@shrkcrft/architecture-guard 0.1.0-alpha.10

package/dist/checks/adapter-leak.d.ts

@@ -0,0 +1,12 @@
+import { type GraphQueryApi } from '@shrkcrft/graph';
+import type { IArchViolation } from '../schema/violation.js';
+/**
+ * Detect layer-skip imports: a file in one architectural role importing
+ * a file in a role that should be reached only via an intermediate
+ * layer.
+ *
+ * Heuristic only — names like `*.controller.ts` are the signal. Teams
+ * with non-conventional names should use the contract DSL instead.
+ */
+export declare function detectAdapterLeaks(api: GraphQueryApi): readonly IArchViolation[];
+//# sourceMappingURL=adapter-leak.d.ts.map

package/dist/checks/adapter-leak.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"adapter-leak.d.ts","sourceRoot":"","sources":["../../src/checks/adapter-leak.ts"],"names":[],"mappings":"AAAA,OAAO,EAAY,KAAK,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC/D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAqC7D;;;;;;;GAOG;AACH,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,aAAa,GAAG,SAAS,cAAc,EAAE,CA8BhF"}

package/dist/checks/adapter-leak.js

@@ -0,0 +1,75 @@
+import { EdgeKind } from '@shrkcrft/graph';
+/**
+ * Layer-skip patterns the check looks for by default. Each entry says
+ * "a file matching `from` should NOT directly import a file matching
+ * `to` — go through `via` instead."
+ *
+ * The defaults catch the most common backend layering anti-patterns
+ * (NestJS / Express-shaped apps + simple domain layering). Teams that
+ * want different rules use the contract DSL (`sharkcraft/arch.ts`).
+ */
+const DEFAULT_PATTERNS = [
+    {
+        from: /\.(controller|controllers)\.[tj]sx?$/,
+        to: /\.(repository|repositories|repo)\.[tj]sx?$/,
+        via: 'service layer',
+        message: 'controller imports repository directly — route through a service.',
+    },
+    {
+        from: /\.(controller|controllers)\.[tj]sx?$/,
+        to: /\.(entity|entities|model|models)\.[tj]sx?$/,
+        via: 'service or DTO layer',
+        message: 'controller imports an entity / persistence model — route through a service or DTO.',
+    },
+    {
+        from: /\.(view|page|component)\.[tj]sx?$/,
+        to: /\.(repository|repositories|repo)\.[tj]sx?$/,
+        via: 'service / hook layer',
+        message: 'UI component imports repository directly — go through a service / hook.',
+    },
+];
+/**
+ * Detect layer-skip imports: a file in one architectural role importing
+ * a file in a role that should be reached only via an intermediate
+ * layer.
+ *
+ * Heuristic only — names like `*.controller.ts` are the signal. Teams
+ * with non-conventional names should use the contract DSL instead.
+ */
+export function detectAdapterLeaks(api) {
+    const out = [];
+    for (const file of api.allFiles()) {
+        if (!file.path)
+            continue;
+        const fromPath = file.path.toLowerCase();
+        const matchingPatterns = DEFAULT_PATTERNS.filter((p) => p.from.test(fromPath));
+        if (matchingPatterns.length === 0)
+            continue;
+        const neighbours = api.neighbours(file.id);
+        if (!neighbours)
+            continue;
+        for (const o of neighbours.out) {
+            if (o.edge.kind !== EdgeKind.ImportsFile)
+                continue;
+            const target = api.neighbours(o.edge.to)?.node;
+            if (!target?.path)
+                continue;
+            const toPath = target.path.toLowerCase();
+            for (const p of matchingPatterns) {
+                if (!p.to.test(toPath))
+                    continue;
+                out.push({
+                    kind: 'public-api-misuse',
+                    severity: 'warning',
+                    message: `adapter leak: ${file.path} → ${target.path} — ${p.message}`,
+                    file: file.path,
+                    line: o.edge.data?.['line'] ?? undefined,
+                    targetFile: target.path,
+                    suggestedFix: `Introduce the ${p.via} between these two files.`,
+                    refs: [file.id, target.id],
+                });
+            }
+        }
+    }
+    return out;
+}

package/dist/checks/barrel-risks.d.ts

@@ -0,0 +1,14 @@
+import { type GraphQueryApi } from '@shrkcrft/graph';
+import type { IArchViolation } from '../schema/violation.js';
+/**
+ * Detect risky barrel files (`index.ts` re-exporters):
+ *
+ *   - barrel-fat: > 40 re-exports without grouping commentary.
+ *   - barrel-cycle: barrel re-exports a module that transitively imports
+ *     the barrel itself (creates an import cycle through the barrel).
+ *
+ * Both checks are intentionally low-noise: only barrels named `index.ts`
+ * (or `.tsx` / `.js`) are considered.
+ */
+export declare function detectBarrelRisks(api: GraphQueryApi): readonly IArchViolation[];
+//# sourceMappingURL=barrel-risks.d.ts.map

package/dist/checks/barrel-risks.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"barrel-risks.d.ts","sourceRoot":"","sources":["../../src/checks/barrel-risks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAY,KAAK,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC/D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAI7D;;;;;;;;;GASG;AACH,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,aAAa,GAAG,SAAS,cAAc,EAAE,CA+C/E"}

