@getripple/core 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (39) hide show
  1. package/CHANGELOG.md +18 -0
  2. package/README.md +53 -0
  3. package/dist/adapters.d.ts +39 -0
  4. package/dist/adapters.js +396 -0
  5. package/dist/adapters.js.map +1 -0
  6. package/dist/agent-workflow.d.ts +86 -0
  7. package/dist/agent-workflow.js +404 -0
  8. package/dist/agent-workflow.js.map +1 -0
  9. package/dist/approval.d.ts +45 -0
  10. package/dist/approval.js +272 -0
  11. package/dist/approval.js.map +1 -0
  12. package/dist/audit.d.ts +80 -0
  13. package/dist/audit.js +271 -0
  14. package/dist/audit.js.map +1 -0
  15. package/dist/change-intent.d.ts +242 -0
  16. package/dist/change-intent.js +1758 -0
  17. package/dist/change-intent.js.map +1 -0
  18. package/dist/graph.d.ts +346 -0
  19. package/dist/graph.js +4221 -0
  20. package/dist/graph.js.map +1 -0
  21. package/dist/index.d.ts +11 -0
  22. package/dist/index.js +28 -0
  23. package/dist/index.js.map +1 -0
  24. package/dist/normalizer.d.ts +34 -0
  25. package/dist/normalizer.js +455 -0
  26. package/dist/normalizer.js.map +1 -0
  27. package/dist/policy.d.ts +55 -0
  28. package/dist/policy.js +380 -0
  29. package/dist/policy.js.map +1 -0
  30. package/dist/readiness.d.ts +35 -0
  31. package/dist/readiness.js +200 -0
  32. package/dist/readiness.js.map +1 -0
  33. package/dist/staged-check.d.ts +96 -0
  34. package/dist/staged-check.js +853 -0
  35. package/dist/staged-check.js.map +1 -0
  36. package/dist/types.d.ts +122 -0
  37. package/dist/types.js +71 -0
  38. package/dist/types.js.map +1 -0
  39. package/package.json +52 -0
package/dist/agent-workflow.js ADDED
@@ -0,0 +1,404 @@
1
+ "use strict";
2
+ Object.defineProperty(exports, "__esModule", { value: true });
3
+ exports.getAgentWorkflowSummary = void 0;
4
+ function getAgentWorkflowSummary() {
5
+ return {
6
+ protocol: "ripple-agent-workflow",
7
+ version: 1,
8
+ purpose: "Give AI coding agents a human-selected trust boundary before editing, then check staged changes for intent drift and boundary drift before handoff.",
9
+ loop: [
10
+ "choose_boundary",
11
+ "plan",
12
+ "approve_if_required",
13
+ "edit",
14
+ "stage",
15
+ "check",
16
+ "repair_if_needed",
17
+ ],
18
+ controlModes: {
19
+ brainstorm: "Agent can plan, explain, and suggest, but no file edits are allowed.",
20
+ function: "Agent can edit only the approved symbol or function inside the target file.",
21
+ file: "Agent can edit only the selected target file.",
22
+ task: "Agent can edit the files saved in the task intent.",
23
+ pr: "Agent can prepare a low-risk PR, but human review remains the merge gate.",
24
+ },
25
+ auditGates: {
26
+ beforeRiskyEdit: "Human approval is required before editing human-gated sensitive or dangerous targets.",
27
+ afterStaging: "Ripple checks staged changes against saved intent and selected control boundary.",
28
+ beforeMerge: "Human reviews the diff plus Ripple drift and boundary verdict before merge.",
29
+ },
30
+ policyWorkflow: {
31
+ defaultAgentPath: "Use ripple_plan_context first in MCP; it includes policyExplanation. In CLI, use planBeforeEditing with --json when automation needs the same policyExplanation shape.",
32
+ policyOnlyPath: "Use explainPolicy / ripple_explain_policy only when you need the repo trust boundary without a plan.",
