@sanity/ailf 2.7.0 → 2.8.0

package/dist/_vendor/ailf-core/types/index.d.ts

@@ -9,9 +9,10 @@
  * Ports & Adapters migration (Phase 0c). The original file is now a
  * re-export barrel that preserves backward compatibility.
  */
-import type { DocumentRef as _DocumentRef, EvalMode } from "../../ailf-shared/index.d.ts";
+import type { DocumentRef as _DocumentRef, EvalMode, RunContext } from "../../ailf-shared/index.d.ts";
+import type { RunId } from "./branded-ids.js";
 export type { ActualScoreEntry, ComponentResult, TestResult, UrlMetadata, } from "./scoring-input.js";
-export type { DocumentRef } from "../../ailf-shared/index.d.ts";
+export type { DocumentRef, RunContext, RunTrigger } from "../../ailf-shared/index.d.ts";
 export type { StoredBaseline, StoredReport, StoredRun, StoredTaskResult, StoredTrace, SchemaVersioned, } from "./storage-schema.js";
 export { CURRENT_SCHEMA_VERSION, isSchemaVersioned, migrateDocument, } from "./storage-schema.js";
 export type { AssertionRegistration, FixtureResolverRegistration, ModeBase, ModeRegistration, PluginManifest, PluginRegistry, PresetDefinition, ReportSinkRegistration, RubricTemplateRegistration, } from "./plugin-registry.js";
@@ -22,7 +23,7 @@ export type { DependencyEdge, ResolvedFixture, TaskGraph, TaskNode, } from "./ta
 export type { VariableDeclaration, VariableEnvelope, VariableProvenance, VariableSource, } from "./variable-envelope.js";
 export type { EvalTrace, ToolCallCategory, ToolCallRecord, TraceEvent, TraceSpan, TraceTokenUsage, } from "./trace.js";
 export type { ArtifactId, Brand, Err, FixtureId, IdValidationError, NewReportId, Ok, ProviderId, PromptId, Result, ResultId, RubricId, RunFingerprint, RunId, SuiteId, TaskId, TaskSlug, TraceId, } from "./branded-ids.js";
-export { err, fixtureId, ok, providerId, resultId, runId, suiteId, taskId, traceId, } from "./branded-ids.js";
+export { err, fixtureId, generateRunId, ok, providerId, resultId, runId, suiteId, taskId, traceId, } from "./branded-ids.js";
 export type { AgentHarnessTaskDefinition, CustomTaskDefinition, GeneralizedAssertionDefinition, GeneralizedDocRef, GeneralizedTaskDefinition, GeneralizedTemplatedAssertion, GeneralizedValueAssertion, IdDocRef, KnowledgeProbeTaskDefinition, LiteracyTaskDefinition, MCPServerTaskDefinition, PathDocRef, PerspectiveDocRef, RubricRef, SlugDocRef, TaskCommonFields, TaskDifficulty, TaskOptions, TaskProviderConfig, TaskStatus, } from "./generalized-task.js";
 type DocumentRef = _DocumentRef;
 /** Aggregated retrieval metrics for a feature area */
@@ -309,8 +310,13 @@ export interface StoredTestResult {
      * API error, or refusal). Same semantics as GraderJudgment.outputFailure.
      */
     outputFailure?: boolean;
-    /** The model's generated code/response (truncated to 8000 chars) */
-    responseOutput: string;
+    /**
+     * The model's generated code/response (truncated to 8000 chars).
+     * Populated by the scoring step and used by uploadTestOutputs. Stripped
+     * from the inline shape after upload (D0030) — the full value lives in
+     * the GCS artifact, keyed by `{taskId}::{modelId}`.
+     */
+    responseOutput?: string;
     /** True when responseOutput was truncated from a longer response */
     responseOutputTruncated?: boolean;
     /** Task description (e.g. "Functions - Webhook handler (gold)") */
@@ -531,6 +537,19 @@ export interface PromptfooUrlEntry {
  * only matter during a single pipeline execution.
  */
 export interface PipelineState {
+    /**
+     * Artifact refs produced by upstream steps during the run.
+     * Populated incrementally (CalculateScoresStep writes testOutputs; future
+     * steps will write renderedPrompts, traces, etc.). Read by FinalizeRunStep
+     * to build the `RunManifest.artifacts` catalog.
