@planu/cli 0.36.0 → 0.37.0

package/dist/engine/safety/atomic-writer.d.ts

@@ -0,0 +1,22 @@
+import type { WriteOptions } from '../../types/safety.js';
+/**
+ * Write JSON data atomically with backup rotation.
+ *
+ * 1. Rotate existing backups (if target exists).
+ * 2. Write to a `.tmp` sibling file.
+ * 3. Optionally verify the `.tmp` contents parse correctly.
+ * 4. Atomically rename `.tmp` to the target path.
+ *
+ * On failure during steps 2-4, the `.tmp` file is cleaned up silently.
+ */
+export declare function writeJsonSafe(filePath: string, data: unknown, opts?: WriteOptions): Promise<void>;
+/**
+ * Attempt to recover a file from its most recent backup.
+ *
+ * Checks `.bak.1`, `.bak.2`, `.bak.3` in order and copies the first
+ * one found back to the target path.
+ *
+ * @returns `true` if recovery succeeded, `false` if no backup exists.
+ */
+export declare function recoverFromBackup(filePath: string, backupCount?: number): Promise<boolean>;
+//# sourceMappingURL=atomic-writer.d.ts.map

package/dist/engine/safety/atomic-writer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"atomic-writer.d.ts","sourceRoot":"","sources":["../../../src/engine/safety/atomic-writer.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAI1D;;;;;;;;;GASG;AACH,wBAAsB,aAAa,CACjC,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,OAAO,EACb,IAAI,CAAC,EAAE,YAAY,GAClB,OAAO,CAAC,IAAI,CAAC,CAsCf;AAED;;;;;;;GAOG;AACH,wBAAsB,iBAAiB,CACrC,QAAQ,EAAE,MAAM,EAChB,WAAW,SAAuB,GACjC,OAAO,CAAC,OAAO,CAAC,CASlB"}

package/dist/engine/safety/atomic-writer.js

@@ -0,0 +1,89 @@
+// atomic-writer.ts — Atomic JSON writes with backup rotation (SPEC-094 AC-1)
+import { rename, copyFile, unlink, readFile, writeFile, mkdir } from 'node:fs/promises';
+import { existsSync } from 'node:fs';
+import { dirname } from 'node:path';
+const DEFAULT_BACKUP_COUNT = 3;
+/**
+ * Write JSON data atomically with backup rotation.
+ *
+ * 1. Rotate existing backups (if target exists).
+ * 2. Write to a `.tmp` sibling file.
+ * 3. Optionally verify the `.tmp` contents parse correctly.
+ * 4. Atomically rename `.tmp` to the target path.
+ *
+ * On failure during steps 2-4, the `.tmp` file is cleaned up silently.
+ */
+export async function writeJsonSafe(filePath, data, opts) {
+    const backupCount = opts?.backupCount ?? DEFAULT_BACKUP_COUNT;
+    const verify = opts?.verify ?? true;
+    const tmpPath = `${filePath}.tmp`;
+    // Ensure parent directory exists
+    await mkdir(dirname(filePath), { recursive: true });
+    // Rotate backups if target already exists
+    if (existsSync(filePath)) {
+        await rotateBackups(filePath, backupCount);
+        await copyFile(filePath, `${filePath}.bak.1`);
+    }
+    // Serialize
+    const json = JSON.stringify(data, null, 2);
+    try {
+        // Write to temp file
+        await writeFile(tmpPath, json, 'utf-8');
+        // Verify round-trip if requested
+        if (verify) {
+            const readBack = await readFile(tmpPath, 'utf-8');
+            JSON.parse(readBack);
+        }
+        // Atomic rename
+        await rename(tmpPath, filePath);
+    }
+    catch (err) {
+        // Cleanup temp file silently
+        try {
+            await unlink(tmpPath);
+        }
+        catch {
+            // Ignore cleanup errors
+        }
+        throw err;
+    }
+}
+/**
+ * Attempt to recover a file from its most recent backup.
+ *
+ * Checks `.bak.1`, `.bak.2`, `.bak.3` in order and copies the first
+ * one found back to the target path.
+ *
+ * @returns `true` if recovery succeeded, `false` if no backup exists.
+ */
+export async function recoverFromBackup(filePath, backupCount = DEFAULT_BACKUP_COUNT) {
+    for (let i = 1; i <= backupCount; i++) {
+        const bakPath = `${filePath}.bak.${i}`;
+        if (existsSync(bakPath)) {
+            await copyFile(bakPath, filePath);
+            return true;
+        }
+    }
+    return false;
+}
+/**
+ * Rotate backup files: `.bak.{count-1}` -> `.bak.{count}`, etc.
+ *
+ * The oldest backup (`.bak.{count}`) is discarded if it exists.
+ */
+async function rotateBackups(filePath, count) {
+    // Delete the oldest if it exists
+    const oldestPath = `${filePath}.bak.${count}`;
+    if (existsSync(oldestPath)) {
+        await unlink(oldestPath);
+    }
+    // Shift each backup up by one
+    for (let i = count - 1; i >= 1; i--) {
+        const src = `${filePath}.bak.${i}`;
+        const dst = `${filePath}.bak.${i + 1}`;
+        if (existsSync(src)) {
+            await rename(src, dst);
+        }
+    }
+}
+//# sourceMappingURL=atomic-writer.js.map

