@codeledger/cli 0.5.0 → 0.6.0

package/dist/policy/resolve.js

@@ -0,0 +1,86 @@
+import { existsSync } from 'node:fs';
+import { join } from 'node:path';
+import { execSync } from 'node:child_process';
+import { SAFE_DEFAULTS, mergePolicy, toResolved } from './schema.js';
+import { loadOrgDefault, loadRepoOverride } from './load.js';
+/**
+ * Resolve the effective policy through the cascade:
+ *   1. Hard-coded safe defaults
+ *   2. Org default (org/default.json) — deep merge
+ *   3. Repo override (repos/<name>.json) — deep merge
+ *
+ * Policy root resolution order:
+ *   --policy-root flag > CODELEDGER_POLICY_PATH env > .codeledger/policy/ > safe defaults
+ */
+export function resolvePolicy(opts) {
+    const { cwd } = opts;
+    // Determine policy root directory
+    const policyRoot = determinePolicyRoot(opts);
+    // If no policy root found, return safe defaults
+    if (!policyRoot) {
+        return toResolved(SAFE_DEFAULTS, 'hardcoded-defaults');
+    }
+    // Layer 1: start from safe defaults
+    let policy = { ...SAFE_DEFAULTS };
+    let source = 'hardcoded-defaults';
+    // Layer 2: org default
+    const orgDefault = loadOrgDefault(policyRoot);
+    if (orgDefault) {
+        policy = mergePolicy(policy, orgDefault);
+        source = 'org-default';
+    }
+    // Layer 3: repo override
+    const repoName = getRepoName(cwd);
+    const repoOverride = loadRepoOverride(policyRoot, repoName);
+    if (repoOverride) {
+        policy = mergePolicy(policy, repoOverride);
+        source = 'repo-override';
+    }
+    return toResolved(policy, source);
+}
+/**
+ * Determine the policy root directory from the cascade:
+ *   --policy-root > CODELEDGER_POLICY_PATH env > .codeledger/policy/
+ */
+function determinePolicyRoot(opts) {
+    // Highest precedence: explicit flag
+    if (opts.policyRoot) {
+        if (!existsSync(opts.policyRoot))
+            return null;
+        return opts.policyRoot;
+    }
+    // Second: env var
+    const envPath = process.env['CODELEDGER_POLICY_PATH'];
+    if (envPath) {
+        if (!existsSync(envPath))
+            return null;
+        return envPath;
+    }
+    // Third: default location
+    const defaultPath = join(opts.cwd, '.codeledger', 'policy');
+    if (existsSync(defaultPath))
+        return defaultPath;
+    return null;
+}
+/**
+ * Get the repo name from git origin remote URL.
+ * Falls back to working directory name if no origin remote.
+ */
+function getRepoName(cwd) {
+    try {
+        const url = execSync('git remote get-url origin', {
+            cwd,
+            encoding: 'utf-8',
+            stdio: ['pipe', 'pipe', 'pipe'],
+        }).trim();
+        // Extract last path component, strip .git suffix
+        const parts = url.replace(/\.git$/, '').split('/');
+        return parts[parts.length - 1] ?? 'unknown';
+    }
+    catch {
+        // No origin remote — use directory name
+        const parts = cwd.replace(/\/$/, '').split('/');
+        return parts[parts.length - 1] ?? 'unknown';
+    }
+}
+//# sourceMappingURL=resolve.js.map

package/dist/policy/resolve.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"resolve.js","sourceRoot":"","sources":["../../src/policy/resolve.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAE9C,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACrE,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,WAAW,CAAC;AAS7D;;;;;;;;GAQG;AACH,MAAM,UAAU,aAAa,CAAC,IAA0B;IACtD,MAAM,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IAErB,kCAAkC;IAClC,MAAM,UAAU,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;IAE7C,gDAAgD;IAChD,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,UAAU,CAAC,aAAa,EAAE,oBAAoB,CAAC,CAAC;IACzD,CAAC;IAED,oCAAoC;IACpC,IAAI,MAAM,GAAG,EAAE,GAAG,aAAa,EAAE,CAAC;IAClC,IAAI,MAAM,GAAsC,oBAAoB,CAAC;IAErE,uBAAuB;IACvB,MAAM,UAAU,GAAG,cAAc,CAAC,UAAU,CAAC,CAAC;IAC9C,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,GAAG,WAAW,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QACzC,MAAM,GAAG,aAAa,CAAC;IACzB,CAAC;IAED,yBAAyB;IACzB,MAAM,QAAQ,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;IAClC,MAAM,YAAY,GAAG,gBAAgB,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;IAC5D,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,GAAG,WAAW,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;QAC3C,MAAM,GAAG,eAAe,CAAC;IAC3B,CAAC;IAED,OAAO,UAAU,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACpC,CAAC;AAED;;;GAGG;AACH,SAAS,mBAAmB,CAAC,IAA0B;IACrD,oCAAoC;IACpC,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;QACpB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,CAAC;YAAE,OAAO,IAAI,CAAC;QAC9C,OAAO,IAAI,CAAC,UAAU,CAAC;IACzB,CAAC;IAED,kBAAkB;IAClB,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;IACtD,IAAI,OAAO,EAAE,CAAC;QACZ,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;YAAE,OAAO,IAAI,CAAC;QACtC,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,0BAA0B;IAC1B,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,EAAE,QAAQ,CAAC,CAAC;IAC5D,IAAI,UAAU,CAAC,WAAW,CAAC;QAAE,OAAO,WAAW,CAAC;IAEhD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,SAAS,WAAW,CAAC,GAAW;IAC9B,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,QAAQ,CAAC,2BAA2B,EAAE;YAChD,GAAG;YACH,QAAQ,EAAE,OAAO;YACjB,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;SAChC,CAAC,CAAC,IAAI,EAAE,CAAC;QACV,iDAAiD;QACjD,MAAM,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QACnD,OAAO,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,SAAS,CAAC;IAC9C,CAAC;IAAC,MAAM,CAAC;QACP,wCAAwC;QACxC,MAAM,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAChD,OAAO,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,SAAS,CAAC;IAC9C,CAAC;AACH,CAAC"}

package/dist/policy/schema.d.ts

@@ -0,0 +1,22 @@
+import type { MustangPolicyV1, ResolvedPolicyV1 } from '@codeledger/types';
+export declare const POLICY_SCHEMA_VERSION: "mustang/policy/v1";
+/**
+ * Hard-coded safe defaults. When no policy files exist, this is the effective
+ * policy. Observe mode, no enforcement, maximally permissive thresholds.
+ */
+export declare const SAFE_DEFAULTS: MustangPolicyV1;
+/**
+ * Validate a parsed policy object. Returns an error message string if invalid,
+ * or null if valid.
+ */
+export declare function validatePolicy(obj: unknown): string | null;
+/**
+ * Deep-merge a partial policy onto a base policy. Override wins for set fields.
+ * Arrays replace (not concatenate) — deny_paths in override replaces base.
+ */
+export declare function mergePolicy(base: MustangPolicyV1, override: Partial<MustangPolicyV1>): MustangPolicyV1;
+/**
+ * Convert a MustangPolicyV1 to a ResolvedPolicyV1 with provenance.
+ */
+export declare function toResolved(policy: MustangPolicyV1, resolvedFrom: ResolvedPolicyV1['resolved_from']): ResolvedPolicyV1;
+//# sourceMappingURL=schema.d.ts.map

package/dist/policy/schema.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../src/policy/schema.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAc,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAEvF,eAAO,MAAM,qBAAqB,EAAG,mBAA4B,CAAC;AAElE;;;GAGG;AACH,eAAO,MAAM,aAAa,EAAE,eAW3B,CAAC;AAKF;;;GAGG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,OAAO,GAAG,MAAM,GAAG,IAAI,CAqC1D;AAED;;;GAGG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,eAAe,EAAE,QAAQ,EAAE,OAAO,CAAC,eAAe,CAAC,GAAG,eAAe,CAetG;AAED;;GAEG;AACH,wBAAgB,UAAU,CACxB,MAAM,EAAE,eAAe,EACvB,YAAY,EAAE,gBAAgB,CAAC,eAAe,CAAC,GAC9C,gBAAgB,CAElB"}

