0xray 2.0.0 → 2.0.1

package/dist/enforcement/validators/base-validator.d.ts

@@ -0,0 +1,88 @@
+/**
+ * Base Validator Abstract Class
+ *
+ * Abstract base class that all validators extend. Provides common utility methods
+ * and enforces the IValidator interface contract.
+ *
+ * @module validators/base-validator
+ * @version 1.0.0
+ */
+import { IValidator, RuleCategory, RuleSeverity, RuleValidationContext, RuleValidationResult } from "../types.js";
+/**
+ * Abstract base class for all validators.
+ * Subclasses must implement the abstract properties and validate method.
+ *
+ * @example
+ * ```typescript
+ * export class MyValidator extends BaseValidator {
+ *   readonly id = 'my-validator';
+ *   readonly ruleId = 'my-rule';
+ *   readonly category = 'code-quality';
+ *   readonly severity = 'error';
+ *
+ *   async validate(context: RuleValidationContext): Promise<RuleValidationResult> {
+ *     // Implementation here
+ *   }
+ * }
+ * ```
+ */
+export declare abstract class BaseValidator implements IValidator {
+    /** Unique identifier for this validator instance */
+    abstract readonly id: string;
+    /** The rule ID this validator validates */
+    abstract readonly ruleId: string;
+    /** Category for organizing validators */
+    abstract readonly category: RuleCategory;
+    /** Severity level of violations */
+    abstract readonly severity: RuleSeverity;
+    /**
+     * Perform validation on the given context.
+     * Must be implemented by subclasses.
+     *
+     * @param context - The validation context containing code and operation info
+     * @returns Promise resolving to validation result
+     */
+    abstract validate(context: RuleValidationContext): Promise<RuleValidationResult>;
+    /**
+     * Extract function body for validation analysis.
+     * Searches for a function by name and extracts its body.
+     *
+     * @param code - The source code to search
+     * @param functionName - Name of the function to extract
+     * @returns The function body or null if not found
+     */
+    protected extractFunctionBody(code: string, functionName: string): string | null;
+    /**
+     * Calculate maximum nesting depth in code.
+     * Counts opening and closing braces/brackets to determine depth.
+     *
+     * @param code - The source code to analyze
+     * @returns Maximum nesting depth (0 for flat code)
+     */
+    protected calculateMaxNesting(code: string): number;
+    /**
+     * Check if code contains a specific pattern.
+     *
+     * @param code - The source code to check
+     * @param pattern - RegExp pattern to search for
+     * @returns True if pattern found, false otherwise
+     */
+    protected hasPattern(code: string, pattern: RegExp): boolean;
+    /**
+     * Create a successful validation result.
+     *
+     * @param message - Success message
+     * @returns RuleValidationResult with passed: true
+     */
+    protected createSuccessResult(message: string): RuleValidationResult;
+    /**
+     * Create a failed validation result.
+     *
+     * @param message - Failure message
+     * @param suggestions - Optional list of suggestions
+     * @param fixes - Optional list of automated fixes
+     * @param severity - Optional severity level (defaults to this.severity)
+     * @returns RuleValidationResult with passed: false
+     */
+    protected createFailureResult(message: string, suggestions?: string[], fixes?: RuleValidationResult["fixes"], severity?: RuleSeverity): RuleValidationResult;
+}

