@company-semantics/contracts 9.1.0 → 9.2.0

package/src/index.ts

@@ -14,17 +14,17 @@
  * Intent categories - the semantic "what kind of concern"
  * @see LANGUAGE_INVARIANTS.md for language-level invariants
  */
-export type IntentCategory = 'safety' | 'privacy' | 'correctness' | 'cost'
+export type IntentCategory = "safety" | "privacy" | "correctness" | "cost";
 
 // Confidence levels - shared vocabulary for certainty
-export type InsightConfidence = 'low' | 'medium' | 'high'
+export type InsightConfidence = "low" | "medium" | "high";
 
 // Invariant enforcement phases (4.0 Observe → 4.1 Stabilize → 4.2 Enforce)
-export type InvariantPhase = 'observe' | 'stabilize' | 'enforce'
+export type InvariantPhase = "observe" | "stabilize" | "enforce";
 
 // Integration partner categories — surface grouping in settings UIs
-export const INTEGRATION_CATEGORIES = ['Meetings', 'Comms', 'Docs'] as const
-export type IntegrationCategory = (typeof INTEGRATION_CATEGORIES)[number]
+export const INTEGRATION_CATEGORIES = ["Meetings", "Comms", "Docs"] as const;
+export type IntegrationCategory = (typeof INTEGRATION_CATEGORIES)[number];
 
 // System diagram types
 export type {
@@ -50,7 +50,7 @@ export type {
   RepoCapability,
   CapabilityManifest,
   AggregatedCapabilities,
-} from './system/index'
+} from "./system/index";
 
 // Guard types (CI guard vocabulary)
 // @see schemas/guard-result.schema.json for JSON Schema
@@ -87,7 +87,7 @@ export type {
   AlertsConfigGuardConfig,
   BackupConfigGuardConfig,
   Soc2Baselines,
-} from './guards/index'
+} from "./guards/index";
 
 export {
   GUARD_SCHEMA_VERSION,
@@ -100,23 +100,20 @@ export {
   REQUIRED_SOC2_CONTROLS,
   BLOCKING_SOC2_CONTROLS,
   SOC2_SCHEMA_VERSION,
-} from './guards/index'
+} from "./guards/index";
 
 // Cross-repo CI aggregation vocabulary
 // @see ADR-CONT-033 for contracts boundary rationale
 // Note: GuardTier is already exported above from './guards/index' (structurally
 // identical); not re-exported here to avoid a duplicate-identifier collision.
-export type {
-  GuardResultPayload,
-  RepoCiResult,
-} from './ci-results/index'
+export type { GuardResultPayload, RepoCiResult } from "./ci-results/index";
 
-export { assertRepoCiResultConsistent } from './ci-results/index'
+export { assertRepoCiResultConsistent } from "./ci-results/index";
 
 // Compatibility manifest (CI guard vocabulary)
 // @see ADR-2025-12-011 for design rationale
-export { COMPATIBILITY } from './compatibility'
-export type { Compatibility, Deprecation } from './compatibility'
+export { COMPATIBILITY } from "./compatibility";
+export type { Compatibility, Deprecation } from "./compatibility";
 
 // User identity types and functions
 // @see ADR-CONT-032 for design rationale
@@ -127,13 +124,17 @@ export type {
   UserLifecycleStatus,
   DeletionBlocker,
   AccountDeletionEligibility,
-} from './identity/index'
-export { extractFirstWord, resolveDisplayName, deriveFullName } from './identity/index'
+} from "./identity/index";
+export {
+  extractFirstWord,
+  resolveDisplayName,
+  deriveFullName,
+} from "./identity/index";
 
 // Avatar types and functions
 // @see ADR-BE-063 for Slack avatar support design
-export type { AvatarSource, ResolvedAvatar } from './identity/index'
-export { generateInitials, resolveAvatar } from './identity/index'
+export type { AvatarSource, ResolvedAvatar } from "./identity/index";
+export { generateInitials, resolveAvatar } from "./identity/index";
 
