@planu/cli 1.10.0 → 1.12.0

package/dist/config/license-plans.json

@@ -92,7 +92,10 @@
     "update_status",
     "validate",
     "worker_status",
-    "security_scan"
+    "security_scan",
+    "set_context_profile",
+    "get_context_profile",
+    "list_context_profiles"
   ],
   "proTools": [
     "a2a_delegate",
@@ -155,6 +158,7 @@
     "diff_spec_versions",
     "discover_mcps",
     "discover_registry",
+    "distribution_readiness",
     "ecosystem_status",
     "elicit_requirements",
     "estimate_ai_cost",
@@ -182,11 +186,14 @@
     "generate_diagram",
     "generate_docs_site",
     "generate_ide_config",
+    "generate_cost_estimate",
+    "generate_deployment_diagram",
     "generate_infrastructure",
     "generate_orchestration_plan",
     "generate_orchestration_script",
     "generate_planu_ci",
     "generate_proposal",
+    "generate_runbook",
     "generate_rules",
     "generate_skill",
     "generate_spec_from_api",
@@ -196,6 +203,7 @@
     "hook_status",
     "import_spec",
     "inject_criteria",
+    "inject_quality_gates",
     "integrate_pm",
     "jira_status",
     "knowledge_gap_detector",
@@ -427,7 +435,29 @@
     "record_spend",
     "discover_mcp_gateways",
     "federation_discovery_status",
-    "dogfood_status"
+    "dogfood_status",
+    "generate_compliance_evidence",
+    "check_api_compatibility_v2",
+    "critical_path_analyzer_v2",
+    "similar_problems_finder_v2",
+    "suggest_mcp_catalog",
+    "verify_spec_compliance",
+    "compliance_score_report",
+    "auto_fix_health",
+    "auto_remediate_compliance",
+    "resolve_drift_violations",
+    "pull_from_notion",
+    "pull_from_asana",
+    "pull_from_monday",
+    "sync_all_integrations",
+    "validate_criteria_quality",
+    "rewrite_criteria_ears",
+    "ears_lint",
+    "configure_checkpoint_policy",
+    "require_checkpoint",
+    "approve_checkpoint",
+    "reject_checkpoint",
+    "list_pending_checkpoints"
   ],
   "alwaysAllowed": [
     "activate_license",

package/dist/engine/api-compat/compatibility-checker.d.ts

@@ -0,0 +1,4 @@
+import type { ApiCompatibilityResult } from '../../types/index.js';
+export declare function findSpecFile(projectPath: string, specId: string): Promise<string | null>;
+export declare function checkApiCompatibility(specId1: string, specId2: string, projectPath: string): Promise<ApiCompatibilityResult>;
+//# sourceMappingURL=compatibility-checker.d.ts.map

package/dist/engine/api-compat/compatibility-checker.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"compatibility-checker.d.ts","sourceRoot":"","sources":["../../../src/engine/api-compat/compatibility-checker.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,sBAAsB,EAAa,MAAM,sBAAsB,CAAC;AAgB9E,wBAAsB,YAAY,CAAC,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAI9F;AA8ED,wBAAsB,qBAAqB,CACzC,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,MAAM,EACf,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,sBAAsB,CAAC,CAqCjC"}

package/dist/engine/api-compat/compatibility-checker.js

@@ -0,0 +1,118 @@
+// engine/api-compat/compatibility-checker.ts — SPEC-405
+// Compare two spec files' API surfaces to determine compatibility.
+import { readFile } from 'node:fs/promises';
+import { join } from 'node:path';
+import { glob } from 'glob';
+// ---------------------------------------------------------------------------
+// Regex patterns for API surface extraction
+// ---------------------------------------------------------------------------
+const REST_PATTERN = /\b(GET|POST|PUT|PATCH|DELETE)\s+(\/[^\s`'")\]]+)/gi;
+const GRAPHQL_TYPE_PATTERN = /\btype\s+(\w+)\s*\{/gi;
+const GRAPHQL_MUTATION_PATTERN = /\bmutation\s+(\w+)\s*[({]/gi;
+const GRAPHQL_QUERY_PATTERN = /\bquery\s+(\w+)\s*[({]/gi;
+const EVENT_PATTERN = /\bevent[:\s]+["'`]?([A-Za-z][A-Za-z0-9_.:-]+)["'`]?/gi;
+// ---------------------------------------------------------------------------
+// Spec file discovery
+// ---------------------------------------------------------------------------
+export async function findSpecFile(projectPath, specId) {
+    const pattern = join(projectPath, 'planu', 'specs', `${specId}-*`, 'spec.md');
+    const matches = await glob(pattern, { nodir: true });
+    return matches[0] ?? null;
+}
+async function readSpecMd(projectPath, specId) {
+    const filePath = await findSpecFile(projectPath, specId);
+    if (!filePath) {
+        return null;
+    }
+    try {
+        return await readFile(filePath, 'utf-8');
+    }
+    catch {
+        return null;
+    }
+}
+// ---------------------------------------------------------------------------
+// API surface extraction
+// ---------------------------------------------------------------------------
+function extractApiSurface(content) {
+    const items = new Set();
+    let m;
+    const restRe = new RegExp(REST_PATTERN.source, 'gi');
+    while ((m = restRe.exec(content)) !== null) {
+        if (m[1] && m[2]) {
+            items.add(`REST:${m[1].toUpperCase()} ${m[2]}`);
+        }
+    }
+    const gqlTypeRe = new RegExp(GRAPHQL_TYPE_PATTERN.source, 'gi');
+    while ((m = gqlTypeRe.exec(content)) !== null) {
+        if (m[1]) {
+            items.add(`GQL_TYPE:${m[1]}`);
+        }
+    }
+    const gqlMutRe = new RegExp(GRAPHQL_MUTATION_PATTERN.source, 'gi');
+    while ((m = gqlMutRe.exec(content)) !== null) {
+        if (m[1]) {
+            items.add(`GQL_MUTATION:${m[1]}`);
+        }
+    }
+    const gqlQryRe = new RegExp(GRAPHQL_QUERY_PATTERN.source, 'gi');
+    while ((m = gqlQryRe.exec(content)) !== null) {
+        if (m[1]) {
+            items.add(`GQL_QUERY:${m[1]}`);
+        }
+    }
+    const eventRe = new RegExp(EVENT_PATTERN.source, 'gi');
+    while ((m = eventRe.exec(content)) !== null) {
+        if (m[1]) {
+            items.add(`EVENT:${m[1]}`);
+        }
+    }
+    return items;
+}
+// ---------------------------------------------------------------------------
+// Compatibility scoring
+// ---------------------------------------------------------------------------
+function computeScore(breakingCount, additiveCount, totalItems) {
+    if (totalItems === 0) {
+        return 100;
+    }
+    const breakingPenalty = (breakingCount / totalItems) * 80;
+    const additivePenalty = (additiveCount / totalItems) * 10;
+    return Math.max(0, Math.round(100 - breakingPenalty - additivePenalty));
+}
+// ---------------------------------------------------------------------------
+// Public function
+// ---------------------------------------------------------------------------
+export async function checkApiCompatibility(specId1, specId2, projectPath) {
+    const [content1, content2] = await Promise.all([
+        readSpecMd(projectPath, specId1),
+        readSpecMd(projectPath, specId2),
+    ]);
+    const surface1 = extractApiSurface(content1 ?? '');
+    const surface2 = extractApiSurface(content2 ?? '');
+    const breaking = [];
+    const additive = [];
+    // Items in spec1 but not in spec2 → removed (breaking)
+    for (const item of surface1) {
+        if (!surface2.has(item)) {
+            breaking.push({ type: 'removed', item, severity: 'breaking' });
+        }
+    }
+    // Items in spec2 but not in spec1 → added (additive)
+    for (const item of surface2) {
+        if (!surface1.has(item)) {
+            additive.push({ type: 'added', item, severity: 'additive' });
+        }
+    }
+    const totalItems = surface1.size + surface2.size;
+    const score = computeScore(breaking.length, additive.length, totalItems);
+    return {
+        compatible: breaking.length === 0,
+        specId1,
+        specId2,
+        breakingChanges: breaking,
+        additiveChanges: additive,
+        score,
+    };
+}
+//# sourceMappingURL=compatibility-checker.js.map

