@delegance/claude-autopilot 2.4.0 → 5.0.0-alpha.1

package/src/core/config/schema.ts

@@ -1,4 +1,4 @@
-export const AUTOPILOT_CONFIG_SCHEMA = {
+export const GUARDRAIL_CONFIG_SCHEMA = {
   $schema: 'http://json-schema.org/draft-07/schema#',
   type: 'object',
   required: ['configVersion'],
@@ -35,7 +35,24 @@ export const AUTOPILOT_CONFIG_SCHEMA = {
       },
       additionalProperties: false,
     },
-    reviewStrategy: { enum: ['auto', 'single-pass', 'file-level'] },
+    ignore: {
+      type: 'array',
+      items: {
+        oneOf: [
+          { type: 'string' },
+          {
+            type: 'object',
+            required: ['path'],
+            properties: {
+              rule: { type: 'string' },
+              path: { type: 'string' },
+            },
+            additionalProperties: false,
+          },
+        ],
+      },
+    },
+    reviewStrategy: { enum: ['auto', 'single-pass', 'file-level', 'diff', 'auto-diff'] },
     chunking: {
       type: 'object',
       properties: {
@@ -47,10 +64,111 @@ export const AUTOPILOT_CONFIG_SCHEMA = {
       },
       additionalProperties: false,
     },
-    cost: { type: 'object' },
+    policy: {
+      type: 'object',
+      properties: {
+        failOn: { enum: ['critical', 'warning', 'note', 'none'] },
+        newOnly: { type: 'boolean' },
+        baselinePath: { type: 'string' },
+      },
+      additionalProperties: false,
+    },
+    pipeline: {
+      type: 'object',
+      properties: {
+        runReviewOnStaticFail: { type: 'boolean' },
+        runReviewOnTestFail: { type: 'boolean' },
+      },
+      additionalProperties: false,
+    },
+    cost: {
+      type: 'object',
+      properties: {
+        maxPerRun: { type: 'number' },
+        estimateBeforeRun: { type: 'boolean' },
+        pricing: { type: 'object' },
+      },
+      additionalProperties: false,
+    },
+    brand: {
+      type: 'object',
+      properties: {
+        colorsFrom: { type: 'string' },
+        colors: { type: 'array', items: { type: 'string' } },
+        fonts: { type: 'array', items: { type: 'string' } },
+        componentLibrary: {
+          oneOf: [
+            { type: 'string' },
+            {
+              type: 'object',
+              properties: {
+                tokens: { type: 'string' },
+                guide: { type: 'string' },
+              },
+              additionalProperties: false,
+            },
+          ],
+        },
+      },
+      additionalProperties: false,
+    },
+    'schema-alignment': {
+      type: 'object',
+      properties: {
+        enabled: { type: 'boolean' },
+        migrationGlobs: { type: 'array', items: { type: 'string', minLength: 1 } },
+        layerRoots: {
+          type: 'object',
+          properties: {
+            types: { type: 'array', items: { type: 'string' }, minItems: 1 },
+            api: { type: 'array', items: { type: 'string' }, minItems: 1 },
+            ui: { type: 'array', items: { type: 'string' }, minItems: 1 },
+          },
+          additionalProperties: false,
+        },
+        llmCheck: { type: 'boolean' },
+        severity: { enum: ['warning', 'error'] },
+      },
+      additionalProperties: false,
+    },
     cache: { type: 'object' },
     persistence: { type: 'object' },
     concurrency: { type: 'object' },
+    council: {
+      type: 'object',
+      required: ['models', 'synthesizer'],
+      additionalProperties: false,
+      properties: {
+        models: {
+          type: 'array',
+          minItems: 2,
+          items: {
+            type: 'object',
+            required: ['adapter', 'model', 'label'],
+            additionalProperties: false,
+            properties: {
+              adapter: { type: 'string' },
+              model: { type: 'string' },
+              label: { type: 'string' },
+            },
+          },
+        },
+        synthesizer: {
+          type: 'object',
+          required: ['adapter', 'model', 'label'],
+          additionalProperties: false,
+          properties: {
+            adapter: { type: 'string' },
+            model: { type: 'string' },
+            label: { type: 'string' },
+          },
+        },
+        timeout_ms: { type: 'number' },
+        min_successful_responses: { type: 'number' },
+        parallel_input_max_tokens: { type: 'number' },
+        synthesis_input_max_tokens: { type: 'number' },
+      },
+    },
   },
   definitions: {
     adapterRef: {

