@shepai/cli 1.171.0-pr527.e2ee839 → 1.172.0-pr528.108a424

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (501) hide show
  1. package/apis/json-schema/AgentType.yaml +1 -0
  2. package/apis/json-schema/Settings.yaml +0 -3
  3. package/dist/packages/core/src/application/ports/output/agents/agent-executor.interface.d.ts +1 -15
  4. package/dist/packages/core/src/application/ports/output/agents/agent-executor.interface.d.ts.map +1 -1
  5. package/dist/packages/core/src/application/ports/output/agents/feature-agent-process.interface.d.ts +1 -3
  6. package/dist/packages/core/src/application/ports/output/agents/feature-agent-process.interface.d.ts.map +1 -1
  7. package/dist/packages/core/src/application/ports/output/services/github-repository-service.interface.d.ts +0 -38
  8. package/dist/packages/core/src/application/ports/output/services/github-repository-service.interface.d.ts.map +1 -1
  9. package/dist/packages/core/src/application/ports/output/services/github-repository-service.interface.js +0 -9
  10. package/dist/packages/core/src/application/ports/output/services/spec-initializer.interface.d.ts +0 -11
  11. package/dist/packages/core/src/application/ports/output/services/spec-initializer.interface.d.ts.map +1 -1
  12. package/dist/packages/core/src/application/use-cases/agents/approve-agent-run.use-case.d.ts.map +1 -1
  13. package/dist/packages/core/src/application/use-cases/agents/approve-agent-run.use-case.js +0 -2
  14. package/dist/packages/core/src/application/use-cases/agents/reject-agent-run.use-case.d.ts.map +1 -1
  15. package/dist/packages/core/src/application/use-cases/agents/reject-agent-run.use-case.js +0 -2
  16. package/dist/packages/core/src/application/use-cases/features/check-and-unblock-features.use-case.d.ts.map +1 -1
  17. package/dist/packages/core/src/application/use-cases/features/check-and-unblock-features.use-case.js +0 -2
  18. package/dist/packages/core/src/application/use-cases/features/create/create-feature.use-case.d.ts.map +1 -1
  19. package/dist/packages/core/src/application/use-cases/features/create/create-feature.use-case.js +0 -1
  20. package/dist/packages/core/src/application/use-cases/features/resume-feature.use-case.d.ts.map +1 -1
  21. package/dist/packages/core/src/application/use-cases/features/resume-feature.use-case.js +0 -2
  22. package/dist/packages/core/src/application/use-cases/features/start-feature.use-case.d.ts.map +1 -1
  23. package/dist/packages/core/src/application/use-cases/features/start-feature.use-case.js +0 -2
  24. package/dist/packages/core/src/domain/factories/settings-defaults.factory.d.ts.map +1 -1
  25. package/dist/packages/core/src/domain/factories/settings-defaults.factory.js +1 -5
  26. package/dist/packages/core/src/domain/generated/output.d.ts +1 -259
  27. package/dist/packages/core/src/domain/generated/output.d.ts.map +1 -1
  28. package/dist/packages/core/src/domain/generated/output.js +1 -43
  29. package/dist/packages/core/src/infrastructure/di/container.d.ts.map +1 -1
  30. package/dist/packages/core/src/infrastructure/di/container.js +3 -57
  31. package/dist/packages/core/src/infrastructure/persistence/sqlite/mappers/settings.mapper.d.ts +0 -3
  32. package/dist/packages/core/src/infrastructure/persistence/sqlite/mappers/settings.mapper.d.ts.map +1 -1
  33. package/dist/packages/core/src/infrastructure/persistence/sqlite/mappers/settings.mapper.js +0 -14
  34. package/dist/packages/core/src/infrastructure/repositories/sqlite-settings.repository.d.ts.map +1 -1
  35. package/dist/packages/core/src/infrastructure/repositories/sqlite-settings.repository.js +3 -12
  36. package/dist/packages/core/src/infrastructure/services/agents/common/agent-executor-factory.service.d.ts.map +1 -1
  37. package/dist/packages/core/src/infrastructure/services/agents/common/agent-executor-factory.service.js +23 -0
  38. package/dist/packages/core/src/infrastructure/services/agents/common/agent-validator.service.d.ts.map +1 -1
  39. package/dist/packages/core/src/infrastructure/services/agents/common/agent-validator.service.js +1 -0
  40. package/dist/packages/core/src/infrastructure/services/agents/common/executors/claude-code-executor.service.d.ts +0 -2
  41. package/dist/packages/core/src/infrastructure/services/agents/common/executors/claude-code-executor.service.d.ts.map +1 -1
  42. package/dist/packages/core/src/infrastructure/services/agents/common/executors/claude-code-executor.service.js +0 -12
  43. package/dist/packages/core/src/infrastructure/services/agents/common/executors/copilot-cli-executor.service.d.ts +63 -0
  44. package/dist/packages/core/src/infrastructure/services/agents/common/executors/copilot-cli-executor.service.d.ts.map +1 -0
  45. package/dist/packages/core/src/infrastructure/services/agents/common/executors/copilot-cli-executor.service.js +494 -0
  46. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/fast-feature-agent-graph.d.ts +0 -10
  47. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/fast-feature-agent-graph.d.ts.map +1 -1
  48. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/feature-agent-graph.d.ts +0 -34
  49. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/feature-agent-graph.d.ts.map +1 -1
  50. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/feature-agent-process.service.d.ts +1 -3
  51. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/feature-agent-process.service.d.ts.map +1 -1
  52. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/feature-agent-process.service.js +1 -7
  53. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/feature-agent-worker.d.ts +1 -3
  54. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/feature-agent-worker.d.ts.map +1 -1
  55. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/feature-agent-worker.js +1 -32
  56. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/nodes/node-helpers.d.ts.map +1 -1
  57. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/nodes/node-helpers.js +0 -19
  58. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/state.d.ts +1 -4
  59. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/state.d.ts.map +1 -1
  60. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/state.js +0 -10
  61. package/dist/packages/core/src/infrastructure/services/external/github-repository.service.d.ts +1 -10
  62. package/dist/packages/core/src/infrastructure/services/external/github-repository.service.d.ts.map +1 -1
  63. package/dist/packages/core/src/infrastructure/services/external/github-repository.service.js +1 -101
  64. package/dist/packages/core/src/infrastructure/services/spec/spec-initializer.service.d.ts +0 -1
  65. package/dist/packages/core/src/infrastructure/services/spec/spec-initializer.service.d.ts.map +1 -1
  66. package/dist/packages/core/src/infrastructure/services/spec/spec-initializer.service.js +0 -61
  67. package/dist/packages/core/src/infrastructure/services/tool-installer/tools/codex.json +32 -0
  68. package/dist/packages/core/src/infrastructure/services/tool-installer/tools/copilot.json +32 -0
  69. package/dist/src/presentation/cli/index.js +0 -2
  70. package/dist/src/presentation/tui/prompts/agent-select.prompt.d.ts.map +1 -1
  71. package/dist/src/presentation/tui/prompts/agent-select.prompt.js +5 -0
  72. package/dist/src/presentation/web/app/actions/check-agent-auth.d.ts.map +1 -1
  73. package/dist/src/presentation/web/app/actions/check-agent-auth.js +18 -0
  74. package/dist/src/presentation/web/app/actions/get-all-agent-models.d.ts.map +1 -1
  75. package/dist/src/presentation/web/app/actions/get-all-agent-models.js +4 -2
  76. package/dist/src/presentation/web/app/build-graph-nodes.d.ts +1 -3
  77. package/dist/src/presentation/web/app/build-graph-nodes.d.ts.map +1 -1
  78. package/dist/src/presentation/web/app/build-graph-nodes.js +0 -2
  79. package/dist/src/presentation/web/components/common/feature-node/agent-type-icons.d.ts +1 -1
  80. package/dist/src/presentation/web/components/common/feature-node/agent-type-icons.d.ts.map +1 -1
  81. package/dist/src/presentation/web/components/common/feature-node/agent-type-icons.js +2 -0
  82. package/dist/src/presentation/web/components/common/feature-node/agent-type-icons.stories.d.ts.map +1 -1
  83. package/dist/src/presentation/web/components/common/feature-node/agent-type-icons.stories.js +1 -0
  84. package/dist/src/presentation/web/components/common/feature-node/feature-node-state-config.d.ts +1 -3
