@devtrack-solution/codesdd 1.2.4-rc3 → 1.2.4

package/dist/core/sdd/release-readiness.d.ts

@@ -2,18 +2,67 @@ export type ReleaseReadinessStatus = 'ready' | 'warning' | 'blocked';
 export interface ReleaseReadinessCheck {
     id: string;
     status: 'pass' | 'warn' | 'fail';
+    classification?: ReleaseReadinessClassification;
+    owner?: string;
+    delta?: string;
+    next_action?: string;
+    history?: string[];
+    exception?: ReleaseReadinessExceptionState;
     summary: string;
     evidence?: string;
 }
+export type ReleaseReadinessClassification = 'passed' | 'failed' | 'excepted' | 'follow_up' | 'not_applicable';
+export interface ReleaseReadinessExceptionState {
+    status: 'none' | 'active' | 'stale';
+    source?: string;
+    scope?: string;
+    reason?: string;
+    accepted_risk?: string;
+    compensating_control?: string;
+    review_deadline?: string;
+    approver?: string;
+}
 export interface ReleaseReadinessReport {
     schema_version: 1;
     status: ReleaseReadinessStatus;
     generated_at: string;
+    blocker_classification: Array<{
+        check_id: string;
+        classification: ReleaseReadinessClassification;
+        owner: string;
+        next_action: string;
+        stale_exception: boolean;
+    }>;
     blockers: string[];
     warnings: string[];
     checks: ReleaseReadinessCheck[];
+    handoff_sections: ReleaseReadinessHandoffSection[];
     ci_parity_commands: string[];
 }
+export type ReleaseReadinessHandoffSectionId = 'governance' | 'tests' | 'release_readiness' | 'git_cleanliness' | 'runtime_env';
+export interface ReleaseReadinessHandoffSection {
+    id: ReleaseReadinessHandoffSectionId;
+    title: string;
+    status: ReleaseReadinessStatus;
+    owner: string;
+    next_action: string;
+    checks: ReleaseReadinessCheck[];
+    evidence: {
+        json_snapshot: {
+            section_id: ReleaseReadinessHandoffSectionId;
+            status: ReleaseReadinessStatus;
+            checks: Array<{
+                id: string;
+                status: ReleaseReadinessCheck['status'];
+                classification: ReleaseReadinessClassification;
+                owner: string;
+                next_action: string;
+                evidence?: string;
+            }>;
+        };
+        human_snapshot: string[];
+    };
+}
 export declare function evaluateReleaseReadiness(projectRoot: string): Promise<ReleaseReadinessReport>;
 export declare function formatReleaseReadinessReport(report: ReleaseReadinessReport): string;
 //# sourceMappingURL=release-readiness.d.ts.map

package/dist/core/sdd/release-readiness.js

@@ -3,6 +3,7 @@ import { promises as fs } from 'node:fs';
 import { execFile } from 'node:child_process';
 import path from 'node:path';
 import { promisify } from 'node:util';
+import { parse as parseYaml } from 'yaml';
 import { SddCheckCommand } from './check.js';
 import { loadProjectSddConfig, loadStateSnapshot, resolveSddPaths, } from './state.js';
 import { evaluatePackageSecurityGates } from './package-security-gates.js';
@@ -32,6 +33,76 @@ const REQUIRED_SCHEMA_FILES = [
     'agent-runtime-opencode-run-evidence.schema.json',
 ];
 const COVERAGE_TARGET_PERCENT = 95;
+const CHECK_OWNERS = {
+    'sdd-health': 'codesdd/governance',
+    'active-features': 'codesdd/workspace',
+    'package-metadata': 'release/maintainers',
+    'release-scripts': 'ci/release',
+    'git-working-tree': 'operator/worktree',
+    'coverage-evidence': 'quality/owner',
+    'npmrc-secret-boundary': 'security/owner',
+    'package-security-gates': 'security/owner',
+    'provenance-sbom': 'release/security',
+    'tarball-smoke-rollback': 'release/operations',
+    'schema-artifacts': 'codesdd/schemas',
+    'release-docs': 'docs/release',
+};
+const CHECK_NEXT_ACTIONS = {
+    'sdd-health': 'Run `codesdd sdd check --render --strict` and fix listed blockers.',
+    'active-features': 'Finalize active FEAT workspaces with `codesdd sdd finalize --ref <FEAT-ID>`.',
+    'package-metadata': 'Align `package.json` name/license/bin to canonical release values.',