package/dist/checks/barrel-risks.js

@@ -0,0 +1,60 @@
+import { EdgeKind } from '@shrkcrft/graph';
+const FAT_BARREL_THRESHOLD = 40;
+/**
+ * Detect risky barrel files (`index.ts` re-exporters):
+ *
+ *   - barrel-fat: > 40 re-exports without grouping commentary.
+ *   - barrel-cycle: barrel re-exports a module that transitively imports
+ *     the barrel itself (creates an import cycle through the barrel).
+ *
+ * Both checks are intentionally low-noise: only barrels named `index.ts`
+ * (or `.tsx` / `.js`) are considered.
+ */
+export function detectBarrelRisks(api) {
+    const out = [];
+    for (const file of api.allFiles()) {
+        if (!file.path || !/(?:^|\/)index\.[mc]?[jt]sx?$/.test(file.path))
+            continue;
+        const data = file.data ?? {};
+        const reExportCount = data['reExportCount'] ?? 0;
+        const exportCount = data['exportCount'] ?? 0;
+        if (reExportCount + exportCount >= FAT_BARREL_THRESHOLD) {
+            out.push({
+                kind: 'barrel-fat',
+                severity: 'warning',
+                message: `fat barrel: ${reExportCount + exportCount} (re-)exports in a single index file`,
+                file: file.path,
+                suggestedFix: 'Split into themed sub-barrels (e.g. `./model`, `./service`) and re-export those.',
+                refs: [file.id],
+            });
+        }
+        // Cycle through this barrel: does any file the barrel imports
+        // (directly or transitively, capped 1-hop here) also import the
+        // barrel back?
+        const neighbours = api.neighbours(file.id);
+        if (!neighbours)
+            continue;
+        const importedTargets = neighbours.out
+            .filter((o) => o.edge.kind === EdgeKind.ImportsFile)
+            .map((o) => o.edge.to);
+        for (const tgt of importedTargets) {
+            const reverse = api.neighbours(tgt);
+            if (!reverse)
+                continue;
+            const reExportsBarrel = reverse.out.some((o) => o.edge.kind === EdgeKind.ImportsFile && o.edge.to === file.id);
+            if (reExportsBarrel) {
+                const tNode = api.neighbours(tgt)?.node;
+                out.push({
+                    kind: 'barrel-cycle',
+                    severity: 'error',
+                    message: `barrel cycle: ${file.path} re-exports a module that imports the barrel back`,
+                    file: file.path,
+                    targetFile: tNode?.path,
+                    suggestedFix: 'Move the cycle-creating module out of the barrel, or import directly from the leaf file.',
+                    refs: [file.id, tgt],
+                });
+            }
+        }
+    }
+    return out;
+}

package/dist/checks/contract-checks.d.ts

@@ -0,0 +1,17 @@
+import { type GraphQueryApi } from '@shrkcrft/graph';
+import type { IArchContract } from '../schema/contract.js';
+import type { IArchViolation } from '../schema/violation.js';
+/**
+ * Evaluate a project-specific architecture contract against the graph.
+ *
+ * For each `imports-file` edge whose source file matches a layer:
+ *   - If the source's rule has `mayNotImport` and the target layer is in
+ *     that list → violation.
+ *   - If the source's rule has `mayImport` (a positive whitelist) and
+ *     the target layer is NOT in that list → violation.
+ *
+ * Files that match no layer are ignored (the contract says nothing
+ * about them). External / unresolved imports are skipped.
+ */
+export declare function evaluateContract(api: GraphQueryApi, contract: IArchContract): readonly IArchViolation[];
+//# sourceMappingURL=contract-checks.d.ts.map

package/dist/checks/contract-checks.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"contract-checks.d.ts","sourceRoot":"","sources":["../../src/checks/contract-checks.ts"],"names":[],"mappings":"AACA,OAAO,EAAY,KAAK,aAAa,EAAE,MAAM,iBAAiB,CAAC;AAC/D,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAO7D;;;;;;;;;;;GAWG;AACH,wBAAgB,gBAAgB,CAC9B,GAAG,EAAE,aAAa,EAClB,QAAQ,EAAE,aAAa,GACtB,SAAS,cAAc,EAAE,CA6C3B"}

package/dist/checks/contract-checks.js

@@ -0,0 +1,80 @@
+import { globToRegex } from '@shrkcrft/boundaries';
+import { EdgeKind } from '@shrkcrft/graph';
+/**
+ * Evaluate a project-specific architecture contract against the graph.
+ *
+ * For each `imports-file` edge whose source file matches a layer:
+ *   - If the source's rule has `mayNotImport` and the target layer is in
+ *     that list → violation.
+ *   - If the source's rule has `mayImport` (a positive whitelist) and
+ *     the target layer is NOT in that list → violation.
+ *
+ * Files that match no layer are ignored (the contract says nothing
+ * about them). External / unresolved imports are skipped.
+ */
+export function evaluateContract(api, contract) {
+    const compiled = compile(contract);
+    const out = [];
+    for (const file of api.allFiles()) {
+        if (!file.path)
+            continue;
+        const srcLayer = matchLayer(file.path, compiled);
+        if (!srcLayer)
+            continue;
+        const rule = contract.rules.find((r) => r.from === srcLayer);
+        if (!rule)
+            continue;
+        const neighbours = api.neighbours(file.id);
+        if (!neighbours)
+            continue;
+        for (const o of neighbours.out) {
+            if (o.edge.kind !== EdgeKind.ImportsFile)
+                continue;
+            const target = api.neighbours(o.edge.to)?.node;
+            if (!target?.path)
+                continue;
+            const tgtLayer = matchLayer(target.path, compiled);
+            if (!tgtLayer)
+                continue;
+            if (rule.mayNotImport?.includes(tgtLayer)) {
+                out.push({
+                    kind: 'contract-import',
+                    severity: rule.severity ?? 'error',
+                    message: `contract violation: ${srcLayer} → ${tgtLayer} (forbidden by ${contract.id ?? 'arch-contract'})`,
+                    file: file.path,
+                    line: o.edge.data?.['line'] ?? undefined,
+                    targetFile: target.path,
+                    suggestedFix: rule.reason ?? `Refactor so the dependency goes the other way (${tgtLayer} → ${srcLayer}).`,
+                    refs: [file.id, target.id],
+                });
+                continue;
+            }
+            if (rule.mayImport && rule.mayImport.length > 0 && !rule.mayImport.includes(tgtLayer)) {
+                out.push({
+                    kind: 'contract-layer-skip',
+                    severity: rule.severity ?? 'error',
+                    message: `contract violation: ${srcLayer} may only import {${rule.mayImport.join(', ')}}, found → ${tgtLayer}`,
+                    file: file.path,
+                    line: o.edge.data?.['line'] ?? undefined,
+                    targetFile: target.path,
+                    suggestedFix: rule.reason,
+                    refs: [file.id, target.id],
+                });
+            }
+        }
+    }
+    return out;
+}
+function compile(c) {
+    return c.layers.map((l) => ({
+        name: l.name,
+        matchers: l.includes.map((p) => globToRegex(p)),
+    }));
+}
+function matchLayer(path, layers) {
+    for (const l of layers) {
+        if (l.matchers.some((re) => re.test(path)))
+            return l.name;
+    }
+    return undefined;
+}

