@devtrack-solution/codesdd 1.2.2 → 1.2.4-rc3

package/dist/core/sdd/quality-scenario-runner.js

@@ -0,0 +1,613 @@
+import { createHash } from 'node:crypto';
+import { pluginArtifactManifestSchema, } from './plugin-broker.js';
+import { pluginComplianceIndexSchema, pluginValidationManifestSchema, } from './plugin-evidence.js';
+import { parseQualityArchitectureSchema, parseQualityEvidenceBundle, parseQualityRun, parseQualityScenario, } from './quality-validation.js';
+const KNOWN_EVIDENCE_KEYS = new Set([
+    'artifact_manifest',
+    'validation_manifest',
+    'compliance_index',
+    'architecture_schema',
+    'filesystem_snapshot',
+    'import_graph',
+    'command_log',
+    'checksums',
+]);
+const WARNING_ONLY_PLUGIN_REF = {
+    id: 'codesdd-warning-only-runner',
+    version: '0.0.0',
+};
+export function runQualityScenarioWarningOnly(input) {
+    const scenario = parseQualityScenario(input.scenario);
+    const startedAt = toIsoTimestamp(input.startedAt ?? new Date());
+    const finishedAt = toIsoTimestamp(input.finishedAt ?? input.startedAt ?? new Date(startedAt));
+    const runId = input.runId ?? buildRunId(startedAt, scenario.id);
+    const featureRef = input.featureRef ?? scenario.feature_ref;
+    if (!featureRef) {
+        throw new Error(`Quality scenario ${scenario.id} must declare feature_ref or receive featureRef.`);
+    }
+    const artifactManifest = input.artifactManifest
+        ? pluginArtifactManifestSchema.parse(input.artifactManifest)
+        : undefined;
+    const validationManifest = input.validationManifest
+        ? pluginValidationManifestSchema.parse(input.validationManifest)
+        : undefined;
+    const complianceIndex = input.complianceIndex
+        ? pluginComplianceIndexSchema.parse(input.complianceIndex)
+        : undefined;
+    const architectureSchema = input.architectureResult?.schema
+        ? parseQualityArchitectureSchema(input.architectureResult.schema)
+        : undefined;
+    const reportRoot = `.sdd/reports/quality-runs/${runId}`;
+    const commandLogRef = `${reportRoot}/command-log.txt`;
+    const commandArgv = input.commandArgv ?? [
+        'codesdd',
+        'sdd',
+        'validate-quality',
+        '--scenario',
+        scenario.id,
+        '--warning-only',
+    ];
+    const findings = [
+        warningFinding({
+            code: 'QUALITY_WARNING_ONLY_RUNNER',
+            message: `Scenario ${scenario.id} was evaluated by the warning-only runner without plugin spawn, apply, or filesystem writes.`,
+            remediation: 'Review warnings and promote checks to enforced validation only after the baseline is accepted.',
+        }),
+    ];
+    collectArtifactManifestFindings({
+        scenario,
+        featureRef,
+        artifactManifest,
+        findings,
+    });
+    collectArchitectureFindings({
+        scenario,
+        architectureResult: input.architectureResult,
+        architectureSchema,
+        findings,
+    });
+    collectValidationFindings(validationManifest, findings);
+    collectComplianceFindings(complianceIndex, findings);
+    const syntheticEvidence = collectSyntheticEvidenceNeeds({
+        scenario,
+        artifactManifest,
+        validationManifest,
+        complianceIndex,
+        architectureSchema,
+        architectureResult: input.architectureResult,
+        findings,
+    });
+    const effectiveArtifactManifest = artifactManifest ?? (syntheticEvidence.artifact_manifest
+        ? buildSyntheticArtifactManifest({ scenario, featureRef, generatedAt: startedAt })
+        : undefined);
+    const effectiveValidationManifest = validationManifest ?? (syntheticEvidence.validation_manifest
+        ? buildSyntheticValidationManifest({
+            scenario,
+            featureRef,
+            generatedAt: startedAt,
+            artifactManifest: effectiveArtifactManifest,
+        })
+        : undefined);
+    const effectiveComplianceIndex = complianceIndex ?? (syntheticEvidence.compliance_index
+        ? buildSyntheticComplianceIndex({ scenario, featureRef, generatedAt: startedAt })
+        : undefined);
+    const effectiveArchitectureSchema = architectureSchema ?? (syntheticEvidence.architecture_schema
+        ? buildSyntheticArchitectureSchema(scenario)
+        : undefined);
+    const artifacts = buildRunArtifactRefs({
