@shepai/cli 1.175.0 → 1.175.1-pr527.ea242b8

package/dist/packages/core/src/infrastructure/services/security/release-integrity-evaluator.js

@@ -0,0 +1,194 @@
+/**
+ * Release Integrity Evaluator
+ *
+ * Checks release pipeline integrity for a repository:
+ * - CI workflow exists and publishes from CI (not local)
+ * - NPM_TOKEN and RELEASE_TOKEN referenced as secrets (not hardcoded)
+ * - npm provenance flags (--provenance) present in publish steps
+ * - Release workflow integrity (semantic-release configured)
+ *
+ * Returns a ReleaseIntegrityResult with individual check results and overall pass/fail.
+ */
+import { existsSync, readFileSync, readdirSync } from 'node:fs';
+import { join } from 'node:path';
+import { ReleaseIntegrityCheckType, SecuritySeverity } from '../../../domain/generated/output.js';
+/**
+ * Token env var names that should use secrets.* references.
+ */
+const TOKEN_ENV_NAMES = ['GITHUB_TOKEN', 'RELEASE_TOKEN', 'NPM_TOKEN', 'NODE_AUTH_TOKEN'];
+/**
+ * Pattern for a secrets.* reference in a YAML value.
+ */
+const SECRETS_REF_PATTERN = /\$\{\{\s*secrets\./;
+/**
+ * Pattern for detecting npm publish commands.
+ */
+const NPM_PUBLISH_PATTERN = /npm\s+publish/;
+/**
+ * Pattern for detecting --provenance flag.
+ */
+const PROVENANCE_FLAG_PATTERN = /--provenance/;
+/**
+ * Pattern for detecting semantic-release.
+ */
+const SEMANTIC_RELEASE_PATTERN = /semantic-release/;
+export class ReleaseIntegrityEvaluator {
+    /**
+     * Evaluate release pipeline integrity.
+     *
+     * @param repositoryPath - Absolute path to the repository root
+     * @param rules - Release integrity policy rules
+     * @returns Aggregated result with individual check details
+     */
+    evaluate(repositoryPath, rules) {
+        const checks = [];
+        const workflowDir = join(repositoryPath, '.github', 'workflows');
+        // Read all workflow files
+        const workflowContents = this.readWorkflowFiles(workflowDir);
+        // Check CI-only publishing
+        if (rules.requireCiOnlyPublishing) {
+            checks.push(this.checkCiOnlyPublishing(workflowDir, workflowContents));
+        }
+        // Check secret configuration (no hardcoded tokens)
+        if (rules.requireCiOnlyPublishing) {
+            checks.push(this.checkSecretConfiguration(workflowContents));
+        }
+        // Check provenance configuration
+        if (rules.requireProvenance) {
+            checks.push(...this.checkProvenanceConfiguration(workflowContents));
+        }
+        // Check workflow integrity
+        if (rules.checkWorkflowIntegrity) {
+            checks.push(this.checkWorkflowIntegrity(workflowContents));
+        }
+        return {
+            checks,
+            passed: checks.length === 0 || checks.every((c) => c.passed),
+        };
+    }
+    /**
+     * Read all YAML workflow files from .github/workflows/.
+     */
+    readWorkflowFiles(workflowDir) {
+        if (!existsSync(workflowDir)) {
+            return [];
+        }
+        try {
+            const files = readdirSync(workflowDir).filter((f) => f.endsWith('.yml') || f.endsWith('.yaml'));
+            return files.map((f) => readFileSync(join(workflowDir, f), 'utf-8'));
+        }
+        catch {
+            return [];
+        }
+    }
+    /**
+     * Check that CI workflow files exist (publishing happens in CI, not locally).
+     */
+    checkCiOnlyPublishing(workflowDir, workflowContents) {
+        if (workflowContents.length === 0) {
+            return {
+                checkType: ReleaseIntegrityCheckType.CiOnlyPublishing,
+                passed: false,
+                message: 'No CI workflow files found in .github/workflows/. Publishing must happen in CI, not locally.',
+                severity: SecuritySeverity.Critical,
+            };
+        }
+        return {
+            checkType: ReleaseIntegrityCheckType.CiOnlyPublishing,
+            passed: true,
+            message: 'CI workflow files found. Publishing is configured for CI execution.',
+            severity: SecuritySeverity.Critical,
+        };
