ai-saas-guard 0.20.0 → 0.22.0

package/README.md

@@ -73,11 +73,13 @@ The CLI is published on npm as `ai-saas-guard`, and the GitHub Action is availab
 | JSON and SARIF output | Available |
 | Composite GitHub Action | Available |
 | Project config | `.ai-saas-guard.json` rule toggles, severity overrides, and fail thresholds |
-| Versioned Action tags | `v0.20.0`, `v0` |
-| npm package | `ai-saas-guard@0.20.0` |
+| Versioned Action tags | `v0.22.0`, `v0` |
+| npm package | `ai-saas-guard@0.22.0` |
 | npm publishing | Trusted Publisher/OIDC, no long-lived publish token |
 | Runtime hardening | Per-file and total text scan caps, escaped markdown evidence, stricter hosted deployment blockers |
 | Hosted production adapters | GitHub App JWT signing, installation-token request planning, bounded worker execution, and terminal-state cleanup planning |
+| Hosted app skeleton | Node/container HTTP ingress, health route, worker tick, in-memory provider adapters, and deployment plan validation |
+| Hosted staging deployment planner | Provider binding, staging release-gate evidence, Node/container deployment composition, and GitHub App promotion gating |
 
 ## Quick Start
 
@@ -216,13 +218,17 @@ The hosted GitHub App deployment planner is documented in [docs/github-app-deplo
 
 The hosted production adapter layer is documented in [docs/hosted-production-adapters.md](docs/hosted-production-adapters.md). It exports `createHostedGitHubAppJwt`, `planHostedGitHubInstallationTokenRequest`, and `planHostedProductionWorkerExecution` from `ai-saas-guard/hosted/production-adapters`. It adds RS256 GitHub App JWT generation, selected-repository installation-token request plans, separate worker and Check Run token scopes, a fixed read-only worker command, bounded timeout and output budgets, compact JSON-only output, and cleanup plans for success, failure, timeout, and cancellation. It still does not expose a public hosted service by itself.
 
+The hosted Node/container app skeleton is documented in [docs/hosted-node-container-app.md](docs/hosted-node-container-app.md). It exports `createHostedHttpApp`, `createInMemoryHostedAppPlatform`, and `planHostedNodeContainerDeployment` from `ai-saas-guard/hosted/app`. It adds a safe `/healthz` route, signed `/github/webhook` ingress, one-job worker tick, in-memory provider adapters for tests, and deployment-plan validation for secret manager, queue, compact report store, worker sandbox, and GitHub Checks publisher references. It still does not deploy or expose a public hosted service by itself.
+
+The hosted staging deployment planner is documented in [docs/hosted-staging-deployment.md](docs/hosted-staging-deployment.md). It exports `planHostedProviderBinding`, `planHostedStagingDeployment`, and `planHostedGitHubAppPromotion` from `ai-saas-guard/hosted/staging`. It composes real provider references, the Node/container deployment plan, hosted operational release-gate evidence, and GitHub App deployment planning so staging and production promotion stay blocked until the required queue, store, worker sandbox, Check Run publisher, logs, metrics, rollback, and incident-response references are present. It still does not call a cloud provider, create a GitHub App, or expose a public hosted service by itself.
+
 The hosted operational release gate is documented in [docs/hosted-operational-release-gate.md](docs/hosted-operational-release-gate.md). It defines the hosted-specific CI, replay, queue, worker cleanup, privacy, monitoring, rollback, and incident-response evidence required before any hosted environment is exposed to users. The pure gate evaluator exported from `ai-saas-guard/hosted/contracts` blocks hosted exposure unless every P0 evidence item is fresh, a container digest is recorded, and release notes avoid pentest, certification, and full-audit claims.
 
 Hosted uninstall and data deletion behavior is documented in [docs/hosted-uninstall-data-deletion.md](docs/hosted-uninstall-data-deletion.md). It defines repository removal, full app uninstall, compact report deletion, queue cancellation, audit record retention, repeated cleanup, and user-facing deletion wording.
