@decantr/verifier 2.5.0 → 3.0.0-next.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +15 -1
- package/dist/index.d.ts +518 -2
- package/dist/index.js +2679 -396
- package/dist/index.js.map +1 -1
- package/package.json +9 -5
- package/schema/evidence-bundle.v1.json +99 -1
- package/schema/project-health-report.v1.json +129 -0
- package/schema/scan-report.v1.json +491 -0
- package/schema/verification-report.common.v1.json +59 -0
package/README.md
CHANGED
|
@@ -15,11 +15,19 @@ npm install @decantr/verifier
|
|
|
15
15
|
|
|
16
16
|
- `auditProject()` for project-level Decantr audits
|
|
17
17
|
- `auditBuiltDist()` for built-output runtime verification against emitted HTML, assets, and route hints
|
|
18
|
+
- `scanProject()` for read-only Brownfield reconnaissance of framework, routes, components, styling, static-hosting hints, Decantr presence, and assistant-rule files
|
|
19
|
+
- `auditComponentReuse()` for the first AST-derived component reuse drift slice, focused on AI reimplementing common UI primitives instead of importing project-owned components, plus local import references that the typed graph can turn into source-to-source impact edges
|
|
20
|
+
- `auditStyleBridgeDrift()` for accepted style bridge drift, focused on production `className`, common class-helper values, stylesheet declarations, and hardcoded inline color styles that bypass project-owned token/class authority
|
|
21
|
+
- `collectProjectSourceFiles()` for the shared production-source file selection used by Project Health, component reuse drift, style bridge drift, and typed graph source provenance
|
|
22
|
+
- `resolveGitHubScanInput()` and `probePublishedSite()` for hosted scan inputs and HTML-only published-site metadata probes
|
|
18
23
|
- `critiqueFile()` for file-level review against compiled review-pack contracts
|
|
19
24
|
- `createContractAssertions()` for explicit route, shell, accessibility, context, and design-token assertions derived from Essence/context
|
|
20
25
|
- `createEvidenceBundle()` for privacy-redacted local evidence artifacts used by AI repair loops and CI
|
|
26
|
+
- `resolveGraphAnchorForFinding()` and `anchorFindingsToGraph()` for attaching verifier/Project Health findings to typed Contract graph nodes when a graph snapshot exists
|
|
27
|
+
- `deriveVerificationDiagnostic()` and `KNOWN_VERIFICATION_DIAGNOSTICS` for stable finding codes and typed repair IDs used by Project Health, MCP health, and Evidence Bundles
|
|
21
28
|
- schema-backed report types for project audits, Project Health, Decantr CI reports, Evidence Bundles, Workspace Health, file critiques, and showcase verification
|
|
22
29
|
- `ProjectHealthReport`, `ProjectHealthFinding`, and `ProjectHealthRemediation` types for the CLI's end-user health surface
|
|
30
|
+
- Project Health and Evidence Bundle finding schemas include optional `code`, `repair`, `repairPlan`, and `graph` fields so agents can identify, anchor, and act on findings without parsing prose; Evidence Bundle provenance also records graph snapshot, manifest, diff, and contract-capsule hashes when present
|
|
23
31
|
- interaction findings now include scanned file counts, file line ranges, and expected signal evidence where available, so CLI health/check output can point agents at source-grounded remediation
|
|
24
32
|
- contract-only and style-bridge Brownfield critique avoids requiring Decantr treatments/decorators when the project keeps its own styling authority
|
|
25
33
|
- Decantr CI report schemas include accepted style bridge status, mapping count, styling approach, and theme modes alongside local-law findings
|
|
@@ -27,6 +35,9 @@ npm install @decantr/verifier
|
|
|
27
35
|
- project audits tolerate partial or malformed generated review packs without crashing Project Health, so half-attached Brownfield projects still receive actionable findings
|
|
28
36
|
- Next.js static/document outputs are treated as framework-rendered documents instead of requiring a Vite-style `id="root"` mount element
|
|
29
37
|
- project source audits ignore test, spec, story, fixture, and mock files for production drift warnings such as localhost endpoints and unsafe rendering patterns
|
|
38
|
+
- project audits emit `COMP001` / `import-existing-component` findings when a production source file locally redeclares a primitive such as `Button`, `Card`, or `Dialog` while an exported reusable primitive already exists under common component paths
|
|
39
|
+
- project audits emit `COMP010` / `replace-raw-control-with-local-component` findings when production JSX renders raw controls such as `<button>` or `<input>` while a project-owned primitive already exists
|
|
40
|
+
- project audits emit `TOKEN010` / `replace-arbitrary-style-with-bridge-token` findings when an accepted `.decantr/style-bridge.json` exists and production JSX uses arbitrary Tailwind values such as `bg-[#0f172a]`, values inside `cn()`, `clsx()`, `classnames()`, `cva()`, and `tv()` calls, hardcoded inline color styles such as `style={{ backgroundColor: "#0f172a" }}`, or hardcoded visual values in production CSS/module stylesheets
|
|
30
41
|
- published verifier report schemas are exercised by AJV-backed round-trip tests against real audit, critique, and shortlist-report outputs
|
|
31
42
|
- project audits include runtime evidence when a built `dist/` output is present:
|
|
32
43
|
- root document
|
|
@@ -45,9 +56,11 @@ import {
|
|
|
45
56
|
createContractAssertions,
|
|
46
57
|
createEvidenceBundle,
|
|
47
58
|
critiqueFile,
|
|
59
|
+
scanProject,
|
|
48
60
|
type ProjectHealthReport,
|
|
49
61
|
} from '@decantr/verifier';
|
|
50
62
|
|
|
63
|
+
const scan = await scanProject(process.cwd());
|
|
51
64
|
const audit = await auditProject(process.cwd());
|
|
52
65
|
const assertions = createContractAssertions(process.cwd(), audit);
|
|
53
66
|
const critique = await critiqueFile('./src/pages/overview.tsx', process.cwd());
|
|
@@ -64,13 +77,14 @@ function isBlocking(report: ProjectHealthReport) {
|
|
|
64
77
|
- `@decantr/verifier/schema/project-health-report.v1.json`
|
|
65
78
|
- `@decantr/verifier/schema/decantr-ci-report.v1.json`
|
|
66
79
|
- `@decantr/verifier/schema/evidence-bundle.v1.json`
|
|
80
|
+
- `@decantr/verifier/schema/scan-report.v1.json`
|
|
67
81
|
- `@decantr/verifier/schema/workspace-health-report.v1.json`
|
|
68
82
|
- `@decantr/verifier/schema/file-critique-report.v1.json`
|
|
69
83
|
- `@decantr/verifier/schema/showcase-shortlist-report.v1.json`
|
|
70
84
|
|
|
71
85
|
## Security And Permissions
|
|
72
86
|
|
|
73
|
-
The verifier is a local library. It reads selected project source, Decantr context, and built `dist`/`.next` output when callers request project or runtime audits. Built-output runtime audit starts a temporary loopback static server and fetches from that local server
|
|
87
|
+
The verifier is a local library. It reads selected project source, Decantr context, read-only scan files, and built `dist`/`.next` output when callers request project or runtime audits. `scanProject()` returns relative evidence and does not write artifacts, install dependencies, build projects, execute scripts, or open pull requests. `probePublishedSite()` fetches HTML metadata over HTTP(S) only and does not execute JavaScript or capture screenshots. Built-output runtime audit starts a temporary loopback static server and fetches from that local server. The verifier does not write files, spawn processes, emit telemetry, or upload source by itself. See [security permissions](https://decantr.ai/reference/security-permissions.md).
