@maintainabilityai/research-runner 0.1.1

package/dist/schemas/mesh-context.js

@@ -0,0 +1,95 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.MeshContext = exports.MeshGapKind = void 0;
+/**
+ * MeshContext — what `gather_mesh_context` produces for every LLM node.
+ *
+ * Mirrors the shape defined in the design doc (§"gather_mesh_context — the
+ * mesh IS the expert"). Every LLM call in both the Archeologist and PRD
+ * pipelines receives this as its grounding payload.
+ */
+const zod_1 = require("zod");
+const primitives_1 = require("./primitives");
+/** A small projection of a research doc that lives in scope. */
+const RelatedResearchSummary = zod_1.z.object({
+    research_id: zod_1.z.string(),
+    topic: zod_1.z.string(),
+    published_at: zod_1.z.string(),
+});
+/** Structural gap kinds the GovernanceScorer detects per BAR. */
+exports.MeshGapKind = zod_1.z.enum([
+    'no_threat_model',
+    'no_controls_mapping',
+    'no_adrs',
+    'stale_research',
+    'missing_prd_for_planned_feature',
+    'low_architecture_pillar',
+    'low_security_pillar',
+]);
+const PillarScores = zod_1.z.object({
+    architecture: zod_1.z.number(),
+    security: zod_1.z.number(),
+    info_risk: zod_1.z.number(),
+    operations: zod_1.z.number(),
+});
+const Adr = zod_1.z.object({
+    id: zod_1.z.string(),
+    title: zod_1.z.string(),
+    status: zod_1.z.string(),
+    decision: zod_1.z.string(),
+});
+exports.MeshContext = zod_1.z.object({
+    scope: zod_1.z.object({
+        level: primitives_1.ScopeLevel,
+        bar_id: zod_1.z.string().optional(), // present when level === 'bar'
+        platform_id: zod_1.z.string().optional(), // present when level === 'platform' OR 'bar' (parent)
+    }),
+    /** Git SHA of the mesh repo at the moment context was read. */
+    mesh_sha: primitives_1.GitSha,
+    /** Always populated. */
+    portfolio: zod_1.z.object({
+        name: zod_1.z.string(),
+        governance_policy: zod_1.z.unknown(),
+        capability_models: zod_1.z.array(zod_1.z.unknown()),
+        related_research_summaries: zod_1.z.array(RelatedResearchSummary),
+    }),
+    /** Populated when level is platform OR bar. */
+    platform: zod_1.z.object({
+        platform_id: zod_1.z.string(),
+        architecture: zod_1.z.unknown(),
+        sibling_bars: zod_1.z.array(zod_1.z.object({
+            bar_id: zod_1.z.string(),
+            name: zod_1.z.string(),
+            composite_score: zod_1.z.number(),
+            /** owner/repo entries parsed from each sibling BAR's app.yaml. */
+            linked_repos: zod_1.z.array(zod_1.z.string().regex(/^[\w.-]+\/[\w.-]+$/)).default([]),
+            /** CALM node ids the BAR owns. Used by generate-prd-manifest's
+             *  impact classification to decide whether a sibling is HIGH
+             *  confidence (one of these nodes is referenced by an endpoint)
+             *  or LOW (no citation overlap). */
+            calm_node_ids: zod_1.z.array(zod_1.z.string()).default([]),
+            /** Threat ids declared in the BAR's threat-model.yaml. Used by the
+             *  same impact classification to flag siblings whose threats are
+             *  cited by the PRD's security requirements. */
+            threat_ids: zod_1.z.array(zod_1.z.string()).default([]),
+        })),
+        related_research_summaries: zod_1.z.array(RelatedResearchSummary),
+    }).nullable(),
+    /** Populated only when level is bar. */
+    bar: zod_1.z.object({
+        bar_id: zod_1.z.string(),
+        name: zod_1.z.string(),
+        composite_score: zod_1.z.number(),
+        tier: zod_1.z.enum(['restricted', 'supervised', 'autonomous']),
+        calm_model: zod_1.z.unknown(),
+        threats: zod_1.z.unknown().nullable(),
+        controls: zod_1.z.unknown().nullable(),
+        adrs: zod_1.z.array(Adr),
+        pillar_scores: PillarScores,
+        related_research: zod_1.z.array(RelatedResearchSummary),
+        related_prds: zod_1.z.array(RelatedResearchSummary),
+        mesh_gaps: zod_1.z.array(exports.MeshGapKind),
+        /** owner/repo entries parsed from app.yaml application.repos — drives PrdManifest.target_repos. */
+        linked_repos: zod_1.z.array(zod_1.z.string().regex(/^[\w.-]+\/[\w.-]+$/)).default([]),
+    }).nullable(),
+});

package/dist/schemas/observed-architecture.d.ts

@@ -0,0 +1,262 @@
+/**
+ * ObservedArchitecture — what analyze_architecture extracts from a cloned
+ * target repo (archaeology path).
