npm - @hongmaple0820/scale-engine - Versions diffs - 0.20.0 → 0.21.1 - Mend

@hongmaple0820/scale-engine 0.20.0 → 0.21.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (24) hide show

package/README.en.md +2 -2
package/README.md +38 -2
package/dist/api/cli.js +181 -1
package/dist/api/cli.js.map +1 -1
package/dist/memory/MemoryBrain.js +52 -52
package/dist/output/GovernanceDashboard.js +44 -44
package/dist/workflow/GovernanceTemplates.d.ts +1 -1
package/dist/workflow/GovernanceTemplates.js +128 -18
package/dist/workflow/GovernanceTemplates.js.map +1 -1
package/dist/workflow/ResourceGovernance.js +10 -1
package/dist/workflow/ResourceGovernance.js.map +1 -1
package/dist/workflow/TaskArtifactScaffolder.js +43 -5
package/dist/workflow/TaskArtifactScaffolder.js.map +1 -1
package/dist/workflow/UpgradeManager.d.ts +140 -0
package/dist/workflow/UpgradeManager.js +434 -0
package/dist/workflow/UpgradeManager.js.map +1 -0
package/docs/README.md +1 -0
package/docs/RESOURCE_GOVERNANCE.md +92 -0
package/docs/start/README.md +5 -1
package/examples/demo-projects/agent-governance-demo/CONTEXT.md +14 -0
package/examples/demo-projects/agent-governance-demo/README.md +32 -21
package/examples/demo-projects/agent-governance-demo/docs/CONTEXT-MAP.md +14 -0
package/examples/demo-projects/agent-governance-demo/package.json +6 -1
package/package.json +2 -1

package/dist/workflow/UpgradeManager.js ADDED Viewed

@@ -0,0 +1,434 @@
+import { copyFileSync, existsSync, mkdirSync, readFileSync, readdirSync, rmSync, writeFileSync } from 'node:fs';
+import { dirname, join, resolve } from 'node:path';
+import { TOOL_CAPABILITY_CATALOG } from '../tools/ToolCapabilityRegistry.js';
+import { SCALE_ENGINE_VERSION } from '../version.js';
+import { computeGovernanceDrift, readGovernanceLock } from './GovernanceLock.js';
+import { listGovernanceTemplatePacks, resolveGovernanceTemplatePack } from './GovernanceTemplatePacks.js';
+import { writeGovernanceTemplates } from './GovernanceTemplates.js';
+export function createUpgradeCheckReport(options = {}) {
+    const projectDir = resolve(options.projectDir ?? process.cwd());
+    const lock = readGovernanceLock(projectDir);
+    const drift = computeGovernanceDrift(projectDir);
+    const latestScaleVersion = normalizeTargetVersion(options.targetScaleVersion);
+    const pack = lock ? resolveGovernanceTemplatePack(lock.pack) : null;
+    const scaleUpToDate = Boolean(lock && lock.scaleVersion === latestScaleVersion);
+    const packUpToDate = Boolean(lock && pack && lock.packVersion === pack.version);
+    const generatedTotal = drift.clean.length + drift.changed.length + drift.missing.length;
+    const thirdParty = createThirdPartyUpdateReport();
+    const status = resolveUpgradeStatus({
+        hasLock: Boolean(lock),
+        hasLocalChanges: drift.changed.length > 0,
+        hasMissingFiles: drift.missing.length > 0,
+        scaleUpToDate,
+        packUpToDate,
+    });
+    return {
+        version: 1,
+        projectDir,
+        status,
+        scaleEngine: {
+            currentVersion: lock?.scaleVersion ?? null,
+            latestVersion: latestScaleVersion,
+            upToDate: scaleUpToDate,
+        },
+        governanceLock: {
+            exists: Boolean(lock),
+            path: join(projectDir, '.scale', 'governance.lock.json'),
+        },
+        governancePack: {
+            id: lock?.pack ?? null,
+            currentVersion: lock?.packVersion ?? null,
+            latestVersion: pack?.version ?? null,
+            upToDate: packUpToDate,
+        },
+        generatedFiles: {
+            total: generatedTotal,
+            clean: drift.clean.length,
+            changed: drift.changed.length,
+            missing: drift.missing.length,
+        },
+        drift,
+        thirdParty,
+        recommendedCommands: [
+            'scale upgrade plan --dir .',
+            'scale tools outdated --dir .',
+            'scale skill outdated --dir .',
+            'scale preflight --preflight-profile quick',
+        ],
+    };
+}
+export function createUpgradePlanReport(options = {}) {
+    const check = createUpgradeCheckReport(options);
+    const blockers = [];
+    const steps = [];
+    if (!check.governanceLock.exists) {
+        blockers.push({
+            code: 'missing-governance-lock',
+            message: 'No governance lock exists; SCALE cannot determine which generated files are safe to upgrade.',
+        });
+        steps.push({
+            action: 'initialize-governance-lock',
+            risk: 'medium',
+            reason: 'Create a lock before upgrading generated governance assets.',
+            command: 'scale init --governance-pack standard',
+        });
+    }
+    if (!check.scaleEngine.upToDate && check.scaleEngine.currentVersion) {
+        steps.push({
+            action: 'upgrade-scale-engine',
+            risk: 'low',
+            reason: `SCALE Engine changed from ${check.scaleEngine.currentVersion} to ${check.scaleEngine.latestVersion}.`,
+            command: 'npm install -g @hongmaple0820/scale-engine',
+        });
+    }
+    if (!check.governancePack.upToDate && check.governancePack.id) {