|
|
74
88
|
|
|
75
89
|
## Compatibility
|
|
76
90
|
|
package/dist/index.d.ts
CHANGED
|
@@ -1,6 +1,197 @@
|
|
|
1
1
|
import { ReviewExecutionPack } from '@decantr/core';
|
|
2
2
|
import { EssenceFile } from '@decantr/essence-spec';
|
|
3
3
|
|
|
4
|
+
interface VerificationRepairAction {
|
|
5
|
+
id: string;
|
|
6
|
+
payload?: Record<string, unknown>;
|
|
7
|
+
}
|
|
8
|
+
interface VerificationDiagnosticInput {
|
|
9
|
+
id: string;
|
|
10
|
+
category: string;
|
|
11
|
+
message: string;
|
|
12
|
+
source?: string;
|
|
13
|
+
rule?: string;
|
|
14
|
+
target?: string;
|
|
15
|
+
file?: string;
|
|
16
|
+
suggestedFix?: string;
|
|
17
|
+
evidence?: string[];
|
|
18
|
+
}
|
|
19
|
+
interface VerificationDiagnosticMetadata {
|
|
20
|
+
code: string;
|
|
21
|
+
repair: VerificationRepairAction;
|
|
22
|
+
}
|
|
23
|
+
interface VerificationDiagnosticCatalogEntry {
|
|
24
|
+
rule: string;
|
|
25
|
+
code: string;
|
|
26
|
+
repairId: string;
|
|
27
|
+
family: string;
|
|
28
|
+
}
|
|
29
|
+
declare const KNOWN_VERIFICATION_DIAGNOSTICS: readonly [{
|
|
30
|
+
readonly rule: "browser-base-url-missing";
|
|
31
|
+
readonly code: "VISUAL002";
|
|
32
|
+
readonly repairId: "provide-browser-base-url";
|
|
33
|
+
readonly family: "VISUAL";
|
|
34
|
+
}, {
|
|
35
|
+
readonly rule: "browser-playwright-missing";
|
|
36
|
+
readonly code: "VISUAL001";
|
|
37
|
+
readonly repairId: "install-browser-verifier";
|
|
38
|
+
readonly family: "VISUAL";
|
|
39
|
+
}, {
|
|
40
|
+
readonly rule: "browser-route-verification-failed";
|
|
41
|
+
readonly code: "VISUAL003";
|
|
42
|
+
readonly repairId: "fix-route-render";
|
|
43
|
+
readonly family: "VISUAL";
|
|
44
|
+
}, {
|
|
45
|
+
readonly rule: "visual-baseline-screenshot-drift";
|
|
46
|
+
readonly code: "VISUAL010";
|
|
47
|
+
readonly repairId: "review-visual-baseline-drift";
|
|
48
|
+
readonly family: "VISUAL";
|
|
49
|
+
}, {
|
|
50
|
+
readonly rule: "brownfield-route-drift";
|
|
51
|
+
readonly code: "ROUTE001";
|
|
52
|
+
readonly repairId: "reconcile-brownfield-routes";
|
|
53
|
+
readonly family: "ROUTE";
|
|
54
|
+
}, {
|
|
55
|
+
readonly rule: "check-failed";
|
|
56
|
+
readonly code: "CHECK001";
|
|
57
|
+
readonly repairId: "repair-contract-check";
|
|
58
|
+
readonly family: "CHECK";
|
|
59
|
+
}, {
|
|
60
|
+
readonly rule: "component-reuse-raw-control";
|
|
61
|
+
readonly code: "COMP010";
|
|
62
|
+
readonly repairId: "replace-raw-control-with-local-component";
|
|
63
|
+
readonly family: "COMP";
|
|
64
|
+
}, {
|
|
65
|
+
readonly rule: "component-reuse-primitive-reimplemented";
|
|
66
|
+
readonly code: "COMP001";
|
|
67
|
+
readonly repairId: "import-existing-component";
|
|
68
|
+
readonly family: "COMP";
|
|
69
|
+
}, {
|
|
70
|
+
readonly rule: "declared-route-resolves";
|
|
71
|
+
readonly code: "STRUCT002";
|
|
72
|
+
readonly repairId: "repair-route-binding";
|
|
73
|
+
readonly family: "STRUCT";
|
|
74
|
+
}, {
|
|
75
|
+
readonly rule: "design-token-coverage";
|
|
76
|
+
readonly code: "TOKEN002";
|
|
77
|
+
readonly repairId: "repair-design-token-coverage";
|
|
78
|
+
readonly family: "TOKEN";
|
|
79
|
+
}, {
|
|
80
|
+
readonly rule: "style-bridge-arbitrary-value";
|
|
81
|
+
readonly code: "TOKEN010";
|
|
82
|
+
readonly repairId: "replace-arbitrary-style-with-bridge-token";
|
|
83
|
+
readonly family: "TOKEN";
|
|
84
|
+
}, {
|
|
85
|
+
readonly rule: "essence-present";
|
|
86
|
+
readonly code: "CONTRACT001";
|
|
87
|
+
readonly repairId: "restore-essence-contract";
|
|
88
|
+
readonly family: "CONTRACT";
|
|
89
|
+
}, {
|
|
90
|
+
readonly rule: "essence-v4";
|
|
91
|
+
readonly code: "CONTRACT002";
|
|
92
|
+
readonly repairId: "migrate-essence-v4";
|
|
93
|
+
readonly family: "CONTRACT";
|
|
94
|
+
}, {
|
|
95
|
+
readonly rule: "focus-visible-enabled";