package/dist/engine/api-compat/compatibility-checker.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"compatibility-checker.js","sourceRoot":"","sources":["../../../src/engine/api-compat/compatibility-checker.ts"],"names":[],"mappings":"AAAA,wDAAwD;AACxD,mEAAmE;AAEnE,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,8EAA8E;AAC9E,4CAA4C;AAC5C,8EAA8E;AAE9E,MAAM,YAAY,GAAG,oDAAoD,CAAC;AAC1E,MAAM,oBAAoB,GAAG,uBAAuB,CAAC;AACrD,MAAM,wBAAwB,GAAG,6BAA6B,CAAC;AAC/D,MAAM,qBAAqB,GAAG,0BAA0B,CAAC;AACzD,MAAM,aAAa,GAAG,uDAAuD,CAAC;AAE9E,8EAA8E;AAC9E,sBAAsB;AACtB,8EAA8E;AAE9E,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,WAAmB,EAAE,MAAc;IACpE,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,OAAO,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,EAAE,SAAS,CAAC,CAAC;IAC9E,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACrD,OAAO,OAAO,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;AAC5B,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,WAAmB,EAAE,MAAc;IAC3D,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IACzD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC;QACH,OAAO,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC3C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,yBAAyB;AACzB,8EAA8E;AAE9E,SAAS,iBAAiB,CAAC,OAAe;IACxC,MAAM,KAAK,GAAG,IAAI,GAAG,EAAU,CAAC;IAEhC,IAAI,CAAyB,CAAC;IAE9B,MAAM,MAAM,GAAG,IAAI,MAAM,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IACrD,OAAO,CAAC,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC3C,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACjB,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,MAAM,CAAC,oBAAoB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAChE,OAAO,CAAC,CAAC,GAAG,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC9C,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACT,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAChC,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,MAAM,CAAC,wBAAwB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IACnE,OAAO,CAAC,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC7C,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACT,KAAK,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACpC,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,MAAM,CAAC,qBAAqB,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IAChE,OAAO,CAAC,CAAC,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC7C,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACT,KAAK,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACjC,CAAC;IACH,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,aAAa,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;IACvD,OAAO,CAAC,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC5C,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACT,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,8EAA8E;AAC9E,wBAAwB;AACxB,8EAA8E;AAE9E,SAAS,YAAY,CAAC,aAAqB,EAAE,aAAqB,EAAE,UAAkB;IACpF,IAAI,UAAU,KAAK,CAAC,EAAE,CAAC;QACrB,OAAO,GAAG,CAAC;IACb,CAAC;IACD,MAAM,eAAe,GAAG,CAAC,aAAa,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC;IAC1D,MAAM,eAAe,GAAG,CAAC,aAAa,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC;IAC1D,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,eAAe,GAAG,eAAe,CAAC,CAAC,CAAC;AAC1E,CAAC;AAED,8EAA8E;AAC9E,kBAAkB;AAClB,8EAA8E;AAE9E,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,OAAe,EACf,OAAe,EACf,WAAmB;IAEnB,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QAC7C,UAAU,CAAC,WAAW,EAAE,OAAO,CAAC;QAChC,UAAU,CAAC,WAAW,EAAE,OAAO,CAAC;KACjC,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,iBAAiB,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC;IACnD,MAAM,QAAQ,GAAG,iBAAiB,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC;IAEnD,MAAM,QAAQ,GAAgB,EAAE,CAAC;IACjC,MAAM,QAAQ,GAAgB,EAAE,CAAC;IAEjC,uDAAuD;IACvD,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC5B,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;IAED,qDAAqD;IACrD,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC5B,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC,CAAC;QAC/D,CAAC;IACH,CAAC;IAED,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC;IACjD,MAAM,KAAK,GAAG,YAAY,CAAC,QAAQ,CAAC,MAAM,EAAE,QAAQ,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IAEzE,OAAO;QACL,UAAU,EAAE,QAAQ,CAAC,MAAM,KAAK,CAAC;QACjC,OAAO;QACP,OAAO;QACP,eAAe,EAAE,QAAQ;QACzB,eAAe,EAAE,QAAQ;QACzB,KAAK;KACN,CAAC;AACJ,CAAC"}

