@standards-kit/conform 0.1.0 → 0.2.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Chris Little
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,143 @@
+# @standards-kit/conform
+
+In-repo standards enforcement CLI. Validates your repository against configured standards for code quality, process compliance, and infrastructure configuration.
+
+## Installation
+
+```bash
+npm install -D @standards-kit/conform
+```
+
+## Quick Start
+
+```bash
+# Initialize configuration
+npx conform init
+
+# Run all checks
+npx conform check
+
+# Run specific domain
+npx conform check --domain code
+npx conform check --domain process
+npx conform check --domain infra
+```
+
+## Configuration
+
+Create a `standards.toml` file in your repository root:
+
+```toml
+[metadata]
+tier = "standard"  # minimal, standard, or strict
+
+[code]
+typescript = true
+eslint = true
+prettier = true
+unused_code = true
+security = true
+
+[process]
+pre_commit_hooks = true
+branch_protection = true
+semantic_commits = true
+changelog = true
+
+[infra]
+manifest = "infra/manifest.toml"
+```
+
+### Extending Configurations
+
+```toml
+extends = "standards-community:typescript-production"
+
+[metadata]
+tier = "strict"
+
+# Override specific settings
+[code]
+coverage_threshold = 90
+```
+
+## Domains
+
+### Code Domain
+
+Validates code quality standards:
+- TypeScript configuration
+- ESLint rules
+- Prettier formatting
+- Unused code detection
+- Security scanning
+- Test coverage
+
+### Process Domain
+
+Validates development process standards:
+- Pre-commit hooks
+- Branch protection rules
+- Commit message format
+- Changelog requirements
+- PR templates
+- CI/CD configuration
+
+### Infra Domain
+
+Validates infrastructure configuration:
+- Resource existence checks
+- Configuration validation
+- Manifest compliance
+
+## CLI Commands
+
+```bash
+# Run all checks
+conform check
+
+# Run specific domain
+conform check --domain code
+
+# Output as JSON
+conform check --format json
+
+# Initialize new config
+conform init
+
+# Validate config file
+conform validate
+
+# Show version
+conform --version
+```
+
+## MCP Server
+
+Conform includes an MCP (Model Context Protocol) server for integration with AI assistants:
+
+```bash
+conform mcp
+```
+
+## Exit Codes
+
+| Code | Meaning |
+|------|---------|
+| 0 | All checks passed |
+| 1 | One or more checks failed |
+| 2 | Configuration error |
+| 3 | Runtime error |
+
+## Migration from check-my-toolkit
+
+See the [Migration Guide](../../docs/migration.md) for details on migrating from `check-my-toolkit`.
+
+Key changes:
+- Config file: `check.toml` -> `standards.toml`
+- CLI command: `cm` -> `conform`
+- Package name: `check-my-toolkit` -> `@standards-kit/conform`
+
+## License
+
+MIT

package/dist/{chunk-P7TIZJ4C.js → chunk-DXIYZR62.js}

@@ -1,4 +1,4 @@
-// ../core/src/types.ts
+// src/core/types.ts
 var ViolationBuilder = {
   create(options) {
     return {
@@ -82,4 +82,4 @@ export {
   DomainResultBuilder,
   ExitCode
 };
-//# sourceMappingURL=chunk-P7TIZJ4C.js.map
+//# sourceMappingURL=chunk-DXIYZR62.js.map

