@zigrivers/mmr 1.3.0 → 1.4.0

package/dist/config/schema.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../src/config/schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,eAAO,MAAM,QAAQ,qCAAmC,CAAA;AAExD,eAAO,MAAM,YAAY,yCAAuC,CAAA;AAShE,QAAA,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAUvB,CAAA;AAcF,eAAO,MAAM,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAM1B,CAAA;AAEF,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,eAAe,CAAC,CAAA;AAC7D,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAA"}
+{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../src/config/schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,eAAO,MAAM,QAAQ,qCAAmC,CAAA;AAExD,eAAO,MAAM,YAAY,yCAAuC,CAAA;AAehE,QAAA,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;EAOxB,CAAA;AAEF;;;;;GAKG;AACH,wBAAgB,cAAc,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAQnE;AAED,KAAK,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,QAAQ,CAAC,CAAA;AAE9C,MAAM,WAAW,yBAAyB;IACxC,IAAI,EAAE,gBAAgB,CAAA;IACtB,OAAO,EAAE,MAAM,CAAA;IACf,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,gBAAgB,CAAC,EAAE,cAAc,CAAA;IACjC,MAAM,EAAE;QACN,EAAE,CAAC,EAAE,MAAM,CAAA;QACX,QAAQ,CAAC,EAAE,MAAM,CAAA;QACjB,QAAQ,CAAC,EAAE,MAAM,CAAA;QACjB,QAAQ,EAAE,MAAM,CAAA;QAChB,WAAW,EAAE,MAAM,CAAA;QACnB,UAAU,CAAC,EAAE,MAAM,CAAA;KACpB,CAAA;CACF;AAED,MAAM,WAAW,0BAA0B;IACzC,IAAI,EAAE,iBAAiB,CAAA;IACvB,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,CAAC,EAAE,kBAAkB,CAAA;CAC1B;AAED,MAAM,MAAM,kBAAkB,GAC1B,MAAM,GACN,0BAA0B,GAC1B,yBAAyB,CAAA;AAW7B,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAMW,CAAA;AAEjD,eAAO,MAAM,0BAA0B;;;;;;;;;;;;EAIW,CAAA;AAElD,eAAO,MAAM,kBAAkB,EAAE,CAAC,CAAC,OAAO,CAAC,kBAAkB,CAQ5D,CAAA;AA4BD,QAAA,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAK3B,CAAA;AAMF,QAAA,MAAM,iBAAiB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAarB,CAAA;AAeF,QAAA,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;WAavB,CAAA;AAMF,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;EAMnC,CAAA;AAED,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,uBAAuB,CAAC,CAAA;AAwCvE,eAAO,MAAM,eAAe;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAO1B,CAAA;AAEF,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,eAAe,CAAC,CAAA;AAC7D,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAA;AACrE,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,uBAAuB,CAAC,CAAA;AAC7E,MAAM,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iBAAiB,CAAC,CAAA;AACjE,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAA"}

package/dist/config/schema.js

@@ -7,26 +7,172 @@ const AuthConfigSchema = z.object({
     failure_exit_codes: z.array(z.number()),
     recovery: z.string(),
 });
-const ChannelConfigSchema = z.object({
+// Auth-probe config for HTTP channels (T1-C). Distinct from the subprocess
+// AuthConfigSchema: an HTTP probe is an HTTP request (method + accepted status
+// codes), not a spawned command. `check_endpoint` is optional — when absent,
+// the probe URL is derived from `endpoint` via `deriveProbeUrl` (a trailing
+// `/chat/completions` → `/models`); the schema rejects http channels where
+// neither is available.
+const HttpAuthConfigSchema = z.object({
+    check_endpoint: z.string().optional(),
+    check_method: z.string().default('GET'),
+    check_status_ok: z.array(z.number()).default([200]),
+    // Positive: a 0/negative timeout would abort the probe immediately.
+    timeout: z.number().positive().default(5),
+    recovery: z.string().optional(),
+});
+/**
+ * Derive the auth-probe URL from an openai-chat endpoint by replacing a
+ * trailing `/chat/completions` with `/models` (handles both `.../v1/chat/...`
+ * and bare `.../chat/...` shapes). Returns undefined when there is no trailing
+ * `/chat/completions` — callers then require an explicit `auth.check_endpoint`.
