@apidiff/core 1.0.0

package/dist/index.cjs

@@ -0,0 +1,2902 @@
+"use strict";
+var __create = Object.create;
+var __defProp = Object.defineProperty;
+var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+var __getOwnPropNames = Object.getOwnPropertyNames;
+var __getProtoOf = Object.getPrototypeOf;
+var __hasOwnProp = Object.prototype.hasOwnProperty;
+var __export = (target, all) => {
+  for (var name in all)
+    __defProp(target, name, { get: all[name], enumerable: true });
+};
+var __copyProps = (to, from, except, desc) => {
+  if (from && typeof from === "object" || typeof from === "function") {
+    for (let key of __getOwnPropNames(from))
+      if (!__hasOwnProp.call(to, key) && key !== except)
+        __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+  }
+  return to;
+};
+var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
+  // If the importer is in node compatibility mode or this is not an ESM
+  // file that has been converted to a CommonJS file using a Babel-
+  // compatible transform (i.e. "__esModule" has not been set), then set
+  // "default" to the CommonJS "module.exports" for node compatibility.
+  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
+  mod
+));
+var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+
+// src/index.ts
+var index_exports = {};
+__export(index_exports, {
+  ApidiffError: () => ApidiffError,
+  ConfigError: () => ConfigError,
+  DEFAULT_CONFIG: () => DEFAULT_CONFIG2,
+  FormatError: () => FormatError,
+  LoadError: () => LoadError,
+  ParseError: () => ParseError,
+  RefError: () => RefError,
+  formatOutput: () => formatOutput,
+  loadConfig: () => loadConfig,
+  run: () => run,
+  runContent: () => runContent
+});
+module.exports = __toCommonJS(index_exports);
+
+// src/loader/index.ts
+var import_node_fs2 = require("fs");
+
+// src/loader/file-loader.ts
+var import_node_fs = require("fs");
+var import_node_path = require("path");
+
+// src/types/errors.ts
+var ApidiffError = class extends Error {
+  constructor(message, cause) {
+    super(message);
+    this.cause = cause;
+    this.name = this.constructor.name;
+  }
+  cause;
+};
+var LoadError = class extends ApidiffError {
+};
+var ParseError = class extends ApidiffError {
+  constructor(message, line, col, filePath, cause) {
+    super(message, cause);
+    this.line = line;
+    this.col = col;
+    this.filePath = filePath;
+  }
+  line;
+  col;
+  filePath;
+};
+var RefError = class extends ApidiffError {
+  constructor(message, ref, cause) {
+    super(message, cause);
+    this.ref = ref;
+  }
+  ref;
+};
+var ConfigError = class extends ApidiffError {
+};
+var FormatError = class extends ApidiffError {
+};
+
+// src/loader/file-loader.ts
+function loadFile(source) {
+  try {
+    const sourcePath = (0, import_node_path.resolve)(source);
+    const content = (0, import_node_fs.readFileSync)(sourcePath, "utf8");
+    return { content, sourcePath };
+  } catch (err) {
+    if (err.code === "ENOENT") {
+      throw new LoadError(`file not found: ${source}`, err);
+    }
+    if (err.code === "EACCES") {
+      throw new LoadError(`permission denied: ${source}`, err);
+    }
+    throw new LoadError(`failed to read file: ${source}`, err);
+  }
+}
+
+// src/loader/url-loader.ts
+async function loadUrl(source) {
+  try {
+    const controller = new AbortController();
+    const timeoutId = setTimeout(() => controller.abort(), 1e4);
+    const response = await fetch(source, { signal: controller.signal });
+    clearTimeout(timeoutId);
+    if (!response.ok) {
+      throw new LoadError(`failed to fetch url: ${source} (status: ${response.status})`);
+    }
+    const content = await response.text();
+    return { content, sourcePath: source };
+  } catch (err) {
+    if (err instanceof LoadError) {
+      throw err;
+    }
+    if (err.name === "AbortError") {
+      throw new LoadError(`timeout fetching url: ${source}`, err);
+    }
+    throw new LoadError(`network error fetching url: ${source}`, err instanceof Error ? err : void 0);
+  }
+}
+
+// src/loader/git-loader.ts
+var import_node_child_process = require("child_process");
+function loadGit(source) {
+  const match = source.match(/^git:([^:]+):(.+)$/);
+  if (!match) {
+    throw new LoadError(`invalid git source format: ${source}`);
+  }
+  const [, ref, filePath] = match;
+  try {
+    const content = (0, import_node_child_process.execSync)(`git show ${ref}:${filePath}`, { encoding: "utf-8", stdio: "pipe" });
+    return { content, sourcePath: filePath };
+  } catch (err) {
+    const stderr = err.stderr?.toString() || "";
+    if (stderr.includes("Not a valid object name") || stderr.includes("does not exist")) {
+      throw new LoadError(`git ref or path not found: ${ref}:${filePath}`, err);
+    }
+    throw new LoadError(`git command failed: ${source}`, err);
+  }
+}
+
+// src/loader/index.ts
+async function loadSpec(source) {
+  if (source === "-") {
+    try {
+      const content = (0, import_node_fs2.readFileSync)(0, "utf-8");
+      return { content, sourcePath: void 0 };
+    } catch (err) {
+      throw new LoadError("failed to read from stdin", err);
+    }
+  }
+  if (source.startsWith("http://") || source.startsWith("https://")) {
+    return await loadUrl(source);
+  }
+  if (source.startsWith("git:")) {
+    return loadGit(source);
+  }
+  return loadFile(source);
+}
+
+// src/parsers/index.ts
+var import_js_yaml4 = __toESM(require("js-yaml"), 1);
+
+// src/parsers/openapi3/ref-resolver.ts
+var import_node_fs3 = require("fs");
+var import_node_path2 = require("path");
+var import_js_yaml = __toESM(require("js-yaml"), 1);
+var fileCache = /* @__PURE__ */ new Map();
+function resolveRefs(obj, root, sourcePath) {
+  if (!obj || typeof obj !== "object") return obj;
+  const stack = [
+    { node: obj, parent: null, key: null }
+  ];
+  const visitedRefs = /* @__PURE__ */ new Set();
+  const visitedNodes = /* @__PURE__ */ new WeakSet();
+  while (stack.length > 0) {
+    const current = stack.pop();
+    const { node, parent, key } = current;
+    if (!node || typeof node !== "object") continue;
+    if (visitedNodes.has(node)) continue;
+    visitedNodes.add(node);
+    if (Array.isArray(node)) {
+      for (let i = node.length - 1; i >= 0; i--) {
+        stack.push({ node: node[i], parent: node, key: i.toString() });
+      }
+      continue;
+    }
+    if ("$ref" in node && typeof node.$ref === "string") {
+      const ref = node.$ref;
+      if (visitedRefs.has(ref)) {
+        if (parent && key !== null) {
+          parent[key] = { ...node, $circular: true };
+        }
+        continue;
+      }
+      visitedRefs.add(ref);
+      let resolved;
+      if (ref.startsWith("#")) {
+        resolved = resolveLocalRef(ref, root);
+      } else if (ref.startsWith("./") || ref.startsWith("../")) {
+        if (!sourcePath) {
+          throw new RefError(`Cannot resolve relative ref without sourcePath`, ref);
+        }
+        const refPath = (0, import_node_path2.resolve)((0, import_node_path2.dirname)(sourcePath), ref.split("#")[0]);
+        try {
+          let parsed = fileCache.get(refPath);
+          if (!parsed) {
+            const content = (0, import_node_fs3.readFileSync)(refPath, "utf8");
+            parsed = refPath.endsWith(".json") ? JSON.parse(content) : import_js_yaml.default.load(content);
+            fileCache.set(refPath, parsed);
+          }
+          resolved = ref.includes("#") ? resolveLocalRef("#" + ref.split("#")[1], parsed) : parsed;
+        } catch (err) {
+          throw new RefError(`Failed to load external ref`, ref, err);
+        }
+      } else if (ref.startsWith("http://") || ref.startsWith("https://")) {
+        throw new RefError(`URL refs not implemented synchronously`, ref);
+      } else {
+        throw new RefError(`Unsupported ref format`, ref);
+      }
+      if (parent && key !== null) {
+        parent[key] = resolved;
+        stack.push({ node: resolved, parent, key });
+      }
+      continue;
+    }
+    const keys = Object.keys(node);
+    for (let i = keys.length - 1; i >= 0; i--) {
+      const k = keys[i];
+      if (k !== "$ref" && typeof node[k] === "object" && node[k] !== null) {
+        stack.push({ node: node[k], parent: node, key: k });
+      }
+    }
+  }
+  return obj;
+}
+function resolveLocalRef(ref, root) {
+  const parts = ref.replace(/^#\/?/, "").split("/");
+  let current = root;
+  for (const part of parts) {
+    if (!part) continue;
+    const key = part.replace(/~1/g, "/").replace(/~0/g, "~");
+    if (current && typeof current === "object" && key in current) {
+      current = current[key];
+    } else {
+      throw new RefError(`Local ref not found`, ref);
+    }
+  }
+  return current;
+}
+
+// src/parsers/openapi3/schema-normalizer.ts
+function normalizeSchema(schema) {
+  if (!schema || typeof schema !== "object") return schema;
+  if (Array.isArray(schema.allOf)) {
+    const merged = flattenAllOf(schema.allOf);
+    schema = { ...schema, ...merged };
+    delete schema.allOf;
+  }
+  if (schema.nullable === true) {
+    if (typeof schema.type === "string") {
+      schema.type = [schema.type, "null"];
+    } else if (Array.isArray(schema.type) && !schema.type.includes("null")) {
+      schema.type = [...schema.type, "null"];
+    }
+    delete schema.nullable;
+  }
+  if (schema.properties) {
+    for (const key of Object.keys(schema.properties)) {
+      schema.properties[key] = normalizeSchema(schema.properties[key]);
+    }
+  }
+  if (schema.items) {
+    schema.items = normalizeSchema(schema.items);
+  }
+  if (schema.additionalProperties && typeof schema.additionalProperties === "object") {
+    schema.additionalProperties = normalizeSchema(schema.additionalProperties);
+  }
+  if (Array.isArray(schema.oneOf)) {
+    schema.oneOf = schema.oneOf.map(normalizeSchema);
+  }
+  if (Array.isArray(schema.anyOf)) {
+    schema.anyOf = schema.anyOf.map(normalizeSchema);
+  }
+  return schema;
+}
+function flattenAllOf(schemas) {
+  return schemas.reduce((merged, subSchema) => {
+    const normalized = normalizeSchema(subSchema);
+    return {
+      ...merged,
+      ...normalized,
+      properties: { ...merged.properties || {}, ...normalized.properties || {} },
+      required: [.../* @__PURE__ */ new Set([...merged.required || [], ...normalized.required || []])]
+    };
+  }, {});
+}
+
+// src/parsers/openapi3/security-normalizer.ts
+function normalizeSecurity(securityArray) {
+  if (!securityArray || !Array.isArray(securityArray)) {
+    return [];
+  }
+  const result = [];
+  for (const req of securityArray) {
+    for (const [schemeId, scopes] of Object.entries(req)) {
+      result.push({
+        schemeId,
+        scopes: Array.isArray(scopes) ? scopes.map(String) : []
+      });
+    }
+  }
+  return result;
+}
+
+// src/parsers/openapi3/index.ts
+var import_js_yaml2 = __toESM(require("js-yaml"), 1);
+var OpenApi3Parser = class {
+  format = "openapi3";
+  canParse(raw) {
+    return raw.format === "openapi3";
+  }
+  async parse(raw) {
+    let parsed;
+    try {
+      parsed = JSON.parse(raw.content);
+    } catch {
+      try {
+        parsed = import_js_yaml2.default.load(raw.content);
+      } catch (err) {
+        throw new ParseError("Failed to parse OpenAPI 3.x spec", void 0, void 0, raw.sourcePath, err);
+      }
+    }
+    if (!parsed || typeof parsed !== "object" || !parsed.openapi || !parsed.openapi.startsWith("3.")) {
+      throw new ParseError("Not a valid OpenAPI 3.x spec", void 0, void 0, raw.sourcePath);
+    }
+    const resolved = resolveRefs(parsed, parsed, raw.sourcePath);
+    const meta = {
+      title: resolved.info?.title || "Unknown API",
+      version: resolved.info?.version || "1.0.0",
+      format: "openapi3",
+      rawVersion: resolved.openapi
+    };
+    const servers = (resolved.servers || []).map((s) => ({
+      url: s.url,
+      description: s.description,
+      variables: s.variables
+    }));
+    const components = {
+      schemas: {},
+      securitySchemes: {},
+      parameters: {},
+      responses: {},
+      headers: {},
+      requestBodies: {}
+    };
+    if (resolved.components?.schemas) {
+      for (const [k, v] of Object.entries(resolved.components.schemas)) {
+        components.schemas[k] = normalizeSchema(v);
+      }
+    }
+    const securitySchemes = resolved.components?.securitySchemes || {};
+    for (const [k, v] of Object.entries(securitySchemes)) {
+      components.securitySchemes[k] = v;
