@intentius/chant-lexicon-docker 0.7.0 → 0.8.1

package/dist/lint/post-synth/ssh-port-exposed.d.ts

@@ -0,0 +1,9 @@
+/**
+ * DKRD003: SSH Port Exposed
+ *
+ * Detects services exposing port 22 (SSH) on the host.
+ * Exposing SSH externally is a security risk.
+ */
+import type { PostSynthCheck } from "@intentius/chant/lint/post-synth";
+export declare const dkrd003: PostSynthCheck;
+//# sourceMappingURL=ssh-port-exposed.d.ts.map

package/dist/lint/post-synth/ssh-port-exposed.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ssh-port-exposed.d.ts","sourceRoot":"","sources":["../../../src/lint/post-synth/ssh-port-exposed.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAyC,MAAM,kCAAkC,CAAC;AAgC9G,eAAO,MAAM,OAAO,EAAE,cA4BrB,CAAC"}

package/dist/lint/post-synth/unused-volume.d.ts

@@ -0,0 +1,8 @@
+/**
+ * DKRD002: Unused Named Volume
+ *
+ * Detects top-level named volumes that are not mounted by any service.
+ */
+import type { PostSynthCheck } from "@intentius/chant/lint/post-synth";
+export declare const dkrd002: PostSynthCheck;
+//# sourceMappingURL=unused-volume.d.ts.map

package/dist/lint/post-synth/unused-volume.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"unused-volume.d.ts","sourceRoot":"","sources":["../../../src/lint/post-synth/unused-volume.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAyC,MAAM,kCAAkC,CAAC;AAG9G,eAAO,MAAM,OAAO,EAAE,cAuCrB,CAAC"}

package/dist/lint/rules/data/deprecated-images.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Known deprecated or EOL Docker base images.
+ */
+export declare const DEPRECATED_IMAGES: Array<{
+    image: string;
+    reason: string;
+    replacement?: string;
+}>;
+/**
+ * Check if an image reference matches a deprecated entry.
+ */
+export declare function findDeprecatedImage(imageRef: string): (typeof DEPRECATED_IMAGES)[number] | undefined;
+//# sourceMappingURL=deprecated-images.d.ts.map

package/dist/lint/rules/data/deprecated-images.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"deprecated-images.d.ts","sourceRoot":"","sources":["../../../../src/lint/rules/data/deprecated-images.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,eAAO,MAAM,iBAAiB,EAAE,KAAK,CAAC;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC;IAAC,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,CAgB5F,CAAC;AAEF;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,CAAC,OAAO,iBAAiB,CAAC,CAAC,MAAM,CAAC,GAAG,SAAS,CAEpG"}

package/dist/lint/rules/data/known-base-images.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Well-known Docker base images for rule validation.
+ */
+export declare const KNOWN_BASE_IMAGES: Set<string>;
+/**
+ * Images that are safe to use without a tag (they have meaningful `latest`).
+ */
+export declare const IMAGES_SAFE_LATEST: Set<string>;
+//# sourceMappingURL=known-base-images.d.ts.map

package/dist/lint/rules/data/known-base-images.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"known-base-images.d.ts","sourceRoot":"","sources":["../../../../src/lint/rules/data/known-base-images.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,eAAO,MAAM,iBAAiB,aAQ5B,CAAC;AAEH;;GAEG;AACH,eAAO,MAAM,kBAAkB,aAE7B,CAAC"}

package/dist/lint/rules/index.d.ts

@@ -0,0 +1,5 @@
+/**
+ * All imperative lint rules for the Docker lexicon.
+ */
+export { noLatestTagRule } from "./no-latest-tag.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/lint/rules/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/lint/rules/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC"}

package/dist/lint/rules/no-latest-tag.d.ts

@@ -0,0 +1,10 @@
+/**
+ * DKRS001: No Latest Tag
+ *
+ * Warns when a Service's image prop is set to a literal string
+ * ending with `:latest` or has no tag (implies latest).
+ * Using `:latest` prevents reproducible builds.
+ */
+import type { LintRule } from "@intentius/chant/lint/rule";
+export declare const noLatestTagRule: LintRule;
+//# sourceMappingURL=no-latest-tag.d.ts.map