package/dist/checks/cycle-severity.d.ts

@@ -0,0 +1,10 @@
+import { type GraphQueryApi, type IEdge } from '@shrkcrft/graph';
+import type { IArchViolation } from '../schema/violation.js';
+/**
+ * Find directed cycles in the `imports-file` graph (Tarjan SCC) and
+ * report each as a violation. Severity scales with cycle size: 2-node
+ * cycle = warning (often refactor-friendly), 3+ = error.
+ */
+export declare function detectCycles(api: GraphQueryApi): readonly IArchViolation[];
+export type { IEdge };
+//# sourceMappingURL=cycle-severity.d.ts.map

package/dist/checks/cycle-severity.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cycle-severity.d.ts","sourceRoot":"","sources":["../../src/checks/cycle-severity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAY,KAAK,aAAa,EAAE,KAAK,KAAK,EAAE,MAAM,iBAAiB,CAAC;AAC3E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAE7D;;;;GAIG;AACH,wBAAgB,YAAY,CAAC,GAAG,EAAE,aAAa,GAAG,SAAS,cAAc,EAAE,CAkC1E;AAyCD,YAAY,EAAE,KAAK,EAAE,CAAC"}

package/dist/checks/cycle-severity.js

@@ -0,0 +1,85 @@
+import { EdgeKind } from '@shrkcrft/graph';
+/**
+ * Find directed cycles in the `imports-file` graph (Tarjan SCC) and
+ * report each as a violation. Severity scales with cycle size: 2-node
+ * cycle = warning (often refactor-friendly), 3+ = error.
+ */
+export function detectCycles(api) {
+    // Build adjacency from imports-file edges among file nodes only.
+    const adj = new Map();
+    for (const f of api.allFiles()) {
+        const out = api.neighbours(f.id);
+        if (!out)
+            continue;
+        const list = [];
+        for (const e of out.out) {
+            if (e.edge.kind !== EdgeKind.ImportsFile)
+                continue;
+            if (e.edge.to.startsWith('file:'))
+                list.push(e.edge.to);
+        }
+        adj.set(f.id, list);
+    }
+    const sccs = stronglyConnectedComponents(adj);
+    const violations = [];
+    for (const scc of sccs) {
+        if (scc.length < 2)
+            continue;
+        const refs = [...scc];
+        const headId = scc[0];
+        const head = api.neighbours(headId)?.node;
+        if (!head?.path)
+            continue;
+        violations.push({
+            kind: 'cycle',
+            severity: scc.length >= 3 ? 'error' : 'warning',
+            message: `import cycle (${scc.length} files): ${scc
+                .map((id) => api.neighbours(id)?.node?.path ?? id)
+                .join(' → ')}`,
+            file: head.path,
+            suggestedFix: 'Identify the bidirectional edge and extract the shared types/utilities into a leaf module.',
+            refs,
+        });
+    }
+    return violations;
+}
+function stronglyConnectedComponents(adj) {
+    let index = 0;
+    const stack = [];
+    const onStack = new Set();
+    const indices = new Map();
+    const lowlinks = new Map();
+    const result = [];
+    const strongconnect = (v) => {
+        indices.set(v, index);
+        lowlinks.set(v, index);
+        index += 1;
+        stack.push(v);
+        onStack.add(v);
+        for (const w of adj.get(v) ?? []) {
+            if (!indices.has(w)) {
+                strongconnect(w);
+                lowlinks.set(v, Math.min(lowlinks.get(v), lowlinks.get(w)));
+            }
+            else if (onStack.has(w)) {
+                lowlinks.set(v, Math.min(lowlinks.get(v), indices.get(w)));
+            }
+        }
+        if (lowlinks.get(v) === indices.get(v)) {
+            const scc = [];
+            while (true) {
+                const w = stack.pop();
+                onStack.delete(w);
+                scc.push(w);
+                if (w === v)
+                    break;
+            }
+            result.push(scc);
+        }
+    };
+    for (const v of adj.keys()) {
+        if (!indices.has(v))
+            strongconnect(v);
+    }
+    return result;
+}

package/dist/checks/public-api-misuse.d.ts

@@ -0,0 +1,17 @@
+import { type GraphQueryApi, type IEdge } from '@shrkcrft/graph';
+import type { IArchViolation } from '../schema/violation.js';
+/**
+ * Detect cross-package imports that reach past the public entrypoint.
+ *
+ * Heuristic:
+ *   - Allowed: importing from `<pkg>` (resolved to `<pkg>/src/index.ts`).
+ *   - Allowed: importing a same-package sibling via relative path.
+ *   - Violation: cross-package import whose resolved target is NOT an
+ *     `index.ts` or `*.d.ts` (i.e. it reaches a private internal file).
+ *
+ * Detected via the `imports-file` edge in the code graph + the file
+ * node's owning package (via `belongs-to-package` edges).
+ */
+export declare function detectPublicApiMisuse(api: GraphQueryApi): readonly IArchViolation[];
+export type { IEdge };
+//# sourceMappingURL=public-api-misuse.d.ts.map