+    'release-scripts': 'Add missing scripts to `package.json` and rerun CI parity commands.',
+    'git-working-tree': 'Commit or clean non-release changes before running strict readiness.',
+    'coverage-evidence': 'Generate touched-scope coverage (`coverage/coverage-final.json`) at or above 95%.',
+    'npmrc-secret-boundary': 'Remove project-local `.npmrc` and keep it ignored by `.gitignore`.',
+    'package-security-gates': 'Fix package allowlist or secret-scan findings and rerun readiness.',
+    'provenance-sbom': 'Restore provenance/SBOM workflow, script and documentation evidence.',
+    'tarball-smoke-rollback': 'Restore CI tarball smoke and rollback documentation evidence.',
+    'schema-artifacts': 'Regenerate/export required files under `schemas/sdd`.',
+    'release-docs': 'Add missing `docs/release.md`, `docs/security.md` or `README.md`.',
+};
+const CHECK_DELTAS = {
+    'sdd-health': 'Canonical SDD check integrity for strict release gate.',
+    'active-features': 'No unfinished feature workspace can leak into release.',
+    'package-metadata': 'Canonical package identity and executable entrypoint.',
+    'release-scripts': 'Release scripts required for CI parity order are present.',
+    'git-working-tree': 'Release runs from a reproducible, inspectable repository state.',
+    'coverage-evidence': 'Touched source scope has measurable coverage at release threshold.',
+    'npmrc-secret-boundary': 'Project tree cannot carry local npm credentials.',
+    'package-security-gates': 'Package and secret scans must remain blocking.',
+    'provenance-sbom': 'Trusted publishing provenance and SBOM are verifiable.',
+    'tarball-smoke-rollback': 'Tarball smoke and rollback steps are executable and documented.',
+    'schema-artifacts': 'Required schema artifacts are present for consumers.',
+    'release-docs': 'Operator release and security docs are available.',
+};
+const SECTION_LABELS = {
+    governance: 'Governance',
+    tests: 'Tests',
+    release_readiness: 'Release Readiness',
+    git_cleanliness: 'Git Cleanliness',
+    runtime_env: 'Runtime Env',
+};
+const SECTION_ORDER = [
+    'governance',
+    'tests',
+    'release_readiness',
+    'git_cleanliness',
+    'runtime_env',
+];
+const CHECK_SECTION_MAP = {
+    'sdd-health': 'governance',
+    'active-features': 'governance',
+    'schema-artifacts': 'governance',
+    'release-docs': 'governance',
+    'coverage-evidence': 'tests',
+    'release-scripts': 'release_readiness',
+    'package-security-gates': 'release_readiness',
+    'provenance-sbom': 'release_readiness',
+    'tarball-smoke-rollback': 'release_readiness',
+    'git-working-tree': 'git_cleanliness',
+    'npmrc-secret-boundary': 'git_cleanliness',
+    'package-metadata': 'runtime_env',
+};
 export async function evaluateReleaseReadiness(projectRoot) {
     const checks = [];
     const packageJson = await readPackageJson(projectRoot);
@@ -77,19 +148,41 @@ export async function evaluateReleaseReadiness(projectRoot) {
     checks.push(await evaluateTarballSmokeAndRollback(projectRoot, packageJson));
     checks.push(await evaluateSchemaArtifacts(projectRoot));
     checks.push(await evaluateReleaseDocs(projectRoot));
+    const exceptionLedger = await loadReleaseExceptionLedger(projectRoot, checks.map((check) => check.id));
+    for (const check of checks) {
+        const exceptionState = exceptionLedger.get(check.id) ?? { status: 'none' };
+        const classification = classifyCheck(check.status, exceptionState);
+        check.classification = classification;
+        check.owner = CHECK_OWNERS[check.id] ?? 'codesdd/owner';
+        check.delta = CHECK_DELTAS[check.id] ?? 'Release gate contract delta not documented.';
+        check.next_action = CHECK_NEXT_ACTIONS[check.id] ?? 'Review gate output and remediate before release.';
+        check.exception = exceptionState;
+        check.history = buildCheckHistory(check, exceptionState);
+    }
     const blockers = checks
-        .filter((check) => check.status === 'fail')
-        .map((check) => `${check.id}: ${check.summary}${check.evidence ? ` (${check.evidence})` : ''}`);
