@basou/core 0.3.1

package/dist/index.d.ts

@@ -0,0 +1,2909 @@
+import { z } from 'zod';
+import { ChildProcess } from 'node:child_process';
+
+/**
+ * Allowed ID type prefixes for Basou entities.
+ *
+ * Frozen at runtime so that mutating the exported array cannot diverge from
+ * the validation set used internally. The single source of truth for both
+ * the `IdPrefix` type and runtime prefix checks.
+ */
+declare const ID_PREFIXES: readonly ["ws", "task", "ses", "evt", "appr", "decision"];
+/**
+ * Type prefix used for Basou entity IDs.
+ * Format: `<prefix>_<26-char ULID>`, e.g. `ws_01HXABCDEF1234567890ABCDEF`.
+ */
+type IdPrefix = (typeof ID_PREFIXES)[number];
+/**
+ * A Basou entity ID as a template literal type.
+ *
+ * `PrefixedId<"ses">` narrows to ``ses_${string}`` so a session schema can
+ * preserve the prefix in its inferred type beyond runtime validation.
+ */
+type PrefixedId<P extends IdPrefix = IdPrefix> = `${P}_${string}`;
+/**
+ * Generate a Crockford Base32 ULID.
+ *
+ * The result is a 26-character, lexicographically time-sortable identifier.
+ * Multiple calls within the same millisecond are strictly increasing for the
+ * lifetime of the current process.
+ *
+ * NOTE: `seedTime` is forwarded to the underlying monotonic factory and is
+ * NOT a deterministic seed: repeated calls with the same `seedTime` still
+ * return strictly increasing values, because the factory increments its
+ * internal counter on each call.
+ *
+ * @param seedTime Optional millisecond timestamp passed to the monotonic
+ *   factory. Useful for ordered generation in tests; not deterministic.
+ */
+declare function ulid(seedTime?: number): string;
+/**
+ * Generate a prefixed Basou ID, e.g. `ses_01HXABCDEF1234567890ABCDEF`.
+ *
+ * The return type preserves the prefix as a template literal type so that
+ * downstream zod schemas can narrow an `IdPrefix` parameter through the API.
+ *
+ * Throws if `prefix` is not one of {@link ID_PREFIXES}. The runtime guard
+ * defends against JavaScript callers and casted TypeScript that bypass the
+ * compile-time `IdPrefix` constraint.
+ */
+declare function prefixedUlid<P extends IdPrefix>(prefix: P): PrefixedId<P>;
+/**
+ * Check whether the given string is a valid prefixed Basou ID.
+ *
+ * Returns true only if the string has shape `<prefix>_<ULID>` where prefix is
+ * one of {@link ID_PREFIXES} and the trailing 26 characters form a valid
+ * Crockford Base32 ULID. Validation combines a strict shape regex (to enforce
+ * the 0-7 leading char and the I/L/O/U exclusion) with the npm `ulid`
+ * library's `isValid` for forward compatibility.
+ *
+ * NOTE: This validates the prefix is known. Schemas that require a specific
+ * prefix (e.g. only `ses_*` for a session ID) must add their own narrowing.
+ */
+declare function isValidPrefixedId(value: string): boolean;
+
+/**
+ * Schema version literal pinned to "0.1.0" for Basou v0.1.
+ * Reused across every entity schema so inferred types narrow to the literal.
+ */
+declare const SchemaVersionSchema: z.ZodLiteral<"0.1.0">;
+/**
+ * ISO 8601 timestamp with explicit timezone offset (e.g. `+09:00`).
+ *
+ * The spec samples include offsets, so the default zod `.datetime()` (which
+ * rejects offsets) is insufficient; `{ offset: true }` is required.
+ */
+declare const IsoTimestampSchema: z.ZodString;
+/** Workspace ID schema: validates `ws_<26-char ULID>`. */
+declare const WorkspaceIdSchema: z.ZodString & z.ZodType<`ws_${string}`, string, z.core.$ZodTypeInternals<`ws_${string}`, string>>;
+/** Task ID schema: validates `task_<26-char ULID>`. */
+declare const TaskIdSchema: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+/** Session ID schema: validates `ses_<26-char ULID>`. */
+declare const SessionIdSchema: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+/** Event ID schema: validates `evt_<26-char ULID>`. */
+declare const EventIdSchema: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+/** Approval ID schema: validates `appr_<26-char ULID>`. */
+declare const ApprovalIdSchema: z.ZodString & z.ZodType<`appr_${string}`, string, z.core.$ZodTypeInternals<`appr_${string}`, string>>;
+/** Decision ID schema: validates `decision_<26-char ULID>`. */
+declare const DecisionIdSchema: z.ZodString & z.ZodType<`decision_${string}`, string, z.core.$ZodTypeInternals<`decision_${string}`, string>>;
+/**
+ * Risk level vocabulary fixed by the spec. Adapters MUST emit one of these
+ * four values; arbitrary strings are rejected at schema parse time.
+ */
+declare const RiskLevelSchema: z.ZodEnum<{
+    low: "low";
+    medium: "medium";
+    high: "high";
+    critical: "critical";
+}>;
+/** Inferred runtime type for {@link RiskLevelSchema}. */
+type RiskLevel = z.infer<typeof RiskLevelSchema>;
+/**
+ * Source attribution for events (e.g. "claude-code-adapter",
+ * "git-capability", "terminal-recording", "local-cli", "human"). Free-form
+ * non-empty string in v0.1; a stricter enum may be introduced post-v0.1.
+ */
+declare const EventSourceSchema: z.ZodString;
+
+/**
+ * Schema for `.basou/manifest.yaml`. The minimal manifest carries
+ * schema_version, basou_version, workspace metadata, project info, enabled
+ * capabilities, approval policy, adapter config, and git policy. The
+ * `adapters."claude-code"` key uses a hyphen; downstream code accesses it
+ * via bracket notation.
+ */
+declare const ManifestSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    basou_version: z.ZodLiteral<"0.1.0">;
+    workspace: z.ZodObject<{
+        id: z.ZodString & z.ZodType<`ws_${string}`, string, z.core.$ZodTypeInternals<`ws_${string}`, string>>;
+        name: z.ZodString;
+        created_at: z.ZodString;
+        updated_at: z.ZodString;
+    }, z.core.$strip>;
+    project: z.ZodObject<{
+        name: z.ZodOptional<z.ZodString>;
+        description: z.ZodOptional<z.ZodString>;
+        repository_url: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    }, z.core.$strip>;
+    capabilities: z.ZodObject<{
+        enabled: z.ZodArray<z.ZodString>;
+    }, z.core.$strip>;
+    approval: z.ZodObject<{
+        required_for: z.ZodOptional<z.ZodArray<z.ZodString>>;
+        default_risk_level: z.ZodEnum<{
+            low: "low";
+            medium: "medium";
+            high: "high";
+            critical: "critical";
+        }>;
+    }, z.core.$strip>;
+    adapters: z.ZodObject<{
+        "claude-code": z.ZodObject<{
+            enabled: z.ZodBoolean;
+            config_path: z.ZodOptional<z.ZodString>;
+        }, z.core.$strip>;
+    }, z.core.$strip>;
+    git: z.ZodObject<{
+        events_log: z.ZodDefault<z.ZodEnum<{
+            ignore: "ignore";
+            commit: "commit";
+        }>>;
+    }, z.core.$strip>;
+}, z.core.$strip>;
+/** Inferred runtime type for {@link ManifestSchema}. */
+type Manifest = z.infer<typeof ManifestSchema>;
+
+/**
+ * Schema for `.basou/status.json` — a forward-incompat cache of the current
+ * workspace state.
+ *
+ * Each level uses `.strict()` so unknown keys are rejected rather than
+ * silently stripped. A v0.1 reader that encounters a future-shape
+ * `status.json` therefore fails parsing instead of returning a partially
+ * empty snapshot; callers regenerate by calling `buildStatusSnapshot` +
+ * `writeStatus` rather than trying to migrate.
+ */
+declare const StatusSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    generated_at: z.ZodString;
+    workspace: z.ZodObject<{
+        id: z.ZodString & z.ZodType<`ws_${string}`, string, z.core.$ZodTypeInternals<`ws_${string}`, string>>;
+        name: z.ZodString;
+        basou_version: z.ZodLiteral<"0.1.0">;
+    }, z.core.$strict>;
+    directories_present: z.ZodObject<{
+        sessions: z.ZodBoolean;
+        tasks: z.ZodBoolean;
+        approvals_pending: z.ZodBoolean;
+        approvals_resolved: z.ZodBoolean;
+        logs: z.ZodBoolean;
+        raw: z.ZodBoolean;
+        tmp: z.ZodBoolean;
+    }, z.core.$strict>;
+}, z.core.$strict>;
+/** Inferred runtime type for {@link StatusSchema}. */
+type StatusSnapshot = z.infer<typeof StatusSchema>;
+
+/** Session lifecycle states. */
+declare const SessionStatusSchema: z.ZodEnum<{
+    initialized: "initialized";
+    running: "running";
+    waiting_approval: "waiting_approval";
+    completed: "completed";
+    failed: "failed";
+    interrupted: "interrupted";
+    imported: "imported";
+    archived: "archived";
+}>;
+/** Inferred runtime type for {@link SessionStatusSchema}. */
+type SessionStatus = z.infer<typeof SessionStatusSchema>;
+/** Source kind that produced the session. */
+declare const SessionSourceKindSchema: z.ZodEnum<{
+    "claude-code-adapter": "claude-code-adapter";
+    human: "human";
+    import: "import";
+    terminal: "terminal";
+}>;
+/** Inferred runtime type for {@link SessionSourceKindSchema}. */
+type SessionSourceKind = z.infer<typeof SessionSourceKindSchema>;
+/**
+ * Schema for `.basou/sessions/<session_id>/session.yaml`. The minimal
+ * session document carries the actual fields nested under the outer
+ * `session:` key.
+ */
+declare const SessionSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    session: z.ZodObject<{
+        id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        label: z.ZodOptional<z.ZodString>;
+        task_id: z.ZodOptional<z.ZodNullable<z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>>>;
+        workspace_id: z.ZodString & z.ZodType<`ws_${string}`, string, z.core.$ZodTypeInternals<`ws_${string}`, string>>;
+        source: z.ZodObject<{
+            kind: z.ZodEnum<{
+                "claude-code-adapter": "claude-code-adapter";
+                human: "human";
+                import: "import";
+                terminal: "terminal";
+            }>;
+            version: z.ZodLiteral<"0.1.0">;
+        }, z.core.$strip>;
+        started_at: z.ZodString;
+        ended_at: z.ZodOptional<z.ZodString>;
+        status: z.ZodEnum<{
+            initialized: "initialized";
+            running: "running";
+            waiting_approval: "waiting_approval";
+            completed: "completed";
+            failed: "failed";
+            interrupted: "interrupted";
+            imported: "imported";
+            archived: "archived";
+        }>;
+        working_directory: z.ZodString;
+        invocation: z.ZodObject<{
+            command: z.ZodString;
+            args: z.ZodDefault<z.ZodArray<z.ZodString>>;
+            exit_code: z.ZodNullable<z.ZodNumber>;
+        }, z.core.$strip>;
+        related_files: z.ZodDefault<z.ZodArray<z.ZodString>>;
+        events_log: z.ZodDefault<z.ZodString>;
+        summary: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    }, z.core.$strip>;
+}, z.core.$strip>;
+/** Inferred runtime type for {@link SessionSchema}. */
+type Session = z.infer<typeof SessionSchema>;
+
+/**
+ * Task lifecycle states.
+ *
+ * The storage layer's `ALLOWED_TRANSITIONS` map (= source of truth in
+ * `tasks.ts`) is the authoritative graph; the comment below is a snapshot.
+ * `planned` reaches `done` / `cancelled` directly so tasks completed (or
+ * abandoned) outside an explicit in-progress phase can close in a single
+ * CLI call:
+ *
+ *   planned → {in_progress | done | cancelled}
+ *   in_progress → {done | cancelled}
+ *   done / cancelled = terminal
+ *
+ * Self-edges are rejected so the audit trail stays monotonic.
+ */
+declare const TaskStatusSchema: z.ZodEnum<{
+    planned: "planned";
+    in_progress: "in_progress";
+    done: "done";
+    cancelled: "cancelled";
+}>;
+/** Inferred runtime type for {@link TaskStatusSchema}. */
+type TaskStatus = z.infer<typeof TaskStatusSchema>;
+/**
+ * Schema for the YAML front matter of `.basou/tasks/<task_id>.md`.
+ *
+ * The markdown body after the front matter is intentionally NOT modelled
+ * here — it is free-form user-edited content. The storage layer splits
+ * the file into `task` (this schema) and `body` (the trailing string).
+ */
+declare const TaskSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    task: z.ZodObject<{
+        id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+        title: z.ZodString;
+        label: z.ZodOptional<z.ZodString>;
+        status: z.ZodEnum<{
+            planned: "planned";
+            in_progress: "in_progress";
+            done: "done";
+            cancelled: "cancelled";
+        }>;
+        created_at: z.ZodString;
+        updated_at: z.ZodString;
+        workspace_id: z.ZodString & z.ZodType<`ws_${string}`, string, z.core.$ZodTypeInternals<`ws_${string}`, string>>;
+        created_in_session: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        linked_sessions: z.ZodDefault<z.ZodArray<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>>;
+    }, z.core.$strip>;
+}, z.core.$strip>;
+/** Inferred runtime type for {@link TaskSchema}. */
+type Task = z.infer<typeof TaskSchema>;
+
+/**
+ * Lifecycle states of a Basou approval. The status is stored directly on
+ * the approval YAML (flat shape) so that pending → resolved transitions
+ * are atomic-move + in-place rewrites rather than schema-variant swaps.
+ */
+declare const ApprovalStatusSchema: z.ZodEnum<{
+    pending: "pending";
+    approved: "approved";
+    rejected: "rejected";
+    expired: "expired";
+}>;
+/** Inferred runtime type for {@link ApprovalStatusSchema}. */
+type ApprovalStatus = z.infer<typeof ApprovalStatusSchema>;
+/**
+ * Schema for `.basou/approvals/{pending,resolved}/<approval_id>.yaml`.
+ *
+ * The schema is intentionally flat (one shape regardless of `status`) so
+ * that pending and resolved YAMLs share the same parser. Required vs.
+ * optional semantics by status (e.g. `rejection_reason` MUST be set when
+ * `status === "rejected"`) are enforced at the CLI orchestration layer
+ * rather than here, mirroring the approval event variants in
+ * `event.schema.ts`.
+ *
+ * The `action` field is `{ kind: string }` with `passthrough()` so that
+ * adapter-defined keys (e.g. `command`, `path`, `target_url`) survive the
+ * round-trip without being stripped — matching the approval_requested
+ * event variant.
