@mainahq/core 0.5.0 → 0.7.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mainahq/core",
-  "version": "0.5.0",
+  "version": "0.7.0",
   "type": "module",
   "license": "Apache-2.0",
   "description": "Maina core engines — Context, Prompt, and Verify for verification-first development",

package/src/cloud/__tests__/client.test.ts

@@ -250,4 +250,415 @@ describe("createCloudClient", () => {
 			expect(result.error).toContain("Network unreachable");
 		}
 	});
+
+	// ── submitVerify ─────────────────────────────────────────────────────────
+
+	test("submitVerify sends diff, repo, and base_branch", async () => {
+		mockFetch.mockImplementation(() =>
+			Promise.resolve(jsonResponse({ data: { jobId: "job-abc-123" } })),
+		);
+
+		const client = setupClient();
+		const result = await client.submitVerify({
+			diff: "--- a/file.ts\n+++ b/file.ts\n@@ -1 +1 @@\n-old\n+new",
+			repo: "acme/app",
+			baseBranch: "main",
+		});
+
+		expect(result.ok).toBe(true);
+		if (result.ok) {
+			expect(result.value.jobId).toBe("job-abc-123");
+		}
+
+		const call = mockFetch.mock.calls[0] as unknown[];
+		const url = call[0] as string;
+		const requestInit = call[1] as RequestInit;
+		expect(url).toBe("https://api.test.maina.dev/verify");
+		expect(requestInit.method).toBe("POST");
+		const body = JSON.parse(requestInit.body as string);
+		expect(body.diff).toContain("+new");
+		expect(body.repo).toBe("acme/app");
+		expect(body.base_branch).toBe("main");
+	});
+
+	test("submitVerify omits base_branch when not provided", async () => {
+		mockFetch.mockImplementation(() =>
+			Promise.resolve(jsonResponse({ data: { jobId: "job-def-456" } })),
+		);
+
+		const client = setupClient();
+		await client.submitVerify({
+			diff: "some diff",
+			repo: "acme/app",
+		});
+
+		const call = mockFetch.mock.calls[0] as unknown[];
+		const requestInit = call[1] as RequestInit;
+		const body = JSON.parse(requestInit.body as string);
+		expect(body.base_branch).toBeUndefined();
+	});
+
+	test("submitVerify returns error on 401", async () => {
+		mockFetch.mockImplementation(() =>
+			Promise.resolve(jsonResponse({ error: "Unauthorized" }, 401)),
+		);
+
+		const client = setupClient();
+		const result = await client.submitVerify({
+			diff: "diff",
+			repo: "acme/app",
+		});
+
+		expect(result.ok).toBe(false);
+		if (!result.ok) {
+			expect(result.error).toBe("Unauthorized");
+		}
+	});
+
+	// ── getVerifyStatus ──────────────────────────────────────────────────────
+
+	test("getVerifyStatus returns queued status", async () => {
+		mockFetch.mockImplementation(() =>
+			Promise.resolve(
+				jsonResponse({
+					data: { status: "queued", currentStep: "Waiting in queue" },
+				}),
+			),
+		);
+
+		const client = setupClient();
+		const result = await client.getVerifyStatus("job-abc-123");
+
+		expect(result.ok).toBe(true);
+		if (result.ok) {
+			expect(result.value.status).toBe("queued");
+			expect(result.value.currentStep).toBe("Waiting in queue");
+		}
+
+		const call = mockFetch.mock.calls[0] as unknown[];
+		const url = call[0] as string;
+		expect(url).toBe("https://api.test.maina.dev/verify/job-abc-123/status");
+	});
+
+	test("getVerifyStatus returns running status", async () => {
+		mockFetch.mockImplementation(() =>
+			Promise.resolve(
+				jsonResponse({
+					data: {
+						status: "running",
+						currentStep: "Running Biome lint",
+					},
+				}),
+			),
+		);
+
+		const client = setupClient();
+		const result = await client.getVerifyStatus("job-abc-123");
+
+		expect(result.ok).toBe(true);
+		if (result.ok) {
+			expect(result.value.status).toBe("running");
+			expect(result.value.currentStep).toBe("Running Biome lint");
+		}
+	});
+
+	test("getVerifyStatus returns error on 404", async () => {
+		mockFetch.mockImplementation(() =>
+			Promise.resolve(jsonResponse({ error: "Job not found" }, 404)),
+		);
+
+		const client = setupClient();
+		const result = await client.getVerifyStatus("nonexistent");
+
+		expect(result.ok).toBe(false);
+		if (!result.ok) {
+			expect(result.error).toBe("Job not found");
+		}
+	});
+