package/dist/checks/public-api-misuse.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"public-api-misuse.d.ts","sourceRoot":"","sources":["../../src/checks/public-api-misuse.ts"],"names":[],"mappings":"AAAA,OAAO,EAAY,KAAK,aAAa,EAAE,KAAK,KAAK,EAAc,MAAM,iBAAiB,CAAC;AACvF,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAE7D;;;;;;;;;;;GAWG;AACH,wBAAgB,qBAAqB,CAAC,GAAG,EAAE,aAAa,GAAG,SAAS,cAAc,EAAE,CAsCnF;AAmBD,YAAY,EAAE,KAAK,EAAE,CAAC"}

package/dist/checks/public-api-misuse.js

@@ -0,0 +1,75 @@
+import { EdgeKind } from '@shrkcrft/graph';
+/**
+ * Detect cross-package imports that reach past the public entrypoint.
+ *
+ * Heuristic:
+ *   - Allowed: importing from `<pkg>` (resolved to `<pkg>/src/index.ts`).
+ *   - Allowed: importing a same-package sibling via relative path.
+ *   - Violation: cross-package import whose resolved target is NOT an
+ *     `index.ts` or `*.d.ts` (i.e. it reaches a private internal file).
+ *
+ * Detected via the `imports-file` edge in the code graph + the file
+ * node's owning package (via `belongs-to-package` edges).
+ */
+export function detectPublicApiMisuse(api) {
+    const out = [];
+    const fileByIdPackage = buildFileToPackageMap(api);
+    for (const file of api.allFiles()) {
+        const neighbours = api.neighbours(file.id);
+        if (!neighbours)
+            continue;
+        const fromPkg = fileByIdPackage.get(file.id);
+        if (!fromPkg)
+            continue;
+        for (const o of neighbours.out) {
+            if (o.edge.kind !== EdgeKind.ImportsFile)
+                continue;
+            const targetId = o.edge.to;
+            if (!targetId.startsWith('file:'))
+                continue; // external / unresolved
+            const target = api.neighbours(targetId)?.node;
+            if (!target?.path)
+                continue;
+            const toPkg = fileByIdPackage.get(targetId);
+            if (!toPkg || toPkg === fromPkg)
+                continue;
+            // Cross-package import — confirm it lands on a public entry.
+            const path = target.path;
+            const isPublic = /\/index\.[mc]?[jt]sx?$/.test(path) ||
+                path.endsWith('.d.ts') ||
+                path.endsWith('.d.cts') ||
+                path.endsWith('.d.mts');
+            if (isPublic)
+                continue;
+            out.push({
+                kind: 'public-api-misuse',
+                severity: 'error',
+                message: `cross-package import of private file: ${fromPkg} → ${toPkg} (${target.path})`,
+                file: file.path,
+                line: o.edge.data?.['line'] ?? undefined,
+                targetFile: target.path,
+                suggestedFix: `import from the package entry point (${toPkg}) instead of the internal file.`,
+                refs: [file.id, target.id],
+            });
+        }
+    }
+    return out;
+}
+function buildFileToPackageMap(api) {
+    const out = new Map();
+    for (const file of api.allFiles()) {
+        const neighbours = api.neighbours(file.id);
+        if (!neighbours)
+            continue;
+        for (const o of neighbours.out) {
+            if (o.edge.kind !== EdgeKind.BelongsToPackage)
+                continue;
+            const target = o.target;
+            if ('resolved' in target)
+                continue;
+            out.set(file.id, target.label);
+            break;
+        }
+    }
+    return out;
+}

package/dist/checks/run-arch-check.d.ts

@@ -0,0 +1,27 @@
+import type { IArchContract } from '../schema/contract.js';
+import { type IArchReport } from '../schema/violation.js';
+export interface IRunArchCheckOptions {
+    projectRoot: string;
+    /** Optional project-specific contract. When absent only the generic checks run. */
+    contract?: IArchContract;
+    /**
+     * Which checks to run. Default: all generic checks; contract runs only
+     * when `contract` is provided.
+     */
+    enable?: Partial<{
+        publicApi: boolean;
+        barrels: boolean;
+        cycles: boolean;
+        contract: boolean;
+        adapterLeaks: boolean;
+    }>;
+}
+/**
+ * Run the architecture-guard checks against the on-disk code graph.
+ *
+ * Returns a structured report. Missing graph → diagnostic + zero
+ * violations (never throws on the read path; the CLI surfaces the
+ * `nextCommand` hint).
+ */
+export declare function runArchCheck(options: IRunArchCheckOptions): IArchReport;
+//# sourceMappingURL=run-arch-check.d.ts.map

package/dist/checks/run-arch-check.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"run-arch-check.d.ts","sourceRoot":"","sources":["../../src/checks/run-arch-check.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAC3D,OAAO,EAIL,KAAK,WAAW,EAEjB,MAAM,wBAAwB,CAAC;AAOhC,MAAM,WAAW,oBAAoB;IACnC,WAAW,EAAE,MAAM,CAAC;IACpB,mFAAmF;IACnF,QAAQ,CAAC,EAAE,aAAa,CAAC;IACzB;;;OAGG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;QACf,SAAS,EAAE,OAAO,CAAC;QACnB,OAAO,EAAE,OAAO,CAAC;QACjB,MAAM,EAAE,OAAO,CAAC;QAChB,QAAQ,EAAE,OAAO,CAAC;QAClB,YAAY,EAAE,OAAO,CAAC;KACvB,CAAC,CAAC;CACJ;AAED;;;;;;GAMG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,oBAAoB,GAAG,WAAW,CA+CvE"}