  85. package/dist/src/presentation/web/components/common/feature-node/feature-node-state-config.d.ts.map +1 -1
  86. package/dist/src/presentation/web/components/common/feature-node/feature-node.d.ts.map +1 -1
  87. package/dist/src/presentation/web/components/common/feature-node/feature-node.js +1 -2
  88. package/dist/src/presentation/web/components/common/repo-group/repo-group.js +1 -1
  89. package/dist/src/presentation/web/components/common/repository-node/repository-drawer.d.ts +1 -3
  90. package/dist/src/presentation/web/components/common/repository-node/repository-drawer.d.ts.map +1 -1
  91. package/dist/src/presentation/web/components/common/repository-node/repository-drawer.js +2 -3
  92. package/dist/src/presentation/web/components/features/settings/AgentModelPicker/AgentModelPicker.stories.d.ts +1 -0
  93. package/dist/src/presentation/web/components/features/settings/AgentModelPicker/AgentModelPicker.stories.d.ts.map +1 -1
  94. package/dist/src/presentation/web/components/features/settings/AgentModelPicker/AgentModelPicker.stories.js +7 -0
  95. package/dist/src/presentation/web/components/features/settings/agent-settings-section.d.ts.map +1 -1
  96. package/dist/src/presentation/web/components/features/settings/agent-settings-section.js +11 -3
  97. package/dist/src/presentation/web/components/features/settings/agent-settings-section.stories.d.ts +1 -0
  98. package/dist/src/presentation/web/components/features/settings/agent-settings-section.stories.d.ts.map +1 -1
  99. package/dist/src/presentation/web/components/features/settings/agent-settings-section.stories.js +8 -0
  100. package/dist/src/presentation/web/components/features/settings/settings-page-client.d.ts.map +1 -1
  101. package/dist/src/presentation/web/components/features/settings/settings-page-client.js +3 -16
  102. package/dist/translations/ar/cli.json +0 -20
  103. package/dist/translations/ar/tui.json +4 -0
  104. package/dist/translations/ar/web.json +1 -43
  105. package/dist/translations/de/cli.json +0 -20
  106. package/dist/translations/de/tui.json +4 -0
  107. package/dist/translations/de/web.json +1 -43
  108. package/dist/translations/en/cli.json +0 -20
  109. package/dist/translations/en/tui.json +4 -0
  110. package/dist/translations/en/web.json +1 -43
  111. package/dist/translations/es/cli.json +0 -20
  112. package/dist/translations/es/tui.json +4 -0
  113. package/dist/translations/es/web.json +1 -43
  114. package/dist/translations/fr/cli.json +0 -20
  115. package/dist/translations/fr/tui.json +4 -0
  116. package/dist/translations/fr/web.json +1 -43
  117. package/dist/translations/he/cli.json +0 -20
  118. package/dist/translations/he/tui.json +4 -0
  119. package/dist/translations/he/web.json +1 -43
  120. package/dist/translations/pt/cli.json +0 -20
  121. package/dist/translations/pt/tui.json +4 -0
  122. package/dist/translations/pt/web.json +1 -43
  123. package/dist/translations/ru/cli.json +0 -20
  124. package/dist/translations/ru/tui.json +4 -0
  125. package/dist/translations/ru/web.json +1 -43
  126. package/dist/tsconfig.build.tsbuildinfo +1 -1
  127. package/package.json +1 -1
  128. package/web/.next/BUILD_ID +1 -1
  129. package/web/.next/build-manifest.json +2 -2
  130. package/web/.next/fallback-build-manifest.json +2 -2
  131. package/web/.next/prerender-manifest.json +3 -3
  132. package/web/.next/required-server-files.js +2 -2
  133. package/web/.next/required-server-files.json +2 -2
  134. package/web/.next/server/app/(dashboard)/@drawer/adopt/page/server-reference-manifest.json +29 -29
  135. package/web/.next/server/app/(dashboard)/@drawer/adopt/page.js +1 -2
  136. package/web/.next/server/app/(dashboard)/@drawer/adopt/page.js.nft.json +1 -1
  137. package/web/.next/server/app/(dashboard)/@drawer/adopt/page_client-reference-manifest.js +1 -1
  138. package/web/.next/server/app/(dashboard)/@drawer/chat/page/server-reference-manifest.json +27 -27
  139. package/web/.next/server/app/(dashboard)/@drawer/chat/page.js +1 -2
  140. package/web/.next/server/app/(dashboard)/@drawer/chat/page.js.nft.json +1 -1
  141. package/web/.next/server/app/(dashboard)/@drawer/chat/page_client-reference-manifest.js +1 -1
  142. package/web/.next/server/app/(dashboard)/@drawer/create/page/server-reference-manifest.json +30 -30
  143. package/web/.next/server/app/(dashboard)/@drawer/create/page.js +1 -2
  144. package/web/.next/server/app/(dashboard)/@drawer/create/page.js.nft.json +1 -1
  145. package/web/.next/server/app/(dashboard)/@drawer/create/page_client-reference-manifest.js +1 -1
  146. package/web/.next/server/app/(dashboard)/@drawer/feature/[featureId]/[tab]/page/server-reference-manifest.json +38 -38
  147. package/web/.next/server/app/(dashboard)/@drawer/feature/[featureId]/[tab]/page.js +1 -2
  148. package/web/.next/server/app/(dashboard)/@drawer/feature/[featureId]/[tab]/page.js.nft.json +1 -1
  149. package/web/.next/server/app/(dashboard)/@drawer/feature/[featureId]/[tab]/page_client-reference-manifest.js +1 -1
  150. package/web/.next/server/app/(dashboard)/@drawer/feature/[featureId]/page/server-reference-manifest.json +38 -38
  151. package/web/.next/server/app/(dashboard)/@drawer/feature/[featureId]/page.js +1 -2
  152. package/web/.next/server/app/(dashboard)/@drawer/feature/[featureId]/page.js.nft.json +1 -1
  153. package/web/.next/server/app/(dashboard)/@drawer/feature/[featureId]/page_client-reference-manifest.js +1 -1
  154. package/web/.next/server/app/(dashboard)/@drawer/repository/[repositoryId]/[tab]/page/server-reference-manifest.json +28 -28
  155. package/web/.next/server/app/(dashboard)/@drawer/repository/[repositoryId]/[tab]/page.js +1 -2
  156. package/web/.next/server/app/(dashboard)/@drawer/repository/[repositoryId]/[tab]/page.js.nft.json +1 -1
  157. package/web/.next/server/app/(dashboard)/@drawer/repository/[repositoryId]/[tab]/page_client-reference-manifest.js +1 -1
  158. package/web/.next/server/app/(dashboard)/@drawer/repository/[repositoryId]/page/server-reference-manifest.json +28 -28
  159. package/web/.next/server/app/(dashboard)/@drawer/repository/[repositoryId]/page.js +1 -2
  160. package/web/.next/server/app/(dashboard)/@drawer/repository/[repositoryId]/page.js.nft.json +1 -1
  161. package/web/.next/server/app/(dashboard)/@drawer/repository/[repositoryId]/page_client-reference-manifest.js +1 -1
  162. package/web/.next/server/app/(dashboard)/chat/page/server-reference-manifest.json +27 -27
  163. package/web/.next/server/app/(dashboard)/chat/page.js +1 -2
  164. package/web/.next/server/app/(dashboard)/chat/page.js.nft.json +1 -1
  165. package/web/.next/server/app/(dashboard)/chat/page_client-reference-manifest.js +1 -1
  166. package/web/.next/server/app/(dashboard)/create/page/server-reference-manifest.json +30 -30
  167. package/web/.next/server/app/(dashboard)/create/page.js +1 -2
  168. package/web/.next/server/app/(dashboard)/create/page.js.nft.json +1 -1
  169. package/web/.next/server/app/(dashboard)/create/page_client-reference-manifest.js +1 -1
  170. package/web/.next/server/app/(dashboard)/feature/[featureId]/[tab]/page/server-reference-manifest.json +38 -38
  171. package/web/.next/server/app/(dashboard)/feature/[featureId]/[tab]/page.js +1 -2
  172. package/web/.next/server/app/(dashboard)/feature/[featureId]/[tab]/page.js.nft.json +1 -1
  173. package/web/.next/server/app/(dashboard)/feature/[featureId]/[tab]/page_client-reference-manifest.js +1 -1
  174. package/web/.next/server/app/(dashboard)/feature/[featureId]/page/server-reference-manifest.json +38 -38
  175. package/web/.next/server/app/(dashboard)/feature/[featureId]/page.js +1 -2
  176. package/web/.next/server/app/(dashboard)/feature/[featureId]/page.js.nft.json +1 -1
  177. package/web/.next/server/app/(dashboard)/feature/[featureId]/page_client-reference-manifest.js +1 -1
  178. package/web/.next/server/app/(dashboard)/page/server-reference-manifest.json +27 -27
  179. package/web/.next/server/app/(dashboard)/page.js +1 -2
  180. package/web/.next/server/app/(dashboard)/page.js.nft.json +1 -1
  181. package/web/.next/server/app/(dashboard)/page_client-reference-manifest.js +1 -1
  182. package/web/.next/server/app/(dashboard)/repository/[repositoryId]/[tab]/page/server-reference-manifest.json +28 -28
  183. package/web/.next/server/app/(dashboard)/repository/[repositoryId]/[tab]/page.js +1 -2