package/dist/enforcement/validators/code-quality-validators.d.ts

@@ -0,0 +1,89 @@
+/**
+ * Code Quality Validators
+ *
+ * Validators for code-quality category rules extracted from rule-enforcer.ts.
+ * Each validator encapsulates the validation logic for a specific rule.
+ *
+ * @module validators/code-quality-validators
+ * @version 1.0.0
+ */
+import { RuleValidationContext, RuleValidationResult } from "../types.js";
+import { BaseValidator } from "./base-validator.js";
+/**
+ * Validates no duplicate code creation (Codex Term #16 - DRY).
+ * Prevents creation of code that already exists in the codebase.
+ */
+export declare class NoDuplicateCodeValidator extends BaseValidator {
+    readonly id = "no-duplicate-code-validator";
+    readonly ruleId = "no-duplicate-code";
+    readonly category: "code-quality";
+    readonly severity: "error";
+    validate(context: RuleValidationContext): Promise<RuleValidationResult>;
+}
+/**
+ * Validates context analysis integration.
+ * Ensures new code integrates properly with context analysis patterns.
+ */
+export declare class ContextAnalysisIntegrationValidator extends BaseValidator {
+    readonly id = "context-analysis-integration-validator";
+    readonly ruleId = "context-analysis-integration";
+    readonly category: "architecture";
+    readonly severity: "warning";
+    validate(context: RuleValidationContext): Promise<RuleValidationResult>;
+}
+/**
+ * Validates memory optimization compliance.
+ * Ensures code follows memory optimization patterns.
+ */
+export declare class MemoryOptimizationValidator extends BaseValidator {
+    readonly id = "memory-optimization-validator";
+    readonly ruleId = "memory-optimization";
+    readonly category: "performance";
+    readonly severity: "warning";
+    validate(context: RuleValidationContext): Promise<RuleValidationResult>;
+}
+/**
+ * Validates documentation requirements (Codex Term #34).
+ * Enforces comprehensive documentation for all code changes.
+ */
+export declare class DocumentationRequiredValidator extends BaseValidator {
+    readonly id = "documentation-required-validator";
+    readonly ruleId = "documentation-required";
+    readonly category: "code-quality";
+    readonly severity: "warning";
+    validate(context: RuleValidationContext): Promise<RuleValidationResult>;
+}
+/**
+ * Validates no over-engineering (Codex Term #3).
+ * Prevents unnecessary complexity and abstractions.
+ */
+export declare class NoOverEngineeringValidator extends BaseValidator {
+    readonly id = "no-over-engineering-validator";
+    readonly ruleId = "no-over-engineering";
+    readonly category: "architecture";
+    readonly severity: "error";
+    validate(context: RuleValidationContext): Promise<RuleValidationResult>;
+}
+/**
+ * Validates clean debug logs (Development Triage).
+ * Ensures debug logs are removed before production deployment.
+ */
+export declare class CleanDebugLogsValidator extends BaseValidator {
+    readonly id = "clean-debug-logs-validator";
+    readonly ruleId = "clean-debug-logs";
+    readonly category: "code-quality";
+    readonly severity: "error";
+    validate(context: RuleValidationContext): Promise<RuleValidationResult>;
+}
+/**
+ * Validates console log usage restrictions.
+ * Console.log must be used only for debugging in dev mode.
+ * Retained logs must use framework logger.
+ */
+export declare class ConsoleLogUsageValidator extends BaseValidator {
+    readonly id = "console-log-usage-validator";
+    readonly ruleId = "console-log-usage";
+    readonly category: "code-quality";
+    readonly severity: "error";
+    validate(context: RuleValidationContext): Promise<RuleValidationResult>;
+}

package/dist/enforcement/validators/index.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Validators Module
+ *
+ * Central export point for all validator classes and registries.
+ * Part of Phase 3 refactoring to extract validators from rule-enforcer.ts.
+ *
+ * @module validators
+ * @version 1.0.0
+ */
+export { BaseValidator } from "./base-validator.js";
+export { ValidatorRegistry, globalValidatorRegistry, } from "./validator-registry.js";
+export { NoDuplicateCodeValidator, ContextAnalysisIntegrationValidator, MemoryOptimizationValidator, DocumentationRequiredValidator, NoOverEngineeringValidator, CleanDebugLogsValidator, ConsoleLogUsageValidator, } from "./code-quality-validators.js";
+export { InputValidationValidator, SecurityByDesignValidator, } from "./security-validators.js";
+export { TestsRequiredValidator, TestCoverageValidator, ContinuousIntegrationValidator, TestFailureReportingValidator, PerformanceRegressionReportingValidator, SecurityVulnerabilityReportingValidator, } from "./testing-validators.js";
+export { DependencyManagementValidator, SrcDistIntegrityValidator, ImportConsistencyValidator, ModuleSystemConsistencyValidator, ErrorResolutionValidator, LoopSafetyValidator, StateManagementPatternsValidator, SingleResponsibilityValidator, DeploymentSafetyValidator, MultiAgentEnsembleValidator, SubstrateExternalizationValidator, FrameworkSelfValidationValidator, EmergentImprovementValidator, } from "./architecture-validators.js";

