auditor-lambda 0.8.0 → 0.9.0

package/dist/orchestrator/staleness.js

@@ -1,5 +1,5 @@
 import { getArtifactValue } from "../io/artifacts.js";
-import { ARTIFACT_DEPENDENCY_MAP } from "./dependencyMap.js";
+import { ARTIFACT_DEPENDENTS_MAP } from "./dependencyMap.js";
 import { present } from "./artifactMetadata.js";
 import { buildReverseDependencyMap, hashArtifactValue, stableStringify, } from "./artifactFreshness.js";
 function computeContentHash(artifactName, bundle) {
@@ -54,7 +54,7 @@ export function computeStaleArtifacts(bundle) {
                 stale.add(artifactName);
         }
     }
-    for (const [upstream, downstreamList] of Object.entries(ARTIFACT_DEPENDENCY_MAP)) {
+    for (const [upstream, downstreamList] of Object.entries(ARTIFACT_DEPENDENTS_MAP)) {
         if (upstream === "tooling_manifest.json" && !present(bundle, upstream)) {
             continue;
         }
@@ -70,7 +70,7 @@ export function computeStaleArtifacts(bundle) {
     let changed = true;
     while (changed) {
         changed = false;
-        for (const [upstream, downstreamList] of Object.entries(ARTIFACT_DEPENDENCY_MAP)) {
+        for (const [upstream, downstreamList] of Object.entries(ARTIFACT_DEPENDENTS_MAP)) {
             if (!stale.has(upstream)) {
                 continue;
             }

package/dist/orchestrator/structureExecutors.d.ts

@@ -0,0 +1,5 @@
+import type { ArtifactBundle } from "../io/artifacts.js";
+import type { ExecutorRunResult } from "./executorResult.js";
+export declare function runStructureExecutor(bundle: ArtifactBundle, root?: string): Promise<ExecutorRunResult>;
+export declare function runDesignAssessmentExecutor(bundle: ArtifactBundle): ExecutorRunResult;
+export declare function runDesignReviewAutoComplete(bundle: ArtifactBundle): ExecutorRunResult;

package/dist/orchestrator/structureExecutors.js

@@ -0,0 +1,94 @@
+import { buildFileDisposition } from "../extractors/disposition.js";
+import { buildGraphBundle, buildGraphBundleFromFs, } from "../extractors/graph.js";
+import { buildCriticalFlowManifest } from "../extractors/flows.js";
+import { buildRiskRegister } from "../extractors/risk.js";
+import { buildSurfaceManifest } from "../extractors/surfaces.js";
+import { buildUnitManifest } from "./unitBuilder.js";
+import { buildDesignAssessment } from "../extractors/designAssessment.js";
+export async function runStructureExecutor(bundle, root) {
+    if (!bundle.repo_manifest) {
+        throw new Error("Cannot run structure executor without repo_manifest");
+    }
+    const externalAnalyzerResults = bundle.external_analyzer_results;
+    const disposition = bundle.file_disposition ?? buildFileDisposition(bundle.repo_manifest);
+    const unitManifest = buildUnitManifest(bundle.repo_manifest, disposition);
+    const graphBundle = root
+        ? await buildGraphBundleFromFs(bundle.repo_manifest, root, disposition, {
+            externalAnalyzerResults,
+        })
+        : buildGraphBundle(bundle.repo_manifest, disposition, {
+            externalAnalyzerResults,
+        });
+    const surfaceManifest = buildSurfaceManifest(bundle.repo_manifest, disposition, { graphBundle });
+    const criticalFlows = buildCriticalFlowManifest(bundle.repo_manifest, surfaceManifest, disposition);
+    const riskRegister = buildRiskRegister(unitManifest, criticalFlows, externalAnalyzerResults);
+    return {
+        updated: {
+            ...bundle,
+            file_disposition: disposition,
+            unit_manifest: unitManifest,
+            surface_manifest: surfaceManifest,
+            graph_bundle: graphBundle,
+            critical_flows: criticalFlows,
+            risk_register: riskRegister,
+        },
+        artifacts_written: [
+            "file_disposition.json",
+            "unit_manifest.json",
+            "surface_manifest.json",
+            "graph_bundle.json",
+            "critical_flows.json",
+            "risk_register.json",
+        ],
+        progress_summary: `Built structure artifacts for ${unitManifest.units.length} units and ${criticalFlows.flows.length} critical flows.` +
+            (criticalFlows.fallback_required
+                ? " Deterministic flow inference did not fully meet the confidence bar."
+                : ""),
+    };
+}
+export function runDesignAssessmentExecutor(bundle) {
+    if (!bundle.unit_manifest ||
+        !bundle.graph_bundle ||
+        !bundle.critical_flows ||
+        !bundle.risk_register) {
+        throw new Error("Cannot run design assessment executor without structure artifacts");
+    }
+    const designAssessment = buildDesignAssessment({
+        unitManifest: bundle.unit_manifest,
+        graphBundle: bundle.graph_bundle,
+        criticalFlows: bundle.critical_flows,
+        riskRegister: bundle.risk_register,
+    });
+    const previous = bundle.design_assessment;
+    if (previous?.reviewed) {
+        designAssessment.reviewed = true;
+        designAssessment.review_findings = previous.review_findings ?? [];
+    }
+    return {
+        updated: {
+            ...bundle,
+            design_assessment: designAssessment,
+        },
+        artifacts_written: ["design_assessment.json"],
+        progress_summary: `Design assessment complete: ${designAssessment.findings.length} structural finding(s).`,
+    };
+}
+export function runDesignReviewAutoComplete(bundle) {
+    const existing = bundle.design_assessment;
+    if (!existing) {
+        throw new Error("Cannot auto-complete design review without design_assessment artifact");
+    }
+    const updated = {
+        ...existing,
+        reviewed: true,
+        review_findings: existing.review_findings ?? [],
+    };
+    return {
+        updated: {
+            ...bundle,
+            design_assessment: updated,
+        },
+        artifacts_written: ["design_assessment.json"],
+        progress_summary: "Design review auto-completed (host-agent review available via next-step).",
+    };
+}

package/dist/orchestrator/taskBuilder.d.ts

@@ -7,8 +7,8 @@ export interface UnitLineIndex {
 export interface BuildChunkedTaskOptions {
     /**
      * Line count above which a single file gets its own task rather than being
-     * grouped with the rest of its unit. Default: 3000. Set to 0 to disable
-     * splitting entirely.
+     * grouped with the rest of its unit. Default: `DEFAULT_FILE_SPLIT_THRESHOLD`
+     * (5000). Set to 0 to disable splitting entirely.
      */
     file_split_threshold?: number;
     /**

package/dist/orchestrator/taskBuilder.js

@@ -40,6 +40,97 @@ const DEFAULT_MAX_TASK_LINES = 3000;
 const DEFAULT_MAX_TASK_FILES = 15;
 const DEFAULT_TINY_TEST_FILE_LINES = 250;
 const TINY_TEST_UNIT_ID = "tests-tiny-files";
+// Split a flat list of file paths into review-task-sized chunks, bounded by both
+// an aggregate line budget and a max file count. Hoisted out of
+// `buildChunkedAuditTasks` so it no longer closes over the loop's locals; the
+// line index and limits are passed in explicitly.
+function chunkByTaskBudget(filePaths, unitLineIndex, limits) {
+    const { maxTaskLines, maxTaskFiles } = limits;
+    if (filePaths.length === 0) {
+        return [];
+    }
+    if (maxTaskLines <= 0 && maxTaskFiles <= 0) {
+        return [filePaths];
+    }
+    const chunks = [];
+    let current = [];
+    let currentLines = 0;
+    for (const path of filePaths) {
+        const lineCount = unitLineIndex[path] ?? 0;
+        const wouldExceedFiles = maxTaskFiles > 0 && current.length >= maxTaskFiles;
+        const wouldExceedLines = maxTaskLines > 0 &&
+            current.length > 0 &&
+            currentLines + lineCount > maxTaskLines;
+        if (wouldExceedFiles || wouldExceedLines) {
+            chunks.push(current);
+            current = [];
+            currentLines = 0;
+        }
+        current.push(path);
+        currentLines += lineCount;
+    }
+    if (current.length > 0) {
+        chunks.push(current);
+    }
+    return chunks;
+}
+// Emit one or more audit tasks for a scope/lens. Normal-sized files are grouped
+// into budget-bounded chunks; files over `fileSplitThreshold` get their own
+// isolated task. Hoisted to module scope: the per-call mutable accumulators
+// (`tasks`, `seen`) and budget config are now explicit parameters instead of
+// captured closure state.
+function addTaskBlock(params, context) {
+    const { tasks, seen, unitLineIndex, fileSplitThreshold, budgetLimits } = context;
+    const oversizedFiles = fileSplitThreshold > 0
+        ? params.filePaths.filter((path) => (unitLineIndex[path] ?? 0) > fileSplitThreshold)
+        : [];
+    const oversizedSet = new Set(oversizedFiles);
+    const normalFiles = params.filePaths.filter((path) => !oversizedSet.has(path));
+    const normalChunks = chunkByTaskBudget(normalFiles, unitLineIndex, budgetLimits);
+    for (let index = 0; index < normalChunks.length; index++) {
+        const chunk = normalChunks[index];
+        const splitKind = normalChunks.length > 1 ? "budget" : "none";
+        const taskId = splitKind === "budget"
+            ? `${params.scopeId}:${params.lens}:part-${index + 1}`
+            : `${params.scopeId}:${params.lens}`;
+        if (!seen.has(taskId)) {
+            seen.add(taskId);
+            tasks.push({
+                task_id: taskId,
+                unit_id: params.unitId,
+                pass_id: params.passId,
+                lens: params.lens,
+                file_paths: chunk,
+                rationale: params.rationale(chunk, splitKind),
+                priority: params.priority,
+                tags: splitKind === "budget"
+                    ? [...new Set([...params.tags, "line_budget_split"])]
+                    : params.tags.length > 0
+                        ? params.tags
+                        : undefined,
+            });
+        }
+    }
+    for (const filePath of oversizedFiles) {
+        const taskId = `${params.scopeId}:${params.lens}:${filePath}`;
+        if (seen.has(taskId)) {
+            continue;
+        }
+        seen.add(taskId);
+        tasks.push({
+            task_id: taskId,
+            unit_id: params.unitId,
+            pass_id: params.passId,
+            lens: params.lens,
+            file_paths: [filePath],
+            rationale: params.rationale([filePath], "large_file"),
+            priority: params.priority,
+            tags: params.tags.length > 0
+                ? [...new Set([...params.tags, "large_file"])]
+                : ["large_file"],
+        });
+    }
+}
 function buildCoverageIndex(coverageMatrix) {
     return new Map(coverageMatrix.files.map((file) => [file.path, file]));
 }
@@ -94,86 +185,14 @@ export function buildChunkedAuditTasks(coverageMatrix, unitLineIndex, options =
             pendingByLens.set(lens, pending);
         }
     }
-    function chunkByTaskBudget(filePaths) {
-        if (filePaths.length === 0) {
-            return [];
-        }
-        if (maxTaskLines <= 0 && maxTaskFiles <= 0) {
