@zigrivers/mmr 1.3.0 → 1.4.0

package/dist/core/stable-id.js

@@ -0,0 +1,148 @@
+import { createHash } from 'node:crypto';
+/**
+ * Strip end-of-string line/column spans from a location string.
+ * Patterns matched (all anchored to end-of-string):
+ *   - `:N` - trailing single line number
+ *   - `:N-M` - trailing line range
+ *   - `:N:M` - trailing line:column
+ *   - `(line N)` (with optional leading whitespace) - prose-style line ref
+ */
+const LOCATION_SPAN_RE = /(?::\d+(?::\d+)?(?:-\d+)?|\s*\(line \d+\))$/;
+export function normalizeLocationForKey(location) {
+    return location.toLowerCase().trim().replace(LOCATION_SPAN_RE, '');
+}
+const LINE_MENTION_RE = /\b(?:at\s+)?line \d+\b/gi;
+const VALUE_AFTER_AT_UNITS = [
+    'seconds?',
+    'minutes?',
+    'hours?',
+    'items?',
+    'bytes?',
+    'kb',
+    'mb',
+    'gb',
+    'pixels?',
+    'elements?',
+    'chars?',
+    'characters?',
+    'ms',
+    's',
+].join('|');
+const AT_INTEGER_MENTION_RE = /\bat \d+(?!\.\d)(?!\d)\b\.?/gi;
+const AT_INTEGER_VALUE_AFTER_RE = new RegExp(String.raw `^\s*(?:%|\b(?:${VALUE_AFTER_AT_UNITS})\b)`, 'i');
+const AT_LOCATION_CONTEXT_BEFORE_RE = /\b(?:found|reported|detected|raised|located|declared|defined)\s+$/;
+const SEVERITY_PREFIX_RE = /^\s*(?:p[0-3]|critical|high|medium|low|info)\s*:\s*/i;
+const CODE_SPAN_RE = /`([^`]*)`/g;
+function normalizeNonCodeSegment(s) {
+    return s
+        .toLowerCase()
+        .replace(LINE_MENTION_RE, '')
+        .replace(AT_INTEGER_MENTION_RE, (match, offset, full) => {
+        const after = full.slice(offset + match.length);
+        if (AT_INTEGER_VALUE_AFTER_RE.test(after))
+            return match;
+        const before = full.slice(0, offset);
+        return AT_LOCATION_CONTEXT_BEFORE_RE.test(before) ? '' : match;
+    })
+        .replace(SEVERITY_PREFIX_RE, '')
+        .replace(/\s+/g, ' ')
+        .trim();
+}
+export function normalizeDescriptionForKey(description) {
+    return normalizeWithCodeSpans(description, normalizeNonCodeSegment);
+}
+function appendNormalizedPart(out, part, spaceBefore) {
+    if (part === '')
+        return;
+    if (out.length > 0 && spaceBefore)
+        out.push(' ');
+    out.push(part);
+}
+export function normalizeSuggestionForKey(suggestion) {
+    // Suggestions are intentionally distinguished by their full short text.
+    // Do not apply description noise stripping here.
+    return normalizeWithCodeSpans(suggestion, normalizeSuggestionSegment);
+}
+function normalizeWithCodeSpans(input, normalizeProse) {
+    if (input === '')
+        return '';
+    const out = [];
+    let cursor = 0;
+    for (const match of input.matchAll(CODE_SPAN_RE)) {
+        const index = match.index ?? 0;
+        const before = input.slice(cursor, index);
+        appendNormalizedPart(out, normalizeProse(before), /^\s/.test(before));
+        appendNormalizedPart(out, '`' + match[1] + '`', /\s$/.test(before));
+        cursor = index + match[0].length;
+    }
+    const tail = input.slice(cursor);
+    appendNormalizedPart(out, normalizeProse(tail), /^\s/.test(tail));
+    return out.join('').trim();
+}
+function normalizeSuggestionSegment(s) {
+    return s
+        .replace(/[A-Za-z][A-Za-z0-9_]*/g, (token) => (isMixedCaseIdentifier(token) ? token : token.toLowerCase()))
+        .replace(/\s+/g, ' ')
+        .trim();
+}
+function isMixedCaseIdentifier(token) {
+    return /[a-z][A-Z]|[A-Z][a-z]+[A-Z]|[A-Z]{2,}[a-z]|^[A-Z0-9_]{3,}$/.test(token);
+}
+function sha1(input) {
+    return createHash('sha1').update(input).digest('hex');
+}
+/**
+ * Compute the stable identity key per §5 decision 2:
+ *   finding_key = sha1(
+ *     normalized_location + "|" + (category ?? "") + "|" +
+ *     sha1(description_normalized) + "|" + sha1(suggestion_normalized)
+ *   )
+ *
+ * Severity is intentionally excluded — the same underlying issue surfacing at
+ * P1 vs P2 across channels should still reconcile to one key.
+ */
+export function computeFindingKey(finding) {
+    const loc = normalizeLocationForKey(finding.location);
+    const cat = (finding.category ?? '').toLowerCase();
+    const descHash = sha1(normalizeDescriptionForKey(finding.description));
+    const sugHash = sha1(normalizeSuggestionForKey(finding.suggestion));
+    return sha1(`${escapeKeyPart(loc)}|${escapeKeyPart(cat)}|${descHash}|${sugHash}`);
+}
+function escapeKeyPart(part) {
+    return part.replace(/\\/g, '\\\\').replace(/\|/g, '\\|');
+}
+export function descriptionShingle(description) {
+    const normalized = normalizeDescriptionForKey(description);
+    if (normalized.length < 5)
+        return [];
+    const shingleText = normalizeModalVerbsInProse(normalized);
+    const grams = new Set();
+    for (let i = 0; i <= shingleText.length - 5; i += 1) {
+        grams.add(shingleText.slice(i, i + 5));
+    }
+    return [...grams];
+}
+export function jaccardSimilarity(a, b) {
+    const left = isShingleSet(a) ? a : new Set(a);
+    const right = isShingleSet(b) ? b : new Set(b);
+    let intersection = 0;
+    for (const item of left) {
+        if (right.has(item))
+            intersection += 1;
+    }
+    const unionSize = left.size + right.size - intersection;
+    return unionSize === 0 ? 1 : intersection / unionSize;
+}
+export function shingleSize(shingle) {
+    return isShingleSet(shingle) ? shingle.size : shingle.length;
+}
+function normalizeModalVerbsInProse(description) {
+    return normalizeWithCodeSpans(description, normalizeModalVerbs);
+}
+function normalizeModalVerbs(description) {
+    return description.replace(/\b(?:must|should)\b/g, 'should');
+}
+function isShingleSet(value) {
+    return 'size' in value && 'has' in value;
+}
+//# sourceMappingURL=stable-id.js.map

