@skillcap/gdh 0.23.0 → 0.24.0

package/node_modules/@gdh/core/dist/migrations/registry.d.ts

@@ -0,0 +1,205 @@
+import type { GdhManagedSurfaceClass } from "./managed-surface-classes.js";
+import type { GdhMigrationEnvelope } from "./envelopes/types.js";
+/**
+ * Schema/agentContract pair that identifies a migration boundary.
+ * D-02: pair drives chain resolution; package version is presentation only.
+ */
+export interface GdhMigrationVersionPair {
+    readonly schema: number;
+    readonly agentContract: number;
+}
+/**
+ * Result of a per-entry verify probe (D-05).
+ * Distinct from STA-03 deferred-action probes (those live in migration.json).
+ */
+export type GdhMigrationEntryVerifyResult = {
+    readonly ok: true;
+} | {
+    readonly ok: false;
+    readonly reason: string;
+};
+/**
+ * GDH migration registry entry (REG-01 / D-01).
+ *
+ * Each entry covers a single schema/agentContract pair transition.
+ * Append-only; no removal of historic entries within the supported range.
+ *
+ * The `transform` signature is filesystem-first per the walk-test consumer shape
+ * at tests/integration/migration-chain.test.ts:244-253. Per-entry golden tests
+ * adapt this to the file-map shape via runMigrationGolden.
+ */
+export interface GdhMigrationEntry {
+    readonly id: string;
+    readonly from: GdhMigrationVersionPair;
+    readonly to: GdhMigrationVersionPair;
+    readonly classesTouched: readonly GdhManagedSurfaceClass[];
+    readonly transform: (targetPath: string) => Promise<void>;
+    readonly verify: (targetPath: string) => Promise<GdhMigrationEntryVerifyResult>;
+    /** Optional reference to a Phase 73 subagent envelope. Unused in Phase 72 (D-25). */
+    readonly envelope_ref?: string;
+    /**
+     * Per-release supplementary cleanup paths declared by this entry —
+     * workspace-relative POSIX paths the inventory sweep should delete in
+     * addition to set-diff orphans.
+     *
+     * Use sparingly: orphans normally come from manifest set-diff (the new
+     * render set vs the prior render-inventory.paths). This field is for
+     * targets OUTSIDE the rendered surface — e.g., orphaned MCP processes
+     * captured at registry-entry resolution time, or class-1 file drops the
+     * inventory-set-diff cannot derive.
+     *
+     * Validated by `isWorkspaceRelativePath` at sweep time (T-72-03-01); any
+     * candidate failing the check is skipped with a structured warning, never
+     * deleted. Per 72-CONTEXT.md "specifics" section.
+     */
+    readonly supplementaryDeletions?: readonly string[];
+}
+/**
+ * Validates a path is workspace-relative POSIX.
+ *
+ * Rejects:
+ *   - empty string
+ *   - absolute paths (starts with "/")
+ *   - paths containing ".." segments
+ *   - paths containing "" segments (double-slash)
+ *   - paths containing null bytes
+ *
+ * Used to gate `supplementaryDeletions` and inventory-sweep delete targets
+ * against path traversal (T-72-03-01). Any candidate failing this check
+ * MUST be skipped by the sweep with a `path_traversal_blocked` reason.
+ */
+export declare function isWorkspaceRelativePath(candidate: string): boolean;
+/**
+ * Central migration registry (REG-01 / D-01).
+ *
+ * Ordered ascending by `from` pair (schema, then agentContract).
+ * Append-only across phases.
+ *
+ * D-09 (clarified by Phase 72 Plan 02 audit, see
+ * .planning/phases/72-migration-workflow-internals-registry-inventory-durable-back/72-02-AUDIT.md):
+ * the registry contains one entry per real class-2/3 schema/agent-contract
+ * bump in the supported version range. Bumps that produce no class-2/3
+ * work — i.e., the bump's user-visible effect is fully covered by
+ * deterministic class-1 re-render — are owned by
+ * `installSupportedAgentAdapters` re-bake at D-10 step 7 and are NOT
+ * represented in the registry. Adding identity-only entries for such
+ * bumps is the rejected "no-op identity entry" pattern: it would create
+ * a transform with no work and a verify probe with no shape to assert,
+ * masking real drift the chain matrix is meant to catch. Rollup
+ * mega-entries are also rejected (loses chain composition fidelity).
+ *
+ * Phase 72 Plan 02 populates this array with one entry
+ * (`entry_s2c2_to_s2c3_rules_schema`); the other three v0.18→HEAD bumps
+ * (s2c3→s2c6, s2c6→s2c7, s3c7→s3c8) are class-1-only per the audit and
+ * are intentionally absent.
+ */
+export declare const MIGRATION_REGISTRY_ENTRIES: readonly [GdhMigrationEntry, GdhMigrationEntry];
+/**
+ * Result of applyMigrationChain (D-06).
+ *
+ * Discriminated union following the project pattern in self-update-mechanics.ts.
+ *
+ * **Externalized rollback contract (WR-05).** This function does NOT roll back
+ * partial transform output on `verify_failed` or `transform_threw`. The
+ * `transform` step writes to disk BEFORE its own `verify` runs (and before the
+ * next entry's transform). When verify rejects, those writes persist on disk
+ * unchanged; the failed entry's intended-but-rejected state is also already
+ * partially or fully on disk on `transform_threw`. The `partialWriteOccurred`
+ * field on both failure variants is a typed reminder that the caller MUST