+ *
+ * Phase 3a is file-based: no AST parsing, no tree-sitter. We extract what
+ * we can from filenames, manifest files, and regex-detected route handlers.
+ * Phase 3b will add tree-sitter for deeper symbol-level analysis.
+ *
+ * The shape mirrors the spec in docs/design/research-and-prd-agents.md
+ * §"What `analyze_architecture` extracts" but pares back depth we can't
+ * deliver without an AST.
+ */
+import { z } from 'zod';
+export declare const ObservedLayer: z.ZodEnum<["api", "web", "data", "worker", "shared", "unknown"]>;
+export type ObservedLayer = z.infer<typeof ObservedLayer>;
+export declare const Endpoint: z.ZodObject<{
+    /** HTTP method like "GET" / "POST". */
+    method: z.ZodString;
+    /** Path template, e.g. "/users/:id". */
+    path: z.ZodString;
+    /** File the endpoint lives in (relative to repo root). */
+    file: z.ZodString;
+    /** Framework that surfaced it, e.g. "express" / "fastapi" / "flask" / "spring". */
+    framework: z.ZodString;
+}, "strip", z.ZodTypeAny, {
+    path: string;
+    method: string;
+    file: string;
+    framework: string;
+}, {
+    path: string;
+    method: string;
+    file: string;
+    framework: string;
+}>;
+export type Endpoint = z.infer<typeof Endpoint>;
+export declare const Module: z.ZodObject<{
+    /** Top-level directory or src/<name> identifier. */
+    name: z.ZodString;
+    /** Inferred layer per the heuristics in analyze_architecture. */
+    layer: z.ZodEnum<["api", "web", "data", "worker", "shared", "unknown"]>;
+    /** File counts that landed in this module (excluding test files). */
+    fileCount: z.ZodNumber;
+    /** Endpoints declared in this module. */
+    endpointCount: z.ZodNumber;
+}, "strip", z.ZodTypeAny, {
+    name: string;
+    layer: "unknown" | "web" | "api" | "data" | "worker" | "shared";
+    fileCount: number;
+    endpointCount: number;
+}, {
+    name: string;
+    layer: "unknown" | "web" | "api" | "data" | "worker" | "shared";
+    fileCount: number;
+    endpointCount: number;
+}>;
+export type Module = z.infer<typeof Module>;
+export declare const RepositoryProfile: z.ZodObject<{
+    /** owner/repo at the time of clone. */
+    slug: z.ZodString;
+    /** Git SHA of the clone HEAD. */
+    cloneSha: z.ZodString;
+    /** Total tracked files (skips .git, node_modules, build, dist). */
+    totalFiles: z.ZodNumber;
+    /** Bytes counted across tracked files. */
+    totalBytes: z.ZodNumber;
+    /** File counts by extension (sorted desc by count in serialised form). */
+    byExtension: z.ZodRecord<z.ZodString, z.ZodNumber>;
+    /** Detected primary language(s) — derived from extension counts + manifests. */
+    languages: z.ZodArray<z.ZodString, "many">;
+    /** Detected primary framework(s) (express, fastapi, react, next, vue, …). */
+    frameworks: z.ZodArray<z.ZodString, "many">;
+    /** Manifest files present (package.json, pyproject.toml, Cargo.toml, …). */
+    manifests: z.ZodArray<z.ZodString, "many">;
+}, "strip", z.ZodTypeAny, {
+    slug: string;
+    cloneSha: string;
+    totalFiles: number;
+    totalBytes: number;
+    byExtension: Record<string, number>;
+    languages: string[];
+    frameworks: string[];
+    manifests: string[];
+}, {
+    slug: string;
+    cloneSha: string;
+    totalFiles: number;
+    totalBytes: number;
+    byExtension: Record<string, number>;
+    languages: string[];
+    frameworks: string[];