package/dist/policy/schema.js

@@ -0,0 +1,82 @@
+export const POLICY_SCHEMA_VERSION = 'mustang/policy/v1';
+/**
+ * Hard-coded safe defaults. When no policy files exist, this is the effective
+ * policy. Observe mode, no enforcement, maximally permissive thresholds.
+ */
+export const SAFE_DEFAULTS = {
+    schema_version: POLICY_SCHEMA_VERSION,
+    mode: 'observe',
+    min_confidence: 0.0,
+    max_drift: 1.0,
+    require_tests: false,
+    deny_paths: [],
+    bundle_max_files: 500,
+    bundle_max_bytes: 5_000_000,
+    redact_actor_identity: true,
+    store_file_paths: true,
+};
+/** All valid policy modes. */
+const VALID_MODES = new Set(['observe', 'warn', 'block']);
+/**
+ * Validate a parsed policy object. Returns an error message string if invalid,
+ * or null if valid.
+ */
+export function validatePolicy(obj) {
+    if (typeof obj !== 'object' || obj === null || Array.isArray(obj)) {
+        return 'Policy must be a JSON object';
+    }
+    const policy = obj;
+    if (policy['mode'] !== undefined) {
+        if (typeof policy['mode'] !== 'string' || !VALID_MODES.has(policy['mode'])) {
+            return `Invalid policy mode: "${policy['mode']}". Must be one of: observe, warn, block`;
+        }
+    }
+    if (policy['min_confidence'] !== undefined) {
+        if (typeof policy['min_confidence'] !== 'number' || policy['min_confidence'] < 0 || policy['min_confidence'] > 1) {
+            return 'min_confidence must be a number between 0 and 1';
+        }
+    }
+    if (policy['max_drift'] !== undefined) {
+        if (typeof policy['max_drift'] !== 'number' || policy['max_drift'] < 0 || policy['max_drift'] > 1) {
+            return 'max_drift must be a number between 0 and 1';
+        }
+    }
+    if (policy['deny_paths'] !== undefined) {
+        if (!Array.isArray(policy['deny_paths'])) {
+            return 'deny_paths must be an array of strings';
+        }
+        for (const p of policy['deny_paths']) {
+            if (typeof p !== 'string') {
+                return 'deny_paths entries must be strings';
+            }
+        }
+    }
+    return null;
+}
+/**
+ * Deep-merge a partial policy onto a base policy. Override wins for set fields.
+ * Arrays replace (not concatenate) — deny_paths in override replaces base.
+ */
+export function mergePolicy(base, override) {
+    return {
+        schema_version: POLICY_SCHEMA_VERSION,
+        mode: (override.mode ?? base.mode),
+        min_confidence: override.min_confidence ?? base.min_confidence,
+        max_drift: override.max_drift ?? base.max_drift,
+        require_tests: override.require_tests ?? base.require_tests,
+        deny_paths: override.deny_paths ?? base.deny_paths,
+        bundle_max_files: override.bundle_max_files ?? base.bundle_max_files,
+        bundle_max_bytes: override.bundle_max_bytes ?? base.bundle_max_bytes,
+        redact_actor_identity: override.redact_actor_identity ?? base.redact_actor_identity,
+        store_file_paths: override.store_file_paths ?? base.store_file_paths,
+        min_review_coverage: override.min_review_coverage ?? base.min_review_coverage,
+        block_post_hoc_reads: override.block_post_hoc_reads ?? base.block_post_hoc_reads,
+    };
+}
+/**
+ * Convert a MustangPolicyV1 to a ResolvedPolicyV1 with provenance.
+ */
+export function toResolved(policy, resolvedFrom) {
+    return { ...policy, resolved_from: resolvedFrom };
+}
+//# sourceMappingURL=schema.js.map

package/dist/policy/schema.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"schema.js","sourceRoot":"","sources":["../../src/policy/schema.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,qBAAqB,GAAG,mBAA4B,CAAC;AAElE;;;GAGG;AACH,MAAM,CAAC,MAAM,aAAa,GAAoB;IAC5C,cAAc,EAAE,qBAAqB;IACrC,IAAI,EAAE,SAAS;IACf,cAAc,EAAE,GAAG;IACnB,SAAS,EAAE,GAAG;IACd,aAAa,EAAE,KAAK;IACpB,UAAU,EAAE,EAAE;IACd,gBAAgB,EAAE,GAAG;IACrB,gBAAgB,EAAE,SAAS;IAC3B,qBAAqB,EAAE,IAAI;IAC3B,gBAAgB,EAAE,IAAI;CACvB,CAAC;AAEF,8BAA8B;AAC9B,MAAM,WAAW,GAAgB,IAAI,GAAG,CAAC,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;AAEvE;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,GAAY;IACzC,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAClE,OAAO,8BAA8B,CAAC;IACxC,CAAC;IAED,MAAM,MAAM,GAAG,GAA8B,CAAC;IAE9C,IAAI,MAAM,CAAC,MAAM,CAAC,KAAK,SAAS,EAAE,CAAC;QACjC,IAAI,OAAO,MAAM,CAAC,MAAM,CAAC,KAAK,QAAQ,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAW,CAAC,EAAE,CAAC;YACrF,OAAO,yBAAyB,MAAM,CAAC,MAAM,CAAC,yCAAyC,CAAC;QAC1F,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,gBAAgB,CAAC,KAAK,SAAS,EAAE,CAAC;QAC3C,IAAI,OAAO,MAAM,CAAC,gBAAgB,CAAC,KAAK,QAAQ,IAAI,MAAM,CAAC,gBAAgB,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,gBAAgB,CAAC,GAAG,CAAC,EAAE,CAAC;YACjH,OAAO,iDAAiD,CAAC;QAC3D,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,WAAW,CAAC,KAAK,SAAS,EAAE,CAAC;QACtC,IAAI,OAAO,MAAM,CAAC,WAAW,CAAC,KAAK,QAAQ,IAAI,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC;YAClG,OAAO,4CAA4C,CAAC;QACtD,CAAC;IACH,CAAC;IAED,IAAI,MAAM,CAAC,YAAY,CAAC,KAAK,SAAS,EAAE,CAAC;QACvC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC;YACzC,OAAO,wCAAwC,CAAC;QAClD,CAAC;QACD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,YAAY,CAAC,EAAE,CAAC;YACrC,IAAI,OAAO,CAAC,KAAK,QAAQ,EAAE,CAAC;gBAC1B,OAAO,oCAAoC,CAAC;YAC9C,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,WAAW,CAAC,IAAqB,EAAE,QAAkC;IACnF,OAAO;QACL,cAAc,EAAE,qBAAqB;QACrC,IAAI,EAAE,CAAC,QAAQ,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,CAAe;QAChD,cAAc,EAAE,QAAQ,CAAC,cAAc,IAAI,IAAI,CAAC,cAAc;QAC9D,SAAS,EAAE,QAAQ,CAAC,SAAS,IAAI,IAAI,CAAC,SAAS;QAC/C,aAAa,EAAE,QAAQ,CAAC,aAAa,IAAI,IAAI,CAAC,aAAa;QAC3D,UAAU,EAAE,QAAQ,CAAC,UAAU,IAAI,IAAI,CAAC,UAAU;QAClD,gBAAgB,EAAE,QAAQ,CAAC,gBAAgB,IAAI,IAAI,CAAC,gBAAgB;QACpE,gBAAgB,EAAE,QAAQ,CAAC,gBAAgB,IAAI,IAAI,CAAC,gBAAgB;QACpE,qBAAqB,EAAE,QAAQ,CAAC,qBAAqB,IAAI,IAAI,CAAC,qBAAqB;QACnF,gBAAgB,EAAE,QAAQ,CAAC,gBAAgB,IAAI,IAAI,CAAC,gBAAgB;QACpE,mBAAmB,EAAE,QAAQ,CAAC,mBAAmB,IAAI,IAAI,CAAC,mBAAmB;QAC7E,oBAAoB,EAAE,QAAQ,CAAC,oBAAoB,IAAI,IAAI,CAAC,oBAAoB;KACjF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,UAAU,CACxB,MAAuB,EACvB,YAA+C;IAE/C,OAAO,EAAE,GAAG,MAAM,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC;AACpD,CAAC"}

package/dist/session-paths.d.ts

@@ -22,4 +22,10 @@ export declare function legacyBundlePath(cwd: string): string;
 export declare function sessionsRootDir(cwd: string): string;
 /** Registry file path. */
 export declare function registryPath(cwd: string): string;
+/** Path to the read log (JSONL, one record per file read). */
+export declare function sessionReadLogPath(cwd: string, sessionId: SessionId | null): string;
+/** Path to the review config (written when --mode review is used). */
+export declare function sessionReviewConfigPath(cwd: string, sessionId: SessionId | null): string;
+/** Path to the coverage report checkpoint (written by gatekeeper). */
+export declare function sessionCoverageReportPath(cwd: string, sessionId: SessionId | null): string;
 //# sourceMappingURL=session-paths.d.ts.map