+    }
+    /**
+     * Check that tokens are referenced as secrets, not hardcoded.
+     * Scans for known token env var names and verifies they use ${{ secrets.* }}.
+     */
+    checkSecretConfiguration(workflowContents) {
+        const allContent = workflowContents.join('\n');
+        const lines = allContent.split('\n');
+        for (const line of lines) {
+            const trimmed = line.trim();
+            for (const tokenName of TOKEN_ENV_NAMES) {
+                // Match lines like "NPM_TOKEN: value" or "NPM_TOKEN: 'value'"
+                const pattern = new RegExp(`^${tokenName}\\s*:\\s*(.+)$`);
+                const match = pattern.exec(trimmed);
+                if (match) {
+                    const value = match[1].trim();
+                    // Value must contain a secrets.* reference to be safe
+                    if (!SECRETS_REF_PATTERN.test(value)) {
+                        return {
+                            checkType: ReleaseIntegrityCheckType.SecretConfiguration,
+                            passed: false,
+                            message: 'Hardcoded token detected in workflow files. Tokens must use ${{ secrets.* }} references.',
+                            severity: SecuritySeverity.Critical,
+                        };
+                    }
+                }
+            }
+        }
+        return {
+            checkType: ReleaseIntegrityCheckType.SecretConfiguration,
+            passed: true,
+            message: 'Tokens are properly referenced using ${{ secrets.* }} expressions.',
+            severity: SecuritySeverity.Critical,
+        };
+    }
+    /**
+     * Check that npm publish commands include --provenance flag.
+     */
+    checkProvenanceConfiguration(workflowContents) {
+        const allContent = workflowContents.join('\n');
+        // If no npm publish commands found, provenance is not applicable
+        if (!NPM_PUBLISH_PATTERN.test(allContent)) {
+            return [];
+        }
+        // Check if all npm publish commands have --provenance
+        const lines = allContent.split('\n');
+        let hasPublishWithoutProvenance = false;
+        for (const line of lines) {
+            if (NPM_PUBLISH_PATTERN.test(line) && !PROVENANCE_FLAG_PATTERN.test(line)) {
+                hasPublishWithoutProvenance = true;
+                break;
+            }
+        }
+        if (hasPublishWithoutProvenance) {
+            return [
+                {
+                    checkType: ReleaseIntegrityCheckType.ProvenanceConfiguration,
+                    passed: false,
+                    message: 'npm publish command found without --provenance flag. Add --provenance to generate SLSA provenance attestations.',
+                    severity: SecuritySeverity.Medium,
+                },
+            ];
+        }
+        return [
+            {
+                checkType: ReleaseIntegrityCheckType.ProvenanceConfiguration,
+                passed: true,
+                message: 'npm publish commands include --provenance flag for SLSA provenance.',
+                severity: SecuritySeverity.Medium,
+            },
+        ];
+    }
+    /**
+     * Check workflow integrity (semantic-release is configured).
+     */
+    checkWorkflowIntegrity(workflowContents) {
+        const allContent = workflowContents.join('\n');
+        if (!SEMANTIC_RELEASE_PATTERN.test(allContent)) {
+            return {
+                checkType: ReleaseIntegrityCheckType.WorkflowIntegrity,
+                passed: false,
+                message: 'semantic-release not found in CI workflows. Automated release management is recommended.',
+                severity: SecuritySeverity.Medium,
+            };
+        }
+        return {
+            checkType: ReleaseIntegrityCheckType.WorkflowIntegrity,
+            passed: true,
+            message: 'semantic-release is configured in CI workflows.',
+            severity: SecuritySeverity.Medium,
+        };
+    }
+}

package/dist/packages/core/src/infrastructure/services/security/security-policy-file-reader.d.ts

