@devtrack-solution/codesdd 1.2.4-rc3 → 1.2.4

package/dist/core/sdd/api-profile-dry-run-projection.js

@@ -0,0 +1,370 @@
+import { CODESDD_API_PROFILE_DEFINITIONS, CODESDD_API_PROFILE_IDS, CODESDD_API_SHARED_BASELINE_QUALITY_GATES, CODESDD_AI_AGENT_API_PROFILE_QUALITY_GATES, CODESDD_EVENTED_API_PROFILE_QUALITY_GATES, CODESDD_MINIMAL_REST_PROFILE_QUALITY_GATES, CODESDD_REST_AUTH_RBAC_PROFILE_QUALITY_GATES, CODESDD_REST_CRUD_TYPEORM_PROFILE_QUALITY_GATES, CODESDD_FULL_FOUNDATION_PARITY_QUALITY_GATES, } from './api-profile-catalog.js';
+export const CODESDD_API_PROFILE_DRY_RUN_EVIDENCE_CONTRACT = {
+    id: 'profile-aware-dry-run-evidence',
+    version: 1,
+    mode: 'dry-run',
+    mutation_policy: 'planning-only',
+};
+const SHARED_BASELINE_EXPECTED_WRITES = [
+    write('package.json', 'root', 'package-metadata', 'manifest', 'shared-baseline', 'Package metadata, scripts, dependencies, and runtime commands required by every API profile.', [
+        'package-json-scripts',
+    ]),
+    write('scripts/cleanup.sh', 'root', 'source', 'implementation', 'shared-baseline', 'Destructive cleanup script required by every Foundation-linked API profile.', [
+        'package-json-scripts',
+    ]),
+    write('scripts/kill-port.js', 'root', 'source', 'implementation', 'shared-baseline', 'Port preflight used by start and start:dev before runtime bootstrap.', [
+        'package-json-scripts',
+    ]),
+    write('.env.example', 'config', 'configuration', 'manifest', 'shared-baseline', 'Safe placeholder environment contract required before any generated API claims runtime readiness.', [
+        'env-example',
+    ]),
+    write('src/main.ts', 'root', 'source', 'implementation', 'shared-baseline', 'NestJS bootstrap with validation pipe and Swagger/OpenAPI /docs setup.', [
+        'openapi-swagger-docs',
+        'dto-validation',
+    ]),
+    write('src/application/business/auth/ports/in/register.use-case.port.ts', 'application', 'source', 'interface', 'shared-baseline', 'Application input-port example proving routes do not orchestrate business behavior directly.', [
+        'application-usecase-boundary',
+    ]),
+    write('src/application/business/auth/use-cases/register.use-case.ts', 'application', 'source', 'use-case', 'shared-baseline', 'Application use case backing the user-facing route projection.', [
+        'application-usecase-boundary',
+    ]),
+    write('src/presentation/rest/auth/controllers/register.controller.ts', 'presentation', 'source', 'controller', 'shared-baseline', 'Swagger-documented REST controller that delegates to an application input port.', [
+        'openapi-swagger-docs',
+        'application-usecase-boundary',
+    ]),
+    write('src/presentation/rest/auth/dtos/register-input.dto.ts', 'presentation', 'source', 'dto', 'shared-baseline', 'DTO validation and Swagger request-shape metadata for the baseline route.', [
+        'dto-validation',
+    ]),
+    write('src/presentation/dtos/api-error-response.dto.ts', 'presentation', 'source', 'dto', 'shared-baseline', 'Structured API error response documentation shared by REST profiles.', [
+        'structured-api-errors',
+    ]),
+    write('tests/app.e2e-spec.ts', 'tests', 'test', 'test', 'shared-baseline', 'Route/use-case smoke evidence expected for every profile preview.', [
+        'route-and-usecase-tests',
+    ]),
+];
+export const CODESDD_API_PROFILE_DRY_RUN_EXPECTATION_DEFINITIONS = {
+    'minimal-rest': expectation('minimal-rest', ['profile-minimal-rest-route-usecase-projection', ...CODESDD_MINIMAL_REST_PROFILE_QUALITY_GATES], [
+        write('src/presentation/rest/rest.module.ts', 'presentation', 'source', 'module', 'profile-overlay', 'Root REST module wiring minimal controllers without infrastructure coupling.', [
+            'minimal-rest',
+        ]),
+        write('src/presentation/rest/health/health.controller.ts', 'presentation', 'source', 'controller', 'profile-overlay', 'Health/readiness route projection for the smallest REST profile.', [
+            'minimal-rest',
+        ]),
+        write('src/application/business/health/ports/in/read-health.use-case.port.ts', 'application', 'source', 'interface', 'profile-overlay', 'Input-port boundary for the minimal health route.', [
+            'minimal-rest',
+        ]),
+        write('src/application/business/health/use-cases/read-health.use-case.ts', 'application', 'source', 'use-case', 'profile-overlay', 'Use-case boundary for the minimal health route.', [
+            'minimal-rest',
+        ]),
