@pugi/cli 0.1.0-beta.5 → 0.1.0-beta.50

package/dist/core/permissions/state.js

@@ -0,0 +1,241 @@
+/**
+ * Per-workspace permission-mode session state — Leak L6.
+ *
+ * State lives in `.pugi/session.json` under the workspace root. The
+ * file is read on first `getCurrentMode()` call (cached for the
+ * process lifetime) and written atomically via tmp+rename on
+ * `setCurrentMode()` so a kill mid-write does not corrupt the JSON.
+ *
+ * Resolution order for the effective mode on a fresh process:
+ *   1. CLI flag (`pugi --mode plan`) — passed via `resolveMode` arg;
+ *      not read from disk here.
+ *   2. Workspace session state — `<root>/.pugi/session.json` field
+ *      `permissionMode`.
+ *   3. Global config — `~/.pugi/config.json` field
+ *      `defaultPermissionMode`.
+ *   4. Hard default `ask`.
+ *
+ * This module owns layers 2 + 3. The CLI arg parser owns layer 1; both
+ * funnel into `resolveMode()` which performs the merge.
+ */
+import { existsSync, mkdirSync, readFileSync, renameSync, writeFileSync } from 'node:fs';
+import { dirname, resolve } from 'node:path';
+import { homedir } from 'node:os';
+import { z } from 'zod';
+import { DEFAULT_PERMISSION_MODE, parsePermissionMode, } from './mode.js';
+/**
+ * Wave 7: zod enum for the canonical 6-mode taxonomy. Includes α6
+ * aliases (`ask`, `allow`, `bypass`) as accepted input — Zod parses
+ * them, the helpers below remap к canonical names before returning к
+ * the caller. Persistence always writes the canonical name so the file
+ * migrates forward on next save.
+ */
+const permissionModeEnum = z.enum([
+    // Canonical Wave 7 names.
+    'default',
+    'acceptEdits',
+    'plan',
+    'auto',
+    'dontAsk',
+    'bypassPermissions',
+    // α6 backwards-compat aliases — resolved via parsePermissionMode.
+    'ask',
+    'allow',
+    'bypass',
+]);
+const sessionStateSchema = z
+    .object({
+    permissionMode: permissionModeEnum.optional(),
+    /**
+     * Leak L7: snapshot of the mode that was active immediately BEFORE
+     * the operator typed `/plan` (or `/plan <prompt>`). `/plan --back`
+     * pops this snapshot and restores it. Cleared after a successful
+     * pop so a second `/plan --back` does not double-revert.
+     */
+    previousPermissionMode: permissionModeEnum.optional(),
+})
+    .partial()
+    .passthrough();
+const globalConfigSchema = z
+    .object({
+    defaultPermissionMode: permissionModeEnum.optional(),
+})
+    .partial()
+    .passthrough();
+const SESSION_FILE = '.pugi/session.json';
+/**
+ * Return the path to the workspace session-state file.
+ */
+export function sessionStatePath(workspaceRoot) {
+    return resolve(workspaceRoot, SESSION_FILE);
+}
+/**
+ * Return the path to the user-global config file. Uses HOME env when
+ * present (test fixtures, CI) so we never accidentally hit the real
+ * user-global file in spec runs.
+ */
+export function globalConfigPath(homeDir = homedir()) {
+    return resolve(homeDir, '.pugi/config.json');
+}
+/**
+ * Read the workspace's saved permission mode. Returns null when the
+ * file is absent OR the field is unset; the caller layers in CLI + env
+ * + global config defaults to produce the effective mode.
+ *
+ * Never throws on JSON parse / schema errors — a malformed session
+ * file should not break the gate. The defensive `try/catch` returns
+ * null and lets the caller fall through to the next layer.