+        steps.push({
+            action: 'upgrade-governance-pack',
+            risk: 'medium',
+            reason: `Governance pack ${check.governancePack.id} changed from v${check.governancePack.currentVersion} to v${check.governancePack.latestVersion}.`,
+            command: `scale init --governance-pack ${check.governancePack.id}`,
+        });
+    }
+    for (const entry of check.drift.missing) {
+        steps.push({
+            action: 'restore-missing-generated-file',
+            path: entry.path,
+            risk: 'low',
+            reason: 'The file is tracked by the governance lock but is missing locally.',
+        });
+    }
+    for (const entry of check.drift.changed) {
+        blockers.push({
+            code: 'local-generated-file-changed',
+            path: entry.path,
+            message: 'Generated governance file has local edits and needs a three-way/manual review before upgrade.',
+        });
+        steps.push({
+            action: 'review-local-change',
+            path: entry.path,
+            risk: 'medium',
+            reason: 'Local edits must be preserved or intentionally replaced.',
+        });
+    }
+    const thirdPartyReview = check.thirdParty.entries.filter(entry => entry.updatePolicy !== 'check-only');
+    for (const entry of thirdPartyReview) {
+        steps.push({
+            action: 'review-third-party-capability',
+            risk: entry.trust === 'high-risk' ? 'high' : 'medium',
+            reason: `${entry.name} updates require ${entry.updatePolicy}; SCALE never auto-installs third-party capabilities.`,
+        });
+    }
+    steps.push({
+        action: 'run-preflight',
+        risk: 'low',
+        reason: 'Validate the project after any accepted upgrade.',
+        command: 'scale preflight --preflight-profile quick',
+    });
+    return {
+        version: 1,
+        projectDir: check.projectDir,
+        status: check.status,
+        applyMode: blockers.length === 0 ? 'safe' : 'manual-review',
+        blockers,
+        steps,
+        check,
+        recommendedCommands: [
+            'scale upgrade check --dir .',
+            'scale upgrade plan --dir . --html',
+            'scale preflight --preflight-profile quick',
+        ],
+    };
+}
+export function applyUpgradePlan(options = {}) {
+    const projectDir = resolve(options.projectDir ?? process.cwd());
+    const plan = createUpgradePlanReport(options);
+    if (!options.confirm) {
+        return upgradeApplyResult(projectDir, plan, false, false, 'Review scale upgrade plan first, then rerun with --confirm.', []);
+    }
+    if (plan.applyMode !== 'safe') {
+        return upgradeApplyResult(projectDir, plan, false, false, 'Upgrade requires manual review because generated files have local changes or the lock is missing.', []);
+    }
+    if (!plan.check.governanceLock.exists || !plan.check.governancePack.id) {
+        return upgradeApplyResult(projectDir, plan, false, false, 'Cannot apply without a governance lock and pack id.', []);
+    }
+    if (!plan.check.governancePack.upToDate) {
+        return upgradeApplyResult(projectDir, plan, false, false, 'Governance pack version changes require manual review before automatic apply.', []);
+    }
+    const missingFiles = plan.check.drift.missing.map(entry => entry.path);
+    const shouldRefreshLock = !plan.check.scaleEngine.upToDate || missingFiles.length > 0;
+    if (!shouldRefreshLock) {
+        return upgradeApplyResult(projectDir, plan, true, false, 'No safe upgrade changes were needed.', []);
+    }
+    const backup = createUpgradeBackup(projectDir, uniqueStrings([...missingFiles, '.scale/governance.lock.json']));
+    const result = writeGovernanceTemplates(projectDir, { pack: plan.check.governancePack.id });
+    const createdFiles = result.created
+        .map(path => normalizeProjectRelativePath(projectDir, path))
+        .filter((path) => Boolean(path));
+    mergeCreatedFilesIntoBackup(backup.manifestPath, createdFiles);
+    const changedFiles = uniqueStrings([
+        ...missingFiles.filter(path => existsSync(join(projectDir, path))),
+        ...createdFiles,
+        '.scale/governance.lock.json',
+    ]);
+    return {
+        version: 1,
+        projectDir,
+        ok: true,
+        applied: changedFiles.length > 0,
+        reason: changedFiles.length > 0 ? 'Safe upgrade changes were applied.' : 'No safe upgrade changes were needed.',
+        changedFiles,
+        backup,
+        plan: createUpgradePlanReport(options),
+    };
+}
+export function rollbackLatestUpgrade(options = {}) {
+    const projectDir = resolve(options.projectDir ?? process.cwd());
+    const backup = latestUpgradeBackup(projectDir);
+    if (!backup) {
+        return {
+            version: 1,
+            projectDir,
+            ok: false,
+            applied: false,
+            reason: 'No SCALE-managed upgrade backup was found.',
+            restoredFiles: [],
+        };
+    }
+    const manifest = JSON.parse(readFileSync(backup.manifestPath, 'utf-8'));
+    const restoredFiles = [];
+    for (const entry of manifest.files) {
+        const target = join(projectDir, entry.path);