+        write('tests/health.e2e-spec.ts', 'tests', 'test', 'test', 'profile-overlay', 'Health route/use-case smoke evidence for the minimal REST profile.', [
+            'minimal-rest',
+        ]),
+    ]),
+    'rest-auth-rbac': expectation('rest-auth-rbac', ['profile-rest-auth-rbac-guard-policy-projection', ...CODESDD_REST_AUTH_RBAC_PROFILE_QUALITY_GATES], [
+        write('src/presentation/rest/auth/auth.module.ts', 'presentation', 'source', 'module', 'profile-overlay', 'REST auth module wiring protected controllers and guard providers.', [
+            'rest-auth-rbac',
+        ]),
+        write('src/presentation/rest/auth/controllers/login.controller.ts', 'presentation', 'source', 'controller', 'profile-overlay', 'Login controller projection with OpenAPI documentation and application input-port delegation.', [
+            'rest-auth-rbac',
+        ]),
+        write('src/presentation/rest/auth/controllers/create-role.controller.ts', 'presentation', 'source', 'controller', 'profile-overlay', 'Protected RBAC write controller projection with bearer docs and permission metadata.', [
+            'rest-auth-rbac',
+        ]),
+        write('src/presentation/rest/auth/controllers/list-roles.controller.ts', 'presentation', 'source', 'controller', 'profile-overlay', 'Protected RBAC read controller projection with bearer docs and permission metadata.', [
+            'rest-auth-rbac',
+        ]),
+        write('src/presentation/rest/auth/dtos/auth-session-output.dto.ts', 'presentation', 'source', 'dto', 'profile-overlay', 'Auth session response DTO projection with access token and permission-bearing payload.', [
+            'rest-auth-rbac',
+        ]),
+        write('src/presentation/rest/auth/guards/jwt-auth.guard.ts', 'presentation', 'source', 'implementation', 'profile-overlay', 'Authentication guard expected for protected bearer routes.', [
+            'rest-auth-rbac',
+        ]),
+        write('src/presentation/rest/auth/guards/permission.guard.ts', 'presentation', 'source', 'implementation', 'profile-overlay', 'Authorization guard expected for RBAC and permission-protected routes.', [
+            'rest-auth-rbac',
+        ]),
+        write('src/presentation/rest/auth/decorators/permission.decorator.ts', 'presentation', 'source', 'policy', 'profile-overlay', 'Permission decorator expected for route-level policy metadata.', [
+            'rest-auth-rbac',
+        ]),
+        write('src/application/business/auth/ports/in/authenticated-user.type.ts', 'application', 'source', 'type', 'profile-overlay', 'Current-user request boundary expected when authenticated routes need user context.', [
+            'rest-auth-rbac',
+        ]),
+        write('src/application/business/auth/ports/in/login.use-case.port.ts', 'application', 'source', 'interface', 'profile-overlay', 'Application input port expected for login/authentication.', [
+            'rest-auth-rbac',
+        ]),
+        write('src/application/business/auth/use-cases/login.use-case.ts', 'application', 'source', 'use-case', 'profile-overlay', 'Login use-case projection coordinating authentication through application ports.', [
+            'rest-auth-rbac',
+        ]),
+        write('src/application/business/auth/ports/out/access-control.service.port.ts', 'application', 'source', 'interface', 'profile-overlay', 'Application policy output port expected for RBAC permission checks.', [
+            'rest-auth-rbac',
+        ]),
+        write('src/application/business/auth/services/access-control.service.ts', 'application', 'source', 'service', 'profile-overlay', 'Application service expected to enforce RBAC allow/deny behavior.', [
+            'rest-auth-rbac',
+        ]),
+        write('src/infrastructure/adapters/auth/jwt.strategy.ts', 'infrastructure', 'source', 'adapter', 'profile-overlay', 'JWT strategy projection isolating bearer token extraction and validation details.', [
+            'rest-auth-rbac',
+        ]),
+        write('tests/auth-rbac.e2e-spec.ts', 'tests', 'test', 'test', 'profile-overlay', 'Allow/deny route evidence projection for protected auth/RBAC routes.', [
+            'rest-auth-rbac',
+        ]),
+    ]),
+    'rest-crud-typeorm': expectation('rest-crud-typeorm', ['profile-rest-crud-typeorm-persistence-projection', ...CODESDD_REST_CRUD_TYPEORM_PROFILE_QUALITY_GATES], [
+        write('src/domain/categories/business-objects/category.bo.ts', 'domain', 'source', 'business-object', 'profile-overlay', 'CRUD aggregate BO following Foundation domain conventions.', [
+            'rest-crud-typeorm',
+        ]),
