npm - @neurcode-ai/cli - Versions diffs - 0.9.64 → 0.9.66 - Mend

@neurcode-ai/cli 0.9.64 → 0.9.66

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (323) hide show

package/dist/governance/diff-line-provenance.d.ts ADDED Viewed

@@ -0,0 +1,59 @@
+/**
+ * Diff Line Provenance (Phase 2 — Diff-Scoped Enforcement)
+ *
+ * Builds a per-file index of which line numbers were modified in the current
+ * diff. Used to classify structural violations as either:
+ *
+ *   introducedOnModifiedLine: true  → violation sits on a changed line
+ *                                     → BLOCKING eligible (normal behaviour)
+ *
+ *   introducedOnModifiedLine: false → violation is on an unmodified line
+ *                                     → demoted to ADVISORY, tagged legacyDebt
+ *
+ * Only added diff lines are indexed (type === 'added'). Removed lines are by
+ * definition gone from the file and cannot carry current violations.
+ *
+ * The index is a Map<filePath, Set<1-based line number>> built entirely from
+ * the parsed diff — no disk I/O.
+ */
+import type { DiffFile } from '@neurcode-ai/diff-parser';
+import type { StructuralViolation } from '../structural-rules/types';
+/** Maps relative file path → set of 1-based line numbers that were added/modified. */
+export type ModifiedLineIndex = Map<string, Set<number>>;
+/**
+ * Build a modified-line index from a parsed diff.
+ *
+ * For each file in the diff, collect all line numbers that are 'added' in any
+ * hunk. These are the only lines that could carry new violations.
+ *
+ * Hunk format from diff-parser: each hunk has a `newStart` (1-based line
+ * number of the first line in the post-diff file) and lines with type
+ * 'added' | 'removed' | 'context'.
+ */
+export declare function buildModifiedLineIndex(diffFiles: DiffFile[]): ModifiedLineIndex;
+/**
+ * Classify a structural violation's provenance against the modified-line index.
+ *
+ * Returns a new StructuralViolation (never mutates the input) with:
+ *   - introducedOnModifiedLine set
+ *   - legacyDebt set if demoting
+ *   - severity demoted to ADVISORY if legacyDebt
+ *
+ * @param violation   The raw violation from the rule engine
+ * @param index       The modified-line index for this diff
+ * @param strictMode  If true (--strict-full-file), skip demotion entirely
+ */
+export declare function classifyViolationProvenance(violation: StructuralViolation, index: ModifiedLineIndex, strictMode?: boolean): StructuralViolation;
+/**
+ * Apply provenance classification to a batch of violations.
+ *
+ * @param violations  Raw violations from rule engine
+ * @param index       Modified-line index for this diff
+ * @param strictMode  If true, no demotion applied (--strict-full-file)
+ */
+export declare function applyDiffScopedProvenance(violations: StructuralViolation[], index: ModifiedLineIndex, strictMode?: boolean): {
+    violations: StructuralViolation[];
+    legacyDebtCount: number;
+    newViolationCount: number;
+};
+//# sourceMappingURL=diff-line-provenance.d.ts.map

package/dist/governance/diff-line-provenance.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"diff-line-provenance.d.ts","sourceRoot":"","sources":["../../src/governance/diff-line-provenance.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AACzD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAIrE,sFAAsF;AACtF,MAAM,MAAM,iBAAiB,GAAG,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;AAIzD;;;;;;;;;GASG;AACH,wBAAgB,sBAAsB,CAAC,SAAS,EAAE,QAAQ,EAAE,GAAG,iBAAiB,CA4B/E;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,2BAA2B,CACzC,SAAS,EAAE,mBAAmB,EAC9B,KAAK,EAAE,iBAAiB,EACxB,UAAU,UAAQ,GACjB,mBAAmB,CA0BrB;AAED;;;;;;GAMG;AACH,wBAAgB,yBAAyB,CACvC,UAAU,EAAE,mBAAmB,EAAE,EACjC,KAAK,EAAE,iBAAiB,EACxB,UAAU,UAAQ,GACjB;IACD,UAAU,EAAE,mBAAmB,EAAE,CAAC;IAClC,eAAe,EAAE,MAAM,CAAC;IACxB,iBAAiB,EAAE,MAAM,CAAC;CAC3B,CAgBA"}

