@fenglimg/fabric-server 1.3.1 → 1.5.0

package/dist/{chunk-GU7AMRM3.js → chunk-E3RZ276F.js}

@@ -82,6 +82,91 @@ var ContextCache = class {
 };
 var contextCache = new ContextCache(5e3);
 
+// src/services/read-human-lock.ts
+import { readFile } from "fs/promises";
+import { join } from "path";
+import { humanLockEntrySchema } from "@fenglimg/fabric-shared";
+
+// src/services/_shared.ts
+import { resolve, sep } from "path";
+import { createHash } from "crypto";
+import { rename, writeFile } from "fs/promises";
+var FABRIC_DIR = ".fabric";
+var HUMAN_LOCK_FILE = "human-lock.json";
+var LEDGER_FILE = ".intent-ledger.jsonl";
+async function atomicWriteText(path, content) {
+  const tempPath = `${path}.${process.pid}.${Date.now()}.tmp`;
+  await writeFile(tempPath, content, "utf8");
+  await rename(tempPath, path);
+}
+function sha256(content) {
+  return `sha256:${createHash("sha256").update(content).digest("hex")}`;
+}
+function isNodeError(error) {
+  return error instanceof Error;
+}
+function assertPathWithinProjectRoot(projectRoot, file) {
+  const normalizedProjectRoot = resolve(projectRoot);
+  const absolutePath = resolve(normalizedProjectRoot, file);
+  const rootPrefix = normalizedProjectRoot.endsWith(sep) ? normalizedProjectRoot : `${normalizedProjectRoot}${sep}`;
+  if (!absolutePath.startsWith(rootPrefix)) {
+    throw new Error(`Path escapes project root: ${file}`);
+  }
+  return absolutePath;
+}
+
+// src/services/read-human-lock.ts
+async function readHumanLock(projectRoot) {
+  const document = await readHumanLockDocument(projectRoot);
+  return await Promise.all(
+    document.locked.map(async (entry) => {
+      const currentHash = await hashHumanLockedContent(projectRoot, entry);
+      return {
+        ...entry,
+        drift: currentHash !== entry.hash,
+        current_hash: currentHash
+      };
+    })
+  );
+}
+async function readHumanLockEntry(projectRoot, file) {
+  const entries = await readHumanLock(projectRoot);
+  return entries.find((entry) => entry.file === file) ?? null;
+}
+async function readHumanLockDocument(projectRoot) {
+  const humanLockPath = join(projectRoot, FABRIC_DIR, HUMAN_LOCK_FILE);
+  const raw = await readFile(humanLockPath, "utf8");
+  const parsed = JSON.parse(raw);
+  if (!parsed || typeof parsed !== "object" || Array.isArray(parsed)) {
+    throw new Error(`Fabric human lock file is invalid: ${humanLockPath}`);
+  }
+  const rawObject = parsed;
+  const lockedResult = humanLockEntrySchema.array().safeParse(rawObject.locked ?? []);
+  if (!lockedResult.success) {
+    throw new Error(`Fabric human lock file is invalid: ${humanLockPath}`);
+  }
+  return {
+    path: humanLockPath,
+    rawObject,
+    locked: lockedResult.data
+  };
+}
+async function hashHumanLockedContent(projectRoot, entry) {
+  const targetPath = assertPathWithinProjectRoot(projectRoot, entry.file);
+  let content;
+  try {
+    content = await readFile(targetPath, "utf8");
+  } catch (error) {
+    if (isNodeError(error) && error.code === "ENOENT") {
+      return "missing";
+    }
+    throw error;
+  }
+  const lines = content.split(/\r?\n/);
+  const slice = lines.slice(Math.max(entry.start_line - 1, 0), Math.max(entry.end_line, 0)).join("\n");
+  return sha256(slice);
+}
+
 // src/services/doctor.ts
 import { createHash as createHash2 } from "crypto";
 import { existsSync, readFileSync, readdirSync, statSync } from "fs";
@@ -91,8 +176,8 @@ import { forensicReportSchema } from "@fenglimg/fabric-shared";
 import { detectFramework } from "@fenglimg/fabric-shared/node";
 
