@soulguard/core 0.1.0

package/src/init.ts

@@ -0,0 +1,317 @@
+/**
+ * soulguard init — one-time workspace setup.
+ *
+ * Creates system user/group, writes config, syncs vault files,
+ * creates staging copies, generates scoped sudoers.
+ *
+ * Idempotent: skips already-completed steps, reports what was done.
+ * Requires root (sudo).
+ */
+
+import type { SyncResult } from "./sync.js";
+import type { SystemOperations } from "./system-ops.js";
+import type { SoulguardConfig, SystemIdentity, FileOwnership, Result, IOError } from "./types.js";
+import { ok, err } from "./result.js";
+import { sync } from "./sync.js";
+import { DEFAULT_CONFIG } from "./constants.js";
+import { resolvePatterns } from "./glob.js";
+
+/** Result of `soulguard init` — idempotent, booleans report what was done */
+export type InitResult = {
+  /** Whether the system user was created (false if it already existed) */
+  userCreated: boolean;
+  /** Whether the system group was created (false if it already existed) */
+  groupCreated: boolean;
+  /** Whether soulguard.json was written (false if it already existed) */
+  configCreated: boolean;
+  /** Whether the sudoers file was written */
+  sudoersCreated: boolean;
+  /** Whether staging directory was created */
+  stagingCreated: boolean;
+  /** Whether git was initialized (false if already existed or git disabled) */
+  gitInitialized: boolean;
+  /** Whether .gitignore was updated with staging entry */
+  gitignoreUpdated: boolean;
+  /** Sync result from the initial sync after setup */
+  syncResult: SyncResult;
+};
+
+/** Errors specific to init */
+export type InitError =
+  | { kind: "not_root"; message: string }
+  | { kind: "user_creation_failed"; message: string }
+  | { kind: "group_creation_failed"; message: string }
+  | { kind: "config_write_failed"; message: string }
+  | { kind: "sudoers_write_failed"; message: string }
+  | { kind: "staging_failed"; message: string }
+  | { kind: "git_failed"; message: string };
+
+/** Write content to an absolute path (outside workspace). Used for sudoers. */
+export type AbsoluteWriter = (path: string, content: string) => Promise<Result<void, IOError>>;
+
+/** Check if an absolute path exists (outside workspace). */
+export type AbsoluteExists = (path: string) => Promise<boolean>;
+
+export type InitOptions = {
+  ops: SystemOperations;
+  identity: SystemIdentity;
+  config?: SoulguardConfig;
+  /** Agent's OS username (for sudoers and staging ownership) */
+  agentUser: string;
+  /** Writer for files outside the workspace (sudoers). Keeps SystemOperations clean. */
+  writeAbsolute: AbsoluteWriter;
+  /** Check if absolute path exists. Used for sudoers idempotency. */
+  existsAbsolute: AbsoluteExists;
+  /** Path to write sudoers file (default: /etc/sudoers.d/soulguard) */
+  sudoersPath?: string;
+  /** @internal Skip root check (for testing only) */
+  _skipRootCheck?: boolean;
+};
+
+/** Generate scoped sudoers content */
+export function generateSudoers(agentUser: string, soulguardBin: string): string {
+  const cmds = ["sync", "stage", "status", "diff"].map((cmd) => `${soulguardBin} ${cmd} *`);
+  return `# Soulguard — scoped sudo for agent user\n${agentUser} ALL=(root) NOPASSWD: ${cmds.join(", ")}\n`;
+}
+
+const DEFAULT_SUDOERS_PATH = "/etc/sudoers.d/soulguard";
+const SOULGUARD_BIN = "/usr/local/bin/soulguard";
+
+export async function init(options: InitOptions): Promise<Result<InitResult, InitError>> {
+  const {
+    ops,
+    identity,
+    config: configOption,
+    agentUser,
+    writeAbsolute,
+    existsAbsolute,
+    sudoersPath = DEFAULT_SUDOERS_PATH,
+  } = options;
+  const config = configOption ?? DEFAULT_CONFIG;
+
+  // ── 0. Check root ─────────────────────────────────────────────────────
+  if (
+    !options._skipRootCheck &&
+    typeof process !== "undefined" &&
+    typeof process.getuid === "function" &&
+    process.getuid() !== 0
