@adammcarter/use-cases 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.agents/skills/migration/SKILL.md +85 -0
- package/.agents/skills/showcase/SKILL.md +60 -0
- package/.agents/skills/use-cases/SKILL.md +161 -0
- package/.agents/skills/walkthrough/SKILL.md +48 -0
- package/.claude-plugin/plugin.json +14 -0
- package/.codex-plugin/plugin.json +33 -0
- package/.mcp.json +8 -0
- package/.opencode/plugin/use-cases.js +32 -0
- package/CHANGELOG.md +125 -0
- package/LICENSE +21 -0
- package/README.md +112 -0
- package/bootstrap/use-cases.md +60 -0
- package/docs/README.md +51 -0
- package/docs/acceptance.md +16 -0
- package/docs/activation.md +89 -0
- package/docs/adr/0001-p0-bootstrap-decisions.md +107 -0
- package/docs/adr/0002-p1-schema-contracts.md +136 -0
- package/docs/adr/0003-p2-use-case-matrix-contracts.md +67 -0
- package/docs/adr/0004-p3-evidence-ledger-contracts.md +85 -0
- package/docs/adr/0005-p4-cli-contract.md +70 -0
- package/docs/adr/0006-trusted-user-approval-path.md +125 -0
- package/docs/cli.md +108 -0
- package/docs/data-model.md +56 -0
- package/docs/getting-started.md +296 -0
- package/docs/hosts.md +30 -0
- package/docs/markers-adoption.md +100 -0
- package/docs/mcp.md +114 -0
- package/docs/migration.md +90 -0
- package/docs/reference/error-codes.md +123 -0
- package/docs/reference/stability.md +123 -0
- package/docs/release.md +26 -0
- package/docs/security/ci-hardening.md +144 -0
- package/docs/security/key-management.md +158 -0
- package/docs/security.md +66 -0
- package/docs/showcase.md +39 -0
- package/docs/tutorials/python-pytest.md +188 -0
- package/examples/basic-product/demo-capsules/product-search.yml +23 -0
- package/examples/basic-product/evidence/by-id/ev/evidence-basic-search.jsonl +1 -0
- package/examples/basic-product/showcase-runs/run.basic.product.search/events.jsonl +4 -0
- package/examples/basic-product/use-cases/product.yml +85 -0
- package/examples/basic-product/use-cases.yml +9 -0
- package/examples/damaged-product/evidence/broken.jsonl +1 -0
- package/examples/damaged-product/use-cases/duplicate-a.yml +28 -0
- package/examples/damaged-product/use-cases/duplicate-b.yml +28 -0
- package/examples/damaged-product/use-cases/malformed.yml +14 -0
- package/examples/damaged-product/use-cases/valid-sibling.yml +28 -0
- package/examples/damaged-product/use-cases.yml +9 -0
- package/examples/host-projections/use-cases.yml +9 -0
- package/examples/python-pytest/README.md +39 -0
- package/examples/python-pytest/pytest.ini +8 -0
- package/examples/python-pytest/src/coupon.py +32 -0
- package/examples/python-pytest/tests/use_cases/example.checkout.apply_coupon_test.py +31 -0
- package/examples/python-pytest/use-cases/checkout.yml +47 -0
- package/examples/python-pytest/use-cases.yml +19 -0
- package/hooks/hooks-codex.json +16 -0
- package/hooks/hooks.json +16 -0
- package/hooks/session-start +42 -0
- package/hosts/claude.yml +29 -0
- package/hosts/codex.yml +29 -0
- package/hosts/copilot.yml +29 -0
- package/hosts/opencode.yml +29 -0
- package/package.json +81 -0
- package/packages/cli/README.md +37 -0
- package/packages/cli/dist/args/parse.d.ts +6 -0
- package/packages/cli/dist/args/parse.d.ts.map +1 -0
- package/packages/cli/dist/args/parse.js +55 -0
- package/packages/cli/dist/args/parse.js.map +1 -0
- package/packages/cli/dist/args/validate.d.ts +3 -0
- package/packages/cli/dist/args/validate.d.ts.map +1 -0
- package/packages/cli/dist/args/validate.js +80 -0
- package/packages/cli/dist/args/validate.js.map +1 -0
- package/packages/cli/dist/builtins.d.ts +2 -0
- package/packages/cli/dist/builtins.d.ts.map +1 -0
- package/packages/cli/dist/builtins.js +235 -0
- package/packages/cli/dist/builtins.js.map +1 -0
- package/packages/cli/dist/command/dispatch.d.ts +4 -0
- package/packages/cli/dist/command/dispatch.d.ts.map +1 -0
- package/packages/cli/dist/command/dispatch.js +45 -0
- package/packages/cli/dist/command/dispatch.js.map +1 -0
- package/packages/cli/dist/command/help-catalog.d.ts +13 -0
- package/packages/cli/dist/command/help-catalog.d.ts.map +1 -0
- package/packages/cli/dist/command/help-catalog.js +42 -0
- package/packages/cli/dist/command/help-catalog.js.map +1 -0
- package/packages/cli/dist/command/registry.d.ts +3 -0
- package/packages/cli/dist/command/registry.d.ts.map +1 -0
- package/packages/cli/dist/command/registry.js +33 -0
- package/packages/cli/dist/command/registry.js.map +1 -0
- package/packages/cli/dist/command/types.d.ts +32 -0
- package/packages/cli/dist/command/types.d.ts.map +1 -0
- package/packages/cli/dist/command/types.js +6 -0
- package/packages/cli/dist/command/types.js.map +1 -0
- package/packages/cli/dist/commands/capsule.d.ts +7 -0
- package/packages/cli/dist/commands/capsule.d.ts.map +1 -0
- package/packages/cli/dist/commands/capsule.js +178 -0
- package/packages/cli/dist/commands/capsule.js.map +1 -0
- package/packages/cli/dist/commands/common.d.ts +7 -0
- package/packages/cli/dist/commands/common.d.ts.map +1 -0
- package/packages/cli/dist/commands/common.js +32 -0
- package/packages/cli/dist/commands/common.js.map +1 -0
- package/packages/cli/dist/commands/doctor.d.ts +6 -0
- package/packages/cli/dist/commands/doctor.d.ts.map +1 -0
- package/packages/cli/dist/commands/doctor.js +133 -0
- package/packages/cli/dist/commands/doctor.js.map +1 -0
- package/packages/cli/dist/commands/evidence.d.ts +6 -0
- package/packages/cli/dist/commands/evidence.d.ts.map +1 -0
- package/packages/cli/dist/commands/evidence.js +191 -0
- package/packages/cli/dist/commands/evidence.js.map +1 -0
- package/packages/cli/dist/commands/host.d.ts +6 -0
- package/packages/cli/dist/commands/host.d.ts.map +1 -0
- package/packages/cli/dist/commands/host.js +180 -0
- package/packages/cli/dist/commands/host.js.map +1 -0
- package/packages/cli/dist/commands/keygen.d.ts +4 -0
- package/packages/cli/dist/commands/keygen.d.ts.map +1 -0
- package/packages/cli/dist/commands/keygen.js +132 -0
- package/packages/cli/dist/commands/keygen.js.map +1 -0
- package/packages/cli/dist/commands/markers.d.ts +8 -0
- package/packages/cli/dist/commands/markers.d.ts.map +1 -0
- package/packages/cli/dist/commands/markers.js +455 -0
- package/packages/cli/dist/commands/markers.js.map +1 -0
- package/packages/cli/dist/commands/matrix.d.ts +8 -0
- package/packages/cli/dist/commands/matrix.d.ts.map +1 -0
- package/packages/cli/dist/commands/matrix.js +237 -0
- package/packages/cli/dist/commands/matrix.js.map +1 -0
- package/packages/cli/dist/commands/migrate.d.ts +4 -0
- package/packages/cli/dist/commands/migrate.d.ts.map +1 -0
- package/packages/cli/dist/commands/migrate.js +82 -0
- package/packages/cli/dist/commands/migrate.js.map +1 -0
- package/packages/cli/dist/commands/plan.d.ts +6 -0
- package/packages/cli/dist/commands/plan.d.ts.map +1 -0
- package/packages/cli/dist/commands/plan.js +129 -0
- package/packages/cli/dist/commands/plan.js.map +1 -0
- package/packages/cli/dist/commands/recover.d.ts +4 -0
- package/packages/cli/dist/commands/recover.d.ts.map +1 -0
- package/packages/cli/dist/commands/recover.js +352 -0
- package/packages/cli/dist/commands/recover.js.map +1 -0
- package/packages/cli/dist/commands/schema.d.ts +5 -0
- package/packages/cli/dist/commands/schema.d.ts.map +1 -0
- package/packages/cli/dist/commands/schema.js +51 -0
- package/packages/cli/dist/commands/schema.js.map +1 -0
- package/packages/cli/dist/commands/showcase.d.ts +14 -0
- package/packages/cli/dist/commands/showcase.d.ts.map +1 -0
- package/packages/cli/dist/commands/showcase.js +638 -0
- package/packages/cli/dist/commands/showcase.js.map +1 -0
- package/packages/cli/dist/commands/workflow.d.ts +5 -0
- package/packages/cli/dist/commands/workflow.d.ts.map +1 -0
- package/packages/cli/dist/commands/workflow.js +107 -0
- package/packages/cli/dist/commands/workflow.js.map +1 -0
- package/packages/cli/dist/coreLoader.d.ts +6 -0
- package/packages/cli/dist/coreLoader.d.ts.map +1 -0
- package/packages/cli/dist/coreLoader.js +34 -0
- package/packages/cli/dist/coreLoader.js.map +1 -0
- package/packages/cli/dist/index.d.ts +5 -0
- package/packages/cli/dist/index.d.ts.map +1 -0
- package/packages/cli/dist/index.js +83 -0
- package/packages/cli/dist/index.js.map +1 -0
- package/packages/cli/dist/render.d.ts +2 -0
- package/packages/cli/dist/render.d.ts.map +1 -0
- package/packages/cli/dist/render.js +88 -0
- package/packages/cli/dist/render.js.map +1 -0
- package/packages/cli/dist/runtime.d.ts +25 -0
- package/packages/cli/dist/runtime.d.ts.map +1 -0
- package/packages/cli/dist/runtime.js +89 -0
- package/packages/cli/dist/runtime.js.map +1 -0
- package/packages/cli/package.json +38 -0
- package/packages/core/README.md +37 -0
- package/packages/core/dist/capsules/index.d.ts +4 -0
- package/packages/core/dist/capsules/index.d.ts.map +1 -0
- package/packages/core/dist/capsules/index.js +4 -0
- package/packages/core/dist/capsules/index.js.map +1 -0
- package/packages/core/dist/capsules/loadCapsule.d.ts +11 -0
- package/packages/core/dist/capsules/loadCapsule.d.ts.map +1 -0
- package/packages/core/dist/capsules/loadCapsule.js +167 -0
- package/packages/core/dist/capsules/loadCapsule.js.map +1 -0
- package/packages/core/dist/capsules/runCapsule.d.ts +3 -0
- package/packages/core/dist/capsules/runCapsule.d.ts.map +1 -0
- package/packages/core/dist/capsules/runCapsule.js +333 -0
- package/packages/core/dist/capsules/runCapsule.js.map +1 -0
- package/packages/core/dist/capsules/types.d.ts +106 -0
- package/packages/core/dist/capsules/types.d.ts.map +1 -0
- package/packages/core/dist/capsules/types.js +2 -0
- package/packages/core/dist/capsules/types.js.map +1 -0
- package/packages/core/dist/durableWrite.d.ts +2 -0
- package/packages/core/dist/durableWrite.d.ts.map +1 -0
- package/packages/core/dist/durableWrite.js +34 -0
- package/packages/core/dist/durableWrite.js.map +1 -0
- package/packages/core/dist/errors/registry.d.ts +122 -0
- package/packages/core/dist/errors/registry.d.ts.map +1 -0
- package/packages/core/dist/errors/registry.js +206 -0
- package/packages/core/dist/errors/registry.js.map +1 -0
- package/packages/core/dist/errors/render.d.ts +3 -0
- package/packages/core/dist/errors/render.d.ts.map +1 -0
- package/packages/core/dist/errors/render.js +64 -0
- package/packages/core/dist/errors/render.js.map +1 -0
- package/packages/core/dist/errors.d.ts +5 -0
- package/packages/core/dist/errors.d.ts.map +1 -0
- package/packages/core/dist/errors.js +9 -0
- package/packages/core/dist/errors.js.map +1 -0
- package/packages/core/dist/evidence/appendEvidenceEvent.d.ts +27 -0
- package/packages/core/dist/evidence/appendEvidenceEvent.d.ts.map +1 -0
- package/packages/core/dist/evidence/appendEvidenceEvent.js +218 -0
- package/packages/core/dist/evidence/appendEvidenceEvent.js.map +1 -0
- package/packages/core/dist/evidence/assurance.d.ts +18 -0
- package/packages/core/dist/evidence/assurance.d.ts.map +1 -0
- package/packages/core/dist/evidence/assurance.js +38 -0
- package/packages/core/dist/evidence/assurance.js.map +1 -0
- package/packages/core/dist/evidence/index.d.ts +8 -0
- package/packages/core/dist/evidence/index.d.ts.map +1 -0
- package/packages/core/dist/evidence/index.js +8 -0