+	test("getVerifyStatus retries on 500", async () => {
+		let attempts = 0;
+		mockFetch.mockImplementation(() => {
+			attempts++;
+			if (attempts === 1) {
+				return Promise.resolve(jsonResponse({ error: "Internal error" }, 500));
+			}
+			return Promise.resolve(
+				jsonResponse({
+					data: { status: "done", currentStep: "Complete" },
+				}),
+			);
+		});
+
+		const client = setupClient({ maxRetries: 2 });
+		const result = await client.getVerifyStatus("job-abc-123");
+
+		expect(result.ok).toBe(true);
+		expect(attempts).toBe(2);
+	});
+
+	// ── getVerifyResult ──────────────────────────────────────────────────────
+
+	test("getVerifyResult returns passing result", async () => {
+		const verifyResult = {
+			id: "job-abc-123",
+			status: "done",
+			passed: true,
+			findings: [],
+			findingsErrors: 0,
+			findingsWarnings: 0,
+			proofKey: "proof-xyz-789",
+			durationMs: 4523,
+		};
+		mockFetch.mockImplementation(() =>
+			Promise.resolve(jsonResponse({ data: verifyResult })),
+		);
+
+		const client = setupClient();
+		const result = await client.getVerifyResult("job-abc-123");
+
+		expect(result.ok).toBe(true);
+		if (result.ok) {
+			expect(result.value.id).toBe("job-abc-123");
+			expect(result.value.passed).toBe(true);
+			expect(result.value.findings).toHaveLength(0);
+			expect(result.value.proofKey).toBe("proof-xyz-789");
+			expect(result.value.durationMs).toBe(4523);
+		}
+
+		const call = mockFetch.mock.calls[0] as unknown[];
+		const url = call[0] as string;
+		expect(url).toBe("https://api.test.maina.dev/verify/job-abc-123");
+	});
+
+	test("getVerifyResult returns failing result with findings", async () => {
+		const verifyResult = {
+			id: "job-fail-456",
+			status: "failed",
+			passed: false,
+			findings: [
+				{
+					tool: "biome",
+					file: "src/index.ts",
+					line: 42,
+					message: "Unexpected console.log",
+					severity: "error",
+					ruleId: "no-console",
+				},
+				{
+					tool: "semgrep",
+					file: "src/utils.ts",
+					line: 10,
+					message: "Potential SQL injection",
+					severity: "warning",
+				},
+			],
+			findingsErrors: 1,
+			findingsWarnings: 1,
+			proofKey: null,
+			durationMs: 3200,
+		};
+		mockFetch.mockImplementation(() =>
+			Promise.resolve(jsonResponse({ data: verifyResult })),
+		);
+
+		const client = setupClient();
+		const result = await client.getVerifyResult("job-fail-456");
+
+		expect(result.ok).toBe(true);
+		if (result.ok) {
+			expect(result.value.passed).toBe(false);
+			expect(result.value.findings).toHaveLength(2);
+			expect(result.value.findings[0]?.tool).toBe("biome");
+			expect(result.value.findings[0]?.severity).toBe("error");
+			expect(result.value.findings[0]?.ruleId).toBe("no-console");
+			expect(result.value.findings[1]?.tool).toBe("semgrep");
+			expect(result.value.findings[1]?.ruleId).toBeUndefined();
+			expect(result.value.findingsErrors).toBe(1);
+			expect(result.value.findingsWarnings).toBe(1);
+			expect(result.value.proofKey).toBeNull();
+		}
+	});
+
+	test("getVerifyResult returns error on 404", async () => {
+		mockFetch.mockImplementation(() =>
+			Promise.resolve(jsonResponse({ error: "Job not found" }, 404)),
+		);
+
+		const client = setupClient();
+		const result = await client.getVerifyResult("nonexistent");
+
+		expect(result.ok).toBe(false);
+		if (!result.ok) {
+			expect(result.error).toBe("Job not found");
+		}
+	});
+
+	// ── postFeedbackBatch ─────────────────────────────────────────────────
+
+	test("postFeedbackBatch sends events in snake_case", async () => {
+		mockFetch.mockImplementation(() =>
+			Promise.resolve(jsonResponse({ data: { received: 3 } })),
+		);
+
+		const client = setupClient();
+		const result = await client.postFeedbackBatch([
+			{
+				promptHash: "hash-1",
+				command: "commit",
+				accepted: true,
+				timestamp: "2026-01-01T00:00:00Z",
+			},
+			{
+				promptHash: "hash-2",
+				command: "review",
+				accepted: false,
+				context: "user edited",
+				diffHash: "diff-abc",
+			},
+			{
+				promptHash: "hash-3",
+				command: "fix",
+				accepted: true,
+			},
+		]);
+