+        write('src/domain/categories/types/category.type.ts', 'domain', 'source', 'type', 'profile-overlay', 'Domain type contract for the category BO.', [
+            'rest-crud-typeorm',
+        ]),
+        write('src/application/business/categories/ports/out/category-repository.port.ts', 'application', 'source', 'repository-port', 'profile-overlay', 'Repository output port owned by application instead of presentation or domain.', [
+            'rest-crud-typeorm',
+        ]),
+        write('src/application/business/categories/ports/in/create-category.use-case.port.ts', 'application', 'source', 'interface', 'profile-overlay', 'Input-port boundary for category creation.', [
+            'rest-crud-typeorm',
+        ]),
+        write('src/application/business/categories/use-cases/create-category.use-case.ts', 'application', 'source', 'use-case', 'profile-overlay', 'Create use-case projection with BO validation, uniqueness, and repository persistence.', [
+            'rest-crud-typeorm',
+        ]),
+        write('src/application/business/categories/ports/in/list-categories.use-case.port.ts', 'application', 'source', 'interface', 'profile-overlay', 'Input-port boundary for paginated category listing.', [
+            'rest-crud-typeorm',
+        ]),
+        write('src/application/business/categories/use-cases/list-categories.use-case.ts', 'application', 'source', 'use-case', 'profile-overlay', 'List use-case projection with pagination and filtering through the repository port.', [
+            'rest-crud-typeorm',
+        ]),
+        write('src/infrastructure/adapters/orm/entities/category.orm-entity.ts', 'infrastructure', 'source', 'entity', 'profile-overlay', 'TypeORM entity projection kept in infrastructure ORM boundary.', [
+            'rest-crud-typeorm',
+        ]),
+        write('src/infrastructure/adapters/orm/repositories/category.typeorm-repository.ts', 'infrastructure', 'source', 'adapter', 'profile-overlay', 'Concrete TypeORM repository projection implementing the application repository port.', [
+            'rest-crud-typeorm',
+        ]),
+        write('src/infrastructure/adapters/orm/mappers/category.mapper.ts', 'infrastructure', 'source', 'mapper', 'profile-overlay', 'Mapper projection isolating ORM entity shape from the domain BO.', [
+            'rest-crud-typeorm',
+        ]),
+        write('src/infrastructure/adapters/orm/typeorm.module.ts', 'infrastructure', 'source', 'module', 'profile-overlay', 'TypeORM root module projection with forRootAsync and shared entity registration.', [
+            'rest-crud-typeorm',
+        ]),
+        write('src/infrastructure/adapters/orm/categories-orm.module.ts', 'infrastructure', 'source', 'module', 'profile-overlay', 'Context ORM module projection exporting repository port providers.', [
+            'rest-crud-typeorm',
+        ]),
+        write('src/infrastructure/adapters/orm/migrations/0000000000000-create-categories.migration.ts', 'infrastructure', 'migration', 'implementation', 'profile-overlay', 'Migration projection required when persistent schema is introduced.', [
+            'rest-crud-typeorm',
+        ]),
+        write('src/presentation/rest/categories/categories.module.ts', 'presentation', 'source', 'module', 'profile-overlay', 'REST categories module wiring CRUD controllers without owning business logic.', [
+            'rest-crud-typeorm',
+        ]),
+        write('src/presentation/rest/categories/controllers/create-category.controller.ts', 'presentation', 'source', 'controller', 'profile-overlay', 'Create controller projection with documented request and response contracts.', [
+            'rest-crud-typeorm',
+        ]),
+        write('src/presentation/rest/categories/controllers/list-categories.controller.ts', 'presentation', 'source', 'controller', 'profile-overlay', 'List controller projection with documented pagination and filtering.', [
+            'rest-crud-typeorm',
+        ]),
+        write('src/presentation/rest/categories/dtos/create-category-input.dto.ts', 'presentation', 'source', 'dto', 'profile-overlay', 'Create DTO projection with validation and Swagger metadata.', [
+            'rest-crud-typeorm',
+        ]),
+        write('src/presentation/rest/categories/dtos/category-output.dto.ts', 'presentation', 'source', 'dto', 'profile-overlay', 'Output DTO projection documenting category response shape.', [
+            'rest-crud-typeorm',
+        ]),
+        write('tests/categories-crud.e2e-spec.ts', 'tests', 'test', 'test', 'profile-overlay', 'CRUD persistence evidence projection for create/list, uniqueness, pagination, and filtering.', [
