@mneme-ai/core 0.15.0 → 0.17.0

package/dist/forensics/vulnhunt.js

@@ -0,0 +1,217 @@
+const RULES = [
+    // ── CRYPTO ──────────────────────────────────────────────────────────
+    {
+        class: "crypto-weakness",
+        severity: "high",
+        reference: "CWE-327",
+        pattern: /\b(?:MD5|SHA-?1)\s*\(/i,
+        summary: "MD5 / SHA-1 used as a hash function (broken for security)",
+    },
+    {
+        class: "crypto-weakness",
+        severity: "high",
+        reference: "CWE-327",
+        pattern: /\b(?:DES|3DES|RC4|Blowfish)\b/,
+        summary: "Weak / deprecated cipher referenced",
+    },
+    {
+        class: "crypto-weakness",
+        severity: "critical",
+        reference: "CWE-330",
+        pattern: /Math\.random\s*\(\s*\)|new\s+Random\s*\(\s*\)/,
+        summary: "Non-cryptographic RNG used (Math.random / Random) — use crypto.randomBytes",
+    },
+    {
+        class: "crypto-weakness",
+        severity: "high",
+        reference: "CWE-321",
+        pattern: /(?:secret|api[_-]?key|password|token|private[_-]?key)\s*=\s*["'][a-zA-Z0-9+/=_-]{16,}["']/i,
+        summary: "Hardcoded credential / secret in source",
+    },
+    // ── INJECTION ──────────────────────────────────────────────────────
+    {
+        class: "injection-sql",
+        severity: "critical",
+        reference: "CWE-89",
+        pattern: /(?:SELECT|INSERT|UPDATE|DELETE)\s+[^;]*?\$\{[^}]+\}|"\s*SELECT[^"]*"\s*\+\s*\w+|f"\s*SELECT[^"]*\{/i,
+        summary: "SQL string concatenation / interpolation — possible injection",
+    },
+    {
+        class: "injection-shell",
+        severity: "critical",
+        reference: "CWE-78",
+        pattern: /(?:exec|spawn|system|popen|os\.system|subprocess\.\w+)\s*\(\s*[^,)]*(?:\$\{|\+\s*\w|input\(|argv\[)/,
+        summary: "Shell exec with concatenated / interpolated input",
+    },
+    {
+        class: "injection-xss",
+        severity: "high",
+        reference: "CWE-79",
+        pattern: /\bdangerouslySetInnerHTML\b|\binnerHTML\s*=\s*[^"'][^;]+(?:input|req\.|params|body)/,
+        summary: "innerHTML / dangerouslySetInnerHTML with user-controlled data",
+    },
+    {
+        class: "injection-xss",
+        severity: "medium",
+        reference: "CWE-95",
+        pattern: /\beval\s*\(\s*[^"')]*(?:input|req\.|params|body|argv)/,
+        summary: "eval() with user-controlled input",
+    },
+    // ── AUTH FLAWS ─────────────────────────────────────────────────────
+    {
+        class: "auth-flaw",
+        severity: "critical",
+        reference: "CWE-798",
+        pattern: /\b(?:Bearer|Basic)\s+[A-Za-z0-9+/=._-]{16,}/,
+        summary: "Hardcoded bearer / basic auth token",
+    },
+    {
+        class: "auth-flaw",
+        severity: "critical",
+        reference: "CWE-347",
+        pattern: /jwt\.(?:decode|verify)\s*\([^,)]+,\s*null|jwt\.decode\s*\(/i,
+        summary: "JWT decoded without signature verification",
+    },
+    {
+        class: "auth-flaw",
+        severity: "high",
+        reference: "CWE-942",
+        pattern: /Access-Control-Allow-Origin[^;]*\*[^;]*Access-Control-Allow-Credentials\s*:\s*true|cors\s*\(\s*\{\s*origin\s*:\s*["']\*/i,
+        summary: "CORS wildcard origin combined with credentials enabled",
+    },
+    // ── FINANCIAL LOGIC (bank-grade) ──────────────────────────────────
+    {
+        class: "financial-logic",
+        severity: "critical",
+        reference: "CWE-190",
+        pattern: /(?:amount|balance|price|cents|usd|thb|eur)\s*[+\-*]\s*(?:amount|balance|price|cents|usd|thb|eur)/i,
+        summary: "Arithmetic on money-typed names — verify overflow + precision",
+    },
+    {
+        class: "financial-logic",
+        severity: "high",
+        reference: "CWE-682",
+        pattern: /Number\s*\(\s*(?:amount|balance|price|fee|tax)|parseFloat\s*\(\s*(?:amount|balance|price|fee|tax)/i,
+        summary: "Money cast to JS Number — precision loss; use BigInt or money lib",
+    },
+    {
+        class: "financial-logic",
+        severity: "high",
+        reference: "CWE-840",
+        pattern: /amount\s*[<>]=?\s*0\b/i, // We want to see if it's a guard or a flaw
+        summary: "Direct comparison of `amount` to 0 — verify negative-amount handling",
+    },
+    // ── SUPPLY CHAIN ───────────────────────────────────────────────────
+    {
+        class: "supply-chain",
+        severity: "medium",