package/dist/engine/safety/atomic-writer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"atomic-writer.js","sourceRoot":"","sources":["../../../src/engine/safety/atomic-writer.ts"],"names":[],"mappings":"AAAA,6EAA6E;AAC7E,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACxF,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAGpC,MAAM,oBAAoB,GAAG,CAAC,CAAC;AAE/B;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,QAAgB,EAChB,IAAa,EACb,IAAmB;IAEnB,MAAM,WAAW,GAAG,IAAI,EAAE,WAAW,IAAI,oBAAoB,CAAC;IAC9D,MAAM,MAAM,GAAG,IAAI,EAAE,MAAM,IAAI,IAAI,CAAC;IACpC,MAAM,OAAO,GAAG,GAAG,QAAQ,MAAM,CAAC;IAElC,iCAAiC;IACjC,MAAM,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAEpD,0CAA0C;IAC1C,IAAI,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzB,MAAM,aAAa,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;QAC3C,MAAM,QAAQ,CAAC,QAAQ,EAAE,GAAG,QAAQ,QAAQ,CAAC,CAAC;IAChD,CAAC;IAED,YAAY;IACZ,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IAE3C,IAAI,CAAC;QACH,qBAAqB;QACrB,MAAM,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;QAExC,iCAAiC;QACjC,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAClD,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;QACvB,CAAC;QAED,gBAAgB;QAChB,MAAM,MAAM,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAClC,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,6BAA6B;QAC7B,IAAI,CAAC;YACH,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC;QACxB,CAAC;QAAC,MAAM,CAAC;YACP,wBAAwB;QAC1B,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,QAAgB,EAChB,WAAW,GAAG,oBAAoB;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,OAAO,GAAG,GAAG,QAAQ,QAAQ,CAAC,EAAE,CAAC;QACvC,IAAI,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;YACxB,MAAM,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;YAClC,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,aAAa,CAAC,QAAgB,EAAE,KAAa;IAC1D,iCAAiC;IACjC,MAAM,UAAU,GAAG,GAAG,QAAQ,QAAQ,KAAK,EAAE,CAAC;IAC9C,IAAI,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC3B,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC;IAC3B,CAAC;IAED,8BAA8B;IAC9B,KAAK,IAAI,CAAC,GAAG,KAAK,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QACpC,MAAM,GAAG,GAAG,GAAG,QAAQ,QAAQ,CAAC,EAAE,CAAC;QACnC,MAAM,GAAG,GAAG,GAAG,QAAQ,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACvC,IAAI,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACpB,MAAM,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;QACzB,CAAC;IACH,CAAC;AACH,CAAC"}

package/dist/engine/safety/circuit-breaker.d.ts

@@ -0,0 +1,14 @@
+import type { CircuitState, SafetyCircuitConfig } from '../../types/safety.js';
+export declare class CircuitBreaker {
+    private readonly name;
+    private state;
+    private failureCount;
+    private lastFailureTime;
+    private readonly config;
+    constructor(name: string, config?: Partial<SafetyCircuitConfig>);
+    execute<T>(fn: () => Promise<T>, fallback?: T): Promise<T>;
+    getState(): CircuitState;
+    reset(): void;
+    getFailureCount(): number;
+}
+//# sourceMappingURL=circuit-breaker.d.ts.map

package/dist/engine/safety/circuit-breaker.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"circuit-breaker.d.ts","sourceRoot":"","sources":["../../../src/engine/safety/circuit-breaker.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,YAAY,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAQ/E,qBAAa,cAAc;IACzB,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAS;IAC9B,OAAO,CAAC,KAAK,CAA0B;IACvC,OAAO,CAAC,YAAY,CAAK;IACzB,OAAO,CAAC,eAAe,CAAK;IAC5B,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAgC;gBAE3C,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,OAAO,CAAC,mBAAmB,CAAC;IAKzD,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE,MAAM,OAAO,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,CAAC,CAAC;IAqChE,QAAQ,IAAI,YAAY;IAIxB,KAAK,IAAI,IAAI;IAKb,eAAe,IAAI,MAAM;CAG1B"}

package/dist/engine/safety/circuit-breaker.js

@@ -0,0 +1,63 @@
+// SPEC-094 AC-5: Circuit breaker for storage operations
+const DEFAULT_CONFIG = {
+    maxFailures: 3,
+    resetTimeoutMs: 60_000,
+    halfOpenMax: 1,
+};
+export class CircuitBreaker {
+    name;
+    state = 'closed';
+    failureCount = 0;
+    lastFailureTime = 0;
+    config;
+    constructor(name, config) {
+        this.name = name;
+        this.config = { ...DEFAULT_CONFIG, ...config };
+    }
+    async execute(fn, fallback) {
+        if (this.state === 'open') {
+            const elapsed = Date.now() - this.lastFailureTime;
+            if (elapsed >= this.config.resetTimeoutMs) {
+                this.state = 'half-open';
+            }
+            else {
+                if (fallback !== undefined) {
+                    return fallback;
+                }
+                throw new Error(`Circuit open for ${this.name}`);
+            }
+        }
+        const wasHalfOpen = this.state === 'half-open';
+        try {
+            const result = await fn();
+            this.state = 'closed';
+            this.failureCount = 0;
+            return result;
+        }
+        catch (error) {
+            this.failureCount++;
+            this.lastFailureTime = Date.now();
+            if (wasHalfOpen) {
+                this.state = 'open';
+            }
+            else if (this.failureCount >= this.config.maxFailures) {
+                this.state = 'open';
+            }
+            if (fallback !== undefined) {
+                return fallback;
+            }
+            throw error;
+        }
+    }
+    getState() {
+        return this.state;
+    }
+    reset() {
+        this.state = 'closed';
+        this.failureCount = 0;
+    }
+    getFailureCount() {
+        return this.failureCount;
+    }
+}
+//# sourceMappingURL=circuit-breaker.js.map

