@adammcarter/use-cases 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.agents/skills/migration/SKILL.md +85 -0
- package/.agents/skills/showcase/SKILL.md +60 -0
- package/.agents/skills/use-cases/SKILL.md +161 -0
- package/.agents/skills/walkthrough/SKILL.md +48 -0
- package/.claude-plugin/plugin.json +14 -0
- package/.codex-plugin/plugin.json +33 -0
- package/.mcp.json +8 -0
- package/.opencode/plugin/use-cases.js +32 -0
- package/CHANGELOG.md +125 -0
- package/LICENSE +21 -0
- package/README.md +112 -0
- package/bootstrap/use-cases.md +60 -0
- package/docs/README.md +51 -0
- package/docs/acceptance.md +16 -0
- package/docs/activation.md +89 -0
- package/docs/adr/0001-p0-bootstrap-decisions.md +107 -0
- package/docs/adr/0002-p1-schema-contracts.md +136 -0
- package/docs/adr/0003-p2-use-case-matrix-contracts.md +67 -0
- package/docs/adr/0004-p3-evidence-ledger-contracts.md +85 -0
- package/docs/adr/0005-p4-cli-contract.md +70 -0
- package/docs/adr/0006-trusted-user-approval-path.md +125 -0
- package/docs/cli.md +108 -0
- package/docs/data-model.md +56 -0
- package/docs/getting-started.md +296 -0
- package/docs/hosts.md +30 -0
- package/docs/markers-adoption.md +100 -0
- package/docs/mcp.md +114 -0
- package/docs/migration.md +90 -0
- package/docs/reference/error-codes.md +123 -0
- package/docs/reference/stability.md +123 -0
- package/docs/release.md +26 -0
- package/docs/security/ci-hardening.md +144 -0
- package/docs/security/key-management.md +158 -0
- package/docs/security.md +66 -0
- package/docs/showcase.md +39 -0
- package/docs/tutorials/python-pytest.md +188 -0
- package/examples/basic-product/demo-capsules/product-search.yml +23 -0
- package/examples/basic-product/evidence/by-id/ev/evidence-basic-search.jsonl +1 -0
- package/examples/basic-product/showcase-runs/run.basic.product.search/events.jsonl +4 -0
- package/examples/basic-product/use-cases/product.yml +85 -0
- package/examples/basic-product/use-cases.yml +9 -0
- package/examples/damaged-product/evidence/broken.jsonl +1 -0
- package/examples/damaged-product/use-cases/duplicate-a.yml +28 -0
- package/examples/damaged-product/use-cases/duplicate-b.yml +28 -0
- package/examples/damaged-product/use-cases/malformed.yml +14 -0
- package/examples/damaged-product/use-cases/valid-sibling.yml +28 -0
- package/examples/damaged-product/use-cases.yml +9 -0
- package/examples/host-projections/use-cases.yml +9 -0
- package/examples/python-pytest/README.md +39 -0
- package/examples/python-pytest/pytest.ini +8 -0
- package/examples/python-pytest/src/coupon.py +32 -0
- package/examples/python-pytest/tests/use_cases/example.checkout.apply_coupon_test.py +31 -0
- package/examples/python-pytest/use-cases/checkout.yml +47 -0
- package/examples/python-pytest/use-cases.yml +19 -0
- package/hooks/hooks-codex.json +16 -0
- package/hooks/hooks.json +16 -0
- package/hooks/session-start +42 -0
- package/hosts/claude.yml +29 -0
- package/hosts/codex.yml +29 -0
- package/hosts/copilot.yml +29 -0
- package/hosts/opencode.yml +29 -0
- package/package.json +81 -0
- package/packages/cli/README.md +37 -0
- package/packages/cli/dist/args/parse.d.ts +6 -0
- package/packages/cli/dist/args/parse.d.ts.map +1 -0
- package/packages/cli/dist/args/parse.js +55 -0
- package/packages/cli/dist/args/parse.js.map +1 -0
- package/packages/cli/dist/args/validate.d.ts +3 -0
- package/packages/cli/dist/args/validate.d.ts.map +1 -0
- package/packages/cli/dist/args/validate.js +80 -0
- package/packages/cli/dist/args/validate.js.map +1 -0
- package/packages/cli/dist/builtins.d.ts +2 -0
- package/packages/cli/dist/builtins.d.ts.map +1 -0
- package/packages/cli/dist/builtins.js +235 -0
- package/packages/cli/dist/builtins.js.map +1 -0
- package/packages/cli/dist/command/dispatch.d.ts +4 -0
- package/packages/cli/dist/command/dispatch.d.ts.map +1 -0
- package/packages/cli/dist/command/dispatch.js +45 -0
- package/packages/cli/dist/command/dispatch.js.map +1 -0
- package/packages/cli/dist/command/help-catalog.d.ts +13 -0
- package/packages/cli/dist/command/help-catalog.d.ts.map +1 -0
- package/packages/cli/dist/command/help-catalog.js +42 -0
- package/packages/cli/dist/command/help-catalog.js.map +1 -0
- package/packages/cli/dist/command/registry.d.ts +3 -0
- package/packages/cli/dist/command/registry.d.ts.map +1 -0
- package/packages/cli/dist/command/registry.js +33 -0
- package/packages/cli/dist/command/registry.js.map +1 -0
- package/packages/cli/dist/command/types.d.ts +32 -0
- package/packages/cli/dist/command/types.d.ts.map +1 -0
- package/packages/cli/dist/command/types.js +6 -0
- package/packages/cli/dist/command/types.js.map +1 -0
- package/packages/cli/dist/commands/capsule.d.ts +7 -0
- package/packages/cli/dist/commands/capsule.d.ts.map +1 -0
- package/packages/cli/dist/commands/capsule.js +178 -0
- package/packages/cli/dist/commands/capsule.js.map +1 -0
- package/packages/cli/dist/commands/common.d.ts +7 -0
- package/packages/cli/dist/commands/common.d.ts.map +1 -0
- package/packages/cli/dist/commands/common.js +32 -0
- package/packages/cli/dist/commands/common.js.map +1 -0
- package/packages/cli/dist/commands/doctor.d.ts +6 -0
- package/packages/cli/dist/commands/doctor.d.ts.map +1 -0
- package/packages/cli/dist/commands/doctor.js +133 -0
- package/packages/cli/dist/commands/doctor.js.map +1 -0
- package/packages/cli/dist/commands/evidence.d.ts +6 -0
- package/packages/cli/dist/commands/evidence.d.ts.map +1 -0
- package/packages/cli/dist/commands/evidence.js +191 -0
- package/packages/cli/dist/commands/evidence.js.map +1 -0
- package/packages/cli/dist/commands/host.d.ts +6 -0
- package/packages/cli/dist/commands/host.d.ts.map +1 -0
- package/packages/cli/dist/commands/host.js +180 -0
- package/packages/cli/dist/commands/host.js.map +1 -0
- package/packages/cli/dist/commands/keygen.d.ts +4 -0
- package/packages/cli/dist/commands/keygen.d.ts.map +1 -0
- package/packages/cli/dist/commands/keygen.js +132 -0
- package/packages/cli/dist/commands/keygen.js.map +1 -0
- package/packages/cli/dist/commands/markers.d.ts +8 -0
- package/packages/cli/dist/commands/markers.d.ts.map +1 -0
- package/packages/cli/dist/commands/markers.js +455 -0
- package/packages/cli/dist/commands/markers.js.map +1 -0
- package/packages/cli/dist/commands/matrix.d.ts +8 -0
- package/packages/cli/dist/commands/matrix.d.ts.map +1 -0
- package/packages/cli/dist/commands/matrix.js +237 -0
- package/packages/cli/dist/commands/matrix.js.map +1 -0
- package/packages/cli/dist/commands/migrate.d.ts +4 -0
- package/packages/cli/dist/commands/migrate.d.ts.map +1 -0
- package/packages/cli/dist/commands/migrate.js +82 -0
- package/packages/cli/dist/commands/migrate.js.map +1 -0
- package/packages/cli/dist/commands/plan.d.ts +6 -0
- package/packages/cli/dist/commands/plan.d.ts.map +1 -0
- package/packages/cli/dist/commands/plan.js +129 -0
- package/packages/cli/dist/commands/plan.js.map +1 -0
- package/packages/cli/dist/commands/recover.d.ts +4 -0
- package/packages/cli/dist/commands/recover.d.ts.map +1 -0
- package/packages/cli/dist/commands/recover.js +352 -0
- package/packages/cli/dist/commands/recover.js.map +1 -0
- package/packages/cli/dist/commands/schema.d.ts +5 -0
- package/packages/cli/dist/commands/schema.d.ts.map +1 -0
- package/packages/cli/dist/commands/schema.js +51 -0
- package/packages/cli/dist/commands/schema.js.map +1 -0
- package/packages/cli/dist/commands/showcase.d.ts +14 -0
- package/packages/cli/dist/commands/showcase.d.ts.map +1 -0
- package/packages/cli/dist/commands/showcase.js +638 -0
- package/packages/cli/dist/commands/showcase.js.map +1 -0
- package/packages/cli/dist/commands/workflow.d.ts +5 -0
- package/packages/cli/dist/commands/workflow.d.ts.map +1 -0
- package/packages/cli/dist/commands/workflow.js +107 -0
- package/packages/cli/dist/commands/workflow.js.map +1 -0
- package/packages/cli/dist/coreLoader.d.ts +6 -0
- package/packages/cli/dist/coreLoader.d.ts.map +1 -0
- package/packages/cli/dist/coreLoader.js +34 -0
- package/packages/cli/dist/coreLoader.js.map +1 -0
- package/packages/cli/dist/index.d.ts +5 -0
- package/packages/cli/dist/index.d.ts.map +1 -0
- package/packages/cli/dist/index.js +83 -0
- package/packages/cli/dist/index.js.map +1 -0
- package/packages/cli/dist/render.d.ts +2 -0
- package/packages/cli/dist/render.d.ts.map +1 -0
- package/packages/cli/dist/render.js +88 -0
- package/packages/cli/dist/render.js.map +1 -0
- package/packages/cli/dist/runtime.d.ts +25 -0
- package/packages/cli/dist/runtime.d.ts.map +1 -0
- package/packages/cli/dist/runtime.js +89 -0
- package/packages/cli/dist/runtime.js.map +1 -0
- package/packages/cli/package.json +38 -0
- package/packages/core/README.md +37 -0
- package/packages/core/dist/capsules/index.d.ts +4 -0
- package/packages/core/dist/capsules/index.d.ts.map +1 -0
- package/packages/core/dist/capsules/index.js +4 -0
- package/packages/core/dist/capsules/index.js.map +1 -0
- package/packages/core/dist/capsules/loadCapsule.d.ts +11 -0
- package/packages/core/dist/capsules/loadCapsule.d.ts.map +1 -0
- package/packages/core/dist/capsules/loadCapsule.js +167 -0
- package/packages/core/dist/capsules/loadCapsule.js.map +1 -0
- package/packages/core/dist/capsules/runCapsule.d.ts +3 -0
- package/packages/core/dist/capsules/runCapsule.d.ts.map +1 -0
- package/packages/core/dist/capsules/runCapsule.js +333 -0
- package/packages/core/dist/capsules/runCapsule.js.map +1 -0
- package/packages/core/dist/capsules/types.d.ts +106 -0
- package/packages/core/dist/capsules/types.d.ts.map +1 -0
- package/packages/core/dist/capsules/types.js +2 -0
- package/packages/core/dist/capsules/types.js.map +1 -0
- package/packages/core/dist/durableWrite.d.ts +2 -0
- package/packages/core/dist/durableWrite.d.ts.map +1 -0
- package/packages/core/dist/durableWrite.js +34 -0
- package/packages/core/dist/durableWrite.js.map +1 -0
- package/packages/core/dist/errors/registry.d.ts +122 -0
- package/packages/core/dist/errors/registry.d.ts.map +1 -0
- package/packages/core/dist/errors/registry.js +206 -0
- package/packages/core/dist/errors/registry.js.map +1 -0
- package/packages/core/dist/errors/render.d.ts +3 -0
- package/packages/core/dist/errors/render.d.ts.map +1 -0
- package/packages/core/dist/errors/render.js +64 -0
- package/packages/core/dist/errors/render.js.map +1 -0
- package/packages/core/dist/errors.d.ts +5 -0
- package/packages/core/dist/errors.d.ts.map +1 -0
- package/packages/core/dist/errors.js +9 -0
- package/packages/core/dist/errors.js.map +1 -0
- package/packages/core/dist/evidence/appendEvidenceEvent.d.ts +27 -0
- package/packages/core/dist/evidence/appendEvidenceEvent.d.ts.map +1 -0
- package/packages/core/dist/evidence/appendEvidenceEvent.js +218 -0
- package/packages/core/dist/evidence/appendEvidenceEvent.js.map +1 -0
- package/packages/core/dist/evidence/assurance.d.ts +18 -0
- package/packages/core/dist/evidence/assurance.d.ts.map +1 -0
- package/packages/core/dist/evidence/assurance.js +38 -0
- package/packages/core/dist/evidence/assurance.js.map +1 -0
- package/packages/core/dist/evidence/index.d.ts +8 -0
- package/packages/core/dist/evidence/index.d.ts.map +1 -0
- package/packages/core/dist/evidence/index.js +8 -0
- package/packages/core/dist/evidence/index.js.map +1 -0
- package/packages/core/dist/evidence/jsonlLedger.d.ts +13 -0
- package/packages/core/dist/evidence/jsonlLedger.d.ts.map +1 -0
- package/packages/core/dist/evidence/jsonlLedger.js +171 -0
- package/packages/core/dist/evidence/jsonlLedger.js.map +1 -0
- package/packages/core/dist/evidence/linkEvidence.d.ts +4 -0
- package/packages/core/dist/evidence/linkEvidence.d.ts.map +1 -0
- package/packages/core/dist/evidence/linkEvidence.js +53 -0
- package/packages/core/dist/evidence/linkEvidence.js.map +1 -0
- package/packages/core/dist/evidence/replayEvidence.d.ts +6 -0
- package/packages/core/dist/evidence/replayEvidence.d.ts.map +1 -0