+		expect(result.ok).toBe(true);
+		if (result.ok) {
+			expect(result.value.received).toBe(3);
+		}
+
+		const call = mockFetch.mock.calls[0] as unknown[];
+		const url = call[0] as string;
+		expect(url).toBe("https://api.test.maina.dev/feedback/batch");
+
+		const requestInit = call[1] as RequestInit;
+		expect(requestInit.method).toBe("POST");
+
+		const body = JSON.parse(requestInit.body as string);
+		expect(body.events).toHaveLength(3);
+		// Verify snake_case mapping
+		expect(body.events[0].prompt_hash).toBe("hash-1");
+		expect(body.events[0].command).toBe("commit");
+		expect(body.events[0].accepted).toBe(true);
+		expect(body.events[0].timestamp).toBe("2026-01-01T00:00:00Z");
+		expect(body.events[1].diff_hash).toBe("diff-abc");
+		expect(body.events[1].context).toBe("user edited");
+	});
+
+	test("postFeedbackBatch returns error on failure", async () => {
+		mockFetch.mockImplementation(() =>
+			Promise.resolve(jsonResponse({ error: "Unauthorized" }, 401)),
+		);
+
+		const client = setupClient();
+		const result = await client.postFeedbackBatch([]);
+
+		expect(result.ok).toBe(false);
+		if (!result.ok) {
+			expect(result.error).toBe("Unauthorized");
+		}
+	});
+
+	// ── getFeedbackImprovements ──────────────────────────────────────────
+
+	test("getFeedbackImprovements returns improvements with camelCase mapping", async () => {
+		mockFetch.mockImplementation(() =>
+			Promise.resolve(
+				jsonResponse({
+					data: {
+						improvements: [
+							{
+								command: "commit",
+								prompt_hash: "hash-abc",
+								samples: 50,
+								accept_rate: 0.85,
+								status: "healthy",
+							},
+							{
+								command: "review",
+								prompt_hash: "hash-def",
+								samples: 30,
+								accept_rate: 0.4,
+								status: "needs_improvement",
+							},
+						],
+						team_totals: {
+							total_events: 200,
+							accept_rate: 0.72,
+						},
+					},
+				}),
+			),
+		);
+
+		const client = setupClient();
+		const result = await client.getFeedbackImprovements();
+
+		expect(result.ok).toBe(true);
+		if (result.ok) {
+			expect(result.value.improvements).toHaveLength(2);
+			expect(result.value.improvements[0]?.command).toBe("commit");
+			expect(result.value.improvements[0]?.promptHash).toBe("hash-abc");
+			expect(result.value.improvements[0]?.samples).toBe(50);
+			expect(result.value.improvements[0]?.acceptRate).toBe(0.85);
+			expect(result.value.improvements[0]?.status).toBe("healthy");
+			expect(result.value.improvements[1]?.status).toBe("needs_improvement");
+			expect(result.value.teamTotals.totalEvents).toBe(200);
+			expect(result.value.teamTotals.acceptRate).toBe(0.72);
+		}
+
+		const call = mockFetch.mock.calls[0] as unknown[];
+		const url = call[0] as string;
+		expect(url).toBe("https://api.test.maina.dev/feedback/improvements");
+	});
+
+	test("getFeedbackImprovements handles camelCase response", async () => {
+		mockFetch.mockImplementation(() =>
+			Promise.resolve(
+				jsonResponse({
+					data: {
+						improvements: [
+							{
+								command: "fix",
+								promptHash: "hash-ghi",
+								samples: 10,
+								acceptRate: 0.95,
+								status: "excellent",
+							},
+						],
+						teamTotals: {
+							totalEvents: 100,
+							acceptRate: 0.9,
+						},
+					},
+				}),
+			),
+		);
+
+		const client = setupClient();
+		const result = await client.getFeedbackImprovements();
+
+		expect(result.ok).toBe(true);
+		if (result.ok) {
+			expect(result.value.improvements[0]?.promptHash).toBe("hash-ghi");
+			expect(result.value.improvements[0]?.acceptRate).toBe(0.95);
+			expect(result.value.teamTotals.totalEvents).toBe(100);
+			expect(result.value.teamTotals.acceptRate).toBe(0.9);
+		}
+	});
+
+	test("getFeedbackImprovements returns error on failure", async () => {
+		mockFetch.mockImplementation(() =>
+			Promise.resolve(jsonResponse({ error: "Forbidden" }, 403)),
+		);
+
+		const client = setupClient();
+		const result = await client.getFeedbackImprovements();
+
+		expect(result.ok).toBe(false);
+		if (!result.ok) {
+			expect(result.error).toBe("Forbidden");
+		}
+	});
 });