 
 Hosted pricing and packaging boundaries are documented in [docs/hosted-pricing-packaging.md](docs/hosted-pricing-packaging.md). Core local scanning stays useful without an account; hosted plans may add workflow convenience, saved reports, team policy, and optional human review, but they do not gate local CLI scanning.
 
-Hosted pre-implementation pure contracts are documented in [docs/hosted-preimplementation-contracts.md](docs/hosted-preimplementation-contracts.md). They now include a pull request webhook intake planner that verifies signatures before parsing or queueing, a durable scan queue planner that reuses queued, running, and completed jobs for the same trusted scan key, a worker read-only scan planner that fixes the CLI command and requires repository `contents: read`, and a Check Run publication planner that requires repository `checks: write` and builds bounded check-only payloads from compact reports. They also cover queue-safe webhook event parsing, bounded check-run summary rendering, idempotent queue cleanup planning, worker checkout cleanup planning, a retention/deletion cleanup planner, an operational release gate evaluator, and the production adapter plans needed for GitHub App auth and bounded worker execution. The service runtime composes these contracts behind replaceable adapters. PR comments remain a later workflow or paid hosted feature, not part of the hosted MVP contract.
+Hosted pre-implementation pure contracts are documented in [docs/hosted-preimplementation-contracts.md](docs/hosted-preimplementation-contracts.md). They now include a pull request webhook intake planner that verifies signatures before parsing or queueing, a durable scan queue planner that reuses queued, running, and completed jobs for the same trusted scan key, a worker read-only scan planner that fixes the CLI command and requires repository `contents: read`, and a Check Run publication planner that requires repository `checks: write` and builds bounded check-only payloads from compact reports. They also cover queue-safe webhook event parsing, bounded check-run summary rendering, idempotent queue cleanup planning, worker checkout cleanup planning, a retention/deletion cleanup planner, an operational release gate evaluator, the production adapter plans needed for GitHub App auth and bounded worker execution, the Node/container app skeleton needed for real provider wiring, and the staging deployment planner needed before production GitHub App promotion. The service runtime composes these contracts behind replaceable adapters. PR comments remain a later workflow or paid hosted feature, not part of the hosted MVP contract.
 
 A public hosted compact report schema fixture is available at [examples/hosted-compact-report.json](examples/hosted-compact-report.json). It is synthetic and public-safe: compact evidence only, no raw source, raw diffs, secrets, webhook payload bodies, customer payloads, private URLs, or worker checkout paths.
 
@@ -262,7 +268,7 @@ Use `suppressions` for narrower false-positive handling when one rule is noisy o
 
 ## GitHub Action
 
-The repo includes a composite Action. Use `v0` for the latest compatible pre-1.0 Action, a specific release tag such as `v0.20.0` for controlled upgrades, or pin a reviewed commit SHA for stricter supply-chain control:
+The repo includes a composite Action. Use `v0` for the latest compatible pre-1.0 Action, a specific release tag such as `v0.22.0` for controlled upgrades, or pin a reviewed commit SHA for stricter supply-chain control:
 
 ```yaml
 name: ai-saas-guard
@@ -392,7 +398,7 @@ Open-source core:
 
 Near-term priorities:
 
-- Wire the hosted production adapters to a real provider queue, secret manager, compact report store, and GitHub Checks API client.
+- Use the hosted staging deployment planner to bind real provider references, deploy a staging artifact, and collect webhook replay, Check Run, cleanup, monitoring, rollback, and incident-response evidence from that artifact.
 - Keep hosted exposure blocked until the operational release gate has fresh evidence from a deployed artifact.