package/dist/governance/diff-line-provenance.js ADDED Viewed

@@ -0,0 +1,118 @@
+"use strict";
+/**
+ * Diff Line Provenance (Phase 2 — Diff-Scoped Enforcement)
+ *
+ * Builds a per-file index of which line numbers were modified in the current
+ * diff. Used to classify structural violations as either:
+ *
+ *   introducedOnModifiedLine: true  → violation sits on a changed line
+ *                                     → BLOCKING eligible (normal behaviour)
+ *
+ *   introducedOnModifiedLine: false → violation is on an unmodified line
+ *                                     → demoted to ADVISORY, tagged legacyDebt
+ *
+ * Only added diff lines are indexed (type === 'added'). Removed lines are by
+ * definition gone from the file and cannot carry current violations.
+ *
+ * The index is a Map<filePath, Set<1-based line number>> built entirely from
+ * the parsed diff — no disk I/O.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.buildModifiedLineIndex = buildModifiedLineIndex;
+exports.classifyViolationProvenance = classifyViolationProvenance;
+exports.applyDiffScopedProvenance = applyDiffScopedProvenance;
+// ── Public API ────────────────────────────────────────────────────────────────
+/**
+ * Build a modified-line index from a parsed diff.
+ *
+ * For each file in the diff, collect all line numbers that are 'added' in any
+ * hunk. These are the only lines that could carry new violations.
+ *
+ * Hunk format from diff-parser: each hunk has a `newStart` (1-based line
+ * number of the first line in the post-diff file) and lines with type
+ * 'added' | 'removed' | 'context'.
+ */
+function buildModifiedLineIndex(diffFiles) {
+    const index = new Map();
+    for (const file of diffFiles) {
+        const modifiedLines = new Set();
+        for (const hunk of file.hunks ?? []) {
+            // newStart is the 1-based line number of the first line in the new file
+            let currentNewLine = hunk.newStart ?? 1;
+            for (const line of hunk.lines ?? []) {
+                if (line.type === 'added') {
+                    modifiedLines.add(currentNewLine);
+                    currentNewLine++;
+                }
+                else if (line.type === 'context') {
+                    // Context lines advance the new-file line counter but are not modified
+                    currentNewLine++;
+                }
+                // Removed lines don't appear in the new file, don't advance new counter
+            }
+        }
+        if (modifiedLines.size > 0) {
+            index.set(file.path, modifiedLines);
+        }
+    }
+    return index;
+}
+/**
+ * Classify a structural violation's provenance against the modified-line index.
+ *
+ * Returns a new StructuralViolation (never mutates the input) with:
+ *   - introducedOnModifiedLine set
+ *   - legacyDebt set if demoting
+ *   - severity demoted to ADVISORY if legacyDebt
+ *
+ * @param violation   The raw violation from the rule engine
+ * @param index       The modified-line index for this diff
+ * @param strictMode  If true (--strict-full-file), skip demotion entirely
+ */
+function classifyViolationProvenance(violation, index, strictMode = false) {
+    // In strict full-file mode, do not apply diff-scoping
+    if (strictMode)
+        return violation;
+    const modifiedLines = index.get(violation.filePath);
+    // File not in diff at all — should not happen (we only analyze diff files)
+    // but treat conservatively: do not demote, leave unclassified
+    if (!modifiedLines) {
+        return { ...violation, introducedOnModifiedLine: false, legacyDebt: true, severity: 'ADVISORY' };
+    }
+    const onModifiedLine = modifiedLines.has(violation.line);
+    if (onModifiedLine) {
+        return { ...violation, introducedOnModifiedLine: true };
+    }
+    // Violation is on an unmodified (historical) line — demote
+    return {
+        ...violation,
+        introducedOnModifiedLine: false,
+        legacyDebt: true,
+        // Demote BLOCKING → ADVISORY for legacy debt; ADVISORY stays ADVISORY
+        severity: 'ADVISORY',
+    };
+}
+/**
+ * Apply provenance classification to a batch of violations.
+ *
+ * @param violations  Raw violations from rule engine
+ * @param index       Modified-line index for this diff
+ * @param strictMode  If true, no demotion applied (--strict-full-file)
+ */
+function applyDiffScopedProvenance(violations, index, strictMode = false) {
+    const result = [];
+    let legacyDebtCount = 0;
+    let newViolationCount = 0;
+    for (const v of violations) {
+        const classified = classifyViolationProvenance(v, index, strictMode);
+        result.push(classified);
+        if (classified.legacyDebt) {
+            legacyDebtCount++;
+        }
+        else if (classified.introducedOnModifiedLine === true) {
+            newViolationCount++;
+        }
+    }
+    return { violations: result, legacyDebtCount, newViolationCount };
+}
+//# sourceMappingURL=diff-line-provenance.js.map

