@oscharko-dev/keiko-workflows 0.2.0

package/dist/bug-investigation/failure-parse.js

@@ -0,0 +1,154 @@
+// Failure-output parsing (ADR-0009 D7, NEW seam). Extracts candidate source frames and short
+// error/assertion messages from a bug report's failingOutput + stackTrace, and merges the
+// developer-provided targetFiles as line-less seed frames. The extracted frames are VERIFIED FACTS
+// (what the tool parsed, not a model claim) and seed both context selection (D8) and the report.
+//
+// SECURITY (CodeQL js/polynomial-redos, steering note F): failure output is attacker-influenceable
+// (a failing test can print arbitrary text), so this parser uses ONLY bounded, line-oriented string
+// ops — split('\n'), indexOf/lastIndexOf, slice, a right-split on ':', and an all-digit check. The
+// single regex used (ALL_DIGITS) is a bounded character class with NO nested quantifiers and NO
+// `.*` alternation, so there is no super-linear backtracking surface. Line count and per-line work
+// are both capped. Pure: no IO, no clock, no RNG.
+// Caps that bound total work regardless of input size.
+const MAX_LINES_SCANNED = 2_000;
+export const MAX_FRAMES = 25;
+const MAX_MESSAGES = 10;
+const MAX_MESSAGE_LENGTH = 200;
+const ALL_DIGITS = /^[0-9]+$/;
+const FILE_URL_PREFIX = "file://";
+const MESSAGE_MARKERS = [
+    "assertionerror",
+    "error:",
+    "expected",
+    "typeerror",
+    "referenceerror",
+    "✕",
+    "×",
+    "fail",
+    "●",
+];
+function toPosix(value) {
+    return value.split("\\").join("/");
+}
+// Parses a numeric line number from a token, or undefined when the token is not all-digits.
+function toLine(token) {
+    if (token === undefined || token.length === 0 || !ALL_DIGITS.test(token)) {
+        return undefined;
+    }
+    return Number(token);
+}
+// Strips a leading `file://` URL prefix from a location token. `file:///repo/x.ts` -> `/repo/x.ts`.
+function stripFileUrl(location) {
+    if (!location.startsWith(FILE_URL_PREFIX)) {
+        return location;
+    }
+    const afterScheme = location.slice(FILE_URL_PREFIX.length);
+    // file:///path keeps the leading slash of the absolute path; file://host/path is not expected
+    // from runtimes here, so we keep everything after the scheme verbatim.
+    return afterScheme;
+}
+// Peels `:line:col` off the END of a location token using a right-split, returning the file path
+// and the numeric line (when present). `src/x.ts:3:10` -> { file: "src/x.ts", line: 3 }. A token
+// with no numeric `:line` segment yields no frame.
+function peelLocation(rawLocation) {
+    const location = stripFileUrl(rawLocation.trim());
+    const lastColon = location.lastIndexOf(":");
+    if (lastColon <= 0) {
+        return undefined;
+    }
+    const beforeCol = location.slice(0, lastColon);
+    const lineColon = beforeCol.lastIndexOf(":");
+    // Case `file:line:col`: peel col then line.
+    const lineToken = lineColon <= 0 ? undefined : beforeCol.slice(lineColon + 1);
+    const line = toLine(lineToken);