- package/packages/core/dist/evidence/replayEvidence.js +216 -0
- package/packages/core/dist/evidence/replayEvidence.js.map +1 -0
- package/packages/core/dist/evidence/results.d.ts +4 -0
- package/packages/core/dist/evidence/results.d.ts.map +1 -0
- package/packages/core/dist/evidence/results.js +32 -0
- package/packages/core/dist/evidence/results.js.map +1 -0
- package/packages/core/dist/evidence/types.d.ts +149 -0
- package/packages/core/dist/evidence/types.d.ts.map +1 -0
- package/packages/core/dist/evidence/types.js +2 -0
- package/packages/core/dist/evidence/types.js.map +1 -0
- package/packages/core/dist/host-profiles/claude.yml +29 -0
- package/packages/core/dist/host-profiles/codex.yml +29 -0
- package/packages/core/dist/host-profiles/copilot.yml +29 -0
- package/packages/core/dist/host-profiles/opencode.yml +29 -0
- package/packages/core/dist/hosts/conformanceStatus.d.ts +16 -0
- package/packages/core/dist/hosts/conformanceStatus.d.ts.map +1 -0
- package/packages/core/dist/hosts/conformanceStatus.js +160 -0
- package/packages/core/dist/hosts/conformanceStatus.js.map +1 -0
- package/packages/core/dist/hosts/index.d.ts +5 -0
- package/packages/core/dist/hosts/index.d.ts.map +1 -0
- package/packages/core/dist/hosts/index.js +5 -0
- package/packages/core/dist/hosts/index.js.map +1 -0
- package/packages/core/dist/hosts/loadHostProfile.d.ts +6 -0
- package/packages/core/dist/hosts/loadHostProfile.d.ts.map +1 -0
- package/packages/core/dist/hosts/loadHostProfile.js +41 -0
- package/packages/core/dist/hosts/loadHostProfile.js.map +1 -0
- package/packages/core/dist/hosts/projectHostFiles.d.ts +16 -0
- package/packages/core/dist/hosts/projectHostFiles.d.ts.map +1 -0
- package/packages/core/dist/hosts/projectHostFiles.js +272 -0
- package/packages/core/dist/hosts/projectHostFiles.js.map +1 -0
- package/packages/core/dist/hosts/types.d.ts +122 -0
- package/packages/core/dist/hosts/types.d.ts.map +1 -0
- package/packages/core/dist/hosts/types.js +2 -0
- package/packages/core/dist/hosts/types.js.map +1 -0
- package/packages/core/dist/index.d.ts +26 -0
- package/packages/core/dist/index.d.ts.map +1 -0
- package/packages/core/dist/index.js +31 -0
- package/packages/core/dist/index.js.map +1 -0
- package/packages/core/dist/init/index.d.ts +2 -0
- package/packages/core/dist/init/index.d.ts.map +1 -0
- package/packages/core/dist/init/index.js +3 -0
- package/packages/core/dist/init/index.js.map +1 -0
- package/packages/core/dist/init/scaffold.d.ts +28 -0
- package/packages/core/dist/init/scaffold.d.ts.map +1 -0
- package/packages/core/dist/init/scaffold.js +293 -0
- package/packages/core/dist/init/scaffold.js.map +1 -0
- package/packages/core/dist/markers/appendOnly.d.ts +23 -0
- package/packages/core/dist/markers/appendOnly.d.ts.map +1 -0
- package/packages/core/dist/markers/appendOnly.js +75 -0
- package/packages/core/dist/markers/appendOnly.js.map +1 -0
- package/packages/core/dist/markers/bindingSetHash.d.ts +28 -0
- package/packages/core/dist/markers/bindingSetHash.d.ts.map +1 -0
- package/packages/core/dist/markers/bindingSetHash.js +33 -0
- package/packages/core/dist/markers/bindingSetHash.js.map +1 -0
- package/packages/core/dist/markers/canonicalJson.d.ts +4 -0
- package/packages/core/dist/markers/canonicalJson.d.ts.map +1 -0
- package/packages/core/dist/markers/canonicalJson.js +51 -0
- package/packages/core/dist/markers/canonicalJson.js.map +1 -0
- package/packages/core/dist/markers/ciAuthority.d.ts +17 -0
- package/packages/core/dist/markers/ciAuthority.d.ts.map +1 -0
- package/packages/core/dist/markers/ciAuthority.js +131 -0
- package/packages/core/dist/markers/ciAuthority.js.map +1 -0
- package/packages/core/dist/markers/cli/bind.d.ts +48 -0
- package/packages/core/dist/markers/cli/bind.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/bind.js +198 -0
- package/packages/core/dist/markers/cli/bind.js.map +1 -0
- package/packages/core/dist/markers/cli/index.d.ts +9 -0
- package/packages/core/dist/markers/cli/index.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/index.js +15 -0
- package/packages/core/dist/markers/cli/index.js.map +1 -0
- package/packages/core/dist/markers/cli/io.d.ts +18 -0
- package/packages/core/dist/markers/cli/io.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/io.js +62 -0
- package/packages/core/dist/markers/cli/io.js.map +1 -0
- package/packages/core/dist/markers/cli/precommit.d.ts +32 -0
- package/packages/core/dist/markers/cli/precommit.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/precommit.js +174 -0
- package/packages/core/dist/markers/cli/precommit.js.map +1 -0
- package/packages/core/dist/markers/cli/prove.d.ts +69 -0
- package/packages/core/dist/markers/cli/prove.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/prove.js +381 -0
- package/packages/core/dist/markers/cli/prove.js.map +1 -0
- package/packages/core/dist/markers/cli/scan.d.ts +63 -0
- package/packages/core/dist/markers/cli/scan.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/scan.js +233 -0
- package/packages/core/dist/markers/cli/scan.js.map +1 -0
- package/packages/core/dist/markers/cli/shared.d.ts +25 -0
- package/packages/core/dist/markers/cli/shared.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/shared.js +123 -0
- package/packages/core/dist/markers/cli/shared.js.map +1 -0
- package/packages/core/dist/markers/cli/validateLedger.d.ts +38 -0
- package/packages/core/dist/markers/cli/validateLedger.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/validateLedger.js +81 -0
- package/packages/core/dist/markers/cli/validateLedger.js.map +1 -0
- package/packages/core/dist/markers/cli/verify.d.ts +65 -0
- package/packages/core/dist/markers/cli/verify.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/verify.js +245 -0
- package/packages/core/dist/markers/cli/verify.js.map +1 -0
- package/packages/core/dist/markers/commentPrefix.d.ts +7 -0
- package/packages/core/dist/markers/commentPrefix.d.ts.map +1 -0
- package/packages/core/dist/markers/commentPrefix.js +79 -0
- package/packages/core/dist/markers/commentPrefix.js.map +1 -0
- package/packages/core/dist/markers/constants.d.ts +10 -0
- package/packages/core/dist/markers/constants.d.ts.map +1 -0
- package/packages/core/dist/markers/constants.js +13 -0
- package/packages/core/dist/markers/constants.js.map +1 -0
- package/packages/core/dist/markers/evidenceLedger.d.ts +150 -0
- package/packages/core/dist/markers/evidenceLedger.d.ts.map +1 -0
- package/packages/core/dist/markers/evidenceLedger.js +391 -0
- package/packages/core/dist/markers/evidenceLedger.js.map +1 -0
- package/packages/core/dist/markers/freshness.d.ts +125 -0
- package/packages/core/dist/markers/freshness.d.ts.map +1 -0
- package/packages/core/dist/markers/freshness.js +605 -0
- package/packages/core/dist/markers/freshness.js.map +1 -0
- package/packages/core/dist/markers/index.d.ts +26 -0
- package/packages/core/dist/markers/index.d.ts.map +1 -0
- package/packages/core/dist/markers/index.js +38 -0
- package/packages/core/dist/markers/index.js.map +1 -0
- package/packages/core/dist/markers/keygen.d.ts +6 -0
- package/packages/core/dist/markers/keygen.d.ts.map +1 -0
- package/packages/core/dist/markers/keygen.js +18 -0
- package/packages/core/dist/markers/keygen.js.map +1 -0
- package/packages/core/dist/markers/keyring.d.ts +23 -0
- package/packages/core/dist/markers/keyring.d.ts.map +1 -0
- package/packages/core/dist/markers/keyring.js +93 -0
- package/packages/core/dist/markers/keyring.js.map +1 -0
- package/packages/core/dist/markers/markerLine.d.ts +35 -0
- package/packages/core/dist/markers/markerLine.d.ts.map +1 -0
- package/packages/core/dist/markers/markerLine.js +125 -0
- package/packages/core/dist/markers/markerLine.js.map +1 -0
- package/packages/core/dist/markers/physicalLines.d.ts +10 -0
- package/packages/core/dist/markers/physicalLines.d.ts.map +1 -0
- package/packages/core/dist/markers/physicalLines.js +48 -0
- package/packages/core/dist/markers/physicalLines.js.map +1 -0
- package/packages/core/dist/markers/policyHash.d.ts +4 -0
- package/packages/core/dist/markers/policyHash.d.ts.map +1 -0
- package/packages/core/dist/markers/policyHash.js +14 -0
- package/packages/core/dist/markers/policyHash.js.map +1 -0
- package/packages/core/dist/markers/proofSignature.d.ts +29 -0
- package/packages/core/dist/markers/proofSignature.d.ts.map +1 -0
- package/packages/core/dist/markers/proofSignature.js +106 -0
- package/packages/core/dist/markers/proofSignature.js.map +1 -0
- package/packages/core/dist/markers/reconcile.d.ts +26 -0
- package/packages/core/dist/markers/reconcile.d.ts.map +1 -0
- package/packages/core/dist/markers/reconcile.js +52 -0
- package/packages/core/dist/markers/reconcile.js.map +1 -0
- package/packages/core/dist/markers/registry.d.ts +53 -0
- package/packages/core/dist/markers/registry.d.ts.map +1 -0
- package/packages/core/dist/markers/registry.js +161 -0
- package/packages/core/dist/markers/registry.js.map +1 -0
- package/packages/core/dist/markers/rowHash.d.ts +2 -0
- package/packages/core/dist/markers/rowHash.d.ts.map +1 -0
- package/packages/core/dist/markers/rowHash.js +10 -0
- package/packages/core/dist/markers/rowHash.js.map +1 -0
- package/packages/core/dist/markers/scanner.d.ts +67 -0
- package/packages/core/dist/markers/scanner.d.ts.map +1 -0
- package/packages/core/dist/markers/scanner.js +292 -0
- package/packages/core/dist/markers/scanner.js.map +1 -0
- package/packages/core/dist/markers/schemas/binding-registry-event.schema.json +41 -0
- package/packages/core/dist/markers/schemas/freshness-status.schema.json +134 -0
- package/packages/core/dist/markers/schemas/proof-event.schema.json +170 -0
- package/packages/core/dist/markers/spanCanon.d.ts +4 -0
- package/packages/core/dist/markers/spanCanon.d.ts.map +1 -0
- package/packages/core/dist/markers/spanCanon.js +42 -0
- package/packages/core/dist/markers/spanCanon.js.map +1 -0
- package/packages/core/dist/markers/swiftFuncRecognizer.d.ts +36 -0
- package/packages/core/dist/markers/swiftFuncRecognizer.d.ts.map +1 -0
- package/packages/core/dist/markers/swiftFuncRecognizer.js +638 -0
- package/packages/core/dist/markers/swiftFuncRecognizer.js.map +1 -0
- package/packages/core/dist/markers/validators.d.ts +13 -0
- package/packages/core/dist/markers/validators.d.ts.map +1 -0
- package/packages/core/dist/markers/validators.js +64 -0
- package/packages/core/dist/markers/validators.js.map +1 -0
- package/packages/core/dist/markers/verificationContextHash.d.ts +23 -0
- package/packages/core/dist/markers/verificationContextHash.d.ts.map +1 -0
- package/packages/core/dist/markers/verificationContextHash.js +96 -0
- package/packages/core/dist/markers/verificationContextHash.js.map +1 -0
- package/packages/core/dist/markers/verifierPresets.d.ts +18 -0
- package/packages/core/dist/markers/verifierPresets.d.ts.map +1 -0
- package/packages/core/dist/markers/verifierPresets.js +71 -0
- package/packages/core/dist/markers/verifierPresets.js.map +1 -0
- package/packages/core/dist/markers/verifierResolver.d.ts +27 -0
- package/packages/core/dist/markers/verifierResolver.d.ts.map +1 -0
- package/packages/core/dist/markers/verifierResolver.js +151 -0
- package/packages/core/dist/markers/verifierResolver.js.map +1 -0
- package/packages/core/dist/migration/index.d.ts +2 -0
- package/packages/core/dist/migration/index.d.ts.map +1 -0
- package/packages/core/dist/migration/index.js +2 -0
- package/packages/core/dist/migration/index.js.map +1 -0
- package/packages/core/dist/migration/testMatrix.d.ts +42 -0
- package/packages/core/dist/migration/testMatrix.d.ts.map +1 -0
- package/packages/core/dist/migration/testMatrix.js +351 -0
- package/packages/core/dist/migration/testMatrix.js.map +1 -0
- package/packages/core/dist/package/index.d.ts +2 -0
- package/packages/core/dist/package/index.d.ts.map +1 -0