+    }
+    const endpoints = [];
+    const paths = resolved.paths || {};
+    const globalSecurity = resolved.security;
+    const allowedMethods = ["get", "post", "put", "patch", "delete", "head", "options", "trace"];
+    for (const [pathStr, pathItem] of Object.entries(paths)) {
+      if (!pathItem || typeof pathItem !== "object") continue;
+      const pathParams = Array.isArray(pathItem.parameters) ? pathItem.parameters : [];
+      for (const methodStr of Object.keys(pathItem)) {
+        if (!allowedMethods.includes(methodStr)) continue;
+        const op = pathItem[methodStr];
+        if (!op || typeof op !== "object") continue;
+        const method = methodStr.toUpperCase();
+        const id = `${method}:${normalizePathForId(pathStr)}`;
+        const opParams = Array.isArray(op.parameters) ? op.parameters : [];
+        const parameters = buildParameters(pathParams, opParams);
+        const security = op.security !== void 0 ? normalizeSecurity(op.security) : normalizeSecurity(globalSecurity);
+        const endpoint = {
+          id,
+          path: pathStr,
+          method,
+          summary: op.summary,
+          description: op.description,
+          operationId: op.operationId,
+          tags: Array.isArray(op.tags) ? op.tags : [],
+          deprecated: !!op.deprecated,
+          security,
+          parameters,
+          requestBody: op.requestBody ? buildRequestBody(op.requestBody) : void 0,
+          responses: buildResponses(op.responses),
+          extensions: extractExtensions(op)
+        };
+        endpoints.push(endpoint);
+      }
+    }
+    return {
+      meta,
+      servers,
+      endpoints,
+      components,
+      security: Object.values(components.securitySchemes)
+    };
+  }
+};
+function normalizePathForId(path) {
+  return path.toLowerCase().replace(/\/$/, "").replace(/\{[^}]+\}/g, "{*}");
+}
+function buildParameters(pathParams, opParams) {
+  const paramMap = /* @__PURE__ */ new Map();
+  for (const p of pathParams) {
+    paramMap.set(`${p.name}:${p.in}`, {
+      name: p.name,
+      in: p.in,
+      required: !!p.required,
+      deprecated: !!p.deprecated,
+      description: p.description,
+      schema: normalizeSchema(p.schema || {}),
+      example: p.example
+    });
+  }
+  for (const p of opParams) {
+    paramMap.set(`${p.name}:${p.in}`, {
+      name: p.name,
+      in: p.in,
+      required: !!p.required,
+      deprecated: !!p.deprecated,
+      description: p.description,
+      schema: normalizeSchema(p.schema || {}),
+      example: p.example
+    });
+  }
+  return Array.from(paramMap.values());
+}
+function buildRequestBody(rb) {
+  const content = {};
+  if (rb.content) {
+    for (const [k, v] of Object.entries(rb.content)) {
+      content[k] = {
+        schema: normalizeSchema(v.schema || {}),
+        example: v.example
+      };
+    }
+  }
+  return {
+    required: !!rb.required,
+    description: rb.description,
+    content
+  };
+}
+function buildResponses(responses) {
+  if (!responses || typeof responses !== "object") return [];
+  const res = [];
+  for (const [code, r] of Object.entries(responses)) {
+    const content = {};
+    if (r.content) {
+      for (const [k, v] of Object.entries(r.content)) {
+        content[k] = {
+          schema: normalizeSchema(v.schema || {}),
+          example: v.example
+        };
+      }
+    }
+    const headers = {};
+    if (r.headers) {
+      for (const [k, v] of Object.entries(r.headers)) {
+        headers[k] = {
+          required: !!v.required,
+          deprecated: !!v.deprecated,
+          schema: normalizeSchema(v.schema || {}),
+          description: v.description
+        };
+      }
+    }
+    res.push({
+      statusCode: code,
+      description: r.description,
+      content,
+      headers
+    });
+  }
+  return res;
+}
+function extractExtensions(obj) {
+  const ext = {};
+  if (obj && typeof obj === "object") {
+    for (const k of Object.keys(obj)) {
+      if (k.startsWith("x-")) {
+        ext[k] = obj[k];
+      }
+    }
+  }
+  return ext;
+}
+
+// src/parsers/openapi2/index.ts
+var import_js_yaml3 = __toESM(require("js-yaml"), 1);
+var OpenApi2Parser = class {
+  format = "openapi2";
+  canParse(raw) {
+    return raw.format === "openapi2";
+  }
+  async parse(raw) {
+    let parsed;
+    try {
+      parsed = JSON.parse(raw.content);
+    } catch {
+      try {
+        parsed = import_js_yaml3.default.load(raw.content);
+      } catch (err) {
+        throw new ParseError("Failed to parse OpenAPI 2.x spec", void 0, void 0, raw.sourcePath, err);
+      }
+    }
+    if (!parsed || typeof parsed !== "object" || !parsed.swagger || !parsed.swagger.startsWith("2.")) {
+      throw new ParseError("Not a valid OpenAPI 2.x spec", void 0, void 0, raw.sourcePath);
+    }
+    const resolved = parsed;
+    const meta = {
+      title: resolved.info?.title || "Unknown API",
+      version: resolved.info?.version || "1.0.0",
+      format: "openapi2",
+      rawVersion: resolved.swagger
+    };
+    const servers = [];
+    if (resolved.host) {
+      const schemes = Array.isArray(resolved.schemes) && resolved.schemes.length > 0 ? resolved.schemes : ["https"];
+      const basePath = resolved.basePath || "";
+      for (const scheme of schemes) {
+        servers.push({ url: `${scheme}://${resolved.host}${basePath}` });
+      }
+    }
+    const components = {
+      schemas: {},
+      securitySchemes: {},
+      parameters: {},
+      responses: {},
+      headers: {},
+      requestBodies: {}
+    };
+    if (resolved.definitions) {
+      for (const [k, v] of Object.entries(resolved.definitions)) {
+        components.schemas[k] = normalizeSchema(v);
+      }
+    }
+    const securitySchemes = resolved.securityDefinitions || {};
+    for (const [k, v] of Object.entries(securitySchemes)) {
+      components.securitySchemes[k] = v;
+    }
+    const endpoints = [];
+    const paths = resolved.paths || {};
+    const globalSecurity = resolved.security || [];
+    const allowedMethods = ["get", "post", "put", "patch", "delete", "head", "options", "trace"];
+    for (const [pathStr, pathItem] of Object.entries(paths)) {
+      if (!pathItem || typeof pathItem !== "object") continue;
+      const pathParams = Array.isArray(pathItem.parameters) ? pathItem.parameters : [];
+      for (const methodStr of Object.keys(pathItem)) {
+        if (!allowedMethods.includes(methodStr)) continue;
+        const op = pathItem[methodStr];
+        if (!op || typeof op !== "object") continue;
+        const method = methodStr.toUpperCase();
+        const id = `${method}:${normalizePathForId2(pathStr)}`;
+        const opParams = Array.isArray(op.parameters) ? op.parameters : [];
+        const { parameters, requestBody } = buildParametersAndBody(pathParams, opParams, resolved.consumes || op.consumes || ["application/json"]);
+        const endpoint = {
+          id,
+          path: pathStr,
+          method,
+          summary: op.summary,
+          description: op.description,
+          operationId: op.operationId,
+          tags: Array.isArray(op.tags) ? op.tags : [],
+          deprecated: !!op.deprecated,
+          security: op.security || globalSecurity,
+          parameters,
+          requestBody,
+          responses: buildResponses2(op.responses, resolved.produces || op.produces || ["application/json"]),
+          extensions: extractExtensions2(op)
+        };
+        endpoints.push(endpoint);
+      }
+    }
+    return {
+      meta,
+      servers,
+      endpoints,
+      components,
+      security: Object.values(components.securitySchemes)
+    };
+  }
+};
+function normalizePathForId2(path) {
+  return path.toLowerCase().replace(/\/$/, "").replace(/\{[^}]+\}/g, "{*}");
+}
+function buildParametersAndBody(pathParams, opParams, consumes) {
+  const paramMap = /* @__PURE__ */ new Map();
+  let requestBody = void 0;
+  const allParams = [...pathParams, ...opParams];
+  for (const p of allParams) {
+    if (p.in === "body") {
+      const content = {};
+      for (const mime of consumes) {
+        content[mime] = { schema: normalizeSchema(p.schema || {}) };
+      }
+      requestBody = {
+        required: !!p.required,
+        description: p.description,
+        content
+      };
+    } else if (p.in === "formData") {
+      if (!requestBody) {
+        requestBody = { required: false, content: {} };
+      }
+      const mime = consumes.includes("multipart/form-data") ? "multipart/form-data" : "application/x-www-form-urlencoded";
+      if (!requestBody.content[mime]) {
+        requestBody.content[mime] = { schema: { type: "object", properties: {} } };
+      }
+      const schema = requestBody.content[mime].schema;
+      if (!schema.properties) schema.properties = {};
+      schema.properties[p.name] = normalizeSchema(p);
+      if (p.required) {
+        if (!schema.required) schema.required = [];
+        schema.required.push(p.name);
+      }
+    } else {
+      paramMap.set(`${p.name}:${p.in}`, {
+        name: p.name,
+        in: p.in,
+        required: !!p.required,
+        deprecated: false,
+        description: p.description,
+        schema: normalizeSchema(p)
+      });
+    }
+  }
+  return { parameters: Array.from(paramMap.values()), requestBody };
+}
+function buildResponses2(responses, produces) {
+  if (!responses || typeof responses !== "object") return [];
+  const res = [];
+  for (const [code, r] of Object.entries(responses)) {
+    const content = {};
+    if (r.schema) {
+      for (const mime of produces) {
+        content[mime] = { schema: normalizeSchema(r.schema) };
+      }
+    }
+    const headers = {};
+    if (r.headers) {
+      for (const [k, v] of Object.entries(r.headers)) {
+        headers[k] = {
+          schema: normalizeSchema(v),
+          description: v.description
+        };
+      }
+    }
+    res.push({
+      statusCode: code,
+      description: r.description,
+      content,
+      headers
+    });
+  }
+  return res;
+}
+function extractExtensions2(obj) {
+  const ext = {};
+  if (obj && typeof obj === "object") {
+    for (const k of Object.keys(obj)) {
+      if (k.startsWith("x-")) {
+        ext[k] = obj[k];
+      }
+    }
+  }
+  return ext;
+}
+
+// src/parsers/protobuf/index.ts
+var import_protobufjs = __toESM(require("protobufjs"), 1);
+var ProtobufParser = class {
+  format = "protobuf";
+  canParse(raw) {
+    return raw.format === "protobuf" || raw.content.trim().startsWith('syntax = "proto');
+  }
+  async parse(raw) {
+    let root;
+    try {
+      const parsed = import_protobufjs.default.parse(raw.content, { keepCase: true });
+      root = parsed.root;
+    } catch (err) {
+      throw new ParseError("Failed to parse Protobuf spec", err.line, err.column, raw.sourcePath, err);
+    }
+    const meta = {
+      title: "Protobuf API",
+      version: "1.0.0",
+      // Protobuf doesn't have a standard version field
+      format: "protobuf",
+      rawVersion: "3"
+      // Assume proto3 for now
+    };
+    const components = {
+      schemas: {},
+      securitySchemes: {},
+      parameters: {},
+      responses: {},
+      headers: {},
+      requestBodies: {}
+    };
+    const endpoints = [];
+    this.walkRoot(root, "", components, endpoints);
+    return {
+      meta,
+      servers: [],
+      endpoints,
+      components,
+      security: []
+    };
+  }
+  walkRoot(node, namespace, components, endpoints) {
+    if (node instanceof import_protobufjs.default.Type) {
+      components.schemas[`${namespace}${node.name}`] = this.messageToSchema(node);
+    } else if (node instanceof import_protobufjs.default.Enum) {
+      components.schemas[`${namespace}${node.name}`] = this.enumToSchema(node);
+    } else if (node instanceof import_protobufjs.default.Service) {
+      for (const method of node.methodsArray) {
+        endpoints.push(this.methodToEndpoint(method, `${namespace}${node.name}`));
+      }
+    } else if (node instanceof import_protobufjs.default.Namespace) {
+      const newNamespace = node.name ? `${namespace}${node.name}.` : namespace;
+      for (const child of node.nestedArray) {
+        this.walkRoot(child, newNamespace, components, endpoints);
+      }
+    }
+  }
+  messageToSchema(message) {
+    const properties = {};
+    const required = [];
+    for (const field of message.fieldsArray) {
+      const fieldSchema = this.typeToSchema(field);
+      fieldSchema.$protobufNumber = field.id;