|
|
96
|
+
readonly code: "A11Y001";
|
|
97
|
+
readonly repairId: "enable-focus-visible";
|
|
98
|
+
readonly family: "A11Y";
|
|
99
|
+
}, {
|
|
100
|
+
readonly rule: "pack-manifest-present";
|
|
101
|
+
readonly code: "CTX002";
|
|
102
|
+
readonly repairId: "hydrate-execution-packs";
|
|
103
|
+
readonly family: "CTX";
|
|
104
|
+
}, {
|
|
105
|
+
readonly rule: "pack-manifest-missing";
|
|
106
|
+
readonly code: "CTX002";
|
|
107
|
+
readonly repairId: "hydrate-execution-packs";
|
|
108
|
+
readonly family: "CTX";
|
|
109
|
+
}, {
|
|
110
|
+
readonly rule: "page-pack-count-mismatch";
|
|
111
|
+
readonly code: "CTX001";
|
|
112
|
+
readonly repairId: "regenerate-context-packs";
|
|
113
|
+
readonly family: "CTX";
|
|
114
|
+
}, {
|
|
115
|
+
readonly rule: "page-route-required";
|
|
116
|
+
readonly code: "STRUCT001";
|
|
117
|
+
readonly repairId: "add-page-route";
|
|
118
|
+
readonly family: "STRUCT";
|
|
119
|
+
}, {
|
|
120
|
+
readonly rule: "project-audit-invalid";
|
|
121
|
+
readonly code: "AUDIT001";
|
|
122
|
+
readonly repairId: "repair-project-audit";
|
|
123
|
+
readonly family: "AUDIT";
|
|
124
|
+
}, {
|
|
125
|
+
readonly rule: "review-pack-present";
|
|
126
|
+
readonly code: "CTX003";
|
|
127
|
+
readonly repairId: "hydrate-review-pack";
|
|
128
|
+
readonly family: "CTX";
|
|
129
|
+
}, {
|
|
130
|
+
readonly rule: "review-pack-file-missing";
|
|
131
|
+
readonly code: "CTX003";
|
|
132
|
+
readonly repairId: "hydrate-review-pack";
|
|
133
|
+
readonly family: "CTX";
|
|
134
|
+
}, {
|
|
135
|
+
readonly rule: "section-shell-concrete";
|
|
136
|
+
readonly code: "STRUCT003";
|
|
137
|
+
readonly repairId: "assign-section-shell";
|
|
138
|
+
readonly family: "STRUCT";
|
|
139
|
+
}, {
|
|
140
|
+
readonly rule: "tokens-file-present";
|
|
141
|
+
readonly code: "TOKEN001";
|
|
142
|
+
readonly repairId: "restore-design-token-file";
|
|
143
|
+
readonly family: "TOKEN";
|
|
144
|
+
}, {
|
|
145
|
+
readonly rule: "typed-graph-current";
|
|
146
|
+
readonly code: "GRAPH001";
|
|
147
|
+
readonly repairId: "regenerate-typed-graph";
|
|
148
|
+
readonly family: "GRAPH";
|
|
149
|
+
}];
|
|
150
|
+
declare function deriveVerificationDiagnostic(input: VerificationDiagnosticInput): VerificationDiagnosticMetadata;
|
|
151
|
+
|
|
152
|
+
type VerificationGraphAnchorConfidence = 'exact' | 'inferred' | 'fallback';
|
|
153
|
+
interface GraphAnchorNode {
|
|
154
|
+
id: string;
|
|
155
|
+
type: string;
|
|
156
|
+
payload?: unknown;
|
|
157
|
+
}
|
|
158
|
+
interface GraphAnchorEdge {
|
|
159
|
+
src: string;
|
|
160
|
+
dst: string;
|
|
161
|
+
relation: string;
|
|
162
|
+
payload?: unknown;
|
|
163
|
+
idx?: number;
|
|
164
|
+
}
|
|
165
|
+
interface GraphAnchorSnapshot {
|
|
166
|
+
id: string;
|
|
167
|
+
project_id: string;
|
|
168
|
+
source_hash: string;
|
|
169
|
+
nodes: GraphAnchorNode[];
|
|
170
|
+
edges: GraphAnchorEdge[];
|
|
171
|
+
}
|
|
172
|
+
interface VerificationGraphAnchor {
|
|
173
|
+
snapshot_id: string;
|
|
174
|
+
source_hash: string;
|
|
175
|
+
node_id: string;
|
|
176
|
+
node_type: string;
|
|
177
|
+
route?: string;
|
|
178
|
+
confidence: VerificationGraphAnchorConfidence;
|
|
179
|
+
reason: string;
|
|
180
|
+
}
|
|
181
|
+
interface GraphAnchorFindingInput {
|
|
182
|
+
id: string;
|
|
183
|
+
category: string;
|
|
184
|
+
message: string;
|
|
185
|
+
evidence?: string[];
|
|
186
|
+
target?: string;
|
|
187
|
+
file?: string;
|
|
188
|
+
rule?: string;
|
|
189
|
+
}
|
|
190
|
+
declare function resolveGraphAnchorForFinding(snapshot: GraphAnchorSnapshot | null | undefined, finding: GraphAnchorFindingInput): VerificationGraphAnchor | undefined;
|
|
191
|
+
declare function anchorFindingsToGraph<TFinding extends GraphAnchorFindingInput>(snapshot: GraphAnchorSnapshot | null | undefined, findings: TFinding[]): Array<TFinding & {