+ */
+export function deriveProbeUrl(endpoint) {
+    // Tolerate trailing slashes (e.g. `.../chat/completions/`).
+    const trimmed = endpoint.replace(/\/+$/, '');
+    const suffix = '/chat/completions';
+    if (trimmed.endsWith(suffix)) {
+        return trimmed.slice(0, -suffix.length) + '/models';
+    }
+    return undefined;
+}
+const RegexFindingsFieldsSchema = z.object({
+    id: z.number().int().positive().optional(),
+    category: z.number().int().positive().optional(),
+    severity: z.number().int().positive().optional(),
+    location: z.number().int().positive(),
+    description: z.number().int().positive(),
+    suggestion: z.number().int().positive().optional(),
+});
+export const RegexFindingsParserSchema = z.object({
+    kind: z.literal('regex-findings'),
+    pattern: z.string(),
+    flags: z.string().regex(/^[dgimsuvy]*$/).default('gm'),
+    default_severity: Severity.default('P2'),
+    fields: RegexFindingsFieldsSchema,
+});
+export const UnwrapJsonpathParserSchema = z.object({
+    kind: z.literal('unwrap-jsonpath'),
+    wrap: z.string(),
+    then: z.lazy(() => OutputParserSchema).default('default'),
+});
+export const OutputParserSchema = z.lazy(() => z.union([
+    z.string(),
+    z.discriminatedUnion('kind', [
+        UnwrapJsonpathParserSchema,
+        RegexFindingsParserSchema,
+    ]),
+]));
+// Fields common to every channel kind. Shared across both discriminated-union
+// arms so existing consumers can keep reading ch.command/ch.auth/etc. off the
+// union without narrowing (they're subprocess-relevant but harmless on http).
+const CommonChannelFields = {
     enabled: z.boolean().default(true),
-    command: z.string(),
+    command: z.string().optional(),
     flags: z.array(z.string()).default([]),
     env: z.record(z.string()).default({}),
-    auth: AuthConfigSchema,
+    headers: z.record(z.string()).optional(),
     prompt_wrapper: z.string().default('{{prompt}}'),
-    output_parser: z.string().default('default'),
+    // How the dispatcher hands the prompt to the channel process:
+    //   'stdin'       — pipe the prompt to stdin (default; claude/gemini/codex)
+    //   'prompt-file' — write the prompt to a temp file and pass its path via a
+    //                   {{prompt_file}} placeholder in flags (or appended), for
+    //                   CLIs like grok whose prompt flag requires an arg value
+    //                   and ignore stdin. Omitted ⇒ stdin.
+    prompt_delivery: z.enum(['stdin', 'prompt-file']).optional(),
+    output_parser: OutputParserSchema.default('default'),
     stderr: z.enum(['suppress', 'capture', 'passthrough']).default('capture'),
     timeout: z.number().optional(),
+    // Channel inheritance (v3.28). command/auth stay optional so abstract bases
+    // and `extends` children (resolved before parse) validate.
+    extends: z.string().optional(),
+    abstract: z.boolean().default(false),
+};
+const SubprocessChannelSchema = z.object({
+    kind: z.literal('subprocess'),
+    // Subprocess auth is a spawned command (check + failure_exit_codes).
+    auth: AuthConfigSchema.optional(),
+    ...CommonChannelFields,
+});
+// NOTE: endpoint/model/endpoint_convention are required unconditionally, so an
+// abstract http *template* (providing only shared headers for children to
+// extend) is not supported — http channels must be concrete. Subprocess
+// abstract templates remain supported (command is optional).
+const HttpChannelSchema = z.object({
+    kind: z.literal('http'),
+    endpoint: z.string(),
+    model: z.string(),
+    // Only the openai-chat convention ships in v3.30b (§5 decision 8).
+    endpoint_convention: z.literal('openai-chat'),
+    api_key_env: z.string().optional(),
+    api_key_header: z.string().default('Authorization'),
+    api_key_prefix: z.string().default('Bearer '),
+    // HTTP auth is an HTTP probe (GET <endpoint→/models>), always defaulted so
+    // the dispatcher/auth-probe can read auth.check_method/check_status_ok.
+    auth: HttpAuthConfigSchema.default({}),
+    ...CommonChannelFields,
+});
+/**
+ * Injects `kind: 'subprocess'` into any channel object missing it BEFORE the
+ * discriminatedUnion runs. Zod picks the union arm from the RAW discriminator
+ * value before defaults apply, so without this a legacy config (no `kind`)
+ * would fail to parse entirely.