package/dist/chunk-DXIYZR62.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/core/types.ts"],"sourcesContent":["/**\n * Shared types for standards-kit\n */\n\n// =============================================================================\n// Core Types\n// =============================================================================\n\n/** Severity levels for violations */\nexport type Severity = \"error\" | \"warning\";\n\n/** Status for domain results */\nexport type DomainStatus = \"pass\" | \"fail\" | \"skip\";\n\n/** A single violation found by a check */\nexport interface Violation {\n  rule: string;\n  tool: string;\n  file?: string;\n  line?: number;\n  column?: number;\n  message: string;\n  code?: string;\n  severity: Severity;\n}\n\n/** Result of running a single check */\nexport interface CheckResult {\n  name: string;\n  rule: string;\n  passed: boolean;\n  violations: Violation[];\n  skipped: boolean;\n  skipReason?: string;\n  duration?: number;\n}\n\n/** Result of running all checks in a domain */\nexport interface DomainResult {\n  domain: string;\n  status: DomainStatus;\n  checks: CheckResult[];\n  violationCount: number;\n}\n\n/** Full result of conform check or conform audit */\nexport interface FullResult {\n  version: string;\n  configPath: string;\n  domains: Record<string, DomainResult>;\n  summary: {\n    totalViolations: number;\n    exitCode: number;\n  };\n}\n\n// =============================================================================\n// Tool Interface\n// =============================================================================\n\n/** Interface for tool runners (ESLint, Ruff, tsc, etc.) */\nexport interface IToolRunner {\n  /** Display name of the tool */\n  readonly name: string;\n  /** Rule category (e.g., \"code.linting\") */\n  readonly rule: string;\n  /** Tool identifier for violations */\n  readonly toolId: string;\n  /** Config file patterns to look for */\n  readonly configFiles: string[];\n\n  /** Run the tool and return check results */\n  run(projectRoot: string): Promise<CheckResult>;\n\n  /** Audit that config exists without running the tool */\n  audit(projectRoot: string): Promise<CheckResult>;\n}\n\n// =============================================================================\n// Builders\n// =============================================================================\n\n/** Options for creating a violation */\nexport interface ViolationOptions {\n  rule: string;\n  tool: string;\n  message: string;\n  severity: Severity;\n  file?: string;\n  line?: number;\n  column?: number;\n  code?: string;\n}\n\n/** Builder for creating Violation objects */\nexport const ViolationBuilder = {\n  create(options: ViolationOptions): Violation {\n    return {\n      rule: options.rule,\n      tool: options.tool,\n      message: options.message,\n      severity: options.severity,\n      ...(options.file && { file: options.file }),\n      ...(options.line && { line: options.line }),\n      ...(options.column && { column: options.column }),\n      ...(options.code && { code: options.code }),\n    };\n  },\n\n  error(rule: string, tool: string, message: string, code?: string): Violation {\n    return { rule, tool, message, severity: \"error\", code };\n  },\n\n  warning(rule: string, tool: string, message: string, code?: string): Violation {\n    return { rule, tool, message, severity: \"warning\", code };\n  },\n};\n\n/** Builder for creating CheckResult objects */\nexport const CheckResultBuilder = {\n  pass(name: string, rule: string, duration?: number): CheckResult {\n    return {\n      name,\n      rule,\n      passed: true,\n      violations: [],\n      skipped: false,\n      duration,\n    };\n  },\n\n  fail(name: string, rule: string, violations: Violation[], duration?: number): CheckResult {\n    return {\n      name,\n      rule,\n      passed: false,\n      violations,\n      skipped: false,\n      duration,\n    };\n  },\n\n  skip(name: string, rule: string, reason: string, duration?: number): CheckResult {\n    return {\n      name,\n      rule,\n      passed: true,\n      violations: [],\n      skipped: true,\n      skipReason: reason,\n      duration,\n    };\n  },\n\n  fromViolations(\n    name: string,\n    rule: string,\n    violations: Violation[],\n    duration?: number\n  ): CheckResult {\n    return violations.length === 0\n      ? CheckResultBuilder.pass(name, rule, duration)\n      : CheckResultBuilder.fail(name, rule, violations, duration);\n  },\n};\n\n/** Builder for creating DomainResult objects */\nexport const DomainResultBuilder = {\n  fromChecks(domain: string, checks: CheckResult[]): DomainResult {\n    const violationCount = checks.reduce((sum, check) => sum + check.violations.length, 0);\n    const allPassed = checks.every((check) => check.passed || check.skipped);\n    const allSkipped = checks.length === 0 || checks.every((check) => check.skipped);\n\n    let status: DomainStatus = \"fail\";\n    if (allSkipped) {\n      status = \"skip\";\n    } else if (allPassed) {\n      status = \"pass\";\n    }\n\n    return { domain, status, checks, violationCount };\n  },\n};\n\n// =============================================================================\n// Exit Codes\n// =============================================================================\n\nexport const ExitCode = {\n  SUCCESS: 0,\n  VIOLATIONS_FOUND: 1,\n  CONFIG_ERROR: 2,\n  RUNTIME_ERROR: 3,\n} as const;\n\nexport type ExitCodeType = (typeof ExitCode)[keyof typeof ExitCode];\n"],"mappings":";AA+FO,IAAM,mBAAmB;AAAA,EAC9B,OAAO,SAAsC;AAC3C,WAAO;AAAA,MACL,MAAM,QAAQ;AAAA,MACd,MAAM,QAAQ;AAAA,MACd,SAAS,QAAQ;AAAA,MACjB,UAAU,QAAQ;AAAA,MAClB,GAAI,QAAQ,QAAQ,EAAE,MAAM,QAAQ,KAAK;AAAA,MACzC,GAAI,QAAQ,QAAQ,EAAE,MAAM,QAAQ,KAAK;AAAA,MACzC,GAAI,QAAQ,UAAU,EAAE,QAAQ,QAAQ,OAAO;AAAA,MAC/C,GAAI,QAAQ,QAAQ,EAAE,MAAM,QAAQ,KAAK;AAAA,IAC3C;AAAA,EACF;AAAA,EAEA,MAAM,MAAc,MAAc,SAAiB,MAA0B;AAC3E,WAAO,EAAE,MAAM,MAAM,SAAS,UAAU,SAAS,KAAK;AAAA,EACxD;AAAA,EAEA,QAAQ,MAAc,MAAc,SAAiB,MAA0B;AAC7E,WAAO,EAAE,MAAM,MAAM,SAAS,UAAU,WAAW,KAAK;AAAA,EAC1D;AACF;AAGO,IAAM,qBAAqB;AAAA,EAChC,KAAK,MAAc,MAAc,UAAgC;AAC/D,WAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,MACR,YAAY,CAAC;AAAA,MACb,SAAS;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAAA,EAEA,KAAK,MAAc,MAAc,YAAyB,UAAgC;AACxF,WAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,MACR;AAAA,MACA,SAAS;AAAA,MACT;AAAA,IACF;AAAA,EACF;AAAA,EAEA,KAAK,MAAc,MAAc,QAAgB,UAAgC;AAC/E,WAAO;AAAA,MACL;AAAA,MACA;AAAA,MACA,QAAQ;AAAA,MACR,YAAY,CAAC;AAAA,MACb,SAAS;AAAA,MACT,YAAY;AAAA,MACZ;AAAA,IACF;AAAA,EACF;AAAA,EAEA,eACE,MACA,MACA,YACA,UACa;AACb,WAAO,WAAW,WAAW,IACzB,mBAAmB,KAAK,MAAM,MAAM,QAAQ,IAC5C,mBAAmB,KAAK,MAAM,MAAM,YAAY,QAAQ;AAAA,EAC9D;AACF;AAGO,IAAM,sBAAsB;AAAA,EACjC,WAAW,QAAgB,QAAqC;AAC9D,UAAM,iBAAiB,OAAO,OAAO,CAAC,KAAK,UAAU,MAAM,MAAM,WAAW,QAAQ,CAAC;AACrF,UAAM,YAAY,OAAO,MAAM,CAAC,UAAU,MAAM,UAAU,MAAM,OAAO;AACvE,UAAM,aAAa,OAAO,WAAW,KAAK,OAAO,MAAM,CAAC,UAAU,MAAM,OAAO;AAE/E,QAAI,SAAuB;AAC3B,QAAI,YAAY;AACd,eAAS;AAAA,IACX,WAAW,WAAW;AACpB,eAAS;AAAA,IACX;AAEA,WAAO,EAAE,QAAQ,QAAQ,QAAQ,eAAe;AAAA,EAClD;AACF;AAMO,IAAM,WAAW;AAAA,EACtB,SAAS;AAAA,EACT,kBAAkB;AAAA,EAClB,cAAc;AAAA,EACd,eAAe;AACjB;","names":[]}

package/dist/{chunk-RXA4FO7L.js → chunk-NADY2H35.js}

@@ -1,11 +1,15 @@
+import {
+  CACHE,
+  STANDARDS_REPO,
+  TIMEOUTS
+} from "./chunk-RHM53NLG.js";
+
 // src/mcp/standards/fetcher.ts
 import * as fs from "fs";
 import * as os from "os";
 import * as path from "path";
 import { execa } from "execa";
-var DEFAULT_OWNER = "palindrom-ai";
-var DEFAULT_REPO = "standards";
-var CACHE_DIR = path.join(os.tmpdir(), "cm-standards-cache");
+var CACHE_DIR = path.join(os.tmpdir(), CACHE.standardsCacheDir);
 function parseGitHubSource(source) {
   const remainder = source.slice(7);
   const atIndex = remainder.indexOf("@");
@@ -64,7 +68,7 @@ function buildGitHubUrl(auth, owner, repo) {
 }
 async function updateExistingRepo(repoDir) {
   try {
-    await execa("git", ["pull", "--ff-only"], { cwd: repoDir, timeout: 3e4 });
+    await execa("git", ["pull", "--ff-only"], { cwd: repoDir, timeout: TIMEOUTS.git });
     return true;
   } catch {
     fs.rmSync(repoDir, { recursive: true, force: true });
@@ -82,12 +86,12 @@ async function cloneRepo(repoDir, owner, repo, ref) {
     }
     args.push(url, repoDir);
     await execa("git", args, {
-      timeout: 3e4
+      timeout: TIMEOUTS.git
     });
   } catch (error) {
     const message = error instanceof Error ? error.message : String(error);
     if (message.includes("timed out")) {
-      throw new StandardsError(`Standards repo clone timed out after 30 seconds`);
+      throw new StandardsError(`Standards repo clone timed out after ${TIMEOUTS.git / 1e3} seconds`);
     }
     throw new StandardsError(`Failed to clone standards repo: ${message}`);
   }
@@ -122,7 +126,7 @@ async function fetchStandardsRepoFromSource(source, basePath) {
   return fetchGitHubRepo(parsed.owner, parsed.repo, parsed.ref);
 }
 async function fetchStandardsRepo() {
-  return fetchGitHubRepo(DEFAULT_OWNER, DEFAULT_REPO);
+  return fetchGitHubRepo(STANDARDS_REPO.owner, STANDARDS_REPO.repo);
 }
 function getGuidelinesDir(repoPath) {
   return path.join(repoPath, "guidelines");
@@ -276,4 +280,4 @@ export {
   matchGuidelines,
   composeGuidelines
 };
-//# sourceMappingURL=chunk-RXA4FO7L.js.map
+//# sourceMappingURL=chunk-NADY2H35.js.map