package/dist/session-paths.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"session-paths.d.ts","sourceRoot":"","sources":["../src/session-paths.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAEnD;;;GAGG;AACH,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI,GAAG,MAAM,CAK3E;AAED,2DAA2D;AAC3D,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI,GAAG,MAAM,CAElF;AAED,6DAA6D;AAC7D,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI,GAAG,MAAM,CAEnF;AAED,qEAAqE;AACrE,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI,GAAG,MAAM,CAEhF;AAED,6CAA6C;AAC7C,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI,GAAG,MAAM,CAEpF;AAED,wCAAwC;AACxC,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI,GAAG,MAAM,CAExF;AAED,qFAAqF;AACrF,wBAAgB,sBAAsB,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI,GAAG,MAAM,CAEvF;AAED,yEAAyE;AACzE,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAEpD;AAED,+BAA+B;AAC/B,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAEnD;AAED,0BAA0B;AAC1B,wBAAgB,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAEhD"}
+{"version":3,"file":"session-paths.d.ts","sourceRoot":"","sources":["../src/session-paths.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAEnD;;;GAGG;AACH,wBAAgB,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI,GAAG,MAAM,CAK3E;AAED,2DAA2D;AAC3D,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI,GAAG,MAAM,CAElF;AAED,6DAA6D;AAC7D,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI,GAAG,MAAM,CAEnF;AAED,qEAAqE;AACrE,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI,GAAG,MAAM,CAEhF;AAED,6CAA6C;AAC7C,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI,GAAG,MAAM,CAEpF;AAED,wCAAwC;AACxC,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI,GAAG,MAAM,CAExF;AAED,qFAAqF;AACrF,wBAAgB,sBAAsB,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI,GAAG,MAAM,CAEvF;AAED,yEAAyE;AACzE,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAEpD;AAED,+BAA+B;AAC/B,wBAAgB,eAAe,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAEnD;AAED,0BAA0B;AAC1B,wBAAgB,YAAY,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAEhD;AAED,8DAA8D;AAC9D,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI,GAAG,MAAM,CAEnF;AAED,sEAAsE;AACtE,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI,GAAG,MAAM,CAExF;AAED,sEAAsE;AACtE,wBAAgB,yBAAyB,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,GAAG,IAAI,GAAG,MAAM,CAE1F"}

package/dist/session-paths.js

@@ -45,4 +45,16 @@ export function sessionsRootDir(cwd) {
 export function registryPath(cwd) {
     return join(cwd, '.codeledger', 'sessions', 'registry.json');
 }
+/** Path to the read log (JSONL, one record per file read). */
+export function sessionReadLogPath(cwd, sessionId) {
+    return join(sessionDir(cwd, sessionId), '.read-log.jsonl');
+}
+/** Path to the review config (written when --mode review is used). */
+export function sessionReviewConfigPath(cwd, sessionId) {
+    return join(sessionDir(cwd, sessionId), '.review-config.json');
+}
+/** Path to the coverage report checkpoint (written by gatekeeper). */
+export function sessionCoverageReportPath(cwd, sessionId) {
+    return join(sessionDir(cwd, sessionId), '.coverage-report.json');
+}
 //# sourceMappingURL=session-paths.js.map

package/dist/session-paths.js.map

@@ -1 +1 @@
-{"version":3,"file":"session-paths.js","sourceRoot":"","sources":["../src/session-paths.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAGjC;;;GAGG;AACH,MAAM,UAAU,UAAU,CAAC,GAAW,EAAE,SAA2B;IACjE,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,IAAI,CAAC,GAAG,EAAE,aAAa,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;IACzD,CAAC;IACD,OAAO,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;AAClC,CAAC;AAED,2DAA2D;AAC3D,MAAM,UAAU,iBAAiB,CAAC,GAAW,EAAE,SAA2B;IACxE,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,EAAE,kBAAkB,CAAC,CAAC;AAC9D,CAAC;AAED,6DAA6D;AAC7D,MAAM,UAAU,kBAAkB,CAAC,GAAW,EAAE,SAA2B;IACzE,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,EAAE,eAAe,CAAC,CAAC;AAC3D,CAAC;AAED,qEAAqE;AACrE,MAAM,UAAU,eAAe,CAAC,GAAW,EAAE,SAA2B;IACtE,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,EAAE,oBAAoB,CAAC,CAAC;AAChE,CAAC;AAED,6CAA6C;AAC7C,MAAM,UAAU,mBAAmB,CAAC,GAAW,EAAE,SAA2B;IAC1E,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,EAAE,qBAAqB,CAAC,CAAC;AACjE,CAAC;AAED,wCAAwC;AACxC,MAAM,UAAU,uBAAuB,CAAC,GAAW,EAAE,SAA2B;IAC9E,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,EAAE,gBAAgB,CAAC,CAAC;AAC5D,CAAC;AAED,qFAAqF;AACrF,MAAM,UAAU,sBAAsB,CAAC,GAAW,EAAE,SAA2B;IAC7E,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,EAAE,qBAAqB,CAAC,CAAC;AACjE,CAAC;AAED,yEAAyE;AACzE,MAAM,UAAU,gBAAgB,CAAC,GAAW;IAC1C,OAAO,IAAI,CAAC,GAAG,EAAE,aAAa,EAAE,kBAAkB,CAAC,CAAC;AACtD,CAAC;AAED,+BAA+B;AAC/B,MAAM,UAAU,eAAe,CAAC,GAAW;IACzC,OAAO,IAAI,CAAC,GAAG,EAAE,aAAa,EAAE,UAAU,CAAC,CAAC;AAC9C,CAAC;AAED,0BAA0B;AAC1B,MAAM,UAAU,YAAY,CAAC,GAAW;IACtC,OAAO,IAAI,CAAC,GAAG,EAAE,aAAa,EAAE,UAAU,EAAE,eAAe,CAAC,CAAC;AAC/D,CAAC"}
+{"version":3,"file":"session-paths.js","sourceRoot":"","sources":["../src/session-paths.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAGjC;;;GAGG;AACH,MAAM,UAAU,UAAU,CAAC,GAAW,EAAE,SAA2B;IACjE,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,IAAI,CAAC,GAAG,EAAE,aAAa,EAAE,UAAU,EAAE,SAAS,CAAC,CAAC;IACzD,CAAC;IACD,OAAO,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;AAClC,CAAC;AAED,2DAA2D;AAC3D,MAAM,UAAU,iBAAiB,CAAC,GAAW,EAAE,SAA2B;IACxE,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,EAAE,kBAAkB,CAAC,CAAC;AAC9D,CAAC;AAED,6DAA6D;AAC7D,MAAM,UAAU,kBAAkB,CAAC,GAAW,EAAE,SAA2B;IACzE,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,EAAE,eAAe,CAAC,CAAC;AAC3D,CAAC;AAED,qEAAqE;AACrE,MAAM,UAAU,eAAe,CAAC,GAAW,EAAE,SAA2B;IACtE,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,EAAE,oBAAoB,CAAC,CAAC;AAChE,CAAC;AAED,6CAA6C;AAC7C,MAAM,UAAU,mBAAmB,CAAC,GAAW,EAAE,SAA2B;IAC1E,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,EAAE,qBAAqB,CAAC,CAAC;AACjE,CAAC;AAED,wCAAwC;AACxC,MAAM,UAAU,uBAAuB,CAAC,GAAW,EAAE,SAA2B;IAC9E,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,EAAE,gBAAgB,CAAC,CAAC;AAC5D,CAAC;AAED,qFAAqF;AACrF,MAAM,UAAU,sBAAsB,CAAC,GAAW,EAAE,SAA2B;IAC7E,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,EAAE,qBAAqB,CAAC,CAAC;AACjE,CAAC;AAED,yEAAyE;AACzE,MAAM,UAAU,gBAAgB,CAAC,GAAW;IAC1C,OAAO,IAAI,CAAC,GAAG,EAAE,aAAa,EAAE,kBAAkB,CAAC,CAAC;AACtD,CAAC;AAED,+BAA+B;AAC/B,MAAM,UAAU,eAAe,CAAC,GAAW;IACzC,OAAO,IAAI,CAAC,GAAG,EAAE,aAAa,EAAE,UAAU,CAAC,CAAC;AAC9C,CAAC;AAED,0BAA0B;AAC1B,MAAM,UAAU,YAAY,CAAC,GAAW;IACtC,OAAO,IAAI,CAAC,GAAG,EAAE,aAAa,EAAE,UAAU,EAAE,eAAe,CAAC,CAAC;AAC/D,CAAC;AAED,8DAA8D;AAC9D,MAAM,UAAU,kBAAkB,CAAC,GAAW,EAAE,SAA2B;IACzE,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,EAAE,iBAAiB,CAAC,CAAC;AAC7D,CAAC;AAED,sEAAsE;AACtE,MAAM,UAAU,uBAAuB,CAAC,GAAW,EAAE,SAA2B;IAC9E,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,EAAE,qBAAqB,CAAC,CAAC;AACjE,CAAC;AAED,sEAAsE;AACtE,MAAM,UAAU,yBAAyB,CAAC,GAAW,EAAE,SAA2B;IAChF,OAAO,IAAI,CAAC,UAAU,CAAC,GAAG,EAAE,SAAS,CAAC,EAAE,uBAAuB,CAAC,CAAC;AACnE,CAAC"}