+ */
+export function getCurrentMode(workspaceRoot) {
+    const path = sessionStatePath(workspaceRoot);
+    if (!existsSync(path))
+        return null;
+    try {
+        const raw = readFileSync(path, 'utf8');
+        const parsed = sessionStateSchema.parse(JSON.parse(raw));
+        if (typeof parsed.permissionMode !== 'string')
+            return null;
+        // Wave 7: parsePermissionMode resolves α6 aliases (`ask`, `allow`,
+        // `bypass`) to their canonical Wave 7 names. A session file written
+        // by α6.x is silently upgraded on read.
+        return parsePermissionMode(parsed.permissionMode);
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Persist the workspace's permission mode. Creates the `.pugi/` dir
+ * when missing; preserves any unrelated keys in the file (passthrough
+ * schema). Atomic tmp+rename so a kill mid-write does not corrupt the
+ * JSON.
+ */
+export function setCurrentMode(workspaceRoot, mode) {
+    const path = sessionStatePath(workspaceRoot);
+    mkdirSync(dirname(path), { recursive: true });
+    const existing = existsSync(path)
+        ? safeParseObject(readFileSync(path, 'utf8'))
+        : {};
+    const next = { ...existing, permissionMode: mode };
+    const tmpPath = `${path}.tmp`;
+    writeFileSync(tmpPath, `${JSON.stringify(next, null, 2)}\n`, { encoding: 'utf8', mode: 0o600 });
+    renameSync(tmpPath, path);
+}
+/**
+ * Leak L7 — read the snapshot of the mode that was active before the
+ * most-recent `/plan` (or `pugi plan`) entry. Returns null when the
+ * file is absent OR the field is unset. Same defensive behaviour as
+ * `getCurrentMode`: a malformed session file never breaks the slash
+ * command — the worst case is `/plan --back` reports "no previous
+ * mode to restore" and the operator picks the target mode explicitly.
+ */
+export function getPreviousMode(workspaceRoot) {
+    const path = sessionStatePath(workspaceRoot);
+    if (!existsSync(path))
+        return null;
+    try {
+        const raw = readFileSync(path, 'utf8');
+        const parsed = sessionStateSchema.parse(JSON.parse(raw));
+        if (typeof parsed.previousPermissionMode !== 'string')
+            return null;
+        return parsePermissionMode(parsed.previousPermissionMode);
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Leak L7 — record the mode that was active immediately before the
+ * operator switched to plan. The runtime calls this AT `/plan` entry
+ * with the current mode (whatever `resolveMode` returned). Atomic
+ * tmp+rename keeps the snapshot consistent if the process is killed
+ * mid-write. Pass `null` to clear the snapshot (used after a
+ * successful `/plan --back` so a second `--back` does not loop).
+ */
+export function setPreviousMode(workspaceRoot, mode) {
+    const path = sessionStatePath(workspaceRoot);
+    mkdirSync(dirname(path), { recursive: true });
+    const existing = existsSync(path)
+        ? safeParseObject(readFileSync(path, 'utf8'))
+        : {};
+    const next = { ...existing };
+    if (mode === null) {
+        delete next.previousPermissionMode;
+    }
+    else {
+        next.previousPermissionMode = mode;
+    }
+    const tmpPath = `${path}.tmp`;
+    writeFileSync(tmpPath, `${JSON.stringify(next, null, 2)}\n`, { encoding: 'utf8', mode: 0o600 });
+    renameSync(tmpPath, path);
+}
+/**
+ * Read `~/.pugi/config.json::defaultPermissionMode`. Returns null when
+ * the file is absent / the field is unset; same defensive behaviour
+ * as `getCurrentMode` — a malformed global config never breaks the gate.
+ */
+export function getGlobalDefaultMode(homeDir = homedir()) {
+    const path = globalConfigPath(homeDir);
+    if (!existsSync(path))
+        return null;
+    try {
+        const raw = readFileSync(path, 'utf8');
+        const parsed = globalConfigSchema.parse(JSON.parse(raw));
+        if (typeof parsed.defaultPermissionMode !== 'string')
+            return null;
+        return parsePermissionMode(parsed.defaultPermissionMode);
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Persist `~/.pugi/config.json::defaultPermissionMode`. Used by the
+ * `/permissions <mode> --persist` flow so a future fresh session
+ * defaults to the same mode without an explicit `--mode` flag.