-            return [filePaths];
-        }
-        const chunks = [];
-        let current = [];
-        let currentLines = 0;
-        for (const path of filePaths) {
-            const lineCount = unitLineIndex[path] ?? 0;
-            const wouldExceedFiles = maxTaskFiles > 0 && current.length >= maxTaskFiles;
-            const wouldExceedLines = maxTaskLines > 0 &&
-                current.length > 0 &&
-                currentLines + lineCount > maxTaskLines;
-            if (wouldExceedFiles || wouldExceedLines) {
-                chunks.push(current);
-                current = [];
-                currentLines = 0;
-            }
-            current.push(path);
-            currentLines += lineCount;
-        }
-        if (current.length > 0) {
-            chunks.push(current);
-        }
-        return chunks;
-    }
-    function addTaskBlock(params) {
-        const oversizedFiles = fileSplitThreshold > 0
-            ? params.filePaths.filter((path) => (unitLineIndex[path] ?? 0) > fileSplitThreshold)
-            : [];
-        const oversizedSet = new Set(oversizedFiles);
-        const normalFiles = params.filePaths.filter((path) => !oversizedSet.has(path));
-        const normalChunks = chunkByTaskBudget(normalFiles);
-        for (let index = 0; index < normalChunks.length; index++) {
-            const chunk = normalChunks[index];
-            const splitKind = normalChunks.length > 1 ? "budget" : "none";
-            const taskId = splitKind === "budget"
-                ? `${params.scopeId}:${params.lens}:part-${index + 1}`
-                : `${params.scopeId}:${params.lens}`;
-            if (!seen.has(taskId)) {
-                seen.add(taskId);
-                tasks.push({
-                    task_id: taskId,
-                    unit_id: params.unitId,
-                    pass_id: params.passId,
-                    lens: params.lens,
-                    file_paths: chunk,
-                    rationale: params.rationale(chunk, splitKind),
-                    priority: params.priority,
-                    tags: splitKind === "budget"
-                        ? [...new Set([...params.tags, "line_budget_split"])]
-                        : params.tags.length > 0
-                            ? params.tags
-                            : undefined,
-                });
-            }
-        }
-        for (const filePath of oversizedFiles) {
-            const taskId = `${params.scopeId}:${params.lens}:${filePath}`;
-            if (seen.has(taskId)) {
-                continue;
-            }
-            seen.add(taskId);
-            tasks.push({
-                task_id: taskId,
-                unit_id: params.unitId,
-                pass_id: params.passId,
-                lens: params.lens,
-                file_paths: [filePath],
-                rationale: params.rationale([filePath], "large_file"),
-                priority: params.priority,
-                tags: params.tags.length > 0
-                    ? [...new Set([...params.tags, "large_file"])]
-                    : ["large_file"],
-            });
-        }
-    }
+    const budgetLimits = { maxTaskLines, maxTaskFiles };
+    const taskBlockContext = {
+        tasks,
+        seen,
+        unitLineIndex,
+        fileSplitThreshold,
+        budgetLimits,
+    };
     const assigned = new Set();
     const flowBlocks = options.critical_flows
         ? claimFlowReviewBlocks(options.critical_flows, pendingByLens, assigned)
@@ -195,7 +214,7 @@ export function buildChunkedAuditTasks(coverageMatrix, unitLineIndex, options =
                 : splitKind === "budget"
                     ? `Audit part of critical flow ${block.flow_id} (${filePaths.length} file${filePaths.length === 1 ? "" : "s"}) under the ${block.lens} lens.${hasExternalSignal ? " External analyzer signals raise priority." : ""}`
                     : `Audit critical flow ${block.flow_id} (${filePaths.length} file${filePaths.length === 1 ? "" : "s"}) under the ${block.lens} lens.${hasExternalSignal ? " External analyzer signals raise priority." : ""}`,
-        });
+        }, taskBlockContext);
     }
     const groupedRemainders = new Map();
     for (const lens of LENS_ORDER) {
@@ -246,7 +265,7 @@ export function buildChunkedAuditTasks(coverageMatrix, unitLineIndex, options =
                 : splitKind === "budget"
                     ? `Audit part of ${block.unitId} (${filePaths.length} file${filePaths.length === 1 ? "" : "s"}) under the ${block.lens} lens.${hasExternalSignal ? " External analyzer signals raise priority." : ""}`
                     : `Audit ${block.unitId} (${filePaths.length} file${filePaths.length === 1 ? "" : "s"}) under the ${block.lens} lens.${hasExternalSignal ? " External analyzer signals raise priority." : ""}`,
-        });
+        }, taskBlockContext);
     }
     return tasks.sort((a, b) => {
         const priorityDelta = priorityRank(b.priority) - priorityRank(a.priority);

