@git-stunts/git-warp 11.2.1 → 11.5.0

package/src/domain/services/StreamingBitmapIndexBuilder.js

@@ -8,6 +8,8 @@ import { getRoaringBitmap32 } from '../utils/roaring.js';
 import { canonicalStringify } from '../utils/canonicalStringify.js';
 import { SHARD_VERSION } from '../utils/shardVersion.js';
 
+/** @typedef {import('../types/WarpPersistence.js').IndexStorage} IndexStorage */
+
 // Re-export for backwards compatibility
 export { SHARD_VERSION };
 
@@ -81,7 +83,7 @@ export default class StreamingBitmapIndexBuilder {
    * Creates a new StreamingBitmapIndexBuilder instance.
    *
    * @param {Object} options - Configuration options
-   * @param {Object} options.storage - Storage adapter implementing IndexStoragePort.
+   * @param {import('../../ports/IndexStoragePort.js').default} options.storage - Storage adapter implementing IndexStoragePort.
    *   Required methods: writeBlob, writeTree, readBlob
    * @param {number} [options.maxMemoryBytes=52428800] - Maximum bitmap memory before flush (default 50MB).
    *   Note: SHA→ID mappings are not counted against this limit as they must remain in memory.
@@ -106,8 +108,8 @@ export default class StreamingBitmapIndexBuilder {
     /** @type {import('../../ports/CodecPort.js').default} */
     this._codec = codec || defaultCodec;
 
-    /** @type {Object} */
-    this.storage = storage;
+    /** @type {IndexStorage} */
+    this.storage = /** @type {IndexStorage} */ (storage);
 
     /** @type {number} */
     this.maxMemoryBytes = maxMemoryBytes;
@@ -124,7 +126,7 @@ export default class StreamingBitmapIndexBuilder {
     /** @type {string[]} ID → SHA reverse mapping (kept in memory) */
     this.idToSha = [];
 
-    /** @type {Map<string, any>} Current in-memory bitmaps */
+    /** @type {Map<string, import('../utils/roaring.js').RoaringBitmapSubset>} Current in-memory bitmaps */
     this.bitmaps = new Map();
 
     /** @type {number} Estimated bytes used by current bitmaps */
@@ -139,8 +141,8 @@ export default class StreamingBitmapIndexBuilder {
     /** @type {number} Number of flush operations performed */
     this.flushCount = 0;
 
-    /** @type {any} Cached Roaring bitmap constructor */ // TODO(ts-cleanup): type lazy singleton
-    this._RoaringBitmap32 = getRoaringBitmap32(); // TODO(ts-cleanup): type lazy singleton
+    /** @type {typeof import('roaring').RoaringBitmap32} Cached Roaring bitmap constructor */
+    this._RoaringBitmap32 = getRoaringBitmap32();
   }
 
   /**
@@ -206,7 +208,7 @@ export default class StreamingBitmapIndexBuilder {
       if (!bitmapShards[type][prefix]) {
         bitmapShards[type][prefix] = {};
       }
-      bitmapShards[type][prefix][sha] = bitmap.serialize(true).toString('base64');
+      bitmapShards[type][prefix][sha] = Buffer.from(bitmap.serialize(true)).toString('base64');
     }
     return bitmapShards;
   }
@@ -238,7 +240,7 @@ export default class StreamingBitmapIndexBuilder {
               data: shardData,
             };
             const buffer = Buffer.from(JSON.stringify(envelope));
-            const oid = await /** @type {any} */ (this.storage).writeBlob(buffer); // TODO(ts-cleanup): narrow port type
+            const oid = await this.storage.writeBlob(buffer);
             if (!this.flushedChunks.has(path)) {
               this.flushedChunks.set(path, []);
             }
@@ -348,7 +350,7 @@ export default class StreamingBitmapIndexBuilder {
           data: map,
         };
         const buffer = Buffer.from(JSON.stringify(envelope));
-        const oid = await /** @type {any} */ (this.storage).writeBlob(buffer); // TODO(ts-cleanup): narrow port type
+        const oid = await this.storage.writeBlob(buffer);
         return `100644 blob ${oid}\t${path}`;
       })
     );
@@ -410,8 +412,8 @@ export default class StreamingBitmapIndexBuilder {
    * @param {Object} [options] - Finalization options
    * @param {AbortSignal} [options.signal] - Optional AbortSignal for cancellation.
    *   If aborted, throws an error with code 'ABORT_ERR'.
-   * @param {Map<string, number>} [options.frontier] - Optional version vector frontier
-   *   (writerId → clock) for staleness detection. If provided, frontier.cbor and
+   * @param {Map<string, string>} [options.frontier] - Optional writer frontier
+   *   (writerId → tip SHA) for staleness detection. If provided, frontier.cbor and
    *   frontier.json files are included in the tree.
    * @returns {Promise<string>} OID of the created Git tree containing the complete index
    * @throws {Error} If the operation is aborted via signal
@@ -440,19 +442,19 @@ export default class StreamingBitmapIndexBuilder {
 