+ */
+function injectSubprocessDefault(raw) {
+    if (raw === null || typeof raw !== 'object' || Array.isArray(raw))
+        return raw;
+    const obj = raw;
+    if (obj.kind === undefined)
+        return { ...obj, kind: 'subprocess' };
+    return obj;
+}
+const ChannelConfigSchema = z.preprocess(injectSubprocessDefault, z.discriminatedUnion('kind', [SubprocessChannelSchema, HttpChannelSchema])).superRefine((ch, ctx) => {
+    // An http channel must have a probeable auth endpoint: either an explicit
+    // auth.check_endpoint, or a derivable one (endpoint ends in /chat/completions).
+    if (ch.kind === 'http' && !ch.auth.check_endpoint && !deriveProbeUrl(ch.endpoint)) {
+        ctx.addIssue({
+            code: z.ZodIssueCode.custom,
+            path: ['auth', 'check_endpoint'],
+            message: `endpoint "${ch.endpoint}" does not end in /chat/completions; auth.check_endpoint is required.`,
+        });
+    }
 });
 const TemplateSchema = z.object({
     criteria: z.array(z.string()).optional(),
 });
+export const CompensatorConfigSchema = z.object({
+    channel: z.string().optional(),
+    channel_focus_map: z.record(z.string()).optional(),
+}).strict().refine((cfg) => cfg.channel !== undefined || cfg.channel_focus_map !== undefined, { message: 'defaults.compensator must define channel or channel_focus_map' });
+const LoopControlSchema = z.object({
+    max_rounds_default: z.number().int().positive().default(5),
+    repeat_suppression_enabled: z.boolean().default(false),
+    repeat_downgrade_after: z.number().int().positive().optional(),
+    repeat_suppress_after: z.number().int().positive().optional(),
+})
+    .refine((lc) => {
+    if (!lc.repeat_suppression_enabled)
+        return true;
+    return lc.repeat_downgrade_after !== undefined && lc.repeat_suppress_after !== undefined;
+}, {
+    message: 'loop_control.repeat_suppression_enabled requires both repeat_downgrade_after and repeat_suppress_after',
+})
+    .refine((lc) => {
+    if (lc.repeat_downgrade_after === undefined || lc.repeat_suppress_after === undefined) {
+        return true;
+    }
+    return lc.repeat_suppress_after >= lc.repeat_downgrade_after;
+}, {
+    message: 'loop_control.repeat_suppress_after must be greater than or equal to repeat_downgrade_after',
+});
 const DefaultsSchema = z.object({
     fix_threshold: Severity.default('P2'),
     timeout: z.number().default(300),
     format: OutputFormat.default('json'),
     parallel: z.boolean().default(true),
     job_retention_days: z.number().default(7),
+    loop_control: LoopControlSchema.default({}),
+    compensator: CompensatorConfigSchema.optional(),
 });
 export const MmrConfigSchema = z.object({
     version: z.number(),
@@ -34,5 +180,6 @@ export const MmrConfigSchema = z.object({
     review_criteria: z.array(z.string()).optional(),
     templates: z.record(TemplateSchema).optional(),
     channels: z.record(ChannelConfigSchema).default({}),
+    channels_disabled: z.array(z.string()).optional(),
 });
 //# sourceMappingURL=schema.js.map

package/dist/config/schema.js.map

@@ -1 +1 @@
-{"version":3,"file":"schema.js","sourceRoot":"","sources":["../../src/config/schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,CAAA;AAExD,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC,CAAA;AAEhE,MAAM,gBAAgB,GAAG,CAAC,CAAC,MAAM,CAAC;IAChC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;IACjB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IAC9B,kBAAkB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACvC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;CACrB,CAAC,CAAA;AAEF,MAAM,mBAAmB,GAAG,CAAC,CAAC,MAAM,CAAC;IACnC,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IAClC,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACtC,GAAG,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACrC,IAAI,EAAE,gBAAgB;IACtB,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,YAAY,CAAC;IAChD,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC;IAC5C,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