@gitgov/core 2.7.0 → 2.7.1

package/dist/src/github.d.ts

@@ -1,8 +1,8 @@
 import { Octokit } from '@octokit/rest';
 export { Octokit, RestEndpointMethodTypes } from '@octokit/rest';
 import { h as FileLister, i as FileListOptions, j as FileStats, I as IGitModule, d as ChangedFile, e as GetCommitHistoryOptions, f as CommitInfo, g as CommitAuthor, E as ExecOptions, c as ExecResult, C as ConfigStore, G as GitGovConfig } from './index-LULVRsCZ.js';
-import { I as IdEncoder, R as RecordStore, a as IRecordProjector } from './record_projection.types-Dz9YU3r9.js';
-import { C as ConfigManager, q as IIdentityAdapter, I as ILintModule, e as ISyncStateModule, j as SyncStatePushOptions, k as SyncStatePushResult, l as SyncStatePullOptions, m as SyncStatePullResult, f as StateDeltaFile, g as ConflictDiff, n as SyncStateResolveOptions, o as SyncStateResolveResult, h as IntegrityViolation, A as AuditStateOptions, i as AuditStateReport } from './sync_state-Bn_LogJ2.js';
+import { I as IdEncoder, R as RecordStore, a as IRecordProjector } from './record_projection.types-D9NkQbL_.js';
+import { C as ConfigManager, q as IIdentityAdapter, I as ILintModule, e as ISyncStateModule, j as SyncStatePushOptions, k as SyncStatePushResult, l as SyncStatePullOptions, m as SyncStatePullResult, f as StateDeltaFile, g as ConflictDiff, n as SyncStateResolveOptions, o as SyncStateResolveResult, h as IntegrityViolation, A as AuditStateOptions, i as AuditStateReport } from './sync_state-C2a2RuBQ.js';
 
 /**
  * Types for GitHubFileLister module.

package/dist/src/index.d.ts

@@ -1,8 +1,8 @@
-import { A as ActorPayload, d as ActorRecord, e as AgentPayload, f as AgentRecord, C as ChangelogPayload, g as ChangelogRecord, h as CustomRecord, i as CyclePayload, j as CycleRecord, E as EmbeddedMetadataHeader, k as EmbeddedMetadataRecord, l as ExecutionPayload, m as ExecutionRecord, F as FeedbackPayload, n as FeedbackRecord, o as GitGovActorRecord, p as GitGovAgentRecord, q as GitGovChangelogRecord, r as GitGovCycleRecord, s as GitGovError, t as GitGovExecutionRecord, u as GitGovFeedbackRecord, G as GitGovRecord, v as GitGovRecordPayload, w as GitGovRecordType, x as GitGovTaskRecord, S as Signature, T as TaskPayload, y as TaskRecord, D as DEFAULT_ID_ENCODER, I as IdEncoder, R as RecordStore, z as RecordStores, B as CollaborationMetrics, H as IRecordMetrics, J as ProductivityMetrics, K as RecordMetrics, L as RecordMetricsDependencies, M as SystemStatus, N as TaskHealthReport, O as ActivityEvent, Q as ActorCreatedEvent, U as ActorRevokedEvent, V as AgentRegisteredEvent, W as BaseEvent, X as ChangelogCreatedEvent, Y as CycleCreatedEvent, Z as CycleStatusChangedEvent, _ as EventHandler, $ as EventMetadata, a0 as EventSubscription, a1 as ExecutionCreatedEvent, a2 as FeedbackCreatedEvent, a3 as GitGovEvent, a4 as SystemDailyTickEvent, a5 as TaskCreatedEvent, a6 as TaskStatusChangedEvent, a as IRecordProjector, a7 as RecordProjectorDependencies, c as IndexData, a8 as IndexGenerationReport, a9 as IntegrityReport, aa as AllRecords, ab as DerivedStates, ac as EnrichedTaskRecord, ad as DerivedStateSets, b as IRecordProjection, ae as IntegrityError, af as IntegrityWarning, P as ProjectionContext } from './record_projection.types-Dz9YU3r9.js';