 
 Potential paid layer later:

package/README.zh-CN.md

@@ -55,7 +55,7 @@ AI 能很快把一个 SaaS 从想法做成可运行的产品。真正难的是
 
 这个仓库是公开 GitHub 仓库。
 
-CLI 已发布到 npm：`ai-saas-guard@0.20.0`。GitHub Action 支持 `v0` 浮动标签，也支持固定版本标签，例如 `v0.20.0`。
+CLI 已发布到 npm：`ai-saas-guard@0.22.0`。GitHub Action 支持 `v0` 浮动标签，也支持固定版本标签，例如 `v0.22.0`。
 
 | 模块 | 状态 |
 | --- | --- |
@@ -66,11 +66,13 @@ CLI 已发布到 npm：`ai-saas-guard@0.20.0`。GitHub Action 支持 `v0` 浮动
 | Markdown PR summary | 已可用 |
 | GitHub Action | 已可用 |
 | 项目配置 | `.ai-saas-guard.json` 支持规则开关、severity 覆盖和 fail threshold |
-| 当前版本 | `0.20.0` |
-| Action 标签 | `v0.20.0`、`v0` |
+| 当前版本 | `0.22.0` |
+| Action 标签 | `v0.22.0`、`v0` |
 | npm 发布 | GitHub Actions Trusted Publisher/OIDC，无需长期 npm token |
 | 运行时加固 | 单文件和总扫描文本预算、markdown evidence 转义、更严格的 hosted deployment 阻断 |
 | Hosted production adapters | GitHub App JWT 签名、installation-token 请求规划、有边界的 worker 执行和终态 cleanup 规划 |
+| Hosted app skeleton | Node/container HTTP ingress、health route、worker tick、in-memory provider adapters 和 deployment plan 校验 |
+| Hosted staging deployment planner | provider binding、staging release-gate evidence、Node/container deployment 组合和 GitHub App promotion gating |
 
 ## 快速开始
 
@@ -251,6 +253,8 @@ jobs:
 - [docs/hosted-deployment-model.md](docs/hosted-deployment-model.md)
 - [docs/hosted-service-runtime.md](docs/hosted-service-runtime.md)
 - [docs/hosted-production-adapters.md](docs/hosted-production-adapters.md)
+- [docs/hosted-node-container-app.md](docs/hosted-node-container-app.md)
+- [docs/hosted-staging-deployment.md](docs/hosted-staging-deployment.md)
 - [docs/hosted-operational-release-gate.md](docs/hosted-operational-release-gate.md)
 - [docs/hosted-uninstall-data-deletion.md](docs/hosted-uninstall-data-deletion.md)
 - [docs/hosted-pricing-packaging.md](docs/hosted-pricing-packaging.md)
@@ -264,6 +268,8 @@ jobs:
 - hosted service runtime：`ai-saas-guard/hosted/service` 导出 `createHostedServiceRuntime`，把签名 webhook intake、幂等 queue upsert、read-only worker 编排、compact report 存储、Check Run 发布 adapter 和 worker cleanup 串成可测试的服务核心；它本身不部署公开 hosted 环境
 - GitHub App deployment planner：`ai-saas-guard/hosted/github-app` 导出 `planHostedGitHubAppDeployment`，生成 first slice 最小权限 manifest，并在 release gate、公开 HTTPS URL、container digest、secret 引用、原始 secret 输入、permission 或 event 不安全时阻止创建
 - Hosted production adapter layer：`ai-saas-guard/hosted/production-adapters` 导出 `createHostedGitHubAppJwt`、`planHostedGitHubInstallationTokenRequest` 和 `planHostedProductionWorkerExecution`，用于 GitHub App RS256 JWT、selected-repository installation token 请求规划、worker/check-run 分离 token scope、固定只读 worker 命令、timeout/output 预算、compact JSON-only 输出，以及 success/failure/timeout/cancellation 的 cleanup 规划；它本身仍然不部署公开 hosted 服务
+- Hosted Node/container app skeleton：`ai-saas-guard/hosted/app` 导出 `createHostedHttpApp`、`createInMemoryHostedAppPlatform` 和 `planHostedNodeContainerDeployment`，提供安全 `/healthz`、签名 `/github/webhook` ingress、单 job worker tick、测试用 in-memory provider adapters，以及 secret manager、queue、compact report store、worker sandbox、GitHub Checks publisher 的部署引用校验；它本身仍然不部署或暴露公开 hosted 服务
+- Hosted staging deployment planner：`ai-saas-guard/hosted/staging` 导出 `planHostedProviderBinding`、`planHostedStagingDeployment` 和 `planHostedGitHubAppPromotion`，把真实 provider 引用、Node/container deployment plan、hosted operational release-gate evidence 和 GitHub App deployment planning 组合起来；缺少 queue、store、worker sandbox、Check Run publisher、logs、metrics、rollback 或 incident-response 引用时，会阻止 staging exposure 和 production promotion；它本身仍然不会调用云平台、创建 GitHub App 或暴露公开 hosted 服务
 - webhook event parser
 - check-run summary renderer