package/dist/core/stable-id.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"stable-id.js","sourceRoot":"","sources":["../../src/core/stable-id.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAGxC;;;;;;;GAOG;AACH,MAAM,gBAAgB,GAAG,6CAA6C,CAAA;AAEtE,MAAM,UAAU,uBAAuB,CAAC,QAAgB;IACtD,OAAO,QAAQ,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAA;AACpE,CAAC;AAED,MAAM,eAAe,GAAG,0BAA0B,CAAA;AAClD,MAAM,oBAAoB,GAAG;IAC3B,UAAU;IACV,UAAU;IACV,QAAQ;IACR,QAAQ;IACR,QAAQ;IACR,IAAI;IACJ,IAAI;IACJ,IAAI;IACJ,SAAS;IACT,WAAW;IACX,QAAQ;IACR,aAAa;IACb,IAAI;IACJ,GAAG;CACJ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;AACX,MAAM,qBAAqB,GAAG,+BAA+B,CAAA;AAC7D,MAAM,yBAAyB,GAAG,IAAI,MAAM,CAAC,MAAM,CAAC,GAAG,CAAA,iBAAiB,oBAAoB,MAAM,EAAE,GAAG,CAAC,CAAA;AACxG,MAAM,6BAA6B,GAAG,mEAAmE,CAAA;AACzG,MAAM,kBAAkB,GAAG,sDAAsD,CAAA;AACjF,MAAM,YAAY,GAAG,YAAY,CAAA;AAEjC,SAAS,uBAAuB,CAAC,CAAS;IACxC,OAAO,CAAC;SACL,WAAW,EAAE;SACb,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC;SAC5B,OAAO,CAAC,qBAAqB,EAAE,CAAC,KAAK,EAAE,MAAc,EAAE,IAAY,EAAE,EAAE;QACtE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,CAAA;QAC/C,IAAI,yBAAyB,CAAC,IAAI,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAA;QACvD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,CAAA;QACpC,OAAO,6BAA6B,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,CAAA;IAChE,CAAC,CAAC;SACD,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC;SAC/B,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;SACpB,IAAI,EAAE,CAAA;AACX,CAAC;AAED,MAAM,UAAU,0BAA0B,CAAC,WAAmB;IAC5D,OAAO,sBAAsB,CAAC,WAAW,EAAE,uBAAuB,CAAC,CAAA;AACrE,CAAC;AAED,SAAS,oBAAoB,CAAC,GAAa,EAAE,IAAY,EAAE,WAAoB;IAC7E,IAAI,IAAI,KAAK,EAAE;QAAE,OAAM;IACvB,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,IAAI,WAAW;QAAE,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IAChD,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AAChB,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,UAAkB;IAC1D,wEAAwE;IACxE,iDAAiD;IACjD,OAAO,sBAAsB,CAAC,UAAU,EAAE,0BAA0B,CAAC,CAAA;AACvE,CAAC;AAED,SAAS,sBAAsB,CAAC,KAAa,EAAE,cAA2C;IACxF,IAAI,KAAK,KAAK,EAAE;QAAE,OAAO,EAAE,CAAA;IAC3B,MAAM,GAAG,GAAa,EAAE,CAAA;IACxB,IAAI,MAAM,GAAG,CAAC,CAAA;IAEd,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;QACjD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,IAAI,CAAC,CAAA;QAC9B,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,CAAA;QACzC,oBAAoB,CAAC,GAAG,EAAE,cAAc,CAAC,MAAM,CAAC,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAA;QACrE,oBAAoB,CAAC,GAAG,EAAE,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,GAAG,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAA;QACnE,MAAM,GAAG,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAA;IAClC,CAAC;IAED,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,CAAA;IAChC,oBAAoB,CAAC,GAAG,EAAE,cAAc,CAAC,IAAI,CAAC,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAA;IACjE,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,IAAI,EAAE,CAAA;AAC5B,CAAC;AAED,SAAS,0BAA0B,CAAC,CAAS;IAC3C,OAAO,CAAC;SACL,OAAO,CAAC,wBAAwB,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC;SAC1G,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;SACpB,IAAI,EAAE,CAAA;AACX,CAAC;AAED,SAAS,qBAAqB,CAAC,KAAa;IAC1C,OAAO,4DAA4D,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;AACjF,CAAC;AAED,SAAS,IAAI,CAAC,KAAa;IACzB,OAAO,UAAU,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;AACvD,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAAgB;IAChD,MAAM,GAAG,GAAG,uBAAuB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAA;IACrD,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,WAAW,EAAE,CAAA;IAClD,MAAM,QAAQ,GAAG,IAAI,CAAC,0BAA0B,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAA;IACtE,MAAM,OAAO,GAAG,IAAI,CAAC,yBAAyB,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAA;IACnE,OAAO,IAAI,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,IAAI,aAAa,CAAC,GAAG,CAAC,IAAI,QAAQ,IAAI,OAAO,EAAE,CAAC,CAAA;AACnF,CAAC;AAED,SAAS,aAAa,CAAC,IAAY;IACjC,OAAO,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;AAC1D,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,WAAmB;IACpD,MAAM,UAAU,GAAG,0BAA0B,CAAC,WAAW,CAAC,CAAA;IAC1D,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,EAAE,CAAA;IACpC,MAAM,WAAW,GAAG,0BAA0B,CAAC,UAAU,CAAC,CAAA;IAE1D,MAAM,KAAK,GAAG,IAAI,GAAG,EAAU,CAAA;IAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC;QACpD,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;IACxC,CAAC;IACD,OAAO,CAAC,GAAG,KAAK,CAAC,CAAA;AACnB,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,CAA0C,EAC1C,CAA0C;IAE1C,MAAM,IAAI,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAA;IAC7C,MAAM,KAAK,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAA;IAE9C,IAAI,YAAY,GAAG,CAAC,CAAA;IACpB,KAAK,MAAM,IAAI,IAAI,IAAI,EAAE,CAAC;QACxB,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,YAAY,IAAI,CAAC,CAAA;IACxC,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,GAAG,KAAK,CAAC,IAAI,GAAG,YAAY,CAAA;IACvD,OAAO,SAAS,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,YAAY,GAAG,SAAS,CAAA;AACvD,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,OAAgD;IAC1E,OAAO,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAA;AAC9D,CAAC;AAED,SAAS,0BAA0B,CAAC,WAAmB;IACrD,OAAO,sBAAsB,CAAC,WAAW,EAAE,mBAAmB,CAAC,CAAA;AACjE,CAAC;AAED,SAAS,mBAAmB,CAAC,WAAmB;IAC9C,OAAO,WAAW,CAAC,OAAO,CAAC,sBAAsB,EAAE,QAAQ,CAAC,CAAA;AAC9D,CAAC;AAED,SAAS,YAAY,CAAC,KAA8C;IAClE,OAAO,MAAM,IAAI,KAAK,IAAI,KAAK,IAAI,KAAK,CAAA;AAC1C,CAAC"}

