import { Finding } from '../types';
export declare function readFileContent(filePath: string): string;
export declare function fileExists(filePath: string): boolean;
/**
 * Merge user-provided exclude patterns with the default ignore list.
 * User patterns are normalized to glob format: "foo" → "**​/foo/**"
 *
 * By default, vendored/third-party directories are excluded.
 * Pass includeVendored=true to skip those exclusions.
 */
export declare function buildIgnoreList(userExcludes?: string[], includeVendored?: boolean): string[];
export declare function isCacheOrDataFile(filePath: string): boolean;
export declare function isTestOrDocFile(filePath: string): boolean;
/**
 * Check if a file is part of Sentori's own test suite.
 * These contain intentional attack pattern samples for testing the scanner,
 * so findings here should be downgraded to info.
 */
export declare function isSentoriTestFile(filePath: string): boolean;
/**
 * Check if a file is part of Sentori's own source code or project files.
 * Scanner source files contain pattern definitions (e.g. regex for ../../,
 * /etc/passwd, chmod 777) that are detection rules, not vulnerabilities.
 * Findings here should be downgraded to info.
 */
export declare function isSentoriSourceFile(filePath: string): boolean;
/**
 * Check if the scan target itself IS the Sentori project.
 * Used for broad self-scan protection.
 */
export declare function isSentoriProject(targetPath: string): boolean;
/**
 * Check if a file is a security scanning/detection tool.
 * Files named detector, scanner, auditor, guard etc. that read credential
 * paths are doing so for detection purposes, not for exfiltration.
 *
 * Requires BOTH a known tool-directory path AND the keyword in the filename
 * to avoid false-positives on arbitrary user files that happen to contain
 * these common words (e.g. user's data-monitor.py, log-checker.ts).
 */
export declare function isSecurityToolFile(filePath: string, content?: string): boolean;
export declare function getIgnoredFileCount(): number;
export declare function resetIgnoredFileCount(): void;
export declare function findFiles(targetPath: string, patterns: string[], excludePatterns?: string[], includeVendored?: boolean, sentoriIgnorePatterns?: string[], includeWorkspaceProjects?: boolean): Promise<string[]>;
export declare function findConfigFiles(targetPath: string, excludePatterns?: string[], includeVendored?: boolean, sentoriIgnorePatterns?: string[]): Promise<string[]>;
export declare function findPromptFiles(targetPath: string, excludePatterns?: string[], includeVendored?: boolean, sentoriIgnorePatterns?: string[]): Promise<string[]>;
/**
 * Check if a file is a test file (tests/, __tests__/, *.test.*, *.spec.*).
 * Findings from these files should be tagged as [TEST] and excluded from scoring.
 */
export declare function isTestFileForScoring(filePath: string): boolean;
export declare function isCredentialManagementFile(filePath: string): boolean;
export declare function isFrameworkInfraFile(filePath: string): boolean;
export declare function isUserInputFile(filePath: string): boolean;
export declare function isSkillPluginFile(filePath: string): boolean;
/**
 * Check if a project has any auth-related files.
 */
export declare function hasAuthFiles(files: string[]): boolean;
/**
 * Check if a file is a Markdown file (.md).
 * Markdown files discussing attack techniques should be downgraded
 * (critical→medium, high→info) since they are documentation, not attacks.
 */
export declare function isMarkdownFile(filePath: string): boolean;
/**
 * Check if a line is inside a code comment or markdown code block context.
 * Looks for common single-line comment prefixes: //, #, *, or markdown ``` blocks.
 */
export declare function isInCommentOrCodeBlock(line: string): boolean;
export declare function isJsonFile(filePath: string): boolean;
export declare function isYamlFile(filePath: string): boolean;
export declare function tryParseJson(content: string): unknown | null;
export interface ContextDowngradeLabels {
    sentoriTest?: string;
    sentoriSource?: string;
    markdown?: string;
    testDoc?: string;
}
/**
 * Apply standard context-aware severity downgrades to findings for a given file.
 * Centralizes the repeated test/doc and markdown downgrade patterns across scanners.
 *
 * Downgrade rules (applied in order, first match wins):
 *  - Sentori test file → info + label
 *  - Sentori source file → info + label
 *  - Markdown file → critical→medium, high→info + label
 *  - Test/doc file → critical→medium, high→info + label
 *
 * Pass custom labels to override the default messages per scanner.
 */
export declare function applyContextDowngrades(findings: Finding[], file: string, labels?: ContextDowngradeLabels): void;
//# sourceMappingURL=file-utils.d.ts.map