package/dist/chunk-NADY2H35.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/mcp/standards/fetcher.ts","../src/mcp/standards/parser.ts","../src/mcp/standards/matcher.ts"],"sourcesContent":["/**\n * Fetches the standards repository from GitHub or local filesystem\n */\nimport * as fs from \"node:fs\";\nimport * as os from \"node:os\";\nimport * as path from \"node:path\";\n\nimport { execa } from \"execa\";\n\nimport { CACHE, STANDARDS_REPO, TIMEOUTS } from \"../../constants.js\";\n\nconst CACHE_DIR = path.join(os.tmpdir(), CACHE.standardsCacheDir);\n\n/** Parsed GitHub source */\ninterface GitHubSource {\n  type: \"github\";\n  owner: string;\n  repo: string;\n  ref?: string;\n}\n\n/** Parsed local source */\ninterface LocalSource {\n  type: \"local\";\n  path: string;\n}\n\n/** Parsed source type */\ntype ParsedSource = GitHubSource | LocalSource;\n\n/** Parse github:owner/repo[@ref] format */\nfunction parseGitHubSource(source: string): GitHubSource {\n  const remainder = source.slice(7); // Remove \"github:\"\n  const atIndex = remainder.indexOf(\"@\");\n  const ownerRepo = atIndex !== -1 ? remainder.slice(0, atIndex) : remainder;\n  const ref = atIndex !== -1 ? remainder.slice(atIndex + 1) : undefined;\n  const slashIndex = ownerRepo.indexOf(\"/\");\n\n  if (slashIndex === -1) {\n    throw new StandardsError(`Invalid GitHub source format: ${source}. Expected github:owner/repo`);\n  }\n\n  const owner = ownerRepo.slice(0, slashIndex);\n  const repo = ownerRepo.slice(slashIndex + 1);\n\n  if (!owner || !repo) {\n    throw new StandardsError(`Invalid GitHub source format: ${source}. Expected github:owner/repo`);\n  }\n\n  return { type: \"github\", owner, repo, ref };\n}\n\n/**\n * Parse a source string into owner/repo/ref or local path.\n * Formats:\n * - \"github:owner/repo\" - GitHub repository\n * - \"github:owner/repo@ref\" - GitHub with branch/tag\n * - Local filesystem path (absolute or relative)\n */\nfunction parseSource(source: string): ParsedSource {\n  if (source.startsWith(\"github:\")) {\n    return parseGitHubSource(source);\n  }\n  return { type: \"local\", path: source };\n}\n\n/** Error class for standards fetching failures */\nexport class StandardsError extends Error {\n  constructor(message: string) {\n    super(message);\n    this.name = \"StandardsError\";\n  }\n}\n\n/** Authentication method for GitHub */\ntype AuthMethod = \"token\" | \"ssh\" | \"none\";\n\n/**\n * Detect authentication method based on environment variables.\n * Priority: CM_REGISTRY_TOKEN > GITHUB_TOKEN > SSH key detection > none\n */\nfunction detectAuthMethod(): AuthMethod {\n  if (process.env.CM_REGISTRY_TOKEN || process.env.GITHUB_TOKEN) {\n    return \"token\";\n  }\n  if (process.env.SSH_AUTH_SOCK) {\n    return \"ssh\";\n  }\n  return \"none\";\n}\n\n/**\n * Get the authentication token from environment variables.\n */\nfunction getAuthToken(): string | undefined {\n  return process.env.CM_REGISTRY_TOKEN ?? process.env.GITHUB_TOKEN;\n}\n\n/**\n * Build the git URL for a repository based on auth method.\n */\nfunction buildGitHubUrl(auth: AuthMethod, owner: string, repo: string): string {\n  switch (auth) {\n    case \"ssh\":\n      return `git@github.com:${owner}/${repo}.git`;\n    case \"token\": {\n      const token = getAuthToken();\n      if (token) {\n        return `https://x-access-token:${token}@github.com/${owner}/${repo}.git`;\n      }\n      return `https://github.com/${owner}/${repo}.git`;\n    }\n    case \"none\":\n    default:\n      return `https://github.com/${owner}/${repo}.git`;\n  }\n}\n\n/**\n * Update an existing cloned repository.\n */\nasync function updateExistingRepo(repoDir: string): Promise<boolean> {\n  try {\n    await execa(\"git\", [\"pull\", \"--ff-only\"], { cwd: repoDir, timeout: TIMEOUTS.git });\n    return true;\n  } catch {\n    // If update fails, remove the directory so it will be re-cloned\n    fs.rmSync(repoDir, { recursive: true, force: true });\n    return false;\n  }\n}\n\n/**\n * Clone a repository from GitHub.\n */\nasync function cloneRepo(repoDir: string, owner: string, repo: string, ref?: string): Promise<void> {\n  fs.mkdirSync(CACHE_DIR, { recursive: true });\n\n  const auth = detectAuthMethod();\n  const url = buildGitHubUrl(auth, owner, repo);\n\n  try {\n    const args = [\"clone\", \"--depth\", \"1\"];\n    if (ref) {\n      args.push(\"--branch\", ref);\n    }\n    args.push(url, repoDir);\n\n    await execa(\"git\", args, {\n      timeout: TIMEOUTS.git,\n    });\n  } catch (error) {\n    const message = error instanceof Error ? error.message : String(error);\n    if (message.includes(\"timed out\")) {\n      throw new StandardsError(`Standards repo clone timed out after ${TIMEOUTS.git / 1000} seconds`);\n    }\n    throw new StandardsError(`Failed to clone standards repo: ${message}`);\n  }\n}\n\n/**\n * Fetch a GitHub repository, caching it locally.