+        reportRoot,
+        scenario,
+        artifactManifest: effectiveArtifactManifest,
+        architectureResult: input.architectureResult,
+    });
+    const filesystemSnapshot = buildEvidenceFilesystemSnapshot({
+        reportRoot,
+        artifactManifest: effectiveArtifactManifest,
+        architectureResult: input.architectureResult,
+    });
+    const importGraph = buildEvidenceImportGraph({
+        architectureResult: input.architectureResult,
+        filesystemSnapshot,
+        scenario,
+    });
+    const checksums = buildEvidenceChecksums({
+        commandLogRef,
+        commandArgv,
+        artifactManifest: effectiveArtifactManifest,
+    });
+    const run = parseQualityRun({
+        schema_version: 1,
+        run_id: runId,
+        scenario_ref: scenario.id,
+        feature_ref: featureRef,
+        started_at: startedAt,
+        finished_at: finishedAt,
+        mode: scenario.mode,
+        status: 'warning',
+        plugin_ref: effectiveArtifactManifest
+            ? {
+                id: effectiveArtifactManifest.plugin_ref.id,
+                version: effectiveArtifactManifest.plugin_ref.version,
+                capability: effectiveArtifactManifest.capability,
+            }
+            : undefined,
+        command: {
+            argv: commandArgv,
+            cwd: input.cwd ?? '.',
+            env_keys: [],
+        },
+        schema_versions: {
+            scenario: String(scenario.schema_version),
+            run: '1',
+            evidence_bundle: '1',
+            artifact_manifest: effectiveArtifactManifest ? String(effectiveArtifactManifest.schema_version) : 'absent',
+            architecture_schema: effectiveArchitectureSchema ? String(effectiveArchitectureSchema.schema_version) : 'absent',
+        },
+        artifacts,
+        findings,
+        evidence_bundle_path: `${reportRoot}/evidence-bundle.yaml`,
+        metadata: {
+            warning_only: true,
+            spawned_process: false,
+            applied_changes: false,
+            synthetic_evidence: syntheticEvidence,
+            ...input.metadata,
+        },
+    });
+    const evidenceBundle = parseQualityEvidenceBundle({
+        schema_version: 1,
+        run,
+        scenario,
+        architecture_schema: effectiveArchitectureSchema,
+        artifact_manifest: effectiveArtifactManifest,
+        validation_manifest: effectiveValidationManifest,
+        compliance_index: effectiveComplianceIndex,
+        filesystem_snapshot: filesystemSnapshot,
+        import_graph: importGraph,
+        command_log_ref: commandLogRef,
+        exceptions: [],
+        checksums,
+    });
+    return {
+        run,
+        evidence_bundle: evidenceBundle,
+    };
+}
+function collectArtifactManifestFindings(input) {
+    const { scenario, featureRef, artifactManifest, findings } = input;
+    if (!artifactManifest) {
+        if (scenario.expected_artifacts.some((artifact) => artifact.required)) {
+            findings.push(warningFinding({
+                code: 'QUALITY_ARTIFACT_MANIFEST_MISSING',
+                message: `Scenario ${scenario.id} declares expected artifacts but no artifact manifest was provided.`,
+                remediation: 'Attach an artifact manifest from the dry-run/apply planning path before enforcing artifact gates.',
+            }));
+        }
+        return;
+    }
+    if (artifactManifest.feature_ref !== featureRef) {
+        findings.push(warningFinding({
+            code: 'QUALITY_ARTIFACT_FEATURE_MISMATCH',
+            message: `Artifact manifest feature_ref ${artifactManifest.feature_ref} does not match run feature_ref ${featureRef}.`,
+            remediation: 'Regenerate the artifact manifest for the same feature as the quality scenario.',
+        }));
+    }
+    if (artifactManifest.mode !== 'dry-run') {
+        findings.push(warningFinding({
+            code: 'QUALITY_ARTIFACT_MODE_NOT_DRY_RUN',
+            message: `Artifact manifest mode is ${artifactManifest.mode}; the warning-only runner did not execute apply.`,
+            remediation: 'Use dry-run artifact evidence for warning-only baselines, or review external apply evidence separately.',
+        }));
+    }
+    for (const validation of artifactManifest.validation_evidence) {