@@ -0,0 +1,28 @@
+/**
+ * Security Policy File Reader
+ *
+ * Reads and parses shep.security.yaml from a repository root using js-yaml.
+ * Returns the parsed object or null if the file does not exist.
+ * Throws with actionable messages on YAML syntax errors.
+ *
+ * Uses DEFAULT_SCHEMA to prevent arbitrary code execution from YAML tags.
+ */
+import type { SecurityPolicy } from '../../../domain/generated/output.js';
+/**
+ * The filename for the security policy file at the repository root.
+ */
+export declare const SECURITY_POLICY_FILENAME = "shep.security.yaml";
+/**
+ * Reads and parses the security policy YAML file from a repository.
+ */
+export declare class SecurityPolicyFileReader {
+    /**
+     * Read and parse the security policy file from the given repository path.
+     *
+     * @param repositoryPath - Absolute path to the repository root
+     * @returns Parsed policy object, or null if file does not exist or is empty
+     * @throws Error with actionable message if YAML is malformed
+     */
+    read(repositoryPath: string): Promise<Partial<SecurityPolicy> | null>;
+}
+//# sourceMappingURL=security-policy-file-reader.d.ts.map

package/dist/packages/core/src/infrastructure/services/security/security-policy-file-reader.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-policy-file-reader.d.ts","sourceRoot":"","sources":["../../../../../../../packages/core/src/infrastructure/services/security/security-policy-file-reader.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAKH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,qCAAqC,CAAC;AAE1E;;GAEG;AACH,eAAO,MAAM,wBAAwB,uBAAuB,CAAC;AAE7D;;GAEG;AACH,qBAAa,wBAAwB;IACnC;;;;;;OAMG;IACG,IAAI,CAAC,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,GAAG,IAAI,CAAC;CA0B5E"}

package/dist/packages/core/src/infrastructure/services/security/security-policy-file-reader.js

@@ -0,0 +1,50 @@
+/**
+ * Security Policy File Reader
+ *
+ * Reads and parses shep.security.yaml from a repository root using js-yaml.
+ * Returns the parsed object or null if the file does not exist.
+ * Throws with actionable messages on YAML syntax errors.
+ *
+ * Uses DEFAULT_SCHEMA to prevent arbitrary code execution from YAML tags.
+ */
+import { readFileSync, existsSync } from 'node:fs';
+import { join } from 'node:path';
+import yaml from 'js-yaml';
+/**
+ * The filename for the security policy file at the repository root.
+ */
+export const SECURITY_POLICY_FILENAME = 'shep.security.yaml';
+/**
+ * Reads and parses the security policy YAML file from a repository.
+ */
+export class SecurityPolicyFileReader {
+    /**
+     * Read and parse the security policy file from the given repository path.
+     *
+     * @param repositoryPath - Absolute path to the repository root
+     * @returns Parsed policy object, or null if file does not exist or is empty
+     * @throws Error with actionable message if YAML is malformed
+     */
+    async read(repositoryPath) {
+        const filePath = join(repositoryPath, SECURITY_POLICY_FILENAME);
+        if (!existsSync(filePath)) {
+            return null;
+        }
+        const content = readFileSync(filePath, 'utf-8');
+        try {
+            const parsed = yaml.load(content, {
+                schema: yaml.DEFAULT_SCHEMA,
+                filename: SECURITY_POLICY_FILENAME,
+            });
+            // Empty file or comment-only file yields null/undefined
+            if (parsed == null || typeof parsed !== 'object') {
+                return null;
+            }
+            return parsed;
+        }
+        catch (error) {
+            const message = error instanceof Error ? error.message : String(error);
+            throw new Error(`Failed to parse ${SECURITY_POLICY_FILENAME}: ${message}`);
+        }
+    }
+}

package/dist/packages/core/src/infrastructure/services/security/security-policy-validator.d.ts

