@codeledger/cli 0.5.0 → 0.6.0

package/dist/verify/evaluate.d.ts

@@ -0,0 +1,10 @@
+import type { ResolvedPolicyV1, ContextManifestV1, ViolationV1, CoverageAttestationV1 } from '@codeledger/types';
+/**
+ * Evaluate a manifest against a resolved policy. Returns violations sorted
+ * by code then path for deterministic output.
+ *
+ * This function does NOT make pass/fail decisions — it only detects violations.
+ * The calling code decides exit codes based on policy mode.
+ */
+export declare function evaluatePolicy(manifest: ContextManifestV1, policy: ResolvedPolicyV1, coverageAttestation?: CoverageAttestationV1): ViolationV1[];
+//# sourceMappingURL=evaluate.d.ts.map

package/dist/verify/evaluate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"evaluate.d.ts","sourceRoot":"","sources":["../../src/verify/evaluate.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,gBAAgB,EAChB,iBAAiB,EACjB,WAAW,EACX,qBAAqB,EACtB,MAAM,mBAAmB,CAAC;AAE3B;;;;;;GAMG;AACH,wBAAgB,cAAc,CAC5B,QAAQ,EAAE,iBAAiB,EAC3B,MAAM,EAAE,gBAAgB,EACxB,mBAAmB,CAAC,EAAE,qBAAqB,GAC1C,WAAW,EAAE,CAsGf"}

package/dist/verify/evaluate.js

@@ -0,0 +1,117 @@
+/**
+ * Evaluate a manifest against a resolved policy. Returns violations sorted
+ * by code then path for deterministic output.
+ *
+ * This function does NOT make pass/fail decisions — it only detects violations.
+ * The calling code decides exit codes based on policy mode.
+ */
+export function evaluatePolicy(manifest, policy, coverageAttestation) {
+    const violations = [];
+    // LOW_CONFIDENCE — overall_confidence < min_confidence
+    if (manifest.confidence.overall < policy.min_confidence) {
+        violations.push({
+            code: 'LOW_CONFIDENCE',
+            message: `Overall confidence ${manifest.confidence.overall.toFixed(2)} below minimum ${policy.min_confidence.toFixed(2)}`,
+            value: manifest.confidence.overall,
+            threshold: policy.min_confidence,
+        });
+    }
+    // HIGH_DRIFT — drift_score > max_drift
+    if (manifest.intent.drift_score > policy.max_drift) {
+        violations.push({
+            code: 'HIGH_DRIFT',
+            message: `Drift score ${manifest.intent.drift_score.toFixed(2)} exceeds maximum ${policy.max_drift.toFixed(2)}`,
+            value: manifest.intent.drift_score,
+            threshold: policy.max_drift,
+        });
+    }
+    // DENY_PATH_MATCH — selected file matches deny_paths pattern
+    for (const file of manifest.bundle.files) {
+        for (const pattern of policy.deny_paths) {
+            if (matchDenyPattern(file.path, pattern)) {
+                violations.push({
+                    code: 'DENY_PATH_MATCH',
+                    message: `Selected file ${file.path} matches deny pattern ${pattern}`,
+                    path: file.path,
+                    pattern,
+                });
+            }
+        }
+    }
+    // MISSING_TESTS — test_presence below threshold when require_tests is true
+    if (policy.require_tests) {
+        const testPresence = manifest.confidence.envelope.test_presence;
+        // require_tests uses a fixed threshold of 0.50
+        const threshold = 0.50;
+        if (testPresence < threshold) {