package/dist/providers/index.d.ts

@@ -1,4 +1,11 @@
 import type { FreshSessionProvider, ResolvedProviderName, SessionConfig } from "@audit-tools/shared";
+/**
+ * Auto-resolution and provider wiring are single-sourced in `@audit-tools/shared`.
+ * This module is a thin audit-code-specific adapter: it injects audit-code's own
+ * `ClaudeCodeProvider`/`OpenCodeProvider` (whose prompt delivery and
+ * skip-permissions semantics differ from the remediator's) and attributes the
+ * auto-fallback warning to `audit-code`.
+ */
 export declare function resolveFreshSessionProviderName(name: string | undefined, sessionConfig?: SessionConfig, options?: {
     env?: NodeJS.ProcessEnv;
     commandExists?: (command: string) => boolean;

package/dist/providers/index.js

@@ -1,101 +1,20 @@
-import { spawnSync } from "node:child_process";
-import { LocalSubprocessProvider } from "./localSubprocessProvider.js";
-import { SubprocessTemplateProvider } from "./subprocessTemplateProvider.js";
+import { createFreshSessionProvider as createSharedFreshSessionProvider, resolveFreshSessionProviderName as resolveSharedFreshSessionProviderName, } from "@audit-tools/shared";
 import { ClaudeCodeProvider } from "./claudeCodeProvider.js";
 import { OpenCodeProvider } from "./opencodeProvider.js";
-import { VSCodeTaskProvider } from "./vscodeTaskProvider.js";
-function hasEntries(values) {
-    return (values?.length ?? 0) > 0;
-}
-function hasConfiguredClaudeCode(sessionConfig) {
-    return (Boolean(sessionConfig.claude_code?.command?.trim()) ||
-        hasEntries(sessionConfig.claude_code?.extra_args) ||
-        sessionConfig.claude_code?.dangerously_skip_permissions === true);
-}
-function hasConfiguredOpenCode(sessionConfig) {
-    return (Boolean(sessionConfig.opencode?.command?.trim()) ||
-        hasEntries(sessionConfig.opencode?.extra_args));
-}
-function commandExists(command) {
-    const lookupCommand = process.platform === "win32" ? "where" : "which";
-    const result = spawnSync(lookupCommand, [command], { stdio: "ignore" });
-    return result.status === 0;
-}
+/**
+ * Auto-resolution and provider wiring are single-sourced in `@audit-tools/shared`.
+ * This module is a thin audit-code-specific adapter: it injects audit-code's own
+ * `ClaudeCodeProvider`/`OpenCodeProvider` (whose prompt delivery and
+ * skip-permissions semantics differ from the remediator's) and attributes the
+ * auto-fallback warning to `audit-code`.
+ */
 export function resolveFreshSessionProviderName(name, sessionConfig = {}, options = {}) {
-    const requestedProvider = name ?? sessionConfig.provider;
-    const shouldAutoDetect = requestedProvider === undefined ||
-        requestedProvider === "auto" ||
-        (name === undefined && requestedProvider === "local-subprocess");
-    if (!shouldAutoDetect) {
-        return requestedProvider;
-    }
-    const env = options.env ?? process.env;
-    const lookupCommand = options.commandExists ?? commandExists;
-    const inVSCode = (env.TERM_PROGRAM ?? "").toLowerCase() === "vscode";
-    const insideClaudeCode = Boolean(env.CLAUDECODE);
-    const insideOpenCode = Boolean(env.OPENCODE);
-    // If we're inside a specific IDE/conversation, use that as the provider
-    if (insideOpenCode) {
-        return "opencode";
-    }
-    if (insideClaudeCode) {
-        return "claude-code";
-    }