package/dist/governance/diff-line-provenance.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"diff-line-provenance.js","sourceRoot":"","sources":["../../src/governance/diff-line-provenance.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;GAiBG;;AAsBH,wDA4BC;AAcD,kEA8BC;AASD,8DAwBC;AArHD,iFAAiF;AAEjF;;;;;;;;;GASG;AACH,SAAgB,sBAAsB,CAAC,SAAqB;IAC1D,MAAM,KAAK,GAAsB,IAAI,GAAG,EAAE,CAAC;IAE3C,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC7B,MAAM,aAAa,GAAG,IAAI,GAAG,EAAU,CAAC;QAExC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,IAAI,EAAE,EAAE,CAAC;YACpC,wEAAwE;YACxE,IAAI,cAAc,GAAG,IAAI,CAAC,QAAQ,IAAI,CAAC,CAAC;YAExC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,IAAI,EAAE,EAAE,CAAC;gBACpC,IAAI,IAAI,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;oBAC1B,aAAa,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;oBAClC,cAAc,EAAE,CAAC;gBACnB,CAAC;qBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;oBACnC,uEAAuE;oBACvE,cAAc,EAAE,CAAC;gBACnB,CAAC;gBACD,wEAAwE;YAC1E,CAAC;QACH,CAAC;QAED,IAAI,aAAa,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YAC3B,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;;;;;;GAWG;AACH,SAAgB,2BAA2B,CACzC,SAA8B,EAC9B,KAAwB,EACxB,UAAU,GAAG,KAAK;IAElB,sDAAsD;IACtD,IAAI,UAAU;QAAE,OAAO,SAAS,CAAC;IAEjC,MAAM,aAAa,GAAG,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;IAEpD,2EAA2E;IAC3E,8DAA8D;IAC9D,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,OAAO,EAAE,GAAG,SAAS,EAAE,wBAAwB,EAAE,KAAK,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;IACnG,CAAC;IAED,MAAM,cAAc,GAAG,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAEzD,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO,EAAE,GAAG,SAAS,EAAE,wBAAwB,EAAE,IAAI,EAAE,CAAC;IAC1D,CAAC;IAED,2DAA2D;IAC3D,OAAO;QACL,GAAG,SAAS;QACZ,wBAAwB,EAAE,KAAK;QAC/B,UAAU,EAAE,IAAI;QAChB,sEAAsE;QACtE,QAAQ,EAAE,UAAU;KACrB,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,yBAAyB,CACvC,UAAiC,EACjC,KAAwB,EACxB,UAAU,GAAG,KAAK;IAMlB,MAAM,MAAM,GAA0B,EAAE,CAAC;IACzC,IAAI,eAAe,GAAG,CAAC,CAAC;IACxB,IAAI,iBAAiB,GAAG,CAAC,CAAC;IAE1B,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;QAC3B,MAAM,UAAU,GAAG,2BAA2B,CAAC,CAAC,EAAE,KAAK,EAAE,UAAU,CAAC,CAAC;QACrE,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACxB,IAAI,UAAU,CAAC,UAAU,EAAE,CAAC;YAC1B,eAAe,EAAE,CAAC;QACpB,CAAC;aAAM,IAAI,UAAU,CAAC,wBAAwB,KAAK,IAAI,EAAE,CAAC;YACxD,iBAAiB,EAAE,CAAC;QACtB,CAAC;IACH,CAAC;IAED,OAAO,EAAE,UAAU,EAAE,MAAM,EAAE,eAAe,EAAE,iBAAiB,EAAE,CAAC;AACpE,CAAC"}

package/dist/governance/pilot-readiness.d.ts ADDED Viewed

@@ -0,0 +1,34 @@
+/**
+ * Pilot Readiness Validator (Phase 6 — Pilot Readiness Hardening)
+ *
+ * Checks that a repository meets all prerequisites for a reliable Neurcode
+ * onboarding. Designed to be runnable in under 10 seconds with no external
+ * network calls.
+ *
+ * Usage: runPilotReadinessCheck(projectRoot) → PilotReadinessReport
+ *
+ * Returns:
+ *   ready:    true if all blockers pass (warnings are non-blocking)
+ *   blockers: list of hard failures that prevent governance from running
+ *   warnings: list of soft issues that degrade experience but don't block
+ */
+export interface PilotReadinessReport {
+    ready: boolean;
+    blockers: string[];
+    warnings: string[];
+    checks: PilotReadinessCheck[];
+    durationMs: number;
+}
+export interface PilotReadinessCheck {
+    name: string;
+    status: 'pass' | 'warn' | 'fail';
+    message: string;
+}
+/**
+ * Run all pilot readiness checks for a repository.
+ *
+ * @param projectRoot  Absolute path to the project root
+ * @returns            PilotReadinessReport with ready flag, blockers, warnings, and per-check results
+ */
+export declare function runPilotReadinessCheck(projectRoot: string): PilotReadinessReport;
+//# sourceMappingURL=pilot-readiness.d.ts.map

package/dist/governance/pilot-readiness.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"pilot-readiness.d.ts","sourceRoot":"","sources":["../../src/governance/pilot-readiness.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAQH,MAAM,WAAW,oBAAoB;IACnC,KAAK,EAAE,OAAO,CAAC;IACf,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,MAAM,EAAE,mBAAmB,EAAE,CAAC;IAC9B,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,CAAC;IACjC,OAAO,EAAE,MAAM,CAAC;CACjB;AAuLD;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,WAAW,EAAE,MAAM,GAAG,oBAAoB,CA6BhF"}