 // Identity response schemas (Zod) - canonical location per ADR-CONT-044
 export {
@@ -150,7 +151,7 @@ export {
   AccountCancelDeletionResponseSchema,
   BannerDismissedListResponseSchema,
   BannerDismissResponseSchema,
-} from './identity/index'
+} from "./identity/index";
 export type {
   MeResponse,
   AuthVerifyResponse,
@@ -164,7 +165,7 @@ export type {
   AccountCancelDeletionResponse,
   BannerDismissedListResponse,
   BannerDismissResponse,
-} from './identity/index'
+} from "./identity/index";
 
 // People Org Chart (GET /api/users/org-chart)
 export {
@@ -172,23 +173,20 @@ export {
   PeopleOrgChartNodeSchema,
   PeopleOrgChartEdgeSchema,
   PeopleOrgChartResponseSchema,
-} from './identity/index'
+} from "./identity/index";
 export type {
   ReportingRelationshipType,
   PeopleOrgChartNode,
   PeopleOrgChartEdge,
   PeopleOrgChartResponse,
-} from './identity/index'
+} from "./identity/index";
 
 // Auth domain types
-export type { AuthStartMode, AuthStartResponse } from './auth/index'
-export { OTPErrorCode } from './auth/index'
+export type { AuthStartMode, AuthStartResponse } from "./auth/index";
+export { OTPErrorCode } from "./auth/index";
 
 // Dispatch deny vocabulary (PRD-00519/00521/00522)
-export {
-  DISPATCH_DENY_CODES,
-  isDispatchDenyCode,
-} from './dispatch/index'
+export { DISPATCH_DENY_CODES, isDispatchDenyCode } from "./dispatch/index";
 export type {
   ActionTier,
   DispatchDenyCode,
@@ -198,7 +196,7 @@ export type {
   ProviderAccessDenyReason,
   ProviderAccessDeniedMeta,
   WriteTierDisabledMeta,
-} from './dispatch/index'
+} from "./dispatch/index";
 
 // Email domain types
 // @see ADR-CONT-034 for design rationale
@@ -207,13 +205,13 @@ export type {
   EmailPayloads,
   SendEmailInput,
   EmailKindDefinition,
-} from './email/index'
+} from "./email/index";
 
 export {
   EMAIL_KINDS,
   getEmailKindDefinition,
   isValidEmailKind,
-} from './email/index'
+} from "./email/index";
 
 // Chat domain types
 // @see PRD-00142 for share chat design rationale
@@ -249,9 +247,12 @@ export type {
   // Runtime profile types (PRD-00229)
   ChatRuntimeProfile,
   ChatRuntimeProfileInfo,
-} from './chat/index'
+} from "./chat/index";
 
-export { CHAT_RUNTIME_PROFILES, DEFAULT_CHAT_RUNTIME_PROFILE } from './chat/index'
+export {
+  CHAT_RUNTIME_PROFILES,
+  DEFAULT_CHAT_RUNTIME_PROFILE,
+} from "./chat/index";
 
 // Organization domain types
 // @see ADR-BE-XXX for design rationale (Personal vs Shared Organization Model)
@@ -339,12 +340,17 @@ export type {
   AccessExplanation,
   ShareState,
   PermissionAuditEntry,
-} from './org/index'
+} from "./org/index";
 
-export { VIEW_SCOPE_MAP, getViewScope, TRANSFER_RESPONSIBILITIES, IDENTITY_TRUST_LEVEL_LABELS } from './org/index'
+export {
+  VIEW_SCOPE_MAP,
+  getViewScope,
+  TRANSFER_RESPONSIBILITIES,
+  IDENTITY_TRUST_LEVEL_LABELS,
+} from "./org/index";
 
 // View authorization types (Phase 5 - ADR-APP-013)
-export type { AuthorizableView } from './org/index'
+export type { AuthorizableView } from "./org/index";
 
 // Authority & Delegation vocabulary
 export {
@@ -360,7 +366,7 @@ export {
   DelegationSchema,
   CreateDelegationRequestSchema,
   DelegationListResponseSchema,
-} from './org/index'
+} from "./org/index";
 export type {
   AuthoritySource,
   AuthorityOrigin,
@@ -374,7 +380,7 @@ export type {
   Delegation,
   CreateDelegationRequest,
   DelegationListResponse,
-} from './org/index'
+} from "./org/index";
 