 - Check Run publication planner：要求 repository `checks: write`，只从 compact report 生成有长度上限的 Check Run payload，包含 review categories、优先 review 文件、verification steps 和本地 CLI 复现命令；MVP 不发 PR comment
@@ -273,7 +279,7 @@ jobs:
 - operational release gate evaluator：检查 hosted 暴露前是否具备 fresh CI、webhook replay、workflow static check、dependency/container scan、cleanup、privacy、monitoring、rollback、incident response 和 release cleanup 证据；缺任何 P0 证据都会阻止 hosted exposure
 - hosted compact report fixture：[examples/hosted-compact-report.json](examples/hosted-compact-report.json)
 
-这些 helper 不会启动服务、不会直接调用 GitHub API、不会持久化 installation token、不会真实写 check run、不会发 PR comment，也不会上传源码。
+这些 helper 不会暴露公开服务、不会直接调用 GitHub API、不会持久化 installation token、不会真实写 check run、不会发 PR comment，也不会上传源码。
 
 ## 它不是什么
 

package/dist/hosted/app.d.ts

@@ -0,0 +1,144 @@
+import { type HostedCheckRunPublisher, type HostedCheckRunRequest, type HostedCompactReportStore, type HostedCompactReportStoreRecord, type HostedServiceQueueAdapter, type HostedServiceRuntime, type HostedServiceRuntimeOptions, type HostedServiceScanRunner } from "./service.js";
+export declare const HOSTED_NODE_CONTAINER_PLATFORM = "node_container";
+export declare const HOSTED_NODE_CONTAINER_ROLES: readonly ["webhook-ingress", "scan-worker"];
+type RepositoryIdSource = HostedServiceRuntimeOptions["selectedRepositoryIdsByInstallation"];
+export interface HostedAppHttpRequest {
+    method: string;
+    path: string;
+    headers: Record<string, string | string[] | undefined>;
+    body: string | Buffer;
+}
+export interface HostedAppHttpResponse {
+    status: number;
+    headers: {
+        "content-type": "application/json; charset=utf-8";
+    };
+    body: string;
+}
+export interface HostedHttpAppOptions {
+    runtime: HostedServiceRuntime;
+    webhookPath?: string;
+    healthPath?: string;
+}
+export interface HostedHttpApp {
+    handleHttpRequest(request: HostedAppHttpRequest): HostedAppHttpResponse;
+    runWorkerTick(): Promise<HostedAppWorkerTickResult>;
+}
+export type HostedAppWorkerTickResult = {
+    processed: false;
+    reason: "empty_queue";
+    platform: typeof HOSTED_NODE_CONTAINER_PLATFORM;
+    privacy: HostedAppResponsePrivacy;
+} | {
+    processed: true;
+    status: "completed";
+    checkRunPublished: boolean;
+    compactReportStored: boolean;
+    cleanupPlanned: boolean;
+    platform: typeof HOSTED_NODE_CONTAINER_PLATFORM;
+    privacy: HostedAppResponsePrivacy;
+} | {
+    processed: true;
+    status: "failed";
+    errorClass: "worker_plan_rejected" | "check_run_publication_rejected" | "scan_runner_failed";
+    reason?: string;
+    cleanupPlanned: boolean;
+    platform: typeof HOSTED_NODE_CONTAINER_PLATFORM;
+    privacy: HostedAppResponsePrivacy;
+};
+export interface HostedAppResponsePrivacy {
+    includesRawWebhookPayload: false;
+    includesUntrustedPrText: false;
+    includesRawSource: false;
+    includesRawDiffs: false;
+    includesSecrets: false;
+    includesCustomerPayloads: false;
+    includesPrivateCheckoutPath: false;
+    includesInstallationToken: false;
+}
+export interface InMemoryHostedAppPlatformOptions {
+    signingKey: string | Buffer;
+    scannerVersion: string;
+    selectedRepositoryIdsByInstallation: RepositoryIdSource;
+    removedRepositoryIdsByInstallation?: RepositoryIdSource;
+    scanRunner: HostedServiceScanRunner;
+    now?: () => string;
+}
+export interface InMemoryHostedAppPlatform {
+    app: HostedHttpApp;
+    adapters: {
+        queue: HostedServiceQueueAdapter;
+        compactReportStore: HostedCompactReportStore & {
+            records: HostedCompactReportStoreRecord[];
+        };