 // src/meta-reader.ts
-import { readFile } from "fs/promises";
-import { join } from "path";
+import { readFile as readFile2 } from "fs/promises";
+import { join as join2 } from "path";
 import { agentsMetaSchema } from "@fenglimg/fabric-shared";
 import { agentsMetaNodeSchema, agentsMetaSchema as agentsMetaSchema2 } from "@fenglimg/fabric-shared";
 var AgentsMetaFileMissingError = class extends Error {
@@ -115,7 +200,7 @@ var AgentsMetaInvalidError = class extends Error {
   code = "FABRIC_META_INVALID";
 };
 function getAgentsMetaPath(projectRoot) {
-  return join(projectRoot, ".fabric", "agents.meta.json");
+  return join2(projectRoot, ".fabric", "agents.meta.json");
 }
 function resolveProjectRoot() {
   return process.env.FABRIC_PROJECT_ROOT ?? process.cwd();
@@ -128,7 +213,7 @@ async function readAgentsMeta(projectRoot) {
   const metaPath = getAgentsMetaPath(projectRoot);
   let raw;
   try {
-    raw = await readFile(metaPath, "utf8");
+    raw = await readFile2(metaPath, "utf8");
   } catch (error) {
     if (error && typeof error === "object" && "code" in error && error.code === "ENOENT") {
       throw new AgentsMetaFileMissingError(metaPath);
@@ -147,37 +232,7 @@ async function readAgentsMeta(projectRoot) {
 
 // src/services/audit-log.ts
 import { appendFile, mkdir, open, stat } from "fs/promises";
-import { isAbsolute, join as join2, posix, relative, resolve as resolve2 } from "path";
-
-// src/services/_shared.ts
-import { resolve, sep } from "path";
-import { createHash } from "crypto";
-import { rename, writeFile } from "fs/promises";
-var FABRIC_DIR = ".fabric";
-var HUMAN_LOCK_FILE = "human-lock.json";
-var LEDGER_FILE = ".intent-ledger.jsonl";
-async function atomicWriteText(path, content) {
-  const tempPath = `${path}.${process.pid}.${Date.now()}.tmp`;
-  await writeFile(tempPath, content, "utf8");
-  await rename(tempPath, path);
-}
-function sha256(content) {
-  return `sha256:${createHash("sha256").update(content).digest("hex")}`;
-}
-function isNodeError(error) {
-  return error instanceof Error;
-}
-function assertPathWithinProjectRoot(projectRoot, file) {
-  const normalizedProjectRoot = resolve(projectRoot);
-  const absolutePath = resolve(normalizedProjectRoot, file);
-  const rootPrefix = normalizedProjectRoot.endsWith(sep) ? normalizedProjectRoot : `${normalizedProjectRoot}${sep}`;
-  if (!absolutePath.startsWith(rootPrefix)) {
-    throw new Error(`Path escapes project root: ${file}`);
-  }
-  return absolutePath;
-}
-
-// src/services/audit-log.ts
+import { isAbsolute, join as join3, posix, relative, resolve as resolve2 } from "path";
 var AUDIT_LOG_FILE = `${FABRIC_DIR}/audit.jsonl`;
 var DEFAULT_AUDIT_WINDOW_MS = 5 * 60 * 1e3;
 async function appendGetRulesAuditEvent(projectRoot, input) {
@@ -230,7 +285,7 @@ async function readAuditLog(projectRoot, opts) {
   return readAuditLogWindowed(projectRoot, opts.ts, opts.windowMs);
 }
 async function readAuditLogFull(projectRoot) {
-  const auditPath = join2(projectRoot, AUDIT_LOG_FILE);
+  const auditPath = join3(projectRoot, AUDIT_LOG_FILE);
   let raw;
   try {
     const fileStat = await stat(auditPath);
@@ -251,7 +306,7 @@ async function readAuditLogFull(projectRoot) {
   return parseAuditLogText(raw);
 }
 async function readAuditLogWindowed(projectRoot, ts, windowMs) {
-  const auditPath = join2(projectRoot, AUDIT_LOG_FILE);
+  const auditPath = join3(projectRoot, AUDIT_LOG_FILE);
   let fileSize;
   try {
     const fileStat = await stat(auditPath);
@@ -339,8 +394,8 @@ function isGetRulesAuditEntry(entry) {
   return entry.event === "get_rules";
 }
 async function appendAuditLogEntries(projectRoot, entries) {
-  const auditPath = join2(projectRoot, AUDIT_LOG_FILE);
-  const auditDir = join2(projectRoot, FABRIC_DIR);
+  const auditPath = join3(projectRoot, AUDIT_LOG_FILE);
+  const auditDir = join3(projectRoot, FABRIC_DIR);
   await mkdir(auditDir, { recursive: true });
   await appendFile(auditPath, `${entries.map((entry) => JSON.stringify(entry)).join("\n")}
 `, "utf8");
@@ -379,61 +434,6 @@ function parseAuditLogLine(line) {
   }
 }
 