- package/packages/core/dist/package/index.js +2 -0
- package/packages/core/dist/package/index.js.map +1 -0
- package/packages/core/dist/package/inspectPackage.d.ts +67 -0
- package/packages/core/dist/package/inspectPackage.d.ts.map +1 -0
- package/packages/core/dist/package/inspectPackage.js +371 -0
- package/packages/core/dist/package/inspectPackage.js.map +1 -0
- package/packages/core/dist/presentation/candidates.d.ts +13 -0
- package/packages/core/dist/presentation/candidates.d.ts.map +1 -0
- package/packages/core/dist/presentation/candidates.js +86 -0
- package/packages/core/dist/presentation/candidates.js.map +1 -0
- package/packages/core/dist/presentation/index.d.ts +8 -0
- package/packages/core/dist/presentation/index.d.ts.map +1 -0
- package/packages/core/dist/presentation/index.js +8 -0
- package/packages/core/dist/presentation/index.js.map +1 -0
- package/packages/core/dist/presentation/items.d.ts +18 -0
- package/packages/core/dist/presentation/items.d.ts.map +1 -0
- package/packages/core/dist/presentation/items.js +228 -0
- package/packages/core/dist/presentation/items.js.map +1 -0
- package/packages/core/dist/presentation/ordering.d.ts +8 -0
- package/packages/core/dist/presentation/ordering.d.ts.map +1 -0
- package/packages/core/dist/presentation/ordering.js +31 -0
- package/packages/core/dist/presentation/ordering.js.map +1 -0
- package/packages/core/dist/presentation/planHelpers.d.ts +26 -0
- package/packages/core/dist/presentation/planHelpers.d.ts.map +1 -0
- package/packages/core/dist/presentation/planHelpers.js +62 -0
- package/packages/core/dist/presentation/planHelpers.js.map +1 -0
- package/packages/core/dist/presentation/presentationFormat.d.ts +39 -0
- package/packages/core/dist/presentation/presentationFormat.d.ts.map +1 -0
- package/packages/core/dist/presentation/presentationFormat.js +58 -0
- package/packages/core/dist/presentation/presentationFormat.js.map +1 -0
- package/packages/core/dist/presentation/renderCard.d.ts +37 -0
- package/packages/core/dist/presentation/renderCard.d.ts.map +1 -0
- package/packages/core/dist/presentation/renderCard.js +129 -0
- package/packages/core/dist/presentation/renderCard.js.map +1 -0
- package/packages/core/dist/presentation/scoring.d.ts +10 -0
- package/packages/core/dist/presentation/scoring.d.ts.map +1 -0
- package/packages/core/dist/presentation/scoring.js +82 -0
- package/packages/core/dist/presentation/scoring.js.map +1 -0
- package/packages/core/dist/presentation/selectPlan.d.ts +4 -0
- package/packages/core/dist/presentation/selectPlan.d.ts.map +1 -0
- package/packages/core/dist/presentation/selectPlan.js +122 -0
- package/packages/core/dist/presentation/selectPlan.js.map +1 -0
- package/packages/core/dist/presentation/selectShowcasePlan.d.ts +3 -0
- package/packages/core/dist/presentation/selectShowcasePlan.d.ts.map +1 -0
- package/packages/core/dist/presentation/selectShowcasePlan.js +6 -0
- package/packages/core/dist/presentation/selectShowcasePlan.js.map +1 -0
- package/packages/core/dist/presentation/selectWalkthroughPlan.d.ts +3 -0
- package/packages/core/dist/presentation/selectWalkthroughPlan.d.ts.map +1 -0
- package/packages/core/dist/presentation/selectWalkthroughPlan.js +6 -0
- package/packages/core/dist/presentation/selectWalkthroughPlan.js.map +1 -0
- package/packages/core/dist/presentation/selection.d.ts +7 -0
- package/packages/core/dist/presentation/selection.d.ts.map +1 -0
- package/packages/core/dist/presentation/selection.js +20 -0
- package/packages/core/dist/presentation/selection.js.map +1 -0
- package/packages/core/dist/presentation/snapshot.d.ts +12 -0
- package/packages/core/dist/presentation/snapshot.d.ts.map +1 -0
- package/packages/core/dist/presentation/snapshot.js +53 -0
- package/packages/core/dist/presentation/snapshot.js.map +1 -0
- package/packages/core/dist/presentation/types.d.ts +172 -0
- package/packages/core/dist/presentation/types.d.ts.map +1 -0
- package/packages/core/dist/presentation/types.js +2 -0
- package/packages/core/dist/presentation/types.js.map +1 -0
- package/packages/core/dist/redact.d.ts +11 -0
- package/packages/core/dist/redact.d.ts.map +1 -0
- package/packages/core/dist/redact.js +17 -0
- package/packages/core/dist/redact.js.map +1 -0
- package/packages/core/dist/roots.d.ts +81 -0
- package/packages/core/dist/roots.d.ts.map +1 -0
- package/packages/core/dist/roots.js +220 -0
- package/packages/core/dist/roots.js.map +1 -0
- package/packages/core/dist/schema/cliResult.d.ts +34 -0
- package/packages/core/dist/schema/cliResult.d.ts.map +1 -0
- package/packages/core/dist/schema/cliResult.js +35 -0
- package/packages/core/dist/schema/cliResult.js.map +1 -0
- package/packages/core/dist/schema/diagnostic.d.ts +26 -0
- package/packages/core/dist/schema/diagnostic.d.ts.map +1 -0
- package/packages/core/dist/schema/diagnostic.js +28 -0
- package/packages/core/dist/schema/diagnostic.js.map +1 -0
- package/packages/core/dist/schema/index.d.ts +8 -0
- package/packages/core/dist/schema/index.d.ts.map +1 -0
- package/packages/core/dist/schema/index.js +9 -0
- package/packages/core/dist/schema/index.js.map +1 -0
- package/packages/core/dist/schema/registry.d.ts +15 -0
- package/packages/core/dist/schema/registry.d.ts.map +1 -0
- package/packages/core/dist/schema/registry.js +206 -0
- package/packages/core/dist/schema/registry.js.map +1 -0
- package/packages/core/dist/schema/syntheticContracts.d.ts +3 -0
- package/packages/core/dist/schema/syntheticContracts.d.ts.map +1 -0
- package/packages/core/dist/schema/syntheticContracts.js +342 -0
- package/packages/core/dist/schema/syntheticContracts.js.map +1 -0
- package/packages/core/dist/schema/validate.d.ts +21 -0
- package/packages/core/dist/schema/validate.d.ts.map +1 -0
- package/packages/core/dist/schema/validate.js +210 -0
- package/packages/core/dist/schema/validate.js.map +1 -0
- package/packages/core/dist/schemas/v1/authority.schema.json +70 -0
- package/packages/core/dist/schemas/v1/cli-result.schema.json +30 -0
- package/packages/core/dist/schemas/v1/common.schema.json +274 -0
- package/packages/core/dist/schemas/v1/demo-capsule.schema.json +78 -0
- package/packages/core/dist/schemas/v1/evidence-append-result.schema.json +14 -0
- package/packages/core/dist/schemas/v1/evidence-event.schema.json +181 -0
- package/packages/core/dist/schemas/v1/evidence-status-result.schema.json +68 -0
- package/packages/core/dist/schemas/v1/host-profile.schema.json +94 -0
- package/packages/core/dist/schemas/v1/host-status-result.schema.json +49 -0
- package/packages/core/dist/schemas/v1/keyring.schema.json +77 -0
- package/packages/core/dist/schemas/v1/ledger.schema.json +99 -0
- package/packages/core/dist/schemas/v1/marker.schema.json +84 -0
- package/packages/core/dist/schemas/v1/matrix-list-result.schema.json +67 -0
- package/packages/core/dist/schemas/v1/matrix-mutation-result.schema.json +49 -0
- package/packages/core/dist/schemas/v1/matrix-validation-result.schema.json +77 -0
- package/packages/core/dist/schemas/v1/mcp-tool-results.schema.json +34 -0
- package/packages/core/dist/schemas/v1/migration-test-matrix-result.schema.json +76 -0
- package/packages/core/dist/schemas/v1/presentation-plan-result.schema.json +62 -0
- package/packages/core/dist/schemas/v1/presentation-plan.schema.json +259 -0
- package/packages/core/dist/schemas/v1/release-gate-result.schema.json +136 -0
- package/packages/core/dist/schemas/v1/showcase-approval-result.schema.json +5 -0
- package/packages/core/dist/schemas/v1/showcase-event-append-result.schema.json +17 -0
- package/packages/core/dist/schemas/v1/showcase-event.schema.json +235 -0
- package/packages/core/dist/schemas/v1/showcase-finish-result.schema.json +5 -0
- package/packages/core/dist/schemas/v1/showcase-run-status-result.schema.json +70 -0
- package/packages/core/dist/schemas/v1/showcase-start-result.schema.json +5 -0
- package/packages/core/dist/schemas/v1/use-case-file.schema.json +178 -0
- package/packages/core/dist/schemas/v1/workflow-mode.schema.json +16 -0
- package/packages/core/dist/schemas/v1/workspace-config.schema.json +58 -0
- package/packages/core/dist/showcase/appendShowcaseEvent.d.ts +116 -0
- package/packages/core/dist/showcase/appendShowcaseEvent.d.ts.map +1 -0
- package/packages/core/dist/showcase/appendShowcaseEvent.js +353 -0
- package/packages/core/dist/showcase/appendShowcaseEvent.js.map +1 -0
- package/packages/core/dist/showcase/approval.d.ts +2 -0
- package/packages/core/dist/showcase/approval.d.ts.map +1 -0
- package/packages/core/dist/showcase/approval.js +2 -0
- package/packages/core/dist/showcase/approval.js.map +1 -0
- package/packages/core/dist/showcase/approvalAuthority.d.ts +19 -0
- package/packages/core/dist/showcase/approvalAuthority.d.ts.map +1 -0
- package/packages/core/dist/showcase/approvalAuthority.js +46 -0
- package/packages/core/dist/showcase/approvalAuthority.js.map +1 -0
- package/packages/core/dist/showcase/index.d.ts +11 -0
- package/packages/core/dist/showcase/index.d.ts.map +1 -0
- package/packages/core/dist/showcase/index.js +11 -0
- package/packages/core/dist/showcase/index.js.map +1 -0
- package/packages/core/dist/showcase/jsonlLedger.d.ts +11 -0
- package/packages/core/dist/showcase/jsonlLedger.d.ts.map +1 -0
- package/packages/core/dist/showcase/jsonlLedger.js +50 -0
- package/packages/core/dist/showcase/jsonlLedger.js.map +1 -0
- package/packages/core/dist/showcase/planBinding.d.ts +5 -0
- package/packages/core/dist/showcase/planBinding.d.ts.map +1 -0
- package/packages/core/dist/showcase/planBinding.js +33 -0
- package/packages/core/dist/showcase/planBinding.js.map +1 -0
- package/packages/core/dist/showcase/replayRun.d.ts +5 -0
- package/packages/core/dist/showcase/replayRun.d.ts.map +1 -0
- package/packages/core/dist/showcase/replayRun.js +199 -0
- package/packages/core/dist/showcase/replayRun.js.map +1 -0
- package/packages/core/dist/showcase/results.d.ts +3 -0
- package/packages/core/dist/showcase/results.d.ts.map +1 -0
- package/packages/core/dist/showcase/results.js +4 -0
- package/packages/core/dist/showcase/results.js.map +1 -0
- package/packages/core/dist/showcase/revisionEpochs.d.ts +2 -0
- package/packages/core/dist/showcase/revisionEpochs.d.ts.map +1 -0
- package/packages/core/dist/showcase/revisionEpochs.js +2 -0
- package/packages/core/dist/showcase/revisionEpochs.js.map +1 -0
- package/packages/core/dist/showcase/startRun.d.ts +2 -0
- package/packages/core/dist/showcase/startRun.d.ts.map +1 -0
- package/packages/core/dist/showcase/startRun.js +2 -0
- package/packages/core/dist/showcase/startRun.js.map +1 -0
- package/packages/core/dist/showcase/types.d.ts +66 -0
- package/packages/core/dist/showcase/types.d.ts.map +1 -0
- package/packages/core/dist/showcase/types.js +2 -0
- package/packages/core/dist/showcase/types.js.map +1 -0
- package/packages/core/dist/skills/canonicalSkills.d.ts +3 -0
- package/packages/core/dist/skills/canonicalSkills.d.ts.map +1 -0
- package/packages/core/dist/skills/canonicalSkills.js +7 -0
- package/packages/core/dist/skills/canonicalSkills.js.map +1 -0
- package/packages/core/dist/skills/index.d.ts +4 -0
- package/packages/core/dist/skills/index.d.ts.map +1 -0
- package/packages/core/dist/skills/index.js +4 -0
- package/packages/core/dist/skills/index.js.map +1 -0
- package/packages/core/dist/skills/types.d.ts +26 -0
- package/packages/core/dist/skills/types.d.ts.map +1 -0
- package/packages/core/dist/skills/types.js +2 -0
- package/packages/core/dist/skills/types.js.map +1 -0
- package/packages/core/dist/skills/validateSkillAssets.d.ts +6 -0
- package/packages/core/dist/skills/validateSkillAssets.d.ts.map +1 -0
- package/packages/core/dist/skills/validateSkillAssets.js +218 -0
- package/packages/core/dist/skills/validateSkillAssets.js.map +1 -0
- package/packages/core/dist/useCases/integrity.d.ts +11 -0
- package/packages/core/dist/useCases/integrity.d.ts.map +1 -0