package/dist/core/trust-mode.d.ts

@@ -0,0 +1,29 @@
+export type TrustMode = 'base-ref' | 'untrusted-head' | 'non-git';
+export interface TrustModeArgs {
+    diff?: string;
+    pr?: number;
+    staged?: boolean;
+    base?: string;
+    'config-base-ref'?: string;
+}
+export interface ClassifyOptions {
+    cwd: string;
+    args: TrustModeArgs;
+    /** Hook for tests to stub gh; defaults to live gh CLI. */
+    resolvePrBase?: (pr: number, cwd: string) => string | undefined;
+    /** Whether we're in CI; defaults to env detection. Injectable for tests. */
+    isCI?: boolean;
+}
+/**
+ * Discriminated so a `base-ref` result always carries a `base_ref` and the
+ * other modes never do — consumers get this for free from the union.
+ */
+export type ClassifyResult = {
+    trust_mode: 'base-ref';
+    base_ref: string;
+} | {
+    trust_mode: 'untrusted-head' | 'non-git';
+    base_ref?: undefined;
+};
+export declare function classifyTrustMode(opts: ClassifyOptions): ClassifyResult;
+//# sourceMappingURL=trust-mode.d.ts.map

package/dist/core/trust-mode.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"trust-mode.d.ts","sourceRoot":"","sources":["../../src/core/trust-mode.ts"],"names":[],"mappings":"AAMA,MAAM,MAAM,SAAS,GAAG,UAAU,GAAG,gBAAgB,GAAG,SAAS,CAAA;AAEjE,MAAM,WAAW,aAAa;IAC5B,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,EAAE,CAAC,EAAE,MAAM,CAAA;IACX,MAAM,CAAC,EAAE,OAAO,CAAA;IAChB,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,iBAAiB,CAAC,EAAE,MAAM,CAAA;CAC3B;AAED,MAAM,WAAW,eAAe;IAC9B,GAAG,EAAE,MAAM,CAAA;IACX,IAAI,EAAE,aAAa,CAAA;IACnB,0DAA0D;IAC1D,aAAa,CAAC,EAAE,CAAC,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,KAAK,MAAM,GAAG,SAAS,CAAA;IAC/D,4EAA4E;IAC5E,IAAI,CAAC,EAAE,OAAO,CAAA;CACf;AAED;;;GAGG;AACH,MAAM,MAAM,cAAc,GACtB;IAAE,UAAU,EAAE,UAAU,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,GAC5C;IAAE,UAAU,EAAE,gBAAgB,GAAG,SAAS,CAAC;IAAC,QAAQ,CAAC,EAAE,SAAS,CAAA;CAAE,CAAA;AAiEtE,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,eAAe,GAAG,cAAc,CAmCvE"}

package/dist/core/trust-mode.js

@@ -0,0 +1,103 @@
+import fs from 'node:fs';
+import path from 'node:path';
+import { execFileSync } from 'node:child_process';
+import { findProjectRoot } from './project-root.js';
+import { isSafeRef } from './git-show.js';
+// Ref-name validation is shared with the git-show helper (the trust boundary):
+// an unsafe ref fails closed to untrusted-head here, and readFileAtRef refuses
+// to read it there.
+function asBaseRef(ref) {
+    return isSafeRef(ref) ? { trust_mode: 'base-ref', base_ref: ref } : { trust_mode: 'untrusted-head' };
+}
+/**
+ * Broad CI detection — must err toward "yes" because misdetecting CI as local
+ * re-opens the self-trust hole. Almost every CI sets CI to a truthy value
+ * (GitHub/GitLab/CircleCI/Travis/Buildkite/Vercel/Netlify set CI=true; some use
+ * CI=1); a few that don't are covered by their own markers.
+ */
+function detectCI() {
+    const ci = process.env.CI;
+    if (ci !== undefined && ci !== '' && ci.toLowerCase() !== 'false' && ci !== '0')
+        return true;
+    return Boolean(process.env.GITHUB_ACTIONS ||
+        process.env.GITLAB_CI ||
+        process.env.BUILDKITE ||
+        process.env.TF_BUILD || // Azure Pipelines
+        process.env.JENKINS_URL ||
+        process.env.TEAMCITY_VERSION);
+}
+function isGitRepo(cwd) {
+    // Authoritative check first: handles worktrees, submodules, monorepo
+    // subdirs, and bare-repo edge cases correctly.
+    try {
+        const out = execFileSync('git', ['rev-parse', '--is-inside-work-tree'], {
+            cwd,
+            encoding: 'utf-8',
+            stdio: ['ignore', 'pipe', 'ignore'],
+            timeout: 5000,
+        });
+        if (out.trim() === 'true')
+            return true;
+    }
+    catch {
+        // git missing or not a work tree → fall through to the advisory FS check.
+    }
+    // Advisory fallback (also what the .git-fixture tests exercise). NOT the
+    // security boundary: a git repo with no explicit trusted ref classifies as
+    // 'untrusted-head', and base-ref modes resolve through real git/gh which fail
+    // on a planted/fake .git — so a forged .git only ever yields untrusted-head.
+    return fs.existsSync(path.join(findProjectRoot(cwd), '.git'));
+}
+function defaultResolvePrBase(pr, cwd) {
+    try {
+        const raw = execFileSync('gh', ['pr', 'view', String(pr), '--json', 'baseRefName'], {
+            cwd,
+            encoding: 'utf-8',
+            stdio: ['ignore', 'pipe', 'ignore'],
+            timeout: 10000,
+        });
+        const parsed = JSON.parse(raw);
+        if (parsed.baseRefName && parsed.baseRefName.length > 0)
+            return parsed.baseRefName;
+    }
+    catch {
+        return undefined;
+    }
+    return undefined;
+}
+export function classifyTrustMode(opts) {
+    const { cwd, args } = opts;
+    const resolvePrBase = opts.resolvePrBase ?? defaultResolvePrBase;
+    const isCI = opts.isCI ?? detectCI();
+    // Explicit operator override always wins.
+    if (args['config-base-ref'])
+        return asBaseRef(args['config-base-ref']);
+    if (!isGitRepo(cwd))
+        return { trust_mode: 'non-git' };
+    // --pr resolves the PR's UPSTREAM base branch via gh, so it determines trust
+    // even when a (possibly malicious) --base is also present — matching
+    // resolveDiff, which reviews the PR diff. Resolution failure fails closed.
+    if (args.pr !== undefined) {
+        const resolved = resolvePrBase(args.pr, cwd);
+        return resolved ? asBaseRef(resolved) : { trust_mode: 'untrusted-head' };
+    }
+    if (args.base)
+        return asBaseRef(args.base);
+    // --staged reviews the index against HEAD. HEAD is a trusted base locally,
+    // but in CI it may be an attacker's PR checkout, so fail closed there too —
+    // consistent with the no-flag default below.
+    if (args.staged)
+        return isCI ? { trust_mode: 'untrusted-head' } : asBaseRef('HEAD');
+    // Default (plain `mmr review` working tree, or `--diff`): trusting HEAD is
+    // safe locally (HEAD is your committed history) but NOT in CI, where the
+    // working tree may be an attacker's PR checkout. So `--diff` is always
+    // untrusted, and the no-flags default trusts HEAD only outside CI; in CI it
+    // fails closed and requires an explicit trusted ref (--pr/--base/
+    // --config-base-ref). NOTE: this is stricter than the original plan, which
+    // returned base-ref:HEAD unconditionally — changed to close a CI
+    // self-trust hole (see Group H note).
+    if (args.diff !== undefined || isCI)
+        return { trust_mode: 'untrusted-head' };
+    return asBaseRef('HEAD');
+}
+//# sourceMappingURL=trust-mode.js.map