package/dist/governance/pilot-readiness.js ADDED Viewed

@@ -0,0 +1,226 @@
+"use strict";
+/**
+ * Pilot Readiness Validator (Phase 6 — Pilot Readiness Hardening)
+ *
+ * Checks that a repository meets all prerequisites for a reliable Neurcode
+ * onboarding. Designed to be runnable in under 10 seconds with no external
+ * network calls.
+ *
+ * Usage: runPilotReadinessCheck(projectRoot) → PilotReadinessReport
+ *
+ * Returns:
+ *   ready:    true if all blockers pass (warnings are non-blocking)
+ *   blockers: list of hard failures that prevent governance from running
+ *   warnings: list of soft issues that degrade experience but don't block
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.runPilotReadinessCheck = runPilotReadinessCheck;
+const fs_1 = require("fs");
+const path_1 = require("path");
+const child_process_1 = require("child_process");
+// ── Helpers ───────────────────────────────────────────────────────────────────
+function check(name, fn) {
+    try {
+        const result = fn();
+        return { name, ...result };
+    }
+    catch (e) {
+        return {
+            name,
+            status: 'fail',
+            message: `Check threw unexpectedly: ${e instanceof Error ? e.message : String(e)}`,
+        };
+    }
+}
+function nodeVersion() {
+    const v = process.version; // e.g. 'v18.12.0'
+    return parseInt(v.slice(1).split('.')[0] ?? '0', 10);
+}
+// ── Individual checks ─────────────────────────────────────────────────────────
+function checkGitAvailable() {
+    try {
+        (0, child_process_1.execSync)('git --version', { stdio: 'ignore', timeout: 3000 });
+        return { status: 'pass', message: 'git is available.' };
+    }
+    catch {
+        return { status: 'fail', message: 'git is not available in PATH. Neurcode requires git to compute diffs.' };
+    }
+}
+function checkNodeVersion() {
+    const major = nodeVersion();
+    if (major >= 20)
+        return { status: 'pass', message: `Node.js v${major} (≥20 recommended).` };
+    if (major >= 18)
+        return { status: 'pass', message: `Node.js v${major} (supported; v20+ recommended for best performance).` };
+    return { status: 'fail', message: `Node.js v${major} is below minimum requirement (18). Upgrade to Node.js 18 or later.` };
+}
+function checkNeurcodeDir(projectRoot) {
+    const dir = (0, path_1.join)(projectRoot, '.neurcode');
+    if (!(0, fs_1.existsSync)(dir)) {
+        // Not existing is fine — it will be created on first run
+        // But check that the parent directory is writable
+        try {
+            (0, fs_1.accessSync)(projectRoot, fs_1.constants.W_OK);
+            return { status: 'pass', message: '.neurcode/ does not exist yet (will be created on first verify run). Project root is writable.' };
+        }
+        catch {
+            return { status: 'fail', message: `Project root '${projectRoot}' is not writable. Cannot create .neurcode/ directory.` };
+        }
+    }
+    try {
+        (0, fs_1.accessSync)(dir, fs_1.constants.W_OK);
+        return { status: 'pass', message: '.neurcode/ directory exists and is writable.' };
+    }
+    catch {
+        return { status: 'fail', message: '.neurcode/ directory exists but is not writable. Check file permissions.' };
+    }
+}
+function checkPolicyLock(projectRoot) {
+    const lockPath = (0, path_1.join)(projectRoot, '.neurcode', 'neurcode.policy.lock.json');
+    if (!(0, fs_1.existsSync)(lockPath)) {
+        return {
+            status: 'warn',
+            message: 'Policy lock file (neurcode.policy.lock.json) not found. Run `neurcode policy bootstrap` to create it.',
+        };
+    }
+    try {
+        const raw = (0, fs_1.readFileSync)(lockPath, 'utf-8');
+        const parsed = JSON.parse(raw);
+        if (typeof parsed === 'object' && parsed !== null) {
+            return { status: 'pass', message: 'Policy lock file exists and is valid JSON.' };
+        }
+        return { status: 'warn', message: 'Policy lock file exists but content is not a valid JSON object.' };
+    }
+    catch {
+        return { status: 'fail', message: 'Policy lock file exists but is corrupt (invalid JSON). Delete and re-run `neurcode policy bootstrap`.' };
+    }
+}
+function checkCacheHealth(projectRoot) {
+    const cachePath = (0, path_1.join)(projectRoot, '.neurcode', 'structural-cache.json');
+    if (!(0, fs_1.existsSync)(cachePath)) {
+        return { status: 'pass', message: 'No structural cache found (cold start — normal for first run).' };
+    }
+    try {
+        const raw = (0, fs_1.readFileSync)(cachePath, 'utf-8');
+        const parsed = JSON.parse(raw);
+        if (typeof parsed === 'object' &&
+            parsed !== null &&
+            typeof parsed.version === 'number' &&
+            typeof parsed.entries === 'object') {
+            const entryCount = Object.keys(parsed.entries).length;
+            return { status: 'pass', message: `Structural cache exists and is valid (${entryCount} entries).` };
+        }