+            'rest-crud-typeorm',
+        ]),
+    ]),
+    'evented-api': expectation('evented-api', ['profile-evented-api-event-contract-projection', ...CODESDD_EVENTED_API_PROFILE_QUALITY_GATES], [
+        write('src/application/business/categories/events/category-created.event.ts', 'application', 'source', 'type', 'profile-overlay', 'Application event contract projection for evented API slices in BO-pattern contexts.', [
+            'evented-api',
+        ]),
+        write('src/application/business/categories/ports/out/category-event-publisher.port.ts', 'application', 'source', 'interface', 'profile-overlay', 'Application output port projection for publishing category events without leaking queue details.', [
+            'evented-api',
+        ]),
+        write('src/application/business/categories/ports/out/event-idempotency-store.port.ts', 'application', 'source', 'interface', 'profile-overlay', 'Application output port projection for dedupe and processed-event tracking.', [
+            'evented-api',
+        ]),
+        write('src/application/business/categories/handlers/category-created.handler.ts', 'application', 'source', 'handler', 'profile-overlay', 'Application handler projection for domain/application event dispatch.', [
+            'evented-api',
+        ]),
+        write('src/application/business/categories/use-cases/create-category.use-case.ts', 'application', 'source', 'use-case', 'profile-overlay', 'Use-case projection that records and dispatches the category-created event through application handlers.', [
+            'evented-api',
+        ]),
+        write('src/infrastructure/adapters/queue/category-event-publisher.adapter.ts', 'infrastructure', 'source', 'adapter', 'profile-overlay', 'Queue publisher adapter projection with idempotency and retry policy.', [
+            'evented-api',
+        ]),
+        write('src/infrastructure/adapters/queue/category-events.consumer.ts', 'infrastructure', 'source', 'handler', 'profile-overlay', 'Queue consumer projection delegating event processing to the application handler.', [
+            'evented-api',
+        ]),
+        write('src/infrastructure/adapters/queue/event-idempotency-store.adapter.ts', 'infrastructure', 'source', 'adapter', 'profile-overlay', 'Processed-event store projection for idempotent queue handling.', [
+            'evented-api',
+        ]),
+        write('docs/events/category-created.md', 'docs', 'documentation', 'documentation', 'profile-overlay', 'Event contract documentation projection with payload, idempotency, retry, and error policy.', [
+            'evented-api',
+        ]),
+        write('tests/categories-events.e2e-spec.ts', 'tests', 'test', 'test', 'profile-overlay', 'Event handler and idempotency evidence projection.', [
+            'evented-api',
+        ]),
+    ]),
+    'ai-agent-api': expectation('ai-agent-api', ['profile-ai-agent-api-tool-boundary-projection', ...CODESDD_AI_AGENT_API_PROFILE_QUALITY_GATES], [
+        write('src/presentation/rest/agents/agents.module.ts', 'presentation', 'source', 'module', 'profile-overlay', 'REST agents module wiring controllers and application use-case providers.', [
+            'ai-agent-api',
+        ]),
+        write('src/presentation/rest/agents/controllers/agent-runs.controller.ts', 'presentation', 'source', 'controller', 'profile-overlay', 'Agent workflow REST endpoint projection with documented request and response contracts.', [
+            'ai-agent-api',
+        ]),
+        write('src/presentation/rest/agents/dtos/run-agent-input.dto.ts', 'presentation', 'source', 'dto', 'profile-overlay', 'Agent request DTO projection with prompt and tool allowlist validation metadata.', [
+            'ai-agent-api',
+        ]),
+        write('src/presentation/rest/agents/dtos/agent-run-output.dto.ts', 'presentation', 'source', 'dto', 'profile-overlay', 'Agent response DTO projection with output and audit correlation fields.', [
+            'ai-agent-api',
+        ]),
+        write('src/application/intelligence/agents/ports/in/run-agent.use-case.port.ts', 'application', 'source', 'interface', 'profile-overlay', 'Application intelligence input-port boundary for agent execution requests.', [
+            'ai-agent-api',
+        ]),
+        write('src/application/intelligence/agents/use-cases/run-agent.use-case.ts', 'application', 'source', 'use-case', 'profile-overlay', 'Application intelligence use-case boundary coordinating provider, tool, and safety checks.', [
+            'ai-agent-api',
+        ]),