 // MCP tool discovery types
 // @see company-semantics-backend/src/interfaces/mcp/ for implementation
@@ -399,9 +405,9 @@ export type {
   CapabilityGraph,
   CapabilityGraphEdge,
   ToolWorkflow,
-} from './mcp/index'
+} from "./mcp/index";
 
-export { buildCapabilityGraph } from './mcp/index'
+export { buildCapabilityGraph } from "./mcp/index";
 
 // Message part types and builder functions
 // @see ADR-2026-01-022 for design rationale
@@ -456,7 +462,7 @@ export type {
   MessageStartDataPart,
   MessageDeltaDataPart,
   MessageCompleteDataPart,
-} from './message-parts/index'
+} from "./message-parts/index";
 
 export {
   isTextPart,
@@ -470,7 +476,7 @@ export {
   WireSurfaceBuilder,
   CONFIRMATION_LABELS,
   getConfirmationLabel,
-} from './message-parts/index'
+} from "./message-parts/index";
 
 // Execution kind types and registry
 // @see ADR-CONT-029 for design rationale
@@ -490,7 +496,7 @@ export type {
   TimelineStatus,
   TimelineIcon,
   TimelineUIEvent,
-} from './execution/index'
+} from "./execution/index";
 
 export {
   EXECUTION_KINDS,
@@ -498,7 +504,7 @@ export {
   isValidExecutionKind,
   EXECUTION_EVENT_TYPES,
   isExecutionEventType,
-} from './execution/index'
+} from "./execution/index";
 
 // Ralph autonomous coding loop types
 // @see company-semantics-control/docs/ralph.md for usage
@@ -524,10 +530,10 @@ export type {
   RalphIteration,
   RalphMode,
   RalphProgress,
-} from './ralph/index';
+} from "./ralph/index";
 
 // Ralph constants (cross-repo support)
-export { REPO_PRECEDENCE } from './ralph/index'
+export { REPO_PRECEDENCE } from "./ralph/index";
 
 // Internal admin types (cross-org control plane)
 // @see PRD-00113 for design rationale
@@ -535,16 +541,16 @@ export type {
   InternalAdminCapability,
   InternalAdminContext,
   RequestContext,
-} from './internal-admin'
+} from "./internal-admin";
 
 // Rate limit domain types
 // @see PRD-00013 for contracts integration
-export type { RateLimitConfig, RateLimitResult } from './rate-limit/index'
-export { RateLimitTier } from './rate-limit/index'
+export type { RateLimitConfig, RateLimitResult } from "./rate-limit/index";
+export { RateLimitTier } from "./rate-limit/index";
 
 // Billing domain types (v1 — read-only)
 // @see PRD-00121 for design rationale
-export type { OrgPlanStatus, OrgBillingInfo } from './billing/index'
+export type { OrgPlanStatus, OrgBillingInfo } from "./billing/index";
 
 // Impersonation types (break-glass emergency access)
 // @see ADR-BE-068 for trust model
@@ -555,9 +561,9 @@ export type {
   ImpersonationCapability,
   ImpersonationSessionSummary,
   ImpersonationAuditEventType,
-} from './impersonation'
+} from "./impersonation";
 
-export { RESTRICTED_IMPERSONATION_ACTIONS } from './impersonation'
+export { RESTRICTED_IMPERSONATION_ACTIONS } from "./impersonation";
 
 // Impersonation SSE event types (real-time push)
 // @see PRD-00176 for design rationale
@@ -567,7 +573,7 @@ export type {
   ImpersonationSessionEndedEvent,
   ImpersonationSessionExpiredEvent,
   ImpersonationSseEvent,
-} from './impersonation-events'
+} from "./impersonation-events";
 
 // Usage tracking types (internal admin)
 // @see PRD-00166 for design rationale
@@ -586,7 +592,7 @@ export type {
   UnifiedModelUsage,
   UnifiedFeatureUsage,
   UnifiedUsageResponse,
-} from './usage/types'
+} from "./usage/types";
 
 // Runtime execution telemetry types
 // @see PRD-00200 for design rationale
@@ -602,7 +608,7 @@ export type {
   // Budget governance types (PRD-00232)
   BudgetCheck,
   OrgBudgetSettings,
-} from './usage/execution-types'
+} from "./usage/execution-types";
 
