@devtrack-solution/codesdd 1.2.2 → 1.2.4-rc3

package/dist/core/sdd/deepagents/backend.d.ts

@@ -0,0 +1,63 @@
+export type DeepAgentsExecutionMode = 'read-only' | 'plan' | 'validate' | 'apply-sandbox' | 'apply-approved';
+export type DeepAgentsTrustTier = 'local-dev' | 'experimental' | 'enterprise-approved' | 'blocked';
+export interface DeepAgentsPermissionContext {
+    projectRoot: string;
+    mode: DeepAgentsExecutionMode;
+    trustTier: DeepAgentsTrustTier;
+    writeScope: string[];
+}
+export interface DeepAgentsStateBackend {
+    get(key: string): Promise<string | undefined>;
+    set(key: string, value: string): Promise<void>;
+}
+export interface DeepAgentsStoreBackend {
+    get(key: string): Promise<string | undefined>;
+    set(key: string, value: string): Promise<void>;
+}
+export interface DeepAgentsFilesystemBackend {
+    readFile(absolutePath: string): Promise<string>;
+    writeFile(absolutePath: string, content: string): Promise<void>;
+}
+export interface DeepAgentsAccessDecision {
+    allowed: boolean;
+    code?: 'PATH_TRAVERSAL_BLOCKED' | 'OUTSIDE_PROJECT_ROOT' | 'WRITE_MODE_FORBIDDEN' | 'TRUST_TIER_BLOCKED' | 'SECRET_PATH_BLOCKED' | 'STATE_WRITE_FORBIDDEN' | 'FORBIDDEN_WRITE_PATH' | 'OUTSIDE_WRITE_SCOPE';
+    message?: string;
+    relativePath?: string;
+    absolutePath?: string;
+}
+export declare class DeepAgentsSandboxViolationError extends Error {
+    readonly decision: DeepAgentsAccessDecision;
+    constructor(decision: DeepAgentsAccessDecision);
+}
+export declare class InMemoryStateBackend implements DeepAgentsStateBackend {
+    private readonly values;
+    get(key: string): Promise<string | undefined>;
+    set(key: string, value: string): Promise<void>;
+}
+export declare class InMemoryStoreBackend implements DeepAgentsStoreBackend {
+    private readonly values;
+    get(key: string): Promise<string | undefined>;
+    set(key: string, value: string): Promise<void>;
+}
+export declare class VirtualFilesystemBackend implements DeepAgentsFilesystemBackend {
+    private readonly files;
+    readFile(absolutePath: string): Promise<string>;
+    writeFile(absolutePath: string, content: string): Promise<void>;
+}
+export declare class DeepAgentsSandboxBackend {
+    private readonly context;
+    private readonly filesystem;
+    readonly stateBackend: DeepAgentsStateBackend;
+    readonly storeBackend: DeepAgentsStoreBackend;
+    private readonly projectRoot;
+    private readonly mode;
+    private readonly trustTier;
+    private readonly writeScope;
+    constructor(context: DeepAgentsPermissionContext, filesystem: DeepAgentsFilesystemBackend, stateBackend: DeepAgentsStateBackend, storeBackend: DeepAgentsStoreBackend);
+    authorizeRead(relativePath: string): DeepAgentsAccessDecision;
+    authorizeWrite(relativePath: string): DeepAgentsAccessDecision;
+    readFile(relativePath: string): Promise<string>;
+    writeFile(relativePath: string, content: string): Promise<void>;
+    private evaluatePath;
+}
+//# sourceMappingURL=backend.d.ts.map

package/dist/core/sdd/deepagents/backend.js

@@ -0,0 +1,174 @@
+import path from 'node:path';
+const WINDOWS_ABSOLUTE_PATH_PATTERN = /^[A-Za-z]:[\\/]/;
+const FORBIDDEN_WRITE_PREFIXES = ['.sdd/state', '.git', 'node_modules'];
+const SECRET_SEGMENTS = [
+    '.env',
+    'secret',
+    'secrets',
+    'credential',
+    'credentials',
+    'token',
+    '.aws',
+    '.ssh',
+    'id_rsa',
+    'pem',
+    'key',
+];
+const SECRET_SUFFIXES = ['.pem', '.key', '.p12', '.env'];
+export class DeepAgentsSandboxViolationError extends Error {
+    decision;
+    constructor(decision) {
+        super(decision.message ?? 'Sandbox policy violation.');
+        this.name = 'DeepAgentsSandboxViolationError';