package/dist/engine/checkpoint/checkpoint-manager.d.ts

@@ -0,0 +1,22 @@
+import type { WorkflowCheckpoint, CheckpointPolicy } from '../../types/index.js';
+/**
+ * Creates a new pending checkpoint for the given spec transition.
+ * If the policy has autoApproveAfterHours set, schedules the auto-approve time.
+ */
+export declare function requestCheckpoint(projectPath: string, specId: string, policy: CheckpointPolicy, requestedBy: string): Promise<WorkflowCheckpoint>;
+/**
+ * Approves a pending checkpoint.
+ * Returns the updated checkpoint and a flag indicating the blocked transition can now proceed.
+ */
+export declare function approveCheckpoint(projectPath: string, checkpointId: string, approvedBy: string): Promise<{
+    checkpoint: WorkflowCheckpoint;
+    transitionApplied: boolean;
+}>;
+/** Rejects a pending checkpoint with a mandatory reason. */
+export declare function rejectCheckpoint(projectPath: string, checkpointId: string, rejectedBy: string, reason: string): Promise<WorkflowCheckpoint>;
+/**
+ * Scans all pending checkpoints for a project and auto-approves any that have
+ * passed their autoApproveAt deadline. Returns the list of auto-approved checkpoints.
+ */
+export declare function checkAutoApprovals(projectPath: string): Promise<WorkflowCheckpoint[]>;
+//# sourceMappingURL=checkpoint-manager.d.ts.map

package/dist/engine/checkpoint/checkpoint-manager.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"checkpoint-manager.d.ts","sourceRoot":"","sources":["../../../src/engine/checkpoint/checkpoint-manager.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AAYjF;;;GAGG;AACH,wBAAsB,iBAAiB,CACrC,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,gBAAgB,EACxB,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,kBAAkB,CAAC,CAmB7B;AAMD;;;GAGG;AACH,wBAAsB,iBAAiB,CACrC,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,MAAM,EACpB,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC;IAAE,UAAU,EAAE,kBAAkB,CAAC;IAAC,iBAAiB,EAAE,OAAO,CAAA;CAAE,CAAC,CAMzE;AAMD,4DAA4D;AAC5D,wBAAsB,gBAAgB,CACpC,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,MAAM,EACpB,UAAU,EAAE,MAAM,EAClB,MAAM,EAAE,MAAM,GACb,OAAO,CAAC,kBAAkB,CAAC,CAM7B;AAMD;;;GAGG;AACH,wBAAsB,kBAAkB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,EAAE,CAAC,CAmB3F"}

package/dist/engine/checkpoint/checkpoint-manager.js

@@ -0,0 +1,76 @@
+// engine/checkpoint/checkpoint-manager.ts — Checkpoint lifecycle management (SPEC-411)
+import { hashProjectPath } from '../../storage/base-store.js';
+import { createWorkflowCheckpoint, resolveWorkflowCheckpoint, getPendingWorkflowCheckpoints, } from '../../storage/workflow-checkpoint-store.js';
+// ---------------------------------------------------------------------------
+// Request
+// ---------------------------------------------------------------------------
+/**
+ * Creates a new pending checkpoint for the given spec transition.
+ * If the policy has autoApproveAfterHours set, schedules the auto-approve time.
+ */
+export async function requestCheckpoint(projectPath, specId, policy, requestedBy) {
+    const projectId = hashProjectPath(projectPath);
+    const autoApproveAt = policy.autoApproveAfterHours !== undefined
+        ? new Date(Date.now() + policy.autoApproveAfterHours * 3_600_000).toISOString()
+        : undefined;
+    return createWorkflowCheckpoint(projectPath, {
+        specId,
+        projectId,
+        policyId: policy.id,
+        blockingTransition: policy.transition,
+        requiredRole: policy.requiredRole,
+        requestedBy,
+        requestedAt: new Date().toISOString(),
+        status: 'pending',
+        autoApproveAt,
+    });
+}
+// ---------------------------------------------------------------------------
+// Approve
+// ---------------------------------------------------------------------------
+/**
+ * Approves a pending checkpoint.
+ * Returns the updated checkpoint and a flag indicating the blocked transition can now proceed.
+ */
+export async function approveCheckpoint(projectPath, checkpointId, approvedBy) {
+    const checkpoint = await resolveWorkflowCheckpoint(projectPath, checkpointId, {
+        status: 'approved',
+        resolvedBy: approvedBy,
+    });
+    return { checkpoint, transitionApplied: true };
+}
+// ---------------------------------------------------------------------------
+// Reject
+// ---------------------------------------------------------------------------
+/** Rejects a pending checkpoint with a mandatory reason. */
+export async function rejectCheckpoint(projectPath, checkpointId, rejectedBy, reason) {
+    return resolveWorkflowCheckpoint(projectPath, checkpointId, {
+        status: 'rejected',
+        resolvedBy: rejectedBy,
+        rejectionReason: reason,
+    });
+}
+// ---------------------------------------------------------------------------
+// Auto-approve
+// ---------------------------------------------------------------------------
+/**
+ * Scans all pending checkpoints for a project and auto-approves any that have
+ * passed their autoApproveAt deadline. Returns the list of auto-approved checkpoints.
+ */
+export async function checkAutoApprovals(projectPath) {
+    const pending = await getPendingWorkflowCheckpoints(projectPath);
+    const now = Date.now();
+    const autoApproved = [];
+    for (const checkpoint of pending) {
+        if (checkpoint.autoApproveAt !== undefined &&
+            new Date(checkpoint.autoApproveAt).getTime() <= now) {
+            const updated = await resolveWorkflowCheckpoint(projectPath, checkpoint.id, {
+                status: 'approved',
+                resolvedBy: 'system:auto-approve',
+            });
+            autoApproved.push(updated);
+        }
+    }
+    return autoApproved;
+}
+//# sourceMappingURL=checkpoint-manager.js.map