+ */
+export function setGlobalDefaultMode(mode, homeDir = homedir()) {
+    const path = globalConfigPath(homeDir);
+    mkdirSync(dirname(path), { recursive: true });
+    const existing = existsSync(path)
+        ? safeParseObject(readFileSync(path, 'utf8'))
+        : {};
+    const next = { ...existing, defaultPermissionMode: mode };
+    const tmpPath = `${path}.tmp`;
+    writeFileSync(tmpPath, `${JSON.stringify(next, null, 2)}\n`, { encoding: 'utf8', mode: 0o600 });
+    renameSync(tmpPath, path);
+}
+export function resolveMode(options) {
+    if (options.cliFlag) {
+        const flag = parsePermissionMode(options.cliFlag);
+        if (flag)
+            return flag;
+    }
+    const workspace = getCurrentMode(options.workspaceRoot);
+    if (workspace)
+        return workspace;
+    const global = getGlobalDefaultMode(options.homeDir);
+    if (global)
+        return global;
+    return DEFAULT_PERMISSION_MODE;
+}
+/**
+ * Defensive helper — parse JSON to an object; non-object payload (top-
+ * level array, primitive) collapses to an empty object so the merge
+ * doesn't surface a TypeError. The `setCurrentMode` / `setGlobalDefaultMode`
+ * helpers only write objects, so a non-object existing file is corrupted
+ * and we explicitly reset it rather than appending into a non-object.
+ */
+function safeParseObject(raw) {
+    try {
+        const parsed = JSON.parse(raw);
+        if (parsed && typeof parsed === 'object' && !Array.isArray(parsed)) {
+            return parsed;
+        }
+        return {};
+    }
+    catch {
+        return {};
+    }
+}
+//# sourceMappingURL=state.js.map

package/dist/core/permissions/tool-class.js

@@ -0,0 +1,93 @@
+/**
+ * Tool side-effect classification — Leak L6.
+ *
+ * Three classes drive the canonical 4-mode permission gate:
+ *
+ *   - `read`     — observe-only. Plan mode allows; ask still prompts;
+ *                  allow + bypass execute silently. Examples: read,
+ *                  grep, glob, web_fetch, web_search, skills_list.
+ *   - `write`    — mutates workspace, journal, or operator screen with
+ *                  visible side effects. Plan mode refuses; ask prompts;
+ *                  allow + bypass execute. Examples: write, edit, bash,
+ *                  multi_edit, task_*. `ask_user_question` is also
+ *                  classed as `write` because it interrupts the
+ *                  dispatcher's flow control and demands operator
+ *                  attention — plan mode should not prompt operators.
+ *   - `dispatch` — spawns a child subagent or off-tree task. Plan mode
+ *                  refuses (a write-capable child violates plan-mode's
+ *                  read-only contract); ask prompts; allow + bypass
+ *                  execute. Example: `agent`.
+ *
+ * Unknown tool names default to `write` — deny-first safety. A stale
+ * schema entry that the gate has not been told about should not silently
+ * pass in plan mode just because the gate doesn't recognise it.
+ */
+/**
+ * Closed map of every built-in tool name -> side-effect class. The
+ * source of truth for the four standard modes; mirrored against the
+ * `WIRED_TOOLS` set in `core/engine/tool-bridge.ts` so an unrecognised
+ * tool surfaces as the safe deny-first `write` default.
+ *
+ * MCP tools follow the `mcp__<server>__<tool>` namespace and are
+ * uniformly classed via `getToolClass` because per-tool annotations are
+ * not yet a part of the MCP spec — treating them as `write` is the
+ * conservative default until server-side metadata is trustworthy.
+ */
+const BUILT_IN_TOOL_CLASSES = Object.freeze({
+    // Read-only observations.
+    read: 'read',
+    grep: 'read',
+    glob: 'read',
+    ls: 'read',
+    search: 'read',
+    web_fetch: 'read',
+    web_search: 'read',
+    file_cache_check: 'read',
+    skills_list: 'read',
+    skill: 'read',
+    task_get: 'read',
+    task_list: 'read',
+    // Mutating actions.