+     */
+    artifactRefs?: Partial<ArtifactManifest>;
+    /**
+     * The run manifest, finalized and written to `runs/{runId}/manifest.json`.
+     * Populated by FinalizeRunStep. Consumed by PublishReportStep to snapshot
+     * the `artifacts` slice into `Report.artifactManifest` (D0032).
+     */
+    runManifest?: RunManifest;
     /** Report ID generated by PublishReportStep, consumed by CallbackStep + orchestrator job update */
     reportId?: string;
     /** Eval fingerprint computed by RunEvalStep, consumed by PublishReportStep */
@@ -1157,23 +1176,52 @@ export interface PublishResult {
         result: SinkResult;
     }[];
 }
-/** Reference to an artifact in external object storage (GCS). See D0030. */
+/**
+ * Reference to an artifact in external object storage (GCS). See D0032.
+ *
+ * `layout` determines the on-disk shape:
+ *   - `"bulk"` — a single object at `path`. `entries` is absent.
+ *   - `"per-entry"` — `path` is a directory prefix. Each entry is a
+ *     separate object at `{path}/{sanitizedKey}.json`. `entries` inlines
+ *     the catalog so consumers can render drill-down states without a
+ *     second list call.
+ */
 export interface ArtifactRef {
     store: "gcs";
     bucket: string;
     path: string;
     bytes?: number;
     entryCount?: number;
+    layout: "bulk" | "per-entry";
+    entries?: {
+        key: string;
+        bytes: number;
+    }[];
+}
+/**
+ * Catalog of artifact refs produced by a single pipeline run.
+ *
+ * Lives on `RunManifest.artifacts` (source of truth in GCS) and is
+ * snapshotted onto `Report.artifactManifest` at publish time.
+ */
+export interface ArtifactManifest {
+    testOutputs?: ArtifactRef;
+    renderedPrompts?: ArtifactRef;
+    rawResults?: ArtifactRef;
+    graderPrompts?: ArtifactRef;
+    taskDefinitions?: ArtifactRef;
+    evalResults?: ArtifactRef;
+    traces?: ArtifactRef;
 }
 /** A published evaluation report — the atomic unit of the report store */
 export interface Report {
-    /** External artifact references — set by publish step when uploader is available (D0030) */
-    artifacts?: {
-        testOutputs?: ArtifactRef;
-        renderedPrompts?: ArtifactRef;
-        rawResults?: ArtifactRef;
-        traces?: ArtifactRef;
-    };
+    /**
+     * Snapshot of the run manifest's `artifacts` slice at publish time (D0032).
+     * The source of truth lives in `gs://…/runs/{runId}/manifest.json`; this
+     * field denormalizes enough information for Studio to render drill-down
+     * states without an extra manifest fetch.
+     */
+    artifactManifest?: ArtifactManifest;
     /** Optional auto-comparison against the most recent comparable report */
     comparison?: ComparisonReport;
     /** When the evaluation completed */
@@ -1234,76 +1282,75 @@ export interface ReportLineage {
      */
     rerunOf?: ReportId;
 }
-/** Full provenance metadata for an evaluation report */
-export interface ReportProvenance {
-    /** Which feature areas were evaluated */
-    areas: string[];
+/**
+ * Full provenance metadata for an evaluation report.
+ *
+ * Inherits the 9 run-description fields (mode, areas, taskIds, models,
+ * graderModel, source, evalFingerprint, trigger, git) from `RunContext`.
+ * Adding a field to `RunContext` makes it available here automatically —
+ * the structural extension is the drift-prevention mechanism described in
+ * D0032 § "Drift Prevention".
+ */
+export interface ReportProvenance extends RunContext {
     /** Release auto-scope metadata (when perspective evaluation was scoped to affected tasks) */
     autoScope?: ReportAutoScope;
     /** Content hash of the documentation context at eval time */
     contextHash?: string;
-    /**