@@ -0,0 +1,26 @@
+/**
+ * Security Policy Validator
+ *
+ * Validates a parsed security policy object against the expected schema.
+ * Checks required fields, valid enum values, contradictory rules,
+ * and reasonable input limits. Returns structured validation results
+ * with per-field error messages.
+ */
+import type { PolicyValidationResult } from '../../../application/ports/output/services/security-policy-service.interface.js';
+/**
+ * Validates parsed security policy objects against the expected schema.
+ */
+export declare class SecurityPolicyValidator {
+    /**
+     * Validate a parsed policy object.
+     *
+     * @param policy - The parsed policy object (from YAML)
+     * @returns Validation result with errors array
+     */
+    validate(policy: Record<string, unknown>): PolicyValidationResult;
+    private validateActionDispositions;
+    private validateDependencyRules;
+    private validateReleaseRules;
+    private validateStringList;
+}
+//# sourceMappingURL=security-policy-validator.d.ts.map

package/dist/packages/core/src/infrastructure/services/security/security-policy-validator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-policy-validator.d.ts","sourceRoot":"","sources":["../../../../../../../packages/core/src/infrastructure/services/security/security-policy-validator.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAOH,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,iFAAiF,CAAC;AAY9H;;GAEG;AACH,qBAAa,uBAAuB;IAClC;;;;;OAKG;IACH,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,sBAAsB;IAiCjE,OAAO,CAAC,0BAA0B;IAwDlC,OAAO,CAAC,uBAAuB;IAgC/B,OAAO,CAAC,oBAAoB;IAqB5B,OAAO,CAAC,kBAAkB;CAgB3B"}

package/dist/packages/core/src/infrastructure/services/security/security-policy-validator.js