+    if (line !== undefined) {
+        const file = toPosix(beforeCol.slice(0, lineColon));
+        return file.length === 0 ? undefined : { file, line };
+    }
+    // Case `file:line` (no col): the token after the last colon is the line.
+    const lineOnly = toLine(location.slice(lastColon + 1));
+    if (lineOnly !== undefined) {
+        const file = toPosix(beforeCol);
+        return file.length === 0 ? undefined : { file, line: lineOnly };
+    }
+    return undefined;
+}
+// Extracts the location token from a stack-frame line. Handles `at fn (loc)`, `at loc`, and a bare
+// `loc` line, all via plain indexOf/slice (no regex).
+function locationToken(line) {
+    const trimmed = line.trim();
+    const open = trimmed.lastIndexOf("(");
+    if (open !== -1) {
+        const close = trimmed.indexOf(")", open + 1);
+        if (close !== -1) {
+            return trimmed.slice(open + 1, close);
+        }
+    }
+    const at = "at ";
+    if (trimmed.startsWith(at)) {
+        return trimmed.slice(at.length).trim();
+    }
+    return trimmed;
+}
+function isMessageLine(lower) {
+    return MESSAGE_MARKERS.some((marker) => lower.includes(marker));
+}
+function pushFrame(acc, frame) {
+    const key = `${frame.file}:${frame.line === undefined ? "" : String(frame.line)}`;
+    if (acc.seen.has(key) || acc.frames.length >= MAX_FRAMES) {
+        return;
+    }
+    acc.seen.add(key);
+    acc.frames.push(frame);
+}
+function pushMessage(acc, line) {
+    if (acc.messages.length >= MAX_MESSAGES) {
+        return;
+    }
+    acc.messages.push(line.trim().slice(0, MAX_MESSAGE_LENGTH));
+}
+function scanLine(acc, line) {
+    const token = locationToken(line);
+    const frame = token === undefined ? undefined : peelLocation(token);
+    if (frame !== undefined) {
+        pushFrame(acc, frame);
+    }
+    if (isMessageLine(line.toLowerCase())) {
+        pushMessage(acc, line);
+    }
+}
+function scanText(acc, text) {
+    if (text === undefined) {
+        return;
+    }
+    let start = 0;
+    let scanned = 0;
+    while (scanned < MAX_LINES_SCANNED && start <= text.length) {
+        const newline = text.indexOf("\n", start);
+        const end = newline === -1 ? text.length : newline;
+        scanLine(acc, text.slice(start, end));
+        scanned += 1;
+        if (newline === -1) {
+            break;
+        }
+        start = newline + 1;
+    }
+}
+function mergeTargetFiles(acc, targetFiles) {
+    if (targetFiles === undefined) {
+        return;
+    }
+    for (const raw of targetFiles) {
+        const file = toPosix(raw.trim());
+        if (file.length > 0) {
+            pushFrame(acc, { file, line: undefined });
+        }
+    }
+}
+export function parseFailureEvidence(report) {
+    const acc = { frames: [], messages: [], seen: new Set() };
+    scanText(acc, report.failingOutput);
+    scanText(acc, report.stackTrace);
+    mergeTargetFiles(acc, report.targetFiles);
+    return { frames: acc.frames, messages: acc.messages };
+}

