ,OAAO,EAAE,aAAa,GACrB,OAAO,CAAC,WAAW,EAAE,CAAC,CAmExB;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,WAAW,EAAE,GAAG,WAAW,EAAE,CAoBxE;AAWD;;GAEG;AACH,wBAAgB,cAAc,CAAC,YAAY,EAAE,WAAW,EAAE,GAAG,MAAM,EAAE,CAEpE;AAED;;GAEG;AACH,wBAAgB,0BAA0B,CAAC,YAAY,EAAE,WAAW,EAAE,GAAG,OAAO,CAsB/E;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,YAAY,EAAE,WAAW,EAAE,GAAG,MAAM,CA8BzE"}

package/dist/action/diff-mode.js

@@ -0,0 +1,201 @@
+/**
+ * Diff Mode - Changed Files Detection
+ *
+ * Detects which files have changed in a PR or push event
+ * to enable incremental scanning.
+ *
+ * @module action/diff-mode
+ */
+/**
+ * File extensions to include in scans
+ */
+const SCANNABLE_EXTENSIONS = new Set([
+    ".ts",
+    ".tsx",
+    ".js",
+    ".jsx",
+    ".mjs",
+    ".cjs",
+    ".json",
+    ".yaml",
+    ".yml",
+    ".sql",
+    ".py",
+    ".rb",
+    ".go",
+    ".java",
+    ".kt",
+    ".swift",
+    ".rs",
+    ".php",
+    ".cs",
+    ".vue",
+    ".svelte",
+]);
+/**
+ * Get changed files from GitHub API
+ *
+ * @param octokit - GitHub API client
+ * @param context - GitHub context
+ * @returns Array of changed files
+ */
+export async function getChangedFiles(
+// eslint-disable-next-line @typescript-eslint/no-explicit-any
+octokit, context) {
+    const changedFiles = [];
+    if (context.pullRequest) {
+        // PR event - get files from PR
+        let page = 1;
+        const perPage = 100;
+        while (true) {
+            const response = await octokit.rest.pulls.listFiles({
+                owner: context.owner,
+                repo: context.repo,
+                pull_number: context.pullRequest.number,
+                per_page: perPage,
+                page,
+            });
+            for (const file of response.data) {
+                changedFiles.push({
+                    filename: file.filename,
+                    status: file.status,
+                    additions: file.additions,
+                    deletions: file.deletions,
+                    changes: file.changes,
+                    previousFilename: file.previous_filename,
+                });
+            }
+            if (response.data.length < perPage)
+                break;
+            page++;
+        }
+    }
+    else {
+        // Push event - compare with previous commit
+        // For push events, compare HEAD^ with HEAD
+        const base = `${context.sha}^`;
+        const head = context.sha;
+        try {
+            const response = await octokit.rest.repos.compareCommits({
+                owner: context.owner,
+                repo: context.repo,
+                base,
+                head,
+                per_page: 100,
+                page: 1,
+            });
+            if (response.data.files) {
+                for (const file of response.data.files) {
+                    changedFiles.push({
+                        filename: file.filename,
+                        status: file.status,
+                        additions: file.additions,
+                        deletions: file.deletions,
+                        changes: file.changes,
+                        previousFilename: file.previous_filename,
+                    });
+                }
+            }
+        }