package/dist/core/trust-mode.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"trust-mode.js","sourceRoot":"","sources":["../../src/core/trust-mode.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,SAAS,CAAA;AACxB,OAAO,IAAI,MAAM,WAAW,CAAA;AAC5B,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AACjD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAA;AACnD,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAA;AA6BzC,+EAA+E;AAC/E,+EAA+E;AAC/E,oBAAoB;AACpB,SAAS,SAAS,CAAC,GAAW;IAC5B,OAAO,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,gBAAgB,EAAE,CAAA;AACtG,CAAC;AAED;;;;;GAKG;AACH,SAAS,QAAQ;IACf,MAAM,EAAE,GAAG,OAAO,CAAC,GAAG,CAAC,EAAE,CAAA;IACzB,IAAI,EAAE,KAAK,SAAS,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,WAAW,EAAE,KAAK,OAAO,IAAI,EAAE,KAAK,GAAG;QAAE,OAAO,IAAI,CAAA;IAC5F,OAAO,OAAO,CACZ,OAAO,CAAC,GAAG,CAAC,cAAc;QACxB,OAAO,CAAC,GAAG,CAAC,SAAS;QACrB,OAAO,CAAC,GAAG,CAAC,SAAS;QACrB,OAAO,CAAC,GAAG,CAAC,QAAQ,IAAI,kBAAkB;QAC1C,OAAO,CAAC,GAAG,CAAC,WAAW;QACvB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAC/B,CAAA;AACH,CAAC;AAED,SAAS,SAAS,CAAC,GAAW;IAC5B,qEAAqE;IACrE,+CAA+C;IAC/C,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,YAAY,CAAC,KAAK,EAAE,CAAC,WAAW,EAAE,uBAAuB,CAAC,EAAE;YACtE,GAAG;YACH,QAAQ,EAAE,OAAO;YACjB,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC;YACnC,OAAO,EAAE,IAAI;SACd,CAAC,CAAA;QACF,IAAI,GAAG,CAAC,IAAI,EAAE,KAAK,MAAM;YAAE,OAAO,IAAI,CAAA;IACxC,CAAC;IAAC,MAAM,CAAC;QACP,0EAA0E;IAC5E,CAAC;IACD,yEAAyE;IACzE,2EAA2E;IAC3E,8EAA8E;IAC9E,6EAA6E;IAC7E,OAAO,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,EAAE,MAAM,CAAC,CAAC,CAAA;AAC/D,CAAC;AAED,SAAS,oBAAoB,CAAC,EAAU,EAAE,GAAW;IACnD,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,YAAY,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,QAAQ,EAAE,aAAa,CAAC,EAAE;YAClF,GAAG;YACH,QAAQ,EAAE,OAAO;YACjB,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,QAAQ,CAAC;YACnC,OAAO,EAAE,KAAK;SACf,CAAC,CAAA;QACF,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAA6B,CAAA;QAC1D,IAAI,MAAM,CAAC,WAAW,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,MAAM,CAAC,WAAW,CAAA;IACpF,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAA;IAClB,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,IAAqB;IACrD,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,GAAG,IAAI,CAAA;IAC1B,MAAM,aAAa,GAAG,IAAI,CAAC,aAAa,IAAI,oBAAoB,CAAA;IAChE,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,QAAQ,EAAE,CAAA;IAEpC,0CAA0C;IAC1C,IAAI,IAAI,CAAC,iBAAiB,CAAC;QAAE,OAAO,SAAS,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAA;IAEtE,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC;QAAE,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,CAAA;IAErD,6EAA6E;IAC7E,qEAAqE;IACrE,2EAA2E;IAC3E,IAAI,IAAI,CAAC,EAAE,KAAK,SAAS,EAAE,CAAC;QAC1B,MAAM,QAAQ,GAAG,aAAa,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAA;QAC5C,OAAO,QAAQ,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,gBAAgB,EAAE,CAAA;IAC1E,CAAC;IAED,IAAI,IAAI,CAAC,IAAI;QAAE,OAAO,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAE1C,2EAA2E;IAC3E,4EAA4E;IAC5E,6CAA6C;IAC7C,IAAI,IAAI,CAAC,MAAM;QAAE,OAAO,IAAI,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,gBAAgB,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAA;IAEnF,2EAA2E;IAC3E,yEAAyE;IACzE,uEAAuE;IACvE,4EAA4E;IAC5E,kEAAkE;IAClE,2EAA2E;IAC3E,iEAAiE;IACjE,sCAAsC;IACtC,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,IAAI;QAAE,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,CAAA;IAC5E,OAAO,SAAS,CAAC,MAAM,CAAC,CAAA;AAC1B,CAAC"}

package/dist/formatters/markdown.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"markdown.d.ts","sourceRoot":"","sources":["../../src/formatters/markdown.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAYpD,wBAAgB,cAAc,CAAC,OAAO,EAAE,iBAAiB,GAAG,MAAM,CA4CjE"}
+{"version":3,"file":"markdown.d.ts","sourceRoot":"","sources":["../../src/formatters/markdown.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAYpD,wBAAgB,cAAc,CAAC,OAAO,EAAE,iBAAiB,GAAG,MAAM,CAoDjE"}

package/dist/formatters/markdown.js

@@ -21,6 +21,15 @@ export function formatMarkdown(results) {
     }
     segments.push(`**Elapsed:** ${results.metadata.total_elapsed}`);
     lines.push(segments.join(' | '));
+    if (results.trust_mode !== undefined) {
+        const trust = [`**Trust:** ${results.trust_mode}`];
+        if (results.proposed_config_change)
+            trust.push('proposed `.mmr.yaml` change');
+        if (results.proposed_acks && results.proposed_acks.length > 0) {
+            trust.push(`proposed acks: ${results.proposed_acks.length}`);
+        }
+        lines.push(trust.join(' | '));
+    }
     lines.push('');
     if (results.reconciled_findings.length > 0) {
         lines.push('### Findings');