package/dist/bug-investigation/guard.d.ts

@@ -0,0 +1,3 @@
+export declare function isSensitivePath(relPath: string): boolean;
+export declare function isElevatedReviewPath(relPath: string): boolean;
+//# sourceMappingURL=guard.d.ts.map

package/dist/bug-investigation/guard.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"guard.d.ts","sourceRoot":"","sources":["../../src/bug-investigation/guard.ts"],"names":[],"mappings":"AAwDA,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAUxD;AAKD,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAM7D"}

package/dist/bug-investigation/guard.js

@@ -0,0 +1,69 @@
+// The bug-fix scope guard's path predicates (ADR-0009 D6). A bug fix legitimately edits production
+// source, so #8's test-files-only guard does NOT apply. Instead this module provides two pure
+// predicates that bound prompt-injection blast radius WITHOUT modifying #6:
+//   - isSensitivePath: reject traversal/absolute (fail-closed), .github/, .husky/, and lockfiles —
+//     paths #6's deny-list does NOT cover but that a prompt-injected "fix" must never touch.
+//   - isElevatedReviewPath: manifest/config edits are ALLOWED but surfaced for elevated review.
+// The change-budget half of D6 is enforced via the #6 PatchLimits override seam (in model-loop.ts).
+//
+// SECURITY (CodeQL js/polynomial-redos): ALL checks use plain string ops (split, startsWith,
+// equality, toLowerCase) — ZERO regex — so there is no ReDoS surface. Checks 2-4 are case-
+// insensitive (matching #6 isDenied) so a case-only variant cannot bypass the guard on
+// case-insensitive filesystems (macOS/Windows); the traversal check is case-invariant by nature.
+const LOCKFILE_BASENAMES = [
+    "package-lock.json",
+    "npm-shrinkwrap.json",
+    "yarn.lock",
+    "pnpm-lock.yaml",
+];
+const SENSITIVE_DIRS = [".github", ".husky"];
+function toPosix(relPath) {
+    return relPath.split("\\").join("/");
+}
+// Copies #8's isTraversal logic EXACTLY: an absolute leading slash or any `..` segment can resolve
+// to a file OUTSIDE the apparent location after #6 resolveWithinWorkspace collapses it. Rejected
+// fail-closed BEFORE the case-folded checks so the guarded path matches what #6 would write.
+function isTraversal(posixPath) {
+    return posixPath.startsWith("/") || posixPath.split("/").includes("..");
+}
+function basename(posixPath) {
+    const slash = posixPath.lastIndexOf("/");
+    return slash === -1 ? posixPath : posixPath.slice(slash + 1);
+}
+function underSensitiveDir(lower) {
+    return SENSITIVE_DIRS.some((dir) => lower === dir || lower.startsWith(`${dir}/`));
+}
+// Drops `.` and empty ("//") segments so the guard sees the SAME form #6 resolveWithinWorkspace
+// collapses to. Without this, `./.husky/pre-commit` and `.//.github/x` slip past the dir/basename
+// checks (they don't literally start with `.github/`/`.husky/`) yet #6 writes the real protected
+// file (security fix C1). Run only AFTER isTraversal has fail-closed `..`/leading-`/` on the raw
+// path. Pure string ops — no regex.
+function normalizePosix(posixPath) {
+    return posixPath
+        .split("/")
+        .filter((segment) => segment !== "" && segment !== ".")
+        .join("/");
+}
+// The sensitive-path guard (D6 bound 2). Returns true when the path must be rejected as
+// out-of-scope. Manifest/config edits are NOT sensitive (see isElevatedReviewPath).
+export function isSensitivePath(relPath) {
+    const posixPath = toPosix(relPath);
+    if (isTraversal(posixPath)) {
+        return true;
+    }
+    const lower = normalizePosix(posixPath).toLowerCase();
+    if (underSensitiveDir(lower)) {
+        return true;
+    }
+    return LOCKFILE_BASENAMES.includes(basename(lower));
+}
+// Manifest/config edits a fix may legitimately need. ALLOWED, but flagged so the report surfaces
+// them as an elevated-review item. A pure basename predicate (case-insensitive). Normalizes `./`
+// and `//` segments first so a `./package.json` form is flagged identically to `package.json`.
+export function isElevatedReviewPath(relPath) {
+    const base = basename(normalizePosix(toPosix(relPath)).toLowerCase());
+    if (base === "package.json") {
+        return true;
+    }
+    return base.startsWith("tsconfig") && base.endsWith(".json");
+}

package/dist/bug-investigation/index.d.ts

@@ -0,0 +1,8 @@
+export { investigateBug } from "./workflow.js";
+export { assembleBugReport, renderBugMarkdownReport, type BugReportParts } from "./report.js";
+export { BUG_INVESTIGATION_WORKFLOW_DESCRIPTOR } from "./descriptor.js";
+export { isSensitivePath, isElevatedReviewPath } from "./guard.js";
+export { parseFailureEvidence, MAX_FRAMES } from "./failure-parse.js";
+export { DEFAULT_BUG_WORKFLOW_LIMITS, type BugInvestigationInput, type BugInvestigationDeps, type BugInvestigationReport, type BugReportInput, type BugWorkflowLimits, type BugWorkflowStatus, type ChangedFile, type FailureEvidence, type FailureFrame, type Hypothesis, type ParsedBugOutput, type VerifiedFindings, } from "./types.js";
+export type { BugContextSelectedEvent, BugInvestigationCompletedEvent, BugInvestigationEvent, BugInvestigationFailedEvent, BugInvestigationStartedEvent, BugModelCallCompletedEvent, BugModelCallStartedEvent, BugPatchAppliedEvent, BugPatchValidatedEvent, BugVerificationResultEvent, BugWorkflowEventSink, FailureParsedEvent, RootCauseProposedEvent, } from "./events.js";
+//# sourceMappingURL=index.d.ts.map