package/src/cloud/auth.ts

@@ -144,7 +144,7 @@ export async function startDeviceFlow(
 		}
 
 		const body = (await response.json()) as {
-			data?: DeviceCodeResponse;
+			data?: Record<string, unknown>;
 			error?: string;
 		};
 		if (body.error) {
@@ -153,7 +153,14 @@ export async function startDeviceFlow(
 		if (!body.data) {
 			return err("Invalid response: missing data");
 		}
-		return ok(body.data);
+		const d = body.data;
+		return ok({
+			userCode: (d.userCode ?? d.user_code) as string,
+			deviceCode: (d.deviceCode ?? d.device_code) as string,
+			verificationUri: (d.verificationUri ?? d.verification_uri) as string,
+			interval: (d.interval ?? 5) as number,
+			expiresIn: (d.expiresIn ?? d.expires_in ?? 900) as number,
+		});
 	} catch (e) {
 		return err(
 			`Device flow request failed: ${e instanceof Error ? e.message : String(e)}`,
@@ -188,8 +195,8 @@ export async function pollForToken(
 					Accept: "application/json",
 				},
 				body: JSON.stringify({
-					deviceCode,
-					grantType: "urn:ietf:params:oauth:grant-type:device_code",
+					device_code: deviceCode,
+					grant_type: "urn:ietf:params:oauth:grant-type:device_code",
 				}),
 			});
 
@@ -204,7 +211,7 @@ export async function pollForToken(
 			}
 
 			const body = (await response.json()) as {
-				data?: TokenResponse;
+				data?: Record<string, unknown>;
 				error?: string;
 			};
 			if (body.error) {
@@ -217,7 +224,12 @@ export async function pollForToken(
 			if (!body.data) {
 				return err("Invalid token response: missing data");
 			}
-			return ok(body.data);
+			const d = body.data;
+			return ok({
+				accessToken: (d.accessToken ?? d.access_token) as string,
+				refreshToken: (d.refreshToken ?? d.refresh_token) as string | undefined,
+				expiresIn: (d.expiresIn ?? d.expires_in ?? 0) as number,
+			});
 		} catch (e) {
 			// Network errors during polling are transient — keep trying
 			if (Date.now() >= deadline) {

package/src/cloud/client.ts

@@ -10,9 +10,15 @@ import type {
 	ApiResponse,
 	CloudConfig,
 	CloudFeedbackPayload,
+	CloudPromptImprovement,
+	FeedbackEvent,
+	FeedbackImprovementsResponse,
 	PromptRecord,
+	SubmitVerifyPayload,
 	TeamInfo,
 	TeamMember,
+	VerifyResultResponse,
+	VerifyStatusResponse,
 } from "./types";
 
 // ── Helpers ─────────────────────────────────────────────────────────────────
@@ -70,6 +76,27 @@ export interface CloudClient {
 	postFeedback(
 		payload: CloudFeedbackPayload,
 	): Promise<Result<{ recorded: boolean }, string>>;
+
+	/** Upload a batch of feedback events to the cloud. */
+	postFeedbackBatch(
+		events: FeedbackEvent[],
+	): Promise<Result<{ received: number }, string>>;
+
+	/** Fetch feedback-based improvement suggestions from the cloud. */
+	getFeedbackImprovements(): Promise<
+		Result<FeedbackImprovementsResponse, string>
+	>;
+
+	/** Submit a diff for cloud verification. */
+	submitVerify(
+		payload: SubmitVerifyPayload,
+	): Promise<Result<{ jobId: string }, string>>;
+
+	/** Poll the status of a verification job. */
+	getVerifyStatus(jobId: string): Promise<Result<VerifyStatusResponse, string>>;
+
+	/** Retrieve the full result of a completed verification job. */
+	getVerifyResult(jobId: string): Promise<Result<VerifyResultResponse, string>>;
 }
 
 /**
@@ -186,5 +213,92 @@ export function createCloudClient(config: CloudConfig): CloudClient {
 