package/dist/engine/checkpoint/checkpoint-manager.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"checkpoint-manager.js","sourceRoot":"","sources":["../../../src/engine/checkpoint/checkpoint-manager.ts"],"names":[],"mappings":"AAAA,uFAAuF;AAGvF,OAAO,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC9D,OAAO,EACL,wBAAwB,EACxB,yBAAyB,EACzB,6BAA6B,GAC9B,MAAM,4CAA4C,CAAC;AAEpD,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,WAAmB,EACnB,MAAc,EACd,MAAwB,EACxB,WAAmB;IAEnB,MAAM,SAAS,GAAG,eAAe,CAAC,WAAW,CAAC,CAAC;IAE/C,MAAM,aAAa,GACjB,MAAM,CAAC,qBAAqB,KAAK,SAAS;QACxC,CAAC,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,qBAAqB,GAAG,SAAS,CAAC,CAAC,WAAW,EAAE;QAC/E,CAAC,CAAC,SAAS,CAAC;IAEhB,OAAO,wBAAwB,CAAC,WAAW,EAAE;QAC3C,MAAM;QACN,SAAS;QACT,QAAQ,EAAE,MAAM,CAAC,EAAE;QACnB,kBAAkB,EAAE,MAAM,CAAC,UAAU;QACrC,YAAY,EAAE,MAAM,CAAC,YAAY;QACjC,WAAW;QACX,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACrC,MAAM,EAAE,SAAS;QACjB,aAAa;KACd,CAAC,CAAC;AACL,CAAC;AAED,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,WAAmB,EACnB,YAAoB,EACpB,UAAkB;IAElB,MAAM,UAAU,GAAG,MAAM,yBAAyB,CAAC,WAAW,EAAE,YAAY,EAAE;QAC5E,MAAM,EAAE,UAAU;QAClB,UAAU,EAAE,UAAU;KACvB,CAAC,CAAC;IACH,OAAO,EAAE,UAAU,EAAE,iBAAiB,EAAE,IAAI,EAAE,CAAC;AACjD,CAAC;AAED,8EAA8E;AAC9E,SAAS;AACT,8EAA8E;AAE9E,4DAA4D;AAC5D,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,WAAmB,EACnB,YAAoB,EACpB,UAAkB,EAClB,MAAc;IAEd,OAAO,yBAAyB,CAAC,WAAW,EAAE,YAAY,EAAE;QAC1D,MAAM,EAAE,UAAU;QAClB,UAAU,EAAE,UAAU;QACtB,eAAe,EAAE,MAAM;KACxB,CAAC,CAAC;AACL,CAAC;AAED,8EAA8E;AAC9E,eAAe;AACf,8EAA8E;AAE9E;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,WAAmB;IAC1D,MAAM,OAAO,GAAG,MAAM,6BAA6B,CAAC,WAAW,CAAC,CAAC;IACjE,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACvB,MAAM,YAAY,GAAyB,EAAE,CAAC;IAE9C,KAAK,MAAM,UAAU,IAAI,OAAO,EAAE,CAAC;QACjC,IACE,UAAU,CAAC,aAAa,KAAK,SAAS;YACtC,IAAI,IAAI,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC,OAAO,EAAE,IAAI,GAAG,EACnD,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,yBAAyB,CAAC,WAAW,EAAE,UAAU,CAAC,EAAE,EAAE;gBAC1E,MAAM,EAAE,UAAU;gBAClB,UAAU,EAAE,qBAAqB;aAClC,CAAC,CAAC;YACH,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC"}

package/dist/engine/checkpoint/policy-engine.d.ts

@@ -0,0 +1,10 @@
+import type { CheckpointPolicy, WorkflowCheckpointConfig, WorkflowSpecStatus, CheckpointPolicyPreset } from '../../types/index.js';
+export declare const POLICY_PRESETS: Record<string, CheckpointPolicyPreset>;
+/**
+ * Returns the matching policy if the given transition requires a checkpoint,
+ * or null if the transition is free to proceed.
+ */
+export declare function requiresCheckpoint(config: WorkflowCheckpointConfig, fromStatus: WorkflowSpecStatus, toStatus: WorkflowSpecStatus): CheckpointPolicy | null;
+export declare function loadCheckpointConfig(projectPath: string): Promise<WorkflowCheckpointConfig>;
+export declare function saveCheckpointConfig(projectPath: string, config: WorkflowCheckpointConfig): Promise<void>;
+//# sourceMappingURL=policy-engine.d.ts.map

package/dist/engine/checkpoint/policy-engine.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy-engine.d.ts","sourceRoot":"","sources":["../../../src/engine/checkpoint/policy-engine.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,gBAAgB,EAChB,wBAAwB,EACxB,kBAAkB,EAClB,sBAAsB,EACvB,MAAM,sBAAsB,CAAC;AAO9B,eAAO,MAAM,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,sBAAsB,CAsDjE,CAAC;AAMF;;;GAGG;AACH,wBAAgB,kBAAkB,CAChC,MAAM,EAAE,wBAAwB,EAChC,UAAU,EAAE,kBAAkB,EAC9B,QAAQ,EAAE,kBAAkB,GAC3B,gBAAgB,GAAG,IAAI,CAGzB;AAYD,wBAAsB,oBAAoB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,wBAAwB,CAAC,CAGjG;AAED,wBAAsB,oBAAoB,CACxC,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,wBAAwB,GAC/B,OAAO,CAAC,IAAI,CAAC,CAGf"}