package/dist/bug-investigation/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/bug-investigation/index.ts"],"names":[],"mappings":"AAQA,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAE/C,OAAO,EAAE,iBAAiB,EAAE,uBAAuB,EAAE,KAAK,cAAc,EAAE,MAAM,aAAa,CAAC;AAE9F,OAAO,EAAE,qCAAqC,EAAE,MAAM,iBAAiB,CAAC;AAExE,OAAO,EAAE,eAAe,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAEnE,OAAO,EAAE,oBAAoB,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAEtE,OAAO,EACL,2BAA2B,EAC3B,KAAK,qBAAqB,EAC1B,KAAK,oBAAoB,EACzB,KAAK,sBAAsB,EAC3B,KAAK,cAAc,EACnB,KAAK,iBAAiB,EACtB,KAAK,iBAAiB,EACtB,KAAK,WAAW,EAChB,KAAK,eAAe,EACpB,KAAK,YAAY,EACjB,KAAK,UAAU,EACf,KAAK,eAAe,EACpB,KAAK,gBAAgB,GACtB,MAAM,YAAY,CAAC;AAEpB,YAAY,EACV,uBAAuB,EACvB,8BAA8B,EAC9B,qBAAqB,EACrB,2BAA2B,EAC3B,4BAA4B,EAC5B,0BAA0B,EAC1B,wBAAwB,EACxB,oBAAoB,EACpB,sBAAsB,EACtB,0BAA0B,EAC1B,oBAAoB,EACpB,kBAAkB,EAClB,sBAAsB,GACvB,MAAM,aAAa,CAAC"}

package/dist/bug-investigation/index.js

@@ -0,0 +1,13 @@
+// Public barrel for the bug-investigation workflow (ADR-0009 D1). Re-exports the single entry
+// (investigateBug), the static UI descriptor, the Markdown renderer, the BugInvestigationEvent
+// family, and all public types. Internal pipeline modules (internal, model-loop, verify-stage,
+// stages, emit, parse, context, prompt) are NOT re-exported — they are implementation detail. The
+// shared WorkflowDescriptor/WorkflowInputSpec types are intentionally NOT re-exported here (the top
+// workflows barrel exposes them exactly once from ./descriptor.js, ADR-0009 D12). Explicit named
+// re-exports, `type` keyword for type-only, double quotes, `.js`.
+export { investigateBug } from "./workflow.js";
+export { assembleBugReport, renderBugMarkdownReport } from "./report.js";
+export { BUG_INVESTIGATION_WORKFLOW_DESCRIPTOR } from "./descriptor.js";
+export { isSensitivePath, isElevatedReviewPath } from "./guard.js";
+export { parseFailureEvidence, MAX_FRAMES } from "./failure-parse.js";
+export { DEFAULT_BUG_WORKFLOW_LIMITS, } from "./types.js";