+    manifests: string[];
+}>;
+export type RepositoryProfile = z.infer<typeof RepositoryProfile>;
+export declare const ObservedArchitecture: z.ZodObject<{
+    profile: z.ZodObject<{
+        /** owner/repo at the time of clone. */
+        slug: z.ZodString;
+        /** Git SHA of the clone HEAD. */
+        cloneSha: z.ZodString;
+        /** Total tracked files (skips .git, node_modules, build, dist). */
+        totalFiles: z.ZodNumber;
+        /** Bytes counted across tracked files. */
+        totalBytes: z.ZodNumber;
+        /** File counts by extension (sorted desc by count in serialised form). */
+        byExtension: z.ZodRecord<z.ZodString, z.ZodNumber>;
+        /** Detected primary language(s) — derived from extension counts + manifests. */
+        languages: z.ZodArray<z.ZodString, "many">;
+        /** Detected primary framework(s) (express, fastapi, react, next, vue, …). */
+        frameworks: z.ZodArray<z.ZodString, "many">;
+        /** Manifest files present (package.json, pyproject.toml, Cargo.toml, …). */
+        manifests: z.ZodArray<z.ZodString, "many">;
+    }, "strip", z.ZodTypeAny, {
+        slug: string;
+        cloneSha: string;
+        totalFiles: number;
+        totalBytes: number;
+        byExtension: Record<string, number>;
+        languages: string[];
+        frameworks: string[];
+        manifests: string[];
+    }, {
+        slug: string;
+        cloneSha: string;
+        totalFiles: number;
+        totalBytes: number;
+        byExtension: Record<string, number>;
+        languages: string[];
+        frameworks: string[];
+        manifests: string[];
+    }>;
+    modules: z.ZodArray<z.ZodObject<{
+        /** Top-level directory or src/<name> identifier. */
+        name: z.ZodString;
+        /** Inferred layer per the heuristics in analyze_architecture. */
+        layer: z.ZodEnum<["api", "web", "data", "worker", "shared", "unknown"]>;
+        /** File counts that landed in this module (excluding test files). */
+        fileCount: z.ZodNumber;
+        /** Endpoints declared in this module. */
+        endpointCount: z.ZodNumber;
+    }, "strip", z.ZodTypeAny, {
+        name: string;
+        layer: "unknown" | "web" | "api" | "data" | "worker" | "shared";
+        fileCount: number;
+        endpointCount: number;
+    }, {
+        name: string;
+        layer: "unknown" | "web" | "api" | "data" | "worker" | "shared";
+        fileCount: number;
+        endpointCount: number;
+    }>, "many">;
+    endpoints: z.ZodArray<z.ZodObject<{
+        /** HTTP method like "GET" / "POST". */
+        method: z.ZodString;
+        /** Path template, e.g. "/users/:id". */
+        path: z.ZodString;
+        /** File the endpoint lives in (relative to repo root). */
+        file: z.ZodString;
+        /** Framework that surfaced it, e.g. "express" / "fastapi" / "flask" / "spring". */
+        framework: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        path: string;
+        method: string;
+        file: string;
+        framework: string;
+    }, {
+        path: string;
+        method: string;
+        file: string;
+        framework: string;
+    }>, "many">;
+    /**
+     * Direct external dependencies (production only, not dev). Source: the
+     * detected manifests. Up to 60 dependencies, sorted alphabetically; the
+     * runner truncates to keep audit payload sane.