+        this.decision = decision;
+    }
+}
+export class InMemoryStateBackend {
+    values = new Map();
+    async get(key) {
+        return this.values.get(key);
+    }
+    async set(key, value) {
+        this.values.set(key, value);
+    }
+}
+export class InMemoryStoreBackend {
+    values = new Map();
+    async get(key) {
+        return this.values.get(key);
+    }
+    async set(key, value) {
+        this.values.set(key, value);
+    }
+}
+export class VirtualFilesystemBackend {
+    files = new Map();
+    async readFile(absolutePath) {
+        const value = this.files.get(absolutePath);
+        if (typeof value !== 'string') {
+            throw new Error(`Virtual file not found: ${absolutePath}`);
+        }
+        return value;
+    }
+    async writeFile(absolutePath, content) {
+        this.files.set(absolutePath, content);
+    }
+}
+export class DeepAgentsSandboxBackend {
+    context;
+    filesystem;
+    stateBackend;
+    storeBackend;
+    projectRoot;
+    mode;
+    trustTier;
+    writeScope;
+    constructor(context, filesystem, stateBackend, storeBackend) {
+        this.context = context;
+        this.filesystem = filesystem;
+        this.stateBackend = stateBackend;
+        this.storeBackend = storeBackend;
+        this.projectRoot = path.resolve(context.projectRoot);
+        this.mode = context.mode;
+        this.trustTier = context.trustTier;
+        this.writeScope = context.writeScope.map((scope) => normalizeScope(scope)).filter((scope) => !!scope);
+    }
+    authorizeRead(relativePath) {
+        return this.evaluatePath(relativePath, 'read');
+    }
+    authorizeWrite(relativePath) {
+        return this.evaluatePath(relativePath, 'write');
+    }
+    async readFile(relativePath) {
+        const decision = this.authorizeRead(relativePath);
+        if (!decision.allowed) {
+            throw new DeepAgentsSandboxViolationError(decision);
+        }
+        return this.filesystem.readFile(decision.absolutePath);
+    }
+    async writeFile(relativePath, content) {
+        const decision = this.authorizeWrite(relativePath);
+        if (!decision.allowed) {
+            throw new DeepAgentsSandboxViolationError(decision);
+        }
+        await this.filesystem.writeFile(decision.absolutePath, content);
+    }
+    evaluatePath(relativePath, operation) {
+        const normalizedRelativePath = normalizeScope(relativePath);
+        if (!normalizedRelativePath) {
+            return denied('PATH_TRAVERSAL_BLOCKED', `Path ${relativePath} is not a safe project-relative path.`);
+        }
+        const absolutePath = path.resolve(this.projectRoot, normalizedRelativePath);
+        if (!isWithinRoot(absolutePath, this.projectRoot)) {
+            return denied('OUTSIDE_PROJECT_ROOT', `Path ${relativePath} resolves outside project root.`, normalizedRelativePath);
+        }
+        if (isSecretPath(normalizedRelativePath)) {
+            return denied('SECRET_PATH_BLOCKED', `Path ${relativePath} was blocked by secret-path policy.`, normalizedRelativePath);
+        }
+        if (operation === 'write') {
+            if (this.mode !== 'apply-sandbox' && this.mode !== 'apply-approved') {
+                return denied('WRITE_MODE_FORBIDDEN', `Mode ${this.mode} does not allow filesystem writes.`, normalizedRelativePath);
+            }
+            if (this.trustTier === 'blocked') {
+                return denied('TRUST_TIER_BLOCKED', 'Blocked trust tier cannot perform writes.', normalizedRelativePath);
+            }
+            if (isProtectedStatePath(normalizedRelativePath)) {
+                return denied('STATE_WRITE_FORBIDDEN', `Path ${relativePath} cannot mutate canonical state files.`, normalizedRelativePath);
+            }