+  ) {
+    return err({ kind: "not_root", message: "soulguard init requires root. Run with sudo." });
+  }
+
+  // ── 1. Create group ──────────────────────────────────────────────────
+  let groupCreated = false;
+  const groupExists = await ops.groupExists(identity.group);
+  if (!groupExists.ok) {
+    return err({
+      kind: "group_creation_failed",
+      message: `check failed: ${groupExists.error.message}`,
+    });
+  }
+  if (!groupExists.value) {
+    const result = await ops.createGroup(identity.group);
+    if (!result.ok) {
+      return err({ kind: "group_creation_failed", message: result.error.message });
+    }
+    groupCreated = true;
+  }
+
+  // ── 2. Create user ───────────────────────────────────────────────────
+  let userCreated = false;
+  const userExists = await ops.userExists(identity.user);
+  if (!userExists.ok) {
+    return err({
+      kind: "user_creation_failed",
+      message: `check failed: ${userExists.error.message}`,
+    });
+  }
+  if (!userExists.value) {
+    const result = await ops.createUser(identity.user, identity.group);
+    if (!result.ok) {
+      return err({ kind: "user_creation_failed", message: result.error.message });
+    }
+    userCreated = true;
+  }
+
+  // ── 3. Write config ──────────────────────────────────────────────────
+  let configCreated = false;
+  const configExists = await ops.exists("soulguard.json");
+  if (!configExists.ok) {
+    return err({ kind: "config_write_failed", message: configExists.error.message });
+  }
+  if (!configExists.value) {
+    const content = JSON.stringify(config, null, 2) + "\n";
+    const result = await ops.writeFile("soulguard.json", content);
+    if (!result.ok) {
+      return err({ kind: "config_write_failed", message: `write failed: ${result.error.kind}` });
+    }
+    configCreated = true;
+  }
+
+  // ── 4. Sync vault files ──────────────────────────────────────────────
+  const vaultOwnership: FileOwnership = {
+    user: identity.user,
+    group: identity.group,
+    mode: "444",
+  };
+  const ledgerOwnership: FileOwnership = {
+    user: agentUser,
+    group: identity.group,
+    mode: "644",
+  };
+
+  const syncResult = await sync({
+    config,
+    expectedVaultOwnership: vaultOwnership,
+    expectedLedgerOwnership: ledgerOwnership,
+    ops,
+  });
+  if (!syncResult.ok) {
+    // sync currently never errors at the Result level, but handle it
+    return err({ kind: "config_write_failed", message: "sync failed unexpectedly" });
+  }
+
+  // ── 5. Create staging ────────────────────────────────────────────────
+  // Always (re)create staging — idempotent, self-healing on partial state
+  const stagingCreated = true;
+  const mkdirResult = await ops.mkdir(".soulguard/staging");
+  if (!mkdirResult.ok) {
+    return err({ kind: "staging_failed", message: `mkdir failed: ${mkdirResult.error.kind}` });
+  }
+  // .soulguard/ owned by soulguardian — agent CANNOT create/delete files here.
+  // Only staging/ is agent-writable.
+  const chownSg = await ops.chown(".soulguard", { user: identity.user, group: identity.group });
+  if (!chownSg.ok) {
+    return err({
+      kind: "staging_failed",
+      message: `chown .soulguard failed: ${chownSg.error.kind}`,
+    });
+  }
+  const chmodSg = await ops.chmod(".soulguard", "755");
+  if (!chmodSg.ok) {
+    return err({
+      kind: "staging_failed",
+      message: `chmod .soulguard failed: ${chmodSg.error.kind}`,
+    });
+  }
+  const chownStaging = await ops.chown(".soulguard/staging", {
+    user: agentUser,
+    group: identity.group,
+  });
+  if (!chownStaging.ok) {
+    return err({
+      kind: "staging_failed",
+      message: `chown staging failed: ${chownStaging.error.kind}`,
+    });
+  }
+  const chmodStaging = await ops.chmod(".soulguard/staging", "755");
+  if (!chmodStaging.ok) {
+    return err({
+      kind: "staging_failed",