\n * Returns the path to the cached repository.\n */\nasync function fetchGitHubRepo(owner: string, repo: string, ref?: string): Promise<string> {\n  const cacheKey = ref ? `${owner}-${repo}-${ref}` : `${owner}-${repo}`;\n  const repoDir = path.join(CACHE_DIR, cacheKey);\n\n  // If repo exists, try to update it\n  if (fs.existsSync(repoDir)) {\n    await updateExistingRepo(repoDir);\n  }\n\n  // Clone if it doesn't exist (either first time or after failed update)\n  if (!fs.existsSync(repoDir)) {\n    await cloneRepo(repoDir, owner, repo, ref);\n  }\n\n  return repoDir;\n}\n\n/**\n * Resolve a local source path to an absolute path.\n */\nfunction resolveLocalPath(localPath: string, basePath?: string): string {\n  if (path.isAbsolute(localPath)) {\n    return localPath;\n  }\n  const base = basePath ?? process.cwd();\n  return path.resolve(base, localPath);\n}\n\n/**\n * Fetch the standards repository from a source string.\n * Supports:\n * - \"github:owner/repo\" - GitHub repository\n * - \"github:owner/repo@ref\" - GitHub with branch/tag\n * - Local filesystem path (absolute or relative)\n *\n * @param source - Source string to fetch from\n * @param basePath - Base path for resolving relative local paths (defaults to cwd)\n * @returns Path to the standards repository\n */\nexport async function fetchStandardsRepoFromSource(\n  source: string,\n  basePath?: string\n): Promise<string> {\n  const parsed = parseSource(source);\n\n  if (parsed.type === \"local\") {\n    const resolvedPath = resolveLocalPath(parsed.path, basePath);\n    if (!fs.existsSync(resolvedPath)) {\n      throw new StandardsError(`Local standards path does not exist: ${resolvedPath}`);\n    }\n    return resolvedPath;\n  }\n\n  return fetchGitHubRepo(parsed.owner, parsed.repo, parsed.ref);\n}\n\n/**\n * Fetch the default standards repository, caching it locally.\n * Returns the path to the cached repository.\n */\nexport async function fetchStandardsRepo(): Promise<string> {\n  return fetchGitHubRepo(STANDARDS_REPO.owner, STANDARDS_REPO.repo);\n}\n\n/**\n * Get the path to the guidelines directory.\n */\nexport function getGuidelinesDir(repoPath: string): string {\n  return path.join(repoPath, \"guidelines\");\n}\n\n/**\n * Get the path to the rulesets directory.\n */\nexport function getRulesetsDir(repoPath: string): string {\n  return path.join(repoPath, \"rulesets\");\n}\n","/**\n * Parser for guideline markdown files with YAML frontmatter\n */\nimport * as fs from \"node:fs\";\nimport * as path from \"node:path\";\n\nimport matter from \"gray-matter\";\nimport { z } from \"zod\";\n\nimport { type Guideline, type GuidelineListItem, type Ruleset } from \"./types.js\";\nimport { StandardsError } from \"./fetcher.js\";\n\n/** Zod schema for validating guideline frontmatter */\nexport const frontmatterSchema = z.object({\n  id: z.string(),\n  title: z.string(),\n  category: z.string(),\n  priority: z.number(),\n  tags: z.array(z.string()),\n});\n\n/**\n * Parse a guideline markdown file content into a Guideline object.\n */\nexport function parseGuideline(fileContent: string, filename: string): Guideline {\n  const { data, content } = matter(fileContent);\n\n  const result = frontmatterSchema.safeParse(data);\n  if (!result.success) {\n    const errors = result.error.errors.map((e) => `${e.path.join(\".\")}: ${e.message}`).join(\", \");\n    throw new StandardsError(`Invalid frontmatter in ${filename}: ${errors}`);\n  }\n\n  return {\n    ...result.data,\n    content: content.trim(),\n  };\n}\n\n/**\n * Load all guidelines from a directory.\n */\nexport function loadAllGuidelines(guidelinesDir: string): Guideline[] {\n  if (!fs.existsSync(guidelinesDir)) {\n    throw new StandardsError(`Guidelines directory not found: ${guidelinesDir}`);\n  }\n\n  const files = fs.readdirSync(guidelinesDir).filter((f) => f.endsWith(\".md\"));\n  const guidelines: Guideline[] = [];\n\n  for (const file of files) {\n    const filePath = path.join(guidelinesDir, file);\n    const content = fs.readFileSync(filePath, \"utf-8\");\n\n    try {\n      guidelines.push(parseGuideline(content, file));\n    } catch (error) {\n      // Skip files that fail to parse, log warning\n      console.warn(`Warning: Failed to parse guideline ${file}: ${error}`);\n    }\n  }\n\n  return guidelines;\n}\n\n/**\n * Load a single guideline by ID.\n */\nexport function loadGuideline(guidelinesDir: string, id: string): Guideline | null {\n  const filePath = path.join(guidelinesDir, `${id}.md`);\n\n  if (!fs.existsSync(filePath)) {\n    return null;\n  }\n\n  const content = fs.readFileSync(filePath, \"utf-8\");\n  return parseGuideline(content, `${id}.md`);\n}\n\n/**\n * Convert guidelines to list items (summary format).