- package/packages/core/dist/evidence/index.js.map +1 -0
- package/packages/core/dist/evidence/jsonlLedger.d.ts +13 -0
- package/packages/core/dist/evidence/jsonlLedger.d.ts.map +1 -0
- package/packages/core/dist/evidence/jsonlLedger.js +171 -0
- package/packages/core/dist/evidence/jsonlLedger.js.map +1 -0
- package/packages/core/dist/evidence/linkEvidence.d.ts +4 -0
- package/packages/core/dist/evidence/linkEvidence.d.ts.map +1 -0
- package/packages/core/dist/evidence/linkEvidence.js +53 -0
- package/packages/core/dist/evidence/linkEvidence.js.map +1 -0
- package/packages/core/dist/evidence/replayEvidence.d.ts +6 -0
- package/packages/core/dist/evidence/replayEvidence.d.ts.map +1 -0
- package/packages/core/dist/evidence/replayEvidence.js +216 -0
- package/packages/core/dist/evidence/replayEvidence.js.map +1 -0
- package/packages/core/dist/evidence/results.d.ts +4 -0
- package/packages/core/dist/evidence/results.d.ts.map +1 -0
- package/packages/core/dist/evidence/results.js +32 -0
- package/packages/core/dist/evidence/results.js.map +1 -0
- package/packages/core/dist/evidence/types.d.ts +149 -0
- package/packages/core/dist/evidence/types.d.ts.map +1 -0
- package/packages/core/dist/evidence/types.js +2 -0
- package/packages/core/dist/evidence/types.js.map +1 -0
- package/packages/core/dist/host-profiles/claude.yml +29 -0
- package/packages/core/dist/host-profiles/codex.yml +29 -0
- package/packages/core/dist/host-profiles/copilot.yml +29 -0
- package/packages/core/dist/host-profiles/opencode.yml +29 -0
- package/packages/core/dist/hosts/conformanceStatus.d.ts +16 -0
- package/packages/core/dist/hosts/conformanceStatus.d.ts.map +1 -0
- package/packages/core/dist/hosts/conformanceStatus.js +160 -0
- package/packages/core/dist/hosts/conformanceStatus.js.map +1 -0
- package/packages/core/dist/hosts/index.d.ts +5 -0
- package/packages/core/dist/hosts/index.d.ts.map +1 -0
- package/packages/core/dist/hosts/index.js +5 -0
- package/packages/core/dist/hosts/index.js.map +1 -0
- package/packages/core/dist/hosts/loadHostProfile.d.ts +6 -0
- package/packages/core/dist/hosts/loadHostProfile.d.ts.map +1 -0
- package/packages/core/dist/hosts/loadHostProfile.js +41 -0
- package/packages/core/dist/hosts/loadHostProfile.js.map +1 -0
- package/packages/core/dist/hosts/projectHostFiles.d.ts +16 -0
- package/packages/core/dist/hosts/projectHostFiles.d.ts.map +1 -0
- package/packages/core/dist/hosts/projectHostFiles.js +272 -0
- package/packages/core/dist/hosts/projectHostFiles.js.map +1 -0
- package/packages/core/dist/hosts/types.d.ts +122 -0
- package/packages/core/dist/hosts/types.d.ts.map +1 -0
- package/packages/core/dist/hosts/types.js +2 -0
- package/packages/core/dist/hosts/types.js.map +1 -0
- package/packages/core/dist/index.d.ts +26 -0
- package/packages/core/dist/index.d.ts.map +1 -0
- package/packages/core/dist/index.js +31 -0
- package/packages/core/dist/index.js.map +1 -0
- package/packages/core/dist/init/index.d.ts +2 -0
- package/packages/core/dist/init/index.d.ts.map +1 -0
- package/packages/core/dist/init/index.js +3 -0
- package/packages/core/dist/init/index.js.map +1 -0
- package/packages/core/dist/init/scaffold.d.ts +28 -0
- package/packages/core/dist/init/scaffold.d.ts.map +1 -0
- package/packages/core/dist/init/scaffold.js +293 -0
- package/packages/core/dist/init/scaffold.js.map +1 -0
- package/packages/core/dist/markers/appendOnly.d.ts +23 -0
- package/packages/core/dist/markers/appendOnly.d.ts.map +1 -0
- package/packages/core/dist/markers/appendOnly.js +75 -0
- package/packages/core/dist/markers/appendOnly.js.map +1 -0
- package/packages/core/dist/markers/bindingSetHash.d.ts +28 -0
- package/packages/core/dist/markers/bindingSetHash.d.ts.map +1 -0
- package/packages/core/dist/markers/bindingSetHash.js +33 -0
- package/packages/core/dist/markers/bindingSetHash.js.map +1 -0
- package/packages/core/dist/markers/canonicalJson.d.ts +4 -0
- package/packages/core/dist/markers/canonicalJson.d.ts.map +1 -0
- package/packages/core/dist/markers/canonicalJson.js +51 -0
- package/packages/core/dist/markers/canonicalJson.js.map +1 -0
- package/packages/core/dist/markers/ciAuthority.d.ts +17 -0
- package/packages/core/dist/markers/ciAuthority.d.ts.map +1 -0
- package/packages/core/dist/markers/ciAuthority.js +131 -0
- package/packages/core/dist/markers/ciAuthority.js.map +1 -0
- package/packages/core/dist/markers/cli/bind.d.ts +48 -0
- package/packages/core/dist/markers/cli/bind.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/bind.js +198 -0
- package/packages/core/dist/markers/cli/bind.js.map +1 -0
- package/packages/core/dist/markers/cli/index.d.ts +9 -0
- package/packages/core/dist/markers/cli/index.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/index.js +15 -0
- package/packages/core/dist/markers/cli/index.js.map +1 -0
- package/packages/core/dist/markers/cli/io.d.ts +18 -0
- package/packages/core/dist/markers/cli/io.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/io.js +62 -0
- package/packages/core/dist/markers/cli/io.js.map +1 -0
- package/packages/core/dist/markers/cli/precommit.d.ts +32 -0
- package/packages/core/dist/markers/cli/precommit.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/precommit.js +174 -0
- package/packages/core/dist/markers/cli/precommit.js.map +1 -0
- package/packages/core/dist/markers/cli/prove.d.ts +69 -0
- package/packages/core/dist/markers/cli/prove.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/prove.js +381 -0
- package/packages/core/dist/markers/cli/prove.js.map +1 -0
- package/packages/core/dist/markers/cli/scan.d.ts +63 -0
- package/packages/core/dist/markers/cli/scan.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/scan.js +233 -0
- package/packages/core/dist/markers/cli/scan.js.map +1 -0
- package/packages/core/dist/markers/cli/shared.d.ts +25 -0
- package/packages/core/dist/markers/cli/shared.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/shared.js +123 -0
- package/packages/core/dist/markers/cli/shared.js.map +1 -0
- package/packages/core/dist/markers/cli/validateLedger.d.ts +38 -0
- package/packages/core/dist/markers/cli/validateLedger.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/validateLedger.js +81 -0
- package/packages/core/dist/markers/cli/validateLedger.js.map +1 -0
- package/packages/core/dist/markers/cli/verify.d.ts +65 -0
- package/packages/core/dist/markers/cli/verify.d.ts.map +1 -0
- package/packages/core/dist/markers/cli/verify.js +245 -0
- package/packages/core/dist/markers/cli/verify.js.map +1 -0
- package/packages/core/dist/markers/commentPrefix.d.ts +7 -0
- package/packages/core/dist/markers/commentPrefix.d.ts.map +1 -0
- package/packages/core/dist/markers/commentPrefix.js +79 -0
- package/packages/core/dist/markers/commentPrefix.js.map +1 -0
- package/packages/core/dist/markers/constants.d.ts +10 -0
- package/packages/core/dist/markers/constants.d.ts.map +1 -0
- package/packages/core/dist/markers/constants.js +13 -0
- package/packages/core/dist/markers/constants.js.map +1 -0
- package/packages/core/dist/markers/evidenceLedger.d.ts +150 -0
- package/packages/core/dist/markers/evidenceLedger.d.ts.map +1 -0
- package/packages/core/dist/markers/evidenceLedger.js +391 -0
- package/packages/core/dist/markers/evidenceLedger.js.map +1 -0
- package/packages/core/dist/markers/freshness.d.ts +125 -0
- package/packages/core/dist/markers/freshness.d.ts.map +1 -0
- package/packages/core/dist/markers/freshness.js +605 -0
- package/packages/core/dist/markers/freshness.js.map +1 -0
- package/packages/core/dist/markers/index.d.ts +26 -0
- package/packages/core/dist/markers/index.d.ts.map +1 -0
- package/packages/core/dist/markers/index.js +38 -0
- package/packages/core/dist/markers/index.js.map +1 -0
- package/packages/core/dist/markers/keygen.d.ts +6 -0
- package/packages/core/dist/markers/keygen.d.ts.map +1 -0
- package/packages/core/dist/markers/keygen.js +18 -0
- package/packages/core/dist/markers/keygen.js.map +1 -0
- package/packages/core/dist/markers/keyring.d.ts +23 -0
- package/packages/core/dist/markers/keyring.d.ts.map +1 -0
- package/packages/core/dist/markers/keyring.js +93 -0
- package/packages/core/dist/markers/keyring.js.map +1 -0
- package/packages/core/dist/markers/markerLine.d.ts +35 -0
- package/packages/core/dist/markers/markerLine.d.ts.map +1 -0
- package/packages/core/dist/markers/markerLine.js +125 -0
- package/packages/core/dist/markers/markerLine.js.map +1 -0
- package/packages/core/dist/markers/physicalLines.d.ts +10 -0
- package/packages/core/dist/markers/physicalLines.d.ts.map +1 -0
- package/packages/core/dist/markers/physicalLines.js +48 -0
- package/packages/core/dist/markers/physicalLines.js.map +1 -0
- package/packages/core/dist/markers/policyHash.d.ts +4 -0
- package/packages/core/dist/markers/policyHash.d.ts.map +1 -0
- package/packages/core/dist/markers/policyHash.js +14 -0
- package/packages/core/dist/markers/policyHash.js.map +1 -0
- package/packages/core/dist/markers/proofSignature.d.ts +29 -0
- package/packages/core/dist/markers/proofSignature.d.ts.map +1 -0
- package/packages/core/dist/markers/proofSignature.js +106 -0
- package/packages/core/dist/markers/proofSignature.js.map +1 -0
- package/packages/core/dist/markers/reconcile.d.ts +26 -0
- package/packages/core/dist/markers/reconcile.d.ts.map +1 -0
- package/packages/core/dist/markers/reconcile.js +52 -0
- package/packages/core/dist/markers/reconcile.js.map +1 -0
- package/packages/core/dist/markers/registry.d.ts +53 -0
- package/packages/core/dist/markers/registry.d.ts.map +1 -0
- package/packages/core/dist/markers/registry.js +161 -0
- package/packages/core/dist/markers/registry.js.map +1 -0
- package/packages/core/dist/markers/rowHash.d.ts +2 -0
- package/packages/core/dist/markers/rowHash.d.ts.map +1 -0
- package/packages/core/dist/markers/rowHash.js +10 -0
- package/packages/core/dist/markers/rowHash.js.map +1 -0
- package/packages/core/dist/markers/scanner.d.ts +67 -0
- package/packages/core/dist/markers/scanner.d.ts.map +1 -0
- package/packages/core/dist/markers/scanner.js +292 -0
- package/packages/core/dist/markers/scanner.js.map +1 -0
- package/packages/core/dist/markers/schemas/binding-registry-event.schema.json +41 -0
- package/packages/core/dist/markers/schemas/freshness-status.schema.json +134 -0
- package/packages/core/dist/markers/schemas/proof-event.schema.json +170 -0
- package/packages/core/dist/markers/spanCanon.d.ts +4 -0
- package/packages/core/dist/markers/spanCanon.d.ts.map +1 -0
- package/packages/core/dist/markers/spanCanon.js +42 -0
- package/packages/core/dist/markers/spanCanon.js.map +1 -0
- package/packages/core/dist/markers/swiftFuncRecognizer.d.ts +36 -0
- package/packages/core/dist/markers/swiftFuncRecognizer.d.ts.map +1 -0
- package/packages/core/dist/markers/swiftFuncRecognizer.js +638 -0
- package/packages/core/dist/markers/swiftFuncRecognizer.js.map +1 -0
- package/packages/core/dist/markers/validators.d.ts +13 -0
- package/packages/core/dist/markers/validators.d.ts.map +1 -0
- package/packages/core/dist/markers/validators.js +64 -0
- package/packages/core/dist/markers/validators.js.map +1 -0
- package/packages/core/dist/markers/verificationContextHash.d.ts +23 -0