package/dist/signing/canonicalize.d.ts

@@ -0,0 +1,17 @@
+/**
+ * JCS-compatible canonical JSON serialization (RFC 8785).
+ *
+ * Rules:
+ * - Objects: keys sorted lexicographically by Unicode code point
+ * - Arrays: preserve element order
+ * - Numbers: shortest JSON numeric form (no trailing zeros, no leading +, no NaN/Infinity)
+ * - Strings: standard JSON string escaping
+ * - No whitespace between tokens
+ * - Output is UTF-8
+ *
+ * This is a standalone, pure function. It will be reimplemented by the
+ * ingestion worker (potentially in a different language). The algorithm
+ * must be documented and deterministic.
+ */
+export declare function canonicalize(value: unknown): string;
+//# sourceMappingURL=canonicalize.d.ts.map

package/dist/signing/canonicalize.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"canonicalize.d.ts","sourceRoot":"","sources":["../../src/signing/canonicalize.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,CAqCnD"}

package/dist/signing/canonicalize.js

@@ -0,0 +1,50 @@
+/**
+ * JCS-compatible canonical JSON serialization (RFC 8785).
+ *
+ * Rules:
+ * - Objects: keys sorted lexicographically by Unicode code point
+ * - Arrays: preserve element order
+ * - Numbers: shortest JSON numeric form (no trailing zeros, no leading +, no NaN/Infinity)
+ * - Strings: standard JSON string escaping
+ * - No whitespace between tokens
+ * - Output is UTF-8
+ *
+ * This is a standalone, pure function. It will be reimplemented by the
+ * ingestion worker (potentially in a different language). The algorithm
+ * must be documented and deterministic.
+ */
+export function canonicalize(value) {
+    if (value === null)
+        return 'null';
+    if (value === undefined)
+        return 'null';
+    switch (typeof value) {
+        case 'boolean':
+            return value ? 'true' : 'false';
+        case 'number': {
+            if (!Number.isFinite(value)) {
+                throw new Error(`Cannot canonicalize non-finite number: ${value}`);
+            }
+            // JSON.stringify produces shortest form for finite numbers
+            return JSON.stringify(value);
+        }
+        case 'string':
+            return JSON.stringify(value);
+        case 'object': {
+            if (Array.isArray(value)) {
+                const items = value.map((item) => canonicalize(item));
+                return '[' + items.join(',') + ']';
+            }
+            // Object: sort keys lexicographically by Unicode code point
+            const obj = value;
+            const keys = Object.keys(obj).sort();
+            const pairs = keys.map((key) => {
+                return JSON.stringify(key) + ':' + canonicalize(obj[key]);
+            });
+            return '{' + pairs.join(',') + '}';
+        }
+        default:
+            throw new Error(`Cannot canonicalize type: ${typeof value}`);
+    }
+}
+//# sourceMappingURL=canonicalize.js.map

package/dist/signing/canonicalize.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"canonicalize.js","sourceRoot":"","sources":["../../src/signing/canonicalize.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AACH,MAAM,UAAU,YAAY,CAAC,KAAc;IACzC,IAAI,KAAK,KAAK,IAAI;QAAE,OAAO,MAAM,CAAC;IAClC,IAAI,KAAK,KAAK,SAAS;QAAE,OAAO,MAAM,CAAC;IAEvC,QAAQ,OAAO,KAAK,EAAE,CAAC;QACrB,KAAK,SAAS;YACZ,OAAO,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC;QAElC,KAAK,QAAQ,CAAC,CAAC,CAAC;YACd,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC5B,MAAM,IAAI,KAAK,CAAC,0CAA0C,KAAK,EAAE,CAAC,CAAC;YACrE,CAAC;YACD,2DAA2D;YAC3D,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QAC/B,CAAC;QAED,KAAK,QAAQ;YACX,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;QAE/B,KAAK,QAAQ,CAAC,CAAC,CAAC;YACd,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBACzB,MAAM,KAAK,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC;gBACtD,OAAO,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;YACrC,CAAC;YAED,4DAA4D;YAC5D,MAAM,GAAG,GAAG,KAAgC,CAAC;YAC7C,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;YACrC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;gBAC7B,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;YAC5D,CAAC,CAAC,CAAC;YACH,OAAO,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;QACrC,CAAC;QAED;YACE,MAAM,IAAI,KAAK,CAAC,6BAA6B,OAAO,KAAK,EAAE,CAAC,CAAC;IACjE,CAAC;AACH,CAAC"}

package/dist/signing/hmac.d.ts

@@ -0,0 +1,8 @@
+import type { ManifestSigner } from './signer.js';
+/**
+ * HMAC-SHA256 signer using a shared secret from env var.
+ *
+ * Signature value is base64-encoded.
+ */
+export declare function createHmacSigner(secret: string): ManifestSigner;
+//# sourceMappingURL=hmac.d.ts.map

package/dist/signing/hmac.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"hmac.d.ts","sourceRoot":"","sources":["../../src/signing/hmac.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAElD;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,MAAM,GAAG,cAAc,CAQ/D"}

package/dist/signing/hmac.js

@@ -0,0 +1,16 @@
+import { createHmac } from 'node:crypto';
+/**
+ * HMAC-SHA256 signer using a shared secret from env var.
+ *
+ * Signature value is base64-encoded.
+ */
+export function createHmacSigner(secret) {
+    return {
+        alg: 'HS256',
+        keyId: 'env:CODELEDGER_SIGNING_SECRET',
+        async sign(data) {
+            return createHmac('sha256', secret).update(data).digest('base64');
+        },
+    };
+}
+//# sourceMappingURL=hmac.js.map

package/dist/signing/hmac.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hmac.js","sourceRoot":"","sources":["../../src/signing/hmac.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAGzC;;;;GAIG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAc;IAC7C,OAAO;QACL,GAAG,EAAE,OAAO;QACZ,KAAK,EAAE,+BAA+B;QACtC,KAAK,CAAC,IAAI,CAAC,IAAY;YACrB,OAAO,UAAU,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACpE,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/signing/signer.d.ts

@@ -0,0 +1,16 @@
+/**
+ * Abstract signer interface for manifest signing.
+ *
+ * Mustang v1 uses HMAC-SHA256 with a shared secret. The interface is
+ * abstract to support future KMS-backed signers without changing the
+ * signing pipeline.
+ */
+export interface ManifestSigner {
+    /** Sign the given data and return a base64-encoded signature. */
+    sign(data: Buffer): Promise<string>;
+    /** Algorithm identifier (e.g., "HS256" for HMAC-SHA256). */
+    alg: string;
+    /** Key identifier for provenance (e.g., "env:CODELEDGER_SIGNING_SECRET"). */
+    keyId: string;
+}
+//# sourceMappingURL=signer.d.ts.map

package/dist/signing/signer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"signer.d.ts","sourceRoot":"","sources":["../../src/signing/signer.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,MAAM,WAAW,cAAc;IAC7B,iEAAiE;IACjE,IAAI,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;IACpC,4DAA4D;IAC5D,GAAG,EAAE,MAAM,CAAC;IACZ,6EAA6E;IAC7E,KAAK,EAAE,MAAM,CAAC;CACf"}

package/dist/signing/signer.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=signer.js.map

package/dist/signing/signer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"signer.js","sourceRoot":"","sources":["../../src/signing/signer.ts"],"names":[],"mappings":""}

package/dist/templates/claude-md.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"claude-md.d.ts","sourceRoot":"","sources":["../../src/templates/claude-md.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,wBAAgB,eAAe,IAAI,MAAM,CAiGxC"}
+{"version":3,"file":"claude-md.d.ts","sourceRoot":"","sources":["../../src/templates/claude-md.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,wBAAgB,eAAe,IAAI,MAAM,CA2JxC"}