+        reference: "CWE-1357",
+        pattern: /^\+\s*"[^"]+":\s*"(\^|~)?[0-9]+\.[0-9]+\.[0-9]+(?:-[a-zA-Z0-9.-]+)?",?\s*$/m,
+        summary: "Dependency added or version changed — verify it's locked + scanned",
+    },
+    // ── INFO LEAKAGE ───────────────────────────────────────────────────
+    {
+        class: "info-leakage",
+        severity: "medium",
+        reference: "CWE-209",
+        pattern: /console\.log\s*\([^)]*(?:password|token|secret|key|jwt|cookie|session)/i,
+        summary: "Sensitive value logged to console",
+    },
+    {
+        class: "info-leakage",
+        severity: "high",
+        reference: "CWE-209",
+        pattern: /\b(?:err|error|e)\.stack\b.*?(?:res\.send|res\.json|return)/,
+        summary: "Stack trace exposed to client response",
+    },
+    // ── RACE CONDITIONS ────────────────────────────────────────────────
+    {
+        class: "race-condition",
+        severity: "medium",
+        reference: "CWE-362",
+        pattern: /if\s*\([^)]*await[^)]*\)\s*\{[\s\S]{0,200}?await/,
+        summary: "Check-then-await pattern — possible TOCTOU race",
+    },
+    // ── PRIVILEGE ──────────────────────────────────────────────────────
+    {
+        class: "privilege",
+        severity: "high",
+        reference: "CWE-269",
+        pattern: /\bsetuid\s*\(\s*0\s*\)|\bos\.setuid\s*\(/,
+        summary: "Privilege escalation to root via setuid",
+    },
+];
+const FIX_KEYWORDS = /\b(fix|fixes|fixed|patch|patched|secure|security|cve-?\d+|vuln(?:erability)?|exploit|hotfix)\b/i;
+const SECURITY_SUBJECT = /\b(security|cve-?\d+|vuln|exploit|csrf|xss|sqli|rce|sssrf|xxe|auth\s+bypass)\b/i;
+/**
+ * Scan a set of (commit, diffText) pairs for vulnerability patterns.
+ *
+ * If diff text isn't available, we still scan subject + body — useful
+ * for catching "silent fix" commits (commits whose subject says nothing
+ * but whose diff would have matched).
+ */
+export function huntVulnerabilities(inputs) {
+    const hits = [];
+    const silentFixes = [];
+    for (const { commit, diff } of inputs) {
+        const subjectAndBody = `${commit.subject}\n${commit.body || ""}`;
+        const text = `${subjectAndBody}\n${diff || ""}`;
+        const looksLikeFix = FIX_KEYWORDS.test(subjectAndBody);
+        for (const rule of RULES) {
+            const m = rule.pattern.exec(text);
+            if (!m)
+                continue;
+            // For diff-only rules (additionsOnly), require the matched line to
+            // appear after a leading "+" in a diff context.
+            if (rule.additionsOnly !== false && diff) {
+                const line = extractLineAround(text, m.index);
+                if (line && !line.startsWith("+")) {
+                    continue;
+                }
+            }
+            hits.push({
+                commit,
+                class: rule.class,
+                severity: rule.severity,
+                summary: rule.summary,
+                evidence: truncate(m[0], 200),
+                reference: rule.reference,
+                looksLikeFix,
+            });
+        }
+        // Silent-fix detection: subject looks security-related but didn't
+        // raise any rule hits in the same pass — we still record it because
+        // even a "subject hint" is useful for compliance.
+        if (SECURITY_SUBJECT.test(subjectAndBody)) {
+            silentFixes.push(commit);
+        }
+    }
+    const bySeverity = {
+        info: 0,
+        low: 0,
+        medium: 0,
+        high: 0,
+        critical: 0,
+    };
+    const byClass = {};
+    for (const h of hits) {
+        bySeverity[h.severity] += 1;
+        byClass[h.class] = (byClass[h.class] ?? 0) + 1;
+    }
+    return {
+        hits,
+        bySeverity,
+        byClass,
+        silentFixes,
+        scanned: inputs.length,
+    };
+}
+function extractLineAround(text, index) {
+    const start = text.lastIndexOf("\n", index) + 1;
+    const end = text.indexOf("\n", index);
+    return text.slice(start, end < 0 ? undefined : end);
+}
+function truncate(s, n) {
+    return s.length <= n ? s : s.slice(0, n - 1) + "…";
+}
+//# sourceMappingURL=vulnhunt.js.map