package/dist/lint/rules/no-latest-tag.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"no-latest-tag.d.ts","sourceRoot":"","sources":["../../../src/lint/rules/no-latest-tag.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAE,QAAQ,EAA+B,MAAM,4BAA4B,CAAC;AAexF,eAAO,MAAM,eAAe,EAAE,QAuC7B,CAAC"}

package/dist/list-artifacts.d.ts

@@ -0,0 +1,25 @@
+/**
+ * Live introspection of a Docker host via three independent CLI queries.
+ *
+ * The Docker lexicon's chant entities describe Compose / Dockerfile
+ * authoring primitives. The runtime concept (running containers, local
+ * images, networks) is created by `docker compose up` / `docker run` /
+ * `docker network create` outside chant's entity model.
+ *
+ *   docker ps         --format '{{json .}}'  → running containers
+ *   docker image ls   --format '{{json .}}'  → local images
+ *   docker network ls --format '{{json .}}'  → networks
+ *
+ * Output is one JSON object per line (NDJSON), not a JSON array. Daemon
+ * unreachable on any query → that query returns nothing; other queries
+ * still proceed.
+ */
+import type { ArtifactMetadata } from "@intentius/chant/lexicon";
+export declare function listArtifacts(_options: {
+    environment: string;
+    entities: Map<string, {
+        entityType: string;
+        props: Record<string, unknown>;
+    }>;
+}): Promise<Record<string, ArtifactMetadata>>;
+//# sourceMappingURL=list-artifacts.d.ts.map

package/dist/list-artifacts.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"list-artifacts.d.ts","sourceRoot":"","sources":["../src/list-artifacts.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAIH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAoIjE,wBAAsB,aAAa,CAAC,QAAQ,EAAE;IAC5C,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE;QAAE,UAAU,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;KAAE,CAAC,CAAC;CAC/E,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,gBAAgB,CAAC,CAAC,CAS5C"}

package/dist/lsp/completions.d.ts

@@ -0,0 +1,6 @@
+import type { CompletionContext, CompletionItem } from "@intentius/chant/lsp/types";
+/**
+ * Provide Docker entity completions based on context.
+ */
+export declare function dockerCompletions(ctx: CompletionContext): CompletionItem[];
+//# sourceMappingURL=completions.d.ts.map

package/dist/lsp/completions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"completions.d.ts","sourceRoot":"","sources":["../../src/lsp/completions.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,iBAAiB,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAapF;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,iBAAiB,GAAG,cAAc,EAAE,CAE1E"}

package/dist/lsp/hover.d.ts

@@ -0,0 +1,6 @@
+import type { HoverContext, HoverInfo } from "@intentius/chant/lsp/types";
+/**
+ * Provide hover information for Docker entity types.
+ */
+export declare function dockerHover(ctx: HoverContext): HoverInfo | undefined;
+//# sourceMappingURL=hover.d.ts.map

package/dist/lsp/hover.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"hover.d.ts","sourceRoot":"","sources":["../../src/lsp/hover.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AAa1E;;GAEG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,YAAY,GAAG,SAAS,GAAG,SAAS,CAEpE"}

package/dist/manifest.json

@@ -1,6 +1,6 @@
 {
   "name": "docker",
-  "version": "0.7.0",
+  "version": "0.8.1",
   "chantVersion": ">=0.1.0",
   "namespace": "Docker",
   "intrinsics": [

package/dist/package-cli.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env tsx
+export {};
+//# sourceMappingURL=package-cli.d.ts.map

package/dist/package-cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"package-cli.d.ts","sourceRoot":"","sources":["../src/package-cli.ts"],"names":[],"mappings":""}

package/dist/plugin.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Docker lexicon plugin.
+ *
+ * Provides serializer, lint rules, post-synth checks, intrinsics, LSP support,
+ * and code generation for Docker Compose and Dockerfile resources.
+ */
+import type { LexiconPlugin } from "@intentius/chant/lexicon";
+export declare const dockerPlugin: LexiconPlugin;
+//# sourceMappingURL=plugin.d.ts.map