package/src/core/config/types.ts

@@ -1,3 +1,5 @@
+import type { SchemaAlignmentConfig } from '../schema-alignment/types.ts';
+
 export interface AdapterReference {
   adapter: string;
   options?: Record<string, unknown>;
@@ -7,7 +9,7 @@ export type AdapterRef = string | AdapterReference;
 
 export type StaticRuleReference = string | { adapter: string; options?: Record<string, unknown> };
 
-export interface AutopilotConfig {
+export interface GuardrailConfig {
   configVersion: 1;
   preset?: string;
   reviewEngine?: AdapterRef;
@@ -36,8 +38,61 @@ export interface AutopilotConfig {
     parallelism?: number;
     rateLimitBackoff?: 'exp' | 'linear' | 'none';
   };
-  cost?: Record<string, unknown>;
+  policy?: {
+    /** Severity threshold for exit code 1. Default: 'critical'. Use 'none' to always pass. */
+    failOn?: 'critical' | 'warning' | 'note' | 'none';
+    /** Only report findings not present in the committed baseline. Default: false. */
+    newOnly?: boolean;
+    /** Path to baseline file relative to cwd. Default: .guardrail-baseline.json */
+    baselinePath?: string;
+  };
+  pipeline?: {
+    /**
+     * When true, run the LLM review phase even if the static-rules phase reports `fail`
+     * (i.e. finds a critical). Default: true. Set to false to skip only the review
+     * phase on static-fail — the tests phase still runs regardless.
+     *
+     * Users that explicitly configure a review engine typically expect it to run — the
+     * bugs the LLM is best at (IDOR, TOCTOU, CORS, off-by-one, rate limits) often sit
+     * in the same commit as something a static rule already flagged. This flag only
+     * gates the review phase, mirroring `runReviewOnTestFail`.
+     */
+    runReviewOnStaticFail?: boolean;
+    /**
+     * When true, run the LLM review phase even if the tests phase reports `fail`.
+     * Default: false — failing tests usually indicate broken code, not code to review.
+     * This flag only gates the review phase; the tests phase itself always runs.
+     */
+    runReviewOnTestFail?: boolean;
+  };
+  cost?: {
+    /** Abort review phase if estimated spend exceeds this amount (USD). */
+    maxPerRun?: number;
+    /** Print token estimate before starting LLM review. Default: false. */
+    estimateBeforeRun?: boolean;
+    /** Per-model token price overrides (input/output per 1M tokens). */
+    pricing?: Record<string, { inputPer1M: number; outputPer1M: number }>;
+  };
+  brand?: {
+    /** Path to tailwind.config.{ts,js} — auto-extracts theme.colors as canonical palette */
+    colorsFrom?: string;
+    /** Explicit canonical color values (hex/rgb/hsl). Merged with colorsFrom. */
+    colors?: string[];
+    /** Canonical font family names */
+    fonts?: string[];
+    /** Path to design system component library (informational, for future LLM review) */
+    componentLibrary?: string | { tokens?: string; guide?: string };
+  };
+  'schema-alignment'?: SchemaAlignmentConfig;
   cache?: Record<string, unknown>;
   persistence?: Record<string, unknown>;
   concurrency?: Record<string, unknown>;
+  council?: {
+    models: Array<{ adapter: string; model: string; label: string }>;
+    synthesizer: { adapter: string; model: string; label: string };
+    timeout_ms?: number;
+    min_successful_responses?: number;
+    parallel_input_max_tokens?: number;
+    synthesis_input_max_tokens?: number;
+  };
 }