+ * either (a) restore from a durable backup taken before the chain ran (the
+ * pattern used by `bumpAndRebakePin`'s D-10 step 8a), or (b) accept the
+ * partial mutation. Standalone callers that consume `applyMigrationChain`
+ * without a durable backup MUST treat `partialWriteOccurred: true` as a
+ * cleanup obligation; ignoring it leaves the workspace in a half-applied
+ * state that the next chain run may verify-pass against (entries are
+ * idempotent) but which violates the all-or-nothing guarantee operators
+ * expect from migration tooling.
+ */
+export type GdhApplyMigrationChainResult = {
+    readonly state: "applied";
+    readonly applied: readonly string[];
+} | {
+    readonly state: "noop";
+    readonly applied: readonly string[];
+} | {
+    readonly state: "verify_failed";
+    readonly failedEntryId: string;
+    readonly reason: string;
+    readonly applied: readonly string[];
+    /**
+     * WR-05: Always `true` on this variant — the failed entry's `transform`
+     * ran to completion before `verify` rejected, so its intended output is
+     * already on disk. Caller must restore from durable backup or accept
+     * the partial write.
+     */
+    readonly partialWriteOccurred: true;
+} | {
+    readonly state: "transform_threw";
+    readonly failedEntryId: string;
+    readonly error: string;
+    readonly applied: readonly string[];
+    /**
+     * WR-05 / Phase 73: `true` when the entry's `transform` threw mid-execution
+     * (existing Phase 72 path) — an indeterminate amount of its intended output
+     * may already be on disk; caller must restore from durable backup or accept
+     * the partial write. `false` for Phase 73 synthetic envelope-resolution
+     * failures (`envelope_not_found`) where the gate trips BEFORE transform
+     * runs and nothing is on disk — bumpAndRebakePin still rolls back from the
+     * durable backup, but no partial chain output requires cleanup.
+     */
+    readonly partialWriteOccurred: boolean;
+} | {
+    /** Phase 73 D-09: chain paused on an unresolved envelope_ref. */
+    readonly state: "needs_envelope";
+    readonly envelopeRef: string;
+    readonly envelope: GdhMigrationEnvelope;
+    readonly fromPair: GdhMigrationVersionPair;
+    readonly toPair: GdhMigrationVersionPair;
+    /** Entries already applied in this chain run before the pause. */
+    readonly applied: readonly string[];
+};
+/**
+ * applyMigrationChain — filter entries whose `from` >= fromPair AND `to` <= toPair,
+ * iterate in registry order, run transform then verify, halt on first failure.
+ *
+ * **Phase 73 envelope gate (D-09 / D-10).** When an entry declares
+ * `envelope_ref` (Phase 73), this function pauses BEFORE running its transform
+ * and returns a `needs_envelope` result so the calling agent can run the
+ * envelope (subagent or inline per D-05/D-06). On the resume run, if a
+ * recorded slot exists in `migration.json.envelopes[<envelope_ref>]` whose
+ * `(envelope_ref, from_pin, to_pin)` triple matches the current chain step
+ * (per `envelopePinContext`), the entry is treated as advanced (Phase 73
+ * records evidence only — Pitfall 7) and the chain continues. Stale slot
+ * (pin mismatch) → re-emit `needs_envelope`. Missing/unresolved envelope file
+ * → synthetic `transform_threw` with `envelope_not_found:` reason. Phase 72
+ * mechanical entries (envelope_ref undefined) skip this gate entirely.
+ *
+ * **Externalized rollback contract (WR-05).** This function does NOT roll back
+ * partial transform output. On `verify_failed`, the failed entry's transform
+ * ran to completion (writing to disk) before verify rejected. On
+ * `transform_threw`, an indeterminate amount of the failed entry's output may
+ * be on disk. In both cases the result carries `partialWriteOccurred: true`
+ * so callers cannot silently ignore the cleanup obligation. The integrated
+ * `bumpAndRebakePin` orchestrator restores from the durable backup at
+ * `.gdh-state/backup/` per Plan 72-08 D-10 step 8a. Standalone callers (the
+ * chain matrix walk-test, future direct invocations) that lack a durable
+ * backup MUST either implement an equivalent rollback or accept the partial
+ * mutation.
+ *
+ * The `entries` parameter exists for testability; production callers omit it
+ * and the default `MIGRATION_REGISTRY_ENTRIES` is used.
+ */
+export declare function applyMigrationChain(targetPath: string, fromPair: GdhMigrationVersionPair, toPair: GdhMigrationVersionPair, entries?: readonly GdhMigrationEntry[], 
+/**
+ * Phase 73 (Plan 73-03): optional pin pair for D-10 envelope staleness
+ * comparison. When omitted (Phase 72 callers, the chain matrix walk-test),
+ * envelope-bearing entries are unreachable in the Phase 72 registry — the
+ * function still type-checks, but the envelope gate cannot validate
+ * `from_pin`/`to_pin` and fails closed (re-emits the envelope). Production
+ * callers (`bumpAndRebakePin` in Plan 73-04) always pass this argument.
+ */
+envelopePinContext?: {
+    readonly fromPin: string;
+    readonly toPin: string;
+}): Promise<GdhApplyMigrationChainResult>;
+//# sourceMappingURL=registry.d.ts.map