+     */
+    dependencies: z.ZodArray<z.ZodString, "many">;
+    /**
+     * Tier-3 (CALM-relative) deviations the analyzer flagged. Populated by
+     * `identify_gaps` after comparison — empty here.
+     */
+    deviations: z.ZodArray<z.ZodString, "many">;
+}, "strip", z.ZodTypeAny, {
+    endpoints: {
+        path: string;
+        method: string;
+        file: string;
+        framework: string;
+    }[];
+    profile: {
+        slug: string;
+        cloneSha: string;
+        totalFiles: number;
+        totalBytes: number;
+        byExtension: Record<string, number>;
+        languages: string[];
+        frameworks: string[];
+        manifests: string[];
+    };
+    modules: {
+        name: string;
+        layer: "unknown" | "web" | "api" | "data" | "worker" | "shared";
+        fileCount: number;
+        endpointCount: number;
+    }[];
+    dependencies: string[];
+    deviations: string[];
+}, {
+    endpoints: {
+        path: string;
+        method: string;
+        file: string;
+        framework: string;
+    }[];
+    profile: {
+        slug: string;
+        cloneSha: string;
+        totalFiles: number;
+        totalBytes: number;
+        byExtension: Record<string, number>;
+        languages: string[];
+        frameworks: string[];
+        manifests: string[];
+    };
+    modules: {
+        name: string;
+        layer: "unknown" | "web" | "api" | "data" | "worker" | "shared";
+        fileCount: number;
+        endpointCount: number;
+    }[];
+    dependencies: string[];
+    deviations: string[];
+}>;
+export type ObservedArchitecture = z.infer<typeof ObservedArchitecture>;
+/** A single gap surfaced by identify_gaps. */
+export declare const ArchaeologyGap: z.ZodObject<{
+    /** Stable id like "G1", "G2", … assigned in the order signals were detected. */
+    id: z.ZodString;
+    kind: z.ZodEnum<["missing_module", "orphan_module", "endpoint_not_in_calm", "missing_security_control", "framework_choice_undeclared"]>;
+    severity: z.ZodEnum<["HIGH", "MEDIUM", "LOW"]>;
+    /** Human-readable summary the synthesis prompt cites. */
+    summary: z.ZodString;
+    /** Pointers into observed architecture — `OA[<module>]` / `OA[<endpoint>]`. */
+    observedEvidence: z.ZodArray<z.ZodString, "many">;
+    /** Pointers into mesh CALM — node ids, ADR refs, control ids. */
+    meshReferences: z.ZodArray<z.ZodString, "many">;
+}, "strip", z.ZodTypeAny, {
+    id: string;
+    kind: "missing_module" | "orphan_module" | "endpoint_not_in_calm" | "missing_security_control" | "framework_choice_undeclared";
+    severity: "HIGH" | "MEDIUM" | "LOW";
+    summary: string;
+    observedEvidence: string[];
+    meshReferences: string[];
+}, {
+    id: string;
+    kind: "missing_module" | "orphan_module" | "endpoint_not_in_calm" | "missing_security_control" | "framework_choice_undeclared";
+    severity: "HIGH" | "MEDIUM" | "LOW";
+    summary: string;
+    observedEvidence: string[];
+    meshReferences: string[];
+}>;
+export type ArchaeologyGap = z.infer<typeof ArchaeologyGap>;

package/dist/schemas/observed-architecture.js

@@ -0,0 +1,90 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ArchaeologyGap = exports.ObservedArchitecture = exports.RepositoryProfile = exports.Module = exports.Endpoint = exports.ObservedLayer = void 0;
+/**
+ * ObservedArchitecture — what analyze_architecture extracts from a cloned
+ * target repo (archaeology path).