+            violations.push({
+                code: 'MISSING_TESTS',
+                message: `Test presence ${testPresence.toFixed(2)} below required threshold ${threshold.toFixed(2)}`,
+                value: testPresence,
+                threshold,
+            });
+        }
+    }
+    // BUNDLE_TOO_LARGE — file count or byte count exceeds policy limits
+    if (manifest.bundle.file_count > policy.bundle_max_files) {
+        violations.push({
+            code: 'BUNDLE_TOO_LARGE',
+            message: `Bundle file count ${manifest.bundle.file_count} exceeds limit ${policy.bundle_max_files}`,
+            dimension: 'file_count',
+            value: manifest.bundle.file_count,
+            threshold: policy.bundle_max_files,
+        });
+    }
+    if (manifest.bundle.total_bytes > policy.bundle_max_bytes) {
+        violations.push({
+            code: 'BUNDLE_TOO_LARGE',
+            message: `Bundle byte size ${manifest.bundle.total_bytes} exceeds limit ${policy.bundle_max_bytes}`,
+            dimension: 'byte_size',
+            value: manifest.bundle.total_bytes,
+            threshold: policy.bundle_max_bytes,
+        });
+    }
+    // INSUFFICIENT_COVERAGE — review coverage below policy minimum
+    if (coverageAttestation && policy.min_review_coverage !== undefined) {
+        if (coverageAttestation.file_coverage < policy.min_review_coverage) {
+            violations.push({
+                code: 'INSUFFICIENT_COVERAGE',
+                message: `Review file coverage ${coverageAttestation.file_coverage.toFixed(2)} below minimum ${policy.min_review_coverage.toFixed(2)}`,
+                value: coverageAttestation.file_coverage,
+                threshold: policy.min_review_coverage,
+            });
+        }
+    }
+    // POST_HOC_READS — reads that occurred after claims were written
+    if (coverageAttestation && policy.block_post_hoc_reads && coverageAttestation.post_hoc_read_count > 0) {
+        violations.push({
+            code: 'POST_HOC_READS',
+            message: `${coverageAttestation.post_hoc_read_count} file(s) were read after review claims were written`,
+            value: coverageAttestation.post_hoc_read_count,
+        });
+    }
+    // Sort by code, then by path (if present) for deterministic output
+    violations.sort((a, b) => {
+        const codeCmp = a.code.localeCompare(b.code);
+        if (codeCmp !== 0)
+            return codeCmp;
+        return (a.path ?? '').localeCompare(b.path ?? '');
+    });
+    return violations;
+}
+/**
+ * Match a file path against a deny pattern.
+ * Supports simple glob patterns with * wildcard.
+ */
+function matchDenyPattern(filePath, pattern) {
+    // Convert glob pattern to regex
+    const escaped = pattern
+        .replace(/[.+^${}()|[\]\\]/g, '\\$&')
+        .replace(/\*/g, '.*');
+    const regex = new RegExp(`^${escaped}$|/${escaped}$|^${escaped}/|/${escaped}/`);
+    // Also match against the basename
+    const basename = filePath.split('/').pop() ?? filePath;
+    const baseRegex = new RegExp(`^${escaped}$`);
+    return regex.test(filePath) || baseRegex.test(basename);
+}
+//# sourceMappingURL=evaluate.js.map