-     * Evaluation fingerprint — SHA-256 of all inputs that affect eval output.
-     * Used for cross-environment cache lookup (CI → Content Lake).
-     * @see docs/design-docs/content-lake-eval-caching.md
-     */
-    evalFingerprint?: string;
-    /** Git metadata (when run from CI) */
-    git?: {
-        branch: string;
-        prNumber?: number;
-        repo: string;
-        sha: string;
-    };
-    /** Grader model used for scoring */
-    graderModel: string;
     /** Typed relationships with other reports (re-run, comparison) */
     lineage?: ReportLineage;
-    /** Evaluation mode */
-    mode: EvalMode;
-    /** Models under evaluation */
-    models: {
-        id: string;
-        label: string;
-    }[];
     /** @deprecated Use `promptfooUrls` — kept for backward compatibility */
     promptfooUrl?: string;
     /** Per-mode Promptfoo share URLs (one per sub-eval that produced a shareable link) */
     promptfooUrls?: PromptfooUrlEntry[];
-    /** Documentation source configuration */
-    source: {
-        baseUrl: string;
-        dataset?: string;
-        name: string;
-        perspective?: string;
-        projectId?: string;
-    };
+    /**
+     * Identity of the pipeline run that produced this report. Links the
+     * Content Lake document back to the GCS run manifest and its artifacts.
+     * @see docs/decisions/D0032-run-anchored-artifact-store.md
+     */
+    runId: RunId;
     /** Sanity document IDs that were targeted (if using --sanity-document) */
     targetDocuments?: string[];
-    /** Which specific task IDs were evaluated (if scoped) */
-    taskIds?: string[];
-    /** What initiated this evaluation */
-    trigger: ReportTrigger;
 }
-/** What triggered this evaluation */
-export type ReportTrigger = {
-    type: "ci";
-    runId: string;
-    workflow: string;
-} | {
-    type: "cross-repo";
-    callerRef?: string;
-    callerRepo: string;
-} | {
-    type: "manual";
-} | {
-    type: "scheduled";
-    schedule: string;
-} | {
-    type: "webhook";
-    documentId?: string;
-    source: string;
-};
+/**
+ * A run's manifest in GCS (`runs/{runId}/manifest.json`). Source of truth
+ * for artifact locations, run identity, and outcome. Reports snapshot the
+ * `artifacts` slice into `Report.artifactManifest` at publish time.
+ *
+ * Written once by `FinalizeRunStep`; `reportIds` may be appended by
+ * `PublishReportStep` via strongly-consistent GCS overwrite.
+ */
+export interface RunManifest {
+    /** Schema version — bumped when the manifest shape changes */
+    version: 1;
+    /** Identity for this pipeline run */
+    runId: RunId;
+    /** When the manifest was written (pipeline finalization time) */
+    createdAt: ISOTimestamp;
+    /** Total pipeline duration */
+    durationMs: number;
+    /** Outcome of the run */
+    status: "completed" | "failed" | "partial";
+    /** Failure classification when status is not "completed" */
+    failureReason?: PipelineFailureReason;
+    /** What ran — shared shape with ReportProvenance */
+    context: RunContext;
+    /** Run-level aggregates (self-describing without a report) */
+    outcomes?: {
+        testSummary?: TestSummary;
+        usage?: PipelineUsage;
+        cache?: {
+            hits: number;
+            misses: number;
+            skipped: number;
+        };
+    };
+    /** Reports published from this run (0..N). Authoritative link is Report.provenance.runId. */
+    reportIds?: ReportId[];
+    /** Promptfoo share URLs collected during the run */
+    promptfooUrls?: PromptfooUrlEntry[];
+    /** Artifact catalog — per-type refs with inline per-entry indexes */
+    artifacts: ArtifactManifest;
+}
 /** Health check result for a sink */
 export type SinkHealthStatus = {
     healthy: false;