-    if (inVSCode && hasEntries(sessionConfig.vscode_task?.command_template)) {
-        return "vscode-task";
-    }
-    if (hasEntries(sessionConfig.subprocess_template?.command_template)) {
-        return "subprocess-template";
-    }
-    const claudeCommand = sessionConfig.claude_code?.command ?? "claude";
-    const opencodeCommand = sessionConfig.opencode?.command ?? "opencode";
-    const claudeAvailable = !insideClaudeCode && lookupCommand(claudeCommand);
-    const opencodeAvailable = lookupCommand(opencodeCommand);
-    if (!insideClaudeCode && hasConfiguredClaudeCode(sessionConfig) && claudeAvailable) {
-        return "claude-code";
-    }
-    if (hasConfiguredOpenCode(sessionConfig) && opencodeAvailable) {
-        return "opencode";
-    }
-    if (claudeAvailable && !opencodeAvailable) {
-        return "claude-code";
-    }
-    if (opencodeAvailable && !claudeAvailable) {
-        return "opencode";
-    }
-    return "local-subprocess";
+    return resolveSharedFreshSessionProviderName(name, sessionConfig, options);
 }
 export function createFreshSessionProvider(name, sessionConfig = {}) {
-    const providerName = resolveFreshSessionProviderName(name, sessionConfig);
-    const opentoken = sessionConfig.opentoken ?? {};
-    const requestedProvider = name ?? sessionConfig.provider;
-    const autoDetectionRequested = requestedProvider === undefined ||
-        requestedProvider === "auto" ||
-        (name === undefined && requestedProvider === "local-subprocess");
-    if (providerName === "local-subprocess" &&
-        autoDetectionRequested) {
-        process.stderr.write("audit-code: auto provider resolved to local-subprocess — no capable agent provider detected. " +
-            "Agent tasks will require manual dispatch. Configure claude-code, opencode, or subprocess-template " +
-            "in session-config.json to automate them.\n");
-    }
-    switch (providerName) {
-        case "local-subprocess":
-            return new LocalSubprocessProvider();
-        case "subprocess-template":
-            if (!sessionConfig.subprocess_template?.command_template?.length) {
-                throw new Error("subprocess-template provider requires session-config.json with subprocess_template.command_template.");
-            }
-            return new SubprocessTemplateProvider(sessionConfig.subprocess_template, undefined, opentoken);
-        case "claude-code":
-            return new ClaudeCodeProvider(sessionConfig.claude_code, undefined, opentoken);
-        case "opencode":
-            return new OpenCodeProvider(sessionConfig.opencode, opentoken);
-        case "vscode-task":
-            if (!sessionConfig.vscode_task?.command_template?.length) {
-                throw new Error("vscode-task provider requires session-config.json with vscode_task.command_template.");
-            }
-            return new VSCodeTaskProvider(sessionConfig.vscode_task, opentoken);
-        default:
-            throw new Error(`Unknown provider: ${providerName}`);
-    }
+    return createSharedFreshSessionProvider(name, sessionConfig, {
+        orchestratorName: "audit-code",
+        createClaudeCodeProvider: (config, opentoken) => new ClaudeCodeProvider(config, undefined, opentoken),
+        createOpenCodeProvider: (config, opentoken) => new OpenCodeProvider(config, opentoken),
+    });
 }