33
+ policyDriftPath: "If checkAfterStaging or repairIntentDrift reports policyDrift.status=changed, stop and ask the human to review the current policy before continuing.",
34
+ },
35
+ commands: {
36
+ guide: "ripple agent",
37
+ initializeRepo: "ripple init",
38
+ checkReadiness: "ripple doctor --agent --strict",
39
+ installCi: "ripple init-ci",
40
+ explainPolicy: "ripple policy explain --file <file> --agent",
41
+ planBeforeEditing: "ripple plan --file <file> --task \"<task>\" --mode file --agent --save",
42
+ checkAfterStaging: "ripple check --staged --agent --intent latest",
43
+ checkChangedAgainstBase: "ripple check --changed --base <ref> --agent --intent latest",
44
+ auditCurrentChange: "ripple audit --agent --intent latest",
45
+ gateCurrentChange: "ripple gate --agent --intent latest",
46
+ checkApproval: "ripple approval --intent latest --agent",
47
+ approveHumanGate: "ripple approve --intent latest --gate before-risky-edit",
48
+ ciGate: "ripple ci --base <ref> --intent latest --github-annotations",
49
+ repairIntentDrift: "ripple repair --agent --intent latest",
50
+ },
51
+ mcpTools: {
52
+ workflow: "ripple_get_agent_workflow",
53
+ checkReadiness: "ripple_doctor",
54
+ explainPolicy: "ripple_explain_policy",
55
+ planBeforeEditing: "ripple_plan_context",
56
+ checkAfterStaging: "ripple_check_staged",
57
+ checkChangedAgainstBase: "ripple_check_changed",
58
+ auditCurrentChange: "ripple_audit_change",
59
+ gateCurrentChange: "ripple_gate",
60
+ checkApproval: "ripple_get_approval_status",
61
+ repairIntentDrift: "ripple_repair_intent_drift",
62
+ },
63
+ outputContracts: {
64
+ doctorHeader: "RIPPLE_DOCTOR",
65
+ planHeader: "RIPPLE_AGENT_CONTEXT",
66
+ stagedCheckHeader: "RIPPLE_STAGED_CHECK",
67
+ repairHeader: "RIPPLE_INTENT_DRIFT_REPAIR",
68
+ auditHeader: "RIPPLE_AUDIT",
69
+ gateHeader: "RIPPLE_GATE",
70
+ approvalHeader: "RIPPLE_APPROVAL",
71
+ approvalStatusHeader: "RIPPLE_APPROVAL_STATUS",
72
+ doctorSections: [
73
+ "status",
74
+ "readiness_decision",
75
+ "enforcement_level",
76
+ "can_guide_agents",
77
+ "can_detect_drift",
78
+ "can_block_in_ci",
79
+ "policy_explicit",
80
+ "graph",
81
+ "git",
82
+ "ci_workflow",
83
+ "latest_intent",
84
+ "gaps",
85
+ "next_steps",
86
+ ],
87
+ planSections: [
88
+ "readiness_status",
89
+ "enforcement_level",
90
+ "can_detect_drift",
91
+ "can_block_in_ci",
92
+ "readiness_gaps",
93
+ "editable_files",
94
+ "control_mode",
95
+ "human_gate",
96
+ "allowed_files",
97
+ "allowed_symbols",
98
+ "context_files",
99
+ "read_first",
100
+ "read_if_needed",
101
+ "symbols_first",
102
+ "verify",
103
+ "avoid_first",
104
+ ],
105
+ stagedCheckSections: [
106
+ "handoff",
107
+ "drift_verdict",
108
+ "drift_decision",
109
+ "next_required_phase",
110
+ "next_required_action",
111
+ "drift_why",
112
+ "drift_fix",
113
+ "boundary_verdict",
114
+ "boundary_decision",
115
+ "boundary_why",
116
+ "boundary_fix",
117
+ "policy_drift",
118
+ "readiness_drift",
119
+ "intent_verdict",
120
+ "control_mode",
121
+ "human_required",
122
+ "planned_scope",
123
+ "allowed_files",
124
+ "allowed_symbols",
125
+ "editable_files",
126
+ "context_files_changed",
127
+ "changed_files",
128
+ "read_first",
129
+ "symbols_first",
130
+ "verify",
131