  184. package/web/.next/server/app/(dashboard)/repository/[repositoryId]/[tab]/page.js.nft.json +1 -1
  185. package/web/.next/server/app/(dashboard)/repository/[repositoryId]/[tab]/page_client-reference-manifest.js +1 -1
  186. package/web/.next/server/app/(dashboard)/repository/[repositoryId]/page/server-reference-manifest.json +28 -28
  187. package/web/.next/server/app/(dashboard)/repository/[repositoryId]/page.js +1 -2
  188. package/web/.next/server/app/(dashboard)/repository/[repositoryId]/page.js.nft.json +1 -1
  189. package/web/.next/server/app/(dashboard)/repository/[repositoryId]/page_client-reference-manifest.js +1 -1
  190. package/web/.next/server/app/_global-error.html +2 -2
  191. package/web/.next/server/app/_global-error.rsc +1 -1
  192. package/web/.next/server/app/_global-error.segments/__PAGE__.segment.rsc +1 -1
  193. package/web/.next/server/app/_global-error.segments/_full.segment.rsc +1 -1
  194. package/web/.next/server/app/_global-error.segments/_head.segment.rsc +1 -1
  195. package/web/.next/server/app/_global-error.segments/_index.segment.rsc +1 -1
  196. package/web/.next/server/app/_global-error.segments/_tree.segment.rsc +1 -1
  197. package/web/.next/server/app/_not-found/page/server-reference-manifest.json +6 -6
  198. package/web/.next/server/app/_not-found/page.js.nft.json +1 -1
  199. package/web/.next/server/app/_not-found/page_client-reference-manifest.js +1 -1
  200. package/web/.next/server/app/api/attachments/preview/route.js.nft.json +1 -1
  201. package/web/.next/server/app/api/evidence/route.js.nft.json +1 -1
  202. package/web/.next/server/app/api/graph-data/route.js.nft.json +1 -1
  203. package/web/.next/server/app/api/interactive/chat/[featureId]/messages/route.js.nft.json +1 -1
  204. package/web/.next/server/app/api/sessions/route.js.nft.json +1 -1
  205. package/web/.next/server/app/api/sessions-batch/route.js.nft.json +1 -1
  206. package/web/.next/server/app/features/page/server-reference-manifest.json +6 -6
  207. package/web/.next/server/app/features/page.js.nft.json +1 -1
  208. package/web/.next/server/app/features/page_client-reference-manifest.js +1 -1
  209. package/web/.next/server/app/settings/page/server-reference-manifest.json +18 -33
  210. package/web/.next/server/app/settings/page.js +1 -1
  211. package/web/.next/server/app/settings/page.js.nft.json +1 -1
  212. package/web/.next/server/app/settings/page_client-reference-manifest.js +1 -1
  213. package/web/.next/server/app/skills/page/server-reference-manifest.json +13 -13
  214. package/web/.next/server/app/skills/page.js +1 -2
  215. package/web/.next/server/app/skills/page.js.nft.json +1 -1
  216. package/web/.next/server/app/skills/page_client-reference-manifest.js +1 -1
  217. package/web/.next/server/app/tools/page/server-reference-manifest.json +11 -11
  218. package/web/.next/server/app/tools/page.js +1 -2
  219. package/web/.next/server/app/tools/page.js.nft.json +1 -1
  220. package/web/.next/server/app/tools/page_client-reference-manifest.js +1 -1
  221. package/web/.next/server/app/version/page/server-reference-manifest.json +6 -6
  222. package/web/.next/server/app/version/page.js.nft.json +1 -1
  223. package/web/.next/server/app/version/page_client-reference-manifest.js +1 -1
  224. package/web/.next/server/chunks/403f9_next_dist_esm_build_templates_app-route_370c43b1.js +1 -1
  225. package/web/.next/server/chunks/403f9_next_dist_esm_build_templates_app-route_370c43b1.js.map +1 -1
  226. package/web/.next/server/chunks/[root-of-the-server]__a402b567._.js +1 -1
  227. package/web/.next/server/chunks/[root-of-the-server]__c78383b1._.js +1 -1
  228. package/web/.next/server/chunks/[root-of-the-server]__c78383b1._.js.map +1 -1
  229. package/web/.next/server/chunks/[root-of-the-server]__cd67a84c._.js +1 -1
  230. package/web/.next/server/chunks/[root-of-the-server]__cd67a84c._.js.map +1 -1
  231. package/web/.next/server/chunks/ssr/744ca_web_components_common_control-center-drawer_create-drawer-client_tsx_5e26fc0a._.js +1 -1
  232. package/web/.next/server/chunks/ssr/744ca_web_components_common_control-center-drawer_create-drawer-client_tsx_5e26fc0a._.js.map +1 -1
  233. package/web/.next/server/chunks/ssr/744ca_web_components_common_control-center-drawer_feature-drawer-client_tsx_e9755fc8._.js +2 -2
  234. package/web/.next/server/chunks/ssr/744ca_web_components_common_control-center-drawer_feature-drawer-client_tsx_e9755fc8._.js.map +1 -1
  235. package/web/.next/server/chunks/ssr/[root-of-the-server]__1cd4327c._.js +4 -0
  236. package/web/.next/server/chunks/ssr/[root-of-the-server]__1cd4327c._.js.map +1 -0
  237. package/web/.next/server/chunks/ssr/[root-of-the-server]__1f389e5d._.js +1 -1
  238. package/web/.next/server/chunks/ssr/[root-of-the-server]__1f389e5d._.js.map +1 -1
  239. package/web/.next/server/chunks/ssr/[root-of-the-server]__357d99f9._.js +1 -1
  240. package/web/.next/server/chunks/ssr/[root-of-the-server]__4fb81977._.js +4 -0
  241. package/web/.next/server/chunks/ssr/[root-of-the-server]__4fb81977._.js.map +1 -0
  242. package/web/.next/server/chunks/ssr/[root-of-the-server]__6c7d3936._.js +1 -1
  243. package/web/.next/server/chunks/ssr/[root-of-the-server]__6c7d3936._.js.map +1 -1
  244. package/web/.next/server/chunks/ssr/[root-of-the-server]__7dcd0917._.js +4 -0
  245. package/web/.next/server/chunks/ssr/[root-of-the-server]__7dcd0917._.js.map +1 -0
  246. package/web/.next/server/chunks/ssr/[root-of-the-server]__92ffd5ee._.js +4 -0
  247. package/web/.next/server/chunks/ssr/[root-of-the-server]__92ffd5ee._.js.map +1 -0
  248. package/web/.next/server/chunks/ssr/[root-of-the-server]__b020c17d._.js +4 -0
  249. package/web/.next/server/chunks/ssr/[root-of-the-server]__b020c17d._.js.map +1 -0
  250. package/web/.next/server/chunks/ssr/[root-of-the-server]__b7b96453._.js +1 -1
  251. package/web/.next/server/chunks/ssr/[root-of-the-server]__b7b96453._.js.map +1 -1
  252. package/web/.next/server/chunks/ssr/[root-of-the-server]__ba7f5873._.js +4 -0
  253. package/web/.next/server/chunks/ssr/[root-of-the-server]__ba7f5873._.js.map +1 -0
  254. package/web/.next/server/chunks/ssr/[root-of-the-server]__c5e09f6f._.js +4 -0
  255. package/web/.next/server/chunks/ssr/[root-of-the-server]__c5e09f6f._.js.map +1 -0
  256. package/web/.next/server/chunks/ssr/[root-of-the-server]__fa525872._.js +3 -0
  257. package/web/.next/server/chunks/ssr/[root-of-the-server]__fa525872._.js.map +1 -0
  258. package/web/.next/server/chunks/ssr/_02e01240._.js +4 -0
  259. package/web/.next/server/chunks/ssr/_02e01240._.js.map +1 -0
  260. package/web/.next/server/chunks/ssr/_05c23ad9._.js +1 -1
  261. package/web/.next/server/chunks/ssr/_05c23ad9._.js.map +1 -1
  262. package/web/.next/server/chunks/ssr/_16eb4fec._.js +1 -1
  263. package/web/.next/server/chunks/ssr/_16eb4fec._.js.map +1 -1
  264. package/web/.next/server/chunks/ssr/_18886033._.js +4 -0
  265. package/web/.next/server/chunks/ssr/_18886033._.js.map +1 -0
  266. package/web/.next/server/chunks/ssr/_1e08a336._.js +1 -1
  267. package/web/.next/server/chunks/ssr/_22e00a14._.js +4 -0
  268. package/web/.next/server/chunks/ssr/_22e00a14._.js.map +1 -0
  269. package/web/.next/server/chunks/ssr/{_ee42a212._.js → _324beb75._.js} +2 -2
  270. package/web/.next/server/chunks/ssr/{_ee42a212._.js.map → _324beb75._.js.map} +1 -1
  271. package/web/.next/server/chunks/ssr/_43ba79e7._.js +3 -0
  272. package/web/.next/server/chunks/ssr/_43ba79e7._.js.map +1 -0
  273. package/web/.next/server/chunks/ssr/_45496654._.js +1 -1
  274. package/web/.next/server/chunks/ssr/_45496654._.js.map +1 -1
  275. package/web/.next/server/chunks/ssr/_4cbb7f95._.js +1 -1
  276. package/web/.next/server/chunks/ssr/_4cbb7f95._.js.map +1 -1
  277. package/web/.next/server/chunks/ssr/_5119a3df._.js +1 -1
  278. package/web/.next/server/chunks/ssr/_5119a3df._.js.map +1 -1
  279. package/web/.next/server/chunks/ssr/_56b9d60f._.js +1 -1
  280. package/web/.next/server/chunks/ssr/_56b9d60f._.js.map +1 -1
  281. package/web/.next/server/chunks/ssr/{_767748d2._.js → _5e3cb0a7._.js} +2 -2
  282. package/web/.next/server/chunks/ssr/_5e3cb0a7._.js.map +1 -0
  283. package/web/.next/server/chunks/ssr/_a5a5901d._.js +4 -0
  284. package/web/.next/server/chunks/ssr/_a5a5901d._.js.map +1 -0
  285. package/web/.next/server/chunks/ssr/_a963dd3c._.js +3 -0