package/dist/plugin.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"plugin.d.ts","sourceRoot":"","sources":["../src/plugin.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAiC,MAAM,0BAA0B,CAAC;AAa7F,eAAO,MAAM,YAAY,EAAE,aAkO1B,CAAC"}

package/dist/serializer.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Docker lexicon serializer.
+ *
+ * Splits entities into two output domains:
+ * - Docker::Compose::* → docker-compose.yml (primary output)
+ * - Docker::Dockerfile → Dockerfile.{name} (per-file entries in SerializerResult)
+ *
+ * Default labels (DEFAULT_LABELS_MARKER) are merged into every service's
+ * labels map but are not emitted as standalone documents.
+ */
+import type { Serializer } from "@intentius/chant/serializer";
+export declare const dockerSerializer: Serializer;
+//# sourceMappingURL=serializer.d.ts.map

package/dist/serializer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"serializer.d.ts","sourceRoot":"","sources":["../src/serializer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAIH,OAAO,KAAK,EAAE,UAAU,EAAoB,MAAM,6BAA6B,CAAC;AAgPhF,eAAO,MAAM,gBAAgB,EAAE,UAoE9B,CAAC"}

package/dist/spec/fetch-compose.d.ts

@@ -0,0 +1,13 @@
+/**
+ * Fetch and cache the Compose Spec JSON Schema.
+ */
+export declare function getCachePath(): string;
+/**
+ * Fetch the Compose Spec JSON Schema, with local caching.
+ */
+export declare function fetchComposeSpec(force?: boolean): Promise<Buffer>;
+/**
+ * Fetch compose spec as a Map keyed by entity type — for generatePipeline.
+ */
+export declare function fetchComposeSchemas(force?: boolean): Promise<Map<string, Buffer>>;
+//# sourceMappingURL=fetch-compose.d.ts.map

package/dist/spec/fetch-compose.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fetch-compose.d.ts","sourceRoot":"","sources":["../../src/spec/fetch-compose.ts"],"names":[],"mappings":"AAAA;;GAEG;AAOH,wBAAgB,YAAY,IAAI,MAAM,CAErC;AAED;;GAEG;AACH,wBAAsB,gBAAgB,CAAC,KAAK,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAQvE;AAED;;GAEG;AACH,wBAAsB,mBAAmB,CAAC,KAAK,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAKvF"}

package/dist/spec/fetch-engine.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Fetch and cache the Docker Engine API OpenAPI spec.
+ */
+export declare function getCachePath(): string;
+/**
+ * Fetch the Docker Engine API swagger YAML, with local caching.
+ */
+export declare function fetchEngineApi(force?: boolean): Promise<Buffer>;
+//# sourceMappingURL=fetch-engine.d.ts.map

package/dist/spec/fetch-engine.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fetch-engine.d.ts","sourceRoot":"","sources":["../../src/spec/fetch-engine.ts"],"names":[],"mappings":"AAAA;;GAEG;AAOH,wBAAgB,YAAY,IAAI,MAAM,CAErC;AAED;;GAEG;AACH,wBAAsB,cAAc,CAAC,KAAK,CAAC,EAAE,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAQrE"}

package/dist/spec/parse-compose.d.ts

@@ -0,0 +1,27 @@
+/**
+ * Parse the Compose Spec JSON Schema into ParsedResult entries.
+ *
+ * The Compose spec defines a top-level "services", "volumes", "networks",
+ * "configs", and "secrets" map — each value is a typed resource.
+ * We model those as the five Compose entity types.
+ */
+export interface ComposeParseResult {
+    typeName: string;
+    shortName: string;
+    description?: string;
+    properties: ComposeProperty[];
+    isResource: boolean;
+}
+export interface ComposeProperty {
+    name: string;
+    type: string;
+    description?: string;
+    required?: boolean;
+    enum?: string[];
+}
+/**
+ * Parse the Compose Spec JSON Schema buffer into ParsedResult entries.
+ * Returns one entry per top-level Compose resource type.
+ */
+export declare function parseComposeSpec(_data: Buffer): ComposeParseResult[];
+//# sourceMappingURL=parse-compose.d.ts.map

