@red-codes/agentguard 1.0.0

package/dist/events/schema.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"schema.js","sourceRoot":"","sources":["../../src/events/schema.ts"],"names":[],"mappings":"AAAA,yCAAyC;AACzC,kDAAkD;AAClD,mDAAmD;AAGnD,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAE7C,sBAAsB;AACtB,qBAAqB;AACrB,MAAM,CAAC,MAAM,cAAc,GAAc,eAAe,CAAC;AACzD,MAAM,CAAC,MAAM,cAAc,GAAc,eAAe,CAAC;AAEzD,wEAAwE;AACxE,MAAM,CAAC,MAAM,iBAAiB,GAAc,mBAAmB,CAAC;AAChE,MAAM,CAAC,MAAM,SAAS,GAAc,WAAW,CAAC;AAChD,MAAM,CAAC,MAAM,YAAY,GAAc,cAAc,CAAC;AACtD,MAAM,CAAC,MAAM,eAAe,GAAc,iBAAiB,CAAC;AAC5D,MAAM,CAAC,MAAM,iBAAiB,GAAc,mBAAmB,CAAC;AAChE,MAAM,CAAC,MAAM,cAAc,GAAc,gBAAgB,CAAC;AAC1D,MAAM,CAAC,MAAM,eAAe,GAAc,iBAAiB,CAAC;AAC5D,MAAM,CAAC,MAAM,aAAa,GAAc,eAAe,CAAC;AACxD,MAAM,CAAC,MAAM,YAAY,GAAc,cAAc,CAAC;AAEtD,cAAc;AACd,MAAM,CAAC,MAAM,iBAAiB,GAAc,kBAAkB,CAAC;AAC/D,MAAM,CAAC,MAAM,mBAAmB,GAAc,oBAAoB,CAAC;AAEnE,UAAU;AACV,MAAM,CAAC,MAAM,aAAa,GAAc,cAAc,CAAC;AACvD,MAAM,CAAC,MAAM,WAAW,GAAc,YAAY,CAAC;AACnD,MAAM,CAAC,MAAM,SAAS,GAAc,UAAU,CAAC;AAC/C,MAAM,CAAC,MAAM,kBAAkB,GAAc,mBAAmB,CAAC;AAEjE,aAAa;AACb,MAAM,CAAC,MAAM,aAAa,GAAc,cAAc,CAAC;AACvD,MAAM,CAAC,MAAM,mBAAmB,GAAc,oBAAoB,CAAC;AACnE,MAAM,CAAC,MAAM,mBAAmB,GAAc,oBAAoB,CAAC;AACnE,MAAM,CAAC,MAAM,qBAAqB,GAAc,qBAAqB,CAAC;AACtE,MAAM,CAAC,MAAM,mBAAmB,GAAc,mBAAmB,CAAC;AAClE,MAAM,CAAC,MAAM,uBAAuB,GAAc,uBAAuB,CAAC;AAE1E,4CAA4C;AAC5C,MAAM,CAAC,MAAM,gBAAgB,GAAc,iBAAiB,CAAC;AAC7D,MAAM,CAAC,MAAM,cAAc,GAAc,eAAe,CAAC;AACzD,MAAM,CAAC,MAAM,aAAa,GAAc,cAAc,CAAC;AACvD,MAAM,CAAC,MAAM,gBAAgB,GAAc,iBAAiB,CAAC;AAC7D,MAAM,CAAC,MAAM,eAAe,GAAc,gBAAgB,CAAC;AAC3D,MAAM,CAAC,MAAM,aAAa,GAAc,cAAc,CAAC;AAEvD,mBAAmB;AACnB,MAAM,CAAC,MAAM,iBAAiB,GAAc,kBAAkB,CAAC;AAE/D,aAAa;AACb,MAAM,CAAC,MAAM,oBAAoB,GAAc,qBAAqB,CAAC;AAErE,WAAW;AACX,MAAM,CAAC,MAAM,gBAAgB,GAAc,iBAAiB,CAAC;AAC7D,MAAM,CAAC,MAAM,eAAe,GAAc,gBAAgB,CAAC;AAC3D,MAAM,CAAC,MAAM,YAAY,GAAc,aAAa,CAAC;AACrD,MAAM,CAAC,MAAM,kBAAkB,GAAc,mBAAmB,CAAC;AACjE,MAAM,CAAC,MAAM,eAAe,GAAc,gBAAgB,CAAC;AAC3D,MAAM,CAAC,MAAM,oBAAoB,GAAc,oBAAoB,CAAC;AAEpE,oBAAoB;AACpB,MAAM,CAAC,MAAM,UAAU,GAAc,WAAW,CAAC;AACjD,MAAM,CAAC,MAAM,cAAc,GAAc,eAAe,CAAC;AACzD,MAAM,CAAC,MAAM,eAAe,GAAc,gBAAgB,CAAC;AAC3D,MAAM,CAAC,MAAM,cAAc,GAAc,eAAe,CAAC;AACzD,MAAM,CAAC,MAAM,aAAa,GAAc,cAAc,CAAC;AACvD,MAAM,CAAC,MAAM,gBAAgB,GAAc,iBAAiB,CAAC;AAC7D,MAAM,CAAC,MAAM,cAAc,GAAc,eAAe,CAAC;AAEzD,wBAAwB;AACxB,MAAM,aAAa,GAAgC;IACjD,CAAC,cAAc,CAAC,EAAE;QAChB,QAAQ,EAAE,CAAC,SAAS,CAAC;QACrB,QAAQ,EAAE,CAAC,QAAQ,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,UAAU,CAAC;KACzF;IACD,CAAC,cAAc,CAAC,EAAE;QAChB,QAAQ,EAAE,CAAC,UAAU,EAAE,WAAW,CAAC;QACnC,QAAQ,EAAE,CAAC,aAAa,EAAE,MAAM,CAAC;KAClC;IACD,CAAC,iBAAiB,CAAC,EAAE;QACnB,QAAQ,EAAE,CAAC,OAAO,CAAC;QACnB,QAAQ,EAAE,CAAC,aAAa,CAAC;KAC1B;IACD,CAAC,SAAS,CAAC,EAAE;QACX,QAAQ,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;QAC9B,QAAQ,EAAE,CAAC,UAAU,CAAC;KACvB;IACD,CAAC,YAAY,CAAC,EAAE;QACd,QAAQ,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC;QAC9B,QAAQ,EAAE,CAAC,eAAe,CAAC;KAC5B;IACD,CAAC,eAAe,CAAC,EAAE;QACjB,QAAQ,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC;QAC9B,QAAQ,EAAE,EAAE;KACb;IACD,CAAC,iBAAiB,CAAC,EAAE;QACnB,QAAQ,EAAE,CAAC,SAAS,EAAE,OAAO,CAAC;QAC9B,QAAQ,EAAE,EAAE;KACb;IACD,CAAC,cAAc,CAAC,EAAE;QAChB,QAAQ,EAAE,CAAC,QAAQ,CAAC;QACpB,QAAQ,EAAE,EAAE;KACb;IACD,CAAC,eAAe,CAAC,EAAE;QACjB,QAAQ,EAAE,CAAC,QAAQ,CAAC;QACpB,QAAQ,EAAE,EAAE;KACb;IACD,CAAC,aAAa,CAAC,EAAE;QACf,QAAQ,EAAE,CAAC,QAAQ,CAAC;QACpB,QAAQ,EAAE,EAAE;KACb;IACD,CAAC,YAAY,CAAC,EAAE;QACd,QAAQ,EAAE,CAAC,QAAQ,CAAC;QACpB,QAAQ,EAAE,EAAE;KACb;IACD,CAAC,iBAAiB,CAAC,EAAE;QACnB,QAAQ,EAAE,CAAC,UAAU,CAAC;QACtB,QAAQ,EAAE,EAAE;KACb;IACD,CAAC,mBAAmB,CAAC,EAAE;QACrB,QAAQ,EAAE,CAAC,MAAM,EAAE,IAAI,CAAC;QACxB,QAAQ,EAAE,EAAE;KACb;IACD,CAAC,aAAa,CAAC,EAAE;QACf,QAAQ,EAAE,CAAC,MAAM,EAAE,IAAI,CAAC;QACxB,QAAQ,EAAE,EAAE;KACb;IACD,CAAC,WAAW,CAAC,EAAE;QACb,QAAQ,EAAE,CAAC,OAAO,CAAC;QACnB,QAAQ,EAAE,CAAC,MAAM,EAAE,cAAc,EAAE,aAAa,CAAC;KAClD;IACD,CAAC,SAAS,CAAC,EAAE;QACX,QAAQ,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC;QAC7B,QAAQ,EAAE,CAAC,OAAO,EAAE,gBAAgB,EAAE,UAAU,EAAE,gBAAgB,CAAC;KACpE;IACD,CAAC,kBAAkB,CAAC,EAAE;QACpB,QAAQ,EAAE,CAAC,OAAO,EAAE,YAAY,CAAC;QACjC,QAAQ,EAAE,CAAC,gBAAgB,EAAE,UAAU,EAAE,OAAO,CAAC;KAClD;IACD,CAAC,aAAa,CAAC,EAAE;QACf,QAAQ,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC;QACxC,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,CAAC;KAClD;IACD,CAAC,mBAAmB,CAAC,EAAE;QACrB,QAAQ,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC;QAC9B,QAAQ,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,CAAC;KAC3D;IACD,CAAC,mBAAmB,CAAC,EAAE;QACrB,QAAQ,EAAE,CAAC,WAAW,EAAE,UAAU,EAAE,QAAQ,CAAC;QAC7C,QAAQ,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,CAAC;KACvC;IACD,CAAC,qBAAqB,CAAC,EAAE;QACvB,QAAQ,EAAE,CAAC,eAAe,EAAE,OAAO,CAAC;QACpC,QAAQ,EAAE,CAAC,OAAO,EAAE,QAAQ,EAAE,UAAU,CAAC;KAC1C;IACD,CAAC,mBAAmB,CAAC,EAAE;QACrB,QAAQ,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC;QAC9B,QAAQ,EAAE,CAAC,mBAAmB,EAAE,UAAU,CAAC;KAC5C;IACD,CAAC,uBAAuB,CAAC,EAAE;QACzB,QAAQ,EAAE,CAAC,QAAQ,EAAE,UAAU,CAAC;QAChC,QAAQ,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC;KAClC;IACD,CAAC,gBAAgB,CAAC,EAAE;QAClB,QAAQ,EAAE,CAAC,YAAY,EAAE,QAAQ,EAAE,eAAe,CAAC;QACnD,QAAQ,EAAE,CAAC,UAAU,EAAE,SAAS,EAAE,UAAU,CAAC;KAC9C;IACD,CAAC,cAAc,CAAC,EAAE;QAChB,QAAQ,EAAE,CAAC,YAAY,EAAE,QAAQ,EAAE,YAAY,CAAC;QAChD,QAAQ,EAAE,CAAC,UAAU,EAAE,QAAQ,EAAE,YAAY,EAAE,UAAU,CAAC;KAC3D;IACD,CAAC,aAAa,CAAC,EAAE;QACf,QAAQ,EAAE,CAAC,YAAY,EAAE,QAAQ,EAAE,QAAQ,CAAC;QAC5C,QAAQ,EAAE,CAAC,UAAU,EAAE,YAAY,EAAE,UAAU,CAAC;KACjD;IACD,CAAC,gBAAgB,CAAC,EAAE;QAClB,QAAQ,EAAE,CAAC,YAAY,EAAE,QAAQ,EAAE,QAAQ,CAAC;QAC5C,QAAQ,EAAE,CAAC,UAAU,EAAE,YAAY,EAAE,UAAU,CAAC;KACjD;IACD,CAAC,eAAe,CAAC,EAAE;QACjB,QAAQ,EAAE,CAAC,YAAY,EAAE,QAAQ,EAAE,QAAQ,CAAC;QAC5C,QAAQ,EAAE,CAAC,UAAU,EAAE,UAAU,EAAE,UAAU,CAAC;KAC/C;IACD,CAAC,aAAa,CAAC,EAAE;QACf,QAAQ,EAAE,CAAC,YAAY,EAAE,QAAQ,EAAE,OAAO,CAAC;QAC3C,QAAQ,EAAE,CAAC,UAAU,EAAE,UAAU,EAAE,UAAU,CAAC;KAC/C;IACD,CAAC,iBAAiB,CAAC,EAAE;QACnB,QAAQ,EAAE,CAAC,UAAU,EAAE,SAAS,EAAE,YAAY,CAAC;QAC/C,QAAQ,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,UAAU,CAAC;KAC3C;IACD,CAAC,oBAAoB,CAAC,EAAE;QACtB,QAAQ,EAAE,CAAC,aAAa,EAAE,WAAW,EAAE,aAAa,CAAC;QACrD,QAAQ,EAAE,CAAC,kBAAkB,EAAE,YAAY,EAAE,UAAU,CAAC;KACzD;IACD,CAAC,gBAAgB,CAAC,EAAE;QAClB,QAAQ,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC;QAC3B,QAAQ,EAAE,CAAC,YAAY,EAAE,YAAY,CAAC;KACvC;IACD,CAAC,eAAe,CAAC,EAAE;QACjB,QAAQ,EAAE,CAAC,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;QACxC,QAAQ,EAAE,CAAC,UAAU,EAAE,YAAY,EAAE,WAAW,CAAC;KAClD;IACD,CAAC,YAAY,CAAC,EAAE;QACd,QAAQ,EAAE,CAAC,OAAO,EAAE,SAAS,EAAE,QAAQ,CAAC;QACxC,QAAQ,EAAE,CAAC,WAAW,EAAE,UAAU,CAAC;KACpC;IACD,CAAC,kBAAkB,CAAC,EAAE;QACpB,QAAQ,EAAE,CAAC,OAAO,EAAE,QAAQ,CAAC;QAC7B,QAAQ,EAAE,CAAC,UAAU,EAAE,iBAAiB,EAAE,MAAM,CAAC;KAClD;IACD,CAAC,eAAe,CAAC,EAAE;QACjB,QAAQ,EAAE,CAAC,OAAO,EAAE,aAAa,EAAE,QAAQ,CAAC;QAC5C,QAAQ,EAAE,CAAC,UAAU,EAAE,iBAAiB,EAAE,MAAM,CAAC;KAClD;IACD,CAAC,oBAAoB,CAAC,EAAE;QACtB,QAAQ,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC;QAC5B,QAAQ,EAAE,CAAC,cAAc,EAAE,WAAW,CAAC;KACxC;IACD,CAAC,UAAU,CAAC,EAAE;QACZ,QAAQ,EAAE,CAAC,MAAM,CAAC;QAClB,QAAQ,EAAE,CAAC,UAAU,EAAE,cAAc,CAAC;KACvC;IACD,CAAC,cAAc,CAAC,EAAE;QAChB,QAAQ,EAAE,CAAC,QAAQ,CAAC;QACpB,QAAQ,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC;KAC7D;IACD,CAAC,eAAe,CAAC,EAAE;QACjB,QAAQ,EAAE,CAAC,QAAQ,CAAC;QACpB,QAAQ,EAAE,CAAC,UAAU,EAAE,MAAM,EAAE,UAAU,CAAC;KAC3C;IACD,CAAC,cAAc,CAAC,EAAE;QAChB,QAAQ,EAAE,CAAC,MAAM,CAAC;QAClB,QAAQ,EAAE,CAAC,SAAS,EAAE,cAAc,EAAE,WAAW,EAAE,WAAW,CAAC;KAChE;IACD,CAAC,aAAa,CAAC,EAAE;QACf,QAAQ,EAAE,CAAC,QAAQ,CAAC;QACpB,QAAQ,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC;KACtC;IACD,CAAC,gBAAgB,CAAC,EAAE;QAClB,QAAQ,EAAE,CAAC,QAAQ,CAAC;QACpB,QAAQ,EAAE,CAAC,aAAa,EAAE,UAAU,EAAE,SAAS,CAAC;KACjD;IACD,CAAC,cAAc,CAAC,EAAE;QAChB,QAAQ,EAAE,CAAC,QAAQ,CAAC;QACpB,QAAQ,EAAE,CAAC,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,CAAC;KAClD;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,eAAe,GAAG,IAAI,GAAG,CAAS,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;AAE3E,wBAAwB;AACxB,IAAI,YAAY,GAAG,CAAC,CAAC;AAErB,8DAA8D;AAC9D,MAAM,UAAU,iBAAiB;IAC/B,YAAY,GAAG,CAAC,CAAC;AACnB,CAAC;AAED,SAAS,eAAe,CAAC,SAAiB;IACxC,OAAO,OAAO,SAAS,IAAI,EAAE,YAAY,EAAE,CAAC;AAC9C,CAAC;AAED,SAAS,gBAAgB,CAAC,IAAY,EAAE,IAA6B;IACnE,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC;IACtC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IACjE,OAAO,UAAU,CAAC,GAAG,IAAI,IAAI,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,KAA8B;IAC1D,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACxC,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC,iCAAiC,CAAC,EAAE,CAAC;IACvE,CAAC;IAED,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,uCAAuC,CAAC,CAAC;QACrD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC;IAClC,CAAC;IAED,MAAM,MAAM,GAAG,aAAa,CAAC,KAAK,CAAC,IAAc,CAAC,CAAC;IACnD,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,MAAM,CAAC,IAAI,CAAC,uBAAuB,KAAK,CAAC,IAAc,EAAE,CAAC,CAAC;QAC3D,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,CAAC;IAClC,CAAC;IAED,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACpC,IAAI,KAAK,CAAC,KAAK,CAAC,KAAK,SAAS,EAAE,CAAC;YAC/B,MAAM,CAAC,IAAI,CAAC,UAAU,KAAK,CAAC,IAAc,gCAAgC,KAAK,EAAE,CAAC,CAAC;QACrF,CAAC;IACH,CAAC;IAED,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;AAChD,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,WAAW,CAAC,IAAe,EAAE,OAAgC,EAAE;IAC7E,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,MAAM,KAAK,GAA4B,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,IAAI,EAAE,CAAC;IACpE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,aAAa,CAAC,KAAK,CAAC,CAAC;IAC/C,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CAAC,kBAAkB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACzD,CAAC;IACD,KAAK,CAAC,EAAE,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC;IACtC,IAAI,KAAK,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;QACpC,KAAK,CAAC,WAAW,GAAG,gBAAgB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACnD,CAAC;IACD,OAAO,KAA+B,CAAC;AACzC,CAAC"}