+ */
+declare const ApprovalSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`appr_${string}`, string, z.core.$ZodTypeInternals<`appr_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    created_at: z.ZodString;
+    status: z.ZodEnum<{
+        pending: "pending";
+        approved: "approved";
+        rejected: "rejected";
+        expired: "expired";
+    }>;
+    risk_level: z.ZodEnum<{
+        low: "low";
+        medium: "medium";
+        high: "high";
+        critical: "critical";
+    }>;
+    action: z.ZodObject<{
+        kind: z.ZodString;
+    }, z.core.$loose>;
+    reason: z.ZodString;
+    expires_at: z.ZodDefault<z.ZodNullable<z.ZodString>>;
+    resolver: z.ZodDefault<z.ZodNullable<z.ZodString>>;
+    resolved_at: z.ZodDefault<z.ZodNullable<z.ZodString>>;
+    note: z.ZodDefault<z.ZodNullable<z.ZodString>>;
+    rejection_reason: z.ZodDefault<z.ZodNullable<z.ZodString>>;
+}, z.core.$strip>;
+/** Inferred runtime type for {@link ApprovalSchema}. */
+type Approval = z.infer<typeof ApprovalSchema>;
+
+declare const SessionStartedEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"session_started">;
+}, z.core.$strip>;
+declare const SessionEndedEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"session_ended">;
+    exit_code: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strip>;
+declare const SessionStatusChangedEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"session_status_changed">;
+    from: z.ZodString;
+    to: z.ZodString;
+}, z.core.$strip>;
+declare const ApprovalRequestedEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"approval_requested">;
+    approval_id: z.ZodString & z.ZodType<`appr_${string}`, string, z.core.$ZodTypeInternals<`appr_${string}`, string>>;
+    expires_at: z.ZodDefault<z.ZodNullable<z.ZodString>>;
+    risk_level: z.ZodEnum<{
+        low: "low";
+        medium: "medium";
+        high: "high";
+        critical: "critical";
+    }>;
+    action: z.ZodObject<{
+        kind: z.ZodString;
+    }, z.core.$loose>;
+    reason: z.ZodString;
+    status: z.ZodLiteral<"pending">;
+}, z.core.$strip>;
+declare const ApprovalApprovedEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"approval_approved">;
+    approval_id: z.ZodString & z.ZodType<`appr_${string}`, string, z.core.$ZodTypeInternals<`appr_${string}`, string>>;
+    resolver: z.ZodOptional<z.ZodString>;
+    note: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+}, z.core.$strip>;
+declare const ApprovalRejectedEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"approval_rejected">;
+    approval_id: z.ZodString & z.ZodType<`appr_${string}`, string, z.core.$ZodTypeInternals<`appr_${string}`, string>>;
+    resolver: z.ZodOptional<z.ZodString>;
+    reason: z.ZodString;
+}, z.core.$strip>;
+declare const ApprovalExpiredEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"approval_expired">;
+    approval_id: z.ZodString & z.ZodType<`appr_${string}`, string, z.core.$ZodTypeInternals<`appr_${string}`, string>>;
+}, z.core.$strip>;
+declare const CommandExecutedEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"command_executed">;
+    command: z.ZodString;
+    args: z.ZodArray<z.ZodString>;
+    cwd: z.ZodString;
+    exit_code: z.ZodNullable<z.ZodNumber>;
+    signal: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    received_signal: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    duration_ms: z.ZodNumber;
+}, z.core.$strip>;
+declare const GitSnapshotEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"git_snapshot">;
+    head: z.ZodString;
+    branch: z.ZodString;
+    dirty: z.ZodBoolean;
+    staged: z.ZodArray<z.ZodString>;
+    unstaged: z.ZodArray<z.ZodString>;
+    untracked: z.ZodArray<z.ZodString>;
+    ahead: z.ZodOptional<z.ZodNumber>;
+    behind: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strip>;
+declare const FileChangedEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"file_changed">;
+    path: z.ZodString;
+    change_type: z.ZodEnum<{
+        added: "added";
+        modified: "modified";
+        deleted: "deleted";
+        renamed: "renamed";
+    }>;
+    old_path: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+}, z.core.$strip>;
+declare const DecisionRecordedEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"decision_recorded">;
+    decision_id: z.ZodString & z.ZodType<`decision_${string}`, string, z.core.$ZodTypeInternals<`decision_${string}`, string>>;
+    title: z.ZodString;
+    rationale: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    alternatives: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    rejected_reason: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    linked_events: z.ZodOptional<z.ZodArray<z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>>>;
+    linked_files: z.ZodOptional<z.ZodArray<z.ZodString>>;
+}, z.core.$strip>;
+declare const TaskCreatedEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"task_created">;
+    task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+    title: z.ZodString;
+}, z.core.$strip>;
+declare const TaskStatusChangedEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"task_status_changed">;
+    task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+    from: z.ZodString;
+    to: z.ZodString;
+}, z.core.$strip>;
+declare const TaskReconciledEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"task_reconciled">;
+    task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+    removed_created_in_session: z.ZodDefault<z.ZodNullable<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>>;
+    created_in_session_replacement: z.ZodDefault<z.ZodNullable<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>>;
+    removed_linked_sessions: z.ZodDefault<z.ZodArray<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>>;
+}, z.core.$strict>;
+declare const TaskLinkageRefreshedEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"task_linkage_refreshed">;
+    task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+    added_linked_sessions: z.ZodDefault<z.ZodArray<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>>;
+    removed_linked_sessions: z.ZodDefault<z.ZodArray<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>>;
+    final_count: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strict>;
+declare const TaskDeletedEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"task_deleted">;
+    task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+    title: z.ZodString;
+}, z.core.$strict>;
+declare const TaskArchivedEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"task_archived">;
+    task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+    title: z.ZodString;
+}, z.core.$strict>;
+declare const NoteAddedEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"note_added">;
+    body: z.ZodString;
+}, z.core.$strip>;
+declare const AdapterOutputEventSchema: z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"adapter_output">;
+    stream: z.ZodEnum<{
+        stdout: "stdout";
+        stderr: "stderr";
+    }>;
+    summary: z.ZodString;
+    raw_ref: z.ZodString;
+    redacted: z.ZodOptional<z.ZodBoolean>;
+}, z.core.$strict>;
+/**
+ * Discriminated union of every Basou v0.1 event type. The `type` literal
+ * narrows TypeScript to the appropriate variant. The `adapter_output`
+ * variant is uniquely strict to bar raw adapter bodies.
+ */
+declare const EventSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"session_started">;
+}, z.core.$strip>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"session_ended">;
+    exit_code: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strip>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"session_status_changed">;
+    from: z.ZodString;
+    to: z.ZodString;
+}, z.core.$strip>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"approval_requested">;
+    approval_id: z.ZodString & z.ZodType<`appr_${string}`, string, z.core.$ZodTypeInternals<`appr_${string}`, string>>;
+    expires_at: z.ZodDefault<z.ZodNullable<z.ZodString>>;
+    risk_level: z.ZodEnum<{
+        low: "low";
+        medium: "medium";
+        high: "high";
+        critical: "critical";
+    }>;
+    action: z.ZodObject<{
+        kind: z.ZodString;
+    }, z.core.$loose>;
+    reason: z.ZodString;
+    status: z.ZodLiteral<"pending">;
+}, z.core.$strip>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"approval_approved">;
+    approval_id: z.ZodString & z.ZodType<`appr_${string}`, string, z.core.$ZodTypeInternals<`appr_${string}`, string>>;
+    resolver: z.ZodOptional<z.ZodString>;
+    note: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+}, z.core.$strip>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"approval_rejected">;
+    approval_id: z.ZodString & z.ZodType<`appr_${string}`, string, z.core.$ZodTypeInternals<`appr_${string}`, string>>;
+    resolver: z.ZodOptional<z.ZodString>;
+    reason: z.ZodString;
+}, z.core.$strip>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"approval_expired">;
+    approval_id: z.ZodString & z.ZodType<`appr_${string}`, string, z.core.$ZodTypeInternals<`appr_${string}`, string>>;
+}, z.core.$strip>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"command_executed">;
+    command: z.ZodString;
+    args: z.ZodArray<z.ZodString>;
+    cwd: z.ZodString;
+    exit_code: z.ZodNullable<z.ZodNumber>;
+    signal: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    received_signal: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    duration_ms: z.ZodNumber;
+}, z.core.$strip>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"git_snapshot">;
+    head: z.ZodString;
+    branch: z.ZodString;
+    dirty: z.ZodBoolean;
+    staged: z.ZodArray<z.ZodString>;
+    unstaged: z.ZodArray<z.ZodString>;
+    untracked: z.ZodArray<z.ZodString>;
+    ahead: z.ZodOptional<z.ZodNumber>;
+    behind: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strip>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"file_changed">;
+    path: z.ZodString;
+    change_type: z.ZodEnum<{
+        added: "added";
+        modified: "modified";
+        deleted: "deleted";
+        renamed: "renamed";
+    }>;
+    old_path: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+}, z.core.$strip>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"decision_recorded">;
+    decision_id: z.ZodString & z.ZodType<`decision_${string}`, string, z.core.$ZodTypeInternals<`decision_${string}`, string>>;
+    title: z.ZodString;
+    rationale: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    alternatives: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    rejected_reason: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    linked_events: z.ZodOptional<z.ZodArray<z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>>>;
+    linked_files: z.ZodOptional<z.ZodArray<z.ZodString>>;
+}, z.core.$strip>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"task_created">;
+    task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+    title: z.ZodString;
+}, z.core.$strip>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"task_status_changed">;
+    task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+    from: z.ZodString;
+    to: z.ZodString;
+}, z.core.$strip>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"task_reconciled">;
+    task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+    removed_created_in_session: z.ZodDefault<z.ZodNullable<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>>;
+    created_in_session_replacement: z.ZodDefault<z.ZodNullable<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>>;
+    removed_linked_sessions: z.ZodDefault<z.ZodArray<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>>;
+}, z.core.$strict>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"task_linkage_refreshed">;
+    task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+    added_linked_sessions: z.ZodDefault<z.ZodArray<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>>;
+    removed_linked_sessions: z.ZodDefault<z.ZodArray<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>>;
+    final_count: z.ZodOptional<z.ZodNumber>;
+}, z.core.$strict>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"task_deleted">;
+    task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+    title: z.ZodString;
+}, z.core.$strict>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"task_archived">;
+    task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+    title: z.ZodString;
+}, z.core.$strict>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"note_added">;
+    body: z.ZodString;
+}, z.core.$strip>, z.ZodObject<{
+    schema_version: z.ZodLiteral<"0.1.0">;
+    id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+    session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+    occurred_at: z.ZodString;
+    source: z.ZodString;
+    type: z.ZodLiteral<"adapter_output">;
+    stream: z.ZodEnum<{
+        stdout: "stdout";
+        stderr: "stderr";
+    }>;
+    summary: z.ZodString;
+    raw_ref: z.ZodString;
+    redacted: z.ZodOptional<z.ZodBoolean>;
+}, z.core.$strict>], "type">;
+/** Inferred runtime type for any Basou event. */
+type Event = z.infer<typeof EventSchema>;
+/** Narrowed runtime type for the `session_started` event variant. */
+type SessionStartedEvent = z.infer<typeof SessionStartedEventSchema>;
+/** Narrowed runtime type for the `session_ended` event variant. */
+type SessionEndedEvent = z.infer<typeof SessionEndedEventSchema>;
+/** Narrowed runtime type for the `session_status_changed` event variant. */
+type SessionStatusChangedEvent = z.infer<typeof SessionStatusChangedEventSchema>;
+/** Narrowed runtime type for the `approval_requested` event variant. */
+type ApprovalRequestedEvent = z.infer<typeof ApprovalRequestedEventSchema>;
+/** Narrowed runtime type for the `approval_approved` event variant. */
+type ApprovalApprovedEvent = z.infer<typeof ApprovalApprovedEventSchema>;
+/** Narrowed runtime type for the `approval_rejected` event variant. */
+type ApprovalRejectedEvent = z.infer<typeof ApprovalRejectedEventSchema>;
+/** Narrowed runtime type for the `approval_expired` event variant. */
+type ApprovalExpiredEvent = z.infer<typeof ApprovalExpiredEventSchema>;
+/** Narrowed runtime type for the `command_executed` event variant. */
+type CommandExecutedEvent = z.infer<typeof CommandExecutedEventSchema>;
+/** Narrowed runtime type for the `git_snapshot` event variant. */
+type GitSnapshotEvent = z.infer<typeof GitSnapshotEventSchema>;
+/** Narrowed runtime type for the `file_changed` event variant. */
+type FileChangedEvent = z.infer<typeof FileChangedEventSchema>;
+/** Narrowed runtime type for the `decision_recorded` event variant. */
+type DecisionRecordedEvent = z.infer<typeof DecisionRecordedEventSchema>;
+/** Narrowed runtime type for the `task_created` event variant. */
+type TaskCreatedEvent = z.infer<typeof TaskCreatedEventSchema>;
+/** Narrowed runtime type for the `task_status_changed` event variant. */
+type TaskStatusChangedEvent = z.infer<typeof TaskStatusChangedEventSchema>;
+/** Narrowed runtime type for the `task_reconciled` event variant (.strict()). */
+type TaskReconciledEvent = z.infer<typeof TaskReconciledEventSchema>;
+/** Narrowed runtime type for the `task_linkage_refreshed` event variant (.strict()). */
+type TaskLinkageRefreshedEvent = z.infer<typeof TaskLinkageRefreshedEventSchema>;
+/** Narrowed runtime type for the `task_deleted` event variant (.strict()). */
+type TaskDeletedEvent = z.infer<typeof TaskDeletedEventSchema>;
+/** Narrowed runtime type for the `task_archived` event variant (.strict()). */
+type TaskArchivedEvent = z.infer<typeof TaskArchivedEventSchema>;
+/** Narrowed runtime type for the `note_added` event variant. */
+type NoteAddedEvent = z.infer<typeof NoteAddedEventSchema>;
+/** Narrowed runtime type for the `adapter_output` event variant (.strict()). */
+type AdapterOutputEvent = z.infer<typeof AdapterOutputEventSchema>;
+
+declare const SessionInnerImportSchema: z.ZodObject<{
+    id: z.ZodOptional<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>;
+    label: z.ZodOptional<z.ZodString>;
+    task_id: z.ZodOptional<z.ZodNullable<z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>>>;
+    workspace_id: z.ZodString & z.ZodType<`ws_${string}`, string, z.core.$ZodTypeInternals<`ws_${string}`, string>>;
+    source: z.ZodObject<{
+        kind: z.ZodEnum<{
+            "claude-code-adapter": "claude-code-adapter";
+            human: "human";
+            import: "import";
+            terminal: "terminal";
+        }>;
+        version: z.ZodLiteral<"0.1.0">;
+    }, z.core.$strip>;
+    started_at: z.ZodString;
+    ended_at: z.ZodOptional<z.ZodString>;
+    status: z.ZodEnum<{
+        initialized: "initialized";
+        running: "running";
+        waiting_approval: "waiting_approval";
+        completed: "completed";
+        failed: "failed";
+        interrupted: "interrupted";
+        imported: "imported";
+        archived: "archived";
+    }>;
+    working_directory: z.ZodString;
+    invocation: z.ZodObject<{
+        command: z.ZodString;
+        args: z.ZodArray<z.ZodString>;
+        exit_code: z.ZodNullable<z.ZodNumber>;
+    }, z.core.$strip>;
+    related_files: z.ZodDefault<z.ZodArray<z.ZodString>>;
+    events_log: z.ZodOptional<z.ZodString>;
+    summary: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+}, z.core.$strict>;
+/**
+ * Schema for the round-trip JSON payload accepted by `basou session import
+ * --format json`. The top level is `.strict()`; unknown keys at the outer
+ * envelope are rejected.