 // CI Execution Envelope types
 // @see ADR-CONT-033 for contracts boundary rationale
@@ -627,35 +633,45 @@ export type {
   CIExecutionOutcome,
   // Core Envelope
   CIExecutionEnvelope,
-} from './ci-envelope/index'
+} from "./ci-envelope/index";
 
-export { ENVELOPE_TRANSITIONS } from './ci-envelope/index'
+export { ENVELOPE_TRANSITIONS } from "./ci-envelope/index";
 
 // Resource key types (shared vocabulary for data layer)
 // @see PRD-00321 for design rationale
-export type { ResourceKey, Action } from './resource-keys'
-export { resolveScope, toQueryKey, fromQueryKey, resourceRelationships, matchesResourceKey } from './resource-keys'
+export type { ResourceKey, Action } from "./resource-keys";
+export {
+  resolveScope,
+  toQueryKey,
+  fromQueryKey,
+  resourceRelationships,
+  matchesResourceKey,
+} from "./resource-keys";
 
 // Resource response wrapper (typed versioning for cache invalidation)
-export type { ResourceResponse } from './resource-response'
+export type { ResourceResponse } from "./resource-response";
 
 // Error response types (canonical shape for all API surfaces)
 // @see ADR-BE-098 for design rationale
-export type { ValidationDetail, ErrorResponse } from './errors/index'
+export type { ValidationDetail, ErrorResponse } from "./errors/index";
 
 // OpenAPI generated types (from openapi/backend.yaml)
 // @see src/api/README.md for codegen details
-export type { paths, components, operations } from './api/index'
+export type { paths, components, operations } from "./api/index";
 
 // Spec hash (SHA-256 of openapi/backend.yaml, generated at build time)
-export { SPEC_HASH, SPEC_HASH_FULL } from './api/index'
+export { SPEC_HASH, SPEC_HASH_FULL } from "./api/index";
 
 // OpenAPI route registry (generated from openapi/backend.yaml)
-export { openApiRoutes, type OpenApiRoute, type OpenApiMethod } from './generated/openapi-routes'
+export {
+  openApiRoutes,
+  type OpenApiRoute,
+  type OpenApiMethod,
+} from "./generated/openapi-routes";
 
 // Secret wrapper (multi-surface redaction for sensitive values)
-export type { Secret } from './security/index'
-export { wrapSecret, unwrapSecret } from './security/index'
+export type { Secret } from "./security/index";
+export { wrapSecret, unwrapSecret } from "./security/index";
 
 // Org secrets DTO schemas (PRD-00629)
 // @see src/security/org-secrets.ts for invariants (no value field on summary)
@@ -667,7 +683,7 @@ export {
   CreateSecretRequestSchema,
   RotateSecretRequestSchema,
   DisableSecretRequestSchema,
-} from './security/index'
+} from "./security/index";
 export type {
   UsageClass,
   OrgSecretsAction,
@@ -676,11 +692,14 @@ export type {
   CreateSecretRequest,
   RotateSecretRequest,
   DisableSecretRequest,
-} from './security/index'
+} from "./security/index";
 
 // Analytics response metadata (shared vocabulary for OLTP/OLAP separation)
 // @see ADR-CTRL-053 for design rationale
-export type { AnalyticsBackend, AnalyticsResponseMeta } from './types/analytics'
+export type {
+  AnalyticsBackend,
+  AnalyticsResponseMeta,
+} from "./types/analytics";
 
 // Client request scheduler types (shared tier vocabulary)
 export type {
@@ -689,25 +708,29 @@ export type {
   SchedulerResourceKey,
   RequestDescriptor,
   SchedulerEvent,
-} from './requests'
+} from "./requests";
 
 // Mutation policy types (lane behavior semantics)
-export type { MutationPolicy } from './mutations'
+export type { MutationPolicy } from "./mutations";
 
 // Observability envelope types (shared metric shape)
-export { REQUEST_ID_HEADER } from './observability'
-export type { Labels, MetricEnvelope, SchedulerMetricName } from './observability'
+export { REQUEST_ID_HEADER } from "./observability";
+export type {
+  Labels,
+  MetricEnvelope,
+  SchedulerMetricName,
+} from "./observability";
 