+            if (isWithinPrefixes(normalizedRelativePath, FORBIDDEN_WRITE_PREFIXES)) {
+                return denied('FORBIDDEN_WRITE_PATH', `Path ${relativePath} is forbidden by sandbox write boundaries.`, normalizedRelativePath);
+            }
+            if (!isWithinWriteScope(normalizedRelativePath, this.writeScope)) {
+                return denied('OUTSIDE_WRITE_SCOPE', `Path ${relativePath} is outside approved write scope for this operation.`, normalizedRelativePath);
+            }
+        }
+        return {
+            allowed: true,
+            relativePath: normalizedRelativePath,
+            absolutePath,
+        };
+    }
+}
+function denied(code, message, relativePath) {
+    return {
+        allowed: false,
+        code,
+        message,
+        relativePath,
+    };
+}
+function normalizeScope(value) {
+    const normalized = value.replace(/\\/gu, '/').replace(/^\.\//u, '');
+    if (!normalized || normalized === '.' || normalized.startsWith('/') || WINDOWS_ABSOLUTE_PATH_PATTERN.test(normalized)) {
+        return null;
+    }
+    const segments = normalized.split('/').filter(Boolean);
+    if (segments.some((segment) => segment === '..')) {
+        return null;
+    }
+    return segments.join('/');
+}
+function isWithinWriteScope(value, scopes) {
+    if (scopes.length === 0) {
+        return false;
+    }
+    return scopes.some((scope) => value === scope || value.startsWith(`${scope}/`));
+}
+function isWithinRoot(realPath, root) {
+    const relative = path.relative(root, realPath);
+    return relative === '' || (!relative.startsWith('..') && !path.isAbsolute(relative));
+}
+function isProtectedStatePath(relativePath) {
+    return relativePath === '.sdd/state' || relativePath.startsWith('.sdd/state/');
+}
+function isWithinPrefixes(relativePath, prefixes) {
+    return prefixes.some((prefix) => relativePath === prefix || relativePath.startsWith(`${prefix}/`));
+}
+function isSecretPath(relativePath) {
+    const lower = relativePath.toLowerCase();
+    if (SECRET_SUFFIXES.some((suffix) => lower.endsWith(suffix))) {
+        return true;
+    }
+    return lower.split('/').some((segment) => SECRET_SEGMENTS.some((token) => segment.includes(token)));
+}
+//# sourceMappingURL=backend.js.map

package/dist/core/sdd/deepagents/codesdd-tools.d.ts

@@ -0,0 +1,39 @@
+import type { CreateDeepAgentParams } from 'deepagents';
+import { type CodeSddMcpToolName, type McpProviderId, type McpRuntimeInvocation, type McpRuntimePolicyGate, type McpRuntimeRiskTier, type McpRuntimeStateAccess } from '../services/mcp-runtime.service.js';
+import type { SddStores } from '../store/sdd-stores.js';
+export type DeepAgentsCodeSddToolName = 'codesdd_next' | 'codesdd_context' | 'codesdd_query' | 'codesdd_read' | 'codesdd_start' | 'codesdd_plugin_inspect' | 'codesdd_plugin_plan' | 'codesdd_plugin_apply_sandbox' | 'codesdd_quality_evidence' | 'codesdd_adr' | 'codesdd_check' | 'codesdd_diagnose' | 'codesdd_finalize_intent' | 'codesdd_frontend_impact' | 'codesdd_skill_prompt';
+export type DeepAgentsCodeSddToolSafetyClass = 'read-diagnostic' | 'intent-mutation';
+export type DeepAgentsCodeSddToolProfile = DeepAgentsCodeSddToolSafetyClass | 'all';
+export interface DeepAgentsCodeSddToolDescriptor {
+    name: DeepAgentsCodeSddToolName;
+    canonical_tool: CodeSddMcpToolName;
+    safety_class: DeepAgentsCodeSddToolSafetyClass;
+    title: string;
+    description: string;
+    input_schema: Record<string, unknown>;
+    output_schema: Record<string, unknown>;
+    state_access: McpRuntimeStateAccess;
+    policy_gate: McpRuntimePolicyGate;
+    risk_tier: McpRuntimeRiskTier;
+    requires_human_approval: boolean;
+    evidence_behavior: string;
+    hitl_requirement: string;