+ */
+declare const SessionImportPayloadSchema: z.ZodObject<{
+    schema_version: z.ZodString;
+    session: z.ZodObject<{
+        id: z.ZodOptional<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>;
+        label: z.ZodOptional<z.ZodString>;
+        task_id: z.ZodOptional<z.ZodNullable<z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>>>;
+        workspace_id: z.ZodString & z.ZodType<`ws_${string}`, string, z.core.$ZodTypeInternals<`ws_${string}`, string>>;
+        source: z.ZodObject<{
+            kind: z.ZodEnum<{
+                "claude-code-adapter": "claude-code-adapter";
+                human: "human";
+                import: "import";
+                terminal: "terminal";
+            }>;
+            version: z.ZodLiteral<"0.1.0">;
+        }, z.core.$strip>;
+        started_at: z.ZodString;
+        ended_at: z.ZodOptional<z.ZodString>;
+        status: z.ZodEnum<{
+            initialized: "initialized";
+            running: "running";
+            waiting_approval: "waiting_approval";
+            completed: "completed";
+            failed: "failed";
+            interrupted: "interrupted";
+            imported: "imported";
+            archived: "archived";
+        }>;
+        working_directory: z.ZodString;
+        invocation: z.ZodObject<{
+            command: z.ZodString;
+            args: z.ZodArray<z.ZodString>;
+            exit_code: z.ZodNullable<z.ZodNumber>;
+        }, z.core.$strip>;
+        related_files: z.ZodDefault<z.ZodArray<z.ZodString>>;
+        events_log: z.ZodOptional<z.ZodString>;
+        summary: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    }, z.core.$strict>;
+    events: z.ZodArray<z.ZodDiscriminatedUnion<[z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"session_started">;
+    }, z.core.$strip>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"session_ended">;
+        exit_code: z.ZodOptional<z.ZodNumber>;
+    }, z.core.$strip>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"session_status_changed">;
+        from: z.ZodString;
+        to: z.ZodString;
+    }, z.core.$strip>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"approval_requested">;
+        approval_id: z.ZodString & z.ZodType<`appr_${string}`, string, z.core.$ZodTypeInternals<`appr_${string}`, string>>;
+        expires_at: z.ZodDefault<z.ZodNullable<z.ZodString>>;
+        risk_level: z.ZodEnum<{
+            low: "low";
+            medium: "medium";
+            high: "high";
+            critical: "critical";
+        }>;
+        action: z.ZodObject<{
+            kind: z.ZodString;
+        }, z.core.$loose>;
+        reason: z.ZodString;
+        status: z.ZodLiteral<"pending">;
+    }, z.core.$strip>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"approval_approved">;
+        approval_id: z.ZodString & z.ZodType<`appr_${string}`, string, z.core.$ZodTypeInternals<`appr_${string}`, string>>;
+        resolver: z.ZodOptional<z.ZodString>;
+        note: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    }, z.core.$strip>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"approval_rejected">;
+        approval_id: z.ZodString & z.ZodType<`appr_${string}`, string, z.core.$ZodTypeInternals<`appr_${string}`, string>>;
+        resolver: z.ZodOptional<z.ZodString>;
+        reason: z.ZodString;
+    }, z.core.$strip>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"approval_expired">;
+        approval_id: z.ZodString & z.ZodType<`appr_${string}`, string, z.core.$ZodTypeInternals<`appr_${string}`, string>>;
+    }, z.core.$strip>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"command_executed">;
+        command: z.ZodString;
+        args: z.ZodArray<z.ZodString>;
+        cwd: z.ZodString;
+        exit_code: z.ZodNullable<z.ZodNumber>;
+        signal: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+        received_signal: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+        duration_ms: z.ZodNumber;
+    }, z.core.$strip>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"git_snapshot">;
+        head: z.ZodString;
+        branch: z.ZodString;
+        dirty: z.ZodBoolean;
+        staged: z.ZodArray<z.ZodString>;
+        unstaged: z.ZodArray<z.ZodString>;
+        untracked: z.ZodArray<z.ZodString>;
+        ahead: z.ZodOptional<z.ZodNumber>;
+        behind: z.ZodOptional<z.ZodNumber>;
+    }, z.core.$strip>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"file_changed">;
+        path: z.ZodString;
+        change_type: z.ZodEnum<{
+            added: "added";
+            modified: "modified";
+            deleted: "deleted";
+            renamed: "renamed";
+        }>;
+        old_path: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+    }, z.core.$strip>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"decision_recorded">;
+        decision_id: z.ZodString & z.ZodType<`decision_${string}`, string, z.core.$ZodTypeInternals<`decision_${string}`, string>>;
+        title: z.ZodString;
+        rationale: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+        alternatives: z.ZodOptional<z.ZodArray<z.ZodString>>;
+        rejected_reason: z.ZodOptional<z.ZodNullable<z.ZodString>>;
+        linked_events: z.ZodOptional<z.ZodArray<z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>>>;
+        linked_files: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    }, z.core.$strip>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"task_created">;
+        task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+        title: z.ZodString;
+    }, z.core.$strip>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"task_status_changed">;
+        task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+        from: z.ZodString;
+        to: z.ZodString;
+    }, z.core.$strip>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"task_reconciled">;
+        task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+        removed_created_in_session: z.ZodDefault<z.ZodNullable<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>>;
+        created_in_session_replacement: z.ZodDefault<z.ZodNullable<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>>;
+        removed_linked_sessions: z.ZodDefault<z.ZodArray<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>>;
+    }, z.core.$strict>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"task_linkage_refreshed">;
+        task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+        added_linked_sessions: z.ZodDefault<z.ZodArray<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>>;
+        removed_linked_sessions: z.ZodDefault<z.ZodArray<z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>>>;
+        final_count: z.ZodOptional<z.ZodNumber>;
+    }, z.core.$strict>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"task_deleted">;
+        task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+        title: z.ZodString;
+    }, z.core.$strict>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"task_archived">;
+        task_id: z.ZodString & z.ZodType<`task_${string}`, string, z.core.$ZodTypeInternals<`task_${string}`, string>>;
+        title: z.ZodString;
+    }, z.core.$strict>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"note_added">;
+        body: z.ZodString;
+    }, z.core.$strip>, z.ZodObject<{
+        schema_version: z.ZodLiteral<"0.1.0">;
+        id: z.ZodString & z.ZodType<`evt_${string}`, string, z.core.$ZodTypeInternals<`evt_${string}`, string>>;
+        session_id: z.ZodString & z.ZodType<`ses_${string}`, string, z.core.$ZodTypeInternals<`ses_${string}`, string>>;
+        occurred_at: z.ZodString;
+        source: z.ZodString;
+        type: z.ZodLiteral<"adapter_output">;
+        stream: z.ZodEnum<{
+            stdout: "stdout";
+            stderr: "stderr";
+        }>;
+        summary: z.ZodString;
+        raw_ref: z.ZodString;
+        redacted: z.ZodOptional<z.ZodBoolean>;
+    }, z.core.$strict>], "type">>;
+}, z.core.$strict>;
+/** Inferred runtime type for {@link SessionImportPayloadSchema}. */
+type SessionImportPayload = z.infer<typeof SessionImportPayloadSchema>;
+/** Inferred runtime type for {@link SessionInnerImportSchema}. */
+type SessionInnerImportInput = z.infer<typeof SessionInnerImportSchema>;
+
+/**
+ * Absolute paths to the standard `.basou/` directory layout, derived from a
+ * given repository root. The shape mirrors the canonical `.basou/` tree
+ * (see `docs/spec/workspace.md`). `root` is the `.basou/` directory itself
+ * (i.e. `repositoryRoot/.basou`).
+ *
+ * `files` exposes the well-known top-level files inside `.basou/`. Each path
+ * is computed but not created — they are written by their respective
+ * subsystems (e.g. `writeManifest` for `manifest.yaml`).
+ *
+ * All fields are deeply readonly; consumers must not mutate the returned
+ * object.
+ */
+type BasouPaths = {
+    readonly root: string;
+    readonly sessions: string;
+    readonly tasks: string;
+    readonly approvals: {
+        readonly pending: string;
+        readonly resolved: string;
+    };
+    readonly locks: string;
+    readonly logs: string;
+    readonly raw: string;
+    readonly tmp: string;
+    readonly files: {
+        readonly manifest: string;
+        readonly status: string;
+        readonly handoff: string;
+        readonly decisions: string;
+    };
+};
+/**
+ * Compute absolute paths to the standard `.basou/` directory layout under
+ * `repositoryRoot`. Pure: performs no I/O and is safe to call before the
+ * directory exists.
+ *
+ * @param repositoryRoot Absolute path to the git repository root (the
+ *   parent directory of `.basou/`). Caller is responsible for resolving
+ *   `process.cwd()` or running `git rev-parse --show-toplevel` upstream;
+ *   this function does not validate that the path exists or is a git
+ *   repository.
+ */
+declare function basouPaths(repositoryRoot: string): BasouPaths;
+/**
+ * Create the standard `.basou/` directory layout under `repositoryRoot`.
+ *
+ * Idempotent: a no-op on an already-initialized layout. Returns the resolved
+ * {@link BasouPaths} so callers can immediately use them.
+ *
+ * Throws if `repositoryRoot/.basou` (or any required subdirectory) exists
+ * but is not a directory, or if filesystem permissions prevent creation.
+ * All thrown error messages are pathless; the original native error is
+ * attached as `cause` for diagnostics.
+ *
+ * @param repositoryRoot Absolute path to the git repository root. See
+ *   {@link basouPaths} for the contract on this parameter.
+ */
+declare function ensureBasouDirectory(repositoryRoot: string): Promise<BasouPaths>;
+
+/** Which side of `.basou/approvals/` an approval YAML lives on. */
+type ApprovalLocation = "pending" | "resolved";
+/** Result returned by {@link loadApproval}: the parsed approval and where it was found. */
+type LoadedApproval = {
+    approval: Approval;
+    location: ApprovalLocation;
+};
+/**
+ * Locate and load the approval YAML for `approvalId`. Searches resolved
+ * first so that a duplicated YAML (the crash-window scenario where both
+ * pending and resolved exist for the same id) returns the resolved-side
+ * record — matching the dedupe rule used by `approval list` and
+ * `resolveApprovalId`. Returns null if neither directory contains the
+ * YAML. Throws with a pathless message on read or schema-validation
+ * failure.
+ */
+declare function loadApproval(paths: BasouPaths, approvalId: string): Promise<LoadedApproval | null>;
+/**
+ * Enumerate approval IDs by inspecting `<id>.yaml` filenames in pending
+ * and resolved. ENOENT on either directory is treated as empty (e.g. a
+ * workspace that has no resolved approvals yet). YAML parse and schema
+ * validation are NOT performed; callers that need the parsed approval
+ * should use {@link loadApproval} per ID.
+ */
+declare function enumerateApprovals(paths: BasouPaths): Promise<{
+    pending: string[];
+    resolved: string[];
+}>;
+/**
+ * Return true when an approval is in `pending` state and its `expires_at`
+ * timestamp has elapsed. Used by `basou approval list` / `show` to surface
+ * a `(expired)` label without mutating the YAML file. Approval expiry uses
+ * lazy-evaluation semantics; actual `approval_expired` event firing is
+ * deferred to a later step.
+ *
+ * `now` is taken as a parameter so a single CLI invocation can share one
+ * "now" across every record it inspects (avoids boundary races where two
+ * reads of `Date.now()` straddle an expiry instant).
+ */
+declare function isLazyExpired(approval: Approval, now: Date): boolean;
+
+/**
+ * Read a YAML file as `unknown`. Caller MUST validate via a zod schema.
+ *
+ * Throws Error with pathless message and the original native error attached
+ * as `cause` for I/O failures and YAML parse errors. All fs and parse exits
+ * go through fixed messages so absolute paths cannot leak via `error.message`.
+ */
+declare function readYamlFile(filePath: string): Promise<unknown>;
+/**
+ * Write a value as YAML using {@link atomicReplace} for crash-resistant
+ * atomicity. The shared helper handles the tmp-file + rename sequence,
+ * `wx` collision guard, and best-effort tmp cleanup on failure. This
+ * wrapper adds the YAML serialisation and the pathless error vocabulary.
+ */
+declare function writeYamlFile(filePath: string, value: unknown): Promise<void>;
+/**
+ * Atomically create a new YAML file. Like {@link writeYamlFile} but
+ * delegates to {@link atomicCreate} so a pre-existing target fails with
+ * EEXIST instead of being silently overwritten.
+ *
+ * Used by `basou approval approve` / `reject` to write the resolved-side
+ * YAML, so a concurrent resolver cannot overwrite an already-resolved
+ * approval.
+ *
+ * Throws `Error("Failed to write YAML file", { cause })` on failure; if
+ * `cause.code === "EEXIST"` the caller can detect a target-exists race.
+ */
+declare function linkYamlFile(filePath: string, value: unknown): Promise<void>;
+/**
+ * Overwrite an existing YAML file atomically. Like {@link writeYamlFile}
+ * but with a distinct pathless message label, used for files that
+ * legitimately need in-place mutation (e.g. session.yaml's status /
+ * ended_at lifecycle updates).
+ */
+declare function overwriteYamlFile(filePath: string, value: unknown): Promise<void>;
+
+/**
+ * Inputs for {@link createManifest}. Optional fields drop out of the
+ * resulting Manifest entirely (they are not emitted as `null`/`undefined`
+ * in YAML); pass `null` for `repositoryUrl` to keep an explicit `null`.
+ */
+type CreateManifestInput = {
+    workspaceName: string;
+    projectName?: string;
+    projectDescription?: string;
+    repositoryUrl?: string | null;
+    /** Override for tests; defaults to `new Date()`. */
+    now?: Date;
+    /** Override for tests; defaults to a freshly generated `ws_<ULID>`. */
+    workspaceId?: PrefixedId<"ws">;
+};
+/**
+ * Build a fresh Manifest object that satisfies the manifest schema's
+ * minimum shape. Performs no I/O. Returned object is parse-validated by
+ * `ManifestSchema`.
+ */
+declare function createManifest(input: CreateManifestInput): Manifest;
+/**
+ * Write a Manifest to `paths.files.manifest`. Re-validates via
+ * `ManifestSchema` before serialization.
+ *
+ * Refuses to overwrite an existing manifest unless `force: true`.
+ */
+declare function writeManifest(paths: BasouPaths, manifest: Manifest, options?: {
+    force?: boolean;
+}): Promise<void>;
+/**
+ * Read and parse a Manifest from `paths.files.manifest`. Throws if the file
+ * is missing or contents fail `ManifestSchema` validation.
+ */
+declare function readManifest(paths: BasouPaths): Promise<Manifest>;
+
+type AppendBasouGitignoreResult = {
+    /** True if the block was appended (or the file was newly created). */
+    readonly appended: boolean;
+};
+/**
+ * Append Basou's default `.gitignore` block to `repositoryRoot/.gitignore`.
+ *
+ * The block contents are derived from the Basou v0.1 specification (the
+ * standard ignore + commit recommendations). Callers must pass an absolute
+ * path to a Git repository root.
+ *
+ * Behavior:
+ * - If `.gitignore` does not exist, it is created with the Basou block.
+ * - If a line starting with `# Basou - default ignore` is already present,
+ *   the file is left untouched and `appended: false` is returned
+ *   (idempotent).
+ * - If `.gitignore` is a symlink, the link is followed and the target file
+ *   is updated. Symlinks are not rejected.
+ *
+ * On I/O failure throws Error with a pathless message
+ * (`Failed to read .gitignore` / `Failed to write .gitignore`) and the
+ * original native error attached as `cause`.