+        checkRunPublisher: HostedCheckRunPublisher & {
+            requests: HostedCheckRunRequest[];
+        };
+    };
+    platform: typeof HOSTED_NODE_CONTAINER_PLATFORM;
+    roles: typeof HOSTED_NODE_CONTAINER_ROLES;
+}
+export interface HostedNodeContainerDeploymentSecretRefs {
+    githubAppId: string;
+    githubAppPrivateKey: string;
+    githubWebhookSecret: string;
+}
+export interface HostedNodeContainerDeploymentInput {
+    environment: string;
+    publicBaseUrl: string;
+    containerImageDigest: string;
+    secretRefs: HostedNodeContainerDeploymentSecretRefs;
+    queueRef: string;
+    compactReportStoreRef: string;
+    workerSandboxRef: string;
+    checkRunPublisherRef: string;
+    rawPrivateKey?: string;
+    rawWebhookSecret?: string;
+    rawInstallationToken?: string;
+    rawSource?: string;
+    rawDiff?: string;
+    secretValues?: string[];
+    customerPayload?: unknown;
+}
+export interface HostedNodeContainerDeploymentPlan {
+    readyToDeploy: boolean;
+    blockedReasons: string[];
+    platform: typeof HOSTED_NODE_CONTAINER_PLATFORM;
+    roles: typeof HOSTED_NODE_CONTAINER_ROLES;
+    environment: string;
+    containerImageDigest: string;
+    endpoints: {
+        webhookUrl: string;
+        healthUrl: string;
+    };
+    adapters: {
+        secretManager: "platform_secret_manager";
+        queue: string;
+        compactReportStore: string;
+        workerSandbox: string;
+        checkRunPublisher: string;
+    };
+    runtime: {
+        httpIngress: "node_http";
+        worker: "node_worker";
+        localCliNoNetwork: true;
+        rawSourcePersistence: false;
+        rawDiffPersistence: false;
+        secretPersistence: false;
+        customerPayloadPersistence: false;
+    };
+    privacy: {
+        includesPrivateKey: false;
+        includesWebhookSecret: false;
+        includesInstallationToken: false;
+        includesRawSource: false;
+        includesRawDiffs: false;
+        includesSecrets: false;
+        includesCustomerPayloads: false;
+        includesPrivateUrls: false;
+    };
+}
+export declare function createHostedHttpApp(options: HostedHttpAppOptions): HostedHttpApp;
+export declare function createInMemoryHostedAppPlatform(options: InMemoryHostedAppPlatformOptions): InMemoryHostedAppPlatform;
+export declare function planHostedNodeContainerDeployment(input: HostedNodeContainerDeploymentInput): HostedNodeContainerDeploymentPlan;
+export {};

package/dist/hosted/app.js

@@ -0,0 +1,311 @@
+import { createHostedServiceRuntime, createInMemoryHostedServiceAdapters } from "./service.js";
+export const HOSTED_NODE_CONTAINER_PLATFORM = "node_container";
+export const HOSTED_NODE_CONTAINER_ROLES = ["webhook-ingress", "scan-worker"];
+export function createHostedHttpApp(options) {
+    const webhookPath = options.webhookPath ?? "/github/webhook";
+    const healthPath = options.healthPath ?? "/healthz";
+    return {
+        handleHttpRequest(request) {
+            if (request.path === healthPath) {
+                return request.method.toUpperCase() === "GET"
+                    ? jsonResponse(200, {
+                        ok: true,
+                        platform: HOSTED_NODE_CONTAINER_PLATFORM,
+                        roles: [...HOSTED_NODE_CONTAINER_ROLES],
+                        privacy: appResponsePrivacy()
+                    })
+                    : jsonResponse(405, methodNotAllowedBody(["GET"]));
+            }
+            if (request.path !== webhookPath) {
+                return jsonResponse(404, {
+                    accepted: false,
+                    reason: "not_found",
+                    platform: HOSTED_NODE_CONTAINER_PLATFORM,