-// src/services/read-human-lock.ts
-import { readFile as readFile2 } from "fs/promises";
-import { join as join3 } from "path";
-import { humanLockEntrySchema } from "@fenglimg/fabric-shared";
-async function readHumanLock(projectRoot) {
-  const document = await readHumanLockDocument(projectRoot);
-  return await Promise.all(
-    document.locked.map(async (entry) => {
-      const currentHash = await hashHumanLockedContent(projectRoot, entry);
-      return {
-        ...entry,
-        drift: currentHash !== entry.hash,
-        current_hash: currentHash
-      };
-    })
-  );
-}
-async function readHumanLockEntry(projectRoot, file) {
-  const entries = await readHumanLock(projectRoot);
-  return entries.find((entry) => entry.file === file) ?? null;
-}
-async function readHumanLockDocument(projectRoot) {
-  const humanLockPath = join3(projectRoot, FABRIC_DIR, HUMAN_LOCK_FILE);
-  const raw = await readFile2(humanLockPath, "utf8");
-  const parsed = JSON.parse(raw);
-  if (!parsed || typeof parsed !== "object" || Array.isArray(parsed)) {
-    throw new Error(`Fabric human lock file is invalid: ${humanLockPath}`);
-  }
-  const rawObject = parsed;
-  const lockedResult = humanLockEntrySchema.array().safeParse(rawObject.locked ?? []);
-  if (!lockedResult.success) {
-    throw new Error(`Fabric human lock file is invalid: ${humanLockPath}`);
-  }
-  return {
-    path: humanLockPath,
-    rawObject,
-    locked: lockedResult.data
-  };
-}
-async function hashHumanLockedContent(projectRoot, entry) {
-  const targetPath = assertPathWithinProjectRoot(projectRoot, entry.file);
-  let content;
-  try {
-    content = await readFile2(targetPath, "utf8");
-  } catch (error) {
-    if (isNodeError(error) && error.code === "ENOENT") {
-      return "missing";
-    }
-    throw error;
-  }
-  const lines = content.split(/\r?\n/);
-  const slice = lines.slice(Math.max(entry.start_line - 1, 0), Math.max(entry.end_line, 0)).join("\n");
-  return sha256(slice);
-}
-
 // src/services/read-ledger.ts
 import { randomUUID } from "crypto";
 import { appendFile as appendFile2, readFile as readFile3 } from "fs/promises";
@@ -999,6 +999,212 @@ function isMissingFileError(error) {
   return error instanceof Error && "code" in error && error.code === "ENOENT";
 }
 