package/dist/_vendor/ailf-core/types/index.js

@@ -16,7 +16,7 @@ export { InMemoryPluginRegistry } from "./plugin-registry.js";
 // version is used internally by LiteracyModeConfig. If consumers need
 // the mode-specific version, they import from "./eval-mode-config.js".
 export { evalModeType } from "./eval-mode-config.js";
-export { err, fixtureId, ok, providerId, resultId, runId, suiteId, taskId, traceId, } from "./branded-ids.js";
+export { err, fixtureId, generateRunId, ok, providerId, resultId, runId, suiteId, taskId, traceId, } from "./branded-ids.js";
 // ---------------------------------------------------------------------------
 // Comparison (Approach 2: structured comparison output)
 // ---------------------------------------------------------------------------

package/dist/_vendor/ailf-shared/index.d.ts

@@ -13,3 +13,5 @@ export * from "./document-ref.js";
 export * from "./score-grades.js";
 export * from "./noise-threshold.js";
 export * from "./eval-modes.js";
+export * from "./run-trigger.js";
+export * from "./run-context.js";

package/dist/_vendor/ailf-shared/index.js

@@ -13,3 +13,5 @@ export * from "./document-ref.js";
 export * from "./score-grades.js";
 export * from "./noise-threshold.js";
 export * from "./eval-modes.js";
+export * from "./run-trigger.js";
+export * from "./run-context.js";

package/dist/_vendor/ailf-shared/run-context.d.ts

@@ -0,0 +1,55 @@
+/**
+ * RunContext — the set of fields that describe an AILF pipeline run.
+ *
+ * This is the single source of truth for run-description data. Both
+ * `RunManifest.context` (in GCS, written by FinalizeRunStep) and
+ * `ReportProvenance` (in Content Lake, built by PublishReportStep)
+ * carry this shape. `ReportProvenance extends RunContext` to
+ * structurally enforce parity — adding a field here becomes a
+ * compile-time failure until every consumer threads it through.
+ *
+ * Fields are alphabetized to match the surrounding codebase convention
+ * (see `ReportProvenance` in `@sanity/ailf-core`).
+ *
+ * @see docs/decisions/D0032-run-anchored-artifact-store.md
+ * @see docs/design-docs/run-artifact-store.md (§ Drift Prevention)
+ */
+import type { EvalMode } from "./eval-modes.js";
+import type { RunTrigger } from "./run-trigger.js";
+export interface RunContext {
+    /** Which feature areas were evaluated */
+    areas: string[];
+    /**
+     * Evaluation fingerprint — SHA-256 of all inputs that affect eval output.
+     * Used for cross-environment cache lookup (CI → Content Lake).
+     */
+    evalFingerprint?: string;
+    /** Git metadata (when run from CI) */
+    git?: {
+        branch: string;
+        prNumber?: number;
+        repo: string;
+        sha: string;
+    };
+    /** Grader model used for scoring */
+    graderModel: string;
+    /** Evaluation mode */
+    mode: EvalMode;
+    /** Models under evaluation */
+    models: {
+        id: string;
+        label: string;
+    }[];
+    /** Documentation source configuration */
+    source: {
+        baseUrl: string;
+        dataset?: string;
+        name: string;
+        perspective?: string;
+        projectId?: string;
+    };
+    /** Specific task IDs evaluated when scoped to a subset */
+    taskIds?: string[];
+    /** What initiated this run */
+    trigger: RunTrigger;
+}

package/dist/_vendor/ailf-shared/run-context.js

@@ -0,0 +1,17 @@
+/**
+ * RunContext — the set of fields that describe an AILF pipeline run.
+ *
+ * This is the single source of truth for run-description data. Both
+ * `RunManifest.context` (in GCS, written by FinalizeRunStep) and
+ * `ReportProvenance` (in Content Lake, built by PublishReportStep)
+ * carry this shape. `ReportProvenance extends RunContext` to
+ * structurally enforce parity — adding a field here becomes a
+ * compile-time failure until every consumer threads it through.
+ *
+ * Fields are alphabetized to match the surrounding codebase convention
+ * (see `ReportProvenance` in `@sanity/ailf-core`).
+ *
+ * @see docs/decisions/D0032-run-anchored-artifact-store.md
+ * @see docs/design-docs/run-artifact-store.md (§ Drift Prevention)
+ */
+export {};