package/dist/forensics/vulnhunt.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"vulnhunt.js","sourceRoot":"","sources":["../../src/forensics/vulnhunt.ts"],"names":[],"mappings":"AA6EA,MAAM,KAAK,GAAW;IACpB,uEAAuE;IACvE;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,wBAAwB;QACjC,OAAO,EAAE,2DAA2D;KACrE;IACD;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,+BAA+B;QACxC,OAAO,EAAE,qCAAqC;KAC/C;IACD;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,+CAA+C;QACxD,OAAO,EAAE,4EAA4E;KACtF;IACD;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,4FAA4F;QACrG,OAAO,EAAE,yCAAyC;KACnD;IAED,sEAAsE;IACtE;QACE,KAAK,EAAE,eAAe;QACtB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,QAAQ;QACnB,OAAO,EAAE,qGAAqG;QAC9G,OAAO,EAAE,+DAA+D;KACzE;IACD;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,QAAQ;QACnB,OAAO,EAAE,qGAAqG;QAC9G,OAAO,EAAE,mDAAmD;KAC7D;IACD;QACE,KAAK,EAAE,eAAe;QACtB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,QAAQ;QACnB,OAAO,EAAE,qFAAqF;QAC9F,OAAO,EAAE,+DAA+D;KACzE;IACD;QACE,KAAK,EAAE,eAAe;QACtB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,QAAQ;QACnB,OAAO,EAAE,uDAAuD;QAChE,OAAO,EAAE,mCAAmC;KAC7C;IAED,sEAAsE;IACtE;QACE,KAAK,EAAE,WAAW;QAClB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,6CAA6C;QACtD,OAAO,EAAE,qCAAqC;KAC/C;IACD;QACE,KAAK,EAAE,WAAW;QAClB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,6DAA6D;QACtE,OAAO,EAAE,4CAA4C;KACtD;IACD;QACE,KAAK,EAAE,WAAW;QAClB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,0HAA0H;QACnI,OAAO,EAAE,wDAAwD;KAClE;IAED,qEAAqE;IACrE;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,mGAAmG;QAC5G,OAAO,EAAE,+DAA+D;KACzE;IACD;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,oGAAoG;QAC7G,OAAO,EAAE,mEAAmE;KAC7E;IACD;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,wBAAwB,EAAE,2CAA2C;QAC9E,OAAO,EAAE,sEAAsE;KAChF;IAED,sEAAsE;IACtE;QACE,KAAK,EAAE,cAAc;QACrB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,UAAU;QACrB,OAAO,EAAE,6EAA6E;QACtF,OAAO,EAAE,oEAAoE;KAC9E;IAED,sEAAsE;IACtE;QACE,KAAK,EAAE,cAAc;QACrB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,yEAAyE;QAClF,OAAO,EAAE,mCAAmC;KAC7C;IACD;QACE,KAAK,EAAE,cAAc;QACrB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,6DAA6D;QACtE,OAAO,EAAE,wCAAwC;KAClD;IAED,sEAAsE;IACtE;QACE,KAAK,EAAE,gBAAgB;QACvB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,kDAAkD;QAC3D,OAAO,EAAE,iDAAiD;KAC3D;IAED,sEAAsE;IACtE;QACE,KAAK,EAAE,WAAW;QAClB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,0CAA0C;QACnD,OAAO,EAAE,yCAAyC;KACnD;CACF,CAAC;AAEF,MAAM,YAAY,GAChB,iGAAiG,CAAC;AACpG,MAAM,gBAAgB,GACpB,iFAAiF,CAAC;AAEpF;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAAgD;IAEhD,MAAM,IAAI,GAAc,EAAE,CAAC;IAC3B,MAAM,WAAW,GAAa,EAAE,CAAC;IAEjC,KAAK,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,MAAM,EAAE,CAAC;QACtC,MAAM,cAAc,GAAG,GAAG,MAAM,CAAC,OAAO,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,EAAE,CAAC;QACjE,MAAM,IAAI,GAAG,GAAG,cAAc,KAAK,IAAI,IAAI,EAAE,EAAE,CAAC;QAChD,MAAM,YAAY,GAAG,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAEvD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClC,IAAI,CAAC,CAAC;gBAAE,SAAS;YAEjB,mEAAmE;YACnE,gDAAgD;YAChD,IAAI,IAAI,CAAC,aAAa,KAAK,KAAK,IAAI,IAAI,EAAE,CAAC;gBACzC,MAAM,IAAI,GAAG,iBAAiB,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC;gBAC9C,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;oBAClC,SAAS;gBACX,CAAC;YACH,CAAC;YAED,IAAI,CAAC,IAAI,CAAC;gBACR,MAAM;gBACN,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC;gBAC7B,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,YAAY;aACb,CAAC,CAAC;QACL,CAAC;QAED,kEAAkE;QAClE,oEAAoE;QACpE,kDAAkD;QAClD,IAAI,gBAAgB,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC;YAC1C,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC;IAED,MAAM,UAAU,GAA6B;QAC3C,IAAI,EAAE,CAAC;QACP,GAAG,EAAE,CAAC;QACN,MAAM,EAAE,CAAC;QACT,IAAI,EAAE,CAAC;QACP,QAAQ,EAAE,CAAC;KACZ,CAAC;IACF,MAAM,OAAO,GAAuC,EAAE,CAAC;IACvD,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;QACrB,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC5B,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IACjD,CAAC;IAED,OAAO;QACL,IAAI;QACJ,UAAU;QACV,OAAO;QACP,WAAW;QACX,OAAO,EAAE,MAAM,CAAC,MAAM;KACvB,CAAC;AACJ,CAAC;AAED,SAAS,iBAAiB,CAAC,IAAY,EAAE,KAAa;IACpD,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;IAChD,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IACtC,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AACtD,CAAC;AAED,SAAS,QAAQ,CAAC,CAAS,EAAE,CAAS;IACpC,OAAO,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC;AACrD,CAAC"}

package/dist/guardian/guardian.d.ts

@@ -0,0 +1,93 @@
+/**
+ * Mneme Guardian — the 24/7 self-healing engine.