+        return { status: 'warn', message: 'Structural cache exists but has unexpected format. It will be regenerated on next verify run.' };
+    }
+    catch {
+        return { status: 'warn', message: 'Structural cache file is corrupt. It will be regenerated on next verify run.' };
+    }
+}
+function checkRepoCompatibility(projectRoot) {
+    // Detect potentially unsupported repo configurations
+    const cargoToml = (0, path_1.join)(projectRoot, 'Cargo.toml');
+    const goMod = (0, path_1.join)(projectRoot, 'go.mod');
+    const packageJson = (0, path_1.join)(projectRoot, 'package.json');
+    const requirementsTxt = (0, path_1.join)(projectRoot, 'requirements.txt');
+    const pyprojectToml = (0, path_1.join)(projectRoot, 'pyproject.toml');
+    const pomXml = (0, path_1.join)(projectRoot, 'pom.xml');
+    const detected = [];
+    if ((0, fs_1.existsSync)(packageJson))
+        detected.push('Node.js/TypeScript');
+    if ((0, fs_1.existsSync)(requirementsTxt) || (0, fs_1.existsSync)(pyprojectToml))
+        detected.push('Python');
+    if ((0, fs_1.existsSync)(goMod))
+        detected.push('Go');
+    if ((0, fs_1.existsSync)(pomXml))
+        detected.push('Java/Maven');
+    if ((0, fs_1.existsSync)(cargoToml))
+        detected.push('Rust');
+    if (detected.length === 0) {
+        return {
+            status: 'warn',
+            message: 'No recognized dependency manifest found (package.json, requirements.txt, go.mod, pom.xml). ' +
+                'Repo may be unsupported. Structural rules will run in degraded mode.',
+        };
+    }
+    if ((0, fs_1.existsSync)(cargoToml) && detected.length === 1) {
+        return {
+            status: 'warn',
+            message: 'Pure Rust repository detected. Structural rules currently support TypeScript, JavaScript, and Python. ' +
+                'Policy engine will still run; structural analysis will be limited.',
+        };
+    }
+    return {
+        status: 'pass',
+        message: `Detected ecosystem(s): ${detected.join(', ')}. Structural rules are supported.`,
+    };
+}
+function checkGitRepo(projectRoot) {
+    const gitDir = (0, path_1.join)(projectRoot, '.git');
+    if (!(0, fs_1.existsSync)(gitDir)) {
+        return {
+            status: 'fail',
+            message: 'Not a git repository (no .git directory found). Neurcode requires git history to compute diffs.',
+        };
+    }
+    return { status: 'pass', message: 'Git repository detected.' };
+}
+function checkActivePlan(projectRoot) {
+    // Check for a plan state file — existence indicates a plan is linked
+    const stateFile = (0, path_1.join)(projectRoot, '.neurcode', 'state.json');
+    if (!(0, fs_1.existsSync)(stateFile)) {
+        return {
+            status: 'warn',
+            message: 'No Neurcode state file found. Run `neurcode plan` to set an intent before verifying. ' +
+                'Without a plan, verify runs in advisory-only mode.',
+        };
+    }
+    try {
+        const raw = (0, fs_1.readFileSync)(stateFile, 'utf-8');
+        const state = JSON.parse(raw);
+        const planId = state.activePlanId ?? state.planId;
+        if (planId && typeof planId === 'string') {
+            return { status: 'pass', message: `Active plan detected: ${planId.slice(0, 16)}...` };
+        }
+        return {
+            status: 'warn',
+            message: 'State file found but no active plan linked. Run `neurcode plan` to set intent.',
+        };
+    }
+    catch {
+        return { status: 'warn', message: 'State file is unreadable. Run `neurcode plan` to re-link a plan.' };
+    }
+}
+// ── Main entry point ──────────────────────────────────────────────────────────
+/**
+ * Run all pilot readiness checks for a repository.
+ *
+ * @param projectRoot  Absolute path to the project root
+ * @returns            PilotReadinessReport with ready flag, blockers, warnings, and per-check results
+ */
+function runPilotReadinessCheck(projectRoot) {
+    const startMs = Date.now();
+    const checks = [
+        check('git-available', () => checkGitAvailable()),
+        check('git-repository', () => checkGitRepo(projectRoot)),
+        check('node-version', () => checkNodeVersion()),
+        check('neurcode-dir', () => checkNeurcodeDir(projectRoot)),
+        check('repo-compatibility', () => checkRepoCompatibility(projectRoot)),
+        check('policy-lock', () => checkPolicyLock(projectRoot)),
+        check('cache-health', () => checkCacheHealth(projectRoot)),
+        check('active-plan', () => checkActivePlan(projectRoot)),
+    ];
+    const blockers = checks
+        .filter(c => c.status === 'fail')
+        .map(c => `[${c.name}] ${c.message}`);
+    const warnings = checks
+        .filter(c => c.status === 'warn')
+        .map(c => `[${c.name}] ${c.message}`);
+    return {
+        ready: blockers.length === 0,
+        blockers,
+        warnings,
+        checks,
+        durationMs: Date.now() - startMs,
+    };
+}
+//# sourceMappingURL=pilot-readiness.js.map