 // Long-lived route vocabulary (PRD-00485 SSE / event-stream isolation)
-export type { LongLivedRouteOptions, LongLivedPlugin } from './sse'
-export { longLivedPlugin } from './sse'
+export type { LongLivedRouteOptions, LongLivedPlugin } from "./sse";
+export { longLivedPlugin } from "./sse";
 
 // Route builder (PRD-00499 h5): required tier + resourceKey at the type level
-export type { HttpMethod, RouteDefinition } from './route-builder'
-export { routeBuilder } from './route-builder'
+export type { HttpMethod, RouteDefinition } from "./route-builder";
+export { routeBuilder } from "./route-builder";
 
 // Query intent vocabulary (PRD-00486 per-tier DB query timeouts + circuit breaker)
-export type { QueryIntent } from './queryIntent'
+export type { QueryIntent } from "./queryIntent";
 
 // System pressure vocabulary (PRD-00489 load-shed + progressive degradation)
 export {
@@ -715,34 +738,39 @@ export {
   HEAP_SHED_PCT,
   HEAP_CLEAR_PCT,
   CLEAR_HOLDDOWN_MS,
-} from './pressure'
-export type { SystemPressureValue, ShedResponse } from './pressure'
+} from "./pressure";
+export type { SystemPressureValue, ShedResponse } from "./pressure";
 
 // Safe-mode vocabulary (PRD-00495 global freeze / circuit breaker)
-export { SYSTEM_SAFE_MODE_HEADER } from './safe-mode'
-export type { SafeModeValue, SafeModeState } from './safe-mode'
+export { SYSTEM_SAFE_MODE_HEADER } from "./safe-mode";
+export type { SafeModeValue, SafeModeState } from "./safe-mode";
 
 // Timeout ladder (PRD-00491 end-to-end timing budgets)
-export { TIMEOUT_LADDER_MS, getTimeoutForTier } from './timeouts'
+export { TIMEOUT_LADDER_MS, getTimeoutForTier } from "./timeouts";
 
 // Tracing vocabulary (PRD-00497 canonical request lifecycle)
-export { LIFECYCLE_PHASES } from './tracing'
-export type { LifecyclePhase, TraceId, RequestId, TraceMetadata } from './tracing'
+export { LIFECYCLE_PHASES } from "./tracing";
+export type {
+  LifecyclePhase,
+  TraceId,
+  RequestId,
+  TraceMetadata,
+} from "./tracing";
 
 // Damped auto-tuning controller vocabulary (PRD-00500 a1)
-export { bounded } from './autotune'
+export { bounded } from "./autotune";
 export type {
   Bounded,
   ControllerConfig,
   ControllerInput,
   ControllerOutput,
-} from './autotune'
+} from "./autotune";
 
 // Meeting recorder vocabulary (PRD-00651)
 // @see ./meetings/schemas.ts for invariants
-export * from './meetings'
+export * from "./meetings";
 
 // Permission model vocabulary (PRD-00669 AUTH-001)
 // AccessLevel / OrgChartRole / AccessSource — see ADR-CTRL-084..088.
 // No consumers in this PRD; cutover starts in AUTH-002 (PRD-00670).
-export * from './permissions'
+export * from "./permissions";

package/src/interfaces/mcp/tools/help.ts

@@ -12,11 +12,11 @@
  * @see company-semantics-backend/src/interfaces/mcp/tools/system/help.ts
  */
 
-import type { MCPToolDescriptor } from '../../../mcp/index'
-import { buildCapabilityGraph } from '../../../mcp/capability-graph'
+import type { MCPToolDescriptor } from "../../../mcp/index";
+import { buildCapabilityGraph } from "../../../mcp/capability-graph";
 
 function capitalize(s: string): string {
-  return s.charAt(0).toUpperCase() + s.slice(1)
+  return s.charAt(0).toUpperCase() + s.slice(1);
 }
 