- package/packages/core/dist/useCases/integrity.js +178 -0
- package/packages/core/dist/useCases/integrity.js.map +1 -0
- package/packages/core/dist/useCases/loadUseCaseMatrix.d.ts +7 -0
- package/packages/core/dist/useCases/loadUseCaseMatrix.d.ts.map +1 -0
- package/packages/core/dist/useCases/loadUseCaseMatrix.js +74 -0
- package/packages/core/dist/useCases/loadUseCaseMatrix.js.map +1 -0
- package/packages/core/dist/useCases/mutateUseCaseMatrix.d.ts +25 -0
- package/packages/core/dist/useCases/mutateUseCaseMatrix.d.ts.map +1 -0
- package/packages/core/dist/useCases/mutateUseCaseMatrix.js +198 -0
- package/packages/core/dist/useCases/mutateUseCaseMatrix.js.map +1 -0
- package/packages/core/dist/useCases/query.d.ts +12 -0
- package/packages/core/dist/useCases/query.d.ts.map +1 -0
- package/packages/core/dist/useCases/query.js +47 -0
- package/packages/core/dist/useCases/query.js.map +1 -0
- package/packages/core/dist/useCases/types.d.ts +149 -0
- package/packages/core/dist/useCases/types.d.ts.map +1 -0
- package/packages/core/dist/useCases/types.js +2 -0
- package/packages/core/dist/useCases/types.js.map +1 -0
- package/packages/core/dist/useCases/validateUseCaseFile.d.ts +9 -0
- package/packages/core/dist/useCases/validateUseCaseFile.d.ts.map +1 -0
- package/packages/core/dist/useCases/validateUseCaseFile.js +107 -0
- package/packages/core/dist/useCases/validateUseCaseFile.js.map +1 -0
- package/packages/core/dist/version.d.ts +9 -0
- package/packages/core/dist/version.d.ts.map +1 -0
- package/packages/core/dist/version.js +17 -0
- package/packages/core/dist/version.js.map +1 -0
- package/packages/core/package.json +39 -0
- package/packages/mcp/README.md +48 -0
- package/packages/mcp/dist/index.d.ts +20 -0
- package/packages/mcp/dist/index.d.ts.map +1 -0
- package/packages/mcp/dist/index.js +180 -0
- package/packages/mcp/dist/index.js.map +1 -0
- package/packages/mcp/dist/prompts.d.ts +32 -0
- package/packages/mcp/dist/prompts.d.ts.map +1 -0
- package/packages/mcp/dist/prompts.js +199 -0
- package/packages/mcp/dist/prompts.js.map +1 -0
- package/packages/mcp/dist/resources.d.ts +22 -0
- package/packages/mcp/dist/resources.d.ts.map +1 -0
- package/packages/mcp/dist/resources.js +342 -0
- package/packages/mcp/dist/resources.js.map +1 -0
- package/packages/mcp/dist/toolHandlers.d.ts +28 -0
- package/packages/mcp/dist/toolHandlers.d.ts.map +1 -0
- package/packages/mcp/dist/toolHandlers.js +592 -0
- package/packages/mcp/dist/toolHandlers.js.map +1 -0
- package/packages/mcp/dist/toolSchemas.d.ts +23 -0
- package/packages/mcp/dist/toolSchemas.d.ts.map +1 -0
- package/packages/mcp/dist/toolSchemas.js +223 -0
- package/packages/mcp/dist/toolSchemas.js.map +1 -0
- package/packages/mcp/dist/tools.d.ts +22 -0
- package/packages/mcp/dist/tools.d.ts.map +1 -0
- package/packages/mcp/dist/tools.js +65 -0
- package/packages/mcp/dist/tools.js.map +1 -0
- package/packages/mcp/package.json +38 -0
- package/plugin.json +6 -0
- package/schemas/v1/authority.schema.json +70 -0
- package/schemas/v1/cli-result.schema.json +30 -0
- package/schemas/v1/common.schema.json +274 -0
- package/schemas/v1/demo-capsule.schema.json +78 -0
- package/schemas/v1/evidence-append-result.schema.json +14 -0
- package/schemas/v1/evidence-event.schema.json +181 -0
- package/schemas/v1/evidence-status-result.schema.json +68 -0
- package/schemas/v1/host-profile.schema.json +94 -0
- package/schemas/v1/host-status-result.schema.json +49 -0
- package/schemas/v1/keyring.schema.json +77 -0
- package/schemas/v1/ledger.schema.json +99 -0
- package/schemas/v1/marker.schema.json +84 -0
- package/schemas/v1/matrix-list-result.schema.json +67 -0
- package/schemas/v1/matrix-mutation-result.schema.json +49 -0
- package/schemas/v1/matrix-validation-result.schema.json +77 -0
- package/schemas/v1/mcp-tool-results.schema.json +34 -0
- package/schemas/v1/migration-test-matrix-result.schema.json +76 -0
- package/schemas/v1/presentation-plan-result.schema.json +62 -0
- package/schemas/v1/presentation-plan.schema.json +259 -0
- package/schemas/v1/release-gate-result.schema.json +136 -0
- package/schemas/v1/showcase-approval-result.schema.json +5 -0
- package/schemas/v1/showcase-event-append-result.schema.json +17 -0
- package/schemas/v1/showcase-event.schema.json +235 -0
- package/schemas/v1/showcase-finish-result.schema.json +5 -0
- package/schemas/v1/showcase-run-status-result.schema.json +70 -0
- package/schemas/v1/showcase-start-result.schema.json +5 -0
- package/schemas/v1/use-case-file.schema.json +178 -0
- package/schemas/v1/workflow-mode.schema.json +16 -0
- package/schemas/v1/workspace-config.schema.json +58 -0
- package/use-cases/capsule/demos.yml +212 -0
- package/use-cases/capsule/runner.yml +49 -0
- package/use-cases/diagnostics/contracts.yml +239 -0
- package/use-cases/evidence/core.yml +32 -0
- package/use-cases/evidence/ledger.yml +330 -0
- package/use-cases/hosts/profiles.yml +365 -0
- package/use-cases/hosts/projections.yml +96 -0
- package/use-cases/lifecycle/loop.yml +229 -0
- package/use-cases/matrix/core.yml +92 -0
- package/use-cases/matrix/product.yml +289 -0
- package/use-cases/mcp/surface.yml +257 -0
- package/use-cases/mcp/wrapper.yml +100 -0
- package/use-cases/migration/importer.yml +171 -0
- package/use-cases/migration/test-matrix.yml +32 -0
- package/use-cases/planning/cards.yml +215 -0
- package/use-cases/release/package.yml +80 -0
- package/use-cases/release/proof.yml +180 -0
- package/use-cases/roadmap/deferred.yml +184 -0
- package/use-cases/showcase/flow.yml +269 -0
- package/use-cases/showcase/live.yml +44 -0
- package/use-cases/skills/assets.yml +92 -0
- package/use-cases.yml +9 -0
|
@@ -0,0 +1,233 @@
|
|
|
1
|
+
import { validateEvidenceLedger } from "../evidenceLedger.js";
|
|
2
|
+
import { deriveFreshness } from "../freshness.js";
|
|
3
|
+
import { validateBindingsJsonl } from "../registry.js";
|
|
4
|
+
import { formatInferredSwiftSpanReport, scanFiles } from "../scanner.js";
|
|
5
|
+
import { readBaseRefFile } from "../appendOnly.js";
|
|
6
|
+
import { computeRowVerificationContextHash } from "../verificationContextHash.js";
|
|
7
|
+
import { join } from "node:path";
|
|
8
|
+
import { nodeMarkerFs } from "./io.js";
|
|
9
|
+
import { collectSourceInputs, loadMarkerRows } from "./shared.js";
|
|
10
|
+
// The conventional location of the UNSIGNED verification-results ledger, one row
|
|
11
|
+
// per line, that `verify --out` writes. Scan auto-discovers it here (under the
|
|
12
|
+
// data root's .use-cases dir) so the keyless daily loop — bind -> verify -> scan
|
|
13
|
+
// -> VERIFIED_LOCAL — needs no key, no CI, and no extra flags.
|
|
14
|
+
export const DEFAULT_VERIFICATION_RESULTS_FILENAME = "verification-results.jsonl";
|
|
15
|
+
// Parse the unsigned verification-results ledger (JSONL of
|
|
16
|
+
// `ucase-verification-result-v1` records) into the minimal shape freshness's
|
|
17
|
+
// keyless tier consumes. Unreadable/blank/malformed content yields an empty list
|
|
18
|
+
// (the keyless signal is best-effort and NEVER blocks the read-only scan).
|
|
19
|
+
function loadLocalVerificationResults(text) {
|
|
20
|
+
const results = [];
|
|
21
|
+
for (const raw of text.split("\n")) {
|
|
22
|
+
const line = raw.trim();
|
|
23
|
+
if (line === "") {
|
|
24
|
+
continue;
|
|
25
|
+
}
|
|
26
|
+
let record;
|
|
27
|
+
try {
|
|
28
|
+
record = JSON.parse(line);
|
|
29
|
+
}
|
|
30
|
+
catch {
|
|
31
|
+
continue; // skip a malformed line rather than failing the whole scan
|
|
32
|
+
}
|
|
33
|
+
if (typeof record !== "object" || record === null) {
|
|
34
|
+
continue;
|
|
35
|
+
}
|
|
36
|
+
const value = record;
|
|
37
|
+
const rowId = value.row_id;
|
|
38
|
+
const contextHash = value.verification_context_hash;
|
|
39
|
+
const bindingSetHash = value.binding_set_hash;
|
|
40
|
+
const status = value.status;
|
|
41
|
+
if (typeof rowId !== "string" ||
|
|
42
|
+
typeof contextHash !== "string" ||
|
|
43
|
+
typeof bindingSetHash !== "string" ||
|
|
44
|
+
typeof status !== "string") {
|
|
45
|
+
continue;
|
|
46
|
+
}
|
|
47
|
+
results.push({
|
|
48
|
+
row_id: rowId,
|
|
49
|
+
context_hash: contextHash,
|
|
50
|
+
binding_set_hash: bindingSetHash,
|
|
51
|
+
passed: status === "pass"
|
|
52
|
+
});
|
|
53
|
+
}
|
|
54
|
+
return results;
|
|
55
|
+
}
|
|
56
|
+
// Shared pipeline used by both `scan` and `prove` (prove runs scan first).
|
|
57
|
+
export function prepareScan(options) {
|
|
58
|
+
const fs = options.fs ?? nodeMarkerFs;
|
|
59
|
+
const loaded = loadMarkerRows(options.context);
|
|
60
|
+
// Registry (append-only binding log) -> validate + materialize. Append-only
|
|
61
|
+
// discipline vs a base ref is validate-ledger's authority (spec 8.4); scan only
|
|
62
|
+
// validates the materialized registry here.
|
|
63
|
+
const bindingsText = fs.readText(options.bindingsPath) ?? "";
|
|
64
|
+
const registryResult = validateBindingsJsonl(bindingsText, loaded.rowIds);
|
|
65
|
+
const registryErrors = [...registryResult.errors];
|
|
66
|
+
// Evidence ledger -> validate signatures/schema/policy/internal hashes.
|
|
67
|
+
const evidenceText = fs.readText(options.evidencePath) ?? "";
|
|
68
|
+
const baseRefOldText = options.baseRef !== undefined
|
|
69
|
+
? readBaseRefFile(options.baseRef, options.evidencePath, {
|
|
70
|
+
cwd: options.repoCwd,
|
|
71
|
+
runner: options.gitRunner
|
|
72
|
+
})
|
|
73
|
+
: undefined;
|
|
74
|
+
const evidenceResult = validateEvidenceLedger(evidenceText, {
|
|
75
|
+
publicKeyResolver: options.publicKeyResolver,
|
|
76
|
+
yamlRowIds: loaded.rowIds,
|
|
77
|
+
baseRefOldText
|
|
78
|
+
});
|
|
79
|
+
// Scan product source for markers.
|
|
80
|
+
const inputs = collectSourceInputs(options.productRoot, {
|
|
81
|
+
fs,
|
|
82
|
+
config: options.commentConfig,
|
|
83
|
+
skipPaths: [options.context.data_root]
|
|
84
|
+
});
|
|
85
|
+
const scan = scanFiles(inputs, { config: options.commentConfig });
|
|
86
|
+
// Derive freshness. Registry/ledger validation failures become global
|
|
87
|
+
// integrity errors so guard_ok flips and they surface in the status object.
|
|
88
|
+
const globalIntegrity = [
|
|
89
|
+
...registryErrors.map((error) => ({
|
|
90
|
+
code: error.code,
|
|
91
|
+
line: error.line ?? undefined,
|
|
92
|
+
message: error.message,
|
|
93
|
+
binding_slug: error.binding_slug
|
|
94
|
+
})),
|
|
95
|
+
...evidenceResult.errors.map((error) => ({
|
|
96
|
+
code: error.code,
|
|
97
|
+
line: error.line ?? undefined,
|
|
98
|
+
message: error.message,
|
|
99
|
+
event_id: error.event_id
|
|
100
|
+
}))
|
|
101
|
+
];
|
|
102
|
+
// Freshly recompute each row's verification context hash from the CURRENT
|
|
103
|
+
// resolved verifier + declared-input contents + lockfile. Threaded into
|
|
104
|
+
// freshness so a proof minted against a now-weakened verifier is no longer
|
|
105
|
+
// FRESH. Computed identically to `prove` (same root + fs), so a just-minted
|
|
106
|
+
// proof's embedded hash matches its recomputed value.
|
|
107
|
+
const contextRoot = options.repoCwd ?? options.productRoot;
|
|
108
|
+
const currentContextHashes = new Map();
|
|
109
|
+
for (const row of loaded.rows) {
|
|
110
|
+
currentContextHashes.set(row.row_id, computeRowVerificationContextHash({
|
|
111
|
+
slug: row.row_id,
|
|
112
|
+
verificationPolicy: row.verification_policy,
|
|
113
|
+
rootDir: contextRoot,
|
|
114
|
+
fs,
|
|
115
|
+
workspaceVerifiers: options.context.verifiers
|
|
116
|
+
}));
|
|
117
|
+
}
|
|
118
|
+
// Keyless local tier: auto-discover the UNSIGNED verification-results ledger
|
|
119
|
+
// (what `verify --out` writes) under the data root, or use the caller override.
|
|
120
|
+
// Read-only and best-effort: an absent/unreadable file simply yields no local
|
|
121
|
+
// results, and the local tier is reported as UNVERIFIED_LOCAL for bound rows.