package/dist/enforcement/validators/security-validators.d.ts

@@ -0,0 +1,53 @@
+/**
+ * Security Validators
+ *
+ * Security-related validators extracted from rule-enforcer.ts during Phase 3 refactoring.
+ * These validators enforce security best practices and input validation requirements.
+ *
+ * @module validators/security-validators
+ * @version 1.0.0
+ */
+import { BaseValidator } from "./base-validator.js";
+import { RuleValidationContext, RuleValidationResult } from "../types.js";
+/**
+ * Validates input validation patterns in code.
+ * Checks for proper input validation, sanitization, and parameter validation.
+ *
+ * @example
+ * ```typescript
+ * const validator = new InputValidationValidator();
+ * const result = await validator.validate({
+ *   newCode: 'function processUser(req) { return req.body.name; }',
+ *   operation: 'write'
+ * });
+ * // result.passed === false (missing validation)
+ * ```
+ */
+export declare class InputValidationValidator extends BaseValidator {
+    readonly id = "input-validation-validator";
+    readonly ruleId = "input-validation";
+    readonly category: "security";
+    readonly severity: "blocking";
+    validate(context: RuleValidationContext): Promise<RuleValidationResult>;
+}
+/**
+ * Validates security by design principles.
+ * Checks for security architecture patterns, input sanitization, and vulnerability prevention.
+ *
+ * @example
+ * ```typescript
+ * const validator = new SecurityByDesignValidator();
+ * const result = await validator.validate({
+ *   newCode: 'app.post("/api", (req, res) => { db.query(req.body.sql); })',
+ *   operation: 'write'
+ * });
+ * // result.passed === false (SQL injection risk)
+ * ```
+ */
+export declare class SecurityByDesignValidator extends BaseValidator {
+    readonly id = "security-by-design-validator";
+    readonly ruleId = "security-by-design";
+    readonly category: "security";
+    readonly severity: "blocking";
+    validate(context: RuleValidationContext): Promise<RuleValidationResult>;
+}