+ */
+declare function appendBasouGitignore(repositoryRoot: string): Promise<AppendBasouGitignoreResult>;
+
+/**
+ * The two lock scopes basou uses. `task` guards the read-modify-write window
+ * around a single `task.md`; `session` guards the events.jsonl append plus
+ * surrounding `session.yaml` mutation for a single session. Two scopes use
+ * different lockfile names so they never collide on disk.
+ */
+type LockScope = "task" | "session";
+type LockHandle = {
+    /**
+     * Release the lock by unlinking the lockfile. Best-effort: any unlink error
+     * is swallowed so a doubled release does not raise, and disk state never
+     * holds a stranded lockfile after the caller's `finally` block.
+     */
+    release: () => Promise<void>;
+};
+/**
+ * Acquire an advisory lock at `<paths.locks>/<scope>_<id>.lock` for the
+ * lifetime of the returned handle. Lockfile body records the holder's pid
+ * and acquire timestamp so a competitor can detect stale locks left by a
+ * SIGINT'd CLI run and recover automatically.
+ *
+ * Acquisition strategy:
+ *   1. {@link atomicCreate} the lockfile (POSIX link(2) + EEXIST).
+ *   2. On EEXIST, probe the existing lockfile via {@link isStaleLock}.
+ *      - If stale (= holder pid is dead or lock is older than
+ *        {@link STALE_LOCK_MAX_AGE_MS}), `unlink` the stale file and retry
+ *        the atomic create once.
+ *      - If still EEXIST after the retry (= another competitor won the race),
+ *        throw `"Lock is held by another process"`.
+ *      - If the holder is alive, throw `"Lock is held by another process"`
+ *        without retrying.
+ *
+ * The caller MUST call `release()` (typically from a `finally` block); the
+ * `process.exit()` path or a fatal crash relies on stale-lock detection on
+ * the next acquire to recover.
+ */
+declare function acquireLock(paths: BasouPaths, scope: LockScope, resourceId: string): Promise<LockHandle>;
+
+/**
+ * Walk the cause chain (up to `depth` levels) looking for an Error whose
+ * errno-style `code` matches `code`. Returns true on the first match.
+ * Resilient to wrapper depth changes so that ENOENT detection survives
+ * future error-wrapping refactors.
+ */
+declare function findErrorCode(error: unknown, code: string, depth?: number): boolean;
+
+/**
+ * Refuse to operate on `.basou` if it is a symlink or not a directory. This
+ * prevents `writeStatus` from being tricked into writing `status.json`
+ * outside the repository root via a swapped `.basou` symlink. Mirrors
+ * `ensureBasouDirectory`'s lstat-based guard.
+ *
+ * If `.basou` is absent the underlying ENOENT is propagated (wrapped) so
+ * callers can map it to "workspace not initialized" via `findErrorCode`.
+ *
+ * Note: this is a baseline safety net, not a TOCTOU fix — the directory
+ * could still be replaced between this check and the subsequent write. The
+ * goal is to detect already-swapped symlinks, not to race-proof the
+ * filesystem.
+ */
+declare function assertBasouRootSafe(rootPath: string): Promise<void>;
+/**
+ * Build a StatusSnapshot from a manifest plus the path layout, observing
+ * each subdirectory's presence via `lstat`. Read-only with respect to the
+ * workspace state; writes nothing. The result is re-validated by
+ * `StatusSchema.parse` before being returned.
+ *
+ * @param input.now Override for testing; defaults to `new Date()`.
+ */
+declare function buildStatusSnapshot(input: {
+    manifest: Manifest;
+    paths: BasouPaths;
+    now?: Date;
+}): Promise<StatusSnapshot>;
+/**
+ * Atomically write a StatusSnapshot to `paths.files.status`.
+ *
+ * Re-validates via `StatusSchema.parse` before any file I/O, so an invalid
+ * snapshot throws synchronously and never overwrites the existing
+ * `status.json`. Delegates the tmp-file + rename pass to {@link atomicReplace}.
+ *
+ * **Precondition**: callers MUST invoke {@link assertBasouRootSafe} on
+ * `paths.root` first to ensure `.basou` is a real directory and not a
+ * swapped symlink. `writeStatus` does not redo this guard — it trusts the
+ * caller — so a direct invocation without the guard could write
+ * `status.json` outside the repository root.
+ */
+declare function writeStatus(paths: BasouPaths, snapshot: StatusSnapshot): Promise<void>;
+/**
+ * Read `.basou/status.json` for the current schema_version (0.1.0). This
+ * is a cache reader only; cross-version migration is not supported here.
+ * Older or newer status.json shapes will fail `StatusSchema.parse` —
+ * callers regenerate by calling `buildStatusSnapshot` + `writeStatus`.
+ */
+declare function readStatus(paths: BasouPaths): Promise<StatusSnapshot>;
+
+/**
+ * Recoverable warning surfaced via {@link ReplayOptions.onWarning}. The replay
+ * generator never throws on these — it skips the offending line and continues.
+ *
+ * `partial_trailing_line` indicates the events.jsonl did not end with `\n` and
+ * the unterminated tail parsed as a complete event. The line is dropped
+ * instead of yielded so consumers cannot accidentally observe a
+ * partially-written record.
+ */
+type ReplayWarning = {
+    kind: "partial_trailing_line";
+    line: number;
+} | {
+    kind: "malformed_json";
+    line: number;
+    cause: unknown;
+} | {
+    kind: "schema_violation";
+    line: number;
+    cause: unknown;
+};
+type ReplayOptions = {
+    /**
+     * Hook to receive recoverable warnings (partial line / malformed JSON /
+     * schema violation). When omitted, warnings are silently dropped — callers
+     * that want to surface them (e.g. CLI orchestration) MUST provide this hook.
+     */
+    onWarning?: (warning: ReplayWarning) => void;
+};
+/**
+ * Stream events from `<sessionDir>/events.jsonl` line by line.
+ *
+ * Behavior:
+ * - ENOENT or empty file: yields nothing without warning.
+ * - I/O error: throws `Error("Failed to read events.jsonl")` with the native
+ *   error attached as `cause`. The thrown message never embeds an absolute
+ *   path (pathless contract).
+ * - Trailing partial line that parses as a valid event: dropped silently when
+ *   {@link ReplayOptions.onWarning} is omitted; otherwise reported as
+ *   `partial_trailing_line`. A trailing partial line that fails JSON parsing
+ *   is reported as `malformed_json` instead.
+ * - Malformed JSON / schema violation: skipped, with the corresponding
+ *   warning when a hook is provided.
+ *
+ * Single-writer-per-session is assumed (see `event-writer.ts` JSDoc on
+ * {@link appendEvent}). Concurrent writers may interleave lines beyond
+ * `PIPE_BUF` and are not recovered here in v0.1.
+ */
+declare function replayEvents(sessionDir: string, options?: ReplayOptions): AsyncGenerator<Event, void, void>;
+/**
+ * Eager array helper: collect every event from {@link replayEvents} into
+ * memory. Convenience for callers that need the full list in one structure
+ * (e.g. `basou session show` rendering).
+ */
+declare function readAllEvents(sessionDir: string, options?: ReplayOptions): Promise<Event[]>;
+
+/**
+ * Threshold above which a still-`running` session with no `session_ended`
+ * event is flagged suspect.
+ *
+ * 24h: long enough that an active long-running session will not be flagged,
+ * short enough that an abandoned process is surfaced within a working day.
+ * Tunable via CLI option in a later step (continuation backlog #23).
+ */
+declare const STUCK_THRESHOLD_MS: number;
+type SuspectReason = "events_say_ended_but_yaml_running" | "running_no_end_event";
+type SessionEntry = {
+    sessionId: string;
+    session: Session;
+    suspect: boolean;
+    suspectReason: SuspectReason | null;
+};
+/**
+ * Per-session degradation reason emitted by {@link loadSessionEntries.onSkip}.
+ *
+ * - `session_yaml_missing` (ENOENT) and `session_yaml_invalid` (parse or schema
+ *   failure) both omit the entry from the result.
+ * - `events_jsonl_unreadable` still pushes the entry with `suspect=false` so
+ *   the session row remains visible to the caller; only the suspect check is
+ *   degraded. Matches the existing CLI behaviour at
+ *   `packages/cli/src/commands/session.ts` (suspect-check stderr warning).
+ */
+type SessionSkipReason = "session_yaml_missing" | "session_yaml_invalid" | "events_jsonl_unreadable";
+type LoadSessionEntriesOptions = {
+    /**
+     * Single `now` shared across every {@link classifySuspect} call so that
+     * sessions classified back-to-back observe the same instant. Avoids
+     * boundary races where a session at age ≈ 24h would flip between calls.
+     */
+    now: Date;
+    onWarning?: (warning: ReplayWarning, sessionId: string) => void;
+    onSkip?: (sessionId: string, reason: SessionSkipReason) => void;
+};
+/**
+ * List session directory names under `paths.sessions`, ULID ascending.
+ *
+ * - Returns `[]` when the sessions directory does not exist (empty workspace
+ *   or pre-init state).
+ * - Throws `Error("Failed to enumerate sessions", { cause })` on other I/O.
+ * - Only directories are returned (`.gitkeep` and other files are filtered).
+ *
+ * Sort order is `Array.prototype.sort()` default (Unicode code-point
+ * compare). ULIDs are Crockford base32 in uppercase, so the natural sort
+ * is also chronological session-start order.
+ */
+declare function enumerateSessionDirs(paths: BasouPaths): Promise<string[]>;
+/**
+ * Read and validate `<paths.sessions>/<sessionId>/session.yaml`.
+ *
+ * - Re-throws the yaml-store fixed-message `"YAML file not found"` for
+ *   ENOENT so the caller can branch on it.
+ * - Throws `Error("Failed to read session.yaml", { cause })` for parse
+ *   failures and schema violations (cause is either the YAML parser error
+ *   or the zod error).
+ */
+declare function readSessionYaml(paths: BasouPaths, sessionId: string): Promise<Session>;
+/**
+ * Classify a `running` session as suspect using one of two rules:
+ *
+ * - Rule A (`events_say_ended_but_yaml_running`): events.jsonl contains a
+ *   `session_ended` event but the session.yaml is still `running`. The
+ *   session ended cleanly in the event log but the YAML write was lost or
+ *   never reached.
+ * - Rule B (`running_no_end_event`): no `session_ended` event and the last
+ *   event is older than {@link STUCK_THRESHOLD_MS}. The process likely
+ *   crashed or was killed.
+ *
+ * Sessions that are not `running` are never suspect.
+ *
+ * I/O failure on events.jsonl is re-thrown unwrapped so the caller can
+ * degrade with a warning instead of treating the session as healthy. The
+ * caller is also responsible for surfacing replay warnings via `onWarning`.
+ */
+declare function classifySuspect(paths: BasouPaths, sessionId: string, session: Session, now: Date, onWarning?: (warning: ReplayWarning) => void): Promise<{
+    suspect: boolean;
+    suspectReason: SuspectReason | null;
+}>;
+/**
+ * High-level helper that enumerates session dirs, reads each `session.yaml`,
+ * and classifies suspect for `running` sessions in one pass.
+ *
+ * Per-session degradations are surfaced via `options.onSkip`:
+ * - `session_yaml_missing` (ENOENT) and `session_yaml_invalid` (parse or
+ *   schema violation): the entry is omitted from the result.
+ * - `events_jsonl_unreadable`: the entry is still pushed with `suspect=false`
+ *   so callers can render the session row plus a CLI-side warning.
+ *
+ * `options.now` is taken once and threaded into every {@link classifySuspect}
+ * call so age comparisons are consistent across sessions.
+ */
+declare function loadSessionEntries(paths: BasouPaths, options: LoadSessionEntriesOptions): Promise<SessionEntry[]>;
+
+/** Marker line that begins the auto-generated region. */
+declare const GENERATED_START = "<!-- BASOU:GENERATED:START -->";
+/** Marker line that ends the auto-generated region. */
+declare const GENERATED_END = "<!-- BASOU:GENERATED:END -->";
+/**
+ * Result of parsing a markdown body for the BASOU:GENERATED marker region.
+ *
+ * The spec mandates strict line-level matching (see
+ * `docs/spec/generated-markdown.md#102-marker-convention`): a marker is
+ * only recognized when an entire line is exactly the marker string.
+ * Leading/trailing whitespace, comment compression, and BOM are treated as
+ * legacy formats (`no_markers`) so that re-generation refuses to silently
+ * overwrite a mismatched manual edit.
+ */
+type MarkerSection = {
+    kind: "ok";
+    before: string;
+    generated: string;
+    after: string;
+} | {
+    kind: "no_markers";
+} | {
+    kind: "missing_start";
+} | {
+    kind: "missing_end";
+} | {
+    kind: "multiple_pairs";
+} | {
+    kind: "wrong_order";
+};
+/**
+ * Read a markdown file as UTF-8 text. Returns `null` when the file does not
+ * exist; throws `Error("Failed to read markdown file", { cause })` for other
+ * I/O failures (pathless contract — never embed the absolute path in the
+ * thrown `message`).
+ */
+declare function readMarkdownFile(filePath: string): Promise<string | null>;
+/**
+ * Atomically write a markdown body via {@link atomicReplace}. The shared
+ * helper handles the tmp-file + rename sequence, `wx` collision guard, and
+ * best-effort tmp cleanup on failure.
+ *
+ * On any failure the original error is re-thrown as
+ * `Error("Failed to write markdown file", { cause })` (pathless contract).
+ */
+declare function writeMarkdownFile(filePath: string, body: string): Promise<void>;
+/**
+ * Parse a markdown body and identify the BASOU:GENERATED marker region.
+ *
+ * Returns one of six `kind` discriminants:
+ * - `ok`: exactly one START line followed by exactly one END line in the
+ *   correct order. `before` / `generated` / `after` slice the original
+ *   text by character offsets so CRLF / LF are preserved verbatim outside
+ *   the marker region.
+ * - `no_markers`: both START and END absent (legacy file / fresh write).
+ * - `missing_start` / `missing_end`: exactly one of the pair is present.
+ * - `multiple_pairs`: more than one START or END line.
+ * - `wrong_order`: END appears before START.
+ *
+ * Matching is strict: leading/trailing whitespace, BOM, and comment
+ * compression (`<!--BASOU:...-->`) all bypass the marker and are treated
+ * as legacy content.
+ */
+declare function parseMarkers(content: string): MarkerSection;
+/**
+ * Build the final markdown body by replacing the BASOU:GENERATED region.
+ *
+ * - `existing === null` (no file yet): return `<START>\n<generated>\n<END>\n`.
+ * - existing parses to `ok`: replace the marked region and keep everything
+ *   before START and after END untouched (preserving manual additions).
+ * - any other parse result: throw a pathless error referencing `fileLabel`.
+ *
+ * The caller passes `fileLabel` (e.g. `"handoff.md"` or `"decisions.md"`)
+ * so the error message is informative without leaking an absolute path.
+ */
+declare function renderWithMarkers(existing: string | null, generated: string, fileLabel: string): string;
+
+/**
+ * Options for {@link importSessionFromJson}. All fields are optional.
+ *
+ * - `labelOverride` / `taskIdOverride` come from the CLI `--label` / `--task`
+ *   flags and win over the corresponding fields on the input payload.
+ * - `dryRun` skips disk writes entirely and returns a preview result.