|
|
122
|
+
const resultsPath = options.resultsPath ??
|
|
123
|
+
join(options.context.data_root, ".use-cases", DEFAULT_VERIFICATION_RESULTS_FILENAME);
|
|
124
|
+
const resultsText = fs.readText(resultsPath);
|
|
125
|
+
const localResults = resultsText == null ? [] : loadLocalVerificationResults(resultsText);
|
|
126
|
+
const status = deriveFreshness({
|
|
127
|
+
rows: loaded.rows,
|
|
128
|
+
registry: registryResult.registry,
|
|
129
|
+
scan,
|
|
130
|
+
evidence: evidenceResult.events,
|
|
131
|
+
policy_mode: options.policyMode,
|
|
132
|
+
generated_at: options.generatedAt,
|
|
133
|
+
product_root: options.productRoot,
|
|
134
|
+
current_context_hashes: currentContextHashes,
|
|
135
|
+
local_results: localResults,
|
|
136
|
+
global_integrity_errors: globalIntegrity,
|
|
137
|
+
// OPTIONAL CI-neutral release-gate authority requirement from workspace
|
|
138
|
+
// config (off by default). Only consulted in release mode by deriveFreshness.
|
|
139
|
+
release_gate: options.context.release_gate
|
|
140
|
+
});
|
|
141
|
+
return {
|
|
142
|
+
loaded,
|
|
143
|
+
registry: registryResult.registry,
|
|
144
|
+
registryErrors,
|
|
145
|
+
evidence: evidenceResult.events,
|
|
146
|
+
evidenceErrors: evidenceResult.errors,
|
|
147
|
+
scan,
|
|
148
|
+
status
|
|
149
|
+
};
|
|
150
|
+
}
|
|
151
|
+
export function runScanCommand(options) {
|
|
152
|
+
const prepared = prepareScan(options);
|
|
153
|
+
const registryValid = prepared.registryErrors.length === 0;
|
|
154
|
+
const evidenceValid = prepared.evidenceErrors.length === 0;
|
|
155
|
+
// Inferred Swift spans, for the CI human report (spec 8.2 "must print").
|
|
156
|
+
const inferredSpans = prepared.scan.bindings
|
|
157
|
+
.map((binding) => formatInferredSwiftSpanReport(binding))
|
|
158
|
+
.filter((report) => report !== null);
|
|
159
|
+
const baseExitCode = scanExitCode(prepared.status, registryValid, evidenceValid);
|
|
160
|
+
// Opt-in gate: escalate an otherwise-passing scan (exit 0) to exit 1 when a
|
|
161
|
+
// required row is below the bar. It NEVER lowers a higher-precedence failure
|
|
162
|
+
// (4 ledger/registry, 3 binding integrity) — those already surface real
|
|
163
|
+
// problems and outrank a freshness gate. Without --gate, nothing changes.
|
|
164
|
+
let gate;
|
|
165
|
+
let exitCode = baseExitCode;
|
|
166
|
+
if (options.gate) {
|
|
167
|
+
gate = evaluateScanGate(prepared.status, options.policyMode);
|
|
168
|
+
if (gate.blocked && exitCode === 0) {
|
|
169
|
+
exitCode = 1;
|
|
170
|
+
}
|
|
171
|
+
}
|
|
172
|
+
return {
|
|
173
|
+
exit_code: exitCode,
|
|
174
|
+
ok: exitCode === 0,
|
|
175
|
+
status: prepared.status,
|
|
176
|
+
registry_valid: registryValid,
|
|
177
|
+
evidence_valid: evidenceValid,
|
|
178
|
+
inferred_spans: inferredSpans,
|
|
179
|
+
registry_errors: prepared.registryErrors,
|
|
180
|
+
evidence_errors: prepared.evidenceErrors,
|
|
181
|
+
...(gate !== undefined ? { gate } : {})
|
|
182
|
+
};
|
|
183
|
+
}
|
|
184
|
+
// True iff a row meets the acceptable bar for `policyMode`. FRESH always passes
|
|
185
|
+
// (it strictly outranks the keyless local tier).
|
|
186
|
+
function rowMeetsGateBar(row, policyMode) {
|
|
187
|
+
if (row.status === "FRESH") {
|
|
188
|
+
return true;
|
|
189
|
+
}
|
|
190
|
+
if (policyMode === "release") {
|
|
191
|
+
return false; // release bar is FRESH; nothing else clears it.
|
|
192
|
+
}
|
|
193
|
+
return row.local_status === "VERIFIED_LOCAL";
|
|
194
|
+
}
|
|
195
|
+
// Pure gate decision over an already-derived FreshnessStatus. Never mutates the
|
|
196
|
+
// status and never changes the signed `status` — it only reads it.
|
|
197
|
+
export function evaluateScanGate(status, policyMode) {
|
|
198
|
+
const offending = [];
|
|
199
|
+
for (const row of status.rows) {
|
|
200
|
+
if (row.required_for_release !== true) {
|
|
201
|
+
continue; // only required rows are gated
|
|
202
|
+
}
|
|
203
|
+
if (!rowMeetsGateBar(row, policyMode)) {
|
|
204
|
+
offending.push({
|
|
205
|
+
row_id: row.row_id,
|
|
206
|
+
status: row.status,
|
|
207
|
+
local_status: row.local_status ?? null
|
|
208
|
+
});
|
|
209
|
+
}
|
|
210
|
+
}
|
|
211
|
+
return {
|
|
212
|
+
blocked: offending.length > 0,
|
|
213
|
+
policy_mode: policyMode,
|
|
214
|
+
required_bar: policyMode === "release" ? "FRESH" : "VERIFIED_LOCAL",
|
|
215
|
+
offending_rows: offending
|
|
216
|
+
};
|
|
217
|
+
}
|
|
218
|
+
// Exit-code precedence (spec 8.2): 4 ledger/registry > 3 binding integrity (any
|
|
219
|
+
// INVALID row) > 1 freshness policy block (a non-INVALID row the policy blocks).
|
|
220
|
+
export function scanExitCode(status, registryValid, evidenceValid) {
|
|
221
|
+
if (!registryValid || !evidenceValid) {
|
|
222
|
+
return 4;
|
|
223
|
+
}
|
|
224
|
+
if (status.summary.invalid > 0) {
|
|
225
|
+
return 3;
|
|
226
|
+
}
|
|
227
|
+
const policyBlockNonInvalid = status.rows.some((row) => row.policy_block && row.status !== "INVALID");
|
|
228
|
+
if (policyBlockNonInvalid) {
|
|
229
|
+
return 1;
|
|
230
|
+
}
|
|
231
|
+
return 0;
|
|
232
|
+
}
|
|
233
|
+
//# sourceMappingURL=scan.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scan.js","sourceRoot":"","sources":["../../../src/markers/cli/scan.ts"],"names":[],"mappings":"AAQA,OAAO,EACL,sBAAsB,EAGvB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EACL,eAAe,EAIhB,MAAM,iBAAiB,CAAC;AAEzB,OAAO,EACL,qBAAqB,EAGtB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EACL,6BAA6B,EAC7B,SAAS,EAEV,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,eAAe,EAAkB,MAAM,kBAAkB,CAAC;AACnE,OAAO,EAAE,iCAAiC,EAAE,MAAM,+BAA+B,CAAC;AAClF,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,YAAY,EAAiB,MAAM,SAAS,CAAC;AACtD,OAAO,EACL,mBAAmB,EACnB,cAAc,EAEf,MAAM,aAAa,CAAC;AAErB,iFAAiF;AACjF,+EAA+E;AAC/E,iFAAiF;AACjF,+DAA+D;AAC/D,MAAM,CAAC,MAAM,qCAAqC,GAAG,4BAA4B,CAAC;AAElF,2DAA2D;AAC3D,6EAA6E;AAC7E,iFAAiF;AACjF,2EAA2E;AAC3E,SAAS,4BAA4B,CAAC,IAAY;IAChD,MAAM,OAAO,GAA8B,EAAE,CAAC;IAC9C,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACnC,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;QACxB,IAAI,IAAI,KAAK,EAAE,EAAE,CAAC;YAChB,SAAS;QACX,CAAC;QACD,IAAI,MAAe,CAAC;QACpB,IAAI,CAAC;YACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,SAAS,CAAC,2DAA2D;QACvE,CAAC;QACD,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;YAClD,SAAS;QACX,CAAC;QACD,MAAM,KAAK,GAAG,MAAiC,CAAC;QAChD,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC;QAC3B,MAAM,WAAW,GAAG,KAAK,CAAC,yBAAyB,CAAC;QACpD,MAAM,cAAc,GAAG,KAAK,CAAC,gBAAgB,CAAC;QAC9C,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC;QAC5B,IACE,OAAO,KAAK,KAAK,QAAQ;YACzB,OAAO,WAAW,KAAK,QAAQ;YAC/B,OAAO,cAAc,KAAK,QAAQ;YAClC,OAAO,MAAM,KAAK,QAAQ,EAC1B,CAAC;YACD,SAAS;QACX,CAAC;QACD,OAAO,CAAC,IAAI,CAAC;YACX,MAAM,EAAE,KAAK;YACb,YAAY,EAAE,WAAW;YACzB,gBAAgB,EAAE,cAAc;YAChC,MAAM,EAAE,MAAM,KAAK,MAAM;SAC1B,CAAC,CAAC;IACL,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAqCD,2EAA2E;AAC3E,MAAM,UAAU,WAAW,CAAC,OAA2B;IACrD,MAAM,EAAE,GAAG,OAAO,CAAC,EAAE,IAAI,YAAY,CAAC;IACtC,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAE/C,4EAA4E;IAC5E,gFAAgF;IAChF,4CAA4C;IAC5C,MAAM,YAAY,GAAG,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;IAC7D,MAAM,cAAc,GAAG,qBAAqB,CAAC,YAAY,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IAC1E,MAAM,cAAc,GAAG,CAAC,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;IAElD,wEAAwE;IACxE,MAAM,YAAY,GAAG,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;IAC7D,MAAM,cAAc,GAClB,OAAO,CAAC,OAAO,KAAK,SAAS;QAC3B,CAAC,CAAC,eAAe,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,YAAY,EAAE;YACrD,GAAG,EAAE,OAAO,CAAC,OAAO;YACpB,MAAM,EAAE,OAAO,CAAC,SAAS;SAC1B,CAAC;QACJ,CAAC,CAAC,SAAS,CAAC;IAChB,MAAM,cAAc,GAAG,sBAAsB,CAAC,YAAY,EAAE;QAC1D,iBAAiB,EAAE,OAAO,CAAC,iBAAiB;QAC5C,UAAU,EAAE,MAAM,CAAC,MAAM;QACzB,cAAc;KACf,CAAC,CAAC;IAEH,mCAAmC;IACnC,MAAM,MAAM,GAAG,mBAAmB,CAAC,OAAO,CAAC,WAAW,EAAE;QACtD,EAAE;QACF,MAAM,EAAE,OAAO,CAAC,aAAa;QAC7B,SAAS,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC;KACvC,CAAC,CAAC;IACH,MAAM,IAAI,GAAG,SAAS,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,aAAa,EAAE,CAAC,CAAC;IAElE,sEAAsE;IACtE,4EAA4E;IAC5E,MAAM,eAAe,GAAG;QACtB,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YAChC,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,IAAI,EAAE,KAAK,CAAC,IAAI,IAAI,SAAS;YAC7B,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,YAAY,EAAE,KAAK,CAAC,YAAY;SACjC,CAAC,CAAC;QACH,GAAG,cAAc,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YACvC,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,IAAI,EAAE,KAAK,CAAC,IAAI,IAAI,SAAS;YAC7B,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,QAAQ,EAAE,KAAK,CAAC,QAAQ;SACzB,CAAC,CAAC;KACJ,CAAC;IAEF,0EAA0E;IAC1E,wEAAwE;IACxE,2EAA2E;IAC3E,4EAA4E;IAC5E,sDAAsD;IACtD,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,WAAW,CAAC;IAC3D,MAAM,oBAAoB,GAAG,IAAI,GAAG,EAAkB,CAAC;IACvD,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;QAC9B,oBAAoB,CAAC,GAAG,CACtB,GAAG,CAAC,MAAM,EACV,iCAAiC,CAAC;YAChC,IAAI,EAAE,GAAG,CAAC,MAAM;YAChB,kBAAkB,EAAE,GAAG,CAAC,mBAAmB;YAC3C,OAAO,EAAE,WAAW;YACpB,EAAE;YACF,kBAAkB,EAAE,OAAO,CAAC,OAAO,CAAC,SAAS;SAC9C,CAAC,CACH,CAAC;IACJ,CAAC;IAED,6EAA6E;IAC7E,gFAAgF;IAChF,8EAA8E;IAC9E,8EAA8E;IAC9E,MAAM,WAAW,GACf,OAAO,CAAC,WAAW;QACnB,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,EAAE,YAAY,EAAE,qCAAqC,CAAC,CAAC;IACvF,MAAM,WAAW,GAAG,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAC7C,MAAM,YAAY,GAChB,WAAW,IAAI,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,4BAA4B,CAAC,WAAW,CAAC,CAAC;IAEvE,MAAM,MAAM,GAAG,eAAe,CAAC;QAC7B,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,QAAQ,EAAE,cAAc,CAAC,QAAQ;QACjC,IAAI;QACJ,QAAQ,EAAE,cAAc,CAAC,MAAM;QAC/B,WAAW,EAAE,OAAO,CAAC,UAAU;QAC/B,YAAY,EAAE,OAAO,CAAC,WAAW;QACjC,YAAY,EAAE,OAAO,CAAC,WAAW;QACjC,sBAAsB,EAAE,oBAAoB;QAC5C,aAAa,EAAE,YAAY;QAC3B,uBAAuB,EAAE,eAAe;QACxC,wEAAwE;QACxE,8EAA8E;QAC9E,YAAY,EAAE,OAAO,CAAC,OAAO,CAAC,YAAY;KAC3C,CAAC,CAAC;IAEH,OAAO;QACL,MAAM;QACN,QAAQ,EAAE,cAAc,CAAC,QAAQ;QACjC,cAAc;QACd,QAAQ,EAAE,cAAc,CAAC,MAAM;QAC/B,cAAc,EAAE,cAAc,CAAC,MAAM;QACrC,IAAI;QACJ,MAAM;KACP,CAAC;AACJ,CAAC;AAiBD,MAAM,UAAU,cAAc,CAAC,OAA2B;IACxD,MAAM,QAAQ,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;IACtC,MAAM,aAAa,GAAG,QAAQ,CAAC,cAAc,CAAC,MAAM,KAAK,CAAC,CAAC;IAC3D,MAAM,aAAa,GAAG,QAAQ,CAAC,cAAc,CAAC,MAAM,KAAK,CAAC,CAAC;IAE3D,yEAAyE;IACzE,MAAM,aAAa,GAAG,QAAQ,CAAC,IAAI,CAAC,QAAQ;SACzC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,6BAA6B,CAAC,OAAO,CAAC,CAAC;SACxD,MAAM,CAAC,CAAC,MAAM,EAAoB,EAAE,CAAC,MAAM,KAAK,IAAI,CAAC,CAAC;IAEzD,MAAM,YAAY,GAAG,YAAY,CAAC,QAAQ,CAAC,MAAM,EAAE,aAAa,EAAE,aAAa,CAAC,CAAC;IAEjF,4EAA4E;IAC5E,6EAA6E;IAC7E,wEAAwE;IACxE,0EAA0E;IAC1E,IAAI,IAAgC,CAAC;IACrC,IAAI,QAAQ,GAAG,YAAY,CAAC;IAC5B,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,IAAI,GAAG,gBAAgB,CAAC,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;QAC7D,IAAI,IAAI,CAAC,OAAO,IAAI,QAAQ,KAAK,CAAC,EAAE,CAAC;YACnC,QAAQ,GAAG,CAAC,CAAC;QACf,CAAC;IACH,CAAC;IAED,OAAO;QACL,SAAS,EAAE,QAAQ;QACnB,EAAE,EAAE,QAAQ,KAAK,CAAC;QAClB,MAAM,EAAE,QAAQ,CAAC,MAAM;QACvB,cAAc,EAAE,aAAa;QAC7B,cAAc,EAAE,aAAa;QAC7B,cAAc,EAAE,aAAa;QAC7B,eAAe,EAAE,QAAQ,CAAC,cAAc;QACxC,eAAe,EAAE,QAAQ,CAAC,cAAc;QACxC,GAAG,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACxC,CAAC;AACJ,CAAC;AA0BD,gFAAgF;AAChF,iDAAiD;AACjD,SAAS,eAAe,CACtB,GAAoC,EACpC,UAAsB;IAEtB,IAAI,GAAG,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;QAC3B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;QAC7B,OAAO,KAAK,CAAC,CAAC,gDAAgD;IAChE,CAAC;IACD,OAAO,GAAG,CAAC,YAAY,KAAK,gBAAgB,CAAC;AAC/C,CAAC;AAED,gFAAgF;AAChF,mEAAmE;AACnE,MAAM,UAAU,gBAAgB,CAC9B,MAAuB,EACvB,UAAsB;IAEtB,MAAM,SAAS,GAAuB,EAAE,CAAC;IACzC,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;QAC9B,IAAI,GAAG,CAAC,oBAAoB,KAAK,IAAI,EAAE,CAAC;YACtC,SAAS,CAAC,+BAA+B;QAC3C,CAAC;QACD,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,UAAU,CAAC,EAAE,CAAC;YACtC,SAAS,CAAC,IAAI,CAAC;gBACb,MAAM,EAAE,GAAG,CAAC,MAAM;gBAClB,MAAM,EAAE,GAAG,CAAC,MAAM;gBAClB,YAAY,EAAE,GAAG,CAAC,YAAY,IAAI,IAAI;aACvC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO;QACL,OAAO,EAAE,SAAS,CAAC,MAAM,GAAG,CAAC;QAC7B,WAAW,EAAE,UAAU;QACvB,YAAY,EAAE,UAAU,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,gBAAgB;QACnE,cAAc,EAAE,SAAS;KAC1B,CAAC;AACJ,CAAC;AAED,gFAAgF;AAChF,iFAAiF;AACjF,MAAM,UAAU,YAAY,CAC1B,MAAuB,EACvB,aAAsB,EACtB,aAAsB;IAEtB,IAAI,CAAC,aAAa,IAAI,CAAC,aAAa,EAAE,CAAC;QACrC,OAAO,CAAC,CAAC;IACX,CAAC;IACD,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,GAAG,CAAC,EAAE,CAAC;QAC/B,OAAO,CAAC,CAAC;IACX,CAAC;IACD,MAAM,qBAAqB,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAC5C,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,YAAY,IAAI,GAAG,CAAC,MAAM,KAAK,SAAS,CACtD,CAAC;IACF,IAAI,qBAAqB,EAAE,CAAC;QAC1B,OAAO,CAAC,CAAC;IACX,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
import type { ResolvedWorkspaceContext } from "../../roots.js";
|
|
2
|
+
import type { MatrixSnapshot } from "../../useCases/types.js";
|
|
3
|
+
import type { FreshnessInputRow } from "../freshness.js";
|
|
4
|
+
import type { PemOrKeyObject, PublicKeyResolver } from "../proofSignature.js";
|
|
5
|
+
import { type CommentPrefixConfig } from "../commentPrefix.js";
|
|
6
|
+
import type { CurrentBindingRecord, ScanInput } from "../scanner.js";
|
|
7
|
+
import { type MarkerFs } from "./io.js";
|
|
8
|
+
export interface LoadedMarkerRows {
|
|
9
|
+
rows: FreshnessInputRow[];
|
|
10
|
+
rowIds: Set<string>;
|
|
11
|
+
snapshot: MatrixSnapshot;
|
|
12
|
+
}
|
|
13
|
+
export declare function loadMarkerRows(context: ResolvedWorkspaceContext): LoadedMarkerRows;
|
|
14
|
+
export declare function findRow(rows: ReadonlyArray<FreshnessInputRow>, rowId: string): FreshnessInputRow | undefined;
|
|
15
|
+
export interface CollectSourceOptions {
|
|
16
|
+
fs?: MarkerFs;
|
|
17
|
+
config?: CommentPrefixConfig;
|
|
18
|
+
skipPaths?: string[];
|
|
19
|
+
}
|
|
20
|
+
export declare function collectSourceInputs(productRoot: string, options?: CollectSourceOptions): ScanInput[];
|
|
21
|
+
export declare function toPosix(path: string): string;
|
|
22
|
+
export declare function resolveUnderRoot(root: string, value: string): string;
|
|
23
|
+
export declare function singleKeyResolver(publicKey: PemOrKeyObject, keyId?: string): PublicKeyResolver;
|
|
24
|
+
export declare function registeredBindingsForRow(bindings: ReadonlyArray<CurrentBindingRecord>, rowId: string, registeredSlugs: ReadonlySet<string>): CurrentBindingRecord[];
|
|
25
|
+
//# sourceMappingURL=shared.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"shared.d.ts","sourceRoot":"","sources":["../../../src/markers/cli/shared.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,gBAAgB,CAAC;AAE/D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAC9D,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACzD,OAAO,KAAK,EAAE,cAAc,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AAC9E,OAAO,EAEL,KAAK,mBAAmB,EACzB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,KAAK,EAAE,oBAAoB,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AACrE,OAAO,EAAgB,KAAK,QAAQ,EAAE,MAAM,SAAS,CAAC;AAMtD,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,iBAAiB,EAAE,CAAC;IAC1B,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IACpB,QAAQ,EAAE,cAAc,CAAC;CAC1B;AAED,wBAAgB,cAAc,CAAC,OAAO,EAAE,wBAAwB,GAAG,gBAAgB,CAYlF;AAED,wBAAgB,OAAO,CAAC,IAAI,EAAE,aAAa,CAAC,iBAAiB,CAAC,EAAE,KAAK,EAAE,MAAM,GAAG,iBAAiB,GAAG,SAAS,CAE5G;AA4BD,MAAM,WAAW,oBAAoB;IACnC,EAAE,CAAC,EAAE,QAAQ,CAAC;IACd,MAAM,CAAC,EAAE,mBAAmB,CAAC;IAE7B,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;CACtB;AAMD,wBAAgB,mBAAmB,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,GAAE,oBAAyB,GAAG,SAAS,EAAE,CA4CxG;AAED,wBAAgB,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAE5C;AAED,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,MAAM,CAEpE;AAMD,wBAAgB,iBAAiB,CAAC,SAAS,EAAE,cAAc,EAAE,KAAK,CAAC,EAAE,MAAM,GAAG,iBAAiB,CAO9F;AAID,wBAAgB,wBAAwB,CACtC,QAAQ,EAAE,aAAa,CAAC,oBAAoB,CAAC,EAC7C,KAAK,EAAE,MAAM,EACb,eAAe,EAAE,WAAW,CAAC,MAAM,CAAC,GACnC,oBAAoB,EAAE,CAIxB"}
|
|
@@ -0,0 +1,123 @@
|
|
|
1
|
+
// Shared inputs for the Phase 7 CLI command cores.
|
|
2
|
+
//
|
|
3
|
+
// Loads marker "rows" from the existing use-case YAML loader (REUSING
|
|
4
|
+
// loadUseCaseMatrix rather than a parallel parser), walks product source for
|
|
5
|
+
// marker-bearing files, and resolves trusted-CI public keys. Everything here is
|
|
6
|
+
// deterministic given its inputs; clocks/ids/verification are injected by callers.
|
|
7
|
+
import { isAbsolute, join, relative } from "node:path";
|
|
8
|
+
import { loadUseCaseMatrix } from "../../useCases/loadUseCaseMatrix.js";
|
|
9
|
+
import { resolveCommentPrefix } from "../commentPrefix.js";
|
|
10
|
+
import { nodeMarkerFs } from "./io.js";
|
|
11
|
+
export function loadMarkerRows(context) {
|
|
12
|
+
const snapshot = loadUseCaseMatrix({ context });
|
|
13
|
+
const rows = snapshot.addressableUseCases.map((useCase) => {
|
|
14
|
+
const value = useCase.value;
|
|
15
|
+
return {
|
|
16
|
+
...value,
|
|
17
|
+
row_id: useCase.value.id,
|
|
18
|
+
verification_policy: value.verification_policy ?? null,
|
|
19
|
+
approval_policy: value.approval_policy ?? null
|
|
20
|
+
};
|
|
21
|
+
});
|
|
22
|
+
return { rows, rowIds: new Set(rows.map((row) => row.row_id)), snapshot };
|
|
23
|
+
}
|
|
24
|
+
export function findRow(rows, rowId) {
|
|
25
|
+
return rows.find((row) => row.row_id === rowId);
|
|
26
|
+
}
|
|
27
|
+
// Directory names never walked for markers: VCS/deps, the data dir itself, and
|
|
28
|
+
// common build-output dirs. Build output (e.g. tsc's dist/) can carry COPIES of
|
|
29
|
+
// a marker comment from source, which would otherwise read as a duplicate slug.
|
|
30
|
+
const DEFAULT_SKIP_DIRS = new Set([
|
|
31
|
+
".git",
|
|
32
|
+
// Agent/session state — notably .claude/worktrees holds full repo COPIES whose
|
|
33
|
+
// source markers would otherwise read as duplicate slugs and poison the scan.
|
|
34
|
+
".claude",
|
|
35
|
+
"node_modules",
|
|
36
|
+
".use-cases",
|
|
37
|
+
"dist",
|
|
38
|
+
"dist-ts",
|
|
39
|
+
"build",
|
|
40
|
+
"out",
|
|
41
|
+
"coverage",
|
|
42
|
+
".next",
|
|
43
|
+
".turbo",
|
|
44
|
+
".svelte-kit",
|
|
45
|
+
// Sample/nested example projects ship their OWN matrix + markers (a nested
|
|
46
|
+
// workspace). Their markers reference the example's rows, not the parent's, so
|
|
47
|
+
// scanning them from the parent repo would read as INVALID. Skip by default;
|
|
48
|
+
// the example's own `scan --repo examples/<name>` has no `examples/` subtree
|
|
49
|
+
// and is unaffected. (examples/ is not part of the published package either.)
|
|
50
|
+
"examples"
|
|
51
|
+
]);
|
|
52
|
+
// Walk the product root and read every file that has a configured comment prefix
|
|
53
|
+
// (so the scanner only sees files that could legally carry a marker). Returns
|
|
54
|
+
// ScanInput records keyed by a posix path relative to productRoot, so binding
|
|
55
|
+
// records and span hashes are stable regardless of where the repo lives on disk.
|
|
56
|
+
export function collectSourceInputs(productRoot, options = {}) {
|
|
57
|
+
const fs = options.fs ?? nodeMarkerFs;
|
|
58
|
+
const skip = new Set((options.skipPaths ?? []).map((path) => path));
|
|
59
|
+
const inputs = [];
|
|
60
|
+
const walk = (dir) => {
|
|
61
|
+
let entries;
|
|
62
|
+
try {
|
|
63
|
+
entries = fs.listDir(dir);
|
|
64
|
+
}
|
|
65
|
+
catch {
|
|
66
|
+
return;
|
|
67
|
+
}
|
|
68
|
+
for (const entry of entries) {
|
|
69
|
+
if (entry.isSymlink) {
|
|
70
|
+
continue; // never follow symlinks
|
|
71
|
+
}
|
|
72
|
+
const full = join(dir, entry.name);
|
|
73
|
+
if (entry.isDirectory) {
|
|
74
|
+
if (DEFAULT_SKIP_DIRS.has(entry.name) || skip.has(full)) {
|
|
75
|
+
continue;
|
|
76
|
+
}
|
|
77
|
+
walk(full);
|
|
78
|
+
continue;
|
|
79
|
+
}
|
|
80
|
+
if (!entry.isFile) {
|
|
81
|
+
continue;
|
|
82
|
+
}
|
|
83
|
+
const relPath = toPosix(relative(productRoot, full));
|
|
84
|
+
const contents = fs.readText(full);
|
|
85
|
+
if (contents === null) {
|
|
86
|
+
continue;
|
|
87
|
+
}
|
|
88
|
+
// Resolve with contents so extensionless shebang scripts (e.g.