+// src/services/approve-human-lock.ts
+async function approveHumanLock(projectRoot, input) {
+  assertPathWithinProjectRoot(projectRoot, input.file);
+  const document = await readHumanLockDocument(projectRoot);
+  const index = document.locked.findIndex(
+    (entry) => entry.file === input.file && entry.start_line === input.start_line && entry.end_line === input.end_line
+  );
+  if (index === -1) {
+    throw new Error(`Cannot find human lock entry: ${input.file}:${input.start_line}-${input.end_line}`);
+  }
+  const currentEntry = document.locked[index];
+  if (currentEntry === void 0) {
+    throw new Error(`Cannot find human lock entry: ${input.file}:${input.start_line}-${input.end_line}`);
+  }
+  const nextEntry = {
+    ...currentEntry,
+    hash: input.new_hash
+  };
+  if (currentEntry.hash === input.new_hash) {
+    const currentHash2 = await hashHumanLockedContent(projectRoot, nextEntry);
+    return {
+      updated: false,
+      entry: {
+        ...nextEntry,
+        drift: currentHash2 !== nextEntry.hash,
+        current_hash: currentHash2
+      }
+    };
+  }
+  const nextLocked = document.locked.slice();
+  nextLocked[index] = nextEntry;
+  const nextRawObject = {
+    ...document.rawObject,
+    locked: nextLocked
+  };
+  await atomicWriteText(document.path, `${JSON.stringify(nextRawObject, null, 2)}
+`);
+  const currentHash = await hashHumanLockedContent(projectRoot, nextEntry);
+  const ledgerEntry = await appendLedgerEntry(projectRoot, createApproveLedgerEntry(input));
+  return {
+    updated: true,
+    entry: {
+      ...nextEntry,
+      drift: currentHash !== nextEntry.hash,
+      current_hash: currentHash
+    },
+    ledger_entry: ledgerEntry
+  };
+}
+function createApproveLedgerEntry(input) {
+  return {
+    ts: Date.now(),
+    source: "human",
+    parent_sha: "human-lock:approve",
+    intent: `approve human lock ${input.file}:${input.start_line}-${input.end_line}`,
+    affected_paths: [input.file, ".fabric/human-lock.json"],
+    diff_stat: `updated approved hash to ${input.new_hash}`
+  };
+}
+
+// src/services/get-rules.ts
+import { readFile as readFile5 } from "fs/promises";
+import { join as join6 } from "path";
+import { minimatch } from "minimatch";
+var PRIORITY_ORDER = {
+  high: 0,
+  medium: 1,
+  low: 2
+};
+async function getRules(projectRoot, input) {
+  const context = await loadGetRulesContext(projectRoot);
+  const stale = input.client_hash !== void 0 && input.client_hash !== context.meta.revision;
+  const rules = await resolveRulesForPath(projectRoot, context, input.path);
+  const result = {
+    revision_hash: context.meta.revision,
+    stale,
+    rules
+  };
+  try {
+    await appendGetRulesAuditEvent(projectRoot, {
+      path: input.path,
+      client_hash: input.client_hash
+    });
+  } catch {
+  }
+  return result;
+}
+async function loadGetRulesContext(projectRoot) {
+  const cached = contextCache.get("context", projectRoot);
+  if (cached !== void 0) {
+    return cached;
+  }
+  const meta = await readAgentsMeta(projectRoot);
+  const l0Content = await readFile5(join6(projectRoot, ".fabric", "bootstrap", "README.md"), "utf8");
+  const humanLockedNearby = (await readHumanLock(projectRoot)).map((entry) => ({
+    file: entry.file,
+    excerpt: JSON.stringify(entry)
+  }));
+  const context = {
+    meta,
+    l0Content,
+    humanLockedNearby
+  };
+  contextCache.set("context", projectRoot, context);
+  return context;
+}