     // Store frontier metadata for staleness detection
     if (frontier) {
-      /** @type {Record<string, number|undefined>} */
+      /** @type {Record<string, string|undefined>} */
       const sorted = {};
       for (const key of Array.from(frontier.keys()).sort()) {
         sorted[key] = frontier.get(key);
       }
       const envelope = { version: 1, writerCount: frontier.size, frontier: sorted };
-      const cborOid = await /** @type {any} */ (this.storage).writeBlob(Buffer.from(/** @type {any} */ (this._codec).encode(envelope))); // TODO(ts-cleanup): narrow port type
+      const cborOid = await this.storage.writeBlob(Buffer.from(this._codec.encode(envelope)));
       flatEntries.push(`100644 blob ${cborOid}\tfrontier.cbor`);
-      const jsonOid = await /** @type {any} */ (this.storage).writeBlob(Buffer.from(canonicalStringify(envelope))); // TODO(ts-cleanup): narrow port type
+      const jsonOid = await this.storage.writeBlob(Buffer.from(canonicalStringify(envelope)));
       flatEntries.push(`100644 blob ${jsonOid}\tfrontier.json`);
     }
 
-    const treeOid = await /** @type {any} */ (this.storage).writeTree(flatEntries); // TODO(ts-cleanup): narrow port type
+    const treeOid = await this.storage.writeTree(flatEntries);
 
     this.logger.debug('Index finalized', {
       operation: 'finalize',
@@ -539,7 +541,7 @@ export default class StreamingBitmapIndexBuilder {
       this.estimatedBitmapBytes += BITMAP_BASE_OVERHEAD;
     }
 
-    const bitmap = this.bitmaps.get(key);
+    const bitmap = /** @type {import('../utils/roaring.js').RoaringBitmapSubset} */ (this.bitmaps.get(key));
     const sizeBefore = bitmap.size;
     bitmap.add(id);
     const sizeAfter = bitmap.size;
@@ -569,7 +571,7 @@ export default class StreamingBitmapIndexBuilder {
    * @private
    */
   async _loadAndValidateChunk(oid) {
-    const buffer = await /** @type {any} */ (this.storage).readBlob(oid); // TODO(ts-cleanup): narrow port type
+    const buffer = await this.storage.readBlob(oid);
     let envelope;
     try {
       envelope = JSON.parse(buffer.toString('utf-8'));
@@ -577,7 +579,7 @@ export default class StreamingBitmapIndexBuilder {
       throw new ShardCorruptionError('Failed to parse shard JSON', {
         oid,
         reason: 'invalid_format',
-        context: { originalError: /** @type {any} */ (err).message }, // TODO(ts-cleanup): type error
+        context: { originalError: err instanceof Error ? err.message : String(err) },
       });
     }
 
@@ -614,7 +616,7 @@ export default class StreamingBitmapIndexBuilder {
    * it using `orInPlace` to combine edge sets.
    *
    * @param {Object} opts - Options object
-   * @param {Record<string, any>} opts.merged - Object mapping SHA to
+   * @param {Record<string, import('../utils/roaring.js').RoaringBitmapSubset>} opts.merged - Object mapping SHA to
    *   RoaringBitmap32 instances (mutated in place)
    * @param {string} opts.sha - The SHA key for this bitmap (40-character hex string)
    * @param {string} opts.base64Bitmap - Base64-encoded serialized RoaringBitmap32 data
@@ -631,7 +633,7 @@ export default class StreamingBitmapIndexBuilder {
       throw new ShardCorruptionError('Failed to deserialize bitmap', {
         oid,
         reason: 'invalid_bitmap',
-        context: { originalError: /** @type {any} */ (err).message }, // TODO(ts-cleanup): type error
+        context: { originalError: err instanceof Error ? err.message : String(err) },
       });
     }
 