@@ -0,0 +1,147 @@
+/**
+ * Security Policy Validator
+ *
+ * Validates a parsed security policy object against the expected schema.
+ * Checks required fields, valid enum values, contradictory rules,
+ * and reasonable input limits. Returns structured validation results
+ * with per-field error messages.
+ */
+import { SecurityMode, SecurityActionCategory, SecurityActionDisposition, } from '../../../domain/generated/output.js';
+/** Maximum number of action disposition entries allowed */
+const MAX_ACTION_DISPOSITIONS = 100;
+/** Maximum number of entries in allowlist or denylist */
+const MAX_LIST_ENTRIES = 100;
+const VALID_MODES = Object.values(SecurityMode);
+const VALID_CATEGORIES = Object.values(SecurityActionCategory);
+const VALID_DISPOSITIONS = Object.values(SecurityActionDisposition);
+/**
+ * Validates parsed security policy objects against the expected schema.
+ */
+export class SecurityPolicyValidator {
+    /**
+     * Validate a parsed policy object.
+     *
+     * @param policy - The parsed policy object (from YAML)
+     * @returns Validation result with errors array
+     */
+    validate(policy) {
+        const errors = [];
+        // Validate mode (optional, but if present must be valid)
+        if (policy.mode !== undefined) {
+            if (!VALID_MODES.includes(policy.mode)) {
+                errors.push(`Invalid mode: "${String(policy.mode)}". Valid values: ${VALID_MODES.join(', ')}`);
+            }
+        }
+        // Validate actionDispositions (optional, but if present must be valid)
+        if (policy.actionDispositions !== undefined) {
+            this.validateActionDispositions(policy.actionDispositions, errors);
+        }
+        // Validate dependencyRules (optional, but if present must be valid)
+        if (policy.dependencyRules !== undefined) {
+            this.validateDependencyRules(policy.dependencyRules, errors);
+        }
+        // Validate releaseRules (optional, but if present must be valid)
+        if (policy.releaseRules !== undefined) {
+            this.validateReleaseRules(policy.releaseRules, errors);
+        }
+        return {
+            valid: errors.length === 0,
+            errors,
+        };
+    }
+    validateActionDispositions(value, errors) {
+        if (!Array.isArray(value)) {
+            errors.push('actionDispositions must be an array');
+            return;
+        }
+        if (value.length > MAX_ACTION_DISPOSITIONS) {
+            errors.push(`actionDispositions exceeds limit: ${value.length} entries (max ${MAX_ACTION_DISPOSITIONS})`);
+            return;
+        }
+        // Track categories to detect contradictions
+        const categoryToDisposition = new Map();
+        for (let i = 0; i < value.length; i++) {
+            const entry = value[i];
+            if (!entry || typeof entry !== 'object') {
+                errors.push(`actionDispositions[${i}] must be an object`);
+                continue;
+            }
+            const category = entry.category;
+            const disposition = entry.disposition;
+            if (!VALID_CATEGORIES.includes(category)) {
+                errors.push(`actionDispositions[${i}].category: invalid value "${String(category)}". Valid values: ${VALID_CATEGORIES.join(', ')}`);
+            }
+            if (!VALID_DISPOSITIONS.includes(disposition)) {
+                errors.push(`actionDispositions[${i}].disposition: invalid value "${String(disposition)}". Valid values: ${VALID_DISPOSITIONS.join(', ')}`);
+            }
+            // Check for contradictory entries (same category, different disposition)
+            if (VALID_CATEGORIES.includes(category) &&
+                VALID_DISPOSITIONS.includes(disposition)) {
+                const existing = categoryToDisposition.get(category);
+                if (existing !== undefined && existing !== disposition) {
+                    errors.push(`Contradictory action dispositions for category "${category}": "${existing}" vs "${disposition}"`);
+                }
+                else {
+                    categoryToDisposition.set(category, disposition);
+                }
+            }
+        }
+    }
+    validateDependencyRules(value, errors) {
+        if (!value || typeof value !== 'object') {
+            errors.push('dependencyRules must be an object');
+            return;
+        }
+        const rules = value;
+        // Validate boolean fields
+        const booleanFields = [
+            'checkLockfileConsistency',
+            'checkLifecycleScripts',
+            'checkNonRegistrySource',
+            'enforceStrictVersionRanges',
+        ];
+        for (const field of booleanFields) {
+            if (rules[field] !== undefined && typeof rules[field] !== 'boolean') {
+                errors.push(`dependencyRules.${field} must be a boolean, got ${typeof rules[field]}`);
+            }
+        }
+        // Validate list fields
+        if (rules.allowlist !== undefined) {
+            this.validateStringList('dependencyRules.allowlist', rules.allowlist, errors);
+        }
+        if (rules.denylist !== undefined) {
+            this.validateStringList('dependencyRules.denylist', rules.denylist, errors);
+        }
+    }
+    validateReleaseRules(value, errors) {
+        if (!value || typeof value !== 'object') {
+            errors.push('releaseRules must be an object');
+            return;
+        }
+        const rules = value;
+        const booleanFields = [
+            'requireCiOnlyPublishing',
+            'requireProvenance',
+            'checkWorkflowIntegrity',
+        ];
+        for (const field of booleanFields) {
+            if (rules[field] !== undefined && typeof rules[field] !== 'boolean') {
+                errors.push(`releaseRules.${field} must be a boolean, got ${typeof rules[field]}`);
+            }
+        }
+    }
+    validateStringList(path, value, errors) {
+        if (!Array.isArray(value)) {
+            errors.push(`${path} must be an array`);
+            return;
+        }
+        if (value.length > MAX_LIST_ENTRIES) {
+            errors.push(`${path} exceeds limit: ${value.length} entries (max ${MAX_LIST_ENTRIES})`);
+        }
+        for (let i = 0; i < value.length; i++) {
+            if (typeof value[i] !== 'string') {
+                errors.push(`${path}[${i}] must be a string`);
+            }
+        }
+    }
+}

package/dist/packages/core/src/infrastructure/services/security/security-policy.service.d.ts