package/src/core/council/config.ts

@@ -0,0 +1,71 @@
+// src/core/council/config.ts
+import { GuardrailError } from '../errors.ts';
+import type { CouncilConfig, CouncilModelEntry } from './types.ts';
+
+const SUPPORTED_ADAPTERS = new Set(['claude', 'openai']);
+
+export function parseCouncilConfig(raw: Record<string, unknown>): CouncilConfig {
+  const models = raw['models'] as Array<Record<string, string>> | undefined;
+  const synthRaw = raw['synthesizer'] as Record<string, string> | undefined;
+  const timeoutMs = (raw['timeout_ms'] as number | undefined) ?? 30000;
+  const minSuccessful = (raw['min_successful_responses'] as number | undefined) ?? 1;
+  const parallelInputMaxTokens = (raw['parallel_input_max_tokens'] as number | undefined) ?? 8000;
+  const synthesisInputMaxTokens = (raw['synthesis_input_max_tokens'] as number | undefined) ?? 12000;
+
+  if (!Array.isArray(models) || models.length < 2) {
+    throw new GuardrailError('council.models must have at least 2 entries', { code: 'invalid_config' });
+  }
+
+  if (!synthRaw?.['adapter'] || !synthRaw['model'] || !synthRaw['label']) {
+    throw new GuardrailError('council.synthesizer requires adapter, model, and label', { code: 'invalid_config' });
+  }
+
+  if (timeoutMs < 5000) {
+    throw new GuardrailError(`council.timeout_ms must be >= 5000, got ${timeoutMs}`, { code: 'invalid_config' });
+  }
+
+  if (minSuccessful < 1 || minSuccessful > models.length) {
+    throw new GuardrailError(
+      `council.min_successful_responses must be 1–${models.length}, got ${minSuccessful}`,
+      { code: 'invalid_config' },
+    );
+  }
+
+  for (const entry of [...models, synthRaw]) {
+    if (!SUPPORTED_ADAPTERS.has(entry['adapter']!)) {
+      throw new GuardrailError(
+        `council: unknown adapter "${entry['adapter']}" — supported: ${[...SUPPORTED_ADAPTERS].join(', ')}`,
+        { code: 'invalid_config' },
+      );
+    }
+  }
+
+  const seen = new Set<string>();
+  for (const m of models) {
+    if (seen.has(m['label']!)) {
+      throw new GuardrailError(`council.models: duplicate label "${m['label']}"`, { code: 'invalid_config' });
+    }
+    seen.add(m['label']!);
+  }
+
+  const parsedModels: CouncilModelEntry[] = models.map(m => ({
+    adapter: m['adapter'] as 'claude' | 'openai',
+    model: m['model']!,
+    label: m['label']!,
+  }));
+
+  const synthesizer: CouncilModelEntry = {
+    adapter: synthRaw['adapter'] as 'claude' | 'openai',
+    model: synthRaw['model']!,
+    label: synthRaw['label']!,
+  };
+
+  return {
+    models: parsedModels,
+    synthesizer,
+    timeoutMs,
+    minSuccessfulResponses: minSuccessful,
+    parallelInputMaxTokens,
+    synthesisInputMaxTokens,
+  };
+}

package/src/core/council/context.ts

@@ -0,0 +1,17 @@
+const CHARS_PER_TOKEN = 4;
+
+export function windowContext(text: string, maxTokens: number): string {
+  const estimated = Math.ceil(text.length / CHARS_PER_TOKEN);
+  if (estimated <= maxTokens) return text;
+
+  const maxChars = maxTokens * CHARS_PER_TOKEN;
+  // Reserve budget for the marker so the final output stays within maxTokens.
+  // Use a conservative upper bound of the formatted marker (the digit count of
+  // charsDropped is computed from text length to avoid circular dependency).
+  const markerOverhead = `<!-- [council: truncated ${text.length} chars] -->\n`.length;
+  const effectiveMaxChars = Math.max(0, maxChars - markerOverhead);
+  const charsDropped = text.length - effectiveMaxChars;
+  const marker = `<!-- [council: truncated ${charsDropped} chars] -->\n`;
+  process.stderr.write(`[council] context truncated: dropped ${charsDropped} chars to fit ${maxTokens} token budget\n`);
+  return marker + text.slice(charsDropped);
+}