package/dist/formatters/markdown.js.map

@@ -1 +1 @@
-{"version":3,"file":"markdown.js","sourceRoot":"","sources":["../../src/formatters/markdown.ts"],"names":[],"mappings":"AAEA,SAAS,YAAY,CAAC,OAAqC;IACzD,QAAQ,OAAO,EAAE,CAAC;QAClB,KAAK,MAAM,CAAC,CAAC,OAAO,QAAQ,CAAA;QAC5B,KAAK,eAAe,CAAC,CAAC,OAAO,QAAQ,CAAA;QACrC,KAAK,SAAS,CAAC,CAAC,OAAO,SAAS,CAAA;QAChC,KAAK,qBAAqB,CAAC,CAAC,OAAO,gBAAgB,CAAA;QACnD,OAAO,CAAC,CAAC,OAAO,SAAS,CAAA;IACzB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,OAA0B;IACvD,MAAM,KAAK,GAAa,EAAE,CAAA;IAC1B,MAAM,IAAI,GAAG,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;IAE1C,KAAK,CAAC,IAAI,CAAC,2BAA2B,IAAI,EAAE,CAAC,CAAA;IAC7C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IACd,MAAM,QAAQ,GAAG;QACf,YAAY,OAAO,CAAC,MAAM,EAAE;QAC5B,kBAAkB,OAAO,CAAC,aAAa,EAAE;KAC1C,CAAA;IACD,IAAI,OAAO,CAAC,cAAc,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC,iBAAiB,OAAO,CAAC,cAAc,EAAE,CAAC,CAAA;IAC1D,CAAC;IACD,QAAQ,CAAC,IAAI,CAAC,gBAAgB,OAAO,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC,CAAA;IAC/D,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAA;IAChC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IAEd,IAAI,OAAO,CAAC,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3C,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;QAC1B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACd,KAAK,CAAC,IAAI,CAAC,0EAA0E,CAAC,CAAA;QACtF,KAAK,CAAC,IAAI,CAAC,0EAA0E,CAAC,CAAA;QACtF,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,mBAAmB,EAAE,CAAC;YAC5C,MAAM,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YAChC,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;YAC5E,MAAM,GAAG,GAAG;gBACV,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC;gBAC1C,GAAG,CAAC,CAAC,CAAC,UAAU,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,SAAS;aACpC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YAChC,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC,CAAA;QACxB,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IAChB,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;QAC1B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IAC1B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IACd,KAAK,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;QAC7D,KAAK,CAAC,IAAI,CAAC,OAAO,IAAI,OAAO,EAAE,CAAC,MAAM,KAAK,EAAE,CAAC,OAAO,GAAG,CAAC,CAAA;IAC3D,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACzB,CAAC"}
+{"version":3,"file":"markdown.js","sourceRoot":"","sources":["../../src/formatters/markdown.ts"],"names":[],"mappings":"AAEA,SAAS,YAAY,CAAC,OAAqC;IACzD,QAAQ,OAAO,EAAE,CAAC;QAClB,KAAK,MAAM,CAAC,CAAC,OAAO,QAAQ,CAAA;QAC5B,KAAK,eAAe,CAAC,CAAC,OAAO,QAAQ,CAAA;QACrC,KAAK,SAAS,CAAC,CAAC,OAAO,SAAS,CAAA;QAChC,KAAK,qBAAqB,CAAC,CAAC,OAAO,gBAAgB,CAAA;QACnD,OAAO,CAAC,CAAC,OAAO,SAAS,CAAA;IACzB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,OAA0B;IACvD,MAAM,KAAK,GAAa,EAAE,CAAA;IAC1B,MAAM,IAAI,GAAG,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;IAE1C,KAAK,CAAC,IAAI,CAAC,2BAA2B,IAAI,EAAE,CAAC,CAAA;IAC7C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IACd,MAAM,QAAQ,GAAG;QACf,YAAY,OAAO,CAAC,MAAM,EAAE;QAC5B,kBAAkB,OAAO,CAAC,aAAa,EAAE;KAC1C,CAAA;IACD,IAAI,OAAO,CAAC,cAAc,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC,iBAAiB,OAAO,CAAC,cAAc,EAAE,CAAC,CAAA;IAC1D,CAAC;IACD,QAAQ,CAAC,IAAI,CAAC,gBAAgB,OAAO,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC,CAAA;IAC/D,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAA;IAChC,IAAI,OAAO,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QACrC,MAAM,KAAK,GAAG,CAAC,cAAc,OAAO,CAAC,UAAU,EAAE,CAAC,CAAA;QAClD,IAAI,OAAO,CAAC,sBAAsB;YAAE,KAAK,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAA;QAC7E,IAAI,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9D,KAAK,CAAC,IAAI,CAAC,kBAAkB,OAAO,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAA;QAC9D,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAA;IAC/B,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IAEd,IAAI,OAAO,CAAC,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3C,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;QAC1B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACd,KAAK,CAAC,IAAI,CAAC,0EAA0E,CAAC,CAAA;QACtF,KAAK,CAAC,IAAI,CAAC,0EAA0E,CAAC,CAAA;QACtF,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,mBAAmB,EAAE,CAAC;YAC5C,MAAM,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YAChC,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAA;YAC5E,MAAM,GAAG,GAAG;gBACV,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC;gBAC1C,GAAG,CAAC,CAAC,CAAC,UAAU,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,SAAS;aACpC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YAChC,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC,CAAA;QACxB,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IAChB,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;QAC1B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IAChB,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IAC1B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IACd,KAAK,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;QAC7D,KAAK,CAAC,IAAI,CAAC,OAAO,IAAI,OAAO,EAAE,CAAC,MAAM,KAAK,EAAE,CAAC,OAAO,GAAG,CAAC,CAAA;IAC3D,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACzB,CAAC"}

package/dist/formatters/text.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"text.d.ts","sourceRoot":"","sources":["../../src/formatters/text.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAYpD,wBAAgB,UAAU,CAAC,OAAO,EAAE,iBAAiB,GAAG,MAAM,CAyC7D"}
+{"version":3,"file":"text.d.ts","sourceRoot":"","sources":["../../src/formatters/text.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAA;AAYpD,wBAAgB,UAAU,CAAC,OAAO,EAAE,iBAAiB,GAAG,MAAM,CAiD7D"}

package/dist/formatters/text.js

@@ -20,6 +20,15 @@ export function formatText(results) {
     }
     segments.push(`Channels: ${chCount}`, `Elapsed: ${results.metadata.total_elapsed}`);
     lines.push(segments.join(' | '));
+    if (results.trust_mode !== undefined) {
+        const trust = [`Trust: ${results.trust_mode}`];
+        if (results.proposed_config_change)
+            trust.push('proposed .mmr.yaml change');
+        if (results.proposed_acks && results.proposed_acks.length > 0) {
+            trust.push(`proposed acks: ${results.proposed_acks.length}`);
+        }
+        lines.push(trust.join(' | '));
+    }
     lines.push('');
     if (results.reconciled_findings.length > 0) {
         lines.push(`Findings (${results.reconciled_findings.length}):`);