|
|
192
|
+
graph?: VerificationGraphAnchor;
|
|
193
|
+
}>;
|
|
194
|
+
|
|
4
195
|
interface RuntimeAudit {
|
|
5
196
|
distPresent: boolean;
|
|
6
197
|
indexPresent: boolean;
|
|
@@ -53,6 +244,89 @@ interface BuiltDistAuditOptions {
|
|
|
53
244
|
declare function emptyRuntimeAudit(failures?: string[]): RuntimeAudit;
|
|
54
245
|
declare function auditBuiltDist(projectRoot: string, options?: BuiltDistAuditOptions): Promise<RuntimeAudit>;
|
|
55
246
|
|
|
247
|
+
declare const COMPONENT_REUSE_RULE_ID = "component-reuse-primitive-reimplemented";
|
|
248
|
+
declare const RAW_CONTROL_REUSE_RULE_ID = "component-reuse-raw-control";
|
|
249
|
+
declare const RAW_CONTROL_COMPONENT_BY_ELEMENT: {
|
|
250
|
+
readonly button: "Button";
|
|
251
|
+
readonly dialog: "Dialog";
|
|
252
|
+
readonly input: "Input";
|
|
253
|
+
readonly select: "Select";
|
|
254
|
+
readonly table: "Table";
|
|
255
|
+
readonly textarea: "Textarea";
|
|
256
|
+
};
|
|
257
|
+
type RawControlElement = keyof typeof RAW_CONTROL_COMPONENT_BY_ELEMENT;
|
|
258
|
+
interface CodeComponentDeclaration {
|
|
259
|
+
id: string;
|
|
260
|
+
name: string;
|
|
261
|
+
file: string;
|
|
262
|
+
line: number;
|
|
263
|
+
exported: boolean;
|
|
264
|
+
reusable: boolean;
|
|
265
|
+
kind: 'function' | 'variable' | 'class';
|
|
266
|
+
}
|
|
267
|
+
interface ComponentReuseFinding {
|
|
268
|
+
id: string;
|
|
269
|
+
name: string;
|
|
270
|
+
file: string;
|
|
271
|
+
line: number;
|
|
272
|
+
canonicalFile: string;
|
|
273
|
+
canonicalLine: number;
|
|
274
|
+
evidence: string[];
|
|
275
|
+
}
|
|
276
|
+
interface RawControlReuseFinding {
|
|
277
|
+
id: string;
|
|
278
|
+
element: RawControlElement;
|
|
279
|
+
component: string;
|
|
280
|
+
file: string;
|
|
281
|
+
line: number;
|
|
282
|
+
canonicalFile: string;
|
|
283
|
+
canonicalLine: number;
|
|
284
|
+
containingComponent?: string;
|
|
285
|
+
evidence: string[];
|
|
286
|
+
}
|
|
287
|
+
interface CodeImportReference {
|
|
288
|
+
file: string;
|
|
289
|
+
source: string;
|
|
290
|
+
line: number;
|
|
291
|
+
defaultImport?: string;
|
|
292
|
+
namespaceImport?: string;
|
|
293
|
+
imported: string[];
|
|
294
|
+
localNames: string[];
|
|
295
|
+
}
|
|
296
|
+
interface ComponentReuseAudit {
|
|
297
|
+
filesChecked: number;
|
|
298
|
+
declarations: CodeComponentDeclaration[];
|
|
299
|
+
imports: CodeImportReference[];
|
|
300
|
+
reusableComponentCount: number;
|
|
301
|
+
localRedeclarationCount: number;
|
|
302
|
+
rawControlCount: number;
|
|
303
|
+
findings: ComponentReuseFinding[];
|
|
304
|
+
rawControlFindings: RawControlReuseFinding[];
|
|
305
|
+
}
|
|
306
|
+
declare function auditComponentReuse(projectRoot: string, sourceFiles: string[]): ComponentReuseAudit;
|
|
307
|
+
|
|
308
|
+
declare const STYLE_BRIDGE_ARBITRARY_VALUE_RULE_ID = "style-bridge-arbitrary-value";
|
|
309
|
+
interface StyleBridgeDriftFinding {
|
|
310
|
+
id: string;
|
|
311
|
+
file: string;
|
|
312
|
+
line: number;
|
|
313
|
+
className: string;
|
|
314
|
+
value: string;
|
|
315
|
+
source: 'className' | 'inline-style' | 'stylesheet';
|
|
316
|
+
property?: string;
|
|
317
|
+
bridgeMappingIds: string[];
|
|
318
|
+
tokenHints: string[];
|
|
319
|
+
classHints: string[];
|
|
320
|
+
evidence: string[];
|
|
321
|
+
}
|
|
322
|
+
interface StyleBridgeDriftAudit {
|
|
323
|
+
filesChecked: number;
|
|
324
|
+
bridgeMappingCount: number;
|
|
325
|
+
arbitraryValueCount: number;
|
|
326
|
+
findings: StyleBridgeDriftFinding[];
|
|
327
|
+
}
|
|
328
|
+
declare function auditStyleBridgeDrift(projectRoot: string, sourceFiles: string[]): StyleBridgeDriftAudit;
|
|
329
|
+
|
|
56
330
|
/**
|
|
57
331
|
* Experiential interaction verifier.