package/dist/templates/claude-md.js

@@ -13,6 +13,23 @@ export function claudeMdSection() {
         'This repo uses [CodeLedger](https://github.com/codeledgerECF/codeledger-blackbox) for deterministic context selection.',
         'CodeLedger is a **real CLI tool** installed in this repo — not a prompt technique or convention.',
         '',
+        '### Rule 0: Activate Before Every Task',
+        '',
+        'Before starting ANY task — code review, bug fix, refactor, feature, documentation — **always run `codeledger activate` first.**',
+        'This is the single most important rule. CodeLedger selects the most relevant files for the task so you start with the right context.',
+        '',
+        '**When suggesting a task to the user**, always include the activate command:',
+        '',
+        '> "I\'ll start by running `codeledger activate --task "staged code review"` to select the most relevant files, then proceed with the review."',
+        '',
+        '**When the user confirms a task**, run activate immediately:',
+        '',
+        '```bash',
+        'npx codeledger activate --task "one-line description of the task"',
+        '```',
+        '',
+        'Then read `.codeledger/active-bundle.md` to see which files were selected.',
+        '',
         '### Rule 1: ALWAYS Execute via Shell',
         '',
         'Every `codeledger` command **must** be executed in a real shell (Bash tool, terminal, subprocess).',
@@ -36,20 +53,60 @@ export function claudeMdSection() {
         '2. Do NOT proceed as if the command succeeded',
         '3. Suggest `npx codeledger init` if the error mentions missing config',
         '',
+        '### Rule 3: Re-Engage Between Stages',
+        '',
+        'For multi-step tasks (staged code reviews, multi-file refactors, feature + tests, etc.),',
+        '**do not let CodeLedger go silent after the initial activate.** Re-engage between stages:',
+        '',
+        '| When | What to run |',
+        '|------|-------------|',
+        '| After completing a stage/phase | `npx codeledger progress-check` — see bundle coverage + suggestions |',
+        '| When you discover new context | `npx codeledger refine --learned "discovered X depends on Y"` — re-score the bundle |',
+        '| When moving to a different phase | `npx codeledger refine --learned "completed error handling, now reviewing performance"` |',
+        '| When most reads are off-bundle | `npx codeledger refine --learned "task shifted to X" --add-keywords "keyword1,keyword2"` |',
+        '| Mid-review (review mode) | `npx codeledger review-coverage` — check which required files are still unread |',
+        '',
+        'The `progress-check` command is lightweight and designed for mid-session use. It shows:',
+        '- How many bundle files you\'ve read vs not',
+        '- Off-bundle file hotspots',
+        '- Actionable next steps',
+        '',
+        '**Example multi-stage pattern:**',
+        '```',
+        '1. codeledger activate --task "staged code review"',
+        '2. ... complete Stage 1 (error handling) ...',
+        '3. codeledger progress-check',
+        '4. codeledger refine --learned "error handling solid, jitter issue found in retries"',
+        '5. ... complete Stage 2 (testing) ...',
+        '6. codeledger progress-check',
+        '7. ... continue through remaining stages ...',
+        '8. codeledger session-summary  (auto-runs on session end)',
+        '```',
+        '',
         '### Available Commands',
         '',
         '| Command | What It Does |',
         '|---------|-------------|',
-        '| `npx codeledger activate --task "..."` | Scan repo (if stale), generate context bundle, write `.codeledger/active-bundle.md` |',
+        '| `npx codeledger init [--force]` | Initialize CodeLedger in a repo (creates `.codeledger/`, config, hooks) |',
         '| `npx codeledger scan` | Rebuild the repo index (dependency graph, churn, test map) |',
+        '| `npx codeledger activate --task "..."` | Scan repo (if stale), generate context bundle, write `.codeledger/active-bundle.md` |',
         '| `npx codeledger bundle --task "..."` | Generate a context bundle (JSON only, no active-bundle write) |',
+        '| `npx codeledger refine --learned "..."` | Re-score bundle mid-session with new context, keywords, or file exclusions |',
+        '| `npx codeledger progress-check` | Mid-session check: bundle coverage, off-bundle reads, suggestions |',
         '| `npx codeledger session-progress` | Write a ground-truth session progress snapshot |',
         '| `npx codeledger session-summary` | Show session-end value recap (recall, precision, token savings) |',
-        '| `npx codeledger init` | Initialize CodeLedger in a repo (creates `.codeledger/`, config, hooks) |',
+        '| `npx codeledger review-coverage` | Check review coverage mid-session (review mode) |',
+        '| `npx codeledger doctor` | Integration health check (config, hooks, index, ledger) |',
+        '| `npx codeledger setup-ci [--mode ...]` | Generate GitHub Actions workflow + policy for CI integration |',
+        '| `npx codeledger manifest --task "..."` | Generate deterministic context manifest (evidence payload) |',
+        '| `npx codeledger verify --task "..."` | CI enforcement: evaluate policy, emit artifacts, return exit code |',
+        '| `npx codeledger intent init\\|show\\|set\\|ack` | Intent governance (deterministic drift detection) |',
+        '| `npx codeledger checkpoint create\\|restore\\|list` | Save/restore incremental session checkpoints |',
+        '| `npx codeledger vendor` | Vendor standalone CLI into repo for cloud/web environments |',
         '',
         '**Trigger phrases:** If the user asks for a "session summary", "session recap", "codeledger summary", "how did the bundle do", or anything similar — run `npx codeledger session-summary` in your shell. Do not construct the output yourself.',
         '',
-        '### Rule 3: .codeledger/ Is Read-Only to Agents',
+        '### Rule 4: .codeledger/ Is Read-Only to Agents',
         '',
         'All files under `.codeledger/` are managed exclusively by the CLI.',
         '**Never create, edit, or overwrite** any file in `.codeledger/` — not even to "help" or "fix" something.',
@@ -66,6 +123,7 @@ export function claudeMdSection() {
         'CodeLedger hooks (`.claude/hooks.json`) run automatically:',
         '',
         '- **On session start:** warms the repo index and generates an initial bundle',
+        '- **After every 10 file reads:** nudges you to run `progress-check` or `refine`',
         '- **On git commit:** shows bundle recall/precision for the current task',
         '- **Before compaction:** saves a progress snapshot you can read after compaction',
         '- **On session end:** shows a final session recap',