+                    privacy: appResponsePrivacy()
+                });
+            }
+            if (request.method.toUpperCase() !== "POST") {
+                return jsonResponse(405, methodNotAllowedBody(["POST"]));
+            }
+            const result = options.runtime.handlePullRequestWebhook({
+                payload: request.body,
+                signatureHeader: headerValue(request.headers, "x-hub-signature-256"),
+                deliveryId: headerValue(request.headers, "x-github-delivery"),
+                manualRerun: headerValue(request.headers, "x-ai-saas-guard-manual-rerun") === "true"
+            });
+            return jsonResponse(result.accepted ? 202 : 400, safeWebhookResponse(result));
+        },
+        async runWorkerTick() {
+            return safeWorkerTickResult(await options.runtime.runNextQueuedScan());
+        }
+    };
+}
+export function createInMemoryHostedAppPlatform(options) {
+    const adapters = createInMemoryHostedServiceAdapters();
+    const runtime = createHostedServiceRuntime({
+        signingKey: options.signingKey,
+        scannerVersion: options.scannerVersion,
+        selectedRepositoryIdsByInstallation: options.selectedRepositoryIdsByInstallation,
+        removedRepositoryIdsByInstallation: options.removedRepositoryIdsByInstallation,
+        queue: adapters.queue,
+        compactReportStore: adapters.compactReportStore,
+        checkRunPublisher: adapters.checkRunPublisher,
+        scanRunner: options.scanRunner,
+        now: options.now
+    });
+    return {
+        app: createHostedHttpApp({ runtime }),
+        adapters,
+        platform: HOSTED_NODE_CONTAINER_PLATFORM,
+        roles: HOSTED_NODE_CONTAINER_ROLES
+    };
+}
+export function planHostedNodeContainerDeployment(input) {
+    const blockedReasons = [
+        ...publicBaseUrlBlockedReasons(input.publicBaseUrl),
+        ...containerDigestBlockedReasons(input.containerImageDigest),
+        ...secretRefBlockedReasons(input.secretRefs),
+        ...adapterRefBlockedReasons(input),
+        ...rawInputBlockedReasons(input)
+    ];
+    const publicBaseUrl = isSafePublicHttpsUrl(input.publicBaseUrl)
+        ? normalizePublicBaseUrl(input.publicBaseUrl)
+        : "";
+    return {
+        readyToDeploy: blockedReasons.length === 0,
+        blockedReasons,
+        platform: HOSTED_NODE_CONTAINER_PLATFORM,
+        roles: HOSTED_NODE_CONTAINER_ROLES,
+        environment: input.environment,
+        containerImageDigest: input.containerImageDigest,
+        endpoints: {
+            webhookUrl: publicBaseUrl ? `${publicBaseUrl}/github/webhook` : "",
+            healthUrl: publicBaseUrl ? `${publicBaseUrl}/healthz` : ""
+        },
+        adapters: {
+            secretManager: "platform_secret_manager",
+            queue: safeAdapterRef(input.queueRef, "queue:"),
+            compactReportStore: safeAdapterRef(input.compactReportStoreRef, "store:"),
+            workerSandbox: safeAdapterRef(input.workerSandboxRef, "sandbox:"),
+            checkRunPublisher: safeAdapterRef(input.checkRunPublisherRef, "github-checks:")
+        },
+        runtime: {
+            httpIngress: "node_http",
+            worker: "node_worker",
+            localCliNoNetwork: true,
+            rawSourcePersistence: false,
+            rawDiffPersistence: false,
+            secretPersistence: false,
+            customerPayloadPersistence: false
+        },
+        privacy: {
+            includesPrivateKey: false,
+            includesWebhookSecret: false,
+            includesInstallationToken: false,
+            includesRawSource: false,
