@qulib/core 0.8.2 → 0.10.0

package/dist/tools/scoring/confidence-from-qulib.d.ts

@@ -0,0 +1,34 @@
+/**
+ * qulib-native adapter — maps qulib collector outputs to EvidenceItem[].
+ *
+ * P3 — qulib Confidence Layer v1.
+ *
+ * This is the THIN WIRING layer, not the pure scorer. It translates:
+ *   AnalyzeResult   → live-app-quality + accessibility + crawl-coverage EvidenceItems
+ *   AutomationMaturity → test-automation EvidenceItem
+ *   ApiCoverageResult  → api-coverage EvidenceItem
+ *
+ * Honesty rules (mirrors agent-summary.ts and the spec §2.5):
+ * - auth-required scan → applicability='unknown' (never silent pass)
+ * - blocked scan       → blocking=true (hard blocker)
+ * - low-coverage       → crawl-coverage applicability='unknown'
+ * - 0-endpoint API     → api-coverage carries its own not_applicable (passed through verbatim)
+ *
+ * Pure function: no I/O.
+ */
+import type { AnalyzeResult } from '../../analyze.js';
+import type { AutomationMaturity } from '../../schemas/automation-maturity.schema.js';
+import type { ApiCoverageResult } from './api-coverage.js';
+import type { ConfidenceInput, ConfidenceSubject } from '../../schemas/confidence.schema.js';
+/**
+ * Build a ConfidenceInput from qulib's own collector outputs.
+ * Pass whichever collectors you have; omitted collectors produce no evidence item.
+ */
+export declare function buildConfidenceInputFromQulib(args: {
+    analyze?: AnalyzeResult;
+    maturity?: AutomationMaturity;
+    apiCoverage?: ApiCoverageResult;
+    subject: ConfidenceSubject;
+    policy?: ConfidenceInput['policy'];
+}): ConfidenceInput;
+//# sourceMappingURL=confidence-from-qulib.d.ts.map

package/dist/tools/scoring/confidence-from-qulib.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"confidence-from-qulib.d.ts","sourceRoot":"","sources":["../../../src/tools/scoring/confidence-from-qulib.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACtD,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,6CAA6C,CAAC;AACtF,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAC3D,OAAO,KAAK,EAEV,eAAe,EACf,iBAAiB,EAClB,MAAM,oCAAoC,CAAC;AAS5C;;;GAGG;AACH,wBAAgB,6BAA6B,CAAC,IAAI,EAAE;IAClD,OAAO,CAAC,EAAE,aAAa,CAAC;IACxB,QAAQ,CAAC,EAAE,kBAAkB,CAAC;IAC9B,WAAW,CAAC,EAAE,iBAAiB,CAAC;IAChC,OAAO,EAAE,iBAAiB,CAAC;IAC3B,MAAM,CAAC,EAAE,eAAe,CAAC,QAAQ,CAAC,CAAC;CACpC,GAAG,eAAe,CAgMlB"}