- package/packages/core/dist/markers/verificationContextHash.d.ts.map +1 -0
- package/packages/core/dist/markers/verificationContextHash.js +96 -0
- package/packages/core/dist/markers/verificationContextHash.js.map +1 -0
- package/packages/core/dist/markers/verifierPresets.d.ts +18 -0
- package/packages/core/dist/markers/verifierPresets.d.ts.map +1 -0
- package/packages/core/dist/markers/verifierPresets.js +71 -0
- package/packages/core/dist/markers/verifierPresets.js.map +1 -0
- package/packages/core/dist/markers/verifierResolver.d.ts +27 -0
- package/packages/core/dist/markers/verifierResolver.d.ts.map +1 -0
- package/packages/core/dist/markers/verifierResolver.js +151 -0
- package/packages/core/dist/markers/verifierResolver.js.map +1 -0
- package/packages/core/dist/migration/index.d.ts +2 -0
- package/packages/core/dist/migration/index.d.ts.map +1 -0
- package/packages/core/dist/migration/index.js +2 -0
- package/packages/core/dist/migration/index.js.map +1 -0
- package/packages/core/dist/migration/testMatrix.d.ts +42 -0
- package/packages/core/dist/migration/testMatrix.d.ts.map +1 -0
- package/packages/core/dist/migration/testMatrix.js +351 -0
- package/packages/core/dist/migration/testMatrix.js.map +1 -0
- package/packages/core/dist/package/index.d.ts +2 -0
- package/packages/core/dist/package/index.d.ts.map +1 -0
- package/packages/core/dist/package/index.js +2 -0
- package/packages/core/dist/package/index.js.map +1 -0
- package/packages/core/dist/package/inspectPackage.d.ts +67 -0
- package/packages/core/dist/package/inspectPackage.d.ts.map +1 -0
- package/packages/core/dist/package/inspectPackage.js +371 -0
- package/packages/core/dist/package/inspectPackage.js.map +1 -0
- package/packages/core/dist/presentation/candidates.d.ts +13 -0
- package/packages/core/dist/presentation/candidates.d.ts.map +1 -0
- package/packages/core/dist/presentation/candidates.js +86 -0
- package/packages/core/dist/presentation/candidates.js.map +1 -0
- package/packages/core/dist/presentation/index.d.ts +8 -0
- package/packages/core/dist/presentation/index.d.ts.map +1 -0
- package/packages/core/dist/presentation/index.js +8 -0
- package/packages/core/dist/presentation/index.js.map +1 -0
- package/packages/core/dist/presentation/items.d.ts +18 -0
- package/packages/core/dist/presentation/items.d.ts.map +1 -0
- package/packages/core/dist/presentation/items.js +228 -0
- package/packages/core/dist/presentation/items.js.map +1 -0
- package/packages/core/dist/presentation/ordering.d.ts +8 -0
- package/packages/core/dist/presentation/ordering.d.ts.map +1 -0
- package/packages/core/dist/presentation/ordering.js +31 -0
- package/packages/core/dist/presentation/ordering.js.map +1 -0
- package/packages/core/dist/presentation/planHelpers.d.ts +26 -0
- package/packages/core/dist/presentation/planHelpers.d.ts.map +1 -0
- package/packages/core/dist/presentation/planHelpers.js +62 -0
- package/packages/core/dist/presentation/planHelpers.js.map +1 -0
- package/packages/core/dist/presentation/presentationFormat.d.ts +39 -0
- package/packages/core/dist/presentation/presentationFormat.d.ts.map +1 -0
- package/packages/core/dist/presentation/presentationFormat.js +58 -0
- package/packages/core/dist/presentation/presentationFormat.js.map +1 -0
- package/packages/core/dist/presentation/renderCard.d.ts +37 -0
- package/packages/core/dist/presentation/renderCard.d.ts.map +1 -0
- package/packages/core/dist/presentation/renderCard.js +129 -0
- package/packages/core/dist/presentation/renderCard.js.map +1 -0
- package/packages/core/dist/presentation/scoring.d.ts +10 -0
- package/packages/core/dist/presentation/scoring.d.ts.map +1 -0
- package/packages/core/dist/presentation/scoring.js +82 -0
- package/packages/core/dist/presentation/scoring.js.map +1 -0
- package/packages/core/dist/presentation/selectPlan.d.ts +4 -0
- package/packages/core/dist/presentation/selectPlan.d.ts.map +1 -0
- package/packages/core/dist/presentation/selectPlan.js +122 -0
- package/packages/core/dist/presentation/selectPlan.js.map +1 -0
- package/packages/core/dist/presentation/selectShowcasePlan.d.ts +3 -0
- package/packages/core/dist/presentation/selectShowcasePlan.d.ts.map +1 -0
- package/packages/core/dist/presentation/selectShowcasePlan.js +6 -0
- package/packages/core/dist/presentation/selectShowcasePlan.js.map +1 -0
- package/packages/core/dist/presentation/selectWalkthroughPlan.d.ts +3 -0
- package/packages/core/dist/presentation/selectWalkthroughPlan.d.ts.map +1 -0
- package/packages/core/dist/presentation/selectWalkthroughPlan.js +6 -0
- package/packages/core/dist/presentation/selectWalkthroughPlan.js.map +1 -0
- package/packages/core/dist/presentation/selection.d.ts +7 -0
- package/packages/core/dist/presentation/selection.d.ts.map +1 -0
- package/packages/core/dist/presentation/selection.js +20 -0
- package/packages/core/dist/presentation/selection.js.map +1 -0
- package/packages/core/dist/presentation/snapshot.d.ts +12 -0
- package/packages/core/dist/presentation/snapshot.d.ts.map +1 -0
- package/packages/core/dist/presentation/snapshot.js +53 -0
- package/packages/core/dist/presentation/snapshot.js.map +1 -0
- package/packages/core/dist/presentation/types.d.ts +172 -0
- package/packages/core/dist/presentation/types.d.ts.map +1 -0
- package/packages/core/dist/presentation/types.js +2 -0
- package/packages/core/dist/presentation/types.js.map +1 -0
- package/packages/core/dist/redact.d.ts +11 -0
- package/packages/core/dist/redact.d.ts.map +1 -0
- package/packages/core/dist/redact.js +17 -0
- package/packages/core/dist/redact.js.map +1 -0
- package/packages/core/dist/roots.d.ts +81 -0
- package/packages/core/dist/roots.d.ts.map +1 -0
- package/packages/core/dist/roots.js +220 -0
- package/packages/core/dist/roots.js.map +1 -0
- package/packages/core/dist/schema/cliResult.d.ts +34 -0
- package/packages/core/dist/schema/cliResult.d.ts.map +1 -0
- package/packages/core/dist/schema/cliResult.js +35 -0
- package/packages/core/dist/schema/cliResult.js.map +1 -0
- package/packages/core/dist/schema/diagnostic.d.ts +26 -0
- package/packages/core/dist/schema/diagnostic.d.ts.map +1 -0
- package/packages/core/dist/schema/diagnostic.js +28 -0
- package/packages/core/dist/schema/diagnostic.js.map +1 -0
- package/packages/core/dist/schema/index.d.ts +8 -0
- package/packages/core/dist/schema/index.d.ts.map +1 -0
- package/packages/core/dist/schema/index.js +9 -0
- package/packages/core/dist/schema/index.js.map +1 -0
- package/packages/core/dist/schema/registry.d.ts +15 -0
- package/packages/core/dist/schema/registry.d.ts.map +1 -0
- package/packages/core/dist/schema/registry.js +206 -0
- package/packages/core/dist/schema/registry.js.map +1 -0
- package/packages/core/dist/schema/syntheticContracts.d.ts +3 -0
- package/packages/core/dist/schema/syntheticContracts.d.ts.map +1 -0
- package/packages/core/dist/schema/syntheticContracts.js +342 -0
- package/packages/core/dist/schema/syntheticContracts.js.map +1 -0
- package/packages/core/dist/schema/validate.d.ts +21 -0
- package/packages/core/dist/schema/validate.d.ts.map +1 -0
- package/packages/core/dist/schema/validate.js +210 -0
- package/packages/core/dist/schema/validate.js.map +1 -0
- package/packages/core/dist/schemas/v1/authority.schema.json +70 -0
- package/packages/core/dist/schemas/v1/cli-result.schema.json +30 -0
- package/packages/core/dist/schemas/v1/common.schema.json +274 -0
- package/packages/core/dist/schemas/v1/demo-capsule.schema.json +78 -0
- package/packages/core/dist/schemas/v1/evidence-append-result.schema.json +14 -0
- package/packages/core/dist/schemas/v1/evidence-event.schema.json +181 -0
- package/packages/core/dist/schemas/v1/evidence-status-result.schema.json +68 -0
- package/packages/core/dist/schemas/v1/host-profile.schema.json +94 -0
- package/packages/core/dist/schemas/v1/host-status-result.schema.json +49 -0
- package/packages/core/dist/schemas/v1/keyring.schema.json +77 -0
- package/packages/core/dist/schemas/v1/ledger.schema.json +99 -0
- package/packages/core/dist/schemas/v1/marker.schema.json +84 -0
- package/packages/core/dist/schemas/v1/matrix-list-result.schema.json +67 -0
- package/packages/core/dist/schemas/v1/matrix-mutation-result.schema.json +49 -0
- package/packages/core/dist/schemas/v1/matrix-validation-result.schema.json +77 -0
- package/packages/core/dist/schemas/v1/mcp-tool-results.schema.json +34 -0
- package/packages/core/dist/schemas/v1/migration-test-matrix-result.schema.json +76 -0
- package/packages/core/dist/schemas/v1/presentation-plan-result.schema.json +62 -0
- package/packages/core/dist/schemas/v1/presentation-plan.schema.json +259 -0
- package/packages/core/dist/schemas/v1/release-gate-result.schema.json +136 -0
- package/packages/core/dist/schemas/v1/showcase-approval-result.schema.json +5 -0
- package/packages/core/dist/schemas/v1/showcase-event-append-result.schema.json +17 -0
- package/packages/core/dist/schemas/v1/showcase-event.schema.json +235 -0
- package/packages/core/dist/schemas/v1/showcase-finish-result.schema.json +5 -0
- package/packages/core/dist/schemas/v1/showcase-run-status-result.schema.json +70 -0
- package/packages/core/dist/schemas/v1/showcase-start-result.schema.json +5 -0
- package/packages/core/dist/schemas/v1/use-case-file.schema.json +178 -0
- package/packages/core/dist/schemas/v1/workflow-mode.schema.json +16 -0
- package/packages/core/dist/schemas/v1/workspace-config.schema.json +58 -0
- package/packages/core/dist/showcase/appendShowcaseEvent.d.ts +116 -0
- package/packages/core/dist/showcase/appendShowcaseEvent.d.ts.map +1 -0
- package/packages/core/dist/showcase/appendShowcaseEvent.js +353 -0
- package/packages/core/dist/showcase/appendShowcaseEvent.js.map +1 -0
- package/packages/core/dist/showcase/approval.d.ts +2 -0
- package/packages/core/dist/showcase/approval.d.ts.map +1 -0
- package/packages/core/dist/showcase/approval.js +2 -0
- package/packages/core/dist/showcase/approval.js.map +1 -0
- package/packages/core/dist/showcase/approvalAuthority.d.ts +19 -0
- package/packages/core/dist/showcase/approvalAuthority.d.ts.map +1 -0
- package/packages/core/dist/showcase/approvalAuthority.js +46 -0
- package/packages/core/dist/showcase/approvalAuthority.js.map +1 -0
- package/packages/core/dist/showcase/index.d.ts +11 -0
- package/packages/core/dist/showcase/index.d.ts.map +1 -0
- package/packages/core/dist/showcase/index.js +11 -0
- package/packages/core/dist/showcase/index.js.map +1 -0
- package/packages/core/dist/showcase/jsonlLedger.d.ts +11 -0
- package/packages/core/dist/showcase/jsonlLedger.d.ts.map +1 -0
- package/packages/core/dist/showcase/jsonlLedger.js +50 -0
- package/packages/core/dist/showcase/jsonlLedger.js.map +1 -0
- package/packages/core/dist/showcase/planBinding.d.ts +5 -0
- package/packages/core/dist/showcase/planBinding.d.ts.map +1 -0
- package/packages/core/dist/showcase/planBinding.js +33 -0
- package/packages/core/dist/showcase/planBinding.js.map +1 -0
- package/packages/core/dist/showcase/replayRun.d.ts +5 -0
- package/packages/core/dist/showcase/replayRun.d.ts.map +1 -0
- package/packages/core/dist/showcase/replayRun.js +199 -0