+      properties[field.name] = fieldSchema;
+      if (field.required) {
+        required.push(field.name);
+      }
+    }
+    const schema = {
+      type: "object",
+      properties
+    };
+    if (required.length > 0) {
+      schema.required = required;
+    }
+    return schema;
+  }
+  enumToSchema(enumObj) {
+    return {
+      type: "string",
+      enum: Object.keys(enumObj.values)
+    };
+  }
+  typeToSchema(field) {
+    let schema = {};
+    switch (field.type) {
+      case "double":
+      case "float":
+        schema.type = "number";
+        schema.format = field.type;
+        break;
+      case "int32":
+      case "uint32":
+      case "sint32":
+      case "fixed32":
+      case "sfixed32":
+        schema.type = "integer";
+        schema.format = field.type;
+        break;
+      case "int64":
+      case "uint64":
+      case "sint64":
+      case "fixed64":
+      case "sfixed64":
+        schema.type = "integer";
+        schema.format = "int64";
+        break;
+      case "bool":
+        schema.type = "boolean";
+        break;
+      case "string":
+        schema.type = "string";
+        break;
+      case "bytes":
+        schema.type = "string";
+        schema.format = "byte";
+        break;
+      default:
+        schema.type = "object";
+        schema.$ref = `#/components/schemas/${field.type}`;
+        break;
+    }
+    if (field.repeated) {
+      return {
+        type: "array",
+        items: schema
+      };
+    }
+    return schema;
+  }
+  methodToEndpoint(method, servicePath) {
+    const id = `RPC:${servicePath}/${method.name}`;
+    const path = `${servicePath}/${method.name}`;
+    const requestBody = {
+      required: true,
+      content: {
+        "application/protobuf": {
+          schema: {
+            $ref: `#/components/schemas/${method.requestType}`
+          }
+        }
+      }
+    };
+    const responses = [
+      {
+        statusCode: "200",
+        description: "Successful response",
+        content: {
+          "application/protobuf": {
+            schema: {
+              $ref: `#/components/schemas/${method.responseType}`
+            }
+          }
+        },
+        headers: {}
+      }
+    ];
+    return {
+      id,
+      path,
+      method: "RPC",
+      summary: method.comment || void 0,
+      tags: [servicePath],
+      deprecated: !!method.options?.deprecated,
+      security: [],
+      // Protobuf doesn't specify security natively
+      parameters: [],
+      requestBody,
+      responses,
+      extensions: {}
+    };
+  }
+};
+
+// src/parsers/graphql/index.ts
+var import_graphql = require("graphql");
+var GraphqlParser = class {
+  format = "graphql";
+  canParse(raw) {
+    return raw.format === "graphql" || raw.content.includes("type Query") || raw.content.includes("type Mutation");
+  }
+  async parse(raw) {
+    let ast;
+    try {
+      ast = (0, import_graphql.parse)(raw.content);
+    } catch (err) {
+      throw new ParseError("Failed to parse GraphQL spec", err.locations?.[0]?.line, err.locations?.[0]?.column, raw.sourcePath, err);
+    }
+    const meta = {
+      title: "GraphQL API",
+      version: "1.0.0",
+      format: "graphql",
+      rawVersion: "1"
+    };
+    const components = {
+      schemas: {},
+      securitySchemes: {},
+      parameters: {},
+      responses: {},
+      headers: {},
+      requestBodies: {}
+    };
+    const endpoints = [];
+    for (const def of ast.definitions) {
+      if (def.kind === "ObjectTypeDefinition" || def.kind === "InputObjectTypeDefinition" || def.kind === "InterfaceTypeDefinition") {
+        components.schemas[def.name.value] = this.typeDefToSchema(def);
+      } else if (def.kind === "EnumTypeDefinition") {
+        components.schemas[def.name.value] = this.enumDefToSchema(def);
+      }
+    }
+    for (const def of ast.definitions) {
+      if (def.kind === "ObjectTypeDefinition" && ["Query", "Mutation", "Subscription"].includes(def.name.value)) {
+        const typeName = def.name.value;
+        if (def.fields) {
+          for (const field of def.fields) {
+            endpoints.push(this.fieldToEndpoint(field, typeName));
+          }
+        }
+      }
+    }
+    return {
+      meta,
+      servers: [],
+      endpoints,
+      components,
+      security: []
+    };
+  }
+  typeDefToSchema(def) {
+    const properties = {};
+    const required = [];
+    if (def.fields) {
+      for (const field of def.fields) {
+        const fieldName = field.name.value;
+        properties[fieldName] = this.resolveTypeNode(field.type);
+        if (field.type.kind === "NonNullType") {
+          required.push(fieldName);
+        }
+      }
+    }
+    const schema = {
+      type: "object",
+      properties
+    };
+    if (required.length > 0) {
+      schema.required = required;
+    }
+    return schema;
+  }
+  enumDefToSchema(def) {
+    const values = def.values?.map((v) => v.name.value) || [];
+    return {
+      type: "string",
+      enum: values
+    };
+  }
+  resolveTypeNode(typeNode) {
+    if (typeNode.kind === "NonNullType") {
+      return this.resolveTypeNode(typeNode.type);
+    }
+    if (typeNode.kind === "ListType") {
+      return {
+        type: "array",
+        items: this.resolveTypeNode(typeNode.type)
+      };
+    }
+    const typeName = typeNode.name.value;
+    switch (typeName) {
+      case "Int":
+        return { type: "integer" };
+      case "Float":
+        return { type: "number" };
+      case "String":
+      case "ID":
+        return { type: "string" };
+      case "Boolean":
+        return { type: "boolean" };
+      default:
+        return {
+          type: "object",
+          $ref: `#/components/schemas/${typeName}`
+        };
+    }
+  }
+  fieldToEndpoint(field, parentType) {
+    const path = `${parentType}.${field.name.value}`;
+    const id = `POST:${path.toLowerCase()}`;
+    const parameters = [];
+    if (field.arguments) {
+      for (const arg of field.arguments) {
+        parameters.push({
+          name: arg.name.value,
+          in: "query",
+          // Map GraphQL args to 'query'
+          required: arg.type.kind === "NonNullType",
+          deprecated: !!arg.directives?.some((d) => d.name.value === "deprecated"),
+          description: arg.description?.value,
+          schema: this.resolveTypeNode(arg.type)
+        });
+      }
+    }
+    const responses = [
+      {
+        statusCode: "200",
+        description: "Successful response",
+        content: {
+          "application/graphql": {
+            schema: this.resolveTypeNode(field.type)
+          }
+        },
+        headers: {}
+      }
+    ];
+    return {
+      id,
+      path,
+      method: "POST",
+      summary: field.description?.value,
+      tags: [parentType],
+      deprecated: !!field.directives?.some((d) => d.name.value === "deprecated"),
+      security: [],
+      parameters,
+      responses,
+      extensions: {}
+    };
+  }
+};
+
+// src/parsers/index.ts
+var parsers = [
+  new OpenApi3Parser(),
+  new OpenApi2Parser(),
+  new ProtobufParser(),
+  new GraphqlParser()
+];
+function detectFormat(raw) {
+  if (raw.format) return raw.format;
+  const content = raw.content.trim();
+  if (content.startsWith('syntax = "proto')) return "protobuf";
+  if (content.includes("type Query") || content.includes("type Mutation")) return "graphql";
+  let parsed;
+  try {
+    parsed = JSON.parse(content);
+  } catch {
+    try {
+      parsed = import_js_yaml4.default.load(content);
+    } catch {
+    }
+  }
+  if (parsed && typeof parsed === "object") {
+    if (parsed.openapi && typeof parsed.openapi === "string" && parsed.openapi.startsWith("3.")) {
+      return "openapi3";
+    }
+    if (parsed.swagger && typeof parsed.swagger === "string" && parsed.swagger.startsWith("2.")) {
+      return "openapi2";
+    }
+  }
+  throw new FormatError("Could not detect format. Use --format openapi3|openapi2|protobuf|graphql");
+}
+async function parseSpec(raw) {
+  const format = detectFormat(raw);
+  const parser = parsers.find((p) => p.format === format);
+  if (!parser) {
+    throw new FormatError(`Parser for format '${format}' not implemented yet.`);
+  }
+  return parser.parse(raw);
+}
+
+// src/diff/schema-differ.ts
+function diffSchema(oldSchema, newSchema, path, changes) {
+  if (!oldSchema && !newSchema) return;
+  if (!oldSchema && newSchema) {
+    changes.push({ fieldPath: path, changeType: "added", newValue: newSchema });
+    return;
+  }
+  if (oldSchema && !newSchema) {
+    changes.push({ fieldPath: path, changeType: "removed", oldValue: oldSchema });
+    return;
+  }
+  if (oldSchema && newSchema) {
+    if (oldSchema.type !== newSchema.type) {
+      const oldTypes = Array.isArray(oldSchema.type) ? oldSchema.type : [oldSchema.type].filter(Boolean);
+      const newTypes = Array.isArray(newSchema.type) ? newSchema.type : [newSchema.type].filter(Boolean);
+      const oldTypeStr = oldTypes.sort().join(",");
+      const newTypeStr = newTypes.sort().join(",");
+      if (oldTypeStr !== newTypeStr) {
+        changes.push({ fieldPath: [...path, "type"], changeType: "changed", oldValue: oldSchema.type, newValue: newSchema.type });
+      }
+    }
+    if (oldSchema.nullable !== newSchema.nullable) {
+      changes.push({ fieldPath: [...path, "nullable"], changeType: "changed", oldValue: oldSchema.nullable, newValue: newSchema.nullable });
+    }
+    const oldReq = new Set(oldSchema.required || []);
+    const newReq = new Set(newSchema.required || []);
+    for (const req of newReq) {
+      if (!oldReq.has(req)) {
+        changes.push({ fieldPath: [...path, "required", req], changeType: "added", newValue: req });
+      }
+    }
+    for (const req of oldReq) {
+      if (!newReq.has(req)) {
+        changes.push({ fieldPath: [...path, "required", req], changeType: "removed", oldValue: req });
+      }
+    }
+    const oldEnum = new Set(oldSchema.enum || []);
+    const newEnum = new Set(newSchema.enum || []);
+    for (const val of newEnum) {
+      if (!oldEnum.has(val)) {
+        changes.push({ fieldPath: [...path, "enum", String(val)], changeType: "added", newValue: val });
+      }
+    }
+    for (const val of oldEnum) {
+      if (!newEnum.has(val)) {
+        changes.push({ fieldPath: [...path, "enum", String(val)], changeType: "removed", oldValue: val });
+      }
+    }
+    const oldProps = oldSchema.properties || {};
+    const newProps = newSchema.properties || {};
+    const allProps = /* @__PURE__ */ new Set([...Object.keys(oldProps), ...Object.keys(newProps)]);
+    for (const prop of allProps) {
+      diffSchema(oldProps[prop], newProps[prop], [...path, "properties", prop], changes);
+    }
+    if (oldSchema.items || newSchema.items) {
+      diffSchema(oldSchema.items, newSchema.items, [...path, "items"], changes);
+    }
+  }
+}
+
+// src/diff/auth-differ.ts
+function diffSecuritySchemes(oldSchemes, newSchemes) {
+  const diffs = [];
+  const oldMap = new Map(oldSchemes.map((s) => [s.id, s]));
+  const newMap = new Map(newSchemes.map((s) => [s.id, s]));
+  const allIds = /* @__PURE__ */ new Set([...oldMap.keys(), ...newMap.keys()]);
+  for (const id of allIds) {
+    const oldScheme = oldMap.get(id);
+    const newScheme = newMap.get(id);
+    if (oldScheme && !newScheme) {
+      diffs.push({ schemeId: id, changeType: "removed", fieldChanges: [] });
+    } else if (!oldScheme && newScheme) {
+      diffs.push({ schemeId: id, changeType: "added", fieldChanges: [] });
+    } else if (oldScheme && newScheme) {
+      const fieldChanges = [];
+      if (oldScheme.type !== newScheme.type) {
+        fieldChanges.push({ fieldPath: ["type"], changeType: "changed", oldValue: oldScheme.type, newValue: newScheme.type });
+      }
+      if (oldScheme.scheme !== newScheme.scheme) {
+        fieldChanges.push({ fieldPath: ["scheme"], changeType: "changed", oldValue: oldScheme.scheme, newValue: newScheme.scheme });
+      }
+      if (oldScheme.in !== newScheme.in) {
+        fieldChanges.push({ fieldPath: ["in"], changeType: "changed", oldValue: oldScheme.in, newValue: newScheme.in });
+      }
+      if (fieldChanges.length > 0) {
+        diffs.push({ schemeId: id, changeType: "changed", fieldChanges });
+      }
+    }
+  }
+  return diffs;
+}
+function diffSecurityRequirements(oldReqs, newReqs, path, changes) {
+  const oldSet = new Set(oldReqs.map((r) => r.schemeId));
+  const newSet = new Set(newReqs.map((r) => r.schemeId));