+async function resolveRulesForPath(projectRoot, context, path, options = {}) {
+  const { rules: loadedRules, stubs } = await loadRulesForPath(projectRoot, context.meta, path);
+  const { L1, L2 } = partitionRulesByLevel(loadedRules, options.dedupeByPath ?? false);
+  return {
+    L0: context.l0Content,
+    L1,
+    L2,
+    human_locked_nearby: context.humanLockedNearby,
+    description_stubs: stubs.length > 0 ? dedupeDescriptionStubsByPath(stubs) : void 0
+  };
+}
+function normalizeRulesPath(value) {
+  return value.replaceAll("\\", "/");
+}
+function classifyNode(nodeId) {
+  if (nodeId.startsWith("L1/")) {
+    return "L1";
+  }
+  if (nodeId.startsWith("L2/")) {
+    return "L2";
+  }
+  return null;
+}
+async function loadRulesForPath(projectRoot, meta, path) {
+  const requestedPath = normalizeRulesPath(path);
+  const matchedNodes = Object.entries(meta.nodes).filter(([, node]) => shouldLoadNodeForPath(requestedPath, node)).sort((left, right) => {
+    const [leftId, leftNode] = left;
+    const [rightId, rightNode] = right;
+    const priorityDelta = PRIORITY_ORDER[leftNode.priority] - PRIORITY_ORDER[rightNode.priority];
+    return priorityDelta !== 0 ? priorityDelta : leftId.localeCompare(rightId);
+  });
+  const rules = [];
+  const stubs = [];
+  for (const [nodeId, node] of matchedNodes) {
+    if (node.activation?.tier === "description") {
+      stubs.push({
+        path: node.file,
+        description: node.activation.description ?? ""
+      });
+      continue;
+    }
+    rules.push({
+      level: classifyNode(nodeId),
+      entry: {
+        path: node.file,
+        content: await readFile5(join6(projectRoot, node.file), "utf8")
+      }
+    });
+  }
+  return { rules, stubs };
+}
+function partitionRulesByLevel(loadedRules, dedupeByPath) {
+  const l1 = [];
+  const l2 = [];
+  for (const rule of loadedRules) {
+    if (rule.level === "L1") {
+      l1.push(rule.entry);
+      continue;
+    }
+    if (rule.level === "L2") {
+      l2.push(rule.entry);
+    }
+  }
+  return {
+    L1: dedupeByPath ? dedupeEntriesByPath(l1) : l1,
+    L2: dedupeByPath ? dedupeEntriesByPath(l2) : l2
+  };
+}
+function dedupeEntriesByPath(entries) {
+  const seenPaths = /* @__PURE__ */ new Set();
+  return entries.filter((entry) => {
+    if (seenPaths.has(entry.path)) {
+      return false;
+    }
+    seenPaths.add(entry.path);
+    return true;
+  });
+}
+function shouldLoadNodeForPath(requestedPath, node) {
+  switch (node.activation?.tier) {
+    case "always":
+      return true;
+    case "description":
+      return true;
+    case "path":
+    case void 0:
+      return minimatch(requestedPath, normalizeRulesPath(node.scope_glob), { dot: true });
+  }
+}
+function dedupeDescriptionStubsByPath(stubs) {
+  const seenPaths = /* @__PURE__ */ new Set();
+  return stubs.filter((stub) => {
+    if (seenPaths.has(stub.path)) {
+      return false;
+    }
+    seenPaths.add(stub.path);
+    return true;
+  });
+}
+
 export {
   AGENTS_MD_RESOURCE_URI,
   contextCache,
@@ -1009,15 +1215,16 @@ export {
   FABRIC_DIR,
   atomicWriteText,
   sha256,
-  assertPathWithinProjectRoot,
-  appendGetRulesAuditEvent,
   appendEditIntentAuditEvents,
   readLedger,
   appendLedgerEntry,
   readHumanLock,
   readHumanLockEntry,
-  readHumanLockDocument,
-  hashHumanLockedContent,
+  getRules,
+  loadGetRulesContext,
+  resolveRulesForPath,
+  normalizeRulesPath,
   runDoctorReport,
-  runDoctorAuditReport
+  runDoctorAuditReport,
+  approveHumanLock
 };