-import { C as ConfigManager, E as EventBus, p as IEventStream, r as eventBus, s as publishEvent, t as subscribeToEvent, q as IIdentityAdapter, u as IdentityAdapterDependencies, I as ILintModule, v as LintModuleDependencies, c as LintRecordContext, d as LintResult, L as LintOptions, a as LintReport$1, F as FixRecordOptions, b as FixReport, w as FixResult, x as LintSummary, y as RecordEntry, R as RecordStores$1, V as ValidationContext$1, z as ValidatorType, e as ISyncStateModule, B as AuditScope$1, A as AuditStateOptions, i as AuditStateReport, g as ConflictDiff, D as ConflictFileDiff, G as ConflictInfo, H as ConflictType, J as ExpectedFilesScope, h as IntegrityViolation, f as StateDeltaFile, S as SyncStateModuleDependencies, l as SyncStatePullOptions, m as SyncStatePullResult, j as SyncStatePushOptions, k as SyncStatePushResult, n as SyncStateResolveOptions, o as SyncStateResolveResult } from './sync_state-Bn_LogJ2.js';
+import { A as ActorPayload, d as ActorRecord, e as AgentPayload, f as AgentRecord, C as ChangelogPayload, g as ChangelogRecord, h as CyclePayload, i as CycleRecord, E as EmbeddedMetadataHeader, j as EmbeddedMetadataRecord, k as ExecutionPayload, l as ExecutionRecord, F as FeedbackPayload, m as FeedbackRecord, n as GitGovActorRecord, o as GitGovAgentRecord, p as GitGovChangelogRecord, q as GitGovCycleRecord, r as GitGovError, s as GitGovExecutionRecord, t as GitGovFeedbackRecord, G as GitGovRecord, u as GitGovRecordPayload, v as GitGovRecordType, w as GitGovTaskRecord, S as Signature, T as TaskPayload, x as TaskRecord, D as DEFAULT_ID_ENCODER, I as IdEncoder, R as RecordStore, y as RecordStores, z as CollaborationMetrics, B as IRecordMetrics, H as ProductivityMetrics, J as RecordMetrics, K as RecordMetricsDependencies, L as SystemStatus, M as TaskHealthReport, N as ActivityEvent, O as ActorCreatedEvent, Q as ActorRevokedEvent, U as AgentRegisteredEvent, V as BaseEvent, W as ChangelogCreatedEvent, X as CycleCreatedEvent, Y as CycleStatusChangedEvent, Z as EventHandler, _ as EventMetadata, $ as EventSubscription, a0 as ExecutionCreatedEvent, a1 as FeedbackCreatedEvent, a2 as GitGovEvent, a3 as SystemDailyTickEvent, a4 as TaskCreatedEvent, a5 as TaskStatusChangedEvent, a as IRecordProjector, a6 as RecordProjectorDependencies, c as IndexData, a7 as IndexGenerationReport, a8 as IntegrityReport, a9 as AllRecords, aa as DerivedStates, ab as EnrichedTaskRecord, ac as DerivedStateSets, b as IRecordProjection, ad as IntegrityError, ae as IntegrityWarning, P as ProjectionContext } from './record_projection.types-D9NkQbL_.js';
+import { C as ConfigManager, E as EventBus, p as IEventStream, r as eventBus, s as publishEvent, t as subscribeToEvent, q as IIdentityAdapter, u as IdentityAdapterDependencies, I as ILintModule, v as LintModuleDependencies, c as LintRecordContext, d as LintResult, L as LintOptions, a as LintReport$1, F as FixRecordOptions, b as FixReport, w as FixResult, x as LintSummary, y as RecordEntry, R as RecordStores$1, V as ValidationContext$1, z as ValidatorType, e as ISyncStateModule, B as AuditScope$1, A as AuditStateOptions, i as AuditStateReport, g as ConflictDiff, D as ConflictFileDiff, G as ConflictInfo, H as ConflictType, J as ExpectedFilesScope, h as IntegrityViolation, f as StateDeltaFile, S as SyncStateModuleDependencies, l as SyncStatePullOptions, m as SyncStatePullResult, j as SyncStatePushOptions, k as SyncStatePushResult, n as SyncStateResolveOptions, o as SyncStateResolveResult } from './sync_state-C2a2RuBQ.js';
 import { A as ActorState, a as GitGovSession, k as ISessionManager, S as SyncPreferencesUpdate, l as SyncStatus, m as AuditState, n as AuditStateUpdate, G as GitGovConfig, o as IConfigManager, p as SyncConfig, q as SyncDefaults, K as KeyProvider, r as KeyProviderError, s as KeyProviderErrorCode, i as FileListOptions, h as FileLister, j as FileStats, F as FsFileListerOptions, M as MemoryFileListerOptions, I as IGitModule } from './index-LULVRsCZ.js';