+  for (const schemeId of newSet) {
+    if (!oldSet.has(schemeId)) {
+      changes.push({ fieldPath: [...path, schemeId], changeType: "added", newValue: schemeId });
+    }
+  }
+  for (const schemeId of oldSet) {
+    if (!newSet.has(schemeId)) {
+      changes.push({ fieldPath: [...path, schemeId], changeType: "removed", oldValue: schemeId });
+    }
+  }
+  const oldMap = new Map(oldReqs.map((r) => [r.schemeId, new Set(r.scopes)]));
+  const newMap = new Map(newReqs.map((r) => [r.schemeId, new Set(r.scopes)]));
+  for (const [schemeId, oldScopes] of oldMap.entries()) {
+    const newScopes = newMap.get(schemeId);
+    if (newScopes) {
+      for (const scope of newScopes) {
+        if (!oldScopes.has(scope)) {
+          changes.push({ fieldPath: [...path, schemeId, "scopes", scope], changeType: "added", newValue: scope });
+        }
+      }
+      for (const scope of oldScopes) {
+        if (!newScopes.has(scope)) {
+          changes.push({ fieldPath: [...path, schemeId, "scopes", scope], changeType: "removed", oldValue: scope });
+        }
+      }
+    }
+  }
+}
+
+// src/diff/endpoint-differ.ts
+function diffEndpoints(oldEndpoints, newEndpoints) {
+  const diffs = [];
+  const oldMap = new Map(oldEndpoints.map((e) => [e.id, e]));
+  const newMap = new Map(newEndpoints.map((e) => [e.id, e]));
+  const allIds = /* @__PURE__ */ new Set([...oldMap.keys(), ...newMap.keys()]);
+  for (const id of allIds) {
+    const oldE = oldMap.get(id);
+    const newE = newMap.get(id);
+    if (oldE && !newE) {
+      diffs.push({ type: "removed", endpointId: id, path: oldE.path, method: oldE.method, oldEndpoint: oldE, fieldChanges: [] });
+    } else if (!oldE && newE) {
+      diffs.push({ type: "added", endpointId: id, path: newE.path, method: newE.method, newEndpoint: newE, fieldChanges: [] });
+    } else if (oldE && newE) {
+      const fieldChanges = [];
+      if (oldE.method !== newE.method) {
+        fieldChanges.push({ fieldPath: ["method"], changeType: "changed", oldValue: oldE.method, newValue: newE.method });
+      }
+      if (oldE.path !== newE.path) {
+        fieldChanges.push({ fieldPath: ["path"], changeType: "changed", oldValue: oldE.path, newValue: newE.path });
+      }
+      if (!!oldE.deprecated !== !!newE.deprecated) {
+        fieldChanges.push({ fieldPath: ["deprecated"], changeType: "changed", oldValue: !!oldE.deprecated, newValue: !!newE.deprecated });
+      }
+      diffSecurityRequirements(oldE.security, newE.security, ["security"], fieldChanges);
+      diffParameters(oldE.parameters, newE.parameters, ["parameters"], fieldChanges);
+      diffRequestBody(oldE.requestBody, newE.requestBody, ["requestBody"], fieldChanges);
+      diffResponses(oldE.responses, newE.responses, ["responses"], fieldChanges);
+      if (fieldChanges.length > 0) {
+        diffs.push({ type: "changed", endpointId: id, path: newE.path, method: newE.method, oldEndpoint: oldE, newEndpoint: newE, fieldChanges });
+      }
+    }
+  }
+  return diffs;
+}
+function diffParameters(oldParams, newParams, path, changes) {
+  const oldMap = new Map(oldParams.map((p) => [`${p.name}:${p.in}`, p]));
+  const newMap = new Map(newParams.map((p) => [`${p.name}:${p.in}`, p]));
+  const allIds = /* @__PURE__ */ new Set([...oldMap.keys(), ...newMap.keys()]);
+  for (const id of allIds) {
+    const o = oldMap.get(id);
+    const n = newMap.get(id);
+    if (o && !n) {
+      changes.push({ fieldPath: [...path, id], changeType: "removed", oldValue: o });
+    } else if (!o && n) {
+      changes.push({ fieldPath: [...path, id], changeType: "added", newValue: n });
+    } else if (o && n) {
+      if (!!o.required !== !!n.required) {
+        changes.push({ fieldPath: [...path, id, "required"], changeType: "changed", oldValue: !!o.required, newValue: !!n.required });
+      }
+      if (!!o.deprecated !== !!n.deprecated) {
+        changes.push({ fieldPath: [...path, id, "deprecated"], changeType: "changed", oldValue: !!o.deprecated, newValue: !!n.deprecated });
+      }
+      diffSchema(o.schema, n.schema, [...path, id, "schema"], changes);
+    }
+  }
+}
+function diffRequestBody(oldReq, newReq, path, changes) {
+  if (!oldReq && !newReq) return;
+  if (oldReq && !newReq) {
+    changes.push({ fieldPath: path, changeType: "removed", oldValue: oldReq });
+    return;
+  }
+  if (!oldReq && newReq) {
+    changes.push({ fieldPath: path, changeType: "added", newValue: newReq });
+    return;
+  }
+  if (oldReq && newReq) {
+    if (!!oldReq.required !== !!newReq.required) {
+      changes.push({ fieldPath: [...path, "required"], changeType: "changed", oldValue: !!oldReq.required, newValue: !!newReq.required });
+    }
+    const oldMedia = new Set(Object.keys(oldReq.content));
+    const newMedia = new Set(Object.keys(newReq.content));
+    for (const m of newMedia) {
+      if (!oldMedia.has(m)) changes.push({ fieldPath: [...path, "content", m], changeType: "added", newValue: newReq.content[m] });
+    }
+    for (const m of oldMedia) {
+      if (!newMedia.has(m)) {
+        changes.push({ fieldPath: [...path, "content", m], changeType: "removed", oldValue: oldReq.content[m] });
+      } else {
+        diffSchema(oldReq.content[m].schema, newReq.content[m].schema, [...path, "content", m, "schema"], changes);
+      }
+    }
+  }
+}
+function diffResponses(oldRes, newRes, path, changes) {
+  const oldMap = new Map(oldRes.map((r) => [r.statusCode, r]));
+  const newMap = new Map(newRes.map((r) => [r.statusCode, r]));
+  const allCodes = /* @__PURE__ */ new Set([...oldMap.keys(), ...newMap.keys()]);
+  for (const code of allCodes) {
+    const o = oldMap.get(code);
+    const n = newMap.get(code);
+    if (o && !n) {
+      changes.push({ fieldPath: [...path, code], changeType: "removed", oldValue: o });
+    } else if (!o && n) {
+      changes.push({ fieldPath: [...path, code], changeType: "added", newValue: n });
+    } else if (o && n) {
+      const oldMedia = new Set(Object.keys(o.content || {}));
+      const newMedia = new Set(Object.keys(n.content || {}));
+      for (const m of newMedia) {
+        if (!oldMedia.has(m)) changes.push({ fieldPath: [...path, code, "content", m], changeType: "added", newValue: n.content[m] });
+      }
+      for (const m of oldMedia) {
+        if (!newMedia.has(m)) {
+          changes.push({ fieldPath: [...path, code, "content", m], changeType: "removed", oldValue: o.content[m] });
+        } else {
+          diffSchema(o.content[m].schema, n.content[m].schema, [...path, code, "content", m, "schema"], changes);
+        }
+      }
+      const oldHeaders = new Set(Object.keys(o.headers || {}));
+      const newHeaders = new Set(Object.keys(n.headers || {}));
+      for (const h of newHeaders) {
+        if (!oldHeaders.has(h)) changes.push({ fieldPath: [...path, code, "headers", h], changeType: "added", newValue: n.headers[h] });
+      }
+      for (const h of oldHeaders) {
+        if (!newHeaders.has(h)) {
+          changes.push({ fieldPath: [...path, code, "headers", h], changeType: "removed", oldValue: o.headers[h] });
+        } else {
+          if (!!o.headers[h].required !== !!n.headers[h].required) {
+            changes.push({ fieldPath: [...path, code, "headers", h, "required"], changeType: "changed", oldValue: !!o.headers[h].required, newValue: !!n.headers[h].required });
+          }
+          diffSchema(o.headers[h].schema, n.headers[h].schema, [...path, code, "headers", h, "schema"], changes);
+        }
+      }
+    }
+  }
+}
+
+// src/diff/server-differ.ts
+function diffServers(oldServers, newServers) {
+  const diffs = [];
+  const oldUrls = new Set(oldServers.map((s) => s.url));
+  const newUrls = new Set(newServers.map((s) => s.url));
+  for (const server of oldServers) {
+    if (!newUrls.has(server.url)) {
+      diffs.push({ changeType: "removed", oldServer: server });
+    }
+  }
+  for (const server of newServers) {
+    if (!oldUrls.has(server.url)) {
+      diffs.push({ changeType: "added", newServer: server });
+    }
+  }
+  return diffs;
+}
+
+// src/diff/index.ts
+function computeDiff(oldAST, newAST) {
+  return {
+    endpointDiffs: diffEndpoints(oldAST.endpoints, newAST.endpoints),
+    schemaDiffs: [],
+    securityDiffs: diffSecuritySchemes(oldAST.security, newAST.security),
+    serverDiffs: diffServers(oldAST.servers, newAST.servers)
+  };
+}
+
+// src/rules/base.ts
+var BaseRule = class {
+  isIgnored(path, context) {
+    for (const glob of context.config.ignorePaths) {
+      if (this.matchGlob(path, glob)) return true;
+    }
+    return false;
+  }
+  matchGlob(path, glob) {
+    const regex = glob.replace(/\*/g, ".*").replace(/\//g, "\\/");
+    return new RegExp(`^${regex}$`).test(path);
+  }
+  makeChange(details, context) {
+    const { ruleId, ...rest } = details;
+    return {
+      ruleId: ruleId || this.id,
+      ...rest
+    };
+  }
+};
+
+// src/rules/auth/security-added.ts
+var SecurityAddedRule = class extends BaseRule {
+  id = "SECURITY_ADDED";
+  description = "Authentication added to previously public endpoint";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      const oldSec = ed.oldEndpoint?.security ?? [];
+      const newSec = ed.newEndpoint?.security ?? [];
+      if (oldSec.length === 0 && newSec.length > 0) {
+        const schemes = newSec.map((s) => s.schemeId).join(", ");
+        changes.push(this.makeChange({
+          severity: "breaking",
+          category: "authentication",
+          message: `${ed.method} ${ed.path} now requires authentication (${schemes}).`,
+          consequence: "Clients without credentials receive 401 Unauthorized.",
+          migration: `Add Authorization header with required credentials to all ${ed.method} ${ed.path} requests.`,
+          location: { path: ed.path, method: ed.method }
+        }, context));
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/endpoint/endpoint-removed.ts
+var EndpointRemovedRule = class extends BaseRule {
+  id = "ENDPOINT_REMOVED";
+  description = "An existing endpoint was removed entirely";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "removed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      changes.push(this.makeChange({
+        severity: "breaking",
+        category: "endpoint",
+        message: `Endpoint ${ed.method} ${ed.path} was removed.`,
+        consequence: "Clients calling this endpoint will receive a 404 Not Found error.",
+        migration: "Migrate clients to use an alternative endpoint before removing this one.",
+        location: { path: ed.path, method: ed.method }
+      }, context));
+    }
+    return changes;
+  }
+};
+
+// src/rules/endpoint/endpoint-added.ts
+var EndpointAddedRule = class extends BaseRule {
+  id = "ENDPOINT_ADDED";
+  description = "A new endpoint was added";
+  severity = "info";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "added") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      changes.push(this.makeChange({
+        severity: "info",
+        category: "endpoint",
+        message: `Endpoint ${ed.method} ${ed.path} was added.`,
+        consequence: "Clients can now use this new endpoint.",
+        migration: "No migration required.",
+        location: { path: ed.path, method: ed.method }
+      }, context));
+    }
+    return changes;
+  }
+};
+
+// src/rules/endpoint/endpoint-deprecated.ts
+var EndpointDeprecatedRule = class extends BaseRule {
+  id = "ENDPOINT_DEPRECATED";
+  description = "An existing endpoint was marked as deprecated";
+  severity = "warning";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      const deprecatedChange = ed.fieldChanges.find((c) => c.fieldPath[0] === "deprecated" && c.newValue === true && c.oldValue === false);
+      if (deprecatedChange) {
+        changes.push(this.makeChange({
+          severity: "warning",
+          category: "endpoint",
+          message: `Endpoint ${ed.method} ${ed.path} was deprecated.`,
+          consequence: "This endpoint is slated for future removal.",
+          migration: "Plan to migrate away from this endpoint to its recommended alternative.",
+          location: { path: ed.path, method: ed.method }
+        }, context));
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/endpoint/http-method-changed.ts
+var HttpMethodChangedRule = class extends BaseRule {
+  id = "HTTP_METHOD_CHANGED";
+  description = "The HTTP method for an endpoint changed";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      const methodChange = ed.fieldChanges.find((c) => c.fieldPath[0] === "method");