+            includesRawDiffs: false,
+            includesSecrets: false,
+            includesCustomerPayloads: false,
+            includesPrivateUrls: false
+        }
+    };
+}
+function safeWebhookResponse(result) {
+    return {
+        accepted: result.accepted,
+        stage: result.stage,
+        ...(result.reason === undefined ? {} : { reason: result.reason }),
+        ...(result.deliveryId === undefined ? {} : { deliveryId: result.deliveryId }),
+        queuedWorker: result.queueDecision?.shouldEnqueueWorker ?? false,
+        shouldCreateCheckRun: result.shouldCreateCheckRun,
+        shouldCreatePrComment: false,
+        platform: HOSTED_NODE_CONTAINER_PLATFORM,
+        privacy: appResponsePrivacy()
+    };
+}
+function safeWorkerTickResult(result) {
+    if (!result.processed) {
+        return {
+            processed: false,
+            reason: "empty_queue",
+            platform: HOSTED_NODE_CONTAINER_PLATFORM,
+            privacy: appResponsePrivacy()
+        };
+    }
+    if (result.status === "completed") {
+        return {
+            processed: true,
+            status: "completed",
+            checkRunPublished: result.checkRunPublication.shouldWriteCheckRun,
+            compactReportStored: true,
+            cleanupPlanned: result.cleanup.shouldDeleteWorkerCheckout,
+            platform: HOSTED_NODE_CONTAINER_PLATFORM,
+            privacy: appResponsePrivacy()
+        };
+    }
+    return {
+        processed: true,
+        status: "failed",
+        errorClass: result.errorClass,
+        ...(result.reason === undefined ? {} : { reason: result.reason }),
+        cleanupPlanned: result.cleanup?.shouldDeleteWorkerCheckout ?? false,
+        platform: HOSTED_NODE_CONTAINER_PLATFORM,
+        privacy: appResponsePrivacy()
+    };
+}
+function jsonResponse(status, body) {
+    return {
+        status,
+        headers: {
+            "content-type": "application/json; charset=utf-8"
+        },
+        body: JSON.stringify(body)
+    };
+}
+function methodNotAllowedBody(allowed) {
+    return {
+        accepted: false,
+        reason: "method_not_allowed",
+        allowed,
+        platform: HOSTED_NODE_CONTAINER_PLATFORM,
+        privacy: appResponsePrivacy()
+    };
+}
+function appResponsePrivacy() {
+    return {
+        includesRawWebhookPayload: false,
+        includesUntrustedPrText: false,
+        includesRawSource: false,
+        includesRawDiffs: false,
+        includesSecrets: false,
+        includesCustomerPayloads: false,
+        includesPrivateCheckoutPath: false,
+        includesInstallationToken: false
+    };
+}
+function headerValue(headers, name) {
+    const lowerName = name.toLowerCase();
+    for (const [key, value] of Object.entries(headers)) {
+        if (key.toLowerCase() !== lowerName) {
+            continue;
+        }
+        return Array.isArray(value) ? value[0] : value;
+    }
+    return undefined;
+}
+function publicBaseUrlBlockedReasons(publicBaseUrl) {
+    return isSafePublicHttpsUrl(publicBaseUrl) ? [] : ["invalid_public_base_url"];
+}
+function containerDigestBlockedReasons(containerImageDigest) {
+    return /^sha256:[a-f0-9]{64}$/i.test(containerImageDigest)
+        ? []
+        : ["invalid_container_image_digest"];
+}
+function secretRefBlockedReasons(secretRefs) {
+    const reasons = [];
+    for (const key of ["githubAppId", "githubAppPrivateKey", "githubWebhookSecret"]) {
+        const ref = secretRefs[key].trim();
+        if (!ref) {
+            reasons.push(`missing_secret_ref:${key}`);
+        }
+        else if (!isValidSecretRef(ref)) {