+ *
+ *   while (true) {
+ *     diagnose();
+ *     fix();
+ *     learn();
+ *     sleep(interval);
+ *   }
+ *
+ * The Guardian is a long-running diagnostic + auto-remediation loop. It
+ * watches for weaknesses (regressions in index quality, drift between
+ * HEAD and the index, missing embeddings, schema-version mismatch) and
+ * threats (data corruption signals, token expiry on remote APIs, secret
+ * patterns slipping through redaction) and applies safe corrective
+ * actions automatically. Anything risky is *logged with a recommendation*
+ * rather than auto-applied.
+ *
+ * Pure data structures + dispatch — no side effects in this module
+ * (file I/O lives in the CLI command). Caller decides whether to
+ * actually apply the recommended action or just observe.
+ *
+ * Design principles:
+ *   • SAFE BY DEFAULT — auto-apply only the actions that are demonstrably
+ *     reversible (re-index, calibrate). Anything that could lose data
+ *     gets recommended, not executed.
+ *   • OBSERVABLE — every diagnosis + action is appended to a JSONL log so
+ *     the operator can audit what the daemon did.
+ *   • DETERMINISTIC — same inputs → same diagnosis. No flaky heuristics.
+ */
+import type { Commit } from "../types.js";
+import type { IndexQualityReport } from "../indexer/quality.js";
+export type WeaknessKind = "drift" | "missing-embeddings" | "low-quality" | "stale-calibration" | "schema-drift" | "token-expiry" | "redaction-gap";
+export type ThreatKind = "tamper" | "secret-leak" | "outlier-author" | "deletion-storm";
+export type Severity = "low" | "medium" | "high" | "critical";
+export type ActionPolicy = "auto" | "recommended" | "observe";
+export interface GuardianFinding {
+    kind: WeaknessKind | ThreatKind;
+    severity: Severity;
+    /** One-line summary for the operator. */
+    message: string;
+    /** Suggested CLI command to apply the fix (if any). */
+    suggestedAction?: string;
+    /** Whether the daemon should auto-apply. */
+    policy: ActionPolicy;
+    /** Free-form structured detail. */
+    detail?: Record<string, unknown>;
+}
+export interface GuardianInput {
+    /** Latest HEAD commits in git (most recent first). */
+    headCommits: Commit[];
+    /** Commits currently indexed (most recent first). */
+    indexedCommits: Commit[];
+    /** Most recent index quality report (if available). */
+    quality: IndexQualityReport | null;
+    /** Last-known good index quality (for regression detection). */
+    lastQualityScore: number | null;
+    /** Schema version recorded in the store. */
+    storeSchemaVersion: number;
+    /** Schema version expected by the running binary. */
+    expectedSchemaVersion: number;
+    /** Number of feedback events since last `mneme calibrate`. */
+    feedbackEventsSinceCalibrate: number;
+    /** Threshold above which calibrate is recommended. Default 25. */
+    feedbackCalibrateThreshold?: number;
+    /** Threshold below which low-quality is flagged (0..1). Default 0.55 (= grade C). */
+    qualityFloor?: number;
+    /** Quality regression threshold (drop in score). Default 0.1. */
+    qualityRegressionThreshold?: number;
+}
+export interface GuardianReport {
+    generatedAt: string;
+    findings: GuardianFinding[];
+    summary: {
+        findings: number;
+        autoActions: number;
+        recommendations: number;
+        threats: number;
+    };
+}
+/**
+ * Run one diagnostic pass. Pure function — same input → same output.
+ *
+ * The CLI wraps this in `while (true)` with a sleep, but the diagnosis
+ * itself is stateless.
+ */
+export declare function diagnose(input: GuardianInput): GuardianReport;
+/**
+ * Decide which findings the daemon should auto-apply this tick. Returns
+ * findings ordered by severity (high → low).
+ */
+export declare function selectAutoActions(report: GuardianReport): GuardianFinding[];
+//# sourceMappingURL=guardian.d.ts.map

package/dist/guardian/guardian.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardian.d.ts","sourceRoot":"","sources":["../../src/guardian/guardian.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAEH,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAEhE,MAAM,MAAM,YAAY,GACpB,OAAO,GACP,oBAAoB,GACpB,aAAa,GACb,mBAAmB,GACnB,cAAc,GACd,cAAc,GACd,eAAe,CAAC;AAEpB,MAAM,MAAM,UAAU,GAClB,QAAQ,GACR,aAAa,GACb,gBAAgB,GAChB,gBAAgB,CAAC;AAErB,MAAM,MAAM,QAAQ,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAE9D,MAAM,MAAM,YAAY,GACpB,MAAM,GACN,aAAa,GACb,SAAS,CAAC;AAEd,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,YAAY,GAAG,UAAU,CAAC;IAChC,QAAQ,EAAE,QAAQ,CAAC;IACnB,yCAAyC;IACzC,OAAO,EAAE,MAAM,CAAC;IAChB,uDAAuD;IACvD,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,4CAA4C;IAC5C,MAAM,EAAE,YAAY,CAAC;IACrB,mCAAmC;IACnC,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAClC;AAED,MAAM,WAAW,aAAa;IAC5B,sDAAsD;IACtD,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,qDAAqD;IACrD,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,uDAAuD;IACvD,OAAO,EAAE,kBAAkB,GAAG,IAAI,CAAC;IACnC,gEAAgE;IAChE,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,4CAA4C;IAC5C,kBAAkB,EAAE,MAAM,CAAC;IAC3B,qDAAqD;IACrD,qBAAqB,EAAE,MAAM,CAAC;IAC9B,8DAA8D;IAC9D,4BAA4B,EAAE,MAAM,CAAC;IACrC,kEAAkE;IAClE,0BAA0B,CAAC,EAAE,MAAM,CAAC;IACpC,qFAAqF;IACrF,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,iEAAiE;IACjE,0BAA0B,CAAC,EAAE,MAAM,CAAC;CACrC;AAED,MAAM,WAAW,cAAc;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,eAAe,EAAE,CAAC;IAC5B,OAAO,EAAE;QACP,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,CAAC;QACpB,eAAe,EAAE,MAAM,CAAC;QACxB,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;CACH;AAED;;;;;GAKG;AACH,wBAAgB,QAAQ,CAAC,KAAK,EAAE,aAAa,GAAG,cAAc,CA0H7D;AAED;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,cAAc,GAAG,eAAe,EAAE,CAU3E"}

package/dist/guardian/guardian.js

@@ -0,0 +1,170 @@
+/**
+ * Mneme Guardian — the 24/7 self-healing engine.