+        write('src/application/intelligence/agents/ports/out/llm-provider.port.ts', 'application', 'source', 'interface', 'profile-overlay', 'Application intelligence provider port projection isolating LLM calls.', [
+            'ai-agent-api',
+        ]),
+        write('src/application/intelligence/agents/ports/out/agent-tool-registry.port.ts', 'application', 'source', 'interface', 'profile-overlay', 'Tool registry output-port projection enforcing allowed tool/action boundaries.', [
+            'ai-agent-api',
+        ]),
+        write('src/application/intelligence/agents/ports/out/agent-audit.port.ts', 'application', 'source', 'interface', 'profile-overlay', 'Audit output-port projection for redacted prompts, tool calls, and safety outcomes.', [
+            'ai-agent-api',
+        ]),
+        write('src/application/intelligence/agents/services/prompt-safety.service.ts', 'application', 'source', 'service', 'profile-overlay', 'Prompt safety service projection before provider invocation.', [
+            'ai-agent-api',
+        ]),
+        write('src/application/intelligence/agents/services/redaction.service.ts', 'application', 'source', 'service', 'profile-overlay', 'Redaction service projection for secrets and provider keys.', [
+            'ai-agent-api',
+        ]),
+        write('src/infrastructure/adapters/llm/llm-provider.adapter.ts', 'infrastructure', 'source', 'adapter', 'profile-overlay', 'LLM/provider adapter projection with redacted configuration boundaries.', [
+            'ai-agent-api',
+        ]),
+        write('src/infrastructure/adapters/audit/agent-audit.adapter.ts', 'infrastructure', 'source', 'adapter', 'profile-overlay', 'Audit trail adapter projection for agent tool calls and safety outcomes.', [
+            'ai-agent-api',
+        ]),
+        write('docs/agents/ai-agent-api.md', 'docs', 'documentation', 'documentation', 'profile-overlay', 'Agent API documentation projection for tool boundaries, redaction, auditability, and deterministic tests.', [
+            'ai-agent-api',
+        ]),
+        write('tests/agents.e2e-spec.ts', 'tests', 'test', 'test', 'profile-overlay', 'Agent run e2e evidence projection using deterministic provider seams and no live credentials.', [
+            'ai-agent-api',
+        ]),
+        write('tests/agents-safety.spec.ts', 'tests', 'test', 'test', 'profile-overlay', 'Prompt safety, tool boundary, and redaction unit evidence projection.', [
+            'ai-agent-api',
+        ]),
+    ]),
+    'full-foundation-compatible': expectation('full-foundation-compatible', ['profile-full-foundation-compatible-parity-projection', ...CODESDD_FULL_FOUNDATION_PARITY_QUALITY_GATES], [
+        write('src/application/application.module.ts', 'application', 'source', 'module', 'full-foundation-parity', 'Application root required by the full Foundation-compatible profile.', [
+            'full-foundation-compatible',
+            'architecture-roots',
+        ]),
+        write('src/domain/auth/business-objects/api-keys.bo.ts', 'domain', 'source', 'business-object', 'full-foundation-parity', 'Foundation static domain utility exception currently living under business-objects.', [
+            'full-foundation-compatible',
+            'architecture-roots',
+        ]),
+        write('src/infrastructure/adapters/orm/typeorm.module.ts', 'infrastructure', 'source', 'module', 'full-foundation-parity', 'Foundation TypeORM root module required by full compatibility.', [
+            'full-foundation-compatible',
+            'persistence-typeorm',
+        ]),
+        write('src/infrastructure/adapters/orm/auth-orm.module.ts', 'infrastructure', 'source', 'module', 'full-foundation-parity', 'Foundation context ORM module required by full compatibility.', [
+            'full-foundation-compatible',
+            'persistence-typeorm',
+        ]),
+        write('src/infrastructure/infrastructure.module.ts', 'infrastructure', 'source', 'module', 'full-foundation-parity', 'Infrastructure root required by full Foundation compatibility.', [
+            'full-foundation-compatible',
+            'architecture-roots',
+        ]),
+        write('src/presentation/presentation.module.ts', 'presentation', 'source', 'module', 'full-foundation-parity', 'Presentation root required by full Foundation compatibility.', [
+            'full-foundation-compatible',
+            'architecture-roots',
+        ]),
+        write('src/shared/domain/generic-business-object.ts', 'shared', 'source', 'abstraction', 'full-foundation-parity', 'Shared Foundation primitive required by full compatibility.', [