+    write: 'write',
+    edit: 'write',
+    multi_edit: 'write',
+    bash: 'write',
+    task_create: 'write',
+    task_update: 'write',
+    todo_write: 'write',
+    // `ask_user_question` halts the loop and demands operator attention.
+    // Plan mode should not interrupt — class as write so the gate refuses
+    // it in plan mode but ask + allow + bypass execute normally.
+    ask_user_question: 'write',
+    // Dispatch — spawn a child agent. Refused in plan mode regardless of
+    // the child's role tier (the engine adapter applies role-based
+    // capability filtering, but the gate refuses dispatch up front so a
+    // plan-mode session cannot leak a writeable child).
+    agent: 'dispatch',
+    pugi_delegate: 'dispatch',
+    sub_agent_spawn: 'dispatch',
+});
+const MCP_TOOL_PREFIX = 'mcp__';
+/**
+ * Resolve the class for a tool name. Unknown names default to `write`
+ * (deny-first). MCP tools (any name prefixed with `mcp__`) default to
+ * `write` for the same conservative reason — the MCP spec lacks
+ * per-tool annotations today.
+ */
+export function getToolClass(toolName) {
+    const builtIn = BUILT_IN_TOOL_CLASSES[toolName];
+    if (builtIn)
+        return builtIn;
+    if (toolName.startsWith(MCP_TOOL_PREFIX))
+        return 'write';
+    return 'write';
+}
+/**
+ * Expose the built-in class map for diagnostic surfaces (`pugi doctor`,
+ * test fixtures). Caller MUST NOT mutate — the object is already frozen
+ * so any attempt throws in strict mode.
+ */
+export function listBuiltInToolClasses() {
+    return BUILT_IN_TOOL_CLASSES;
+}
+//# sourceMappingURL=tool-class.js.map

package/dist/core/prd-check/parser.js

@@ -0,0 +1,215 @@
+/**
+ * PRD parser — Pugi α7 Wave 6 (`/prd-check`, 2026-05-27).
+ *
+ * Reads a markdown PRD file and extracts the acceptance-criteria
+ * section into a list of verifiable criteria. The parser is
+ * intentionally narrow: it owns ONE function, accepts raw markdown
+ * source as a string (no fs I/O), and returns a structured list the
+ * verifier module can fan out over.
+ *
+ * Why two phases (parse → verify) instead of a single pass:
+ *
+ *   - keeps the parser deterministic + fast (pure string in, JSON
+ *     out — trivial to unit-test without touching the filesystem)
+ *
+ *   - lets the reporter render the criterion list even when every
+ *     verifier fails, so operators see WHAT failed before WHY
+ *
+ *   - mirrors the L17 doctor split: `probe-runner` runs a set of
+ *     probe descriptors → identical contract here, just for PRD
+ *     acceptance items instead of environment probes
+ *
+ * Heading recognition is tolerant by design: PRD authors use both
+ * `## Acceptance Criteria` and `## Success Criteria`, sometimes with
+ * a trailing colon, sometimes inside an h3. We accept any h2/h3
+ * matching either label (case-insensitive). The first matching
+ * section wins; subsequent matches are ignored so a PRD with both
+ * sections does not double-count items.
+ *
+ * Item recognition supports two shapes documented in the wave-6
+ * spec:
+ *
+ *   1. numbered lists      `1. <text>` / `1) <text>`
+ *   2. markdown checklists `- [ ] <text>` / `- [x] <text>`
+ *
+ * Either shape may include inline mentions the verifier extracts:
+ * file paths (`apps/foo/bar.ts`), test specs (`*.spec.ts`),
+ * route declarations (`GET /api/x`), CLI commands (`pugi prd-check`),
+ * and doc references (`docs/foo.md`). The parser captures these
+ * verbatim into `mentions` so the verifier module can fan checks
+ * without re-tokenising the prose.