package/node_modules/@gdh/core/dist/migrations/registry.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"registry.d.ts","sourceRoot":"","sources":["../../src/migrations/registry.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,8BAA8B,CAAC;AAG3E,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAKjE;;;GAGG;AACH,MAAM,WAAW,uBAAuB;IACtC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;CAChC;AAED;;;GAGG;AACH,MAAM,MAAM,6BAA6B,GACrC;IAAE,QAAQ,CAAC,EAAE,EAAE,IAAI,CAAA;CAAE,GACrB;IAAE,QAAQ,CAAC,EAAE,EAAE,KAAK,CAAC;IAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAA;CAAE,CAAC;AAEpD;;;;;;;;;GASG;AACH,MAAM,WAAW,iBAAiB;IAChC,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,IAAI,EAAE,uBAAuB,CAAC;IACvC,QAAQ,CAAC,EAAE,EAAE,uBAAuB,CAAC;IACrC,QAAQ,CAAC,cAAc,EAAE,SAAS,sBAAsB,EAAE,CAAC;IAC3D,QAAQ,CAAC,SAAS,EAAE,CAAC,UAAU,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1D,QAAQ,CAAC,MAAM,EAAE,CAAC,UAAU,EAAE,MAAM,KAAK,OAAO,CAAC,6BAA6B,CAAC,CAAC;IAChF,qFAAqF;IACrF,QAAQ,CAAC,YAAY,CAAC,EAAE,MAAM,CAAC;IAC/B;;;;;;;;;;;;;;OAcG;IACH,QAAQ,CAAC,sBAAsB,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;CACrD;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAgB,uBAAuB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAMlE;AAED;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,eAAO,MAAM,0BAA0B,iDAGU,CAAC;AAElD;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,MAAM,MAAM,4BAA4B,GACpC;IAAE,QAAQ,CAAC,KAAK,EAAE,SAAS,CAAC;IAAC,QAAQ,CAAC,OAAO,EAAE,SAAS,MAAM,EAAE,CAAA;CAAE,GAClE;IAAE,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,OAAO,EAAE,SAAS,MAAM,EAAE,CAAA;CAAE,GAC/D;IACE,QAAQ,CAAC,KAAK,EAAE,eAAe,CAAC;IAChC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,OAAO,EAAE,SAAS,MAAM,EAAE,CAAC;IACpC;;;;;OAKG;IACH,QAAQ,CAAC,oBAAoB,EAAE,IAAI,CAAC;CACrC,GACD;IACE,QAAQ,CAAC,KAAK,EAAE,iBAAiB,CAAC;IAClC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,OAAO,EAAE,SAAS,MAAM,EAAE,CAAC;IACpC;;;;;;;;OAQG;IACH,QAAQ,CAAC,oBAAoB,EAAE,OAAO,CAAC;CACxC,GACD;IACE,iEAAiE;IACjE,QAAQ,CAAC,KAAK,EAAE,gBAAgB,CAAC;IACjC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,QAAQ,EAAE,oBAAoB,CAAC;IACxC,QAAQ,CAAC,QAAQ,EAAE,uBAAuB,CAAC;IAC3C,QAAQ,CAAC,MAAM,EAAE,uBAAuB,CAAC;IACzC,kEAAkE;IAClE,QAAQ,CAAC,OAAO,EAAE,SAAS,MAAM,EAAE,CAAC;CACrC,CAAC;AAgCN;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,wBAAsB,mBAAmB,CACvC,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,uBAAuB,EACjC,MAAM,EAAE,uBAAuB,EAC/B,OAAO,GAAE,SAAS,iBAAiB,EAA+B;AAClE;;;;;;;GAOG;AACH,kBAAkB,CAAC,EAAE;IAAE,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAA;CAAE,GACxE,OAAO,CAAC,4BAA4B,CAAC,CAkGvC"}