package/src/core/council/runner.ts

@@ -0,0 +1,83 @@
+import * as crypto from 'node:crypto';
+import { windowContext } from './context.ts';
+import type { CouncilConfig, CouncilResult, ModelResponse } from './types.ts';
+import type { CouncilAdapter } from '../../adapters/council/types.ts';
+
+async function consultWithTimeout(
+  adapter: CouncilAdapter,
+  prompt: string,
+  context: string,
+  timeoutMs: number,
+): Promise<ModelResponse> {
+  const start = Date.now();
+  let timer: NodeJS.Timeout | undefined;
+  try {
+    const text = await Promise.race([
+      adapter.consult(prompt, context),
+      new Promise<never>((_, reject) => {
+        timer = setTimeout(() => reject(new Error('timeout')), timeoutMs);
+      }),
+    ]);
+    return { label: adapter.label, status: 'ok', text, latencyMs: Date.now() - start };
+  } catch (err) {
+    const message = err instanceof Error ? err.message : String(err);
+    return message === 'timeout'
+      ? { label: adapter.label, status: 'timeout', error: 'timed out', latencyMs: Date.now() - start }
+      : { label: adapter.label, status: 'error', error: message, latencyMs: Date.now() - start };
+  } finally {
+    // Always clear the timer to avoid keeping the event loop alive after the
+    // adapter resolves/rejects. Long-running hosts (MCP server) would accumulate
+    // dangling timers for the full timeoutMs otherwise.
+    if (timer) clearTimeout(timer);
+  }
+}
+
+export async function runCouncil(
+  config: CouncilConfig,
+  adapters: CouncilAdapter[],
+  synthesizer: CouncilAdapter,
+  prompt: string,
+  contextDoc: string,
+): Promise<CouncilResult> {
+  const run_id = crypto.randomUUID();
+  const context = windowContext(contextDoc, config.parallelInputMaxTokens);
+
+  const responses = await Promise.all(
+    adapters.map(a => consultWithTimeout(a, prompt, context, config.timeoutMs))
+  );
+
+  const successful = responses.filter(r => r.status === 'ok');
+
+  if (successful.length < config.minSuccessfulResponses) {
+    return { schema_version: 1, run_id, status: 'failed', prompt, responses };
+  }
+
+  const responseSections = successful
+    .map(r => `### ${r.label}\n${r.text}`)
+    .join('\n\n');
+
+  const synthesisDoc = `${contextDoc}\n\n---\n\n${responseSections}`;
+  const synthesisCtx = windowContext(synthesisDoc, config.synthesisInputMaxTokens);
+  const synthesisPrompt = [
+    `You have received responses from multiple technical advisors on the following question:\n\n## Original Question\n\n${prompt}`,
+    `## Advisor Responses\n\n${responseSections}`,
+    'Based on these responses, provide a synthesis: areas of agreement, key disagreements, and your final recommendation.',
+  ].join('\n\n');
+
+  // Synthesizer shares the same per-call timeout as model calls so a hung
+  // synthesizer API doesn't block the whole command indefinitely.
+  const synthResponse = await consultWithTimeout(
+    synthesizer,
+    synthesisPrompt,
+    synthesisCtx,
+    config.timeoutMs,
+  );
+  // status:'ok' means the synthesizer call itself completed without error.
+  // Empty text is valid (e.g. the --no-synthesize stub that intentionally
+  // returns ''); only treat actual failures/timeouts as partial.
+  if (synthResponse.status === 'ok') {
+    const synthesis = { label: synthesizer.label, text: synthResponse.text ?? '', latencyMs: synthResponse.latencyMs };
+    return { schema_version: 1, run_id, status: 'success', prompt, responses, synthesis };
+  }
+  return { schema_version: 1, run_id, status: 'partial', prompt, responses };
+}