+        if (validation.status === 'passed')
+            continue;
+        findings.push(warningFinding({
+            code: `QUALITY_ARTIFACT_VALIDATION_${validation.status.toUpperCase().replace(/-/gu, '_')}`,
+            message: `Artifact manifest validation "${validation.command}" is ${validation.status}.`,
+            remediation: 'Run or replace pending/skipped/failed validation evidence before enabling hard gates.',
+        }));
+    }
+    const artifactPaths = artifactManifest.artifacts.map((artifact) => artifact.path);
+    for (const expectedArtifact of scenario.expected_artifacts) {
+        if (!expectedArtifact.required)
+            continue;
+        const matchingArtifacts = artifactManifest.artifacts.filter((artifact) => globToRegExp(expectedArtifact.path_pattern).test(normalizeRelativePath(artifact.path)));
+        if (matchingArtifacts.length === 0) {
+            findings.push(warningFinding({
+                code: 'QUALITY_EXPECTED_ARTIFACT_UNVERIFIED',
+                message: `No artifact manifest entry matched required pattern "${expectedArtifact.path_pattern}".`,
+                remediation: 'Add the generated artifact to the manifest or update the scenario expectation.',
+                path: expectedArtifact.path_pattern,
+            }));
+            continue;
+        }
+        if (expectedArtifact.checksum_required) {
+            for (const artifact of matchingArtifacts) {
+                if (!artifact.checksum_after) {
+                    findings.push(warningFinding({
+                        code: 'QUALITY_EXPECTED_CHECKSUM_MISSING',
+                        message: `Artifact "${artifact.path}" matched ${expectedArtifact.path_pattern} but has no checksum_after.`,
+                        remediation: 'Regenerate the artifact manifest with checksums before enforcing checksum gates.',
+                        path: artifact.path,
+                    }));
+                }
+            }
+        }
+    }
+    for (const artifactPath of artifactPaths) {
+        if (!isSafeRelativePath(normalizeRelativePath(artifactPath))) {
+            findings.push(warningFinding({
+                code: 'QUALITY_ARTIFACT_PATH_UNSAFE',
+                message: `Artifact path "${artifactPath}" is unsafe for project-relative evidence.`,
+                remediation: 'Use a project-relative artifact path without absolute roots or traversal segments.',
+                path: artifactPath,
+            }));
+        }
+    }
+}
+function collectArchitectureFindings(input) {
+    const { scenario, architectureResult, architectureSchema, findings } = input;
+    if (!architectureResult) {
+        if (scenario.required_evidence.includes('architecture_schema')) {
+            findings.push(warningFinding({
+                code: 'QUALITY_ARCHITECTURE_RESULT_MISSING',
+                message: `Scenario ${scenario.id} requires architecture evidence but no architecture result was provided.`,
+                remediation: 'Attach an architecture result before promoting the scenario to enforced validation.',
+            }));
+        }
+        return;
+    }
+    if (!architectureSchema && scenario.required_evidence.includes('architecture_schema')) {
+        findings.push(warningFinding({
+            code: 'QUALITY_ARCHITECTURE_SCHEMA_MISSING',
+            message: `Architecture result for ${scenario.id} did not include a schema.`,
+            remediation: 'Attach the architecture gateway schema used to evaluate this scenario.',
+        }));
+    }
+    if (architectureResult.status && architectureResult.status !== 'passed') {
+        findings.push(warningFinding({
+            code: 'QUALITY_ARCHITECTURE_RESULT_WARNING',
+            message: `Architecture result status is ${architectureResult.status}; warning-only mode recorded it without blocking.`,
+            remediation: 'Resolve architecture findings before switching this scenario to an enforced gate.',
+        }));
+    }
+    for (const finding of architectureResult.findings ?? []) {
+        findings.push(warningFinding({
+            code: normalizeIssueCode(finding.code),
+            message: finding.message,
+            remediation: finding.remediation ?? 'Resolve this architecture finding before enabling hard gates.',
+            path: finding.path,