+        .filter((check) => check.classification === 'failed')
+        .map((check) => `${check.id}: ${check.summary}${check.evidence ? ` (${check.evidence})` : ''} [owner=${check.owner}; next=${check.next_action}]`);
     const warnings = checks
-        .filter((check) => check.status === 'warn')
-        .map((check) => `${check.id}: ${check.summary}${check.evidence ? ` (${check.evidence})` : ''}`);
+        .filter((check) => check.classification === 'follow_up' || check.classification === 'excepted')
+        .map((check) => `${check.id}: ${check.summary}${check.evidence ? ` (${check.evidence})` : ''} [classification=${check.classification}; next=${check.next_action}]`);
+    const handoffSections = buildHandoffSections(checks);
     return {
         schema_version: 1,
         status: blockers.length > 0 ? 'blocked' : warnings.length > 0 ? 'warning' : 'ready',
         generated_at: new Date().toISOString(),
+        blocker_classification: checks
+            .filter((check) => check.classification === 'failed' || check.classification === 'excepted')
+            .map((check) => ({
+            check_id: check.id,
+            classification: check.classification ?? 'failed',
+            owner: check.owner ?? 'codesdd/owner',
+            next_action: check.next_action ?? 'Review gate output and remediate before release.',
+            stale_exception: check.exception?.status === 'stale',
+        })),
         blockers,
         warnings,
         checks,
+        handoff_sections: handoffSections,
         ci_parity_commands: CI_PARITY_COMMANDS,
     };
 }
@@ -137,14 +230,22 @@ async function evaluateCoverageEvidence(projectRoot) {
     try {
         const coverage = JSON.parse(await fs.readFile(coveragePath, 'utf-8'));
         const changedSourceScope = await listChangedSourceScope(projectRoot);
-        const touchedCoverage = summarizeCoverage(coverage, projectRoot, changedSourceScope);
         const globalCoverage = summarizeCoverage(coverage, projectRoot);
-        const failingMetrics = ['statements', 'lines', 'functions'].filter((metric) => touchedCoverage[metric].percent < COVERAGE_TARGET_PERCENT);
         const branchDisposition = globalCoverage.branches.percent < COVERAGE_TARGET_PERCENT
             ? `; global branches ${globalCoverage.branches.percent}% tracked as ratchet`
             : '';
+        if (changedSourceScope.size === 0) {
+            return {
+                id: 'coverage-evidence',
+                status: 'pass',
+                summary: 'Coverage evidence is present; no touched source scope detected for threshold gating.',
+                evidence: `no-touched-source; global statements ${globalCoverage.statements.percent}%, lines ${globalCoverage.lines.percent}%, functions ${globalCoverage.functions.percent}%${branchDisposition}`,
+            };
+        }
+        const touchedCoverage = summarizeCoverage(coverage, projectRoot, changedSourceScope);
+        const failingMetrics = ['statements', 'lines', 'functions'].filter((metric) => touchedCoverage[metric].percent < COVERAGE_TARGET_PERCENT);
         const scopeFiles = [...changedSourceScope.keys()].sort();
-        const scope = scopeFiles.length > 0 ? `touched:${scopeFiles.join(',')}` : 'global:src';
+        const scope = `touched:${scopeFiles.join(',')}`;
         return {
             id: 'coverage-evidence',
             status: failingMetrics.length === 0 ? 'pass' : 'fail',
@@ -165,6 +266,21 @@ async function evaluateCoverageEvidence(projectRoot) {
 }
 export function formatReleaseReadinessReport(report) {
     const lines = [`Release readiness: ${report.status}`, `Generated at: ${report.generated_at}`];
+    if (report.handoff_sections.length > 0) {
+        lines.push('Executable handoff sections:');
+        for (const section of report.handoff_sections) {
+            lines.push(`- [${section.id}] ${section.title}: ${section.status} (owner=${section.owner}; next=${section.next_action})`);
+            for (const snapshotLine of section.evidence.human_snapshot) {
+                lines.push(`  ${snapshotLine}`);