+ *
+ *   while (true) {
+ *     diagnose();
+ *     fix();
+ *     learn();
+ *     sleep(interval);
+ *   }
+ *
+ * The Guardian is a long-running diagnostic + auto-remediation loop. It
+ * watches for weaknesses (regressions in index quality, drift between
+ * HEAD and the index, missing embeddings, schema-version mismatch) and
+ * threats (data corruption signals, token expiry on remote APIs, secret
+ * patterns slipping through redaction) and applies safe corrective
+ * actions automatically. Anything risky is *logged with a recommendation*
+ * rather than auto-applied.
+ *
+ * Pure data structures + dispatch — no side effects in this module
+ * (file I/O lives in the CLI command). Caller decides whether to
+ * actually apply the recommended action or just observe.
+ *
+ * Design principles:
+ *   • SAFE BY DEFAULT — auto-apply only the actions that are demonstrably
+ *     reversible (re-index, calibrate). Anything that could lose data
+ *     gets recommended, not executed.
+ *   • OBSERVABLE — every diagnosis + action is appended to a JSONL log so
+ *     the operator can audit what the daemon did.
+ *   • DETERMINISTIC — same inputs → same diagnosis. No flaky heuristics.
+ */
+/**
+ * Run one diagnostic pass. Pure function — same input → same output.
+ *
+ * The CLI wraps this in `while (true)` with a sleep, but the diagnosis
+ * itself is stateless.
+ */
+export function diagnose(input) {
+    const findings = [];
+    const feedbackThreshold = input.feedbackCalibrateThreshold ?? 25;
+    const qualityFloor = input.qualityFloor ?? 0.55;
+    const qualityRegression = input.qualityRegressionThreshold ?? 0.1;
+    // ── Weakness 1: index drift ────────────────────────────────────────
+    const indexedHashes = new Set(input.indexedCommits.map((c) => c.hash));
+    const driftingCommits = input.headCommits.filter((c) => !indexedHashes.has(c.hash));
+    if (driftingCommits.length > 0) {
+        const sev = driftingCommits.length > 50
+            ? "high"
+            : driftingCommits.length > 10
+                ? "medium"
+                : "low";
+        findings.push({
+            kind: "drift",
+            severity: sev,
+            message: `${driftingCommits.length} commit(s) on HEAD not yet indexed.`,
+            suggestedAction: "mneme index",
+            policy: "auto",
+            detail: {
+                driftingCount: driftingCommits.length,
+                headNewest: input.headCommits[0]?.hash,
+                indexNewest: input.indexedCommits[0]?.hash,
+            },
+        });
+    }
+    // ── Weakness 2: missing embeddings ─────────────────────────────────
+    if (input.quality) {
+        const embedRatio = input.quality.metrics.embedRatio;
+        if (embedRatio < 0.95 && input.quality.indexedChunks > 0) {
+            findings.push({
+                kind: "missing-embeddings",
+                severity: embedRatio < 0.5 ? "high" : "medium",
+                message: `${Math.round((1 - embedRatio) * 100)}% of chunks have no embedding (${input.quality.indexedChunks - input.quality.embeddedChunks} chunks).`,
+                suggestedAction: "mneme index",
+                policy: "auto",
+                detail: { embedRatio },
+            });
+        }
+    }
+    // ── Weakness 3: low overall quality ────────────────────────────────
+    if (input.quality && input.quality.overallScore < qualityFloor) {
+        findings.push({
+            kind: "low-quality",
+            severity: input.quality.overallScore < 0.4 ? "high" : "medium",
+            message: `Index quality grade ${input.quality.grade} (${Math.round(input.quality.overallScore * 100)}/100) is below recommended floor.`,
+            suggestedAction: "mneme heal",
+            policy: "recommended",
+            detail: {
+                score: input.quality.overallScore,
+                grade: input.quality.grade,
+            },
+        });
+    }
+    // ── Weakness 3b: quality regression ────────────────────────────────
+    if (input.quality &&
+        input.lastQualityScore !== null &&
+        input.lastQualityScore - input.quality.overallScore >= qualityRegression) {
+        findings.push({
+            kind: "low-quality",
+            severity: "medium",
+            message: `Index quality dropped from ${Math.round(input.lastQualityScore * 100)} to ${Math.round(input.quality.overallScore * 100)}.`,