- package/packages/core/dist/showcase/replayRun.js.map +1 -0
- package/packages/core/dist/showcase/results.d.ts +3 -0
- package/packages/core/dist/showcase/results.d.ts.map +1 -0
- package/packages/core/dist/showcase/results.js +4 -0
- package/packages/core/dist/showcase/results.js.map +1 -0
- package/packages/core/dist/showcase/revisionEpochs.d.ts +2 -0
- package/packages/core/dist/showcase/revisionEpochs.d.ts.map +1 -0
- package/packages/core/dist/showcase/revisionEpochs.js +2 -0
- package/packages/core/dist/showcase/revisionEpochs.js.map +1 -0
- package/packages/core/dist/showcase/startRun.d.ts +2 -0
- package/packages/core/dist/showcase/startRun.d.ts.map +1 -0
- package/packages/core/dist/showcase/startRun.js +2 -0
- package/packages/core/dist/showcase/startRun.js.map +1 -0
- package/packages/core/dist/showcase/types.d.ts +66 -0
- package/packages/core/dist/showcase/types.d.ts.map +1 -0
- package/packages/core/dist/showcase/types.js +2 -0
- package/packages/core/dist/showcase/types.js.map +1 -0
- package/packages/core/dist/skills/canonicalSkills.d.ts +3 -0
- package/packages/core/dist/skills/canonicalSkills.d.ts.map +1 -0
- package/packages/core/dist/skills/canonicalSkills.js +7 -0
- package/packages/core/dist/skills/canonicalSkills.js.map +1 -0
- package/packages/core/dist/skills/index.d.ts +4 -0
- package/packages/core/dist/skills/index.d.ts.map +1 -0
- package/packages/core/dist/skills/index.js +4 -0
- package/packages/core/dist/skills/index.js.map +1 -0
- package/packages/core/dist/skills/types.d.ts +26 -0
- package/packages/core/dist/skills/types.d.ts.map +1 -0
- package/packages/core/dist/skills/types.js +2 -0
- package/packages/core/dist/skills/types.js.map +1 -0
- package/packages/core/dist/skills/validateSkillAssets.d.ts +6 -0
- package/packages/core/dist/skills/validateSkillAssets.d.ts.map +1 -0
- package/packages/core/dist/skills/validateSkillAssets.js +218 -0
- package/packages/core/dist/skills/validateSkillAssets.js.map +1 -0
- package/packages/core/dist/useCases/integrity.d.ts +11 -0
- package/packages/core/dist/useCases/integrity.d.ts.map +1 -0
- package/packages/core/dist/useCases/integrity.js +178 -0
- package/packages/core/dist/useCases/integrity.js.map +1 -0
- package/packages/core/dist/useCases/loadUseCaseMatrix.d.ts +7 -0
- package/packages/core/dist/useCases/loadUseCaseMatrix.d.ts.map +1 -0
- package/packages/core/dist/useCases/loadUseCaseMatrix.js +74 -0
- package/packages/core/dist/useCases/loadUseCaseMatrix.js.map +1 -0
- package/packages/core/dist/useCases/mutateUseCaseMatrix.d.ts +25 -0
- package/packages/core/dist/useCases/mutateUseCaseMatrix.d.ts.map +1 -0
- package/packages/core/dist/useCases/mutateUseCaseMatrix.js +198 -0
- package/packages/core/dist/useCases/mutateUseCaseMatrix.js.map +1 -0
- package/packages/core/dist/useCases/query.d.ts +12 -0
- package/packages/core/dist/useCases/query.d.ts.map +1 -0
- package/packages/core/dist/useCases/query.js +47 -0
- package/packages/core/dist/useCases/query.js.map +1 -0
- package/packages/core/dist/useCases/types.d.ts +149 -0
- package/packages/core/dist/useCases/types.d.ts.map +1 -0
- package/packages/core/dist/useCases/types.js +2 -0
- package/packages/core/dist/useCases/types.js.map +1 -0
- package/packages/core/dist/useCases/validateUseCaseFile.d.ts +9 -0
- package/packages/core/dist/useCases/validateUseCaseFile.d.ts.map +1 -0
- package/packages/core/dist/useCases/validateUseCaseFile.js +107 -0
- package/packages/core/dist/useCases/validateUseCaseFile.js.map +1 -0
- package/packages/core/dist/version.d.ts +9 -0
- package/packages/core/dist/version.d.ts.map +1 -0
- package/packages/core/dist/version.js +17 -0
- package/packages/core/dist/version.js.map +1 -0
- package/packages/core/package.json +39 -0
- package/packages/mcp/README.md +48 -0
- package/packages/mcp/dist/index.d.ts +20 -0
- package/packages/mcp/dist/index.d.ts.map +1 -0
- package/packages/mcp/dist/index.js +180 -0
- package/packages/mcp/dist/index.js.map +1 -0
- package/packages/mcp/dist/prompts.d.ts +32 -0
- package/packages/mcp/dist/prompts.d.ts.map +1 -0
- package/packages/mcp/dist/prompts.js +199 -0
- package/packages/mcp/dist/prompts.js.map +1 -0
- package/packages/mcp/dist/resources.d.ts +22 -0
- package/packages/mcp/dist/resources.d.ts.map +1 -0
- package/packages/mcp/dist/resources.js +342 -0
- package/packages/mcp/dist/resources.js.map +1 -0
- package/packages/mcp/dist/toolHandlers.d.ts +28 -0
- package/packages/mcp/dist/toolHandlers.d.ts.map +1 -0
- package/packages/mcp/dist/toolHandlers.js +592 -0
- package/packages/mcp/dist/toolHandlers.js.map +1 -0
- package/packages/mcp/dist/toolSchemas.d.ts +23 -0
- package/packages/mcp/dist/toolSchemas.d.ts.map +1 -0
- package/packages/mcp/dist/toolSchemas.js +223 -0
- package/packages/mcp/dist/toolSchemas.js.map +1 -0
- package/packages/mcp/dist/tools.d.ts +22 -0
- package/packages/mcp/dist/tools.d.ts.map +1 -0
- package/packages/mcp/dist/tools.js +65 -0
- package/packages/mcp/dist/tools.js.map +1 -0
- package/packages/mcp/package.json +38 -0
- package/plugin.json +6 -0
- package/schemas/v1/authority.schema.json +70 -0
- package/schemas/v1/cli-result.schema.json +30 -0
- package/schemas/v1/common.schema.json +274 -0
- package/schemas/v1/demo-capsule.schema.json +78 -0
- package/schemas/v1/evidence-append-result.schema.json +14 -0
- package/schemas/v1/evidence-event.schema.json +181 -0
- package/schemas/v1/evidence-status-result.schema.json +68 -0
- package/schemas/v1/host-profile.schema.json +94 -0
- package/schemas/v1/host-status-result.schema.json +49 -0
- package/schemas/v1/keyring.schema.json +77 -0
- package/schemas/v1/ledger.schema.json +99 -0
- package/schemas/v1/marker.schema.json +84 -0
- package/schemas/v1/matrix-list-result.schema.json +67 -0
- package/schemas/v1/matrix-mutation-result.schema.json +49 -0
- package/schemas/v1/matrix-validation-result.schema.json +77 -0
- package/schemas/v1/mcp-tool-results.schema.json +34 -0
- package/schemas/v1/migration-test-matrix-result.schema.json +76 -0
- package/schemas/v1/presentation-plan-result.schema.json +62 -0
- package/schemas/v1/presentation-plan.schema.json +259 -0
- package/schemas/v1/release-gate-result.schema.json +136 -0
- package/schemas/v1/showcase-approval-result.schema.json +5 -0
- package/schemas/v1/showcase-event-append-result.schema.json +17 -0
- package/schemas/v1/showcase-event.schema.json +235 -0
- package/schemas/v1/showcase-finish-result.schema.json +5 -0
- package/schemas/v1/showcase-run-status-result.schema.json +70 -0
- package/schemas/v1/showcase-start-result.schema.json +5 -0
- package/schemas/v1/use-case-file.schema.json +178 -0
- package/schemas/v1/workflow-mode.schema.json +16 -0
- package/schemas/v1/workspace-config.schema.json +58 -0
- package/use-cases/capsule/demos.yml +212 -0
- package/use-cases/capsule/runner.yml +49 -0
- package/use-cases/diagnostics/contracts.yml +239 -0
- package/use-cases/evidence/core.yml +32 -0
- package/use-cases/evidence/ledger.yml +330 -0
- package/use-cases/hosts/profiles.yml +365 -0
- package/use-cases/hosts/projections.yml +96 -0
- package/use-cases/lifecycle/loop.yml +229 -0
- package/use-cases/matrix/core.yml +92 -0
- package/use-cases/matrix/product.yml +289 -0
- package/use-cases/mcp/surface.yml +257 -0
- package/use-cases/mcp/wrapper.yml +100 -0
- package/use-cases/migration/importer.yml +171 -0
- package/use-cases/migration/test-matrix.yml +32 -0
- package/use-cases/planning/cards.yml +215 -0
- package/use-cases/release/package.yml +80 -0
- package/use-cases/release/proof.yml +180 -0
- package/use-cases/roadmap/deferred.yml +184 -0
- package/use-cases/showcase/flow.yml +269 -0
- package/use-cases/showcase/live.yml +44 -0
- package/use-cases/skills/assets.yml +92 -0
- package/use-cases.yml +9 -0
|
@@ -0,0 +1,245 @@
|
|
|
1
|
+
// `verify` command core (Phase: verifiers/markers v2).
|
|
2
|
+
//
|
|
3
|
+
// Runs a row's resolved verifier(s) and records the result — WITHOUT any signing
|
|
4
|
+
// key. Unlike `prove`, verify never signs or appends to the trusted evidence
|
|
5
|
+
// ledger; it produces an unsigned `ucase-verification-result-v1` results ledger.
|
|
6
|
+
// The actual verifier process is run through an INJECTED spawn runner (default =
|
|
7
|
+
// node:child_process spawnSync in the repo cwd), so tests inject a fake and never
|
|
8
|
+
// shell out.
|
|
9
|
+
//
|
|
10
|
+
// For each targeted (bound) row it recomputes the same hashes prove/scan do — row
|
|
11
|
+
// hash, binding-set hash, per-binding span hashes, and the verification context
|
|
12
|
+
// hash — so a verify result and a proof for the same row agree byte-for-byte. A
|
|
13
|
+
// row whose verifier cannot be resolved is recorded as `blocked` (never crashes).
|
|
14
|
+
import { spawnSync } from "node:child_process";
|
|
15
|
+
import { sha256 } from "../canonicalJson.js";
|
|
16
|
+
import { computeRowHash } from "../rowHash.js";
|
|
17
|
+
import { computeBindingSetHash } from "../bindingSetHash.js";
|
|
18
|
+
import { computeRowVerificationContextHash } from "../verificationContextHash.js";
|
|
19
|
+
import { resolveRowVerifiers } from "../verifierResolver.js";
|
|
20
|
+
import { nodeMarkerFs } from "./io.js";
|
|
21
|
+
import { prepareScan } from "./scan.js";
|
|
22
|
+
import { registeredBindingsForRow } from "./shared.js";
|
|
23
|
+
// The schema id of one unsigned verification result line.
|
|
24
|
+
export const VERIFICATION_RESULT_SCHEMA_ID = "ucase-verification-result-v1";
|
|
25
|
+
function fail(partial) {
|
|
26
|
+
return {
|
|
27
|
+
command: "verify",
|
|
28
|
+
ok: partial.exit_code === 0,
|
|
29
|
+
results: partial.results ?? [],
|
|
30
|
+
out_path: partial.out_path ?? null,
|
|
31
|
+
errors: partial.errors ?? [],
|
|
32
|
+
...partial
|
|
33
|
+
};
|
|
34
|
+
}
|
|
35
|
+
// Default runner: a real subprocess in the repo cwd. NEVER invoked by tests
|
|
36
|
+
// (they inject a fake), so it is deterministic-by-omission here.
|
|
37
|
+
function nodeSpawnRunner(request) {
|
|
38
|
+
const [command, ...args] = request.command;
|
|
39
|
+
const outcome = spawnSync(command, args, {
|
|
40
|
+
cwd: request.cwd,
|
|
41
|
+
encoding: "utf8",
|
|
42
|
+
timeout: request.timeout_seconds !== undefined ? request.timeout_seconds * 1000 : undefined
|
|
43
|
+
});
|
|
44
|
+
const timedOut = outcome.error !== undefined &&
|
|
45
|
+
outcome.error.code === "ETIMEDOUT";
|
|
46
|
+
const exitCode = typeof outcome.status === "number" ? outcome.status : timedOut ? 124 : 1;
|
|
47
|
+
return {
|
|
48
|
+
exit_code: exitCode,
|
|
49
|
+
timed_out: timedOut,
|
|
50
|
+
stdout: outcome.stdout ?? "",
|
|
51
|
+
stderr: outcome.stderr ?? ""
|
|
52
|
+
};
|
|
53
|
+
}
|
|
54
|
+
export function runVerifyCommand(options) {
|
|
55
|
+
const fs = options.fs ?? nodeMarkerFs;
|
|
56
|
+
const spawn = options.spawnRunner ?? nodeSpawnRunner;
|
|
57
|
+
const contextRoot = options.repoCwd ?? options.productRoot;
|
|
58
|
+
if (!options.all && !options.rowId) {
|
|
59
|
+
return fail({
|
|
60
|
+
exit_code: 2,
|
|
61
|
+
errors: [{ code: "NO_TARGET", message: "verify requires --all or --row <slug>" }]
|
|
62
|
+
});
|
|
63
|
+
}
|
|
64
|
+
// Run scan first (same pipeline prove uses).