+      if (methodChange) {
+        changes.push(this.makeChange({
+          severity: "breaking",
+          category: "endpoint",
+          message: `Endpoint HTTP method changed from ${methodChange.oldValue} to ${methodChange.newValue}.`,
+          consequence: "Clients using the old HTTP method will fail.",
+          migration: `Update client requests to use the ${methodChange.newValue} method.`,
+          location: { path: ed.path, method: ed.method }
+        }, context));
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/endpoint/path-changed.ts
+var PathChangedRule = class extends BaseRule {
+  id = "PATH_CHANGED";
+  description = "The path string for an endpoint changed (e.g. parameter renamed)";
+  severity = "info";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      const pathChange = ed.fieldChanges.find((c) => c.fieldPath[0] === "path");
+      if (pathChange) {
+        changes.push(this.makeChange({
+          severity: "info",
+          category: "endpoint",
+          message: `Endpoint path changed from ${pathChange.oldValue} to ${pathChange.newValue}.`,
+          consequence: "Clients may need to update routing or parameter names.",
+          migration: "Review the path syntax changes.",
+          location: { path: ed.path, method: ed.method }
+        }, context));
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/response/response-field-removed.ts
+var ResponseFieldRemovedRule = class extends BaseRule {
+  id = "RESPONSE_FIELD_REMOVED";
+  description = "A field was removed from a response payload";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "responses" && fc.changeType === "removed") {
+          if (fc.fieldPath.includes("properties")) {
+            const fieldName = fc.fieldPath[fc.fieldPath.length - 1];
+            const statusCode = fc.fieldPath[1] || "unknown";
+            changes.push(this.makeChange({
+              severity: "breaking",
+              category: "response",
+              message: `Field '${fieldName}' was removed from the response.`,
+              consequence: `Clients depending on '${fieldName}' will encounter missing data errors.`,
+              migration: `Ensure clients no longer require '${fieldName}' before removing it.`,
+              location: { path: ed.path, method: ed.method, field: fieldName, statusCode }
+            }, context));
+          }
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/param/param-required-added.ts
+var ParamRequiredAddedRule = class extends BaseRule {
+  id = "PARAM_REQUIRED_FALSE_TO_TRUE";
+  description = "An optional parameter was made required";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "parameters" && fc.fieldPath[2] === "required" && fc.changeType === "changed") {
+          if (fc.oldValue === false && fc.newValue === true) {
+            const paramId = fc.fieldPath[1];
+            const [paramName, inLoc] = paramId.split(":");
+            changes.push(this.makeChange({
+              severity: "breaking",
+              category: "parameter",
+              message: `Optional parameter '${paramName}' in ${inLoc} is now required.`,
+              consequence: `Requests missing '${paramName}' will be rejected with a 400 Bad Request error.`,
+              migration: `Update all clients to include '${paramName}' in their requests.`,
+              location: { path: ed.path, method: ed.method, paramName, field: inLoc }
+            }, context));
+          }
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/param/param-removed.ts
+var ParamRemovedRule = class extends BaseRule {
+  id = "PARAM_REMOVED";
+  description = "A parameter was removed";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "parameters" && fc.fieldPath.length === 2 && fc.changeType === "removed") {
+          const paramId = fc.fieldPath[1];
+          const [paramName, inLoc] = paramId.split(":");
+          const isMoved = ed.fieldChanges.some((c) => c.fieldPath[0] === "parameters" && c.fieldPath.length === 2 && c.changeType === "added" && c.fieldPath[1].startsWith(`${paramName}:`));
+          if (isMoved) continue;
+          const oldParam = fc.oldValue;
+          if (oldParam.required) {
+            changes.push(this.makeChange({
+              severity: "breaking",
+              ruleId: "PARAM_REMOVED",
+              category: "parameter",
+              message: `Required parameter '${paramName}' in ${inLoc} was removed.`,
+              consequence: "Clients sending this parameter may experience errors or unexpected behavior if the server rejects unknown parameters.",
+              migration: `Update clients to stop sending the '${paramName}' parameter.`,
+              location: { path: ed.path, method: ed.method, paramName, field: inLoc }
+            }, context));
+          } else {
+            changes.push(this.makeChange({
+              severity: "warning",
+              ruleId: "PARAM_OPTIONAL_REMOVED",
+              category: "parameter",
+              message: `Optional parameter '${paramName}' in ${inLoc} was removed.`,
+              consequence: "Clients sending this parameter will have it ignored, or may receive errors if the server strictly validates inputs.",
+              migration: `Update clients to stop sending the '${paramName}' parameter.`,
+              location: { path: ed.path, method: ed.method, paramName, field: inLoc }
+            }, context));
+          }
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/param/param-added.ts
+var ParamAddedRule = class extends BaseRule {
+  id = "PARAM_ADDED";
+  description = "A new parameter was added";
+  severity = "info";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "parameters" && fc.fieldPath.length === 2 && fc.changeType === "added") {
+          const paramId = fc.fieldPath[1];
+          const [paramName, inLoc] = paramId.split(":");
+          const isMoved = ed.fieldChanges.some((c) => c.fieldPath[0] === "parameters" && c.fieldPath.length === 2 && c.changeType === "removed" && c.fieldPath[1].startsWith(`${paramName}:`));
+          if (isMoved) continue;
+          const newParam = fc.newValue;
+          if (newParam.required) {
+            changes.push(this.makeChange({
+              severity: "breaking",
+              ruleId: "PARAM_ADDED_REQUIRED",
+              category: "parameter",
+              message: `Required parameter '${paramName}' in ${inLoc} was added.`,
+              consequence: "Existing clients failing to send this new required parameter will receive 400 Bad Request errors.",
+              migration: `Update clients to include the '${paramName}' parameter.`,
+              location: { path: ed.path, method: ed.method, paramName, field: inLoc }
+            }, context));
+          } else {
+            changes.push(this.makeChange({
+              severity: "info",
+              ruleId: "PARAM_ADDED",
+              category: "parameter",
+              message: `Optional parameter '${paramName}' in ${inLoc} was added.`,
+              consequence: "Clients can optionally provide this new parameter for extended functionality.",
+              migration: "No immediate action required.",
+              location: { path: ed.path, method: ed.method, paramName, field: inLoc }
+            }, context));
+          }
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/param/param-deprecated.ts
+var ParamDeprecatedRule = class extends BaseRule {
+  id = "PARAM_DEPRECATED";
+  description = "A parameter was marked as deprecated";
+  severity = "warning";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "parameters" && fc.fieldPath[2] === "deprecated" && fc.changeType === "changed") {
+          if (fc.oldValue === false && fc.newValue === true) {
+            const paramId = fc.fieldPath[1];
+            const [paramName, inLoc] = paramId.split(":");
+            changes.push(this.makeChange({
+              severity: "warning",
+              category: "parameter",
+              message: `Parameter '${paramName}' in ${inLoc} was deprecated.`,
+              consequence: "This parameter is slated for future removal.",
+              migration: `Plan to migrate away from using '${paramName}'.`,
+              location: { path: ed.path, method: ed.method, paramName, field: inLoc }
+            }, context));
+          }
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/param/param-type-changed.ts
+var ParamTypeChangedRule = class extends BaseRule {
+  id = "PARAM_TYPE_CHANGED";
+  description = "The data type of a parameter changed";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "parameters" && fc.fieldPath[2] === "schema" && fc.fieldPath[3] === "type" && fc.changeType === "changed") {
+          const paramId = fc.fieldPath[1];
+          const [paramName, inLoc] = paramId.split(":");
+          changes.push(this.makeChange({
+            severity: "breaking",
+            category: "parameter",
+            message: `Parameter '${paramName}' in ${inLoc} changed type from ${fc.oldValue} to ${fc.newValue}.`,
+            consequence: "Clients sending the old type will receive validation errors.",
+            migration: `Update clients to send the new type (${fc.newValue}) for '${paramName}'.`,
+            location: { path: ed.path, method: ed.method, paramName, field: inLoc }
+          }, context));
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/param/param-location-changed.ts
+var ParamLocationChangedRule = class extends BaseRule {
+  id = "PARAM_LOCATION_CHANGED";
+  description = "A parameter was moved to a different location (e.g. query to header)";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      const removedParams = /* @__PURE__ */ new Map();
+      const addedParams = /* @__PURE__ */ new Map();
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "parameters" && fc.fieldPath.length === 2) {
+          const paramId = fc.fieldPath[1];
+          const [paramName, inLoc] = paramId.split(":");
+          if (fc.changeType === "removed") removedParams.set(paramName, inLoc);
+          if (fc.changeType === "added") addedParams.set(paramName, inLoc);
+        }
+      }
+      for (const [name, oldLoc] of removedParams.entries()) {
+        const newLoc = addedParams.get(name);
+        if (newLoc) {
+          changes.push(this.makeChange({
+            severity: "breaking",
+            category: "parameter",
+            message: `Parameter '${name}' moved from ${oldLoc} to ${newLoc}.`,
+            consequence: `Clients sending '${name}' in the ${oldLoc} will fail.`,
+            migration: `Update clients to send '${name}' in the ${newLoc} instead.`,
+            location: { path: ed.path, method: ed.method, paramName: name, field: oldLoc }
+          }, context));
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/param/param-enum-value-removed.ts
+var ParamEnumValueRemovedRule = class extends BaseRule {
+  id = "PARAM_ENUM_VALUE_REMOVED";
+  description = "An allowed enum value was removed from a parameter";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "parameters" && fc.fieldPath[2] === "schema" && fc.fieldPath.includes("enum") && fc.changeType === "removed") {
+          const paramId = fc.fieldPath[1];
+          const [paramName, inLoc] = paramId.split(":");
+          changes.push(this.makeChange({
+            severity: "breaking",
+            category: "parameter",
+            message: `Enum value '${fc.oldValue}' was removed from parameter '${paramName}' in ${inLoc}.`,
+            consequence: `Clients sending '${fc.oldValue}' will now receive validation errors.`,
+            migration: `Update clients to use one of the remaining allowed enum values for '${paramName}'.`,
+            location: { path: ed.path, method: ed.method, paramName, field: inLoc }
+          }, context));
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/param/param-enum-value-added.ts
+var ParamEnumValueAddedRule = class extends BaseRule {
+  id = "PARAM_ENUM_VALUE_ADDED";
+  description = "A new allowed enum value was added to a parameter";
+  severity = "info";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "parameters" && fc.fieldPath[2] === "schema" && fc.fieldPath.includes("enum") && fc.changeType === "added") {
+          const paramId = fc.fieldPath[1];
+          const [paramName, inLoc] = paramId.split(":");
+          changes.push(this.makeChange({
+            severity: "info",