package/node_modules/@gdh/core/dist/migrations/registry.js

@@ -0,0 +1,214 @@
+import { entry_s2c2_to_s2c3 } from "./entries/s2c2_to_s2c3_rules_schema_v2_to_v3.js";
+import { entry_s3c8_to_s3c9 } from "./entries/s3c8_to_s3c9_register_runtime_bridge_autoload.js";
+import { resolveEnvelopeBySlug } from "./envelopes/index.js";
+import { readMigrationState } from "../state/migration-state.js";
+/**
+ * Validates a path is workspace-relative POSIX.
+ *
+ * Rejects:
+ *   - empty string
+ *   - absolute paths (starts with "/")
+ *   - paths containing ".." segments
+ *   - paths containing "" segments (double-slash)
+ *   - paths containing null bytes
+ *
+ * Used to gate `supplementaryDeletions` and inventory-sweep delete targets
+ * against path traversal (T-72-03-01). Any candidate failing this check
+ * MUST be skipped by the sweep with a `path_traversal_blocked` reason.
+ */
+export function isWorkspaceRelativePath(candidate) {
+    if (typeof candidate !== "string" || candidate.length === 0)
+        return false;
+    if (candidate.startsWith("/"))
+        return false;
+    if (candidate.includes("\0"))
+        return false;
+    const segments = candidate.split("/");
+    return !segments.some((s) => s === ".." || s === "");
+}
+/**
+ * Central migration registry (REG-01 / D-01).
+ *
+ * Ordered ascending by `from` pair (schema, then agentContract).
+ * Append-only across phases.
+ *
+ * D-09 (clarified by Phase 72 Plan 02 audit, see
+ * .planning/phases/72-migration-workflow-internals-registry-inventory-durable-back/72-02-AUDIT.md):
+ * the registry contains one entry per real class-2/3 schema/agent-contract
+ * bump in the supported version range. Bumps that produce no class-2/3
+ * work — i.e., the bump's user-visible effect is fully covered by
+ * deterministic class-1 re-render — are owned by
+ * `installSupportedAgentAdapters` re-bake at D-10 step 7 and are NOT
+ * represented in the registry. Adding identity-only entries for such
+ * bumps is the rejected "no-op identity entry" pattern: it would create
+ * a transform with no work and a verify probe with no shape to assert,
+ * masking real drift the chain matrix is meant to catch. Rollup
+ * mega-entries are also rejected (loses chain composition fidelity).
+ *
+ * Phase 72 Plan 02 populates this array with one entry
+ * (`entry_s2c2_to_s2c3_rules_schema`); the other three v0.18→HEAD bumps
+ * (s2c3→s2c6, s2c6→s2c7, s3c7→s3c8) are class-1-only per the audit and
+ * are intentionally absent.
+ */
+export const MIGRATION_REGISTRY_ENTRIES = [
+    entry_s2c2_to_s2c3,
+    entry_s3c8_to_s3c9,
+];
+/**
+ * Pair comparator: returns negative if a < b, zero if equal, positive if a > b.
+ * Schema is the major axis; agentContract is the minor axis.
+ */
+function comparePair(a, b) {
+    if (a.schema !== b.schema)
+        return a.schema - b.schema;
+    return a.agentContract - b.agentContract;
+}
+/**
+ * D-10 staleness check (Phase 73). A recorded envelope slot is valid only when
+ * BOTH the slot's `from_pin` and `to_pin` match the chain step's bump pair.
+ * The slot is keyed by `envelope_ref` at the call site (the caller looks it up
+ * in `state.envelopes[entry.envelope_ref]`); this helper validates the
+ * remaining two axes of the (envelope_ref, from_pin, to_pin) triple.
+ *
+ * Pitfall 1 — defense in depth: the explicit pin-pair comparison is what
+ * stops a hand-edited `migration.json` slot whose pin pair targets a
+ * different chain step from silently advancing the current step.
+ */
+function isEnvelopeRecordValid(slot, expected) {
+    return slot.from_pin === expected.from_pin && slot.to_pin === expected.to_pin;
+}
+/**
+ * applyMigrationChain — filter entries whose `from` >= fromPair AND `to` <= toPair,
+ * iterate in registry order, run transform then verify, halt on first failure.
+ *
+ * **Phase 73 envelope gate (D-09 / D-10).** When an entry declares
+ * `envelope_ref` (Phase 73), this function pauses BEFORE running its transform
+ * and returns a `needs_envelope` result so the calling agent can run the
+ * envelope (subagent or inline per D-05/D-06). On the resume run, if a
+ * recorded slot exists in `migration.json.envelopes[<envelope_ref>]` whose
+ * `(envelope_ref, from_pin, to_pin)` triple matches the current chain step
+ * (per `envelopePinContext`), the entry is treated as advanced (Phase 73
+ * records evidence only — Pitfall 7) and the chain continues. Stale slot
+ * (pin mismatch) → re-emit `needs_envelope`. Missing/unresolved envelope file
+ * → synthetic `transform_threw` with `envelope_not_found:` reason. Phase 72
+ * mechanical entries (envelope_ref undefined) skip this gate entirely.
+ *
+ * **Externalized rollback contract (WR-05).** This function does NOT roll back
+ * partial transform output. On `verify_failed`, the failed entry's transform
+ * ran to completion (writing to disk) before verify rejected. On
+ * `transform_threw`, an indeterminate amount of the failed entry's output may
+ * be on disk. In both cases the result carries `partialWriteOccurred: true`
+ * so callers cannot silently ignore the cleanup obligation. The integrated
+ * `bumpAndRebakePin` orchestrator restores from the durable backup at
+ * `.gdh-state/backup/` per Plan 72-08 D-10 step 8a. Standalone callers (the
+ * chain matrix walk-test, future direct invocations) that lack a durable
+ * backup MUST either implement an equivalent rollback or accept the partial
+ * mutation.
+ *
+ * The `entries` parameter exists for testability; production callers omit it
+ * and the default `MIGRATION_REGISTRY_ENTRIES` is used.
+ */
+export async function applyMigrationChain(targetPath, fromPair, toPair, entries = MIGRATION_REGISTRY_ENTRIES, 
+/**
+ * Phase 73 (Plan 73-03): optional pin pair for D-10 envelope staleness
+ * comparison. When omitted (Phase 72 callers, the chain matrix walk-test),
+ * envelope-bearing entries are unreachable in the Phase 72 registry — the
+ * function still type-checks, but the envelope gate cannot validate
+ * `from_pin`/`to_pin` and fails closed (re-emits the envelope). Production
+ * callers (`bumpAndRebakePin` in Plan 73-04) always pass this argument.
+ */
+envelopePinContext) {
+    const inRange = entries.filter((entry) => comparePair(entry.from, fromPair) >= 0 &&
+        comparePair(entry.to, toPair) <= 0);
+    const applied = [];
+    for (const entry of inRange) {
+        // ── Phase 73 envelope gate (D-09 / Pitfall 3 ordering invariant) ──
+        // MUST run BEFORE entry.transform: an unresolved envelope must not
+        // mutate disk. Phase 72 mechanical entries (envelope_ref undefined)
+        // skip this branch entirely.
+        if (entry.envelope_ref !== undefined) {
+            const envelope = resolveEnvelopeBySlug(entry.envelope_ref);
+            if (envelope === null) {
+                // Author bug: entry declares envelope_ref but no envelope file is
+                // registered in ENVELOPE_REGISTRY. Surface as transform_threw with
+                // the synthetic `envelope_not_found` reason so the existing rollback
+                // path applies (durable backup is intact at the bumpAndRebakePin
+                // layer); partialWriteOccurred=false because nothing was written.
+                return {
+                    state: "transform_threw",
+                    failedEntryId: entry.id,
+                    error: `envelope_not_found: entry ${entry.id} declares envelope_ref="${entry.envelope_ref}" but no envelope file is registered`,
+                    applied,
+                    partialWriteOccurred: false,
+                };
+            }
+            const state = await readMigrationState(targetPath);
+            const recorded = state?.envelopes?.[entry.envelope_ref] ?? null;
+            const triple = envelopePinContext !== undefined
+                ? {
+                    envelope_ref: entry.envelope_ref,
+                    from_pin: envelopePinContext.fromPin,
+                    to_pin: envelopePinContext.toPin,
+                }
+                : null;
+            const valid = recorded !== null &&
+                triple !== null &&
+                isEnvelopeRecordValid(recorded, triple) &&
+                // WR-01: only `output_contract.state === "apply"` advances the chain.
+                // `abort` and `needs_clarification` are recorded as evidence (Pitfall 7
+                // — record-only) but MUST NOT advance the chain past the entry, which
+                // would silently claim success for an envelope the agent declined or
+                // could not resolve. Re-emit needs_envelope so the operator can either
+                // re-record the envelope (after collecting clarification) or run
+                // `gdh migration clear-envelope <slug>` and re-attempt.
+                recorded.output_contract.state === "apply";
+            if (!valid) {
+                return {
+                    state: "needs_envelope",
+                    envelopeRef: entry.envelope_ref,
+                    envelope,
+                    fromPair: entry.from,
+                    toPair: entry.to,
+                    applied,
+                };
+            }
+            // Recorded result is valid for this triple AND output_contract.state is
+            // "apply". Phase 73 records evidence ONLY (Pitfall 7); the apply-consumer
+            // that mutates disk based on output_contract.changes is out of scope for
+            // v1.18 because no Phase 72 entry has envelope_ref set. Mark the entry
+            // as advanced and continue.
+            applied.push(entry.id);
+            continue;
+        }
+        // ── existing Phase 72 transform → verify path (unchanged) ──
+        try {
+            await entry.transform(targetPath);
+        }
+        catch (error) {
+            return {
+                state: "transform_threw",
+                failedEntryId: entry.id,
+                error: error instanceof Error ? error.message : String(error),
+                applied,
+                // WR-05: transform threw mid-execution; partial output may be on disk.
+                partialWriteOccurred: true,
+            };
+        }
+        const verifyResult = await entry.verify(targetPath);
+        if (!verifyResult.ok) {
+            return {
+                state: "verify_failed",
+                failedEntryId: entry.id,
+                reason: verifyResult.reason,
+                applied,
+                // WR-05: transform completed before verify rejected; output is on disk.
+                partialWriteOccurred: true,
+            };
+        }
+        applied.push(entry.id);
+    }
+    return inRange.length === 0
+        ? { state: "noop", applied: [] }
+        : { state: "applied", applied };
+}
+//# sourceMappingURL=registry.js.map