+            }
+        }
+    }
+    if (report.blocker_classification.length > 0) {
+        lines.push('Blocker classification:');
+        for (const blocker of report.blocker_classification) {
+            lines.push(`- ${blocker.check_id}: ${blocker.classification} (owner=${blocker.owner}; stale_exception=${blocker.stale_exception ? 'yes' : 'no'}; next=${blocker.next_action})`);
+        }
+    }
     if (report.blockers.length > 0) {
         lines.push('Blockers:');
         for (const blocker of report.blockers)
@@ -177,13 +293,192 @@ export function formatReleaseReadinessReport(report) {
     }
     lines.push('Checks:');
     for (const check of report.checks) {
-        lines.push(`- ${check.id}: ${check.status} - ${check.summary}${check.evidence ? ` (${check.evidence})` : ''}`);
+        lines.push(`- ${check.id}: ${check.status}/${check.classification ?? 'passed'} - ${check.summary}${check.evidence ? ` (${check.evidence})` : ''}${check.next_action ? ` [next=${check.next_action}]` : ''}`);
     }
     lines.push('CI parity commands:');
     for (const command of report.ci_parity_commands)
         lines.push(`- ${command}`);
     return lines.join('\n');
 }
+function classifyCheck(status, exceptionState) {
+    if (status === 'pass')
+        return 'passed';
+    if (exceptionState.status === 'active')
+        return 'excepted';
+    if (status === 'warn')
+        return 'follow_up';
+    return 'failed';
+}
+function buildHandoffSections(checks) {
+    return SECTION_ORDER.map((sectionId) => {
+        const sectionChecks = checks.filter((check) => {
+            const mapped = CHECK_SECTION_MAP[check.id];
+            return mapped ? mapped === sectionId : sectionId === 'release_readiness';
+        });
+        const status = summarizeSectionStatus(sectionChecks);
+        const actionableCheck = sectionChecks.find((check) => check.classification === 'failed')
+            ?? sectionChecks.find((check) => check.classification === 'excepted' || check.classification === 'follow_up')
+            ?? sectionChecks[0];
+        const owner = actionableCheck?.owner ?? 'codesdd/owner';
+        const nextAction = actionableCheck?.next_action ?? 'No pending action.';
+        const jsonSnapshotChecks = sectionChecks.map((check) => ({
+            id: check.id,
+            status: check.status,
+            classification: check.classification ?? 'passed',
+            owner: check.owner ?? 'codesdd/owner',
+            next_action: check.next_action ?? 'Review gate output and remediate before release.',
+            evidence: check.evidence,
+        }));
+        const humanSnapshot = sectionChecks.map((check) => `- ${check.id}: ${check.status}/${check.classification ?? 'passed'} (owner=${check.owner ?? 'codesdd/owner'}; next=${check.next_action ?? 'Review gate output and remediate before release.'})`);
+        return {
+            id: sectionId,
+            title: SECTION_LABELS[sectionId],
+            status,
+            owner,
+            next_action: nextAction,
+            checks: sectionChecks,
+            evidence: {
+                json_snapshot: {
+                    section_id: sectionId,
+                    status,
+                    checks: jsonSnapshotChecks,
+                },
+                human_snapshot: humanSnapshot,
+            },
+        };
+    });
+}
+function summarizeSectionStatus(checks) {
+    if (checks.some((check) => check.classification === 'failed'))
+        return 'blocked';
+    if (checks.some((check) => check.classification === 'excepted' || check.classification === 'follow_up')) {
+        return 'warning';
+    }
+    return 'ready';
+}
+function buildCheckHistory(check, exceptionState) {
+    const history = [`check:${check.status}`];
+    if (check.classification) {
+        history.push(`classification:${check.classification}`);
+    }
+    if (exceptionState.status === 'active') {
+        history.push('exception:active');
+        if (exceptionState.review_deadline) {
+            history.push(`exception-review-deadline:${exceptionState.review_deadline}`);