 		postFeedback: (payload) =>
 			request<{ recorded: boolean }>("POST", "/feedback", payload),
+
+		postFeedbackBatch: async (events) => {
+			// Map camelCase → snake_case for cloud API
+			const snakeEvents = events.map((e) => ({
+				prompt_hash: e.promptHash,
+				command: e.command,
+				accepted: e.accepted,
+				context: e.context,
+				diff_hash: e.diffHash,
+				timestamp: e.timestamp,
+			}));
+			return request<{ received: number }>("POST", "/feedback/batch", {
+				events: snakeEvents,
+			});
+		},
+
+		getFeedbackImprovements: async () => {
+			// biome-ignore lint/suspicious/noExplicitAny: snake_case API mapping
+			const result = await request<any>("GET", "/feedback/improvements");
+			if (!result.ok) return result;
+			const d = result.value;
+			const rawImprovements = d.improvements ?? [];
+			const improvements: CloudPromptImprovement[] = rawImprovements.map(
+				// biome-ignore lint/suspicious/noExplicitAny: snake_case API mapping
+				(i: any) => ({
+					command: i.command,
+					promptHash: i.promptHash ?? i.prompt_hash,
+					samples: i.samples,
+					acceptRate: i.acceptRate ?? i.accept_rate,
+					status: i.status,
+				}),
+			);
+			const totals = d.teamTotals ?? d.team_totals ?? {};
+			return ok({
+				improvements,
+				teamTotals: {
+					totalEvents: totals.totalEvents ?? totals.total_events ?? 0,
+					acceptRate: totals.acceptRate ?? totals.accept_rate ?? 0,
+				},
+			});
+		},
+
+		submitVerify: async (payload) => {
+			// biome-ignore lint/suspicious/noExplicitAny: snake_case API mapping
+			const result = await request<any>("POST", "/verify", {
+				diff: payload.diff,
+				repo: payload.repo,
+				base_branch: payload.baseBranch,
+			});
+			if (!result.ok) return result;
+			const d = result.value;
+			return ok({ jobId: d.jobId ?? d.job_id });
+		},
+
+		getVerifyStatus: async (jobId) => {
+			// biome-ignore lint/suspicious/noExplicitAny: snake_case API mapping
+			const result = await request<any>("GET", `/verify/${jobId}/status`);
+			if (!result.ok) return result;
+			const d = result.value;
+			return ok({
+				status: d.status,
+				currentStep: d.currentStep ?? d.current_step ?? d.step ?? "",
+			});
+		},
+
+		getVerifyResult: async (jobId) => {
+			// biome-ignore lint/suspicious/noExplicitAny: snake_case API mapping
+			const result = await request<any>("GET", `/verify/${jobId}`);
+			if (!result.ok) return result;
+			const d = result.value;
+			const items = d.findings?.items ?? d.findings ?? [];
+			return ok({
+				id: d.id,
+				status: d.status,
+				passed: d.passed,
+				findings: items,
+				findingsErrors:
+					d.findingsErrors ?? d.findings_errors ?? d.findings?.errors ?? 0,
+				findingsWarnings:
+					d.findingsWarnings ??
+					d.findings_warnings ??
+					d.findings?.warnings ??
+					0,
+				proofKey: d.proofKey ?? d.proof_key ?? d.proof_url ?? null,
+				durationMs: d.durationMs ?? d.duration_ms ?? 0,
+			});
+		},
 	};
 }

package/src/cloud/types.ts

@@ -8,7 +8,7 @@
 // ── Configuration ───────────────────────────────────────────────────────────
 
 export interface CloudConfig {
-	/** Base URL of the maina cloud API (e.g. "https://api.maina.dev"). */
+	/** Base URL of the maina cloud API (e.g. "https://api.mainahq.com"). */
 	baseUrl: string;
 	/** Bearer token for authenticated requests. */
 	token?: string;
@@ -90,6 +90,58 @@ export interface ApiResponse<T> {
 	meta?: Record<string, unknown>;
 }
 
+// ── Verify ─────────────────────────────────────────────────────────────────
+
+export interface SubmitVerifyPayload {
+	/** Diff content to verify. */
+	diff: string;
+	/** Repository identifier (e.g. "owner/repo"). */
+	repo: string;
+	/** Base branch to compare against. */
+	baseBranch?: string;
+}
+
+export interface VerifyStatusResponse {
+	/** Current job status. */
+	status: "queued" | "running" | "done" | "failed";
+	/** Human-readable description of the current step. */
+	currentStep: string;
+}
+
+export interface VerifyFinding {
+	/** Tool that produced the finding (e.g. "biome", "semgrep"). */
+	tool: string;
+	/** File path relative to repository root. */
+	file: string;
+	/** Line number in the file. */
+	line: number;
+	/** Finding description. */
+	message: string;
+	/** Severity level. */
+	severity: "error" | "warning" | "info";
+	/** Optional rule identifier. */
+	ruleId?: string;
+}
+
+export interface VerifyResultResponse {
+	/** Job identifier. */
+	id: string;
+	/** Final job status. */
+	status: "done" | "failed";
+	/** Whether all checks passed. */
+	passed: boolean;
+	/** Array of individual findings from verification tools. */
+	findings: VerifyFinding[];
+	/** Count of error-level findings. */
+	findingsErrors: number;
+	/** Count of warning-level findings. */
+	findingsWarnings: number;
+	/** Proof key for passing verification (null when failed). */
+	proofKey: string | null;
+	/** Total verification duration in milliseconds. */
+	durationMs: number;
+}
+
 // ── Feedback ────────────────────────────────────────────────────────────────
 