package/dist/engine/checkpoint/policy-engine.js

@@ -0,0 +1,87 @@
+// engine/checkpoint/policy-engine.ts — Checkpoint policy evaluation (SPEC-411)
+import { readJson, writeJson, projectDataDir, hashProjectPath } from '../../storage/base-store.js';
+// ---------------------------------------------------------------------------
+// Built-in presets
+// ---------------------------------------------------------------------------
+export const POLICY_PRESETS = {
+    strict: {
+        name: 'strict',
+        description: 'All major transitions require explicit approval',
+        policies: [
+            {
+                transition: 'draft->review',
+                requiredRole: 'developer',
+                description: 'Self-review before submitting',
+            },
+            {
+                transition: 'review->approved',
+                requiredRole: 'tech_lead',
+                description: 'Tech lead must approve before work starts',
+            },
+            {
+                transition: 'approved->implementing',
+                requiredRole: 'product_owner',
+                description: 'PO confirms priority before devs start',
+            },
+            {
+                transition: 'implementing->done',
+                requiredRole: 'qa',
+                description: 'QA must verify before marking done',
+            },
+        ],
+    },
+    balanced: {
+        name: 'balanced',
+        description: 'Only critical transitions need approval',
+        policies: [
+            {
+                transition: 'review->approved',
+                requiredRole: 'tech_lead',
+                description: 'Tech lead approves specs',
+            },
+            {
+                transition: 'implementing->done',
+                requiredRole: 'qa',
+                description: 'QA verifies completion',
+            },
+        ],
+    },
+    relaxed: {
+        name: 'relaxed',
+        description: 'Only final completion needs approval',
+        policies: [
+            {
+                transition: 'implementing->done',
+                requiredRole: 'tech_lead',
+                description: 'Lead confirms done',
+            },
+        ],
+    },
+};
+// ---------------------------------------------------------------------------
+// Policy evaluation
+// ---------------------------------------------------------------------------
+/**
+ * Returns the matching policy if the given transition requires a checkpoint,
+ * or null if the transition is free to proceed.
+ */
+export function requiresCheckpoint(config, fromStatus, toStatus) {
+    const transition = `${fromStatus}->${toStatus}`;
+    return config.policies.find((p) => p.transition === transition) ?? null;
+}
+// ---------------------------------------------------------------------------
+// Config persistence
+// ---------------------------------------------------------------------------
+function configFilePath(projectId) {
+    return `${projectDataDir(projectId)}/checkpoint-config.json`;
+}
+const EMPTY_CONFIG = { policies: [] };
+export async function loadCheckpointConfig(projectPath) {
+    const projectId = hashProjectPath(projectPath);
+    return readJson(configFilePath(projectId), EMPTY_CONFIG);
+}
+export async function saveCheckpointConfig(projectPath, config) {
+    const projectId = hashProjectPath(projectPath);
+    await writeJson(configFilePath(projectId), config);
+}
+//# sourceMappingURL=policy-engine.js.map

package/dist/engine/checkpoint/policy-engine.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"policy-engine.js","sourceRoot":"","sources":["../../../src/engine/checkpoint/policy-engine.ts"],"names":[],"mappings":"AAAA,+EAA+E;AAQ/E,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAEnG,8EAA8E;AAC9E,mBAAmB;AACnB,8EAA8E;AAE9E,MAAM,CAAC,MAAM,cAAc,GAA2C;IACpE,MAAM,EAAE;QACN,IAAI,EAAE,QAAQ;QACd,WAAW,EAAE,iDAAiD;QAC9D,QAAQ,EAAE;YACR;gBACE,UAAU,EAAE,eAAe;gBAC3B,YAAY,EAAE,WAAW;gBACzB,WAAW,EAAE,+BAA+B;aAC7C;YACD;gBACE,UAAU,EAAE,kBAAkB;gBAC9B,YAAY,EAAE,WAAW;gBACzB,WAAW,EAAE,2CAA2C;aACzD;YACD;gBACE,UAAU,EAAE,wBAAwB;gBACpC,YAAY,EAAE,eAAe;gBAC7B,WAAW,EAAE,wCAAwC;aACtD;YACD;gBACE,UAAU,EAAE,oBAAoB;gBAChC,YAAY,EAAE,IAAI;gBAClB,WAAW,EAAE,oCAAoC;aAClD;SACF;KACF;IACD,QAAQ,EAAE;QACR,IAAI,EAAE,UAAU;QAChB,WAAW,EAAE,yCAAyC;QACtD,QAAQ,EAAE;YACR;gBACE,UAAU,EAAE,kBAAkB;gBAC9B,YAAY,EAAE,WAAW;gBACzB,WAAW,EAAE,0BAA0B;aACxC;YACD;gBACE,UAAU,EAAE,oBAAoB;gBAChC,YAAY,EAAE,IAAI;gBAClB,WAAW,EAAE,wBAAwB;aACtC;SACF;KACF;IACD,OAAO,EAAE;QACP,IAAI,EAAE,SAAS;QACf,WAAW,EAAE,sCAAsC;QACnD,QAAQ,EAAE;YACR;gBACE,UAAU,EAAE,oBAAoB;gBAChC,YAAY,EAAE,WAAW;gBACzB,WAAW,EAAE,oBAAoB;aAClC;SACF;KACF;CACF,CAAC;AAEF,8EAA8E;AAC9E,oBAAoB;AACpB,8EAA8E;AAE9E;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAChC,MAAgC,EAChC,UAA8B,EAC9B,QAA4B;IAE5B,MAAM,UAAU,GAAG,GAAG,UAAU,KAAK,QAAQ,EAAW,CAAC;IACzD,OAAO,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,UAAU,CAAC,IAAI,IAAI,CAAC;AAC1E,CAAC;AAED,8EAA8E;AAC9E,qBAAqB;AACrB,8EAA8E;AAE9E,SAAS,cAAc,CAAC,SAAiB;IACvC,OAAO,GAAG,cAAc,CAAC,SAAS,CAAC,yBAAyB,CAAC;AAC/D,CAAC;AAED,MAAM,YAAY,GAA6B,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;AAEhE,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,WAAmB;IAC5D,MAAM,SAAS,GAAG,eAAe,CAAC,WAAW,CAAC,CAAC;IAC/C,OAAO,QAAQ,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,YAAY,CAAC,CAAC;AAC3D,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,WAAmB,EACnB,MAAgC;IAEhC,MAAM,SAAS,GAAG,eAAe,CAAC,WAAW,CAAC,CAAC;IAC/C,MAAM,SAAS,CAAC,cAAc,CAAC,SAAS,CAAC,EAAE,MAAM,CAAC,CAAC;AACrD,CAAC"}