package/dist/templates/claude-md.js.map

@@ -1 +1 @@
-{"version":3,"file":"claude-md.js","sourceRoot":"","sources":["../../src/templates/claude-md.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,MAAM,UAAU,eAAe;IAC7B,OAAO;QACL,2BAA2B;QAC3B,EAAE;QACF,wHAAwH;QACxH,kGAAkG;QAClG,EAAE;QACF,sCAAsC;QACtC,EAAE;QACF,oGAAoG;QACpG,oCAAoC;QACpC,EAAE;QACF,6CAA6C;QAC7C,4DAA4D;QAC5D,mDAAmD;QACnD,iEAAiE;QACjE,4DAA4D;QAC5D,6DAA6D;QAC7D,EAAE;QACF,0EAA0E;QAC1E,EAAE;QACF,4CAA4C;QAC5C,EAAE;QACF,yEAAyE;QACzE,iEAAiE;QACjE,EAAE;QACF,2CAA2C;QAC3C,+CAA+C;QAC/C,uEAAuE;QACvE,EAAE;QACF,wBAAwB;QACxB,EAAE;QACF,4BAA4B;QAC5B,2BAA2B;QAC3B,kIAAkI;QAClI,wFAAwF;QACxF,0GAA0G;QAC1G,wFAAwF;QACxF,wGAAwG;QACxG,qGAAqG;QACrG,EAAE;QACF,gPAAgP;QAChP,EAAE;QACF,iDAAiD;QACjD,EAAE;QACF,oEAAoE;QACpE,0GAA0G;QAC1G,EAAE;QACF,iDAAiD;QACjD,gDAAgD;QAChD,6EAA6E;QAC7E,2EAA2E;QAC3E,wFAAwF;QACxF,+DAA+D;QAC/D,EAAE;QACF,uBAAuB;QACvB,EAAE;QACF,4DAA4D;QAC5D,EAAE;QACF,8EAA8E;QAC9E,yEAAyE;QACzE,kFAAkF;QAClF,mDAAmD;QACnD,EAAE;QACF,gJAAgJ;QAChJ,EAAE;QACF,8BAA8B;QAC9B,EAAE;QACF,6IAA6I;QAC7I,iJAAiJ;QACjJ,EAAE;QACF,uCAAuC;QACvC,EAAE;QACF,SAAS;QACT,yDAAyD;QACzD,KAAK;QACL,EAAE;QACF,6BAA6B;QAC7B,EAAE;QACF,6FAA6F;QAC7F,+EAA+E;QAC/E,0FAA0F;QAC1F,2EAA2E;QAC3E,EAAE;QACF,uDAAuD;QACvD,EAAE;QACF,wBAAwB;QACxB,EAAE;QACF,gDAAgD;QAChD,EAAE;QACF,SAAS;QACT,0BAA0B;QAC1B,KAAK;QACL,EAAE;QACF,8FAA8F;QAC9F,EAAE;KACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC"}
+{"version":3,"file":"claude-md.js","sourceRoot":"","sources":["../../src/templates/claude-md.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,MAAM,UAAU,eAAe;IAC7B,OAAO;QACL,2BAA2B;QAC3B,EAAE;QACF,wHAAwH;QACxH,kGAAkG;QAClG,EAAE;QACF,wCAAwC;QACxC,EAAE;QACF,iIAAiI;QACjI,sIAAsI;QACtI,EAAE;QACF,8EAA8E;QAC9E,EAAE;QACF,+IAA+I;QAC/I,EAAE;QACF,8DAA8D;QAC9D,EAAE;QACF,SAAS;QACT,mEAAmE;QACnE,KAAK;QACL,EAAE;QACF,4EAA4E;QAC5E,EAAE;QACF,sCAAsC;QACtC,EAAE;QACF,oGAAoG;QACpG,oCAAoC;QACpC,EAAE;QACF,6CAA6C;QAC7C,4DAA4D;QAC5D,mDAAmD;QACnD,iEAAiE;QACjE,4DAA4D;QAC5D,6DAA6D;QAC7D,EAAE;QACF,0EAA0E;QAC1E,EAAE;QACF,4CAA4C;QAC5C,EAAE;QACF,yEAAyE;QACzE,iEAAiE;QACjE,EAAE;QACF,2CAA2C;QAC3C,+CAA+C;QAC/C,uEAAuE;QACvE,EAAE;QACF,sCAAsC;QACtC,EAAE;QACF,0FAA0F;QAC1F,2FAA2F;QAC3F,EAAE;QACF,wBAAwB;QACxB,wBAAwB;QACxB,0GAA0G;QAC1G,yHAAyH;QACzH,gIAAgI;QAChI,+HAA+H;QAC/H,+GAA+G;QAC/G,EAAE;QACF,yFAAyF;QACzF,6CAA6C;QAC7C,4BAA4B;QAC5B,yBAAyB;QACzB,EAAE;QACF,kCAAkC;QAClC,KAAK;QACL,oDAAoD;QACpD,8CAA8C;QAC9C,8BAA8B;QAC9B,sFAAsF;QACtF,uCAAuC;QACvC,8BAA8B;QAC9B,8CAA8C;QAC9C,2DAA2D;QAC3D,KAAK;QACL,EAAE;QACF,wBAAwB;QACxB,EAAE;QACF,4BAA4B;QAC5B,2BAA2B;QAC3B,+GAA+G;QAC/G,wFAAwF;QACxF,kIAAkI;QAClI,0GAA0G;QAC1G,0HAA0H;QAC1H,yGAAyG;QACzG,wFAAwF;QACxF,wGAAwG;QACxG,wFAAwF;QACxF,uFAAuF;QACvF,2GAA2G;QAC3G,yGAAyG;QACzG,8GAA8G;QAC9G,yGAAyG;QACzG,wGAAwG;QACxG,0FAA0F;QAC1F,EAAE;QACF,gPAAgP;QAChP,EAAE;QACF,iDAAiD;QACjD,EAAE;QACF,oEAAoE;QACpE,0GAA0G;QAC1G,EAAE;QACF,iDAAiD;QACjD,gDAAgD;QAChD,6EAA6E;QAC7E,2EAA2E;QAC3E,wFAAwF;QACxF,+DAA+D;QAC/D,EAAE;QACF,uBAAuB;QACvB,EAAE;QACF,4DAA4D;QAC5D,EAAE;QACF,8EAA8E;QAC9E,iFAAiF;QACjF,yEAAyE;QACzE,kFAAkF;QAClF,mDAAmD;QACnD,EAAE;QACF,gJAAgJ;QAChJ,EAAE;QACF,8BAA8B;QAC9B,EAAE;QACF,6IAA6I;QAC7I,iJAAiJ;QACjJ,EAAE;QACF,uCAAuC;QACvC,EAAE;QACF,SAAS;QACT,yDAAyD;QACzD,KAAK;QACL,EAAE;QACF,6BAA6B;QAC7B,EAAE;QACF,6FAA6F;QAC7F,+EAA+E;QAC/E,0FAA0F;QAC1F,2EAA2E;QAC3E,EAAE;QACF,uDAAuD;QACvD,EAAE;QACF,wBAAwB;QACxB,EAAE;QACF,gDAAgD;QAChD,EAAE;QACF,SAAS;QACT,0BAA0B;QAC1B,KAAK;QACL,EAAE;QACF,8FAA8F;QAC9F,EAAE;KACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC"}

package/dist/templates/config.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/templates/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAG1D,wBAAgB,aAAa,IAAI,gBAAgB,CAmHhD"}
+{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/templates/config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAG1D,wBAAgB,aAAa,IAAI,gBAAgB,CAsHhD"}

package/dist/templates/config.js

@@ -113,6 +113,9 @@ export function defaultConfig() {
             badge: true,
             share_pack: false,
         },
+        suggestions: {
+            prefill_task: false,
+        },
     };
 }
 //# sourceMappingURL=config.js.map

package/dist/templates/config.js.map

@@ -1 +1 @@
-{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/templates/config.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAE5C,MAAM,UAAU,aAAa;IAC3B,OAAO;QACL,OAAO,EAAE,WAAW;QACpB,SAAS,EAAE;YACT,OAAO,EAAE,uBAAuB;YAChC,SAAS,EAAE,mBAAmB;YAC9B,aAAa,EAAE,uBAAuB;YACtC,WAAW,EAAE,qBAAqB;YAClC,aAAa,EAAE,uBAAuB;SACvC;QACD,IAAI,EAAE;YACJ,OAAO,EAAE,CAAC,MAAM,CAAC;YACjB,OAAO,EAAE;gBACP,kBAAkB;gBAClB,SAAS;gBACT,mCAAmC;gBACnC,iBAAiB;gBACjB,WAAW;gBACX,UAAU;gBACV,SAAS;gBACT,eAAe;gBACf,SAAS;gBACT,UAAU;gBACV,QAAQ;gBACR,WAAW;gBACX,QAAQ;gBACR,SAAS;gBACT,gBAAgB;gBAChB,aAAa;gBACb,gBAAgB;gBAChB,SAAS;gBACT,gBAAgB;gBAChB,kBAAkB;gBAClB,uBAAuB;gBACvB,UAAU;gBACV,aAAa;gBACb,OAAO;gBACP,OAAO;gBACP,MAAM;gBACN,UAAU;gBACV,YAAY;gBACZ,6CAA6C;gBAC7C,mBAAmB;gBACnB,WAAW;gBACX,gBAAgB;gBAChB,cAAc;gBACd,aAAa;gBACb,QAAQ;gBACR,YAAY;aACb;YACD,aAAa,EAAE;gBACb,QAAQ;gBACR,aAAa;gBACb,aAAa;gBACb,iBAAiB;gBACjB,YAAY;gBACZ,SAAS;gBACT,cAAc;gBACd,cAAc;gBACd,kBAAkB;gBAClB,KAAK;gBACL,cAAc;gBACd,cAAc;gBACd,gBAAgB;gBAChB,OAAO;gBACP,kBAAkB;gBAClB,OAAO;gBACP,sBAAsB;gBACtB,sBAAsB;aACvB;YACD,mBAAmB,EAAE,EAAE;SACxB;QACD,QAAQ,EAAE;YACR,OAAO,EAAE;gBACP,OAAO,EAAE,IAAI;gBACb,UAAU,EAAE,IAAI;gBAChB,KAAK,EAAE,IAAI;gBACX,YAAY,EAAE,IAAI;gBAClB,cAAc,EAAE,IAAI;gBACpB,YAAY,EAAE,IAAI;gBAClB,aAAa,EAAE,IAAI;gBACnB,UAAU,EAAE,IAAI;gBAChB,oBAAoB,EAAE,IAAI;gBAC1B,cAAc,EAAE,IAAI;aACrB;YACD,cAAc,EAAE;gBACd,MAAM,EAAE,IAAI;gBACZ,SAAS,EAAE,EAAE;aACd;YACD,qBAAqB,EAAE,IAAI;YAC3B,cAAc,EAAE,EAAE;YAClB,gBAAgB,EAAE,CAAC;YACnB,uBAAuB,EAAE,EAAE;YAC3B,2BAA2B,EAAE,GAAG;YAChC,oBAAoB,EAAE,EAAE;SACzB;QACD,SAAS,EAAE;YACT,YAAY,EAAE,gBAAgB;YAC9B,cAAc,EAAE,8BAA8B;SAC/C;QACD,OAAO,EAAE;YACP,eAAe,EAAE,CAAC;YAClB,mBAAmB,EAAE,IAAI;YACzB,kBAAkB,EAAE,GAAG;YACvB,wBAAwB,EAAE,SAAS;SACpC;QACD,SAAS,EAAE;YACT,gBAAgB,EAAE,KAAK;SACxB;QACD,SAAS,EAAE;YACT,QAAQ,EAAE,IAAI;YACd,KAAK,EAAE,IAAI;YACX,UAAU,EAAE,KAAK;SAClB;KACF,CAAC;AACJ,CAAC"}
+{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/templates/config.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAE5C,MAAM,UAAU,aAAa;IAC3B,OAAO;QACL,OAAO,EAAE,WAAW;QACpB,SAAS,EAAE;YACT,OAAO,EAAE,uBAAuB;YAChC,SAAS,EAAE,mBAAmB;YAC9B,aAAa,EAAE,uBAAuB;YACtC,WAAW,EAAE,qBAAqB;YAClC,aAAa,EAAE,uBAAuB;SACvC;QACD,IAAI,EAAE;YACJ,OAAO,EAAE,CAAC,MAAM,CAAC;YACjB,OAAO,EAAE;gBACP,kBAAkB;gBAClB,SAAS;gBACT,mCAAmC;gBACnC,iBAAiB;gBACjB,WAAW;gBACX,UAAU;gBACV,SAAS;gBACT,eAAe;gBACf,SAAS;gBACT,UAAU;gBACV,QAAQ;gBACR,WAAW;gBACX,QAAQ;gBACR,SAAS;gBACT,gBAAgB;gBAChB,aAAa;gBACb,gBAAgB;gBAChB,SAAS;gBACT,gBAAgB;gBAChB,kBAAkB;gBAClB,uBAAuB;gBACvB,UAAU;gBACV,aAAa;gBACb,OAAO;gBACP,OAAO;gBACP,MAAM;gBACN,UAAU;gBACV,YAAY;gBACZ,6CAA6C;gBAC7C,mBAAmB;gBACnB,WAAW;gBACX,gBAAgB;gBAChB,cAAc;gBACd,aAAa;gBACb,QAAQ;gBACR,YAAY;aACb;YACD,aAAa,EAAE;gBACb,QAAQ;gBACR,aAAa;gBACb,aAAa;gBACb,iBAAiB;gBACjB,YAAY;gBACZ,SAAS;gBACT,cAAc;gBACd,cAAc;gBACd,kBAAkB;gBAClB,KAAK;gBACL,cAAc;gBACd,cAAc;gBACd,gBAAgB;gBAChB,OAAO;gBACP,kBAAkB;gBAClB,OAAO;gBACP,sBAAsB;gBACtB,sBAAsB;aACvB;YACD,mBAAmB,EAAE,EAAE;SACxB;QACD,QAAQ,EAAE;YACR,OAAO,EAAE;gBACP,OAAO,EAAE,IAAI;gBACb,UAAU,EAAE,IAAI;gBAChB,KAAK,EAAE,IAAI;gBACX,YAAY,EAAE,IAAI;gBAClB,cAAc,EAAE,IAAI;gBACpB,YAAY,EAAE,IAAI;gBAClB,aAAa,EAAE,IAAI;gBACnB,UAAU,EAAE,IAAI;gBAChB,oBAAoB,EAAE,IAAI;gBAC1B,cAAc,EAAE,IAAI;aACrB;YACD,cAAc,EAAE;gBACd,MAAM,EAAE,IAAI;gBACZ,SAAS,EAAE,EAAE;aACd;YACD,qBAAqB,EAAE,IAAI;YAC3B,cAAc,EAAE,EAAE;YAClB,gBAAgB,EAAE,CAAC;YACnB,uBAAuB,EAAE,EAAE;YAC3B,2BAA2B,EAAE,GAAG;YAChC,oBAAoB,EAAE,EAAE;SACzB;QACD,SAAS,EAAE;YACT,YAAY,EAAE,gBAAgB;YAC9B,cAAc,EAAE,8BAA8B;SAC/C;QACD,OAAO,EAAE;YACP,eAAe,EAAE,CAAC;YAClB,mBAAmB,EAAE,IAAI;YACzB,kBAAkB,EAAE,GAAG;YACvB,wBAAwB,EAAE,SAAS;SACpC;QACD,SAAS,EAAE;YACT,gBAAgB,EAAE,KAAK;SACxB;QACD,SAAS,EAAE;YACT,QAAQ,EAAE,IAAI;YACd,KAAK,EAAE,IAAI;YACX,UAAU,EAAE,KAAK;SAClB;QACD,WAAW,EAAE;YACX,YAAY,EAAE,KAAK;SACpB;KACF,CAAC;AACJ,CAAC"}