@@ -0,0 +1,44 @@
+/**
+ * Security Policy Service
+ *
+ * Central policy engine implementing ISecurityPolicyService.
+ * Reads the policy file, validates it, merges with persisted settings defaults
+ * using deterministic precedence, and returns an EffectivePolicySnapshot.
+ *
+ * Precedence: global settings defaults < repository policy file (stricter wins).
+ * A lower-precedence layer cannot weaken a stricter higher-precedence rule.
+ */
+import { SecurityActionCategory, SecurityActionDisposition } from '../../../domain/generated/output.js';
+import type { EffectivePolicySnapshot } from '../../../domain/generated/output.js';
+import type { ISecurityPolicyService, PolicyValidationResult } from '../../../application/ports/output/services/security-policy-service.interface.js';
+import type { ISettingsRepository } from '../../../application/ports/output/repositories/settings.repository.interface.js';
+import { SecurityPolicyFileReader } from './security-policy-file-reader.js';
+import { SecurityPolicyValidator } from './security-policy-validator.js';
+export declare class SecurityPolicyService implements ISecurityPolicyService {
+    private readonly fileReader;
+    private readonly validator;
+    private readonly settingsRepo;
+    private readonly cache;
+    constructor(fileReader: SecurityPolicyFileReader, validator: SecurityPolicyValidator, settingsRepo: ISettingsRepository);
+    evaluatePolicy(repositoryPath: string): Promise<EffectivePolicySnapshot>;
+    getEffectivePolicy(repositoryPath: string): Promise<EffectivePolicySnapshot>;
+    validatePolicyFile(filePath: string): Promise<PolicyValidationResult>;
+    getActionDisposition(policy: EffectivePolicySnapshot, actionCategory: SecurityActionCategory): SecurityActionDisposition;
+    /**
+     * Build a default snapshot from settings mode only (no policy file).
+     */
+    private buildDefaultSnapshot;
+    /**
+     * Merge settings defaults with policy file, applying strict-wins precedence.
+     */
+    private mergePolicy;
+    /**
+     * Return the stricter of two SecurityMode values.
+     */
+    private stricterMode;
+    /**
+     * Return the stricter of two SecurityActionDisposition values.
+     */
+    private stricterDisposition;
+}
+//# sourceMappingURL=security-policy.service.d.ts.map

package/dist/packages/core/src/infrastructure/services/security/security-policy.service.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-policy.service.d.ts","sourceRoot":"","sources":["../../../../../../../packages/core/src/infrastructure/services/security/security-policy.service.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,EAEL,sBAAsB,EACtB,yBAAyB,EAC1B,MAAM,qCAAqC,CAAC;AAC7C,OAAO,KAAK,EACV,uBAAuB,EAGxB,MAAM,qCAAqC,CAAC;AAC7C,OAAO,KAAK,EACV,sBAAsB,EACtB,sBAAsB,EACvB,MAAM,iFAAiF,CAAC;AACzF,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,iFAAiF,CAAC;AAC3H,OAAO,EACL,wBAAwB,EAEzB,MAAM,kCAAkC,CAAC;AAC1C,OAAO,EAAE,uBAAuB,EAAE,MAAM,gCAAgC,CAAC;AA4BzE,qBACa,qBAAsB,YAAW,sBAAsB;IAKhE,OAAO,CAAC,QAAQ,CAAC,UAAU;IAE3B,OAAO,CAAC,QAAQ,CAAC,SAAS;IAE1B,OAAO,CAAC,QAAQ,CAAC,YAAY;IAR/B,OAAO,CAAC,QAAQ,CAAC,KAAK,CAA8C;gBAIjD,UAAU,EAAE,wBAAwB,EAEpC,SAAS,EAAE,uBAAuB,EAElC,YAAY,EAAE,mBAAmB;IAG9C,cAAc,CAAC,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,uBAAuB,CAAC;IA6BxE,kBAAkB,CAAC,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,uBAAuB,CAAC;IAQ5E,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,sBAAsB,CAAC;IAY3E,oBAAoB,CAClB,MAAM,EAAE,uBAAuB,EAC/B,cAAc,EAAE,sBAAsB,GACrC,yBAAyB;IAK5B;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAY5B;;OAEG;IACH,OAAO,CAAC,WAAW;IAuCnB;;OAEG;IACH,OAAO,CAAC,YAAY;IAMpB;;OAEG;IACH,OAAO,CAAC,mBAAmB;CAQ5B"}