 export { C as ConfigStore, t as Git } from './index-LULVRsCZ.js';
-import { S as SessionManager, g as IdentityAdapter, h as IExecutionAdapter, i as ExecutionAdapterDependencies, E as EnvironmentValidation, I as IProjectInitializer, d as FsKeyProvider, e as FsKeyProviderOptions, f as FsFileLister, D as DEFAULT_STATE_BRANCH, j as AgentExecutionContext, k as AgentOutput, c as AgentResponse, A as AgentRunnerDependencies, l as AgentRunnerEvent, m as ApiEngine, n as AuthConfig, o as AuthType, C as CustomEngine, p as Engine, q as EngineType, r as IAgentLoader, b as IAgentRunner, L as LocalEngine, M as McpEngine, s as ProtocolHandler, P as ProtocolHandlerRegistry, R as RunOptions, t as RuntimeHandler, u as RuntimeHandlerRegistry } from './agent_runner-CHDkBfPZ.js';
+import { S as SessionManager, g as IdentityAdapter, h as IExecutionAdapter, i as ExecutionAdapterDependencies, E as EnvironmentValidation, I as IProjectInitializer, d as FsKeyProvider, e as FsKeyProviderOptions, f as FsFileLister, D as DEFAULT_STATE_BRANCH, j as AgentExecutionContext, k as AgentOutput, c as AgentResponse, A as AgentRunnerDependencies, l as AgentRunnerEvent, m as ApiEngine, n as AuthConfig, o as AuthType, C as CustomEngine, p as Engine, q as EngineType, r as IAgentLoader, b as IAgentRunner, L as LocalEngine, M as McpEngine, s as ProtocolHandler, P as ProtocolHandlerRegistry, R as RunOptions, t as RuntimeHandler, u as RuntimeHandlerRegistry } from './agent_runner-DijNVjaF.js';
 import { E as EnvKeyProvider, a as EnvKeyProviderOptions, M as MockKeyProvider, b as MockKeyProviderOptions, c as MemoryFileLister } from './memory_file_lister-BCY4ZYGW.js';
 import { ValidateFunction } from 'ajv';
 import './session_store-I4Z6PW2c.js';
@@ -190,7 +190,6 @@ declare const index$q_AgentPayload: typeof AgentPayload;
 declare const index$q_AgentRecord: typeof AgentRecord;
 declare const index$q_ChangelogPayload: typeof ChangelogPayload;
 declare const index$q_ChangelogRecord: typeof ChangelogRecord;
-declare const index$q_CustomRecord: typeof CustomRecord;
 declare const index$q_CyclePayload: typeof CyclePayload;
 declare const index$q_CycleRecord: typeof CycleRecord;
 declare const index$q_EmbeddedMetadataHeader: typeof EmbeddedMetadataHeader;
@@ -215,7 +214,7 @@ declare const index$q_TaskPayload: typeof TaskPayload;
 declare const index$q_TaskRecord: typeof TaskRecord;
 type index$q_WorkflowRecord = WorkflowRecord;
 declare namespace index$q {
-  export { index$q_ActorPayload as ActorPayload, index$q_ActorRecord as ActorRecord, index$q_AgentPayload as AgentPayload, index$q_AgentRecord as AgentRecord, index$q_ChangelogPayload as ChangelogPayload, index$q_ChangelogRecord as ChangelogRecord, index$q_CustomRecord as CustomRecord, index$q_CyclePayload as CyclePayload, index$q_CycleRecord as CycleRecord, index$q_EmbeddedMetadataHeader as EmbeddedMetadataHeader, index$q_EmbeddedMetadataRecord as EmbeddedMetadataRecord, index$q_ExecutionPayload as ExecutionPayload, index$q_ExecutionRecord as ExecutionRecord, index$q_FeedbackPayload as FeedbackPayload, index$q_FeedbackRecord as FeedbackRecord, index$q_GitGovActorRecord as GitGovActorRecord, index$q_GitGovAgentRecord as GitGovAgentRecord, index$q_GitGovChangelogRecord as GitGovChangelogRecord, index$q_GitGovCycleRecord as GitGovCycleRecord, index$q_GitGovError as GitGovError, index$q_GitGovExecutionRecord as GitGovExecutionRecord, index$q_GitGovFeedbackRecord as GitGovFeedbackRecord, index$q_GitGovRecord as GitGovRecord, index$q_GitGovRecordPayload as GitGovRecordPayload, index$q_GitGovRecordType as GitGovRecordType, index$q_GitGovTaskRecord as GitGovTaskRecord, index$q_Signature as Signature, index$q_TaskPayload as TaskPayload, index$q_TaskRecord as TaskRecord, type index$q_WorkflowRecord as WorkflowRecord };