package/dist/engine/compliance/auto-remediator.d.ts

@@ -0,0 +1,9 @@
+import type { ComplianceRemediationResult } from '../../types/health.js';
+type RemediationFramework = 'SOC2' | 'GDPR' | 'HIPAA' | 'ISO27001';
+/**
+ * For each compliance gap, creates a stub spec so the team has a tracked
+ * work item. When dryRun=true, returns findings without writing any files.
+ */
+export declare function autoRemediateCompliance(projectPath: string, projectId: string, framework: RemediationFramework, dryRun?: boolean): Promise<ComplianceRemediationResult>;
+export {};
+//# sourceMappingURL=auto-remediator.d.ts.map

package/dist/engine/compliance/auto-remediator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auto-remediator.d.ts","sourceRoot":"","sources":["../../../src/engine/compliance/auto-remediator.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,2BAA2B,EAAgB,MAAM,uBAAuB,CAAC;AAUvF,KAAK,oBAAoB,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,UAAU,CAAC;AA4FnE;;;GAGG;AACH,wBAAsB,uBAAuB,CAC3C,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,MAAM,EACjB,SAAS,EAAE,oBAAoB,EAC/B,MAAM,UAAQ,GACb,OAAO,CAAC,2BAA2B,CAAC,CAoDtC"}

package/dist/engine/compliance/auto-remediator.js

@@ -0,0 +1,118 @@
+// engine/compliance/auto-remediator.ts — Auto-remediation for compliance gaps (SPEC-408)
+import { mkdir, writeFile, access } from 'node:fs/promises';
+import { join } from 'node:path';
+import { specStore } from '../../storage/index.js';
+import { analyzeComplianceGaps } from './gap-analyzer.js';
+const FRAMEWORK_MAP = {
+    SOC2: 'soc2-type2',
+    GDPR: 'gdpr',
+    HIPAA: 'hipaa',
+    ISO27001: 'iso27001',
+};
+// ---------------------------------------------------------------------------
+// Spec file writer
+// ---------------------------------------------------------------------------
+async function specDirExists(specDir) {
+    try {
+        await access(specDir);
+        return true;
+    }
+    catch {
+        return false;
+    }
+}
+async function writeStubSpec(projectPath, specId, title, framework, criteria, dryRun) {
+    if (dryRun) {
+        return;
+    }
+    const specDir = join(projectPath, 'planu', 'specs', specId);
+    await mkdir(specDir, { recursive: true });
+    const criteriaLines = criteria.map((c) => `- [ ] ${c}`).join('\n');
+    const now = new Date().toISOString();
+    const specContent = [
+        '---',
+        `id: ${specId}`,
+        `title: "${title}"`,
+        `status: draft`,
+        `tags: [compliance, ${framework.toLowerCase()}, auto-generated]`,
+        `createdAt: ${now}`,
+        '---',
+        '',
+        `# ${title}`,
+        '',
+        `Auto-generated compliance spec for ${framework} framework.`,
+        '',
+        '## Acceptance Criteria',
+        '',
+        criteriaLines,
+        '',
+    ].join('\n');
+    await writeFile(join(specDir, 'spec.md'), specContent, 'utf-8');
+    await writeFile(join(specDir, 'progress.md'), `# ${specId} — Progress\n\nstatus: draft\n`, 'utf-8');
+}
+// ---------------------------------------------------------------------------
+// Manual action builders
+// ---------------------------------------------------------------------------
+function buildManualAction(controlId, controlName, criteria) {
+    return {
+        control: controlId,
+        description: `${controlName} requires manual process implementation`,
+        steps: [
+            `Review control ${controlId}: ${controlName}`,
+            'Identify existing policies and procedures that address this control',
+            'Document evidence in a spec or decision record',
+            ...criteria.map((c) => `Verify: ${c}`),
+        ],
+    };
+}
+// ---------------------------------------------------------------------------
+// Public API
+// ---------------------------------------------------------------------------
+/**
+ * For each compliance gap, creates a stub spec so the team has a tracked
+ * work item. When dryRun=true, returns findings without writing any files.
+ */
+export async function autoRemediateCompliance(projectPath, projectId, framework, dryRun = false) {
+    const catalogFramework = FRAMEWORK_MAP[framework];
+    const specs = await specStore.listSpecs(projectId);
+    const specInputs = specs.map((s) => ({
+        id: s.id,
+        title: s.title,
+        description: '',
+        status: s.status,
+    }));
+    const gapResult = analyzeComplianceGaps(catalogFramework, specInputs);
+    const createdSpecs = [];
+    const alreadyCovered = [];
+    const manualActionRequired = [];
+    const timestamp = Date.now();
+    for (const control of gapResult.coverage) {
+        if (control.status === 'passing') {
+            alreadyCovered.push(control.controlId);
+            continue;
+        }
+        if (control.status === 'missing') {
+            const slugControl = control.controlId.toLowerCase().replace(/[^a-z0-9]/g, '-');
+            const specId = `SPEC-auto-${slugControl}-${timestamp}`;
+            const title = `${framework} ${control.controlId} — ${control.controlName}`;
+            const specDir = join(projectPath, 'planu', 'specs', specId);
+            if (await specDirExists(specDir)) {
+                alreadyCovered.push(control.controlId);
+                continue;
+            }
+            await writeStubSpec(projectPath, specId, title, framework, control.requiredCriteria, dryRun);
+            createdSpecs.push(specId);
+        }
+        else {
+            // partial — manual action to complete coverage
+            manualActionRequired.push(buildManualAction(control.controlId, control.controlName, control.requiredCriteria));
+        }
+    }
+    return {
+        framework,
+        createdSpecs,
+        alreadyCovered,
+        manualActionRequired,
+    };
+}
+//# sourceMappingURL=auto-remediator.js.map