+      message: `chmod staging failed: ${chmodStaging.error.kind}`,
+    });
+  }
+  // Copy vault files to staging (resolve globs first)
+  const vaultGlob = await resolvePatterns(ops, config.vault);
+  if (!vaultGlob.ok) {
+    return err({ kind: "staging_failed", message: `glob failed: ${vaultGlob.error.message}` });
+  }
+  const vaultFiles = vaultGlob.value;
+  for (const vaultFile of vaultFiles) {
+    const fileExists = await ops.exists(vaultFile);
+    if (fileExists.ok && fileExists.value) {
+      const copyResult = await ops.copyFile(vaultFile, `.soulguard/staging/${vaultFile}`);
+      if (!copyResult.ok) {
+        return err({
+          kind: "staging_failed",
+          message: `copy ${vaultFile} failed: ${copyResult.error.kind}`,
+        });
+      }
+      // Make staging copy agent-writable
+      const chownFile = await ops.chown(`.soulguard/staging/${vaultFile}`, {
+        user: agentUser,
+        group: identity.group,
+      });
+      if (!chownFile.ok) {
+        return err({
+          kind: "staging_failed",
+          message: `chown staging/${vaultFile} failed: ${chownFile.error.kind}`,
+        });
+      }
+      const chmodFile = await ops.chmod(`.soulguard/staging/${vaultFile}`, "644");
+      if (!chmodFile.ok) {
+        return err({
+          kind: "staging_failed",
+          message: `chmod staging/${vaultFile} failed: ${chmodFile.error.kind}`,
+        });
+      }
+    }
+  }
+
+  // ── 6. Git integration ────────────────────────────────────────────────
+  let gitInitialized = false;
+  let gitignoreUpdated = false;
+  if (config.git !== false) {
+    // Check if .git exists
+    const gitExists = await ops.exists(".git");
+    if (gitExists.ok && !gitExists.value) {
+      const gitResult = await ops.exec("git", ["init"]);
+      if (!gitResult.ok) {
+        return err({ kind: "git_failed", message: gitResult.error.message });
+      }
+      gitInitialized = true;
+    }
+
+    // Ensure .gitignore contains .soulguard/ (staging, pending, backup are all internal)
+    const soulguardEntry = ".soulguard/";
+    const gitignoreExists = await ops.exists(".gitignore");
+    if (gitignoreExists.ok && gitignoreExists.value) {
+      const content = await ops.readFile(".gitignore");
+      if (content.ok) {
+        const lines = content.value.split("\n");
+        if (!lines.some((line) => line.trim() === soulguardEntry)) {
+          const newContent = content.value.endsWith("\n")
+            ? content.value + soulguardEntry + "\n"
+            : content.value + "\n" + soulguardEntry + "\n";
+          const writeResult = await ops.writeFile(".gitignore", newContent);
+          if (!writeResult.ok) {
+            return err({
+              kind: "git_failed",
+              message: `write .gitignore: ${writeResult.error.kind}`,
+            });
+          }
+          gitignoreUpdated = true;
+        }
+      }
+    } else {
+      const writeResult = await ops.writeFile(".gitignore", soulguardEntry + "\n");
+      if (!writeResult.ok) {
+        return err({ kind: "git_failed", message: `create .gitignore: ${writeResult.error.kind}` });
+      }
+      gitignoreUpdated = true;
+    }
+  }
+
+  // ── 7. Write sudoers ─ ─────────────────────────────────────────────────
+  let sudoersCreated = false;
+  const sudoersAlreadyExists = await existsAbsolute(sudoersPath);
+  if (!sudoersAlreadyExists) {
+    const sudoersContent = generateSudoers(agentUser, SOULGUARD_BIN);
+    const sudoersResult = await writeAbsolute(sudoersPath, sudoersContent);
+    if (!sudoersResult.ok) {
+      return err({ kind: "sudoers_write_failed", message: sudoersResult.error.message });
+    }
+    sudoersCreated = true;
+  }
+
+  return ok({
+    userCreated,
+    groupCreated,
+    configCreated,
+    sudoersCreated,
+    stagingCreated,
+    gitInitialized,
+    gitignoreUpdated,
+    syncResult: syncResult.value,
+  });
+}