+    result_contract: 'mcp-runtime-invocation/v1' | 'intent-envelope/v1';
+    reads: string[];
+    writes: string[];
+}
+export interface DeepAgentsCodeSddToolWrapper extends DeepAgentsCodeSddToolDescriptor {
+    invoke(args: Record<string, unknown>, options?: DeepAgentsCodeSddToolInvokeOptions): Promise<McpRuntimeInvocation>;
+}
+export interface DeepAgentsCodeSddToolInvokeOptions {
+    provider?: Extract<McpProviderId, 'deepagents'>;
+}
+export interface DeepAgentsCodeSddToolCatalogOptions {
+    profile?: DeepAgentsCodeSddToolProfile;
+}
+export type DeepAgentsCodeSddRuntimeTool = NonNullable<CreateDeepAgentParams['tools']>[number];
+export declare function listCodeSddDeepAgentsToolDescriptors(options?: DeepAgentsCodeSddToolCatalogOptions): DeepAgentsCodeSddToolDescriptor[];
+export declare function createCodeSddDeepAgentsToolWrappers(stores: SddStores, projectRoot: string, options?: DeepAgentsCodeSddToolCatalogOptions): DeepAgentsCodeSddToolWrapper[];
+export declare function createCodeSddDeepAgentsRuntimeTools(stores: SddStores, projectRoot: string, options?: DeepAgentsCodeSddToolCatalogOptions): DeepAgentsCodeSddRuntimeTool[];
+export declare function findCodeSddDeepAgentsToolDescriptor(name: DeepAgentsCodeSddToolName, options?: DeepAgentsCodeSddToolCatalogOptions): DeepAgentsCodeSddToolDescriptor | undefined;
+//# sourceMappingURL=codesdd-tools.d.ts.map

package/dist/core/sdd/deepagents/codesdd-tools.js

@@ -0,0 +1,83 @@
+import { tool } from '@langchain/core/tools';
+import { MCP_RUNTIME_TOOL_REGISTRY, McpRuntimeService, } from '../services/mcp-runtime.service.js';
+const DEEPAGENTS_TOOL_NAME_MAP = {
+    'codesdd.next': 'codesdd_next',
+    'codesdd.context': 'codesdd_context',
+    'codesdd.query': 'codesdd_query',
+    'codesdd.read': 'codesdd_read',
+    'codesdd.start': 'codesdd_start',
+    'codesdd.plugin.inspect': 'codesdd_plugin_inspect',
+    'codesdd.plugin.plan': 'codesdd_plugin_plan',
+    'codesdd.plugin.apply_sandbox': 'codesdd_plugin_apply_sandbox',
+    'codesdd.quality.evidence': 'codesdd_quality_evidence',
+    'codesdd.adr': 'codesdd_adr',
+    'codesdd.check': 'codesdd_check',
+    'codesdd.diagnose': 'codesdd_diagnose',
+    'codesdd.finalize_intent': 'codesdd_finalize_intent',
+    'codesdd.frontend_impact': 'codesdd_frontend_impact',
+    'codesdd.skill_prompt': 'codesdd_skill_prompt',
+};
+export function listCodeSddDeepAgentsToolDescriptors(options = {}) {
+    const profile = options.profile ?? 'all';
+    return MCP_RUNTIME_TOOL_REGISTRY.map((entry) => {
+        const safetyClass = classifyToolSafety(entry.implementation.state_access, entry.governance.gate);
+        const resultContract = entry.governance.gate === 'intent-only' ? 'intent-envelope/v1' : 'mcp-runtime-invocation/v1';
+        return {
+            name: DEEPAGENTS_TOOL_NAME_MAP[entry.canonical_name],
+            canonical_tool: entry.canonical_name,
+            safety_class: safetyClass,
+            title: entry.title,
+            description: entry.description,
+            input_schema: entry.input_schema,
+            output_schema: entry.output_schema,
+            state_access: entry.implementation.state_access,
+            policy_gate: entry.governance.gate,
+            risk_tier: entry.governance.risk_tier,
+            requires_human_approval: entry.governance.gate === 'intent-only' || entry.governance.risk_tier === 'critical',
+            evidence_behavior: entry.governance.evidence_behavior,
+            hitl_requirement: entry.governance.hitl_rule,
+            result_contract: resultContract,
+            reads: [...entry.implementation.reads],
+            writes: [...entry.implementation.writes],
+        };
+    }).filter((descriptor) => profile === 'all' || descriptor.safety_class === profile);
