From e5efc2ff64a2b294fbc4f2aa189d45659702470e Mon Sep 17 00:00:00 2001
From: Kjell Tore Guttormsen <ktg@humanize.no>
Date: Fri, 1 May 2026 06:16:28 +0200
Subject: [PATCH] feat(config-audit): export WEIGHTS from severity.mjs (v5 F3
 prep)

Promote WEIGHTS const to named export with Object.freeze for downstream
use in scoring.mjs (severity-weighted scoreByArea, F3).

Tests: +2 cases asserting WEIGHTS shape.
---
 plugins/config-audit/scanners/lib/severity.mjs   |  2 +-
 plugins/config-audit/tests/lib/severity.test.mjs | 15 ++++++++++++++-
 2 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/plugins/config-audit/scanners/lib/severity.mjs b/plugins/config-audit/scanners/lib/severity.mjs
index f9ac160..88e8aed 100644
--- a/plugins/config-audit/scanners/lib/severity.mjs
+++ b/plugins/config-audit/scanners/lib/severity.mjs
@@ -11,7 +11,7 @@ export const SEVERITY = Object.freeze({
   info: 'info',
 });
 
-const WEIGHTS = { critical: 25, high: 10, medium: 4, low: 1, info: 0 };
+export const WEIGHTS = Object.freeze({ critical: 25, high: 10, medium: 4, low: 1, info: 0 });
 
 /**
  * Calculate a 0-100 risk score from severity counts.
diff --git a/plugins/config-audit/tests/lib/severity.test.mjs b/plugins/config-audit/tests/lib/severity.test.mjs
index 9cb8564..9d98da1 100644
--- a/plugins/config-audit/tests/lib/severity.test.mjs
+++ b/plugins/config-audit/tests/lib/severity.test.mjs
@@ -1,6 +1,6 @@
 import { describe, it } from 'node:test';
 import assert from 'node:assert/strict';
-import { SEVERITY, riskScore, verdict, riskBand, gradeFromPassRate, QUALITY_CATEGORIES } from '../../scanners/lib/severity.mjs';
+import { SEVERITY, WEIGHTS, riskScore, verdict, riskBand, gradeFromPassRate, QUALITY_CATEGORIES } from '../../scanners/lib/severity.mjs';
 
 describe('SEVERITY constants', () => {
   it('has all 5 levels', () => {
@@ -12,6 +12,19 @@ describe('SEVERITY constants', () => {
   });
 });
 
+describe('WEIGHTS named export (v5 F3 prep)', () => {
+  it('exposes critical=25', () => {
+    assert.strictEqual(WEIGHTS.critical, 25);
+  });
+
+  it('exposes high=10, medium=4, low=1, info=0', () => {
+    assert.strictEqual(WEIGHTS.high, 10);
+    assert.strictEqual(WEIGHTS.medium, 4);
+    assert.strictEqual(WEIGHTS.low, 1);
+    assert.strictEqual(WEIGHTS.info, 0);
+  });
+});
+
 describe('riskScore', () => {
   it('returns 0 for empty counts', () => {
     assert.strictEqual(riskScore({}), 0);