package/dist/events/store.d.ts

@@ -0,0 +1,7 @@
+import type { EventStore } from '../core/types.js';
+/**
+ * Create an in-memory event store.
+ * Serves as the reference implementation and test double.
+ */
+export declare function createInMemoryStore(): EventStore;
+//# sourceMappingURL=store.d.ts.map

package/dist/events/store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"store.d.ts","sourceRoot":"","sources":["../../src/events/store.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAA4B,UAAU,EAAoB,MAAM,kBAAkB,CAAC;AAG/F;;;GAGG;AACH,wBAAgB,mBAAmB,IAAI,UAAU,CA6DhD"}

package/dist/events/store.js

@@ -0,0 +1,64 @@
+// Event store interface and in-memory reference implementation.
+// No DOM, no Node.js APIs — pure domain logic.
+// File-based persistence: see src/cli/file-event-store.ts
+import { validateEvent } from './schema.js';
+/**
+ * Create an in-memory event store.
+ * Serves as the reference implementation and test double.
+ */
+export function createInMemoryStore() {
+    let events = [];
+    return {
+        append(event) {
+            const { valid, errors } = validateEvent(event);
+            if (!valid) {
+                throw new Error(`Cannot append invalid event: ${errors.join('; ')}`);
+            }
+            events.push(event);
+        },
+        query(filter = {}) {
+            let result = events;
+            if (filter.kind) {
+                result = result.filter((e) => e.kind === filter.kind);
+            }
+            if (filter.since !== undefined) {
+                result = result.filter((e) => e.timestamp >= filter.since);
+            }
+            if (filter.until !== undefined) {
+                result = result.filter((e) => e.timestamp <= filter.until);
+            }
+            if (filter.fingerprint) {
+                result = result.filter((e) => e.fingerprint === filter.fingerprint);
+            }
+            return result;
+        },
+        replay(fromId) {
+            if (!fromId)
+                return [...events];
+            const idx = events.findIndex((e) => e.id === fromId);
+            if (idx === -1)
+                return [];
+            return events.slice(idx);
+        },
+        count() {
+            return events.length;
+        },
+        clear() {
+            events = [];
+        },
+        toNDJSON() {
+            return events.map((e) => JSON.stringify(e)).join('\n');
+        },
+        fromNDJSON(ndjson) {
+            const lines = ndjson.split('\n').filter((line) => line.trim().length > 0);
+            let loaded = 0;
+            for (const line of lines) {
+                const parsed = JSON.parse(line);
+                events.push(parsed);
+                loaded++;
+            }
+            return loaded;
+        },
+    };
+}
+//# sourceMappingURL=store.js.map

package/dist/events/store.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"store.js","sourceRoot":"","sources":["../../src/events/store.ts"],"names":[],"mappings":"AAAA,gEAAgE;AAChE,+CAA+C;AAC/C,0DAA0D;AAG1D,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAE5C;;;GAGG;AACH,MAAM,UAAU,mBAAmB;IACjC,IAAI,MAAM,GAAkB,EAAE,CAAC;IAE/B,OAAO;QACL,MAAM,CAAC,KAAkB;YACvB,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,aAAa,CACrC,KAA2C,CACxB,CAAC;YACtB,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,MAAM,IAAI,KAAK,CAAC,gCAAgC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACvE,CAAC;YACD,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACrB,CAAC;QAED,KAAK,CAAC,SAAsB,EAAE;YAC5B,IAAI,MAAM,GAAG,MAAM,CAAC;YACpB,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;gBAChB,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC;YACxD,CAAC;YACD,IAAI,MAAM,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;gBAC/B,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,MAAM,CAAC,KAAM,CAAC,CAAC;YAC9D,CAAC;YACD,IAAI,MAAM,CAAC,KAAK,KAAK,SAAS,EAAE,CAAC;gBAC/B,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,MAAM,CAAC,KAAM,CAAC,CAAC;YAC9D,CAAC;YACD,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;gBACvB,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,KAAK,MAAM,CAAC,WAAW,CAAC,CAAC;YACtE,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;QAED,MAAM,CAAC,MAAe;YACpB,IAAI,CAAC,MAAM;gBAAE,OAAO,CAAC,GAAG,MAAM,CAAC,CAAC;YAChC,MAAM,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,MAAM,CAAC,CAAC;YACrD,IAAI,GAAG,KAAK,CAAC,CAAC;gBAAE,OAAO,EAAE,CAAC;YAC1B,OAAO,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC3B,CAAC;QAED,KAAK;YACH,OAAO,MAAM,CAAC,MAAM,CAAC;QACvB,CAAC;QAED,KAAK;YACH,MAAM,GAAG,EAAE,CAAC;QACd,CAAC;QAED,QAAQ;YACN,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzD,CAAC;QAED,UAAU,CAAC,MAAc;YACvB,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAC1E,IAAI,MAAM,GAAG,CAAC,CAAC;YACf,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAgB,CAAC;gBAC/C,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;gBACpB,MAAM,EAAE,CAAC;YACX,CAAC;YACD,OAAO,MAAM,CAAC;QAChB,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/invariants/checker.d.ts