|
|
65
|
+
const prepared = prepareScan({
|
|
66
|
+
context: options.context,
|
|
67
|
+
productRoot: options.productRoot,
|
|
68
|
+
bindingsPath: options.bindingsPath,
|
|
69
|
+
evidencePath: options.evidencePath,
|
|
70
|
+
policyMode: "feature",
|
|
71
|
+
publicKeyResolver: options.publicKeyResolver,
|
|
72
|
+
generatedAt: options.generatedAt,
|
|
73
|
+
fs,
|
|
74
|
+
commentConfig: options.commentConfig,
|
|
75
|
+
baseRef: options.baseRef,
|
|
76
|
+
gitRunner: options.gitRunner,
|
|
77
|
+
repoCwd: options.repoCwd
|
|
78
|
+
});
|
|
79
|
+
if (prepared.registryErrors.length > 0 || prepared.evidenceErrors.length > 0) {
|
|
80
|
+
// Surface the ACTUAL integrity failures instead of only the opaque top-level
|
|
81
|
+
// code — the most common one is a signed proof whose key the caller did not
|
|
82
|
+
// supply, which reads as UNKNOWN_KEY_ID / SIGNATURE_MISSING. Without this the
|
|
83
|
+
// user sees "LEDGER_INVALID" with no clue that `--public-key` is the fix.
|
|
84
|
+
const detail = [
|
|
85
|
+
...prepared.registryErrors.map((error) => ({
|
|
86
|
+
code: error.code,
|
|
87
|
+
message: error.line == null ? error.message : `line ${error.line}: ${error.message}`
|
|
88
|
+
})),
|
|
89
|
+
...prepared.evidenceErrors.map((error) => ({
|
|
90
|
+
code: error.code,
|
|
91
|
+
message: error.line == null ? error.message : `line ${error.line}: ${error.message}`
|
|
92
|
+
}))
|
|
93
|
+
];
|
|
94
|
+
const keyResolutionFailed = prepared.evidenceErrors.some((error) => error.code === "UNKNOWN_KEY_ID" || error.code === "SIGNATURE_MISSING");
|
|
95
|
+
const hint = keyResolutionFailed
|
|
96
|
+
? [
|
|
97
|
+
{
|
|
98
|
+
code: "HINT",
|
|
99
|
+
message: "a signed proof could not be verified — pass the trusted public key with " +
|
|
100
|
+
"`--public-key <path>` (or `--keyring <path>`); without it signed proofs cannot be checked."
|
|
101
|
+
}
|
|
102
|
+
]
|
|
103
|
+
: [];
|
|
104
|
+
return fail({
|
|
105
|
+
exit_code: 4,
|
|
106
|
+
errors: [
|
|
107
|
+
{ code: "LEDGER_INVALID", message: "registry or evidence ledger failed validation" },
|
|
108
|
+
...detail,
|
|
109
|
+
...hint
|
|
110
|
+
]
|
|
111
|
+
});
|
|
112
|
+
}
|
|
113
|
+
// Resolve target rows. A target is a BOUND row (status !== UNBOUND); an explicit
|
|
114
|
+
// --row that does not exist is a hard error.
|
|
115
|
+
let targetRowIds;
|
|
116
|
+
if (options.rowId) {
|
|
117
|
+
const statusRow = prepared.status.rows.find((row) => row.row_id === options.rowId);
|
|
118
|
+
const loadedRow = prepared.loaded.rows.find((row) => row.row_id === options.rowId);
|
|
119
|
+
if (!statusRow || !loadedRow) {
|
|
120
|
+
return fail({
|
|
121
|
+
exit_code: 2,
|
|
122
|
+
errors: [{ code: "ROW_NOT_FOUND", message: `row ${options.rowId} is not a known use-case row` }]
|
|
123
|
+
});
|
|
124
|
+
}
|
|
125
|
+
// UNBOUND is not a target (consistent with scan): nothing to verify.
|
|
126
|
+
targetRowIds = statusRow.status === "UNBOUND" ? [] : [options.rowId];
|
|
127
|
+
}
|
|
128
|
+
else {
|
|
129
|
+
targetRowIds = prepared.status.rows
|
|
130
|
+
.filter((row) => row.status !== "UNBOUND")
|
|
131
|
+
.map((row) => row.row_id)
|
|
132
|
+
.sort((left, right) => (left < right ? -1 : left > right ? 1 : 0));
|
|
133
|
+
}
|
|
134
|
+
const results = [];
|
|
135
|
+
for (const rowId of targetRowIds) {
|
|
136
|
+
const statusRow = prepared.status.rows.find((row) => row.row_id === rowId);
|
|
137
|
+
const loadedRow = prepared.loaded.rows.find((row) => row.row_id === rowId);
|
|
138
|
+
if (!statusRow || !loadedRow) {
|
|
139
|
+
continue;
|
|
140
|
+
}
|
|
141
|
+
const registeredSlugs = new Set(statusRow.known_binding_slugs);
|
|
142
|
+
const bindings = registeredBindingsForRow(prepared.scan.bindings, rowId, registeredSlugs);
|
|
143
|
+
const rowHash = computeRowHash(loadedRow);
|
|
144
|
+
const bindingSetHash = computeBindingSetHash(rowId, bindings.map((binding) => ({
|
|
145
|
+
binding_slug: binding.binding_slug,
|
|
146
|
+
row_id: binding.row_id,
|
|
147
|
+
file_path: binding.file_path,
|
|
148
|
+
extent_kind: binding.extent_kind,
|
|
149
|
+
recognizer_id: binding.recognizer_id,
|
|
150
|
+
span_canon_id: binding.span_canon_id,
|
|
151
|
+
span_sha256: binding.span.sha256
|
|
152
|
+
})));
|
|
153
|
+
const spanHashes = bindings
|
|
154
|
+
.map((binding) => binding.span.sha256)
|
|
155
|
+
.sort((left, right) => (left < right ? -1 : left > right ? 1 : 0));
|
|
156
|
+
const contextHash = computeRowVerificationContextHash({
|
|
157
|
+
slug: rowId,
|
|
158
|
+
verificationPolicy: loadedRow.verification_policy,
|
|
159
|
+
rootDir: contextRoot,
|
|
160
|
+
fs,
|
|
161
|
+
workspaceVerifiers: options.context.verifiers
|
|
162
|
+
});
|
|
163
|
+
const base = {
|
|
164
|
+
schema: VERIFICATION_RESULT_SCHEMA_ID,
|
|
165
|
+
row_id: rowId,
|
|
166
|
+
slug: rowId,
|
|
167
|
+
row_hash: rowHash,
|
|
168
|
+
binding_set_hash: bindingSetHash,
|
|
169
|
+
span_sha256s: spanHashes,
|
|
170
|
+
verification_context_hash: contextHash,
|
|
171
|
+
created_at: options.generatedAt
|
|
172
|
+
};
|
|
173
|
+
// An INVALID row (binding integrity errors) cannot be verified -> fail.
|
|
174
|
+
if (statusRow.status === "INVALID") {
|
|
175
|
+
results.push({
|
|
176
|
+
...base,
|
|
177
|
+
status: "fail",
|
|
178
|
+
evidence_kind: null,
|
|
179
|
+
verifier_id: null,
|
|
180
|
+
verifier_kind: null,
|
|
181
|
+
exit_code: null,
|
|
182
|
+
stdout_sha256: null,
|
|
183
|
+
stderr_sha256: null
|
|
184
|
+
});
|
|
185
|
+
continue;
|
|
186
|
+
}
|
|
187
|
+
// Same workspace verifiers prove/scan use, so the verifier this RUNS is the
|
|
188
|
+
// one the embedded + recomputed context hashes are derived from.
|
|
189
|
+
const verifiers = resolveRowVerifiers({ slug: rowId, verification_policy: loadedRow.verification_policy }, options.context.verifiers);
|
|
190
|
+
// A bound row that demands NO verifier (e.g. mode:none) can't be certified by
|
|
191
|
+
// verify -> blocked (recorded, surfaced, never crashes).
|
|
192
|
+
const blocked = verifiers.find((verifier) => verifier.status === "blocked");
|
|
193
|
+
if (verifiers.length === 0 || blocked) {
|
|
194
|
+
results.push({
|
|
195
|
+
...base,
|
|
196
|
+
status: "blocked",
|
|
197
|
+
evidence_kind: null,
|
|
198
|
+
verifier_id: blocked ? blocked.verifier_id : null,
|
|
199
|
+
verifier_kind: null,
|
|
200
|
+
exit_code: null,
|
|
201
|
+
stdout_sha256: null,
|
|
202
|
+
stderr_sha256: null
|
|
203
|
+
});
|
|
204
|
+
continue;
|
|
205
|
+
}
|
|
206
|
+
// Every verifier resolved: run each, aggregate to a pass/fail row verdict.
|
|
207
|
+
const resolved = verifiers;
|
|
208
|
+
const runs = resolved.map((verifier) => ({
|
|
209
|
+
verifier,
|
|
210
|
+
outcome: spawn({
|
|
211
|
+
command: verifier.command,
|
|
212
|
+
cwd: contextRoot,
|
|
213
|
+
timeout_seconds: verifier.timeout_seconds
|
|
214
|
+
})
|
|
215
|
+
}));
|
|
216
|
+
const firstFailure = runs.find((run) => run.outcome.exit_code !== 0 || run.outcome.timed_out);
|
|
217
|
+
const decisive = firstFailure ?? runs[0];
|
|
218
|
+
results.push({
|
|
219
|
+
...base,
|
|
220
|
+
status: firstFailure ? "fail" : "pass",
|
|
221
|
+
evidence_kind: decisive.verifier.evidence_kind,
|
|
222
|
+
verifier_id: decisive.verifier.verifier_id,
|
|
223
|
+
verifier_kind: decisive.verifier.kind,
|
|
224
|
+
exit_code: decisive.outcome.exit_code,
|
|
225
|
+
stdout_sha256: sha256(decisive.outcome.stdout),
|
|
226
|
+
stderr_sha256: sha256(decisive.outcome.stderr)
|
|
227
|
+
});
|
|
228
|
+
}
|
|
229
|
+
// Write the results ledger (one JSONL line per row) if requested. This is an
|
|
230
|
+
// unsigned per-run snapshot — NOT the append-only trusted evidence ledger.
|
|
231
|
+
let outPath = null;
|
|
232
|
+
if (options.outPath) {
|
|
233
|
+
const body = results.map((record) => JSON.stringify(record)).join("\n");
|
|
234
|
+
fs.writeText(options.outPath, body === "" ? "" : `${body}\n`);
|
|
235
|
+
outPath = options.outPath;
|
|
236
|
+
}
|
|
237
|
+
// Exit 0 only if every targeted row passed; any fail/blocked is nonzero.