+            gate_id: finding.gate_id,
+        }));
+    }
+}
+function collectValidationFindings(validationManifest, findings) {
+    if (!validationManifest)
+        return;
+    if (validationManifest.status !== 'passed') {
+        findings.push(warningFinding({
+            code: 'QUALITY_VALIDATION_MANIFEST_WARNING',
+            message: `Validation manifest status is ${validationManifest.status}.`,
+            remediation: 'Complete validation evidence before promoting the scenario to enforced gates.',
+        }));
+    }
+    for (const validation of validationManifest.validations) {
+        if (validation.status === 'passed')
+            continue;
+        findings.push(warningFinding({
+            code: `QUALITY_VALIDATION_${validation.status.toUpperCase().replace(/-/gu, '_')}`,
+            message: `Validation "${validation.command}" is ${validation.status}.`,
+            remediation: 'Run or replace pending/skipped/failed validation evidence before enabling hard gates.',
+        }));
+    }
+}
+function collectComplianceFindings(complianceIndex, findings) {
+    if (!complianceIndex)
+        return;
+    if (complianceIndex.decision !== 'compliant') {
+        findings.push(warningFinding({
+            code: 'QUALITY_COMPLIANCE_INDEX_WARNING',
+            message: `Compliance index decision is ${complianceIndex.decision} with score ${complianceIndex.score}.`,
+            remediation: 'Resolve compliance criteria before promoting the scenario to enforced gates.',
+        }));
+    }
+    for (const criterion of complianceIndex.criteria) {
+        if (criterion.status === 'pass')
+            continue;
+        findings.push(warningFinding({
+            code: normalizeIssueCode(`QUALITY_COMPLIANCE_${criterion.id}`),
+            message: `Compliance criterion "${criterion.label}" is ${criterion.status}.`,
+            remediation: 'Resolve this compliance criterion before enabling hard gates.',
+        }));
+    }
+}
+function collectSyntheticEvidenceNeeds(input) {
+    const syntheticEvidence = {};
+    for (const evidenceKey of input.scenario.required_evidence) {
+        if (!KNOWN_EVIDENCE_KEYS.has(evidenceKey))
+            continue;
+        const missing = evidenceKey === 'artifact_manifest' ? !input.artifactManifest
+            : evidenceKey === 'validation_manifest' ? !input.validationManifest
+                : evidenceKey === 'compliance_index' ? !input.complianceIndex
+                    : evidenceKey === 'architecture_schema' ? !input.architectureSchema
+                        : false;
+        if (!missing)
+            continue;
+        syntheticEvidence[evidenceKey] = true;
+        input.findings.push(warningFinding({
+            code: normalizeIssueCode(`QUALITY_${evidenceKey}_SYNTHETIC`),
+            message: `Required evidence "${evidenceKey}" was not supplied; warning-only mode attached a synthetic placeholder.`,
+            remediation: `Provide real ${evidenceKey} evidence before enforcing this quality scenario.`,
+        }));
+    }
+    if (input.scenario.required_evidence.includes('import_graph')) {
+        const graph = input.architectureResult?.import_graph;
+        if (!graph || (graph.nodes.length === 0 && graph.edges.length === 0)) {
+            syntheticEvidence.import_graph = true;
+            input.findings.push(warningFinding({
+                code: 'QUALITY_IMPORT_GRAPH_SYNTHETIC',
+                message: 'Required import_graph evidence was not supplied; warning-only mode derived a minimal graph.',
+                remediation: 'Provide a real import graph before enforcing architecture or dependency gates.',
+            }));
+        }
+    }
+    if (input.scenario.required_evidence.includes('checksums')) {
+        const hasManifestChecksum = input.artifactManifest?.artifacts.some((artifact) => Boolean(artifact.checksum_after));
+        if (!hasManifestChecksum) {
+            syntheticEvidence.checksums = true;
+            input.findings.push(warningFinding({
+                code: 'QUALITY_CHECKSUMS_SYNTHETIC',
+                message: 'Required checksum evidence was not supplied; warning-only mode checksummed the command log reference.',
+                remediation: 'Provide artifact checksums before enforcing checksum gates.',
+            }));
+        }
+    }