+ */
+const ACCEPTANCE_HEADING_RE = /^(#{2,3})\s+(acceptance criteria|success criteria|deliverables)\b\s*:?\s*$/i;
+const ANY_HEADING_RE = /^(#{1,6})\s+\S/;
+const TITLE_HEADING_RE = /^#\s+(.+?)\s*$/;
+const NUMBERED_ITEM_RE = /^(\s*)(\d+)[\.)]\s+(.+?)\s*$/;
+const CHECKLIST_ITEM_RE = /^(\s*)-\s+\[([ xX])\]\s+(.+?)\s*$/;
+/**
+ * Public entry: parse a markdown PRD source into `ParsedPrd`. Pure
+ * function — no filesystem, no logging. The CLI handler is
+ * responsible for reading the file and forwarding the contents.
+ */
+export function parsePrd(source) {
+    const lines = source.split(/\r?\n/);
+    const title = extractTitle(lines);
+    const range = findAcceptanceRange(lines);
+    if (!range) {
+        return { title, hasAcceptanceSection: false, criteria: [] };
+    }
+    const sectionLines = lines.slice(range.start, range.end);
+    const criteria = extractCriteria(sectionLines);
+    return { title, hasAcceptanceSection: true, criteria };
+}
+/**
+ * Extract verifiable mentions from a criterion text. Exported for
+ * the verifier spec so tests can drive mention classification
+ * without running the full parser.
+ */
+export function extractMentions(text) {
+    const mentions = [];
+    const seen = new Set();
+    const push = (key, mention) => {
+        if (seen.has(key))
+            return;
+        seen.add(key);
+        mentions.push(mention);
+    };
+    // 1) Routes — `GET /api/path`, `POST /foo`, etc. Recognised
+    //    BEFORE file paths because the trailing `/` could otherwise
+    //    be mis-classified.
+    const routeRe = /\b(GET|POST|PUT|PATCH|DELETE|HEAD|OPTIONS)\s+(\/[A-Za-z0-9_./:\-]+)/g;
+    for (const match of text.matchAll(routeRe)) {
+        const method = match[1].toUpperCase();
+        const path = match[2];
+        push(`route:${method} ${path}`, { kind: 'route', method, path });
+    }
+    // 2) Backtick-wrapped tokens — most reliable signal. The parser
+    //    inspects each token and decides whether it is a path, a test
+    //    spec, a CLI command, or a route.
+    const backtickRe = /`([^`\n]+)`/g;
+    for (const match of text.matchAll(backtickRe)) {
+        const raw = match[1].trim();
+        classifyToken(raw, push);
+    }
+    // 3) Bare paths with at least one slash + an extension. Authors
+    //    sometimes forget the backticks; we still surface the file
+    //    so the verifier can attempt the check.
+    const barePathRe = /(?<![A-Za-z0-9])((?:[a-zA-Z0-9_.\-]+\/)+[a-zA-Z0-9_.\-]+\.[a-zA-Z0-9]{1,6})/g;
+    for (const match of text.matchAll(barePathRe)) {
+        const path = match[1];
+        classifyPath(path, push);
+    }
+    return mentions;
+}
+function classifyToken(raw, push) {
+    const trimmed = raw.replace(/[,;.]+$/u, '').trim();
+    if (trimmed.length === 0)
+        return;
+    // Route shape inside backticks (`GET /api/x`).
+    const routeMatch = trimmed.match(/^(GET|POST|PUT|PATCH|DELETE|HEAD|OPTIONS)\s+(\/[A-Za-z0-9_./:\-]+)$/u);
+    if (routeMatch) {
+        const method = routeMatch[1].toUpperCase();
+        const path = routeMatch[2];
+        push(`route:${method} ${path}`, { kind: 'route', method, path });
+        return;
+    }
+    // Pugi command — `pugi <name>` or `/<name>`. Slash form covers
+    // REPL slash commands; pugi form covers shell commands.