+            reasons.push(`invalid_secret_ref:${key}`);
+        }
+    }
+    return reasons;
+}
+function adapterRefBlockedReasons(input) {
+    const adapterRefs = {
+        queue: { value: input.queueRef, prefix: "queue:" },
+        compactReportStore: { value: input.compactReportStoreRef, prefix: "store:" },
+        workerSandbox: { value: input.workerSandboxRef, prefix: "sandbox:" },
+        checkRunPublisher: { value: input.checkRunPublisherRef, prefix: "github-checks:" }
+    };
+    const reasons = [];
+    for (const [key, ref] of Object.entries(adapterRefs)) {
+        const value = ref.value.trim();
+        if (!value) {
+            reasons.push(`missing_adapter_ref:${key}`);
+        }
+        else if (!value.startsWith(ref.prefix)) {
+            reasons.push(`invalid_adapter_ref:${key}`);
+        }
+    }
+    return reasons;
+}
+function rawInputBlockedReasons(input) {
+    const reasons = [];
+    for (const key of ["rawPrivateKey", "rawWebhookSecret", "rawInstallationToken"]) {
+        if (typeof input[key] === "string" && input[key].trim()) {
+            reasons.push(`raw_secret_material:${key}`);
+        }
+    }
+    for (const key of ["rawSource", "rawDiff"]) {
+        if (typeof input[key] === "string" && input[key].trim()) {
+            reasons.push(`raw_source_material:${key}`);
+        }
+    }
+    if (Array.isArray(input.secretValues) && input.secretValues.some((value) => value.trim())) {
+        reasons.push("raw_secret_material:secretValues");
+    }
+    if (input.customerPayload !== undefined && input.customerPayload !== null) {
+        reasons.push("raw_customer_payload:customerPayload");
+    }
+    return reasons;
+}
+function safeAdapterRef(value, prefix) {
+    const ref = value.trim();
+    return ref.startsWith(prefix) ? ref : "";
+}
+function isValidSecretRef(value) {
+    return /^secret:[A-Za-z0-9._:/@-]+$/.test(value);
+}
+function normalizePublicBaseUrl(publicBaseUrl) {
+    return publicBaseUrl.trim().replace(/\/+$/, "");
+}
+function isSafePublicHttpsUrl(value) {
+    try {
+        const url = new URL(value);
+        return url.protocol === "https:" && !isUnsafeHostedHostname(url.hostname);
+    }
+    catch {
+        return false;
+    }
+}
+function isUnsafeHostedHostname(hostname) {
+    const normalized = normalizeHostname(hostname);
+    return (normalized === "localhost" ||
+        normalized.endsWith(".localhost") ||
+        isUnsafeIpv4Hostname(normalized) ||
+        isUnsafeIpv6Hostname(normalized));
+}
+function normalizeHostname(hostname) {
+    const lower = hostname.toLowerCase().replace(/\.$/, "");
+    return lower.startsWith("[") && lower.endsWith("]") ? lower.slice(1, -1) : lower;
+}
+function isUnsafeIpv4Hostname(hostname) {
+    const parts = hostname.split(".");
+    if (parts.length !== 4 || !parts.every((part) => /^\d+$/.test(part))) {
+        return false;
+    }
+    const octets = parts.map((part) => Number(part));
+    if (octets.some((octet) => !Number.isInteger(octet) || octet < 0 || octet > 255)) {
+        return false;
+    }
+    const [first, second] = octets;
+    return (first === 0 ||
+        first === 10 ||
+        first === 127 ||
+        (first === 169 && second === 254) ||
+        (first === 172 && second >= 16 && second <= 31) ||
+        (first === 192 && second === 168) ||
+        (first === 100 && second >= 64 && second <= 127) ||
+        first >= 224);
+}
+function isUnsafeIpv6Hostname(hostname) {
+    return (hostname === "::" ||
+        hostname === "::1" ||
+        hostname.startsWith("fc") ||
+        hostname.startsWith("fd") ||
+        hostname.startsWith("fe80:"));
+}