package/dist/tools/scoring/confidence-from-qulib.js

@@ -0,0 +1,206 @@
+/**
+ * qulib-native adapter — maps qulib collector outputs to EvidenceItem[].
+ *
+ * P3 — qulib Confidence Layer v1.
+ *
+ * This is the THIN WIRING layer, not the pure scorer. It translates:
+ *   AnalyzeResult   → live-app-quality + accessibility + crawl-coverage EvidenceItems
+ *   AutomationMaturity → test-automation EvidenceItem
+ *   ApiCoverageResult  → api-coverage EvidenceItem
+ *
+ * Honesty rules (mirrors agent-summary.ts and the spec §2.5):
+ * - auth-required scan → applicability='unknown' (never silent pass)
+ * - blocked scan       → blocking=true (hard blocker)
+ * - low-coverage       → crawl-coverage applicability='unknown'
+ * - 0-endpoint API     → api-coverage carries its own not_applicable (passed through verbatim)
+ *
+ * Pure function: no I/O.
+ */
+// Default weights for the qulib-native sources (match confidence.ts DEFAULT_WEIGHTS).
+const W_LIVE_APP = 0.30;
+const W_TEST_AUTOMATION = 0.22;
+const W_API_COVERAGE = 0.15;
+const W_ACCESSIBILITY = 0.13;
+const W_CRAWL_COVERAGE = 0.10;
+/**
+ * Build a ConfidenceInput from qulib's own collector outputs.
+ * Pass whichever collectors you have; omitted collectors produce no evidence item.
+ */
+export function buildConfidenceInputFromQulib(args) {
+    const items = [];
+    const now = new Date().toISOString();
+    // ------------------------------------------------------------------
+    // AnalyzeResult → live-app-quality + accessibility + crawl-coverage
+    // ------------------------------------------------------------------
+    if (args.analyze) {
+        const r = args.analyze;
+        const g = r.gapAnalysis;
+        // Determine if auth-required (honest: never silently pass).
+        const authRequired = g.mode === 'auth-required' || g.coverageWarning === 'auth-required';
+        const isBlocked = r.status === 'blocked';
+        // --- live-app-quality ---
+        const appRecs = [];
+        if (authRequired) {
+            appRecs.push('Provide auth credentials (form login or storage state) and re-run to evaluate the protected surface.');
+        }
+        const criticalGaps = r.gaps.filter((gap) => gap.severity === 'critical');
+        const highGaps = r.gaps.filter((gap) => gap.severity === 'high');
+        if (criticalGaps.length > 0) {
+            appRecs.push(`Fix ${criticalGaps.length} critical gap(s) before shipping.`);
+        }
+        else if (highGaps.length > 0) {
+            appRecs.push(`Address ${highGaps.length} high-severity gap(s).`);
+        }
+        const appEvidence = [];
+        if (isBlocked) {
+            appEvidence.push('Scan was blocked before producing a meaningful evaluation.');
+        }
+        else if (authRequired) {
+            appEvidence.push('Auth wall prevented scanning the protected surface.');
+        }
+        else {
+            appEvidence.push(`releaseConfidence=${r.releaseConfidence ?? 'null'}, status=${r.status}, gaps=${r.gaps.length}`);
+            if (criticalGaps.length > 0) {
+                appEvidence.push(`Critical gaps: ${criticalGaps.map((g2) => g2.path).join(', ')}`);
+            }
+        }
+        const liveAppItem = {
+            source: 'live-app-quality',
+            score: isBlocked ? null : (authRequired ? null : (r.releaseConfidence ?? null)),
+            weight: W_LIVE_APP,
+            applicability: authRequired ? 'unknown' : 'applicable',
+            blocking: isBlocked || criticalGaps.length > 0,
+            evidence: appEvidence,
+            recommendations: appRecs,
+            reason: authRequired
+                ? 'Auth wall prevented scanning — confidence score would be dishonest without the protected surface.'
+                : isBlocked
+                    ? 'Scan was blocked; no evaluable surface.'
+                    : undefined,
+            collectedAt: g.analyzedAt,
+            collector: {
+                tool: 'analyze_app',
+                inputRef: undefined,
+            },
+        };
+        items.push(liveAppItem);
+        // --- accessibility ---
+        const a11yGaps = r.gaps.filter((gap) => gap.category === 'a11y');
+        const a11yPenalty = a11yGaps.reduce((acc, gap) => {
+            const penalties = { critical: 30, high: 20, medium: 10, low: 5 };
+            return acc + (penalties[gap.severity] ?? 5);
+        }, 0);
+        const a11yScore = !isBlocked && !authRequired
+            ? Math.max(0, 100 - a11yPenalty)