+  export { index$q_ActorPayload as ActorPayload, index$q_ActorRecord as ActorRecord, index$q_AgentPayload as AgentPayload, index$q_AgentRecord as AgentRecord, index$q_ChangelogPayload as ChangelogPayload, index$q_ChangelogRecord as ChangelogRecord, index$q_CyclePayload as CyclePayload, index$q_CycleRecord as CycleRecord, index$q_EmbeddedMetadataHeader as EmbeddedMetadataHeader, index$q_EmbeddedMetadataRecord as EmbeddedMetadataRecord, index$q_ExecutionPayload as ExecutionPayload, index$q_ExecutionRecord as ExecutionRecord, index$q_FeedbackPayload as FeedbackPayload, index$q_FeedbackRecord as FeedbackRecord, index$q_GitGovActorRecord as GitGovActorRecord, index$q_GitGovAgentRecord as GitGovAgentRecord, index$q_GitGovChangelogRecord as GitGovChangelogRecord, index$q_GitGovCycleRecord as GitGovCycleRecord, index$q_GitGovError as GitGovError, index$q_GitGovExecutionRecord as GitGovExecutionRecord, index$q_GitGovFeedbackRecord as GitGovFeedbackRecord, index$q_GitGovRecord as GitGovRecord, index$q_GitGovRecordPayload as GitGovRecordPayload, index$q_GitGovRecordType as GitGovRecordType, index$q_GitGovTaskRecord as GitGovTaskRecord, index$q_Signature as Signature, index$q_TaskPayload as TaskPayload, index$q_TaskRecord as TaskRecord, type index$q_WorkflowRecord as WorkflowRecord };
 }
 
 declare const index$p_DEFAULT_ID_ENCODER: typeof DEFAULT_ID_ENCODER;
@@ -479,6 +478,11 @@ declare class LintModule implements ILintModule {
      * @returns Array of lint results
      */
     lintRecord(record: GitGovRecord, context: LintRecordContext): LintResult[];
+    /**
+     * Validates typed references by prefix (pure, no I/O).
+     * Delegates to private validateTypedReferencesByPrefix.
+     */
+    lintRecordReferences(record: GitGovRecord, context: LintRecordContext): LintResult[];
     /**
      * Validates all records from stores.
      * Iterates this.stores to collect records, then validates each one.
@@ -508,6 +512,14 @@ declare class LintModule implements ILintModule {
      * @private
      */
     private validateTimestamps;
+    /**
+     * [EARS-E2] Validates typed references by prefix.
+     * Valid prefixes: file:, task:, cycle:, adapter:, url:, commit:, pr:
+     * Reports a warning for unknown prefixes and an error for empty values after known prefix.
+     * Pure — does not resolve actual references.
+     * @private
+     */
+    private validateTypedReferencesByPrefix;
     /**
      * [EARS-E1] through [EARS-E6] Validates references.
      * Uses Store<T> for lookups.
@@ -551,15 +563,15 @@ declare class LintModule implements ILintModule {
      */
     private fixChecksum;
     /**
-     * Fixes signature structure issues.
-     * @private
-     */
-    /**
-     * [EARS-F9] Fixes signature structure issues.
+     * [EARS-F9] [EARS-F10] Fixes signature structure issues.
      *
      * Preserves valid keyId and role from existing signature if present,
      * only using options.keyId as fallback when no existing signature exists.
      *
+     * [EARS-F10] When the ONLY problem is a missing `notes` field (no other
+     * signature errors exist for this record), adds `notes` WITHOUT regenerating
+     * the signature — preserving the existing cryptographic value.