  286. package/web/.next/server/chunks/ssr/_a963dd3c._.js.map +1 -0
  287. package/web/.next/server/chunks/ssr/_ad09f271._.js +4 -0
  288. package/web/.next/server/chunks/ssr/_ad09f271._.js.map +1 -0
  289. package/web/.next/server/chunks/ssr/_c3f595c6._.js +4 -0
  290. package/web/.next/server/chunks/ssr/_c3f595c6._.js.map +1 -0
  291. package/web/.next/server/chunks/ssr/_c9d3f255._.js +3 -0
  292. package/web/.next/server/chunks/ssr/_c9d3f255._.js.map +1 -0
  293. package/web/.next/server/chunks/ssr/_df737cce._.js +1 -1
  294. package/web/.next/server/chunks/ssr/_e3f14907._.js +9 -0
  295. package/web/.next/server/chunks/ssr/_e3f14907._.js.map +1 -0
  296. package/web/.next/server/chunks/ssr/_ea9e1556._.js +4 -0
  297. package/web/.next/server/chunks/ssr/_ea9e1556._.js.map +1 -0
  298. package/web/.next/server/chunks/ssr/_f1ba9be6._.js +6 -0
  299. package/web/.next/server/chunks/ssr/_f1ba9be6._.js.map +1 -0
  300. package/web/.next/server/chunks/ssr/_f33cd07e._.js +6 -0
  301. package/web/.next/server/chunks/ssr/_f33cd07e._.js.map +1 -0
  302. package/web/.next/server/chunks/ssr/_f8b45233._.js +4 -0
  303. package/web/.next/server/chunks/ssr/_f8b45233._.js.map +1 -0
  304. package/web/.next/server/chunks/ssr/b1a17_presentation_web_components_features_settings_settings-page-client_tsx_6ed9d5f8._.js +1 -1
  305. package/web/.next/server/chunks/ssr/b1a17_presentation_web_components_features_settings_settings-page-client_tsx_6ed9d5f8._.js.map +1 -1
  306. package/web/.next/server/chunks/ssr/f3a1f_components_common_control-center-drawer_repository-drawer-client_tsx_39a00c03._.js +1 -1
  307. package/web/.next/server/chunks/ssr/f3a1f_components_common_control-center-drawer_repository-drawer-client_tsx_39a00c03._.js.map +1 -1
  308. package/web/.next/server/chunks/ssr/src_presentation_web_app_actions_open-ide_ts_baaca5d5._.js +1 -1
  309. package/web/.next/server/chunks/ssr/src_presentation_web_app_actions_open-ide_ts_baaca5d5._.js.map +1 -1
  310. package/web/.next/server/chunks/ssr/src_presentation_web_ca99d62d._.js +1 -1
  311. package/web/.next/server/chunks/ssr/src_presentation_web_ca99d62d._.js.map +1 -1
  312. package/web/.next/server/chunks/ssr/src_presentation_web_components_895e5bfa._.js +1 -1
  313. package/web/.next/server/chunks/ssr/src_presentation_web_components_895e5bfa._.js.map +1 -1
  314. package/web/.next/server/chunks/ssr/src_presentation_web_components_features_control-center_7ac3562e._.js +1 -1
  315. package/web/.next/server/chunks/ssr/src_presentation_web_components_features_control-center_7ac3562e._.js.map +1 -1
  316. package/web/.next/server/chunks/ssr/src_presentation_web_components_features_skills_8a174cac._.js +1 -1
  317. package/web/.next/server/chunks/ssr/src_presentation_web_components_features_skills_8a174cac._.js.map +1 -1
  318. package/web/.next/server/chunks/ssr/src_presentation_web_db9fa0c2._.js +1 -1
  319. package/web/.next/server/chunks/ssr/src_presentation_web_db9fa0c2._.js.map +1 -1
  320. package/web/.next/server/chunks/ssr/translations_23dd5e7e._.js +1 -1
  321. package/web/.next/server/chunks/ssr/translations_23dd5e7e._.js.map +1 -1
  322. package/web/.next/server/pages/500.html +2 -2
  323. package/web/.next/server/server-reference-manifest.js +1 -1
  324. package/web/.next/server/server-reference-manifest.json +59 -74
  325. package/web/.next/static/chunks/01d34ca202152b33.js +1 -0
  326. package/web/.next/static/chunks/120279c82aa8aa25.js +1 -0
  327. package/web/.next/static/chunks/2e32d8578aace93a.js +1 -0
  328. package/web/.next/static/chunks/{16fa4d3877c28fe2.js → 41f5bb33ac4f3c7d.js} +1 -1
  329. package/web/.next/static/chunks/{b9c62932ed987239.js → 43cf78a6c49eb7c1.js} +2 -2
  330. package/web/.next/static/chunks/4559a403ee40dd19.js +7 -0
  331. package/web/.next/static/chunks/{a8edb9423086e83f.js → 50b760a2c7ad03d3.js} +1 -1
  332. package/web/.next/static/chunks/{d1c3e0ee8e788c87.js → 6e10cf4513c1f54f.js} +1 -1
  333. package/web/.next/static/chunks/{39f6ad3f9005703a.js → 8a486366e2878cbc.js} +1 -1
  334. package/web/.next/static/chunks/8b0a9cb5109fe899.js +1 -0
  335. package/web/.next/static/chunks/{9374d251360e808b.js → 947678ada7948442.js} +1 -1
  336. package/web/.next/static/chunks/{7e05e7e25220ee9a.js → b1b0c8ff51c0c2fc.js} +3 -3
  337. package/web/.next/static/chunks/b65e555419a0c664.js +1 -0
  338. package/web/.next/static/chunks/{89dd90bf14488ec0.js → bd55a833b24ee17b.js} +1 -1
  339. package/web/.next/static/chunks/{e8c3c12f92e9a521.js → c91571264851a71e.js} +3 -3
  340. package/web/.next/static/chunks/cc832e47f53eb2c3.js +1 -0
  341. package/web/.next/static/chunks/{fb8dadb64c0ffc6b.js → d5366257d6b9f855.js} +1 -1
  342. package/web/.next/static/chunks/da504d7f1c40bce1.js +1 -0
  343. package/web/.next/static/chunks/dcf8bb4389557a76.css +1 -0
  344. package/web/.next/static/chunks/f8f647baf2e91a9d.js +1 -0
  345. package/web/public/icons/agents/copilot.svg +12 -0
  346. package/apis/json-schema/ActionDispositionEntry.yaml +0 -14
  347. package/apis/json-schema/DependencyFinding.yaml +0 -28
  348. package/apis/json-schema/DependencyRiskType.yaml +0 -11
  349. package/apis/json-schema/DependencyRules.yaml +0 -38
  350. package/apis/json-schema/EffectivePolicySnapshot.yaml +0 -24
  351. package/apis/json-schema/ReleaseIntegrityCheck.yaml +0 -22
  352. package/apis/json-schema/ReleaseIntegrityCheckType.yaml +0 -9
  353. package/apis/json-schema/ReleaseIntegrityResult.yaml +0 -16
  354. package/apis/json-schema/ReleaseRules.yaml +0 -21
  355. package/apis/json-schema/SecurityActionCategory.yaml +0 -10
  356. package/apis/json-schema/SecurityActionDisposition.yaml +0 -8
  357. package/apis/json-schema/SecurityConfig.yaml +0 -17
  358. package/apis/json-schema/SecurityEvent.yaml +0 -36
  359. package/apis/json-schema/SecurityMode.yaml +0 -8
  360. package/apis/json-schema/SecurityPolicy.yaml +0 -24
  361. package/apis/json-schema/SecuritySeverity.yaml +0 -9
  362. package/dist/packages/core/src/application/ports/output/repositories/security-event.repository.interface.d.ts +0 -76
  363. package/dist/packages/core/src/application/ports/output/repositories/security-event.repository.interface.d.ts.map +0 -1
  364. package/dist/packages/core/src/application/ports/output/repositories/security-event.repository.interface.js +0 -11
  365. package/dist/packages/core/src/application/ports/output/services/security-policy-service.interface.d.ts +0 -77
  366. package/dist/packages/core/src/application/ports/output/services/security-policy-service.interface.d.ts.map +0 -1
  367. package/dist/packages/core/src/application/ports/output/services/security-policy-service.interface.js +0 -13
  368. package/dist/packages/core/src/application/use-cases/security/enforce-security.use-case.d.ts +0 -71
  369. package/dist/packages/core/src/application/use-cases/security/enforce-security.use-case.d.ts.map +0 -1
  370. package/dist/packages/core/src/application/use-cases/security/enforce-security.use-case.js +0 -215
  371. package/dist/packages/core/src/application/use-cases/security/evaluate-security-policy.use-case.d.ts +0 -24
  372. package/dist/packages/core/src/application/use-cases/security/evaluate-security-policy.use-case.d.ts.map +0 -1
  373. package/dist/packages/core/src/application/use-cases/security/evaluate-security-policy.use-case.js +0 -56
  374. package/dist/packages/core/src/application/use-cases/security/get-security-state.use-case.d.ts +0 -36
  375. package/dist/packages/core/src/application/use-cases/security/get-security-state.use-case.d.ts.map +0 -1
  376. package/dist/packages/core/src/application/use-cases/security/get-security-state.use-case.js +0 -76
  377. package/dist/packages/core/src/application/use-cases/security/record-security-event.use-case.d.ts +0 -14
  378. package/dist/packages/core/src/application/use-cases/security/record-security-event.use-case.d.ts.map +0 -1
  379. package/dist/packages/core/src/application/use-cases/security/record-security-event.use-case.js +0 -46
  380. package/dist/packages/core/src/domain/errors/security-violation.error.d.ts +0 -15
  381. package/dist/packages/core/src/domain/errors/security-violation.error.d.ts.map +0 -1
  382. package/dist/packages/core/src/domain/errors/security-violation.error.js +0 -20
  383. package/dist/packages/core/src/infrastructure/persistence/sqlite/mappers/security-event.mapper.d.ts +0 -44