package/dist/quota/discoveredLimits.d.ts

@@ -7,6 +7,7 @@ export interface DiscoveredRateLimits {
 export interface DiscoveredLimitsCacheEntry {
     requests_per_minute?: number;
     input_tokens_per_minute?: number;
+    output_tokens_per_minute?: number;
     discovered_at: string;
     source: string;
 }

package/dist/quota/discoveredLimits.js

@@ -41,6 +41,9 @@ export async function updateDiscoveredLimits(providerModelKey, limits) {
     if (limits.input_tokens_per_minute != null) {
         entry.input_tokens_per_minute = limits.input_tokens_per_minute;
     }
+    if (limits.output_tokens_per_minute != null) {
+        entry.output_tokens_per_minute = limits.output_tokens_per_minute;
+    }
     cache.entries[providerModelKey] = entry;
     await writeDiscoveredLimitsCache(cache);
 }
@@ -49,11 +52,14 @@ export async function lookupDiscoveredLimits(providerModelKey) {
     const entry = cache.entries[providerModelKey];
     if (!entry)
         return null;
-    if (entry.requests_per_minute == null && entry.input_tokens_per_minute == null)
+    if (entry.requests_per_minute == null &&
+        entry.input_tokens_per_minute == null &&
+        entry.output_tokens_per_minute == null)
         return null;
     return {
         requests_per_minute: entry.requests_per_minute ?? null,
         input_tokens_per_minute: entry.input_tokens_per_minute ?? null,
+        output_tokens_per_minute: entry.output_tokens_per_minute ?? null,
         source: entry.source,
     };
 }

package/dist/quota/index.d.ts

@@ -4,8 +4,6 @@ export type { LimitResolutionResult, ResolveLimitsOptions, ProviderType, Resolve
 export { scheduleWave, buildProviderModelKey, resolveHostModel } from "@audit-tools/shared";
 export type { ScheduleWaveOptions } from "@audit-tools/shared";
 export { detectHostActiveSubagentLimit, resolveHostActiveSubagentLimit, } from "./hostLimits.js";
-export { probeProvider } from "./probe.js";
-export type { ProbeResult } from "./probe.js";
 export { lookupDiscoveredLimits, updateDiscoveredLimits, mergeDiscoveredLimits, readDiscoveredLimitsCache, writeDiscoveredLimitsCache, } from "./discoveredLimits.js";
 export type { DiscoveredRateLimits, DiscoveredLimitsCache, DiscoveredLimitsCacheEntry } from "./discoveredLimits.js";
 export { extractRateLimitHeaders } from "./headerExtraction.js";