package/dist/spec/parse-compose.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"parse-compose.d.ts","sourceRoot":"","sources":["../../src/spec/parse-compose.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,eAAe,EAAE,CAAC;IAC9B,UAAU,EAAE,OAAO,CAAC;CACrB;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;CACjB;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,kBAAkB,EAAE,CAuFpE"}

package/dist/spec/parse-engine.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Parse the Docker Engine API OpenAPI spec for Dockerfile-related types.
+ *
+ * We extract only the image-builder relevant definitions:
+ * ContainerConfig, BuildInfo, and related types.
+ */
+export interface DockerfileParseResult {
+    typeName: string;
+    shortName: string;
+    description?: string;
+    instructions: DockerfileInstruction[];
+}
+export interface DockerfileInstruction {
+    name: string;
+    description?: string;
+    multi?: boolean;
+}
+/**
+ * Parse the Docker Engine API YAML buffer for Dockerfile instruction types.
+ * Returns a single DockerfileParseResult describing the Dockerfile entity.
+ */
+export declare function parseEngineApi(_data: Buffer): DockerfileParseResult;
+//# sourceMappingURL=parse-engine.d.ts.map

package/dist/spec/parse-engine.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"parse-engine.d.ts","sourceRoot":"","sources":["../../src/spec/parse-engine.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,WAAW,qBAAqB;IACpC,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,qBAAqB,EAAE,CAAC;CACvC;AAED,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,OAAO,CAAC;CACjB;AAED;;;GAGG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,MAAM,GAAG,qBAAqB,CAsBnE"}

package/dist/validate-cli.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env tsx
+export {};
+//# sourceMappingURL=validate-cli.d.ts.map

package/dist/validate-cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validate-cli.d.ts","sourceRoot":"","sources":["../src/validate-cli.ts"],"names":[],"mappings":""}

package/dist/validate.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Validate generated lexicon-docker artifacts.
+ */
+import { type ValidateResult } from "@intentius/chant/codegen/validate";
+export type { ValidateCheck, ValidateResult } from "@intentius/chant/codegen/validate";
+/**
+ * Validate the generated lexicon-docker artifacts.
+ */
+export declare function validate(opts?: {
+    basePath?: string;
+}): Promise<ValidateResult>;
+//# sourceMappingURL=validate.d.ts.map

package/dist/validate.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"validate.d.ts","sourceRoot":"","sources":["../src/validate.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,OAAO,EAA4B,KAAK,cAAc,EAAE,MAAM,mCAAmC,CAAC;AAElG,YAAY,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,mCAAmC,CAAC;AAWvF;;GAEG;AACH,wBAAsB,QAAQ,CAAC,IAAI,CAAC,EAAE;IAAE,QAAQ,CAAC,EAAE,MAAM,CAAA;CAAE,GAAG,OAAO,CAAC,cAAc,CAAC,CAoBpF"}