package/dist/packages/core/src/infrastructure/services/security/security-policy.service.js

@@ -0,0 +1,174 @@
+/**
+ * Security Policy Service
+ *
+ * Central policy engine implementing ISecurityPolicyService.
+ * Reads the policy file, validates it, merges with persisted settings defaults
+ * using deterministic precedence, and returns an EffectivePolicySnapshot.
+ *
+ * Precedence: global settings defaults < repository policy file (stricter wins).
+ * A lower-precedence layer cannot weaken a stricter higher-precedence rule.
+ */
+var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
+    var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
+    if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
+    else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
+    return c > 3 && r && Object.defineProperty(target, key, r), r;
+};
+var __metadata = (this && this.__metadata) || function (k, v) {
+    if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
+};
+var __param = (this && this.__param) || function (paramIndex, decorator) {
+    return function (target, key) { decorator(target, key, paramIndex); }
+};
+import { injectable, inject } from 'tsyringe';
+import { SecurityMode, SecurityActionCategory, SecurityActionDisposition, } from '../../../domain/generated/output.js';
+import { SecurityPolicyFileReader, SECURITY_POLICY_FILENAME, } from './security-policy-file-reader.js';
+import { SecurityPolicyValidator } from './security-policy-validator.js';
+import { dirname } from 'node:path';
+/**
+ * Numeric rank for comparing SecurityMode strictness.
+ * Higher number = stricter mode.
+ */
+const MODE_STRICTNESS = {
+    [SecurityMode.Disabled]: 0,
+    [SecurityMode.Advisory]: 1,
+    [SecurityMode.Enforce]: 2,
+};
+/**
+ * Numeric rank for comparing disposition strictness.
+ * Higher number = more restrictive.
+ */
+const DISPOSITION_STRICTNESS = {
+    [SecurityActionDisposition.Allowed]: 0,
+    [SecurityActionDisposition.ApprovalRequired]: 1,
+    [SecurityActionDisposition.Denied]: 2,
+};
+/**
+ * All action categories for building default dispositions.
+ */
+const ALL_CATEGORIES = Object.values(SecurityActionCategory);
+let SecurityPolicyService = class SecurityPolicyService {
+    fileReader;
+    validator;
+    settingsRepo;
+    cache = new Map();
+    constructor(fileReader, validator, settingsRepo) {
+        this.fileReader = fileReader;
+        this.validator = validator;
+        this.settingsRepo = settingsRepo;
+    }
+    async evaluatePolicy(repositoryPath) {
+        // Load settings defaults
+        const settings = await this.settingsRepo.load();
+        const settingsMode = settings?.security?.mode ?? SecurityMode.Advisory;
+        // Read policy file
+        const policyFile = await this.fileReader.read(repositoryPath);
+        if (!policyFile) {
+            // No policy file — use settings defaults
+            const snapshot = this.buildDefaultSnapshot(settingsMode);
+            this.cache.set(repositoryPath, snapshot);
+            return snapshot;
+        }
+        // Validate policy file
+        const validation = this.validator.validate(policyFile);
+        if (!validation.valid) {
+            throw new Error(`Security policy validation failed for ${repositoryPath}:\n${validation.errors.join('\n')}`);
+        }
+        // Merge with precedence: settings defaults < policy file (stricter wins)
+        const snapshot = this.mergePolicy(settingsMode, policyFile);
+        this.cache.set(repositoryPath, snapshot);
+        return snapshot;
+    }
+    async getEffectivePolicy(repositoryPath) {