package/dist/bug-investigation/internal.d.ts

@@ -0,0 +1,39 @@
+import type { PatchLimits, PatchValidation } from "@oscharko-dev/keiko-tools";
+import { type BugEventEmitter } from "./emit.js";
+import { type BugInvestigationDeps, type BugInvestigationInput, type BugWorkflowLimits, type Hypothesis } from "./types.js";
+import type { BugWorkflowEventSink } from "./events.js";
+export declare const NO_OP_SINK: BugWorkflowEventSink;
+export interface BugWorkflowProgress {
+    modelCallCount: number;
+    patchRetryCount: number;
+}
+export interface BugRunState {
+    readonly input: BugInvestigationInput;
+    readonly deps: BugInvestigationDeps;
+    readonly limits: BugWorkflowLimits;
+    readonly signal: AbortSignal;
+    readonly now: () => number;
+    readonly emitter: BugEventEmitter;
+    readonly startedAt: number;
+    readonly progress: BugWorkflowProgress;
+    memoryPromptText: string | undefined;
+}
+export interface AcceptedBugPatch {
+    readonly diff: string;
+    readonly validation: PatchValidation;
+    readonly hypothesis: Hypothesis;
+}
+export interface BugModelLoopResult {
+    readonly accepted: AcceptedBugPatch | undefined;
+    readonly investigationOnly: Hypothesis | undefined;
+    readonly modelCallCount: number;
+    readonly patchRetryCount: number;
+    readonly lastRejectionCode: string | undefined;
+}
+export declare const EMPTY_BUG_LOOP: BugModelLoopResult;
+export declare function resolveBugLimits(input: BugInvestigationInput): BugWorkflowLimits;
+export declare function patchLimitsFrom(limits: BugWorkflowLimits): PatchLimits;
+export declare function buildBugRunState(input: BugInvestigationInput, deps: BugInvestigationDeps, fingerprint: string): BugRunState;
+export declare function nextActionsFor(applied: boolean, files: readonly string[], elevated: readonly string[]): readonly string[];
+export declare function investigationNextActions(): readonly string[];
+//# sourceMappingURL=internal.d.ts.map

package/dist/bug-investigation/internal.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"internal.d.ts","sourceRoot":"","sources":["../../src/bug-investigation/internal.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,2BAA2B,CAAC;AAC9E,OAAO,EAAyB,KAAK,eAAe,EAAE,MAAM,WAAW,CAAC;AACxE,OAAO,EAEL,KAAK,oBAAoB,EACzB,KAAK,qBAAqB,EAC1B,KAAK,iBAAiB,EACtB,KAAK,UAAU,EAChB,MAAM,YAAY,CAAC;AACpB,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,aAAa,CAAC;AAGxD,eAAO,MAAM,UAAU,EAAE,oBAAsD,CAAC;AAEhF,MAAM,WAAW,mBAAmB;IAClC,cAAc,EAAE,MAAM,CAAC;IACvB,eAAe,EAAE,MAAM,CAAC;CACzB;AAMD,MAAM,WAAW,WAAW;IAC1B,QAAQ,CAAC,KAAK,EAAE,qBAAqB,CAAC;IACtC,QAAQ,CAAC,IAAI,EAAE,oBAAoB,CAAC;IACpC,QAAQ,CAAC,MAAM,EAAE,iBAAiB,CAAC;IACnC,QAAQ,CAAC,MAAM,EAAE,WAAW,CAAC;IAC7B,QAAQ,CAAC,GAAG,EAAE,MAAM,MAAM,CAAC;IAC3B,QAAQ,CAAC,OAAO,EAAE,eAAe,CAAC;IAClC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,QAAQ,EAAE,mBAAmB,CAAC;IACvC,gBAAgB,EAAE,MAAM,GAAG,SAAS,CAAC;CACtC;AAGD,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,UAAU,EAAE,eAAe,CAAC;IACrC,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAC;CACjC;AAED,MAAM,WAAW,kBAAkB;IAEjC,QAAQ,CAAC,QAAQ,EAAE,gBAAgB,GAAG,SAAS,CAAC;IAEhD,QAAQ,CAAC,iBAAiB,EAAE,UAAU,GAAG,SAAS,CAAC;IACnD,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,eAAe,EAAE,MAAM,CAAC;IACjC,QAAQ,CAAC,iBAAiB,EAAE,MAAM,GAAG,SAAS,CAAC;CAChD;AAGD,eAAO,MAAM,cAAc,EAAE,kBAM5B,CAAC;AAEF,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,qBAAqB,GAAG,iBAAiB,CAEhF;AAID,wBAAgB,eAAe,CAAC,MAAM,EAAE,iBAAiB,GAAG,WAAW,CAMtE;AAED,wBAAgB,gBAAgB,CAC9B,KAAK,EAAE,qBAAqB,EAC5B,IAAI,EAAE,oBAAoB,EAC1B,WAAW,EAAE,MAAM,GAClB,WAAW,CAcb;AAID,wBAAgB,cAAc,CAC5B,OAAO,EAAE,OAAO,EAChB,KAAK,EAAE,SAAS,MAAM,EAAE,EACxB,QAAQ,EAAE,SAAS,MAAM,EAAE,GAC1B,SAAS,MAAM,EAAE,CAYnB;AAGD,wBAAgB,wBAAwB,IAAI,SAAS,MAAM,EAAE,CAK5D"}