+     *
      * @private
      */
     private fixSignature;
@@ -1861,7 +1873,7 @@ type SignatureConfig = Partial<Pick<Signature, 'keyId' | 'role' | 'notes'>> & {
  */
 type CreateEmbeddedMetadataOptions = {
     /** Header configuration (partial override, excludes auto-generated fields) */
-    header?: Partial<Pick<EmbeddedMetadataHeader, 'version' | 'type' | 'schemaUrl' | 'schemaChecksum'>>;
+    header?: Partial<Pick<EmbeddedMetadataHeader, 'version' | 'type'>>;
     /** Signature configuration (if not provided, uses default test signature) */
     signature?: SignatureConfig;
     /** Custom signatures array (if provided, overrides signature config) */
@@ -2809,15 +2821,6 @@ declare const Schemas: {
                         enum: string[];
                         description: string;
                     };
-                    schemaUrl: {
-                        type: string;
-                        description: string;
-                    };
-                    schemaChecksum: {
-                        type: string;
-                        pattern: string;
-                        description: string;
-                    };
                     payloadChecksum: {
                         type: string;
                         pattern: string;
@@ -2873,7 +2876,7 @@ declare const Schemas: {
         };
         required: string[];
         additionalProperties: boolean;
-        oneOf: ({
+        oneOf: {
             if: {
                 properties: {
                     header: {
@@ -2891,34 +2894,10 @@ declare const Schemas: {
                     payload: {
                         $ref: string;
                     };
-                    header?: never;
-                };
-            };
-            else: boolean;
-        } | {
-            if: {
-                properties: {
-                    header: {
-                        type: string;
-                        properties: {
-                            type: {
-                                const: string;
-                            };
-                        };
-                    };
-                };
-            };
-            then: {
-                properties: {
-                    header: {
-                        type: string;
-                        required: string[];
-                    };
-                    payload?: never;
                 };
             };
             else: boolean;
-        })[];
+        }[];
         examples: ({
             header: {
                 version: string;
@@ -4500,15 +4479,6 @@ declare function getSchema(name: SchemaName): {
                     enum: string[];
                     description: string;
                 };
-                schemaUrl: {
-                    type: string;
-                    description: string;
-                };
-                schemaChecksum: {
-                    type: string;
-                    pattern: string;
-                    description: string;
-                };
                 payloadChecksum: {
                     type: string;
                     pattern: string;
@@ -4564,7 +4534,7 @@ declare function getSchema(name: SchemaName): {
     };
     required: string[];
     additionalProperties: boolean;
-    oneOf: ({
+    oneOf: {
         if: {
             properties: {
                 header: {
@@ -4582,34 +4552,10 @@ declare function getSchema(name: SchemaName): {
                 payload: {
                     $ref: string;
                 };
-                header?: never;
             };
         };
         else: boolean;
-    } | {
-        if: {
-            properties: {
-                header: {
-                    type: string;
-                    properties: {
-                        type: {
-                            const: string;
-                        };
-                    };
-                };
-            };
-        };
-        then: {
-            properties: {
-                header: {
-                    type: string;
-                    required: string[];
-                };
-                payload?: never;
-            };
-        };
-        else: boolean;
-    })[];
+    }[];
     examples: ({
         header: {
             version: string;
@@ -7127,4 +7073,4 @@ declare namespace index {