+ ],
132
+ repairSections: [
133
+ "handoff",
134
+ "drift_verdict",
135
+ "drift_decision",
136
+ "drift_why",
137
+ "drift_fix",
138
+ "boundary_verdict",
139
+ "boundary_decision",
140
+ "boundary_why",
141
+ "boundary_fix",
142
+ "policy_drift",
143
+ "readiness_drift",
144
+ "verdict",
145
+ "status",
146
+ "unstage_files",
147
+ "review_contracts",
148
+ "fix_actions",
149
+ "verify",
150
+ "next_steps",
151
+ ],
152
+ auditSections: [
153
+ "handoff",
154
+ "status",
155
+ "decision",
156
+ "can_proceed",
157
+ "next_required_phase",
158
+ "next_required_action",
159
+ "approval_status",
160
+ "approval_decision",
161
+ "approval_required",
162
+ "approval_approved",
163
+ "approval_gate",
164
+ "intent_id",
165
+ "control_mode",
166
+ "drift_verdict",
167
+ "boundary_verdict",
168
+ "policy_drift",
169
+ "readiness_drift",
170
+ "repair_status",
171
+ "recommended_action",
172
+ "saved_policy_explanation",
173
+ "current_policy_explanation",
174
+ "blocking_reasons",
175
+ "changed_files",
176
+ "verify",
177
+ "fix_actions",
178
+ ],
179
+ gateSections: [
180
+ "status",
181
+ "decision",
182
+ "can_continue",
183
+ "must_stop",
184
+ "needs_human",
185
+ "next_required_phase",
186
+ "next_required_action",
187
+ "audit_status",
188
+ "approval_status",
189
+ "why",
190
+ "fix_now",
191
+ "ask_human",
192
+ "commands_doctor",
193
+ "commands_check",
194
+ "commands_audit",
195
+ "commands_repair",
196
+ "commands_approve",
197
+ "commands_unstage",
198
+ "commands_verify",
199
+ ],
200
+ },
201
+ runtimeContract: {
202
+ protocol: "ripple-agent-runtime-contract",
203
+ version: 1,
204
+ invariant: "An agent should edit only after a saved Ripple plan defines the trust boundary, and should proceed only when the Ripple audit says the change can proceed.",
205
+ compatibleRuntimes: [
206
+ "MCP coding agents",
207
+ "CLI-driven coding agents",
208
+ "IDE coding agents",
209
+ "CI and PR bots",
210
+ ],
211
+ sourceOfTruth: [
212
+ "Before editing, ripple_plan_context / ripple plan is the source of truth.",
213
+ "During editing, saved change intent allowed_files and allowed_symbols are the source of truth.",
214
+ "After editing, ripple_audit_change / ripple audit is the full report; ripple gate is the compact continue/stop decision.",
215
+ "If human approval is required, ripple_get_approval_status / ripple approval is the source of truth.",
216
+ ],
217
+ phases: [
218
+ {
219
+ id: "discover_contract",
220
+ order: 1,
221
+ requiredWhen: "before any autonomous Ripple-controlled task",
222
+ agentAction: "Load the current Ripple protocol, commands, tools, output headers, and stop rules.",
223
+ mcpTool: "ripple_get_agent_workflow",
224
+ cliCommand: "ripple agent --json",
225
+ outputContract: "ripple-agent-workflow",
226
+ must: [
227
+ "Use the returned versioned protocol for the current repo and session.",
228
+ "Run initializeRepo before the first saved plan when repo setup is missing.",
229
+ "Run checkReadiness before planning or editing when the runtime can execute local commands.",
230
+ "Prefer MCP tools when the runtime has MCP access; otherwise use the CLI commands.",
231
+ ],
232
+ stopIf: [
233
+ "protocol is missing, unsupported, or older than the runtime understands.",
234
+ ],
235
+ continueIf: [
236