+            : null;
+        const a11yItem = {
+            source: 'accessibility',
+            score: a11yScore,
+            weight: W_ACCESSIBILITY,
+            applicability: authRequired ? 'unknown' : 'applicable',
+            blocking: false,
+            evidence: isBlocked || authRequired
+                ? ['Accessibility could not be evaluated (scan blocked or auth-required).']
+                : a11yGaps.length === 0
+                    ? ['No a11y gaps detected.']
+                    : [`${a11yGaps.length} a11y gap(s) — penalty ${a11yPenalty} pts.`],
+            recommendations: a11yGaps.length > 0
+                ? ['Fix a11y violations flagged by the qulib scan (see gaps[].category=\'a11y\').']
+                : [],
+            reason: authRequired
+                ? 'Auth wall prevented a11y evaluation.'
+                : isBlocked
+                    ? 'Scan blocked; no a11y signal.'
+                    : undefined,
+            collectedAt: g.analyzedAt,
+            collector: {
+                tool: 'analyze_app',
+                inputRef: undefined,
+            },
+        };
+        items.push(a11yItem);
+        // --- crawl-coverage ---
+        const lowCoverage = g.coverageWarning === 'low-coverage';
+        const crawlScore = !isBlocked && !authRequired
+            ? (r.coverageScore ?? null)
+            : null;
+        const crawlItem = {
+            source: 'crawl-coverage',
+            score: crawlScore,
+            weight: W_CRAWL_COVERAGE,
+            applicability: authRequired || lowCoverage ? 'unknown' : 'applicable',
+            blocking: false,
+            evidence: [
+                `coverageScore=${r.coverageScore ?? 'null'}, pagesScanned=${g.coveragePagesScanned}`,
+                ...(g.coverageWarning ? [`coverageWarning: ${g.coverageWarning}`] : []),
+            ],
+            recommendations: lowCoverage
+                ? ['Increase crawl budget or supply deeper entry URLs to raise coverage above the floor.']
+                : [],
+            reason: authRequired
+                ? 'Auth-required scan; coverage limited to pre-auth pages.'
+                : lowCoverage
+                    ? 'Coverage was below the confidence floor; treating as unknown signal.'
+                    : undefined,
+            collectedAt: g.analyzedAt,
+            collector: {
+                tool: 'analyze_app',
+                inputRef: undefined,
+            },
+        };
+        items.push(crawlItem);
+    }
+    // ------------------------------------------------------------------
+    // AutomationMaturity → test-automation
+    // ------------------------------------------------------------------
+    if (args.maturity) {
+        const m = args.maturity;
+        const maturityItem = {
+            source: 'test-automation',
+            score: m.overallScore,
+            weight: W_TEST_AUTOMATION,
+            applicability: 'applicable',
+            blocking: false,
+            evidence: [`Automation maturity: ${m.label} (score ${m.overallScore})`],
+            recommendations: m.topRecommendations.slice(0, 3),
+            collectedAt: m.computedAt,
+            collector: {
+                tool: 'qulib_score_automation',
+                inputRef: m.repoPath,
+            },
+        };
+        items.push(maturityItem);
+    }
+    // ------------------------------------------------------------------
+    // ApiCoverageResult → api-coverage
+    // ------------------------------------------------------------------
+    if (args.apiCoverage) {
+        const d = args.apiCoverage.dimension;
+        const apiApplicability = d.applicability === 'not_applicable'
+            ? 'not_applicable'
+            : d.applicability === 'unknown'
+                ? 'unknown'
+                : 'applicable';
+        const apiItem = {
+            source: 'api-coverage',
+            score: d.score,
+            weight: W_API_COVERAGE,
+            applicability: apiApplicability,
+            blocking: false,
+            evidence: d.evidence,
+            recommendations: d.recommendations,
+            reason: d.reason,
+            collectedAt: new Date().toISOString(),
+            collector: {
+                tool: 'qulib_score_api',
+                inputRef: undefined,
+            },
+        };
+        items.push(apiItem);
+    }
+    return {
+        subject: args.subject,
+        evidence: items,
+        policy: args.policy,
+    };
+}