package/dist/enforcement/validators/testing-validators.d.ts

@@ -0,0 +1,81 @@
+/**
+ * Testing Validators
+ *
+ * Validators for testing category rules extracted from rule-enforcer.ts.
+ * Each validator encapsulates the validation logic for a specific testing rule.
+ *
+ * @module validators/testing-validators
+ * @version 1.0.0
+ */
+import { RuleValidationContext, RuleValidationResult } from "../types.js";
+import { BaseValidator } from "./base-validator.js";
+/**
+ * Validates that tests are required for new code (Codex Term #26).
+ * Checks if tests exist for new components or modified functionality.
+ */
+export declare class TestsRequiredValidator extends BaseValidator {
+    readonly id = "tests-required-validator";
+    readonly ruleId = "tests-required";
+    readonly category: "testing";
+    readonly severity: "error";
+    validate(context: RuleValidationContext): Promise<RuleValidationResult>;
+}
+/**
+ * Validates test coverage thresholds (Codex Term #26).
+ * Maintains 85%+ behavioral test coverage.
+ */
+export declare class TestCoverageValidator extends BaseValidator {
+    readonly id = "test-coverage-validator";
+    readonly ruleId = "test-coverage";
+    readonly category: "testing";
+    readonly severity: "warning";
+    validate(context: RuleValidationContext): Promise<RuleValidationResult>;
+}
+/**
+ * Validates continuous integration requirements (Codex Term #36).
+ * Ensures automated testing and linting on every commit.
+ */
+export declare class ContinuousIntegrationValidator extends BaseValidator {
+    readonly id = "continuous-integration-validator";
+    readonly ruleId = "continuous-integration";
+    readonly category: "testing";
+    readonly severity: "error";
+    validate(context: RuleValidationContext): Promise<RuleValidationResult>;
+}
+/**
+ * Validates test failure reporting requirements.
+ * Ensures proper test failure handling and reporting mechanisms.
+ */
+export declare class TestFailureReportingValidator extends BaseValidator {
+    readonly id = "test-failure-reporting-validator";
+    readonly ruleId = "test-failure-reporting";
+    readonly category: "reporting";
+    readonly severity: "high";
+    validate(context: RuleValidationContext): Promise<RuleValidationResult>;
+    /**
+     * Create a warning validation result (convenience method).
+     */
+    private createWarningResult;
+}
+/**
+ * Validates performance regression reporting requirements.
+ * Ensures performance metrics are tracked and reported.
+ */
+export declare class PerformanceRegressionReportingValidator extends BaseValidator {
+    readonly id = "performance-regression-reporting-validator";
+    readonly ruleId = "performance-regression-reporting";
+    readonly category: "reporting";
+    readonly severity: "warning";
+    validate(context: RuleValidationContext): Promise<RuleValidationResult>;
+}
+/**
+ * Validates security vulnerability reporting requirements.
+ * Ensures security issues are properly reported.
+ */
+export declare class SecurityVulnerabilityReportingValidator extends BaseValidator {
+    readonly id = "security-vulnerability-reporting-validator";
+    readonly ruleId = "security-vulnerability-reporting";
+    readonly category: "reporting";
+    readonly severity: "error";
+    validate(context: RuleValidationContext): Promise<RuleValidationResult>;
+}

package/dist/enforcement/validators/validator-registry.d.ts

@@ -0,0 +1,92 @@
+/**
+ * Validator Registry
+ *
+ * Central registry for all validator instances. Provides lookup by rule ID
+ * and category filtering capabilities.
+ *
+ * @module validators/validator-registry
+ * @version 1.0.0
+ */
+import { IValidator, IValidatorRegistry, RuleCategory } from "../types.js";
+/**
+ * Implementation of the validator registry.
+ * Manages validator instances in a Map for O(1) lookup by rule ID.
+ * Auto-registers all validators on construction for facade simplicity.
+ *
+ * @example
+ * ```typescript
+ * const registry = new ValidatorRegistry();
+ * const validator = registry.getValidator('no-duplicate-code')!;
+ * const result = await validator.validate(context);
+ * ```
+ */
+export declare class ValidatorRegistry implements IValidatorRegistry {
+    /** Internal map storing validators by rule ID */
+    private validators;
+    /**
+     * Creates a new ValidatorRegistry and auto-registers all validators.
+     */
+    constructor();
+    /**
+     * Auto-register all validators.
+     * Called automatically on construction.
+     */
+    private registerAllValidators;
+    /**
+     * Register a validator instance.
+     * The validator is keyed by its ruleId property.
+     *
+     * @param validator - The validator instance to register
+     * @throws Error if a validator for this ruleId already exists
+     */
+    register(validator: IValidator): void;
+    /**
+     * Get a validator by rule ID.
+     *
+     * @param ruleId - The rule ID to look up
+     * @returns The validator instance or undefined if not found
+     */
+    getValidator(ruleId: string): IValidator | undefined;
+    /**
+     * Get all validators for a specific category.
+     *
+     * @param category - The category to filter by
+     * @returns Array of validators in that category
+     */
+    getValidatorsByCategory(category: RuleCategory): IValidator[];
+    /**
+     * Get all registered validators.
+     *
+     * @returns Array of all registered validators
+     */
+    getAllValidators(): IValidator[];
+    /**
+     * Check if a validator exists for a rule ID.
+     *
+     * @param ruleId - The rule ID to check
+     * @returns True if a validator exists, false otherwise
+     */
+    hasValidator(ruleId: string): boolean;
+    /**
+     * Remove a validator from the registry.
+     *
+     * @param ruleId - The rule ID of the validator to remove
+     * @returns True if a validator was removed, false if not found
+     */
+    unregister(ruleId: string): boolean;
+    /**
+     * Clear all validators from the registry.
+     */
+    clear(): void;
+    /**
+     * Get the count of registered validators.
+     *
+     * @returns Number of registered validators
+     */
+    getCount(): number;
+}
+/**
+ * Singleton instance of the validator registry.
+ * Use this for global validator management.
+ */
+export declare const globalValidatorRegistry: ValidatorRegistry;