|
|
58
332
|
*
|
|
@@ -122,21 +396,202 @@ declare function verifyInteractionsInSource(interactions: string[], sources: Map
|
|
|
122
396
|
*/
|
|
123
397
|
declare function listKnownInteractions(): string[];
|
|
124
398
|
|
|
399
|
+
type ScanInputKind = 'local' | 'github-repo' | 'github-pages';
|
|
400
|
+
type ScanConfidence = 'high' | 'medium' | 'low';
|
|
401
|
+
type ScanApplicabilityStatus = 'strong_fit' | 'partial_fit' | 'not_applicable' | 'unknown';
|
|
402
|
+
type ScanFindingSeverity = 'success' | 'info' | 'warn' | 'error';
|
|
403
|
+
declare const SCAN_REPORT_SCHEMA_URL = "https://decantr.ai/schemas/scan-report.v1.json";
|
|
404
|
+
interface ScanInputV1 {
|
|
405
|
+
kind: ScanInputKind;
|
|
406
|
+
value: string;
|
|
407
|
+
}
|
|
408
|
+
interface ScanRepositoryV1 {
|
|
409
|
+
owner: string;
|
|
410
|
+
repo: string;
|
|
411
|
+
url: string;
|
|
412
|
+
defaultBranch?: string | null;
|
|
413
|
+
}
|
|
414
|
+
interface PublishedSiteProbeV1 {
|
|
415
|
+
url: string;
|
|
416
|
+
finalUrl: string | null;
|
|
417
|
+
checked: boolean;
|
|
418
|
+
reachable: boolean;
|
|
419
|
+
status: number | null;
|
|
420
|
+
title: string | null;
|
|
421
|
+
description: string | null;
|
|
422
|
+
canonicalUrl: string | null;
|
|
423
|
+
assetHints: {
|
|
424
|
+
rootRelative: number;
|
|
425
|
+
relative: number;
|
|
426
|
+
absolute: number;
|
|
427
|
+
samples: string[];
|
|
428
|
+
};
|
|
429
|
+
routingHints: string[];
|
|
430
|
+
error: string | null;
|
|
431
|
+
}
|
|
432
|
+
interface ScanRouteV1 {
|
|
433
|
+
path: string;
|
|
434
|
+
file: string;
|
|
435
|
+
hasLayout: boolean;
|
|
436
|
+
}
|
|
437
|
+
interface ScanFindingV1 {
|
|
438
|
+
id: string;
|
|
439
|
+
severity: ScanFindingSeverity;
|
|
440
|
+
title: string;
|
|
441
|
+
message: string;
|
|
442
|
+
evidence: string[];
|
|
443
|
+
recommendation?: string;
|
|
444
|
+
}
|
|
445
|
+
type ScanGraphPreviewStatus = 'not_attached' | 'current' | 'stale' | 'needs_migration' | 'unavailable';
|
|
446
|
+
interface ScanGraphPreviewV1 {
|
|
447
|
+
status: ScanGraphPreviewStatus;
|
|
448
|
+
canPreview: boolean;
|
|
449
|
+
readOnly: true;
|
|
450
|
+
message: string;
|
|
451
|
+
nextCommand: string | null;
|
|
452
|
+
staleArtifacts: string[];
|
|
453
|
+
snapshot: {
|
|
454
|
+
id: string;
|
|
455
|
+
schemaVersion: string;
|
|
456
|
+
sourceHash: string;
|
|
457
|
+
nodes: number;
|
|
458
|
+
edges: number;
|
|
459
|
+
findings: number;
|
|
460
|
+
evidence: number;
|
|
461
|
+
sourceArtifacts: number;
|
|
462
|
+
} | null;
|
|
463
|
+
capsule: {
|
|
464
|
+
cacheKey: string;
|
|
465
|
+
routes: number;
|
|
466
|
+
components: number;
|
|
467
|
+
tokens: number;
|
|
468
|
+
localRules: number;
|
|
469
|
+
styleBridge: number;
|
|
470
|
+
sourceArtifacts: number;
|
|
471
|
+
sourceArtifactLimit: number;
|
|
472
|
+
sourceArtifactsTruncated: boolean;
|
|
473
|
+
openFindings: number;
|
|
474
|
+
} | null;
|
|
475
|
+
diff: {
|
|
476
|
+
ops: number;
|
|
477
|
+
findingsAdded: number;
|
|
478
|
+
findingsResolved: number;
|
|
479
|
+
evidenceAdded: number;
|
|
480
|
+
} | null;
|
|
481
|
+
}
|
|
482
|
+
interface ScanReportV1 {
|
|
483
|
+
$schema: typeof SCAN_REPORT_SCHEMA_URL;
|
|
484
|
+
schemaVersion: 'scan-report.v1';
|
|
485
|
+
generatedAt: string;
|
|
486
|
+
input: ScanInputV1;
|
|
487
|
+
source: {
|
|
488
|
+
repository: ScanRepositoryV1 | null;
|
|
489
|
+
publishedSiteUrl: string | null;
|
|
490
|
+
};
|
|
491
|
+
confidence: {
|
|
492
|
+
level: ScanConfidence;
|
|
493
|
+
score: number;
|
|
494
|
+
reasons: string[];
|
|
495
|
+
};
|
|
496
|
+
applicability: {
|
|
497
|
+
status: ScanApplicabilityStatus;
|
|
498
|
+
label: string;
|
|
499
|
+
reasons: string[];
|
|
500
|
+
};
|
|
501
|
+
project: {
|
|
502
|
+
framework: string;
|
|
503
|
+
frameworkVersion: string | null;
|
|
504
|
+
packageManager: string;
|
|
505
|
+
primaryLanguage: string;
|
|
506
|
+
hasTypeScript: boolean;
|
|
507
|
+
hasTailwind: boolean;
|
|
508
|
+
hasDecantr: boolean;
|
|
509
|
+
packageName: string | null;
|
|
510
|
+
};
|
|
511
|
+
routes: {
|
|
512
|
+
strategy: string;
|
|
513
|
+
count: number;
|
|
514
|
+
items: ScanRouteV1[];
|
|
515
|
+
};
|
|
516
|
+
components: {
|
|
517
|
+
pageCount: number;
|
|
518
|
+
componentCount: number;
|
|
519
|
+
directories: string[];
|
|
520
|
+
};
|
|
521
|
+
styling: {
|
|
522
|
+
approach: string;
|
|
523
|
+
configFile: string | null;