+ *
+ * Phase 3a is file-based: no AST parsing, no tree-sitter. We extract what
+ * we can from filenames, manifest files, and regex-detected route handlers.
+ * Phase 3b will add tree-sitter for deeper symbol-level analysis.
+ *
+ * The shape mirrors the spec in docs/design/research-and-prd-agents.md
+ * §"What `analyze_architecture` extracts" but pares back depth we can't
+ * deliver without an AST.
+ */
+const zod_1 = require("zod");
+exports.ObservedLayer = zod_1.z.enum(['api', 'web', 'data', 'worker', 'shared', 'unknown']);
+exports.Endpoint = zod_1.z.object({
+    /** HTTP method like "GET" / "POST". */
+    method: zod_1.z.string(),
+    /** Path template, e.g. "/users/:id". */
+    path: zod_1.z.string(),
+    /** File the endpoint lives in (relative to repo root). */
+    file: zod_1.z.string(),
+    /** Framework that surfaced it, e.g. "express" / "fastapi" / "flask" / "spring". */
+    framework: zod_1.z.string(),
+});
+exports.Module = zod_1.z.object({
+    /** Top-level directory or src/<name> identifier. */
+    name: zod_1.z.string(),
+    /** Inferred layer per the heuristics in analyze_architecture. */
+    layer: exports.ObservedLayer,
+    /** File counts that landed in this module (excluding test files). */
+    fileCount: zod_1.z.number().int().nonnegative(),
+    /** Endpoints declared in this module. */
+    endpointCount: zod_1.z.number().int().nonnegative(),
+});
+exports.RepositoryProfile = zod_1.z.object({
+    /** owner/repo at the time of clone. */
+    slug: zod_1.z.string().regex(/^[\w.-]+\/[\w.-]+$/),
+    /** Git SHA of the clone HEAD. */
+    cloneSha: zod_1.z.string(),
+    /** Total tracked files (skips .git, node_modules, build, dist). */
+    totalFiles: zod_1.z.number().int().nonnegative(),
+    /** Bytes counted across tracked files. */
+    totalBytes: zod_1.z.number().int().nonnegative(),
+    /** File counts by extension (sorted desc by count in serialised form). */
+    byExtension: zod_1.z.record(zod_1.z.string(), zod_1.z.number().int()),
+    /** Detected primary language(s) — derived from extension counts + manifests. */
+    languages: zod_1.z.array(zod_1.z.string()),
+    /** Detected primary framework(s) (express, fastapi, react, next, vue, …). */
+    frameworks: zod_1.z.array(zod_1.z.string()),
+    /** Manifest files present (package.json, pyproject.toml, Cargo.toml, …). */
+    manifests: zod_1.z.array(zod_1.z.string()),
+});
+exports.ObservedArchitecture = zod_1.z.object({
+    profile: exports.RepositoryProfile,
+    modules: zod_1.z.array(exports.Module),
+    endpoints: zod_1.z.array(exports.Endpoint),
+    /**
+     * Direct external dependencies (production only, not dev). Source: the
+     * detected manifests. Up to 60 dependencies, sorted alphabetically; the
+     * runner truncates to keep audit payload sane.
+     */
+    dependencies: zod_1.z.array(zod_1.z.string()),
+    /**
+     * Tier-3 (CALM-relative) deviations the analyzer flagged. Populated by
+     * `identify_gaps` after comparison — empty here.