package/dist/checks/run-arch-check.js

@@ -0,0 +1,84 @@
+import { GraphQueryApi, GraphStore } from '@shrkcrft/graph';
+import { ARCH_REPORT_SCHEMA, } from "../schema/violation.js";
+import { detectAdapterLeaks } from "./adapter-leak.js";
+import { detectBarrelRisks } from "./barrel-risks.js";
+import { detectCycles } from "./cycle-severity.js";
+import { detectPublicApiMisuse } from "./public-api-misuse.js";
+import { evaluateContract } from "./contract-checks.js";
+/**
+ * Run the architecture-guard checks against the on-disk code graph.
+ *
+ * Returns a structured report. Missing graph → diagnostic + zero
+ * violations (never throws on the read path; the CLI surfaces the
+ * `nextCommand` hint).
+ */
+export function runArchCheck(options) {
+    const diagnostics = [];
+    const graphStore = new GraphStore(options.projectRoot);
+    if (!graphStore.exists()) {
+        diagnostics.push("code-graph store missing — run `shrk graph index`");
+        return emptyReport(diagnostics, 0);
+    }
+    const api = GraphQueryApi.fromStore(options.projectRoot);
+    const enable = {
+        publicApi: options.enable?.publicApi ?? true,
+        barrels: options.enable?.barrels ?? true,
+        cycles: options.enable?.cycles ?? true,
+        contract: options.enable?.contract ?? !!options.contract,
+        adapterLeaks: options.enable?.adapterLeaks ?? true,
+    };
+    const violations = [];
+    if (enable.publicApi)
+        violations.push(...detectPublicApiMisuse(api));
+    if (enable.barrels)
+        violations.push(...detectBarrelRisks(api));
+    if (enable.cycles)
+        violations.push(...detectCycles(api));
+    if (enable.adapterLeaks)
+        violations.push(...detectAdapterLeaks(api));
+    if (enable.contract && options.contract) {
+        violations.push(...evaluateContract(api, options.contract));
+    }
+    else if (enable.contract && !options.contract) {
+        diagnostics.push("contract check enabled but no contract provided — skipping");
+    }
+    const filesAnalyzed = [...api.allFiles()].length;
+    const countsBySeverity = { error: 0, warning: 0, info: 0 };
+    const countsByKind = {
+        'public-api-misuse': 0,
+        'barrel-cycle': 0,
+        'barrel-fat': 0,
+        cycle: 0,
+        'contract-import': 0,
+        'contract-layer-skip': 0,
+    };
+    for (const v of violations) {
+        countsBySeverity[v.severity] += 1;
+        countsByKind[v.kind] += 1;
+    }
+    return {
+        schema: ARCH_REPORT_SCHEMA,
+        filesAnalyzed,
+        violations,
+        countsBySeverity,
+        countsByKind,
+        diagnostics,
+    };
+}
+function emptyReport(diagnostics, filesAnalyzed) {
+    return {
+        schema: ARCH_REPORT_SCHEMA,
+        filesAnalyzed,
+        violations: [],
+        countsBySeverity: { error: 0, warning: 0, info: 0 },
+        countsByKind: {
+            'public-api-misuse': 0,
+            'barrel-cycle': 0,
+            'barrel-fat': 0,
+            cycle: 0,
+            'contract-import': 0,
+            'contract-layer-skip': 0,
+        },
+        diagnostics,
+    };
+}

package/dist/contract/define-contract.d.ts

@@ -0,0 +1,8 @@
+import { type IArchContract } from '../schema/contract.js';
+/**
+ * Build an architecture contract. Validates the layer references in
+ * each rule; throws on undefined layer names so authoring mistakes are
+ * caught at load time, not check time.
+ */
+export declare function defineArchContract(input: Omit<IArchContract, 'schema'>): IArchContract;
+//# sourceMappingURL=define-contract.d.ts.map

package/dist/contract/define-contract.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"define-contract.d.ts","sourceRoot":"","sources":["../../src/contract/define-contract.ts"],"names":[],"mappings":"AAAA,OAAO,EAAwB,KAAK,aAAa,EAAE,MAAM,uBAAuB,CAAC;AAEjF;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,IAAI,CAAC,aAAa,EAAE,QAAQ,CAAC,GAAG,aAAa,CActF"}

package/dist/contract/define-contract.js

@@ -0,0 +1,23 @@
+import { ARCH_CONTRACT_SCHEMA } from "../schema/contract.js";
+/**
+ * Build an architecture contract. Validates the layer references in
+ * each rule; throws on undefined layer names so authoring mistakes are
+ * caught at load time, not check time.
+ */
+export function defineArchContract(input) {
+    const layerNames = new Set(input.layers.map((l) => l.name));
+    for (const r of input.rules) {
+        if (!layerNames.has(r.from)) {
+            throw new Error(`arch-contract: rule.from refers to undefined layer "${r.from}"`);
+        }
+        for (const l of r.mayImport ?? []) {
+            if (!layerNames.has(l))
+                throw new Error(`arch-contract: rule.mayImport refers to undefined layer "${l}"`);
+        }
+        for (const l of r.mayNotImport ?? []) {
+            if (!layerNames.has(l))
+                throw new Error(`arch-contract: rule.mayNotImport refers to undefined layer "${l}"`);
+        }
+    }
+    return { schema: ARCH_CONTRACT_SCHEMA, ...input };
+}

package/dist/index.d.ts

@@ -0,0 +1,11 @@
+export * from './schema/violation.js';
+export * from './schema/contract.js';
+export * from './checks/public-api-misuse.js';
+export * from './checks/barrel-risks.js';
+export * from './checks/cycle-severity.js';
+export * from './checks/contract-checks.js';
+export * from './checks/adapter-leak.js';
+export * from './contract/define-contract.js';
+export * from './checks/run-arch-check.js';
+export * from './store/arch-report-store.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,uBAAuB,CAAC;AACtC,cAAc,sBAAsB,CAAC;AACrC,cAAc,+BAA+B,CAAC;AAC9C,cAAc,0BAA0B,CAAC;AACzC,cAAc,4BAA4B,CAAC;AAC3C,cAAc,6BAA6B,CAAC;AAC5C,cAAc,0BAA0B,CAAC;AACzC,cAAc,+BAA+B,CAAC;AAC9C,cAAc,4BAA4B,CAAC;AAC3C,cAAc,8BAA8B,CAAC"}