package/dist/execution/opencode-cli-invoker.d.ts

@@ -0,0 +1,8 @@
+/**
+ * OpenCode CLI Invoker (thin execution helper)
+ *
+ * Thin OpenCode fallback path under the three-subsystem Engine.
+ * Owned by Autonomous Engine. All direct child_process and agent spawn execution here.
+ * InferenceCycle is pure sensing + proposal + governance orchestration.
+ */
+export declare function invokeViaOpencode(agentName: string, prompt: string, projectRoot?: string): Promise<string>;

package/dist/execution/proposal-applier.d.ts

@@ -0,0 +1,24 @@
+import type { InferenceProposal } from "../inference/inference-cycle.js";
+export interface ApplyResult {
+    proposalId: string;
+    success: boolean;
+    filesChanged?: string[];
+    details?: string[];
+    error?: string;
+}
+export type CodeChangeCallback = (proposal: InferenceProposal) => Promise<boolean>;
+export type ReviewCallback = (proposal: InferenceProposal, prUrl: string) => Promise<"go" | "no-go" | "modify">;
+export declare class ProposalApplier {
+    private projectRoot;
+    private codeChangeCallback?;
+    private reviewCallback?;
+    constructor(projectRoot?: string, codeChangeCallback?: CodeChangeCallback | undefined, reviewCallback?: ReviewCallback | undefined);
+    applyProposals(proposals: InferenceProposal[]): Promise<ApplyResult[]>;
+    private applyProposal;
+    private applyCodification;
+    private isInsideGitRepo;
+    private getAppliedMarkerPath;
+    private recordAppliedProposal;
+    private createPR;
+}
+export declare const proposalApplier: ProposalApplier;

package/dist/governance/codex-policy.service.d.ts

@@ -0,0 +1,57 @@
+/**
+ * CodexPolicyService
+ *
+ * The initial Governance-owned Single Source of Truth (SSOT) for Codex / policy loading.
+ * This is the V2-P1-S02-REAL first concrete migration slice.
+ *
+ * Role (per 3-subsystem architecture + researcher mapping):
+ *   - External Governance (Decision Layer & SSOT) owns "what the policy is".
+ *   - All consumers (enforcement CodexLoader, injectors, formatters, MCP surfaces, plugins)
+ *     will eventually ask here instead of performing direct fs reads.
+ *
+ * Current scope (minimal safe skeleton):
+ *   - Read-only query surface.
+ *   - Uses canonical resolveCodexPath + async file load (no duplication of resolution logic).
+ *   - Returns ActiveCodexSnapshot compatible with the existing get_active_codex MCP tool.
+ *   - Provides getTermCount() with safe 60-term fallback (preserves prior behavior of bypasses).
+ *   - Full frameworkLogger discipline on every load/decision/error.
+ *   - No caching in v1 skeleton (additive later); no mutation; no enforcement.
+ *
+ * First wired consumer: src/mcps/enforcer-tools.server.ts (getCodexTermCount bypass removed;
+ * now delegates through this service).
+ *
+ * Next recommended slices (documented in researcher mapping append):
+ *   - Wire governance.server.ts handleGetActiveCodex to delegate (remove its direct read).
+ *   - S02b/S02c follow-ups: update codex-injector, context-loader, codex-formatter, plugin.
+ *   - Make CodexLoader delegate its raw data load here, then re-export from governance.
+ *
+ * @module governance/codex-policy.service
+ * @version 2.0.0-s02-real
+ */
+import type { ActiveCodexSnapshot, ICodexPolicyProvider } from './governance-types.js';
+/**
+ * Canonical implementation of the Governance Codex/Policy provider.
+ * Single owner of the "first read" of any codex.json for the framework.
+ */
+export declare class CodexPolicyService implements ICodexPolicyProvider {
+    private readonly component;
+    /**
+     * Internal loader: resolves candidates, picks first existing, reads + parses.
+     * Always logs via frameworkLogger (success, error, fallback).
+     */
+    private loadRaw;
+    private computeTermCount;
+    private getBuiltinFallback;
+    /**
+     * Primary SSOT query: returns the ActiveCodexSnapshot.
+     * Matches (and is the intended backing impl for) the get_active_codex MCP response.
+     */
+    getCurrentCodex(includeRaw?: boolean): Promise<ActiveCodexSnapshot>;
+    /**
+     * Convenience: just the term count.
+     * Preserves historical caller behavior (hard 60 fallback when everything fails).
+     */
+    getTermCount(): Promise<number>;
+}
+export declare function getCodexPolicyService(): CodexPolicyService;
+export { CodexPolicyService as default };