package/node_modules/@gdh/core/dist/migrations/registry.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"registry.js","sourceRoot":"","sources":["../../src/migrations/registry.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,kBAAkB,EAAE,MAAM,iDAAiD,CAAC;AACrF,OAAO,EAAE,kBAAkB,EAAE,MAAM,4DAA4D,CAAC;AAEhG,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAE7D,OAAO,EAAE,kBAAkB,EAAE,MAAM,6BAA6B,CAAC;AAwDjE;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,uBAAuB,CAAC,SAAiB;IACvD,IAAI,OAAO,SAAS,KAAK,QAAQ,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAC1E,IAAI,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IAC5C,IAAI,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IAC3C,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACtC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;AACvD,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,MAAM,CAAC,MAAM,0BAA0B,GAAG;IACxC,kBAAkB;IAClB,kBAAkB;CAC6B,CAAC;AAkElD;;;GAGG;AACH,SAAS,WAAW,CAClB,CAA0B,EAC1B,CAA0B;IAE1B,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM;QAAE,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,MAAM,CAAC;IACtD,OAAO,CAAC,CAAC,aAAa,GAAG,CAAC,CAAC,aAAa,CAAC;AAC3C,CAAC;AAED;;;;;;;;;;GAUG;AACH,SAAS,qBAAqB,CAC5B,IAA8B,EAC9B,QAAoE;IAEpE,OAAO,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,QAAQ,IAAI,IAAI,CAAC,MAAM,KAAK,QAAQ,CAAC,MAAM,CAAC;AAChF,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA8BG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,UAAkB,EAClB,QAAiC,EACjC,MAA+B,EAC/B,UAAwC,0BAA0B;AAClE;;;;;;;GAOG;AACH,kBAAyE;IAEzE,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAC5B,CAAC,KAAK,EAAE,EAAE,CACR,WAAW,CAAC,KAAK,CAAC,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC;QACtC,WAAW,CAAC,KAAK,CAAC,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,CACrC,CAAC;IACF,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,qEAAqE;QACrE,mEAAmE;QACnE,oEAAoE;QACpE,6BAA6B;QAC7B,IAAI,KAAK,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;YACrC,MAAM,QAAQ,GAAG,qBAAqB,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;YAC3D,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;gBACtB,kEAAkE;gBAClE,mEAAmE;gBACnE,qEAAqE;gBACrE,iEAAiE;gBACjE,kEAAkE;gBAClE,OAAO;oBACL,KAAK,EAAE,iBAAiB;oBACxB,aAAa,EAAE,KAAK,CAAC,EAAE;oBACvB,KAAK,EAAE,6BAA6B,KAAK,CAAC,EAAE,2BAA2B,KAAK,CAAC,YAAY,sCAAsC;oBAC/H,OAAO;oBACP,oBAAoB,EAAE,KAAK;iBAC5B,CAAC;YACJ,CAAC;YACD,MAAM,KAAK,GAAG,MAAM,kBAAkB,CAAC,UAAU,CAAC,CAAC;YACnD,MAAM,QAAQ,GAAG,KAAK,EAAE,SAAS,EAAE,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,IAAI,CAAC;YAChE,MAAM,MAAM,GACV,kBAAkB,KAAK,SAAS;gBAC9B,CAAC,CAAC;oBACE,YAAY,EAAE,KAAK,CAAC,YAAY;oBAChC,QAAQ,EAAE,kBAAkB,CAAC,OAAO;oBACpC,MAAM,EAAE,kBAAkB,CAAC,KAAK;iBACjC;gBACH,CAAC,CAAC,IAAI,CAAC;YACX,MAAM,KAAK,GACT,QAAQ,KAAK,IAAI;gBACjB,MAAM,KAAK,IAAI;gBACf,qBAAqB,CAAC,QAAQ,EAAE,MAAM,CAAC;gBACvC,sEAAsE;gBACtE,wEAAwE;gBACxE,sEAAsE;gBACtE,qEAAqE;gBACrE,uEAAuE;gBACvE,iEAAiE;gBACjE,wDAAwD;gBACxD,QAAQ,CAAC,eAAe,CAAC,KAAK,KAAK,OAAO,CAAC;YAC7C,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO;oBACL,KAAK,EAAE,gBAAgB;oBACvB,WAAW,EAAE,KAAK,CAAC,YAAY;oBAC/B,QAAQ;oBACR,QAAQ,EAAE,KAAK,CAAC,IAAI;oBACpB,MAAM,EAAE,KAAK,CAAC,EAAE;oBAChB,OAAO;iBACR,CAAC;YACJ,CAAC;YACD,wEAAwE;YACxE,0EAA0E;YAC1E,yEAAyE;YACzE,uEAAuE;YACvE,4BAA4B;YAC5B,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YACvB,SAAS;QACX,CAAC;QAED,8DAA8D;QAC9D,IAAI,CAAC;YACH,MAAM,KAAK,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QACpC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO;gBACL,KAAK,EAAE,iBAAiB;gBACxB,aAAa,EAAE,KAAK,CAAC,EAAE;gBACvB,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;gBAC7D,OAAO;gBACP,uEAAuE;gBACvE,oBAAoB,EAAE,IAAI;aAC3B,CAAC;QACJ,CAAC;QACD,MAAM,YAAY,GAAG,MAAM,KAAK,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QACpD,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,CAAC;YACrB,OAAO;gBACL,KAAK,EAAE,eAAe;gBACtB,aAAa,EAAE,KAAK,CAAC,EAAE;gBACvB,MAAM,EAAE,YAAY,CAAC,MAAM;gBAC3B,OAAO;gBACP,wEAAwE;gBACxE,oBAAoB,EAAE,IAAI;aAC3B,CAAC;QACJ,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACzB,CAAC;IACD,OAAO,OAAO,CAAC,MAAM,KAAK,CAAC;QACzB,CAAC,CAAC,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,EAAE;QAChC,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC;AACpC,CAAC"}