+        if (entry.existed && entry.backupPath) {
+            mkdirSync(dirname(target), { recursive: true });
+            copyFileSync(join(backup.dir, entry.backupPath), target);
+        }
+        else {
+            rmSync(target, { force: true, recursive: true });
+        }
+        restoredFiles.push(entry.path);
+    }
+    return {
+        version: 1,
+        projectDir,
+        ok: true,
+        applied: true,
+        reason: 'Latest SCALE-managed upgrade backup was rolled back.',
+        backup,
+        restoredFiles: uniqueStrings(restoredFiles),
+    };
+}
+export function createThirdPartyUpdateReport(category) {
+    const selectedCategories = Array.isArray(category) ? new Set(category) : category ? new Set([category]) : undefined;
+    const entries = TOOL_CAPABILITY_CATALOG
+        .filter(tool => !selectedCategories || selectedCategories.has(tool.category))
+        .map(tool => {
+        const trust = classifyThirdPartyTrust(tool.category, tool.source);
+        const updatePolicy = updatePolicyForTrust(trust);
+        return {
+            id: tool.id,
+            name: tool.name,
+            category: tool.category,
+            source: tool.source,
+            trust,
+            updatePolicy,
+            installPolicy: 'never-auto-install',
+            latestVersion: 'unknown',
+            reason: updateReason(tool.category, trust),
+        };
+    });
+    const trusted = entries.filter(entry => entry.trust === 'trusted').length;
+    const community = entries.filter(entry => entry.trust === 'community').length;
+    const highRisk = entries.filter(entry => entry.trust === 'high-risk').length;
+    const blocked = entries.filter(entry => entry.updatePolicy === 'blocked').length;
+    const reviewRequired = entries.filter(entry => entry.updatePolicy !== 'check-only').length;
+    return {
+        version: 1,
+        policy: 'check-only',
+        summary: {
+            total: entries.length,
+            trusted,
+            community,
+            highRisk,
+            reviewRequired,
+            blocked,
+        },
+        reviewRequired,
+        entries,
+    };
+}
+function upgradeApplyResult(projectDir, plan, ok, applied, reason, changedFiles) {
+    return {
+        version: 1,
+        projectDir,
+        ok,
+        applied,
+        reason,
+        changedFiles,
+        plan,
+    };
+}
+function createUpgradeBackup(projectDir, relativePaths) {
+    const id = `upgrade-${new Date().toISOString().replace(/[:.]/g, '-')}`;
+    const dir = join(projectDir, '.scale', 'backups', id);
+    const filesDir = join(dir, 'files');
+    mkdirSync(filesDir, { recursive: true });
+    const manifest = {
+        version: 1,
+        id,
+        createdAt: new Date().toISOString(),
+        projectDir,
+        files: uniqueStrings(relativePaths).map(path => {
+            const target = join(projectDir, path);
+            if (!existsSync(target))
+                return { path, existed: false };
+            const backupPath = join('files', path.replace(/^[\\/]+/, '').replace(/\\/g, '/'));
+            const backupTarget = join(dir, backupPath);
+            mkdirSync(dirname(backupTarget), { recursive: true });
+            copyFileSync(target, backupTarget);
+            return { path, existed: true, backupPath };
+        }),
+    };
+    const manifestPath = join(dir, 'manifest.json');
+    writeFileSync(manifestPath, JSON.stringify(manifest, null, 2) + '\n', 'utf-8');
+    return { id, dir, manifestPath };
+}
+function mergeCreatedFilesIntoBackup(manifestPath, createdFiles) {
+    const manifest = JSON.parse(readFileSync(manifestPath, 'utf-8'));
+    const existing = new Set(manifest.files.map(file => file.path));
+    for (const path of createdFiles) {
+        if (!existing.has(path)) {
+            manifest.files.push({ path, existed: false });
+            existing.add(path);
+        }
+    }
+    writeFileSync(manifestPath, JSON.stringify(manifest, null, 2) + '\n', 'utf-8');
+}
+function latestUpgradeBackup(projectDir) {
+    const backupsDir = join(projectDir, '.scale', 'backups');
+    if (!existsSync(backupsDir))
+        return null;
+    const candidates = readdirSync(backupsDir, { withFileTypes: true })
+        .filter(entry => entry.isDirectory() && entry.name.startsWith('upgrade-'))
+        .map(entry => ({
+        id: entry.name,
+        dir: join(backupsDir, entry.name),
+        manifestPath: join(backupsDir, entry.name, 'manifest.json'),
+    }))
+        .filter(entry => existsSync(entry.manifestPath))
+        .sort((a, b) => a.id.localeCompare(b.id));
+    return candidates.at(-1) ?? null;
+}
+function normalizeProjectRelativePath(projectDir, path) {
+    const normalizedProject = resolve(projectDir).replace(/\\/g, '/');
+    const normalizedPath = resolve(path).replace(/\\/g, '/');
+    if (!normalizedPath.startsWith(`${normalizedProject}/`))
+        return null;
+    return normalizedPath.slice(normalizedProject.length + 1);
+}
+function uniqueStrings(items) {
+    return [...new Set(items)];
+}
+export function writeUpgradePlanHtml(report, outputPath) {