+ */
+type ImportSessionOptions = {
+    labelOverride?: string;
+    taskIdOverride?: string;
+    dryRun?: boolean;
+};
+/**
+ * Result of a successful import. `finalStatus` is always the literal
+ * `"imported"` (per the import-session lifecycle policy); `finalSourceKind`
+ * mirrors the input's `session.source.kind` so round-trip imports preserve
+ * provenance.
+ *
+ * `pathSanitizeReport` summarises how many path-shaped fields the importer
+ * rewrote on the way in: `related_files[]` entries plus a single boolean
+ * for `working_directory`. The CLI wrapper surfaces this as a one-line
+ * stderr warning when the total is non-zero so the operator sees that
+ * machine-private prefixes were stripped.
+ */
+type ImportSessionResult = {
+    sessionId: PrefixedId<"ses">;
+    eventCount: number;
+    finalStatus: SessionStatus;
+    finalSourceKind: SessionSourceKind;
+    pathSanitizeReport: {
+        relatedFiles: number;
+        workingDirectoryRewritten: boolean;
+    };
+};
+/**
+ * Import a round-trip JSON payload into `.basou/sessions/<new>/`. The caller
+ * MUST validate the payload against {@link SessionImportPayloadSchema} first
+ * and gate the `schema_version === "0.1.0"` literal check externally; this
+ * function trusts both invariants.
+ *
+ * On success a fresh session ID is minted and a complete
+ * `session.yaml` + `events.jsonl` pair is written atomically. On any post-
+ * mkdir failure the session directory is removed best-effort so partial
+ * imports do not leave `session_yaml_missing` half-states behind.
+ *
+ * Throws `Error` with one of the fixed messages enumerated by the import contract
+ * §"Error messages" table; the original native error is attached as `cause`
+ * for `--verbose` rendering.
+ */
+declare function importSessionFromJson(paths: BasouPaths, manifest: Manifest, payload: SessionImportPayload, options: ImportSessionOptions): Promise<ImportSessionResult>;
+
+/**
+ * Thrown when the ad-hoc session was fully written to disk (4 lifecycle
+ * events + N target events plus the initial `session.yaml`) but the final
+ * `session.yaml` update to status `completed` failed. The caller can read
+ * `sessionId` / `targetEventIds` to emit a retry-duplicate-prevention
+ * warning, since the target events themselves are already persisted in
+ * `events.jsonl`.
+ *
+ * `targetEventIds` is an array because a single ad-hoc session may carry
+ * multiple target events (e.g. `task new --status done` fires both
+ * `task_created` and `task_status_changed`). Callers that need a single
+ * anchor id should use `targetEventIds[0]`, which by convention is the
+ * primary event for the operation.
+ */
+declare class FailedToFinalizeError extends Error {
+    readonly sessionId: PrefixedId<"ses">;
+    readonly targetEventIds: ReadonlyArray<PrefixedId<"evt">>;
+    constructor(sessionId: PrefixedId<"ses">, targetEventIds: ReadonlyArray<PrefixedId<"evt">>, cause: unknown);
+}
+type CreateAdHocSessionInput = {
+    paths: BasouPaths;
+    manifest: Manifest;
+    /** Pre-built session label (caller is responsible for truncation). */
+    label: string;
+    /** ISO timestamp shared across the 5 lifecycle/target events. */
+    occurredAt: string;
+    sessionSource: SessionSourceKind;
+    workingDirectory: string;
+    invocation: {
+        command: string;
+        args: string[];
+    };
+    /**
+     * Optional task id to link this ad-hoc session to. When provided, both the
+     * initial and the final `session.yaml` writes embed `task_id` so the
+     * single-session-to-single-task invariant (see
+     * `docs/spec/workspace.md#21-confirmed-invariants`) holds for task-flavoured
+     * ad-hoc paths (`basou task new` / `task status` without `--session`).
+     * Defaults to `null` so existing callers (decision / note) are unchanged.
+     */
+    taskId?: PrefixedId<"task">;
+    /**
+     * Builds the variant-specific target events. Each builder receives the
+     * freshly minted session id and a freshly minted event id (one per
+     * builder) so callers can fill in cross-reference fields (`decision_id`,
+     * `body`, ...) without owning ID generation.
+     *
+     * The most common case is a single-element array (`[builder]`) for the
+     * one-target-event flows (`basou decision record`, `basou session note`,
+     * `basou task new --status planned`, `basou task status`,
+     * `basou task reconcile`). Two-element arrays are used by
+     * `basou task new --status done|cancelled` to emit `task_created` plus
+     * an immediate `task_status_changed` in the same atomic bulk write.
+     *
+     * Must be non-empty; an empty array is rejected at the start of
+     * {@link createAdHocSessionWithEvent}.
+     */
+    targetEventBuilders: ReadonlyArray<(sessionId: PrefixedId<"ses">, eventId: PrefixedId<"evt">) => Event>;
+};
+type CreateAdHocSessionResult = {
+    sessionId: PrefixedId<"ses">;
+    /**
+     * Target event IDs in the order their builders were supplied. Length
+     * equals `input.targetEventBuilders.length`. Callers that conceptually
+     * have a single anchor event should use `targetEventIds[0]`.
+     */
+    targetEventIds: PrefixedId<"evt">[];
+    /**
+     * Lifecycle event IDs in chronological order:
+     * `[started, status→running, status→completed, ended]`.
+     * Target event IDs are reported separately in {@link targetEventIds}.
+     */
+    lifecycleEventIds: PrefixedId<"evt">[];
+};
+/**
+ * Atomically create a fresh ad-hoc session that produces one or more target
+ * events then immediately closes itself. The session lifecycle
+ * (`initialized → running → completed`, see
+ * `docs/spec/terminal-and-import.md#62-transition-diagram`) is honored:
+ * `4 + N` events are
+ * written in one bulk atomic pass (where N = number of target builders) and
+ * `session.yaml` is written twice (`initialized` → `completed`).
+ *
+ * The single-target case (N = 1) covers `basou decision record`,
+ * `basou session note`, `basou task new --status planned|in_progress`,
+ * `basou task status`, and `basou task reconcile`. The two-target case
+ * (N = 2) covers `basou task new --status done|cancelled` which fires
+ * `task_created` followed immediately by `task_status_changed (planned → terminal)`
+ * so the audit trail captures the implicit transition.
+ *
+ * Failures during `mkdir`, the initial `session.yaml` write, or the bulk
+ * `events.jsonl` write trigger a best-effort `rm -rf` of the session
+ * directory so partial ad-hoc sessions do not pollute the workspace.
+ *
+ * A failure on the final `session.yaml` status update is fatal but the
+ * session directory is NOT cleaned up — `events.jsonl` is consistent and
+ * carries the full lifecycle trail, so callers can reconcile manually. The
+ * thrown {@link FailedToFinalizeError} carries the `sessionId` and
+ * `targetEventIds` so the CLI layer can warn the user not to re-run the
+ * command and duplicate the target events.
+ *
+ * Direct (non-CLI) callers are self-defended by zod boundary parses on
+ * `sessionSource` and the initial session record.
+ */
+declare function createAdHocSessionWithEvent(input: CreateAdHocSessionInput): Promise<CreateAdHocSessionResult>;
+type AttachableStatus = "initialized" | "running" | "waiting_approval";
+type AppendEventToExistingInput = {
+    paths: BasouPaths;
+    /** Already resolved via `resolveSessionId`; parsed at boundary again. */
+    sessionId: PrefixedId<"ses">;
+    attachableStatuses?: ReadonlySet<AttachableStatus>;
+    eventBuilder: (eventId: PrefixedId<"evt">) => Event;
+};
+type AppendEventToExistingResult = {
+    eventId: PrefixedId<"evt">;
+    sessionStatus: SessionStatus;
+};
+/**
+ * Read `session.yaml`, verify the session is in an attachable state, and
+ * append a single event to its `events.jsonl`. `session.yaml` is NOT modified
+ * so the caller can safely append `decision_recorded` / `note_added` without
+ * mutating `related_files`, `summary`, or the session status.
+ *
+ * Race note: the status check and the event append are not atomic.
+ * Between them another writer (e.g. `basou run claude-code` ending its
+ * session) can flip the YAML to `completed` and append `session_ended`.
+ * v0.1 accepts this race; the `events_say_ended_but_yaml_running`-style
+ * suspect rule surfaces the inconsistency. Per-session locking is
+ * deferred to a v0.3+ follow-up.
+ */
+declare function appendEventToExistingSession(input: AppendEventToExistingInput): Promise<AppendEventToExistingResult>;
+
+type TaskDocument = {
+    /** Parsed + zod-validated front matter. */
+    task: Task;
+    /** Raw markdown body after the closing front matter delimiter. */
+    body: string;
+};
+/**
+ * Read and validate `<paths.tasks>/<taskId>.md`. Returns the parsed front
+ * matter (Task) plus the markdown body string. Error contract:
+ *
+ *   - ENOENT → throw `"Task file not found"`.
+ *   - format violation → throw `"Invalid task file format"`.
+ *   - YAML parse / schema violation → throw `"Failed to read task file"`.
+ *   - any other I/O failure → throw `"Failed to read task file"` with cause.
+ */
+declare function readTaskFile(paths: BasouPaths, taskId: string): Promise<TaskDocument>;
+type WriteTaskFileMode = "create" | "overwrite";
+/**
+ * Atomically write `<paths.tasks>/<taskId>.md`.
+ *
+ * `mode: "create"` delegates to {@link atomicCreate} so a pre-existing file
+ * fails fast with EEXIST → `"Task file already exists"`.
+ * `mode: "overwrite"` delegates to {@link atomicReplace} and silently
+ * replaces any prior file.
+ *
+ * The serialised body is structured as:
+ *
+ *   ---\n
+ *   <yaml>\n
+ *   ---\n
+ *   \n
+ *   <body>\n        (only when body is non-empty)
+ */
+declare function writeTaskFile(paths: BasouPaths, taskId: string, doc: TaskDocument, options: {
+    mode: WriteTaskFileMode;
+}): Promise<void>;
+/**
+ * Enumerate task ids by listing `<paths.tasks>/`. Filenames that do not
+ * match the `<task_id>.md` shape, or that decode to a non-conforming task
+ * id (per `TaskIdSchema`), are silently skipped — they are surfaced via
+ * the caller's `options.onSkip` hook in {@link loadTaskEntries} so list
+ * commands can show a warning row.
+ *
+ * Returns ids in ULID-ascending order (filename sort matches ULID order).
+ * Empty directory or ENOENT → `[]`. Other I/O failures throw
+ * `"Failed to enumerate tasks"`.
+ */
+declare function enumerateTaskIds(paths: BasouPaths): Promise<string[]>;
+/**
+ * Enumerate task ids inside `<paths.tasks>/archive/`. Returns `[]` when the
+ * archive directory does not exist (= no task has ever been archived).
+ * Filtering / ordering rules mirror {@link enumerateTaskIds}.
+ */
+declare function enumerateArchivedTaskIds(paths: BasouPaths): Promise<string[]>;
+/**
+ * Read a task.md file looking in the main tasks directory first and falling
+ * back to `<paths.tasks>/archive/` if the file is missing there. Returns the
+ * parsed document plus a flag indicating whether the hit came from the
+ * archive dir. Useful for `basou task show` which surfaces archived tasks
+ * read-only without requiring the operator to opt in.
+ *
+ * Error contract matches {@link readTaskFile} — only the lookup location
+ * differs.
+ */
+declare function readTaskFileWithArchiveFallback(paths: BasouPaths, taskId: string): Promise<{
+    doc: TaskDocument;
+    archived: boolean;
+}>;
+type TaskSkipReason = "task_file_invalid" | "task_file_unreadable";
+type LoadTaskEntriesOptions = {
+    onSkip?: (taskId: string, reason: TaskSkipReason) => void;
+};
+/**
+ * Read every task.md under `<paths.tasks>/` and return the valid documents,
+ * skipping malformed / unreadable files with an `onSkip` callback for each.
+ *
+ * Returned entries are sorted ascending by `task.created_at` (internal asc;
+ * the CLI layer reverses for newest-first display).
+ */
+declare function loadTaskEntries(paths: BasouPaths, options?: LoadTaskEntriesOptions): Promise<TaskDocument[]>;
+/**
+ * Thrown when the task event (`task_created` / `task_status_changed`) was
+ * fully persisted to events.jsonl but the accompanying `task.md` write
+ * failed. The caller is responsible for surfacing a "do not rerun"
+ * warning — re-running the same CLI invocation would duplicate the event
+ * in events.jsonl.
+ *
+ * Reconciliation (= regenerating the missing task.md from events) is a
+ * v0.2 follow-up (= `task reconcile` family).
+ */
+/**
+ * `phase` identifies which staged write failed after the event commit:
+ *   - `create`: task.md create write (ad-hoc or attach path)
+ *   - `overwrite`: task.md overwrite during a status change
+ *   - `link-session`: session.yaml `task_id` update during the attach path
+ *     (split out so CLI warnings describe the actual unsafe artefact
+ *     instead of always saying "task.md creation failed")
+ *   - `reconcile`: task.md overwrite during `basou task reconcile --write`
+ *     after the `task_reconciled` event was persisted
+ *   - `reconcile-finalize`: ad-hoc reconcile session finalize failed (=
+ *     `FailedToFinalizeError` caught and re-classified)
+ *   - `reconcile-concurrent`: task.md was modified between the pre-write
+ *     snapshot and the post-event re-read; the operator is told to re-run
+ *     reconcile rather than overwrite a stale snapshot
+ */
+type TaskWriteAfterEventPhase = "create" | "overwrite" | "link-session" | "reconcile" | "reconcile-finalize" | "reconcile-concurrent" | "linkage-refresh" | "linkage-refresh-finalize" | "linkage-refresh-concurrent" | "delete" | "archive";
+declare class TaskWriteAfterEventError extends Error {
+    readonly taskId: PrefixedId<"task">;
+    readonly eventId: PrefixedId<"evt">;
+    readonly sessionId: PrefixedId<"ses">;
+    readonly phase: TaskWriteAfterEventPhase;
+    constructor(args: {
+        taskId: PrefixedId<"task">;
+        eventId: PrefixedId<"evt">;
+        sessionId: PrefixedId<"ses">;
+        phase: TaskWriteAfterEventPhase;
+        cause: unknown;
+    });
+}
+type CreateAdHocTaskInput = {
+    mode: "ad-hoc";
+    paths: BasouPaths;
+    manifest: Manifest;
+    occurredAt: string;
+    taskId: PrefixedId<"task">;
+    title: string;
+    label?: string;
+    initialStatus: TaskStatus;
+    description: string;
+    workingDirectory: string;
+    /**
+     * Optional override for `task.md.updated_at` when `initialStatus` is a
+     * terminal value (done / cancelled). Lets the operator backdate a
+     * retroactively-recorded completed task so `task.md` reflects the actual
+     * completion moment while `events.jsonl` keeps recording time. Ignored
+     * for non-terminal statuses.
+     */
+    completedAt?: string;
+};
+type AttachTaskInput = {
+    mode: "attach";
+    paths: BasouPaths;
+    occurredAt: string;
+    sessionId: PrefixedId<"ses">;
+    taskId: PrefixedId<"task">;
+    title: string;
+    label?: string;
+    initialStatus: TaskStatus;
+    description: string;
+    attachableStatuses?: ReadonlySet<AttachableStatus>;
+    /** See {@link CreateAdHocTaskInput.completedAt}. */
+    completedAt?: string;
+};
+type CreateTaskInput = CreateAdHocTaskInput | AttachTaskInput;
+type CreateTaskResult = {
+    taskId: PrefixedId<"task">;
+    eventId: PrefixedId<"evt">;
+    sessionId: PrefixedId<"ses">;
+    sessionStatus: SessionStatus;
+};
+/**
+ * Create a new task: fires a single `task_created` event and writes
+ * `.basou/tasks/<taskId>.md` with status = `initialStatus`.