package/dist/tools/scoring/confidence-views.d.ts

@@ -0,0 +1,40 @@
+/**
+ * Pure view projections for the qulib Confidence Layer (Views 2–5).
+ *
+ * P3 — qulib Confidence Layer v1.
+ *
+ * All functions are pure (no I/O). Persistence sinks (file/db) are deferred to P4.
+ * View 1 (Release Confidence) IS the ReleaseConfidence object from the scorer.
+ *
+ * View 2 — diffConfidence: build a DeliveryTrafficPoint from two consecutive verdicts.
+ * View 3 — deriveInbox: extract human-judgment items from a verdict.
+ * View 4 — buildReplay: construct the provenance trace from input + result.
+ * View 5 — toAuditEntry: serialize a verdict to a tamper-evident audit record.
+ */
+import type { ReleaseConfidence, ConfidenceInput } from '../../schemas/confidence.schema.js';
+import type { DeliveryTrafficPoint, InboxItem, ReplayTrace, AuditEntry } from '../../schemas/views.schema.js';
+/**
+ * Build a DeliveryTrafficPoint from the current verdict and an optional prior verdict.
+ * deltaFromPrev is null when there is no prior point.
+ */
+export declare function diffConfidence(current: ReleaseConfidence, prior: ReleaseConfidence | null): DeliveryTrafficPoint;
+/**
+ * Derive human-judgment inbox items from a verdict.
+ * Raises items for:
+ *   - every blocking evidence item
+ *   - every 'unknown' contribution on a requiredSource (when policy provides them)
+ *   - 'block' verdict with a null score (nothing evaluable)
+ */
+export declare function deriveInbox(rc: ReleaseConfidence, input: ConfidenceInput): InboxItem[];
+/**
+ * Build the provenance trace from the scorer input + result.
+ * Steps are ordered by their appearance in the input evidence array,
+ * with all provenance fields carried from EvidenceItem.collector.
+ */
+export declare function buildReplay(input: ConfidenceInput, rc: ReleaseConfidence): ReplayTrace;
+/**
+ * Serialize a verdict to a tamper-evident audit record.
+ * recordHash is SHA-256 over the canonical record — changes when any field changes.
+ */
+export declare function toAuditEntry(rc: ReleaseConfidence, evidenceSourceCount: number): AuditEntry;
+//# sourceMappingURL=confidence-views.d.ts.map

package/dist/tools/scoring/confidence-views.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"confidence-views.d.ts","sourceRoot":"","sources":["../../../src/tools/scoring/confidence-views.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAIH,OAAO,KAAK,EAAE,iBAAiB,EAAE,eAAe,EAAE,MAAM,oCAAoC,CAAC;AAC7F,OAAO,KAAK,EACV,oBAAoB,EACpB,SAAS,EACT,WAAW,EACX,UAAU,EACX,MAAM,+BAA+B,CAAC;AAYvC;;;GAGG;AACH,wBAAgB,cAAc,CAC5B,OAAO,EAAE,iBAAiB,EAC1B,KAAK,EAAE,iBAAiB,GAAG,IAAI,GAC9B,oBAAoB,CAgBtB;AAMD;;;;;;GAMG;AACH,wBAAgB,WAAW,CACzB,EAAE,EAAE,iBAAiB,EACrB,KAAK,EAAE,eAAe,GACrB,SAAS,EAAE,CAwDb;AAMD;;;;GAIG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,eAAe,EAAE,EAAE,EAAE,iBAAiB,GAAG,WAAW,CAsBtF;AA0BD;;;GAGG;AACH,wBAAgB,YAAY,CAAC,EAAE,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,MAAM,GAAG,UAAU,CAe3F"}

