pub mod cli;
pub mod client;
pub mod input;
pub mod config;
pub mod profile;
pub mod discovery;
pub mod ignore;
pub mod parser;
pub mod context;
pub mod cve_db;
pub mod deobfuscation;
pub mod engine;
pub mod malware_db;
pub mod rules;
pub mod suppression;
pub mod aggregator;
pub mod baseline;
pub mod scoring;
pub mod output;
pub mod reporter;
pub mod error;
pub mod external;
pub mod runtime;
pub mod types;
pub mod feedback;
pub mod fix;
pub mod hooks;
pub mod mcp_server;
pub mod pinning;
pub mod proxy;
pub mod remote;
pub mod sbom;
pub mod trusted_domains;
pub mod watch;
pub mod handlers;
pub mod hook_mode;
pub mod run;
#[deprecated(
since = "3.2.0",
note = "Use `crate::engine` instead. This module will be removed in v4.0.0. \
See migration guide in `src/scanner/mod.rs`."
)]
pub mod scanner;
#[cfg(test)]
pub mod test_utils;
pub use cli::{
BadgeFormat, CheckArgs, Cli, Commands, HookAction, OutputFormat, ProxyArgs, ScanType,
};
pub use client::{
ClientType, DetectedClient, detect_client, detect_installed_clients, list_installed_clients,
};
pub use config::{Config, ConfigError, ConfigLoadResult, TextFilesConfig, WatchConfig};
pub use profile::{Profile, profile_from_check_args};
pub use discovery::{DirectoryWalker, WalkConfig};
pub use ignore::IgnoreFilter;
pub use parser::{
ContentParser, ContentType, DockerfileParser, FrontmatterParser, JsonParser, MarkdownParser,
ParsedContent, ParserRegistry, TomlParser, YamlParser,
};
pub use context::{ContentContext, ContextDetector};
pub use cve_db::{CveDatabase, CveDbError, CveEntry};
pub use deobfuscation::{DecodedContent, Deobfuscator};
pub use engine::traits::{AnalysisMetadata, AnalysisResult, DetectionEngine, EngineConfig};
pub use engine::{
CommandScanner, ContentScanner, DependencyScanner, DockerScanner, HookScanner, McpScanner,
PluginScanner, RulesDirScanner, ScanError, Scanner, ScannerConfig, SkillScanner,
SubagentScanner,
};
pub use malware_db::{MalwareDatabase, MalwareDbError};
pub use rules::{
Confidence, CustomRuleError, CustomRuleLoader, DynamicRule, Finding, RuleEngine, RuleSeverity,
ScanResult, Severity, Summary,
};
pub use aggregator::{FindingCollector, SummaryBuilder};
pub use baseline::{Baseline, DriftEntry, DriftReport};
pub use scoring::{CategoryScore, RiskLevel, RiskScore, SeverityBreakdown};
pub use output::OutputFormatter;
pub use reporter::{
Reporter, html::HtmlReporter, json::JsonReporter, markdown::MarkdownReporter,
sarif::SarifReporter, terminal::TerminalReporter,
};
pub use run::{
ScanMode, WatchModeResult, format_result_check_args, format_result_with_config, is_text_file,
is_text_file_with_config, run_scan_with_check_args, run_scan_with_check_args_config,
scan_path_with_cve_db, scan_path_with_malware_db, setup_watch_mode, watch_iteration,
};
pub use runtime::{HookRunner, Pipeline, PipelineStage, ScanContext, ScanExecutor};
pub use error::{AuditError, Result};
pub use feedback::{FalsePositiveReport, ReportSubmitter, SubmitResult, SubmitTarget};
pub use fix::{AutoFixer, Fix, FixResult};
pub use hooks::{HookError, HookInstaller};
pub use mcp_server::McpServer;
pub use pinning::{PinMismatch, PinVerifyResult, PinnedTool, ToolPins};
pub use proxy::{InterceptAction, MessageInterceptor, ProxyConfig, ProxyLogger, ProxyServer};
pub use remote::{ClonedRepo, GitCloner, RemoteError, parse_github_url};
pub use sbom::{
Component, ComponentType, CycloneDxBom, DependencyExtractor, SbomBuilder, SbomFormat,
};
pub use trusted_domains::{TrustedDomain, TrustedDomainMatcher};
pub use types::{AuthToken, FileHash, GitRef, PathValidationError, RuleId, ScanTarget};
pub use watch::FileWatcher;