+     */
+    deviations: zod_1.z.array(zod_1.z.string()),
+});
+/** A single gap surfaced by identify_gaps. */
+exports.ArchaeologyGap = zod_1.z.object({
+    /** Stable id like "G1", "G2", … assigned in the order signals were detected. */
+    id: zod_1.z.string().regex(/^G\d+$/),
+    kind: zod_1.z.enum([
+        'missing_module', // CALM mentions X; code has no module
+        'orphan_module', // code has Y; no matching CALM node
+        'endpoint_not_in_calm', // observed endpoint isn't represented as a CALM node
+        'missing_security_control', // CALM mentions a control; nothing in code suggests it
+        'framework_choice_undeclared', // code uses a framework not mentioned in mesh decisions
+    ]),
+    severity: zod_1.z.enum(['HIGH', 'MEDIUM', 'LOW']),
+    /** Human-readable summary the synthesis prompt cites. */
+    summary: zod_1.z.string(),
+    /** Pointers into observed architecture — `OA[<module>]` / `OA[<endpoint>]`. */
+    observedEvidence: zod_1.z.array(zod_1.z.string()),
+    /** Pointers into mesh CALM — node ids, ADR refs, control ids. */
+    meshReferences: zod_1.z.array(zod_1.z.string()),
+});

package/dist/schemas/prd-brief.d.ts

@@ -0,0 +1,111 @@
+/**
+ * PrdBrief — validated input to the PRD pipeline.
+ *
+ * Produced when the PRD agent is triggered: either by a merged research PR
+ * (via label-on-merge.yml creating a prd-pending issue), by a prd-request
+ * label, or by workflow_dispatch.
+ */
+import { z } from 'zod';
+export declare const PrdBrief: z.ZodObject<{
+    /** Where the upstream research lives: a merged PR url OR a relative doc path. */
+    research_source: z.ZodUnion<[z.ZodObject<{
+        kind: z.ZodLiteral<"pr">;
+        url: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        kind: "pr";
+        url: string;
+    }, {
+        kind: "pr";
+        url: string;
+    }>, z.ZodObject<{
+        kind: z.ZodLiteral<"path">;
+        relative_path: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        kind: "path";
+        relative_path: string;
+    }, {
+        kind: "path";
+        relative_path: string;
+    }>]>;
+    scope: z.ZodObject<{
+        level: z.ZodEnum<["platform", "bar"]>;
+        /** Required: platform slug (e.g. `imdb-lite`) or BAR id (e.g. `APP-IMDB-002`). */
+        id: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        level: "platform" | "bar";
+        id: string;
+    }, {
+        level: "platform" | "bar";
+        id: string;
+    }>;
+    mode: z.ZodDefault<z.ZodEnum<["shallow", "deep"]>>;
+    grounding: z.ZodDefault<z.ZodEnum<["strict", "default", "lenient"]>>;
+    /** Minimum expert score (0.5-1.0) required to publish without iterating. */
+    grounding_threshold: z.ZodDefault<z.ZodNumber>;
+    max_iterations: z.ZodDefault<z.ZodNumber>;
+    guardrails: z.ZodDefault<z.ZodEnum<["strict", "default", "lenient"]>>;
+    llm_provider: z.ZodDefault<z.ZodEnum<["anthropic", "openai", "azure-openai", "github-models"]>>;
+    cost_cap_tokens: z.ZodDefault<z.ZodNumber>;
+    trigger: z.ZodObject<{
+        kind: z.ZodEnum<["workflow_dispatch", "issue_label", "merged_research_pr", "local_dev"]>;
+        issue_number: z.ZodOptional<z.ZodNumber>;
+        actor: z.ZodOptional<z.ZodString>;
+    }, "strip", z.ZodTypeAny, {
+        kind: "workflow_dispatch" | "issue_label" | "local_dev" | "merged_research_pr";
+        issue_number?: number | undefined;
+        actor?: string | undefined;
+    }, {
+        kind: "workflow_dispatch" | "issue_label" | "local_dev" | "merged_research_pr";