,SAAS,EAAE,aAAa,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC;IACzE,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CAC/B,CAAC,CAAA;AAEF,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC;IAC9B,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;CACzC,CAAC,CAAA;AAEF,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC;IAC9B,aAAa,EAAE,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC;IACrC,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC;IAChC,MAAM,EAAE,YAAY,CAAC,OAAO,CAAC,MAAM,CAAC;IACpC,QAAQ,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IACnC,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;CAC1C,CAAC,CAAA;AAEF,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC,MAAM,CAAC;IACtC,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,QAAQ,EAAE,cAAc,CAAC,OAAO,CAAC,EAAE,CAAC;IACpC,eAAe,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAC/C,SAAS,EAAE,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,QAAQ,EAAE;IAC9C,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;CACpD,CAAC,CAAA"}
+{"version":3,"file":"schema.js","sourceRoot":"","sources":["../../src/config/schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAA;AAEvB,MAAM,CAAC,MAAM,QAAQ,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,CAAA;AAExD,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC,CAAA;AAEhE,MAAM,gBAAgB,GAAG,CAAC,CAAC,MAAM,CAAC;IAChC,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;IACjB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IAC9B,kBAAkB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;IACvC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;CACrB,CAAC,CAAA;AAEF,2EAA2E;AAC3E,+EAA+E;AAC/E,6EAA6E;AAC7E,4EAA4E;AAC5E,2EAA2E;AAC3E,wBAAwB;AACxB,MAAM,oBAAoB,GAAG,CAAC,CAAC,MAAM,CAAC;IACpC,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IACrC,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IACvC,eAAe,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC;IACnD,oEAAoE;IACpE,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IACzC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CAChC,CAAC,CAAA;AAEF;;;;;GAKG;AACH,MAAM,UAAU,cAAc,CAAC,QAAgB;IAC7C,4DAA4D;IAC5D,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAA;IAC5C,MAAM,MAAM,GAAG,mBAAmB,CAAA;IAClC,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QAC7B,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,SAAS,CAAA;IACrD,CAAC;IACD,OAAO,SAAS,CAAA;AAClB,CAAC;AA8BD,MAAM,yBAAyB,GAAG,CAAC,CAAC,MAAM,CAAC;IACzC,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IAC1C,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IAChD,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IAChD,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACrC,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE;IACxC,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;CACnD,CAA0D,CAAA;AAE3D,MAAM,CAAC,MAAM,yBAAyB,GAAG,CAAC,CAAC,MAAM,CAAC;IAChD,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,gBAAgB,CAAC;IACjC,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC;IACtD,gBAAgB,EAAE,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC;IACxC,MAAM,EAAE,yBAAyB;CAClC,CAAgD,CAAA;AAEjD,MAAM,CAAC,MAAM,0BAA0B,GAAG,CAAC,CAAC,MAAM,CAAC;IACjD,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,iBAAiB,CAAC;IAClC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,kBAAkB,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC;CAC1D,CAAiD,CAAA;AAElD,MAAM,CAAC,MAAM,kBAAkB,GAAkC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAC3E,CAAC,CAAC,KAAK,CAAC;IACN,CAAC,CAAC,MAAM,EAAE;IACV,CAAC,CAAC,kBAAkB,CAAC,MAAM,EAAE;QAC3B,0BAA0B;QAC1B,yBAAyB;KAC1B,CAAC;CACH,CAAC,CACH,CAAA;AAED,8EAA8E;AAC9E,8EAA8E;AAC9E,8EAA8E;AAC9E,MAAM,mBAAmB,GAAG;IAC1B,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IAClC,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC9B,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACtC,GAAG,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACrC,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxC,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