package/src/core/council/types.ts

@@ -0,0 +1,45 @@
+// adapter is a closed union — extending to a new provider requires an intentional
+// code change in config.ts and cli/council.ts
+export interface CouncilModelEntry {
+  adapter: 'claude' | 'openai';
+  model: string;
+  label: string;
+}
+
+export interface CouncilConfig {
+  models: CouncilModelEntry[];
+  synthesizer: CouncilModelEntry;
+  timeoutMs: number;
+  minSuccessfulResponses: number;
+  parallelInputMaxTokens: number;
+  synthesisInputMaxTokens: number;
+}
+
+export type ModelResponseStatus = 'ok' | 'timeout' | 'error';
+
+export interface ModelResponse {
+  label: string;
+  status: ModelResponseStatus;
+  text?: string;
+  error?: string;
+  latencyMs: number;
+}
+
+export interface SynthesisResponse {
+  label: string;
+  text: string;
+  latencyMs: number;
+}
+
+export type CouncilStatus = 'success' | 'partial' | 'failed';
+
+export interface CouncilResult {
+  // snake_case: wire-format field, consistent with MCP handler schema_version convention
+  schema_version: 1;
+  // snake_case: wire-format field
+  run_id: string;
+  status: CouncilStatus;
+  prompt: string;
+  responses: ModelResponse[];
+  synthesis?: SynthesisResponse;
+}

package/src/core/detect/llm-key.ts

@@ -0,0 +1,89 @@
+/**
+ * Shared LLM API key detection. Used by setup, doctor/preflight, scan, and run so
+ * every surface agrees on which env vars count as "have a key."
+ *
+ * Before this unified helper, doctor only checked ANTHROPIC_API_KEY + OPENAI_API_KEY
+ * while setup/scan/run checked all 5 providers — producing contradictory messages
+ * ("LLM API key: detected" from setup, "No LLM API key" from doctor moments later).
+ */
+
+import * as fs from 'node:fs';
+
+/** All env var names guardrail recognizes as LLM API keys, ordered by preference. */
+export const LLM_KEY_NAMES = [
+  'ANTHROPIC_API_KEY',
+  'OPENAI_API_KEY',
+  'GEMINI_API_KEY',
+  'GOOGLE_API_KEY',
+  'GROQ_API_KEY',
+] as const;
+
+export type LLMKeyName = typeof LLM_KEY_NAMES[number];
+
+export interface KeyDetectionOptions {
+  /** Additional key→value map to check alongside process.env (e.g. parsed .env.local). */
+  extraEnv?: Record<string, string | undefined>;
+}
+
+export interface KeyDetectionResult {
+  /** True if any recognized LLM key is set to a non-empty value. */
+  hasKey: boolean;
+  /** Preferred key that was detected, or null. Follows LLM_KEY_NAMES order. */
+  preferred: LLMKeyName | null;
+  /** All keys that were detected, in LLM_KEY_NAMES order. */
+  detected: LLMKeyName[];
+}
+
+function readEnvFileSync(filePath: string): Record<string, string> {
+  const vars: Record<string, string> = {};
+  try {
+    const content = fs.readFileSync(filePath, 'utf-8');
+    for (const line of content.split('\n')) {
+      const trimmed = line.trim();
+      if (!trimmed || trimmed.startsWith('#')) continue;
+      const eq = trimmed.indexOf('=');
+      if (eq < 0) continue;
+      vars[trimmed.slice(0, eq).trim()] = trimmed.slice(eq + 1).trim().replace(/^['"]|['"]$/g, '');
+    }
+  } catch {
+    /* ignore */
+  }
+  return vars;
+}
+
+/** Load an env file into a plain object without mutating process.env. */
+export function loadEnvFile(filePath: string): Record<string, string> {
+  return readEnvFileSync(filePath);
+}
+
+/** Detect whether any recognized LLM API key is set. */
+export function detectLLMKey(options: KeyDetectionOptions = {}): KeyDetectionResult {
+  const extra = options.extraEnv ?? {};
+  const detected: LLMKeyName[] = [];
+  for (const name of LLM_KEY_NAMES) {
+    // Treat empty string as "not set" so an env file value can supply the key when
+    // the shell has `FOO=` exported. `??` would shadow the env file here because it
+    // only falls through on null/undefined — matching the old `!! || !!` semantics.
+    const fromProcess = process.env[name];
+    const value = (fromProcess && fromProcess.length > 0) ? fromProcess : extra[name];
+    if (value && value.length > 0) detected.push(name);
+  }
+  return {
+    hasKey: detected.length > 0,
+    preferred: detected[0] ?? null,
+    detected,
+  };
+}
+
+/**
+ * Human-readable list of providers and signup URLs, used by every "no key" message.
+ * Must cover every entry in LLM_KEY_NAMES so users see the same set of options across
+ * preflight, setup, scan, and run.
+ */
+export const LLM_KEY_HINTS: Array<{ name: LLMKeyName; url: string; note?: string }> = [
+  { name: 'ANTHROPIC_API_KEY', url: 'https://console.anthropic.com/' },
+  { name: 'OPENAI_API_KEY',    url: 'https://platform.openai.com/api-keys' },
+  { name: 'GEMINI_API_KEY',    url: 'https://aistudio.google.com/app/apikey' },
+  { name: 'GOOGLE_API_KEY',    url: 'https://aistudio.google.com/app/apikey', note: 'legacy alias for GEMINI_API_KEY' },
+  { name: 'GROQ_API_KEY',      url: 'https://console.groq.com/keys', note: 'fast free tier' },
+];