+ *
+ * Ad-hoc path: a fresh ad-hoc session is minted (5-event bulk write,
+ * `task_created` as the target event, session.yaml.task_id pinned to the
+ * new task).
+ *
+ * Attach path: the target session's `task_id` is validated against the
+ * session ⇆ task anchor invariant (see
+ * `docs/spec/workspace.md#21-confirmed-invariants`; null → updated to the
+ * new task; existing X → rejected since X is already owned). If validation
+ * passes, the event is appended to events.jsonl and session.yaml's
+ * `task_id` is updated to the new task.
+ *
+ * Race window (v0.1 accepts): stage 2 writes the event, stage 3 writes
+ * task.md. A failure on stage 3 leaves events.jsonl ahead of task.md;
+ * {@link TaskWriteAfterEventError} surfaces this with a "do not rerun"
+ * warning so the operator can reconcile manually until the v0.2 reconcile
+ * flow arrives.
+ */
+declare function createTaskWithEvent(input: CreateTaskInput): Promise<CreateTaskResult>;
+type UpdateAdHocTaskStatusInput = {
+    mode: "ad-hoc";
+    paths: BasouPaths;
+    manifest: Manifest;
+    occurredAt: string;
+    taskId: PrefixedId<"task">;
+    newStatus: TaskStatus;
+    workingDirectory: string;
+};
+type AttachUpdateTaskStatusInput = {
+    mode: "attach";
+    paths: BasouPaths;
+    occurredAt: string;
+    sessionId: PrefixedId<"ses">;
+    taskId: PrefixedId<"task">;
+    newStatus: TaskStatus;
+    attachableStatuses?: ReadonlySet<AttachableStatus>;
+};
+type UpdateTaskStatusInput = UpdateAdHocTaskStatusInput | AttachUpdateTaskStatusInput;
+type UpdateTaskStatusResult = {
+    taskId: PrefixedId<"task">;
+    eventId: PrefixedId<"evt">;
+    sessionId: PrefixedId<"ses">;
+    sessionStatus: SessionStatus;
+    previousStatus: TaskStatus;
+    newStatus: TaskStatus;
+};
+/**
+ * Fire a `task_status_changed` event and overwrite the task.md front matter
+ * with the new status / `updated_at` / appended-but-deduped `linked_sessions`.
+ *
+ * Validates the transition BEFORE any event write so a rejected transition
+ * leaves events.jsonl untouched. The canonical edge set lives in
+ * {@link ALLOWED_TRANSITIONS}; the current shape is:
+ *   planned → {in_progress, done, cancelled}
+ *   in_progress → {done, cancelled}
+ *   done / cancelled are terminal (= idempotent same-state is rejected too).
+ */
+declare function updateTaskStatusWithEvent(input: UpdateTaskStatusInput): Promise<UpdateTaskStatusResult>;
+/**
+ * Single-task audit result. Always returned by {@link reconcileTask} regardless
+ * of mode: in dry-run the `clean` / `broken*` fields describe what would change
+ * and `reconcileSession` is `null`; in write mode the same fields describe
+ * what did change and `reconcileSession` carries the minted ad-hoc session +
+ * `task_reconciled` event ids.
+ *
+ * Broken `linked_sessions[]` entries are deduplicated against the same session
+ * id appearing more than once in the source task.md (hand-edit defence).
+ */
+type ReconcileResult = {
+    taskId: PrefixedId<"task">;
+    clean: boolean;
+    brokenCreatedInSession: PrefixedId<"ses"> | null;
+    brokenLinkedSessions: PrefixedId<"ses">[];
+    reconcileSession: {
+        sessionId: PrefixedId<"ses">;
+        eventId: PrefixedId<"evt">;
+    } | null;
+};
+/**
+ * Per-task failure record collected by {@link reconcileAllTasks}. The scan
+ * keeps running on isolated failures so one bad task does not freeze the
+ * batch; the CLI layer renders this list and exits 1 if any entry is present.
+ *
+ * `phase` is populated only for {@link TaskWriteAfterEventError}; for any
+ * other error class it is `null` and the operator must use `--verbose` to
+ * surface the cause chain.
+ */
+type ReconcileFailure = {
+    taskId: PrefixedId<"task">;
+    errorClass: string;
+    phase: TaskWriteAfterEventPhase | null;
+};
+/**
+ * Batch audit result. Order follows `enumerateTaskIds(paths)` (ULID-ascending).
+ * `scanned` is the number of readable task.md files processed (= excludes
+ * malformed task.md from the count so an integrity-broken file does not
+ * pad the total).
+ */
+type ReconcileAllResult = {
+    results: ReconcileResult[];
+    failed: ReconcileFailure[];
+    scanned: number;
+};
+type ReconcileTaskInput = {
+    taskId: PrefixedId<"task">;
+    occurredAt: string;
+    workingDirectory: string;
+    write: boolean;
+    /**
+     * Whether the caller invoked reconcile against a single task (`--task <id>`)
+     * or as part of a full scan. The ad-hoc reconcile session records the form
+     * on its `invocation.args` so audit trails distinguish targeted repairs
+     * from sweeps:
+     *   - `"single"` -> `["--task", <taskId>, "--write"]`
+     *   - `"all"`    -> `["--write"]` (= the operator typed no task id, so the
+     *     scan-wide intent is preserved instead of synthesising one per task)
+     * Defaults to `"single"` so direct callers (tests, programmatic uses) keep
+     * the targeted form without an explicit argument.
+     */
+    scope?: "single" | "all";
+    /**
+     * Test-only hook: the test runner uses this to mutate the task file
+     * from outside the reconcile flow between the pre-write snapshot and
+     * the post-event re-read, simulating a concurrent edit so the
+     * `reconcile-concurrent` branch can be exercised deterministically.
+     * Production callers leave it undefined.
+     */
+    _onPhaseCompleted?: (phase: "phase-4-snapshot" | "phase-5-bulk-write") => Promise<void>;
+};
+type ReconcileAllTasksInput = {
+    /**
+     * Per-task timestamp factory. Each reconciled task gets a fresh ISO string
+     * so concurrent ad-hoc sessions do not collide on `occurred_at`. The CLI
+     * layer wires this to `ctx.nowProvider().toISOString()`.
+     */
+    occurredAt: () => string;
+    workingDirectory: string;
+    write: boolean;
+};
+type ReconcileAllTasksOptions = {
+    /**
+     * When true the result includes clean tasks (= no broken refs). The CLI
+     * layer leaves this false so the human output only mentions tasks that
+     * actually changed.
+     */
+    includeClean?: boolean;
+};
+/**
+ * Audit a single task's session references. In `write: false` mode this is a
+ * pure read-only report (no events, no task.md change). In `write: true` mode,
+ * if any broken reference is found, mint an ad-hoc reconcile session, fire
+ * `task_reconciled`, and overwrite task.md with the repaired refs.
+ *
+ * The broken `created_in_session` field is REPLACED with the new reconcile
+ * session id rather than nulled out — `TaskSchema.created_in_session` is
+ * non-nullable, so dropping it would leave the file schema-invalid.
+ * The old broken id is preserved on the event payload via
+ * `removed_created_in_session` for audit.
+ *
+ * Stages — failures after stage 5 surface a phase-specific
+ * {@link TaskWriteAfterEventError} so the CLI can render a tailored "do not
+ * rerun" hint:
+ *   1. Boundary parse
+ *   2. Read task.md AND snapshot its mtime/hash from the same raw bytes,
+ *      then detect broken refs (sharing the raw bytes here closes the
+ *      readTaskFile-then-snapshot race window).
+ *   3. Early return when clean (no event fired, no overwrite)
+ *   4. (no separate stage anymore — snapshot is taken at stage 2)
+ *   5. Mint ad-hoc session + `task_reconciled` event (catch
+ *      `FailedToFinalizeError` → `phase: "reconcile-finalize"`)
+ *   6. Re-snapshot task.md; if changed since stage 2 →
+ *      `phase: "reconcile-concurrent"`
+ *   7. Overwrite task.md; failure → `phase: "reconcile"`
+ */
+declare function reconcileTask(paths: BasouPaths, manifest: Manifest, input: ReconcileTaskInput): Promise<ReconcileResult>;
+/**
+ * Reconcile every task in `.basou/tasks/`. Continues on per-task failures so
+ * an isolated {@link TaskWriteAfterEventError} does not stop the batch.
+ * Malformed task.md files are skipped silently and excluded from `scanned`.
+ */
+declare function reconcileAllTasks(paths: BasouPaths, manifest: Manifest, input: ReconcileAllTasksInput, options?: ReconcileAllTasksOptions): Promise<ReconcileAllResult>;
+/**
+ * Single-task linkage refresh result. In `write: false` mode this is a pure
+ * dry-run report (no event, no task.md change); `addedLinkedSessions` and
+ * `removedLinkedSessions` describe what would change. In `write: true` mode
+ * the same fields describe what did change and `refreshSession` carries the
+ * ad-hoc session + `task_linkage_refreshed` event ids that were minted.
+ *
+ * `clean === true` means the existing `task.md.linked_sessions[]` already
+ * matches the union of `session.yaml.task_id` matches plus the anchor
+ * (`created_in_session`) — no event fired, no overwrite.
+ */
+type RefreshLinkageResult = {
+    taskId: PrefixedId<"task">;
+    clean: boolean;
+    addedLinkedSessions: PrefixedId<"ses">[];
+    removedLinkedSessions: PrefixedId<"ses">[];
+    /** Number of entries in `linked_sessions[]` after the refresh would run. */
+    finalCount: number;
+    refreshSession: {
+        sessionId: PrefixedId<"ses">;
+        eventId: PrefixedId<"evt">;
+    } | null;
+};
+type RefreshLinkageInput = {
+    taskId: PrefixedId<"task">;
+    occurredAt: string;
+    workingDirectory: string;
+    write: boolean;
+};
+/**
+ * Refresh `task.md.linked_sessions[]` so it matches the union of
+ * `session.yaml.task_id` references in the workspace plus the
+ * `created_in_session` anchor. In `write: false` this is a pure read-only
+ * report; in `write: true` the diff is recorded as a
+ * `task_linkage_refreshed` event inside a fresh ad-hoc session and the
+ * task.md is overwritten with the new snapshot.
+ *
+ * Stages mirror `reconcileTask` so the operator gets the same
+ * "do-not-rerun" hint shape on partial failure:
+ *   1. Boundary parse
+ *   2. Read task.md AND snapshot its mtime/hash from the same raw bytes
+ *   3. Detect linkage delta (= scan workspace session.yaml)
+ *   4. Early return when clean
+ *   5. Mint ad-hoc session + `task_linkage_refreshed` event (catch
+ *      `FailedToFinalizeError` → `phase: "linkage-refresh-finalize"`)
+ *   6. Re-snapshot task.md; if changed since stage 2 →
+ *      `phase: "linkage-refresh-concurrent"`
+ *   7. Overwrite task.md; failure → `phase: "linkage-refresh"`
+ *
+ * The refresh event is distinct from `task_reconciled` (= broken-ref
+ * cleanup, `.strict()` with broken-ref-specific fields) so each event
+ * carries a single, focused audit story. Reusing `task_reconciled` here
+ * would either redefine its semantics or require widening its strict
+ * schema, both of which break replay determinism for older events.
+ */
+declare function refreshTaskLinkedSessions(paths: BasouPaths, manifest: Manifest, input: RefreshLinkageInput): Promise<RefreshLinkageResult>;
+type EditTaskInput = {
+    paths: BasouPaths;
+    taskId: PrefixedId<"task">;
+    /** New title; rejected when empty. Undefined leaves the field unchanged. */
+    title?: string;
+    /**
+     * New status; routed through transition rules so the call rejects
+     * invalid edges (e.g. `done -> planned`). Undefined leaves the field
+     * unchanged.
+     */
+    newStatus?: TaskStatus;
+    occurredAt: string;
+    /**
+     * Required when {@link newStatus} is provided — the status change fires
+     * a `task_status_changed` event in a fresh ad-hoc session, which needs
+     * a Manifest to seed the new session record. Title-only edits ignore
+     * this field.
+     */
+    manifest?: Manifest;
+    /** Working directory for the ad-hoc status-change session. */
+    workingDirectory?: string;
+};
+type EditTaskResult = {
+    taskId: PrefixedId<"task">;
+    titleUpdated: boolean;
+    statusUpdated: boolean;
+    /** When {@link statusUpdated} is true, the previous status before the edit. */
+    previousStatus: TaskStatus | null;
+    /** When {@link statusUpdated} is true, the new status. */
+    newStatus: TaskStatus | null;
+    /** ad-hoc session minted when status was changed; null for title-only edits. */
+    statusChangeSession: {
+        sessionId: PrefixedId<"ses">;
+        eventId: PrefixedId<"evt">;
+    } | null;
+};
+/**
+ * Update one or both of the user-editable fields on a task.md.
+ *
+ * - `title`: in-place overwrite of `task.md` only. v0.1 does not emit a
+ *   `task_title_changed` event — title changes are storage-level metadata
+ *   maintenance, not part of the audit trail.
+ * - `newStatus`: routed through {@link updateTaskStatusWithEvent} so the
+ *   ALLOWED_TRANSITIONS gate is honored and a `task_status_changed` event is
+ *   appended to the audit trail.
+ *
+ * When both are supplied the status change runs first (= event committed)
+ * and then the title overwrite runs against the freshly updated task.md
+ * (= same `updated_at` from the status change). A failure of the
+ * subsequent title overwrite leaves the status change committed; the
+ * status-change side of an edit is the only side with an event, so the
+ * audit trail is consistent regardless.
+ */
+declare function editTask(input: EditTaskInput): Promise<EditTaskResult>;
+type DeleteTaskInput = {
+    paths: BasouPaths;
+    manifest: Manifest;
+    taskId: PrefixedId<"task">;
+    occurredAt: string;
+    workingDirectory: string;
+};
+type DeleteTaskResult = {
+    taskId: PrefixedId<"task">;
+    title: string;
+    sessionId: PrefixedId<"ses">;
+    eventId: PrefixedId<"evt">;
+};
+/**
+ * Hard-delete a task.md file with a `task_deleted` audit event.
+ *
+ * Sequence:
+ *   1. Read task.md to capture the current title (which goes onto the
+ *      event payload so the audit record is self-describing even after
+ *      the file is gone).
+ *   2. Mint an ad-hoc session, fire `task_deleted` as the target event.
+ *      The session's `task_id` is intentionally NOT pinned to the
+ *      to-be-deleted task — otherwise the audit session would carry a
+ *      broken reference the moment we unlink the file.
+ *   3. Unlink `<paths.tasks>/<task_id>.md`.
+ *
+ * Failure of step 3 after the event is committed surfaces as a
+ * {@link TaskWriteAfterEventError} with `phase: "delete"`; the operator
+ * is told the event is durable but task.md still exists, and that a
+ * manual `rm` (or a rerun) is required.
+ *
+ * v0.1 contract: no tombstone, no recovery. Restoring a deleted task is
+ * not supported; the event payload (`task_id` + `title`) is the only
+ * persistent record after the unlink succeeds.