package/dist/formatters/text.js.map

@@ -1 +1 @@
-{"version":3,"file":"text.js","sourceRoot":"","sources":["../../src/formatters/text.ts"],"names":[],"mappings":"AAEA,SAAS,YAAY,CAAC,OAAqC;IACzD,QAAQ,OAAO,EAAE,CAAC;QAClB,KAAK,MAAM,CAAC,CAAC,OAAO,QAAQ,CAAA;QAC5B,KAAK,eAAe,CAAC,CAAC,OAAO,QAAQ,CAAA;QACrC,KAAK,SAAS,CAAC,CAAC,OAAO,SAAS,CAAA;QAChC,KAAK,qBAAqB,CAAC,CAAC,OAAO,gBAAgB,CAAA;QACnD,OAAO,CAAC,CAAC,OAAO,SAAS,CAAA;IACzB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,OAA0B;IACnD,MAAM,KAAK,GAAa,EAAE,CAAA;IAC1B,MAAM,IAAI,GAAG,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;IAE1C,KAAK,CAAC,IAAI,CAAC,OAAO,IAAI,MAAM,OAAO,CAAC,MAAM,EAAE,CAAC,CAAA;IAC7C,MAAM,OAAO,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,kBAAkB,IAAI,OAAO,CAAC,QAAQ,CAAC,mBAAmB,EAAE,CAAA;IAChG,MAAM,QAAQ,GAAG;QACf,cAAc,OAAO,CAAC,aAAa,EAAE;KACtC,CAAA;IACD,IAAI,OAAO,CAAC,cAAc,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC,aAAa,OAAO,CAAC,cAAc,EAAE,CAAC,CAAA;IACtD,CAAC;IACD,QAAQ,CAAC,IAAI,CACX,aAAa,OAAO,EAAE,EACtB,YAAY,OAAO,CAAC,QAAQ,CAAC,aAAa,EAAE,CAC7C,CAAA;IACD,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAA;IAChC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IAEd,IAAI,OAAO,CAAC,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3C,KAAK,CAAC,IAAI,CAAC,aAAa,OAAO,CAAC,mBAAmB,CAAC,MAAM,IAAI,CAAC,CAAA;QAC/D,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACd,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,mBAAmB,EAAE,CAAC;YAC5C,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAA;YAC7C,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC,CAAA;YAClC,IAAI,CAAC,CAAC,UAAU,EAAE,CAAC;gBACjB,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,UAAU,EAAE,CAAC,CAAA;YAC/C,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,SAAS,GAAG,CAAC,CAAA;YACnE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QAChB,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IAC5B,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;IACvB,KAAK,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;QAC7D,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,KAAK,EAAE,CAAC,MAAM,KAAK,EAAE,CAAC,OAAO,GAAG,CAAC,CAAA;IACvD,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACzB,CAAC"}
+{"version":3,"file":"text.js","sourceRoot":"","sources":["../../src/formatters/text.ts"],"names":[],"mappings":"AAEA,SAAS,YAAY,CAAC,OAAqC;IACzD,QAAQ,OAAO,EAAE,CAAC;QAClB,KAAK,MAAM,CAAC,CAAC,OAAO,QAAQ,CAAA;QAC5B,KAAK,eAAe,CAAC,CAAC,OAAO,QAAQ,CAAA;QACrC,KAAK,SAAS,CAAC,CAAC,OAAO,SAAS,CAAA;QAChC,KAAK,qBAAqB,CAAC,CAAC,OAAO,gBAAgB,CAAA;QACnD,OAAO,CAAC,CAAC,OAAO,SAAS,CAAA;IACzB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,OAA0B;IACnD,MAAM,KAAK,GAAa,EAAE,CAAA;IAC1B,MAAM,IAAI,GAAG,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAA;IAE1C,KAAK,CAAC,IAAI,CAAC,OAAO,IAAI,MAAM,OAAO,CAAC,MAAM,EAAE,CAAC,CAAA;IAC7C,MAAM,OAAO,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,kBAAkB,IAAI,OAAO,CAAC,QAAQ,CAAC,mBAAmB,EAAE,CAAA;IAChG,MAAM,QAAQ,GAAG;QACf,cAAc,OAAO,CAAC,aAAa,EAAE;KACtC,CAAA;IACD,IAAI,OAAO,CAAC,cAAc,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC,aAAa,OAAO,CAAC,cAAc,EAAE,CAAC,CAAA;IACtD,CAAC;IACD,QAAQ,CAAC,IAAI,CACX,aAAa,OAAO,EAAE,EACtB,YAAY,OAAO,CAAC,QAAQ,CAAC,aAAa,EAAE,CAC7C,CAAA;IACD,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAA;IAChC,IAAI,OAAO,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;QACrC,MAAM,KAAK,GAAG,CAAC,UAAU,OAAO,CAAC,UAAU,EAAE,CAAC,CAAA;QAC9C,IAAI,OAAO,CAAC,sBAAsB;YAAE,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAA;QAC3E,IAAI,OAAO,CAAC,aAAa,IAAI,OAAO,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9D,KAAK,CAAC,IAAI,CAAC,kBAAkB,OAAO,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAA;QAC9D,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAA;IAC/B,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IAEd,IAAI,OAAO,CAAC,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3C,KAAK,CAAC,IAAI,CAAC,aAAa,OAAO,CAAC,mBAAmB,CAAC,MAAM,IAAI,CAAC,CAAA;QAC/D,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACd,KAAK,MAAM,CAAC,IAAI,OAAO,CAAC,mBAAmB,EAAE,CAAC;YAC5C,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAA;YAC7C,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC,CAAA;YAClC,IAAI,CAAC,CAAC,UAAU,EAAE,CAAC;gBACjB,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,UAAU,EAAE,CAAC,CAAA;YAC/C,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,SAAS,GAAG,CAAC,CAAA;YACnE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QAChB,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAA;IAC5B,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;IACvB,KAAK,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;QAC7D,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,KAAK,EAAE,CAAC,MAAM,KAAK,EAAE,CAAC,OAAO,GAAG,CAAC,CAAA;IACvD,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACzB,CAAC"}