package/dist/bug-investigation/internal.js

@@ -0,0 +1,65 @@
+// Shared internal types and small pure helpers used across the bug-investigation pipeline stages
+// (the model loop, the verify stage, the report stages). Kept private to the module — none of these
+// are re-exported from index.ts. Splitting them out keeps each pipeline file under the LOC limit
+// while leaving a single source of truth for the resolved BugRunState and the loop result shape.
+import { createBugEventEmitter } from "./emit.js";
+import { DEFAULT_BUG_WORKFLOW_LIMITS, } from "./types.js";
+// A no-op sink used when the caller injects none. emit is synchronous (ADR-0004 EventSink contract).
+export const NO_OP_SINK = { emit: () => undefined };
+// The zero-progress loop used to assemble a cancelled/failed report before the model loop ran.
+export const EMPTY_BUG_LOOP = {
+    accepted: undefined,
+    investigationOnly: undefined,
+    modelCallCount: 0,
+    patchRetryCount: 0,
+    lastRejectionCode: undefined,
+};
+export function resolveBugLimits(input) {
+    return { ...DEFAULT_BUG_WORKFLOW_LIMITS, ...input.limits };
+}
+// The #6 PatchLimits view derived from the resolved workflow limits (D6 bound 1). Passed into
+// validatePatch/applyPatch via their `limits` override seam — #6's defaults stay untouched.
+export function patchLimitsFrom(limits) {
+    return {
+        maxFilesChanged: limits.maxFilesChanged,
+        maxChangedLines: limits.maxChangedLines,
+        maxPatchBytes: limits.maxPatchBytes,
+    };
+}
+export function buildBugRunState(input, deps, fingerprint) {
+    const now = deps.now ?? Date.now;
+    const idSource = deps.idSource ?? (() => crypto.randomUUID());
+    return {
+        input,
+        deps,
+        limits: resolveBugLimits(input),
+        signal: deps.signal ?? new AbortController().signal,
+        now,
+        emitter: createBugEventEmitter(deps.sink ?? NO_OP_SINK, idSource(), fingerprint, now),
+        startedAt: now(),
+        progress: { modelCallCount: 0, patchRetryCount: 0 },
+        memoryPromptText: undefined,
+    };
+}
+// UI-renderable next actions for the report. Pure. `elevated` lists changed manifest/config paths
+// that warrant elevated review (D6).
+export function nextActionsFor(applied, files, elevated) {
+    const first = files[0] ?? "the proposed fix";
+    const base = applied
+        ? [`Review the applied fix in ${first}`, "Run `keiko verify` to confirm the suite is green"]
+        : [`Review the proposed fix for ${first}`, "Re-run with --apply to write the fix and verify"];
+    if (elevated.length > 0) {
+        return [
+            ...base,
+            `This fix modifies build/manifest configuration (${elevated.join(", ")}) — review with elevated scrutiny before applying`,
+        ];
+    }
+    return base;
+}
+// The next-actions list for the investigation-only outcome (no patch produced).
+export function investigationNextActions() {
+    return [
+        "No safe fix was proposed; review the root-cause hypothesis and uncertainty",
+        "Provide more evidence (full failing output, stack trace, or suspected files) and re-run",
+    ];
+}