package/dist/governance/pilot-readiness.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"pilot-readiness.js","sourceRoot":"","sources":["../../src/governance/pilot-readiness.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;GAaG;;AAiNH,wDA6BC;AA5OD,2BAA+E;AAC/E,+BAA4B;AAC5B,iDAAyC;AAkBzC,iFAAiF;AAEjF,SAAS,KAAK,CACZ,IAAY,EACZ,EAA+D;IAE/D,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,EAAE,EAAE,CAAC;QACpB,OAAO,EAAE,IAAI,EAAE,GAAG,MAAM,EAAE,CAAC;IAC7B,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,OAAO;YACL,IAAI;YACJ,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,6BAA6B,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;SACnF,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,WAAW;IAClB,MAAM,CAAC,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,kBAAkB;IAC7C,OAAO,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,EAAE,EAAE,CAAC,CAAC;AACvD,CAAC;AAED,iFAAiF;AAEjF,SAAS,iBAAiB;IACxB,IAAI,CAAC;QACH,IAAA,wBAAQ,EAAC,eAAe,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QAC9D,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,mBAAmB,EAAE,CAAC;IAC1D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,uEAAuE,EAAE,CAAC;IAC9G,CAAC;AACH,CAAC;AAED,SAAS,gBAAgB;IACvB,MAAM,KAAK,GAAG,WAAW,EAAE,CAAC;IAC5B,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,KAAK,qBAAqB,EAAE,CAAC;IAC5F,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,KAAK,sDAAsD,EAAE,CAAC;IAC7H,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,KAAK,qEAAqE,EAAE,CAAC;AAC7H,CAAC;AAED,SAAS,gBAAgB,CAAC,WAAmB;IAC3C,MAAM,GAAG,GAAG,IAAA,WAAI,EAAC,WAAW,EAAE,WAAW,CAAC,CAAC;IAC3C,IAAI,CAAC,IAAA,eAAU,EAAC,GAAG,CAAC,EAAE,CAAC;QACrB,yDAAyD;QACzD,kDAAkD;QAClD,IAAI,CAAC;YACH,IAAA,eAAU,EAAC,WAAW,EAAE,cAAS,CAAC,IAAI,CAAC,CAAC;YACxC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,gGAAgG,EAAE,CAAC;QACvI,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,iBAAiB,WAAW,wDAAwD,EAAE,CAAC;QAC3H,CAAC;IACH,CAAC;IACD,IAAI,CAAC;QACH,IAAA,eAAU,EAAC,GAAG,EAAE,cAAS,CAAC,IAAI,CAAC,CAAC;QAChC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,8CAA8C,EAAE,CAAC;IACrF,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,0EAA0E,EAAE,CAAC;IACjH,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,WAAmB;IAC1C,MAAM,QAAQ,GAAG,IAAA,WAAI,EAAC,WAAW,EAAE,WAAW,EAAE,2BAA2B,CAAC,CAAC;IAC7E,IAAI,CAAC,IAAA,eAAU,EAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,OAAO;YACL,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,uGAAuG;SACjH,CAAC;IACJ,CAAC;IACD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAA,iBAAY,EAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC5C,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAY,CAAC;QAC1C,IAAI,OAAO,MAAM,KAAK,QAAQ,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;YAClD,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,4CAA4C,EAAE,CAAC;QACnF,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,iEAAiE,EAAE,CAAC;IACxG,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,uGAAuG,EAAE,CAAC;IAC9I,CAAC;AACH,CAAC;AAED,SAAS,gBAAgB,CAAC,WAAmB;IAC3C,MAAM,SAAS,GAAG,IAAA,WAAI,EAAC,WAAW,EAAE,WAAW,EAAE,uBAAuB,CAAC,CAAC;IAC1E,IAAI,CAAC,IAAA,eAAU,EAAC,SAAS,CAAC,EAAE,CAAC;QAC3B,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,gEAAgE,EAAE,CAAC;IACvG,CAAC;IACD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAA,iBAAY,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAC7C,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAY,CAAC;QAC1C,IACE,OAAO,MAAM,KAAK,QAAQ;YAC1B,MAAM,KAAK,IAAI;YACf,OAAQ,MAAkC,CAAC,OAAO,KAAK,QAAQ;YAC/D,OAAQ,MAAkC,CAAC,OAAO,KAAK,QAAQ,EAC/D,CAAC;YACD,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAE,MAA+C,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;YAChG,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,yCAAyC,UAAU,YAAY,EAAE,CAAC;QACtG,CAAC;QACD,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,+FAA+F,EAAE,CAAC;IACtI,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,8EAA8E,EAAE,CAAC;IACrH,CAAC;AACH,CAAC;AAED,SAAS