+ */
+declare function deleteTask(input: DeleteTaskInput): Promise<DeleteTaskResult>;
+type ArchiveTaskInput = {
+    paths: BasouPaths;
+    manifest: Manifest;
+    taskId: PrefixedId<"task">;
+    occurredAt: string;
+    workingDirectory: string;
+};
+type ArchiveTaskResult = {
+    taskId: PrefixedId<"task">;
+    title: string;
+    sessionId: PrefixedId<"ses">;
+    eventId: PrefixedId<"evt">;
+};
+/**
+ * Move a task.md file from `<paths.tasks>/<id>.md` to
+ * `<paths.tasks>/archive/<id>.md` with a `task_archived` audit event.
+ *
+ * Sequence:
+ *   1. Read task.md to capture the current title and existing content.
+ *   2. Mint an ad-hoc session, fire `task_archived` as the target event.
+ *      The session's `task_id` IS pinned to the archived task — unlike
+ *      `task_deleted`, the task continues to exist (just at a new path),
+ *      so the session-task linkage stays a valid forward reference.
+ *   3. Append the audit session to the task's `linked_sessions[]` and
+ *      overwrite the source task.md so the snapshot reflects the archive
+ *      session before the move.
+ *   4. Ensure the archive directory exists.
+ *   5. Rename main/<id>.md to archive/<id>.md (= atomic on the same fs).
+ *
+ * Failure modes after step 2 surface as
+ * {@link TaskWriteAfterEventError} with `phase: "archive"`; the operator
+ * is told the event is durable but the on-disk move is incomplete and
+ * must be resolved manually (typically by rerunning `task archive`).
+ */
+declare function archiveTask(input: ArchiveTaskInput): Promise<ArchiveTaskResult>;
+
+/**
+ * Resolve a possibly-truncated session id prefix to a full session id by
+ * scanning `<paths.sessions>/`. Existing message contract (carried over
+ * from `packages/cli/src/commands/session.ts` 経由の Step 12 実装) is
+ * preserved exactly so callers that grep stderr keep working:
+ *
+ *   - `"Session id is empty"`
+ *   - `"Session not found: <input>"`
+ *   - `"Ambiguous session id '<input>': matched <N> sessions. Disambiguate
+ *      with a longer prefix."`
+ */
+declare function resolveSessionId(paths: BasouPaths, input: string): Promise<string>;
+/**
+ * Resolve a possibly-truncated task id prefix to a full task id by scanning
+ * `<paths.tasks>/`. Mirrors {@link resolveSessionId} with the noun changed
+ * to `task` in every error message.
+ *
+ * `options.includeArchived` extends the scan to `<paths.tasks>/archive/` so
+ * read-only commands (e.g. `basou task show`) can address tasks that were
+ * archived by `basou task archive`. Defaults to `false` so destructive flows
+ * (status change, edit, delete, archive itself) cannot operate on archived
+ * tasks accidentally.
+ */
+declare function resolveTaskId(paths: BasouPaths, input: string, options?: {
+    includeArchived?: boolean;
+}): Promise<string>;
+
+/**
+ * Options for {@link sanitizePath}. Both `workingDirectory` and `homedir`
+ * are absolute POSIX paths the caller has already resolved (typically via
+ * `process.cwd()` and `os.homedir()`). Callers are responsible for passing
+ * fully normalised values; the sanitizer normalises them again internally
+ * so a trailing slash or `.`-segment does not corrupt the prefix match.
+ */
+type SanitizePathOptions = {
+    /**
+     * The session's working directory (= the `working_directory` field the
+     * caller is about to write). Paths under this directory are rewritten
+     * relative to it so the operator-private absolute prefix never leaks
+     * into the workspace's persistent state.
+     */
+    workingDirectory: string;
+    /**
+     * The operator's home directory. Paths under this directory (but NOT
+     * under `workingDirectory`) are rewritten with a `~/` prefix.
+     */
+    homedir: string;
+};
+/**
+ * Rewrite an absolute path into a workspace-friendly form so the persisted
+ * state of `.basou/` does not leak the operator's machine layout:
+ *
+ *   1. Paths under `opts.workingDirectory` become repository-relative
+ *      (e.g. `<wd>/src/x.ts` → `src/x.ts`, `<wd>` itself → `.`).
+ *   2. Paths under `opts.homedir` (but not workingDirectory) become
+ *      tilde-prefixed (`/Users/u/notes/x.md` → `~/notes/x.md`,
+ *      `/Users/u` → `~`).
+ *   3. Anything else — relative paths, system paths under `/etc/*`,
+ *      `..`-escapes from either base, paths that simply do not share a
+ *      prefix with either option — is returned verbatim (after `..`
+ *      normalisation). The sanitizer is intentionally non-redacting on
+ *      system paths so an operator who deliberately recorded a system
+ *      file (e.g. `/etc/hosts`) is not silently stripped of context.
+ *
+ * Hardening:
+ *   - A null byte in the input is rejected with `Invalid path: contains
+ *     null byte` (= POSIX path APIs treat \0 as terminator and any path
+ *     containing one is malformed; we never accept it on the write side).
+ *   - `..` segments are resolved purely (no fs access) so the prefix
+ *     match cannot be defeated by `<wd>/../escape/x.ts` masquerading as
+ *     workingDirectory-internal.
+ *   - Backslashes are folded to forward slashes so a Windows-style input
+ *     can still be matched against POSIX bases. v0.3 targets macOS /
+ *     Linux only; full Windows support is a v0.4+ task.
+ */
+declare function sanitizePath(rawPath: string, opts: SanitizePathOptions): string;
+/**
+ * Sanitize the `working_directory` field itself. This is a distinct entry
+ * point because the field's own value is the workingDirectory of every
+ * `related_files[]` entry written alongside it — running it through
+ * {@link sanitizePath} with `opts.workingDirectory = rawPath` would
+ * collapse the result to `"."` and lose the homedir-relative form the
+ * spec requires.
+ *
+ * Strategy: bypass the workingDirectory rule entirely by passing a
+ * sentinel that no real path can match. The homedir rule (rule 2) and
+ * the preserve-as-is rule (rule 3) still apply, so:
+ *   - `/Users/u/projects/foo` → `~/projects/foo`
+ *   - `/Users/u` → `~`
+ *   - `/srv/work` → `/srv/work` (preserved, off-tree)
+ *
+ * Callers should still pass the live `homedir` so the rewrite uses the
+ * real operator-private prefix.
+ */
+declare function sanitizeWorkingDirectory(rawPath: string, opts: Pick<SanitizePathOptions, "homedir">): string;
+/** Result of {@link sanitizeRelatedFiles}. */
+type SanitizeRelatedFilesResult = {
+    /** Sanitized path list (same length as the input). */
+    sanitized: string[];
+    /** Number of entries whose sanitized form differs from the input. */
+    mutationCount: number;
+};
+/**
+ * Apply {@link sanitizePath} to every entry of a `related_files[]` array
+ * and report how many entries actually changed shape so callers (e.g. the
+ * session-import CLI) can surface a single-line warning. The helper does
+ * not deduplicate — callers already collect related_files into a Set
+ * before serialising.
+ */
+declare function sanitizeRelatedFiles(paths: ReadonlyArray<string>, opts: SanitizePathOptions): SanitizeRelatedFilesResult;
+
+/** Input contract for {@link renderHandoff}. */
+type HandoffRendererInput = {
+    paths: BasouPaths;
+    /** ISO timestamp embedded in the generated body header. Caller-provided for testability. */
+    nowIso: string;
+    /** Forwarded to {@link replayEvents} / {@link loadSessionEntries} per session. */
+    onWarning?: (warning: ReplayWarning, sessionId: string) => void;
+    /**
+     * Per-session degradation reasons (missing/invalid session.yaml or
+     * unreadable events.jsonl). The CLI maps `events_jsonl_unreadable` to the
+     * existing suspect-check stderr wording to keep the user-facing surface
+     * consistent with `basou session list`.
+     */
+    onSessionSkip?: (sessionId: string, reason: SessionSkipReason) => void;
+    /**
+     * Per-task degradation reasons (invalid front matter / unreadable file).
+     * Surfaced so the CLI can warn the operator about a malformed task.md
+     * without aborting the handoff render.
+     */
+    onTaskSkip?: (taskId: string, reason: TaskSkipReason) => void;
+    /** Maximum related_files entries to display before `... +N more`. Default 20. */
+    relatedFilesLimit?: number;
+};
+type HandoffRendererResult = {
+    /** Generated body WITHOUT BASOU:GENERATED markers (markdown-store wraps them). */
+    body: string;
+    sessionCount: number;
+    decisionCount: number;
+    pendingApprovalsCount: number;
+    suspectCount: number;
+    /** Total number of task.md files successfully loaded. */
+    taskCount: number;
+    /** Tasks whose status is `planned` or `in_progress` (= shown in 次に実行すべき作業). */
+    pendingTaskCount: number;
+};
+/**
+ * Render the body of `handoff.md` from the current workspace state.
+ *
+ * The renderer is a pure function (no I/O beyond {@link replayEvents} /
+ * {@link loadSessionEntries} / {@link enumerateApprovals}). It assembles the
+ * the spec's `handoff.md` sections in order:
+ *
+ * 1. `現在の状態`: latest live session (status not archived, source not import).
+ * 2. `直近の変更ファイル`: union of `related_files` across sessions, dedup +
+ *    sorted asc + truncated to `relatedFilesLimit` (default 20).
+ * 3. `直近の判断`: latest `decision_recorded` event (chronological).
+ * 4. `未決事項`: pending-approval count + suspect-session count.
+ * 5. `次に読むべきファイル`: `.basou/decisions.md` + top-3 related files
+ *    (the same `displayedFiles` source is intentionally reused in two
+ *    sections — overview vs. resume context).
+ * 6. `次に実行すべき作業`: placeholder until task events land.
+ * 7. `セッション一覧`: all sessions newest first with inline suspect labels.
+ *
+ * Session enumeration goes through {@link loadSessionEntries} so the set of
+ * sessions whose `decision_recorded` events we replay matches the
+ * decisions renderer.
+ */
+declare function renderHandoff(input: HandoffRendererInput): Promise<HandoffRendererResult>;
+
+type DecisionsRendererInput = {
+    paths: BasouPaths;
+    nowIso: string;
+    onWarning?: (warning: ReplayWarning, sessionId: string) => void;
+    onSessionSkip?: (sessionId: string, reason: SessionSkipReason) => void;
+};
+type DecisionsRendererResult = {
+    /** Generated body WITHOUT BASOU:GENERATED markers. */
+    body: string;
+    decisionCount: number;
+};
+/**
+ * Render the body of `decisions.md` from `decision_recorded` events across
+ * every healthy session in the workspace.
+ *
+ * Session enumeration goes through {@link loadSessionEntries} (the same path
+ * the handoff renderer uses) so that `session.yaml`-broken sessions are
+ * skipped in BOTH outputs and the handoff's `decisionCount` summary stays
+ * consistent with the number of sections rendered here.
+ *
+ * Order: `occurred_at` ascending with `decisionId` (= ULID) as tie-breaker.
+ * Both fields are monotonic, so the result is a stable cross-session
+ * timeline.
+ *
+ * The decision rich fields (rationale / alternatives / rejected_reason /
+ * linked_events / linked_files) are rendered when the event carries them.
+ * `linked_events` and `linked_files` are OPAQUE references: the schema only
+ * validates the SHAPE, not existence — references that cannot be resolved
+ * to a known event id or an existing file on disk are surfaced inline as
+ * `(missing)` so cross-workspace round-trips never reject parse-time.
+ */
+declare function renderDecisions(input: DecisionsRendererInput): Promise<DecisionsRendererResult>;
+
+/**
+ * Internal abstraction over child-process execution.
+ *
+ * The v0.1 implementation is intentionally minimal:
+ * - Optional UTF-8 stdout/stderr capture (`capture: "buffer"`, default) or
+ *   pass-through to the parent's stdio (`capture: "none"`).
+ * - No stream callbacks for partial chunks.
+ * - No event emission. Callers wire any event flow separately.
+ *
+ * The boundary is internal: ProcessRunner is not part of the public
+ * adapter surface. Adapters do not import or instantiate it directly;
+ * CLI / Core orchestration owns construction and invocation.
+ */
+/**
+ * Output capture mode.
+ *
+ * - `"buffer"` (default): pipe stdout/stderr to the runner and accumulate
+ *   the full UTF-8 string into {@link RunResult}.
+ * - `"none"`: inherit the parent's stdio. The child writes directly to the
+ *   parent terminal in real time and {@link RunResult.stdout} /
+ *   {@link RunResult.stderr} are empty strings. `stdin` cannot be combined
+ *   with `"none"` because the child has no writable stdin pipe.
+ */
+type CaptureMode = "buffer" | "none";
+type RunOptions = {
+    /**
+     * Working directory for the child process. Required: callers resolve
+     * the workspace root themselves; the runner does not validate cwd
+     * existence and surfaces native spawn errors via classification.
+     */
+    readonly cwd: string;
+    /**
+     * Environment variables for the child. When omitted, the parent's
+     * `process.env` is inherited verbatim. Callers wanting a sanitized
+     * environment must build it explicitly.
+     */
+    readonly env?: NodeJS.ProcessEnv;
+    /**
+     * External cancellation. Aborting the signal triggers a two-stage
+     * kill (SIGTERM, then SIGKILL after a short grace period).
+     */
+    readonly signal?: AbortSignal;
+    /**
+     * Internal timeout in milliseconds. Must be a positive finite number.
+     * Triggers the same two-stage kill as `signal`.
+     */
+    readonly timeout_ms?: number;
+    /**
+     * Optional input written to the child's stdin. The pipe is closed
+     * after the value is written. Incompatible with `capture: "none"`.
+     */
+    readonly stdin?: string | Buffer;
+    /**
+     * Output capture mode. Defaults to `"buffer"`. See {@link CaptureMode}.
+     */
+    readonly capture?: CaptureMode;
+    /**
+     * Invoked synchronously immediately after the child has been spawned,
+     * before the runner waits for completion. Callers use this to retain a
+     * reference for parent-side cleanup (e.g. an `exit` hook that SIGKILLs
+     * the child if the parent is forcibly terminated). The runner takes no
+     * action if the callback throws.
+     */
+    readonly onSpawn?: (child: ChildProcess) => void;
+};
+type RunResult = {
+    readonly command: string;
+    readonly args: readonly string[];
+    readonly cwd: string;
+    /** `null` when the process was killed by a signal. */
+    readonly exit_code: number | null;
+    readonly signal: NodeJS.Signals | null;
+    readonly stdout: string;
+    readonly stderr: string;
+    /** ISO 8601 timestamp captured before spawn. */
+    readonly started_at: string;
+    /** ISO 8601 timestamp captured on the `close` event. */
+    readonly ended_at: string;
+    readonly duration_ms: number;
+    readonly pid: number | null;
+};
+type ProcessRunner = {
+    run(command: string, args: readonly string[], options: RunOptions): Promise<RunResult>;
+};
+
+/**
+ * Spawn-based ProcessRunner implementation.
+ *
+ * Behavior:
+ * - `shell: false` and `detached: false`. The process group is not
+ *   detached, but the OS does not guarantee the child is reaped when
+ *   the parent terminates abruptly; callers handle SIGINT/SIGTERM/exit
+ *   hooks themselves.
+ * - `capture: "buffer"` (default): `stdio: ['pipe', 'pipe', 'pipe']`,
+ *   stdout / stderr are decoded as UTF-8 and accumulated as full
+ *   strings (no streaming callbacks).