+ "protocol=ripple-agent-workflow and version=1.",
237
+ ],
238
+ },
239
+ {
240
+ id: "plan_before_edit",
241
+ order: 2,
242
+ requiredWhen: "before reading broadly or editing a known target file",
243
+ agentAction: "Create a saved plan with task, target file, control mode, policy explanation, and context budget.",
244
+ mcpTool: "ripple_plan_context",
245
+ cliCommand: "ripple plan --file <file> --task \"<task>\" --mode file --agent --save",
246
+ outputContract: "RIPPLE_AGENT_CONTEXT",
247
+ must: [
248
+ "Save the change intent when edits may follow.",
249
+ "Read read_first and symbols_first before changing code.",
250
+ "Treat allowed_files and allowed_symbols as the edit boundary.",
251
+ "Treat policyExplanation as the repo trust-boundary snapshot for this intent.",
252
+ ],
253
+ stopIf: [
254
+ "no target file is known for a file/function boundary task.",
255
+ "the plan cannot be saved but later drift checking is required.",
256
+ ],
257
+ continueIf: [
258
+ "changeIntent exists and editable_files match the intended scope.",
259
+ ],
260
+ },
261
+ {
262
+ id: "approval_gate",
263
+ order: 3,
264
+ requiredWhen: "when human_gate=required-before-edit or policy requires approval",
265
+ agentAction: "Check whether the human approved the saved risky edit gate before changing files.",
266
+ mcpTool: "ripple_get_approval_status",
267
+ cliCommand: "ripple approval --intent latest --agent",
268
+ outputContract: "RIPPLE_APPROVAL_STATUS",
269
+ must: [
270
+ "Do not treat context reading as approval to edit.",
271
+ "Use the approval status for the same saved intent id and gate.",
272
+ ],
273
+ stopIf: [
274
+ "approval status is missing or stale for a required gate.",
275
+ "approval belongs to a different intent, policy snapshot, or gate.",
276
+ ],
277
+ continueIf: [
278
+ "approval is not required, or approvalStatus.approved=true for the saved intent.",
279
+ ],
280
+ },
281
+ {
282
+ id: "edit_inside_boundary",
283
+ order: 4,
284
+ requiredWhen: "after plan and any required approval pass",
285
+ agentAction: "Edit only inside the saved trust boundary and keep context-only files read-only unless replanned.",
286
+ must: [
287
+ "For brainstorm mode, do not edit files.",
288
+ "For function mode, edit only the approved symbols.",
289
+ "For file mode, edit only the selected file.",
290
+ "For task/pr mode, edit only planned editable files.",
291
+ ],
292
+ stopIf: [
293
+ "the task needs a file or symbol outside the saved boundary.",
294
+ "the agent needs to touch a human-gated file that was not approved.",
295
+ ],
296
+ continueIf: [
297
+ "all edits remain inside editable_files and allowed_symbols.",
298
+ ],
299
+ },
300
+ {
301
+ id: "audit_after_change",
302
+ order: 5,
303
+ requiredWhen: "after files are staged, or before handoff in changed-file workflows",
304
+ agentAction: "Run the compact Ripple gate or full audit and treat canContinue/canProceed=false as a hard stop.",
305
+ mcpTool: "ripple_gate",
306
+ cliCommand: "ripple gate --agent --intent latest",
307
+ outputContract: "RIPPLE_GATE",
308
+ must: [
309
+ "Use staged audit for local agent work and changed audit for PR/CI work.",
310
+ "Use ripple gate when the agent only needs the final continue/stop handoff.",
311
+ "Check drift_verdict, boundary_verdict, policy_drift, approval_status, and can_proceed together.",