package/dist/variables.d.ts

@@ -0,0 +1,45 @@
+/**
+ * Well-known Docker and Docker Compose environment variable names.
+ *
+ * Use with the env() intrinsic for type-safe interpolation.
+ *
+ * @example
+ * import { env, DOCKER_VARS } from "@intentius/chant-lexicon-docker";
+ *
+ * export const api = new Service({
+ *   environment: {
+ *     BUILDKIT_ENABLED: env(DOCKER_VARS.DOCKER_BUILDKIT),
+ *   },
+ * });
+ */
+/** Docker daemon and client environment variables */
+export declare const DOCKER_VARS: {
+    /** Enable Docker BuildKit: DOCKER_BUILDKIT=1 */
+    readonly DOCKER_BUILDKIT: "DOCKER_BUILDKIT";
+    /** Docker host socket/address */
+    readonly DOCKER_HOST: "DOCKER_HOST";
+    /** Docker TLS verify */
+    readonly DOCKER_TLS_VERIFY: "DOCKER_TLS_VERIFY";
+    /** Docker config directory */
+    readonly DOCKER_CONFIG: "DOCKER_CONFIG";
+    /** Docker content trust */
+    readonly DOCKER_CONTENT_TRUST: "DOCKER_CONTENT_TRUST";
+};
+/** Docker Compose specific environment variables */
+export declare const COMPOSE_VARS: {
+    /** Override project name: COMPOSE_PROJECT_NAME */
+    readonly COMPOSE_PROJECT_NAME: "COMPOSE_PROJECT_NAME";
+    /** Override compose file: COMPOSE_FILE */
+    readonly COMPOSE_FILE: "COMPOSE_FILE";
+    /** Path separator for COMPOSE_FILE */
+    readonly COMPOSE_PATH_SEPARATOR: "COMPOSE_PATH_SEPARATOR";
+    /** Docker compose profiles to enable */
+    readonly COMPOSE_PROFILES: "COMPOSE_PROFILES";
+    /** Compose conversion flag */
+    readonly COMPOSE_CONVERT_WINDOWS_PATHS: "COMPOSE_CONVERT_WINDOWS_PATHS";
+    /** Docker host for compose */
+    readonly DOCKER_DEFAULT_PLATFORM: "DOCKER_DEFAULT_PLATFORM";
+};
+export type DockerVar = (typeof DOCKER_VARS)[keyof typeof DOCKER_VARS];
+export type ComposeVar = (typeof COMPOSE_VARS)[keyof typeof COMPOSE_VARS];
+//# sourceMappingURL=variables.d.ts.map

package/dist/variables.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"variables.d.ts","sourceRoot":"","sources":["../src/variables.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,qDAAqD;AACrD,eAAO,MAAM,WAAW;IACtB,gDAAgD;;IAEhD,iCAAiC;;IAEjC,wBAAwB;;IAExB,8BAA8B;;IAE9B,2BAA2B;;CAEnB,CAAC;AAEX,oDAAoD;AACpD,eAAO,MAAM,YAAY;IACvB,kDAAkD;;IAElD,0CAA0C;;IAE1C,sCAAsC;;IAEtC,wCAAwC;;IAExC,8BAA8B;;IAE9B,8BAA8B;;CAEtB,CAAC;AAEX,MAAM,MAAM,SAAS,GAAG,CAAC,OAAO,WAAW,CAAC,CAAC,MAAM,OAAO,WAAW,CAAC,CAAC;AACvE,MAAM,MAAM,UAAU,GAAG,CAAC,OAAO,YAAY,CAAC,CAAC,MAAM,OAAO,YAAY,CAAC,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@intentius/chant-lexicon-docker",
-  "version": "0.7.0",
+  "version": "0.8.1",
   "description": "Docker lexicon for chant — declarative IaC in TypeScript",
   "license": "Apache-2.0",
   "homepage": "https://intentius.io/chant",
@@ -30,8 +30,26 @@
     "access": "public"
   },
   "exports": {
-    ".": "./src/index.ts",
-    "./*": "./src/*.ts",
+    ".": {
+      "development": "./src/index.ts",
+      "types": "./dist/index.d.ts",
+      "default": "./src/index.ts"
+    },
+    "./*": {
+      "development": "./src/*.ts",
+      "types": "./dist/*.d.ts",
+      "default": "./src/*.ts"
+    },
+    "./detect": {
+      "development": "./src/detect.ts",
+      "types": "./dist/detect.d.ts",
+      "default": "./src/detect.ts"
+    },
+    "./lint/post-synth": {
+      "development": "./src/lint/post-synth/index.ts",
+      "types": "./dist/lint/post-synth/index.d.ts",
+      "default": "./src/lint/post-synth/index.ts"
+    },
     "./manifest": "./dist/manifest.json",
     "./meta": "./dist/meta.json",
     "./types": "./dist/types/index.d.ts"
@@ -41,13 +59,14 @@
     "bundle": "tsx src/package-cli.ts",
     "validate": "tsx src/validate-cli.ts",
     "docs": "tsx src/codegen/docs-cli.ts",
-    "prepack": "npm run generate && npm run bundle && npm run validate"
+    "prepack": "npm run generate && npm run bundle && npm run validate && npm run build",
+    "build": "tsc -p tsconfig.build.json && tsc-alias -p tsconfig.build.json && find dist -type f \\( -name \"*.js\" -o -name \"*.js.map\" \\) -delete"
   },
   "devDependencies": {
     "@intentius/chant": "*",
     "typescript": "^5.9.3"
   },
   "peerDependencies": {
-    "@intentius/chant": "^0.1.0"
+    "@intentius/chant": "^0.8.1"
   }
 }