package/dist/verify/evaluate.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"evaluate.js","sourceRoot":"","sources":["../../src/verify/evaluate.ts"],"names":[],"mappings":"AAOA;;;;;;GAMG;AACH,MAAM,UAAU,cAAc,CAC5B,QAA2B,EAC3B,MAAwB,EACxB,mBAA2C;IAE3C,MAAM,UAAU,GAAkB,EAAE,CAAC;IAErC,uDAAuD;IACvD,IAAI,QAAQ,CAAC,UAAU,CAAC,OAAO,GAAG,MAAM,CAAC,cAAc,EAAE,CAAC;QACxD,UAAU,CAAC,IAAI,CAAC;YACd,IAAI,EAAE,gBAAgB;YACtB,OAAO,EAAE,sBAAsB,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,kBAAkB,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;YACzH,KAAK,EAAE,QAAQ,CAAC,UAAU,CAAC,OAAO;YAClC,SAAS,EAAE,MAAM,CAAC,cAAc;SACjC,CAAC,CAAC;IACL,CAAC;IAED,uCAAuC;IACvC,IAAI,QAAQ,CAAC,MAAM,CAAC,WAAW,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC;QACnD,UAAU,CAAC,IAAI,CAAC;YACd,IAAI,EAAE,YAAY;YAClB,OAAO,EAAE,eAAe,QAAQ,CAAC,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,oBAAoB,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;YAC/G,KAAK,EAAE,QAAQ,CAAC,MAAM,CAAC,WAAW;YAClC,SAAS,EAAE,MAAM,CAAC,SAAS;SAC5B,CAAC,CAAC;IACL,CAAC;IAED,6DAA6D;IAC7D,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;QACzC,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;YACxC,IAAI,gBAAgB,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;gBACzC,UAAU,CAAC,IAAI,CAAC;oBACd,IAAI,EAAE,iBAAiB;oBACvB,OAAO,EAAE,iBAAiB,IAAI,CAAC,IAAI,yBAAyB,OAAO,EAAE;oBACrE,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,OAAO;iBACR,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,2EAA2E;IAC3E,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QACzB,MAAM,YAAY,GAAG,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC,aAAa,CAAC;QAChE,+CAA+C;QAC/C,MAAM,SAAS,GAAG,IAAI,CAAC;QACvB,IAAI,YAAY,GAAG,SAAS,EAAE,CAAC;YAC7B,UAAU,CAAC,IAAI,CAAC;gBACd,IAAI,EAAE,eAAe;gBACrB,OAAO,EAAE,iBAAiB,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,6BAA6B,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;gBACpG,KAAK,EAAE,YAAY;gBACnB,SAAS;aACV,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,oEAAoE;IACpE,IAAI,QAAQ,CAAC,MAAM,CAAC,UAAU,GAAG,MAAM,CAAC,gBAAgB,EAAE,CAAC;QACzD,UAAU,CAAC,IAAI,CAAC;YACd,IAAI,EAAE,kBAAkB;YACxB,OAAO,EAAE,qBAAqB,QAAQ,CAAC,MAAM,CAAC,UAAU,kBAAkB,MAAM,CAAC,gBAAgB,EAAE;YACnG,SAAS,EAAE,YAAY;YACvB,KAAK,EAAE,QAAQ,CAAC,MAAM,CAAC,UAAU;YACjC,SAAS,EAAE,MAAM,CAAC,gBAAgB;SACnC,CAAC,CAAC;IACL,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,CAAC,WAAW,GAAG,MAAM,CAAC,gBAAgB,EAAE,CAAC;QAC1D,UAAU,CAAC,IAAI,CAAC;YACd,IAAI,EAAE,kBAAkB;YACxB,OAAO,EAAE,oBAAoB,QAAQ,CAAC,MAAM,CAAC,WAAW,kBAAkB,MAAM,CAAC,gBAAgB,EAAE;YACnG,SAAS,EAAE,WAAW;YACtB,KAAK,EAAE,QAAQ,CAAC,MAAM,CAAC,WAAW;YAClC,SAAS,EAAE,MAAM,CAAC,gBAAgB;SACnC,CAAC,CAAC;IACL,CAAC;IAED,+DAA+D;IAC/D,IAAI,mBAAmB,IAAI,MAAM,CAAC,mBAAmB,KAAK,SAAS,EAAE,CAAC;QACpE,IAAI,mBAAmB,CAAC,aAAa,GAAG,MAAM,CAAC,mBAAmB,EAAE,CAAC;YACnE,UAAU,CAAC,IAAI,CAAC;gBACd,IAAI,EAAE,uBAAuB;gBAC7B,OAAO,EAAE,wBAAwB,mBAAmB,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,kBAAkB,MAAM,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;gBACtI,KAAK,EAAE,mBAAmB,CAAC,aAAa;gBACxC,SAAS,EAAE,MAAM,CAAC,mBAAmB;aACtC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,iEAAiE;IACjE,IAAI,mBAAmB,IAAI,MAAM,CAAC,oBAAoB,IAAI,mBAAmB,CAAC,mBAAmB,GAAG,CAAC,EAAE,CAAC;QACtG,UAAU,CAAC,IAAI,CAAC;YACd,IAAI,EAAE,gBAAgB;YACtB,OAAO,EAAE,GAAG,mBAAmB,CAAC,mBAAmB,qDAAqD;YACxG,KAAK,EAAE,mBAAmB,CAAC,mBAAmB;SAC/C,CAAC,CAAC;IACL,CAAC;IAED,mEAAmE;IACnE,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACvB,MAAM,OAAO,GAAG,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAC7C,IAAI,OAAO,KAAK,CAAC;YAAE,OAAO,OAAO,CAAC;QAClC,OAAO,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB,CAAC,QAAgB,EAAE,OAAe;IACzD,gCAAgC;IAChC,MAAM,OAAO,GAAG,OAAO;SACpB,OAAO,CAAC,mBAAmB,EAAE,MAAM,CAAC;SACpC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IACxB,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,IAAI,OAAO,MAAM,OAAO,MAAM,OAAO,MAAM,OAAO,GAAG,CAAC,CAAC;IAEhF,kCAAkC;IAClC,MAAM,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,QAAQ,CAAC;IACvD,MAAM,SAAS,GAAG,IAAI,MAAM,CAAC,IAAI,OAAO,GAAG,CAAC,CAAC;IAE7C,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AAC1D,CAAC"}