package/dist/templates/hooks.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"hooks.d.ts","sourceRoot":"","sources":["../../src/templates/hooks.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,MAAM,WAAW,SAAS;IACxB,IAAI,EAAE,SAAS,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,WAAW;IAC1B,KAAK,EAAE;QACL,YAAY,CAAC,EAAE,SAAS,EAAE,CAAC;QAC3B,UAAU,CAAC,EAAE,SAAS,EAAE,CAAC;QACzB,WAAW,CAAC,EAAE,SAAS,EAAE,CAAC;QAC1B,UAAU,CAAC,EAAE,SAAS,EAAE,CAAC;QACzB,IAAI,CAAC,EAAE,SAAS,EAAE,CAAC;KACpB,CAAC;CACH;AAED,wBAAgB,YAAY,IAAI,WAAW,CAkI1C"}
+{"version":3,"file":"hooks.d.ts","sourceRoot":"","sources":["../../src/templates/hooks.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,MAAM,WAAW,SAAS;IACxB,IAAI,EAAE,SAAS,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,WAAW;IAC1B,KAAK,EAAE;QACL,YAAY,CAAC,EAAE,SAAS,EAAE,CAAC;QAC3B,UAAU,CAAC,EAAE,SAAS,EAAE,CAAC;QACzB,WAAW,CAAC,EAAE,SAAS,EAAE,CAAC;QAC1B,UAAU,CAAC,EAAE,SAAS,EAAE,CAAC;QACzB,IAAI,CAAC,EAAE,SAAS,EAAE,CAAC;KACpB,CAAC;CACH;AAED,wBAAgB,YAAY,IAAI,WAAW,CAmK1C"}

package/dist/templates/hooks.js

@@ -17,10 +17,11 @@
  * the hook prints a diagnostic message instead of silently breaking.
  */
 export function defaultHooks() {
-    // CLI resolution preamble: checks PATH, local node_modules, then monorepo source
+    // CLI resolution preamble: checks vendored bundle, PATH, local node_modules, then monorepo source
     const CL_RESOLVE = [
         'CL_CMD="";',
-        'if command -v codeledger >/dev/null 2>&1; then CL_CMD="codeledger";',
+        'if [ -f ".codeledger/bin/codeledger-standalone.cjs" ]; then CL_CMD="node .codeledger/bin/codeledger-standalone.cjs";',
+        'elif command -v codeledger >/dev/null 2>&1; then CL_CMD="codeledger";',
         'elif [ -x "node_modules/.bin/codeledger" ]; then CL_CMD="node_modules/.bin/codeledger";',
         'elif [ -f "packages/cli/dist/index.js" ]; then CL_CMD="node packages/cli/dist/index.js";',
         'fi;',
@@ -95,6 +96,38 @@ export function defaultHooks() {
                     ].join(' '),
                     timeout: 10000,
                 },
+                // Periodic nudge after every N file reads — reminds the agent to
+                // run progress-check or refine between stages of multi-step tasks.
+                {
+                    type: 'command',
+                    command: [
+                        'if [ "$TOOL_NAME" = "Read" ]; then',
+                        '  CL_SID="${CODELEDGER_SESSION:-}";',
+                        '  if [ -z "$CL_SID" ] && [ -n "$$" ]; then',
+                        '    CL_MARKER=".codeledger/.current-session-pid-$PPID";',
+                        '    [ -f "$CL_MARKER" ] && CL_SID=$(cat "$CL_MARKER" 2>/dev/null);',
+                        '  fi;',
+                        '  if [ -n "$CL_SID" ]; then',
+                        '    LOGDIR=".codeledger/sessions/$CL_SID";',
+                        '  else',
+                        '    LOGDIR=".codeledger";',
+                        '  fi;',
+                        '  LOGFILE="$LOGDIR/.read-log.jsonl";',
+                        '  NUDGE_MARKER="$LOGDIR/.last-nudge-count";',
+                        '  NUDGE_INTERVAL=10;',
+                        '  if [ -f "$LOGFILE" ]; then',
+                        '    TOTAL=$(wc -l < "$LOGFILE" 2>/dev/null | tr -d " ");',
+                        '    LAST_NUDGE=$(cat "$NUDGE_MARKER" 2>/dev/null || echo 0);',
+                        '    SINCE=$((TOTAL - LAST_NUDGE));',
+                        '    if [ "$SINCE" -ge "$NUDGE_INTERVAL" ]; then',
+                        '      echo "$TOTAL" > "$NUDGE_MARKER";',
+                        '      echo "CodeLedger: $TOTAL files read this session. Run codeledger progress-check to see bundle coverage, or codeledger refine --learned \\"...\\" to re-score.";',
+                        '    fi;',
+                        '  fi;',
+                        'fi',
+                    ].join(' '),
+                    timeout: 3000,
+                },
             ],
             PreCompact: [
                 {