+}
+export function createCodeSddDeepAgentsToolWrappers(stores, projectRoot, options = {}) {
+    const runtime = new McpRuntimeService(stores);
+    return listCodeSddDeepAgentsToolDescriptors(options).map((descriptor) => ({
+        ...descriptor,
+        async invoke(args, options) {
+            return runtime.invoke(projectRoot, {
+                provider: options?.provider ?? 'deepagents',
+                tool: descriptor.canonical_tool,
+                args,
+            });
+        },
+    }));
+}
+export function createCodeSddDeepAgentsRuntimeTools(stores, projectRoot, options = {}) {
+    return createCodeSddDeepAgentsToolWrappers(stores, projectRoot, options).map((wrapper) => tool(async (input) => {
+        const invocation = await wrapper.invoke(input);
+        return JSON.stringify(invocation);
+    }, {
+        name: wrapper.name,
+        description: [
+            wrapper.description,
+            `State access: ${wrapper.state_access}.`,
+            `Policy gate: ${wrapper.policy_gate}.`,
+            `Risk tier: ${wrapper.risk_tier}.`,
+            `HITL: ${wrapper.hitl_requirement}.`,
+        ].join(' '),
+        schema: wrapper.input_schema,
+    }));
+}
+export function findCodeSddDeepAgentsToolDescriptor(name, options = {}) {
+    return listCodeSddDeepAgentsToolDescriptors(options).find((descriptor) => descriptor.name === name);
+}
+function classifyToolSafety(stateAccess, gate) {
+    if (stateAccess === 'read-write' || gate === 'intent-only') {
+        return 'intent-mutation';
+    }
+    return 'read-diagnostic';
+}
+//# sourceMappingURL=codesdd-tools.js.map

package/dist/core/sdd/deepagents/evidence-mapper.d.ts

@@ -0,0 +1,86 @@
+import type { z } from 'zod';
+import { deepagentDecisionEvidenceSchema, deepagentQualityEvidenceSchema, deepagentRunEvidenceSchema, deepagentRunPlanSchema, deepagentSubagentEvidenceSchema, deepagentToolCallEvidenceSchema } from '../deepagent-contracts.js';
+import type { McpRuntimeInvocation } from '../services/mcp-runtime.service.js';
+import type { DeepAgentsCodeSddToolDescriptor } from './codesdd-tools.js';
+import type { DeepAgentsRuntimeAdapterEnvelope } from './runtime-factory.js';
+export type DeepAgentRunEvidence = z.infer<typeof deepagentRunEvidenceSchema>;
+export type DeepAgentRunPlan = z.infer<typeof deepagentRunPlanSchema>;
+export type DeepAgentToolCallEvidence = z.infer<typeof deepagentToolCallEvidenceSchema>;
+export type DeepAgentSubagentEvidence = z.infer<typeof deepagentSubagentEvidenceSchema>;
+export type DeepAgentDecisionEvidence = z.infer<typeof deepagentDecisionEvidenceSchema>;
+export type DeepAgentQualityEvidence = z.infer<typeof deepagentQualityEvidenceSchema>;
+export interface DeepAgentsToolCallEvidenceInput {
+    toolName: string;
+    input: unknown;
+    output: unknown;
+    stateAccessClass: DeepAgentToolCallEvidence['state_access_class'];
+    policyGate: string;
+    hitlDecision?: DeepAgentToolCallEvidence['hitl_decision'];
+    durationMs?: number;
+    result?: DeepAgentToolCallEvidence['result'];
+}
+export interface DeepAgentsSubagentEvidenceInput {
+    subagentName: string;
+    promptPurpose: string;
+    toolsUsed?: string[];
+    skillsUsed?: string[];
+    inputs?: Record<string, unknown>;
+    structuredOutput?: Record<string, unknown>;
+    confidence?: number;
+    risks?: DeepAgentSubagentEvidence['risks'];
+}
+export interface DeepAgentsDecisionEvidenceInput {
+    decisionPoint: string;
+    alternatives: string[];
+    selectedOption: string;
+    adrRequired: boolean;
+    rationale: string;
+    approvals?: string[];
+}
+export interface DeepAgentsQualityEvidenceInput {
+    matrix: DeepAgentQualityEvidence['matrix'];
+}