   export { type index_ActiveWaiver as ActiveWaiver, type index_AuditContentsInput as AuditContentsInput, type index_AuditOptions as AuditOptions, type index_AuditResult as AuditResult, type index_AuditScope as AuditScope, type index_AuditSummary as AuditSummary, type index_AuditTarget as AuditTarget, type index_CodeScope as CodeScope, type index_CreateWaiverOptions as CreateWaiverOptions, type index_FailOnSeverity as FailOnSeverity, type index_FileContent as FileContent, type index_GitgovScope as GitgovScope, type index_GroupByOption as GroupByOption, type index_IWaiverReader as IWaiverReader, type index_JiraScope as JiraScope, type index_OutputFormat as OutputFormat, type index_ScopeConfig as ScopeConfig, index_ScopeSelector as ScopeSelector, index_ScoringEngine as ScoringEngine, type index_SourceAuditorDependencies as SourceAuditorDependencies, index_SourceAuditorModule as SourceAuditorModule, type index_WaiverMetadata as WaiverMetadata, index_WaiverReader as WaiverReader, type index_WaiverStatus as WaiverStatus, index_WaiverWriter as WaiverWriter };
 }
 
-export { ActivityEvent, ActorRecord, ActorState, index$c as Adapters, AgentRecord, AgentResponse, AllRecords, AuditState, AuditStateReport, index$f as BacklogAdapter, index$g as ChangelogAdapter, ChangelogRecord, CollaborationMetrics, index$r as Config, index$b as Crypto, CustomRecord, CycleRecord, DerivedStates, index$2 as DiagramGenerator, EmbeddedMetadataRecord, EnrichedTaskRecord, EnvironmentValidation, index$n as EventBus, index$j as ExecutionAdapter, ExecutionRecord, index$a as Factories, index$i as FeedbackAdapter, FeedbackRecord, index$8 as FileLister, index$1 as FindingDetector, FixReport, GitGovActorRecord, GitGovAgentRecord, GitGovChangelogRecord, GitGovConfig, GitGovCycleRecord, GitGovExecutionRecord, GitGovFeedbackRecord, GitGovRecord, GitGovRecordPayload, GitGovRecordType, GitGovTaskRecord, type IAgentAdapter, IAgentRunner, type IBacklogAdapter, IConfigManager, IExecutionAdapter, type IFeedbackAdapter, FileLister as IFileLister, IIdentityAdapter, KeyProvider as IKeyProvider, ILintModule, IRecordMetrics, IRecordProjection, IRecordProjector, ISessionManager, ISyncStateModule, IdEncoder, index$l as IdentityAdapter, IndexData, IndexGenerationReport, IntegrityReport, index$9 as KeyProvider, index$k as Lint, LintOptions, LintReport$1 as LintReport, LintResult, index$7 as Logger, ProductivityMetrics, index$d as ProjectAdapter, type ProjectInitResult, index$e as ProjectInitializer, ProjectionContext, index$o as RecordMetrics, RecordMetricsDependencies, index$m as RecordProjection, RecordProjectorDependencies, RecordStore, RecordStores$1 as RecordStores, index$q as Records, RunOptions, index$3 as Runner, index$6 as Schemas, index$s as Session, Signature, index as SourceAuditor, index$p as Store, index$5 as SyncState, SyncStatePullResult, SyncStatePushResult, SyncStateResolveResult, SyncStatus, SystemStatus, TaskHealthReport, TaskRecord, index$4 as Validation, ValidatorType, index$h as WorkflowAdapter, type WorkflowRecord };
+export { ActivityEvent, ActorRecord, ActorState, index$c as Adapters, AgentRecord, AgentResponse, AllRecords, AuditState, AuditStateReport, index$f as BacklogAdapter, index$g as ChangelogAdapter, ChangelogRecord, CollaborationMetrics, index$r as Config, index$b as Crypto, CycleRecord, DerivedStates, index$2 as DiagramGenerator, EmbeddedMetadataRecord, EnrichedTaskRecord, EnvironmentValidation, index$n as EventBus, index$j as ExecutionAdapter, ExecutionRecord, index$a as Factories, index$i as FeedbackAdapter, FeedbackRecord, index$8 as FileLister, index$1 as FindingDetector, FixReport, GitGovActorRecord, GitGovAgentRecord, GitGovChangelogRecord, GitGovConfig, GitGovCycleRecord, GitGovExecutionRecord, GitGovFeedbackRecord, GitGovRecord, GitGovRecordPayload, GitGovRecordType, GitGovTaskRecord, type IAgentAdapter, IAgentRunner, type IBacklogAdapter, IConfigManager, IExecutionAdapter, type IFeedbackAdapter, FileLister as IFileLister, IIdentityAdapter, KeyProvider as IKeyProvider, ILintModule, IRecordMetrics, IRecordProjection, IRecordProjector, ISessionManager, ISyncStateModule, IdEncoder, index$l as IdentityAdapter, IndexData, IndexGenerationReport, IntegrityReport, index$9 as KeyProvider, index$k as Lint, LintOptions, LintReport$1 as LintReport, LintResult, index$7 as Logger, ProductivityMetrics, index$d as ProjectAdapter, type ProjectInitResult, index$e as ProjectInitializer, ProjectionContext, index$o as RecordMetrics, RecordMetricsDependencies, index$m as RecordProjection, RecordProjectorDependencies, RecordStore, RecordStores$1 as RecordStores, index$q as Records, RunOptions, index$3 as Runner, index$6 as Schemas, index$s as Session, Signature, index as SourceAuditor, index$p as Store, index$5 as SyncState, SyncStatePullResult, SyncStatePushResult, SyncStateResolveResult, SyncStatus, SystemStatus, TaskHealthReport, TaskRecord, index$4 as Validation, ValidatorType, index$h as WorkflowAdapter, type WorkflowRecord };

package/dist/src/index.js

@@ -985,20 +985,10 @@ var embedded_metadata_schema_default = {
             "execution",
             "changelog",
             "feedback",
-            "cycle",
-            "custom"
+            "cycle"
           ],
           description: "The type of the record contained in the payload."