package/src/detect.ts

@@ -0,0 +1,7 @@
+/** Edge-safe template detection for docker (Compose) — see #426. */
+export function detectTemplate(data: unknown): boolean {
+  if (typeof data !== "object" || data === null) return false;
+  const obj = data as Record<string, unknown>;
+  // Docker Compose files have a services: key
+  return "services" in obj;
+}

package/src/import/adapter.ts

@@ -0,0 +1,87 @@
+/**
+ * Adapters bridging the docker-specific DockerParser/DockerGenerator
+ * (which speak DockerIR / ParseResult / GenerateResult) to the core
+ * TemplateParser / TypeScriptGenerator interfaces consumed by
+ * `chant import` (packages/core/src/cli/commands/import.ts).
+ *
+ * The core import pipeline parses content into a TemplateIR (a flat list of
+ * ResourceIR), optionally organizes resources into category files, then asks
+ * the generator to emit GeneratedFile[]. We map each DockerIR to a ResourceIR
+ * keyed by its `kind` (service/volume/network/config/secret/dockerfile) and
+ * reverse the mapping in the generator so DockerGenerator can do the real work.
+ */
+
+import type { TemplateIR, TemplateParser, ResourceIR } from "@intentius/chant/import/parser";
+import type { GeneratedFile, TypeScriptGenerator } from "@intentius/chant/import/generator";
+import { DockerParser } from "./parser";
+import type { DockerIR, DockerfileStage } from "./parser";
+import { DockerGenerator } from "./generator";
+
+/** Convert a DockerIR into the core ResourceIR shape. */
+function dockerIrToResource(entity: DockerIR): ResourceIR {
+  if (entity.kind === "dockerfile") {
+    return {
+      logicalId: entity.name,
+      type: entity.kind,
+      properties: { stages: entity.stages },
+    };
+  }
+  return {
+    logicalId: entity.name,
+    type: entity.kind,
+    properties: entity.props,
+  };
+}
+
+/** Convert a core ResourceIR back into a DockerIR for DockerGenerator. */
+function resourceToDockerIr(resource: ResourceIR): DockerIR {
+  const name = resource.logicalId;
+  switch (resource.type) {
+    case "dockerfile":
+      return {
+        kind: "dockerfile",
+        name,
+        stages: (resource.properties.stages as DockerfileStage[] | undefined) ?? [],
+      };
+    case "service":
+    case "volume":
+    case "network":
+    case "config":
+    case "secret":
+      return {
+        kind: resource.type,
+        name,
+        props: resource.properties,
+      };
+    default:
+      // Unknown types from upstream organization are treated as services so
+      // they still round-trip rather than being silently dropped.
+      return { kind: "service", name, props: resource.properties };
+  }
+}
+
+/**
+ * TemplateParser adapter — wraps DockerParser.parse and maps its DockerIR
+ * entities to a TemplateIR.
+ */
+export class DockerTemplateParser implements TemplateParser {
+  parse(content: string): TemplateIR {
+    const { entities } = new DockerParser().parse(content);
+    return {
+      resources: entities.map(dockerIrToResource),
+      parameters: [],
+    };
+  }
+}
+
+/**
+ * TypeScriptGenerator adapter — converts a TemplateIR back into DockerIR[]
+ * and delegates to DockerGenerator, returning a single generated file.
+ */
+export class DockerTemplateGenerator implements TypeScriptGenerator {
+  generate(ir: TemplateIR): GeneratedFile[] {
+    const entities = ir.resources.map(resourceToDockerIr);
+    const { source } = new DockerGenerator().generate(entities);
+    return [{ path: "main.ts", content: source }];
+  }
+}