package/dist/index.js

@@ -0,0 +1,10 @@
+export * from "./schema/violation.js";
+export * from "./schema/contract.js";
+export * from "./checks/public-api-misuse.js";
+export * from "./checks/barrel-risks.js";
+export * from "./checks/cycle-severity.js";
+export * from "./checks/contract-checks.js";
+export * from "./checks/adapter-leak.js";
+export * from "./contract/define-contract.js";
+export * from "./checks/run-arch-check.js";
+export * from "./store/arch-report-store.js";

package/dist/schema/contract.d.ts

@@ -0,0 +1,41 @@
+/**
+ * Project-specific architecture contract.
+ *
+ * Declarative DSL — no executable predicates. Authors call
+ * `defineArchContract(...)` (or hand-write the same shape) and pass
+ * the result to `runArchCheck({ contract })` or save it as
+ * `sharkcraft/arch.ts` for auto-discovery.
+ *
+ * Schema: sharkcraft.arch-contract/v1.
+ */
+export declare const ARCH_CONTRACT_SCHEMA: "sharkcraft.arch-contract/v1";
+export interface IArchLayer {
+    name: string;
+    /** Glob patterns (matched against project-relative file paths). */
+    includes: readonly string[];
+}
+export type ContractSeverity = 'error' | 'warning' | 'info';
+export interface IArchRule {
+    /** Source layer name (from `layers`). */
+    from: string;
+    /** Layers the source MAY import from. */
+    mayImport?: readonly string[];
+    /** Layers the source MAY NOT import from. */
+    mayNotImport?: readonly string[];
+    /** Severity when a violation is detected. Default 'error'. */
+    severity?: ContractSeverity;
+    /** Optional explanation shown in the violation. */
+    reason?: string;
+}
+export interface IArchContract {
+    schema: typeof ARCH_CONTRACT_SCHEMA;
+    /** Optional contract id. */
+    id?: string;
+    /** Optional human title. */
+    title?: string;
+    /** Layer declarations. Order is irrelevant. */
+    layers: readonly IArchLayer[];
+    /** Rules among layers. */
+    rules: readonly IArchRule[];
+}
+//# sourceMappingURL=contract.d.ts.map

package/dist/schema/contract.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"contract.d.ts","sourceRoot":"","sources":["../../src/schema/contract.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AACH,eAAO,MAAM,oBAAoB,EAAG,6BAAsC,CAAC;AAE3E,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,mEAAmE;IACnE,QAAQ,EAAE,SAAS,MAAM,EAAE,CAAC;CAC7B;AAED,MAAM,MAAM,gBAAgB,GAAG,OAAO,GAAG,SAAS,GAAG,MAAM,CAAC;AAE5D,MAAM,WAAW,SAAS;IACxB,yCAAyC;IACzC,IAAI,EAAE,MAAM,CAAC;IACb,yCAAyC;IACzC,SAAS,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC9B,6CAA6C;IAC7C,YAAY,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IACjC,8DAA8D;IAC9D,QAAQ,CAAC,EAAE,gBAAgB,CAAC;IAC5B,mDAAmD;IACnD,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,OAAO,oBAAoB,CAAC;IACpC,4BAA4B;IAC5B,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,4BAA4B;IAC5B,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,+CAA+C;IAC/C,MAAM,EAAE,SAAS,UAAU,EAAE,CAAC;IAC9B,0BAA0B;IAC1B,KAAK,EAAE,SAAS,SAAS,EAAE,CAAC;CAC7B"}

package/dist/schema/contract.js

@@ -0,0 +1,11 @@
+/**
+ * Project-specific architecture contract.
+ *
+ * Declarative DSL — no executable predicates. Authors call
+ * `defineArchContract(...)` (or hand-write the same shape) and pass
+ * the result to `runArchCheck({ contract })` or save it as
+ * `sharkcraft/arch.ts` for auto-discovery.
+ *
+ * Schema: sharkcraft.arch-contract/v1.
+ */
+export const ARCH_CONTRACT_SCHEMA = 'sharkcraft.arch-contract/v1';

package/dist/schema/violation.d.ts

@@ -0,0 +1,29 @@
+export declare const ARCH_REPORT_SCHEMA: "sharkcraft.architecture-report/v1";
+export type ArchViolationSeverity = 'error' | 'warning' | 'info';
+export type ArchViolationKind = 'public-api-misuse' | 'barrel-cycle' | 'barrel-fat' | 'cycle' | 'contract-import' | 'contract-layer-skip';
+export interface IArchViolation {
+    kind: ArchViolationKind;
+    severity: ArchViolationSeverity;
+    /** Short headline. */
+    message: string;
+    /** Project-relative file path the violation originates from. */
+    file: string;
+    /** Optional line number. */
+    line?: number;
+    /** Optional file the violation targets (e.g. illegal import target). */
+    targetFile?: string;
+    /** Optional fix hint shown to the agent / human. */
+    suggestedFix?: string;
+    /** Graph node ids involved (for renderers). */
+    refs?: readonly string[];
+}
+export interface IArchReport {
+    schema: typeof ARCH_REPORT_SCHEMA;
+    /** Number of files considered by the report. */
+    filesAnalyzed: number;
+    violations: readonly IArchViolation[];
+    countsBySeverity: Readonly<Record<ArchViolationSeverity, number>>;
+    countsByKind: Readonly<Record<ArchViolationKind, number>>;
+    diagnostics: readonly string[];
+}
+//# sourceMappingURL=violation.d.ts.map