package/dist/engine/safety/circuit-breaker.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"circuit-breaker.js","sourceRoot":"","sources":["../../../src/engine/safety/circuit-breaker.ts"],"names":[],"mappings":"AAAA,wDAAwD;AAIxD,MAAM,cAAc,GAAkC;IACpD,WAAW,EAAE,CAAC;IACd,cAAc,EAAE,MAAM;IACtB,WAAW,EAAE,CAAC;CACf,CAAC;AAEF,MAAM,OAAO,cAAc;IACR,IAAI,CAAS;IACtB,KAAK,GAAiB,QAAQ,CAAC;IAC/B,YAAY,GAAG,CAAC,CAAC;IACjB,eAAe,GAAG,CAAC,CAAC;IACX,MAAM,CAAgC;IAEvD,YAAY,IAAY,EAAE,MAAqC;QAC7D,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;IACjD,CAAC;IAED,KAAK,CAAC,OAAO,CAAI,EAAoB,EAAE,QAAY;QACjD,IAAI,IAAI,CAAC,KAAK,KAAK,MAAM,EAAE,CAAC;YAC1B,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,eAAe,CAAC;YAClD,IAAI,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;gBAC1C,IAAI,CAAC,KAAK,GAAG,WAAW,CAAC;YAC3B,CAAC;iBAAM,CAAC;gBACN,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;oBAC3B,OAAO,QAAQ,CAAC;gBAClB,CAAC;gBACD,MAAM,IAAI,KAAK,CAAC,oBAAoB,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;YACnD,CAAC;QACH,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,KAAK,WAAW,CAAC;QAE/C,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,EAAE,EAAE,CAAC;YAC1B,IAAI,CAAC,KAAK,GAAG,QAAQ,CAAC;YACtB,IAAI,CAAC,YAAY,GAAG,CAAC,CAAC;YACtB,OAAO,MAAM,CAAC;QAChB,CAAC;QAAC,OAAO,KAAc,EAAE,CAAC;YACxB,IAAI,CAAC,YAAY,EAAE,CAAC;YACpB,IAAI,CAAC,eAAe,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YAElC,IAAI,WAAW,EAAE,CAAC;gBAChB,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC;YACtB,CAAC;iBAAM,IAAI,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;gBACxD,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC;YACtB,CAAC;YAED,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;gBAC3B,OAAO,QAAQ,CAAC;YAClB,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,QAAQ;QACN,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;IAED,KAAK;QACH,IAAI,CAAC,KAAK,GAAG,QAAQ,CAAC;QACtB,IAAI,CAAC,YAAY,GAAG,CAAC,CAAC;IACxB,CAAC;IAED,eAAe;QACb,OAAO,IAAI,CAAC,YAAY,CAAC;IAC3B,CAAC;CACF"}

package/dist/engine/safety/file-mutex.d.ts

@@ -0,0 +1,13 @@
+import type { LockHandle } from '../../types/safety.js';
+/**
+ * Acquires a file-based lock for a named resource.
+ * Polls until the lock is available or timeout expires.
+ * Stale locks (old timestamp or dead PID) are auto-released.
+ */
+export declare function acquireLock(resource: string, timeoutMs?: number): Promise<LockHandle>;
+/**
+ * Releases a previously acquired lock.
+ * No-op if the lock file was already removed.
+ */
+export declare function releaseLock(handle: LockHandle): Promise<void>;
+//# sourceMappingURL=file-mutex.d.ts.map

package/dist/engine/safety/file-mutex.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"file-mutex.d.ts","sourceRoot":"","sources":["../../../src/engine/safety/file-mutex.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,UAAU,EAAmB,MAAM,uBAAuB,CAAC;AA4CzE;;;;GAIG;AACH,wBAAsB,WAAW,CAC/B,QAAQ,EAAE,MAAM,EAChB,SAAS,GAAE,MAA2B,GACrC,OAAO,CAAC,UAAU,CAAC,CAoDrB;AAED;;;GAGG;AACH,wBAAsB,WAAW,CAAC,MAAM,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAQnE"}