package/dist/_vendor/ailf-shared/run-trigger.d.ts

@@ -0,0 +1,30 @@
+/**
+ * RunTrigger — what initiated a pipeline run.
+ *
+ * Lives in shared so it can be referenced from RunContext (the single
+ * source of truth for run-description fields) and consumed by both
+ * RunManifest (GCS) and ReportProvenance (Content Lake) without creating
+ * a core → core cycle.
+ *
+ * The `ci.runId` field is the external workflow run identifier (e.g.
+ * GitHub Actions run ID). It is unrelated to the pipeline-level `RunId`
+ * brand in `@sanity/ailf-core`, which identifies an AILF pipeline run.
+ */
+export type RunTrigger = {
+    type: "ci";
+    runId: string;
+    workflow: string;
+} | {
+    type: "cross-repo";
+    callerRef?: string;
+    callerRepo: string;
+} | {
+    type: "manual";
+} | {
+    type: "scheduled";
+    schedule: string;
+} | {
+    type: "webhook";
+    documentId?: string;
+    source: string;
+};

package/dist/_vendor/ailf-shared/run-trigger.js

@@ -0,0 +1,13 @@
+/**
+ * RunTrigger — what initiated a pipeline run.
+ *
+ * Lives in shared so it can be referenced from RunContext (the single
+ * source of truth for run-description fields) and consumed by both
+ * RunManifest (GCS) and ReportProvenance (Content Lake) without creating
+ * a core → core cycle.
+ *
+ * The `ci.runId` field is the external workflow run identifier (e.g.
+ * GitHub Actions run ID). It is unrelated to the pipeline-level `RunId`
+ * brand in `@sanity/ailf-core`, which identifies an AILF pipeline run.
+ */
+export {};

package/dist/artifact-capture/api-gateway-artifact-writer.d.ts

@@ -0,0 +1,39 @@
+/**
+ * ApiGatewayArtifactWriter — uploads AILF run artifacts via the API Gateway.
+ *
+ * Used when the CLI runs locally without GCS credentials. The Gateway signs a
+ * PUT URL (scoped to a single GCS object) and the writer PUTs JSON directly
+ * to GCS so Vercel stays out of the data path.
+ *
+ * Endpoints:
+ *   - Bulk:      GET  {apiBaseUrl}/v1/runs/{runId}/artifacts/{type}/upload-url
+ *   - Per-entry: GET  {apiBaseUrl}/v1/runs/{runId}/artifacts/{type}/{entryKey}/upload-url
+ *   - Manifest:  GET  {apiBaseUrl}/v1/runs/{runId}/artifacts/manifest/upload-url
+ *
+ * The Gateway routes are wired in Phase 10 (W0047).
+ *
+ * Design principles:
+ * - P5: Non-blocking — any failure returns null and warns, never throws.
+ * - Stateless — no client state between calls.
+ *
+ * @see docs/decisions/D0032-run-anchored-artifact-store.md
+ */
+import { type ArtifactEntry, type ArtifactRef, type ArtifactType, type ArtifactWriter, type RunId, type RunManifest } from "../_vendor/ailf-core/index.d.ts";
+export interface ApiGatewayArtifactWriterOptions {
+    /** Base URL of the API gateway (e.g., "https://ailf-api.sanity.build"). */
+    apiBaseUrl: string;
+    /** AILF API key with the `artifact:write` scope. */
+    apiKey: string;
+    /** GCS bucket name — included in the returned ArtifactRef. */
+    bucket: string;
+}
+export declare class ApiGatewayArtifactWriter implements ArtifactWriter {
+    private readonly options;
+    constructor(options: ApiGatewayArtifactWriterOptions);
+    writeBulk(type: ArtifactType, runId: RunId, data: unknown): Promise<ArtifactRef | null>;
+    writePerEntry(type: ArtifactType, runId: RunId, entries: readonly ArtifactEntry[]): Promise<ArtifactRef | null>;
+    writeManifest(runId: RunId, manifest: RunManifest): Promise<ArtifactRef | null>;
+    private putJson;
+    private putJsonRaw;
+    private fetchSignedUrl;
+}