\n */\nexport function toListItems(guidelines: Guideline[]): GuidelineListItem[] {\n  return guidelines.map((g) => ({\n    id: g.id,\n    title: g.title,\n    tags: g.tags,\n    category: g.category,\n  }));\n}\n\n/**\n * Load a ruleset file by ID.\n */\nexport function loadRuleset(rulesetsDir: string, id: string): Ruleset | null {\n  const filePath = path.join(rulesetsDir, `${id}.toml`);\n\n  if (!fs.existsSync(filePath)) {\n    return null;\n  }\n\n  const content = fs.readFileSync(filePath, \"utf-8\");\n  return { id, content };\n}\n\n/**\n * List all available ruleset IDs.\n */\nexport function listRulesets(rulesetsDir: string): string[] {\n  if (!fs.existsSync(rulesetsDir)) {\n    return [];\n  }\n\n  return fs\n    .readdirSync(rulesetsDir)\n    .filter((f) => f.endsWith(\".toml\"))\n    .map((f) => f.replace(\".toml\", \"\"));\n}\n","/**\n * Smart keyword matching logic for guidelines\n */\nimport { type Guideline, type MatchedGuideline } from \"./types.js\";\n\n/**\n * Parse a context string into keywords.\n * Extracts words, lowercases them, and removes duplicates.\n */\nexport function parseContext(context: string): string[] {\n  const words = context\n    .toLowerCase()\n    .split(/[\\s,.\\-_/]+/)\n    .filter((word) => word.length > 1);\n\n  return [...new Set(words)];\n}\n\n/**\n * Score a guideline based on how many keywords match its tags.\n */\nexport function scoreGuideline(guideline: Guideline, keywords: string[]): number {\n  const tags = new Set(guideline.tags.map((t) => t.toLowerCase()));\n  let score = 0;\n\n  for (const keyword of keywords) {\n    if (tags.has(keyword)) {\n      score++;\n    }\n  }\n\n  // Also check if keyword appears in category or id\n  const category = guideline.category.toLowerCase();\n  const id = guideline.id.toLowerCase();\n\n  for (const keyword of keywords) {\n    if (category.includes(keyword) || id.includes(keyword)) {\n      score += 0.5; // Partial match bonus\n    }\n  }\n\n  return score;\n}\n\n/**\n * Match guidelines against a context string.\n * Returns guidelines sorted by score (descending) then priority (ascending).\n */\nexport function matchGuidelines(\n  guidelines: Guideline[],\n  context: string,\n  limit?: number\n): MatchedGuideline[] {\n  const keywords = parseContext(context);\n\n  if (keywords.length === 0) {\n    return [];\n  }\n\n  const scored = guidelines\n    .map((guideline) => ({\n      guideline,\n      score: scoreGuideline(guideline, keywords),\n    }))\n    .filter((m) => m.score > 0);\n\n  // Sort by score descending, then by priority ascending\n  scored.sort((a, b) => {\n    if (b.score !== a.score) {\n      return b.score - a.score;\n    }\n    return a.guideline.priority - b.guideline.priority;\n  });\n\n  return limit ? scored.slice(0, limit) : scored;\n}\n\n/**\n * Compose matched guidelines into a single markdown document.\n */\nexport function composeGuidelines(matches: MatchedGuideline[]): string {\n  if (matches.length === 0) {\n    return \"No matching guidelines found for the given context.\";\n  }\n\n  const sections = matches.map((m) => {\n    const { guideline } = m;\n    return `# ${guideline.title}\\n\\n**Category:** ${guideline.category} | **Priority:** ${guideline.priority}\\n**Tags:** ${guideline.tags.join(\", \")}\\n\\n${guideline.content}`;\n  });\n\n  return sections.join(\"\\n\\n---\\n\\n\");\n}\n"],"mappings":";;;;;;;AAGA,YAAY,QAAQ;AACpB,YAAY,QAAQ;AACpB,YAAY,UAAU;AAEtB,SAAS,aAAa;AAItB,IAAM,YAAiB,UAAQ,UAAO,GAAG,MAAM,iBAAiB;AAoBhE,SAAS,kBAAkB,QAA8B;AACvD,QAAM,YAAY,OAAO,MAAM,CAAC;AAChC,QAAM,UAAU,UAAU,QAAQ,GAAG;AACrC,QAAM,YAAY,YAAY,KAAK,UAAU,MAAM,GAAG,OAAO,IAAI;AACjE,QAAM,MAAM,YAAY,KAAK,UAAU,MAAM,UAAU,CAAC,IAAI;AAC5D,QAAM,aAAa,UAAU,QAAQ,GAAG;AAExC,MAAI,eAAe,IAAI;AACrB,UAAM,IAAI,eAAe,iCAAiC,MAAM,8BAA8B;AAAA,EAChG;AAEA,QAAM,QAAQ,UAAU,MAAM,GAAG,UAAU;AAC3C,QAAM,OAAO,UAAU,MAAM,aAAa,CAAC;AAE3C,MAAI,CAAC,SAAS,CAAC,MAAM;AACnB,UAAM,IAAI,eAAe,iCAAiC,MAAM,8BAA8B;AAAA,EAChG;AAEA,SAAO,EAAE,MAAM,UAAU,OAAO,MAAM,IAAI;AAC5C;AASA,SAAS,YAAY,QAA8B;AACjD,MAAI,OAAO,WAAW,SAAS,GAAG;AAChC,WAAO,kBAAkB,MAAM;AAAA,EACjC;AACA,SAAO,EAAE,MAAM,SAAS,MAAM,OAAO;AACvC;AAGO,IAAM,iBAAN,cAA6B,MAAM;AAAA,EACxC,YAAY,SAAiB;AAC3B,UAAM,OAAO;AACb,SAAK,OAAO;AAAA,EACd;AACF;AASA,SAAS,mBAA+B;AACtC,MAAI,QAAQ,IAAI,qBAAqB,QAAQ,IAAI,cAAc;AAC7D,WAAO;AAAA,EACT;AACA,MAAI,QAAQ,IAAI,eAAe;AAC7B,WAAO;AAAA,EACT;AACA,SAAO;AACT;AAKA,SAAS,eAAmC;AAC1C,SAAO,QAAQ,IAAI,qBAAqB,QAAQ,IAAI;AACtD;AAKA,SAAS,eAAe,MAAkB,OAAe,MAAsB;AAC7E,UAAQ,MAAM;AAAA,IACZ,KAAK;AACH,aAAO,kBAAkB,KAAK,IAAI,IAAI;AAAA,IACxC,KAAK,SAAS;AACZ,YAAM,QAAQ,aAAa;AAC3B,UAAI,OAAO;AACT,eAAO,0BAA0B,KAAK,eAAe,KAAK,IAAI,IAAI;AAAA,MACpE;AACA,aAAO,sBAAsB,KAAK,IAAI,IAAI;AAAA,IAC5C;AAAA,IACA,KAAK;AAAA,IACL;AACE,aAAO,sBAAsB,KAAK,IAAI,IAAI;AAAA,EAC9C;AACF;AAKA,eAAe,mBAAmB,SAAmC;AACnE,MAAI;AACF,UAAM,MAAM,OAAO,CAAC,QAAQ,WAAW,GAAG,EAAE,KAAK,SAAS,SAAS,SAAS,IAAI,CAAC;AACjF,WAAO;AAAA,EACT,QAAQ;AAEN,IAAG,UAAO,SAAS,EAAE,WAAW,MAAM,OAAO,KAAK,CAAC;AACnD,WAAO;AAAA,EACT;AACF;AAKA,eAAe,UAAU,SAAiB,OAAe,MAAc,KAA6B;AAClG,EAAG,aAAU,WAAW,EAAE,WAAW,KAAK,CAAC;AAE3C,QAAM,OAAO,iBAAiB;AAC9B,QAAM,MAAM,eAAe,MAAM,OAAO,IAAI;AAE5C,MAAI;AACF,UAAM,OAAO,CAAC,SAAS,WAAW,GAAG;AACrC,QAAI,KAAK;AACP,WAAK,KAAK,YAAY,GAAG;AAAA,IAC3B;AACA,SAAK,KAAK,KAAK,OAAO;AAEtB,UAAM,MAAM,OAAO,MAAM;AAAA,MACvB,SAAS,SAAS;AAAA,IACpB,CAAC;AAAA,EACH,SAAS,OAAO;AACd,UAAM,UAAU,iBAAiB,QAAQ,MAAM,UAAU,OAAO,KAAK;AACrE,QAAI,QAAQ,SAAS,WAAW,GAAG;AACjC,YAAM,IAAI,eAAe,wCAAwC,SAAS,MAAM,GAAI,UAAU;AAAA,IAChG;AACA,UAAM,IAAI,eAAe,mCAAmC,OAAO,EAAE;AAAA,EACvE;AACF;AAMA,eAAe,gBAAgB,OAAe,MAAc,KAA+B;AACzF,QAAM,WAAW,MAAM,GAAG,KAAK,IAAI,IAAI,IAAI,GAAG,KAAK,GAAG,KAAK,IAAI,IAAI;AACnE,QAAM,UAAe,UAAK,WAAW,QAAQ;AAG7C,MAAO,cAAW,OAAO,GAAG;AAC1B,UAAM,mBAAmB,OAAO;AAAA,EAClC;AAGA,MAAI,CAAI,cAAW,OAAO,GAAG;AAC3B,UAAM,UAAU,SAAS,OAAO,MAAM,GAAG;AAAA,EAC3C;AAEA,SAAO;AACT;AAKA,SAAS,iBAAiB,WAAmB,UAA2B;AACtE,MAAS,gBAAW,SAAS,GAAG;AAC9B,WAAO;AAAA,EACT;AACA,QAAM,OAAO,YAAY,QAAQ,IAAI;AACrC,SAAY,aAAQ,MAAM,SAAS;AACrC;AAaA,eAAsB,6BACpB,QACA,UACiB;AACjB,QAAM,SAAS,YAAY,MAAM;AAEjC,MAAI,OAAO,SAAS,SAAS;AAC3B,UAAM,eAAe,iBAAiB,OAAO,MAAM,QAAQ;AAC3D,QAAI,CAAI,cAAW,YAAY,GAAG;AAChC,YAAM,IAAI,eAAe,wCAAwC,YAAY,EAAE;AAAA,IACjF;AACA,WAAO;AAAA,EACT;AAEA,SAAO,gBAAgB,OAAO,OAAO,OAAO,MAAM,OAAO,GAAG;AAC9D;AAMA,eAAsB,qBAAsC;AAC1D,SAAO,gBAAgB,eAAe,OAAO,eAAe,IAAI;AAClE;AAKO,SAAS,iBAAiB,UAA0B;AACzD,SAAY,UAAK,UAAU,YAAY;AACzC;AAKO,SAAS,eAAe,UAA0B;AACvD,SAAY,UAAK,UAAU,UAAU;AACvC;;;AC7OA,YAAYA,SAAQ;AACpB,YAAYC,WAAU;AAEtB,OAAO,YAAY;AACnB,SAAS,SAAS;AAMX,IAAM,oBAAoB,EAAE,OAAO;AAAA,EACxC,IAAI,EAAE,OAAO;AAAA,EACb,OAAO,EAAE,OAAO;AAAA,EAChB,UAAU,EAAE,OAAO;AAAA,EACnB,UAAU,EAAE,OAAO;AAAA,EACnB,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC;AAC1B,CAAC;AAKM,SAAS,eAAe,aAAqB,UAA6B;AAC/E,QAAM,EAAE,MAAM,QAAQ,IAAI,OAAO,WAAW;AAE5C,QAAM,SAAS,kBAAkB,UAAU,IAAI;AAC/C,MAAI,CAAC,OAAO,SAAS;AACnB,UAAM,SAAS,OAAO,MAAM,OAAO,IAAI,CAAC,MAAM,GAAG,EAAE,KAAK,KAAK,GAAG,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE,KAAK,IAAI;AAC5F,UAAM,IAAI,eAAe,0BAA0B,QAAQ,KAAK,MAAM,EAAE;AAAA,EAC1E;AAEA,SAAO;AAAA,IACL,GAAG,OAAO;AAAA,IACV,SAAS,QAAQ,KAAK;AAAA,EACxB;AACF;AAKO,SAAS,kBAAkB,eAAoC;AACpE,MAAI,CAAI,eAAW,aAAa,GAAG;AACjC,UAAM,IAAI,eAAe,mCAAmC,aAAa,EAAE;AAAA,EAC7E;AAEA,QAAM,QAAW,gBAAY,aAAa,EAAE,OAAO,CAAC,MAAM,EAAE,SAAS,KAAK,CAAC;AAC3E,QAAM,aAA0B,CAAC;AAEjC,aAAW,QAAQ,OAAO;AACxB,UAAM,WAAgB,WAAK,eAAe,IAAI;AAC9C,UAAM,UAAa,iBAAa,UAAU,OAAO;AAEjD,QAAI;AACF,iBAAW,KAAK,eAAe,SAAS,IAAI,CAAC;AAAA,IAC/C,SAAS,OAAO;AAEd,cAAQ,KAAK,sCAAsC,IAAI,KAAK,KAAK,EAAE;AAAA,IACrE;AAAA,EACF;AAEA,SAAO;AACT;AAKO,SAAS,cAAc,eAAuB,IAA8B;AACjF,QAAM,WAAgB,WAAK,eAAe,GAAG,EAAE,KAAK;AAEpD,MAAI,CAAI,eAAW,QAAQ,GAAG;AAC5B,WAAO;AAAA,EACT;AAEA,QAAM,UAAa,iBAAa,UAAU,OAAO;AACjD,SAAO,eAAe,SAAS,GAAG,EAAE,KAAK;AAC3C;AAKO,SAAS,YAAY,YAA8C;AACxE,SAAO,WAAW,IAAI,CAAC,OAAO;AAAA,IAC5B,IAAI,EAAE;AAAA,IACN,OAAO,EAAE;AAAA,IACT,MAAM,EAAE;AAAA,IACR,UAAU,EAAE;AAAA,EACd,EAAE;AACJ;AAKO,SAAS,YAAY,aAAqB,IAA4B;AAC3E,QAAM,WAAgB,WAAK,aAAa,GAAG,EAAE,OAAO;AAEpD,MAAI,CAAI,eAAW,QAAQ,GAAG;AAC5B,WAAO;AAAA,EACT;AAEA,QAAM,UAAa,iBAAa,UAAU,OAAO;AACjD,SAAO,EAAE,IAAI,QAAQ;AACvB;AAKO,SAAS,aAAa,aAA+B;AAC1D,MAAI,CAAI,eAAW,WAAW,GAAG;AAC/B,WAAO,CAAC;AAAA,EACV;AAEA,SACG,gBAAY,WAAW,EACvB,OAAO,CAAC,MAAM,EAAE,SAAS,OAAO,CAAC,EACjC,IAAI,CAAC,MAAM,EAAE,QAAQ,SAAS,EAAE,CAAC;AACtC;;;AC5GO,SAAS,aAAa,SAA2B;AACtD,QAAM,QAAQ,QACX,YAAY,EACZ,MAAM,aAAa,EACnB,OAAO,CAAC,SAAS,KAAK,SAAS,CAAC;AAEnC,SAAO,CAAC,GAAG,IAAI,IAAI,KAAK,CAAC;AAC3B;AAKO,SAAS,eAAe,WAAsB,UAA4B;AAC/E,QAAM,OAAO,IAAI,IAAI,UAAU,KAAK,IAAI,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;AAC/D,MAAI,QAAQ;AAEZ,aAAW,WAAW,UAAU;AAC9B,QAAI,KAAK,IAAI,OAAO,GAAG;AACrB;AAAA,IACF;AAAA,EACF;AAGA,QAAM,WAAW,UAAU,SAAS,YAAY;AAChD,QAAM,KAAK,UAAU,GAAG,YAAY;AAEpC,aAAW,WAAW,UAAU;AAC9B,QAAI,SAAS,SAAS,OAAO,KAAK,GAAG,SAAS,OAAO,GAAG;AACtD,eAAS;AAAA,IACX;AAAA,EACF;AAEA,SAAO;AACT;AAMO,SAAS,gBACd,YACA,SACA,OACoB;AACpB,QAAM,WAAW,aAAa,OAAO;AAErC,MAAI,SAAS,WAAW,GAAG;AACzB,WAAO,CAAC;AAAA,EACV;AAEA,QAAM,SAAS,WACZ,IAAI,CAAC,eAAe;AAAA,IACnB;AAAA,IACA,OAAO,eAAe,WAAW,QAAQ;AAAA,EAC3C,EAAE,EACD,OAAO,CAAC,MAAM,EAAE,QAAQ,CAAC;AAG5B,SAAO,KAAK,CAAC,GAAG,MAAM;AACpB,QAAI,EAAE,UAAU,EAAE,OAAO;AACvB,aAAO,EAAE,QAAQ,EAAE;AAAA,IACrB;AACA,WAAO,EAAE,UAAU,WAAW,EAAE,UAAU;AAAA,EAC5C,CAAC;AAED,SAAO,QAAQ,OAAO,MAAM,GAAG,KAAK,IAAI;AAC1C;AAKO,SAAS,kBAAkB,SAAqC;AACrE,MAAI,QAAQ,WAAW,GAAG;AACxB,WAAO;AAAA,EACT;AAEA,QAAM,WAAW,QAAQ,IAAI,CAAC,MAAM;AAClC,UAAM,EAAE,UAAU,IAAI;AACtB,WAAO,KAAK,UAAU,KAAK;AAAA;AAAA,gBAAqB,UAAU,QAAQ,oBAAoB,UAAU,QAAQ;AAAA,YAAe,UAAU,KAAK,KAAK,IAAI,CAAC;AAAA;AAAA,EAAO,UAAU,OAAO;AAAA,EAC1K,CAAC;AAED,SAAO,SAAS,KAAK,aAAa;AACpC;","names":["fs","path"]}