+        const cached = this.cache.get(repositoryPath);
+        if (cached) {
+            return cached;
+        }
+        return this.evaluatePolicy(repositoryPath);
+    }
+    async validatePolicyFile(filePath) {
+        // Read the file from the directory containing it
+        const dirPath = dirname(filePath);
+        const policyFile = await this.fileReader.read(dirPath);
+        if (!policyFile) {
+            return { valid: true, errors: [] };
+        }
+        return this.validator.validate(policyFile);
+    }
+    getActionDisposition(policy, actionCategory) {
+        const entry = policy.actionDispositions.find((d) => d.category === actionCategory);
+        return entry?.disposition ?? SecurityActionDisposition.Allowed;
+    }
+    /**
+     * Build a default snapshot from settings mode only (no policy file).
+     */
+    buildDefaultSnapshot(mode) {
+        return {
+            mode,
+            source: 'settings-default',
+            evaluatedAt: new Date().toISOString(),
+            actionDispositions: ALL_CATEGORIES.map((category) => ({
+                category,
+                disposition: SecurityActionDisposition.Allowed,
+            })),
+        };
+    }
+    /**
+     * Merge settings defaults with policy file, applying strict-wins precedence.
+     */
+    mergePolicy(settingsMode, policyFile) {
+        // Mode: stricter wins
+        const fileMode = policyFile.mode ?? SecurityMode.Advisory;
+        const effectiveMode = this.stricterMode(settingsMode, fileMode);
+        // Action dispositions: merge file entries with defaults, stricter wins
+        const dispositionMap = new Map();
+        // Start with defaults (all Allowed)
+        for (const category of ALL_CATEGORIES) {
+            dispositionMap.set(category, SecurityActionDisposition.Allowed);
+        }
+        // Apply policy file entries (can only make stricter, not weaker)
+        if (policyFile.actionDispositions) {
+            for (const entry of policyFile.actionDispositions) {
+                const current = dispositionMap.get(entry.category);
+                if (current !== undefined) {
+                    dispositionMap.set(entry.category, this.stricterDisposition(current, entry.disposition));
+                }
+            }
+        }
+        const actionDispositions = [];
+        for (const [category, disposition] of dispositionMap) {
+            actionDispositions.push({ category, disposition });
+        }
+        return {
+            mode: effectiveMode,
+            source: SECURITY_POLICY_FILENAME,
+            evaluatedAt: new Date().toISOString(),
+            actionDispositions,
+        };
+    }
+    /**
+     * Return the stricter of two SecurityMode values.
+     */
+    stricterMode(a, b) {
+        const rankA = MODE_STRICTNESS[a] ?? 0;
+        const rankB = MODE_STRICTNESS[b] ?? 0;
+        return rankA >= rankB ? a : b;
+    }
+    /**
+     * Return the stricter of two SecurityActionDisposition values.
+     */
+    stricterDisposition(a, b) {
+        const rankA = DISPOSITION_STRICTNESS[a] ?? 0;
+        const rankB = DISPOSITION_STRICTNESS[b] ?? 0;
+        return rankA >= rankB ? a : b;
+    }
+};
+SecurityPolicyService = __decorate([
+    injectable(),
+    __param(0, inject('SecurityPolicyFileReader')),
+    __param(1, inject('SecurityPolicyValidator')),
+    __param(2, inject('ISettingsRepository')),
+    __metadata("design:paramtypes", [SecurityPolicyFileReader,
+        SecurityPolicyValidator, Object])
+], SecurityPolicyService);
+export { SecurityPolicyService };