style: apply Biome formatting to backported files

Co-Authored-By: Paperclip <noreply@paperclip.ing>

apps/worker/src/ai/queue-schemas.ts

@@ -17,8 +17,7 @@ import type { AgentName } from '../types/agents.js';
 
 // === Common Fields ===
 
-const ANALYSIS_NOTES_DESCRIPTION =
-  'Plain context for defenders (caveats, scope, what is at risk). Not attack steps.';
+const ANALYSIS_NOTES_DESCRIPTION = 'Plain context for defenders (caveats, scope, what is at risk). Not attack steps.';
 
 function notesField(exploit: boolean) {
   const f = z.string().optional();
@@ -114,53 +113,83 @@ function toOutputFormat(zodSchema: z.ZodType): JsonSchemaOutputFormat {
 function buildOutputFormats(exploit: boolean): Partial<Record<AgentName, JsonSchemaOutputFormat>> {
   const base = makeBase(exploit);
   return {
-    'injection-vuln': toOutputFormat(z.object({ vulnerabilities: z.array(base.extend({
-      source: z.string().optional(),
-      combined_sources: z.string().optional(),
-      path: z.string().optional(),
-      sink_call: z.string().optional(),
-      slot_type: z.string().optional(),
-      sanitization_observed: z.string().optional(),
-      concat_occurrences: z.string().optional(),
-      verdict: z.string().optional(),
-      mismatch_reason: z.string().optional(),
-      witness_payload: z.string().optional(),
-    })) })),
-    'xss-vuln': toOutputFormat(z.object({ vulnerabilities: z.array(base.extend({
-      source: z.string().optional(),
-      source_detail: z.string().optional(),
-      path: z.string().optional(),
-      sink_function: z.string().optional(),
-      render_context: z.string().optional(),
-      encoding_observed: z.string().optional(),
-      verdict: z.string().optional(),
-      mismatch_reason: z.string().optional(),
-      witness_payload: z.string().optional(),
-    })) })),
-    'auth-vuln': toOutputFormat(z.object({ vulnerabilities: z.array(base.extend({
-      source_endpoint: z.string().optional(),
-      vulnerable_code_location: z.string().optional(),
-      missing_defense: z.string().optional(),
-      exploitation_hypothesis: z.string().optional(),
-      suggested_exploit_technique: z.string().optional(),
-    })) })),
-    'ssrf-vuln': toOutputFormat(z.object({ vulnerabilities: z.array(base.extend({
-      source_endpoint: z.string().optional(),
-      vulnerable_parameter: z.string().optional(),
-      vulnerable_code_location: z.string().optional(),
-      missing_defense: z.string().optional(),
-      exploitation_hypothesis: z.string().optional(),
-      suggested_exploit_technique: z.string().optional(),
-    })) })),
-    'authz-vuln': toOutputFormat(z.object({ vulnerabilities: z.array(base.extend({
-      endpoint: z.string().optional(),
-      vulnerable_code_location: z.string().optional(),
-      role_context: z.string().optional(),
-      guard_evidence: z.string().optional(),
-      side_effect: z.string().optional(),
-      reason: z.string().optional(),
-      minimal_witness: z.string().optional(),
-    })) })),
+    'injection-vuln': toOutputFormat(
+      z.object({
+        vulnerabilities: z.array(
+          base.extend({
+            source: z.string().optional(),
+            combined_sources: z.string().optional(),
+            path: z.string().optional(),
+            sink_call: z.string().optional(),
+            slot_type: z.string().optional(),
+            sanitization_observed: z.string().optional(),
+            concat_occurrences: z.string().optional(),
+            verdict: z.string().optional(),
+            mismatch_reason: z.string().optional(),
+            witness_payload: z.string().optional(),
+          }),
+        ),
+      }),
+    ),
+    'xss-vuln': toOutputFormat(
+      z.object({
+        vulnerabilities: z.array(
+          base.extend({
+            source: z.string().optional(),
+            source_detail: z.string().optional(),
+            path: z.string().optional(),
+            sink_function: z.string().optional(),
+            render_context: z.string().optional(),
+            encoding_observed: z.string().optional(),
+            verdict: z.string().optional(),
+            mismatch_reason: z.string().optional(),
+            witness_payload: z.string().optional(),
+          }),
+        ),
+      }),
+    ),
+    'auth-vuln': toOutputFormat(
+      z.object({
+        vulnerabilities: z.array(
+          base.extend({
+            source_endpoint: z.string().optional(),
+            vulnerable_code_location: z.string().optional(),
+            missing_defense: z.string().optional(),
+            exploitation_hypothesis: z.string().optional(),
+            suggested_exploit_technique: z.string().optional(),
+          }),
+        ),
+      }),
+    ),
+    'ssrf-vuln': toOutputFormat(
+      z.object({
+        vulnerabilities: z.array(
+          base.extend({
+            source_endpoint: z.string().optional(),
+            vulnerable_parameter: z.string().optional(),
+            vulnerable_code_location: z.string().optional(),
+            missing_defense: z.string().optional(),
+            exploitation_hypothesis: z.string().optional(),
+            suggested_exploit_technique: z.string().optional(),
+          }),
+        ),
+      }),
+    ),
+    'authz-vuln': toOutputFormat(
+      z.object({
+        vulnerabilities: z.array(
+          base.extend({
+            endpoint: z.string().optional(),
+            vulnerable_code_location: z.string().optional(),
+            role_context: z.string().optional(),
+            guard_evidence: z.string().optional(),
+            side_effect: z.string().optional(),
+            reason: z.string().optional(),
+            minimal_witness: z.string().optional(),
+          }),
+        ),
+      }),
+    ),
   };
 }
 