  384. package/dist/packages/core/src/infrastructure/persistence/sqlite/mappers/security-event.mapper.d.ts.map +0 -1
  385. package/dist/packages/core/src/infrastructure/persistence/sqlite/mappers/security-event.mapper.js +0 -55
  386. package/dist/packages/core/src/infrastructure/persistence/sqlite/migrations/053-add-security-settings-columns.d.ts +0 -18
  387. package/dist/packages/core/src/infrastructure/persistence/sqlite/migrations/053-add-security-settings-columns.d.ts.map +0 -1
  388. package/dist/packages/core/src/infrastructure/persistence/sqlite/migrations/053-add-security-settings-columns.js +0 -31
  389. package/dist/packages/core/src/infrastructure/persistence/sqlite/migrations/054-create-security-events-table.d.ts +0 -29
  390. package/dist/packages/core/src/infrastructure/persistence/sqlite/migrations/054-create-security-events-table.d.ts.map +0 -1
  391. package/dist/packages/core/src/infrastructure/persistence/sqlite/migrations/054-create-security-events-table.js +0 -53
  392. package/dist/packages/core/src/infrastructure/repositories/sqlite-security-event.repository.d.ts +0 -24
  393. package/dist/packages/core/src/infrastructure/repositories/sqlite-security-event.repository.d.ts.map +0 -1
  394. package/dist/packages/core/src/infrastructure/repositories/sqlite-security-event.repository.js +0 -96
  395. package/dist/packages/core/src/infrastructure/services/agents/common/executors/security-constraint-validator.d.ts +0 -22
  396. package/dist/packages/core/src/infrastructure/services/agents/common/executors/security-constraint-validator.d.ts.map +0 -1
  397. package/dist/packages/core/src/infrastructure/services/agents/common/executors/security-constraint-validator.js +0 -30
  398. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/nodes/security-pre-check.d.ts +0 -45
  399. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/nodes/security-pre-check.d.ts.map +0 -1
  400. package/dist/packages/core/src/infrastructure/services/agents/feature-agent/nodes/security-pre-check.js +0 -70
  401. package/dist/packages/core/src/infrastructure/services/security/dependency-risk-evaluator.d.ts +0 -53
  402. package/dist/packages/core/src/infrastructure/services/security/dependency-risk-evaluator.d.ts.map +0 -1
  403. package/dist/packages/core/src/infrastructure/services/security/dependency-risk-evaluator.js +0 -241
  404. package/dist/packages/core/src/infrastructure/services/security/release-integrity-evaluator.d.ts +0 -44
  405. package/dist/packages/core/src/infrastructure/services/security/release-integrity-evaluator.d.ts.map +0 -1
  406. package/dist/packages/core/src/infrastructure/services/security/release-integrity-evaluator.js +0 -194
  407. package/dist/packages/core/src/infrastructure/services/security/security-policy-file-reader.d.ts +0 -28
  408. package/dist/packages/core/src/infrastructure/services/security/security-policy-file-reader.d.ts.map +0 -1
  409. package/dist/packages/core/src/infrastructure/services/security/security-policy-file-reader.js +0 -50
  410. package/dist/packages/core/src/infrastructure/services/security/security-policy-validator.d.ts +0 -26
  411. package/dist/packages/core/src/infrastructure/services/security/security-policy-validator.d.ts.map +0 -1
  412. package/dist/packages/core/src/infrastructure/services/security/security-policy-validator.js +0 -147
  413. package/dist/packages/core/src/infrastructure/services/security/security-policy.service.d.ts +0 -44
  414. package/dist/packages/core/src/infrastructure/services/security/security-policy.service.d.ts.map +0 -1
  415. package/dist/packages/core/src/infrastructure/services/security/security-policy.service.js +0 -174
  416. package/dist/src/presentation/cli/commands/security.command.d.ts +0 -16
  417. package/dist/src/presentation/cli/commands/security.command.d.ts.map +0 -1
  418. package/dist/src/presentation/cli/commands/security.command.js +0 -118
  419. package/dist/src/presentation/web/app/actions/security.d.ts +0 -28
  420. package/dist/src/presentation/web/app/actions/security.d.ts.map +0 -1
  421. package/dist/src/presentation/web/app/actions/security.js +0 -59
  422. package/dist/src/presentation/web/components/common/repository-node/security-panel.d.ts +0 -6
  423. package/dist/src/presentation/web/components/common/repository-node/security-panel.d.ts.map +0 -1
  424. package/dist/src/presentation/web/components/common/repository-node/security-panel.js +0 -29
  425. package/dist/src/presentation/web/components/common/repository-node/security-panel.stories.d.ts +0 -10
  426. package/dist/src/presentation/web/components/common/repository-node/security-panel.stories.d.ts.map +0 -1
  427. package/dist/src/presentation/web/components/common/repository-node/security-panel.stories.js +0 -53
  428. package/dist/src/presentation/web/components/common/security-badge.d.ts +0 -7
  429. package/dist/src/presentation/web/components/common/security-badge.d.ts.map +0 -1
  430. package/dist/src/presentation/web/components/common/security-badge.js +0 -30
  431. package/dist/src/presentation/web/components/common/security-badge.stories.d.ts +0 -12
  432. package/dist/src/presentation/web/components/common/security-badge.stories.d.ts.map +0 -1
  433. package/dist/src/presentation/web/components/common/security-badge.stories.js +0 -20
  434. package/dist/src/presentation/web/components/features/settings/supply-chain-security-settings-section.d.ts +0 -6
  435. package/dist/src/presentation/web/components/features/settings/supply-chain-security-settings-section.d.ts.map +0 -1
  436. package/dist/src/presentation/web/components/features/settings/supply-chain-security-settings-section.js +0 -60
  437. package/dist/src/presentation/web/components/features/settings/supply-chain-security-settings-section.stories.d.ts +0 -14
  438. package/dist/src/presentation/web/components/features/settings/supply-chain-security-settings-section.stories.d.ts.map +0 -1
  439. package/dist/src/presentation/web/components/features/settings/supply-chain-security-settings-section.stories.js +0 -116
  440. package/web/.next/server/chunks/ssr/744ca_web__next-internal_server_app_(dashboard)_@drawer_adopt_page_actions_ad0071c9.js +0 -3
  441. package/web/.next/server/chunks/ssr/744ca_web__next-internal_server_app_(dashboard)_@drawer_adopt_page_actions_ad0071c9.js.map +0 -1
  442. package/web/.next/server/chunks/ssr/744ca_web__next-internal_server_app_(dashboard)_@drawer_chat_page_actions_90d98b2b.js +0 -3
  443. package/web/.next/server/chunks/ssr/744ca_web__next-internal_server_app_(dashboard)_@drawer_chat_page_actions_90d98b2b.js.map +0 -1
  444. package/web/.next/server/chunks/ssr/744ca_web__next-internal_server_app_(dashboard)_chat_page_actions_d3828105.js +0 -3
  445. package/web/.next/server/chunks/ssr/744ca_web__next-internal_server_app_(dashboard)_chat_page_actions_d3828105.js.map +0 -1
  446. package/web/.next/server/chunks/ssr/[root-of-the-server]__51ec77a8._.js +0 -3
  447. package/web/.next/server/chunks/ssr/[root-of-the-server]__51ec77a8._.js.map +0 -1
  448. package/web/.next/server/chunks/ssr/[root-of-the-server]__540c615f._.js +0 -4
  449. package/web/.next/server/chunks/ssr/[root-of-the-server]__540c615f._.js.map +0 -1
  450. package/web/.next/server/chunks/ssr/[root-of-the-server]__66047a1b._.js +0 -3
  451. package/web/.next/server/chunks/ssr/[root-of-the-server]__66047a1b._.js.map +0 -1
  452. package/web/.next/server/chunks/ssr/[root-of-the-server]__9a9cb046._.js +0 -3
  453. package/web/.next/server/chunks/ssr/[root-of-the-server]__9a9cb046._.js.map +0 -1
  454. package/web/.next/server/chunks/ssr/[root-of-the-server]__a2d6c0ac._.js +0 -4
  455. package/web/.next/server/chunks/ssr/[root-of-the-server]__a2d6c0ac._.js.map +0 -1
  456. package/web/.next/server/chunks/ssr/[root-of-the-server]__a932cd3a._.js +0 -3
  457. package/web/.next/server/chunks/ssr/[root-of-the-server]__a932cd3a._.js.map +0 -1
  458. package/web/.next/server/chunks/ssr/[root-of-the-server]__aa72e794._.js +0 -3
  459. package/web/.next/server/chunks/ssr/[root-of-the-server]__aa72e794._.js.map +0 -1
  460. package/web/.next/server/chunks/ssr/_02580450._.js +0 -3
  461. package/web/.next/server/chunks/ssr/_02580450._.js.map +0 -1
  462. package/web/.next/server/chunks/ssr/_1594e369._.js +0 -9
  463. package/web/.next/server/chunks/ssr/_1594e369._.js.map +0 -1
  464. package/web/.next/server/chunks/ssr/_21d37090._.js +0 -3