package/dist/engine/safety/file-mutex.js

@@ -0,0 +1,108 @@
+// SPEC-094 AC-4: File-based mutex for resource locking
+import { writeFile, readFile, unlink, mkdir } from 'node:fs/promises';
+import { createHash } from 'node:crypto';
+const LOCK_DIR = 'data/.locks';
+const STALE_THRESHOLD_MS = 30_000;
+const DEFAULT_TIMEOUT_MS = 10_000;
+const POLL_INTERVAL_MS = 100;
+function hashResource(resource) {
+    return createHash('sha256').update(resource).digest('hex').slice(0, 16);
+}
+function isProcessRunning(pid) {
+    try {
+        process.kill(pid, 0);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+function isStale(content) {
+    const lockAge = Date.now() - new Date(content.timestamp).getTime();
+    if (lockAge > STALE_THRESHOLD_MS) {
+        return true;
+    }
+    if (!isProcessRunning(content.pid)) {
+        return true;
+    }
+    return false;
+}
+async function tryReadLock(lockPath) {
+    try {
+        const raw = await readFile(lockPath, 'utf-8');
+        return JSON.parse(raw);
+    }
+    catch {
+        return null;
+    }
+}
+async function ensureLockDir() {
+    await mkdir(LOCK_DIR, { recursive: true });
+}
+/**
+ * Acquires a file-based lock for a named resource.
+ * Polls until the lock is available or timeout expires.
+ * Stale locks (old timestamp or dead PID) are auto-released.
+ */
+export async function acquireLock(resource, timeoutMs = DEFAULT_TIMEOUT_MS) {
+    await ensureLockDir();
+    const hash = hashResource(resource);
+    const lockPath = `${LOCK_DIR}/${hash}.lock`;
+    const deadline = Date.now() + timeoutMs;
+    while (Date.now() < deadline) {
+        const existing = await tryReadLock(lockPath);
+        if (existing) {
+            if (isStale(existing)) {
+                try {
+                    await unlink(lockPath);
+                }
+                catch {
+                    // Another process may have already removed it
+                }
+            }
+            else {
+                await new Promise((r) => setTimeout(r, POLL_INTERVAL_MS));
+                continue;
+            }
+        }
+        const content = {
+            pid: process.pid,
+            timestamp: new Date().toISOString(),
+            resource,
+        };
+        try {
+            await writeFile(lockPath, JSON.stringify(content, null, 2), {
+                flag: 'wx',
+            });
+        }
+        catch {
+            // File was created between our check and write — retry
+            await new Promise((r) => setTimeout(r, POLL_INTERVAL_MS));
+            continue;
+        }
+        return {
+            resource,
+            lockPath,
+            pid: process.pid,
+            acquiredAt: content.timestamp,
+        };
+    }
+    const error = new Error(`Lock timeout after ${timeoutMs}ms for resource "${resource}". Another process holds the lock.`);
+    error.code = 'LOCK_TIMEOUT';
+    throw error;
+}
+/**
+ * Releases a previously acquired lock.
+ * No-op if the lock file was already removed.
+ */
+export async function releaseLock(handle) {
+    try {
+        await unlink(handle.lockPath);
+    }
+    catch (err) {
+        if (err.code !== 'ENOENT') {
+            throw err;
+        }
+    }
+}
+//# sourceMappingURL=file-mutex.js.map

package/dist/engine/safety/file-mutex.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"file-mutex.js","sourceRoot":"","sources":["../../../src/engine/safety/file-mutex.ts"],"names":[],"mappings":"AAAA,uDAAuD;AAEvD,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACtE,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAGzC,MAAM,QAAQ,GAAG,aAAa,CAAC;AAC/B,MAAM,kBAAkB,GAAG,MAAM,CAAC;AAClC,MAAM,kBAAkB,GAAG,MAAM,CAAC;AAClC,MAAM,gBAAgB,GAAG,GAAG,CAAC;AAE7B,SAAS,YAAY,CAAC,QAAgB;IACpC,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AAC1E,CAAC;AAED,SAAS,gBAAgB,CAAC,GAAW;IACnC,IAAI,CAAC;QACH,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QACrB,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,OAAO,CAAC,OAAwB;IACvC,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,OAAO,EAAE,CAAC;IACnE,IAAI,OAAO,GAAG,kBAAkB,EAAE,CAAC;QACjC,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACnC,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,QAAgB;IACzC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC9C,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAoB,CAAC;IAC5C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,KAAK,UAAU,aAAa;IAC1B,MAAM,KAAK,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;AAC7C,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,QAAgB,EAChB,YAAoB,kBAAkB;IAEtC,MAAM,aAAa,EAAE,CAAC;IAEtB,MAAM,IAAI,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;IACpC,MAAM,QAAQ,GAAG,GAAG,QAAQ,IAAI,IAAI,OAAO,CAAC;IAC5C,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;IAExC,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,QAAQ,EAAE,CAAC;QAC7B,MAAM,QAAQ,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,CAAC;QAE7C,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACtB,IAAI,CAAC;oBACH,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC;gBACzB,CAAC;gBAAC,MAAM,CAAC;oBACP,8CAA8C;gBAChD,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,gBAAgB,CAAC,CAAC,CAAC;gBAC1D,SAAS;YACX,CAAC;QACH,CAAC;QAED,MAAM,OAAO,GAAoB;YAC/B,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,QAAQ;SACT,CAAC;QAEF,IAAI,CAAC;YACH,MAAM,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE;gBAC1D,IAAI,EAAE,IAAI;aACX,CAAC,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACP,uDAAuD;YACvD,MAAM,IAAI,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,gBAAgB,CAAC,CAAC,CAAC;YAC1D,SAAS;QACX,CAAC;QAED,OAAO;YACL,QAAQ;YACR,QAAQ;YACR,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,UAAU,EAAE,OAAO,CAAC,SAAS;SAC9B,CAAC;IACJ,CAAC;IAED,MAAM,KAAK,GAAG,IAAI,KAAK,CACrB,sBAAsB,SAAS,oBAAoB,QAAQ,oCAAoC,CAChG,CAAC;IACD,KAAkC,CAAC,IAAI,GAAG,cAAc,CAAC;IAC1D,MAAM,KAAK,CAAC;AACd,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,MAAkB;IAClD,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChC,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,IAAK,GAA6B,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;YACrD,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;AACH,CAAC"}

package/dist/engine/safety/health-monitor.d.ts

@@ -0,0 +1,4 @@
+import type { HealthReport } from '../../types/safety.js';
+export declare function checkStorageHealth(projectPath: string): Promise<HealthReport>;
+export declare function checkServiceHealth(): HealthReport;
+//# sourceMappingURL=health-monitor.d.ts.map