package/dist/chunk-O745CMWG.js

@@ -0,0 +1,29 @@
+// src/infra/checkers/client-factory.ts
+function createClientFactory(ClientClass) {
+  const cache = /* @__PURE__ */ new Map();
+  return (region) => {
+    let client = cache.get(region);
+    if (!client) {
+      client = new ClientClass({ region });
+      cache.set(region, client);
+    }
+    return client;
+  };
+}
+function createClientFactoryWithConfig(createClient) {
+  const cache = /* @__PURE__ */ new Map();
+  return (region) => {
+    let client = cache.get(region);
+    if (!client) {
+      client = createClient(region);
+      cache.set(region, client);
+    }
+    return client;
+  };
+}
+
+export {
+  createClientFactory,
+  createClientFactoryWithConfig
+};
+//# sourceMappingURL=chunk-O745CMWG.js.map

package/dist/chunk-O745CMWG.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/infra/checkers/client-factory.ts"],"sourcesContent":["/**\n * Shared AWS client factory with caching.\n * Eliminates duplicated client caching pattern across all AWS checker files.\n */\n\n/**\n * Generic client constructor type\n */\ntype ClientConstructor<T> = new (config: { region: string }) => T;\n\n/**\n * Creates a cached client factory for any AWS SDK client.\n * Clients are cached per region to avoid creating multiple instances.\n *\n * @param ClientClass - The AWS SDK client class constructor\n * @returns A function that returns a cached client for the given region\n *\n * @example\n * ```ts\n * import { S3Client } from \"@aws-sdk/client-s3\";\n *\n * const getS3Client = createClientFactory(S3Client);\n * const client = getS3Client(\"us-east-1\");\n * ```\n */\nexport function createClientFactory<T>(\n  ClientClass: ClientConstructor<T>\n): (region: string) => T {\n  const cache = new Map<string, T>();\n\n  return (region: string): T => {\n    let client = cache.get(region);\n    if (!client) {\n      client = new ClientClass({ region });\n      cache.set(region, client);\n    }\n    return client;\n  };\n}\n\n/**\n * Creates a cached client factory for AWS SDK clients that need custom config.\n * Useful for clients that need additional options beyond just region.\n *\n * @param createClient - Factory function that creates the client with config\n * @returns A function that returns a cached client for the given region\n *\n * @example\n * ```ts\n * import { S3Client } from \"@aws-sdk/client-s3\";\n *\n * const getS3Client = createClientFactoryWithConfig(\n *   (region) => new S3Client({ region, followRegionRedirects: true })\n * );\n * const client = getS3Client(\"us-east-1\");\n * ```\n */\nexport function createClientFactoryWithConfig<T>(\n  createClient: (region: string) => T\n): (region: string) => T {\n  const cache = new Map<string, T>();\n\n  return (region: string): T => {\n    let client = cache.get(region);\n    if (!client) {\n      client = createClient(region);\n      cache.set(region, client);\n    }\n    return client;\n  };\n}\n"],"mappings":";AAyBO,SAAS,oBACd,aACuB;AACvB,QAAM,QAAQ,oBAAI,IAAe;AAEjC,SAAO,CAAC,WAAsB;AAC5B,QAAI,SAAS,MAAM,IAAI,MAAM;AAC7B,QAAI,CAAC,QAAQ;AACX,eAAS,IAAI,YAAY,EAAE,OAAO,CAAC;AACnC,YAAM,IAAI,QAAQ,MAAM;AAAA,IAC1B;AACA,WAAO;AAAA,EACT;AACF;AAmBO,SAAS,8BACd,cACuB;AACvB,QAAM,QAAQ,oBAAI,IAAe;AAEjC,SAAO,CAAC,WAAsB;AAC5B,QAAI,SAAS,MAAM,IAAI,MAAM;AAC7B,QAAI,CAAC,QAAQ;AACX,eAAS,aAAa,MAAM;AAC5B,YAAM,IAAI,QAAQ,MAAM;AAAA,IAC1B;AACA,WAAO;AAAA,EACT;AACF;","names":[]}

package/dist/chunk-RHM53NLG.js

@@ -0,0 +1,49 @@
+// src/constants.ts
+var TIMEOUTS = {
+  /** Git clone/pull operation timeout (30 seconds) */
+  git: 3e4,
+  /** Standard code tool execution timeout (5 minutes) */
+  codeTool: 5 * 60 * 1e3,
+  /** Extended timeout for longer operations like coverage runs (10 minutes) */
+  codeToolExtended: 10 * 60 * 1e3,
+  /** Quick operation timeout for version checks, etc (30 seconds) */
+  quick: 3e4,
+  /** Gitleaks version check timeout (10 seconds) */
+  versionCheck: 1e4
+};
+var AWS_DEFAULTS = {
+  /** Default region for global AWS services (IAM, S3 global operations) */
+  globalRegion: "us-east-1"
+};
+var GITHUB_API = {
+  /** Base URL for GitHub API (can be overridden via GITHUB_API_URL env var for GitHub Enterprise) */
+  baseUrl: process.env.GITHUB_API_URL ?? "https://api.github.com",
+  /** Number of items per page for pagination */
+  perPage: 100
+};
+var STANDARDS_REPO = {
+  /** Default owner for standards repository (can be overridden via STANDARDS_REPO_OWNER env var) */
+  owner: process.env.STANDARDS_REPO_OWNER ?? "palindrom-ai",
+  /** Default repository name (can be overridden via STANDARDS_REPO_NAME env var) */
+  repo: process.env.STANDARDS_REPO_NAME ?? "standards"
+};
+var CACHE = {
+  /** Base directory name for standards cache (can be overridden via CM_STANDARDS_CACHE_DIR env var) */
+  standardsCacheDir: process.env.CM_STANDARDS_CACHE_DIR ?? "cm-standards-cache",
+  /** Base directory name for registry cache */
+  registryCacheDir: "conform-registry-cache"
+};
+var CONCURRENCY = {
+  /** Default concurrency for infrastructure resource checks */
+  infraScan: 10
+};
+
+export {
+  TIMEOUTS,
+  AWS_DEFAULTS,
+  GITHUB_API,
+  STANDARDS_REPO,
+  CACHE,
+  CONCURRENCY
+};
+//# sourceMappingURL=chunk-RHM53NLG.js.map