         },
-        schemaUrl: {
-          type: "string",
-          description: "Optional URL to a custom schema for the payload."
-        },
-        schemaChecksum: {
-          type: "string",
-          pattern: "^[a-fA-F0-9]{64}$",
-          description: "Optional SHA-256 checksum of the custom schema."
-        },
         payloadChecksum: {
           type: "string",
           pattern: "^[a-fA-F0-9]{64}$",
@@ -1222,32 +1212,6 @@ var embedded_metadata_schema_default = {
         }
       },
       else: false
-    },
-    {
-      if: {
-        properties: {
-          header: {
-            type: "object",
-            properties: {
-              type: {
-                const: "custom"
-              }
-            }
-          }
-        }
-      },
-      then: {
-        properties: {
-          header: {
-            type: "object",
-            required: [
-              "schemaUrl",
-              "schemaChecksum"
-            ]
-          }
-        }
-      },
-      else: false
     }
   ],
   examples: [
@@ -6915,7 +6879,7 @@ function inferTypeFromPayload(payload) {
   if ("status" in payload && "taskIds" in payload) return "cycle";
   if ("priority" in payload && "description" in payload) return "task";
   if ("displayName" in payload && "publicKey" in payload) return "actor";
-  return "custom";
+  return "task";
 }
 function createEmbeddedMetadataRecord(payload, options = {}) {
   const inferredType = inferTypeFromPayload(payload);
@@ -6940,11 +6904,7 @@ function createEmbeddedMetadataRecord(payload, options = {}) {
     // Always 1.0 (schema enforces this)
     type,
     payloadChecksum,
-    signatures,
-    ...type === "custom" && {
-      schemaUrl: options.header?.schemaUrl,
-      schemaChecksum: options.header?.schemaChecksum
-    }
+    signatures
   };
   const embeddedRecord = {
     header,
@@ -7693,6 +7653,22 @@ var LintModule = class {
     }
     return results;
   }
+  /**
+   * Validates typed references by prefix (pure, no I/O).
+   * Delegates to private validateTypedReferencesByPrefix.
+   */
+  lintRecordReferences(record, context) {
+    const payload = record.payload;
+    if (!Array.isArray(payload.references) || payload.references.length === 0) {
+      return [];
+    }
+    return this.validateTypedReferencesByPrefix(
+      payload.references,
+      context.recordId,
+      context.filePath || `unknown/${context.recordId}.json`,
+      context.entityType
+    );
+  }
   /**
    * Validates all records from stores.
    * Iterates this.stores to collect records, then validates each one.
@@ -7810,7 +7786,7 @@ var LintModule = class {
           fixedRecord = this.fixChecksum(fixedRecord);
           break;
         case "SIGNATURE_STRUCTURE":
-          fixedRecord = this.fixSignature(fixedRecord, result, options);
+          fixedRecord = this.fixSignature(fixedRecord, result, options, fixableResults);
           break;
         // BIDIRECTIONAL_CONSISTENCY requires modifying OTHER records
         // This must be handled by FsLintModule which can write multiple files
@@ -7909,6 +7885,45 @@ var LintModule = class {
     }
     return results;
   }
+  /**
+   * [EARS-E2] Validates typed references by prefix.
+   * Valid prefixes: file:, task:, cycle:, adapter:, url:, commit:, pr:
+   * Reports a warning for unknown prefixes and an error for empty values after known prefix.
+   * Pure — does not resolve actual references.