|
|
89
|
+
// hooks/session-start) are recognised, not silently skipped.
|
|
90
|
+
if (resolveCommentPrefix(relPath, options.config, contents) === null) {
|
|
91
|
+
continue; // no configured prefix => cannot carry a marker
|
|
92
|
+
}
|
|
93
|
+
inputs.push({ file_path: relPath, contents });
|
|
94
|
+
}
|
|
95
|
+
};
|
|
96
|
+
walk(productRoot);
|
|
97
|
+
inputs.sort((left, right) => (left.file_path < right.file_path ? -1 : left.file_path > right.file_path ? 1 : 0));
|
|
98
|
+
return inputs;
|
|
99
|
+
}
|
|
100
|
+
export function toPosix(path) {
|
|
101
|
+
return path.split("\\").join("/");
|
|
102
|
+
}
|
|
103
|
+
export function resolveUnderRoot(root, value) {
|
|
104
|
+
return isAbsolute(value) ? value : join(root, value);
|
|
105
|
+
}
|
|
106
|
+
// Build a PublicKeyResolver from a single trusted public key. Because v1 trusts
|
|
107
|
+
// exactly one key file, any key_id resolves to it (a tampered signature still
|
|
108
|
+
// fails BAD_SIGNATURE; an unknown alg still fails before resolution). Callers that
|
|
109
|
+
// need strict key_id matching can pass `keyId`.
|
|
110
|
+
export function singleKeyResolver(publicKey, keyId) {
|
|
111
|
+
return (requestedKeyId) => {
|
|
112
|
+
if (keyId !== undefined && requestedKeyId !== keyId) {
|
|
113
|
+
return undefined;
|
|
114
|
+
}
|
|
115
|
+
return publicKey;
|
|
116
|
+
};
|
|
117
|
+
}
|
|
118
|
+
// Recompute the current, registered binding records for one row from a scan,
|
|
119
|
+
// filtered to the slugs the registry actually knows (spec 7: C(row)).
|
|
120
|
+
export function registeredBindingsForRow(bindings, rowId, registeredSlugs) {
|
|
121
|
+
return bindings.filter((binding) => binding.row_id === rowId && registeredSlugs.has(binding.binding_slug));
|
|
122
|
+
}
|
|
123
|
+
//# sourceMappingURL=shared.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"shared.js","sourceRoot":"","sources":["../../../src/markers/cli/shared.ts"],"names":[],"mappings":"AAAA,mDAAmD;AACnD,EAAE;AACF,sEAAsE;AACtE,6EAA6E;AAC7E,gFAAgF;AAChF,mFAAmF;AACnF,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAEvD,OAAO,EAAE,iBAAiB,EAAE,MAAM,qCAAqC,CAAC;AAIxE,OAAO,EACL,oBAAoB,EAErB,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EAAE,YAAY,EAAiB,MAAM,SAAS,CAAC;AAYtD,MAAM,UAAU,cAAc,CAAC,OAAiC;IAC9D,MAAM,QAAQ,GAAG,iBAAiB,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC;IAChD,MAAM,IAAI,GAAwB,QAAQ,CAAC,mBAAmB,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7E,MAAM,KAAK,GAAG,OAAO,CAAC,KAAgC,CAAC;QACvD,OAAO;YACL,GAAG,KAAK;YACR,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,EAAE;YACxB,mBAAmB,EAAE,KAAK,CAAC,mBAAmB,IAAI,IAAI;YACtD,eAAe,EAAE,KAAK,CAAC,eAAe,IAAI,IAAI;SAC/C,CAAC;IACJ,CAAC,CAAC,CAAC;IACH,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC;AAC5E,CAAC;AAED,MAAM,UAAU,OAAO,CAAC,IAAsC,EAAE,KAAa;IAC3E,OAAO,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,KAAK,KAAK,CAAC,CAAC;AAClD,CAAC;AAED,+EAA+E;AAC/E,gFAAgF;AAChF,gFAAgF;AAChF,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC;IAChC,MAAM;IACN,+EAA+E;IAC/E,8EAA8E;IAC9E,SAAS;IACT,cAAc;IACd,YAAY;IACZ,MAAM;IACN,SAAS;IACT,OAAO;IACP,KAAK;IACL,UAAU;IACV,OAAO;IACP,QAAQ;IACR,aAAa;IACb,2EAA2E;IAC3E,+EAA+E;IAC/E,6EAA6E;IAC7E,6EAA6E;IAC7E,8EAA8E;IAC9E,UAAU;CACX,CAAC,CAAC;AASH,iFAAiF;AACjF,8EAA8E;AAC9E,8EAA8E;AAC9E,iFAAiF;AACjF,MAAM,UAAU,mBAAmB,CAAC,WAAmB,EAAE,UAAgC,EAAE;IACzF,MAAM,EAAE,GAAG,OAAO,CAAC,EAAE,IAAI,YAAY,CAAC;IACtC,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,CAAC,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC;IACpE,MAAM,MAAM,GAAgB,EAAE,CAAC;IAE/B,MAAM,IAAI,GAAG,CAAC,GAAW,EAAQ,EAAE;QACjC,IAAI,OAAO,CAAC;QACZ,IAAI,CAAC;YACH,OAAO,GAAG,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,OAAO;QACT,CAAC;QACD,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;gBACpB,SAAS,CAAC,wBAAwB;YACpC,CAAC;YACD,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;YACnC,IAAI,KAAK,CAAC,WAAW,EAAE,CAAC;gBACtB,IAAI,iBAAiB,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;oBACxD,SAAS;gBACX,CAAC;gBACD,IAAI,CAAC,IAAI,CAAC,CAAC;gBACX,SAAS;YACX,CAAC;YACD,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;gBAClB,SAAS;YACX,CAAC;YACD,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC,CAAC;YACrD,MAAM,QAAQ,GAAG,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YACnC,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;gBACtB,SAAS;YACX,CAAC;YACD,+DAA+D;YAC/D,6DAA6D;YAC7D,IAAI,oBAAoB,CAAC,OAAO,EAAE,OAAO,CAAC,MAAM,EAAE,QAAQ,CAAC,KAAK,IAAI,EAAE,CAAC;gBACrE,SAAS,CAAC,gDAAgD;YAC5D,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,CAAC,CAAC;QAChD,CAAC;IACH,CAAC,CAAC;IAEF,IAAI,CAAC,WAAW,CAAC,CAAC;IAClB,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACjH,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,UAAU,OAAO,CAAC,IAAY;IAClC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACpC,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,IAAY,EAAE,KAAa;IAC1D,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;AACvD,CAAC;AAED,gFAAgF;AAChF,8EAA8E;AAC9E,mFAAmF;AACnF,gDAAgD;AAChD,MAAM,UAAU,iBAAiB,CAAC,SAAyB,EAAE,KAAc;IACzE,OAAO,CAAC,cAAsB,EAAE,EAAE;QAChC,IAAI,KAAK,KAAK,SAAS,IAAI,cAAc,KAAK,KAAK,EAAE,CAAC;YACpD,OAAO,SAAS,CAAC;QACnB,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC,CAAC;AACJ,CAAC;AAED,6EAA6E;AAC7E,sEAAsE;AACtE,MAAM,UAAU,wBAAwB,CACtC,QAA6C,EAC7C,KAAa,EACb,eAAoC;IAEpC,OAAO,QAAQ,CAAC,MAAM,CACpB,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,KAAK,KAAK,IAAI,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,CACnF,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
import type { ResolvedWorkspaceContext } from "../../roots.js";
|
|
2
|
+
import { type GitRunner } from "../appendOnly.js";
|
|
3
|
+
import type { PublicKeyResolver } from "../proofSignature.js";
|
|
4
|
+
import { type MarkerFs } from "./io.js";
|
|
5
|
+
export interface ValidateLedgerCommandOptions {
|
|
6
|
+
context: ResolvedWorkspaceContext;
|
|
7
|
+
evidencePath: string;
|
|
8
|
+
bindingsPath: string;
|
|
9
|
+
publicKeyResolver: PublicKeyResolver;
|
|
10
|
+
baseRef?: string;
|
|
11
|
+
gitRunner?: GitRunner;
|
|
12
|
+
repoCwd?: string;
|
|
13
|
+
fs?: MarkerFs;
|
|
14
|
+
}
|
|
15
|
+
export interface LedgerErrorOut {
|
|
16
|
+
scope: "evidence" | "registry";
|
|
17
|
+
code: string;
|
|
18
|
+
line: number | null;
|
|
19
|
+
message: string;
|
|
20
|
+
}
|
|
21
|
+
export interface ValidateLedgerCommandResult {
|
|
22
|
+
exit_code: number;
|
|
23
|
+
ok: boolean;
|
|
24
|
+
command: "validate-ledger";
|
|
25
|
+
evidence_valid: boolean;
|
|
26
|
+
registry_valid: boolean;
|
|
27
|
+
append_only: boolean;
|
|
28
|
+
proof_events_checked: number;
|
|
29
|
+
registry_events_checked: number;
|
|
30
|
+
chain: {
|
|
31
|
+
ok: boolean;
|
|
32
|
+
verified_entries: number;
|
|
33
|
+
legacy_prefix_count: number;
|
|
34
|
+
};
|
|
35
|
+
errors: LedgerErrorOut[];
|
|
36
|
+
}
|
|
37
|
+
export declare function runValidateLedgerCommand(options: ValidateLedgerCommandOptions): ValidateLedgerCommandResult;
|
|
38
|
+
//# sourceMappingURL=validateLedger.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"validateLedger.d.ts","sourceRoot":"","sources":["../../../src/markers/cli/validateLedger.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,gBAAgB,CAAC;AAC/D,OAAO,EAIL,KAAK,SAAS,EACf,MAAM,kBAAkB,CAAC;AAO1B,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AAC9D,OAAO,EAAgB,KAAK,QAAQ,EAAE,MAAM,SAAS,CAAC;AAGtD,MAAM,WAAW,4BAA4B;IAC3C,OAAO,EAAE,wBAAwB,CAAC;IAClC,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,iBAAiB,EAAE,iBAAiB,CAAC;IACrC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,SAAS,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,EAAE,CAAC,EAAE,QAAQ,CAAC;CACf;AAED,MAAM,WAAW,cAAc;IAC7B,KAAK,EAAE,UAAU,GAAG,UAAU,CAAC;IAC/B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,2BAA2B;IAC1C,SAAS,EAAE,MAAM,CAAC;IAClB,EAAE,EAAE,OAAO,CAAC;IACZ,OAAO,EAAE,iBAAiB,CAAC;IAC3B,cAAc,EAAE,OAAO,CAAC;IACxB,cAAc,EAAE,OAAO,CAAC;IACxB,WAAW,EAAE,OAAO,CAAC;IACrB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,uBAAuB,EAAE,MAAM,CAAC;IAGhC,KAAK,EAAE;QACL,EAAE,EAAE,OAAO,CAAC;QACZ,gBAAgB,EAAE,MAAM,CAAC;QACzB,mBAAmB,EAAE,MAAM,CAAC;KAC7B,CAAC;IACF,MAAM,EAAE,cAAc,EAAE,CAAC;CAC1B;AAED,wBAAgB,wBAAwB,CACtC,OAAO,EAAE,4BAA4B,GACpC,2BAA2B,CA8E7B"}
|
|
@@ -0,0 +1,81 @@
|
|
|
1
|
+
import { appendOnly, readBaseRefFile, splitJsonlLines } from "../appendOnly.js";
|
|
2
|
+
import { readEvidenceJsonl, validateEvidenceLedger, verifyLedgerChain } from "../evidenceLedger.js";
|
|
3
|
+
import { validateBindingsJsonl } from "../registry.js";
|
|
4
|
+
import { nodeMarkerFs } from "./io.js";
|
|
5
|
+
import { loadMarkerRows } from "./shared.js";
|
|
6
|
+
export function runValidateLedgerCommand(options) {
|
|
7
|
+
const fs = options.fs ?? nodeMarkerFs;
|
|
8
|
+
const loaded = loadMarkerRows(options.context);
|
|
9
|
+
const errors = [];
|
|
10
|
+
// --- Evidence ledger (spec 8.4 steps 1,3,4,6-9) ---
|
|
11
|
+
const evidenceText = fs.readText(options.evidencePath) ?? "";
|
|
12
|
+
const evidenceBaseText = options.baseRef !== undefined
|
|
13
|
+
? readBaseRefFile(options.baseRef, options.evidencePath, {
|
|
14
|
+
cwd: options.repoCwd,
|
|
15
|
+
runner: options.gitRunner
|
|
16
|
+
})
|
|
17
|
+
: undefined;
|
|
18
|
+
const evidenceResult = validateEvidenceLedger(evidenceText, {
|
|
19
|
+
publicKeyResolver: options.publicKeyResolver,
|
|
20
|
+
yamlRowIds: loaded.rowIds,
|
|
21
|
+
baseRefOldText: evidenceBaseText
|
|
22
|
+
});
|
|
23
|
+
for (const error of evidenceResult.errors) {
|
|
24
|
+
errors.push({ scope: "evidence", code: error.code, line: error.line, message: error.message });
|
|
25
|
+
}
|
|
26
|
+
// --- Tamper-evident hash chain (v1 ledger chain, Piece 2) ---
|
|
27
|
+
// Verify the contiguous chained suffix, tolerating a leading legacy prefix.