package/dist/artifact-capture/api-gateway-artifact-writer.js

@@ -0,0 +1,148 @@
+/**
+ * ApiGatewayArtifactWriter — uploads AILF run artifacts via the API Gateway.
+ *
+ * Used when the CLI runs locally without GCS credentials. The Gateway signs a
+ * PUT URL (scoped to a single GCS object) and the writer PUTs JSON directly
+ * to GCS so Vercel stays out of the data path.
+ *
+ * Endpoints:
+ *   - Bulk:      GET  {apiBaseUrl}/v1/runs/{runId}/artifacts/{type}/upload-url
+ *   - Per-entry: GET  {apiBaseUrl}/v1/runs/{runId}/artifacts/{type}/{entryKey}/upload-url
+ *   - Manifest:  GET  {apiBaseUrl}/v1/runs/{runId}/artifacts/manifest/upload-url
+ *
+ * The Gateway routes are wired in Phase 10 (W0047).
+ *
+ * Design principles:
+ * - P5: Non-blocking — any failure returns null and warns, never throws.
+ * - Stateless — no client state between calls.
+ *
+ * @see docs/decisions/D0032-run-anchored-artifact-store.md
+ */
+import { ARTIFACT_REGISTRY, } from "../_vendor/ailf-core/index.js";
+export class ApiGatewayArtifactWriter {
+    options;
+    constructor(options) {
+        this.options = options;
+    }
+    async writeBulk(type, runId, data) {
+        const uploadUrlPath = `/v1/runs/${encodeURIComponent(runId)}/artifacts/${encodeURIComponent(type)}/upload-url`;
+        return this.putJson(uploadUrlPath, data, {
+            layout: "bulk",
+            entryCount: entryCountOf(data),
+        });
+    }
+    async writePerEntry(type, runId, entries) {
+        const descriptor = ARTIFACT_REGISTRY[type];
+        if (!descriptor.parseEntryKey) {
+            console.warn(`  ⚠️  writePerEntry called for "${type}" but the registry has no parseEntryKey`);
+            return null;
+        }
+        const uploaded = [];
+        let totalBytes = 0;
+        let bucket = this.options.bucket;
+        for (const entry of entries) {
+            const parsed = descriptor.parseEntryKey(entry.key);
+            if (!parsed.ok) {
+                console.warn(`  ⚠️  Skipping entry with invalid key "${entry.key}": ${parsed.reason}`);
+                continue;
+            }
+            const uploadUrlPath = `/v1/runs/${encodeURIComponent(runId)}/artifacts/${encodeURIComponent(type)}/${encodeURIComponent(entry.key)}/upload-url`;
+            const result = await this.putJsonRaw(uploadUrlPath, entry.data);
+            if (!result)
+                continue;
+            bucket = result.bucket;
+            uploaded.push({ key: entry.key, bytes: result.bytes });
+            totalBytes += result.bytes;
+        }
+        if (uploaded.length === 0)
+            return null;
+        return {
+            store: "gcs",
+            bucket,
+            path: `runs/${runId}/${descriptor.slug}`,
+            bytes: totalBytes,
+            entryCount: uploaded.length,
+            layout: "per-entry",
+            entries: uploaded,
+        };
+    }
+    async writeManifest(runId, manifest) {
+        const uploadUrlPath = `/v1/runs/${encodeURIComponent(runId)}/artifacts/manifest/upload-url`;
+        return this.putJson(uploadUrlPath, manifest, { layout: "bulk" });
+    }
+    async putJson(uploadUrlPath, data, meta) {
+        const result = await this.putJsonRaw(uploadUrlPath, data);
+        if (!result)
+            return null;
+        return {
+            store: "gcs",
+            bucket: result.bucket,
+            path: result.path,
+            bytes: result.bytes,
+            entryCount: meta.entryCount,
+            layout: meta.layout,
+        };
+    }
+    async putJsonRaw(uploadUrlPath, data) {
+        const json = JSON.stringify(data);
+        const bytes = Buffer.byteLength(json, "utf-8");
+        try {
+            const signed = await this.fetchSignedUrl(uploadUrlPath);
+            if (!signed)
+                return null;
+            const putRes = await fetch(signed.url, {
+                body: json,
+                headers: signed.requiredHeaders,
+                method: "PUT",
+            });
+            if (!putRes.ok) {
+                console.warn(`  ⚠️  Artifact upload failed (non-blocking): ${signed.path} — GCS PUT ${putRes.status} ${putRes.statusText}`);
+                return null;
+            }
+            return { bucket: signed.bucket, path: signed.path, bytes };
+        }
+        catch (err) {
+            const message = err instanceof Error ? err.message : String(err);
+            console.warn(`  ⚠️  Artifact upload failed (non-blocking): ${uploadUrlPath} — ${message}`);
+            return null;
+        }
+    }
+    async fetchSignedUrl(uploadUrlPath) {
+        const url = `${this.options.apiBaseUrl.replace(/\/$/, "")}${uploadUrlPath}`;
+        const res = await fetch(url, {
+            headers: { Authorization: `Bearer ${this.options.apiKey}` },
+            method: "GET",
+        });
+        if (!res.ok) {
+            console.warn(`  ⚠️  Signed-URL request failed: ${res.status} ${res.statusText}`);
+            return null;
+        }
+        const body = (await res.json());
+        if (body.object !== "signed_upload_url" ||
+            typeof body.url !== "string" ||
+            typeof body.path !== "string" ||
+            typeof body.bucket !== "string" ||
+            !body.requiredHeaders) {
+            console.warn(`  ⚠️  Signed-URL response was malformed`);
+            return null;
+        }
+        return {
+            bucket: body.bucket,
+            method: "PUT",
+            object: "signed_upload_url",
+            path: body.path,
+            requiredHeaders: body.requiredHeaders,
+            url: body.url,
+        };
+    }
+}
+function entryCountOf(data) {
+    if (typeof data === "object" &&
+        data !== null &&
+        "entries" in data &&
+        typeof data.entries === "object") {
+        return Object.keys(data.entries)
+            .length;
+    }
+    return undefined;
+}