+    return syntheticEvidence;
+}
+function buildRunArtifactRefs(input) {
+    const refs = new Set([
+        `${input.reportRoot}/run.json`,
+        `${input.reportRoot}/evidence-bundle.yaml`,
+        `${input.reportRoot}/command-log.txt`,
+    ]);
+    for (const artifact of input.artifactManifest?.artifacts ?? []) {
+        const normalized = normalizeRelativePath(artifact.path);
+        if (isSafeRelativePath(normalized))
+            refs.add(normalized);
+    }
+    for (const artifact of input.architectureResult?.artifacts ?? []) {
+        const normalized = normalizeRelativePath(artifact);
+        if (isSafeRelativePath(normalized))
+            refs.add(normalized);
+    }
+    for (const evidenceKey of input.scenario.required_evidence) {
+        if (!KNOWN_EVIDENCE_KEYS.has(evidenceKey)) {
+            refs.add(`${input.reportRoot}/${slugify(evidenceKey)}.txt`);
+        }
+    }
+    return [...refs];
+}
+function buildEvidenceFilesystemSnapshot(input) {
+    const byPath = new Map();
+    for (const file of input.architectureResult?.filesystem_snapshot?.files ?? []) {
+        const normalized = normalizeRelativePath(file.path);
+        if (isSafeRelativePath(normalized)) {
+            byPath.set(normalized, {
+                ...file,
+                path: normalized,
+            });
+        }
+    }
+    for (const artifact of input.artifactManifest?.artifacts ?? []) {
+        const normalized = normalizeRelativePath(artifact.path);
+        if (isSafeRelativePath(normalized) && artifact.operation !== 'deleted') {
+            byPath.set(normalized, {
+                path: normalized,
+                size_bytes: 0,
+                sha256: artifact.checksum_after,
+            });
+        }
+    }
+    for (const reportPath of [
+        `${input.reportRoot}/run.json`,
+        `${input.reportRoot}/evidence-bundle.yaml`,
+        `${input.reportRoot}/command-log.txt`,
+    ]) {
+        byPath.set(reportPath, {
+            path: reportPath,
+            size_bytes: 0,
+        });
+    }
+    return {
+        root: '.',
+        files: [...byPath.values()],
+    };
+}
+function buildEvidenceImportGraph(input) {
+    const graph = input.architectureResult?.import_graph;
+    if (graph && (graph.nodes.length > 0 || graph.edges.length > 0)) {
+        return graph;
+    }
+    const nodes = new Set();
+    if (input.scenario.input.fixture_path) {
+        nodes.add(input.scenario.input.fixture_path);
+    }
+    for (const file of input.filesystemSnapshot.files.slice(0, 10)) {
+        nodes.add(file.path);
+    }
+    return {
+        nodes: [...nodes],
+        edges: [],
+    };
+}
+function buildEvidenceChecksums(input) {
+    const checksums = new Map();
+    checksums.set(input.commandLogRef, sha256(input.commandArgv.join('\n')));
+    for (const artifact of input.artifactManifest?.artifacts ?? []) {
+        const normalized = normalizeRelativePath(artifact.path);
+        if (artifact.checksum_after && isSafeRelativePath(normalized)) {
+            checksums.set(normalized, artifact.checksum_after);
+        }
+    }
+    return [...checksums.entries()].map(([path, checksum]) => ({
+        path,
+        sha256: checksum,
+    }));
+}
+function buildSyntheticArtifactManifest(input) {
+    return pluginArtifactManifestSchema.parse({
+        schema_version: 1,
+        operation_id: syntheticOperationId(input.scenario),
+        generated_at: input.generatedAt,
+        feature_ref: input.featureRef,
+        plugin_ref: WARNING_ONLY_PLUGIN_REF,
+        capability: 'quality.scenario.warning-only',
+        mode: 'dry-run',
+        status: 'planned',
+        artifacts: [],
+        validation_evidence: [],
+    });
+}
+function buildSyntheticValidationManifest(input) {
+    return pluginValidationManifestSchema.parse({
+        schema_version: 1,
+        operation_id: input.artifactManifest?.operation_id ?? syntheticOperationId(input.scenario),
+        generated_at: input.generatedAt,
+        feature_ref: input.featureRef,
+        plugin_ref: input.artifactManifest?.plugin_ref ?? WARNING_ONLY_PLUGIN_REF,
+        capability: input.artifactManifest?.capability ?? 'quality.scenario.warning-only',
+        status: 'partial',
+        validations: [],
+    });
+}
+function buildSyntheticComplianceIndex(input) {