package/dist/bug-investigation/memory.d.ts

@@ -0,0 +1,5 @@
+import type { MemoryWorkflowContext, MemoryWorkflowPort } from "@oscharko-dev/keiko-contracts";
+import type { BugInvestigationReport, BugReportInput } from "./types.js";
+export declare function acquireMemoryContext(port: MemoryWorkflowPort | undefined, report: BugReportInput, workspaceRoot: string): Promise<MemoryWorkflowContext | undefined>;
+export declare function emitMemoryWriteCandidate(port: MemoryWorkflowPort | undefined, report: BugInvestigationReport, workspaceRoot: string): void;
+//# sourceMappingURL=memory.d.ts.map

package/dist/bug-investigation/memory.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"memory.d.ts","sourceRoot":"","sources":["../../src/bug-investigation/memory.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAEV,qBAAqB,EACrB,kBAAkB,EAEnB,MAAM,+BAA+B,CAAC;AAEvC,OAAO,KAAK,EACV,sBAAsB,EACtB,cAAc,EAGf,MAAM,YAAY,CAAC;AAgCpB,wBAAsB,oBAAoB,CACxC,IAAI,EAAE,kBAAkB,GAAG,SAAS,EACpC,MAAM,EAAE,cAAc,EACtB,aAAa,EAAE,MAAM,GACpB,OAAO,CAAC,qBAAqB,GAAG,SAAS,CAAC,CAuB5C;AAeD,wBAAgB,wBAAwB,CACtC,IAAI,EAAE,kBAAkB,GAAG,SAAS,EACpC,MAAM,EAAE,sBAAsB,EAC9B,aAAa,EAAE,MAAM,GACpB,IAAI,CAiBN"}