+ * - `capture: "none"`: `stdio: ['inherit', 'inherit', 'inherit']`, the
+ *   child writes directly to the parent terminal in real time and
+ *   `RunResult.stdout` / `stderr` are empty strings. `stdin` is
+ *   incompatible with this mode (the child has no writable stdin pipe)
+ *   and the combination is rejected before spawn.
+ * - `timeout_ms` and `AbortSignal` both trigger a two-stage kill:
+ *   `SIGTERM`, then `SIGKILL` after `DEFAULT_KILL_GRACE_MS` (5_000 ms).
+ * - A non-zero `exit_code` does not throw; it is returned via
+ *   `RunResult`. Spawn-time errors throw with a pathless message and
+ *   the original error attached as `cause`.
+ *
+ * Error message contract: messages never include `cwd` or absolute
+ * command paths. The original errno (and any nested wrapping) is
+ * preserved on `Error.cause`, allowing callers to classify with
+ * `findErrorCode` when needed.
+ */
+declare class ChildProcessRunner implements ProcessRunner {
+    run(command: string, args: readonly string[], options: RunOptions): Promise<RunResult>;
+}
+
+/**
+ * Payload subset of `git_snapshot` event, mechanically derived from the
+ * zod-inferred event type. The wrapping event-shape fields
+ * (schema_version, id, session_id, occurred_at, source, type) are added by
+ * the caller (session lifecycle in later steps) when constructing the
+ * event, so the schema remains the single source of truth.
+ *
+ * `ahead` / `behind` are omitted when there is no remote or no upstream
+ * tracking; the schema declares both as optional non-negative integers.
+ */
+type GitSnapshot = Omit<GitSnapshotEvent, "schema_version" | "id" | "session_id" | "occurred_at" | "source" | "type">;
+/**
+ * Resolve the absolute path of the Git repository root that contains `cwd`.
+ * Equivalent to `git rev-parse --show-toplevel`.
+ *
+ * Throws `Error("Git executable not found in PATH. Install git first.")`
+ * with the spawn error attached as `cause` when git itself is missing.
+ * Throws `Error("Not a git repository")` (without command-specific suffix)
+ * when `cwd` is not inside a repository — callers MAY wrap with their own
+ * "Run 'git init' first, then re-run 'basou XXX'." suffix.
+ *
+ * Pathless contract: the thrown message never embeds `cwd` or any absolute
+ * path; native errors are kept on `error.cause` for verbose surfacing.
+ */
+declare function resolveRepositoryRoot(cwd: string): Promise<string>;
+/**
+ * Read `remote.origin.url` from the local repository config. Returns
+ * `undefined` if the remote is unset, the value is empty, or the lookup
+ * fails for any reason (best-effort).
+ *
+ * The `--local` scope is critical: callers MUST NOT pick up the developer's
+ * global remote.origin.url, which could leak the wrong repository URL into
+ * `manifest.yaml`.
+ */
+declare function tryRemoteUrl(repositoryRoot: string): Promise<string | undefined>;
+/**
+ * Build a {@link GitSnapshot} for the repository at `repositoryRoot`. The
+ * caller is responsible for ensuring `repositoryRoot` is the canonical root
+ * (typically obtained via {@link resolveRepositoryRoot}); this function
+ * verifies repo membership via `git rev-parse --is-inside-work-tree` to
+ * distinguish a non-git directory from an empty repository.
+ *
+ * Edge cases:
+ * - **non-git directory**: throws `Error("Not a git repository")`
+ * - **empty repo (no commits)**: throws `Error("No commits in repository")`
+ * - **detached HEAD**: `branch = "HEAD"`, `head = commit hash`,
+ *   `ahead`/`behind` omitted
+ * - **no remote / no upstream tracking**: `ahead`/`behind` omitted
+ *
+ * Pathless contract preserved on every throw path.
+ */
+declare function getSnapshot(repositoryRoot: string): Promise<GitSnapshot>;
+
+/**
+ * Status classification used by the `file_changed` event schema. Limited to
+ * the four classes that simple-git's `git diff --name-status` reliably
+ * surfaces; copy / unmerged / typechange entries are intentionally dropped
+ * to keep the event payload shape narrow.
+ */
+type FileChangeStatus = "added" | "modified" | "deleted" | "renamed";
+/**
+ * Single file-level change observed between two refs. `old_path` is set
+ * only for `renamed` entries (the previous path of the file).
+ */
+type FileChange = {
+    path: string;
+    old_path?: string;
+    status: FileChangeStatus;
+};
+/**
+ * Result of {@link getDiff}. The `changed_files` array is in git's natural
+ * `--name-status` order; callers requiring deterministic ordering should
+ * sort by `path` themselves.
+ */
+type DiffResult = {
+    changed_files: FileChange[];
+};
+/**
+ * Compute the file-level diff between two git refs.
+ *
+ * Returns a list of changed file paths classified by status (added /
+ * modified / deleted / renamed). Diff content is intentionally NOT
+ * returned — `file_changed` events record paths only, and raw diff bodies
+ * are excluded so the trace cannot inadvertently leak source code that may
+ * be sensitive. Use `git show <ref>` to obtain the underlying diff.
+ *
+ * Pathless contract: every thrown message is a fixed string from the set
+ * {`Not a git repository`, `Git executable not found in PATH. Install git
+ * first.`, `Invalid ref`, `Failed to compute git diff`}; native errors are
+ * preserved on `Error.cause`.
+ *
+ * Special cases:
+ * - `baseRef === headRef` short-circuits to an empty result
+ * - copy / unmerged / typechange / unknown status codes are skipped
+ *
+ * @param repoRoot absolute path to the git repository root
+ * @param baseRef base ref (e.g. session-start HEAD sha)
+ * @param headRef head ref (e.g. session-end HEAD sha)
+ */
+declare function getDiff(repoRoot: string, baseRef: string, headRef: string): Promise<DiffResult>;
+
+/**
+ * Static metadata identifying the claude-code adapter as the session source.
+ * Consumed by the CLI orchestration when populating `session.yaml.source`
+ * and event `source` fields. The literal `kind` is part of the wire format
+ * defined by the session schema; do not change without coordinated schema
+ * migration.
+ */
+declare const claudeCodeAdapterMetadata: {
+    readonly kind: "claude-code-adapter";
+    readonly version: "0.1.0";
+};
+/**
+ * Lookup predicate used by {@link resolveClaudeCodeCommand} to decide
+ * whether a candidate executable is reachable on PATH. Exposed as a
+ * parameter so tests can substitute a deterministic mock; production
+ * callers should omit it and rely on the default `which`-based lookup.
+ */
+type CommandLookup = (command: string) => Promise<boolean>;
+/**
+ * Resolve the Claude Code CLI executable name. Tries `claude-code` first
+ * and falls back to `claude`; the first candidate found on PATH wins.
+ *
+ * Throws a fixed-message Error when neither candidate is reachable, so
+ * callers can present a single user-facing prompt to install the CLI.
+ *
+ * @throws Error("Claude Code CLI not found in PATH. Install claude-code (or claude) first.")
+ */
+declare function resolveClaudeCodeCommand(lookup?: CommandLookup): Promise<{
+    command: string;
+}>;
+/**
+ * Stub for the future `adapter_output` summary generator.
+ *
+ * v0.1 Step 11 keeps `capture: "none"` and intentionally does not emit
+ * `adapter_output` events, so this hook has no production callers yet.
+ * The signature is committed so that Step 12+ can implement raw_ref
+ * generation without retrofitting the adapter scaffold.
+ *
+ * @throws Error - always; not implemented in v0.1 Step 11.
+ */
+declare function summarizeAdapterOutput(_stream: "stdout" | "stderr", _raw: string): string;
+
+/**
+ * Append a single Basou event to `<sessionDir>/events.jsonl`.
+ *
+ * The event is validated against the discriminated union {@link EventSchema}
+ * before being serialized as a single JSONL line (UTF-8, terminated by `\n`).
+ * Validation enforces the per-variant contract (required fields, source
+ * vocabulary, strict variants such as `adapter_output`).
+ *
+ * Atomicity: writes go through `appendFile` which uses `O_APPEND`. Lines up
+ * to `PIPE_BUF` bytes (Linux 4096 / macOS 512) are written atomically by the
+ * kernel; longer lines may interleave with concurrent writers and are not
+ * recovered here. v0.1 assumes a single writer per session, so partial-line
+ * recovery is delegated to the read side (event replay) when introduced.
+ *
+ * Throws if validation fails or the underlying append errors. The thrown
+ * Error message is pathless; the original error is attached as `cause`.
+ *
+ * @param sessionDir absolute path to `.basou/sessions/<session_id>/`
+ * @param event unknown payload to validate and append
+ */
+declare function appendEvent(sessionDir: string, event: unknown): Promise<void>;
+/**
+ * Write `events.jsonl` in one atomic tmp+rename pass via {@link atomicReplace},
+ * validating every event against {@link EventSchema} before any disk I/O so
+ * a payload that fails validation never leaves a partial file behind.
+ *
+ * The helper is used by the round-trip importer (`session-import.ts`) and the
+ * ad-hoc session orchestrator (`ad-hoc-session.ts`) where a small, fixed batch
+ * of events must land together or not at all. Zero events produces a
+ * zero-byte file so the session_yaml `events_log` pointer remains valid.
+ *
+ * Throws `"Invalid Basou event payload"` (same fixed message as
+ * {@link appendEvent}) on validation failure, or `"Failed to write
+ * events.jsonl"` on a disk I/O failure. The original native error is attached
+ * as `cause`.
+ */
+declare function writeEventsBulk(sessionDir: string, events: Event[]): Promise<void>;
+
+/**
+ * Parse a unit-suffixed duration string (e.g. `30s`, `5m`, `1h`, `100ms`)
+ * into milliseconds.
+ *
+ * Rejects formats that cannot represent a positive, finite millisecond
+ * value: malformed inputs, zero, leading-zero values, and computations that
+ * overflow to `Infinity`. The returned number is always a positive integer.
+ *
+ * Supported units: `ms` (milliseconds), `s` (seconds), `m` (minutes),
+ * `h` (hours).
+ *
+ * @param input duration string with required unit suffix
+ * @returns duration in milliseconds (positive, finite)
+ * @throws Error with message
+ *   `Invalid duration: <input>. Expected format: <positive-integer><unit> where unit is ms/s/m/h`
+ *   for format errors, or `Duration overflow: <input>` for non-finite results.
+ */
+declare function parseDuration(input: string): number;
+
+/**
+ * Version of the `@basou/core` package, aligned with `manifest.yaml`'s
+ * `basou_version` field as defined in the Basou v0.1 specification.
+ */
+declare const BASOU_CORE_VERSION = "0.1.0";
+
+export { type AdapterOutputEvent, type AppendBasouGitignoreResult, type AppendEventToExistingInput, type AppendEventToExistingResult, type Approval, type ApprovalApprovedEvent, type ApprovalExpiredEvent, ApprovalIdSchema, type ApprovalLocation, type ApprovalRejectedEvent, type ApprovalRequestedEvent, ApprovalSchema, type ApprovalStatus, ApprovalStatusSchema, type ArchiveTaskInput, type ArchiveTaskResult, type AttachTaskInput, type AttachUpdateTaskStatusInput, type AttachableStatus, BASOU_CORE_VERSION, type BasouPaths, type CaptureMode, ChildProcessRunner, type CommandExecutedEvent, type CommandLookup, type CreateAdHocSessionInput, type CreateAdHocSessionResult, type CreateAdHocTaskInput, type CreateManifestInput, type CreateTaskInput, type CreateTaskResult, DecisionIdSchema, type DecisionRecordedEvent, type DecisionsRendererInput, type DecisionsRendererResult, type DeleteTaskInput, type DeleteTaskResult, type DiffResult, type EditTaskInput, type EditTaskResult, type Event, EventIdSchema, EventSchema, EventSourceSchema, FailedToFinalizeError, type FileChange, type FileChangeStatus, type FileChangedEvent, GENERATED_END, GENERATED_START, type GitSnapshot, type GitSnapshotEvent, type HandoffRendererInput, type HandoffRendererResult, ID_PREFIXES, type IdPrefix, type ImportSessionOptions, type ImportSessionResult, IsoTimestampSchema, type LoadSessionEntriesOptions, type LoadTaskEntriesOptions, type LoadedApproval, type LockHandle, type LockScope, type Manifest, ManifestSchema, type MarkerSection, type NoteAddedEvent, type PrefixedId, type ProcessRunner, type ReconcileAllResult, type ReconcileAllTasksInput, type ReconcileAllTasksOptions, type ReconcileFailure, type ReconcileResult, type ReconcileTaskInput, type RefreshLinkageInput, type RefreshLinkageResult, type ReplayOptions, type ReplayWarning, type RiskLevel, RiskLevelSchema, type RunOptions, type RunResult, STUCK_THRESHOLD_MS, type SanitizePathOptions, type SanitizeRelatedFilesResult, SchemaVersionSchema, type Session, type SessionEndedEvent, type SessionEntry, SessionIdSchema, type SessionImportPayload, SessionImportPayloadSchema, type SessionInnerImportInput, SessionInnerImportSchema, SessionSchema, type SessionSkipReason, type SessionSourceKind, SessionSourceKindSchema, type SessionStartedEvent, type SessionStatus, type SessionStatusChangedEvent, SessionStatusSchema, StatusSchema, type StatusSnapshot, type SuspectReason, type Task, type TaskArchivedEvent, type TaskCreatedEvent, type TaskDeletedEvent, type TaskDocument, TaskIdSchema, type TaskLinkageRefreshedEvent, type TaskReconciledEvent, TaskSchema, type TaskSkipReason, type TaskStatus, type TaskStatusChangedEvent, TaskStatusSchema, TaskWriteAfterEventError, type TaskWriteAfterEventPhase, type UpdateAdHocTaskStatusInput, type UpdateTaskStatusInput, type UpdateTaskStatusResult, WorkspaceIdSchema, type WriteTaskFileMode, acquireLock, appendBasouGitignore, appendEvent, appendEventToExistingSession, archiveTask, assertBasouRootSafe, basouPaths, buildStatusSnapshot, classifySuspect, claudeCodeAdapterMetadata, createAdHocSessionWithEvent, createManifest, createTaskWithEvent, deleteTask, editTask, ensureBasouDirectory, enumerateApprovals, enumerateArchivedTaskIds, enumerateSessionDirs, enumerateTaskIds, findErrorCode, getDiff, getSnapshot, importSessionFromJson, isLazyExpired, isValidPrefixedId, linkYamlFile, loadApproval, loadSessionEntries, loadTaskEntries, overwriteYamlFile, parseDuration, parseMarkers, prefixedUlid, readAllEvents, readManifest, readMarkdownFile, readSessionYaml, readStatus, readTaskFile, readTaskFileWithArchiveFallback, readYamlFile, reconcileAllTasks, reconcileTask, refreshTaskLinkedSessions, renderDecisions, renderHandoff, renderWithMarkers, replayEvents, resolveClaudeCodeCommand, resolveRepositoryRoot, resolveSessionId, resolveTaskId, sanitizePath, sanitizeRelatedFiles, sanitizeWorkingDirectory, summarizeAdapterOutput, tryRemoteUrl, ulid, updateTaskStatusWithEvent, writeEventsBulk, writeManifest, writeMarkdownFile, writeStatus, writeTaskFile, writeYamlFile };