,YAAY,CAAC;IAChD,8DAA8D;IAC9D,4EAA4E;IAC5E,4EAA4E;IAC5E,4EAA4E;IAC5E,2EAA2E;IAC3E,uDAAuD;IACvD,eAAe,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC,CAAC,QAAQ,EAAE;IAC5D,aAAa,EAAE,kBAAkB,CAAC,OAAO,CAAC,SAAS,CAAC;IACpD,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,SAAS,EAAE,aAAa,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC;IACzE,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC9B,4EAA4E;IAC5E,2DAA2D;IAC3D,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC9B,QAAQ,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;CACrC,CAAA;AAED,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAAC;IACvC,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC;IAC7B,qEAAqE;IACrE,IAAI,EAAE,gBAAgB,CAAC,QAAQ,EAAE;IACjC,GAAG,mBAAmB;CACvB,CAAC,CAAA;AAEF,+EAA+E;AAC/E,0EAA0E;AAC1E,wEAAwE;AACxE,6DAA6D;AAC7D,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC;IACjC,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC;IACvB,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;IACpB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;IACjB,mEAAmE;IACnE,mBAAmB,EAAE,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC;IAC7C,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAClC,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,eAAe,CAAC;IACnD,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,SAAS,CAAC;IAC7C,2EAA2E;IAC3E,wEAAwE;IACxE,IAAI,EAAE,oBAAoB,CAAC,OAAO,CAAC,EAAE,CAAC;IACtC,GAAG,mBAAmB;CACvB,CAAC,CAAA;AAEF;;;;;GAKG;AACH,SAAS,uBAAuB,CAAC,GAAY;IAC3C,IAAI,GAAG,KAAK,IAAI,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;QAAE,OAAO,GAAG,CAAA;IAC7E,MAAM,GAAG,GAAG,GAA8B,CAAA;IAC1C,IAAI,GAAG,CAAC,IAAI,KAAK,SAAS;QAAE,OAAO,EAAE,GAAG,GAAG,EAAE,IAAI,EAAE,YAAY,EAAE,CAAA;IACjE,OAAO,GAAG,CAAA;AACZ,CAAC;AAED,MAAM,mBAAmB,GAAG,CAAC,CAAC,UAAU,CACtC,uBAAuB,EACvB,CAAC,CAAC,kBAAkB,CAAC,MAAM,EAAE,CAAC,uBAAuB,EAAE,iBAAiB,CAAC,CAAC,CAC3E,CAAC,WAAW,CAAC,CAAC,EAAE,EAAE,GAAG,EAAE,EAAE;IACxB,0EAA0E;IAC1E,gFAAgF;IAChF,IAAI,EAAE,CAAC,IAAI,KAAK,MAAM,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,cAAc,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC;QAClF,GAAG,CAAC,QAAQ,CAAC;YACX,IAAI,EAAE,CAAC,CAAC,YAAY,CAAC,MAAM;YAC3B,IAAI,EAAE,CAAC,MAAM,EAAE,gBAAgB,CAAC;YAChC,OAAO,EAAE,aAAa,EAAE,CAAC,QAAQ,uEAAuE;SACzG,CAAC,CAAA;IACJ,CAAC;AACH,CAAC,CAAC,CAAA;AAEF,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC;IAC9B,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;CACzC,CAAC,CAAA;AAEF,MAAM,CAAC,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC9C,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC9B,iBAAiB,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;CACnD,CAAC,CAAC,MAAM,EAAE,CAAC,MAAM,CAChB,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,OAAO,KAAK,SAAS,IAAI,GAAG,CAAC,iBAAiB,KAAK,SAAS,EACzE,EAAE,OAAO,EAAE,+DAA+D,EAAE,CAC7E,CAAA;AAID,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC;IACjC,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IAC1D,0BAA0B,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IACtD,sBAAsB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;IAC9D,qBAAqB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE;CAC9D,CAAC;KACC,MAAM,CACL,CAAC,EAAE,EAAE,EAAE;IACL,IAAI,CAAC,EAAE,CAAC,0BAA0B;QAAE,OAAO,IAAI,CAAA;IAC/C,OAAO,EAAE,CAAC,sBAAsB,KAAK,SAAS,IAAI,EAAE,CAAC,qBAAqB,KAAK,SAAS,CAAA;AAC1F,CAAC,EACD;IACE,OAAO,EACL,wGAAwG;CAC3G,CACF;KACA,MAAM,CACL,CAAC,EAAE,EAAE,EAAE;IACL,IAAI,EAAE,CAAC,sBAAsB,KAAK,SAAS,IAAI,EAAE,CAAC,qBAAqB,KAAK,SAAS,EAAE,CAAC;QACtF,OAAO,IAAI,CAAA;IACb,CAAC;IACD,OAAO,EAAE,CAAC,qBAAqB,IAAI,EAAE,CAAC,sBAAsB,CAAA;AAC9D,CAAC,EACD;IACE,OAAO,EAAE,4FAA4F;CACtG,CACF,CAAA;AAEH,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC;IAC9B,aAAa,EAAE,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC;IACrC,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC;IAChC,MAAM,EAAE,YAAY,CAAC,OAAO,CAAC,MAAM,CAAC;IACpC,QAAQ,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IACnC,kBAAkB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;IACzC,YAAY,EAAE,iBAAiB,CAAC,OAAO,CAAC,EAAE,CAAC;IAC3C,WAAW,EAAE,uBAAuB,CAAC,QAAQ,EAAE;CAChD,CAAC,CAAA;AAEF,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC,MAAM,CAAC;IACtC,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,QAAQ,EAAE,cAAc,CAAC,OAAO,CAAC,EAAE,CAAC;IACpC,eAAe,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAC/C,SAAS,EAAE,CAAC,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,QAAQ,EAAE;IAC9C,QAAQ,EAAE,CAAC,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC;IACnD,iBAAiB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;CAClD,CAAC,CAAA"}