package/node_modules/@gdh/core/dist/state/atomic-write.d.ts

@@ -0,0 +1,19 @@
+/**
+ * Atomic write via temp-file + POSIX rename. POSIX rename is atomic on the
+ * same filesystem, which `.gdh-state/` placement guarantees. The temp file
+ * lives in the same directory as the destination so the rename is local.
+ *
+ * Source pattern: packages/runtime/src/bridge-broker.ts:721-733. Extracted
+ * here so plans 04 (backup manifest), 05 (migration-state), and 06
+ * (processes-snapshot) can reuse a single implementation instead of
+ * copy-pasting the helper into each writer.
+ *
+ * Failure semantics: on any failure during writeFile/rename, the temp file
+ * is removed (best-effort) and the original error rethrown. The destination
+ * file is never left in a half-written state — either the new content is
+ * fully visible at the destination path, or the destination is unchanged.
+ */
+export declare function writeFileAtomic(filePath: string, content: string, options?: {
+    readonly mode?: number;
+}): Promise<void>;
+//# sourceMappingURL=atomic-write.d.ts.map

package/node_modules/@gdh/core/dist/state/atomic-write.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"atomic-write.d.ts","sourceRoot":"","sources":["../../src/state/atomic-write.ts"],"names":[],"mappings":"AAIA;;;;;;;;;;;;;;GAcG;AACH,wBAAsB,eAAe,CACnC,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,EACf,OAAO,GAAE;IAAE,QAAQ,CAAC,IAAI,CAAC,EAAE,MAAM,CAAA;CAAO,GACvC,OAAO,CAAC,IAAI,CAAC,CAgBf"}

package/node_modules/@gdh/core/dist/state/atomic-write.js

@@ -0,0 +1,34 @@
+import { randomUUID } from "node:crypto";
+import fs from "node:fs/promises";
+import path from "node:path";
+/**
+ * Atomic write via temp-file + POSIX rename. POSIX rename is atomic on the
+ * same filesystem, which `.gdh-state/` placement guarantees. The temp file
+ * lives in the same directory as the destination so the rename is local.
+ *
+ * Source pattern: packages/runtime/src/bridge-broker.ts:721-733. Extracted
+ * here so plans 04 (backup manifest), 05 (migration-state), and 06
+ * (processes-snapshot) can reuse a single implementation instead of
+ * copy-pasting the helper into each writer.
+ *
+ * Failure semantics: on any failure during writeFile/rename, the temp file
+ * is removed (best-effort) and the original error rethrown. The destination
+ * file is never left in a half-written state — either the new content is
+ * fully visible at the destination path, or the destination is unchanged.
+ */
+export async function writeFileAtomic(filePath, content, options = {}) {
+    await fs.mkdir(path.dirname(filePath), { recursive: true });
+    const tempPath = path.join(path.dirname(filePath), `.${path.basename(filePath)}.${randomUUID()}.tmp`);
+    try {
+        await fs.writeFile(tempPath, content, { mode: options.mode });
+        if (options.mode !== undefined) {
+            await fs.chmod(tempPath, options.mode).catch(() => { });
+        }
+        await fs.rename(tempPath, filePath);
+    }
+    catch (error) {
+        await fs.rm(tempPath, { force: true }).catch(() => { });
+        throw error;
+    }
+}
+//# sourceMappingURL=atomic-write.js.map

