#!/usr/bin/env node
// CLI wrapper for supply-chain-recheck scanner
// Usage: node supply-chain-recheck-cli.mjs <target-path>
// Outputs JSON to stdout. Exit codes: 0=ok, 1=warning, 2=block, 3=error

import { resolve } from 'node:path';
import { existsSync } from 'node:fs';
import { resetCounter } from './lib/output.mjs';
import { scan } from './supply-chain-recheck.mjs';
import { riskScore, verdict } from './lib/severity.mjs';

const target = process.argv[2];
if (!target) {
  console.error('Usage: node supply-chain-recheck-cli.mjs <target-path>');
  process.exit(3);
}

const targetPath = resolve(target);
if (!existsSync(targetPath)) {
  console.error(`Target path does not exist: ${targetPath}`);
  process.exit(3);
}

resetCounter();
const result = await scan(targetPath, { files: [] });

// Add aggregate info matching orchestrator format
const counts = result.counts;
const score = riskScore(counts);
const verd = verdict(counts);
result.aggregate = { risk_score: score, verdict: verd };

process.stdout.write(JSON.stringify(result, null, 2) + '\n');

if (verd === 'BLOCK') process.exitCode = 2;
else if (verd === 'WARNING') process.exitCode = 1;
else process.exitCode = 0;