  465. package/web/.next/server/chunks/ssr/_21d37090._.js.map +0 -1
  466. package/web/.next/server/chunks/ssr/_767748d2._.js.map +0 -1
  467. package/web/.next/server/chunks/ssr/_f8c55130._.js +0 -4
  468. package/web/.next/server/chunks/ssr/_f8c55130._.js.map +0 -1
  469. package/web/.next/server/chunks/ssr/_ff04802c._.js +0 -3
  470. package/web/.next/server/chunks/ssr/_ff04802c._.js.map +0 -1
  471. package/web/.next/server/chunks/ssr/src_presentation_web_17d39233._.js +0 -3
  472. package/web/.next/server/chunks/ssr/src_presentation_web_17d39233._.js.map +0 -1
  473. package/web/.next/server/chunks/ssr/src_presentation_web_54b02639._.js +0 -5
  474. package/web/.next/server/chunks/ssr/src_presentation_web_54b02639._.js.map +0 -1
  475. package/web/.next/server/chunks/ssr/src_presentation_web_7b7b9e3b._.js +0 -5
  476. package/web/.next/server/chunks/ssr/src_presentation_web_7b7b9e3b._.js.map +0 -1
  477. package/web/.next/server/chunks/ssr/src_presentation_web_807cba76._.js +0 -3
  478. package/web/.next/server/chunks/ssr/src_presentation_web_807cba76._.js.map +0 -1
  479. package/web/.next/server/chunks/ssr/src_presentation_web__next-internal_server_app_(dashboard)_page_actions_90b5e66e.js +0 -3
  480. package/web/.next/server/chunks/ssr/src_presentation_web__next-internal_server_app_(dashboard)_page_actions_90b5e66e.js.map +0 -1
  481. package/web/.next/server/chunks/ssr/src_presentation_web__next-internal_server_app_skills_page_actions_4ce30db7.js +0 -3
  482. package/web/.next/server/chunks/ssr/src_presentation_web__next-internal_server_app_skills_page_actions_4ce30db7.js.map +0 -1
  483. package/web/.next/server/chunks/ssr/src_presentation_web__next-internal_server_app_tools_page_actions_e4032193.js +0 -3
  484. package/web/.next/server/chunks/ssr/src_presentation_web__next-internal_server_app_tools_page_actions_e4032193.js.map +0 -1
  485. package/web/.next/server/chunks/ssr/src_presentation_web_e1cd1869._.js +0 -3
  486. package/web/.next/server/chunks/ssr/src_presentation_web_e1cd1869._.js.map +0 -1
  487. package/web/.next/server/chunks/ssr/src_presentation_web_e3a30e30._.js +0 -3
  488. package/web/.next/server/chunks/ssr/src_presentation_web_e3a30e30._.js.map +0 -1
  489. package/web/.next/static/chunks/051873309d87fb45.css +0 -1
  490. package/web/.next/static/chunks/23d80bb760e7dc4c.js +0 -1
  491. package/web/.next/static/chunks/30a0ba9015f94405.js +0 -7
  492. package/web/.next/static/chunks/3aba9d2242420cb5.js +0 -1
  493. package/web/.next/static/chunks/7a6f56f37aaa17ea.js +0 -1
  494. package/web/.next/static/chunks/9423dc2310202fda.js +0 -1
  495. package/web/.next/static/chunks/a794cf7a1a5648dd.js +0 -1
  496. package/web/.next/static/chunks/ae81796726a9bba3.js +0 -1
  497. package/web/.next/static/chunks/f3d5e0ae13def35a.js +0 -1
  498. package/web/.next/static/chunks/fd232b88b5b50b2e.js +0 -1
  499. /package/web/.next/static/{t6SUt71jyk_PYf152Imog → S_u3qor6FkwObhA1F2xEj}/_buildManifest.js +0 -0
  500. /package/web/.next/static/{t6SUt71jyk_PYf152Imog → S_u3qor6FkwObhA1F2xEj}/_clientMiddlewareManifest.json +0 -0
  501. /package/web/.next/static/{t6SUt71jyk_PYf152Imog → S_u3qor6FkwObhA1F2xEj}/_ssgManifest.js +0 -0
@@ -1,31 +0,0 @@
1
- /**
2
- * Migration 053: Add security settings columns to the settings table.
3
- *
4
- * Adds three columns for supply-chain security configuration:
5
- * - security_mode TEXT NOT NULL DEFAULT 'Advisory'
6
- * - security_last_evaluation_at TEXT (nullable)
7
- * - security_policy_source TEXT (nullable)
8
- *
9
- * These columns store the effective security mode, last evaluation
10
- * timestamp, and policy source origin for the SecurityConfig model.
11
- *
12
- * Migration is idempotent: checks column existence before ALTER.
13
- */
14
- export async function up({ context: db }) {
15
- const columns = db.pragma('table_info(settings)');
16
- const existingNames = new Set(columns.map((c) => c.name));
17
- if (!existingNames.has('security_mode')) {
18
- db.exec("ALTER TABLE settings ADD COLUMN security_mode TEXT NOT NULL DEFAULT 'Advisory'");
19
- }
20
- if (!existingNames.has('security_last_evaluation_at')) {
21
- db.exec('ALTER TABLE settings ADD COLUMN security_last_evaluation_at TEXT');
22
- }
23
- if (!existingNames.has('security_policy_source')) {
24
- db.exec('ALTER TABLE settings ADD COLUMN security_policy_source TEXT');
25
- }
26
- }
27
- export async function down({ context: db }) {
28
- // Additive-only migration — columns are nullable/defaulted and ignored
29
- // by older code. No-op per LESSONS.md backward compatibility rules.
30
- void db;
31
- }
@@ -1,29 +0,0 @@
1
- /**
2
- * Migration 054: Create security_events table.
3
- *
4
- * Creates the security_events table for persisting security audit events
5
- * (policy violations, approval decisions, enforcement outcomes).
6
- *
7
- * Columns:
8
- * - id TEXT PRIMARY KEY
9
- * - repository_path TEXT NOT NULL
10
- * - feature_id TEXT (nullable)
11
- * - severity TEXT NOT NULL
12
- * - category TEXT NOT NULL
13
- * - disposition TEXT NOT NULL
14
- * - actor TEXT (nullable)
15
- * - message TEXT (nullable)
16
- * - remediation_summary TEXT (nullable)
17
- * - created_at TEXT NOT NULL
18
- *
19
- * Indexes:
20
- * - idx_security_events_repo_created ON (repository_path, created_at)
21
- * - idx_security_events_feature ON (feature_id)
22
- *
23
- * Migration is idempotent: uses IF NOT EXISTS on CREATE TABLE and indexes.
24
- */
25
- import type { MigrationParams } from 'umzug';
26
- import type Database from 'better-sqlite3';
27
- export declare function up({ context: db }: MigrationParams<Database.Database>): Promise<void>;
28
- export declare function down({ context: db }: MigrationParams<Database.Database>): Promise<void>;
29
- //# sourceMappingURL=054-create-security-events-table.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"054-create-security-events-table.d.ts","sourceRoot":"","sources":["../../../../../../../../packages/core/src/infrastructure/persistence/sqlite/migrations/054-create-security-events-table.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,OAAO,CAAC;AAC7C,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAE3C,wBAAsB,EAAE,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,EAAE,eAAe,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAyB3F;AAED,wBAAsB,IAAI,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,EAAE,eAAe,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,OAAO,CAAC,IAAI,CAAC,CAI7F"}
@@ -1,53 +0,0 @@
1
- /**
2
- * Migration 054: Create security_events table.
3
- *
4
- * Creates the security_events table for persisting security audit events
5
- * (policy violations, approval decisions, enforcement outcomes).
6
- *
7
- * Columns:
8
- * - id TEXT PRIMARY KEY
9
- * - repository_path TEXT NOT NULL
10
- * - feature_id TEXT (nullable)
11
- * - severity TEXT NOT NULL
12
- * - category TEXT NOT NULL
13
- * - disposition TEXT NOT NULL
14
- * - actor TEXT (nullable)
15
- * - message TEXT (nullable)
16
- * - remediation_summary TEXT (nullable)
17
- * - created_at TEXT NOT NULL
18
- *
19
- * Indexes:
20
- * - idx_security_events_repo_created ON (repository_path, created_at)
21
- * - idx_security_events_feature ON (feature_id)
22
- *
23
- * Migration is idempotent: uses IF NOT EXISTS on CREATE TABLE and indexes.
24
- */
25
- export async function up({ context: db }) {
26
- db.exec(`
27
- CREATE TABLE IF NOT EXISTS security_events (
28
- id TEXT PRIMARY KEY,
29
- repository_path TEXT NOT NULL,
30
- feature_id TEXT,
31
- severity TEXT NOT NULL,
32
- category TEXT NOT NULL,
33
- disposition TEXT NOT NULL,
34
- actor TEXT,
35
- message TEXT,
36
- remediation_summary TEXT,
37
- created_at TEXT NOT NULL
38
- )
39
- `);
40
- db.exec(`
41
- CREATE INDEX IF NOT EXISTS idx_security_events_repo_created
42
- ON security_events(repository_path, created_at)
43
- `);
44
- db.exec(`
45
- CREATE INDEX IF NOT EXISTS idx_security_events_feature
46
- ON security_events(feature_id)
47
- `);
48
- }
49
- export async function down({ context: db }) {
50
- // Additive-only migration — table is new and ignored by older code.
51
- // No-op per LESSONS.md backward compatibility rules.
52
- void db;
53
- }
@@ -1,24 +0,0 @@
1
- /**
2
- * SQLite Security Event Repository Implementation
3
- *
4
- * Implements ISecurityEventRepository using SQLite database.
5
- * Uses prepared statements to prevent SQL injection.