package/dist/tools/scoring/confidence-views.js

@@ -0,0 +1,163 @@
+/**
+ * Pure view projections for the qulib Confidence Layer (Views 2–5).
+ *
+ * P3 — qulib Confidence Layer v1.
+ *
+ * All functions are pure (no I/O). Persistence sinks (file/db) are deferred to P4.
+ * View 1 (Release Confidence) IS the ReleaseConfidence object from the scorer.
+ *
+ * View 2 — diffConfidence: build a DeliveryTrafficPoint from two consecutive verdicts.
+ * View 3 — deriveInbox: extract human-judgment items from a verdict.
+ * View 4 — buildReplay: construct the provenance trace from input + result.
+ * View 5 — toAuditEntry: serialize a verdict to a tamper-evident audit record.
+ */
+import { createHash } from 'node:crypto';
+import { randomUUID } from 'node:crypto';
+import { DeliveryTrafficPointSchema, InboxItemSchema, ReplayTraceSchema, AuditEntrySchema, } from '../../schemas/views.schema.js';
+// ---------------------------------------------------------------------------
+// View 2 — Delivery Traffic
+// ---------------------------------------------------------------------------
+/**
+ * Build a DeliveryTrafficPoint from the current verdict and an optional prior verdict.
+ * deltaFromPrev is null when there is no prior point.
+ */
+export function diffConfidence(current, prior) {
+    const delta = prior !== null &&
+        current.confidenceScore !== null &&
+        prior.confidenceScore !== null
+        ? current.confidenceScore - prior.confidenceScore
+        : null;
+    return DeliveryTrafficPointSchema.parse({
+        subjectRef: current.subject.ref,
+        tenantId: current.subject.tenantId,
+        computedAt: current.computedAt,
+        confidenceScore: current.confidenceScore,
+        verdict: current.verdict,
+        deltaFromPrev: delta,
+    });
+}
+// ---------------------------------------------------------------------------
+// View 3 — Inbox
+// ---------------------------------------------------------------------------
+/**
+ * Derive human-judgment inbox items from a verdict.
+ * Raises items for:
+ *   - every blocking evidence item
+ *   - every 'unknown' contribution on a requiredSource (when policy provides them)
+ *   - 'block' verdict with a null score (nothing evaluable)
+ */
+export function deriveInbox(rc, input) {
+    const items = [];
+    const now = rc.computedAt;
+    const requiredSources = input.policy?.requiredSources ?? [];
+    for (const evidence of input.evidence) {
+        if (evidence.blocking) {
+            items.push(InboxItemSchema.parse({
+                id: randomUUID(),
+                subjectRef: rc.subject.ref,
+                tenantId: rc.subject.tenantId,
+                kind: 'blocker',
+                source: evidence.source,
+                summary: evidence.reason
+                    ? `${evidence.source}: ${evidence.reason}`
+                    : `${evidence.source} is a hard blocker.`,
+                raisedAt: now,
+            }));
+        }
+        else if ((evidence.applicability ?? 'applicable') === 'unknown' &&
+            requiredSources.includes(evidence.source)) {
+            items.push(InboxItemSchema.parse({
+                id: randomUUID(),
+                subjectRef: rc.subject.ref,
+                tenantId: rc.subject.tenantId,
+                kind: 'unknown-signal',
+                source: evidence.source,
+                summary: evidence.reason
+                    ? `${evidence.source}: ${evidence.reason}`
+                    : `${evidence.source} could not produce a reliable score and is a required source.`,
+                raisedAt: now,
+            }));
+        }
+    }
+    // Raise an inbox item if verdict=block with null score (nothing evaluable).
+    if (rc.verdict === 'block' && rc.confidenceScore === null && input.evidence.every((e) => !e.blocking)) {
+        items.push(InboxItemSchema.parse({
+            id: randomUUID(),
+            subjectRef: rc.subject.ref,
+            tenantId: rc.subject.tenantId,
+            kind: 'approval-needed',
+            source: 'human-approval',
+            summary: 'No applicable evidence produced a score — manual review required before shipping.',
+            raisedAt: now,
+        }));
+    }
+    return items;
+}
+// ---------------------------------------------------------------------------
+// View 4 — Replay
+// ---------------------------------------------------------------------------
+/**
+ * Build the provenance trace from the scorer input + result.
+ * Steps are ordered by their appearance in the input evidence array,
+ * with all provenance fields carried from EvidenceItem.collector.
+ */
+export function buildReplay(input, rc) {
+    const steps = input.evidence.map((item, idx) => {
+        const contribution = rc.contributions[idx];
+        return {
+            source: item.source,
+            tool: item.collector.tool,
+            inputRef: item.collector.inputRef,
+            score: item.score,
+            weight: contribution?.weight ?? item.weight,
+            effectiveWeight: contribution?.effectiveWeight ?? 0,
+            durationMs: item.collector.durationMs,
+            cost: item.collector.cost,
+        };
+    });
+    return ReplayTraceSchema.parse({
+        subjectRef: rc.subject.ref,
+        computedAt: rc.computedAt,
+        steps,
+        formula: rc.scoreFormula,
+        finalVerdict: rc.verdict,
+    });
+}
+// ---------------------------------------------------------------------------
+// View 5 — Audit Trail
+// ---------------------------------------------------------------------------
+/**
+ * Canonical audit record shape for hashing.
+ * Fields are sorted so the hash is deterministic regardless of insertion order.
+ */
+function canonicalRecord(rc, evidenceSourceCount) {
+    return JSON.stringify({
+        blockers: [...rc.blockers].sort(),
+        computedAt: rc.computedAt,
+        confidenceScore: rc.confidenceScore,
+        evidenceSourceCount,
+        schemaVersion: 1,
+        subjectRef: rc.subject.ref,
+        tenantId: rc.subject.tenantId,
+        verdict: rc.verdict,
+    });
+}
+/**
+ * Serialize a verdict to a tamper-evident audit record.
+ * recordHash is SHA-256 over the canonical record — changes when any field changes.
+ */
+export function toAuditEntry(rc, evidenceSourceCount) {
+    const canonical = canonicalRecord(rc, evidenceSourceCount);
+    const recordHash = createHash('sha256').update(canonical).digest('hex');
+    return AuditEntrySchema.parse({
+        tenantId: rc.subject.tenantId,
+        subjectRef: rc.subject.ref,
+        computedAt: rc.computedAt,
+        confidenceScore: rc.confidenceScore,
+        verdict: rc.verdict,
+        evidenceSourceCount,
+        blockers: rc.blockers,
+        schemaVersion: 1,
+        recordHash,
+    });
+}