package/dist/types.d.ts

@@ -1,3 +1,4 @@
+import type { OutputParserConfig } from './config/schema.js';
 export type Severity = 'P0' | 'P1' | 'P2' | 'P3';
 export declare const SEVERITY_ORDER: Record<Severity, number>;
 export type ChannelStatus = 'dispatched' | 'running' | 'completed' | 'timeout' | 'failed' | 'auth_failed' | 'not_installed' | 'skipped';
@@ -7,6 +8,13 @@ export type Verdict = 'pass' | 'degraded-pass' | 'blocked' | 'needs-user-decisio
 export type Agreement = 'consensus' | 'majority' | 'unique';
 export type Confidence = 'high' | 'medium' | 'low';
 export type OutputFormat = 'json' | 'text' | 'markdown';
+export interface ReviewControls {
+    max_rounds?: number;
+    accept_new_acks: boolean;
+    trust_project_acks: boolean;
+    trust_project_config: boolean;
+    config_base_ref?: string;
+}
 export declare const TERMINAL_STATUSES: ReadonlySet<ChannelStatus>;
 export interface Finding {
     id?: string;
@@ -20,6 +28,21 @@ export interface ReconciledFinding extends Finding {
     confidence: Confidence;
     sources: string[];
     agreement: Agreement;
+    /** Stable content-hashed identity (T2-A, §5 decision 2). */
+    finding_key?: string;
+    /** Char-5-gram set of normalized description for cross-round fuzzy match. */
+    description_shingle?: string[];
+    /** True when this finding has been silenced via `mmr ack` (T2-D). */
+    acknowledged?: boolean;
+    ack_reason?: string;
+    /** How the ack was resolved: exact key match or location-anchored Jaccard fallback. */
+    ack_match?: 'exact' | 'fuzzy';
+    /** Reserved for T2-C (v3.31): finding was auto-downgraded after repeat threshold. */
+    auto_downgraded?: boolean;
+    /** Reserved for T2-C (v3.31): finding was auto-suppressed after repeat threshold. */
+    auto_suppressed?: boolean;
+    /** Reserved for T2-C: how the cross-round repeat was matched. */
+    repeat_match?: 'exact' | 'fuzzy';
 }
 export interface ChannelResult {
     status: ChannelStatus;
@@ -35,6 +58,20 @@ export interface JobMetadata {
     format: OutputFormat;
     created_at: string;
     channels: Record<string, ChannelJobEntry>;
+    /** Session linkage (T2-B). Optional; absent in legacy jobs. */
+    session_id?: string;
+    /** One-based round counter within a session (T2-B). */
+    round?: number;
+    /** Parsed review loop/security controls used for this invocation. */
+    review_controls?: ReviewControls;
+    /**
+     * Trust context captured at review time (§5 decision 1), persisted so the
+     * results pipeline re-surfaces it on every run (review --sync, results,
+     * reconcile) rather than only the original stdout.
+     */
+    trust_mode?: 'base-ref' | 'untrusted-head' | 'non-git';
+    proposed_acks?: string[];
+    proposed_config_change?: boolean;
 }
 export interface ChannelJobEntry {
     status: ChannelStatus;
@@ -45,7 +82,7 @@ export interface ChannelJobEntry {
     completed_at?: string;
     elapsed?: string;
     findings_count?: number;
-    output_parser?: string;
+    output_parser?: string | OutputParserConfig;
 }
 export interface ReconciledResults {
     job_id: string;
@@ -62,6 +99,12 @@ export interface ReconciledResults {
         channels_partial: number;
         total_elapsed: string;
     };
+    /** Trust mode under which this review ran (§5 decision 1). */
+    trust_mode?: 'base-ref' | 'untrusted-head' | 'non-git';
+    /** Ack-file paths added/modified by the diff under review. */
+    proposed_acks?: string[];
+    /** True when `.mmr.yaml` was added/modified by the diff under review. */
+    proposed_config_change?: boolean;
 }
 export type { MmrConfigParsed as MmrConfig, ChannelConfigParsed as ChannelConfig } from './config/schema.js';
 //# sourceMappingURL=types.d.ts.map