+        }
+    }
+    else if (exceptionState.status === 'stale') {
+        history.push('exception:stale-reblocked');
+        if (exceptionState.review_deadline) {
+            history.push(`exception-expired:${exceptionState.review_deadline}`);
+        }
+    }
+    return history;
+}
+async function loadReleaseExceptionLedger(projectRoot, knownCheckIds) {
+    const ledger = new Map();
+    for (const area of ['active', 'planned']) {
+        const areaRoot = path.join(projectRoot, '.sdd', area);
+        if (!existsSync(areaRoot))
+            continue;
+        const features = await fs.readdir(areaRoot, { withFileTypes: true }).catch(() => []);
+        for (const feature of features) {
+            if (!feature.isDirectory())
+                continue;
+            const qualityPath = path.join(areaRoot, feature.name, '5-quality.yaml');
+            if (!existsSync(qualityPath))
+                continue;
+            const entries = await readQualityExceptionEntries(qualityPath, knownCheckIds);
+            for (const [checkId, entry] of entries) {
+                const previous = ledger.get(checkId);
+                if (!previous || (previous.status !== 'stale' && entry.status === 'stale')) {
+                    ledger.set(checkId, {
+                        status: entry.status,
+                        source: entry.source,
+                        scope: entry.scope,
+                        reason: entry.reason,
+                        accepted_risk: entry.accepted_risk,
+                        compensating_control: entry.compensating_control,
+                        review_deadline: entry.review_deadline,
+                        approver: entry.approver,
+                    });
+                }
+            }
+        }
+    }
+    return ledger;
+}
+async function readQualityExceptionEntries(qualityPath, knownCheckIds) {
+    const byCheck = new Map();
+    const raw = await fs.readFile(qualityPath, 'utf-8').catch(() => '');
+    if (!raw.trim())
+        return byCheck;
+    const parsed = parseYaml(raw);
+    const exceptions = Array.isArray(parsed?.exceptions) ? parsed.exceptions : [];
+    for (const exception of exceptions) {
+        if (!exception || typeof exception !== 'object')
+            continue;
+        const entry = exception;
+        const checkIds = resolveExceptionCheckIds(entry, knownCheckIds);
+        if (checkIds.length === 0)
+            continue;
+        const reviewDeadline = readString(entry.review_deadline)
+            ?? readString(entry.deadline)
+            ?? readString(entry.expires_at)
+            ?? readString(entry.expires_on);
+        const stale = isDeadlineStale(reviewDeadline);
+        const normalized = {
+            status: stale ? 'stale' : 'active',
+            source: qualityPath,
+            scope: readString(entry.scope),
+            reason: readString(entry.reason),
+            accepted_risk: readString(entry.accepted_risk),
+            compensating_control: readString(entry.compensating_control),
+            review_deadline: reviewDeadline,
+            approver: readString(entry.approver),
+        };
+        for (const checkId of checkIds) {
+            byCheck.set(checkId, normalized);
+        }
+    }
+    return byCheck;
+}
+function resolveExceptionCheckIds(entry, knownCheckIds) {
+    const explicit = [
+        ...readStringArray(entry.check_ids),
+        ...readStringArray(entry.check_id),
+        ...readStringArray(entry.release_check_ids),
+        ...readStringArray(entry.release_check_id),
+    ];
+    if (explicit.length > 0) {
+        return explicit.filter((value) => knownCheckIds.includes(value));
+    }
+    const scope = readString(entry.scope);
+    if (!scope)
+        return [];
+    const normalizedScope = scope.toLowerCase();
+    return knownCheckIds.filter((checkId) => normalizedScope.includes(checkId.toLowerCase()));
+}
+function readString(value) {
+    return typeof value === 'string' && value.trim().length > 0 ? value.trim() : undefined;
+}
+function readStringArray(value) {
+    if (Array.isArray(value)) {