package/dist/verify/policy-snapshot.d.ts

@@ -0,0 +1,7 @@
+import type { ResolvedPolicyV1 } from '@codeledger/types';
+/**
+ * Build and write a policy snapshot — records the resolved policy used
+ * during a verify run, including its hash for audit trail.
+ */
+export declare function writePolicySnapshot(policy: ResolvedPolicyV1, outPath: string): void;
+//# sourceMappingURL=policy-snapshot.d.ts.map

package/dist/verify/policy-snapshot.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy-snapshot.d.ts","sourceRoot":"","sources":["../../src/verify/policy-snapshot.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,gBAAgB,EAAqC,MAAM,mBAAmB,CAAC;AAG7F;;;GAGG;AACH,wBAAgB,mBAAmB,CACjC,MAAM,EAAE,gBAAgB,EACxB,OAAO,EAAE,MAAM,GACd,IAAI,CA6BN"}

package/dist/verify/policy-snapshot.js

@@ -0,0 +1,36 @@
+import { createHash } from 'node:crypto';
+import { writeFileSync, mkdirSync } from 'node:fs';
+import { dirname } from 'node:path';
+import { canonicalize } from '../signing/canonicalize.js';
+/**
+ * Build and write a policy snapshot — records the resolved policy used
+ * during a verify run, including its hash for audit trail.
+ */
+export function writePolicySnapshot(policy, outPath) {
+    // Strip resolved_from to get the base policy for hashing
+    const basePolicyForHash = {
+        schema_version: policy.schema_version,
+        mode: policy.mode,
+        min_confidence: policy.min_confidence,
+        max_drift: policy.max_drift,
+        require_tests: policy.require_tests,
+        deny_paths: policy.deny_paths,
+        bundle_max_files: policy.bundle_max_files,
+        bundle_max_bytes: policy.bundle_max_bytes,
+        redact_actor_identity: policy.redact_actor_identity,
+        store_file_paths: policy.store_file_paths,
+    };
+    const hash = createHash('sha256')
+        .update(canonicalize(basePolicyForHash))
+        .digest('hex');
+    const snapshot = {
+        schema_version: 'mustang/policy-snapshot/v1',
+        policy: basePolicyForHash,
+        hash,
+        resolved_from: policy.resolved_from,
+        resolved_at: new Date().toISOString(),
+    };
+    mkdirSync(dirname(outPath), { recursive: true });
+    writeFileSync(outPath, JSON.stringify(snapshot, null, 2) + '\n');
+}
+//# sourceMappingURL=policy-snapshot.js.map

package/dist/verify/policy-snapshot.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy-snapshot.js","sourceRoot":"","sources":["../../src/verify/policy-snapshot.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,aAAa,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAE1D;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAAwB,EACxB,OAAe;IAEf,yDAAyD;IACzD,MAAM,iBAAiB,GAAoB;QACzC,cAAc,EAAE,MAAM,CAAC,cAAc;QACrC,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,cAAc,EAAE,MAAM,CAAC,cAAc;QACrC,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,aAAa,EAAE,MAAM,CAAC,aAAa;QACnC,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;QACzC,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;QACzC,qBAAqB,EAAE,MAAM,CAAC,qBAAqB;QACnD,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;KAC1C,CAAC;IAEF,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC;SAC9B,MAAM,CAAC,YAAY,CAAC,iBAAiB,CAAC,CAAC;SACvC,MAAM,CAAC,KAAK,CAAC,CAAC;IAEjB,MAAM,QAAQ,GAAqB;QACjC,cAAc,EAAE,4BAA4B;QAC5C,MAAM,EAAE,iBAAiB;QACzB,IAAI;QACJ,aAAa,EAAE,MAAM,CAAC,aAAa;QACnC,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACtC,CAAC;IAEF,SAAS,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACjD,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AACnE,CAAC"}