6
- * Supports 90-day retention cleanup.
7
- */
8
- import type Database from 'better-sqlite3';
9
- import type { ISecurityEventRepository, SecurityEventQueryOptions } from '../../application/ports/output/repositories/security-event.repository.interface.js';
10
- import type { SecurityEvent } from '../../domain/generated/output.js';
11
- /**
12
- * SQLite implementation of ISecurityEventRepository.
13
- * Manages SecurityEvent persistence with repository-scoped queries.
14
- */
15
- export declare class SQLiteSecurityEventRepository implements ISecurityEventRepository {
16
- private readonly db;
17
- constructor(db: Database.Database);
18
- save(event: SecurityEvent): Promise<void>;
19
- findByRepository(repositoryPath: string, options?: SecurityEventQueryOptions): Promise<SecurityEvent[]>;
20
- findByFeature(featureId: string, options?: SecurityEventQueryOptions): Promise<SecurityEvent[]>;
21
- deleteOlderThan(date: Date): Promise<number>;
22
- count(repositoryPath: string): Promise<number>;
23
- }
24
- //# sourceMappingURL=sqlite-security-event.repository.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"sqlite-security-event.repository.d.ts","sourceRoot":"","sources":["../../../../../../packages/core/src/infrastructure/repositories/sqlite-security-event.repository.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAE3C,OAAO,KAAK,EACV,wBAAwB,EACxB,yBAAyB,EAC1B,MAAM,oFAAoF,CAAC;AAC5F,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,kCAAkC,CAAC;AAOtE;;;GAGG;AACH,qBACa,6BAA8B,YAAW,wBAAwB;IAChE,OAAO,CAAC,QAAQ,CAAC,EAAE;gBAAF,EAAE,EAAE,QAAQ,CAAC,QAAQ;IAE5C,IAAI,CAAC,KAAK,EAAE,aAAa,GAAG,OAAO,CAAC,IAAI,CAAC;IAgBzC,gBAAgB,CACpB,cAAc,EAAE,MAAM,EACtB,OAAO,CAAC,EAAE,yBAAyB,GAClC,OAAO,CAAC,aAAa,EAAE,CAAC;IA2BrB,aAAa,CACjB,SAAS,EAAE,MAAM,EACjB,OAAO,CAAC,EAAE,yBAAyB,GAClC,OAAO,CAAC,aAAa,EAAE,CAAC;IA2BrB,eAAe,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC;IAM5C,KAAK,CAAC,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC;CAOrD"}
@@ -1,96 +0,0 @@
1
- /**
2
- * SQLite Security Event Repository Implementation
3
- *
4
- * Implements ISecurityEventRepository using SQLite database.
5
- * Uses prepared statements to prevent SQL injection.
6
- * Supports 90-day retention cleanup.
7
- */
8
- var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
9
- var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
10
- if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
11
- else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
12
- return c > 3 && r && Object.defineProperty(target, key, r), r;
13
- };
14
- var __metadata = (this && this.__metadata) || function (k, v) {
15
- if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
16
- };
17
- import { injectable } from 'tsyringe';
18
- import { toDatabase, fromDatabase, } from '../persistence/sqlite/mappers/security-event.mapper.js';
19
- /**
20
- * SQLite implementation of ISecurityEventRepository.
21
- * Manages SecurityEvent persistence with repository-scoped queries.
22
- */
23
- let SQLiteSecurityEventRepository = class SQLiteSecurityEventRepository {
24
- db;
25
- constructor(db) {
26
- this.db = db;
27
- }
28
- async save(event) {
29
- const row = toDatabase(event);
30
- const stmt = this.db.prepare(`
31
- INSERT INTO security_events (
32
- id, repository_path, feature_id, severity, category,
33
- disposition, actor, message, remediation_summary, created_at
34
- ) VALUES (
35
- @id, @repository_path, @feature_id, @severity, @category,
36
- @disposition, @actor, @message, @remediation_summary, @created_at
37
- )
38
- `);
39
- stmt.run(row);
40
- }
41
- async findByRepository(repositoryPath, options) {
42
- let sql = 'SELECT * FROM security_events WHERE repository_path = ?';
43
- const params = [repositoryPath];
44
- if (options?.severity) {
45
- sql += ' AND severity = ?';
46
- params.push(options.severity);
47
- }
48
- sql += ' ORDER BY created_at DESC';
49
- if (options?.limit) {
50
- sql += ' LIMIT ?';
51
- params.push(options.limit);
52
- }
53
- if (options?.offset) {
54
- sql += ' OFFSET ?';
55
- params.push(options.offset);
56
- }
57
- const stmt = this.db.prepare(sql);
58
- const rows = stmt.all(...params);
59
- return rows.map(fromDatabase);
60
- }
61
- async findByFeature(featureId, options) {
62
- let sql = 'SELECT * FROM security_events WHERE feature_id = ?';
63
- const params = [featureId];
64
- if (options?.severity) {
65
- sql += ' AND severity = ?';
66
- params.push(options.severity);
67
- }
68
- sql += ' ORDER BY created_at DESC';
69
- if (options?.limit) {
70
- sql += ' LIMIT ?';
71
- params.push(options.limit);
72
- }
73
- if (options?.offset) {
74
- sql += ' OFFSET ?';
75
- params.push(options.offset);
76
- }
77
- const stmt = this.db.prepare(sql);
78
- const rows = stmt.all(...params);
79
- return rows.map(fromDatabase);
80
- }
81
- async deleteOlderThan(date) {
82
- const stmt = this.db.prepare('DELETE FROM security_events WHERE created_at < ?');
83
- const result = stmt.run(date.toISOString());
84
- return result.changes;
85
- }
86
- async count(repositoryPath) {
87
- const stmt = this.db.prepare('SELECT COUNT(*) as cnt FROM security_events WHERE repository_path = ?');
88
- const row = stmt.get(repositoryPath);
89
- return row.cnt;
90
- }
91
- };
92
- SQLiteSecurityEventRepository = __decorate([
93
- injectable(),
94
- __metadata("design:paramtypes", [Object])
95
- ], SQLiteSecurityEventRepository);
96
- export { SQLiteSecurityEventRepository };
@@ -1,22 +0,0 @@
1
- /**
2
- * Security Constraint Validator
3
- *
4
- * Pure function that validates security constraints against executor capabilities.
5
- * Reusable across all executor types. Throws SecurityViolationError in Enforce mode
6
- * when constraints are incompatible. Logs warnings in Advisory mode.
7
- */
8
- import type { SecurityConstraints } from '../../../../../application/ports/output/agents/agent-executor.interface.js';
9
- export interface ExecutorCapabilities {
10
- /** Whether this executor requires --dangerously-skip-permissions or equivalent */
11
- requiresPermissiveMode: boolean;
12
- /** Human-readable executor name for error messages */
13
- executorName: string;
14
- }
15
- /**
16
- * Validate security constraints against executor capabilities.
17
- *
18
- * @returns A warning message if Advisory mode detects an issue, or undefined if clean.
19
- * @throws SecurityViolationError in Enforce mode when constraints are incompatible.
20
- */
21
- export declare function validateSecurityConstraints(constraints: SecurityConstraints | undefined, capabilities: ExecutorCapabilities): string | undefined;
22
- //# sourceMappingURL=security-constraint-validator.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"security-constraint-validator.d.ts","sourceRoot":"","sources":["../../../../../../../../../packages/core/src/infrastructure/services/agents/common/executors/security-constraint-validator.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4EAA4E,CAAC;AAGtH,MAAM,WAAW,oBAAoB;IACnC,kFAAkF;IAClF,sBAAsB,EAAE,OAAO,CAAC;IAChC,sDAAsD;IACtD,YAAY,EAAE,MAAM,CAAC;CACtB;AAED;;;;;GAKG;AACH,wBAAgB,2BAA2B,CACzC,WAAW,EAAE,mBAAmB,GAAG,SAAS,EAC5C,YAAY,EAAE,oBAAoB,GACjC,MAAM,GAAG,SAAS,CAiBpB"}
@@ -1,30 +0,0 @@
1
- /**
2
- * Security Constraint Validator
3
- *
4
- * Pure function that validates security constraints against executor capabilities.
5
- * Reusable across all executor types. Throws SecurityViolationError in Enforce mode
6
- * when constraints are incompatible. Logs warnings in Advisory mode.
7
- */
8
- import { SecurityMode, SecurityActionCategory } from '../../../../../domain/generated/output.js';
9
- import { SecurityViolationError } from '../../../../../domain/errors/security-violation.error.js';
10
- /**
11
- * Validate security constraints against executor capabilities.
12
- *
13
- * @returns A warning message if Advisory mode detects an issue, or undefined if clean.
14
- * @throws SecurityViolationError in Enforce mode when constraints are incompatible.
15
- */
16
- export function validateSecurityConstraints(constraints, capabilities) {
17
- if (!constraints)
18
- return undefined;
19
- if (constraints.mode === SecurityMode.Disabled)
20
- return undefined;
21
- if (constraints.sandboxLevel === 'strict' && capabilities.requiresPermissiveMode) {
22
- const rule = `Executor "${capabilities.executorName}" requires permissive mode but policy demands strict sandbox`;
23
- const remediation = 'Either switch to an executor that supports strict sandboxing, or relax the sandbox policy to permissive.';
24
- if (constraints.mode === SecurityMode.Enforce) {
25
- throw new SecurityViolationError(rule, SecurityActionCategory.SandboxEscalation, remediation);
26
- }
27
- return `[security:advisory] ${rule}. ${remediation}`;
28
- }
29
- return undefined;
30
- }
@@ -1,45 +0,0 @@
1
- /**
2
- * Security Pre-Check for Feature Agent Nodes
3
- *
4
- * Classifies node actions by SecurityActionCategory and evaluates
5
- * the effective disposition based on the security policy mode and
6
- * per-category overrides from FeatureAgentState.