package/dist/governance/governance-core.d.ts

@@ -0,0 +1,46 @@
+/**
+ * Pure governance decision logic.
+ * This module contains the PHI/TAU matrix and merging rules.
+ * It has no side effects and does not call any MCPs.
+ *
+ * This is the shared "pure logic" that both the Governance MCP
+ * and any HTTP deployment (Vercel) can use.
+ */
+import type { GovernanceVote, GovernanceResult } from './governance-types.js';
+export interface DecisionMatrixInput {
+    resonance: number;
+    isotopicRatio: number;
+    vortexVolume?: number;
+    historicalCoherence?: number;
+    solarActivity?: 'quiet' | 'moderate' | 'active' | 'storm';
+    moralTension?: 'Aligned' | 'Mild' | 'Significant' | 'Critical';
+    moralScore?: number;
+    moralFusion?: number;
+}
+export interface DecisionMatrixOutput {
+    recommendation: 'PASS' | 'NEEDS_REVISION' | 'REJECT';
+    confidence: number;
+    voteWeight: number;
+    reasons: string[];
+    moralOverride?: 'rejected_critical' | 'downgraded_significant' | 'none';
+}
+export declare const MORAL_OVERRIDE_LEVELS: {
+    Critical: "rejected_critical";
+    Significant: "downgraded_significant";
+    Mild: "none";
+    Aligned: "none";
+};
+export type MoralOverrideThreshold = 'Critical' | 'Significant' | 'Mild' | 'Aligned' | 'disabled';
+/**
+ * The core PHI/TAU decision matrix.
+ * Extracted so it can be shared between local MCP and deployed HTTP versions.
+ */
+export declare function applyDecisionMatrix(input: DecisionMatrixInput): DecisionMatrixOutput;
+/**
+ * Simple weighted merge of votes from multiple servers + external.
+ */
+export declare function mergeVotes(votes: GovernanceVote[]): {
+    finalDecision: GovernanceResult['finalDecision'];
+    averageConfidence: number;
+    reasoningSummary: string;
+};