+            suggestedAction: "mneme index --analyze",
+            policy: "observe",
+            detail: {
+                before: input.lastQualityScore,
+                after: input.quality.overallScore,
+                regression: input.lastQualityScore - input.quality.overallScore,
+            },
+        });
+    }
+    // ── Weakness 4: stale calibration ──────────────────────────────────
+    if (input.feedbackEventsSinceCalibrate >= feedbackThreshold) {
+        findings.push({
+            kind: "stale-calibration",
+            severity: "low",
+            message: `${input.feedbackEventsSinceCalibrate} feedback events since last calibrate — retrieval knobs may need re-tuning.`,
+            suggestedAction: "mneme calibrate",
+            policy: "auto",
+            detail: {
+                eventsSinceCalibrate: input.feedbackEventsSinceCalibrate,
+                threshold: feedbackThreshold,
+            },
+        });
+    }
+    // ── Weakness 5: schema drift ───────────────────────────────────────
+    if (input.storeSchemaVersion < input.expectedSchemaVersion) {
+        findings.push({
+            kind: "schema-drift",
+            severity: "high",
+            message: `Store schema is v${input.storeSchemaVersion}, binary expects v${input.expectedSchemaVersion}.`,
+            suggestedAction: "mneme index",
+            policy: "auto",
+            detail: {
+                storeVersion: input.storeSchemaVersion,
+                expectedVersion: input.expectedSchemaVersion,
+            },
+        });
+    }
+    const summary = {
+        findings: findings.length,
+        autoActions: findings.filter((f) => f.policy === "auto").length,
+        recommendations: findings.filter((f) => f.policy === "recommended").length,
+        threats: findings.filter((f) => isThreat(f.kind)).length,
+    };
+    return {
+        generatedAt: new Date().toISOString(),
+        findings,
+        summary,
+    };
+}
+/**
+ * Decide which findings the daemon should auto-apply this tick. Returns
+ * findings ordered by severity (high → low).
+ */
+export function selectAutoActions(report) {
+    const order = {
+        critical: 0,
+        high: 1,
+        medium: 2,
+        low: 3,
+    };
+    return report.findings
+        .filter((f) => f.policy === "auto")
+        .sort((a, b) => order[a.severity] - order[b.severity]);
+}
+function isThreat(kind) {
+    return (kind === "tamper" ||
+        kind === "secret-leak" ||
+        kind === "outlier-author" ||
+        kind === "deletion-storm");
+}
+//# sourceMappingURL=guardian.js.map

package/dist/guardian/guardian.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardian.js","sourceRoot":"","sources":["../../src/guardian/guardian.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AA0EH;;;;;GAKG;AACH,MAAM,UAAU,QAAQ,CAAC,KAAoB;IAC3C,MAAM,QAAQ,GAAsB,EAAE,CAAC;IACvC,MAAM,iBAAiB,GAAG,KAAK,CAAC,0BAA0B,IAAI,EAAE,CAAC;IACjE,MAAM,YAAY,GAAG,KAAK,CAAC,YAAY,IAAI,IAAI,CAAC;IAChD,MAAM,iBAAiB,GAAG,KAAK,CAAC,0BAA0B,IAAI,GAAG,CAAC;IAElE,sEAAsE;IACtE,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACvE,MAAM,eAAe,GAAG,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;IACpF,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,MAAM,GAAG,GACP,eAAe,CAAC,MAAM,GAAG,EAAE;YACzB,CAAC,CAAC,MAAM;YACR,CAAC,CAAC,eAAe,CAAC,MAAM,GAAG,EAAE;gBAC3B,CAAC,CAAC,QAAQ;gBACV,CAAC,CAAC,KAAK,CAAC;QACd,QAAQ,CAAC,IAAI,CAAC;YACZ,IAAI,EAAE,OAAO;YACb,QAAQ,EAAE,GAAG;YACb,OAAO,EAAE,GAAG,eAAe,CAAC,MAAM,qCAAqC;YACvE,eAAe,EAAE,aAAa;YAC9B,MAAM,EAAE,MAAM;YACd,MAAM,EAAE;gBACN,aAAa,EAAE,eAAe,CAAC,MAAM;gBACrC,UAAU,EAAE,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,IAAI;gBACtC,WAAW,EAAE,KAAK,CAAC,cAAc,CAAC,CAAC,CAAC,EAAE,IAAI;aAC3C;SACF,CAAC,CAAC;IACL,CAAC;IAED,sEAAsE;IACtE,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;QAClB,MAAM,UAAU,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC;QACpD,IAAI,UAAU,GAAG,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,aAAa,GAAG,CAAC,EAAE,CAAC;YACzD,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,oBAAoB;gBAC1B,QAAQ,EAAE,UAAU,GAAG,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;gBAC9C,OAAO,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,UAAU,CAAC,GAAG,GAAG,CAAC,kCAAkC,KAAK,CAAC,OAAO,CAAC,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,WAAW;gBACrJ,eAAe,EAAE,aAAa;gBAC9B,MAAM,EAAE,MAAM;gBACd,MAAM,EAAE,EAAE,UAAU,EAAE;aACvB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,sEAAsE;IACtE,IAAI,KAAK,CAAC,OAAO,IAAI,KAAK,CAAC,OAAO,CAAC,YAAY,GAAG,YAAY,EAAE,CAAC;QAC/D,QAAQ,CAAC,IAAI,CAAC;YACZ,IAAI,EAAE,aAAa;YACnB,QAAQ,EAAE,KAAK,CAAC,OAAO,CAAC,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;YAC9D,OAAO,EAAE,uBAAuB,KAAK,CAAC,OAAO,CAAC,KAAK,KAAK,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,YAAY,GAAG,GAAG,CAAC,mCAAmC;YACvI,eAAe,EAAE,YAAY;YAC7B,MAAM,EAAE,aAAa;YACrB,MAAM,EAAE;gBACN,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC,YAAY;gBACjC,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC,KAAK;aAC3B;SACF,CAAC,CAAC;IACL,CAAC;IAED,sEAAsE;IACtE,IACE,KAAK,CAAC,OAAO;QACb,KAAK,CAAC,gBAAgB,KAAK,IAAI;QAC/B,KAAK,CAAC,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY,IAAI,iBAAiB,EACxE,CAAC;QACD,QAAQ,CAAC,IAAI,CAAC;YACZ,IAAI,EAAE,aAAa;YACnB,QAAQ,EAAE,QAAQ;YAClB,OAAO,EAAE,8BAA8B,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,gBAAgB,GAAG,GAAG,CAAC,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,YAAY,GAAG,GAAG,CAAC,GAAG;YACrI,eAAe,EAAE,uBAAuB;YACxC,MAAM,EAAE,SAAS;YACjB,MAAM,EAAE;gBACN,MAAM,EAAE,KAAK,CAAC,gBAAgB;gBAC9B,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC,YAAY;gBACjC,UAAU,EAAE,KAAK,CAAC,gBAAgB,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY;aAChE;SACF,CAAC,CAAC;IACL,CAAC;IAED,sEAAsE;IACtE,IAAI,KAAK,CAAC,4BAA4B,IAAI,iBAAiB,EAAE,CAAC;QAC5D,QAAQ,CAAC,IAAI,CAAC;YACZ,IAAI,EAAE,mBAAmB;YACzB,QAAQ,EAAE,KAAK;YACf,OAAO,EAAE,GAAG,KAAK,CAAC,4BAA4B,6EAA6E;YAC3H,eAAe,EAAE,iBAAiB;YAClC,MAAM,EAAE,MAAM;YACd,MAAM,EAAE;gBACN,oBAAoB,EAAE,KAAK,CAAC,4BAA4B;gBACxD,SAAS,EAAE,iBAAiB;aAC7B;SACF,CAAC,CAAC;IACL,CAAC;IAED,sEAAsE;IACtE,IAAI,KAAK,CAAC,kBAAkB,GAAG,KAAK,CAAC,qBAAqB,EAAE,CAAC;QAC3D,QAAQ,CAAC,IAAI,CAAC;YACZ,IAAI,EAAE,cAAc;YACpB,QAAQ,EAAE,MAAM;YAChB,OAAO,EAAE,oBAAoB,KAAK,CAAC,kBAAkB,qBAAqB,KAAK,CAAC,qBAAqB,GAAG;YACxG,eAAe,EAAE,aAAa;YAC9B,MAAM,EAAE,MAAM;YACd,MAAM,EAAE;gBACN,YAAY,EAAE,KAAK,CAAC,kBAAkB;gBACtC,eAAe,EAAE,KAAK,CAAC,qBAAqB;aAC7C;SACF,CAAC,CAAC;IACL,CAAC;IAED,MAAM,OAAO,GAAG;QACd,QAAQ,EAAE,QAAQ,CAAC,MAAM;QACzB,WAAW,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,MAAM;QAC/D,eAAe,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,aAAa,CAAC,CAAC,MAAM;QAC1E,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM;KACzD,CAAC;IAEF,OAAO;QACL,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACrC,QAAQ;QACR,OAAO;KACR,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAAC,MAAsB;IACtD,MAAM,KAAK,GAA6B;QACtC,QAAQ,EAAE,CAAC;QACX,IAAI,EAAE,CAAC;QACP,MAAM,EAAE,CAAC;QACT,GAAG,EAAE,CAAC;KACP,CAAC;IACF,OAAO,MAAM,CAAC,QAAQ;SACnB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC;SAClC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED,SAAS,QAAQ,CAAC,IAA+B;IAC/C,OAAO,CACL,IAAI,KAAK,QAAQ;QACjB,IAAI,KAAK,aAAa;QACtB,IAAI,KAAK,gBAAgB;QACzB,IAAI,KAAK,gBAAgB,CAC1B,CAAC;AACJ,CAAC"}

package/dist/guardian/guardian.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=guardian.test.d.ts.map

package/dist/guardian/guardian.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guardian.test.d.ts","sourceRoot":"","sources":["../../src/guardian/guardian.test.ts"],"names":[],"mappings":""}

package/dist/guardian/guardian.test.js

@@ -0,0 +1,154 @@
+import { describe, it, expect } from "vitest";
+import { diagnose, selectAutoActions } from "./guardian.js";
+function mkCommit(hash, date = "2024-01-01") {
+    return {
+        hash,
+        shortHash: hash.slice(0, 7),
+        authorName: "A",
+        authorEmail: "a@x.com",
+        authorDate: date,
+        committerDate: date,
+        subject: "x",
+        body: "",
+        files: [],
+        parents: [],
+    };
+}
+function mkQuality(score, embedRatio = 1) {
+    return {
+        indexedCommits: 10,
+        indexedChunks: 30,
+        embeddedChunks: Math.round(30 * embedRatio),
+        metrics: {
+            chunkDensity: 1,
+            embedRatio,
+            subjectQuality: 1,
+            bodyRatio: 1,
+            prRatio: 1,
+            issueRatio: 1,
+            duplicateRatio: 0,
+            tokenizerHealth: 1,
+        },
+        overallScore: score,
+        grade: score >= 0.85 ? "A" : score >= 0.7 ? "B" : score >= 0.55 ? "C" : score >= 0.4 ? "D" : "F",
+        recommendations: [],
+    };
+}
+const baseInput = {
+    headCommits: [],
+    indexedCommits: [],
+    quality: mkQuality(0.9),