package/dist/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,QAAQ,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,CAAA;AAEhD,eAAO,MAAM,cAAc,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAKnD,CAAA;AAED,MAAM,MAAM,aAAa,GACrB,YAAY,GACZ,SAAS,GACT,WAAW,GACX,SAAS,GACT,QAAQ,GACR,aAAa,GACb,eAAe,GACf,SAAS,CAAA;AAEb,8GAA8G;AAC9G,MAAM,MAAM,SAAS,GAAG,YAAY,GAAG,SAAS,GAAG,WAAW,CAAA;AAE9D,MAAM,MAAM,OAAO,GAAG,MAAM,GAAG,eAAe,GAAG,SAAS,GAAG,qBAAqB,CAAA;AAElF,MAAM,MAAM,SAAS,GAAG,WAAW,GAAG,UAAU,GAAG,QAAQ,CAAA;AAE3D,MAAM,MAAM,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAA;AAElD,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG,MAAM,GAAG,UAAU,CAAA;AAEvD,eAAO,MAAM,iBAAiB,EAAE,WAAW,CAAC,aAAa,CAEvD,CAAA;AAEF,MAAM,WAAW,OAAO;IACtB,EAAE,CAAC,EAAE,MAAM,CAAA;IACX,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,QAAQ,EAAE,QAAQ,CAAA;IAClB,QAAQ,EAAE,MAAM,CAAA;IAChB,WAAW,EAAE,MAAM,CAAA;IACnB,UAAU,EAAE,MAAM,CAAA;CACnB;AAED,MAAM,WAAW,iBAAkB,SAAQ,OAAO;IAChD,UAAU,EAAE,UAAU,CAAA;IACtB,OAAO,EAAE,MAAM,EAAE,CAAA;IACjB,SAAS,EAAE,SAAS,CAAA;CACrB;AAED,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,aAAa,CAAA;IACrB,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,EAAE,OAAO,EAAE,CAAA;IACnB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AAED,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,SAAS,CAAA;IACjB,aAAa,EAAE,QAAQ,CAAA;IACvB,MAAM,EAAE,YAAY,CAAA;IACpB,UAAU,EAAE,MAAM,CAAA;IAClB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAAA;CAC1C;AAED,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,aAAa,CAAA;IACrB,IAAI,EAAE,IAAI,GAAG,QAAQ,GAAG,SAAS,CAAA;IACjC,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB;AAED,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,MAAM,CAAA;IACd,OAAO,EAAE,OAAO,CAAA;IAChB,aAAa,EAAE,QAAQ,CAAA;IACvB,cAAc,EAAE,MAAM,CAAA;IACtB,QAAQ,EAAE,OAAO,CAAA;IACjB,OAAO,EAAE,MAAM,CAAA;IACf,mBAAmB,EAAE,iBAAiB,EAAE,CAAA;IACxC,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,CAAA;IAC1C,QAAQ,EAAE;QACR,mBAAmB,EAAE,MAAM,CAAA;QAC3B,kBAAkB,EAAE,MAAM,CAAA;QAC1B,gBAAgB,EAAE,MAAM,CAAA;QACxB,aAAa,EAAE,MAAM,CAAA;KACtB,CAAA;CACF;AAID,YAAY,EAAE,eAAe,IAAI,SAAS,EAAE,mBAAmB,IAAI,aAAa,EAAE,MAAM,oBAAoB,CAAA"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAA;AAE5D,MAAM,MAAM,QAAQ,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,CAAA;AAEhD,eAAO,MAAM,cAAc,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAKnD,CAAA;AAED,MAAM,MAAM,aAAa,GACrB,YAAY,GACZ,SAAS,GACT,WAAW,GACX,SAAS,GACT,QAAQ,GACR,aAAa,GACb,eAAe,GACf,SAAS,CAAA;AAEb,8GAA8G;AAC9G,MAAM,MAAM,SAAS,GAAG,YAAY,GAAG,SAAS,GAAG,WAAW,CAAA;AAE9D,MAAM,MAAM,OAAO,GAAG,MAAM,GAAG,eAAe,GAAG,SAAS,GAAG,qBAAqB,CAAA;AAElF,MAAM,MAAM,SAAS,GAAG,WAAW,GAAG,UAAU,GAAG,QAAQ,CAAA;AAE3D,MAAM,MAAM,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAA;AAElD,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG,MAAM,GAAG,UAAU,CAAA;AAEvD,MAAM,WAAW,cAAc;IAC7B,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,eAAe,EAAE,OAAO,CAAA;IACxB,kBAAkB,EAAE,OAAO,CAAA;IAC3B,oBAAoB,EAAE,OAAO,CAAA;IAC7B,eAAe,CAAC,EAAE,MAAM,CAAA;CACzB;AAED,eAAO,MAAM,iBAAiB,EAAE,WAAW,CAAC,aAAa,CAEvD,CAAA;AAEF,MAAM,WAAW,OAAO;IACtB,EAAE,CAAC,EAAE,MAAM,CAAA;IACX,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,QAAQ,EAAE,QAAQ,CAAA;IAClB,QAAQ,EAAE,MAAM,CAAA;IAChB,WAAW,EAAE,MAAM,CAAA;IACnB,UAAU,EAAE,MAAM,CAAA;CACnB;AAED,MAAM,WAAW,iBAAkB,SAAQ,OAAO;IAChD,UAAU,EAAE,UAAU,CAAA;IACtB,OAAO,EAAE,MAAM,EAAE,CAAA;IACjB,SAAS,EAAE,SAAS,CAAA;IACpB,4DAA4D;IAC5D,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,6EAA6E;IAC7E,mBAAmB,CAAC,EAAE,MAAM,EAAE,CAAA;IAC9B,qEAAqE;IACrE,YAAY,CAAC,EAAE,OAAO,CAAA;IACtB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,uFAAuF;IACvF,SAAS,CAAC,EAAE,OAAO,GAAG,OAAO,CAAA;IAC7B,qFAAqF;IACrF,eAAe,CAAC,EAAE,OAAO,CAAA;IACzB,qFAAqF;IACrF,eAAe,CAAC,EAAE,OAAO,CAAA;IACzB,iEAAiE;IACjE,YAAY,CAAC,EAAE,OAAO,GAAG,OAAO,CAAA;CACjC;AAED,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,aAAa,CAAA;IACrB,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,EAAE,OAAO,EAAE,CAAA;IACnB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AAED,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,SAAS,CAAA;IACjB,aAAa,EAAE,QAAQ,CAAA;IACvB,MAAM,EAAE,YAAY,CAAA;IACpB,UAAU,EAAE,MAAM,CAAA;IAClB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAAA;IACzC,+DAA+D;IAC/D,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,uDAAuD;IACvD,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,qEAAqE;IACrE,eAAe,CAAC,EAAE,cAAc,CAAA;IAChC;;;;OAIG;IACH,UAAU,CAAC,EAAE,UAAU,GAAG,gBAAgB,GAAG,SAAS,CAAA;IACtD,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;IACxB,sBAAsB,CAAC,EAAE,OAAO,CAAA;CACjC;AAED,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,aAAa,CAAA;IACrB,IAAI,EAAE,IAAI,GAAG,QAAQ,GAAG,SAAS,CAAA;IACjC,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,YAAY,CAAC,EAAE,MAAM,CAAA;IACrB,OAAO,CAAC,EAAE,MAAM,CAAA;IAChB,cAAc,CAAC,EAAE,MAAM,CAAA;IACvB,aAAa,CAAC,EAAE,MAAM,GAAG,kBAAkB,CAAA;CAC5C;AAED,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,MAAM,CAAA;IACd,OAAO,EAAE,OAAO,CAAA;IAChB,aAAa,EAAE,QAAQ,CAAA;IACvB,cAAc,EAAE,MAAM,CAAA;IACtB,QAAQ,EAAE,OAAO,CAAA;IACjB,OAAO,EAAE,MAAM,CAAA;IACf,mBAAmB,EAAE,iBAAiB,EAAE,CAAA;IACxC,WAAW,EAAE,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,CAAA;IAC1C,QAAQ,EAAE;QACR,mBAAmB,EAAE,MAAM,CAAA;QAC3B,kBAAkB,EAAE,MAAM,CAAA;QAC1B,gBAAgB,EAAE,MAAM,CAAA;QACxB,aAAa,EAAE,MAAM,CAAA;KACtB,CAAA;IACD,8DAA8D;IAC9D,UAAU,CAAC,EAAE,UAAU,GAAG,gBAAgB,GAAG,SAAS,CAAA;IACtD,8DAA8D;IAC9D,aAAa,CAAC,EAAE,MAAM,EAAE,CAAA;IACxB,yEAAyE;IACzE,sBAAsB,CAAC,EAAE,OAAO,CAAA;CACjC;AAID,YAAY,EAAE,eAAe,IAAI,SAAS,EAAE,mBAAmB,IAAI,aAAa,EAAE,MAAM,oBAAoB,CAAA"}

package/dist/types.js.map

@@ -1 +1 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,cAAc,GAA6B;IACtD,EAAE,EAAE,CAAC;IACL,EAAE,EAAE,CAAC;IACL,EAAE,EAAE,CAAC;IACL,EAAE,EAAE,CAAC;CACN,CAAA;AAuBD,MAAM,CAAC,MAAM,iBAAiB,GAA+B,IAAI,GAAG,CAAC;IACnE,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,aAAa,EAAE,eAAe,EAAE,SAAS;CAC5E,CAAC,CAAA"}
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAIA,MAAM,CAAC,MAAM,cAAc,GAA6B;IACtD,EAAE,EAAE,CAAC;IACL,EAAE,EAAE,CAAC;IACL,EAAE,EAAE,CAAC;IACL,EAAE,EAAE,CAAC;CACN,CAAA;AA+BD,MAAM,CAAC,MAAM,iBAAiB,GAA+B,IAAI,GAAG,CAAC;IACnE,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,aAAa,EAAE,eAAe,EAAE,SAAS;CAC5E,CAAC,CAAA"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@zigrivers/mmr",
-  "version": "1.3.0",
+  "version": "1.4.0",
   "description": "Multi-model code review CLI — async dispatch, reconciliation, and severity gating",
   "type": "module",
   "license": "MIT",
@@ -32,7 +32,7 @@
     "test": "vitest run",
     "test:coverage": "vitest run --coverage",
     "lint": "eslint src/",
-    "type-check": "tsc --noEmit",
+    "type-check": "tsc -p tsconfig.check.json",
     "check": "npm run lint && npm run type-check && npm test"
   },
   "dependencies": {