+        catch {
+            // If compare fails (e.g., initial commit), return empty array
+            // which will trigger full scan
+            return [];
+        }
+    }
+    return changedFiles;
+}
+/**
+ * Filter changed files to only scannable ones
+ */
+export function filterScannableFiles(files) {
+    return files.filter((file) => {
+        // Exclude deleted files
+        if (file.status === "removed")
+            return false;
+        // Check extension
+        const ext = getExtension(file.filename);
+        if (!SCANNABLE_EXTENSIONS.has(ext))
+            return false;
+        // Exclude common non-source paths
+        if (file.filename.includes("node_modules/"))
+            return false;
+        if (file.filename.includes("dist/"))
+            return false;
+        if (file.filename.includes("build/"))
+            return false;
+        if (file.filename.includes("coverage/"))
+            return false;
+        if (file.filename.includes(".git/"))
+            return false;
+        if (file.filename.endsWith(".min.js"))
+            return false;
+        if (file.filename.endsWith(".bundle.js"))
+            return false;
+        return true;
+    });
+}
+/**
+ * Get file extension (including dot)
+ */
+function getExtension(filename) {
+    const lastDot = filename.lastIndexOf(".");
+    if (lastDot === -1)
+        return "";
+    return filename.slice(lastDot).toLowerCase();
+}
+/**
+ * Get the list of file paths to scan
+ */
+export function getFilesToScan(changedFiles) {
+    return filterScannableFiles(changedFiles).map((f) => f.filename);
+}
+/**
+ * Check if any security-relevant files changed
+ */
+export function hasSecurityRelevantChanges(changedFiles) {
+    const securityFiles = [
+        "package.json",
+        "package-lock.json",
+        "yarn.lock",
+        "pnpm-lock.yaml",
+        ".env",
+        ".env.example",
+        "auth",
+        "security",
+        "middleware",
+        "api/",
+        "routes/",
+    ];
+    return changedFiles.some((file) => securityFiles.some((pattern) => file.filename.includes(pattern) ||
+        file.filename.toLowerCase().includes(pattern)));
+}
+/**
+ * Generate summary of changed files
+ */
+export function generateChangeSummary(changedFiles) {
+    const byStatus = new Map();
+    const byExtension = new Map();
+    for (const file of changedFiles) {
+        byStatus.set(file.status, (byStatus.get(file.status) || 0) + 1);
+        const ext = getExtension(file.filename) || "(no extension)";
+        byExtension.set(ext, (byExtension.get(ext) || 0) + 1);
+    }
+    const lines = [
+        `**Changed Files**: ${changedFiles.length}`,
+        "",
+        "| Status | Count |",
+        "|--------|-------|",
+    ];
+    for (const [status, count] of byStatus) {
+        lines.push(`| ${status} | ${count} |`);
+    }
+    lines.push("", "| Extension | Count |", "|-----------|-------|");
+    // Sort by count descending
+    const sortedExtensions = [...byExtension.entries()].sort((a, b) => b[1] - a[1]);
+    for (const [ext, count] of sortedExtensions.slice(0, 10)) {
+        lines.push(`| ${ext} | ${count} |`);
+    }
+    return lines.join("\n");
+}
+//# sourceMappingURL=diff-mode.js.map