package/dist/tools/scoring/confidence.d.ts

@@ -0,0 +1,32 @@
+/**
+ * Release Confidence Aggregator — pure scorer.
+ *
+ * P3 — qulib Confidence Layer v1.
+ *
+ * Pure function: no I/O, no side effects. All I/O (CLI, MCP) lives in the wiring layer.
+ * Algorithm mirrors computeAutomationMaturity's denominator-renormalization math, generalized
+ * to operate over a heterogeneous evidence bundle.
+ *
+ * Score formula:
+ *   confidenceScore = round( Σ score_i * weight_i / Σ weight_i )
+ *   where i ∈ { applicable items with score !== null }
+ *
+ * Excluded from denominator: not_applicable | unknown | score === null items.
+ * Each excluded item is reported in contributions + narrated in honestyNotes.
+ *
+ * Verdict ladder (mirrors agent-summary.ts deriveGate, lifted to fused score):
+ *   any blocking item              → block
+ *   confidenceScore === null       → block  (nothing evaluable; honesty floor)
+ *   confidenceScore < failThreshold → hold
+ *   unknown on a requiredSource OR
+ *   confidenceScore < passThreshold → caution
+ *   else                           → ship
+ */
+import type { ConfidenceInput, ReleaseConfidence } from '../../schemas/confidence.schema.js';
+/**
+ * Compute the fused Release Confidence result from an evidence bundle.
+ *
+ * Pure function — deterministic over the same input.
+ */
+export declare function computeReleaseConfidence(input: ConfidenceInput): ReleaseConfidence;
+//# sourceMappingURL=confidence.d.ts.map

package/dist/tools/scoring/confidence.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"confidence.d.ts","sourceRoot":"","sources":["../../../src/tools/scoring/confidence.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAO,KAAK,EACV,eAAe,EAGf,iBAAiB,EAElB,MAAM,oCAAoC,CAAC;AAiE5C;;;;GAIG;AACH,wBAAgB,wBAAwB,CAAC,KAAK,EAAE,eAAe,GAAG,iBAAiB,CA8HlF"}