@@ -0,0 +1,15 @@
+import type { DomainEvent } from '../core/types.js';
+import type { AgentGuardInvariant, InvariantCheckResult, SystemState } from './definitions.js';
+export interface InvariantCheck {
+    holds: boolean;
+    invariant: AgentGuardInvariant;
+    result: InvariantCheckResult;
+}
+export declare function checkInvariant(invariant: AgentGuardInvariant, state: SystemState): InvariantCheck;
+export declare function checkAllInvariants(invariants: AgentGuardInvariant[], state: SystemState): {
+    violations: InvariantCheck[];
+    events: DomainEvent[];
+    allHold: boolean;
+};
+export declare function buildSystemState(context?: Record<string, unknown>): SystemState;
+//# sourceMappingURL=checker.d.ts.map

package/dist/invariants/checker.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"checker.d.ts","sourceRoot":"","sources":["../../src/invariants/checker.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAEpD,OAAO,KAAK,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAE/F,MAAM,WAAW,cAAc;IAC7B,KAAK,EAAE,OAAO,CAAC;IACf,SAAS,EAAE,mBAAmB,CAAC;IAC/B,MAAM,EAAE,oBAAoB,CAAC;CAC9B;AAED,wBAAgB,cAAc,CAAC,SAAS,EAAE,mBAAmB,EAAE,KAAK,EAAE,WAAW,GAAG,cAAc,CAOjG;AAED,wBAAgB,kBAAkB,CAChC,UAAU,EAAE,mBAAmB,EAAE,EACjC,KAAK,EAAE,WAAW,GACjB;IACD,UAAU,EAAE,cAAc,EAAE,CAAC;IAC7B,MAAM,EAAE,WAAW,EAAE,CAAC;IACtB,OAAO,EAAE,OAAO,CAAC;CAClB,CA8BA;AAED,wBAAgB,gBAAgB,CAAC,OAAO,GAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAM,GAAG,WAAW,CAenF"}

package/dist/invariants/checker.js

@@ -0,0 +1,52 @@
+// Invariant checker — evaluates system state against invariant definitions.
+// Pure domain logic. No DOM, no Node.js-specific APIs.
+import { createEvent, INVARIANT_VIOLATION } from '../events/schema.js';
+export function checkInvariant(invariant, state) {
+    const result = invariant.check(state);
+    return {
+        holds: result.holds,
+        invariant,
+        result,
+    };
+}
+export function checkAllInvariants(invariants, state) {
+    const violations = [];
+    const events = [];
+    for (const invariant of invariants) {
+        const check = checkInvariant(invariant, state);
+        if (!check.holds) {
+            violations.push(check);
+            events.push(createEvent(INVARIANT_VIOLATION, {
+                invariant: invariant.id,
+                expected: check.result.expected,
+                actual: check.result.actual,
+                metadata: {
+                    name: invariant.name,
+                    severity: invariant.severity,
+                    description: invariant.description,
+                },
+            }));
+        }
+    }
+    return {
+        violations,
+        events,
+        allHold: violations.length === 0,
+    };
+}
+export function buildSystemState(context = {}) {
+    return {
+        modifiedFiles: context.modifiedFiles || [],
+        targetBranch: context.targetBranch || '',
+        directPush: context.directPush || false,
+        forcePush: context.forcePush || false,
+        isPush: context.isPush || false,
+        testsPass: context.testsPass,
+        filesAffected: context.filesAffected || (context.modifiedFiles || []).length,
+        blastRadiusLimit: context.blastRadiusLimit || 20,
+        protectedBranches: context.protectedBranches || ['main', 'master'],
+        currentTarget: context.currentTarget || '',
+        currentCommand: context.currentCommand || '',
+    };
+}
+//# sourceMappingURL=checker.js.map

package/dist/invariants/checker.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"checker.js","sourceRoot":"","sources":["../../src/invariants/checker.ts"],"names":[],"mappings":"AAAA,4EAA4E;AAC5E,uDAAuD;AAGvD,OAAO,EAAE,WAAW,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AASvE,MAAM,UAAU,cAAc,CAAC,SAA8B,EAAE,KAAkB;IAC/E,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;IACtC,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,SAAS;QACT,MAAM;KACP,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,kBAAkB,CAChC,UAAiC,EACjC,KAAkB;IAMlB,MAAM,UAAU,GAAqB,EAAE,CAAC;IACxC,MAAM,MAAM,GAAkB,EAAE,CAAC;IAEjC,KAAK,MAAM,SAAS,IAAI,UAAU,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,cAAc,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QAE/C,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YACjB,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAEvB,MAAM,CAAC,IAAI,CACT,WAAW,CAAC,mBAAmB,EAAE;gBAC/B,SAAS,EAAE,SAAS,CAAC,EAAE;gBACvB,QAAQ,EAAE,KAAK,CAAC,MAAM,CAAC,QAAQ;gBAC/B,MAAM,EAAE,KAAK,CAAC,MAAM,CAAC,MAAM;gBAC3B,QAAQ,EAAE;oBACR,IAAI,EAAE,SAAS,CAAC,IAAI;oBACpB,QAAQ,EAAE,SAAS,CAAC,QAAQ;oBAC5B,WAAW,EAAE,SAAS,CAAC,WAAW;iBACnC;aACF,CAAC,CACH,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO;QACL,UAAU;QACV,MAAM;QACN,OAAO,EAAE,UAAU,CAAC,MAAM,KAAK,CAAC;KACjC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,UAAmC,EAAE;IACpE,OAAO;QACL,aAAa,EAAG,OAAO,CAAC,aAA0B,IAAI,EAAE;QACxD,YAAY,EAAG,OAAO,CAAC,YAAuB,IAAI,EAAE;QACpD,UAAU,EAAG,OAAO,CAAC,UAAsB,IAAI,KAAK;QACpD,SAAS,EAAG,OAAO,CAAC,SAAqB,IAAI,KAAK;QAClD,MAAM,EAAG,OAAO,CAAC,MAAkB,IAAI,KAAK;QAC5C,SAAS,EAAE,OAAO,CAAC,SAAgC;QACnD,aAAa,EACV,OAAO,CAAC,aAAwB,IAAI,CAAE,OAAO,CAAC,aAA0B,IAAI,EAAE,CAAC,CAAC,MAAM;QACzF,gBAAgB,EAAG,OAAO,CAAC,gBAA2B,IAAI,EAAE;QAC5D,iBAAiB,EAAG,OAAO,CAAC,iBAA8B,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC;QAChF,aAAa,EAAG,OAAO,CAAC,aAAwB,IAAI,EAAE;QACtD,cAAc,EAAG,OAAO,CAAC,cAAyB,IAAI,EAAE;KACzD,CAAC;AACJ,CAAC"}

package/dist/invariants/definitions.d.ts

@@ -0,0 +1,33 @@
+export interface InvariantCheckResult {
+    holds: boolean;
+    expected: string;
+    actual: string;
+}
+export interface AgentGuardInvariant {
+    id: string;
+    name: string;
+    description: string;
+    severity: number;
+    check: (state: SystemState) => InvariantCheckResult;
+}
+export interface SystemState {
+    modifiedFiles?: string[];
+    targetBranch?: string;
+    directPush?: boolean;
+    forcePush?: boolean;
+    isPush?: boolean;
+    testsPass?: boolean;
+    filesAffected?: number;
+    blastRadiusLimit?: number;
+    protectedBranches?: string[];
+    /** Blast radius from pre-execution simulation (overrides filesAffected in blast-radius check) */
+    simulatedBlastRadius?: number;
+    /** Risk level from pre-execution simulation */
+    simulatedRiskLevel?: string;
+    /** File path targeted by the current action */
+    currentTarget?: string;
+    /** Shell command of the current action (for shell.exec detection) */
+    currentCommand?: string;
+}
+export declare const DEFAULT_INVARIANTS: AgentGuardInvariant[];
+//# sourceMappingURL=definitions.d.ts.map