,sBAAsB,CAAC,WAAmB;IACjD,qDAAqD;IACrD,MAAM,SAAS,GAAG,IAAA,WAAI,EAAC,WAAW,EAAE,YAAY,CAAC,CAAC;IAClD,MAAM,KAAK,GAAG,IAAA,WAAI,EAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAC1C,MAAM,WAAW,GAAG,IAAA,WAAI,EAAC,WAAW,EAAE,cAAc,CAAC,CAAC;IACtD,MAAM,eAAe,GAAG,IAAA,WAAI,EAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;IAC9D,MAAM,aAAa,GAAG,IAAA,WAAI,EAAC,WAAW,EAAE,gBAAgB,CAAC,CAAC;IAC1D,MAAM,MAAM,GAAG,IAAA,WAAI,EAAC,WAAW,EAAE,SAAS,CAAC,CAAC;IAE5C,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,IAAI,IAAA,eAAU,EAAC,WAAW,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACjE,IAAI,IAAA,eAAU,EAAC,eAAe,CAAC,IAAI,IAAA,eAAU,EAAC,aAAa,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACtF,IAAI,IAAA,eAAU,EAAC,KAAK,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC3C,IAAI,IAAA,eAAU,EAAC,MAAM,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACpD,IAAI,IAAA,eAAU,EAAC,SAAS,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAEjD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO;YACL,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,6FAA6F;gBAC7F,sEAAsE;SAChF,CAAC;IACJ,CAAC;IAED,IAAI,IAAA,eAAU,EAAC,SAAS,CAAC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACnD,OAAO;YACL,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,wGAAwG;gBACxG,oEAAoE;SAC9E,CAAC;IACJ,CAAC;IAED,OAAO;QACL,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,0BAA0B,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,mCAAmC;KAC1F,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,WAAmB;IACvC,MAAM,MAAM,GAAG,IAAA,WAAI,EAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IACzC,IAAI,CAAC,IAAA,eAAU,EAAC,MAAM,CAAC,EAAE,CAAC;QACxB,OAAO;YACL,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,iGAAiG;SAC3G,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,0BAA0B,EAAE,CAAC;AACjE,CAAC;AAED,SAAS,eAAe,CAAC,WAAmB;IAC1C,qEAAqE;IACrE,MAAM,SAAS,GAAG,IAAA,WAAI,EAAC,WAAW,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC;IAC/D,IAAI,CAAC,IAAA,eAAU,EAAC,SAAS,CAAC,EAAE,CAAC;QAC3B,OAAO;YACL,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,uFAAuF;gBACvF,oDAAoD;SAC9D,CAAC;IACJ,CAAC;IACD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAA,iBAAY,EAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAC7C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAA4B,CAAC;QACzD,MAAM,MAAM,GAAG,KAAK,CAAC,YAAY,IAAI,KAAK,CAAC,MAAM,CAAC;QAClD,IAAI,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YACzC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,yBAAyB,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,CAAC;QACxF,CAAC;QACD,OAAO;YACL,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,gFAAgF;SAC1F,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,kEAAkE,EAAE,CAAC;IACzG,CAAC;AACH,CAAC;AAED,iFAAiF;AAEjF;;;;;GAKG;AACH,SAAgB,sBAAsB,CAAC,WAAmB;IACxD,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE3B,MAAM,MAAM,GAA0B;QACpC,KAAK,CAAC,eAAe,EAAO,GAAG,EAAE,CAAC,iBAAiB,EAAE,CAAC;QACtD,KAAK,CAAC,gBAAgB,EAAM,GAAG,EAAE,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC;QAC5D,KAAK,CAAC,cAAc,EAAQ,GAAG,EAAE,CAAC,gBAAgB,EAAE,CAAC;QACrD,KAAK,CAAC,cAAc,EAAQ,GAAG,EAAE,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;QAChE,KAAK,CAAC,oBAAoB,EAAE,GAAG,EAAE,CAAC,sBAAsB,CAAC,WAAW,CAAC,CAAC;QACtE,KAAK,CAAC,aAAa,EAAS,GAAG,EAAE,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC;QAC/D,KAAK,CAAC,cAAc,EAAQ,GAAG,EAAE,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC;QAChE,KAAK,CAAC,aAAa,EAAS,GAAG,EAAE,CAAC,eAAe,CAAC,WAAW,CAAC,CAAC;KAChE,CAAC;IAEF,MAAM,QAAQ,GAAG,MAAM;SACpB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC;SAChC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;IAExC,MAAM,QAAQ,GAAG,MAAM;SACpB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC;SAChC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;IAExC,OAAO;QACL,KAAK,EAAE,QAAQ,CAAC,MAAM,KAAK,CAAC;QAC5B,QAAQ;QACR,QAAQ;QACR,MAAM;QACN,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO;KACjC,CAAC;AACJ,CAAC"}