package/dist/engine/safety/health-monitor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"health-monitor.d.ts","sourceRoot":"","sources":["../../../src/engine/safety/health-monitor.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAe,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAYvE,wBAAsB,kBAAkB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAiCnF;AAmBD,wBAAgB,kBAAkB,IAAI,YAAY,CAqCjD"}

package/dist/engine/safety/health-monitor.js

@@ -0,0 +1,95 @@
+// SPEC-094 AC-8: Health monitoring for storage and service
+import { access, constants, readFile } from 'node:fs/promises';
+import { join } from 'node:path';
+function aggregateStatus(checks) {
+    if (checks.some((c) => c.status === 'fail')) {
+        return 'unhealthy';
+    }
+    if (checks.some((c) => c.status === 'warn')) {
+        return 'degraded';
+    }
+    return 'healthy';
+}
+export async function checkStorageHealth(projectPath) {
+    const checks = [];
+    // 1. disk-writable
+    try {
+        await access(projectPath, constants.W_OK);
+        checks.push({ name: 'disk-writable', status: 'pass', message: 'Project path is writable' });
+    }
+    catch {
+        checks.push({ name: 'disk-writable', status: 'fail', message: 'Project path is not writable' });
+    }
+    // 2. specs-json
+    const specsPath = join(projectPath, 'specs.json');
+    checks.push(await checkJsonFile(specsPath, 'specs-json'));
+    // 3. decisions-json
+    const decisionsPath = join(projectPath, 'decisions.json');
+    checks.push(await checkJsonFile(decisionsPath, 'decisions-json'));
+    // 4. data-dir-exists
+    const dataDir = join(projectPath, '..');
+    try {
+        await access(dataDir, constants.R_OK);
+        checks.push({ name: 'data-dir-exists', status: 'pass', message: 'Data directory exists' });
+    }
+    catch {
+        checks.push({ name: 'data-dir-exists', status: 'fail', message: 'Data directory not found' });
+    }
+    return {
+        status: aggregateStatus(checks),
+        checks,
+        timestamp: new Date().toISOString(),
+    };
+}
+async function checkJsonFile(filePath, checkName) {
+    try {
+        await access(filePath, constants.R_OK);
+    }
+    catch {
+        // File not existing is OK (not yet created)
+        return { name: checkName, status: 'pass', message: `${checkName} not found (optional)` };
+    }
+    try {
+        const content = await readFile(filePath, 'utf-8');
+        JSON.parse(content);
+        return { name: checkName, status: 'pass', message: `${checkName} is valid JSON` };
+    }
+    catch {
+        return { name: checkName, status: 'fail', message: `${checkName} contains corrupt JSON` };
+    }
+}
+export function checkServiceHealth() {
+    const checks = [];
+    // 1. node-version
+    const versionMatch = /^v(\d+)/.exec(process.version);
+    const major = versionMatch?.[1] ? parseInt(versionMatch[1], 10) : 0;
+    checks.push({
+        name: 'node-version',
+        status: major >= 18 ? 'pass' : 'warn',
+        message: `Node.js ${process.version}`,
+        value: process.version,
+    });
+    // 2. memory-usage
+    const heapUsed = process.memoryUsage().heapUsed;
+    const heapMB = Math.round(heapUsed / 1024 / 1024);
+    checks.push({
+        name: 'memory-usage',
+        status: heapMB > 500 ? 'warn' : 'pass',
+        message: `Heap usage: ${heapMB}MB`,
+        value: heapMB,
+    });
+    // 3. uptime
+    const uptimeSeconds = Math.round(process.uptime());
+    checks.push({
+        name: 'uptime',
+        status: 'pass',
+        message: `Process uptime: ${uptimeSeconds}s`,
+        value: uptimeSeconds,
+    });
+    return {
+        status: aggregateStatus(checks),
+        checks,
+        timestamp: new Date().toISOString(),
+    };
+}
+//# sourceMappingURL=health-monitor.js.map