package/dist/schema/violation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"violation.d.ts","sourceRoot":"","sources":["../../src/schema/violation.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,kBAAkB,EAAG,mCAA4C,CAAC;AAE/E,MAAM,MAAM,qBAAqB,GAAG,OAAO,GAAG,SAAS,GAAG,MAAM,CAAC;AAEjE,MAAM,MAAM,iBAAiB,GACzB,mBAAmB,GACnB,cAAc,GACd,YAAY,GACZ,OAAO,GACP,iBAAiB,GACjB,qBAAqB,CAAC;AAE1B,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,iBAAiB,CAAC;IACxB,QAAQ,EAAE,qBAAqB,CAAC;IAChC,sBAAsB;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,gEAAgE;IAChE,IAAI,EAAE,MAAM,CAAC;IACb,4BAA4B;IAC5B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,wEAAwE;IACxE,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,oDAAoD;IACpD,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,+CAA+C;IAC/C,IAAI,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;CAC1B;AAED,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,OAAO,kBAAkB,CAAC;IAClC,gDAAgD;IAChD,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,SAAS,cAAc,EAAE,CAAC;IACtC,gBAAgB,EAAE,QAAQ,CAAC,MAAM,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC,CAAC;IAClE,YAAY,EAAE,QAAQ,CAAC,MAAM,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAC,CAAC;IAC1D,WAAW,EAAE,SAAS,MAAM,EAAE,CAAC;CAChC"}

package/dist/schema/violation.js

@@ -0,0 +1 @@
+export const ARCH_REPORT_SCHEMA = 'sharkcraft.architecture-report/v1';

package/dist/store/arch-report-store.d.ts

@@ -0,0 +1,51 @@
+import type { ArchViolationSeverity, IArchReport, IArchViolation } from '../schema/violation.js';
+export declare const ARCH_SNAPSHOT_SCHEMA: "sharkcraft.architecture-snapshot/v1";
+/**
+ * Compact, comparison-friendly snapshot of an `IArchReport`. The full
+ * report can grow to hundreds of violations on a large repo — we don't
+ * need to persist every field for delta computation. The snapshot
+ * keeps counts + a deterministically-hashable violation id list so
+ * `shrk doctor` can answer "did anything new appear since the baseline?"
+ * without re-running the full check.
+ */
+export interface IArchSnapshot {
+    schema: typeof ARCH_SNAPSHOT_SCHEMA;
+    generatedAt: string;
+    filesAnalyzed: number;
+    countsBySeverity: Readonly<Record<ArchViolationSeverity, number>>;
+    countsByKind: Readonly<Record<string, number>>;
+    /**
+     * Stable, sorted set of violation ids in the form
+     * `<kind>|<file>[:line]|<targetFile?>`. Used for delta computation.
+     * A violation appearing in `last` but not in `baseline` counts as
+     * "new"; a violation in `baseline` but not in `last` counts as "fixed".
+     */
+    violationIds: readonly string[];
+}
+export declare function snapshotFromReport(report: IArchReport): IArchSnapshot;
+export declare function violationId(v: IArchViolation): string;
+export declare class ArchReportStore {
+    private readonly projectRoot;
+    readonly lastPath: string;
+    readonly baselinePath: string;
+    constructor(projectRoot: string);
+    writeLast(report: IArchReport): IArchSnapshot;
+    writeBaseline(report: IArchReport): IArchSnapshot;
+    readLast(): IArchSnapshot | undefined;
+    readBaseline(): IArchSnapshot | undefined;
+    clearBaseline(): boolean;
+    private write;
+    private read;
+}
+export interface IArchSnapshotDelta {
+    /** Violation ids present in `last` but not `baseline`. */
+    newViolationIds: readonly string[];
+    /** Violation ids present in `baseline` but not `last`. */
+    fixedViolationIds: readonly string[];
+    /** Net change in error count (last − baseline). */
+    errorDelta: number;
+    /** Net change in warning count (last − baseline). */
+    warningDelta: number;
+}
+export declare function diffSnapshots(baseline: IArchSnapshot, last: IArchSnapshot): IArchSnapshotDelta;
+//# sourceMappingURL=arch-report-store.d.ts.map

package/dist/store/arch-report-store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"arch-report-store.d.ts","sourceRoot":"","sources":["../../src/store/arch-report-store.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,qBAAqB,EACrB,WAAW,EACX,cAAc,EACf,MAAM,wBAAwB,CAAC;AAEhC,eAAO,MAAM,oBAAoB,EAAG,qCAA8C,CAAC;AAKnF;;;;;;;GAOG;AACH,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,OAAO,oBAAoB,CAAC;IACpC,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,gBAAgB,EAAE,QAAQ,CAAC,MAAM,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC,CAAC;IAClE,YAAY,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IAC/C;;;;;OAKG;IACH,YAAY,EAAE,SAAS,MAAM,EAAE,CAAC;CACjC;AAED,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,WAAW,GAAG,aAAa,CAWrE;AAED,wBAAgB,WAAW,CAAC,CAAC,EAAE,cAAc,GAAG,MAAM,CAIrD;AAED,qBAAa,eAAe;IAId,OAAO,CAAC,QAAQ,CAAC,WAAW;IAHxC,SAAgB,QAAQ,EAAE,MAAM,CAAC;IACjC,SAAgB,YAAY,EAAE,MAAM,CAAC;gBAER,WAAW,EAAE,MAAM;IAKhD,SAAS,CAAC,MAAM,EAAE,WAAW,GAAG,aAAa;IAM7C,aAAa,CAAC,MAAM,EAAE,WAAW,GAAG,aAAa;IAMjD,QAAQ,IAAI,aAAa,GAAG,SAAS;IAIrC,YAAY,IAAI,aAAa,GAAG,SAAS;IAIzC,aAAa,IAAI,OAAO;IAQxB,OAAO,CAAC,KAAK;IAKb,OAAO,CAAC,IAAI;CAUb;AAED,MAAM,WAAW,kBAAkB;IACjC,0DAA0D;IAC1D,eAAe,EAAE,SAAS,MAAM,EAAE,CAAC;IACnC,0DAA0D;IAC1D,iBAAiB,EAAE,SAAS,MAAM,EAAE,CAAC;IACrC,mDAAmD;IACnD,UAAU,EAAE,MAAM,CAAC;IACnB,qDAAqD;IACrD,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,wBAAgB,aAAa,CAC3B,QAAQ,EAAE,aAAa,EACvB,IAAI,EAAE,aAAa,GAClB,kBAAkB,CAWpB"}