 export interface CloudFeedbackPayload {
@@ -104,3 +156,45 @@ export interface CloudFeedbackPayload {
 	/** Optional context about the feedback. */
 	context?: string;
 }
+
+// ── Feedback Batch (learn --cloud) ─────────────────────────────────────────
+
+export interface FeedbackEvent {
+	/** Prompt hash the feedback refers to. */
+	promptHash: string;
+	/** Command that generated the output. */
+	command: string;
+	/** Whether the user accepted the output. */
+	accepted: boolean;
+	/** Optional context about the feedback. */
+	context?: string;
+	/** Optional diff hash for traceability. */
+	diffHash?: string;
+	/** ISO-8601 timestamp. */
+	timestamp?: string;
+}
+
+export interface FeedbackBatchPayload {
+	/** Array of feedback events to upload. */
+	events: FeedbackEvent[];
+}
+
+export interface CloudPromptImprovement {
+	/** Command the improvement applies to. */
+	command: string;
+	/** Prompt hash that was analysed. */
+	promptHash: string;
+	/** Number of feedback samples analysed. */
+	samples: number;
+	/** Accept rate (0–1). */
+	acceptRate: number;
+	/** Health status based on accept rate. */
+	status: "needs_improvement" | "healthy" | "excellent";
+}
+
+export interface FeedbackImprovementsResponse {
+	/** Per-command improvement assessments. */
+	improvements: CloudPromptImprovement[];
+	/** Aggregated team-wide feedback totals. */
+	teamTotals: { totalEvents: number; acceptRate: number };
+}

package/src/feedback/__tests__/sync.test.ts

@@ -0,0 +1,104 @@
+import { afterEach, beforeEach, describe, expect, test } from "bun:test";
+import { mkdirSync } from "node:fs";
+import { join } from "node:path";
+import { recordOutcome } from "../../prompts/engine";
+import { exportFeedbackForCloud } from "../sync";
+
+let tmpDir: string;
+
+beforeEach(() => {
+	tmpDir = join(
+		import.meta.dir,
+		`tmp-sync-${Date.now()}-${Math.random().toString(36).slice(2)}`,
+	);
+	mkdirSync(tmpDir, { recursive: true });
+});
+
+afterEach(() => {
+	try {
+		const { rmSync } = require("node:fs");
+		rmSync(tmpDir, { recursive: true, force: true });
+	} catch {
+		// ignore
+	}
+});
+
+describe("exportFeedbackForCloud", () => {
+	test("returns empty array when no feedback exists", () => {
+		const events = exportFeedbackForCloud(tmpDir);
+		expect(events).toEqual([]);
+	});
+
+	test("exports accepted feedback events", () => {
+		recordOutcome(tmpDir, "hash-abc", {
+			accepted: true,
+			command: "commit",
+		});
+
+		const events = exportFeedbackForCloud(tmpDir);
+
+		expect(events).toHaveLength(1);
+		expect(events[0]?.promptHash).toBe("hash-abc");
+		expect(events[0]?.command).toBe("commit");
+		expect(events[0]?.accepted).toBe(true);
+		expect(events[0]?.timestamp).toBeDefined();
+	});
+
+	test("exports rejected feedback events", () => {
+		recordOutcome(tmpDir, "hash-def", {
+			accepted: false,
+			command: "review",
+		});
+
+		const events = exportFeedbackForCloud(tmpDir);
+
+		expect(events).toHaveLength(1);
+		expect(events[0]?.accepted).toBe(false);
+		expect(events[0]?.command).toBe("review");
+	});
+
+	test("exports context when present", () => {
+		recordOutcome(tmpDir, "hash-ctx", {
+			accepted: true,
+			command: "commit",
+			context: "user edited the message",
+		});
+
+		const events = exportFeedbackForCloud(tmpDir);
+
+		expect(events).toHaveLength(1);
+		expect(events[0]?.context).toBe("user edited the message");
+	});
+
+	test("omits context when not present", () => {
+		recordOutcome(tmpDir, "hash-no-ctx", {
+			accepted: true,
+			command: "commit",
+		});
+
+		const events = exportFeedbackForCloud(tmpDir);
+
+		expect(events).toHaveLength(1);
+		expect(events[0]?.context).toBeUndefined();
+	});
+
+	test("exports multiple events in chronological order", () => {
+		recordOutcome(tmpDir, "hash-1", { accepted: true, command: "commit" });
+		recordOutcome(tmpDir, "hash-2", { accepted: false, command: "review" });
+		recordOutcome(tmpDir, "hash-3", { accepted: true, command: "fix" });
+
+		const events = exportFeedbackForCloud(tmpDir);
+
+		expect(events).toHaveLength(3);
+		expect(events[0]?.promptHash).toBe("hash-1");
+		expect(events[1]?.promptHash).toBe("hash-2");
+		expect(events[2]?.promptHash).toBe("hash-3");
+	});
+
+	test("returns empty array on invalid db path", () => {
+		const events = exportFeedbackForCloud(
+			"/nonexistent/path/that/does/not/exist",
+		);
+		expect(events).toEqual([]);
+	});
+});