+            'full-foundation-compatible',
+            'architecture-roots',
+        ]),
+        write('.sdd/plugin-evidence/<FEAT>/<operation>/evidence-manifest.yaml', 'sdd', 'evidence', 'evidence', 'full-foundation-parity', 'Evidence manifest projection required to prove full Foundation parity without mutating .sdd/state.', [
+            'full-foundation-compatible',
+            'evidence-and-quality-gates',
+        ]),
+    ]),
+};
+export function getCodeSddApiProfileDryRunExpectation(profileId) {
+    return CODESDD_API_PROFILE_DRY_RUN_EXPECTATION_DEFINITIONS[profileId];
+}
+export function getCodeSddApiProfileDryRunExpectations() {
+    return CODESDD_API_PROFILE_IDS.map((profileId) => getCodeSddApiProfileDryRunExpectation(profileId));
+}
+export function buildCodeSddApiProfileDryRunProjection(input) {
+    const expectationDefinition = getCodeSddApiProfileDryRunExpectation(input.apiProfile.profile_id);
+    const plannedPaths = new Set(input.artifactMapRefs.map((artifact) => artifact.path));
+    const expectedWrites = [...SHARED_BASELINE_EXPECTED_WRITES, ...expectationDefinition.expected_writes].map((writeDefinition) => ({
+        ...writeDefinition,
+        status: 'expected',
+        planned_in_current_scaffold: plannedPaths.has(writeDefinition.path),
+    }));
+    return {
+        id: CODESDD_API_PROFILE_DRY_RUN_EVIDENCE_CONTRACT.id,
+        version: CODESDD_API_PROFILE_DRY_RUN_EVIDENCE_CONTRACT.version,
+        mode: CODESDD_API_PROFILE_DRY_RUN_EVIDENCE_CONTRACT.mode,
+        mutation_policy: CODESDD_API_PROFILE_DRY_RUN_EVIDENCE_CONTRACT.mutation_policy,
+        selected_profile: input.apiProfile.profile_id,
+        requested_profile: input.apiProfile.input ?? input.apiProfile.profile_id,
+        legacy_alias: input.apiProfile.legacy_alias,
+        inherited_baseline: CODESDD_API_PROFILE_DEFINITIONS[input.apiProfile.profile_id].inherits_shared_baseline,
+        expected_write_scope: [...input.expectedWriteScope],
+        expected_writes: expectedWrites,
+        expected_quality_gates: unique([
+            `profile-${input.apiProfile.profile_id}-selected`,
+            'profile-aware-dry-run-evidence-required',
+            'typeorm-only-persistence',
+            ...CODESDD_API_SHARED_BASELINE_QUALITY_GATES,
+            ...expectationDefinition.profile_quality_gates,
+        ]),
+        artifact_map_refs: input.artifactMapRefs.map((artifact) => ({
+            path: artifact.path,
+            layer: artifact.layer,
+            artifact_kind: artifact.artifact_kind,
+            role: artifact.role,
+            content_type: artifact.content_type,
+            source_refs: [artifact.source_reference],
+            tags: [...artifact.tags],
+            status: 'planned',
+        })),
+        validation_results: input.validationCommands.map((command) => ({
+            command,
+            status: 'pending',
+            result: 'not_executed_dry_run',
+            expected_outcome: 'Command is expected to pass after appliance apply or target-project validation.',
+            evidence_required: ['validation command output', 'FEAT quality evidence entry'],
+        })),
+        migration_warnings: input.apiProfile.legacy_alias
+            ? [
+                {
+                    code: 'legacy-profile-alias',
+                    severity: 'warning',
+                    requested_profile: input.apiProfile.input ?? 'devtrack-api',
+                    resolves_to: input.apiProfile.profile_id,
+                    message: input.apiProfile.migration_notice ??
+                        `Legacy profile alias resolved to ${input.apiProfile.profile_id}.`,
+                },
+            ]
+            : [],
+    };
+}
+function expectation(profileId, profileQualityGates, expectedWrites) {
+    return {
+        profile_id: profileId,
+        profile_quality_gates: profileQualityGates,
+        expected_writes: expectedWrites,
+    };
+}
+function write(path, layer, artifactKind, role, source, reason, requiredBy) {
+    return {
+        path,
+        layer,
+        artifact_kind: artifactKind,
+        role,
+        source,
+        reason,
+        required_by: requiredBy,
+    };
+}
+function unique(values) {
+    return [...new Set(values)];
+}
+//# sourceMappingURL=api-profile-dry-run-projection.js.map

package/dist/core/sdd/api-profile-recipes.d.ts

@@ -0,0 +1,82 @@
+import { type CodeSddApiSharedBaselineRequirementId } from './api-foundation-baseline.js';
+import type { CodeSddApiProfileId } from './api-profile-catalog.js';