package/dist/action/diff-mode.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"diff-mode.js","sourceRoot":"","sources":["../../src/action/diff-mode.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH;;GAEG;AACH,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC;IACnC,KAAK;IACL,MAAM;IACN,KAAK;IACL,MAAM;IACN,MAAM;IACN,MAAM;IACN,OAAO;IACP,OAAO;IACP,MAAM;IACN,MAAM;IACN,KAAK;IACL,KAAK;IACL,KAAK;IACL,OAAO;IACP,KAAK;IACL,QAAQ;IACR,KAAK;IACL,MAAM;IACN,KAAK;IACL,MAAM;IACN,SAAS;CACV,CAAC,CAAC;AAEH;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe;AACnC,8DAA8D;AAC9D,OAAY,EACZ,OAAsB;IAEtB,MAAM,YAAY,GAAkB,EAAE,CAAC;IAEvC,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QACxB,+BAA+B;QAC/B,IAAI,IAAI,GAAG,CAAC,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,CAAC;QAEpB,OAAO,IAAI,EAAE,CAAC;YACZ,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC;gBAClD,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,WAAW,EAAE,OAAO,CAAC,WAAW,CAAC,MAAM;gBACvC,QAAQ,EAAE,OAAO;gBACjB,IAAI;aACL,CAAC,CAAC;YAEH,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACjC,YAAY,CAAC,IAAI,CAAC;oBAChB,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,MAAM,EAAE,IAAI,CAAC,MAA+B;oBAC5C,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,OAAO,EAAE,IAAI,CAAC,OAAO;oBACrB,gBAAgB,EAAE,IAAI,CAAC,iBAAiB;iBACzC,CAAC,CAAC;YACL,CAAC;YAED,IAAI,QAAQ,CAAC,IAAI,CAAC,MAAM,GAAG,OAAO;gBAAE,MAAM;YAC1C,IAAI,EAAE,CAAC;QACT,CAAC;IACH,CAAC;SAAM,CAAC;QACN,4CAA4C;QAC5C,2CAA2C;QAC3C,MAAM,IAAI,GAAG,GAAG,OAAO,CAAC,GAAG,GAAG,CAAC;QAC/B,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC;QAEzB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC;gBACvD,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,IAAI;gBACJ,IAAI;gBACJ,QAAQ,EAAE,GAAG;gBACb,IAAI,EAAE,CAAC;aACR,CAAC,CAAC;YAEH,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;gBACxB,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;oBACvC,YAAY,CAAC,IAAI,CAAC;wBAChB,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,MAAM,EAAE,IAAI,CAAC,MAA+B;wBAC5C,SAAS,EAAE,IAAI,CAAC,SAAS;wBACzB,SAAS,EAAE,IAAI,CAAC,SAAS;wBACzB,OAAO,EAAE,IAAI,CAAC,OAAO;wBACrB,gBAAgB,EAAE,IAAI,CAAC,iBAAiB;qBACzC,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,8DAA8D;YAC9D,+BAA+B;YAC/B,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,KAAoB;IACvD,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE;QAC3B,wBAAwB;QACxB,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS;YAAE,OAAO,KAAK,CAAC;QAE5C,kBAAkB;QAClB,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACxC,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QAEjD,kCAAkC;QAClC,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC;YAAE,OAAO,KAAK,CAAC;QAC1D,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;YAAE,OAAO,KAAK,CAAC;QAClD,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAAE,OAAO,KAAK,CAAC;QACnD,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC;YAAE,OAAO,KAAK,CAAC;QACtD,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;YAAE,OAAO,KAAK,CAAC;QAClD,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;YAAE,OAAO,KAAK,CAAC;QACpD,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC;YAAE,OAAO,KAAK,CAAC;QAEvD,OAAO,IAAI,CAAC;IACd,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CAAC,QAAgB;IACpC,MAAM,OAAO,GAAG,QAAQ,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IAC1C,IAAI,OAAO,KAAK,CAAC,CAAC;QAAE,OAAO,EAAE,CAAC;IAC9B,OAAO,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,YAA2B;IACxD,OAAO,oBAAoB,CAAC,YAAY,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;AACnE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,0BAA0B,CAAC,YAA2B;IACpE,MAAM,aAAa,GAAG;QACpB,cAAc;QACd,mBAAmB;QACnB,WAAW;QACX,gBAAgB;QAChB,MAAM;QACN,cAAc;QACd,MAAM;QACN,UAAU;QACV,YAAY;QACZ,MAAM;QACN,SAAS;KACV,CAAC;IAEF,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAChC,aAAa,CAAC,IAAI,CAChB,CAAC,OAAO,EAAE,EAAE,CACV,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;QAC/B,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,CAChD,CACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,YAA2B;IAC/D,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAkB,CAAC;IAC3C,MAAM,WAAW,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE9C,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;QAChC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAChE,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,gBAAgB,CAAC;QAC5D,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,KAAK,GAAa;QACtB,sBAAsB,YAAY,CAAC,MAAM,EAAE;QAC3C,EAAE;QACF,oBAAoB;QACpB,oBAAoB;KACrB,CAAC;IAEF,KAAK,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,IAAI,QAAQ,EAAE,CAAC;QACvC,KAAK,CAAC,IAAI,CAAC,KAAK,MAAM,MAAM,KAAK,IAAI,CAAC,CAAC;IACzC,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,uBAAuB,EAAE,uBAAuB,CAAC,CAAC;IAEjE,2BAA2B;IAC3B,MAAM,gBAAgB,GAAG,CAAC,GAAG,WAAW,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAChF,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;QACzD,KAAK,CAAC,IAAI,CAAC,KAAK,GAAG,MAAM,KAAK,IAAI,CAAC,CAAC;IACtC,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}

package/dist/action/diff-mode.test.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Unit tests for diff-mode module
+ */
+export {};
+//# sourceMappingURL=diff-mode.test.d.ts.map

package/dist/action/diff-mode.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"diff-mode.test.d.ts","sourceRoot":"","sources":["../../src/action/diff-mode.test.ts"],"names":[],"mappings":"AAAA;;GAEG"}