 /**
@@ -32,16 +32,16 @@ function capitalize(s: string): string {
 export function formatWorkflowSummaries(
   descriptors: MCPToolDescriptor[],
 ): string {
-  const graph = buildCapabilityGraph(descriptors)
-  if (graph.workflows.length === 0) return ''
+  const graph = buildCapabilityGraph(descriptors);
+  if (graph.workflows.length === 0) return "";
 
   const lines = graph.workflows.map((w) => {
-    const displayName = capitalize(w.name.replace(/_/g, ' '))
-    const steps = w.steps.map((s) => s.replace(/^cs_/, '')).join(' → ')
-    return `  ${displayName}: ${steps}`
-  })
+    const displayName = capitalize(w.name.replace(/_/g, " "));
+    const steps = w.steps.map((s) => s.replace(/^cs_/, "")).join(" → ");
+    return `  ${displayName}: ${steps}`;
+  });
 
-  return '\nAvailable workflows:\n' + lines.join('\n')
+  return "\nAvailable workflows:\n" + lines.join("\n");
 }
 
 /**
@@ -57,20 +57,20 @@ export function formatWorkflowSummaries(
 export function formatDomainGroupings(
   descriptors: MCPToolDescriptor[],
 ): string {
-  const domainGroups = new Map<string, string[]>()
+  const domainGroups = new Map<string, string[]>();
 
   for (const tool of descriptors) {
-    const domain = tool.domain ?? 'unknown'
-    if (!domainGroups.has(domain)) domainGroups.set(domain, [])
-    domainGroups.get(domain)!.push(
-      tool.name.replace(/^cs_/, '').replace(/_/g, ' '),
-    )
+    const domain = tool.domain ?? "unknown";
+    if (!domainGroups.has(domain)) domainGroups.set(domain, []);
+    domainGroups
+      .get(domain)!
+      .push(tool.name.replace(/^cs_/, "").replace(/_/g, " "));
   }
 
   const lines = [...domainGroups.entries()].map(
     ([domain, tools]) =>
-      `  ${capitalize(domain)} (${tools.length}): ${tools.join(', ')}`,
-  )
+      `  ${capitalize(domain)} (${tools.length}): ${tools.join(", ")}`,
+  );
 
-  return '\nTool domains:\n' + lines.join('\n')
+  return "\nTool domains:\n" + lines.join("\n");
 }

package/src/internal-admin.ts

@@ -7,14 +7,14 @@
 
 /** Read-only capabilities for internal admin MVP. */
 export type InternalAdminCapability =
-  | 'internal.view_orgs'
-  | 'internal.view_audit'
-  | 'internal.view_system'
-  | 'internal.view_snapshot';
+  | "internal.view_orgs"
+  | "internal.view_audit"
+  | "internal.view_system"
+  | "internal.view_snapshot";
 
 /** Context attached to internal-admin requests after auth middleware validation. */
 export interface InternalAdminContext {
-  readonly kind: 'internal';
+  readonly kind: "internal";
   readonly adminEmail: string;
   readonly capabilities: readonly InternalAdminCapability[];
 }
@@ -26,5 +26,5 @@ export interface InternalAdminContext {
  * Internal admin requests carry InternalAdminContext (kind: 'internal').
  */
 export type RequestContext =
-  | (import('./org/types').OrgScopedContext & { readonly kind: 'org' })
+  | (import("./org/types").OrgScopedContext & { readonly kind: "org" })
   | InternalAdminContext;

package/src/mcp/README.md

@@ -18,6 +18,7 @@ Type vocabulary for MCP (Model Context Protocol) tool discovery, invocation meta
 ## Public API
 
 **Types:**
+
 - `MCPToolDescriptor` — complete tool descriptor for discovery and invocation
 - `ToolDomain`, `ToolCategory` (deprecated), `ToolVisibility`, `ToolInvocationMode` — classification enums
 - `ToolEffectClass`, `ToolIntent`, `ToolStability`, `ToolComplexity` — tool metadata types
@@ -29,6 +30,7 @@ Type vocabulary for MCP (Model Context Protocol) tool discovery, invocation meta
 - `FailureContext`, `RecoveryAction` — structured failure recovery types
 
 **Runtime values:**
+
 - `buildCapabilityGraph(tools)` — pure function deriving graph from produces/consumes metadata
 
 ## Dependencies