|
|
238
|
+
const allPass = results.every((record) => record.status === "pass");
|
|
239
|
+
return fail({
|
|
240
|
+
exit_code: allPass ? 0 : 1,
|
|
241
|
+
results,
|
|
242
|
+
out_path: outPath
|
|
243
|
+
});
|
|
244
|
+
}
|
|
245
|
+
//# sourceMappingURL=verify.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verify.js","sourceRoot":"","sources":["../../../src/markers/cli/verify.ts"],"names":[],"mappings":"AAAA,uDAAuD;AACvD,EAAE;AACF,iFAAiF;AACjF,6EAA6E;AAC7E,iFAAiF;AACjF,iFAAiF;AACjF,kFAAkF;AAClF,aAAa;AACb,EAAE;AACF,kFAAkF;AAClF,gFAAgF;AAChF,gFAAgF;AAChF,kFAAkF;AAClF,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAG/C,OAAO,EAAE,MAAM,EAAE,MAAM,qBAAqB,CAAC;AAC7C,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,OAAO,EAAE,iCAAiC,EAAE,MAAM,+BAA+B,CAAC;AAClF,OAAO,EAAE,mBAAmB,EAAyB,MAAM,wBAAwB,CAAC;AAIpF,OAAO,EAAE,YAAY,EAAiB,MAAM,SAAS,CAAC;AACtD,OAAO,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AACxC,OAAO,EAAE,wBAAwB,EAAE,MAAM,aAAa,CAAC;AAEvD,0DAA0D;AAC1D,MAAM,CAAC,MAAM,6BAA6B,GAAG,8BAA8B,CAAC;AAwE5E,SAAS,IAAI,CACX,OAA6D;IAE7D,OAAO;QACL,OAAO,EAAE,QAAQ;QACjB,EAAE,EAAE,OAAO,CAAC,SAAS,KAAK,CAAC;QAC3B,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,EAAE;QAC9B,QAAQ,EAAE,OAAO,CAAC,QAAQ,IAAI,IAAI;QAClC,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE;QAC5B,GAAG,OAAO;KACX,CAAC;AACJ,CAAC;AAED,4EAA4E;AAC5E,iEAAiE;AACjE,SAAS,eAAe,CAAC,OAA2B;IAClD,MAAM,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC;IAC3C,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE;QACvC,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,QAAQ,EAAE,MAAM;QAChB,OAAO,EAAE,OAAO,CAAC,eAAe,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,eAAe,GAAG,IAAI,CAAC,CAAC,CAAC,SAAS;KAC5F,CAAC,CAAC;IACH,MAAM,QAAQ,GACZ,OAAO,CAAC,KAAK,KAAK,SAAS;QAC1B,OAAO,CAAC,KAA2B,CAAC,IAAI,KAAK,WAAW,CAAC;IAC5D,MAAM,QAAQ,GACZ,OAAO,OAAO,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3E,OAAO;QACL,SAAS,EAAE,QAAQ;QACnB,SAAS,EAAE,QAAQ;QACnB,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE;QAC5B,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,EAAE;KAC7B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,OAA6B;IAC5D,MAAM,EAAE,GAAG,OAAO,CAAC,EAAE,IAAI,YAAY,CAAC;IACtC,MAAM,KAAK,GAAG,OAAO,CAAC,WAAW,IAAI,eAAe,CAAC;IACrD,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,WAAW,CAAC;IAE3D,IAAI,CAAC,OAAO,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;QACnC,OAAO,IAAI,CAAC;YACV,SAAS,EAAE,CAAC;YACZ,MAAM,EAAE,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,uCAAuC,EAAE,CAAC;SAClF,CAAC,CAAC;IACL,CAAC;IAED,6CAA6C;IAC7C,MAAM,QAAQ,GAAG,WAAW,CAAC;QAC3B,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,UAAU,EAAE,SAAS;QACrB,iBAAiB,EAAE,OAAO,CAAC,iBAAiB;QAC5C,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,EAAE;QACF,aAAa,EAAE,OAAO,CAAC,aAAa;QACpC,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,OAAO,EAAE,OAAO,CAAC,OAAO;KACzB,CAAC,CAAC;IAEH,IAAI,QAAQ,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,IAAI,QAAQ,CAAC,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7E,6EAA6E;QAC7E,4EAA4E;QAC5E,8EAA8E;QAC9E,0EAA0E;QAC1E,MAAM,MAAM,GAAG;YACb,GAAG,QAAQ,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;gBACzC,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,OAAO,EAAE,KAAK,CAAC,IAAI,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,OAAO,EAAE;aACrF,CAAC,CAAC;YACH,GAAG,QAAQ,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;gBACzC,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,OAAO,EAAE,KAAK,CAAC,IAAI,IAAI,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,OAAO,EAAE;aACrF,CAAC,CAAC;SACJ,CAAC;QACF,MAAM,mBAAmB,GAAG,QAAQ,CAAC,cAAc,CAAC,IAAI,CACtD,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,gBAAgB,IAAI,KAAK,CAAC,IAAI,KAAK,mBAAmB,CACjF,CAAC;QACF,MAAM,IAAI,GAAG,mBAAmB;YAC9B,CAAC,CAAC;gBACE;oBACE,IAAI,EAAE,MAAM;oBACZ,OAAO,EACL,0EAA0E;wBAC1E,4FAA4F;iBAC/F;aACF;YACH,CAAC,CAAC,EAAE,CAAC;QACP,OAAO,IAAI,CAAC;YACV,SAAS,EAAE,CAAC;YACZ,MAAM,EAAE;gBACN,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,+CAA+C,EAAE;gBACpF,GAAG,MAAM;gBACT,GAAG,IAAI;aACR;SACF,CAAC,CAAC;IACL,CAAC;IAED,iFAAiF;IACjF,6CAA6C;IAC7C,IAAI,YAAsB,CAAC;IAC3B,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,MAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,KAAK,OAAO,CAAC,KAAK,CAAC,CAAC;QACnF,MAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,KAAK,OAAO,CAAC,KAAK,CAAC,CAAC;QACnF,IAAI,CAAC,SAAS,IAAI,CAAC,SAAS,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAC;gBACV,SAAS,EAAE,CAAC;gBACZ,MAAM,EAAE,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,OAAO,EAAE,OAAO,OAAO,CAAC,KAAK,8BAA8B,EAAE,CAAC;aACjG,CAAC,CAAC;QACL,CAAC;QACD,qEAAqE;QACrE,YAAY,GAAG,SAAS,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IACvE,CAAC;SAAM,CAAC;QACN,YAAY,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI;aAChC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC;aACzC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC;aACxB,IAAI,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvE,CAAC;IAED,MAAM,OAAO,GAA+B,EAAE,CAAC;IAC/C,KAAK,MAAM,KAAK,IAAI,YAAY,EAAE,CAAC;QACjC,MAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,KAAK,KAAK,CAAC,CAAC;QAC3E,MAAM,SAAS,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,MAAM,KAAK,KAAK,CAAC,CAAC;QAC3E,IAAI,CAAC,SAAS,IAAI,CAAC,SAAS,EAAE,CAAC;YAC7B,SAAS;QACX,CAAC;QAED,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC;QAC/D,MAAM,QAAQ,GAAG,wBAAwB,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,EAAE,eAAe,CAAC,CAAC;QAE1F,MAAM,OAAO,GAAG,cAAc,CAAC,SAAS,CAAC,CAAC;QAC1C,MAAM,cAAc,GAAG,qBAAqB,CAC1C,KAAK,EACL,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;YACzB,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,aAAa,EAAE,OAAO,CAAC,aAAa;YACpC,aAAa,EAAE,OAAO,CAAC,aAAa;YACpC,WAAW,EAAE,OAAO,CAAC,IAAI,CAAC,MAAM;SACjC,CAAC,CAAC,CACJ,CAAC;QACF,MAAM,UAAU,GAAG,QAAQ;aACxB,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC;aACrC,IAAI,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACrE,MAAM,WAAW,GAAG,iCAAiC,CAAC;YACpD,IAAI,EAAE,KAAK;YACX,kBAAkB,EAAE,SAAS,CAAC,mBAAmB;YACjD,OAAO,EAAE,WAAW;YACpB,EAAE;YACF,kBAAkB,EAAE,OAAO,CAAC,OAAO,CAAC,SAAS;SAC9C,CAAC,CAAC;QAEH,MAAM,IAAI,GAAG;YACX,MAAM,EAAE,6BAA6B;YACrC,MAAM,EAAE,KAAK;YACb,IAAI,EAAE,KAAK;YACX,QAAQ,EAAE,OAAO;YACjB,gBAAgB,EAAE,cAAc;YAChC,YAAY,EAAE,UAAU;YACxB,yBAAyB,EAAE,WAAW;YACtC,UAAU,EAAE,OAAO,CAAC,WAAW;SACvB,CAAC;QAEX,wEAAwE;QACxE,IAAI,SAAS,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YACnC,OAAO,CAAC,IAAI,CAAC;gBACX,GAAG,IAAI;gBACP,MAAM,EAAE,MAAM;gBACd,aAAa,EAAE,IAAI;gBACnB,WAAW,EAAE,IAAI;gBACjB,aAAa,EAAE,IAAI;gBACnB,SAAS,EAAE,IAAI;gBACf,aAAa,EAAE,IAAI;gBACnB,aAAa,EAAE,IAAI;aACpB,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QAED,4EAA4E;QAC5E,iEAAiE;QACjE,MAAM,SAAS,GAAG,mBAAmB,CACnC,EAAE,IAAI,EAAE,KAAK,EAAE,mBAAmB,EAAE,SAAS,CAAC,mBAAmB,EAAE,EACnE,OAAO,CAAC,OAAO,CAAC,SAAS,CAC1B,CAAC;QAEF,8EAA8E;QAC9E,yDAAyD;QACzD,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC;QAC5E,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,IAAI,OAAO,EAAE,CAAC;YACtC,OAAO,CAAC,IAAI,CAAC;gBACX,GAAG,IAAI;gBACP,MAAM,EAAE,SAAS;gBACjB,aAAa,EAAE,IAAI;gBACnB,WAAW,EAAE,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI;gBACjD,aAAa,EAAE,IAAI;gBACnB,SAAS,EAAE,IAAI;gBACf,aAAa,EAAE,IAAI;gBACnB,aAAa,EAAE,IAAI;aACpB,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QAED,2EAA2E;QAC3E,MAAM,QAAQ,GAAG,SAA+B,CAAC;QACjD,MAAM,IAAI,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YACvC,QAAQ;YACR,OAAO,EAAE,KAAK,CAAC;gBACb,OAAO,EAAE,QAAQ,CAAC,OAAO;gBACzB,GAAG,EAAE,WAAW;gBAChB,eAAe,EAAE,QAAQ,CAAC,eAAe;aAC1C,CAAC;SACH,CAAC,CAAC,CAAC;QACJ,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAC5B,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,KAAK,CAAC,IAAI,GAAG,CAAC,OAAO,CAAC,SAAS,CAC9D,CAAC;QACF,MAAM,QAAQ,GAAG,YAAY,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC;QAEzC,OAAO,CAAC,IAAI,CAAC;YACX,GAAG,IAAI;YACP,MAAM,EAAE,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM;YACtC,aAAa,EAAE,QAAQ,CAAC,QAAQ,CAAC,aAAa;YAC9C,WAAW,EAAE,QAAQ,CAAC,QAAQ,CAAC,WAAW;YAC1C,aAAa,EAAE,QAAQ,CAAC,QAAQ,CAAC,IAAI;YACrC,SAAS,EAAE,QAAQ,CAAC,OAAO,CAAC,SAAS;YACrC,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;YAC9C,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,6EAA6E;IAC7E,2EAA2E;IAC3E,IAAI,OAAO,GAAkB,IAAI,CAAC;IAClC,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACxE,EAAE,CAAC,SAAS,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC;QAC9D,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC;IAC5B,CAAC;IAED,yEAAyE;IACzE,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC;IACpE,OAAO,IAAI,CAAC;QACV,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1B,OAAO;QACP,QAAQ,EAAE,OAAO;KAClB,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
export interface CommentPrefixConfig {
|
|
2
|
+
extensions?: Record<string, string>;
|
|
3
|
+
}
|
|
4
|
+
export declare const DEFAULT_COMMENT_PREFIXES: Readonly<Record<string, string>>;
|
|
5
|
+
export declare function fileExtension(filePath: string): string;
|
|
6
|
+
export declare function resolveCommentPrefix(filePath: string, config?: CommentPrefixConfig, contents?: string): string | null;
|
|
7
|
+
//# sourceMappingURL=commentPrefix.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"commentPrefix.d.ts","sourceRoot":"","sources":["../../src/markers/commentPrefix.ts"],"names":[],"mappings":"AAOA,MAAM,WAAW,mBAAmB;IAGlC,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACrC;AAID,eAAO,MAAM,wBAAwB,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAkCpE,CAAC;AAIH,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAStD;AAUD,wBAAgB,oBAAoB,CAClC,QAAQ,EAAE,MAAM,EAChB,MAAM,CAAC,EAAE,mBAAmB,EAC5B,QAAQ,CAAC,EAAE,MAAM,GAChB,MAAM,GAAG,IAAI,CAcf"}
|
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
// Comment-prefix resolver (spec section 1.1, Amendment 1).
|
|
2
|
+
//
|
|
3
|
+
// The semantic marker is `<line-comment-prefix>: @use-case: <payload>`. The
|
|
4
|
+
// line-comment prefix is not universal (`//` is invalid in Python/YAML/shell),
|
|
5
|
+
// so it is resolved per file extension from a config-driven map. A default map
|
|
6
|
+
// covers the common `//` and `#` languages so explicit spans work out of the box.
|
|
7
|
+
// Default extension -> line-comment prefix map.
|
|
8
|
+
// Identity-only: this decides *how a marker comment is written*, nothing more.
|
|
9
|
+
export const DEFAULT_COMMENT_PREFIXES = Object.freeze({
|
|
10
|
+
// `//` languages.