package/dist/tools/scoring/confidence.js

@@ -0,0 +1,180 @@
+/**
+ * Release Confidence Aggregator — pure scorer.
+ *
+ * P3 — qulib Confidence Layer v1.
+ *
+ * Pure function: no I/O, no side effects. All I/O (CLI, MCP) lives in the wiring layer.
+ * Algorithm mirrors computeAutomationMaturity's denominator-renormalization math, generalized
+ * to operate over a heterogeneous evidence bundle.
+ *
+ * Score formula:
+ *   confidenceScore = round( Σ score_i * weight_i / Σ weight_i )
+ *   where i ∈ { applicable items with score !== null }
+ *
+ * Excluded from denominator: not_applicable | unknown | score === null items.
+ * Each excluded item is reported in contributions + narrated in honestyNotes.
+ *
+ * Verdict ladder (mirrors agent-summary.ts deriveGate, lifted to fused score):
+ *   any blocking item              → block
+ *   confidenceScore === null       → block  (nothing evaluable; honesty floor)
+ *   confidenceScore < failThreshold → hold
+ *   unknown on a requiredSource OR
+ *   confidenceScore < passThreshold → caution
+ *   else                           → ship
+ */
+import { ReleaseConfidenceSchema, ConfidencePolicySchema } from '../../schemas/confidence.schema.js';
+import { scoreLevel } from './levels.js';
+// ---------------------------------------------------------------------------
+// Default per-source weights (sum over the qulib-native set ≈ 0.90; renormalized at runtime)
+// Rationale grounded in §2.4 of the P3 spec.
+// ---------------------------------------------------------------------------
+const DEFAULT_WEIGHTS = {
+    'live-app-quality': 0.30,
+    'test-automation': 0.22,
+    'api-coverage': 0.15,
+    'accessibility': 0.13,
+    'crawl-coverage': 0.10,
+    'ci-results': 0.10,
+    // External sources reserved for P4 — zero weight until wired:
+    'deploy-metadata': 0.0,
+    'error-telemetry': 0.0,
+    'feature-flags': 0.0,
+    'doc-health': 0.0,
+    'human-approval': 0.0,
+    'agent-evidence': 0.0,
+};
+function resolvePolicy(p) {
+    const base = ConfidencePolicySchema.parse(p ?? {});
+    return {
+        passThreshold: base.passThreshold,
+        failThreshold: base.failThreshold,
+        maxListLength: base.maxListLength,
+        requiredSources: base.requiredSources,
+        weights: base.weights,
+    };
+}
+function resolveWeight(item, policyWeights) {
+    if (policyWeights && item.source in policyWeights) {
+        return policyWeights[item.source];
+    }
+    return item.weight > 0 ? item.weight : (DEFAULT_WEIGHTS[item.source] ?? 0.10);
+}
+function buildHonestyNote(item) {
+    const base = `'${item.source}' source`;
+    if (item.applicability === 'not_applicable') {
+        return `${base} is not applicable${item.reason ? ': ' + item.reason : ' for this subject'}.`;
+    }
+    if (item.applicability === 'unknown') {
+        return `${base} could not produce a reliable score${item.reason ? ': ' + item.reason : ''}.`;
+    }
+    if (item.score === null) {
+        return `${base} ran but returned a null score${item.reason ? ': ' + item.reason : ''}.`;
+    }
+    return `${base} has partial or degraded signal.`;
+}
+/**
+ * Compute the fused Release Confidence result from an evidence bundle.
+ *
+ * Pure function — deterministic over the same input.
+ */
+export function computeReleaseConfidence(input) {
+    const policy = resolvePolicy(input.policy);
+    const now = new Date().toISOString();
+    const limit = policy.maxListLength;
+    // Partition evidence into applicable (score !== null) vs excluded.
+    const applicable = input.evidence.filter((item) => (item.applicability ?? 'applicable') === 'applicable' &&
+        item.score !== null &&
+        !item.blocking);
+    const excluded = input.evidence.filter((item) => (item.applicability ?? 'applicable') !== 'applicable' ||
+        item.score === null);
+    // Blocking items are evaluated separately from the score.
+    const blockingItems = input.evidence.filter((item) => item.blocking);