package/dist/core/ack-store.d.ts

@@ -0,0 +1,109 @@
+/** Canonical finding_key format: sha1 hex. Exported so the CLI can validate
+ *  the same way before any path construction. */
+export declare const FINDING_KEY_RE: RegExp;
+export interface AckRecord {
+    finding_key: string;
+    normalized_location: string;
+    description_shingle: string[];
+    reason?: string;
+    created_at: string;
+}
+export type AckScope = 'project' | 'user';
+export interface AckMatch {
+    record: AckRecord;
+    match: 'exact' | 'fuzzy';
+    scope: AckScope;
+}
+export interface AckStoreOptions {
+    /**
+     * Project root whose ./.mmr/acks holds project-scoped (repo-committed) acks.
+     * Optional: when omitted, project-scope acks are disabled entirely
+     * (lookup/listAll ignore them and add(..,'project') throws). Callers
+     * reviewing an untrusted working tree should omit it unless the project acks
+     * are explicitly trusted.
+     */
+    projectRoot?: string;
+    /**
+     * The MMR state root that holds user-scoped acks at `<userRoot>/acks`. This
+     * is the same root as jobs/sessions (resolveSessionRoot(), i.e. MMR_HOME ??
+     * ~/.mmr), so user acks live beside jobs/ and sessions/ and honor MMR_HOME.
+     */
+    userRoot: string;
+    /**
+     * When set, project-scope ack reads come from this Git ref via `git show`
+     * (committed blobs) instead of the working tree — the §5-decision-1 trust
+     * boundary, so an untrusted PR can't self-suppress by adding working-tree
+     * acks. User-scope reads and all writes are unaffected.
+     */
+    configBaseRef?: string;
+}
+/**
+ * Build an AckStore for a review run. User-scope acks (`<userRoot>/acks`,
+ * userRoot = resolveSessionRoot(), MMR_HOME-aware) are always loaded — they
+ * live on the operator's own machine. Project-scope acks live in the reviewed
+ * tree, which may be untrusted (a PR checkout in CI), so they are loaded only
+ * when explicitly trusted — otherwise an attacker could commit
+ * `.mmr/acks/<sha>.json` to self-suppress their own findings. The full trusted
+ * path (loading project acks from a git base ref) is added by the trust-mode
+ * thread; until then this gates project acks behind trust_project_acks.
+ *
+ * The project root is discovered by walking up from `cwd` (default
+ * process.cwd()) to the repository root, so acks resolve correctly even when
+ * the command runs from a subdirectory. userRoot is supplied by the caller
+ * (resolveSessionRoot()); cwd is injectable for tests.
+ */
+export declare function buildReviewAckStore(opts: {
+    trustProjectAcks: boolean;
+    userRoot: string;
+    cwd?: string;
+    configBaseRef?: string;
+}): AckStore;
+export declare class AckStore {
+    private readonly projectDir;
+    private readonly userDir;
+    private readonly projectRootResolved;
+    private readonly userRootResolved;
+    private readonly configBaseRef;
+    private readonly loaded;
+    constructor(opts: AckStoreOptions);
+    private validateKey;
+    /**
+     * Returns the acks dir for a scope after verifying it does not escape its
+     * root via a symlinked ancestor. A leaf-only symlink check is not enough:
+     * project acks live in the untrusted reviewed tree, where `.mmr` or
+     * `.mmr/acks` could itself be a symlink redirecting every mkdir/read/write/
+     * unlink out of the sandbox. We realpath the deepest existing ancestor of
+     * the acks dir and require it to stay within the (realpath'd) root.