+        issue_number?: number | undefined;
+        actor?: string | undefined;
+    }>;
+}, "strip", z.ZodTypeAny, {
+    scope: {
+        level: "platform" | "bar";
+        id: string;
+    };
+    guardrails: "strict" | "default" | "lenient";
+    llm_provider: "anthropic" | "openai" | "azure-openai" | "github-models";
+    cost_cap_tokens: number;
+    trigger: {
+        kind: "workflow_dispatch" | "issue_label" | "local_dev" | "merged_research_pr";
+        issue_number?: number | undefined;
+        actor?: string | undefined;
+    };
+    research_source: {
+        kind: "pr";
+        url: string;
+    } | {
+        kind: "path";
+        relative_path: string;
+    };
+    mode: "shallow" | "deep";
+    grounding: "strict" | "default" | "lenient";
+    grounding_threshold: number;
+    max_iterations: number;
+}, {
+    scope: {
+        level: "platform" | "bar";
+        id: string;
+    };
+    trigger: {
+        kind: "workflow_dispatch" | "issue_label" | "local_dev" | "merged_research_pr";
+        issue_number?: number | undefined;
+        actor?: string | undefined;
+    };
+    research_source: {
+        kind: "pr";
+        url: string;
+    } | {
+        kind: "path";
+        relative_path: string;
+    };
+    guardrails?: "strict" | "default" | "lenient" | undefined;
+    llm_provider?: "anthropic" | "openai" | "azure-openai" | "github-models" | undefined;
+    cost_cap_tokens?: number | undefined;
+    mode?: "shallow" | "deep" | undefined;
+    grounding?: "strict" | "default" | "lenient" | undefined;
+    grounding_threshold?: number | undefined;
+    max_iterations?: number | undefined;
+}>;
+export type PrdBrief = z.infer<typeof PrdBrief>;

package/dist/schemas/prd-brief.js

@@ -0,0 +1,37 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PrdBrief = void 0;
+/**
+ * PrdBrief — validated input to the PRD pipeline.
+ *
+ * Produced when the PRD agent is triggered: either by a merged research PR
+ * (via label-on-merge.yml creating a prd-pending issue), by a prd-request
+ * label, or by workflow_dispatch.
+ */
+const zod_1 = require("zod");
+const primitives_1 = require("./primitives");
+exports.PrdBrief = zod_1.z.object({
+    /** Where the upstream research lives: a merged PR url OR a relative doc path. */
+    research_source: zod_1.z.union([
+        zod_1.z.object({ kind: zod_1.z.literal('pr'), url: zod_1.z.string().url() }),
+        zod_1.z.object({ kind: zod_1.z.literal('path'), relative_path: zod_1.z.string().min(1) }),
+    ]),
+    scope: zod_1.z.object({
+        level: primitives_1.ScopeLevel,
+        /** Required: platform slug (e.g. `imdb-lite`) or BAR id (e.g. `APP-IMDB-002`). */
+        id: zod_1.z.string().min(1),
+    }),
+    mode: primitives_1.PrdMode.default('deep'),
+    grounding: primitives_1.GroundingMode.default('default'),
+    /** Minimum expert score (0.5-1.0) required to publish without iterating. */
+    grounding_threshold: zod_1.z.number().min(0.5).max(1).default(0.85),
+    max_iterations: zod_1.z.number().int().min(1).max(5).default(3),
+    guardrails: primitives_1.GuardrailMode.default('default'),
+    llm_provider: primitives_1.LlmProvider.default('anthropic'),
+    cost_cap_tokens: zod_1.z.number().int().positive().default(200_000),
+    trigger: zod_1.z.object({
+        kind: zod_1.z.enum(['workflow_dispatch', 'issue_label', 'merged_research_pr', 'local_dev']),
+        issue_number: zod_1.z.number().int().optional(),
+        actor: zod_1.z.string().optional(),
+    }),
+});