package/dist/invariants/definitions.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"definitions.d.ts","sourceRoot":"","sources":["../../src/invariants/definitions.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,oBAAoB;IACnC,KAAK,EAAE,OAAO,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,mBAAmB;IAClC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,CAAC,KAAK,EAAE,WAAW,KAAK,oBAAoB,CAAC;CACrD;AAED,MAAM,WAAW,WAAW;IAC1B,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7B,iGAAiG;IACjG,oBAAoB,CAAC,EAAE,MAAM,CAAC;IAC9B,+CAA+C;IAC/C,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,+CAA+C;IAC/C,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,qEAAqE;IACrE,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,eAAO,MAAM,kBAAkB,EAAE,mBAAmB,EA2LnD,CAAC"}

package/dist/invariants/definitions.js

@@ -0,0 +1,168 @@
+// Default system invariant definitions.
+// Pure domain logic. No DOM, no Node.js-specific APIs.
+export const DEFAULT_INVARIANTS = [
+    {
+        id: 'no-secret-exposure',
+        name: 'No Secret Exposure',
+        description: 'Sensitive files (.env, credentials, keys) must not be committed or exposed',
+        severity: 5,
+        check(state) {
+            const sensitivePatterns = ['.env', 'credentials', '.pem', '.key', 'secret', 'token'];
+            const exposedFiles = (state.modifiedFiles || []).filter((f) => {
+                const lower = f.toLowerCase();
+                return sensitivePatterns.some((p) => lower.includes(p));
+            });
+            return {
+                holds: exposedFiles.length === 0,
+                expected: 'No sensitive files modified',
+                actual: exposedFiles.length > 0
+                    ? `Sensitive files detected: ${exposedFiles.join(', ')}`
+                    : 'No sensitive files modified',
+            };
+        },
+    },
+    {
+        id: 'protected-branch',
+        name: 'Protected Branch Safety',
+        description: 'Direct pushes to main/master are forbidden',
+        severity: 4,
+        check(state) {
+            const protectedBranches = state.protectedBranches || ['main', 'master'];
+            const targetBranch = state.targetBranch || '';
+            const isProtected = protectedBranches.includes(targetBranch);
+            return {
+                holds: !isProtected || !state.directPush,
+                expected: 'No direct push to protected branch',
+                actual: isProtected && state.directPush ? `Direct push to ${targetBranch}` : 'Safe',
+            };
+        },
+    },
+    {
+        id: 'blast-radius-limit',
+        name: 'Blast Radius Limit',
+        description: 'A single operation must not modify too many files at once',
+        severity: 3,
+        check(state) {
+            const limit = state.blastRadiusLimit || 20;
+            // Prefer simulated blast radius over static file count when available
+            const count = state.simulatedBlastRadius ?? state.filesAffected ?? 0;
+            const source = state.simulatedBlastRadius !== undefined ? 'simulated' : 'static';
+            return {
+                holds: count <= limit,
+                expected: `At most ${limit} files modified`,
+                actual: `${count} files modified (${source})`,
+            };
+        },
+    },
+    {
+        id: 'test-before-push',
+        name: 'Tests Before Push',
+        description: 'Tests must pass before pushing code',
+        severity: 3,
+        check(state) {
+            if (!state.isPush) {
+                return { holds: true, expected: 'N/A', actual: 'Not a push operation' };
+            }
+            return {
+                holds: state.testsPass === true,
+                expected: 'Tests passing',
+                actual: state.testsPass === true ? 'Tests passing' : 'Tests not verified',
+            };
+        },
+    },
+    {
+        id: 'no-force-push',
+        name: 'No Force Push',
+        description: 'Force pushes are forbidden unless explicitly authorized',
+        severity: 4,
+        check(state) {
+            return {
+                holds: !state.forcePush,
+                expected: 'No force push',
+                actual: state.forcePush ? 'Force push detected' : 'Normal push',
+            };
+        },
+    },
+    {
+        id: 'no-skill-modification',
+        name: 'No Skill Modification',
+        description: 'Agent skill files (.claude/skills/) must not be modified by governed actions',
+        severity: 4,
+        check(state) {
+            const SKILL_PATTERNS = ['.claude/skills/', '.claude\\skills\\'];
+            const matchesSkillPath = (path) => SKILL_PATTERNS.some((p) => path.includes(p));
+            const target = state.currentTarget || '';
+            const targetViolation = target !== '' && matchesSkillPath(target);
+            const command = state.currentCommand || '';
+            const commandViolation = command !== '' && matchesSkillPath(command);
+            const skillFiles = (state.modifiedFiles || []).filter((f) => matchesSkillPath(f));
+            const holds = !targetViolation && !commandViolation && skillFiles.length === 0;
+            const violations = [];
+            if (targetViolation)
+                violations.push(`target: ${target}`);
+            if (commandViolation)
+                violations.push(`command references skills`);
+            if (skillFiles.length > 0)
+                violations.push(`modified: ${skillFiles.join(', ')}`);
+            return {
+                holds,
+                expected: 'No modifications to .claude/skills/',
+                actual: holds
+                    ? 'No skill files affected'
+                    : `Skill modification detected (${violations.join('; ')})`,
+            };
+        },
+    },
+    {
+        id: 'no-scheduled-task-modification',
+        name: 'No Scheduled Task Modification',
+        description: 'Agents must not modify scheduled task definitions (.claude/scheduled-tasks/) directly',
+        severity: 5,
+        check(state) {
+            const SCHEDULED_TASK_PATTERNS = ['.claude/scheduled-tasks/', '.claude\\scheduled-tasks\\'];
+            const matchesScheduledPath = (path) => SCHEDULED_TASK_PATTERNS.some((p) => path.includes(p));
+            const target = state.currentTarget || '';
+            const targetViolation = target !== '' && matchesScheduledPath(target);
+            const command = state.currentCommand || '';
+            const commandViolation = command !== '' && matchesScheduledPath(command);
+            const scheduledFiles = (state.modifiedFiles || []).filter((f) => matchesScheduledPath(f));
+            const holds = !targetViolation && !commandViolation && scheduledFiles.length === 0;
+            const violations = [];
+            if (targetViolation)
+                violations.push(`target: ${target}`);
+            if (commandViolation)
+                violations.push(`command references scheduled tasks`);
+            if (scheduledFiles.length > 0)
+                violations.push(`modified: ${scheduledFiles.join(', ')}`);
+            return {
+                holds,
+                expected: 'No modifications to .claude/scheduled-tasks/',
+                actual: holds
+                    ? 'No scheduled task files affected'
+                    : `Scheduled task modification detected (${violations.join('; ')})`,
+            };
+        },
+    },
+    {
+        id: 'lockfile-integrity',
+        name: 'Lockfile Integrity',
+        description: 'Package lockfiles must stay in sync with manifests',
+        severity: 2,
+        check(state) {
+            const manifestChanged = (state.modifiedFiles || []).some((f) => f === 'package.json' || f.endsWith('/package.json'));
+            const lockfileChanged = (state.modifiedFiles || []).some((f) => f === 'package-lock.json' ||
+                f === 'yarn.lock' ||
+                f === 'pnpm-lock.yaml' ||
+                f.endsWith('/package-lock.json'));
+            if (!manifestChanged) {
+                return { holds: true, expected: 'N/A', actual: 'No manifest changes' };
+            }
+            return {
+                holds: lockfileChanged,
+                expected: 'Lockfile updated with manifest',
+                actual: lockfileChanged ? 'Lockfile updated' : 'Manifest changed without lockfile',
+            };
+        },
+    },
+];
+//# sourceMappingURL=definitions.js.map