+            category: "parameter",
+            message: `Enum value '${fc.newValue}' was added to parameter '${paramName}' in ${inLoc}.`,
+            consequence: `Clients can now optionally send '${fc.newValue}' for this parameter.`,
+            migration: "No immediate action required.",
+            location: { path: ed.path, method: ed.method, paramName, field: inLoc }
+          }, context));
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/param/param-required-true-to-false.ts
+var ParamRequiredTrueToFalseRule = class extends BaseRule {
+  id = "PARAM_REQUIRED_TRUE_TO_FALSE";
+  description = "A required parameter was made optional";
+  severity = "info";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "parameters" && fc.fieldPath[2] === "required" && fc.changeType === "changed") {
+          if (fc.oldValue === true && fc.newValue === false) {
+            const paramId = fc.fieldPath[1];
+            const [paramName, inLoc] = paramId.split(":");
+            changes.push(this.makeChange({
+              severity: "info",
+              category: "parameter",
+              message: `Required parameter '${paramName}' in ${inLoc} is now optional.`,
+              consequence: "Clients can omit this parameter in requests.",
+              migration: "Clients may stop sending this parameter if desired.",
+              location: { path: ed.path, method: ed.method, paramName, field: inLoc }
+            }, context));
+          }
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/request/request-body-added-required.ts
+var RequestBodyAddedRequiredRule = class extends BaseRule {
+  id = "REQUEST_BODY_ADDED_REQUIRED";
+  description = "A required request body was added";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "requestBody" && fc.fieldPath.length === 1 && fc.changeType === "added") {
+          const body = fc.newValue;
+          if (body.required) {
+            changes.push(this.makeChange({
+              severity: "breaking",
+              category: "request-body",
+              message: "A required request body was added.",
+              consequence: "Clients not sending a request body will now receive 400 Bad Request errors.",
+              migration: "Update clients to send the required request body.",
+              location: { path: ed.path, method: ed.method, field: "requestBody" }
+            }, context));
+          }
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/request/request-body-removed.ts
+var RequestBodyRemovedRule = class extends BaseRule {
+  id = "REQUEST_BODY_REMOVED";
+  description = "A request body was removed";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "requestBody" && fc.fieldPath.length === 1 && fc.changeType === "removed") {
+          changes.push(this.makeChange({
+            severity: "breaking",
+            category: "request-body",
+            message: "The request body was removed.",
+            consequence: "Clients sending a request body may experience errors if the server strictly validates requests.",
+            migration: "Update clients to stop sending a request body.",
+            location: { path: ed.path, method: ed.method, field: "requestBody" }
+          }, context));
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/request/request-content-type-added.ts
+var RequestContentTypeAddedRule = class extends BaseRule {
+  id = "REQUEST_CONTENT_TYPE_ADDED";
+  description = "A new content type was added to the request body";
+  severity = "info";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "requestBody" && fc.fieldPath[1] === "content" && fc.fieldPath.length === 3 && fc.changeType === "added") {
+          const mimeType = fc.fieldPath[2];
+          changes.push(this.makeChange({
+            severity: "info",
+            category: "request-body",
+            message: `Request content type '${mimeType}' was added.`,
+            consequence: "Clients can now use this new content type when sending requests.",
+            migration: "No immediate action required.",
+            location: { path: ed.path, method: ed.method, field: `requestBody.content['${mimeType}']` }
+          }, context));
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/request/request-content-type-removed.ts
+var RequestContentTypeRemovedRule = class extends BaseRule {
+  id = "REQUEST_CONTENT_TYPE_REMOVED";
+  description = "A content type was removed from the request body";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "requestBody" && fc.fieldPath[1] === "content" && fc.fieldPath.length === 3 && fc.changeType === "removed") {
+          const mimeType = fc.fieldPath[2];
+          changes.push(this.makeChange({
+            severity: "breaking",
+            category: "request-body",
+            message: `Request content type '${mimeType}' was removed.`,
+            consequence: `Clients sending requests with Content-Type '${mimeType}' will receive 415 Unsupported Media Type errors.`,
+            migration: `Update clients to use a supported content type instead of '${mimeType}'.`,
+            location: { path: ed.path, method: ed.method, field: `requestBody.content['${mimeType}']` }
+          }, context));
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/request/request-field-removed.ts
+var RequestFieldRemovedRule = class extends BaseRule {
+  id = "REQUEST_FIELD_REMOVED";
+  description = "A field was removed from the request body";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "requestBody" && fc.changeType === "removed") {
+          const propsIdx = fc.fieldPath.lastIndexOf("properties");
+          if (propsIdx !== -1 && fc.fieldPath.length === propsIdx + 2) {
+            const fieldName = fc.fieldPath[propsIdx + 1];
+            changes.push(this.makeChange({
+              severity: "breaking",
+              category: "request-body",
+              message: `Request body field '${fieldName}' was removed.`,
+              consequence: "Clients sending this field may experience errors if the server strictly validates requests.",
+              migration: `Update clients to stop sending the '${fieldName}' field.`,
+              location: { path: ed.path, method: ed.method, field: fc.fieldPath.join(".") }
+            }, context));
+          }
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/request/request-field-added-required.ts
+var RequestFieldAddedRequiredRule = class extends BaseRule {
+  id = "REQUEST_FIELD_ADDED_REQUIRED";
+  description = "A required field was added to the request body";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "requestBody" && fc.changeType === "added") {
+          const requiredIdx = fc.fieldPath.lastIndexOf("required");
+          if (requiredIdx !== -1 && fc.fieldPath.length === requiredIdx + 2) {
+            const fieldName = fc.fieldPath[requiredIdx + 1];
+            const propsPath = fc.fieldPath.slice(0, requiredIdx).concat(["properties", fieldName]).join(".");
+            const propAdded = ed.fieldChanges.some((c) => c.changeType === "added" && c.fieldPath.join(".") === propsPath);
+            if (propAdded) {
+              changes.push(this.makeChange({
+                severity: "breaking",
+                category: "request-body",
+                message: `Required request body field '${fieldName}' was added.`,
+                consequence: `Clients not sending the new '${fieldName}' field will receive validation errors.`,
+                migration: `Update clients to include the '${fieldName}' field in requests.`,
+                location: { path: ed.path, method: ed.method, field: propsPath }
+              }, context));
+            }
+          }
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/request/request-field-type-changed.ts
+var RequestFieldTypeChangedRule = class extends BaseRule {
+  id = "REQUEST_FIELD_TYPE_CHANGED";
+  description = "The data type of a request body field changed";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "requestBody" && fc.changeType === "changed") {
+          const typeIdx = fc.fieldPath.lastIndexOf("type");
+          if (typeIdx !== -1 && typeIdx === fc.fieldPath.length - 1) {
+            const propsIdx = fc.fieldPath.lastIndexOf("properties");
+            if (propsIdx !== -1 && typeIdx > propsIdx + 1) {
+              const fieldName = fc.fieldPath[propsIdx + 1];
+              changes.push(this.makeChange({
+                severity: "breaking",
+                category: "request-body",
+                message: `Request body field '${fieldName}' changed type from ${fc.oldValue} to ${fc.newValue}.`,
+                consequence: "Clients sending the old type will receive validation errors.",
+                migration: `Update clients to send the new type (${fc.newValue}) for '${fieldName}'.`,
+                location: { path: ed.path, method: ed.method, field: fc.fieldPath.slice(0, -1).join(".") }
+              }, context));
+            }
+          }
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/request/request-required-false-to-true.ts
+var RequestRequiredFalseToTrueRule = class extends BaseRule {
+  id = "REQUEST_REQUIRED_FALSE_TO_TRUE";
+  description = "An optional request body field was made required";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "requestBody") {
+          if (fc.fieldPath.length === 2 && fc.fieldPath[1] === "required" && fc.changeType === "changed" && fc.oldValue === false && fc.newValue === true) {
+            changes.push(this.makeChange({
+              severity: "breaking",
+              category: "request-body",
+              message: "The request body was made required.",
+              consequence: "Clients not sending a request body will now receive validation errors.",
+              migration: "Update clients to always send a request body.",
+              location: { path: ed.path, method: ed.method, field: "requestBody.required" }
+            }, context));
+          }
+          if (fc.changeType === "added") {
+            const requiredIdx = fc.fieldPath.lastIndexOf("required");
+            if (requiredIdx !== -1 && fc.fieldPath.length === requiredIdx + 2) {
+              const fieldName = fc.fieldPath[requiredIdx + 1];
+              const propsPath = fc.fieldPath.slice(0, requiredIdx).concat(["properties", fieldName]).join(".");
+              const propAdded = ed.fieldChanges.some((c) => c.changeType === "added" && c.fieldPath.join(".") === propsPath);
+              if (!propAdded) {
+                changes.push(this.makeChange({
+                  severity: "breaking",
+                  category: "request-body",
+                  message: `Optional request body field '${fieldName}' is now required.`,
+                  consequence: `Requests missing '${fieldName}' will now be rejected.`,
+                  migration: `Update clients to always include the '${fieldName}' field.`,
+                  location: { path: ed.path, method: ed.method, field: propsPath }
+                }, context));
+              }
+            }
+          }
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/response/response-field-added.ts
+var ResponseFieldAddedRule = class extends BaseRule {
+  id = "RESPONSE_FIELD_ADDED";
+  description = "A field was added to the response body";
+  severity = "info";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "responses" && fc.changeType === "added") {
+          const propsIdx = fc.fieldPath.lastIndexOf("properties");
+          if (propsIdx !== -1 && fc.fieldPath.length === propsIdx + 2) {
+            const fieldName = fc.fieldPath[propsIdx + 1];
+            changes.push(this.makeChange({
+              severity: "info",
+              category: "response",
+              message: `Response field '${fieldName}' was added to status code ${fc.fieldPath[1]}.`,
+              consequence: "Clients parsing responses strictly might fail if they do not ignore unknown fields.",
+              migration: "Clients should ensure their JSON parsers ignore unknown fields.",
+              location: { path: ed.path, method: ed.method, field: fc.fieldPath.join(".") }
+            }, context));
+          }
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/response/response-field-type-changed.ts
+var ResponseFieldTypeChangedRule = class extends BaseRule {
+  id = "RESPONSE_FIELD_TYPE_CHANGED";
+  description = "The data type of a response body field changed";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "responses" && fc.changeType === "changed") {