312
+ ],
313
+ stopIf: [
314
+ "can_continue=false or can_proceed=false.",
315
+ "policyDrift.status=changed.",
316
+ "drift_verdict or boundary_verdict blocks the change.",
317
+ "approval is required but not approved.",
318
+ ],
319
+ continueIf: [
320
+ "can_continue=true or can_proceed=true and audit status is passed.",
321
+ ],
322
+ },
323
+ {
324
+ id: "repair_or_handoff",
325
+ order: 6,
326
+ requiredWhen: "when audit fails, or when preparing final human handoff",
327
+ agentAction: "Ask Ripple for exact repair actions, or hand off the passed audit summary to the human.",
328
+ mcpTool: "ripple_repair_intent_drift",
329
+ cliCommand: "ripple repair --agent --intent latest",
330
+ outputContract: "RIPPLE_INTENT_DRIFT_REPAIR",
331
+ must: [
332
+ "Follow blocker fix_actions before widening scope.",
333
+ "Unstage files Ripple marks as outside intent unless the human explicitly replans or approves wider scope.",
334
+ "Run or report the verify targets from the plan/audit.",
335
+ ],
336
+ stopIf: [
337
+ "repair status is human-review-required.",
338
+ "the fix requires widening the saved trust boundary.",
339
+ ],
340
+ continueIf: [
341
+ "repair status is no-repair-needed, or repairs are applied and a fresh audit passes.",
342
+ ],
343
+ },
344
+ ],
345
+ stopConditions: [
346
+ "No saved change intent exists for a task that will edit files.",
347
+ "A required human approval is missing or stale.",
348
+ "The agent needs to edit outside allowed_files or allowed_symbols.",
349
+ "policyDrift.status=changed.",
350
+ "drift_verdict or boundary_verdict is DANGER or blocks the change.",
351
+ "audit.canProceed is false.",
352
+ "repair status is human-review-required.",
353
+ ],
354
+ proceedConditions: [
355
+ "A saved intent exists for the current task.",
356
+ "Human approval is not required, or approvalStatus.approved=true for the current intent and gate.",
357
+ "Edits remain inside editable_files and allowed_symbols.",
358
+ "policyDrift.status is unchanged or not-applicable.",
359
+ "The audit reports canProceed=true.",
360
+ "The agent has run or clearly handed off the verify targets.",
361
+ ],
362
+ },
363
+ rules: [
364
+ "Choose the narrowest control mode before editing: brainstorm, function, file, task, or pr.",
365
+ "Run planBeforeEditing before reading broadly or editing a known target file.",
366
+ "Treat policyExplanation inside planBeforeEditing as the normal source of truth for effective mode, policy risk, matched rules, and human gate.",
367
+ "Treat policyDrift.status=changed as a human-review stop: current repo trust policy differs from the saved intent snapshot.",
368
+ "Call explainPolicy only for policy-only checks when no task plan is needed.",
369
+ "Read read_first files and symbols_first symbols before changing code.",
370
+ "Do not read avoid_first items in the first pass unless the plan forces it.",
371
+ "Save the change intent from planBeforeEditing so staged checks can detect drift.",
372
+ "If the plan reports human_gate=required-before-edit, a human should run approveHumanGate after reviewing the plan and before the agent edits.",
373
+ "Use checkApproval when you need approval state without running the full audit.",
374