@@ -675,7 +677,7 @@ export default class StreamingBitmapIndexBuilder {
    */
   async _mergeChunks(oids, { signal } = {}) {
     // Load all chunks and merge bitmaps by SHA
-    /** @type {Record<string, any>} */
+    /** @type {Record<string, import('../utils/roaring.js').RoaringBitmapSubset>} */
     const merged = {};
 
     for (const oid of oids) {
@@ -691,7 +693,7 @@ export default class StreamingBitmapIndexBuilder {
     /** @type {Record<string, string>} */
     const result = {};
     for (const [sha, bitmap] of Object.entries(merged)) {
-      result[sha] = bitmap.serialize(true).toString('base64');
+      result[sha] = Buffer.from(bitmap.serialize(true)).toString('base64');
     }
 
     // Wrap merged result in envelope with version and checksum
@@ -707,9 +709,9 @@ export default class StreamingBitmapIndexBuilder {
     } catch (err) {
       throw new ShardCorruptionError('Failed to serialize merged shard', {
         reason: 'serialization_error',
-        context: { originalError: /** @type {any} */ (err).message }, // TODO(ts-cleanup): type error
+        context: { originalError: err instanceof Error ? err.message : String(err) },
       });
     }
-    return /** @type {any} */ (this.storage).writeBlob(serialized); // TODO(ts-cleanup): narrow port type
+    return await this.storage.writeBlob(serialized);
   }
 }

package/src/domain/services/SyncAuthService.js

@@ -144,6 +144,7 @@ function _checkHeaderFormats(timestamp, nonce, signature) {
 
 /**
  * @param {Record<string, string>|undefined} keys
+ * @returns {asserts keys is Record<string, string>}
  */
 function _validateKeys(keys) {
   if (!keys || typeof keys !== 'object' || Object.keys(keys).length === 0) {
@@ -180,7 +181,7 @@ export default class SyncAuthService {
    * @param {() => number} [options.wallClockMs] - Wall clock function
    * @param {string[]} [options.allowedWriters] - Optional whitelist of allowed writer IDs. If set, sync requests with unlisted writers are rejected with 403.
    */
-  constructor({ keys, mode = 'enforce', nonceCapacity, maxClockSkewMs, crypto, logger, wallClockMs, allowedWriters } = /** @type {*} */ ({})) { // TODO(ts-cleanup): needs options type
+  constructor({ keys, mode = 'enforce', nonceCapacity, maxClockSkewMs, crypto, logger, wallClockMs, allowedWriters } = /** @type {{ keys: Record<string, string> }} */ ({})) {
     _validateKeys(keys);
     this._keys = keys;
     this._mode = mode;
@@ -433,7 +434,7 @@ export default class SyncAuthService {
   /**
    * Records an auth failure and returns the result.
    * @param {string} message
-   * @param {Record<string, *>} context
+   * @param {Record<string, unknown>} context
    * @param {{ ok: false, reason: string, status: number }} result
    * @returns {{ ok: false, reason: string, status: number }}
    * @private

package/src/domain/services/SyncProtocol.js

@@ -42,6 +42,16 @@ import { join, cloneStateV5 } from './JoinReducer.js';
 import { cloneFrontier, updateFrontier } from './Frontier.js';
 import { vvDeserialize } from '../crdt/VersionVector.js';
 