+        return value.flatMap((entry) => (typeof entry === 'string' && entry.trim().length > 0 ? [entry.trim()] : []));
+    }
+    if (typeof value === 'string' && value.trim().length > 0) {
+        return [value.trim()];
+    }
+    return [];
+}
+function isDeadlineStale(reviewDeadline) {
+    if (!reviewDeadline)
+        return false;
+    const parsed = Date.parse(reviewDeadline);
+    if (Number.isNaN(parsed))
+        return false;
+    return parsed < Date.now();
+}
 async function readPackageJson(projectRoot) {
     const content = await fs.readFile(path.join(projectRoot, 'package.json'), 'utf-8');
     return JSON.parse(content);

package/dist/core/sdd/reversa-architecture-extractor.d.ts

@@ -0,0 +1,13 @@
+import type { ReversaEvidenceBundle } from './reversa-evidence.js';
+export interface ReversaArchitectureSource {
+    path: string;
+    content: string;
+}
+export interface BuildReversaArchitectureMapInput {
+    featureRef: string;
+    operationId: string;
+    generatedAt: string;
+    sources: ReversaArchitectureSource[];
+}
+export declare function buildReversaArchitectureMap(input: BuildReversaArchitectureMapInput): ReversaEvidenceBundle;
+//# sourceMappingURL=reversa-architecture-extractor.d.ts.map

package/dist/core/sdd/reversa-architecture-extractor.js

@@ -0,0 +1,89 @@
+import { attestReversaSource } from './reversa-source-safety.js';
+export function buildReversaArchitectureMap(input) {
+    const accepted = input.sources
+        .map((source) => ({ source, attestation: attestReversaSource({ sourcePath: source.path, content: source.content }) }))
+        .filter((entry) => entry.attestation.status === 'accepted' && entry.attestation.attestation);
+    const blockedCount = input.sources.length - accepted.length;
+    const modules = accepted.flatMap(({ source, attestation }) => scanModules(attestation.normalized_path, source.content));
+    const dependencies = accepted.flatMap(({ source, attestation }) => scanDependencies(attestation.normalized_path, source.content));
+    const findings = [];
+    if (modules.length > 0) {
+        findings.push({
+            id: 'REV-FIND-ARCH-MODULES',
+            phase: 'architecture',
+            title: 'Architecture modules',
+            summary: `Detected ${modules.length} module or class boundaries.`,
+            confidence: 'medium',
+            source_refs: unique(modules.map((entry) => entry.source_ref)),
+            contradiction_refs: [],
+            promoted_refs: [],
+            metadata: { modules },
+        });
+    }
+    if (dependencies.length > 0) {
+        findings.push({
+            id: 'REV-FIND-ARCH-DEPENDENCIES',
+            phase: 'architecture',
+            title: 'Dependency imports',
+            summary: `Detected ${dependencies.length} import or require dependencies.`,
+            confidence: 'medium',
+            source_refs: unique(dependencies.map((entry) => entry.source_ref)),
+            contradiction_refs: [],
+            promoted_refs: [],
+            metadata: { dependencies },
+        });
+    }
+    return {
+        schema_version: 1,
+        contract: 'reversa-evidence-bundle/v1',
+        operation_id: input.operationId,
+        generated_at: input.generatedAt,
+        feature_ref: input.featureRef,
+        mode: 'read-only',
+        source_attestations: accepted.map((entry) => entry.attestation.attestation),
+        findings,
+        artifacts: [
+            {
+                path: `.sdd/evidence/reversa/${input.featureRef}/architecture-map.yaml`,
+                artifact_type: 'architecture_map',
+                phase: 'architecture',
+                produced_by: 'codesdd reversa architecture extractor',
+                write_scope: 'read_only',
+            },
+        ],
+        validations: [
+            {
+                id: 'REV-VAL-ARCH-SAFETY',
+                phase: 'architecture',
+                command: 'buildReversaArchitectureMap',
+                status: blockedCount === 0 ? 'passed' : 'blocked',
+                issue_codes: blockedCount === 0 ? [] : ['UNSAFE_SOURCE_BLOCKED'],