package/src/core/detect/workspaces.ts

@@ -0,0 +1,103 @@
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+
+export interface Workspace {
+  name: string;
+  dir: string;          // absolute path
+  rel: string;          // relative to root
+  testCommand?: string;
+}
+
+function readJson(p: string): Record<string, unknown> | null {
+  try { return JSON.parse(fs.readFileSync(p, 'utf8')) as Record<string, unknown>; } catch { return null; }
+}
+
+function globDirs(root: string, patterns: string[]): string[] {
+  const results: string[] = [];
+  for (const pattern of patterns) {
+    // Support "packages/*" and "apps/*" style globs (one level deep only)
+    const parts = pattern.split('/');
+    if (parts.length === 2 && parts[1] === '*') {
+      const base = path.join(root, parts[0]!);
+      if (!fs.existsSync(base)) continue;
+      for (const entry of fs.readdirSync(base, { withFileTypes: true })) {
+        if (entry.isDirectory()) results.push(path.join(base, entry.name));
+      }
+    } else {
+      const abs = path.join(root, pattern);
+      if (fs.existsSync(abs) && fs.statSync(abs).isDirectory()) results.push(abs);
+    }
+  }
+  return results;
+}
+
+function detectTestCommand(dir: string): string | undefined {
+  const pkg = readJson(path.join(dir, 'package.json'));
+  if (pkg?.scripts && typeof (pkg.scripts as Record<string, unknown>).test === 'string') {
+    return `npm test --prefix ${dir}`;
+  }
+  if (fs.existsSync(path.join(dir, 'go.mod'))) return `go test ./... -C ${dir}`;
+  if (fs.existsSync(path.join(dir, 'Cargo.toml'))) return `cargo test --manifest-path ${path.join(dir, 'Cargo.toml')}`;
+  return undefined;
+}
+
+/** Detect npm/yarn/pnpm workspaces, Turborepo, Nx, Go multi-module. */
+export function detectWorkspaces(cwd: string): Workspace[] | null {
+  const pkg = readJson(path.join(cwd, 'package.json')) as { workspaces?: string[] | { packages?: string[] }; name?: string } | null;
+
+  // npm/yarn workspaces
+  let wsDirs: string[] = [];
+  if (pkg?.workspaces) {
+    const patterns = Array.isArray(pkg.workspaces) ? pkg.workspaces : (pkg.workspaces.packages ?? []);
+    wsDirs = globDirs(cwd, patterns);
+  }
+
+  // Turborepo — pnpm-workspace.yaml or turbo.json
+  if (wsDirs.length === 0 && fs.existsSync(path.join(cwd, 'pnpm-workspace.yaml'))) {
+    try {
+      const raw = fs.readFileSync(path.join(cwd, 'pnpm-workspace.yaml'), 'utf8');
+      const matches = raw.match(/^\s*-\s*['"]?([^'"#\n]+)['"]?/gm) ?? [];
+      const patterns = matches.map(m => m.replace(/^\s*-\s*['"]?/, '').replace(/['"]?\s*$/, '').trim());