package/dist/verify/report.d.ts

@@ -0,0 +1,11 @@
+import type { ContextManifestV1, ResolvedPolicyV1, ViolationV1, VerifyReportV1 } from '@codeledger/types';
+/**
+ * Build a verify report from manifest, policy, and violations.
+ */
+export declare function buildVerifyReport(opts: {
+    manifest: ContextManifestV1;
+    policy: ResolvedPolicyV1;
+    violations: ViolationV1[];
+    codeledgerVersion: string;
+}): VerifyReportV1;
+//# sourceMappingURL=report.d.ts.map

package/dist/verify/report.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"report.d.ts","sourceRoot":"","sources":["../../src/verify/report.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,iBAAiB,EACjB,gBAAgB,EAChB,WAAW,EACX,cAAc,EAEf,MAAM,mBAAmB,CAAC;AAI3B;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE;IACtC,QAAQ,EAAE,iBAAiB,CAAC;IAC5B,MAAM,EAAE,gBAAgB,CAAC;IACzB,UAAU,EAAE,WAAW,EAAE,CAAC;IAC1B,iBAAiB,EAAE,MAAM,CAAC;CAC3B,GAAG,cAAc,CA+CjB"}

package/dist/verify/report.js

@@ -0,0 +1,64 @@
+import { createHash } from 'node:crypto';
+import { canonicalize } from '../signing/canonicalize.js';
+/**
+ * Build a verify report from manifest, policy, and violations.
+ */
+export function buildVerifyReport(opts) {
+    const { manifest, policy, violations, codeledgerVersion } = opts;
+    // Compute policy hash using Phase 2 canonicalization
+    const policyForHash = {
+        schema_version: policy.schema_version,
+        mode: policy.mode,
+        min_confidence: policy.min_confidence,
+        max_drift: policy.max_drift,
+        require_tests: policy.require_tests,
+        deny_paths: policy.deny_paths,
+        bundle_max_files: policy.bundle_max_files,
+        bundle_max_bytes: policy.bundle_max_bytes,
+        redact_actor_identity: policy.redact_actor_identity,
+        store_file_paths: policy.store_file_paths,
+    };
+    const policyHash = createHash('sha256')
+        .update(canonicalize(policyForHash))
+        .digest('hex');
+    // Determine decision based on mode
+    const passed = determineDecision(policy.mode, violations);
+    return {
+        schema_version: 'mustang/verify-report/v1',
+        codeledger_version: codeledgerVersion,
+        repo: {
+            name: manifest.repo.name,
+            commit_sha: manifest.repo.commit_sha,
+        },
+        policy: {
+            schema_version: 'mustang/policy/v1',
+            mode: policy.mode,
+            hash: policyHash,
+        },
+        metrics: {
+            overall_confidence: manifest.confidence.overall,
+            drift_score: manifest.intent.drift_score,
+            bundle_file_count: manifest.bundle.file_count,
+            bundle_total_bytes: manifest.bundle.total_bytes,
+        },
+        decision: {
+            passed,
+            mode: policy.mode,
+        },
+        violations,
+    };
+}
+/**
+ * Determine pass/fail based on mode and violations.
+ *
+ * - observe: always true (violations are informational only)
+ * - warn: always true (violations printed as warnings)
+ * - block: true only if no violations
+ */
+function determineDecision(mode, violations) {
+    if (mode === 'block') {
+        return violations.length === 0;
+    }
+    return true; // observe and warn always pass
+}
+//# sourceMappingURL=report.js.map