package/src/policy.test.ts

@@ -0,0 +1,123 @@
+import { describe, expect, test } from "bun:test";
+import { validatePolicies, evaluatePolicies } from "./policy.js";
+import type { Policy, ApprovalContext } from "./policy.js";
+import { ok, err } from "./result.js";
+
+function makeCtx(files: Record<string, string>): ApprovalContext {
+  const ctx: ApprovalContext = new Map();
+  for (const [path, content] of Object.entries(files)) {
+    ctx.set(path, { final: content, diff: "", previous: "" });
+  }
+  return ctx;
+}
+
+describe("validatePolicies", () => {
+  test("accepts unique names", () => {
+    const result = validatePolicies([
+      { name: "policy-a", check: () => ok(undefined) },
+      { name: "policy-b", check: () => ok(undefined) },
+    ]);
+    expect(result.ok).toBe(true);
+  });
+
+  test("rejects duplicate names", () => {
+    const result = validatePolicies([
+      { name: "policy-a", check: () => ok(undefined) },
+      { name: "policy-a", check: () => ok(undefined) },
+    ]);
+    expect(result.ok).toBe(false);
+    if (result.ok) return;
+    expect(result.error.kind).toBe("policy_name_collision");
+    expect(result.error.duplicates).toEqual(["policy-a"]);
+  });
+
+  test("reports all duplicates", () => {
+    const result = validatePolicies([
+      { name: "a", check: () => ok(undefined) },
+      { name: "b", check: () => ok(undefined) },
+      { name: "a", check: () => ok(undefined) },
+      { name: "b", check: () => ok(undefined) },
+    ]);
+    expect(result.ok).toBe(false);
+    if (result.ok) return;
+    expect(result.error.duplicates).toEqual(["a", "b"]);
+  });
+
+  test("accepts empty array", () => {
+    const result = validatePolicies([]);
+    expect(result.ok).toBe(true);
+  });
+});
+
+describe("evaluatePolicies", () => {
+  test("passes when all policies pass", async () => {
+    const policies: Policy[] = [
+      { name: "always-ok", check: () => ok(undefined) },
+      { name: "also-ok", check: () => ok(undefined) },
+    ];
+    const result = await evaluatePolicies(policies, makeCtx({ "SOUL.md": "content" }));
+    expect(result.ok).toBe(true);
+  });
+
+  test("fails with violation when policy rejects", async () => {
+    const policies: Policy[] = [{ name: "strict", check: () => err("not allowed") }];
+    const result = await evaluatePolicies(policies, makeCtx({ "SOUL.md": "content" }));
+    expect(result.ok).toBe(false);
+    if (result.ok) return;
+    expect(result.error.violations).toHaveLength(1);
+    expect(result.error.violations[0]!.policy).toBe("strict");
+    expect(result.error.violations[0]!.message).toBe("not allowed");
+  });
+
+  test("evaluates ALL policies (no short-circuit)", async () => {
+    const policies: Policy[] = [
+      { name: "first", check: () => err("fail 1") },
+      { name: "second", check: () => err("fail 2") },
+      { name: "third", check: () => ok(undefined) },
+    ];
+    const result = await evaluatePolicies(policies, makeCtx({ "SOUL.md": "content" }));
+    expect(result.ok).toBe(false);
+    if (result.ok) return;
+    expect(result.error.violations).toHaveLength(2);
+    expect(result.error.violations[0]!.policy).toBe("first");
+    expect(result.error.violations[1]!.policy).toBe("second");
+  });
+
+  test("supports async policy checks", async () => {
+    const policies: Policy[] = [
+      {
+        name: "async-check",
+        check: async (ctx) => {
+          const soul = ctx.get("SOUL.md");
+          if (soul?.final.includes("evil")) return err("evil content");
+          return ok(undefined);
+        },
+      },
+    ];
+    const passResult = await evaluatePolicies(policies, makeCtx({ "SOUL.md": "good content" }));
+    expect(passResult.ok).toBe(true);
+
+    const failResult = await evaluatePolicies(policies, makeCtx({ "SOUL.md": "evil content" }));
+    expect(failResult.ok).toBe(false);
+  });
+
+  test("receives correct context", async () => {
+    let captured: ApprovalContext | undefined;
+    const policies: Policy[] = [
+      {
+        name: "capture",
+        check: (ctx) => {
+          captured = ctx;
+          return ok(undefined);
+        },
+      },
+    ];
+    const ctx = new Map([
+      ["SOUL.md", { final: "new soul", diff: "some diff", previous: "old soul" }],
+    ]);
+    await evaluatePolicies(policies, ctx);
+    expect(captured).toBeDefined();
+    expect(captured!.get("SOUL.md")!.final).toBe("new soul");
+    expect(captured!.get("SOUL.md")!.previous).toBe("old soul");
+  });
+});