package/src/feedback/sync.ts

@@ -0,0 +1,54 @@
+/**
+ * Feedback sync — exports local feedback records for cloud upload.
+ *
+ * Reads from the local SQLite feedback.db and maps records to the
+ * cloud-compatible FeedbackEvent format for batch upload.
+ */
+
+import type { FeedbackEvent } from "../cloud/types";
+import { getFeedbackDb } from "../db/index";
+
+/** Raw row shape from the feedback table. */
+interface FeedbackRow {
+	prompt_hash: string;
+	command: string;
+	accepted: number;
+	context: string | null;
+	created_at: string;
+}
+
+/**
+ * Export all local feedback records in the cloud-compatible format.
+ *
+ * Reads from the feedback table in the SQLite database at `mainaDir/feedback.db`
+ * and maps each row to a `FeedbackEvent` object ready for batch upload.
+ */
+export function exportFeedbackForCloud(mainaDir: string): FeedbackEvent[] {
+	const dbResult = getFeedbackDb(mainaDir);
+	if (!dbResult.ok) {
+		return [];
+	}
+
+	const { db } = dbResult.value;
+
+	const rows = db
+		.query(
+			"SELECT prompt_hash, command, accepted, context, created_at FROM feedback ORDER BY created_at ASC",
+		)
+		.all() as FeedbackRow[];
+
+	return rows.map((row) => {
+		const event: FeedbackEvent = {
+			promptHash: row.prompt_hash,
+			command: row.command,
+			accepted: row.accepted === 1,
+			timestamp: row.created_at,
+		};
+
+		if (row.context) {
+			event.context = row.context;
+		}
+
+		return event;
+	});
+}

package/src/index.ts

@@ -64,11 +64,19 @@ export type {
 	ApiResponse,
 	CloudConfig,
 	CloudFeedbackPayload,
+	CloudPromptImprovement,
 	DeviceCodeResponse,
+	FeedbackBatchPayload,
+	FeedbackEvent,
+	FeedbackImprovementsResponse,
 	PromptRecord,
+	SubmitVerifyPayload,
 	TeamInfo,
 	TeamMember,
 	TokenResponse,
+	VerifyFinding,
+	VerifyResultResponse,
+	VerifyStatusResponse,
 } from "./cloud/types";
 // Config
 export { getApiKey, isHostMode, shouldDelegateToHost } from "./config/index";
@@ -164,6 +172,7 @@ export {
 	type RulePreference,
 	savePreferences,
 } from "./feedback/preferences";
+export { exportFeedbackForCloud } from "./feedback/sync";
 export {
 	analyzeWorkflowTrace,
 	type PromptImprovement,
@@ -306,16 +315,12 @@ export {
 	runCoverage,
 } from "./verify/coverage";
 export {
-	type DetectedTool,
 	detectTool,
 	detectTools,
 	isToolAvailable,
 	TOOL_REGISTRY,
-	type ToolName,
 } from "./verify/detect";
 export {
-	type DiffFilterResult,
-	type Finding,
 	filterByDiff,
 	filterByDiffWithMap,
 	parseChangedLines,
@@ -343,12 +348,7 @@ export {
 	runMutation,
 } from "./verify/mutation";
 // Verify — Pipeline
-export {
-	type PipelineOptions,
-	type PipelineResult,
-	runPipeline,
-	type ToolReport,
-} from "./verify/pipeline";
+export { runPipeline } from "./verify/pipeline";
 // Verify — Proof
 export {
 	formatVerificationProof,
@@ -376,12 +376,22 @@ export {
 } from "./verify/sonar";
 export {
 	parseBiomeOutput,
-	type SyntaxDiagnostic,
-	type SyntaxGuardResult,
 	syntaxGuard,
 } from "./verify/syntax-guard";
 // Verify — Typecheck + Consistency (built-in checks)
 export { runTypecheck, type TypecheckResult } from "./verify/typecheck";
+// Verify — Public Type Surface (consolidated for external consumers like maina-cloud)
+export type {
+	DetectedTool,
+	DiffFilterResult,
+	Finding,
+	PipelineOptions,
+	PipelineResult,
+	SyntaxDiagnostic,
+	SyntaxGuardResult,
+	ToolName,
+	ToolReport,
+} from "./verify/types";
 // Verify — Visual
 export {
 	captureScreenshot,