+    const pugiCmdMatch = trimmed.match(/^pugi\s+([a-z][a-z0-9-]*)(?:\s+.*)?$/u);
+    if (pugiCmdMatch) {
+        const name = pugiCmdMatch[1];
+        push(`command:${name}`, { kind: 'command', name });
+        return;
+    }
+    const slashCmdMatch = trimmed.match(/^\/([a-z][a-z0-9-]*)$/u);
+    if (slashCmdMatch) {
+        const name = slashCmdMatch[1];
+        push(`command:${name}`, { kind: 'command', name });
+        return;
+    }
+    // Path shape — must contain at least one `/` AND an extension.
+    if (trimmed.includes('/') && /\.[a-zA-Z0-9]{1,6}$/.test(trimmed)) {
+        classifyPath(trimmed, push);
+    }
+}
+function classifyPath(path, push) {
+    if (/\.spec\.[a-z]+$|\.test\.[a-z]+$/u.test(path)) {
+        push(`test:${path}`, { kind: 'test', path });
+        return;
+    }
+    if (/^docs?\//u.test(path) || /\.md$/u.test(path)) {
+        push(`doc:${path}`, { kind: 'doc', path });
+        return;
+    }
+    push(`file:${path}`, { kind: 'file', path });
+}
+function extractTitle(lines) {
+    for (const line of lines) {
+        const match = line.match(TITLE_HEADING_RE);
+        if (match) {
+            return match[1].trim();
+        }
+    }
+    return null;
+}
+function findAcceptanceRange(lines) {
+    let startIdx = -1;
+    let startHeadingLevel = 0;
+    for (let i = 0; i < lines.length; i += 1) {
+        const line = lines[i];
+        const match = line.match(ACCEPTANCE_HEADING_RE);
+        if (match) {
+            startIdx = i + 1;
+            startHeadingLevel = match[1].length;
+            break;
+        }
+    }
+    if (startIdx === -1)
+        return null;
+    let endIdx = lines.length;
+    for (let i = startIdx; i < lines.length; i += 1) {
+        const line = lines[i];
+        const headingMatch = line.match(ANY_HEADING_RE);
+        if (!headingMatch)
+            continue;
+        const level = headingMatch[1].length;
+        if (level <= startHeadingLevel) {
+            endIdx = i;
+            break;
+        }
+    }
+    return { start: startIdx, end: endIdx };
+}
+function extractCriteria(sectionLines) {
+    const out = [];
+    let index = 0;
+    for (const line of sectionLines) {
+        const checklistMatch = line.match(CHECKLIST_ITEM_RE);
+        if (checklistMatch) {
+            index += 1;
+            const marker = checklistMatch[2].toLowerCase();
+            const text = checklistMatch[3];
+            out.push({
+                index,
+                text,
+                preChecked: marker === 'x',
+                mentions: extractMentions(text),
+            });
+            continue;
+        }
+        const numberedMatch = line.match(NUMBERED_ITEM_RE);
+        if (numberedMatch) {
+            index += 1;
+            const text = numberedMatch[3];
+            out.push({
+                index,
+                text,
+                preChecked: false,
+                mentions: extractMentions(text),
+            });
+            continue;
+        }
+    }
+    return out;
+}
+//# sourceMappingURL=parser.js.map

package/dist/core/prd-check/reporter.js

@@ -0,0 +1,127 @@
+/**
+ * PRD-check reporter — Pugi α7 Wave 6 (`/prd-check`, 2026-05-27).
+ *
+ * Turns a list of `VerifiedCriterion` into either a plain-text
+ * table (matches the L17 doctor renderer layout for visual
+ * consistency) OR a structured JSON envelope for scripted callers.
+ *
+ * The reporter is intentionally render-only — it does not perform
+ * any verification work. The verifier module decides PASS / FAIL /
+ * SKIPPED; the reporter only formats those verdicts. This keeps
+ * the JSON envelope deterministic + diff-friendly between runs.
+ *
+ * Exit-code policy:
+ *
+ *   - `healthy`  -> every criterion PASS or SKIPPED. exit 0.
+ *   - `failing`  -> at least one FAIL. exit 1.