package/dist/governance/governance-service.d.ts

@@ -0,0 +1,38 @@
+/**
+ * GovernanceService
+ *
+ * Central orchestrator for governance.
+ *
+ * Architecture:
+ *   - Internal Layer: 3 real skill MCPs (code-review, security-audit, researcher)
+ *     → Internal deliberation based on knowledge and code patterns.
+ *
+ *   - External Filter: Dynamo Solar SSOT
+ *     → Single Source of Truth governance signal based on sunlight physics,
+ *       a neural net, and temporal first principles. This is a required check.
+ *
+ *   - Merge Layer: governance-core.ts (weighted voting + PHI/TAU matrix)
+ *
+ * Dynamo Solar SSOT is treated as a mandatory external filter (not optional, not a fallback).
+ */
+import { GovernanceRequest, GovernanceResponse } from './governance-types.js';
+export declare class GovernanceService {
+    constructor();
+    /**
+     * Main entry point: Govern a set of proposals.
+     *
+     * Flow:
+     *   1. Internal deliberation → 3 real skill MCPs (code-review, security-audit, researcher)
+     *   2. External filter       → Dynamo Solar SSOT (via InferenceGovernanceIntegration)
+     *   3. Merge                 → governance-core.ts (weighted + PHI/TAU logic)
+     *
+     * Dynamo Solar SSOT is treated as a hard requirement by default.
+     */
+    govern(request: GovernanceRequest): Promise<GovernanceResponse>;
+    private runGovernanceWithTimeout;
+    private callSkillServer;
+    private callExternalDynamo;
+    private callInProcessSkillWithTimeout;
+    private parseVoteFromText;
+}
+export declare function getGovernanceService(): GovernanceService;

package/dist/governance/governance-types.d.ts

@@ -0,0 +1,83 @@
+/**
+ * Core types for the 0xRay Governance System.
+ * These types are used by the GovernanceService, Governance MCP,
+ * and all integrations.
+ */
+export type ProposalType = 'fix' | 'refactor' | 'guard' | 'automate' | 'codify' | 'strategic' | 'compliance';
+export interface GovernanceProposal {
+    id: string;
+    type: ProposalType;
+    title: string;
+    description: string;
+    evidence?: string[];
+    source?: 'inference' | 'reflection' | 'manual' | 'ci' | 'phase-planning';
+    confidence?: number;
+    metadata?: Record<string, unknown>;
+}
+export interface GovernanceVote {
+    server: string;
+    decision: 'approve' | 'reject' | 'abstain' | 'needs_revision';
+    confidence: number;
+    reasoning: string;
+    weight?: number;
+    moralTension?: 'Aligned' | 'Mild' | 'Significant' | 'Critical' | undefined;
+    moralScore?: number | undefined;
+    moralFusion?: number | undefined;
+    detectedVirtues?: string[] | undefined;
+    detectedConcerns?: string[] | undefined;
+}
+export interface GovernanceResult {
+    proposalId: string;
+    finalDecision: 'approve' | 'reject' | 'needs_revision' | 'abstain';
+    averageConfidence: number;
+    votes: GovernanceVote[];
+    reasoningSummary: string;
+    recommendedActions?: string[];
+    externalContext?: Record<string, unknown>;
+    moralOverride?: 'rejected_critical' | 'downgraded_significant' | 'none';
+}
+export interface GovernanceContext {
+    project?: string;
+    phase?: string;
+    source?: string;
+    reflectionId?: string;
+    inferenceCycleId?: string;
+}
+export interface GovernOptions {
+    requireExternalDynamo?: boolean;
+    minConfidence?: number;
+    enableSolarAdjustment?: boolean;
+    timeoutMs?: number;
+    maxAbstentionThreshold?: number;
+}
+export interface GovernanceRequest {
+    proposals: GovernanceProposal[];
+    context?: GovernanceContext;
+    options?: GovernOptions;
+}
+export interface GovernanceResponse {
+    results: GovernanceResult[];
+    overallDecision: 'approve' | 'needs_revision' | 'reject';
+    summary: {
+        total: number;
+        approved: number;
+        needsRevision: number;
+        rejected: number;
+    };
+}
+export interface ActiveCodexSnapshot {
+    source: string | null;
+    loaded_at: string;
+    term_count: number;
+    version: string;
+    last_updated?: string;
+    governance_ssot: boolean;
+    is_fallback: boolean;
+    note: string;
+    dynamo_required: boolean;
+    codex?: Record<string, unknown>;
+}
+export interface ICodexPolicyProvider {
+    getCurrentCodex(includeRaw?: boolean): Promise<ActiveCodexSnapshot>;
+    getTermCount(): Promise<number>;
+}