|
|
11
|
+
".swift": "//",
|
|
12
|
+
".ts": "//",
|
|
13
|
+
".tsx": "//",
|
|
14
|
+
".js": "//",
|
|
15
|
+
".jsx": "//",
|
|
16
|
+
".mjs": "//",
|
|
17
|
+
".cjs": "//",
|
|
18
|
+
".c": "//",
|
|
19
|
+
".cc": "//",
|
|
20
|
+
".cpp": "//",
|
|
21
|
+
".cxx": "//",
|
|
22
|
+
".h": "//",
|
|
23
|
+
".hpp": "//",
|
|
24
|
+
".m": "//",
|
|
25
|
+
".mm": "//",
|
|
26
|
+
".java": "//",
|
|
27
|
+
".kt": "//",
|
|
28
|
+
".kts": "//",
|
|
29
|
+
".go": "//",
|
|
30
|
+
".rs": "//",
|
|
31
|
+
".scala": "//",
|
|
32
|
+
// `#` languages.
|
|
33
|
+
".py": "#",
|
|
34
|
+
".rb": "#",
|
|
35
|
+
".sh": "#",
|
|
36
|
+
".bash": "#",
|
|
37
|
+
".zsh": "#",
|
|
38
|
+
".yaml": "#",
|
|
39
|
+
".yml": "#",
|
|
40
|
+
".toml": "#",
|
|
41
|
+
".pl": "#",
|
|
42
|
+
".r": "#"
|
|
43
|
+
});
|
|
44
|
+
// Extract the lower-cased extension (including the leading dot) of a file path.
|
|
45
|
+
// Returns "" when the basename has no extension.
|
|
46
|
+
export function fileExtension(filePath) {
|
|
47
|
+
const slash = Math.max(filePath.lastIndexOf("/"), filePath.lastIndexOf("\\"));
|
|
48
|
+
const base = slash >= 0 ? filePath.slice(slash + 1) : filePath;
|
|
49
|
+
const dot = base.lastIndexOf(".");
|
|
50
|
+
if (dot <= 0) {
|
|
51
|
+
// No dot, or a leading-dot dotfile (e.g. ".gitignore") -> no extension.
|
|
52
|
+
return "";
|
|
53
|
+
}
|
|
54
|
+
return base.slice(dot).toLowerCase();
|
|
55
|
+
}
|
|
56
|
+
// Resolve the configured line-comment prefix for a file, or null when the
|
|
57
|
+
// extension is not configured (the file simply cannot carry markers).
|
|
58
|
+
//
|
|
59
|
+
// `contents` is optional. When a file has no extension it can still carry
|
|
60
|
+
// markers if it is a shebang script (e.g. an extensionless `hooks/session-start`
|
|
61
|
+
// bash hook): such scripts are overwhelmingly `#`-comment languages, so a
|
|
62
|
+
// leading `#!` resolves to `#`. Without contents an extensionless file stays
|
|
63
|
+
// null, exactly as before.
|
|
64
|
+
export function resolveCommentPrefix(filePath, config, contents) {
|
|
65
|
+
const ext = fileExtension(filePath);
|
|
66
|
+
if (ext === "") {
|
|
67
|
+
if (contents !== undefined && contents.startsWith("#!")) {
|
|
68
|
+
return "#";
|
|
69
|
+
}
|
|
70
|
+
return null;
|
|
71
|
+
}
|
|
72
|
+
const override = config?.extensions?.[ext];
|
|
73
|
+
if (override !== undefined) {
|
|
74
|
+
return override;
|
|
75
|
+
}
|
|
76
|
+
const fromDefault = DEFAULT_COMMENT_PREFIXES[ext];
|
|
77
|
+
return fromDefault ?? null;
|
|
78
|
+
}
|
|
79
|
+
//# sourceMappingURL=commentPrefix.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"commentPrefix.js","sourceRoot":"","sources":["../../src/markers/commentPrefix.ts"],"names":[],"mappings":"AAAA,2DAA2D;AAC3D,EAAE;AACF,4EAA4E;AAC5E,+EAA+E;AAC/E,+EAA+E;AAC/E,kFAAkF;AAQlF,gDAAgD;AAChD,+EAA+E;AAC/E,MAAM,CAAC,MAAM,wBAAwB,GAAqC,MAAM,CAAC,MAAM,CAAC;IACtF,kBAAkB;IAClB,QAAQ,EAAE,IAAI;IACd,KAAK,EAAE,IAAI;IACX,MAAM,EAAE,IAAI;IACZ,KAAK,EAAE,IAAI;IACX,MAAM,EAAE,IAAI;IACZ,MAAM,EAAE,IAAI;IACZ,MAAM,EAAE,IAAI;IACZ,IAAI,EAAE,IAAI;IACV,KAAK,EAAE,IAAI;IACX,MAAM,EAAE,IAAI;IACZ,MAAM,EAAE,IAAI;IACZ,IAAI,EAAE,IAAI;IACV,MAAM,EAAE,IAAI;IACZ,IAAI,EAAE,IAAI;IACV,KAAK,EAAE,IAAI;IACX,OAAO,EAAE,IAAI;IACb,KAAK,EAAE,IAAI;IACX,MAAM,EAAE,IAAI;IACZ,KAAK,EAAE,IAAI;IACX,KAAK,EAAE,IAAI;IACX,QAAQ,EAAE,IAAI;IACd,iBAAiB;IACjB,KAAK,EAAE,GAAG;IACV,KAAK,EAAE,GAAG;IACV,KAAK,EAAE,GAAG;IACV,OAAO,EAAE,GAAG;IACZ,MAAM,EAAE,GAAG;IACX,OAAO,EAAE,GAAG;IACZ,MAAM,EAAE,GAAG;IACX,OAAO,EAAE,GAAG;IACZ,KAAK,EAAE,GAAG;IACV,IAAI,EAAE,GAAG;CACV,CAAC,CAAC;AAEH,gFAAgF;AAChF,iDAAiD;AACjD,MAAM,UAAU,aAAa,CAAC,QAAgB;IAC5C,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC;IAC9E,MAAM,IAAI,GAAG,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;IAC/D,MAAM,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IAClC,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC;QACb,wEAAwE;QACxE,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;AACvC,CAAC;AAED,0EAA0E;AAC1E,sEAAsE;AACtE,EAAE;AACF,0EAA0E;AAC1E,iFAAiF;AACjF,0EAA0E;AAC1E,6EAA6E;AAC7E,2BAA2B;AAC3B,MAAM,UAAU,oBAAoB,CAClC,QAAgB,EAChB,MAA4B,EAC5B,QAAiB;IAEjB,MAAM,GAAG,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IACpC,IAAI,GAAG,KAAK,EAAE,EAAE,CAAC;QACf,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACxD,OAAO,GAAG,CAAC;QACb,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,QAAQ,GAAG,MAAM,EAAE,UAAU,EAAE,CAAC,GAAG,CAAC,CAAC;IAC3C,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC3B,OAAO,QAAQ,CAAC;IAClB,CAAC;IACD,MAAM,WAAW,GAAG,wBAAwB,CAAC,GAAG,CAAC,CAAC;IAClD,OAAO,WAAW,IAAI,IAAI,CAAC;AAC7B,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
export declare const MARKER_SCHEMA_ID = "ucase-marker-v1";
|
|
2
|
+
export declare const BINDING_REGISTRY_SCHEMA_ID = "ucase-binding-registry-event-v1";
|
|
3
|
+
export declare const EVIDENCE_SCHEMA_ID = "ucase-proof-event-v1";
|
|
4
|
+
export declare const STATUS_SCHEMA_ID = "ucase-freshness-status-v1";
|
|
5
|
+
export declare const SPAN_CANON_ID = "ucase-span-lines-v1";
|
|
6
|
+
export declare const EXPLICIT_RECOGNIZER_ID = "explicit-span-v1";
|
|
7
|
+
export declare const SWIFT_FUNC_RECOGNIZER_ID = "swift-func-inferred-v1";
|
|
8
|
+
export declare const BINDING_SET_HASH_ID = "ucase-binding-set-v1";
|
|
9
|
+
export declare const ROW_HASH_ID = "existing-semantic-row-hash";
|
|
10
|
+
//# sourceMappingURL=constants.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"constants.d.ts","sourceRoot":"","sources":["../../src/markers/constants.ts"],"names":[],"mappings":"AAGA,eAAO,MAAM,gBAAgB,oBAAoB,CAAC;AAClD,eAAO,MAAM,0BAA0B,oCAAoC,CAAC;AAC5E,eAAO,MAAM,kBAAkB,yBAAyB,CAAC;AACzD,eAAO,MAAM,gBAAgB,8BAA8B,CAAC;AAE5D,eAAO,MAAM,aAAa,wBAAwB,CAAC;AACnD,eAAO,MAAM,sBAAsB,qBAAqB,CAAC;AACzD,eAAO,MAAM,wBAAwB,2BAA2B,CAAC;AACjE,eAAO,MAAM,mBAAmB,yBAAyB,CAAC;AAG1D,eAAO,MAAM,WAAW,+BAA+B,CAAC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
// Core constants for the use-case-markers system (spec section 0).
|
|
2
|
+
// Identity-only marker schema and the canonicalizer/recognizer/hash ids.
|
|
3
|
+
export const MARKER_SCHEMA_ID = "ucase-marker-v1";
|
|
4
|
+
export const BINDING_REGISTRY_SCHEMA_ID = "ucase-binding-registry-event-v1";
|
|
5
|
+
export const EVIDENCE_SCHEMA_ID = "ucase-proof-event-v1";
|
|
6
|
+
export const STATUS_SCHEMA_ID = "ucase-freshness-status-v1";
|
|
7
|
+
export const SPAN_CANON_ID = "ucase-span-lines-v1";
|
|
8
|
+
export const EXPLICIT_RECOGNIZER_ID = "explicit-span-v1";
|
|
9
|
+
export const SWIFT_FUNC_RECOGNIZER_ID = "swift-func-inferred-v1";
|
|
10
|
+
export const BINDING_SET_HASH_ID = "ucase-binding-set-v1";
|
|
11
|
+
// ROW_HASH_ID names the existing semantic row-hash algorithm this system reuses.