+ *   - `unparsed` -> the PRD had no acceptance section. exit 2
+ *                   (operator authored a stub but never filled it
+ *                   in — distinct signal from "criteria don't
+ *                   verify yet" so CI can route differently).
+ */
+/**
+ * Build the JSON envelope. Pure transform — no fs, no clock. The
+ * CLI handler wraps this in the writeOutput sink.
+ */
+export function buildEnvelope(input) {
+    const counts = {
+        pass: 0,
+        fail: 0,
+        skipped: 0,
+    };
+    for (const v of input.verified) {
+        counts[v.status] += 1;
+    }
+    const overall = computeOverall(input.hasAcceptanceSection, counts);
+    return {
+        command: 'prd-check',
+        prdPath: input.prdPath,
+        title: input.title,
+        overall,
+        counts,
+        criteria: input.verified.map((v) => ({
+            index: v.criterion.index,
+            text: v.criterion.text,
+            status: v.status,
+            results: v.results.map((r) => ({
+                kind: r.mention.kind,
+                target: mentionTarget(r.mention),
+                status: r.status,
+                evidence: r.evidence,
+            })),
+        })),
+    };
+}
+/** Exit code for the resolved overall verdict. */
+export function exitCodeFor(overall) {
+    switch (overall) {
+        case 'healthy':
+            return 0;
+        case 'failing':
+            return 1;
+        case 'unparsed':
+            return 2;
+    }
+}
+/**
+ * Plain-text renderer. Mirrors the L17 doctor table for visual
+ * consistency — 4 columns: # / STATUS / CRITERION / EVIDENCE. The
+ * criterion column is truncated to 60 chars so narrow terminals
+ * stay readable; the full text lives in the JSON envelope for
+ * scripted callers that want every byte.
+ */
+export function renderTable(envelope) {
+    const lines = [];
+    const titlePart = envelope.title ? ` — ${envelope.title}` : '';
+    lines.push(`Pugi PRD-check${titlePart}`);
+    lines.push('='.repeat(50));
+    lines.push(`Source: ${envelope.prdPath}`);
+    lines.push('');
+    if (envelope.overall === 'unparsed') {
+        lines.push('No acceptance-criteria section found in PRD.');
+        lines.push('');
+        lines.push('Expected one of:');
+        lines.push('  ## Acceptance Criteria');
+        lines.push('  ## Success Criteria');
+        lines.push('  ## Deliverables');
+        return lines.join('\n');
+    }
+    if (envelope.criteria.length === 0) {
+        lines.push('Acceptance section present but contains 0 items.');
+        return lines.join('\n');
+    }
+    for (const c of envelope.criteria) {
+        const status = c.status.toUpperCase().padEnd(7, ' ');
+        const truncated = c.text.length > 60 ? `${c.text.slice(0, 57)}...` : c.text;
+        lines.push(`#${String(c.index).padStart(2, ' ')}  ${status}  ${truncated}`);
+        for (const r of c.results) {
+            const subStatus = r.status.toUpperCase().padEnd(7, ' ');
+            lines.push(`        ${subStatus}  ${r.evidence}`);
+        }
+    }
+    lines.push('');
+    const { pass, fail, skipped } = envelope.counts;
+    const summary = envelope.overall === 'healthy' ? 'HEALTHY' : envelope.overall === 'failing' ? 'FAILING' : 'UNPARSED';
+    lines.push(`${fail} fail · ${pass} pass · ${skipped} skipped. Overall: ${summary}`);
+    return lines.join('\n');
+}
+function computeOverall(hasAcceptanceSection, counts) {
+    if (!hasAcceptanceSection)
+        return 'unparsed';
+    if (counts.fail > 0)
+        return 'failing';
+    return 'healthy';
+}
+function mentionTarget(mention) {
+    switch (mention.kind) {
+        case 'file':
+        case 'test':
+        case 'doc':
+            return mention.path;
+        case 'command':
+            return mention.name;
+        case 'route':
+            return `${mention.method} ${mention.path}`;
+    }
+}
+//# sourceMappingURL=reporter.js.map