Receipt bf1b2656d40f — feat(core,cli): maina apply-fix

feat(core,cli): maina apply-fix — autofix loop closer (#240): +1269 / −0 across 8 file(s). Maina ran 10 check(s) — 8 passed, 2 skipped. Verified — passed 8 of 10 policy checks.

Receipt identity

Checks (8 of 10 passed)

AI slop detector slop · passed

warningpackages/cli/src/program.ts:177 — 3 consecutive lines of commented-out code

Doc claims check doc-claims · passed

Semgrep patterns semgrep · passed

Trivy dependency scan trivy · passed

warningbun.lock — @hono/[email protected]: @hono/node-server: Middleware bypass via repeated slashes in serveStatic (fix: 1.19.13)

warningbun.lock — [email protected]: Astro: XSS in define:vars via incomplete </script> tag sanitization (fix: 6.1.6)

warningbun.lock — [email protected]: Hono: Middleware bypass via repeated slashes in serveStatic (fix: 4.12.12)

warningbun.lock — [email protected]: Hono: Path traversal in toSSG() allows writing files outside the output directory (fix: 4.12.12)

warningbun.lock — [email protected]: Hono has incorrect IP matching in ipRestriction() for IPv4-mapped IPv6 addresses (fix: 4.12.12)

warningbun.lock — [email protected]: Hono: Non-breaking space prefix bypass in cookie name handling in getCookie() (fix: 4.12.12)

warningbun.lock — [email protected]: Hono missing validation of cookie name on write path in setCookie() (fix: 4.12.12)

warningbun.lock — [email protected]: hono Improperly Handles JSX Attribute Names Allows HTML Injection in hono/jsx SSR (fix: 4.12.14)

warningbun.lock — [email protected]: PostCSS has XSS via Unescaped </style> in its CSS Stringify Output (fix: 8.5.10)

Secret scan secretlint · passed

SonarQube static analysis sonar · passed

Mutation testing stryker · skipped

Diff coverage diff-cover · passed

Biome lint + format biome · passed

warning.maina/wiki/.signals.json:1 — File has 23682 lines (exceeds 500 line limit). Consider splitting.

warningpackages/core/src/index.ts:1 — File has 805 lines (exceeds 500 line limit). Consider splitting.