+   * @private
+   */
+  validateTypedReferencesByPrefix(references, recordId, filePath, entityType) {
+    const VALID_PREFIXES = ["file:", "task:", "cycle:", "adapter:", "url:", "commit:", "pr:"];
+    const results = [];
+    for (const ref of references) {
+      const matchedPrefix = VALID_PREFIXES.find((p) => ref.startsWith(p));
+      if (!matchedPrefix) {
+        results.push({
+          level: "warning",
+          filePath,
+          validator: "REFERENTIAL_INTEGRITY",
+          message: `Reference '${ref}' has an unknown prefix. Valid prefixes: ${VALID_PREFIXES.join(", ")}`,
+          entity: { type: entityType, id: recordId },
+          fixable: false,
+          context: { field: "references", actual: ref, expected: "reference with valid prefix" }
+        });
+      } else {
+        const value = ref.slice(matchedPrefix.length);
+        if (!value) {
+          results.push({
+            level: "error",
+            filePath,
+            validator: "REFERENTIAL_INTEGRITY",
+            message: `Reference '${ref}' has prefix '${matchedPrefix}' but no value after it`,
+            entity: { type: entityType, id: recordId },
+            fixable: false,
+            context: { field: "references", actual: ref, expected: `${matchedPrefix}<non-empty-value>` }
+          });
+        }
+      }
+    }
+    return results;
+  }
   /**
    * [EARS-E1] through [EARS-E6] Validates references.
    * Uses Store<T> for lookups.
@@ -7917,6 +7932,16 @@ var LintModule = class {
   async validateReferences(record, recordId, filePath, entityType) {
     const results = [];
     const payload = record.payload;
+    const payloadWithRefs = payload;
+    if (Array.isArray(payloadWithRefs.references) && payloadWithRefs.references.length > 0) {
+      const prefixResults = this.validateTypedReferencesByPrefix(
+        payloadWithRefs.references,
+        recordId,
+        filePath,
+        entityType
+      );
+      results.push(...prefixResults);
+    }
     const taskStore = this.stores.tasks;
     const cycleStore = this.stores.cycles;
     if (entityType === "execution" && isExecutionPayload(payload) && payload.taskId && taskStore) {
@@ -8119,23 +8144,59 @@ var LintModule = class {
     };
   }
   /**
-   * Fixes signature structure issues.
-   * @private
-   */
-  /**
-   * [EARS-F9] Fixes signature structure issues.
+   * [EARS-F9] [EARS-F10] Fixes signature structure issues.
    *
    * Preserves valid keyId and role from existing signature if present,
    * only using options.keyId as fallback when no existing signature exists.
    *
+   * [EARS-F10] When the ONLY problem is a missing `notes` field (no other
+   * signature errors exist for this record), adds `notes` WITHOUT regenerating
+   * the signature — preserving the existing cryptographic value.
+   *
    * @private
    */
-  fixSignature(record, result, options) {
+  fixSignature(record, result, options, allResults) {
     if (!options.privateKey) {
       throw new Error("privateKey is required to fix signature");
     }
-    const payloadChecksum = calculatePayloadChecksum(record.payload);
     const existingSig = record.header?.signatures?.[0];
+    const isOnlyMissingNotes = (() => {
+      if (!result.message.includes("must have required property 'notes'")) {
+        return false;
+      }
+      if (allResults) {
+        const otherSigErrors = allResults.filter(
+          (r) => r !== result && r.validator === "SIGNATURE_STRUCTURE" && r.entity.id === result.entity.id && r.fixable
+        );
+        if (otherSigErrors.length > 0) {
+          return false;
+        }
+      }
+      const sigValue = existingSig?.signature;
+      if (!sigValue || !/^[A-Za-z0-9+/]{86}==$/.test(sigValue)) {
+        return false;
+      }
+      return true;
+    })();
+    if (isOnlyMissingNotes && existingSig) {
+      const fixedSig = {
+        keyId: existingSig.keyId,
+        role: existingSig.role,
+        notes: "Signature notes added by lint fix",
+        signature: existingSig.signature,
+        timestamp: existingSig.timestamp
+      };
+      const payloadChecksum2 = calculatePayloadChecksum(record.payload);
+      return {
+        header: {
+          ...record.header,
+          payloadChecksum: payloadChecksum2,
+          signatures: [fixedSig]
+        },
+        payload: record.payload
+      };
+    }
+    const payloadChecksum = calculatePayloadChecksum(record.payload);
     const keyId = existingSig?.keyId || options.keyId || result.entity.id;
     const role = existingSig?.role || "author";
     const notes = existingSig?.notes || "Signature regenerated by lint fix";