|
|
524
|
+
cssVariableCount: number;
|
|
525
|
+
colorTokenCount: number;
|
|
526
|
+
darkMode: boolean;
|
|
527
|
+
themeSignals: string[];
|
|
528
|
+
};
|
|
529
|
+
staticHosting: {
|
|
530
|
+
githubPagesLikely: boolean;
|
|
531
|
+
evidence: string[];
|
|
532
|
+
homepageUrl: string | null;
|
|
533
|
+
basePath: string | null;
|
|
534
|
+
hashRouting: boolean;
|
|
535
|
+
};
|
|
536
|
+
assistant: {
|
|
537
|
+
ruleFiles: string[];
|
|
538
|
+
};
|
|
539
|
+
graphPreview?: ScanGraphPreviewV1;
|
|
540
|
+
pagesProbe: PublishedSiteProbeV1 | null;
|
|
541
|
+
findings: ScanFindingV1[];
|
|
542
|
+
recommendedCommands: string[];
|
|
543
|
+
privacy: {
|
|
544
|
+
sourceUploaded: boolean;
|
|
545
|
+
persistedByDecantr: boolean;
|
|
546
|
+
notes: string[];
|
|
547
|
+
};
|
|
548
|
+
}
|
|
549
|
+
interface ScanProjectOptions {
|
|
550
|
+
input?: ScanInputV1;
|
|
551
|
+
repository?: ScanRepositoryV1 | null;
|
|
552
|
+
publishedSiteUrl?: string | null;
|
|
553
|
+
pagesProbe?: PublishedSiteProbeV1 | null;
|
|
554
|
+
}
|
|
555
|
+
interface GitHubScanInputResolution {
|
|
556
|
+
inputKind: 'github-repo' | 'github-pages';
|
|
557
|
+
normalizedInput: string;
|
|
558
|
+
repository: ScanRepositoryV1;
|
|
559
|
+
publishedSiteUrl: string | null;
|
|
560
|
+
warnings: string[];
|
|
561
|
+
}
|
|
562
|
+
declare function scanProject(projectRoot: string, options?: ScanProjectOptions): Promise<ScanReportV1>;
|
|
563
|
+
declare function createUnavailableScanReport(input: {
|
|
564
|
+
scanInput: ScanInputV1;
|
|
565
|
+
repository?: ScanRepositoryV1 | null;
|
|
566
|
+
publishedSiteUrl?: string | null;
|
|
567
|
+
pagesProbe?: PublishedSiteProbeV1 | null;
|
|
568
|
+
title: string;
|
|
569
|
+
message: string;
|
|
570
|
+
evidence?: string[];
|
|
571
|
+
}): ScanReportV1;
|
|
572
|
+
declare function probePublishedSite(url: string, options?: {
|
|
573
|
+
timeoutMs?: number;
|
|
574
|
+
fetchImpl?: typeof fetch;
|
|
575
|
+
}): Promise<PublishedSiteProbeV1>;
|
|
576
|
+
declare function resolveGitHubScanInput(input: string): GitHubScanInputResolution;
|
|
577
|
+
|
|
125
578
|
declare const VERIFICATION_SCHEMA_URLS: {
|
|
126
579
|
readonly common: "https://decantr.ai/schemas/verification-report.common.v1.json";
|
|
127
580
|
readonly projectAudit: "https://decantr.ai/schemas/project-audit-report.v1.json";
|
|
128
581
|
readonly projectHealth: "https://decantr.ai/schemas/project-health-report.v1.json";
|
|
129
582
|
readonly decantrCi: "https://decantr.ai/schemas/decantr-ci-report.v1.json";
|
|
130
583
|
readonly evidenceBundle: "https://decantr.ai/schemas/evidence-bundle.v1.json";
|
|
584
|
+
readonly scanReport: "https://decantr.ai/schemas/scan-report.v1.json";
|
|
131
585
|
readonly workspaceHealth: "https://decantr.ai/schemas/workspace-health-report.v1.json";
|
|
132
586
|
readonly fileCritique: "https://decantr.ai/schemas/file-critique-report.v1.json";
|
|
133
587
|
readonly showcaseShortlist: "https://decantr.ai/schemas/showcase-shortlist-report.v1.json";
|
|
134
588
|
};
|
|
135
589
|
type VerificationSeverity = 'error' | 'warn' | 'info';
|
|
136
590
|
type ProjectHealthStatus = 'healthy' | 'warning' | 'error';
|
|
137
|
-
type ProjectHealthFindingSource = 'audit' | 'assertion' | 'browser' | 'check' | 'brownfield' | 'design-token' | 'runtime' | 'pack' | 'interaction';
|
|
591
|
+
type ProjectHealthFindingSource = 'audit' | 'assertion' | 'browser' | 'check' | 'brownfield' | 'design-token' | 'style-bridge' | 'graph' | 'runtime' | 'pack' | 'interaction';
|
|
138
592
|
interface VerificationFinding {
|
|
139
593
|
id: string;
|
|
594
|
+
code?: string;
|
|
140
595
|
category: string;
|
|
141
596
|
severity: VerificationSeverity;
|
|
142
597
|
message: string;
|
|
@@ -145,6 +600,8 @@ interface VerificationFinding {
|
|
|
145
600
|
file?: string;
|
|
146
601
|
rule?: string;
|
|
147
602
|
suggestedFix?: string;
|
|
603
|
+
graph?: VerificationGraphAnchor;
|
|
604
|
+
repair?: VerificationRepairAction;
|
|
148
605
|
}
|
|
149
606
|
interface VerificationScore {
|
|
150
607
|
category: string;
|
|
@@ -208,8 +665,35 @@ interface ProjectHealthRemediation {
|
|
|
208
665
|
prompt: string;
|
|
209
666
|
commands: string[];
|
|
210
667
|
}
|
|
668
|
+
interface EvidenceRepairPlanAction {
|
|
669
|
+
id: string;
|
|
670
|
+
kind: string;
|
|
671
|
+
target?: string | null;
|
|
672
|
+
description: string;
|
|
673
|
+
payload?: Record<string, unknown>;