package/src/policy.ts

@@ -0,0 +1,100 @@
+/**
+ * Policy hooks for soulguard approve.
+ *
+ * Policies are named check functions that run before vault changes are applied.
+ * Each receives an ApprovalContext (map of file path → { final, diff, previous })
+ * and returns ok() to allow or err() to block.
+ *
+ * Multiple policies can be registered. All are evaluated — if any fail,
+ * the approval is blocked and all violations are reported.
+ */
+
+import type { Result } from "./result.js";
+import { ok, err } from "./result.js";
+
+// ── Types ──────────────────────────────────────────────────────────────
+
+/** Context passed to policy check functions. */
+export type ApprovalContext = Map<
+  string,
+  {
+    /** Content that would be applied (staging content) */
+    final: string;
+    /** Unified diff string (vault → staging) */
+    diff: string;
+    /** Current vault content (empty string for new files) */
+    previous: string;
+  }
+>;
+
+/** A single policy violation. */
+export type PolicyViolation = {
+  policy: string;
+  message: string;
+};
+
+/** Error returned when one or more policies block approval. */
+export type PolicyError = {
+  kind: "policy_violation";
+  violations: PolicyViolation[];
+};
+
+/** A named policy check function. */
+export type Policy = {
+  /** Unique name for this policy (e.g. "chelae-plugin-required") */
+  name: string;
+  /** Check function — return ok() to allow, err(message) to block. */
+  check: (ctx: ApprovalContext) => Result<void, string> | Promise<Result<void, string>>;
+};
+
+// ── Validation ─────────────────────────────────────────────────────────
+
+/** Error when policies have duplicate names. */
+export type PolicyCollisionError = {
+  kind: "policy_name_collision";
+  duplicates: string[];
+};
+
+/**
+ * Validate that all policy names are unique.
+ * Returns the duplicate names if any collisions exist.
+ */
+export function validatePolicies(policies: Policy[]): Result<void, PolicyCollisionError> {
+  const seen = new Set<string>();
+  const duplicates: string[] = [];
+  for (const p of policies) {
+    if (seen.has(p.name)) {
+      duplicates.push(p.name);
+    }
+    seen.add(p.name);
+  }
+  if (duplicates.length > 0) {
+    return err({ kind: "policy_name_collision", duplicates });
+  }
+  return ok(undefined);
+}
+
+// ── Evaluation ─────────────────────────────────────────────────────────
+
+/**
+ * Run all policies against an approval context.
+ * All policies are evaluated (not short-circuited) so all violations are reported.
+ */
+export async function evaluatePolicies(
+  policies: Policy[],
+  ctx: ApprovalContext,
+): Promise<Result<void, PolicyError>> {
+  const violations: PolicyViolation[] = [];
+
+  for (const policy of policies) {
+    const result = await policy.check(ctx);
+    if (!result.ok) {
+      violations.push({ policy: policy.name, message: result.error });
+    }
+  }
+
+  if (violations.length > 0) {
+    return err({ kind: "policy_violation", violations });
+  }
+  return ok(undefined);
+}