+    const target = outputPath ?? join(report.projectDir, '.scale', 'reports', 'upgrade-plan.html');
+    mkdirSync(dirname(target), { recursive: true });
+    writeFileSync(target, renderUpgradePlanHtml(report), 'utf-8');
+    return target;
+}
+export function listAvailableGovernancePackVersions() {
+    return listGovernanceTemplatePacks().map(pack => ({ id: pack.id, version: pack.version }));
+}
+function resolveUpgradeStatus(input) {
+    if (!input.hasLock)
+        return 'missing-lock';
+    if (input.hasLocalChanges)
+        return 'local-changes';
+    if (input.hasMissingFiles || !input.scaleUpToDate || !input.packUpToDate)
+        return 'updates-available';
+    return 'clean';
+}
+function normalizeTargetVersion(version) {
+    if (!version || version === 'latest')
+        return SCALE_ENGINE_VERSION;
+    return version;
+}
+function classifyThirdPartyTrust(category, source) {
+    if (category === 'desktop')
+        return 'high-risk';
+    if (!source)
+        return 'community';
+    if (source.includes('anthropics/') ||
+        source.includes('playwright.dev') ||
+        source.includes('openai/') ||
+        source.includes('google-gemini/') ||
+        source.includes('vercel-labs/'))
+        return 'trusted';
+    return 'community';
+}
+function updatePolicyForTrust(trust) {
+    if (trust === 'high-risk')
+        return 'blocked';
+    if (trust === 'community')
+        return 'manual-review';
+    return 'check-only';
+}
+function updateReason(category, trust) {
+    if (trust === 'high-risk')
+        return 'High-privilege desktop automation must be reviewed and confirmed by a human.';
+    if (trust === 'community')
+        return 'Community source requires source, script, and permission review before update.';
+    if (category === 'mcp')
+        return 'MCP updates must still be checked for command and permission changes.';
+    return 'Trusted source; check version and changelog before applying.';
+}
+function renderUpgradePlanHtml(report) {
+    const rows = report.steps.map(step => `
+      <tr>
+        <td>${escapeHtml(step.action)}</td>
+        <td>${escapeHtml(step.path ?? '')}</td>
+        <td>${escapeHtml(step.risk)}</td>
+        <td>${escapeHtml(step.reason)}</td>
+        <td><code>${escapeHtml(step.command ?? '')}</code></td>
+      </tr>`).join('');
+    const blockers = report.blockers.length
+        ? report.blockers.map(blocker => `<li><strong>${escapeHtml(blocker.code)}</strong> ${escapeHtml(blocker.path ?? '')} ${escapeHtml(blocker.message)}</li>`).join('')
+        : '<li>No blockers detected.</li>';
+    return `<!doctype html>
+<html lang="zh-CN">
+<head>
+  <meta charset="utf-8" />
+  <title>SCALE Upgrade Plan</title>
+  <style>
+    body { font-family: -apple-system, BlinkMacSystemFont, "Segoe UI", sans-serif; margin: 32px; color: #1f2937; }
+    h1 { margin-bottom: 8px; }
+    table { border-collapse: collapse; width: 100%; margin-top: 16px; }
+    th, td { border: 1px solid #d1d5db; padding: 8px; text-align: left; vertical-align: top; }
+    th { background: #f3f4f6; }
+    code { white-space: pre-wrap; }
+    .badge { display: inline-block; padding: 2px 8px; border-radius: 999px; background: #eef2ff; }
+  </style>
+</head>
+<body>
+  <h1>SCALE Upgrade Plan</h1>
+  <p>Project: <code>${escapeHtml(report.projectDir)}</code></p>
+  <p>Status: <span class="badge">${escapeHtml(report.status)}</span> Apply mode: <span class="badge">${escapeHtml(report.applyMode)}</span></p>
+  <h2>Blockers</h2>
+  <ul>${blockers}</ul>
+  <h2>Steps</h2>
+  <table>
+    <thead><tr><th>Action</th><th>Path</th><th>Risk</th><th>Reason</th><th>Command</th></tr></thead>
+    <tbody>${rows}</tbody>
+  </table>
+  <h2>Third-party Policy</h2>
+  <p>Policy: ${escapeHtml(report.check.thirdParty.policy)}. Review required: ${report.check.thirdParty.reviewRequired}.</p>
+</body>
+</html>
+`;
+}
+function escapeHtml(value) {
+    return value
+        .replace(/&/g, '&amp;')
+        .replace(/</g, '&lt;')
+        .replace(/>/g, '&gt;')
+        .replace(/"/g, '&quot;');
+}
+//# sourceMappingURL=UpgradeManager.js.map

package/dist/workflow/UpgradeManager.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"UpgradeManager.js","sourceRoot":"","sources":["../../src/workflow/UpgradeManager.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,SAAS,CAAA;AAC/G,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AAClD,OAAO,EAAE,uBAAuB,EAA+B,MAAM,oCAAoC,CAAA;AACzG,OAAO,EAAE,oBAAoB,EAAE,MAAM,eAAe,CAAA;AACpD,OAAO,EAAE,sBAAsB,EAAE,kBAAkB,EAA8B,MAAM,qBAAqB,CAAA;AAC5G,OAAO,EAAE,2BAA2B,EAAE,6BAA6B,EAAyB,MAAM,8BAA8B,CAAA;AAChI,OAAO,EAAE,wBAAwB,EAAE,MAAM,0BAA0B,CAAA;AAqJnE,MAAM,UAAU,wBAAwB,CAAC,UAAiC,EAAE;IAC1E,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC,CAAA;IAC/D,MAAM,IAAI,GAAG,kBAAkB,CAAC,UAAU,CAAC,CAAA;IAC3C,MAAM,KAAK,GAAG,sBAAsB,CAAC,UAAU,CAAC,CAAA;IAChD,MAAM,kBAAkB,GAAG,sBAAsB,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAA;IAC7E,MAAM,IAAI,GAAG,IAAI,CAAC,CAAC,CAAC,6BAA6B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IACnE,MAAM,aAAa,GAAG,OAAO,CAAC,IAAI,IAAI,IAAI,CAAC,YAAY,KAAK,kBAAkB,CAAC,CAAA;IAC/E,MAAM,YAAY,GAAG,OAAO,CAAC,IAAI,IAAI,IAAI,IAAI,IAAI,CAAC,WAAW,KAAK,IAAI,CAAC,OAAO,CAAC,CAAA;IAC/E,MAAM,cAAc,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAA;IACvF,MAAM,UAAU,GAAG,4BAA4B,EAAE,CAAA;IACjD,MAAM,MAAM,GAAG,oBAAoB,CAAC;QAClC,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC;QACtB,eAAe,EAAE,KAAK,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC;QACzC,eAAe,EAAE,KAAK,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC;QACzC,aAAa;QACb,YAAY;KACb,CAAC,CAAA;IAEF,OAAO;QACL,OAAO,EAAE,CAAC;QACV,UAAU;QACV,MAAM;QACN,WAAW,EAAE;YACX,cAAc,EAAE,IAAI,EAAE,YAAY,IAAI,IAAI;YAC1C,aAAa,EAAE,kBAAkB;YACjC,QAAQ,EAAE,aAAa;SACxB;QACD,cAAc,EAAE;YACd,MAAM,EAAE,OAAO,CAAC,IAAI,CAAC;YACrB,IAAI,EAAE,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,sBAAsB,CAAC;SACzD;QACD,cAAc,EAAE;YACd,EAAE,EAAE,IAAI,EAAE,IAAI,IAAI,IAAI;YACtB,cAAc,EAAE,IAAI,EAAE,WAAW,IAAI,IAAI;YACzC,aAAa,EAAE,IAAI,EAAE,OAAO,IAAI,IAAI;YACpC,QAAQ,EAAE,YAAY;SACvB;QACD,cAAc,EAAE;YACd,KAAK,EAAE,cAAc;YACrB,KAAK,EAAE,KAAK,CAAC,KAAK,CAAC,MAAM;YACzB,OAAO,EAAE,KAAK,CAAC,OAAO,CAAC,MAAM;YAC7B,OAAO,EAAE,KAAK,CAAC,OAAO,CAAC,MAAM;SAC9B;QACD,KAAK;QACL,UAAU;QACV,mBAAmB,EAAE;YACnB,4BAA4B;YAC5B,8BAA8B;YAC9B,8BAA8B;YAC9B,2CAA2C;SAC5C;KACF,CAAA;AACH,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,UAAiC,EAAE;IACzE,MAAM,KAAK,GAAG,wBAAwB,CAAC,OAAO,CAAC,CAAA;IAC/C,MAAM,QAAQ,GAAyB,EAAE,CAAA;IACzC,MAAM,KAAK,GAAsB,EAAE,CAAA;IAEnC,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,MAAM,EAAE,CAAC;QACjC,QAAQ,CAAC,IAAI,CAAC;YACZ,IAAI,EAAE,yBAAyB;YAC/B,OAAO,EAAE,8FAA8F;SACxG,CAAC,CAAA;QACF,KAAK,CAAC,IAAI,CAAC;YACT,MAAM,EAAE,4BAA4B;YACpC,IAAI,EAAE,QAAQ;YACd,MAAM,EAAE,6DAA6D;YACrE,OAAO,EAAE,uCAAuC;SACjD,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,QAAQ,IAAI,KAAK,CAAC,WAAW,CAAC,cAAc,EAAE,CAAC;QACpE,KAAK,CAAC,IAAI,CAAC;YACT,MAAM,EAAE,sBAAsB;YAC9B,IAAI,EAAE,KAAK;YACX,MAAM,EAAE,6BAA6B,KAAK,CAAC,WAAW,CAAC,cAAc,OAAO,KAAK,CAAC,WAAW,CAAC,aAAa,GAAG;YAC9G,OAAO,EAAE,4CAA4C;SACtD,CAAC,CAAA;IACJ,CAAC;IAED,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,QAAQ,IAAI,KAAK,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC;QAC9D,KAAK,CAAC,IAAI,CAAC;YACT,MAAM,EAAE,yBAAyB;YACjC,IAAI,EAAE,QAAQ;YACd,MAAM,EAAE,mBAAmB,KAAK,CAAC,cAAc,CAAC,EAAE,kBAAkB,KAAK,CAAC,cAAc,CAAC,cAAc,QAAQ,KAAK,CAAC,cAAc,CAAC,aAAa,GAAG;YACpJ,OAAO,EAAE,gCAAgC,KAAK,CAAC,cAAc,CAAC,EAAE,EAAE;SACnE,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;QACxC,KAAK,CAAC,IAAI,CAAC;YACT,MAAM,EAAE,gCAAgC;YACxC,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,IAAI,EAAE,KAAK;YACX,MAAM,EAAE,oEAAoE;SAC7E,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;QACxC,QAAQ,CAAC,IAAI,CAAC;YACZ,IAAI,EAAE,8BAA8B;YACpC,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,OAAO,EAAE,+FAA+F;SACzG,CAAC,CAAA;QACF,KAAK,CAAC,IAAI,CAAC;YACT,MAAM,EAAE,qBAAqB;YAC7B,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,IAAI,EAAE,QAAQ;YACd,MAAM,EAAE,0DAA0D;SACnE,CAAC,CAAA;IACJ,CAAC;IAED,MAAM,gBAAgB,GAAG,KAAK,CAAC,UAAU,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,YAAY,KAAK,YAAY,CAAC,CAAA;IACtG,KAAK,MAAM,KAAK,IAAI,gBAAgB,EAAE,CAAC;QACrC,KAAK,CAAC,IAAI,CAAC;YACT,MAAM,EAAE,+BAA+B;YACvC,IAAI,EAAE,KAAK,CAAC,KAAK,KAAK,WAAW,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;YACrD,MAAM,EAAE,GAAG,KAAK,CAAC,IAAI,oBAAoB,KAAK,CAAC,YAAY,uDAAuD;SACnH,CAAC,CAAA;IACJ,CAAC;IAED,KAAK,CAAC,IAAI,CAAC;QACT,MAAM,EAAE,eAAe;QACvB,IAAI,EAAE,KAAK;QACX,MAAM,EAAE,kDAAkD;QAC1D,OAAO,EAAE,2CAA2C;KACrD,CAAC,CAAA;IAEF,OAAO;QACL,OAAO,EAAE,CAAC;QACV,UAAU,EAAE,KAAK,CAAC,UAAU;QAC5B,MAAM,EAAE,KAAK,CAAC,MAAM;QACpB,SAAS,EAAE,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,eAAe;QAC3D,QAAQ;QACR,KAAK;QACL,KAAK;QACL,mBAAmB,EAAE;YACnB,6BAA6B;YAC7B,mCAAmC;YACnC,2CAA2C;SAC5C;KACF,CAAA;AACH,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,UAA+B,EAAE;IAChE,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC,CAAA;IAC/D,MAAM,IAAI,GAAG,uBAAuB,CAAC,OAAO,CAAC,CAAA;IAC7C,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;QACrB,OAAO,kBAAkB,CAAC,UAAU,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,6DAA6D,EAAE,EAAE,CAAC,CAAA;IAC9H,CAAC;IACD,IAAI,IAAI,CAAC,SAAS,KAAK,MAAM,EAAE,CAAC;QAC9B,OAAO,kBAAkB,CAAC,UAAU,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,mGAAmG,EAAE,EAAE,CAAC,CAAA;IACpK,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC;QACvE,OAAO,kBAAkB,CAAC,UAAU,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,qDAAqD,EAAE,EAAE,CAAC,CAAA;IACtH,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,QAAQ,EAAE,CAAC;QACxC,OAAO,kBAAkB,CAAC,UAAU,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,+EAA+E,EAAE,EAAE,CAAC,CAAA;IAChJ,CAAC;IAED,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACtE,MAAM,iBAAiB,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,QAAQ,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,CAAA;IACrF,IAAI,CAAC,iBAAiB,EAAE,CAAC;QACvB,OAAO,kBAAkB,CAAC,UAAU,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,sCAAsC,EAAE,EAAE,CAAC,CAAA;IACtG,CAAC;IAED,MAAM,MAAM,GAAG,mBAAmB,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC,GAAG,YAAY,EAAE,6BAA6B,CAAC,CAAC,CAAC,CAAA;IAC/G,MAAM,MAAM,GAAG,wBAAwB,CAAC,UAAU,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,EAAE,CAAC,CAAA;IAC3F,MAAM,YAAY,GAAG,MAAM,CAAC,OAAO;SAChC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