package/node_modules/@gdh/core/dist/state/atomic-write.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"atomic-write.js","sourceRoot":"","sources":["../../src/state/atomic-write.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B;;;;;;;;;;;;;;GAcG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,QAAgB,EAChB,OAAe,EACf,UAAsC,EAAE;IAExC,MAAM,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC5D,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CACxB,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,EACtB,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,UAAU,EAAE,MAAM,CAClD,CAAC;IACF,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QAC9D,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAC/B,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACzD,CAAC;QACD,MAAM,EAAE,CAAC,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IACtC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,EAAE,CAAC,EAAE,CAAC,QAAQ,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACvD,MAAM,KAAK,CAAC;IACd,CAAC;AACH,CAAC"}

package/node_modules/@gdh/core/dist/state/migration-state.d.ts

@@ -0,0 +1,135 @@
+import type { GdhMigrationEnvelopeOutput } from "../migrations/envelopes/types.js";
+/**
+ * Path of the GDH migration-state envelope (D-12 / D-15 / D-16).
+ *
+ * Holds the post-rebake `last_applied_at` provenance and a typed
+ * `deferred_actions` list. Closed-kind `verify.kind` enum + structured
+ * `verify.payload` (no shell strings) eliminates the shell-injection
+ * surface called out in T-72-05-01.
+ */
+export declare const MIGRATION_STATE_RELATIVE_PATH = ".gdh-state/migration.json";
+/**
+ * Closed enumeration of probe statuses (D-12).
+ *
+ * - `pending`: probe ran but the deferred condition is not yet observed
+ *   (host harness has not reloaded skill metadata, process not yet running).
+ * - `clean`: deferred condition observed; the action is satisfied.
+ * - `stale`: probe could not be run cleanly (unknown verify.kind, malformed
+ *   payload, host threw). Treated as not-clean by the advisory gate.
+ */
+export type GdhDeferredActionStatus = "pending" | "clean" | "stale";
+/**
+ * Closed enumeration of verify dispatch kinds (D-12 / D-27).
+ *
+ * Adding a new kind requires showing GDH cannot perform the action with a
+ * precise file edit or process call (D-27 — bounded out-of-band action list).
+ */
+export type GdhDeferredActionVerifyKind = "agent_skill_metadata_reload" | "process_restart";
+/**
+ * Verify descriptor (D-12). `kind` selects the dispatch arm; `payload` carries
+ * the per-kind structured data the probe runner needs. There is no
+ * `verify_command` shell string — that field intentionally does NOT exist
+ * (T-72-05-01 mitigation).
+ */
+export interface GdhDeferredActionVerify {
+    readonly kind: GdhDeferredActionVerifyKind;
+    readonly payload: Record<string, unknown>;
+}
+export interface GdhDeferredAction {
+    readonly id: string;
+    readonly description: string;
+    readonly verify: GdhDeferredActionVerify;
+    readonly status: GdhDeferredActionStatus;
+    /** Optional ISO timestamp of last probe run; informational only. */
+    readonly last_checked_at?: string;
+}
+export interface GdhMigrationStateAppliedAt {
+    readonly package: string;
+    readonly schema: number;
+    readonly agentContract: number;
+}
+/**
+ * One recorded-result attempt history entry (D-08). Same shape as a slot, minus
+ * the `attempts` field (history doesn't recurse).
+ */
+export interface GdhMigrationEnvelopeAttempt {
+    readonly recorded_at: string;
+    readonly from_pin: string;
+    readonly to_pin: string;
+    readonly output_contract: GdhMigrationEnvelopeOutput;
+}
+/**
+ * Per-envelope-ref slot (D-08). One current slot per envelope; re-runs of
+ * `gdh migration record-envelope-result` append the prior slot's outer fields
+ * onto this slot's `attempts[]`.
+ */
+export interface GdhMigrationEnvelopeSlot {
+    readonly recorded_at: string;
+    readonly from_pin: string;
+    readonly to_pin: string;
+    readonly output_contract: GdhMigrationEnvelopeOutput;
+    readonly attempts: readonly GdhMigrationEnvelopeAttempt[];
+}
+/**
+ * In-flight resume marker (D-11). Set atomically at the applyMigrationChain
+ * pause point (alongside the durable backup); cleared atomically when the
+ * chain advances past that envelope on resume. Mirrors Phase 72's receipt-
+ * before-cleanup discipline for processes-snapshot.json — the marker is the
+ * resume substrate, distinct from the migration.json success receipt.
+ */
+export interface GdhPendingEnvelopeResumeMarker {
+    readonly envelope_ref: string;
+    readonly from_pin: string;
+    readonly to_pin: string;
+}
+/**
+ * Migration-state envelope (D-12).
+ *
+ * `migration_version` is `1` and locked; future shape changes require a new
+ * version number and a degraded-fallback path on read.
+ */
+export interface GdhMigrationState {
+    readonly migration_version: 1;
+    readonly last_applied_at: GdhMigrationStateAppliedAt;
+    readonly deferred_actions: readonly GdhDeferredAction[];
+    /**
+     * D-08 — per-envelope-ref recorded-result evidence. Optional for backward
+     * read-compat: Phase 72-written migration.json files omit this field, and
+     * the schema guard treats `undefined` as "no recorded results."
+     */
+    readonly envelopes?: Readonly<Record<string, GdhMigrationEnvelopeSlot>>;
+    /**
+     * D-11 — in-flight resume marker. Set when applyMigrationChain pauses on an
+     * unresolved envelope_ref; cleared when bumpAndRebakePin advances past that
+     * envelope on resume. Optional for back-compat: absence reads as "no pending
+     * envelope."
+     */
+    readonly pending_envelope_resume?: GdhPendingEnvelopeResumeMarker;
+}
+/**
+ * Read the migration-state envelope if present.
+ *
+ * Returns null when missing, parse-failed, or schema-invalid (T-72-05-04
+ * mitigation: degraded fallback prevents corrupted manifest from crashing
+ * status). Caller treats null as "no prior state" and the advisory gate
+ * keeps `deferredActions: []` with `backupAdvisory: null`.
+ */
+export declare function readMigrationState(targetPath: string): Promise<GdhMigrationState | null>;
+/**
+ * Write the migration-state envelope atomically (D-15).
+ *
+ * Uses {@link writeFileAtomic} (temp-file + POSIX rename) so the destination
+ * is either the previous state or the new state — never half-written content
+ * if the process is interrupted between writeFile and rename.
+ */
+export declare function writeMigrationState(targetPath: string, state: GdhMigrationState): Promise<void>;
+/**
+ * Idempotent first-run bootstrap (D-16).
+ *
+ * Returns the existing state when present; otherwise returns a fresh empty
+ * envelope using `defaultLastAppliedAt`. Never throws — corrupted state files
+ * degrade to a fresh empty envelope so the caller can re-establish provenance
+ * at the next rebake.
+ */
+export declare function bootstrapMigrationStateOrEmpty(targetPath: string, defaultLastAppliedAt: GdhMigrationStateAppliedAt): Promise<GdhMigrationState>;
+//# sourceMappingURL=migration-state.d.ts.map