+ "Stay inside allowed_files and allowed_symbols unless the human approves a wider boundary.",
375
+ "Run initializeRepo once per repo to create the default trust policy and CI gate.",
376
+ "Run checkReadiness before enabling or debugging CI automation.",
377
+ "Run installCi when GitHub Actions setup is missing.",
378
+ "After editing, stage the intended files and run checkAfterStaging against the saved intent.",
379
+ "Use auditCurrentChange when a human needs one compact report of intent, boundary, policy drift, repair status, and next action.",
380
+ "Use gateCurrentChange when an agent needs only the final continue, repair, human-review, or restore-readiness decision.",
381
+ "In CI or PR review, use checkChangedAgainstBase instead of staging files.",
382
+ "Use ciGate as the default strict automation command for PR checks.",
383
+ "If staged changes drift from intent or boundary, call repairIntentDrift before widening scope.",
384
+ "Use verify targets as the narrowest compile, test, or caller-review surface.",
385
+ ],
386
+ example: [
387
+ "ripple init",
388
+ "ripple plan --file src/auth.ts --task \"change token refresh behavior\" --mode file --agent --save",
389
+ "ripple approval --intent latest --agent",
390
+ "ripple approve --intent latest --gate before-risky-edit",
391
+ "ripple plan --file src/auth.ts --symbol refreshToken --task \"fix retry behavior\" --mode function --agent --save",
392
+ "git add src/auth.ts",
393
+ "ripple check --staged --agent --intent latest",
394
+ "ripple audit --agent --intent latest",
395
+ "ripple gate --agent --intent latest",
396
+ "ripple doctor --agent --strict",
397
+ "ripple check --changed --base origin/main --agent --intent latest",
398
+ "ripple ci --base origin/main --intent latest --github-annotations",
399
+ "ripple repair --agent --intent latest",
400
+ ],
401
+ };
402
+ }
403
+ exports.getAgentWorkflowSummary = getAgentWorkflowSummary;
404
+ //# sourceMappingURL=agent-workflow.js.map
package/dist/agent-workflow.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"agent-workflow.js","sourceRoot":"","sources":["../src/agent-workflow.ts"],"names":[],"mappings":";;;AA+FA,SAAgB,uBAAuB;IACrC,OAAO;QACL,QAAQ,EAAE,uBAAuB;QACjC,OAAO,EAAE,CAAC;QACV,OAAO,EAAE,qJAAqJ;QAC9J,IAAI,EAAE;YACJ,iBAAiB;YACjB,MAAM;YACN,qBAAqB;YACrB,MAAM;YACN,OAAO;YACP,OAAO;YACP,kBAAkB;SACnB;QACD,YAAY,EAAE;YACZ,UAAU,EAAE,sEAAsE;YAClF,QAAQ,EAAE,6EAA6E;YACvF,IAAI,EAAE,+CAA+C;YACrD,IAAI,EAAE,oDAAoD;YAC1D,EAAE,EAAE,2EAA2E;SAChF;QACD,UAAU,EAAE;YACV,eAAe,EAAE,uFAAuF;YACxG,YAAY,EAAE,kFAAkF;YAChG,WAAW,EAAE,6EAA6E;SAC3F;QACD,cAAc,EAAE;YACd,gBAAgB,EAAE,wKAAwK;YAC1L,cAAc,EAAE,sGAAsG;YACtH,eAAe,EAAE,sJAAsJ;SACxK;QACD,QAAQ,EAAE;YACR,KAAK,EAAE,cAAc;YACrB,cAAc,EAAE,aAAa;YAC7B,cAAc,EAAE,gCAAgC;YAChD,SAAS,EAAE,gBAAgB;YAC3B,aAAa,EAAE,6CAA6C;YAC5D,iBAAiB,EAAE,wEAAwE;YAC3F,iBAAiB,EAAE,+CAA+C;YAClE,uBAAuB,EAAE,6DAA6D;YACtF,kBAAkB,EAAE,sCAAsC;YAC1D,iBAAiB,EAAE,qCAAqC;YACxD,aAAa,EAAE,yCAAyC;YACxD,gBAAgB,EAAE,yDAAyD;YAC3E,MAAM,EAAE,6DAA6D;YACrE,iBAAiB,EAAE,uCAAuC;SAC3D;QACD,QAAQ,EAAE;YACR,QAAQ,EAAE,2BAA2B;YACrC,cAAc,EAAE,eAAe;YAC/B,aAAa,EAAE,uBAAuB;YACtC,iBAAiB,EAAE,qBAAqB;YACxC,iBAAiB,EAAE,qBAAqB;YACxC,uBAAuB,EAAE,sBAAsB;YAC/C,kBAAkB,EAAE,qBAAqB;YACzC,iBAAiB,EAAE,aAAa;YAChC,aAAa,EAAE,4BAA4B;YAC3C,iBAAiB,EAAE,4BAA4B;SAChD;QACD,eAAe,EAAE;YACf,YAAY,EAAE,eAAe;YAC7B,