mirror of
https://github.com/lunchcat/sif.git
synced 2026-06-12 19:11:25 -07:00
vmfunc
1237f3f09e
scan results live in ~two dozen structs with no shared shape, so every consumer that wants "what did this run turn up" reimplements the type-switch. add internal/finding: an ordered Severity (info<low<medium< high<critical, with parse/compare) and Flatten, the single type-switch that collapses every scan result struct into flat, severity-ranked Findings keyed module:identifier for stable dedup/diff. wire collectFindings off Flatten in the run loop so notify and diff (later bundles) build on one normalization path instead of re-deriving it; the report path keeps emitting raw json blobs unchanged. expose JavascriptScanResult.SupabaseFindings so the js internals stay private. the guard test iterates a representative instance of every ResultType and fails if Flatten lacks a case (falls through to :unhandled) - so a new scanner can't ship without a Flatten case landing too.