+/**
+ * A decoded patch object after CBOR deserialization.
+ * @typedef {Object} DecodedPatch
+ * @property {Object | Map<string, number>} [context] - VersionVector (Map after normalization, plain object before)
+ * @property {import('../types/WarpTypesV2.js').OpV2[]} ops - Ordered array of operations
+ * @property {string} [writer] - Writer ID
+ * @property {number} [lamport] - Lamport timestamp
+ * @property {number} [schema] - Schema version
+ */
+
 // -----------------------------------------------------------------------------
 // Patch Loading
 // -----------------------------------------------------------------------------
@@ -56,9 +66,9 @@ import { vvDeserialize } from '../crdt/VersionVector.js';
  * **Mutation**: This function mutates the input patch object for efficiency.
  * The original object reference is returned.
  *
- * @param {{ context?: Object | Map<any, any>, ops: any[] }} patch - The raw decoded patch from CBOR.
+ * @param {DecodedPatch} patch - The raw decoded patch from CBOR.
  *   If context is present as a plain object, it will be converted to a Map.
- * @returns {{ context?: Object | Map<any, any>, ops: any[] }} The same patch object with context converted to Map
+ * @returns {DecodedPatch} The same patch object with context converted to Map
  * @private
  */
 function normalizePatch(patch) {
@@ -88,7 +98,7 @@ function normalizePatch(patch) {
  * @param {string} sha - The 40-character commit SHA to load the patch from
  * @param {Object} [options]
  * @param {import('../../ports/CodecPort.js').default} [options.codec] - Codec for deserialization
- * @returns {Promise<{ context?: Object | Map<any, any>, ops: any[] }>} The decoded and normalized patch object containing:
+ * @returns {Promise<DecodedPatch>} The decoded and normalized patch object containing:
  *   - `ops`: Array of patch operations
  *   - `context`: VersionVector (Map) of causal dependencies
  *   - `writerId`: The writer who created this patch
@@ -99,7 +109,7 @@ function normalizePatch(patch) {
  * @throws {Error} If the patch blob cannot be CBOR-decoded (corrupted data)
  * @private
  */
-async function loadPatchFromCommit(persistence, sha, { codec: codecOpt } = /** @type {*} */ ({})) { // TODO(ts-cleanup): needs options type
+async function loadPatchFromCommit(persistence, sha, { codec: codecOpt } = /** @type {{ codec?: import('../../ports/CodecPort.js').default }} */ ({})) {
   const codec = codecOpt || defaultCodec;
   // Read commit message to extract patch OID
   const message = await persistence.showNode(sha);
@@ -107,7 +117,7 @@ async function loadPatchFromCommit(persistence, sha, { codec: codecOpt } = /** @
 
   // Read and decode the patch blob
   const patchBuffer = await persistence.readBlob(decoded.patchOid);
-  const patch = /** @type {{ context?: Object | Map<any, any>, ops: any[] }} */ (codec.decode(patchBuffer));
+  const patch = /** @type {DecodedPatch} */ (codec.decode(patchBuffer));
 
   // Normalize the patch (convert context from object to Map)
   return normalizePatch(patch);
@@ -134,7 +144,9 @@ async function loadPatchFromCommit(persistence, sha, { codec: codecOpt } = /** @
  * @param {string|null} fromSha - Start SHA (exclusive). Pass null to load ALL patches
  *   for this writer from the beginning of their chain.
  * @param {string} toSha - End SHA (inclusive). This is typically the writer's current tip.
- * @returns {Promise<Array<{patch: Object, sha: string}>>} Array of patch objects in
+ * @param {Object} [options]
+ * @param {import('../../ports/CodecPort.js').default} [options.codec] - Codec for deserialization
+ * @returns {Promise<Array<{patch: DecodedPatch, sha: string}>>} Array of patch objects in
  *   chronological order (oldest first). Each entry contains:
  *   - `patch`: The decoded patch object
  *   - `sha`: The commit SHA this patch came from
@@ -152,7 +164,7 @@ async function loadPatchFromCommit(persistence, sha, { codec: codecOpt } = /** @
  * // Load ALL patches for a new writer
  * const patches = await loadPatchRange(persistence, 'events', 'new-writer', null, tipSha);
  */
-export async function loadPatchRange(persistence, graphName, writerId, fromSha, toSha, { codec } = /** @type {*} */ ({})) { // TODO(ts-cleanup): needs options type
+export async function loadPatchRange(persistence, graphName, writerId, fromSha, toSha, { codec } = /** @type {{ codec?: import('../../ports/CodecPort.js').default }} */ ({})) {
   const patches = [];
   let cur = toSha;
 