+export interface DeepAgentsRunEvidenceInput {
+    adapter: DeepAgentsRuntimeAdapterEnvelope;
+    status?: DeepAgentRunEvidence['status'];
+    planRef?: string;
+    artifacts?: string[];
+    validations?: string[];
+    decisions?: DeepAgentDecisionEvidence[];
+    risks?: DeepAgentRunEvidence['risks'];
+    finalizeIntent?: boolean;
+    modelMetadata?: Record<string, unknown>;
+}
+export interface DeepAgentsRunPlanInput {
+    adapter: DeepAgentsRuntimeAdapterEnvelope;
+    tacticalSteps?: DeepAgentRunPlan['tactical_steps'];
+    subagentRouting?: DeepAgentRunPlan['subagent_routing'];
+    requiredApprovals?: string[];
+    expectedToolCalls?: string[];
+    writeManifestPreview?: string[];
+    validationMatrix?: DeepAgentRunPlan['validation_matrix'];
+    residualRisks?: DeepAgentRunPlan['residual_risks'];
+}
+export interface DeepAgentsMappedEvidence {
+    plan: DeepAgentRunPlan;
+    run: DeepAgentRunEvidence;
+    tool_calls: DeepAgentToolCallEvidence[];
+    subagents: DeepAgentSubagentEvidence[];
+    quality?: DeepAgentQualityEvidence;
+}
+export declare function mapDeepAgentsRunPlan(input: DeepAgentsRunPlanInput): DeepAgentRunPlan;
+export declare function mapDeepAgentsRunEvidence(input: DeepAgentsRunEvidenceInput): DeepAgentRunEvidence;
+export declare function mapDeepAgentsToolCallEvidence(input: DeepAgentsToolCallEvidenceInput): DeepAgentToolCallEvidence;
+export declare function mapMcpInvocationToDeepAgentsToolCallEvidence(invocation: McpRuntimeInvocation, descriptor: DeepAgentsCodeSddToolDescriptor, input: unknown, durationMs?: number): DeepAgentToolCallEvidence;
+export declare function mapDeepAgentsSubagentEvidence(input: DeepAgentsSubagentEvidenceInput): DeepAgentSubagentEvidence;
+export declare function mapDeepAgentsDecisionEvidence(input: DeepAgentsDecisionEvidenceInput): DeepAgentDecisionEvidence;
+export declare function mapDeepAgentsQualityEvidence(input: DeepAgentsQualityEvidenceInput): DeepAgentQualityEvidence;
+export declare function mapDeepAgentsEvidenceBundle(input: {
+    plan: DeepAgentsRunPlanInput;
+    run?: Omit<DeepAgentsRunEvidenceInput, 'adapter'>;
+    toolCalls?: DeepAgentsToolCallEvidenceInput[];
+    subagents?: DeepAgentsSubagentEvidenceInput[];
+    quality?: DeepAgentsQualityEvidenceInput;
+}): DeepAgentsMappedEvidence;
+export declare function stableEvidenceHash(value: unknown): string;
+//# sourceMappingURL=evidence-mapper.d.ts.map

package/dist/core/sdd/deepagents/evidence-mapper.js

@@ -0,0 +1,178 @@
+import { createHash } from 'node:crypto';
+import { deepagentDecisionEvidenceSchema, deepagentQualityEvidenceSchema, deepagentRunEvidenceSchema, deepagentRunPlanSchema, deepagentSubagentEvidenceSchema, deepagentToolCallEvidenceSchema, } from '../deepagent-contracts.js';
+export function mapDeepAgentsRunPlan(input) {
+    const adapter = input.adapter;
+    return deepagentRunPlanSchema.parse({
+        schema_version: 1,
+        contract: 'deepagent-run-plan/v1',
+        run_id: adapter.run_id,
+        feature_ref: adapter.feature_ref,
+        mode: adapter.mode,
+        tactical_steps: input.tacticalSteps && input.tacticalSteps.length > 0
+            ? input.tacticalSteps
+            : [
+                {
+                    id: `${adapter.feature_ref}-STEP-001`,
+                    title: 'Execute governed DeepAgents runtime step',
+                    objective: `Run ${adapter.mode} mode under CodeSDD policy gates.`,
+                },
+            ],
+        subagent_routing: input.subagentRouting ?? [],
+        required_approvals: input.requiredApprovals ?? adapter.policy.hitl.required_operations,
+        expected_tool_calls: input.expectedToolCalls ?? [],
+        write_manifest_preview: input.writeManifestPreview ??