package/dist/{http-6V75VA23.js → http-SK2HEFK4.js}

@@ -3,17 +3,15 @@ import {
   AgentsMetaFileMissingError,
   AgentsMetaInvalidError,
   appendLedgerEntry,
-  assertPathWithinProjectRoot,
-  atomicWriteText,
+  approveHumanLock,
   contextCache,
-  hashHumanLockedContent,
+  getRules,
   readAgentsMeta,
   readHumanLock,
-  readHumanLockDocument,
   readHumanLockEntry,
   readLedger,
   runDoctorReport
-} from "./chunk-GU7AMRM3.js";
+} from "./chunk-E3RZ276F.js";
 
 // src/http.ts
 import { randomUUID } from "crypto";
@@ -731,68 +729,6 @@ function registerHistoryApi(app, projectRoot) {
 
 // src/api/human-lock.ts
 import { humanLockApproveRequestSchema, humanLockFileParamsSchema } from "@fenglimg/fabric-shared";
-
-// src/services/approve-human-lock.ts
-async function approveHumanLock(projectRoot, input) {
-  assertPathWithinProjectRoot(projectRoot, input.file);
-  const document = await readHumanLockDocument(projectRoot);
-  const index = document.locked.findIndex(
-    (entry) => entry.file === input.file && entry.start_line === input.start_line && entry.end_line === input.end_line
-  );
-  if (index === -1) {
-    throw new Error(`Cannot find human lock entry: ${input.file}:${input.start_line}-${input.end_line}`);
-  }
-  const currentEntry = document.locked[index];
-  if (currentEntry === void 0) {
-    throw new Error(`Cannot find human lock entry: ${input.file}:${input.start_line}-${input.end_line}`);
-  }
-  const nextEntry = {
-    ...currentEntry,
-    hash: input.new_hash
-  };
-  if (currentEntry.hash === input.new_hash) {
-    const currentHash2 = await hashHumanLockedContent(projectRoot, nextEntry);
-    return {
-      updated: false,
-      entry: {
-        ...nextEntry,
-        drift: currentHash2 !== nextEntry.hash,
-        current_hash: currentHash2
-      }
-    };
-  }
-  const nextLocked = document.locked.slice();
-  nextLocked[index] = nextEntry;
-  const nextRawObject = {
-    ...document.rawObject,
-    locked: nextLocked
-  };
-  await atomicWriteText(document.path, `${JSON.stringify(nextRawObject, null, 2)}
-`);
-  const currentHash = await hashHumanLockedContent(projectRoot, nextEntry);
-  const ledgerEntry = await appendLedgerEntry(projectRoot, createApproveLedgerEntry(input));
-  return {
-    updated: true,
-    entry: {
-      ...nextEntry,
-      drift: currentHash !== nextEntry.hash,
-      current_hash: currentHash
-    },
-    ledger_entry: ledgerEntry
-  };
-}
-function createApproveLedgerEntry(input) {
-  return {
-    ts: Date.now(),
-    source: "human",
-    parent_sha: "human-lock:approve",
-    intent: `approve human lock ${input.file}:${input.start_line}-${input.end_line}`,
-    affected_paths: [input.file, ".fabric/human-lock.json"],
-    diff_stat: `updated approved hash to ${input.new_hash}`
-  };
-}
-
-// src/api/human-lock.ts
 function registerHumanLockApi(app, projectRoot) {
   app.get("/api/human-lock", async (_req, res) => {
     try {
@@ -929,6 +865,27 @@ function registerRulesApi(app, projectRoot) {
   });
 }
 