package/src/reset.test.ts

@@ -0,0 +1,68 @@
+import { describe, expect, test } from "bun:test";
+import { MockSystemOps } from "./system-ops-mock.js";
+import { reset } from "./reset.js";
+import { diff } from "./diff.js";
+import type { SoulguardConfig } from "./types.js";
+
+const config: SoulguardConfig = { vault: ["SOUL.md"], ledger: [] };
+
+function setup() {
+  const ops = new MockSystemOps("/workspace");
+  ops.addFile("SOUL.md", "original soul", {
+    owner: "soulguardian",
+    group: "soulguard",
+    mode: "444",
+  });
+  ops.addFile(".soulguard/staging", "", { owner: "root", group: "root", mode: "755" });
+  ops.addFile(".soulguard/staging/SOUL.md", "modified soul", {
+    owner: "agent",
+    group: "soulguard",
+    mode: "644",
+  });
+  return ops;
+}
+
+describe("reset (implicit proposals)", () => {
+  test("resets staging to match vault", async () => {
+    const ops = setup();
+
+    const result = await reset({ ops, config });
+    expect(result.ok).toBe(true);
+    if (!result.ok) return;
+    expect(result.value.resetFiles).toEqual(["SOUL.md"]);
+
+    // Staging should now match vault
+    const diffResult = await diff({ ops, config });
+    expect(diffResult.ok).toBe(true);
+    if (diffResult.ok) expect(diffResult.value.hasChanges).toBe(false);
+  });
+
+  test("returns empty resetFiles when staging matches vault", async () => {
+    const ops = new MockSystemOps("/workspace");
+    ops.addFile("SOUL.md", "same", { owner: "soulguardian", group: "soulguard", mode: "444" });
+    ops.addFile(".soulguard/staging", "", { owner: "root", group: "root", mode: "755" });
+    ops.addFile(".soulguard/staging/SOUL.md", "same", {
+      owner: "agent",
+      group: "soulguard",
+      mode: "644",
+    });
+
+    const result = await reset({ ops, config });
+    expect(result.ok).toBe(true);
+    if (!result.ok) return;
+    expect(result.value.resetFiles).toEqual([]);
+  });
+
+  test("applies staging ownership after reset", async () => {
+    const ops = setup();
+    const stagingOwnership = { user: "agent", group: "soulguard", mode: "644" };
+
+    const result = await reset({ ops, config, stagingOwnership });
+    expect(result.ok).toBe(true);
+
+    // Check staging content matches vault
+    const stagingContent = await ops.readFile(".soulguard/staging/SOUL.md");
+    expect(stagingContent.ok).toBe(true);
+    if (stagingContent.ok) expect(stagingContent.value).toBe("original soul");
+  });
+});

package/src/reset.ts

@@ -0,0 +1,63 @@
+/**
+ * soulguard reset — reset staging copies to match vault originals.
+ *
+ * With implicit proposals, reset simply resets staging to match vault.
+ * Staging IS the proposal — resetting it discards all pending changes.
+ */
+
+import type { SystemOperations } from "./system-ops.js";
+import type { FileOwnership, SoulguardConfig, Result } from "./types.js";
+import { diff } from "./diff.js";
+import { ok, err } from "./result.js";
+
+export type ResetOptions = {
+  ops: SystemOperations;
+  config: SoulguardConfig;
+  /** Ownership to apply to reset staging files (agent-writable) */
+  stagingOwnership?: FileOwnership;
+};
+
+export type ResetResult = {
+  /** Files whose staging copies were reset */
+  resetFiles: string[];
+};
+
+export type ResetError = { kind: "reset_failed"; message: string };
+
+/**
+ * Reset staging changes to match vault.
+ */
+export async function reset(options: ResetOptions): Promise<Result<ResetResult, ResetError>> {
+  const { ops, config, stagingOwnership } = options;
+
+  // Compute current diff to find what needs resetting
+  const diffResult = await diff({ ops, config });
+  if (!diffResult.ok) {
+    return err({ kind: "reset_failed", message: `Diff failed: ${diffResult.error.kind}` });
+  }
+
+  if (!diffResult.value.hasChanges) {
+    return ok({ resetFiles: [] });
+  }
+
+  // Reset staging copies to match vault originals
+  // Handles modified (overwrite) and deleted (recreate staging copy)
+  const resetFiles: string[] = [];
+  const resettableFiles = diffResult.value.files.filter(
+    (f) => f.status === "modified" || f.status === "deleted",
+  );
+
+  for (const file of resettableFiles) {
+    const stagingPath = `.soulguard/staging/${file.path}`;
+    const copyResult = await ops.copyFile(file.path, stagingPath);
+    if (copyResult.ok) {
+      if (stagingOwnership) {
+        await ops.chown(stagingPath, stagingOwnership);
+        await ops.chmod(stagingPath, stagingOwnership.mode);
+      }
+      resetFiles.push(file.path);
+    }
+  }
+
+  return ok({ resetFiles });
+}

package/src/result.ts

@@ -0,0 +1,14 @@
+/**
+ * Generic Result pattern for explicit error handling.
+ * Domain-specific error types live with their domain (system-ops, status, etc.).
+ */
+
+export type Result<T, E> = { ok: true; value: T } | { ok: false; error: E };
+
+export function ok<T>(value: T): Result<T, never> {
+  return { ok: true, value };
+}
+
+export function err<E>(error: E): Result<never, E> {
+  return { ok: false, error };
+}