,4BAA4B,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;SAC3D,MAAM,CAAC,CAAC,IAAI,EAAkB,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAA;IAClD,2BAA2B,CAAC,MAAM,CAAC,YAAY,EAAE,YAAY,CAAC,CAAA;IAE9D,MAAM,YAAY,GAAG,aAAa,CAAC;QACjC,GAAG,YAAY,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC;QAClE,GAAG,YAAY;QACf,6BAA6B;KAC9B,CAAC,CAAA;IAEF,OAAO;QACL,OAAO,EAAE,CAAC;QACV,UAAU;QACV,EAAE,EAAE,IAAI;QACR,OAAO,EAAE,YAAY,CAAC,MAAM,GAAG,CAAC;QAChC,MAAM,EAAE,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,oCAAoC,CAAC,CAAC,CAAC,sCAAsC;QAC/G,YAAY;QACZ,MAAM;QACN,IAAI,EAAE,uBAAuB,CAAC,OAAO,CAAC;KACvC,CAAA;AACH,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,UAAiC,EAAE;IACvE,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC,CAAA;IAC/D,MAAM,MAAM,GAAG,mBAAmB,CAAC,UAAU,CAAC,CAAA;IAC9C,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO;YACL,OAAO,EAAE,CAAC;YACV,UAAU;YACV,EAAE,EAAE,KAAK;YACT,OAAO,EAAE,KAAK;YACd,MAAM,EAAE,4CAA4C;YACpD,aAAa,EAAE,EAAE;SAClB,CAAA;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,YAAY,EAAE,OAAO,CAAC,CAA0B,CAAA;IAChG,MAAM,aAAa,GAAa,EAAE,CAAA;IAClC,KAAK,MAAM,KAAK,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;QACnC,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC,IAAI,CAAC,CAAA;QAC3C,IAAI,KAAK,CAAC,OAAO,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;YACtC,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;YAC/C,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC,CAAA;QAC1D,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,MAAM,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;QAClD,CAAC;QACD,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAChC,CAAC;IAED,OAAO;QACL,OAAO,EAAE,CAAC;QACV,UAAU;QACV,EAAE,EAAE,IAAI;QACR,OAAO,EAAE,IAAI;QACb,MAAM,EAAE,sDAAsD;QAC9D,MAAM;QACN,aAAa,EAAE,aAAa,CAAC,aAAa,CAAC;KAC5C,CAAA;AACH,CAAC;AAED,MAAM,UAAU,4BAA4B,CAAC,QAA4D;IACvG,MAAM,kBAAkB,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;IACnH,MAAM,OAAO,GAAG,uBAAuB;SACpC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,kBAAkB,IAAI,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;SAC5E,GAAG,CAAC,IAAI,CAAC,EAAE;QACV,MAAM,KAAK,GAAG,uBAAuB,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,CAAA;QACjE,MAAM,YAAY,GAAG,oBAAoB,CAAC,KAAK,CAAC,CAAA;QAChD,OAAO;YACL,EAAE,EAAE,IAAI,CAAC,EAAE;YACX,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,KAAK;YACL,YAAY;YACZ,aAAa,EAAE,oBAA6B;YAC5C,aAAa,EAAE,SAAkB;YACjC,MAAM,EAAE,YAAY,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC;SAC3C,CAAA;IACH,CAAC,CAAC,CAAA;IACJ,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,MAAM,CAAA;IACzE,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,KAAK,KAAK,WAAW,CAAC,CAAC,MAAM,CAAA;IAC7E,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,KAAK,KAAK,WAAW,CAAC,CAAC,MAAM,CAAA;IAC5E,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,YAAY,KAAK,SAAS,CAAC,CAAC,MAAM,CAAA;IAChF,MAAM,cAAc,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,YAAY,KAAK,YAAY,CAAC,CAAC,MAAM,CAAA;IAC1F,OAAO;QACL,OAAO,EAAE,CAAC;QACV,MAAM,EAAE,YAAY;QACpB,OAAO,EAAE;YACP,KAAK,EAAE,OAAO,CAAC,MAAM;YACrB,OAAO;YACP,SAAS;YACT,QAAQ;YACR,cAAc;YACd,OAAO;SACR;QACD,cAAc;QACd,OAAO;KACR,CAAA;AACH,CAAC;AAED,SAAS,kBAAkB,CACzB,UAAkB,EAClB,IAAuB,EACvB,EAAW,EACX,OAAgB,EAChB,MAAc,EACd,YAAsB;IAEtB,OAAO;QACL,OAAO,EAAE,CAAC;QACV,UAAU;QACV,EAAE;QACF,OAAO;QACP,MAAM;QACN,YAAY;QACZ,IAAI;KACL,CAAA;AACH,CAAC;AAED,SAAS,mBAAmB,CAAC,UAAkB,EAAE,aAAuB;IACtE,MAAM,EAAE,GAAG,WAAW,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAA;IACtE,MAAM,GAAG,GAAG,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,CAAC,CAAA;IACrD,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,CAAA;IACnC,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;IACxC,MAAM,QAAQ,GAA0B;QACtC,OAAO,EAAE,CAAC;QACV,EAAE;QACF,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,UAAU;QACV,KAAK,EAAE,aAAa,CAAC,aAAa,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE;YAC7C,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,CAAA;YACrC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC;gBAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAA;YACxD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAA;YACjF,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,UAAU,CAAC,CAAA;YAC1C,SAAS,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;YACrD,YAAY,CAAC,MAAM,EAAE,YAAY,CAAC,CAAA;YAClC,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,CAAA;QAC5C,CAAC,CAAC;KACH,CAAA;IACD,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,eAAe,CAAC,CAAA;IAC/C,aAAa,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAA;IAC9E,OAAO,EAAE,EAAE,EAAE,GAAG,EAAE,YAAY,EAAE,CAAA;AAClC,CAAC;AAED,SAAS,2BAA2B,CAAC,YAAoB,EAAE,YAAsB;IAC/E,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,YAAY,EAAE,OAAO,CAAC,CAA0B,CAAA;IACzF,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAA;IAC/D,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;QAChC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAA;YAC7C,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;QACpB,CAAC;IACH,CAAC;IACD,aAAa,CAAC,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAA;AAChF,CAAC;AAED,SAAS,mBAAmB,CAAC,UAAkB;IAC7C,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAA;IACxD,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC;QAAE,OAAO,IAAI,CAAA;IACxC,MAAM,UAAU,GAAG,WAAW,CAAC,UAAU,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC;SAChE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,KAAK,CAAC,WAAW,EAAE,IAAI,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;SACzE,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACb,EAAE,EAAE,KAAK,CAAC,IAAI;QACd,GAAG,EAAE,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC,IAAI,CAAC;QACjC,YAAY,EAAE,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC,IAAI,EAAE,eAAe,CAAC;KAC5D,CAAC,CAAC;SACF,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;SAC/C,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;IAC3C,OAAO,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAA;AAClC,CAAC;AAED,SAAS,4BAA4B,CAAC,UAAkB,EAAE,IAAY;IACpE,MAAM,iBAAiB,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;IACjE,MAAM,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;IACxD,IAAI,CAAC,cAAc,CAAC,UAAU,CAAC,GAAG,iBAAiB,GAAG,CAAC;QAAE,OAAO,IAAI,CAAA;IACpE,OAAO,cAAc,CAAC,KAAK,CAAC,iBAAiB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;AAC3D,CAAC;AAED,SAAS,aAAa,CAAC,KAAe;IACpC,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAA;AAC5B,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,MAAyB,EAAE,UAAmB;IACjF,MAAM,MAAM,GAAG,UAAU,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,mBAAmB,CAAC,CAAA;IAC9F,SAAS,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAA;IAC/C,aAAa,CAAC,MAAM,EAAE,qBAAqB,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,CAAA;IAC7D,OAAO,MAAM,CAAA;AACf,CAAC;AAED,MAAM,UAAU,mCAAmC;IACjD,OAAO,2BAA2B,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAA;AAC5F,CAAC;AAED,SAAS,oBAAoB,CAAC,KAM7B;IACC,IAAI,CAAC,KAAK,CAAC,OAAO;QAAE,OAAO,cAAc,CAAA;IACzC,IAAI,KAAK,CAAC,eAAe;QAAE,OAAO,eAAe,CAAA;IACjD,IAAI,KAAK,CAAC,eAAe,IAAI,CAAC,KAAK,CAAC,aAAa,IAAI,CAAC,KAAK,CAAC,YAAY;QAAE,OAAO,mBAAmB,CAAA;IACpG,OAAO,OAAO,CAAA;AAChB,CAAC;AAED,SAAS,sBAAsB,CAAC,OAA2B;IACzD,IAAI,CAAC,OAAO,IAAI,OAAO,KAAK,QAAQ;QAAE,OAAO,oBAAoB,CAAA;IACjE,OAAO,OAAO,CAAA;AAChB,CAAC;AAED,SAAS,uBAAuB,CAAC,QAAgC,EAAE,MAA0B;IAC3F,IAAI,QAAQ,KAAK,SAAS;QAAE,OAAO,WAAW,CAAA;IAC9C,IAAI,CAAC,MAAM;QAAE,OAAO,WAAW,CAAA;IAC/B,IACE,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC;QAC9B,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAC;QACjC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC1B,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAC;QACjC,MAAM,CAAC,QAAQ,CAAC,cAAc,CAAC;QAC/B,OAAO,SAAS,CAAA;IAClB,OAAO,WAAW,CAAA;AACpB,CAAC;AAED,SAAS,oBAAoB,CAAC,KAAsB;IAClD,IAAI,KAAK,KAAK,WAAW;QAAE,OAAO,SAAS,CAAA;IAC3C,IAAI,KAAK,KAAK,WAAW;QAAE,OAAO,eAAe,CAAA;IACjD,OAAO,YAAY,CAAA;AACrB,CAAC;AAED,SAAS,YAAY,CAAC,QAAgC,EAAE,KAAsB;IAC5E,IAAI,KAAK,KAAK,WAAW;QAAE,OAAO,8EAA8E,CAAA;IAChH,IAAI,KAAK,KAAK,WAAW;QAAE,OAAO,gFAAgF,CAAA;IAClH,IAAI,QAAQ,KAAK,KAAK;QAAE,OAAO,uEAAuE,CAAA;IACtG,OAAO,8DAA8D,CAAA;AACvE,CAAC;AAED,SAAS,qBAAqB,CAAC,MAAyB;IACtD,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;;cAE1B,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC;cACvB,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC;cAC3B,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC;cACrB,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC;oBACjB,UAAU,CAAC,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC;YACtC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IACpB,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM;QACrC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,eAAe,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,UAAU,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC,IAAI,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;QACnK,CAAC,CAAC,gCAAgC,CAAA;IACpC,OAAO;;;;;;;;;;;;;;;;;sBAiBa,UAAU,CAAC,MAAM,CAAC,UAAU,CAAC;mCAChB,UAAU,CAAC,MAAM,CAAC,MAAM,CAAC,2CAA2C,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC;;QAE3H,QAAQ;;;;aAIH,IAAI;;;eAGF,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,MAAM,CAAC,sBAAsB,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,cAAc;;;CAGpH,CAAA;AACD,CAAC;AAED,SAAS,UAAU,CAAC,KAAa;IAC/B,OAAO,KAAK;SACT,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC;SACtB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,MAAM,CAAC;SACrB,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAA;AAC5B,CAAC"}

package/docs/README.md CHANGED Viewed

@@ -25,6 +25,7 @@
 | [CODE_INTELLIGENCE.md](CODE_INTELLIGENCE.md) | CodeGraph、Graphify 和显式 fallback 的代码智能与探索 ROI |
 | [WORKFLOW_EVAL.md](WORKFLOW_EVAL.md) | Workflow Eval、pass@k 指标、Failure Replay 和改进候选 |
 | [SKILL_RADAR.md](SKILL_RADAR.md) | Skill Radar、能力置信度、证据要求和供应链安全检查 |
+| [UPGRADE_MANAGEMENT.md](UPGRADE_MANAGEMENT.md) | SCALE CLI、governance pack、skills、MCP 和 CLI 工具的安全升级流程 |
 | [GOVERNANCE_DASHBOARD.md](GOVERNANCE_DASHBOARD.md) | Runtime、eval、memory、resource、HTML artifact 的统一治理面板 |
 | [RELEASE_READINESS.md](RELEASE_READINESS.md) | 发版前质量门槛、官方 demo 和真实项目落地验收 |
 | [SKILL-REPOSITORY.md](SKILL-REPOSITORY.md) | 受治理 skill repository 和安装安全策略 |

package/docs/RESOURCE_GOVERNANCE.md ADDED Viewed

@@ -0,0 +1,92 @@
+# Resource Governance
+SCALE now treats project outputs as governed resources instead of undifferentiated files.