UAAU,EAAE,sBAAsB;YAClC,iBAAiB,EAAE,qBAAqB;YACxC,YAAY,EAAE,4BAA4B;YAC1C,WAAW,EAAE,cAAc;YAC3B,UAAU,EAAE,aAAa;YACzB,cAAc,EAAE,iBAAiB;YACjC,oBAAoB,EAAE,wBAAwB;YAC9C,cAAc,EAAE;gBACd,QAAQ;gBACR,oBAAoB;gBACpB,mBAAmB;gBACnB,kBAAkB;gBAClB,kBAAkB;gBAClB,iBAAiB;gBACjB,iBAAiB;gBACjB,OAAO;gBACP,KAAK;gBACL,aAAa;gBACb,eAAe;gBACf,MAAM;gBACN,YAAY;aACb;YACD,YAAY,EAAE;gBACZ,kBAAkB;gBAClB,mBAAmB;gBACnB,kBAAkB;gBAClB,iBAAiB;gBACjB,gBAAgB;gBAChB,gBAAgB;gBAChB,cAAc;gBACd,YAAY;gBACZ,eAAe;gBACf,iBAAiB;gBACjB,eAAe;gBACf,YAAY;gBACZ,gBAAgB;gBAChB,eAAe;gBACf,QAAQ;gBACR,aAAa;aACd;YACD,mBAAmB,EAAE;gBACnB,SAAS;gBACT,eAAe;gBACf,gBAAgB;gBAChB,qBAAqB;gBACrB,sBAAsB;gBACtB,WAAW;gBACX,WAAW;gBACX,kBAAkB;gBAClB,mBAAmB;gBACnB,cAAc;gBACd,cAAc;gBACd,cAAc;gBACd,iBAAiB;gBACjB,gBAAgB;gBAChB,cAAc;gBACd,gBAAgB;gBAChB,eAAe;gBACf,eAAe;gBACf,iBAAiB;gBACjB,gBAAgB;gBAChB,uBAAuB;gBACvB,eAAe;gBACf,YAAY;gBACZ,eAAe;gBACf,QAAQ;aACT;YACD,cAAc,EAAE;gBACd,SAAS;gBACT,eAAe;gBACf,gBAAgB;gBAChB,WAAW;gBACX,WAAW;gBACX,kBAAkB;gBAClB,mBAAmB;gBACnB,cAAc;gBACd,cAAc;gBACd,cAAc;gBACd,iBAAiB;gBACjB,SAAS;gBACT,QAAQ;gBACR,eAAe;gBACf,kBAAkB;gBAClB,aAAa;gBACb,QAAQ;gBACR,YAAY;aACb;YACD,aAAa,EAAE;gBACb,SAAS;gBACT,QAAQ;gBACR,UAAU;gBACV,aAAa;gBACb,qBAAqB;gBACrB,sBAAsB;gBACtB,iBAAiB;gBACjB,mBAAmB;gBACnB,mBAAmB;gBACnB,mBAAmB;gBACnB,eAAe;gBACf,WAAW;gBACX,cAAc;gBACd,eAAe;gBACf,kBAAkB;gBAClB,cAAc;gBACd,iBAAiB;gBACjB,eAAe;gBACf,oBAAoB;gBACpB,0BAA0B;gBAC1B,4BAA4B;gBAC5B,kBAAkB;gBAClB,eAAe;gBACf,QAAQ;gBACR,aAAa;aACd;YACD,YAAY,EAAE;gBACZ,QAAQ;gBACR,UAAU;gBACV,cAAc;gBACd,WAAW;gBACX,aAAa;gBACb,qBAAqB;gBACrB,sBAAsB;gBACtB,cAAc;gBACd,iBAAiB;gBACjB,KAAK;gBACL,SAAS;gBACT,WAAW;gBACX,iBAAiB;gBACjB,gBAAgB;gBAChB,gBAAgB;gBAChB,iBAAiB;gBACjB,kBAAkB;gBAClB,kBAAkB;gBAClB,iBAAiB;aAClB;SACF;QACD,eAAe,EAAE;YACf,QAAQ,EAAE,+BAA+B;YACzC,OAAO,EAAE,CAAC;YACV,SAAS,EACP,4JAA4J;YAC9J,kBAAkB,EAAE;gBAClB,mBAAmB;gBACnB,0BAA0B;gBAC1B,mBAAmB;gBACnB,gBAAgB;aACjB;YACD,aAAa,EAAE;gBACb,2EAA2E;gBAC3E,gGAAgG;gBAChG,0HAA0H;gBAC1H,qGAAqG;aACtG;YACD,MAAM,EAAE;gBACN;oBACE,EAAE,EAAE,mBAAmB;oBACvB,KAAK,EAAE,CAAC;oBACR,YAAY,EAAE,8CAA8C;oBAC5D,WAAW,EAAE,oFAAoF;oBACjG,OAAO,EAAE,2BAA2B;oBACpC,UAAU,EAAE,qBAAqB;oBACjC,cAAc,EAAE,uBAAuB;oBACvC,IAAI,EAAE;wBACJ,uEAAuE;wBACvE,4EAA4E;wBAC5E,4FAA4F;wBAC5F,mFAAmF;qBACpF;oBACD,MAAM,EAAE;wBACN,0EAA0E;qBAC3E;oBACD,UAAU,EAAE;wBACV,+CAA+C;qBAChD;iBACF;gBACD;oBACE,EAAE,EAAE,kBAAkB;oBACtB,KAAK,EAAE,CAAC;oBACR,YAAY,EAAE,uDAAuD;oBACrE,WAAW,EAAE,mGAAmG;oBAChH,OAAO,EAAE,qBAAqB;oBAC9B,UAAU,EAAE,wEAAwE;oBACpF,cAAc,EAAE,sBAAsB;oBACtC,IAAI,EAAE;wBACJ,+CAA+C;wBAC/C,yDAAyD;wBACzD,+DAA+D;wBAC/D,8EAA8E;qBAC/E;oBACD,MAAM,EAAE;wBACN,4DAA4D;wBAC5D,gEAAgE;qBACjE;oBACD,UAAU,EAAE;wBACV,kEAAkE;qBACnE;iBACF;gBACD;oBACE,EAAE,EAAE,eAAe;oBACnB,KAAK,EAAE,CAAC;oBACR,YAAY,EAAE,kEAAkE;oBAChF,WAAW,EAAE,mFAAmF;oBAChG,OAAO,EAAE,4BAA4B;oBACrC,UAAU,EAAE,yCAAyC;oBACrD,cAAc,EAAE,wBAAwB;oBACxC,IAAI,EAAE;wBACJ,mDAAmD;wBACnD,gEAAgE;qBACjE;oBACD,MAAM,EAAE;wBACN,0DAA0D;wBAC1D,mEAAmE;qBACpE;oBACD,UAAU,EAAE;wBACV,iFAAiF;qBAClF;iBACF;gBACD;oBACE,EAAE,EAAE,sBAAsB;oBAC1B,KAAK,EAAE,CAAC;oBACR,YAAY,EAAE,2CAA2C;oBACzD,WAAW,EAAE,mGAAmG;oBAChH,IAAI,EAAE;wBACJ,yCAAyC;wBACzC,oDAAoD;wBACpD,6CAA6C;wBAC7C,qDAAqD;qBACtD;oBACD,MAAM,EAAE;wBACN,6DAA6D;wBAC7D,oEAAoE;qBACrE;oBACD,UAAU,EAAE;wBACV,6DAA6D;qBAC9D;iBACF;gBACD;oBACE,EAAE,EAAE,oBAAoB;oBACxB,KAAK,EAAE,CAAC;oBACR,YAAY,EAAE,qEAAqE;oBACnF,