package/dist/engine/compliance/auto-remediator.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auto-remediator.js","sourceRoot":"","sources":["../../../src/engine/compliance/auto-remediator.ts"],"names":[],"mappings":"AAAA,yFAAyF;AAEzF,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AAC5D,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,OAAO,EAAE,SAAS,EAAE,MAAM,wBAAwB,CAAC;AACnD,OAAO,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAU1D,MAAM,aAAa,GAAsD;IACvE,IAAI,EAAE,YAAY;IAClB,IAAI,EAAE,MAAM;IACZ,KAAK,EAAE,OAAO;IACd,QAAQ,EAAE,UAAU;CACrB,CAAC;AAEF,8EAA8E;AAC9E,mBAAmB;AACnB,8EAA8E;AAE9E,KAAK,UAAU,aAAa,CAAC,OAAe;IAC1C,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC;QACtB,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,KAAK,UAAU,aAAa,CAC1B,WAAmB,EACnB,MAAc,EACd,KAAa,EACb,SAA+B,EAC/B,QAAkB,EAClB,MAAe;IAEf,IAAI,MAAM,EAAE,CAAC;QACX,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;IAC5D,MAAM,KAAK,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE1C,MAAM,aAAa,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACnE,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAErC,MAAM,WAAW,GAAG;QAClB,KAAK;QACL,OAAO,MAAM,EAAE;QACf,WAAW,KAAK,GAAG;QACnB,eAAe;QACf,sBAAsB,SAAS,CAAC,WAAW,EAAE,mBAAmB;QAChE,cAAc,GAAG,EAAE;QACnB,KAAK;QACL,EAAE;QACF,KAAK,KAAK,EAAE;QACZ,EAAE;QACF,sCAAsC,SAAS,aAAa;QAC5D,EAAE;QACF,wBAAwB;QACxB,EAAE;QACF,aAAa;QACb,EAAE;KACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEb,MAAM,SAAS,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,EAAE,WAAW,EAAE,OAAO,CAAC,CAAC;IAChE,MAAM,SAAS,CACb,IAAI,CAAC,OAAO,EAAE,aAAa,CAAC,EAC5B,KAAK,MAAM,gCAAgC,EAC3C,OAAO,CACR,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,yBAAyB;AACzB,8EAA8E;AAE9E,SAAS,iBAAiB,CACxB,SAAiB,EACjB,WAAmB,EACnB,QAAkB;IAElB,OAAO;QACL,OAAO,EAAE,SAAS;QAClB,WAAW,EAAE,GAAG,WAAW,yCAAyC;QACpE,KAAK,EAAE;YACL,kBAAkB,SAAS,KAAK,WAAW,EAAE;YAC7C,qEAAqE;YACrE,gDAAgD;YAChD,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC;SACvC;KACF,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,aAAa;AACb,8EAA8E;AAE9E;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,WAAmB,EACnB,SAAiB,EACjB,SAA+B,EAC/B,MAAM,GAAG,KAAK;IAEd,MAAM,gBAAgB,GAAG,aAAa,CAAC,SAAS,CAAC,CAAC;IAClD,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IAEnD,MAAM,UAAU,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACnC,EAAE,EAAE,CAAC,CAAC,EAAE;QACR,KAAK,EAAE,CAAC,CAAC,KAAK;QACd,WAAW,EAAE,EAAE;QACf,MAAM,EAAE,CAAC,CAAC,MAAM;KACjB,CAAC,CAAC,CAAC;IAEJ,MAAM,SAAS,GAAG,qBAAqB,CAAC,gBAAgB,EAAE,UAAU,CAAC,CAAC;IAEtE,MAAM,YAAY,GAAa,EAAE,CAAC;IAClC,MAAM,cAAc,GAAa,EAAE,CAAC;IACpC,MAAM,oBAAoB,GAAmB,EAAE,CAAC;IAEhD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,KAAK,MAAM,OAAO,IAAI,SAAS,CAAC,QAAQ,EAAE,CAAC;QACzC,IAAI,OAAO,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YACjC,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YACvC,SAAS;QACX,CAAC;QAED,IAAI,OAAO,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YACjC,MAAM,WAAW,GAAG,OAAO,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC;YAC/E,MAAM,MAAM,GAAG,aAAa,WAAW,IAAI,SAAS,EAAE,CAAC;YACvD,MAAM,KAAK,GAAG,GAAG,SAAS,IAAI,OAAO,CAAC,SAAS,MAAM,OAAO,CAAC,WAAW,EAAE,CAAC;YAE3E,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;YAC5D,IAAI,MAAM,aAAa,CAAC,OAAO,CAAC,EAAE,CAAC;gBACjC,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;gBACvC,SAAS;YACX,CAAC;YAED,MAAM,aAAa,CAAC,WAAW,EAAE,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC;YAC7F,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC5B,CAAC;aAAM,CAAC;YACN,+CAA+C;YAC/C,oBAAoB,CAAC,IAAI,CACvB,iBAAiB,CAAC,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,WAAW,EAAE,OAAO,CAAC,gBAAgB,CAAC,CACpF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO;QACL,SAAS;QACT,YAAY;QACZ,cAAc;QACd,oBAAoB;KACrB,CAAC;AACJ,CAAC"}