package/dist/engine/safety/health-monitor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"health-monitor.js","sourceRoot":"","sources":["../../../src/engine/safety/health-monitor.ts"],"names":[],"mappings":"AAAA,2DAA2D;AAE3D,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC/D,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAIjC,SAAS,eAAe,CAAC,MAAqB;IAC5C,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,EAAE,CAAC;QAC5C,OAAO,WAAW,CAAC;IACrB,CAAC;IACD,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,EAAE,CAAC;QAC5C,OAAO,UAAU,CAAC;IACpB,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,WAAmB;IAC1D,MAAM,MAAM,GAAkB,EAAE,CAAC;IAEjC,mBAAmB;IACnB,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,WAAW,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;QAC1C,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,0BAA0B,EAAE,CAAC,CAAC;IAC9F,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,eAAe,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,8BAA8B,EAAE,CAAC,CAAC;IAClG,CAAC;IAED,gBAAgB;IAChB,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC;IAClD,MAAM,CAAC,IAAI,CAAC,MAAM,aAAa,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC,CAAC;IAE1D,oBAAoB;IACpB,MAAM,aAAa,GAAG,IAAI,CAAC,WAAW,EAAE,gBAAgB,CAAC,CAAC;IAC1D,MAAM,CAAC,IAAI,CAAC,MAAM,aAAa,CAAC,aAAa,EAAE,gBAAgB,CAAC,CAAC,CAAC;IAElE,qBAAqB;IACrB,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;IACxC,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,OAAO,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;QACtC,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,iBAAiB,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,uBAAuB,EAAE,CAAC,CAAC;IAC7F,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,iBAAiB,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,0BAA0B,EAAE,CAAC,CAAC;IAChG,CAAC;IAED,OAAO;QACL,MAAM,EAAE,eAAe,CAAC,MAAM,CAAC;QAC/B,MAAM;QACN,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,aAAa,CAAC,QAAgB,EAAE,SAAiB;IAC9D,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,QAAQ,EAAE,SAAS,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;IAAC,MAAM,CAAC;QACP,4CAA4C;QAC5C,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,SAAS,uBAAuB,EAAE,CAAC;IAC3F,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAClD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACpB,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,SAAS,gBAAgB,EAAE,CAAC;IACpF,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,SAAS,wBAAwB,EAAE,CAAC;IAC5F,CAAC;AACH,CAAC;AAED,MAAM,UAAU,kBAAkB;IAChC,MAAM,MAAM,GAAkB,EAAE,CAAC;IAEjC,kBAAkB;IAClB,MAAM,YAAY,GAAG,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IACrD,MAAM,KAAK,GAAG,YAAY,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACpE,MAAM,CAAC,IAAI,CAAC;QACV,IAAI,EAAE,cAAc;QACpB,MAAM,EAAE,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM;QACrC,OAAO,EAAE,WAAW,OAAO,CAAC,OAAO,EAAE;QACrC,KAAK,EAAE,OAAO,CAAC,OAAO;KACvB,CAAC,CAAC;IAEH,kBAAkB;IAClB,MAAM,QAAQ,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC;IAChD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,QAAQ,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC;IAClD,MAAM,CAAC,IAAI,CAAC;QACV,IAAI,EAAE,cAAc;QACpB,MAAM,EAAE,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM;QACtC,OAAO,EAAE,eAAe,MAAM,IAAI;QAClC,KAAK,EAAE,MAAM;KACd,CAAC,CAAC;IAEH,YAAY;IACZ,MAAM,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACnD,MAAM,CAAC,IAAI,CAAC;QACV,IAAI,EAAE,QAAQ;QACd,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,mBAAmB,aAAa,GAAG;QAC5C,KAAK,EAAE,aAAa;KACrB,CAAC,CAAC;IAEH,OAAO;QACL,MAAM,EAAE,eAAe,CAAC,MAAM,CAAC;QAC/B,MAAM;QACN,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;AACJ,CAAC"}

package/dist/engine/safety/index.d.ts

@@ -0,0 +1,7 @@
+export { writeJsonSafe, recoverFromBackup } from './atomic-writer.js';
+export { Transaction, SafetyTransactionError } from './transaction.js';
+export { sanitizePath, PathViolationError } from './path-sanitizer.js';
+export { acquireLock, releaseLock } from './file-mutex.js';
+export { CircuitBreaker } from './circuit-breaker.js';
+export { checkStorageHealth, checkServiceHealth } from './health-monitor.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/engine/safety/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/engine/safety/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACtE,OAAO,EAAE,WAAW,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AACvE,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACvE,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAC3D,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC"}

package/dist/engine/safety/index.js

@@ -0,0 +1,8 @@
+// SPEC-094: Safety module barrel export
+export { writeJsonSafe, recoverFromBackup } from './atomic-writer.js';
+export { Transaction, SafetyTransactionError } from './transaction.js';
+export { sanitizePath, PathViolationError } from './path-sanitizer.js';
+export { acquireLock, releaseLock } from './file-mutex.js';
+export { CircuitBreaker } from './circuit-breaker.js';
+export { checkStorageHealth, checkServiceHealth } from './health-monitor.js';
+//# sourceMappingURL=index.js.map

package/dist/engine/safety/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/engine/safety/index.ts"],"names":[],"mappings":"AAAA,wCAAwC;AACxC,OAAO,EAAE,aAAa,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACtE,OAAO,EAAE,WAAW,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AACvE,OAAO,EAAE,YAAY,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACvE,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AAC3D,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC"}

package/dist/engine/safety/path-sanitizer.d.ts

@@ -0,0 +1,17 @@
+import type { SafePath } from '../../types/safety.js';
+export declare class PathViolationError extends Error {
+    readonly code: "PATH_VIOLATION";
+    readonly input: string;
+    constructor(message: string, input: string);
+}
+/**
+ * Sanitizes a path ensuring it stays within projectRoot.
+ * Returns a branded SafePath on success.
+ *
+ * Checks:
+ * 1. No null bytes
+ * 2. Path length <= 4096
+ * 3. Resolved path does not escape projectRoot (relative check)
+ */
+export declare function sanitizePath(input: string, projectRoot: string): SafePath;
+//# sourceMappingURL=path-sanitizer.d.ts.map

package/dist/engine/safety/path-sanitizer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"path-sanitizer.d.ts","sourceRoot":"","sources":["../../../src/engine/safety/path-sanitizer.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AAItD,qBAAa,kBAAmB,SAAQ,KAAK;IAC3C,QAAQ,CAAC,IAAI,EAAG,gBAAgB,CAAU;IAC1C,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;gBAEX,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM;CAK3C;AAED;;;;;;;;GAQG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,QAAQ,CA0BzE"}