package/dist/verify/report.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"report.js","sourceRoot":"","sources":["../../src/verify/report.ts"],"names":[],"mappings":"AAOA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAE1D;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,IAKjC;IACC,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,EAAE,iBAAiB,EAAE,GAAG,IAAI,CAAC;IAEjE,qDAAqD;IACrD,MAAM,aAAa,GAA4B;QAC7C,cAAc,EAAE,MAAM,CAAC,cAAc;QACrC,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,cAAc,EAAE,MAAM,CAAC,cAAc;QACrC,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,aAAa,EAAE,MAAM,CAAC,aAAa;QACnC,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;QACzC,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;QACzC,qBAAqB,EAAE,MAAM,CAAC,qBAAqB;QACnD,gBAAgB,EAAE,MAAM,CAAC,gBAAgB;KAC1C,CAAC;IACF,MAAM,UAAU,GAAG,UAAU,CAAC,QAAQ,CAAC;SACpC,MAAM,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC;SACnC,MAAM,CAAC,KAAK,CAAC,CAAC;IAEjB,mCAAmC;IACnC,MAAM,MAAM,GAAG,iBAAiB,CAAC,MAAM,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;IAE1D,OAAO;QACL,cAAc,EAAE,0BAA0B;QAC1C,kBAAkB,EAAE,iBAAiB;QACrC,IAAI,EAAE;YACJ,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC,IAAI;YACxB,UAAU,EAAE,QAAQ,CAAC,IAAI,CAAC,UAAU;SACrC;QACD,MAAM,EAAE;YACN,cAAc,EAAE,mBAAmB;YACnC,IAAI,EAAE,MAAM,CAAC,IAAI;YACjB,IAAI,EAAE,UAAU;SACjB;QACD,OAAO,EAAE;YACP,kBAAkB,EAAE,QAAQ,CAAC,UAAU,CAAC,OAAO;YAC/C,WAAW,EAAE,QAAQ,CAAC,MAAM,CAAC,WAAW;YACxC,iBAAiB,EAAE,QAAQ,CAAC,MAAM,CAAC,UAAU;YAC7C,kBAAkB,EAAE,QAAQ,CAAC,MAAM,CAAC,WAAW;SAChD;QACD,QAAQ,EAAE;YACR,MAAM;YACN,IAAI,EAAE,MAAM,CAAC,IAAI;SAClB;QACD,UAAU;KACX,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAS,iBAAiB,CAAC,IAAgB,EAAE,UAAyB;IACpE,IAAI,IAAI,KAAK,OAAO,EAAE,CAAC;QACrB,OAAO,UAAU,CAAC,MAAM,KAAK,CAAC,CAAC;IACjC,CAAC;IACD,OAAO,IAAI,CAAC,CAAC,+BAA+B;AAC9C,CAAC"}

package/package.json

@@ -1,9 +1,9 @@
 {
   "name": "@codeledger/cli",
-  "version": "0.5.0",
+  "version": "0.6.0",
   "type": "module",
   "description": "CLI for CodeLedger — deterministic context selection for AI coding agents",
-  "license": "Apache-2.0",
+  "license": "MIT",
   "repository": {
     "type": "git",
     "url": "https://github.com/codeledgerECF/codeledger-blackbox.git",
@@ -27,14 +27,14 @@
     }
   },
   "dependencies": {
-    "@codeledger/types": "0.5.0",
-    "@codeledger/core": "0.5.0",
-    "@codeledger/core-engine": "0.5.0",
-    "@codeledger/harness": "0.5.0",
-    "@codeledger/repo": "0.5.0",
-    "@codeledger/selector": "0.5.0",
-    "@codeledger/instrument": "0.5.0",
-    "@codeledger/cowork": "0.5.0"
+    "@codeledger/types": "0.6.0",
+    "@codeledger/core": "0.6.0",
+    "@codeledger/core-engine": "0.6.0",
+    "@codeledger/repo": "0.6.0",
+    "@codeledger/instrument": "0.6.0",
+    "@codeledger/harness": "0.6.0",
+    "@codeledger/cowork": "0.6.0",
+    "@codeledger/selector": "0.6.0"
   },
   "devDependencies": {
     "typescript": "^5.4.0"