+          const typeIdx = fc.fieldPath.lastIndexOf("type");
+          if (typeIdx !== -1 && typeIdx === fc.fieldPath.length - 1) {
+            const propsIdx = fc.fieldPath.lastIndexOf("properties");
+            if (propsIdx !== -1 && typeIdx > propsIdx + 1) {
+              const fieldName = fc.fieldPath[propsIdx + 1];
+              changes.push(this.makeChange({
+                severity: "breaking",
+                category: "response",
+                message: `Response body field '${fieldName}' changed type from ${fc.oldValue} to ${fc.newValue} for status code ${fc.fieldPath[1]}.`,
+                consequence: "Clients expecting the old type will fail to parse the response.",
+                migration: `Update clients to expect the new type (${fc.newValue}) for '${fieldName}'.`,
+                location: { path: ed.path, method: ed.method, field: fc.fieldPath.slice(0, -1).join(".") }
+              }, context));
+            }
+          }
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/response/response-status-removed.ts
+var ResponseStatusRemovedRule = class extends BaseRule {
+  id = "RESPONSE_STATUS_REMOVED";
+  description = "A response status code was removed";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "responses" && fc.fieldPath.length === 2 && fc.changeType === "removed") {
+          const statusCode = fc.fieldPath[1];
+          changes.push(this.makeChange({
+            severity: "breaking",
+            category: "response",
+            message: `Response status code ${statusCode} was removed.`,
+            consequence: `Clients explicitly expecting a ${statusCode} response might fail or behave unexpectedly.`,
+            migration: `Update clients to no longer rely on the ${statusCode} response.`,
+            location: { path: ed.path, method: ed.method, field: `responses['${statusCode}']` }
+          }, context));
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/response/response-status-added.ts
+var ResponseStatusAddedRule = class extends BaseRule {
+  id = "RESPONSE_STATUS_ADDED";
+  description = "A response status code was added";
+  severity = "info";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "responses" && fc.fieldPath.length === 2 && fc.changeType === "added") {
+          const statusCode = fc.fieldPath[1];
+          changes.push(this.makeChange({
+            severity: "info",
+            category: "response",
+            message: `Response status code ${statusCode} was added.`,
+            consequence: `Clients may receive a ${statusCode} response they weren't previously expecting.`,
+            migration: `Update clients to gracefully handle the ${statusCode} response.`,
+            location: { path: ed.path, method: ed.method, field: `responses['${statusCode}']` }
+          }, context));
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/response/response-media-type-removed.ts
+var ResponseMediaTypeRemovedRule = class extends BaseRule {
+  id = "RESPONSE_MEDIA_TYPE_REMOVED";
+  description = "A response media type was removed";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "responses" && fc.fieldPath[2] === "content" && fc.fieldPath.length === 4 && fc.changeType === "removed") {
+          const statusCode = fc.fieldPath[1];
+          const mediaType = fc.fieldPath[3];
+          changes.push(this.makeChange({
+            severity: "breaking",
+            category: "response",
+            message: `Response media type '${mediaType}' was removed for status code ${statusCode}.`,
+            consequence: `Clients requesting '${mediaType}' will no longer receive it and may fail to process the response.`,
+            migration: `Update clients to accept one of the remaining supported media types.`,
+            location: { path: ed.path, method: ed.method, field: fc.fieldPath.join(".") }
+          }, context));
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/response/response-media-type-added.ts
+var ResponseMediaTypeAddedRule = class extends BaseRule {
+  id = "RESPONSE_MEDIA_TYPE_ADDED";
+  description = "A response media type was added";
+  severity = "info";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "responses" && fc.fieldPath[2] === "content" && fc.fieldPath.length === 4 && fc.changeType === "added") {
+          const statusCode = fc.fieldPath[1];
+          const mediaType = fc.fieldPath[3];
+          changes.push(this.makeChange({
+            severity: "info",
+            category: "response",
+            message: `Response media type '${mediaType}' was added to status code ${statusCode}.`,
+            consequence: "Clients can now request the new media type.",
+            migration: `Update clients to request '${mediaType}' if desired.`,
+            location: { path: ed.path, method: ed.method, field: fc.fieldPath.join(".") }
+          }, context));
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/response/response-header-removed.ts
+var ResponseHeaderRemovedRule = class extends BaseRule {
+  id = "RESPONSE_HEADER_REMOVED";
+  description = "A response header was removed";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "responses" && fc.fieldPath[2] === "headers" && fc.fieldPath.length === 4 && fc.changeType === "removed") {
+          const statusCode = fc.fieldPath[1];
+          const headerName = fc.fieldPath[3];
+          changes.push(this.makeChange({
+            severity: "breaking",
+            category: "response",
+            message: `Response header '${headerName}' was removed from status code ${statusCode}.`,
+            consequence: `Clients depending on the '${headerName}' header will no longer receive it.`,
+            migration: `Update clients to not expect the '${headerName}' header.`,
+            location: { path: ed.path, method: ed.method, field: fc.fieldPath.join(".") }
+          }, context));
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/response/response-header-added-required.ts
+var ResponseHeaderAddedRequiredRule = class extends BaseRule {
+  id = "RESPONSE_HEADER_ADDED_REQUIRED";
+  description = "A required response header was added";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "responses" && fc.fieldPath[2] === "headers" && fc.changeType === "added" && fc.fieldPath.length === 4) {
+          const statusCode = fc.fieldPath[1];
+          const headerName = fc.fieldPath[3];
+          const headerDef = fc.newValue;
+          if (headerDef.required) {
+            changes.push(this.makeChange({
+              severity: "breaking",
+              category: "response",
+              message: `Required response header '${headerName}' was added to status code ${statusCode}.`,
+              consequence: `Clients not designed to handle the new required header may fail or reject the response.`,
+              migration: `Update clients to accept and process the new '${headerName}' header.`,
+              location: { path: ed.path, method: ed.method, field: fc.fieldPath.join(".") }
+            }, context));
+          }
+        } else if (fc.fieldPath[0] === "responses" && fc.fieldPath[2] === "headers" && fc.fieldPath[4] === "required" && fc.changeType === "changed" && fc.oldValue === false && fc.newValue === true) {
+          const statusCode = fc.fieldPath[1];
+          const headerName = fc.fieldPath[3];
+          changes.push(this.makeChange({
+            severity: "breaking",
+            category: "response",
+            message: `Optional response header '${headerName}' was made required for status code ${statusCode}.`,
+            consequence: `Clients not designed to handle the required header may fail or reject the response.`,
+            migration: `Update clients to accept and process the '${headerName}' header.`,
+            location: { path: ed.path, method: ed.method, field: fc.fieldPath.join(".") }
+          }, context));
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/auth/security-removed.ts
+var SecurityRemovedRule = class extends BaseRule {
+  id = "SECURITY_REMOVED";
+  description = "A global security scheme was removed";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const sd of diff.securityDiffs) {
+      if (sd.changeType === "removed") {
+        changes.push(this.makeChange({
+          severity: "breaking",
+          category: "authentication",
+          message: `Security scheme '${sd.schemeId}' was removed.`,
+          consequence: `Clients using '${sd.schemeId}' for authentication will fail to authenticate.`,
+          migration: `Update clients to use a different, supported security scheme.`,
+          location: { field: `securitySchemes['${sd.schemeId}']` }
+        }, context));
+      }
+    }
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "security" && fc.fieldPath.length === 2 && fc.changeType === "removed") {
+          const schemeId = fc.oldValue;
+          changes.push(this.makeChange({
+            severity: "breaking",
+            category: "authentication",
+            message: `Security requirement '${schemeId}' was removed from the endpoint.`,
+            consequence: `Clients trying to authenticate with '${schemeId}' might fail if the server no longer accepts it.`,
+            migration: `Update clients to use one of the remaining security requirements.`,
+            location: { path: ed.path, method: ed.method, field: `security['${schemeId}']` }
+          }, context));
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/auth/security-scheme-type-changed.ts
+var SecuritySchemeTypeChangedRule = class extends BaseRule {
+  id = "SECURITY_SCHEME_TYPE_CHANGED";
+  description = "The type of a security scheme was changed";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const sd of diff.securityDiffs) {
+      if (sd.changeType === "changed") {
+        for (const fc of sd.fieldChanges) {
+          if (fc.fieldPath[0] === "type") {
+            changes.push(this.makeChange({
+              severity: "breaking",
+              category: "authentication",
+              message: `Security scheme '${sd.schemeId}' changed type from '${fc.oldValue}' to '${fc.newValue}'.`,
+              consequence: `Clients using the old authentication type will fail to authenticate.`,
+              migration: `Update clients to authenticate using the new type '${fc.newValue}'.`,
+              location: { field: `securitySchemes['${sd.schemeId}'].type` }
+            }, context));
+          }
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/auth/oauth-scope-removed.ts
+var OauthScopeRemovedRule = class extends BaseRule {
+  id = "OAUTH_SCOPE_REMOVED";
+  description = "An OAuth scope was removed from a security requirement";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const ed of diff.endpointDiffs) {
+      if (ed.type !== "changed") continue;
+      if (this.isIgnored(ed.path, context)) continue;
+      for (const fc of ed.fieldChanges) {
+        if (fc.fieldPath[0] === "security" && fc.fieldPath[2] === "scopes" && fc.changeType === "removed") {
+          const schemeId = fc.fieldPath[1];
+          const scope = fc.oldValue;
+          changes.push(this.makeChange({
+            severity: "breaking",
+            category: "authentication",
+            message: `OAuth scope '${scope}' was removed from security requirement '${schemeId}'.`,
+            consequence: `Tokens granted with only the '${scope}' scope may no longer be accepted.`,
+            migration: `Ensure clients request one of the remaining supported scopes.`,
+            location: { path: ed.path, method: ed.method, field: fc.fieldPath.join(".") }
+          }, context));
+        }
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/meta/server-removed.ts
+var ServerRemovedRule = class extends BaseRule {
+  id = "SERVER_REMOVED";
+  description = "A server was removed from the API";
+  severity = "breaking";
+  apply(diff, context) {
+    const changes = [];
+    for (const sd of diff.serverDiffs) {
+      if (sd.changeType === "removed" && sd.oldServer) {
+        changes.push(this.makeChange({
+          severity: "breaking",
+          category: "server",
+          message: `Server URL '${sd.oldServer.url}' was removed.`,
+          consequence: `Clients routing traffic to '${sd.oldServer.url}' will eventually fail if the server is decommissioned.`,
+          migration: `Update clients to use one of the remaining server URLs.`,
+          location: { field: `servers` }