@@ -298,7 +310,7 @@ export function computeSyncDelta(localFrontier, remoteFrontier) {
  * @property {'sync-response'} type - Message type discriminator for protocol parsing
  * @property {Object.<string, string>} frontier - Responder's frontier as a plain object.
  *   Keys are writer IDs, values are SHAs.
- * @property {Array<{writerId: string, sha: string, patch: Object}>} patches - Patches
+ * @property {Array<{writerId: string, sha: string, patch: DecodedPatch}>} patches - Patches
  *   the requester needs, in chronological order per writer. Contains:
  *   - `writerId`: The writer who created this patch
  *   - `sha`: The commit SHA this patch came from (for frontier updates)
@@ -361,6 +373,8 @@ export function createSyncRequest(frontier) {
  * @param {import('../../ports/GraphPersistencePort.js').default & import('../../ports/CommitPort.js').default & import('../../ports/BlobPort.js').default} persistence - Git persistence
  *   layer for loading patches (uses CommitPort + BlobPort methods)
  * @param {string} graphName - Graph name for error messages and logging
+ * @param {Object} [options]
+ * @param {import('../../ports/CodecPort.js').default} [options.codec] - Codec for deserialization
  * @returns {Promise<SyncResponse>} Response containing local frontier and patches.
  *   Patches are ordered chronologically within each writer.
  * @throws {Error} If patch loading fails for reasons other than divergence
@@ -374,7 +388,7 @@ export function createSyncRequest(frontier) {
  *   res.json(response);
  * });
  */
-export async function processSyncRequest(request, localFrontier, persistence, graphName, { codec } = /** @type {*} */ ({})) { // TODO(ts-cleanup): needs options type
+export async function processSyncRequest(request, localFrontier, persistence, graphName, { codec } = /** @type {{ codec?: import('../../ports/CodecPort.js').default }} */ ({})) {
   // Convert incoming frontier from object to Map
   const remoteFrontier = new Map(Object.entries(request.frontier));
 
@@ -401,7 +415,7 @@ export async function processSyncRequest(request, localFrontier, persistence, gr
     } catch (err) {
       // If we detect divergence, skip this writer
       // The requester may need to handle this separately
-      if (/** @type {any} */ (err).code === 'E_SYNC_DIVERGENCE' || /** @type {any} */ (err).message?.includes('Divergence detected')) { // TODO(ts-cleanup): type error
+      if ((err instanceof Error && 'code' in err && /** @type {{ code: string }} */ (err).code === 'E_SYNC_DIVERGENCE') || (err instanceof Error && err.message?.includes('Divergence detected'))) {
         continue;
       }
       throw err;
@@ -491,7 +505,7 @@ export function applySyncResponse(response, state, frontier) {
       // will prevent silent data loss until the reader is upgraded.
       assertOpsCompatible(normalizedPatch.ops, SCHEMA_V3);
       // Apply patch to state
-      join(newState, /** @type {*} */ (normalizedPatch), sha); // TODO(ts-cleanup): type patch array
+      join(newState, /** @type {Parameters<typeof join>[1]} */ (normalizedPatch), sha);
       applied++;
     }
 

package/src/domain/services/TemporalQuery.js

@@ -36,13 +36,16 @@ import { orsetContains } from '../crdt/ORSet.js';
  * InlineValue objects `{ type: 'inline', value: ... }` are unwrapped
  * to their inner value. All other values pass through unchanged.
  *
- * @param {*} value - Property value (potentially InlineValue-wrapped)
- * @returns {*} The unwrapped value
+ * @param {unknown} value - Property value (potentially InlineValue-wrapped)
+ * @returns {unknown} The unwrapped value
  * @private
  */
 function unwrapValue(value) {
-  if (value && typeof value === 'object' && value.type === 'inline') {
-    return value.value;
+  if (value && typeof value === 'object' && 'type' in value) {
+    const rec = /** @type {Record<string, unknown>} */ (value);
+    if (rec.type === 'inline') {
+      return rec.value;
+    }
   }
   return value;
 }
@@ -60,11 +63,11 @@ function unwrapValue(value) {
  *
  * @param {import('./JoinReducer.js').WarpStateV5} state - Current state
  * @param {string} nodeId - Node ID to extract
- * @returns {{ id: string, exists: boolean, props: Record<string, *> }}
+ * @returns {{ id: string, exists: boolean, props: Record<string, unknown> }}
  */
 function extractNodeSnapshot(state, nodeId) {
   const exists = orsetContains(state.nodeAlive, nodeId);
-  /** @type {Record<string, *>} */
+  /** @type {Record<string, unknown>} */
   const props = {};
 
   if (exists) {

package/src/domain/services/TranslationCost.js

@@ -16,6 +16,8 @@
 import { orsetElements, orsetContains } from '../crdt/ORSet.js';
 import { decodeEdgeKey, decodePropKey, isEdgePropKey } from './KeyCodec.js';
 