+## Problem
+Engineering agents generate many useful but noisy assets:
+- maintained product and architecture docs
+- task plans and verification notes
+- E2E reports, screenshots, videos, logs, and coverage output
+- temporary scripts and scratch files
+- reusable automation scripts
+- API contracts and ADRs
+Without lifecycle rules these files drift, conflict with the real codebase, or get committed to Git when they should be local evidence only.
+## Model
+`scale assets scan` classifies resources into:
+| Type | Default Git policy | Lifecycle |
+| --- | --- | --- |
+| canonical-doc | commit | maintained |
+| decision-record | commit | immutable |
+| contract | commit | maintained |
+| reusable-script | commit | maintained |
+| task-artifact | review | task-scoped |
+| evidence-report | ignore | generated |
+| generated-media | review/external | generated or review-required |
+| temporary | ignore | temporary |
+`.scale/resource-policy.json` owns defaults such as owners, module mapping, runtime directories, and maximum Git file size.
+`.scale/assets.json` is the explicit catalog for long-lived project assets and source-of-truth declarations.
+Declared source-of-truth assets are checked by `assets doctor`; if the file disappears, the doctor fails. Maintained assets can also declare `lastReviewedAt` and `reviewIntervalDays` so product, architecture, workflow, and standards documents are rechecked against the current implementation instead of drifting silently:
+```json
+{
+  "assets": [
+    {
+      "path": "docs/modules/auth/architecture.md",
+      "type": "canonical-doc",
+      "owner": "auth-team",
+      "module": "auth",
+      "sourceOfTruth": true,
+      "lifecycle": "maintained",
+      "gitPolicy": "commit",
+      "lastReviewedAt": "2026-05-15",
+      "reviewIntervalDays": 90
+    }
+  ]
+}
+```
+## Commands
+```bash
+scale assets scan --json
+scale assets doctor --json
+scale assets settle --task-id <task-id> --artifact-dir .planning/tasks/<task>
+scale init --governance-pack resource-governance
+```
+`assets doctor` fails when runtime evidence or external media is already tracked by Git, or when a declared source-of-truth asset is missing. It warns on large tracked files, expired temporary outputs, ownerless canonical documentation, missing non-source catalog entries, and stale maintained assets.
+`assets settle` runs the same checks and appends a settlement section to `resource-impact.md` when a task artifact directory is provided.
+## Finish Rule
+Before finishing M/L/CRITICAL work:
+1. Promote final product, API, or architecture truth into maintained docs.
+2. Keep task-scoped planning, runtime contracts, reality checks, cleanup notes, raw reports, logs, screenshots, videos, and scratch scripts out of long-lived `docs/` unless deliberately promoted.
+3. Run `scale assets scan --json`.
+4. Run `scale assets doctor --json`.
+5. Run `scale assets settle --task-id <task-id> --artifact-dir <task-dir>`.
+6. Delete or archive temporary resources that are no longer needed.
+## Task Artifact Boundary
+New SCALE task artifacts default to `.planning/tasks/<task>/`, not `docs/worklog/tasks/<task>/`.
+Every M/L/CRITICAL task should keep these three evidence files alongside the normal explore/plan/verification/review/summary set:
+| File | Purpose |
+| --- | --- |
+| `runtime.md` | Records configuration source, topology, auth mode, and verification boundary. |
+| `reality-check.md` | Separates confirmed behavior from not verified, stub/partial, credential-gated, and environment-gated claims. |
+| `resource-cleanup.md` | Records which outputs stay task-scoped, which are promoted, and which should be deleted or archived. |
+`docs/worklog/tasks/` remains a legacy-recognized task-artifact location for existing projects, but generated guidance now points new work to `.planning/tasks/`.

package/docs/start/README.md CHANGED Viewed

@@ -13,7 +13,10 @@
 3. 回到根目录 [README](../../README.md)
    理解 SCALE Engine 的核心能力和 governance pack 选择。
-4. 查看 [文档地图](../README.md)
+4. [升级管理](../UPGRADE_MANAGEMENT.md)
+   理解工作流更新、第三方 skills/MCP/CLI 更新时如何先检查、生成计划、避免覆盖本地改动。
+5. 查看 [文档地图](../README.md)
    区分哪些文档是用户指南、哪些是参考资料、哪些是历史规划和过程记录。
 ## 你应该先看到什么
@@ -39,4 +42,5 @@
 | Go 多服务后端 | `scale init --governance-pack go-service-matrix` |
 | 多仓库/MOE 工作区 | `scale init --governance-pack moe-workspace` |
 | 文档、报告、截图、脚本混乱 | `scale init --governance-pack resource-governance` |
+| 工作流或第三方能力要升级 | `scale upgrade check && scale upgrade plan --html` |

package/examples/demo-projects/agent-governance-demo/CONTEXT.md ADDED Viewed

@@ -0,0 +1,14 @@
+# CONTEXT.md
+Project: Agent Governance Demo
+| Term | Definition | Examples | Aliases | Source |
+|------|------------|----------|---------|--------|
+| OAuth state | One-time callback correlation value that binds authorization return traffic to a user session | `state-123` | callback state | `src/oauth-state.ts` |
+| Consumed state | A state record that has already been used and must not be accepted again | `consumedAt: 900` | replayed state | `tests/oauth-state.test.ts` |
+| Evidence | A command result or artifact that proves what was verified | `npm test`, eval report, dashboard | verification proof | SCALE workflow |
+## Rejected Meanings
+- Do not treat an expired state as recoverable without a new authorization flow.
+- Do not treat a dashboard or eval report as a substitute for the business test.