+      wsDirs = globDirs(cwd, patterns);
+    } catch { /* ignore */ }
+  }
+
+  // Turborepo fallback: packages/ and apps/ dirs
+  if (wsDirs.length === 0 && fs.existsSync(path.join(cwd, 'turbo.json'))) {
+    wsDirs = globDirs(cwd, ['packages/*', 'apps/*']);
+  }
+
+  // Nx: check nx.json + libs/ + apps/
+  if (wsDirs.length === 0 && fs.existsSync(path.join(cwd, 'nx.json'))) {
+    wsDirs = globDirs(cwd, ['libs/*', 'apps/*', 'packages/*']);
+  }
+
+  if (wsDirs.length === 0) return null;
+
+  return wsDirs
+    .filter(d => fs.existsSync(d))
+    .map(d => {
+      const rel = path.relative(cwd, d);
+      const pkgJson = readJson(path.join(d, 'package.json')) as { name?: string } | null;
+      return {
+        name: pkgJson?.name ?? rel,
+        dir: d,
+        rel,
+        testCommand: detectTestCommand(d),
+      };
+    });
+}
+
+/** Given a list of touched files, return which workspaces they belong to. */
+export function mapFilesToWorkspaces(files: string[], workspaces: Workspace[], cwd: string): Map<Workspace, string[]> {
+  const result = new Map<Workspace, string[]>();
+  for (const file of files) {
+    const abs = path.isAbsolute(file) ? file : path.resolve(cwd, file);
+    const ws = workspaces.find(w => abs.startsWith(w.dir + path.sep) || abs === w.dir);
+    if (ws) {
+      if (!result.has(ws)) result.set(ws, []);
+      result.get(ws)!.push(file);
+    }
+  }
+  return result;
+}

package/src/core/errors.ts

@@ -4,7 +4,7 @@ export type ErrorCode =
   | 'auth' | 'rate_limit' | 'transient_network' | 'invalid_config'
   | 'adapter_bug' | 'user_input' | 'budget_exceeded' | 'concurrency_lock' | 'superseded';
 
-export interface AutopilotErrorOptions {
+export interface GuardrailErrorOptions {
   code: ErrorCode;
   retryable?: boolean;
   provider?: string;
@@ -18,16 +18,16 @@ const DEFAULT_RETRYABLE: Record<ErrorCode, boolean> = {
   concurrency_lock: false, superseded: false,
 };
 
-export class AutopilotError extends Error {
+export class GuardrailError extends Error {
   code: ErrorCode;
   retryable: boolean;
   provider?: string;
   step?: string;
   details: Record<string, unknown>;
 
-  constructor(message: string, options: AutopilotErrorOptions) {
+  constructor(message: string, options: GuardrailErrorOptions) {
     super(message);
-    this.name = 'AutopilotError';
+    this.name = 'GuardrailError';
     this.code = options.code;
     this.retryable = options.retryable ?? DEFAULT_RETRYABLE[options.code];
     this.provider = options.provider;