package/dist/engine/compliance/evidence-builder.d.ts

@@ -0,0 +1,19 @@
+import type { ComplianceEvidencePackage } from '../../types/index.js';
+import type { ComplianceFramework } from './framework-catalog.js';
+interface SpecInput {
+    id: string;
+    title: string;
+    description?: string;
+    status: string;
+    approvedAt?: string;
+    updatedAt?: string;
+}
+interface AuditEventInput {
+    timestamp: string;
+    action: string;
+    specId: string;
+    actor?: string;
+}
+export declare function buildEvidencePackage(framework: ComplianceFramework, projectId: string, specs: SpecInput[], auditEvents: AuditEventInput[]): ComplianceEvidencePackage;
+export {};
+//# sourceMappingURL=evidence-builder.d.ts.map

package/dist/engine/compliance/evidence-builder.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"evidence-builder.d.ts","sourceRoot":"","sources":["../../../src/engine/compliance/evidence-builder.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,sBAAsB,CAAC;AACtE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAIlE,UAAU,SAAS;IACjB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAGD,UAAU,eAAe;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,wBAAgB,oBAAoB,CAClC,SAAS,EAAE,mBAAmB,EAC9B,SAAS,EAAE,MAAM,EACjB,KAAK,EAAE,SAAS,EAAE,EAClB,WAAW,EAAE,eAAe,EAAE,GAC7B,yBAAyB,CAmC3B"}

package/dist/engine/compliance/evidence-builder.js

@@ -0,0 +1,36 @@
+// Planu — Compliance evidence package builder (SPEC-402)
+import { analyzeComplianceGaps } from './gap-analyzer.js';
+export function buildEvidencePackage(framework, projectId, specs, auditEvents) {
+    const gapAnalysis = analyzeComplianceGaps(framework, specs);
+    const doneSpecs = specs.filter((s) => s.status === 'done');
+    const approvalEvents = auditEvents.filter((e) => e.action === 'status:approved');
+    const controlMatrix = gapAnalysis.coverage.map((c) => ({
+        controlId: c.controlId,
+        controlName: c.controlName,
+        status: c.status,
+        specIds: c.coveringSpecIds,
+        evidence: c.coveringSpecIds.length > 0
+            ? `Covered by ${c.coveringSpecIds.length} spec(s): ${c.coveringSpecIds.join(', ')}`
+            : 'No specs found for this control',
+    }));
+    return {
+        framework,
+        projectId,
+        generatedAt: new Date().toISOString(),
+        summary: {
+            totalSpecs: specs.length,
+            doneSpecs: doneSpecs.length,
+            approvalEvents: approvalEvents.length,
+            complianceScore: gapAnalysis.score,
+        },
+        controlMatrix,
+        changeManagementEvidence: approvalEvents.slice(-20).map((e) => ({
+            timestamp: e.timestamp,
+            specId: e.specId,
+            actor: e.actor ?? 'unknown',
+            action: e.action,
+        })),
+        gaps: gapAnalysis.recommendations,
+    };
+}
+//# sourceMappingURL=evidence-builder.js.map

package/dist/engine/compliance/evidence-builder.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"evidence-builder.js","sourceRoot":"","sources":["../../../src/engine/compliance/evidence-builder.ts"],"names":[],"mappings":"AAAA,yDAAyD;AAIzD,OAAO,EAAE,qBAAqB,EAAE,MAAM,mBAAmB,CAAC;AAoB1D,MAAM,UAAU,oBAAoB,CAClC,SAA8B,EAC9B,SAAiB,EACjB,KAAkB,EAClB,WAA8B;IAE9B,MAAM,WAAW,GAAG,qBAAqB,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;IAC5D,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC;IAC3D,MAAM,cAAc,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,iBAAiB,CAAC,CAAC;IAEjF,MAAM,aAAa,GAAG,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACrD,SAAS,EAAE,CAAC,CAAC,SAAS;QACtB,WAAW,EAAE,CAAC,CAAC,WAAW;QAC1B,MAAM,EAAE,CAAC,CAAC,MAAM;QAChB,OAAO,EAAE,CAAC,CAAC,eAAe;QAC1B,QAAQ,EACN,CAAC,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC;YAC1B,CAAC,CAAC,cAAc,CAAC,CAAC,eAAe,CAAC,MAAM,aAAa,CAAC,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACnF,CAAC,CAAC,iCAAiC;KACxC,CAAC,CAAC,CAAC;IAEJ,OAAO;QACL,SAAS;QACT,SAAS;QACT,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACrC,OAAO,EAAE;YACP,UAAU,EAAE,KAAK,CAAC,MAAM;YACxB,SAAS,EAAE,SAAS,CAAC,MAAM;YAC3B,cAAc,EAAE,cAAc,CAAC,MAAM;YACrC,eAAe,EAAE,WAAW,CAAC,KAAK;SACnC;QACD,aAAa;QACb,wBAAwB,EAAE,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC9D,SAAS,EAAE,CAAC,CAAC,SAAS;YACtB,MAAM,EAAE,CAAC,CAAC,MAAM;YAChB,KAAK,EAAE,CAAC,CAAC,KAAK,IAAI,SAAS;YAC3B,MAAM,EAAE,CAAC,CAAC,MAAM;SACjB,CAAC,CAAC;QACH,IAAI,EAAE,WAAW,CAAC,eAAe;KAClC,CAAC;AACJ,CAAC"}