package/dist/chunk-RHM53NLG.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../src/constants.ts"],"sourcesContent":["/**\n * Centralized constants for the conform package.\n * Consolidates all hardcoded values for easier maintenance and configuration.\n */\n\n/**\n * Timeout values in milliseconds\n */\nexport const TIMEOUTS = {\n  /** Git clone/pull operation timeout (30 seconds) */\n  git: 30_000,\n  /** Standard code tool execution timeout (5 minutes) */\n  codeTool: 5 * 60 * 1000,\n  /** Extended timeout for longer operations like coverage runs (10 minutes) */\n  codeToolExtended: 10 * 60 * 1000,\n  /** Quick operation timeout for version checks, etc (30 seconds) */\n  quick: 30_000,\n  /** Gitleaks version check timeout (10 seconds) */\n  versionCheck: 10_000,\n} as const;\n\n/**\n * AWS configuration defaults\n */\nexport const AWS_DEFAULTS = {\n  /** Default region for global AWS services (IAM, S3 global operations) */\n  globalRegion: \"us-east-1\",\n} as const;\n\n/**\n * GitHub API configuration\n */\nexport const GITHUB_API = {\n  /** Base URL for GitHub API (can be overridden via GITHUB_API_URL env var for GitHub Enterprise) */\n  baseUrl: process.env.GITHUB_API_URL ?? \"https://api.github.com\",\n  /** Number of items per page for pagination */\n  perPage: 100,\n} as const;\n\n/**\n * Standards repository defaults\n */\nexport const STANDARDS_REPO = {\n  /** Default owner for standards repository (can be overridden via STANDARDS_REPO_OWNER env var) */\n  owner: process.env.STANDARDS_REPO_OWNER ?? \"palindrom-ai\",\n  /** Default repository name (can be overridden via STANDARDS_REPO_NAME env var) */\n  repo: process.env.STANDARDS_REPO_NAME ?? \"standards\",\n} as const;\n\n/**\n * Cache directory configuration\n */\nexport const CACHE = {\n  /** Base directory name for standards cache (can be overridden via CM_STANDARDS_CACHE_DIR env var) */\n  standardsCacheDir: process.env.CM_STANDARDS_CACHE_DIR ?? \"cm-standards-cache\",\n  /** Base directory name for registry cache */\n  registryCacheDir: \"conform-registry-cache\",\n} as const;\n\n/**\n * Concurrency limits\n */\nexport const CONCURRENCY = {\n  /** Default concurrency for infrastructure resource checks */\n  infraScan: 10,\n} as const;\n\n/**\n * Default threshold values\n */\nexport const DEFAULTS = {\n  /** Default backup max age in hours */\n  backupMaxAgeHours: 24,\n  /** Default code coverage minimum threshold */\n  coverageMinThreshold: 80,\n} as const;\n"],"mappings":";AAQO,IAAM,WAAW;AAAA;AAAA,EAEtB,KAAK;AAAA;AAAA,EAEL,UAAU,IAAI,KAAK;AAAA;AAAA,EAEnB,kBAAkB,KAAK,KAAK;AAAA;AAAA,EAE5B,OAAO;AAAA;AAAA,EAEP,cAAc;AAChB;AAKO,IAAM,eAAe;AAAA;AAAA,EAE1B,cAAc;AAChB;AAKO,IAAM,aAAa;AAAA;AAAA,EAExB,SAAS,QAAQ,IAAI,kBAAkB;AAAA;AAAA,EAEvC,SAAS;AACX;AAKO,IAAM,iBAAiB;AAAA;AAAA,EAE5B,OAAO,QAAQ,IAAI,wBAAwB;AAAA;AAAA,EAE3C,MAAM,QAAQ,IAAI,uBAAuB;AAC3C;AAKO,IAAM,QAAQ;AAAA;AAAA,EAEnB,mBAAmB,QAAQ,IAAI,0BAA0B;AAAA;AAAA,EAEzD,kBAAkB;AACpB;AAKO,IAAM,cAAc;AAAA;AAAA,EAEzB,WAAW;AACb;","names":[]}

package/dist/{chunk-KHO6NIAI.js → chunk-YGDEM6K5.js}

@@ -1,16 +1,21 @@
-// ../core/src/registry.ts
+import {
+  CACHE,
+  TIMEOUTS
+} from "./chunk-RHM53NLG.js";
+
+// src/core/registry.ts
 import * as fs2 from "fs";
 import * as os from "os";
 import * as path2 from "path";
 import * as toml from "@iarna/toml";
 import { execa } from "execa";
 
-// ../core/src/loader.ts
+// src/core/loader.ts
 import * as fs from "fs";
 import * as path from "path";
 import TOML from "@iarna/toml";
 
-// ../core/src/schema.ts
+// src/core/schema.ts
 import { minimatch } from "minimatch";
 import { z } from "zod";
 function countUnclosedDelimiters(pattern) {
@@ -504,6 +509,14 @@ var processSchema = z.object({
   docs: docsConfigSchema,
   forbidden_files: forbiddenFilesConfigSchema
 }).strict().optional();
+var tierSchema = z.enum(["production", "internal", "prototype"]);
+var statusSchema = z.enum(["active", "pre-release", "deprecated"]);
+var metadataSchema = z.object({
+  tier: tierSchema,
+  project: z.string().optional(),
+  organisation: z.string().optional(),
+  status: statusSchema.optional().default("active")
+}).strict().optional();
 var extendsSchema = z.object({
   registry: z.string(),
   // e.g., "github:myorg/standards" or local path
@@ -515,6 +528,7 @@ var monorepoSchema = z.object({
   // Glob patterns to exclude from project detection
 }).strict().optional();
 var configSchema = z.object({
+  metadata: metadataSchema,
   extends: extendsSchema,
   code: codeSchema,
   process: processSchema,
@@ -621,7 +635,7 @@ var defaultConfig = {
   }
 };
 
-// ../core/src/loader.ts
+// src/core/loader.ts
 var CONFIG_FILE_NAME = "standards.toml";
 var ConfigError = class extends Error {
   constructor(message) {
@@ -910,7 +924,7 @@ function detectCodeownersOverrides(registryConfig, projectConfig) {
   return projectRules.map((rule) => checkRuleOverride(rule, registryMap.get(rule.pattern))).filter((o) => o !== null);
 }
 async function loadRegistryConfig(extendsConfig, configDir) {
-  const registryModule = await import("./registry-V65CC7IN.js");
+  const registryModule = await import("./registry-JRCQAIHR.js");
   const loc = registryModule.parseRegistryUrl(extendsConfig.registry, configDir);
   const registryDir = await registryModule.fetchRegistry(loc);
   let config = {};
@@ -934,7 +948,7 @@ async function loadConfigWithOverrides(configPath) {
   return { config, configPath: finalPath, overrides };
 }
 
-// ../core/src/registry.ts
+// src/core/registry.ts
 function detectAuthMethod() {
   if (process.env.CONFORM_REGISTRY_TOKEN || process.env.GITHUB_TOKEN) {
     return "token";
@@ -1024,11 +1038,11 @@ async function cloneRepo(location, repoDir) {
   }
   cloneArgs.push(location.path, repoDir);
   try {
-    await execa("git", cloneArgs, { timeout: 30 * 1e3 });
+    await execa("git", cloneArgs, { timeout: TIMEOUTS.git });
   } catch (error) {
     const message = error instanceof Error ? error.message : String(error);
     if (message.includes("timed out")) {
-      throw new ConfigError(`Registry clone timed out after 30 seconds: ${location.path}`);
+      throw new ConfigError(`Registry clone timed out after ${TIMEOUTS.git / 1e3} seconds: ${location.path}`);
     }
     throw new ConfigError(`Failed to clone registry: ${message}`);
   }
@@ -1040,7 +1054,7 @@ async function fetchRegistry(location) {
     }
     return location.path;
   }
-  const cacheDir = path2.join(os.tmpdir(), "conform-registry-cache");
+  const cacheDir = path2.join(os.tmpdir(), CACHE.registryCacheDir);
   const repoDir = path2.join(cacheDir, `${location.owner}-${location.repo}`);
   if (fs2.existsSync(repoDir)) {
     await updateExistingRepo(repoDir, location.ref);
@@ -1364,4 +1378,4 @@ export {
   getProjectRoot,
   loadConfigWithOverrides
 };
-//# sourceMappingURL=chunk-KHO6NIAI.js.map
+//# sourceMappingURL=chunk-YGDEM6K5.js.map