package/dist/engine/safety/path-sanitizer.js

@@ -0,0 +1,36 @@
+// SPEC-094 AC-3: Path sanitizer — prevents path traversal attacks
+import { resolve, normalize, relative } from 'node:path';
+const MAX_PATH_LENGTH = 4096;
+export class PathViolationError extends Error {
+    code = 'PATH_VIOLATION';
+    input;
+    constructor(message, input) {
+        super(message);
+        this.name = 'PathViolationError';
+        this.input = input;
+    }
+}
+/**
+ * Sanitizes a path ensuring it stays within projectRoot.
+ * Returns a branded SafePath on success.
+ *
+ * Checks:
+ * 1. No null bytes
+ * 2. Path length <= 4096
+ * 3. Resolved path does not escape projectRoot (relative check)
+ */
+export function sanitizePath(input, projectRoot) {
+    if (input.includes('\0')) {
+        throw new PathViolationError('Path contains null bytes. Remove null characters and retry.', input);
+    }
+    if (input.length > MAX_PATH_LENGTH) {
+        throw new PathViolationError(`Path exceeds maximum length of ${MAX_PATH_LENGTH} characters. Use a shorter path.`, input);
+    }
+    const resolved = normalize(resolve(projectRoot, input));
+    const rel = relative(projectRoot, resolved);
+    if (rel.startsWith('..') || rel.startsWith('/')) {
+        throw new PathViolationError(`Path "${input}" escapes project root. Use a path within the project directory.`, input);
+    }
+    return resolved;
+}
+//# sourceMappingURL=path-sanitizer.js.map

package/dist/engine/safety/path-sanitizer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"path-sanitizer.js","sourceRoot":"","sources":["../../../src/engine/safety/path-sanitizer.ts"],"names":[],"mappings":"AAAA,kEAAkE;AAElE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAGzD,MAAM,eAAe,GAAG,IAAI,CAAC;AAE7B,MAAM,OAAO,kBAAmB,SAAQ,KAAK;IAClC,IAAI,GAAG,gBAAyB,CAAC;IACjC,KAAK,CAAS;IAEvB,YAAY,OAAe,EAAE,KAAa;QACxC,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAC;QACjC,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;CACF;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,YAAY,CAAC,KAAa,EAAE,WAAmB;IAC7D,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QACzB,MAAM,IAAI,kBAAkB,CAC1B,6DAA6D,EAC7D,KAAK,CACN,CAAC;IACJ,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,GAAG,eAAe,EAAE,CAAC;QACnC,MAAM,IAAI,kBAAkB,CAC1B,kCAAkC,eAAe,kCAAkC,EACnF,KAAK,CACN,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,SAAS,CAAC,OAAO,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;IACxD,MAAM,GAAG,GAAG,QAAQ,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAE5C,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QAChD,MAAM,IAAI,kBAAkB,CAC1B,SAAS,KAAK,kEAAkE,EAChF,KAAK,CACN,CAAC;IACJ,CAAC;IAED,OAAO,QAAoB,CAAC;AAC9B,CAAC"}

package/dist/engine/safety/transaction.d.ts

@@ -0,0 +1,18 @@
+import type { ErrorSeverity, RollbackEvent, SafetyErrorCode, TransactionStep } from '../../types/safety.js';
+export declare class SafetyTransactionError extends Error {
+    readonly code: SafetyErrorCode;
+    readonly severity: ErrorSeverity;
+    readonly recovery: string;
+    readonly rollbackEvent: RollbackEvent;
+    constructor(message: string, code: SafetyErrorCode, severity: ErrorSeverity, recovery: string, rollbackEvent: RollbackEvent);
+}
+export declare class Transaction {
+    readonly id: string;
+    private readonly steps;
+    private readonly completedSteps;
+    constructor();
+    addStep(step: TransactionStep): void;
+    commit(): Promise<void>;
+    rollback(): Promise<void>;
+}
+//# sourceMappingURL=transaction.d.ts.map

package/dist/engine/safety/transaction.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"transaction.d.ts","sourceRoot":"","sources":["../../../src/engine/safety/transaction.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EACV,aAAa,EACb,aAAa,EACb,eAAe,EACf,eAAe,EAChB,MAAM,uBAAuB,CAAC;AAE/B,qBAAa,sBAAuB,SAAQ,KAAK;IAC/C,QAAQ,CAAC,IAAI,EAAE,eAAe,CAAC;IAC/B,QAAQ,CAAC,QAAQ,EAAE,aAAa,CAAC;IACjC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAC;gBAGpC,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,eAAe,EACrB,QAAQ,EAAE,aAAa,EACvB,QAAQ,EAAE,MAAM,EAChB,aAAa,EAAE,aAAa;CAS/B;AAmBD,qBAAa,WAAW;IACtB,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAyB;IAC/C,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAgB;;IAM/C,OAAO,CAAC,IAAI,EAAE,eAAe,GAAG,IAAI;IAI9B,MAAM,IAAI,OAAO,CAAC,IAAI,CAAC;IA6BvB,QAAQ,IAAI,OAAO,CAAC,IAAI,CAAC;CAehC"}