+// src/api/rules-context.ts
+function registerRulesContextApi(app, projectRoot) {
+  app.get("/api/rules/context", async (req, res) => {
+    const path = typeof req.query.path === "string" ? req.query.path.trim() : "";
+    if (path.length === 0) {
+      sendValidationError(res, "Missing required query parameter: path", {
+        fieldErrors: {
+          path: ["Expected a non-empty path query parameter."]
+        }
+      });
+      return;
+    }
+    try {
+      const result = await getRules(projectRoot, { path });
+      res.json(result.rules);
+    } catch (error) {
+      sendUnknownError(res, error);
+    }
+  });
+}
+
 // src/api/scan.ts
 import { existsSync, readdirSync, readFileSync, statSync } from "fs";
 import { isAbsolute, join as join2, relative, resolve, sep } from "path";
@@ -948,13 +905,13 @@ var DEFAULT_IGNORES = [
 function registerScanApi(app, projectRoot) {
   app.get("/api/scan", async (_req, res) => {
     try {
-      res.json(createScanReport(projectRoot));
+      res.json(await createScanReport(projectRoot));
     } catch (error) {
       sendUnknownError(res, error);
     }
   });
 }
-function createScanReport(targetInput = process.cwd()) {
+async function createScanReport(targetInput = process.cwd()) {
   const target = normalizeTarget(targetInput);
   const framework = detectFramework(target);
   const readmeQuality = getReadmeQuality(target);
@@ -1235,6 +1192,7 @@ function createFabricHttpApp(options) {
     app.use("/mcp", bearerAuth);
   }
   registerRulesApi(app, projectRoot);
+  registerRulesContextApi(app, projectRoot);
   registerLedgerApi(app, projectRoot);
   registerHistoryApi(app, projectRoot);
   registerScanApi(app, projectRoot);

package/dist/index.d.ts

@@ -1,6 +1,6 @@
 import { Server } from 'node:http';
 import { McpServer } from '@modelcontextprotocol/sdk/server/mcp.js';
-import { AuditMode } from '@fenglimg/fabric-shared';
+import { AuditMode, LedgerEntry, HumanLockEntry } from '@fenglimg/fabric-shared';
 
 type DoctorStatus = "ok" | "warn" | "error";
 type DoctorCheck = {
@@ -61,6 +61,30 @@ declare function runDoctorAuditReport(target: string, options?: {
     windowMs?: number;
 }): Promise<DoctorAuditReport>;
 
+type StoredLedgerEntry = LedgerEntry & {
+    id: string;
+};
+
+type HumanLockStatus = HumanLockEntry & {
+    drift: boolean;
+    current_hash: string;
+};
+declare function readHumanLock(projectRoot: string): Promise<HumanLockStatus[]>;
+declare function readHumanLockEntry(projectRoot: string, file: string): Promise<HumanLockStatus | null>;
+
+type ApproveHumanLockInput = {
+    file: string;
+    start_line: number;
+    end_line: number;
+    new_hash: string;
+};
+type ApproveHumanLockResult = {
+    updated: boolean;
+    entry: HumanLockStatus;
+    ledger_entry?: StoredLedgerEntry;
+};
+declare function approveHumanLock(projectRoot: string, input: ApproveHumanLockInput): Promise<ApproveHumanLockResult>;
+
 /**
  * Shared constants used across the server package.
  */
@@ -78,4 +102,4 @@ declare function startHttpServer(options: {
     dev?: boolean;
 }): Promise<Server>;
 
-export { AGENTS_MD_RESOURCE_URI, type DoctorAuditReport, type DoctorReport, createFabricServer, runDoctorAuditReport, runDoctorReport, startHttpServer, startStdioServer };
+export { AGENTS_MD_RESOURCE_URI, type ApproveHumanLockInput, type ApproveHumanLockResult, type DoctorAuditReport, type DoctorReport, type HumanLockStatus, approveHumanLock, createFabricServer, readHumanLock, readHumanLockEntry, runDoctorAuditReport, runDoctorReport, startHttpServer, startStdioServer };