WAAW,EAAE,kGAAkG;oBAC/G,OAAO,EAAE,aAAa;oBACtB,UAAU,EAAE,qCAAqC;oBACjD,cAAc,EAAE,aAAa;oBAC7B,IAAI,EAAE;wBACJ,yEAAyE;wBACzE,4EAA4E;wBAC5E,iGAAiG;qBAClG;oBACD,MAAM,EAAE;wBACN,0CAA0C;wBAC1C,6BAA6B;wBAC7B,sDAAsD;wBACtD,wCAAwC;qBACzC;oBACD,UAAU,EAAE;wBACV,mEAAmE;qBACpE;iBACF;gBACD;oBACE,EAAE,EAAE,mBAAmB;oBACvB,KAAK,EAAE,CAAC;oBACR,YAAY,EAAE,yDAAyD;oBACvE,WAAW,EAAE,yFAAyF;oBACtG,OAAO,EAAE,4BAA4B;oBACrC,UAAU,EAAE,uCAAuC;oBACnD,cAAc,EAAE,4BAA4B;oBAC5C,IAAI,EAAE;wBACJ,mDAAmD;wBACnD,2GAA2G;wBAC3G,uDAAuD;qBACxD;oBACD,MAAM,EAAE;wBACN,yCAAyC;wBACzC,qDAAqD;qBACtD;oBACD,UAAU,EAAE;wBACV,qFAAqF;qBACtF;iBACF;aACF;YACD,cAAc,EAAE;gBACd,gEAAgE;gBAChE,gDAAgD;gBAChD,mEAAmE;gBACnE,6BAA6B;gBAC7B,mEAAmE;gBACnE,4BAA4B;gBAC5B,yCAAyC;aAC1C;YACD,iBAAiB,EAAE;gBACjB,6CAA6C;gBAC7C,kGAAkG;gBAClG,yDAAyD;gBACzD,oDAAoD;gBACpD,oCAAoC;gBACpC,6DAA6D;aAC9D;SACF;QACD,KAAK,EAAE;YACL,4FAA4F;YAC5F,8EAA8E;YAC9E,gJAAgJ;YAChJ,4HAA4H;YAC5H,6EAA6E;YAC7E,uEAAuE;YACvE,4EAA4E;YAC5E,kFAAkF;YAClF,+IAA+I;YAC/I,gFAAgF;YAChF,2FAA2F;YAC3F,kFAAkF;YAClF,gEAAgE;YAChE,qDAAqD;YACrD,6FAA6F;YAC7F,iIAAiI;YACjI,yHAAyH;YACzH,2EAA2E;YAC3E,oEAAoE;YACpE,gGAAgG;YAChG,8EAA8E;SAC/E;QACD,OAAO,EAAE;YACP,aAAa;YACb,oGAAoG;YACpG,yCAAyC;YACzC,yDAAyD;YACzD,mHAAmH;YACnH,qBAAqB;YACrB,+CAA+C;YAC/C,sCAAsC;YACtC,qCAAqC;YACrC,gCAAgC;YAChC,mEAAmE;YACnE,mEAAmE;YACnE,uCAAuC;SACxC;KACF,CAAC;AACJ,CAAC;AA/YD,0DA+YC"}
package/dist/approval.d.ts ADDED
@@ -0,0 +1,45 @@
1
+ import type { ChangeIntent, ControlBoundaryRisk, ControlMode, HumanGate } from "./change-intent";
2
+ export type RippleApprovalGate = "before-risky-edit" | "before-merge";
3
+ export type RippleApprovalStatusValue = "not-required" | "missing" | "approved" | "stale";
4
+ export type RippleApprovalDecision = "continue" | "human-review";
5
+ export type RippleApprovalRecord = {
6
+ protocol: "ripple-approval";
7
+ version: 1;
8
+ id: string;
9
+ intentId: string;
10
+ gate: RippleApprovalGate;
11
+ approvedAt: string;
12
+ approvedBy: string;
13
+ targetFile: string;
14
+ task: string;
15
+ controlMode: ControlMode;
16
+ humanGate: HumanGate;
17
+ boundaryRisk: ControlBoundaryRisk;
18
+ intentFingerprint: string;
19
+ policyFingerprint: string;
20
+ reason?: string;
21
+ };
22
+ export type RippleApprovalStatus = {
23
+ protocol: "ripple-approval-status";
24
+ version: 1;
25
+ required: boolean;
26
+ approved: boolean;
27
+ status: RippleApprovalStatusValue;
28
+ decision: RippleApprovalDecision;
29
+ gate?: RippleApprovalGate;
30
+ summary: string;
31
+ approval?: RippleApprovalRecord;
32
+ approvalPath?: string;
33
+ why: string[];
34
+ nextSteps: string[];
35
+ };
36
+ export type RecordRippleApprovalOptions = {
37
+ gate?: RippleApprovalGate;
38
+ approvedBy?: string;
39
+ reason?: string;
40
+ approvedAt?: string;
41
+ };
42
+ export declare function approvalGateForHumanGate(humanGate: HumanGate): RippleApprovalGate | undefined;
43
+ export declare function recordRippleApproval(workspaceRoot: string, intent: ChangeIntent, options?: RecordRippleApprovalOptions): RippleApprovalRecord;
44
+ export declare function resolveRippleApprovalStatus(workspaceRoot: string, intent: ChangeIntent, gateOverride?: RippleApprovalGate): RippleApprovalStatus;
45
+ export declare function rippleApprovalPath(workspaceRoot: string, intentId: string, gate: RippleApprovalGate): string;