|
|
12
|
+
export const ROW_HASH_ID = "existing-semantic-row-hash";
|
|
13
|
+
//# sourceMappingURL=constants.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"constants.js","sourceRoot":"","sources":["../../src/markers/constants.ts"],"names":[],"mappings":"AAAA,mEAAmE;AACnE,yEAAyE;AAEzE,MAAM,CAAC,MAAM,gBAAgB,GAAG,iBAAiB,CAAC;AAClD,MAAM,CAAC,MAAM,0BAA0B,GAAG,iCAAiC,CAAC;AAC5E,MAAM,CAAC,MAAM,kBAAkB,GAAG,sBAAsB,CAAC;AACzD,MAAM,CAAC,MAAM,gBAAgB,GAAG,2BAA2B,CAAC;AAE5D,MAAM,CAAC,MAAM,aAAa,GAAG,qBAAqB,CAAC;AACnD,MAAM,CAAC,MAAM,sBAAsB,GAAG,kBAAkB,CAAC;AACzD,MAAM,CAAC,MAAM,wBAAwB,GAAG,wBAAwB,CAAC;AACjE,MAAM,CAAC,MAAM,mBAAmB,GAAG,sBAAsB,CAAC;AAE1D,iFAAiF;AACjF,MAAM,CAAC,MAAM,WAAW,GAAG,4BAA4B,CAAC"}
|
|
@@ -0,0 +1,150 @@
|
|
|
1
|
+
import type { CiAuthority } from "./ciAuthority.js";
|
|
2
|
+
import { type ReadBaseRefOptions } from "./appendOnly.js";
|
|
3
|
+
import { type PublicKeyResolver } from "./proofSignature.js";
|
|
4
|
+
export interface ProofBindingItem {
|
|
5
|
+
binding_slug: string;
|
|
6
|
+
row_id: string;
|
|
7
|
+
file_path: string;
|
|
8
|
+
extent_kind: string;
|
|
9
|
+
recognizer_id: string;
|
|
10
|
+
span_canon_id: string;
|
|
11
|
+
span_sha256: string;
|
|
12
|
+
span_start_line: number;
|
|
13
|
+
span_end_line: number;
|
|
14
|
+
}
|
|
15
|
+
export interface ProofEvent {
|
|
16
|
+
schema: string;
|
|
17
|
+
event_type: string;
|
|
18
|
+
event_id: string;
|
|
19
|
+
created_at: string;
|
|
20
|
+
producer: {
|
|
21
|
+
kind: string;
|
|
22
|
+
id: string;
|
|
23
|
+
version: string;
|
|
24
|
+
ci_run_id: string;
|
|
25
|
+
repo: string;
|
|
26
|
+
commit: string;
|
|
27
|
+
};
|
|
28
|
+
row: {
|
|
29
|
+
row_id: string;
|
|
30
|
+
row_hash_id: string;
|
|
31
|
+
row_hash: string;
|
|
32
|
+
verification_policy_hash: string;
|
|
33
|
+
approval_policy_hash: string;
|
|
34
|
+
};
|
|
35
|
+
bindings: {
|
|
36
|
+
binding_set_hash_id: string;
|
|
37
|
+
binding_set_hash: string;
|
|
38
|
+
span_canon_id: string;
|
|
39
|
+
items: ProofBindingItem[];
|
|
40
|
+
};
|
|
41
|
+
verification: {
|
|
42
|
+
command_id: string;
|
|
43
|
+
result: string;
|
|
44
|
+
started_at: string;
|
|
45
|
+
completed_at: string;
|
|
46
|
+
artifacts: Array<{
|
|
47
|
+
kind: string;
|
|
48
|
+
path: string;
|
|
49
|
+
sha256: string;
|
|
50
|
+
}>;
|
|
51
|
+
context_hash_id: string;
|
|
52
|
+
context_hash: string;
|
|
53
|
+
};
|
|
54
|
+
signature: {
|
|
55
|
+
alg: string;
|
|
56
|
+
key_id: string;
|
|
57
|
+
value: string;
|
|
58
|
+
};
|
|
59
|
+
entry_index?: number;
|
|
60
|
+
previous_entry_hash?: string;
|
|
61
|
+
authority?: CiAuthority;
|
|
62
|
+
}
|
|
63
|
+
export declare const GENESIS_ENTRY_HASH: string;
|
|
64
|
+
export declare function computeLedgerEntryHash(entry: unknown): string;
|
|
65
|
+
export declare const LedgerChainErrorCode: Readonly<{
|
|
66
|
+
readonly CHAIN_BROKEN: "UCM_LEDGER_CHAIN_BROKEN";
|
|
67
|
+
readonly INDEX_GAP: "UCM_LEDGER_INDEX_GAP";
|
|
68
|
+
readonly DUPLICATE_INDEX: "UCM_LEDGER_DUPLICATE_INDEX";
|
|
69
|
+
}>;
|
|
70
|
+
export type LedgerChainErrorCode = (typeof LedgerChainErrorCode)[keyof typeof LedgerChainErrorCode];
|
|
71
|
+
export interface LedgerChainError {
|
|
72
|
+
code: LedgerChainErrorCode;
|
|
73
|
+
line: number | null;
|
|
74
|
+
message: string;
|
|
75
|
+
entry_index?: number;
|
|
76
|
+
}
|
|
77
|
+
export interface LedgerChainResult {
|
|
78
|
+
ok: boolean;
|
|
79
|
+
verified_entries: number;
|
|
80
|
+
legacy_prefix_count: number;
|
|
81
|
+
errors: LedgerChainError[];
|
|
82
|
+
}
|
|
83
|
+
export declare function verifyLedgerChain(lines: readonly EvidenceLine[]): LedgerChainResult;
|
|
84
|
+
export declare const TRUSTED_CI_PRODUCER_KIND = "trusted-ci-prover";
|
|
85
|
+
export declare const PROOF_PASS_RESULT = "pass";
|
|
86
|
+
export declare const EvidenceErrorCode: Readonly<{
|
|
87
|
+
readonly JSON_PARSE_ERROR: "JSON_PARSE_ERROR";
|
|
88
|
+
readonly EVIDENCE_SCHEMA_INVALID: "EVIDENCE_SCHEMA_INVALID";
|
|
89
|
+
readonly SIGNATURE_MISSING: "SIGNATURE_MISSING";
|
|
90
|
+
readonly SIGNATURE_ALG_UNSUPPORTED: "SIGNATURE_ALG_UNSUPPORTED";
|
|
91
|
+
readonly UNKNOWN_KEY_ID: "UNKNOWN_KEY_ID";
|
|
92
|
+
readonly BAD_SIGNATURE: "BAD_SIGNATURE";
|
|
93
|
+
readonly PRODUCER_NOT_TRUSTED: "PRODUCER_NOT_TRUSTED";
|
|
94
|
+
readonly VERIFICATION_NOT_PASS: "VERIFICATION_NOT_PASS";
|
|
95
|
+
readonly BINDING_SET_HASH_MISMATCH: "BINDING_SET_HASH_MISMATCH";
|
|
96
|
+
readonly EVIDENCE_ROW_MISSING: "EVIDENCE_ROW_MISSING";
|
|
97
|
+
readonly APPEND_ONLY_VIOLATION: "APPEND_ONLY_VIOLATION";
|
|
98
|
+
}>;
|
|
99
|
+
export type EvidenceErrorCode = (typeof EvidenceErrorCode)[keyof typeof EvidenceErrorCode];
|
|
100
|
+
export interface EvidenceError {
|
|
101
|
+
code: EvidenceErrorCode;
|
|
102
|
+
line: number | null;
|
|
103
|
+
message: string;
|
|
104
|
+
event_id?: string;
|
|
105
|
+
row_id?: string;
|
|
106
|
+
}
|
|
107
|
+
export interface EvidenceLine {
|
|
108
|
+
line: number;
|
|
109
|
+
value: unknown;
|
|
110
|
+
}
|
|
111
|
+
export interface ReadEvidenceResult {
|
|
112
|
+
lines: EvidenceLine[];
|
|
113
|
+
errors: EvidenceError[];
|
|
114
|
+
}
|
|
115
|
+
export declare function readEvidenceJsonl(text: string): ReadEvidenceResult;
|
|
116
|
+
export interface ValidateProofEventOptions {
|
|
117
|
+
publicKeyResolver: PublicKeyResolver;
|
|
118
|
+
yamlRowIds?: ReadonlySet<string>;
|
|
119
|
+
}
|
|
120
|
+
export interface ValidateProofEventResult {
|
|
121
|
+
ok: boolean;
|
|
122
|
+
errors: EvidenceError[];
|
|
123
|
+
event: ProofEvent | null;
|
|
124
|
+
}
|
|
125
|
+
export declare function validateProofEventValue(value: unknown, line: number | null, options: ValidateProofEventOptions): ValidateProofEventResult;
|
|
126
|
+
export interface ValidateEvidenceLedgerOptions {
|
|
127
|
+
publicKeyResolver: PublicKeyResolver;
|
|
128
|
+
baseRefOldText?: string;
|
|
129
|
+
yamlRowIds?: ReadonlySet<string>;
|
|
130
|
+
}
|
|
131
|
+
export interface EvidenceLedgerSummary {
|
|
132
|
+
proof_events_checked: number;
|
|
133
|
+
proof_events_valid: number;
|
|
134
|
+
proof_events_invalid: number;
|
|
135
|
+
append_only: boolean;
|
|
136
|
+
errors_by_code: Record<string, number>;
|
|
137
|
+
}
|
|
138
|
+
export interface ValidateEvidenceLedgerResult {
|
|
139
|
+
ok: boolean;
|
|
140
|
+
errors: EvidenceError[];
|
|
141
|
+
events: ProofEvent[];
|
|
142
|
+
append_only: boolean;
|
|
143
|
+
summary: EvidenceLedgerSummary;
|
|
144
|
+
}
|
|
145
|
+
export declare function validateEvidenceLedger(text: string, options: ValidateEvidenceLedgerOptions): ValidateEvidenceLedgerResult;
|
|
146
|
+
export declare function validateEvidenceLedgerAgainstBaseRef(text: string, baseRef: string, path: string, options: {
|
|
147
|
+
publicKeyResolver: PublicKeyResolver;
|
|
148
|
+
yamlRowIds?: ReadonlySet<string>;
|
|
149
|
+
} & ReadBaseRefOptions): ValidateEvidenceLedgerResult;
|
|
150
|
+
//# sourceMappingURL=evidenceLedger.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"evidenceLedger.d.ts","sourceRoot":"","sources":["../../src/markers/evidenceLedger.ts"],"names":[],"mappings":"AAqBA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAEpD,OAAO,EAIL,KAAK,kBAAkB,EACxB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAe,KAAK,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAG1E,MAAM,WAAW,gBAAgB;IAC/B,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,CAAC;IACxB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM,CAAC;QACb,EAAE,EAAE,MAAM,CAAC;QACX,OAAO,EAAE,MAAM,CAAC;QAChB,SAAS,EAAE,MAAM,CAAC;QAClB,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;KAChB,CAAC;IACF,GAAG,EAAE;QACH,MAAM,EAAE,MAAM,CAAC;QACf,WAAW,EAAE,MAAM,CAAC;QACpB,QAAQ,EAAE,MAAM,CAAC;QACjB,wBAAwB,EAAE,MAAM,CAAC;QACjC,oBAAoB,EAAE,MAAM,CAAC;KAC9B,CAAC;IACF,QAAQ,EAAE;QACR,mBAAmB,EAAE,MAAM,CAAC;QAC5B,gBAAgB,EAAE,MAAM,CAAC;QACzB,aAAa,EAAE,MAAM,CAAC;QACtB,KAAK,EAAE,gBAAgB,EAAE,CAAC;KAC3B,CAAC;IACF,YAAY,EAAE;QACZ,UAAU,EAAE,MAAM,CAAC;QACnB,MAAM,EAAE,MAAM,CAAC;QACf,UAAU,EAAE,MAAM,CAAC;QACnB,YAAY,EAAE,MAAM,CAAC;QACrB,SAAS,EAAE,KAAK,CAAC;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAIjE,eAAe,EAAE,MAAM,CAAC;QACxB,YAAY,EAAE,MAAM,CAAC;KACtB,CAAC;IACF,SAAS,EAAE;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;IAY1D,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAS7B,SAAS,CAAC,EAAE,WAAW,CAAC;CACzB;AAKD,eAAO,MAAM,kBAAkB,QAA6B,CAAC;AAM7D,wBAAgB,sBAAsB,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,CAE7D;AASD,eAAO,MAAM,oBAAoB;;;;EAItB,CAAC;AAEZ,MAAM,MAAM,oBAAoB,GAC9B,CAAC,OAAO,oBAAoB,CAAC,CAAC,MAAM,OAAO,oBAAoB,CAAC,CAAC;AAEnE,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,oBAAoB,CAAC;IAC3B,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,iBAAiB;IAGhC,EAAE,EAAE,OAAO,CAAC;IAEZ,gBAAgB,EAAE,MAAM,CAAC;IAEzB,mBAAmB,EAAE,MAAM,CAAC;IAC5B,MAAM,EAAE,gBAAgB,EAAE,CAAC;CAC5B;AAuCD,wBAAgB,iBAAiB,CAAC,KAAK,EAAE,SAAS,YAAY,EAAE,GAAG,iBAAiB,CAqFnF;AAGD,eAAO,MAAM,wBAAwB,sBAAsB,CAAC;AAE5D,eAAO,MAAM,iBAAiB,SAAS,CAAC;AAIxC,eAAO,MAAM,iBAAiB;;;;;;;;;;;;EAYnB,CAAC;AAEZ,MAAM,MAAM,iBAAiB,GAAG,CAAC,OAAO,iBAAiB,CAAC,CAAC,MAAM,OAAO,iBAAiB,CAAC,CAAC;AAE3F,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,iBAAiB,CAAC;IACxB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAGD,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,OAAO,CAAC;CAChB;AAED,MAAM,WAAW,kBAAkB;IACjC,KAAK,EAAE,YAAY,EAAE,CAAC;IACtB,MAAM,EAAE,aAAa,EAAE,CAAC;CACzB;AAQD,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,kBAAkB,CAqBlE;AAgBD,MAAM,WAAW,yBAAyB;IACxC,iBAAiB,EAAE,iBAAiB,CAAC;IACrC,UAAU,CAAC,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;CAClC;AAED,MAAM,WAAW,wBAAwB;IACvC,EAAE,EAAE,OAAO,CAAC;IACZ,MAAM,EAAE,aAAa,EAAE,CAAC;IACxB,KAAK,EAAE,UAAU,GAAG,IAAI,CAAC;CAC1B;AAQD,wBAAgB,uBAAuB,CACrC,KAAK,EAAE,OAAO,EACd,IAAI,EAAE,MAAM,GAAG,IAAI,EACnB,OAAO,EAAE,yBAAyB,GACjC,wBAAwB,CAiG1B;AAED,MAAM,WAAW,6BAA6B;IAC5C,iBAAiB,EAAE,iBAAiB,CAAC;IAGrC,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,UAAU,CAAC,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;CAClC;AAED,MAAM,WAAW,qBAAqB;IACpC,oBAAoB,EAAE,MAAM,CAAC;IAC7B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,WAAW,EAAE,OAAO,CAAC;IACrB,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACxC;AAED,MAAM,WAAW,4BAA4B;IAC3C,EAAE,EAAE,OAAO,CAAC;IACZ,MAAM,EAAE,aAAa,EAAE,CAAC;IACxB,MAAM,EAAE,UAAU,EAAE,CAAC;IACrB,WAAW,EAAE,OAAO,CAAC;IACrB,OAAO,EAAE,qBAAqB,CAAC;CAChC;AASD,wBAAgB,sBAAsB,CACpC,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,6BAA6B,GACrC,4BAA4B,CA2D9B;AAKD,wBAAgB,oCAAoC,CAClD,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE;IACP,iBAAiB,EAAE,iBAAiB,CAAC;IACrC,UAAU,CAAC,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;CAClC,GAAG,kBAAkB,GACrB,4BAA4B,CAU9B"}
|