+        }, context));
+      }
+    }
+    return changes;
+  }
+};
+
+// src/rules/index.ts
+var BUILT_IN_RULES = [
+  new SecurityAddedRule(),
+  new EndpointRemovedRule(),
+  new EndpointAddedRule(),
+  new EndpointDeprecatedRule(),
+  new HttpMethodChangedRule(),
+  new PathChangedRule(),
+  new ResponseFieldRemovedRule(),
+  new ParamRequiredAddedRule(),
+  new ParamRemovedRule(),
+  new ParamAddedRule(),
+  new ParamDeprecatedRule(),
+  new ParamTypeChangedRule(),
+  new ParamLocationChangedRule(),
+  new ParamEnumValueRemovedRule(),
+  new ParamEnumValueAddedRule(),
+  new ParamRequiredTrueToFalseRule(),
+  new RequestBodyAddedRequiredRule(),
+  new RequestBodyRemovedRule(),
+  new RequestContentTypeAddedRule(),
+  new RequestContentTypeRemovedRule(),
+  new RequestFieldRemovedRule(),
+  new RequestFieldAddedRequiredRule(),
+  new RequestFieldTypeChangedRule(),
+  new RequestRequiredFalseToTrueRule(),
+  new ResponseFieldAddedRule(),
+  new ResponseFieldTypeChangedRule(),
+  new ResponseStatusRemovedRule(),
+  new ResponseStatusAddedRule(),
+  new ResponseMediaTypeRemovedRule(),
+  new ResponseMediaTypeAddedRule(),
+  new ResponseHeaderRemovedRule(),
+  new ResponseHeaderAddedRequiredRule(),
+  new SecurityRemovedRule(),
+  new SecuritySchemeTypeChangedRule(),
+  new OauthScopeRemovedRule(),
+  new ServerRemovedRule()
+];
+function runRules(diff, context) {
+  const enabledRules = BUILT_IN_RULES.filter(
+    (r) => !context.config.disabledRules.includes(r.id)
+  );
+  return enabledRules.flatMap((r) => r.apply(diff, context));
+}
+
+// src/config/index.ts
+var import_node_fs4 = require("fs");
+var import_node_path3 = require("path");
+var DEFAULT_CONFIG = {
+  failOn: "breaking",
+  ignorePaths: [],
+  ruleSeverityOverrides: {},
+  disabledRules: [],
+  customRules: [],
+  output: {
+    format: "terminal",
+    color: true,
+    summary: false,
+    quiet: false
+  }
+};
+async function loadConfig(options) {
+  let config = { ...DEFAULT_CONFIG, output: { ...DEFAULT_CONFIG.output } };
+  if (options.config) {
+    const configPath = (0, import_node_path3.resolve)(process.cwd(), options.config);
+    if ((0, import_node_fs4.existsSync)(configPath)) {
+      const fileContent = (0, import_node_fs4.readFileSync)(configPath, "utf8");
+      try {
+        const fileConfig = JSON.parse(fileContent);
+        config = { ...config, ...fileConfig, output: { ...config.output, ...fileConfig.output || {} } };
+      } catch (e) {
+        throw new Error(`Failed to parse config file at ${configPath}`);
+      }
+    } else {
+      throw new Error(`Config file not found at ${configPath}`);
+    }
+  }
+  if (options.format) config.output.format = options.format;
+  if (options.failOn) config.failOn = options.failOn;
+  if (options.ignorePath && options.ignorePath.length > 0) {
+    config.ignorePaths = [...config.ignorePaths, ...options.ignorePath];
+  }
+  return config;
+}
+
+// src/types/config.ts
+var DEFAULT_CONFIG2 = {
+  failOn: "breaking",
+  ignorePaths: [],
+  ruleSeverityOverrides: {},
+  disabledRules: [],
+  customRules: [],
+  output: {
+    format: "terminal",
+    color: true,
+    summary: false,
+    quiet: false
+  }
+};
+
+// src/output/terminal.ts
+var import_chalk = __toESM(require("chalk"), 1);
+var SEVERITY_ICONS = {
+  breaking: import_chalk.default.red("\u274C"),
+  warning: import_chalk.default.yellow("\u26A0\uFE0F "),
+  info: import_chalk.default.blue("\u2139 ")
+};
+var SEVERITY_COLORS = {
+  breaking: import_chalk.default.red,
+  warning: import_chalk.default.yellow,
+  info: import_chalk.default.blue
+};
+function formatTerminal(changes) {
+  if (changes.length === 0) {
+    return import_chalk.default.green("No changes detected.\n");
+  }
+  let output = "";
+  for (const c of changes) {
+    const icon = SEVERITY_ICONS[c.severity] || SEVERITY_ICONS.info;
+    const color = SEVERITY_COLORS[c.severity] || SEVERITY_COLORS.info;
+    let locStr = `${c.location.method} ${c.location.path}`;
+    if (c.location.paramName) locStr += ` (param: ${c.location.paramName})`;
+    if (c.location.field) locStr += ` (field: ${c.location.field})`;
+    output += `${icon} ${color(c.message)}
+`;
+    output += `   Location: ${locStr}
+`;
+    output += `   Consequence: ${c.consequence}
+`;
+    output += `   Migration: ${c.migration}
+
+`;
+  }
+  return output;
+}
+
+// src/output/json.ts
+function formatJson(changes) {
+  return JSON.stringify({ changes }, null, 2);
+}
+
+// src/output/markdown.ts
+var SEVERITY_EMOJI = {
+  breaking: "\u274C",
+  warning: "\u26A0\uFE0F",
+  info: "\u2139\uFE0F"
+};
+function formatMarkdown(changes) {
+  if (changes.length === 0) {
+    return "No changes detected.\n";
+  }
+  let md = "## API Changes\n\n";
+  for (const c of changes) {
+    const emoji = SEVERITY_EMOJI[c.severity] || SEVERITY_EMOJI.info;
+    let locStr = `**${c.location.method}** \`${c.location.path}\``;
+    if (c.location.paramName) locStr += ` (param: \`${c.location.paramName}\`)`;
+    if (c.location.field) locStr += ` (field: \`${c.location.field}\`)`;
+    md += `### ${emoji} ${c.message}
+`;
+    md += `- **Location:** ${locStr}
+`;
+    md += `- **Consequence:** ${c.consequence}
+`;
+    md += `- **Migration:** ${c.migration}
+
+`;
+  }
+  return md;
+}
+
+// src/output/html.ts
+function formatHtml(changes) {
+  const breaking = changes.filter((c) => c.severity === "breaking");
+  const warning = changes.filter((c) => c.severity === "warning");
+  const info = changes.filter((c) => c.severity === "info");
+  return `
+<!DOCTYPE html>
+<html lang="en">
+<head>
+<meta charset="UTF-8">
+<meta name="viewport" content="width=device-width, initial-scale=1.0">
+<title>Semantic API Diff Report</title>
+<style>
+  body {
+    font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, Helvetica, Arial, sans-serif;
+    line-height: 1.6;
+    color: #333;
+    max-width: 900px;
+    margin: 0 auto;
+    padding: 2rem;
+    background: #f9f9f9;
+  }
+  h1 {
+    color: #222;
+    border-bottom: 2px solid #eaeaea;
+    padding-bottom: 0.5rem;
+  }
+  .summary {
+    display: flex;
+    gap: 1rem;
+    margin: 2rem 0;
+  }
+  .stat-card {
+    background: white;
+    padding: 1.5rem;
+    border-radius: 8px;
+    box-shadow: 0 2px 5px rgba(0,0,0,0.05);
+    flex: 1;
+    text-align: center;
+    border-top: 4px solid #ccc;
+  }
+  .stat-card.breaking { border-top-color: #e53e3e; }
+  .stat-card.warning { border-top-color: #d69e2e; }
+  .stat-card.info { border-top-color: #3182ce; }
+  .stat-card .value {
+    font-size: 2rem;
+    font-weight: bold;
+    margin: 0.5rem 0;
+  }
+  .stat-card .label {
+    text-transform: uppercase;
+    font-size: 0.8rem;
+    letter-spacing: 0.05em;
+    color: #666;
+  }
+  .change-list {
+    list-style: none;
+    padding: 0;
+  }
+  .change-item {
+    background: white;
+    margin-bottom: 1rem;
+    border-radius: 6px;
+    box-shadow: 0 1px 3px rgba(0,0,0,0.1);
+    overflow: hidden;
+  }
+  .change-header {
+    padding: 1rem;
+    cursor: pointer;
+    display: flex;
+    justify-content: space-between;
+    align-items: center;
+    background: #fff;
+    border-left: 4px solid #ccc;
+  }
+  .change-item.breaking .change-header { border-left-color: #e53e3e; }
+  .change-item.warning .change-header { border-left-color: #d69e2e; }
+  .change-item.info .change-header { border-left-color: #3182ce; }
+  
+  .change-title {
+    font-weight: 600;
+  }
+  .change-body {
+    padding: 1rem;
+    border-top: 1px solid #eaeaea;
+    background: #fafafa;
+    display: none;
+  }
+  .open .change-body {
+    display: block;
+  }
+  .badge {
+    padding: 0.25rem 0.5rem;
+    border-radius: 9999px;
+    font-size: 0.75rem;
+    font-weight: bold;
+    background: #eee;
+  }
+  .badge.breaking { background: #fee2e2; color: #991b1b; }
+  .badge.warning { background: #fef3c7; color: #92400e; }
+  .badge.info { background: #dbeafe; color: #1e40af; }
+  
+  .detail-row {
+    margin-bottom: 0.5rem;
+  }
+  .detail-label {
+    font-weight: 600;
+    color: #555;
+    width: 100px;
+    display: inline-block;
+  }
+  code {
+    background: #edf2f7;
+    padding: 0.1rem 0.3rem;
+    border-radius: 3px;
+    font-family: ui-monospace, SFMono-Regular, Menlo, Monaco, Consolas, "Liberation Mono", "Courier New", monospace;
+    font-size: 0.9em;
+  }
+</style>
+<script>
+  function toggleChange(el) {
+    el.parentElement.classList.toggle('open');
+  }
+</script>
+</head>
+<body>
+
+<h1>API Diff Report</h1>
+
+<div class="summary">
+  <div class="stat-card breaking">
+    <div class="label">Breaking</div>
+    <div class="value">${breaking.length}</div>
+  </div>
+  <div class="stat-card warning">
+    <div class="label">Warnings</div>
+    <div class="value">${warning.length}</div>
+  </div>
+  <div class="stat-card info">
+    <div class="label">Info</div>
+    <div class="value">${info.length}</div>
+  </div>
+</div>
+
+<h2>All Changes</h2>
+<ul class="change-list">
+  ${changes.map(renderChange).join("\n")}
+</ul>
+
+</body>
+</html>
+  `.trim();
+}
+function renderChange(c) {
+  let locStr = `<code>${c.location.method} ${c.location.path}</code>`;
+  if (c.location.paramName) locStr += ` (param: <code>${c.location.paramName}</code>)`;
+  if (c.location.field) locStr += ` (field: <code>${c.location.field}</code>)`;
+  return `
+  <li class="change-item ${c.severity}">
+    <div class="change-header" onclick="toggleChange(this)">
+      <div class="change-title">${c.message}</div>
+      <span class="badge ${c.severity}">${c.severity}</span>
+    </div>
+    <div class="change-body">
+      <div class="detail-row"><span class="detail-label">Location:</span> ${locStr}</div>
+      <div class="detail-row"><span class="detail-label">Category:</span> ${c.category}</div>
+      <div class="detail-row"><span class="detail-label">Rule:</span> <code>${c.ruleId}</code></div>
+      ${c.consequence ? `<div class="detail-row"><span class="detail-label">Impact:</span> ${c.consequence}</div>` : ""}
+      ${c.migration ? `<div class="detail-row"><span class="detail-label">Migration:</span> ${c.migration}</div>` : ""}
+    </div>
+  </li>
+  `;
+}
+
+// src/output/index.ts
+function formatOutput(changes, format) {
+  switch (format) {
+    case "json":
+      return formatJson(changes);
+    case "markdown":
+      return formatMarkdown(changes);
+    case "html":
+      return formatHtml(changes);
+    case "terminal":
+    default:
+      return formatTerminal(changes);
+  }
+}
+
+// src/index.ts
+async function runContent(oldContent, newContent, config = {}) {
+  const fullConfig = { ...DEFAULT_CONFIG, ...config };
+  const startMs = Date.now();
+  const [oldAST, newAST] = await Promise.all([
+    parseSpec({ content: oldContent }),
+    parseSpec({ content: newContent })
+  ]);
+  const diffSet = computeDiff(oldAST, newAST);
+  const allChanges = runRules(diffSet, { oldAST, newAST, config: fullConfig });
+  const changes = filterChanges(allChanges, fullConfig);
+  return {
+    changes,
+    stats: computeStats(changes),
+    oldSpecMeta: oldAST.meta,
+    newSpecMeta: newAST.meta,
+    durationMs: Date.now() - startMs
+  };
+}
+async function run(oldSource, newSource, config = {}) {
+  const fullConfig = { ...DEFAULT_CONFIG, ...config };
+  const startMs = Date.now();
+  const [oldRaw, newRaw] = await Promise.all([
+    loadSpec(oldSource),
+    loadSpec(newSource)
+  ]);
+  const [oldAST, newAST] = await Promise.all([
+    parseSpec(oldRaw),
+    parseSpec(newRaw)
+  ]);
+  const diffSet = computeDiff(oldAST, newAST);
+  const allChanges = runRules(diffSet, { oldAST, newAST, config: fullConfig });
+  const changes = filterChanges(allChanges, fullConfig);
+  return {
+    changes,
+    stats: computeStats(changes),
+    oldSpecMeta: oldAST.meta,
+    newSpecMeta: newAST.meta,
+    durationMs: Date.now() - startMs
+  };
+}
+function filterChanges(changes, config) {
+  return changes;
+}
+function computeStats(changes) {
+  const stats = { breaking: 0, warning: 0, info: 0, total: 0 };
+  for (const c of changes) {
+    if (c.severity === "breaking") stats.breaking++;
+    else if (c.severity === "warning") stats.warning++;
+    else stats.info++;
+    stats.total++;
+  }
+  return stats;
+}
+// Annotate the CommonJS export names for ESM import in node:
+0 && (module.exports = {
+  ApidiffError,
+  ConfigError,
+  DEFAULT_CONFIG,
+  FormatError,
+  LoadError,
+  ParseError,
+  RefError,
+  formatOutput,
+  loadConfig,
+  run,
+  runContent
+});