|
|
28
|
+
// Operates over the same parsed-JSONL line ordering the chain was minted on.
|
|
29
|
+
const chainResult = verifyLedgerChain(readEvidenceJsonl(evidenceText).lines);
|
|
30
|
+
for (const error of chainResult.errors) {
|
|
31
|
+
errors.push({ scope: "evidence", code: error.code, line: error.line, message: error.message });
|
|
32
|
+
}
|
|
33
|
+
// --- Binding registry (spec 8.4 steps 2,3,5,10-12) ---
|
|
34
|
+
const bindingsText = fs.readText(options.bindingsPath) ?? "";
|
|
35
|
+
const registryResult = validateBindingsJsonl(bindingsText, loaded.rowIds);
|
|
36
|
+
for (const error of registryResult.errors) {
|
|
37
|
+
errors.push({ scope: "registry", code: error.code, line: error.line, message: error.message });
|
|
38
|
+
}
|
|
39
|
+
// Registry append-only vs base ref (spec 8.4 step 5).
|
|
40
|
+
let registryAppendOnly = true;
|
|
41
|
+
if (options.baseRef !== undefined) {
|
|
42
|
+
const oldText = readBaseRefFile(options.baseRef, options.bindingsPath, {
|
|
43
|
+
cwd: options.repoCwd,
|
|
44
|
+
runner: options.gitRunner
|
|
45
|
+
});
|
|
46
|
+
const check = appendOnly(splitJsonlLines(oldText), splitJsonlLines(bindingsText));
|
|
47
|
+
if (!check.ok) {
|
|
48
|
+
registryAppendOnly = false;
|
|
49
|
+
errors.push({
|
|
50
|
+
scope: "registry",
|
|
51
|
+
code: "APPEND_ONLY_VIOLATION",
|
|
52
|
+
line: check.violation.index + 1,
|
|
53
|
+
message: check.violation.message
|
|
54
|
+
});
|
|
55
|
+
}
|
|
56
|
+
}
|
|
57
|
+
const evidenceValid = evidenceResult.errors.length === 0 && chainResult.ok;
|
|
58
|
+
const registryValid = registryResult.errors.length === 0 && registryAppendOnly;
|
|
59
|
+
const appendOnlyOk = evidenceResult.append_only && registryAppendOnly;
|
|
60
|
+
const ok = evidenceValid && registryValid;
|
|
61
|
+
return {
|
|
62
|
+
exit_code: ok ? 0 : 4,
|
|
63
|
+
ok,
|
|
64
|
+
command: "validate-ledger",
|
|
65
|
+
evidence_valid: evidenceValid,
|
|
66
|
+
registry_valid: registryValid,
|
|
67
|
+
append_only: appendOnlyOk,
|
|
68
|
+
proof_events_checked: evidenceResult.summary.proof_events_checked,
|
|
69
|
+
registry_events_checked: countJsonlLines(bindingsText),
|
|
70
|
+
chain: {
|
|
71
|
+
ok: chainResult.ok,
|
|
72
|
+
verified_entries: chainResult.verified_entries,
|
|
73
|
+
legacy_prefix_count: chainResult.legacy_prefix_count
|
|
74
|
+
},
|
|
75
|
+
errors
|
|
76
|
+
};
|
|
77
|
+
}
|
|
78
|
+
function countJsonlLines(text) {
|
|
79
|
+
return splitJsonlLines(text).filter((line) => line.trim() !== "").length;
|
|
80
|
+
}
|
|
81
|
+
//# sourceMappingURL=validateLedger.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"validateLedger.js","sourceRoot":"","sources":["../../../src/markers/cli/validateLedger.ts"],"names":[],"mappings":"AAQA,OAAO,EACL,UAAU,EACV,eAAe,EACf,eAAe,EAEhB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EACL,iBAAiB,EACjB,sBAAsB,EACtB,iBAAiB,EAClB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,qBAAqB,EAAE,MAAM,gBAAgB,CAAC;AAEvD,OAAO,EAAE,YAAY,EAAiB,MAAM,SAAS,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAuC7C,MAAM,UAAU,wBAAwB,CACtC,OAAqC;IAErC,MAAM,EAAE,GAAG,OAAO,CAAC,EAAE,IAAI,YAAY,CAAC;IACtC,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAC/C,MAAM,MAAM,GAAqB,EAAE,CAAC;IAEpC,qDAAqD;IACrD,MAAM,YAAY,GAAG,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;IAC7D,MAAM,gBAAgB,GACpB,OAAO,CAAC,OAAO,KAAK,SAAS;QAC3B,CAAC,CAAC,eAAe,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,YAAY,EAAE;YACrD,GAAG,EAAE,OAAO,CAAC,OAAO;YACpB,MAAM,EAAE,OAAO,CAAC,SAAS;SAC1B,CAAC;QACJ,CAAC,CAAC,SAAS,CAAC;IAChB,MAAM,cAAc,GAAG,sBAAsB,CAAC,YAAY,EAAE;QAC1D,iBAAiB,EAAE,OAAO,CAAC,iBAAiB;QAC5C,UAAU,EAAE,MAAM,CAAC,MAAM;QACzB,cAAc,EAAE,gBAAgB;KACjC,CAAC,CAAC;IACH,KAAK,MAAM,KAAK,IAAI,cAAc,CAAC,MAAM,EAAE,CAAC;QAC1C,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IACjG,CAAC;IAED,+DAA+D;IAC/D,4EAA4E;IAC5E,6EAA6E;IAC7E,MAAM,WAAW,GAAG,iBAAiB,CAAC,iBAAiB,CAAC,YAAY,CAAC,CAAC,KAAK,CAAC,CAAC;IAC7E,KAAK,MAAM,KAAK,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC;QACvC,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IACjG,CAAC;IAED,wDAAwD;IACxD,MAAM,YAAY,GAAG,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;IAC7D,MAAM,cAAc,GAAG,qBAAqB,CAAC,YAAY,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IAC1E,KAAK,MAAM,KAAK,IAAI,cAAc,CAAC,MAAM,EAAE,CAAC;QAC1C,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;IACjG,CAAC;IAED,sDAAsD;IACtD,IAAI,kBAAkB,GAAG,IAAI,CAAC;IAC9B,IAAI,OAAO,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;QAClC,MAAM,OAAO,GAAG,eAAe,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,YAAY,EAAE;YACrE,GAAG,EAAE,OAAO,CAAC,OAAO;YACpB,MAAM,EAAE,OAAO,CAAC,SAAS;SAC1B,CAAC,CAAC;QACH,MAAM,KAAK,GAAG,UAAU,CAAC,eAAe,CAAC,OAAO,CAAC,EAAE,eAAe,CAAC,YAAY,CAAC,CAAC,CAAC;QAClF,IAAI,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;YACd,kBAAkB,GAAG,KAAK,CAAC;YAC3B,MAAM,CAAC,IAAI,CAAC;gBACV,KAAK,EAAE,UAAU;gBACjB,IAAI,EAAE,uBAAuB;gBAC7B,IAAI,EAAE,KAAK,CAAC,SAAS,CAAC,KAAK,GAAG,CAAC;gBAC/B,OAAO,EAAE,KAAK,CAAC,SAAS,CAAC,OAAO;aACjC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,MAAM,aAAa,GAAG,cAAc,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,IAAI,WAAW,CAAC,EAAE,CAAC;IAC3E,MAAM,aAAa,GAAG,cAAc,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,IAAI,kBAAkB,CAAC;IAC/E,MAAM,YAAY,GAAG,cAAc,CAAC,WAAW,IAAI,kBAAkB,CAAC;IACtE,MAAM,EAAE,GAAG,aAAa,IAAI,aAAa,CAAC;IAE1C,OAAO;QACL,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACrB,EAAE;QACF,OAAO,EAAE,iBAAiB;QAC1B,cAAc,EAAE,aAAa;QAC7B,cAAc,EAAE,aAAa;QAC7B,WAAW,EAAE,YAAY;QACzB,oBAAoB,EAAE,cAAc,CAAC,OAAO,CAAC,oBAAoB;QACjE,uBAAuB,EAAE,eAAe,CAAC,YAAY,CAAC;QACtD,KAAK,EAAE;YACL,EAAE,EAAE,WAAW,CAAC,EAAE;YAClB,gBAAgB,EAAE,WAAW,CAAC,gBAAgB;YAC9C,mBAAmB,EAAE,WAAW,CAAC,mBAAmB;SACrD;QACD,MAAM;KACP,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CAAC,IAAY;IACnC,OAAO,eAAe,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,CAAC;AAC3E,CAAC"}
|
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
import type { ResolvedWorkspaceContext } from "../../roots.js";
|
|
2
|
+
import type { CommentPrefixConfig } from "../commentPrefix.js";
|
|
3
|
+
import type { PublicKeyResolver } from "../proofSignature.js";
|
|
4
|
+
import type { GitRunner } from "../appendOnly.js";
|
|
5
|
+
import { type MarkerFs } from "./io.js";
|
|
6
|
+
export declare const VERIFICATION_RESULT_SCHEMA_ID = "ucase-verification-result-v1";
|
|
7
|
+
export interface VerifySpawnRequest {
|
|
8
|
+
command: string[];
|
|
9
|
+
cwd: string;
|
|
10
|
+
timeout_seconds?: number;
|
|
11
|
+
}
|
|
12
|
+
export interface VerifySpawnResult {
|
|
13
|
+
exit_code: number;
|
|
14
|
+
timed_out: boolean;
|
|
15
|
+
stdout: string;
|
|
16
|
+
stderr: string;
|
|
17
|
+
}
|
|
18
|
+
export type VerifySpawnRunner = (request: VerifySpawnRequest) => VerifySpawnResult;
|
|
19
|
+
export interface VerificationResultRecord {
|
|
20
|
+
schema: typeof VERIFICATION_RESULT_SCHEMA_ID;
|
|
21
|
+
row_id: string;
|
|
22
|
+
slug: string;
|
|
23
|
+
status: "pass" | "fail" | "blocked";
|
|
24
|
+
evidence_kind: string | null;
|
|
25
|
+
verifier_id: string | null;
|
|
26
|
+
verifier_kind: string | null;
|
|
27
|
+
exit_code: number | null;
|
|
28
|
+
row_hash: string;
|
|
29
|
+
binding_set_hash: string;
|
|
30
|
+
span_sha256s: string[];
|
|
31
|
+
verification_context_hash: string;
|
|
32
|
+
stdout_sha256: string | null;
|
|
33
|
+
stderr_sha256: string | null;
|
|
34
|
+
created_at: string;
|
|
35
|
+
}
|
|
36
|
+
export interface VerifyCommandOptions {
|
|
37
|
+
context: ResolvedWorkspaceContext;
|
|
38
|
+
productRoot: string;
|
|
39
|
+
bindingsPath: string;
|
|
40
|
+
evidencePath: string;
|
|
41
|
+
publicKeyResolver: PublicKeyResolver;
|
|
42
|
+
generatedAt: string;
|
|
43
|
+
all?: boolean;
|
|
44
|
+
rowId?: string;
|
|
45
|
+
outPath?: string;
|
|
46
|
+
spawnRunner?: VerifySpawnRunner;
|
|
47
|
+
fs?: MarkerFs;
|
|
48
|
+
commentConfig?: CommentPrefixConfig;
|
|
49
|
+
baseRef?: string;
|
|
50
|
+
gitRunner?: GitRunner;
|
|
51
|
+
repoCwd?: string;
|
|
52
|
+
}
|
|
53
|
+
export interface VerifyCommandResult {
|
|
54
|
+
exit_code: number;
|
|
55
|
+
ok: boolean;
|
|
56
|
+
command: "verify";
|
|
57
|
+
results: VerificationResultRecord[];
|
|
58
|
+
out_path: string | null;
|
|
59
|
+
errors: Array<{
|
|
60
|
+
code: string;
|
|
61
|
+
message: string;
|
|
62
|
+
}>;
|
|
63
|
+
}
|
|
64
|
+
export declare function runVerifyCommand(options: VerifyCommandOptions): VerifyCommandResult;
|
|
65
|
+
//# sourceMappingURL=verify.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verify.d.ts","sourceRoot":"","sources":["../../../src/markers/cli/verify.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,gBAAgB,CAAC;AAC/D,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAM/D,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AAE9D,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAAgB,KAAK,QAAQ,EAAE,MAAM,SAAS,CAAC;AAKtD,eAAO,MAAM,6BAA6B,iCAAiC,CAAC;AAG5E,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,GAAG,EAAE,MAAM,CAAC;IACZ,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAGD,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;CAChB;AAGD,MAAM,MAAM,iBAAiB,GAAG,CAAC,OAAO,EAAE,kBAAkB,KAAK,iBAAiB,CAAC;AAMnF,MAAM,WAAW,wBAAwB;IACvC,MAAM,EAAE,OAAO,6BAA6B,CAAC;IAC7C,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;IACpC,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,gBAAgB,EAAE,MAAM,CAAC;IACzB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,yBAAyB,EAAE,MAAM,CAAC;IAClC,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,wBAAwB,CAAC;IAClC,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,iBAAiB,EAAE,iBAAiB,CAAC;IACrC,WAAW,EAAE,MAAM,CAAC;IAEpB,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,WAAW,CAAC,EAAE,iBAAiB,CAAC;IAChC,EAAE,CAAC,EAAE,QAAQ,CAAC;IACd,aAAa,CAAC,EAAE,mBAAmB,CAAC;IACpC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,SAAS,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,mBAAmB;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,EAAE,EAAE,OAAO,CAAC;IACZ,OAAO,EAAE,QAAQ,CAAC;IAClB,OAAO,EAAE,wBAAwB,EAAE,CAAC;IACpC,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;IACxB,MAAM,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CAClD;AAqCD,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,oBAAoB,GAAG,mBAAmB,CAuNnF"}
|