+            adapter.policy.writes
+                .map((write) => write.relativePath)
+                .filter((relativePath) => Boolean(relativePath)),
+        validation_matrix: input.validationMatrix ?? [],
+        residual_risks: input.residualRisks ?? risksFromReasons(adapter.reasons),
+    });
+}
+export function mapDeepAgentsRunEvidence(input) {
+    const adapter = input.adapter;
+    const status = input.status ?? (adapter.status === 'ready' ? 'completed' : 'blocked');
+    return deepagentRunEvidenceSchema.parse({
+        schema_version: 1,
+        contract: 'deepagent-run-evidence/v1',
+        run_id: adapter.run_id,
+        feature_ref: adapter.feature_ref,
+        mode: adapter.mode,
+        status,
+        model_metadata: {
+            runtime: adapter.runtime,
+            readiness_status: adapter.readiness.status,
+            credential_present: adapter.readiness.credentialPresent,
+            policy_status: adapter.policy.status,
+            ...input.modelMetadata,
+        },
+        config_fingerprint: adapter.config_fingerprint,
+        plan_ref: input.planRef ?? `${adapter.run_id}:plan`,
+        artifacts: input.artifacts ?? [],
+        validations: input.validations ?? [],
+        decisions: input.decisions ?? [],
+        risks: input.risks ?? risksFromReasons([...adapter.reasons, ...adapter.policy.reasons]),
+        finalize_intent: input.finalizeIntent ?? false,
+    });
+}
+export function mapDeepAgentsToolCallEvidence(input) {
+    return deepagentToolCallEvidenceSchema.parse({
+        schema_version: 1,
+        contract: 'deepagent-tool-call-evidence/v1',
+        tool_name: input.toolName,
+        input_hash: stableEvidenceHash(input.input),
+        output_hash: stableEvidenceHash(input.output),
+        state_access_class: input.stateAccessClass,
+        policy_gate: input.policyGate,
+        hitl_decision: input.hitlDecision ?? 'none',
+        duration_ms: input.durationMs ?? 0,
+        result: input.result ?? 'ok',
+    });
+}
+export function mapMcpInvocationToDeepAgentsToolCallEvidence(invocation, descriptor, input, durationMs = 0) {
+    return mapDeepAgentsToolCallEvidence({
+        toolName: descriptor.name,
+        input,
+        output: invocation.result,
+        stateAccessClass: descriptor.state_access === 'read' ? 'read' : 'write',
+        policyGate: descriptor.policy_gate,
+        hitlDecision: descriptor.requires_human_approval ? 'respond' : 'none',
+        durationMs,
+        result: 'ok',
+    });
+}
+export function mapDeepAgentsSubagentEvidence(input) {
+    return deepagentSubagentEvidenceSchema.parse({
+        schema_version: 1,
+        contract: 'deepagent-subagent-evidence/v1',
+        subagent_name: input.subagentName,
+        prompt_purpose: input.promptPurpose,
+        tools_used: input.toolsUsed ?? [],
+        skills_used: input.skillsUsed ?? [],
+        inputs: input.inputs ?? {},
+        structured_output: input.structuredOutput ?? {},
+        confidence: input.confidence ?? 1,
+        risks: input.risks ?? [],
+    });
+}
+export function mapDeepAgentsDecisionEvidence(input) {
+    return deepagentDecisionEvidenceSchema.parse({
+        schema_version: 1,
+        contract: 'deepagent-decision-evidence/v1',
+        decision_point: input.decisionPoint,
+        alternatives: input.alternatives,
+        selected_option: input.selectedOption,
+        adr_required: input.adrRequired,
+        rationale: input.rationale,
+        approvals: input.approvals ?? [],
+    });
+}
+export function mapDeepAgentsQualityEvidence(input) {
+    return deepagentQualityEvidenceSchema.parse({
+        schema_version: 1,
+        contract: 'deepagent-quality-evidence/v1',
+        matrix: input.matrix,
+    });
+}
+export function mapDeepAgentsEvidenceBundle(input) {
+    const plan = mapDeepAgentsRunPlan(input.plan);
+    const decisions = input.run?.decisions ?? [];
+    return {
+        plan,
+        run: mapDeepAgentsRunEvidence({
+            adapter: input.plan.adapter,
+            planRef: `${plan.run_id}:plan`,
+            decisions,
+            ...input.run,
+        }),
+        tool_calls: (input.toolCalls ?? []).map(mapDeepAgentsToolCallEvidence),
+        subagents: (input.subagents ?? []).map(mapDeepAgentsSubagentEvidence),
+        quality: input.quality ? mapDeepAgentsQualityEvidence(input.quality) : undefined,
+    };
+}
+export function stableEvidenceHash(value) {
+    const sanitized = sanitizeSensitiveValue(value);