+/** @typedef {import('./JoinReducer.js').WarpStateV5} WarpStateV5 */
+
 /**
  * Tests whether a string matches a glob-style pattern.
  *
@@ -38,7 +40,7 @@ function matchGlob(pattern, str) {
 /**
  * Computes the set of property keys visible under an observer config.
  *
- * @param {Map<string, *>} allNodeProps - Map of propKey -> placeholder
+ * @param {Map<string, unknown>} allNodeProps - Map of propKey -> placeholder
  * @param {string[]|undefined} expose - Whitelist of property keys
  * @param {string[]|undefined} redact - Blacklist of property keys
  * @returns {Set<string>} Visible property keys
@@ -63,7 +65,7 @@ function visiblePropKeys(allNodeProps, expose, redact) {
 /**
  * Collects node property keys from state for a given node.
  *
- * @param {*} state - WarpStateV5 materialized state
+ * @param {WarpStateV5} state - WarpStateV5 materialized state
  * @param {string} nodeId - The node ID
  * @returns {Map<string, boolean>} Map of propKey -> true
  */
@@ -111,7 +113,7 @@ function countMissing(source, targetSet) {
 /**
  * Computes edge loss between two observer node sets.
  *
- * @param {*} state - WarpStateV5
+ * @param {WarpStateV5} state
  * @param {Set<string>} nodesASet - Nodes visible to A
  * @param {Set<string>} nodesBSet - Nodes visible to B
  * @returns {number} edgeLoss fraction
@@ -156,7 +158,7 @@ function countNodePropLoss(nodeProps, { configA, configB, nodeInB }) {
 /**
  * Computes property loss across all A-visible nodes.
  *
- * @param {*} state - WarpStateV5
+ * @param {WarpStateV5} state - WarpStateV5
  * @param {{ nodesA: string[], nodesBSet: Set<string>, configA: {expose?: string[], redact?: string[]}, configB: {expose?: string[], redact?: string[]} }} opts
  * @returns {number} propLoss fraction
  */
@@ -193,7 +195,7 @@ function computePropLoss(state, { nodesA, nodesBSet, configA, configB }) {
  * @param {string} configB.match - Glob pattern for visible nodes
  * @param {string[]} [configB.expose] - Property keys to include
  * @param {string[]} [configB.redact] - Property keys to exclude
- * @param {*} state - WarpStateV5 materialized state
+ * @param {WarpStateV5} state - WarpStateV5 materialized state
  * @returns {{ cost: number, breakdown: { nodeLoss: number, edgeLoss: number, propLoss: number } }}
  */
 export function computeTranslationCost(configA, configB, state) {

package/src/domain/services/WormholeService.js

@@ -27,7 +27,7 @@ import { detectMessageKind, decodePatchMessage } from './WarpMessageCodec.js';
 
 /**
  * Validates that a SHA parameter is a non-empty string.
- * @param {*} sha - The SHA to validate
+ * @param {unknown} sha - The SHA to validate
  * @param {string} paramName - Parameter name for error messages
  * @throws {WormholeError} If SHA is invalid
  * @private
@@ -321,7 +321,7 @@ export function deserializeWormhole(json) {
     });
   }
 
-  const /** @type {Record<string, *>} */ typedJson = /** @type {Record<string, *>} */ (json);
+  const /** @type {Record<string, unknown>} */ typedJson = /** @type {Record<string, unknown>} */ (json);
   const requiredFields = ['fromSha', 'toSha', 'writerId', 'patchCount', 'payload'];
   for (const field of requiredFields) {
     if (typedJson[field] === undefined) {
@@ -332,6 +332,15 @@ export function deserializeWormhole(json) {
     }
   }
 