+import type { PluginArtifactKind, PluginArtifactLayer, PluginArtifactRole } from './plugin-sdk-contract.js';
+export declare const CODESDD_API_PROFILE_RECIPE_CONTRACT: {
+    readonly id: "codesdd-api-profile-recipes";
+    readonly version: 1;
+    readonly foundation_reference: "devtrack-foundation-api";
+};
+export declare const CODESDD_MINIMAL_REST_PROFILE_QUALITY_GATES: readonly ["minimal-rest-recipe-required", "minimal-rest-openapi-docs-required", "minimal-rest-env-example-required", "minimal-rest-package-scripts-required", "minimal-rest-dto-usecase-boundary-required", "minimal-rest-structured-errors-required", "minimal-rest-health-root-wiring-required", "minimal-rest-route-usecase-tests-required"];
+export declare const CODESDD_MINIMAL_REST_PROFILE_VALIDATION_COMMANDS: readonly ["pnpm run build", "pnpm run lint", "pnpm test", "pnpm run test:e2e"];
+export declare const CODESDD_REST_AUTH_RBAC_PROFILE_QUALITY_GATES: readonly ["rest-auth-rbac-recipe-required", "rest-auth-rbac-auth-plan-required", "rest-auth-rbac-jwt-strategy-required", "rest-auth-rbac-route-guards-required", "rest-auth-rbac-permission-decorator-required", "rest-auth-rbac-current-user-boundary-required", "rest-auth-rbac-protected-openapi-docs-required", "rest-auth-rbac-allow-deny-tests-required"];
+export declare const CODESDD_REST_AUTH_RBAC_PROFILE_VALIDATION_COMMANDS: readonly ["pnpm run build", "pnpm run lint", "pnpm test", "pnpm run test:e2e"];
+export declare const CODESDD_REST_CRUD_TYPEORM_PROFILE_QUALITY_GATES: readonly ["rest-crud-typeorm-recipe-required", "rest-crud-typeorm-bo-pattern-required", "rest-crud-typeorm-application-repository-port-required", "rest-crud-typeorm-usecase-transaction-boundary-required", "rest-crud-typeorm-infrastructure-orm-required", "rest-crud-typeorm-migration-required", "rest-crud-typeorm-pagination-filtering-required", "rest-crud-typeorm-uniqueness-required", "rest-crud-typeorm-crud-tests-required", "rest-crud-typeorm-no-prisma-required"];
+export declare const CODESDD_REST_CRUD_TYPEORM_PROFILE_VALIDATION_COMMANDS: readonly ["pnpm run build", "pnpm run lint", "pnpm test", "pnpm run test:e2e", "pnpm run migration:show"];
+export declare const CODESDD_EVENTED_API_PROFILE_QUALITY_GATES: readonly ["evented-api-recipe-required", "evented-api-event-contract-required", "evented-api-application-handler-required", "evented-api-event-publisher-port-required", "evented-api-outbox-or-queue-required", "evented-api-idempotency-required", "evented-api-retry-error-policy-required", "evented-api-event-docs-required", "evented-api-event-tests-required"];
+export declare const CODESDD_EVENTED_API_PROFILE_VALIDATION_COMMANDS: readonly ["pnpm run build", "pnpm run lint", "pnpm test", "pnpm run test:e2e"];
+export declare const CODESDD_AI_AGENT_API_PROFILE_QUALITY_GATES: readonly ["ai-agent-api-recipe-required", "ai-agent-api-endpoint-contract-required", "ai-agent-api-tool-boundary-required", "ai-agent-api-provider-config-redaction-required", "ai-agent-api-prompt-safety-required", "ai-agent-api-audit-trail-required", "ai-agent-api-deterministic-tests-required", "ai-agent-api-no-live-credentials-required"];
+export declare const CODESDD_AI_AGENT_API_PROFILE_VALIDATION_COMMANDS: readonly ["pnpm run build", "pnpm run lint", "pnpm test", "pnpm run test:e2e"];
+export declare const CODESDD_API_MANDATORY_PACKAGE_SCRIPT_MARKERS: readonly ["\"build\"", "\"start\"", "\"start:dev\"", "\"start:prod\"", "\"lint\"", "\"test\"", "\"test:cov\"", "\"test:e2e\"", "\"cleanup\"", "\"cleanup:install\"", "node scripts/kill-port.js", "npm run", "npm install"];
+export declare const CODESDD_API_MANDATORY_CLEANUP_SCRIPT_MARKERS: readonly ["node_modules", "dist", "build", "coverage", ".cache", ".turbo", ".nest", "package-lock.json", "pnpm-lock.yaml", "yarn.lock", "bun.lock", "tsbuildinfo"];
+export declare const CODESDD_API_MANDATORY_KILL_PORT_SCRIPT_MARKERS: readonly ["process.argv[2]", "process.env.PORT", "process.env.APP_PORT", "lsof -ti", "netstat -ano", "kill -9", "taskkill"];
+export type CodeSddApiProfileRecipeArtifactCategory = 'documentation' | 'environment' | 'scripts' | 'dto' | 'use-case' | 'structured-errors' | 'health' | 'root-wiring' | 'tests' | 'auth-configuration' | 'auth-strategy' | 'auth-controller' | 'auth-session' | 'guard' | 'decorator' | 'current-user' | 'rbac-policy' | 'auth-tests' | 'persistence-configuration' | 'business-object' | 'domain-type' | 'repository-port' | 'orm-entity' | 'orm-repository' | 'orm-mapper' | 'orm-module' | 'migration' | 'crud-controller' | 'pagination-filtering' | 'crud-tests' | 'event-configuration' | 'event-contract' | 'event-handler' | 'event-publisher-port' | 'outbox-queue' | 'event-consumer' | 'idempotency' | 'retry-policy' | 'event-docs' | 'event-tests' | 'agent-configuration' | 'agent-controller' | 'agent-dto' | 'agent-use-case' | 'agent-provider-port' | 'agent-tool-port' | 'agent-audit' | 'agent-safety' | 'agent-redaction' | 'agent-provider-adapter' | 'agent-docs' | 'agent-tests';