|
|
674
|
+
}
|
|
675
|
+
interface EvidenceRepairPlan {
|
|
676
|
+
id: string;
|
|
677
|
+
findingId: string;
|
|
678
|
+
diagnosticCode?: string | null;
|
|
679
|
+
repairId?: string | null;
|
|
680
|
+
severity: VerificationSeverity;
|
|
681
|
+
source: ProjectHealthFindingSource;
|
|
682
|
+
category: string;
|
|
683
|
+
graphAnchor?: VerificationGraphAnchor | null;
|
|
684
|
+
actions: EvidenceRepairPlanAction[];
|
|
685
|
+
evidence: Array<{
|
|
686
|
+
id: string;
|
|
687
|
+
text: string;
|
|
688
|
+
}>;
|
|
689
|
+
readTargets: string[];
|
|
690
|
+
preserve: string[];
|
|
691
|
+
avoid: string[];
|
|
692
|
+
commands: string[];
|
|
693
|
+
}
|
|
211
694
|
interface ProjectHealthFinding {
|
|
212
695
|
id: string;
|
|
696
|
+
code?: string;
|
|
213
697
|
source: ProjectHealthFindingSource;
|
|
214
698
|
category: string;
|
|
215
699
|
severity: VerificationSeverity;
|
|
@@ -219,6 +703,9 @@ interface ProjectHealthFinding {
|
|
|
219
703
|
file?: string;
|
|
220
704
|
rule?: string;
|
|
221
705
|
suggestedFix?: string;
|
|
706
|
+
graph?: VerificationGraphAnchor;
|
|
707
|
+
repair?: VerificationRepairAction;
|
|
708
|
+
repairPlan?: EvidenceRepairPlan;
|
|
222
709
|
remediation: ProjectHealthRemediation;
|
|
223
710
|
}
|
|
224
711
|
interface ProjectHealthRouteSummary {
|
|
@@ -237,6 +724,24 @@ interface ProjectHealthPackSummary {
|
|
|
237
724
|
mutationPackCount: number;
|
|
238
725
|
generatedAt: string | null;
|
|
239
726
|
}
|
|
727
|
+
interface ProjectHealthGraphSummary {
|
|
728
|
+
present: boolean;
|
|
729
|
+
ready: boolean;
|
|
730
|
+
current: boolean | null;
|
|
731
|
+
snapshotPresent: boolean;
|
|
732
|
+
manifestPresent: boolean;
|
|
733
|
+
diffPresent: boolean;
|
|
734
|
+
capsulePresent: boolean;
|
|
735
|
+
snapshotId: string | null;
|
|
736
|
+
sourceHash: string | null;
|
|
737
|
+
contractHash: string | null;
|
|
738
|
+
contractCacheKey: string | null;
|
|
739
|
+
sourceArtifactCount: number;
|
|
740
|
+
capsuleSourceArtifactLimit: number | null;
|
|
741
|
+
capsuleSourceArtifactsTruncated: boolean | null;
|
|
742
|
+
staleArtifacts: string[];
|
|
743
|
+
error: string | null;
|
|
744
|
+
}
|
|
240
745
|
interface ProjectHealthReport {
|
|
241
746
|
$schema: string;
|
|
242
747
|
generatedAt: string;
|
|
@@ -259,6 +764,7 @@ interface ProjectHealthReport {
|
|
|
259
764
|
};
|
|
260
765
|
routes: ProjectHealthRouteSummary;
|
|
261
766
|
packs: ProjectHealthPackSummary;
|
|
767
|
+
graph: ProjectHealthGraphSummary;
|
|
262
768
|
ci: {
|
|
263
769
|
recommendedCommand: string;
|
|
264
770
|
failOn: 'error' | 'warn' | 'none';
|
|
@@ -310,12 +816,17 @@ interface EvidenceBundle {
|
|
|
310
816
|
essence: EvidenceProvenanceEntry;
|
|
311
817
|
packManifest: EvidenceProvenanceEntry;
|
|
312
818
|
reviewPack: EvidenceProvenanceEntry;
|
|
819
|
+
graphSnapshot: EvidenceProvenanceEntry;
|
|
820
|
+
graphManifest: EvidenceProvenanceEntry;
|
|
821
|
+
graphDiff: EvidenceProvenanceEntry;
|
|
822
|
+
contractCapsule: EvidenceProvenanceEntry;
|
|
313
823
|
workspaceConfig?: EvidenceProvenanceEntry;
|
|
314
824
|
designTokens?: EvidenceProvenanceEntry;
|
|
315
825
|
};
|
|
316
826
|
assertions: ContractAssertion[];
|
|
317
827
|
findings: Array<{
|
|
318
828
|
id: string;
|
|
829
|
+
code?: string;
|
|
319
830
|
source: ProjectHealthFindingSource;
|
|
320
831
|
category: string;
|
|
321
832
|
severity: VerificationSeverity;
|
|
@@ -324,6 +835,9 @@ interface EvidenceBundle {
|
|
|
324
835
|
target?: string;
|
|
325
836
|
rule?: string;
|
|
326
837
|
suggestedFix?: string;
|
|
838
|
+
graph?: VerificationGraphAnchor;
|
|
839
|
+
repair?: VerificationRepairAction;
|
|
840
|
+
repairPlan?: EvidenceRepairPlan;
|
|
327
841
|
remediationSummary: string;
|
|
328
842
|
commands: string[];
|
|
329
843
|
promptCommand: string;
|
|
@@ -355,6 +869,7 @@ interface EvidenceBundleInput {
|
|
|
355
869
|
designTokens?: EvidenceBundle['designTokens'];
|
|
356
870
|
}
|
|
357
871
|
declare const EVIDENCE_BUNDLE_SCHEMA_URL = "https://decantr.ai/schemas/evidence-bundle.v1.json";
|
|
872
|
+
declare function buildProjectHealthRepairPlan(projectRoot: string, finding: ProjectHealthFinding): EvidenceRepairPlan;
|
|
358
873
|
declare function createContractAssertions(projectRoot: string, audit?: ProjectAuditReport | null): ContractAssertion[];
|
|
359
874
|
declare function createEvidenceBundle(input: EvidenceBundleInput): EvidenceBundle;