package/dist/invariants/definitions.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"definitions.js","sourceRoot":"","sources":["../../src/invariants/definitions.ts"],"names":[],"mappings":"AAAA,wCAAwC;AACxC,uDAAuD;AAoCvD,MAAM,CAAC,MAAM,kBAAkB,GAA0B;IACvD;QACE,EAAE,EAAE,oBAAoB;QACxB,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,4EAA4E;QACzF,QAAQ,EAAE,CAAC;QACX,KAAK,CAAC,KAAK;YACT,MAAM,iBAAiB,GAAG,CAAC,MAAM,EAAE,aAAa,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;YACrF,MAAM,YAAY,GAAG,CAAC,KAAK,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;gBAC5D,MAAM,KAAK,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;gBAC9B,OAAO,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YAC1D,CAAC,CAAC,CAAC;YACH,OAAO;gBACL,KAAK,EAAE,YAAY,CAAC,MAAM,KAAK,CAAC;gBAChC,QAAQ,EAAE,6BAA6B;gBACvC,MAAM,EACJ,YAAY,CAAC,MAAM,GAAG,CAAC;oBACrB,CAAC,CAAC,6BAA6B,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;oBACxD,CAAC,CAAC,6BAA6B;aACpC,CAAC;QACJ,CAAC;KACF;IAED;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,4CAA4C;QACzD,QAAQ,EAAE,CAAC;QACX,KAAK,CAAC,KAAK;YACT,MAAM,iBAAiB,GAAG,KAAK,CAAC,iBAAiB,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YACxE,MAAM,YAAY,GAAG,KAAK,CAAC,YAAY,IAAI,EAAE,CAAC;YAC9C,MAAM,WAAW,GAAG,iBAAiB,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;YAC7D,OAAO;gBACL,KAAK,EAAE,CAAC,WAAW,IAAI,CAAC,KAAK,CAAC,UAAU;gBACxC,QAAQ,EAAE,oCAAoC;gBAC9C,MAAM,EAAE,WAAW,IAAI,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,kBAAkB,YAAY,EAAE,CAAC,CAAC,CAAC,MAAM;aACpF,CAAC;QACJ,CAAC;KACF;IAED;QACE,EAAE,EAAE,oBAAoB;QACxB,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,2DAA2D;QACxE,QAAQ,EAAE,CAAC;QACX,KAAK,CAAC,KAAK;YACT,MAAM,KAAK,GAAG,KAAK,CAAC,gBAAgB,IAAI,EAAE,CAAC;YAC3C,sEAAsE;YACtE,MAAM,KAAK,GAAG,KAAK,CAAC,oBAAoB,IAAI,KAAK,CAAC,aAAa,IAAI,CAAC,CAAC;YACrE,MAAM,MAAM,GAAG,KAAK,CAAC,oBAAoB,KAAK,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC;YACjF,OAAO;gBACL,KAAK,EAAE,KAAK,IAAI,KAAK;gBACrB,QAAQ,EAAE,WAAW,KAAK,iBAAiB;gBAC3C,MAAM,EAAE,GAAG,KAAK,oBAAoB,MAAM,GAAG;aAC9C,CAAC;QACJ,CAAC;KACF;IAED;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,qCAAqC;QAClD,QAAQ,EAAE,CAAC;QACX,KAAK,CAAC,KAAK;YACT,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;gBAClB,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,sBAAsB,EAAE,CAAC;YAC1E,CAAC;YACD,OAAO;gBACL,KAAK,EAAE,KAAK,CAAC,SAAS,KAAK,IAAI;gBAC/B,QAAQ,EAAE,eAAe;gBACzB,MAAM,EAAE,KAAK,CAAC,SAAS,KAAK,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,oBAAoB;aAC1E,CAAC;QACJ,CAAC;KACF;IAED;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,yDAAyD;QACtE,QAAQ,EAAE,CAAC;QACX,KAAK,CAAC,KAAK;YACT,OAAO;gBACL,KAAK,EAAE,CAAC,KAAK,CAAC,SAAS;gBACvB,QAAQ,EAAE,eAAe;gBACzB,MAAM,EAAE,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,aAAa;aAChE,CAAC;QACJ,CAAC;KACF;IAED;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,8EAA8E;QAC3F,QAAQ,EAAE,CAAC;QACX,KAAK,CAAC,KAAK;YACT,MAAM,cAAc,GAAG,CAAC,iBAAiB,EAAE,mBAAmB,CAAC,CAAC;YAChE,MAAM,gBAAgB,GAAG,CAAC,IAAY,EAAE,EAAE,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YAExF,MAAM,MAAM,GAAG,KAAK,CAAC,aAAa,IAAI,EAAE,CAAC;YACzC,MAAM,eAAe,GAAG,MAAM,KAAK,EAAE,IAAI,gBAAgB,CAAC,MAAM,CAAC,CAAC;YAElE,MAAM,OAAO,GAAG,KAAK,CAAC,cAAc,IAAI,EAAE,CAAC;YAC3C,MAAM,gBAAgB,GAAG,OAAO,KAAK,EAAE,IAAI,gBAAgB,CAAC,OAAO,CAAC,CAAC;YAErE,MAAM,UAAU,GAAG,CAAC,KAAK,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC;YAElF,MAAM,KAAK,GAAG,CAAC,eAAe,IAAI,CAAC,gBAAgB,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,CAAC;YAE/E,MAAM,UAAU,GAAa,EAAE,CAAC;YAChC,IAAI,eAAe;gBAAE,UAAU,CAAC,IAAI,CAAC,WAAW,MAAM,EAAE,CAAC,CAAC;YAC1D,IAAI,gBAAgB;gBAAE,UAAU,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;YACnE,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC;gBAAE,UAAU,CAAC,IAAI,CAAC,aAAa,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAEjF,OAAO;gBACL,KAAK;gBACL,QAAQ,EAAE,qCAAqC;gBAC/C,MAAM,EAAE,KAAK;oBACX,CAAC,CAAC,yBAAyB;oBAC3B,CAAC,CAAC,gCAAgC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG;aAC7D,CAAC;QACJ,CAAC;KACF;IAED;QACE,EAAE,EAAE,gCAAgC;QACpC,IAAI,EAAE,gCAAgC;QACtC,WAAW,EACT,uFAAuF;QACzF,QAAQ,EAAE,CAAC;QACX,KAAK,CAAC,KAAK;YACT,MAAM,uBAAuB,GAAG,CAAC,0BAA0B,EAAE,4BAA4B,CAAC,CAAC;YAC3F,MAAM,oBAAoB,GAAG,CAAC,IAAY,EAAE,EAAE,CAC5C,uBAAuB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YAExD,MAAM,MAAM,GAAG,KAAK,CAAC,aAAa,IAAI,EAAE,CAAC;YACzC,MAAM,eAAe,GAAG,MAAM,KAAK,EAAE,IAAI,oBAAoB,CAAC,MAAM,CAAC,CAAC;YAEtE,MAAM,OAAO,GAAG,KAAK,CAAC,cAAc,IAAI,EAAE,CAAC;YAC3C,MAAM,gBAAgB,GAAG,OAAO,KAAK,EAAE,IAAI,oBAAoB,CAAC,OAAO,CAAC,CAAC;YAEzE,MAAM,cAAc,GAAG,CAAC,KAAK,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAAC,CAAC;YAE1F,MAAM,KAAK,GAAG,CAAC,eAAe,IAAI,CAAC,gBAAgB,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,CAAC;YAEnF,MAAM,UAAU,GAAa,EAAE,CAAC;YAChC,IAAI,eAAe;gBAAE,UAAU,CAAC,IAAI,CAAC,WAAW,MAAM,EAAE,CAAC,CAAC;YAC1D,IAAI,gBAAgB;gBAAE,UAAU,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;YAC5E,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC;gBAAE,UAAU,CAAC,IAAI,CAAC,aAAa,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAEzF,OAAO;gBACL,KAAK;gBACL,QAAQ,EAAE,8CAA8C;gBACxD,MAAM,EAAE,KAAK;oBACX,CAAC,CAAC,kCAAkC;oBACpC,CAAC,CAAC,yCAAyC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG;aACtE,CAAC;QACJ,CAAC;KACF;IAED;QACE,EAAE,EAAE,oBAAoB;QACxB,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,oDAAoD;QACjE,QAAQ,EAAE,CAAC;QACX,KAAK,CAAC,KAAK;YACT,MAAM,eAAe,GAAG,CAAC,KAAK,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,IAAI,CACtD,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,cAAc,IAAI,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC,CAC3D,CAAC;YACF,MAAM,eAAe,GAAG,CAAC,KAAK,CAAC,aAAa,IAAI,EAAE,CAAC,CAAC,IAAI,CACtD,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC,KAAK,mBAAmB;gBACzB,CAAC,KAAK,WAAW;gBACjB,CAAC,KAAK,gBAAgB;gBACtB,CAAC,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CACnC,CAAC;YAEF,IAAI,CAAC,eAAe,EAAE,CAAC;gBACrB,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,qBAAqB,EAAE,CAAC;YACzE,CAAC;YAED,OAAO;gBACL,KAAK,EAAE,eAAe;gBACtB,QAAQ,EAAE,gCAAgC;gBAC1C,MAAM,EAAE,eAAe,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,mCAAmC;aACnF,CAAC;QACJ,CAAC;KACF;CACF,CAAC"}