+     */
+    private dirForScope;
+    /** realpath of the deepest existing ancestor of `p` (p itself if it exists). */
+    private realDeepestAncestor;
+    private filePath;
+    add(record: AckRecord, scope: AckScope): void;
+    remove(key: string, scope: AckScope): void;
+    private readDir;
+    /**
+     * Read project-scope ack records from the configured base ref (committed
+     * blobs via git), not the working tree. Each file's embedded key must match
+     * its filename and the record must be shape-valid (isValidAckRecord), same as
+     * the working-tree path. git show returns blob content, so the FS symlink/
+     * traversal guards are unnecessary here; readFileAtRef caps the read size.
+     */
+    private readProjectRecordsFromRef;
+    private records;
+    /** Merge project and user acks; project shadows user on finding_key conflict. */
+    listAll(): AckRecord[];
+    /**
+     * Lookup an ack matching the given finding identity, applying the two-step
+     * rule from T2-D: (1) exact `finding_key` match (O(1) via the per-scope
+     * index); (2) fuzzy fallback only when normalized_location matches AND
+     * shingle Jaccard ≥ 0.7. Project scope shadows user scope.
+     */
+    lookup(finding: {
+        finding_key: string;
+        normalized_location: string;
+        shingle: string[];
+    }): AckMatch | undefined;
+    private fuzzyScan;
+}
+//# sourceMappingURL=ack-store.d.ts.map

package/dist/core/ack-store.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ack-store.d.ts","sourceRoot":"","sources":["../../src/core/ack-store.ts"],"names":[],"mappings":"AAQA;iDACiD;AACjD,eAAO,MAAM,cAAc,QAAmB,CAAA;AAQ9C,MAAM,WAAW,SAAS;IACxB,WAAW,EAAE,MAAM,CAAA;IACnB,mBAAmB,EAAE,MAAM,CAAA;IAC3B,mBAAmB,EAAE,MAAM,EAAE,CAAA;IAC7B,MAAM,CAAC,EAAE,MAAM,CAAA;IACf,UAAU,EAAE,MAAM,CAAA;CACnB;AAED,MAAM,MAAM,QAAQ,GAAG,SAAS,GAAG,MAAM,CAAA;AAEzC,MAAM,WAAW,QAAQ;IACvB,MAAM,EAAE,SAAS,CAAA;IACjB,KAAK,EAAE,OAAO,GAAG,OAAO,CAAA;IACxB,KAAK,EAAE,QAAQ,CAAA;CAChB;AAED,MAAM,WAAW,eAAe;IAC9B;;;;;;OAMG;IACH,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB;;;;OAIG;IACH,QAAQ,EAAE,MAAM,CAAA;IAChB;;;;;OAKG;IACH,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB;AAED;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE;IACxC,gBAAgB,EAAE,OAAO,CAAA;IACzB,QAAQ,EAAE,MAAM,CAAA;IAChB,GAAG,CAAC,EAAE,MAAM,CAAA;IACZ,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB,GAAG,QAAQ,CAWX;AA4BD,qBAAa,QAAQ;IACnB,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAoB;IAC/C,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAQ;IAChC,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAoB;IACxD,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAQ;IACzC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAoB;IAGlD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA6C;gBAExD,IAAI,EAAE,eAAe;IAajC,OAAO,CAAC,WAAW;IAMnB;;;;;;;OAOG;IACH,OAAO,CAAC,WAAW;IAqBnB,gFAAgF;IAChF,OAAO,CAAC,mBAAmB;IAU3B,OAAO,CAAC,QAAQ;IAYhB,GAAG,CAAC,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,QAAQ,GAAG,IAAI;IA0C7C,MAAM,CAAC,GAAG,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,GAAG,IAAI;IAa1C,OAAO,CAAC,OAAO;IAuCf;;;;;;OAMG;IACH,OAAO,CAAC,yBAAyB;IA6BjC,OAAO,CAAC,OAAO;IA0Bf,iFAAiF;IACjF,OAAO,IAAI,SAAS,EAAE;IAOtB;;;;;OAKG;IACH,MAAM,CAAC,OAAO,EAAE;QAAE,WAAW,EAAE,MAAM,CAAC;QAAC,mBAAmB,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,EAAE,CAAA;KAAE,GAAG,QAAQ,GAAG,SAAS;IAmB9G,OAAO,CAAC,SAAS;CAWlB"}