package/dist/store/arch-report-store.js

@@ -0,0 +1,86 @@
+import { existsSync, mkdirSync, readFileSync, rmSync, writeFileSync } from 'node:fs';
+import * as nodePath from 'node:path';
+export const ARCH_SNAPSHOT_SCHEMA = 'sharkcraft.architecture-snapshot/v1';
+const DIR = '.sharkcraft/architecture';
+const LAST_FILE = 'last.json';
+const BASELINE_FILE = 'baseline.json';
+export function snapshotFromReport(report) {
+    const ids = new Set();
+    for (const v of report.violations)
+        ids.add(violationId(v));
+    return {
+        schema: ARCH_SNAPSHOT_SCHEMA,
+        generatedAt: new Date().toISOString(),
+        filesAnalyzed: report.filesAnalyzed,
+        countsBySeverity: { ...report.countsBySeverity },
+        countsByKind: { ...report.countsByKind },
+        violationIds: [...ids].sort(),
+    };
+}
+export function violationId(v) {
+    const filePart = v.line ? `${v.file}:${v.line}` : v.file;
+    const target = v.targetFile ? `|${v.targetFile}` : '';
+    return `${v.kind}|${filePart}${target}`;
+}
+export class ArchReportStore {
+    projectRoot;
+    lastPath;
+    baselinePath;
+    constructor(projectRoot) {
+        this.projectRoot = projectRoot;
+        this.lastPath = nodePath.join(projectRoot, DIR, LAST_FILE);
+        this.baselinePath = nodePath.join(projectRoot, DIR, BASELINE_FILE);
+    }
+    writeLast(report) {
+        const snap = snapshotFromReport(report);
+        this.write(this.lastPath, snap);
+        return snap;
+    }
+    writeBaseline(report) {
+        const snap = snapshotFromReport(report);
+        this.write(this.baselinePath, snap);
+        return snap;
+    }
+    readLast() {
+        return this.read(this.lastPath);
+    }
+    readBaseline() {
+        return this.read(this.baselinePath);
+    }
+    clearBaseline() {
+        if (existsSync(this.baselinePath)) {
+            rmSync(this.baselinePath);
+            return true;
+        }
+        return false;
+    }
+    write(absPath, snap) {
+        mkdirSync(nodePath.dirname(absPath), { recursive: true });
+        writeFileSync(absPath, JSON.stringify(snap, null, 2), 'utf8');
+    }
+    read(absPath) {
+        if (!existsSync(absPath))
+            return undefined;
+        try {
+            const raw = JSON.parse(readFileSync(absPath, 'utf8'));
+            if (raw.schema !== ARCH_SNAPSHOT_SCHEMA)
+                return undefined;
+            return raw;
+        }
+        catch {
+            return undefined;
+        }
+    }
+}
+export function diffSnapshots(baseline, last) {
+    const baseSet = new Set(baseline.violationIds);
+    const lastSet = new Set(last.violationIds);
+    const newViolationIds = last.violationIds.filter((id) => !baseSet.has(id));
+    const fixedViolationIds = baseline.violationIds.filter((id) => !lastSet.has(id));
+    return {
+        newViolationIds,
+        fixedViolationIds,
+        errorDelta: last.countsBySeverity.error - baseline.countsBySeverity.error,
+        warningDelta: last.countsBySeverity.warning - baseline.countsBySeverity.warning,
+    };
+}

package/package.json

@@ -0,0 +1,52 @@
+{
+  "name": "@shrkcrft/architecture-guard",
+  "version": "0.1.0-alpha.10",
+  "description": "SharkCraft architecture guard: semantic architecture checks on top of the code graph — public-API misuse, barrel risks, cycle severity, project-specific architecture contracts.",
+  "license": "MIT",
+  "author": "SharkCraft contributors",
+  "type": "module",
+  "main": "./dist/index.js",
+  "types": "./dist/index.d.ts",
+  "exports": {
+    ".": {
+      "types": "./dist/index.d.ts",
+      "import": "./dist/index.js",
+      "default": "./dist/index.js"
+    }
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/sharkcraft/sharkcraft.git",
+    "directory": "packages/architecture-guard"
+  },
+  "homepage": "https://github.com/sharkcraft/sharkcraft",
+  "bugs": {
+    "url": "https://github.com/sharkcraft/sharkcraft/issues"
+  },
+  "keywords": [
+    "sharkcraft",
+    "architecture-guard",
+    "boundaries",
+    "code-intelligence"
+  ],
+  "engines": {
+    "bun": ">=1.1.0",
+    "node": ">=18"
+  },
+  "scripts": {
+    "typecheck": "tsc --noEmit -p tsconfig.json"
+  },
+  "dependencies": {
+    "@shrkcrft/core": "^0.1.0-alpha.10",
+    "@shrkcrft/boundaries": "^0.1.0-alpha.10",
+    "@shrkcrft/graph": "^0.1.0-alpha.10"
+  },
+  "publishConfig": {
+    "access": "public"
+  }
+}