package/src/lint/post-synth/index.ts

@@ -0,0 +1,17 @@
+// Code generated by chant generate. DO NOT EDIT.
+import type { PostSynthCheck } from "@intentius/chant/lint/post-synth";
+import { dkrd001 } from "./no-latest-image";
+import { dkrd002 } from "./unused-volume";
+import { dkrd003 } from "./ssh-port-exposed";
+import { dkrd010 } from "./apt-no-recommends";
+import { dkrd011 } from "./prefer-copy";
+import { dkrd012 } from "./no-root-user";
+
+export const postSynthChecks: PostSynthCheck[] = [
+  dkrd001,
+  dkrd002,
+  dkrd003,
+  dkrd010,
+  dkrd011,
+  dkrd012,
+];

package/src/plugin.ts

@@ -6,8 +6,9 @@
  */
 
 import type { LexiconPlugin, IntrinsicDef, InitTemplateSet } from "@intentius/chant/lexicon";
+import { detectTemplate } from "./detect";
 import type { LintRule } from "@intentius/chant/lint/rule";
-import { discoverPostSynthChecks } from "@intentius/chant/lint/discover";
+import { postSynthChecks as postSynthCheckList } from "./lint/post-synth";
 import { createSkillsLoader, createDiffTool, createCatalogResource } from "@intentius/chant/lexicon-plugin-helpers";
 import { join, dirname } from "path";
 import { fileURLToPath } from "url";
@@ -15,8 +16,7 @@ import { dockerSerializer } from "./serializer";
 import { noLatestTagRule } from "./lint/rules/no-latest-tag";
 import { dockerCompletions } from "./lsp/completions";
 import { dockerHover } from "./lsp/hover";
-import { DockerParser } from "./import/parser";
-import { DockerGenerator } from "./import/generator";
+import { DockerTemplateParser, DockerTemplateGenerator } from "./import/adapter";
 
 export const dockerPlugin: LexiconPlugin = {
   name: "docker",
@@ -27,8 +27,7 @@ export const dockerPlugin: LexiconPlugin = {
   },
 
   postSynthChecks() {
-    const postSynthDir = join(dirname(fileURLToPath(import.meta.url)), "lint", "post-synth");
-    return discoverPostSynthChecks(postSynthDir, import.meta.url);
+    return postSynthCheckList;
   },
 
   intrinsics(): IntrinsicDef[] {
@@ -88,12 +87,7 @@ export const api = new Service({
     };
   },
 
-  detectTemplate(data: unknown): boolean {
-    if (typeof data !== "object" || data === null) return false;
-    const obj = data as Record<string, unknown>;
-    // Docker Compose files have a services: key
-    return "services" in obj;
-  },
+  detectTemplate,
 
   completionProvider(ctx: import("@intentius/chant/lsp/types").CompletionContext) {
     return dockerCompletions(ctx);
@@ -104,11 +98,11 @@ export const api = new Service({
   },
 
   templateParser() {
-    return new DockerParser();
+    return new DockerTemplateParser();
   },
 
   templateGenerator() {
-    return new DockerGenerator();
+    return new DockerTemplateGenerator();
   },
 
   async generate(options?: { verbose?: boolean }): Promise<void> {

package/src/serializer.ts

@@ -286,7 +286,7 @@ export const dockerSerializer: Serializer = {
         continue;
       }
 
-      const et = (entity as Record<string, unknown>).entityType as string;
+      const et = (entity as unknown as Record<string, unknown>).entityType as string;
 
       if (et === "Docker::Compose::Service") {
         services.set(name, entity);