7
- *
8
- * Used by executeNode() to enforce or warn about security policy
9
- * before executing agent prompts.
10
- */
11
- import { SecurityActionCategory, SecurityActionDisposition, SecurityMode } from '../../../../../domain/generated/output.js';
12
- /**
13
- * Classify a node name into its SecurityActionCategory.
14
- * Returns null for read-only nodes (requirements, research, plan, analyze)
15
- * that have no security-sensitive actions.
16
- */
17
- export declare function classifyNodeAction(nodeName: string): SecurityActionCategory | null;
18
- /** Result of a security disposition check. */
19
- export type SecurityCheckResult = {
20
- action: 'skip';
21
- } | {
22
- action: 'allow';
23
- } | {
24
- action: 'warn';
25
- category: SecurityActionCategory;
26
- nodeName: string;
27
- } | {
28
- action: 'deny';
29
- category: SecurityActionCategory;
30
- nodeName: string;
31
- } | {
32
- action: 'approval_required';
33
- category: SecurityActionCategory;
34
- nodeName: string;
35
- };
36
- /**
37
- * Check the security disposition for a node based on the effective policy.
38
- *
39
- * @param nodeName - The graph node name (e.g. 'implement', 'merge')
40
- * @param securityMode - Effective security mode from state
41
- * @param actionDispositions - Per-category disposition overrides from state
42
- * @returns The action to take: skip, allow, warn, deny, or approval_required
43
- */
44
- export declare function checkSecurityDisposition(nodeName: string, securityMode: SecurityMode, actionDispositions: Partial<Record<SecurityActionCategory, SecurityActionDisposition>>): SecurityCheckResult;
45
- //# sourceMappingURL=security-pre-check.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"security-pre-check.d.ts","sourceRoot":"","sources":["../../../../../../../../../packages/core/src/infrastructure/services/agents/feature-agent/nodes/security-pre-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EACL,sBAAsB,EACtB,yBAAyB,EACzB,YAAY,EACb,MAAM,8BAA8B,CAAC;AAWtC;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,sBAAsB,GAAG,IAAI,CAElF;AAED,8CAA8C;AAC9C,MAAM,MAAM,mBAAmB,GAC3B;IAAE,MAAM,EAAE,MAAM,CAAA;CAAE,GAClB;IAAE,MAAM,EAAE,OAAO,CAAA;CAAE,GACnB;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,sBAAsB,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,GACtE;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,sBAAsB,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,GACtE;IAAE,MAAM,EAAE,mBAAmB,CAAC;IAAC,QAAQ,EAAE,sBAAsB,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,CAAC;AAExF;;;;;;;GAOG;AACH,wBAAgB,wBAAwB,CACtC,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,YAAY,EAC1B,kBAAkB,EAAE,OAAO,CAAC,MAAM,CAAC,sBAAsB,EAAE,yBAAyB,CAAC,CAAC,GACrF,mBAAmB,CAyCrB"}
@@ -1,70 +0,0 @@
1
- /**
2
- * Security Pre-Check for Feature Agent Nodes
3
- *
4
- * Classifies node actions by SecurityActionCategory and evaluates
5
- * the effective disposition based on the security policy mode and
6
- * per-category overrides from FeatureAgentState.
7
- *
8
- * Used by executeNode() to enforce or warn about security policy
9
- * before executing agent prompts.
10
- */
11
- import { SecurityActionCategory, SecurityActionDisposition, SecurityMode, } from '../../../../../domain/generated/output.js';
12
- /** Map node names to the security action category they represent. */
13
- const NODE_ACTION_MAP = {
14
- implement: SecurityActionCategory.PackageScriptExec,
15
- 'fast-implement': SecurityActionCategory.PackageScriptExec,
16
- evidence: SecurityActionCategory.PackageScriptExec,
17
- merge: SecurityActionCategory.CiWorkflowModify,
18
- 'ci-fix': SecurityActionCategory.CiWorkflowModify,
19
- };
20
- /**
21
- * Classify a node name into its SecurityActionCategory.
22
- * Returns null for read-only nodes (requirements, research, plan, analyze)
23
- * that have no security-sensitive actions.
24
- */
25
- export function classifyNodeAction(nodeName) {
26
- return NODE_ACTION_MAP[nodeName] ?? null;
27
- }
28
- /**
29
- * Check the security disposition for a node based on the effective policy.
30
- *
31
- * @param nodeName - The graph node name (e.g. 'implement', 'merge')
32
- * @param securityMode - Effective security mode from state
33
- * @param actionDispositions - Per-category disposition overrides from state
34
- * @returns The action to take: skip, allow, warn, deny, or approval_required
35
- */
36
- export function checkSecurityDisposition(nodeName, securityMode, actionDispositions) {
37
- // Disabled mode — no checks
38
- if (securityMode === SecurityMode.Disabled) {
39
- return { action: 'skip' };
40
- }
41
- // Read-only nodes have no security-sensitive actions
42
- const category = classifyNodeAction(nodeName);
43
- if (!category) {
44
- return { action: 'skip' };
45
- }
46
- // Look up the disposition for this category
47
- const disposition = actionDispositions[category];
48
- // No disposition configured — default to allow
49
- if (!disposition) {
50
- return { action: 'allow' };
51
- }
52
- if (disposition === SecurityActionDisposition.Allowed) {
53
- return { action: 'allow' };
54
- }
55
- if (disposition === SecurityActionDisposition.Denied) {
56
- // In Enforce mode, deny the action; in Advisory mode, just warn
57
- if (securityMode === SecurityMode.Enforce) {
58
- return { action: 'deny', category, nodeName };
59
- }
60
- return { action: 'warn', category, nodeName };
61
- }
62
- if (disposition === SecurityActionDisposition.ApprovalRequired) {
63
- // In Enforce mode, require approval; in Advisory mode, just warn
64
- if (securityMode === SecurityMode.Enforce) {
65
- return { action: 'approval_required', category, nodeName };
66
- }
67
- return { action: 'warn', category, nodeName };
68
- }
69
- return { action: 'allow' };
70
- }
@@ -1,53 +0,0 @@
1
- /**
2
- * Dependency Risk Evaluator
3
- *
4
- * Evaluates repository-local dependency risk signals without
5
- * external services. Checks:
6
- * - Manifest-lockfile consistency (package.json vs lockfile)
7
- * - Dependency source types (registry vs git vs file)
8
- * - Risky lifecycle scripts (preinstall, postinstall, prepare)
9
- * - Allowlist/denylist enforcement
10
- * - Version-range strictness
11
- *
12
- * Returns an array of DependencyFinding objects with severity and remediation.
13
- */
14
- import type { DependencyFinding, DependencyRules } from '../../../domain/generated/output.js';
15
- export declare class DependencyRiskEvaluator {
16
- /**
17
- * Evaluate dependency risk for a repository.
18
- *
19
- * @param repositoryPath - Absolute path to the repository root
20
- * @param rules - Dependency risk policy rules
21
- * @returns Array of dependency findings
22
- */
23
- evaluate(repositoryPath: string, rules: DependencyRules): DependencyFinding[];
24
- /**
25
- * Collect all dependencies from package.json (dependencies + devDependencies).
26
- */
27
- private collectDependencies;
28
- /**
29
- * Check that a lockfile exists when there are dependencies.
30
- */
31
- private checkLockfileConsistency;
32
- /**
33
- * Check for dependencies installed from non-registry sources.
34
- */
35
- private checkNonRegistrySources;
36
- /**
37
- * Check installed packages for risky lifecycle scripts.
38
- */
39
- private checkLifecycleScripts;
40
- /**
41
- * Check dependencies against the denylist.
42
- */
43
- private checkDenylist;
44
- /**
45
- * Check dependencies against the allowlist (non-empty allowlist = only listed packages allowed).
46
- */
47
- private checkAllowlist;
48
- /**
49
- * Check version ranges for strictness (no ^, ~, *, >= patterns).
50
- */
51
- private checkVersionRangeStrictness;
52
- }
53
- //# sourceMappingURL=dependency-risk-evaluator.d.ts.map
@@ -1 +0,0 @@
1
- {"version":3,"file":"dependency-risk-evaluator.d.ts","sourceRoot":"","sources":["../../../../../../../packages/core/src/infrastructure/services/security/dependency-risk-evaluator.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAKH,OAAO,KAAK,EAAE,iBAAiB,EAAE,eAAe,EAAE,MAAM,qCAAqC,CAAC;AAsB9F,qBAAa,uBAAuB;IAClC;;;;;;OAMG;IACH,QAAQ,CAAC,cAAc,EAAE,MAAM,EAAE,KAAK,EAAE,eAAe,GAAG,iBAAiB,EAAE;IAmD7E;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAgB3B;;OAEG;IACH,OAAO,CAAC,wBAAwB;IA0BhC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAqB/B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IA8C7B;;OAEG;IACH,OAAO,CAAC,aAAa;IAoBrB;;OAEG;IACH,OAAO,CAAC,cAAc;IAoBtB;;OAEG;IACH,OAAO,CAAC,2BAA2B;CAwBpC"}