package/src/language/__tests__/__fixtures__/detect/composer.lock

@@ -0,0 +1 @@
+{"packages": []}

package/src/verify/__tests__/types.test.ts

@@ -0,0 +1,129 @@
+import { describe, expect, test } from "bun:test";
+import type {
+	DetectedTool,
+	Finding,
+	PipelineOptions,
+	PipelineResult,
+	ToolReport,
+} from "../types";
+
+// ─── Verify Type Exports ────────────────────────────────────────────────────
+
+describe("verify/types re-exports", () => {
+	test("Finding type has expected shape", () => {
+		const finding: Finding = {
+			tool: "semgrep",
+			file: "src/index.ts",
+			line: 42,
+			message: "unused variable",
+			severity: "warning",
+		};
+		expect(finding.tool).toBe("semgrep");
+		expect(finding.file).toBe("src/index.ts");
+		expect(finding.line).toBe(42);
+		expect(finding.message).toBe("unused variable");
+		expect(finding.severity).toBe("warning");
+	});
+
+	test("Finding type supports optional fields", () => {
+		const finding: Finding = {
+			tool: "eslint",
+			file: "app.ts",
+			line: 10,
+			column: 5,
+			message: "no-unused-vars",
+			severity: "error",
+			ruleId: "no-unused-vars",
+		};
+		expect(finding.column).toBe(5);
+		expect(finding.ruleId).toBe("no-unused-vars");
+	});
+
+	test("ToolReport type has expected shape", () => {
+		const report: ToolReport = {
+			tool: "trivy",
+			findings: [],
+			skipped: false,
+			duration: 123,
+		};
+		expect(report.tool).toBe("trivy");
+		expect(report.findings).toEqual([]);
+		expect(report.skipped).toBe(false);
+		expect(report.duration).toBe(123);
+	});
+
+	test("PipelineResult type has expected shape", () => {
+		const result: PipelineResult = {
+			passed: true,
+			syntaxPassed: true,
+			tools: [],
+			findings: [],
+			hiddenCount: 0,
+			detectedTools: [],
+			duration: 500,
+			cacheHits: 2,
+			cacheMisses: 1,
+		};
+		expect(result.passed).toBe(true);
+		expect(result.syntaxPassed).toBe(true);
+		expect(result.tools).toEqual([]);
+		expect(result.findings).toEqual([]);
+		expect(result.hiddenCount).toBe(0);
+		expect(result.detectedTools).toEqual([]);
+		expect(result.duration).toBe(500);
+		expect(result.cacheHits).toBe(2);
+		expect(result.cacheMisses).toBe(1);
+	});
+
+	test("PipelineOptions type has expected shape", () => {
+		const opts: PipelineOptions = {
+			files: ["src/app.ts"],
+			baseBranch: "main",
+			diffOnly: true,
+			deep: false,
+			cwd: "/tmp",
+			mainaDir: ".maina",
+			languages: ["typescript"],
+		};
+		expect(opts.files).toEqual(["src/app.ts"]);
+		expect(opts.baseBranch).toBe("main");
+		expect(opts.diffOnly).toBe(true);
+		expect(opts.deep).toBe(false);
+	});
+
+	test("DetectedTool type has expected shape", () => {
+		const tool: DetectedTool = {
+			name: "biome",
+			command: "biome",
+			version: "1.5.0",
+			available: true,
+		};
+		expect(tool.name).toBe("biome");
+		expect(tool.command).toBe("biome");
+		expect(tool.version).toBe("1.5.0");
+		expect(tool.available).toBe(true);
+	});
+
+	test("DetectedTool supports null version", () => {
+		const tool: DetectedTool = {
+			name: "semgrep",
+			command: "semgrep",
+			version: null,
+			available: false,
+		};
+		expect(tool.version).toBeNull();
+		expect(tool.available).toBe(false);
+	});
+});
+
+// ─── Verify types re-exported from @mainahq/core index ──────────────────────
+
+describe("verify types from core index", () => {
+	test("types are importable from core index", async () => {
+		const coreIndex = await import("../../index");
+		// The module should export these — we verify by checking the module loaded
+		// Type-only exports don't appear at runtime, but the module must resolve
+		expect(coreIndex).toBeDefined();
+		expect(typeof coreIndex.VERSION).toBe("string");
+	});
+});

package/src/verify/types.ts

@@ -0,0 +1,17 @@
+/**
+ * Verify Engine — Public Type Exports.
+ *
+ * Consolidated re-exports of all verify types for the public API surface.
+ * Consumers (e.g. maina-cloud) import from here or from @mainahq/core.
+ * Types are NOT duplicated — each re-exports from its source module.
+ */
+
+// DetectedTool, ToolName from detect
+export type { DetectedTool, ToolName } from "./detect";
+// Finding + DiffFilterResult from diff-filter
+export type { DiffFilterResult, Finding } from "./diff-filter";
+// PipelineResult, PipelineOptions, ToolReport from pipeline
+export type { PipelineOptions, PipelineResult, ToolReport } from "./pipeline";
+
+// SyntaxDiagnostic, SyntaxGuardResult from syntax-guard (used in PipelineResult)
+export type { SyntaxDiagnostic, SyntaxGuardResult } from "./syntax-guard";