+    lastQualityScore: 0.9,
+    storeSchemaVersion: 3,
+    expectedSchemaVersion: 3,
+    feedbackEventsSinceCalibrate: 0,
+};
+describe("diagnose", () => {
+    it("returns no findings when everything is healthy", () => {
+        const r = diagnose(baseInput);
+        expect(r.findings).toHaveLength(0);
+        expect(r.summary.autoActions).toBe(0);
+    });
+    it("detects index drift when HEAD has commits not in index", () => {
+        const r = diagnose({
+            ...baseInput,
+            headCommits: [mkCommit("new1"), mkCommit("new2"), mkCommit("indexed")],
+            indexedCommits: [mkCommit("indexed")],
+        });
+        const drift = r.findings.find((f) => f.kind === "drift");
+        expect(drift).toBeDefined();
+        expect(drift.policy).toBe("auto");
+        expect(drift.suggestedAction).toBe("mneme index");
+    });
+    it("escalates drift severity by count", () => {
+        const lots = Array.from({ length: 60 }, (_, i) => mkCommit("c" + i));
+        const r = diagnose({
+            ...baseInput,
+            headCommits: lots,
+            indexedCommits: [],
+        });
+        const drift = r.findings.find((f) => f.kind === "drift");
+        expect(drift.severity).toBe("high");
+    });
+    it("detects missing embeddings", () => {
+        const r = diagnose({
+            ...baseInput,
+            quality: mkQuality(0.9, 0.7),
+        });
+        const missing = r.findings.find((f) => f.kind === "missing-embeddings");
+        expect(missing).toBeDefined();
+        expect(missing.policy).toBe("auto");
+    });
+    it("flags low quality below floor", () => {
+        const r = diagnose({
+            ...baseInput,
+            quality: mkQuality(0.4),
+        });
+        const low = r.findings.find((f) => f.kind === "low-quality");
+        expect(low).toBeDefined();
+        expect(low.policy).toBe("recommended");
+    });
+    it("flags quality regression even when above floor", () => {
+        const r = diagnose({
+            ...baseInput,
+            quality: mkQuality(0.7),
+            lastQualityScore: 0.9,
+        });
+        const reg = r.findings.find((f) => f.kind === "low-quality" &&
+            f.message.toLowerCase().includes("dropped"));
+        expect(reg).toBeDefined();
+    });
+    it("recommends calibrate when feedback accumulates", () => {
+        const r = diagnose({
+            ...baseInput,
+            feedbackEventsSinceCalibrate: 50,
+        });
+        const stale = r.findings.find((f) => f.kind === "stale-calibration");
+        expect(stale).toBeDefined();
+        expect(stale.policy).toBe("auto");
+        expect(stale.suggestedAction).toBe("mneme calibrate");
+    });
+    it("flags schema drift when store < expected", () => {
+        const r = diagnose({
+            ...baseInput,
+            storeSchemaVersion: 2,
+            expectedSchemaVersion: 3,
+        });
+        const sd = r.findings.find((f) => f.kind === "schema-drift");
+        expect(sd).toBeDefined();
+        expect(sd.severity).toBe("high");
+    });
+    it("returns deterministic output for same input", () => {
+        const a = diagnose({
+            ...baseInput,
+            headCommits: [mkCommit("a")],
+            indexedCommits: [],
+        });
+        const b = diagnose({
+            ...baseInput,
+            headCommits: [mkCommit("a")],
+            indexedCommits: [],
+        });
+        expect(a.findings).toEqual(b.findings);
+    });
+});
+describe("selectAutoActions", () => {
+    it("returns only auto-policy findings, sorted by severity", () => {
+        const report = diagnose({
+            ...baseInput,
+            headCommits: [mkCommit("new1")], // low/medium drift → auto
+            indexedCommits: [],
+            storeSchemaVersion: 2, // high schema-drift → auto
+            expectedSchemaVersion: 3,
+            quality: mkQuality(0.4), // medium low-quality → recommended (not auto)
+            feedbackEventsSinceCalibrate: 30, // low stale-calib → auto
+        });
+        const actions = selectAutoActions(report);
+        // High severity should come first
+        expect(actions[0].severity).toBe("high");
+        // No "recommended" findings should be in the auto list
+        for (const a of actions)
+            expect(a.policy).toBe("auto");
+    });
+});
+//# sourceMappingURL=guardian.test.js.map