package/node_modules/@gdh/core/dist/state/migration-state.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"migration-state.d.ts","sourceRoot":"","sources":["../../src/state/migration-state.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,kCAAkC,CAAC;AAEnF;;;;;;;GAOG;AACH,eAAO,MAAM,6BAA6B,8BAA8B,CAAC;AAEzE;;;;;;;;GAQG;AACH,MAAM,MAAM,uBAAuB,GAAG,SAAS,GAAG,OAAO,GAAG,OAAO,CAAC;AAEpE;;;;;GAKG;AACH,MAAM,MAAM,2BAA2B,GACnC,6BAA6B,GAC7B,iBAAiB,CAAC;AAEtB;;;;;GAKG;AACH,MAAM,WAAW,uBAAuB;IACtC,QAAQ,CAAC,IAAI,EAAE,2BAA2B,CAAC;IAC3C,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAC3C;AAED,MAAM,WAAW,iBAAiB;IAChC,QAAQ,CAAC,EAAE,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,MAAM,EAAE,uBAAuB,CAAC;IACzC,QAAQ,CAAC,MAAM,EAAE,uBAAuB,CAAC;IACzC,oEAAoE;IACpE,QAAQ,CAAC,eAAe,CAAC,EAAE,MAAM,CAAC;CACnC;AAED,MAAM,WAAW,0BAA0B;IACzC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;CAChC;AAED;;;GAGG;AACH,MAAM,WAAW,2BAA2B;IAC1C,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,eAAe,EAAE,0BAA0B,CAAC;CACtD;AAED;;;;GAIG;AACH,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,eAAe,EAAE,0BAA0B,CAAC;IACrD,QAAQ,CAAC,QAAQ,EAAE,SAAS,2BAA2B,EAAE,CAAC;CAC3D;AAED;;;;;;GAMG;AACH,MAAM,WAAW,8BAA8B;IAC7C,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;CACzB;AAED;;;;;GAKG;AACH,MAAM,WAAW,iBAAiB;IAChC,QAAQ,CAAC,iBAAiB,EAAE,CAAC,CAAC;IAC9B,QAAQ,CAAC,eAAe,EAAE,0BAA0B,CAAC;IACrD,QAAQ,CAAC,gBAAgB,EAAE,SAAS,iBAAiB,EAAE,CAAC;IACxD;;;;OAIG;IACH,QAAQ,CAAC,SAAS,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,wBAAwB,CAAC,CAAC,CAAC;IACxE;;;;;OAKG;IACH,QAAQ,CAAC,uBAAuB,CAAC,EAAE,8BAA8B,CAAC;CACnE;AAmHD;;;;;;;GAOG;AACH,wBAAsB,kBAAkB,CACtC,UAAU,EAAE,MAAM,GACjB,OAAO,CAAC,iBAAiB,GAAG,IAAI,CAAC,CAYnC;AAED;;;;;;GAMG;AACH,wBAAsB,mBAAmB,CACvC,UAAU,EAAE,MAAM,EAClB,KAAK,EAAE,iBAAiB,GACvB,OAAO,CAAC,IAAI,CAAC,CAGf;AAED;;;;;;;GAOG;AACH,wBAAsB,8BAA8B,CAClD,UAAU,EAAE,MAAM,EAClB,oBAAoB,EAAE,0BAA0B,GAC/C,OAAO,CAAC,iBAAiB,CAAC,CAQ5B"}