+    return createHash('sha256').update(JSON.stringify(normalizeForHash(sanitized))).digest('hex');
+}
+function risksFromReasons(reasons) {
+    return reasons
+        .filter((reason) => reason.trim().length > 0)
+        .map((reason, index) => ({
+        id: `deepagents-risk-${index + 1}`,
+        severity: 'medium',
+        summary: reason,
+        mitigation: 'Review CodeSDD policy evidence before promoting execution.',
+    }));
+}
+function normalizeForHash(value) {
+    if (Array.isArray(value)) {
+        return value.map((entry) => normalizeForHash(entry));
+    }
+    if (!value || typeof value !== 'object') {
+        return value;
+    }
+    const entries = Object.entries(value)
+        .filter(([, entryValue]) => typeof entryValue !== 'undefined')
+        .sort(([left], [right]) => left.localeCompare(right));
+    const normalized = {};
+    for (const [key, entryValue] of entries) {
+        normalized[key] = normalizeForHash(entryValue);
+    }
+    return normalized;
+}
+const SENSITIVE_KEY_TOKENS = ['key', 'secret', 'token', 'password', 'credential', 'private', 'auth'];
+function sanitizeSensitiveValue(value) {
+    if (Array.isArray(value)) {
+        return value.map((entry) => sanitizeSensitiveValue(entry));
+    }
+    if (!value || typeof value !== 'object') {
+        return value;
+    }
+    const sanitized = {};
+    for (const [key, entryValue] of Object.entries(value)) {
+        const normalizedKey = key.toLowerCase();
+        const sensitive = SENSITIVE_KEY_TOKENS.some((token) => normalizedKey.includes(token));
+        sanitized[key] = sensitive ? '[REDACTED]' : sanitizeSensitiveValue(entryValue);
+    }
+    return sanitized;
+}
+//# sourceMappingURL=evidence-mapper.js.map

package/dist/core/sdd/deepagents/model-provider.d.ts

@@ -0,0 +1,53 @@
+import type { BaseLanguageModel } from '@langchain/core/language_models/base';
+export type DeepAgentsModelProviderId = 'anthropic' | 'azure-ai' | 'azure-openai' | 'baseten' | 'cohere' | 'fireworks' | 'google' | 'google-genai' | 'grok' | 'kimi' | 'moonshot' | 'openai' | 'openai-compatible' | 'openrouter' | 'xai';
+export interface DeepAgentsModelRef {
+    raw: string;
+    provider: string;
+    model: string;
+}
+export interface DeepAgentsModelProviderProfile {
+    provider: DeepAgentsModelProviderId;
+    aliases: string[];
+    credentialEnvCandidates: string[];
+    endpointEnvCandidates: string[];
+    defaultDomains: string[];
+    defaultBaseUrl?: string;
+    endpointRequired: boolean;
+    materialization: 'pass-through' | 'azure-openai' | 'openai-compatible';
+}
+export interface DeepAgentsCredentialResolution {
+    candidates: string[];
+    credentialEnv?: string;
+    credentialPresent: boolean;
+    overrideUsed: boolean;
+}
+export interface DeepAgentsEndpointResolution {
+    candidates: string[];
+    endpointEnv?: string;
+    endpointPresent: boolean;
+    endpointValid: boolean;
+    endpointDomain?: string;
+    endpointRequired: boolean;
+}
+export interface DeepAgentsProviderResolution {
+    modelRef?: DeepAgentsModelRef;
+    profile?: DeepAgentsModelProviderProfile;
+    credential: DeepAgentsCredentialResolution;
+    endpoint: DeepAgentsEndpointResolution;
+    deploymentName?: string;
+    defaultDomains: string[];
+    reasons: string[];
+}
+export type DeepAgentsOpenAiRuntimeModule = {
+    ChatOpenAI: new (fields?: Record<string, unknown>) => BaseLanguageModel;
+    AzureChatOpenAI: new (fields?: Record<string, unknown>) => BaseLanguageModel;
+};
+export type DeepAgentsOpenAiImporter = () => Promise<DeepAgentsOpenAiRuntimeModule>;
+export declare const DEEPAGENTS_MODEL_PROVIDER_PROFILES: DeepAgentsModelProviderProfile[];
+export declare function parseDeepAgentsModelRef(model?: string): DeepAgentsModelRef | undefined;
+export declare function resolveDeepAgentsModelProvider(model: string | undefined, env?: NodeJS.ProcessEnv): DeepAgentsProviderResolution;
+export declare function requiredCredentialEnvForModel(model: string, env?: NodeJS.ProcessEnv): string | undefined;
+export declare function inferNetworkDomainsForModel(model: string | undefined, env?: NodeJS.ProcessEnv): string[];
+export declare function materializeDeepAgentsModel(model: string | undefined, env?: NodeJS.ProcessEnv, importer?: DeepAgentsOpenAiImporter): Promise<BaseLanguageModel | string | undefined>;
+export declare function findDeepAgentsModelProviderProfile(provider: string): DeepAgentsModelProviderProfile | undefined;
+//# sourceMappingURL=model-provider.d.ts.map