package/dist/artifact-capture/gcs-artifact-writer.d.ts

@@ -0,0 +1,30 @@
+/**
+ * GcsArtifactWriter — writes AILF run artifacts + manifest directly to GCS.
+ *
+ * Uses Application Default Credentials (ADC). Used when the CLI runs in CI or
+ * anywhere ADC is configured — the client talks to GCS without the API Gateway
+ * acting as a middleman.
+ *
+ * Paths come from `ARTIFACT_REGISTRY` so writers, signers, and readers agree.
+ *
+ * Design principles:
+ * - P5: Non-blocking — upload failure returns null, never throws.
+ * - Lazy client — Storage created on first write.
+ *
+ * @see docs/decisions/D0032-run-anchored-artifact-store.md
+ */
+import { type ArtifactEntry, type ArtifactRef, type ArtifactType, type ArtifactWriter, type RunId, type RunManifest } from "../_vendor/ailf-core/index.d.ts";
+export interface GcsArtifactWriterOptions {
+    /** GCS bucket name (e.g., "ailf-artifacts") */
+    bucket: string;
+}
+export declare class GcsArtifactWriter implements ArtifactWriter {
+    private client;
+    private readonly options;
+    constructor(options: GcsArtifactWriterOptions);
+    writeBulk(type: ArtifactType, runId: RunId, data: unknown): Promise<ArtifactRef | null>;
+    writePerEntry(type: ArtifactType, runId: RunId, entries: readonly ArtifactEntry[]): Promise<ArtifactRef | null>;
+    writeManifest(runId: RunId, manifest: RunManifest): Promise<ArtifactRef | null>;
+    private putJson;
+    private getClient;
+}