+  for (const field of ['fromSha', 'toSha', 'writerId']) {
+    if (typeof typedJson[field] !== 'string') {
+      throw new WormholeError(`Invalid wormhole JSON: '${field}' must be a string`, {
+        code: 'E_INVALID_WORMHOLE_JSON',
+        context: { [field]: typedJson[field] },
+      });
+    }
+  }
+
   if (typeof typedJson.patchCount !== 'number' || typedJson.patchCount < 0) {
     throw new WormholeError('Invalid wormhole JSON: patchCount must be a non-negative number', {
       code: 'E_INVALID_WORMHOLE_JSON',
@@ -340,11 +349,11 @@ export function deserializeWormhole(json) {
   }
 
   return {
-    fromSha: typedJson.fromSha,
-    toSha: typedJson.toSha,
-    writerId: typedJson.writerId,
-    patchCount: typedJson.patchCount,
-    payload: ProvenancePayload.fromJSON(typedJson.payload),
+    fromSha: /** @type {string} */ (typedJson.fromSha),
+    toSha: /** @type {string} */ (typedJson.toSha),
+    writerId: /** @type {string} */ (typedJson.writerId),
+    patchCount: /** @type {number} */ (typedJson.patchCount),
+    payload: ProvenancePayload.fromJSON(/** @type {import('./ProvenancePayload.js').PatchEntry[]} */ (typedJson.payload)),
   };
 }
 

package/src/domain/trust/TrustCanonical.js

@@ -14,7 +14,7 @@ import { recordIdPayload, signaturePayload } from './canonical.js';
 /**
  * Computes the record ID (SHA-256 hex digest) for a trust record.
  *
- * @param {Record<string, *>} record - Full trust record
+ * @param {Record<string, unknown>} record - Full trust record
  * @returns {string} 64-character lowercase hex string
  */
 export function computeRecordId(record) {
@@ -24,7 +24,7 @@ export function computeRecordId(record) {
 /**
  * Computes the signature payload as a Buffer (UTF-8 bytes).
  *
- * @param {Record<string, *>} record - Full trust record (signature will be stripped)
+ * @param {Record<string, unknown>} record - Full trust record (signature will be stripped)
  * @returns {Buffer} UTF-8 encoded bytes of the domain-separated canonical string
  */
 export function computeSignaturePayload(record) {
@@ -34,7 +34,7 @@ export function computeSignaturePayload(record) {
 /**
  * Verifies that a record's recordId matches its content.
  *
- * @param {Record<string, *>} record - Trust record with `recordId` field
+ * @param {Record<string, unknown>} record - Trust record with `recordId` field
  * @returns {boolean} true if recordId matches computed value
  */
 export function verifyRecordId(record) {

package/src/domain/trust/TrustEvaluator.js

@@ -16,6 +16,21 @@ import { deriveTrustVerdict } from './verdict.js';
  * @typedef {import('./TrustStateBuilder.js').TrustState} TrustState
  */
 
+/**
+ * @typedef {Object} TrustAssessment
+ * @property {number} trustSchemaVersion
+ * @property {string} mode
+ * @property {string} trustVerdict
+ * @property {Object} trust
+ * @property {'configured'|'pinned'|'error'|'not_configured'} trust.status
+ * @property {string} trust.source
+ * @property {string|null} trust.sourceDetail
+ * @property {string[]} trust.evaluatedWriters
+ * @property {string[]} trust.untrustedWriters
+ * @property {ReadonlyArray<{writerId: string, trusted: boolean, reasonCode: string, reason: string}>} trust.explanations
+ * @property {Record<string, number> & {recordsScanned: number, activeKeys: number, revokedKeys: number, activeBindings: number, revokedBindings: number}} trust.evidenceSummary
+ */
+
 /**
  * Evaluates trust status for a set of writers against the current trust state.
  *
@@ -25,8 +40,8 @@ import { deriveTrustVerdict } from './verdict.js';
  *
  * @param {string[]} writerIds - Writer IDs to evaluate
  * @param {TrustState} trustState - Built trust state from TrustStateBuilder
- * @param {Record<string, *>} policy - Trust policy configuration
- * @returns {Record<string, *>} Frozen TrustAssessment object
+ * @param {Record<string, unknown>} policy - Trust policy configuration
+ * @returns {TrustAssessment} Frozen TrustAssessment object
  */
 export function evaluateWriters(writerIds, trustState, policy) {
   const policyResult = TrustPolicySchema.safeParse(policy);
@@ -130,7 +145,7 @@ function evaluateSingleWriter(writerId, trustState) {
  *
  * @param {string[]} writerIds
  * @param {string} reasonCode
- * @returns {Record<string, *>}
+ * @returns {TrustAssessment}
  */
 function buildErrorAssessment(writerIds, reasonCode) {
   const sortedWriters = [...writerIds].sort();