+    return pluginComplianceIndexSchema.parse({
+        schema_version: 1,
+        generated_at: input.generatedAt,
+        feature_ref: input.featureRef,
+        operation_id: syntheticOperationId(input.scenario),
+        plugin_ref: WARNING_ONLY_PLUGIN_REF,
+        capability: 'quality.scenario.warning-only',
+        score: 0,
+        decision: 'warning',
+        criteria: [
+            {
+                id: 'warning-only-baseline',
+                label: 'Warning-only baseline',
+                status: 'warn',
+                score: 0,
+                max_score: 1,
+                evidence: 'Synthetic compliance evidence recorded by warning-only quality scenario runner.',
+                issues: ['QUALITY_COMPLIANCE_INDEX_SYNTHETIC'],
+            },
+        ],
+        evidence_refs: [`quality:${input.scenario.id}`],
+    });
+}
+function buildSyntheticArchitectureSchema(scenario) {
+    return parseQualityArchitectureSchema({
+        schema_version: 1,
+        id: `ARCH-GATE-${slugify(scenario.id)}`,
+        title: `${scenario.title} warning-only architecture baseline`,
+        stack: 'warning-only',
+        authority: scenario.authority,
+        applies_to: {},
+        layers: {
+            baseline: {
+                path_patterns: ['**/*'],
+                allowed_file_patterns: [],
+                forbidden_file_patterns: [],
+                allowed_imports: [],
+                forbidden_imports: [],
+                required_evidence: ['warning-only'],
+            },
+        },
+        exceptions: {
+            require_adr: false,
+            require_expiration: false,
+            allowed_refs: [],
+        },
+        update_policy: {
+            owner: 'codesdd-quality-runner',
+            review_trigger: 'Replace synthetic warning-only architecture evidence before enforcing gates.',
+        },
+    });
+}
+function warningFinding(input) {
+    return {
+        code: normalizeIssueCode(input.code),
+        severity: 'warn',
+        message: input.message,
+        remediation: input.remediation,
+        path: input.path && isSafeRelativePath(normalizeRelativePath(input.path))
+            ? normalizeRelativePath(input.path)
+            : undefined,
+        gate_id: input.gate_id,
+    };
+}
+function buildRunId(startedAt, scenarioId) {
+    const timestamp = startedAt
+        .replace(/[-:]/gu, '')
+        .replace(/\.\d{3}Z$/u, 'z')
+        .replace('T', 't');
+    return `qrun-${timestamp}-${slugify(scenarioId)}`;
+}
+function toIsoTimestamp(value) {
+    return value instanceof Date ? value.toISOString() : new Date(value).toISOString();
+}
+function syntheticOperationId(scenario) {
+    return `quality-${slugify(scenario.id)}`;
+}
+function normalizeIssueCode(value) {
+    const normalized = value
+        .trim()
+        .replace(/[^A-Za-z0-9]+/gu, '_')
+        .replace(/^_+|_+$/gu, '')
+        .toUpperCase();
+    return normalized || 'QUALITY_WARNING';
+}
+function normalizeRelativePath(value) {
+    return value.replace(/\\/gu, '/').replace(/^\.\//u, '');
+}
+function isSafeRelativePath(value) {
+    return Boolean(value)
+        && !value.startsWith('/')
+        && !/^[A-Za-z]:[\\/]/u.test(value)
+        && !value.split('/').some((segment) => segment === '..');
+}
+function globToRegExp(pattern) {
+    const normalized = normalizeRelativePath(pattern);
+    let source = '';
+    for (let index = 0; index < normalized.length; index += 1) {
+        const char = normalized[index];
+        const next = normalized[index + 1];
+        if (char === '*' && next === '*') {
+            source += '.*';
+            index += 1;
+            continue;
+        }
+        if (char === '*') {
+            source += '[^/]*';
+            continue;
+        }
+        source += escapeRegExp(char);
+    }
+    return new RegExp(`^${source}$`, 'u');
+}
+function escapeRegExp(value) {
+    return value.replace(/[|\\{}()[\]^$+?.]/gu, '\\$&');
+}
+function slugify(value) {
+    const slug = value
+        .toLowerCase()
+        .replace(/[^a-z0-9]+/gu, '-')
+        .replace(/^-+|-+$/gu, '');
+    return slug || 'quality';
+}
+function sha256(value) {
+    const hash = createHash('sha256');
+    hash.update(value);
+    return hash.digest('hex');
+}
+//# sourceMappingURL=quality-scenario-runner.js.map