package/dist/kernel/aab.d.ts

@@ -0,0 +1,26 @@
+import type { DomainEvent } from '../core/types.js';
+import type { NormalizedIntent, EvalResult, LoadedPolicy } from '../policy/evaluator.js';
+import type { BlastRadiusResult } from './blast-radius.js';
+export interface RawAgentAction {
+    tool?: string;
+    command?: string;
+    file?: string;
+    target?: string;
+    content?: string;
+    branch?: string;
+    agent?: string;
+    filesAffected?: number;
+    metadata?: Record<string, unknown>;
+}
+export interface AuthorizationResult {
+    intent: NormalizedIntent;
+    result: EvalResult;
+    events: DomainEvent[];
+    blastRadius?: BlastRadiusResult;
+}
+declare function detectGitAction(command: string): string | null;
+declare function isDestructiveCommand(command: string): boolean;
+export declare function normalizeIntent(rawAction: RawAgentAction | null): NormalizedIntent;
+export declare function authorize(rawAction: RawAgentAction | null, policies: LoadedPolicy[]): AuthorizationResult;
+export { detectGitAction, isDestructiveCommand };
+//# sourceMappingURL=aab.d.ts.map

package/dist/kernel/aab.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"aab.d.ts","sourceRoot":"","sources":["../../src/kernel/aab.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAEpD,OAAO,KAAK,EAAE,gBAAgB,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAQzF,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAE3D,MAAM,WAAW,cAAc;IAC7B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,mBAAmB;IAClC,MAAM,EAAE,gBAAgB,CAAC;IACzB,MAAM,EAAE,UAAU,CAAC;IACnB,MAAM,EAAE,WAAW,EAAE,CAAC;IACtB,WAAW,CAAC,EAAE,iBAAiB,CAAC;CACjC;AAWD,iBAAS,eAAe,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAcvD;AAED,iBAAS,oBAAoB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAkBtD;AAQD,wBAAgB,eAAe,CAAC,SAAS,EAAE,cAAc,GAAG,IAAI,GAAG,gBAAgB,CA2BlF;AAED,wBAAgB,SAAS,CACvB,SAAS,EAAE,cAAc,GAAG,IAAI,EAChC,QAAQ,EAAE,YAAY,EAAE,GACvB,mBAAmB,CAmFrB;AAED,OAAO,EAAE,eAAe,EAAE,oBAAoB,EAAE,CAAC"}

package/dist/kernel/aab.js

@@ -0,0 +1,149 @@
+// Action Authorization Boundary (AAB)
+// The central gatekeeper in the Runtime Assurance Architecture.
+// Pure domain logic. No DOM, no Node.js-specific APIs.
+import { evaluate } from '../policy/evaluator.js';
+import { createEvent, POLICY_DENIED, UNAUTHORIZED_ACTION, BLAST_RADIUS_EXCEEDED, } from '../events/schema.js';
+import { computeBlastRadius } from './blast-radius.js';
+const TOOL_ACTION_MAP = {
+    Write: 'file.write',
+    Edit: 'file.write',
+    Read: 'file.read',
+    Bash: 'shell.exec',
+    Glob: 'file.read',
+    Grep: 'file.read',
+};
+function detectGitAction(command) {
+    if (!command || typeof command !== 'string')
+        return null;
+    const trimmed = command.trim();
+    if (/\bgit\s+push\s+--force\b/.test(trimmed) || /\bgit\s+push\s+-f\b/.test(trimmed)) {
+        return 'git.force-push';
+    }
+    if (/\bgit\s+push\b/.test(trimmed))
+        return 'git.push';
+    if (/\bgit\s+branch\s+-[dD]\b/.test(trimmed))
+        return 'git.branch.delete';
+    if (/\bgit\s+merge\b/.test(trimmed))
+        return 'git.merge';
+    if (/\bgit\s+commit\b/.test(trimmed))
+        return 'git.commit';
+    return null;
+}
+function isDestructiveCommand(command) {
+    if (!command || typeof command !== 'string')
+        return false;
+    const patterns = [
+        /\brm\s+-rf\b/,
+        /\brm\s+-r\b/,
+        /\brm\s+--recursive\b/,
+        /\bchmod\s+777\b/,
+        /\bdd\s+if=/,
+        /\bmkfs\b/,
+        />\s*\/dev\/sd[a-z]/,
+        /\bsudo\s+rm\b/,
+        /\bdropdb\b/,
+        /\bDROP\s+DATABASE\b/i,
+        /\bDROP\s+TABLE\b/i,
+    ];
+    return patterns.some((p) => p.test(command));
+}
+function extractBranch(command) {
+    if (!command)
+        return null;
+    const match = command.match(/\bgit\s+push\s+\S+\s+(\S+)/);
+    return match ? match[1] : null;
+}
+export function normalizeIntent(rawAction) {
+    if (!rawAction || typeof rawAction !== 'object') {
+        return { action: 'unknown', target: '', agent: 'unknown', destructive: false };
+    }
+    const tool = rawAction.tool || '';
+    let action = TOOL_ACTION_MAP[tool] || 'unknown';
+    let target = rawAction.file || rawAction.target || '';
+    if (action === 'shell.exec' && rawAction.command) {
+        const gitAction = detectGitAction(rawAction.command);
+        if (gitAction) {
+            action = gitAction;
+            target = extractBranch(rawAction.command) || target;
+        }
+    }
+    return {
+        action,
+        target,
+        agent: rawAction.agent || 'unknown',
+        branch: rawAction.branch || extractBranch(rawAction.command) || undefined,
+        command: rawAction.command || undefined,
+        filesAffected: rawAction.filesAffected || undefined,
+        metadata: rawAction.metadata || undefined,
+        destructive: action === 'shell.exec' && isDestructiveCommand(rawAction.command || ''),
+    };
+}
+export function authorize(rawAction, policies) {
+    const intent = normalizeIntent(rawAction);
+    const events = [];
+    if (intent.destructive) {
+        const result = {
+            allowed: false,
+            decision: 'deny',
+            matchedRule: null,
+            matchedPolicy: null,
+            reason: `Destructive command detected: ${intent.command}`,
+            severity: 5,
+        };
+        events.push(createEvent(UNAUTHORIZED_ACTION, {
+            action: intent.action,
+            reason: result.reason,
+            agentId: intent.agent,
+            scope: intent.target,
+        }));
+        return { intent, result, events };
+    }
+    const result = evaluate(intent, policies);
+    if (!result.allowed) {
+        if (result.matchedPolicy) {
+            events.push(createEvent(POLICY_DENIED, {
+                policy: result.matchedPolicy.id,
+                action: intent.action,
+                reason: result.reason,
+                agentId: intent.agent,
+                file: intent.target,
+            }));
+        }
+        else {
+            events.push(createEvent(UNAUTHORIZED_ACTION, {
+                action: intent.action,
+                reason: result.reason,
+                agentId: intent.agent,
+                scope: intent.target,
+            }));
+        }
+    }
+    // Blast radius computation engine (Phase 2)
+    // Computes a weighted score from action type, path sensitivity, and file count,
+    // then checks against the tightest policy limit.
+    let blastRadius;
+    let tightestLimit = Infinity;
+    for (const policy of policies) {
+        for (const rule of policy.rules) {
+            if (rule.conditions?.limit !== undefined) {
+                tightestLimit = Math.min(tightestLimit, rule.conditions.limit);
+            }
+        }
+    }
+    if (tightestLimit < Infinity) {
+        blastRadius = computeBlastRadius(intent, tightestLimit);
+        if (blastRadius.exceeded) {
+            events.push(createEvent(BLAST_RADIUS_EXCEEDED, {
+                filesAffected: blastRadius.rawCount,
+                weightedScore: blastRadius.weightedScore,
+                riskLevel: blastRadius.riskLevel,
+                factors: blastRadius.factors.map((f) => f.reason),
+                limit: tightestLimit,
+                action: intent.action,
+            }));
+        }
+    }
+    return { intent, result, events, blastRadius };
+}
+export { detectGitAction, isDestructiveCommand };
+//# sourceMappingURL=aab.js.map