apps/worker/src/services/findings-renderer.ts

@@ -17,13 +17,7 @@
  */
 
 import { fs, path } from 'zx';
-import type {
-  AuthFinding,
-  AuthzFinding,
-  InjectionFinding,
-  SsrfFinding,
-  XssFinding,
-} from '../ai/queue-schemas.js';
+import type { AuthFinding, AuthzFinding, InjectionFinding, SsrfFinding, XssFinding } from '../ai/queue-schemas.js';
 import { deliverablesDir } from '../paths.js';
 import type { ActivityLogger } from '../types/activity-logger.js';
 import type { VulnClass } from '../types/config.js';
@@ -125,10 +119,7 @@ function renderInjectionEntry(e: InjectionFinding): string {
   return buildEntry(
     e.ID,
     e.vulnerability_type,
-    [
-      summaryRow('Vulnerable location', location),
-      summaryRow('Overview', e.mismatch_reason),
-    ],
+    [summaryRow('Vulnerable location', location), summaryRow('Overview', e.mismatch_reason)],
     e.notes,
   );
 }
@@ -138,10 +129,7 @@ function renderXssEntry(e: XssFinding): string {
   return buildEntry(
     e.ID,
     e.vulnerability_type,
-    [
-      summaryRow('Vulnerable location', location),
-      summaryRow('Overview', e.mismatch_reason),
-    ],
+    [summaryRow('Vulnerable location', location), summaryRow('Overview', e.mismatch_reason)],
     e.notes,
   );
 }

apps/worker/src/temporal/activities.ts

@@ -28,10 +28,10 @@ import { DEFAULT_DELIVERABLES_SUBDIR, deliverablesDir } from '../paths.js';
 import { getContainer, getOrCreateContainer, removeContainer } from '../services/container.js';
 import { classifyErrorForTemporal, PentestError } from '../services/error-handling.js';
 import { ExploitationCheckerService } from '../services/exploitation-checker.js';
+import { renderFindingsFromQueues } from '../services/findings-renderer.js';
 import { executeGitCommandWithRetry } from '../services/git-manager.js';
 import { runPreflightChecks } from '../services/preflight.js';
 import type { ExploitationDecision, VulnType } from '../services/queue-validation.js';
-import { renderFindingsFromQueues } from '../services/findings-renderer.js';
 import { assembleFinalReport, injectModelIntoReport } from '../services/reporting.js';
 import { AGENTS } from '../session-manager.js';
 import type { AgentName } from '../types/agents.js';