+export interface CodeSddApiProfileRecipeArtifact {
+    path: string;
+    layer: PluginArtifactLayer;
+    artifact_kind: PluginArtifactKind;
+    role: PluginArtifactRole;
+    category: CodeSddApiProfileRecipeArtifactCategory;
+    reason: string;
+    content_markers: readonly string[];
+}
+export interface CodeSddApiProfileRecipe {
+    id: string;
+    version: 1;
+    profile_id: CodeSddApiProfileId;
+    title: string;
+    foundation_reference: typeof CODESDD_API_PROFILE_RECIPE_CONTRACT.foundation_reference;
+    inherits_shared_baseline: true;
+    required_baseline_requirements: readonly CodeSddApiSharedBaselineRequirementId[];
+    required_artifacts: readonly CodeSddApiProfileRecipeArtifact[];
+    required_quality_gates: readonly string[];
+    required_validation_commands: readonly string[];
+    forbidden_artifact_patterns?: readonly string[];
+    forbidden_content_markers?: readonly string[];
+}
+export interface CodeSddApiProfileRecipeValidationInput {
+    profileId: CodeSddApiProfileId;
+    artifactPaths: readonly string[];
+    qualityGates: readonly string[];
+    validationCommands: readonly string[];
+    artifactContents?: Readonly<Record<string, string>>;
+}
+export interface CodeSddApiProfileRecipeValidationFinding {
+    code: CodeSddApiProfileRecipeValidationFindingCode;
+    severity: 'error';
+    message: string;
+    expected: string;
+}
+export type CodeSddApiProfileRecipeValidationFindingCode = 'MINIMAL_REST_PROFILE_MISMATCH' | 'MINIMAL_REST_ARTIFACT_MISSING' | 'MINIMAL_REST_CONTENT_MARKER_MISSING' | 'MINIMAL_REST_QUALITY_GATE_MISSING' | 'MINIMAL_REST_VALIDATION_COMMAND_MISSING' | 'REST_AUTH_RBAC_PROFILE_MISMATCH' | 'REST_AUTH_RBAC_ARTIFACT_MISSING' | 'REST_AUTH_RBAC_CONTENT_MARKER_MISSING' | 'REST_AUTH_RBAC_QUALITY_GATE_MISSING' | 'REST_AUTH_RBAC_VALIDATION_COMMAND_MISSING' | 'REST_CRUD_TYPEORM_PROFILE_MISMATCH' | 'REST_CRUD_TYPEORM_ARTIFACT_MISSING' | 'REST_CRUD_TYPEORM_CONTENT_MARKER_MISSING' | 'REST_CRUD_TYPEORM_QUALITY_GATE_MISSING' | 'REST_CRUD_TYPEORM_VALIDATION_COMMAND_MISSING' | 'REST_CRUD_TYPEORM_FORBIDDEN_ARTIFACT' | 'REST_CRUD_TYPEORM_FORBIDDEN_CONTENT_MARKER' | 'EVENTED_API_PROFILE_MISMATCH' | 'EVENTED_API_ARTIFACT_MISSING' | 'EVENTED_API_CONTENT_MARKER_MISSING' | 'EVENTED_API_QUALITY_GATE_MISSING' | 'EVENTED_API_VALIDATION_COMMAND_MISSING' | 'AI_AGENT_API_PROFILE_MISMATCH' | 'AI_AGENT_API_ARTIFACT_MISSING' | 'AI_AGENT_API_CONTENT_MARKER_MISSING' | 'AI_AGENT_API_QUALITY_GATE_MISSING' | 'AI_AGENT_API_VALIDATION_COMMAND_MISSING' | 'AI_AGENT_API_FORBIDDEN_CONTENT_MARKER';
+export interface CodeSddApiProfileRecipeValidationResult {
+    profile_id: CodeSddApiProfileId;
+    recipe_id: string;
+    status: 'passed' | 'failed';
+    missing_artifacts: string[];
+    missing_content_markers: string[];
+    missing_quality_gates: string[];
+    missing_validation_commands: string[];
+    forbidden_artifacts: string[];
+    forbidden_content_markers: string[];
+    findings: CodeSddApiProfileRecipeValidationFinding[];
+}
+export declare const CODESDD_MINIMAL_REST_PROFILE_RECIPE: CodeSddApiProfileRecipe;
+export declare const CODESDD_REST_AUTH_RBAC_PROFILE_RECIPE: CodeSddApiProfileRecipe;
+export declare const CODESDD_REST_CRUD_TYPEORM_PROFILE_RECIPE: CodeSddApiProfileRecipe;
+export declare const CODESDD_EVENTED_API_PROFILE_RECIPE: CodeSddApiProfileRecipe;
+export declare const CODESDD_AI_AGENT_API_PROFILE_RECIPE: CodeSddApiProfileRecipe;
+export declare function validateMinimalRestProfileRecipe(input: CodeSddApiProfileRecipeValidationInput): CodeSddApiProfileRecipeValidationResult;
+export declare function validateRestAuthRbacProfileRecipe(input: CodeSddApiProfileRecipeValidationInput): CodeSddApiProfileRecipeValidationResult;
+export declare function validateRestCrudTypeormProfileRecipe(input: CodeSddApiProfileRecipeValidationInput): CodeSddApiProfileRecipeValidationResult;
+export declare function validateEventedApiProfileRecipe(input: CodeSddApiProfileRecipeValidationInput): CodeSddApiProfileRecipeValidationResult;
+export declare function validateAiAgentApiProfileRecipe(input: CodeSddApiProfileRecipeValidationInput): CodeSddApiProfileRecipeValidationResult;
+//# sourceMappingURL=api-profile-recipes.d.ts.map