package/dist/quota/index.js

@@ -4,9 +4,8 @@ export { resolveLimits, lookupKnownModel, classifyProvider, readQuotaState, writ
 // both orchestrators). Auditor passes its discovered-limits via the structural
 // DiscoveredRateLimitsInput the shared scheduler accepts.
 export { scheduleWave, buildProviderModelKey, resolveHostModel } from "@audit-tools/shared";
-// Auditor-specific: probe, discovered limits, header extraction
+// Auditor-specific: discovered limits, header extraction
 export { detectHostActiveSubagentLimit, resolveHostActiveSubagentLimit, } from "./hostLimits.js";
-export { probeProvider } from "./probe.js";
 export { lookupDiscoveredLimits, updateDiscoveredLimits, mergeDiscoveredLimits, readDiscoveredLimitsCache, writeDiscoveredLimitsCache, } from "./discoveredLimits.js";
 export { extractRateLimitHeaders } from "./headerExtraction.js";
 export { GenericHeaderExtractor, ClaudeCodeHeaderExtractor, getHeaderExtractorForProvider } from "./headerExtractors/index.js";

package/dist/reporting/workBlocks.js

@@ -54,14 +54,17 @@ function computeDependencies(params) {
         }
     }
     for (const flow of params.criticalFlows?.flows ?? []) {
-        const flowBlocks = new Set();
+        // Order blocks by first appearance along the flow path so dependency
+        // direction follows the flow's traversal order, not block-id lexical order.
+        const ordered = [];
+        const seen = new Set();
         for (const path of flow.paths) {
             const blockId = blockByFile.get(path);
-            if (blockId) {
-                flowBlocks.add(blockId);
+            if (blockId && !seen.has(blockId)) {
+                seen.add(blockId);
+                ordered.push(blockId);
             }
         }
-        const ordered = [...flowBlocks].sort();
         for (let i = 1; i < ordered.length; i++) {
             dependsOn.get(ordered[i - 1])?.add(ordered[i]);
         }

package/dist/types/reviewPlanning.d.ts

@@ -36,6 +36,28 @@ export interface ReviewPacket {
     rationale: string;
     estimated_tokens: number;
 }
+/**
+ * Aggregate quality signals for a planned set of review packets — cohesion,
+ * boundary-crossing counts, and the weakly-explained-packet diagnostics. Promoted
+ * from an inline anonymous object on {@link AuditPlanMetrics} so it can be named
+ * and referenced.
+ */
+export interface PacketQuality {
+    average_cohesion_score: number;
+    boundary_crossing_count: number;
+    merge_edge_kind_counts: Record<string, number>;
+    boundary_edge_kind_counts: Record<string, number>;
+    orphan_task_count: number;
+    high_fan_in_file_count: number;
+    high_fan_out_file_count: number;
+    weakly_explained_gap_counts: Record<WeaklyExplainedPacketSample["primary_gap"], number>;
+    weakly_explained_file_extension_counts: Record<string, number>;
+    weakly_explained_packet_count: number;
+    weakly_explained_packet_ids: string[];
+    weakly_explained_packet_samples: WeaklyExplainedPacketSample[];
+    largest_unexplained_packet_id?: string;
+    largest_unexplained_packet_files: number;
+}
 export interface AuditPlanMetrics {
     generated_at: string;
     task_count: number;
@@ -55,22 +77,7 @@ export interface AuditPlanMetrics {
     largest_packet_id?: string;
     lens_task_counts: Partial<Record<Lens, number>>;
     priority_task_counts: Record<NonNullable<AuditTask["priority"]>, number>;
-    packet_quality: {
-        average_cohesion_score: number;
-        boundary_crossing_count: number;
-        merge_edge_kind_counts: Record<string, number>;
-        boundary_edge_kind_counts: Record<string, number>;
-        orphan_task_count: number;
-        high_fan_in_file_count: number;
-        high_fan_out_file_count: number;
-        weakly_explained_gap_counts: Record<WeaklyExplainedPacketSample["primary_gap"], number>;
-        weakly_explained_file_extension_counts: Record<string, number>;
-        weakly_explained_packet_count: number;
-        weakly_explained_packet_ids: string[];
-        weakly_explained_packet_samples: WeaklyExplainedPacketSample[];
-        largest_unexplained_packet_id?: string;
-        largest_unexplained_packet_files: number;
-    };
+    packet_quality: PacketQuality;
     packet_size: {
         single_task_packets: number;
         multi_task_packets: number;