+    // Compute weighted score over applicable set.
+    let confidenceScore = null;
+    const weightSum = applicable.reduce((s, item) => s + resolveWeight(item, policy.weights), 0);
+    if (weightSum > 0) {
+        const numerator = applicable.reduce((s, item) => s + (item.score ?? 0) * resolveWeight(item, policy.weights), 0);
+        confidenceScore = Math.round(numerator / weightSum);
+    }
+    // Build contributions (all evidence, not just applicable).
+    const contributions = input.evidence.map((item) => {
+        const w = resolveWeight(item, policy.weights);
+        const isApplicableNonNull = (item.applicability ?? 'applicable') === 'applicable' &&
+            item.score !== null &&
+            !item.blocking;
+        return {
+            source: item.source,
+            score: item.score,
+            weight: w,
+            effectiveWeight: isApplicableNonNull && weightSum > 0 ? w / weightSum : 0,
+            applicability: item.applicability ?? 'applicable',
+            blocking: item.blocking ?? false,
+        };
+    });
+    // Determine verdict.
+    let verdict = 'ship';
+    const blockers = [];
+    if (blockingItems.length > 0) {
+        verdict = 'block';
+        for (const b of blockingItems) {
+            blockers.push(`'${b.source}' is a hard blocker${b.reason ? ': ' + b.reason : ''}.`);
+        }
+    }
+    else if (confidenceScore === null) {
+        verdict = 'block';
+        blockers.push('No applicable evidence produced a score — nothing evaluable (honesty floor).');
+    }
+    else if (confidenceScore < policy.failThreshold) {
+        verdict = 'hold';
+    }
+    else {
+        // Check if any required source is 'unknown'.
+        const unknownRequired = input.evidence.filter((item) => policy.requiredSources.includes(item.source) &&
+            (item.applicability ?? 'applicable') === 'unknown');
+        if (unknownRequired.length > 0 || confidenceScore < policy.passThreshold) {
+            verdict = 'caution';
+        }
+    }
+    // Level / label from shared ladder.
+    const { level, label } = scoreLevel(confidenceScore ?? 0);
+    // Honesty notes — one per degraded/excluded source.
+    const honestyNotes = [];
+    for (const item of excluded) {
+        honestyNotes.push(buildHonestyNote(item));
+    }
+    // Also note any blocking items that aren't in the excluded set.
+    for (const item of blockingItems) {
+        if ((item.applicability ?? 'applicable') === 'applicable' && item.score !== null) {
+            honestyNotes.push(`'${item.source}' is a hard blocker${item.reason ? ': ' + item.reason : ''}.`);
+        }
+    }
+    // Top risks — merge evidence across sources, severity-sorted by position.
+    const allRisks = [
+        ...blockingItems.flatMap((item) => item.evidence),
+        ...input.evidence
+            .filter((item) => (item.applicability ?? 'applicable') === 'applicable')
+            .sort((a, b) => (a.score ?? 0) - (b.score ?? 0))
+            .flatMap((item) => item.evidence),
+    ];
+    const topRisks = [...new Set(allRisks)].slice(0, limit);
+    // Recommended next checks — merge and deduplicate.
+    const allRecs = input.evidence.flatMap((item) => item.recommendations ?? []);
+    const recommendedNextChecks = [...new Set(allRecs)].slice(0, limit);
+    const result = {
+        schemaVersion: 1,
+        computedAt: now,
+        subject: input.subject,
+        confidenceScore,
+        verdict,
+        level,
+        label,
+        contributions,
+        topRisks,
+        recommendedNextChecks,
+        honestyNotes: honestyNotes.slice(0, limit),
+        blockers,
+        scoreFormula: 'confidenceScore = round( Σ (score * weight) / Σ weight ) for applicable, non-null, non-blocking evidence only. ' +
+            'not_applicable, unknown, and null-score items are excluded from the denominator but reported in contributions and honestyNotes.',
+    };
+    return ReleaseConfidenceSchema.parse(result);
+}