package/dist/governance/policy-parity-validator.d.ts ADDED Viewed

@@ -0,0 +1,62 @@
+/**
+ * Policy Enforcement Parity Validator
+ *
+ * Closes the governance theatre gap: a policy can appear in policy.yml
+ * claiming "deterministic" enforcement, but have zero structural rule
+ * implementation. This validator surfaces those mismatches explicitly.
+ *
+ * Benchmark finding (Apache Airflow, 2026-05-12):
+ *   7 of 15 policies were unenforced. Enterprise teams believed those
+ *   policies were being checked. They were not.
+ *
+ * This module is called from `neurcode verify --policy-only` to emit
+ * GOV_PARITY_MISMATCH advisory findings for every enforcement gap.
+ */
+export type EnforcementType = 'deterministic' | 'advisory' | 'semantic' | 'none';
+export interface PolicyParityEntry {
+    ruleId: string;
+    name?: string;
+    enforcementType: EnforcementType;
+    hasStructuralImpl: boolean;
+    hasPolicyEngineImpl: boolean;
+}
+export interface PolicyParityReport {
+    totalPolicies: number;
+    deterministicCount: number;
+    advisoryCount: number;
+    semanticCount: number;
+    noneCount: number;
+    /** Percentage of policies with deterministic structural enforcement (0-100) */
+    coveragePct: number;
+    /** Policies claiming deterministic but with no registered implementation */
+    unenforced: string[];
+    /** All entries with full detail */
+    entries: PolicyParityEntry[];
+}
+export interface ParityMismatchFinding {
+    ruleId: string;
+    policyName?: string;
+    message: string;
+    severity: 'advisory';
+    governanceCode: 'GOV_PARITY_MISMATCH';
+}
+/**
+ * Validate enforcement parity between policy declarations and the structural rule engine.
+ *
+ * @param policyRules - Rules from the compiled/loaded policy (array of { id, name, enforcementType? })
+ * @param registeredStructuralRuleIds - Set of rule IDs currently registered in StructuralRuleEngine
+ * @returns PolicyParityReport + mismatch findings (one per unenforced deterministic policy)
+ */
+export declare function validatePolicyEnforcementParity(policyRules: Array<{
+    id: string;
+    name?: string;
+    enforcementType?: string;
+}>, registeredStructuralRuleIds: Set<string>): {
+    report: PolicyParityReport;
+    findings: ParityMismatchFinding[];
+};
+/**
+ * Generate a compact governance coverage summary string for CLI output.
+ */
+export declare function formatParityReport(report: PolicyParityReport): string;
+//# sourceMappingURL=policy-parity-validator.d.ts.map

package/dist/governance/policy-parity-validator.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"policy-parity-validator.d.ts","sourceRoot":"","sources":["../../src/governance/policy-parity-validator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,MAAM,MAAM,eAAe,GAAG,eAAe,GAAG,UAAU,GAAG,UAAU,GAAG,MAAM,CAAC;AAEjF,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,eAAe,EAAE,eAAe,CAAC;IACjC,iBAAiB,EAAE,OAAO,CAAC;IAC3B,mBAAmB,EAAE,OAAO,CAAC;CAC9B;AAED,MAAM,WAAW,kBAAkB;IACjC,aAAa,EAAE,MAAM,CAAC;IACtB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,+EAA+E;IAC/E,WAAW,EAAE,MAAM,CAAC;IACpB,4EAA4E;IAC5E,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,mCAAmC;IACnC,OAAO,EAAE,iBAAiB,EAAE,CAAC;CAC9B;AAED,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,UAAU,CAAC;IACrB,cAAc,EAAE,qBAAqB,CAAC;CACvC;AAED;;;;;;GAMG;AACH,wBAAgB,+BAA+B,CAC7C,WAAW,EAAE,KAAK,CAAC;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,IAAI,CAAC,EAAE,MAAM,CAAC;IAAC,eAAe,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,EAC3E,2BAA2B,EAAE,GAAG,CAAC,MAAM,CAAC,GACvC;IAAE,MAAM,EAAE,kBAAkB,CAAC;IAAC,QAAQ,EAAE,qBAAqB,EAAE,CAAA;CAAE,CAsEnE;AA4BD;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,kBAAkB,GAAG,MAAM,CAWrE"}