package/dist/engine/safety/transaction.js

@@ -0,0 +1,70 @@
+// SPEC-094 AC-2 + AC-10: Transaction with auto-rollback and error classification
+import { randomUUID } from 'node:crypto';
+export class SafetyTransactionError extends Error {
+    code;
+    severity;
+    recovery;
+    rollbackEvent;
+    constructor(message, code, severity, recovery, rollbackEvent) {
+        super(message);
+        this.name = 'SafetyTransactionError';
+        this.code = code;
+        this.severity = severity;
+        this.recovery = recovery;
+        this.rollbackEvent = rollbackEvent;
+    }
+}
+function createRollbackEvent(transactionId, failedStep, stepsRolledBack, error) {
+    const event = {
+        transactionId,
+        failedStep,
+        stepsRolledBack,
+        error,
+        timestamp: new Date().toISOString(),
+    };
+    console.warn('[Transaction] Rollback event:', JSON.stringify(event));
+    return event;
+}
+export class Transaction {
+    id;
+    steps = [];
+    completedSteps = [];
+    constructor() {
+        this.id = randomUUID();
+    }
+    addStep(step) {
+        this.steps.push(step);
+    }
+    async commit() {
+        for (const step of this.steps) {
+            try {
+                await step.doFn();
+                this.completedSteps.push(step.name);
+            }
+            catch (err) {
+                const errorMessage = err instanceof Error ? err.message : String(err);
+                await this.rollback();
+                const rollbackEvent = createRollbackEvent(this.id, step.name, [...this.completedSteps], errorMessage);
+                throw new SafetyTransactionError(`Transaction failed at step "${step.name}": ${errorMessage}`, 'ROLLBACK_TRIGGERED', 'critical', `Review the failed step "${step.name}" and retry the operation. ` +
+                    `${this.completedSteps.length} step(s) were rolled back.`, rollbackEvent);
+            }
+        }
+    }
+    async rollback() {
+        const stepsToUndo = [...this.completedSteps].reverse();
+        for (const stepName of stepsToUndo) {
+            const step = this.steps.find((s) => s.name === stepName);
+            if (!step) {
+                continue;
+            }
+            try {
+                await step.undoFn();
+            }
+            catch (undoErr) {
+                const msg = undoErr instanceof Error ? undoErr.message : String(undoErr);
+                console.warn(`[Transaction] Undo failed for step "${stepName}": ${msg}`);
+            }
+        }
+    }
+}
+//# sourceMappingURL=transaction.js.map

package/dist/engine/safety/transaction.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"transaction.js","sourceRoot":"","sources":["../../../src/engine/safety/transaction.ts"],"names":[],"mappings":"AAAA,iFAAiF;AAEjF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAQzC,MAAM,OAAO,sBAAuB,SAAQ,KAAK;IACtC,IAAI,CAAkB;IACtB,QAAQ,CAAgB;IACxB,QAAQ,CAAS;IACjB,aAAa,CAAgB;IAEtC,YACE,OAAe,EACf,IAAqB,EACrB,QAAuB,EACvB,QAAgB,EAChB,aAA4B;QAE5B,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,wBAAwB,CAAC;QACrC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;QACjB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,QAAQ,GAAG,QAAQ,CAAC;QACzB,IAAI,CAAC,aAAa,GAAG,aAAa,CAAC;IACrC,CAAC;CACF;AAED,SAAS,mBAAmB,CAC1B,aAAqB,EACrB,UAAkB,EAClB,eAAyB,EACzB,KAAa;IAEb,MAAM,KAAK,GAAkB;QAC3B,aAAa;QACb,UAAU;QACV,eAAe;QACf,KAAK;QACL,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;IACF,OAAO,CAAC,IAAI,CAAC,+BAA+B,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC;IACrE,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,OAAO,WAAW;IACb,EAAE,CAAS;IACH,KAAK,GAAsB,EAAE,CAAC;IAC9B,cAAc,GAAa,EAAE,CAAC;IAE/C;QACE,IAAI,CAAC,EAAE,GAAG,UAAU,EAAE,CAAC;IACzB,CAAC;IAED,OAAO,CAAC,IAAqB;QAC3B,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxB,CAAC;IAED,KAAK,CAAC,MAAM;QACV,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC9B,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,IAAI,EAAE,CAAC;gBAClB,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACtC,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,YAAY,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBAEtE,MAAM,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAEtB,MAAM,aAAa,GAAG,mBAAmB,CACvC,IAAI,CAAC,EAAE,EACP,IAAI,CAAC,IAAI,EACT,CAAC,GAAG,IAAI,CAAC,cAAc,CAAC,EACxB,YAAY,CACb,CAAC;gBAEF,MAAM,IAAI,sBAAsB,CAC9B,+BAA+B,IAAI,CAAC,IAAI,MAAM,YAAY,EAAE,EAC5D,oBAAoB,EACpB,UAAU,EACV,2BAA2B,IAAI,CAAC,IAAI,6BAA6B;oBAC/D,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,4BAA4B,EAC3D,aAAa,CACd,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,KAAK,CAAC,QAAQ;QACZ,MAAM,WAAW,GAAG,CAAC,GAAG,IAAI,CAAC,cAAc,CAAC,CAAC,OAAO,EAAE,CAAC;QACvD,KAAK,MAAM,QAAQ,IAAI,WAAW,EAAE,CAAC;YACnC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC;YACzD,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,SAAS;YACX,CAAC;YACD,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,MAAM,EAAE,CAAC;YACtB,CAAC;YAAC,OAAO,OAAO,EAAE,CAAC;gBACjB,MAAM,GAAG,GAAG,OAAO,YAAY,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;gBACzE,OAAO,CAAC,IAAI,CAAC,uCAAuC,QAAQ,MAAM,GAAG,EAAE,CAAC,CAAC;YAC3E,CAAC;QACH,CAAC;IACH,CAAC;CACF"}