package/dist/kernel/aab.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"aab.js","sourceRoot":"","sources":["../../src/kernel/aab.ts"],"names":[],"mappings":"AAAA,sCAAsC;AACtC,gEAAgE;AAChE,uDAAuD;AAGvD,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAElD,OAAO,EACL,WAAW,EACX,aAAa,EACb,mBAAmB,EACnB,qBAAqB,GACtB,MAAM,qBAAqB,CAAC;AAC7B,OAAO,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAsBvD,MAAM,eAAe,GAA2B;IAC9C,KAAK,EAAE,YAAY;IACnB,IAAI,EAAE,YAAY;IAClB,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,YAAY;IAClB,IAAI,EAAE,WAAW;IACjB,IAAI,EAAE,WAAW;CAClB,CAAC;AAEF,SAAS,eAAe,CAAC,OAAe;IACtC,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IAEzD,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,CAAC;IAE/B,IAAI,0BAA0B,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,qBAAqB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACpF,OAAO,gBAAgB,CAAC;IAC1B,CAAC;IACD,IAAI,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC;QAAE,OAAO,UAAU,CAAC;IACtD,IAAI,0BAA0B,CAAC,IAAI,CAAC,OAAO,CAAC;QAAE,OAAO,mBAAmB,CAAC;IACzE,IAAI,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC;QAAE,OAAO,WAAW,CAAC;IACxD,IAAI,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC;QAAE,OAAO,YAAY,CAAC;IAE1D,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,oBAAoB,CAAC,OAAe;IAC3C,IAAI,CAAC,OAAO,IAAI,OAAO,OAAO,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAE1D,MAAM,QAAQ,GAAG;QACf,cAAc;QACd,aAAa;QACb,sBAAsB;QACtB,iBAAiB;QACjB,YAAY;QACZ,UAAU;QACV,oBAAoB;QACpB,eAAe;QACf,YAAY;QACZ,sBAAsB;QACtB,mBAAmB;KACpB,CAAC;IAEF,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AAC/C,CAAC;AAED,SAAS,aAAa,CAAC,OAA2B;IAChD,IAAI,CAAC,OAAO;QAAE,OAAO,IAAI,CAAC;IAC1B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;IAC1D,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,eAAe,CAAC,SAAgC;IAC9D,IAAI,CAAC,SAAS,IAAI,OAAO,SAAS,KAAK,QAAQ,EAAE,CAAC;QAChD,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC;IACjF,CAAC;IAED,MAAM,IAAI,GAAG,SAAS,CAAC,IAAI,IAAI,EAAE,CAAC;IAClC,IAAI,MAAM,GAAG,eAAe,CAAC,IAAI,CAAC,IAAI,SAAS,CAAC;IAChD,IAAI,MAAM,GAAG,SAAS,CAAC,IAAI,IAAI,SAAS,CAAC,MAAM,IAAI,EAAE,CAAC;IAEtD,IAAI,MAAM,KAAK,YAAY,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;QACjD,MAAM,SAAS,GAAG,eAAe,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QACrD,IAAI,SAAS,EAAE,CAAC;YACd,MAAM,GAAG,SAAS,CAAC;YACnB,MAAM,GAAG,aAAa,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC;QACtD,CAAC;IACH,CAAC;IAED,OAAO;QACL,MAAM;QACN,MAAM;QACN,KAAK,EAAE,SAAS,CAAC,KAAK,IAAI,SAAS;QACnC,MAAM,EAAE,SAAS,CAAC,MAAM,IAAI,aAAa,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,SAAS;QACzE,OAAO,EAAE,SAAS,CAAC,OAAO,IAAI,SAAS;QACvC,aAAa,EAAE,SAAS,CAAC,aAAa,IAAI,SAAS;QACnD,QAAQ,EAAE,SAAS,CAAC,QAAQ,IAAI,SAAS;QACzC,WAAW,EAAE,MAAM,KAAK,YAAY,IAAI,oBAAoB,CAAC,SAAS,CAAC,OAAO,IAAI,EAAE,CAAC;KACtF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,SAAS,CACvB,SAAgC,EAChC,QAAwB;IAExB,MAAM,MAAM,GAAG,eAAe,CAAC,SAAS,CAAC,CAAC;IAC1C,MAAM,MAAM,GAAkB,EAAE,CAAC;IAEjC,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;QACvB,MAAM,MAAM,GAAe;YACzB,OAAO,EAAE,KAAK;YACd,QAAQ,EAAE,MAAM;YAChB,WAAW,EAAE,IAAI;YACjB,aAAa,EAAE,IAAI;YACnB,MAAM,EAAE,iCAAiC,MAAM,CAAC,OAAO,EAAE;YACzD,QAAQ,EAAE,CAAC;SACZ,CAAC;QAEF,MAAM,CAAC,IAAI,CACT,WAAW,CAAC,mBAAmB,EAAE;YAC/B,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,OAAO,EAAE,MAAM,CAAC,KAAK;YACrB,KAAK,EAAE,MAAM,CAAC,MAAM;SACrB,CAAC,CACH,CAAC;QAEF,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;IACpC,CAAC;IAED,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAE1C,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;YACzB,MAAM,CAAC,IAAI,CACT,WAAW,CAAC,aAAa,EAAE;gBACzB,MAAM,EAAE,MAAM,CAAC,aAAa,CAAC,EAAE;gBAC/B,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,OAAO,EAAE,MAAM,CAAC,KAAK;gBACrB,IAAI,EAAE,MAAM,CAAC,MAAM;aACpB,CAAC,CACH,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,IAAI,CACT,WAAW,CAAC,mBAAmB,EAAE;gBAC/B,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,OAAO,EAAE,MAAM,CAAC,KAAK;gBACrB,KAAK,EAAE,MAAM,CAAC,MAAM;aACrB,CAAC,CACH,CAAC;QACJ,CAAC;IACH,CAAC;IAED,4CAA4C;IAC5C,gFAAgF;IAChF,iDAAiD;IACjD,IAAI,WAA0C,CAAC;IAE/C,IAAI,aAAa,GAAG,QAAQ,CAAC;IAC7B,KAAK,MAAM,MAAM,IAAI,QAAQ,EAAE,CAAC;QAC9B,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YAChC,IAAI,IAAI,CAAC,UAAU,EAAE,KAAK,KAAK,SAAS,EAAE,CAAC;gBACzC,aAAa,GAAG,IAAI,CAAC,GAAG,CAAC,aAAa,EAAE,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;YACjE,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,aAAa,GAAG,QAAQ,EAAE,CAAC;QAC7B,WAAW,GAAG,kBAAkB,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;QAExD,IAAI,WAAW,CAAC,QAAQ,EAAE,CAAC;YACzB,MAAM,CAAC,IAAI,CACT,WAAW,CAAC,qBAAqB,EAAE;gBACjC,aAAa,EAAE,WAAW,CAAC,QAAQ;gBACnC,aAAa,EAAE,WAAW,CAAC,aAAa;gBACxC,SAAS,EAAE,WAAW,CAAC,SAAS;gBAChC,OAAO,EAAE,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC;gBACjD,KAAK,EAAE,aAAa;gBACpB,MAAM,EAAE,MAAM,CAAC,MAAM;aACtB,CAAC,CACH,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,WAAW,EAAE,CAAC;AACjD,CAAC;AAED,OAAO,EAAE,eAAe,EAAE,oBAAoB,EAAE,CAAC"}