+            },
+        ],
+        contradictions: [],
+        human_questions: [],
+        quality_refs: [`.sdd/active/${input.featureRef}/5-quality.yaml`],
+        residual_risks: blockedCount === 0 ? [] : [{
+                code: 'UNSAFE_SOURCE_BLOCKED',
+                severity: 'medium',
+                description: `${blockedCount} source(s) were blocked by Reversa intake safety.`,
+                mitigation: 'Provide safe project-relative sources before architecture extraction.',
+            }],
+        metadata: { module_count: modules.length, dependency_count: dependencies.length },
+    };
+}
+function scanModules(sourceRef, content) {
+    return [...content.matchAll(/\b(?:class|interface|module|namespace)\s+([A-Za-z0-9_]+)/gu)].map((match) => ({
+        name: match[1] ?? 'unknown',
+        source_ref: sourceRef,
+    }));
+}
+function scanDependencies(sourceRef, content) {
+    const imports = [...content.matchAll(/\bimport\b[^'"]*['"]([^'"]+)['"]/gu)].map((match) => match[1] ?? '');
+    const requires = [...content.matchAll(/\brequire\(\s*['"]([^'"]+)['"]\s*\)/gu)].map((match) => match[1] ?? '');
+    return [...imports, ...requires].filter(Boolean).map((target) => ({ target, source_ref: sourceRef }));
+}
+function unique(values) {
+    return [...new Set(values)];
+}
+//# sourceMappingURL=reversa-architecture-extractor.js.map

package/dist/core/sdd/reversa-artifact-writer.d.ts

@@ -0,0 +1,18 @@
+import type { ReversaEvidenceBundle } from './reversa-evidence.js';
+export interface ReversaArtifactWritePlan {
+    schema_version: 1;
+    contract: 'reversa-artifact-write-plan/v1';
+    feature_ref: string;
+    status: 'ready' | 'needs_clarification';
+    draft_artifacts: Array<{
+        artifact_type: 'INS' | 'DEB' | 'EPIC' | 'FEAT' | 'ADR' | 'DOC';
+        path: string;
+        source_finding_ref: string;
+        title: string;
+        write_scope: 'draft_only';
+    }>;
+    human_questions: NonNullable<ReversaEvidenceBundle['human_questions']>;
+    blocked_operations: string[];
+}
+export declare function buildReversaArtifactWritePlan(bundle: ReversaEvidenceBundle): ReversaArtifactWritePlan;
+//# sourceMappingURL=reversa-artifact-writer.d.ts.map

package/dist/core/sdd/reversa-artifact-writer.js

@@ -0,0 +1,40 @@
+export function buildReversaArtifactWritePlan(bundle) {
+    const lowConfidenceQuestions = bundle.findings
+        .filter((finding) => finding.confidence === 'low' || finding.confidence === 'unknown')
+        .map((finding) => ({
+        id: `REV-Q-${finding.id.replace(/^REV-FIND-/u, '')}`,
+        question: `Confirm finding before promotion: ${finding.title}`,
+        blocks_phase: 'artifact_generation',
+        required_before_apply: true,
+    }));
+    const humanQuestions = [...bundle.human_questions, ...lowConfidenceQuestions];
+    return {
+        schema_version: 1,
+        contract: 'reversa-artifact-write-plan/v1',
+        feature_ref: bundle.feature_ref,
+        status: humanQuestions.some((question) => question.required_before_apply) ? 'needs_clarification' : 'ready',
+        draft_artifacts: bundle.findings.map((finding) => ({
+            artifact_type: inferArtifactType(finding.phase),
+            path: `.sdd/evidence/reversa/${bundle.feature_ref}/drafts/${finding.id.toLowerCase()}.yaml`,
+            source_finding_ref: finding.id,
+            title: finding.title,
+            write_scope: 'draft_only',
+        })),
+        human_questions: humanQuestions,
+        blocked_operations: [
+            'write .sdd/state directly',
+            'promote drafts without CodeSDD lifecycle command',
+            'apply generated artifacts before required human questions are resolved',
+        ],
+    };
+}
+function inferArtifactType(phase) {
+    if (phase === 'artifact_generation')
+        return 'FEAT';
+    if (phase === 'migration' || phase === 'reconstruction' || phase === 'equivalence')
+        return 'ADR';
+    if (phase === 'rules' || phase === 'architecture')
+        return 'DEB';
+    return 'DOC';
+}
+//# sourceMappingURL=reversa-artifact-writer.js.map