package/dist/templates/hooks.js.map

@@ -1 +1 @@
-{"version":3,"file":"hooks.js","sourceRoot":"","sources":["../../src/templates/hooks.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAkBH,MAAM,UAAU,YAAY;IAC1B,iFAAiF;IACjF,MAAM,UAAU,GAAG;QACjB,YAAY;QACZ,qEAAqE;QACrE,yFAAyF;QACzF,0FAA0F;QAC1F,KAAK;KACN,CAAC;IAEF,OAAO;QACL,KAAK,EAAE;YACL,YAAY,EAAE;gBACZ;oBACE,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE;wBACP,GAAG,UAAU;wBACb,2BAA2B;wBAC3B,6EAA6E;wBAC7E,MAAM;wBACN,+DAA+D;wBAC/D,6BAA6B;wBAC7B,0CAA0C;wBAC1C,sEAAsE;wBACtE,QAAQ;wBACR,kDAAkD;wBAClD,OAAO;wBACP,IAAI;qBACL,CAAC,IAAI,CAAC,GAAG,CAAC;oBACX,OAAO,EAAE,KAAK;iBACf;aACF;YACD,UAAU,EAAE;gBACV;oBACE,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE;wBACP,kEAAkE;wBAClE,qCAAqC;wBACrC,4CAA4C;wBAC5C,yDAAyD;wBACzD,oEAAoE;wBACpE,OAAO;wBACP,6BAA6B;wBAC7B,2DAA2D;wBAC3D,6DAA6D;wBAC7D,QAAQ;wBACR,0CAA0C;wBAC1C,4CAA4C;wBAC5C,OAAO;wBACP,+BAA+B;wBAC/B,yDAAyD;wBACzD,mFAAmF;wBACnF,OAAO;wBACP,IAAI;qBACL,CAAC,IAAI,CAAC,GAAG,CAAC;oBACX,OAAO,EAAE,IAAI;iBACd;aACF;YACD,WAAW,EAAE;gBACX;oBACE,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE;wBACP,iFAAiF;wBACjF,qCAAqC;wBACrC,4CAA4C;wBAC5C,yDAAyD;wBACzD,oEAAoE;wBACpE,OAAO;wBACP,GAAG,UAAU;wBACb,6BAA6B;wBAC7B,+BAA+B;wBAC/B,wEAAwE;wBACxE,UAAU;wBACV,oDAAoD;wBACpD,SAAS;wBACT,OAAO;wBACP,IAAI;qBACL,CAAC,IAAI,CAAC,GAAG,CAAC;oBACX,OAAO,EAAE,KAAK;iBACf;aACF;YACD,UAAU,EAAE;gBACV;oBACE,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE;wBACP,mCAAmC;wBACnC,0CAA0C;wBAC1C,uDAAuD;wBACvD,kEAAkE;wBAClE,KAAK;wBACL,GAAG,UAAU;wBACb,2BAA2B;wBAC3B,6BAA6B;wBAC7B,+EAA+E;wBAC/E,4IAA4I;wBAC5I,QAAQ;wBACR,2DAA2D;wBAC3D,2HAA2H;wBAC3H,OAAO;wBACP,IAAI;qBACL,CAAC,IAAI,CAAC,GAAG,CAAC;oBACX,OAAO,EAAE,KAAK;iBACf;aACF;YACD,IAAI,EAAE;gBACJ;oBACE,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE;wBACP,mCAAmC;wBACnC,0CAA0C;wBAC1C,uDAAuD;wBACvD,kEAAkE;wBAClE,KAAK;wBACL,GAAG,UAAU;wBACb,2BAA2B;wBAC3B,6BAA6B;wBAC7B,8EAA8E;wBAC9E,sEAAsE;wBACtE,QAAQ;wBACR,0DAA0D;wBAC1D,gIAAgI;wBAChI,OAAO;wBACP,KAAK;wBACL,uGAAuG;qBACxG,CAAC,IAAI,CAAC,GAAG,CAAC;oBACX,OAAO,EAAE,KAAK;iBACf;aACF;SACF;KACF,CAAC;AACJ,CAAC"}
+{"version":3,"file":"hooks.js","sourceRoot":"","sources":["../../src/templates/hooks.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAkBH,MAAM,UAAU,YAAY;IAC1B,kGAAkG;IAClG,MAAM,UAAU,GAAG;QACjB,YAAY;QACZ,sHAAsH;QACtH,uEAAuE;QACvE,yFAAyF;QACzF,0FAA0F;QAC1F,KAAK;KACN,CAAC;IAEF,OAAO;QACL,KAAK,EAAE;YACL,YAAY,EAAE;gBACZ;oBACE,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE;wBACP,GAAG,UAAU;wBACb,2BAA2B;wBAC3B,6EAA6E;wBAC7E,MAAM;wBACN,+DAA+D;wBAC/D,6BAA6B;wBAC7B,0CAA0C;wBAC1C,sEAAsE;wBACtE,QAAQ;wBACR,kDAAkD;wBAClD,OAAO;wBACP,IAAI;qBACL,CAAC,IAAI,CAAC,GAAG,CAAC;oBACX,OAAO,EAAE,KAAK;iBACf;aACF;YACD,UAAU,EAAE;gBACV;oBACE,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE;wBACP,kEAAkE;wBAClE,qCAAqC;wBACrC,4CAA4C;wBAC5C,yDAAyD;wBACzD,oEAAoE;wBACpE,OAAO;wBACP,6BAA6B;wBAC7B,2DAA2D;wBAC3D,6DAA6D;wBAC7D,QAAQ;wBACR,0CAA0C;wBAC1C,4CAA4C;wBAC5C,OAAO;wBACP,+BAA+B;wBAC/B,yDAAyD;wBACzD,mFAAmF;wBACnF,OAAO;wBACP,IAAI;qBACL,CAAC,IAAI,CAAC,GAAG,CAAC;oBACX,OAAO,EAAE,IAAI;iBACd;aACF;YACD,WAAW,EAAE;gBACX;oBACE,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE;wBACP,iFAAiF;wBACjF,qCAAqC;wBACrC,4CAA4C;wBAC5C,yDAAyD;wBACzD,oEAAoE;wBACpE,OAAO;wBACP,GAAG,UAAU;wBACb,6BAA6B;wBAC7B,+BAA+B;wBAC/B,wEAAwE;wBACxE,UAAU;wBACV,oDAAoD;wBACpD,SAAS;wBACT,OAAO;wBACP,IAAI;qBACL,CAAC,IAAI,CAAC,GAAG,CAAC;oBACX,OAAO,EAAE,KAAK;iBACf;gBACD,iEAAiE;gBACjE,mEAAmE;gBACnE;oBACE,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE;wBACP,oCAAoC;wBACpC,qCAAqC;wBACrC,4CAA4C;wBAC5C,yDAAyD;wBACzD,oEAAoE;wBACpE,OAAO;wBACP,6BAA6B;wBAC7B,4CAA4C;wBAC5C,QAAQ;wBACR,2BAA2B;wBAC3B,OAAO;wBACP,sCAAsC;wBACtC,6CAA6C;wBAC7C,sBAAsB;wBACtB,8BAA8B;wBAC9B,0DAA0D;wBAC1D,8DAA8D;wBAC9D,oCAAoC;wBACpC,iDAAiD;wBACjD,wCAAwC;wBACxC,uKAAuK;wBACvK,SAAS;wBACT,OAAO;wBACP,IAAI;qBACL,CAAC,IAAI,CAAC,GAAG,CAAC;oBACX,OAAO,EAAE,IAAI;iBACd;aACF;YACD,UAAU,EAAE;gBACV;oBACE,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE;wBACP,mCAAmC;wBACnC,0CAA0C;wBAC1C,uDAAuD;wBACvD,kEAAkE;wBAClE,KAAK;wBACL,GAAG,UAAU;wBACb,2BAA2B;wBAC3B,6BAA6B;wBAC7B,+EAA+E;wBAC/E,4IAA4I;wBAC5I,QAAQ;wBACR,2DAA2D;wBAC3D,2HAA2H;wBAC3H,OAAO;wBACP,IAAI;qBACL,CAAC,IAAI,CAAC,GAAG,CAAC;oBACX,OAAO,EAAE,KAAK;iBACf;aACF;YACD,IAAI,EAAE;gBACJ;oBACE,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE;wBACP,mCAAmC;wBACnC,0CAA0C;wBAC1C,uDAAuD;wBACvD,kEAAkE;wBAClE,KAAK;wBACL,GAAG,UAAU;wBACb,2BAA2B;wBAC3B,6BAA6B;wBAC7B,8EAA8E;wBAC9E,sEAAsE;wBACtE,QAAQ;wBACR,0DAA0D;wBAC1D,gIAAgI;wBAChI,OAAO;wBACP,KAAK;wBACL,uGAAuG;qBACxG,CAAC,IAAI,CAAC,GAAG,CAAC;oBACX,OAAO,EAAE,KAAK;iBACf;aACF;SACF;KACF,CAAC;AACJ,CAAC"}