|
|
360
875
|
interface FileCritiqueReport {
|
|
@@ -468,9 +983,10 @@ interface ShowcaseShortlistVerificationReport {
|
|
|
468
983
|
results: ShowcaseShortlistVerificationEntry[];
|
|
469
984
|
}
|
|
470
985
|
declare function collectMissingPackManifestFiles(projectRoot: string, packManifest?: PackManifest | null): MissingPackManifestFile[];
|
|
986
|
+
declare function collectProjectSourceFiles(projectRoot: string): string[];
|
|
471
987
|
declare function extractRouteHintsFromEssence(essence: EssenceFile | null): string[];
|
|
472
988
|
declare function auditProject(projectRoot: string): Promise<ProjectAuditReport>;
|
|
473
989
|
declare function critiqueSource({ filePath, code, reviewPack, packManifest, treatmentsCss, adoptionMode, }: CritiqueSourceInput): FileCritiqueReport;
|
|
474
990
|
declare function critiqueFile(filePath: string, projectRoot: string): Promise<FileCritiqueReport>;
|
|
475
991
|
|
|
476
|
-
export { type BuiltDistAuditOptions, type ContractAssertion, type ContractAssertionCategory, type CritiqueSourceInput, EVIDENCE_BUNDLE_SCHEMA_URL, type EvidenceBundle, type EvidenceBundleInput, type EvidenceProvenanceEntry, type FileCritiqueReport, INTERACTION_SIGNALS, type InteractionMissingFinding, type InteractionRequirement, type InteractionSignal, type MissingPackManifestFile, type PackManifest, type ProjectAuditReport, type ProjectHealthFinding, type ProjectHealthFindingSource, type ProjectHealthPackSummary, type ProjectHealthRemediation, type ProjectHealthReport, type ProjectHealthRouteSummary, type ProjectHealthStatus, type RuntimeAudit, type ShowcaseShortlistVerificationEntry, type ShowcaseShortlistVerificationReport, VERIFICATION_SCHEMA_URLS, type VerificationFinding, type VerificationScore, type VerificationSeverity, auditBuiltDist, auditProject, collectMissingPackManifestFiles, createContractAssertions, createEvidenceBundle, critiqueFile, critiqueSource, emptyRuntimeAudit, extractRouteHintsFromEssence, listKnownInteractions, verifyInteractionsInSource };
|
|
992
|
+
export { type BuiltDistAuditOptions, COMPONENT_REUSE_RULE_ID, type CodeComponentDeclaration, type CodeImportReference, type ComponentReuseAudit, type ComponentReuseFinding, type ContractAssertion, type ContractAssertionCategory, type CritiqueSourceInput, EVIDENCE_BUNDLE_SCHEMA_URL, type EvidenceBundle, type EvidenceBundleInput, type EvidenceProvenanceEntry, type EvidenceRepairPlan, type EvidenceRepairPlanAction, type FileCritiqueReport, type GitHubScanInputResolution, type GraphAnchorEdge, type GraphAnchorFindingInput, type GraphAnchorNode, type GraphAnchorSnapshot, INTERACTION_SIGNALS, type InteractionMissingFinding, type InteractionRequirement, type InteractionSignal, KNOWN_VERIFICATION_DIAGNOSTICS, type MissingPackManifestFile, type PackManifest, type ProjectAuditReport, type ProjectHealthFinding, type ProjectHealthFindingSource, type ProjectHealthGraphSummary, type ProjectHealthPackSummary, type ProjectHealthRemediation, type ProjectHealthReport, type ProjectHealthRouteSummary, type ProjectHealthStatus, type PublishedSiteProbeV1, RAW_CONTROL_REUSE_RULE_ID, type RawControlReuseFinding, type RuntimeAudit, SCAN_REPORT_SCHEMA_URL, STYLE_BRIDGE_ARBITRARY_VALUE_RULE_ID, type ScanApplicabilityStatus, type ScanConfidence, type ScanFindingSeverity, type ScanFindingV1, type ScanInputKind, type ScanInputV1, type ScanProjectOptions, type ScanReportV1, type ScanRepositoryV1, type ScanRouteV1, type ShowcaseShortlistVerificationEntry, type ShowcaseShortlistVerificationReport, type StyleBridgeDriftAudit, type StyleBridgeDriftFinding, VERIFICATION_SCHEMA_URLS, type VerificationDiagnosticCatalogEntry, type VerificationDiagnosticInput, type VerificationDiagnosticMetadata, type VerificationFinding, type VerificationGraphAnchor, type VerificationGraphAnchorConfidence, type VerificationRepairAction, type VerificationScore, type VerificationSeverity, anchorFindingsToGraph, auditBuiltDist, auditComponentReuse, auditProject, auditStyleBridgeDrift, buildProjectHealthRepairPlan, collectMissingPackManifestFiles, collectProjectSourceFiles, createContractAssertions, createEvidenceBundle, createUnavailableScanReport, critiqueFile, critiqueSource, deriveVerificationDiagnostic, emptyRuntimeAudit, extractRouteHintsFromEssence, listKnownInteractions, probePublishedSite, resolveGitHubScanInput, resolveGraphAnchorForFinding, scanProject, verifyInteractionsInSource };
|