package/dist/bug-investigation/memory.js

@@ -0,0 +1,91 @@
+// Memory integration for the bug-investigation workflow (Issue #213 / Epic #204).
+// Composes the optional MemoryWorkflowPort to fetch a scoped, prompt-ready memory context
+// before model invocation and to emit a one-line write-candidate after a terminal success.
+// READ-ONLY by design: memory cannot bypass the existing apply gates (#6 applyEnabled),
+// scope guard (D6 bound 2), or patch limits (D6 bound 1) — those remain the sole write
+// surface (epic §Architecture Invariants 1+2). Defence-in-depth: callers prepend the
+// returned text to the user message via prompt.ts which already redacts + byte-caps every
+// free-text field through safePromptText.
+//
+// Scope strategy: bug-investigation runs inside one repository, so workflow memory is
+// bounded to the current project path. This prevents lessons from one regulated repository
+// from being recalled in another while still letting the memory proposal provenance carry
+// `workflow-outcome` / `sourceWorkflowRunId` through the capture pipeline.
+// Default token budget passed to the port. The port may ignore it; the workflow does not
+// enforce it (the prompt boundary clamp in safePromptText is the authoritative byte cap).
+const DEFAULT_MEMORY_TOKEN_BUDGET = 2_048;
+// The subset of statuses that should trigger a memory write-candidate. Aligned with the
+// epic's "workflow-success" source kind. Cancelled / failed / rejected do NOT emit.
+const SUCCESS_STATUSES = new Set([
+    "fix-applied",
+    "fix-proposed",
+    "investigation-only",
+]);
+// Build the lexical query passed to the memory retriever. Prefers the bug description; falls
+// back to a generic label so the port always has a non-empty query to score against.
+function memoryQueryText(report) {
+    const desc = report.description?.trim();
+    return desc !== undefined && desc.length > 0 ? desc : "bug investigation";
+}
+function bugInvestigationMemoryScope(workspaceRoot) {
+    return {
+        kind: "project",
+        projectId: workspaceRoot,
+    };
+}
+// Fetches the assembled memory context. Returns undefined when no port was injected OR when
+// the port returned an empty block — both cases are treated identically by the prompt
+// builder so retrieval failures degrade gracefully (text === "" is indistinguishable from
+// "no port").
+export async function acquireMemoryContext(port, report, workspaceRoot) {
+    if (port === undefined) {
+        return undefined;
+    }
+    const scope = bugInvestigationMemoryScope(workspaceRoot);
+    try {
+        const context = await port.getContextForWorkflow([scope], memoryQueryText(report), DEFAULT_MEMORY_TOKEN_BUDGET);
+        if (context.text.length === 0 || context.includedMemoryIds.length === 0) {
+            return undefined;
+        }
+        port.onMemoryUsed?.({
+            memoryIds: context.includedMemoryIds,
+            scopes: [scope],
+            reason: "bug-investigation:pre-prompt",
+        });
+        return context;
+    }
+    catch {
+        return undefined;
+    }
+}
+// Compose the one-line proposal summary. PURE: no IO, no clock, no randomness.
+function buildProposalSummary(status, hypothesis) {
+    const root = hypothesis.rootCause?.trim();
+    if (root !== undefined && root.length > 0) {
+        return `[${status}] ${root}`;
+    }
+    return `[${status}] bug investigation completed without a recorded root cause`;
+}
+// Emits a write-candidate when the run reached a terminal success state. Caller decides
+// whether to convert the candidate into a #207 capture proposal. NO-OP when the port is
+// absent OR when the run was cancelled / failed / rejected (the latter mirrors the spec's
+// "do NOT emit write-candidate on failure" rule).
+export function emitMemoryWriteCandidate(port, report, workspaceRoot) {
+    if (port?.onMemoryWriteCandidate === undefined) {
+        return;
+    }
+    if (!SUCCESS_STATUSES.has(report.status)) {
+        return;
+    }
+    const event = {
+        proposalSummary: buildProposalSummary(report.status, report.hypothesis),
+        scope: bugInvestigationMemoryScope(workspaceRoot),
+        source: "workflow-success",
+    };
+    try {
+        port.onMemoryWriteCandidate(event);
+    }
+    catch {
+        // defensive: callback exceptions must not propagate into runPipeline
+    }
+}

package/dist/bug-investigation/model-loop.d.ts

@@ -0,0 +1,5 @@
+import type { ContextPack, WorkspaceInfo } from "@oscharko-dev/keiko-workspace";
+import { type BugModelLoopResult, type BugRunState } from "./internal.js";
+import type { BugReportInput, FailureEvidence } from "./types.js";
+export declare function runBugModelLoop(state: BugRunState, workspace: WorkspaceInfo, report: BugReportInput, evidence: FailureEvidence, pack: ContextPack): Promise<BugModelLoopResult>;
+//# sourceMappingURL=model-loop.d.ts.map

package/dist/bug-investigation/model-loop.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"model-loop.d.ts","sourceRoot":"","sources":["../../src/bug-investigation/model-loop.ts"],"names":[],"mappings":"AAUA,OAAO,KAAK,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAOhF,OAAO,EAGL,KAAK,kBAAkB,EACvB,KAAK,WAAW,EACjB,MAAM,eAAe,CAAC;AACvB,OAAO,KAAK,EAAE,cAAc,EAAE,eAAe,EAA+B,MAAM,YAAY,CAAC;AA6Q/F,wBAAsB,eAAe,CACnC,KAAK,EAAE,WAAW,EAClB,SAAS,EAAE,aAAa,EACxB,MAAM,EAAE,cAAc,EACtB,QAAQ,EAAE,eAAe,EACzB,IAAI,EAAE,WAAW,GAChB,OAAO,CAAC,kBAAkB,CAAC,CAwC7B"}