npm - avorelo - Versions diffs - 0.1.0 - Mend

avorelo 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (258) hide show

package/LICENSE +21 -0
package/README.md +56 -0
package/bin/avorelo +9 -0
package/package.json +135 -0
package/scripts/README.md +40 -0
package/scripts/cco-dashboard.js +252 -0
package/scripts/cco-status.js +430 -0
package/scripts/lib/activation/account-state.js +37 -0
package/scripts/lib/activation/activation-runner.js +546 -0
package/scripts/lib/activation/activation-self-healing.js +480 -0
package/scripts/lib/activation/activation-state.js +83 -0
package/scripts/lib/activation/activation-summary.js +191 -0
package/scripts/lib/activation/adapters/claude-code.js +77 -0
package/scripts/lib/activation/adapters/codex-cli.js +52 -0
package/scripts/lib/activation/adapters/cursor.js +37 -0
package/scripts/lib/activation/adapters/github-agent.js +39 -0
package/scripts/lib/activation/adapters/terminal.js +42 -0
package/scripts/lib/activation/adapters/vscode.js +39 -0
package/scripts/lib/activation/adapters/windsurf.js +37 -0
package/scripts/lib/activation/ai-surface-detector.js +151 -0
package/scripts/lib/activation/connect-account.js +145 -0
package/scripts/lib/activation/detect-environment.js +75 -0
package/scripts/lib/activation/detect-hosts.js +62 -0
package/scripts/lib/activation/format-activation-output.js +109 -0
package/scripts/lib/activation/next-action.js +43 -0
package/scripts/lib/activation/repair-engine.js +219 -0
package/scripts/lib/activation-distribution-readiness.js +507 -0
package/scripts/lib/adapter-conformance.js +176 -0
package/scripts/lib/adapter-readiness.js +417 -0
package/scripts/lib/adapter-safety-boundaries.js +335 -0
package/scripts/lib/adapter-technical-readiness-gate.js +205 -0
package/scripts/lib/agent-access-governance.js +455 -0
package/scripts/lib/agent-enforcement.js +765 -0
package/scripts/lib/agent-policy-profile.js +210 -0
package/scripts/lib/agent-security/action-evaluator.js +507 -0
package/scripts/lib/agent-security/adapter-registry.js +98 -0
package/scripts/lib/agent-security/auto-policy.js +139 -0
package/scripts/lib/agent-security/bounded-scan.js +93 -0
package/scripts/lib/agent-security/enforcement-adapter.js +174 -0
package/scripts/lib/agent-security/enforcement-engine.js +1129 -0
package/scripts/lib/agent-security/file-write-adapter.js +183 -0
package/scripts/lib/agent-security/file-write-rules.js +178 -0
package/scripts/lib/agent-security/index.js +3342 -0
package/scripts/lib/agent-security/instruction-risk.js +181 -0
package/scripts/lib/agent-security/mcp-action-adapter.js +185 -0
package/scripts/lib/agent-security/mcp-action-rules.js +184 -0
package/scripts/lib/agent-security/package-action-adapter.js +175 -0
package/scripts/lib/agent-security/package-action-rules.js +233 -0
package/scripts/lib/agent-security/performance.js +148 -0
package/scripts/lib/agent-security/permission-minimizer.js +403 -0
package/scripts/lib/agent-security/scan-cache.js +74 -0
package/scripts/lib/agent-security/source-trust.js +146 -0
package/scripts/lib/ai-install-prompt.js +288 -0
package/scripts/lib/ai-workspace-hygiene.js +1499 -0
package/scripts/lib/alpha-activation.js +520 -0
package/scripts/lib/alpha-feedback.js +263 -0
package/scripts/lib/alpha-readiness-gate.js +332 -0
package/scripts/lib/anti-gaming.js +169 -0
package/scripts/lib/artifact-health.js +431 -0
package/scripts/lib/attribution.js +180 -0
package/scripts/lib/audit.js +289 -0
package/scripts/lib/avorelo-skill-registry.js +810 -0
package/scripts/lib/batch-jobs.js +71 -0
package/scripts/lib/brain-pack.js +578 -0
package/scripts/lib/brand-boundary.js +424 -0
package/scripts/lib/brand.js +74 -0
package/scripts/lib/browser-capability.js +1048 -0
package/scripts/lib/browser-proof-preflight.js +321 -0
package/scripts/lib/cache-readiness.js +187 -0
package/scripts/lib/canonical-reentry.js +162 -0
package/scripts/lib/capability-packs.js +314 -0
package/scripts/lib/capability-recommender.js +512 -0
package/scripts/lib/capability-registry.js +1059 -0
package/scripts/lib/carry-forward-surfacing.js +194 -0
package/scripts/lib/ccusage-adapter.js +188 -0
package/scripts/lib/company-loop.js +1149 -0
package/scripts/lib/config.js +637 -0
package/scripts/lib/context-acquisition-plan.js +287 -0
package/scripts/lib/context-budget-guard.js +170 -0
package/scripts/lib/context-budget-scanner.js +257 -0
package/scripts/lib/context-optimizer.js +715 -0
package/scripts/lib/context-reduction-plan.js +178 -0
package/scripts/lib/context-safety.js +88 -0
package/scripts/lib/context-savings-engine.js +158 -0
package/scripts/lib/cost-evidence.js +254 -0
package/scripts/lib/cross-host-install-plan.js +308 -0
package/scripts/lib/cross-host-install-readiness.js +237 -0
package/scripts/lib/cross-host-value-flow.js +268 -0
package/scripts/lib/dashboard.js +900 -0
package/scripts/lib/design-partner-feedback.js +346 -0
package/scripts/lib/entitlements.js +100 -0
package/scripts/lib/execution-packet.js +559 -0
package/scripts/lib/experimentation-events.js +547 -0
package/scripts/lib/external-capability-compliance.js +107 -0
package/scripts/lib/external-user-simulation.js +166 -0
package/scripts/lib/failure-recovery-readiness.js +81 -0
package/scripts/lib/failure-recovery.js +419 -0
package/scripts/lib/feedback-intelligence.js +537 -0
package/scripts/lib/feedback-signals.js +205 -0
package/scripts/lib/file-integrity.js +68 -0
package/scripts/lib/fsx.js +127 -0
package/scripts/lib/full-readiness-gate.js +451 -0
package/scripts/lib/guidance-builder.js +174 -0
package/scripts/lib/hook-apply.js +1019 -0
package/scripts/lib/hook-baseline.js +310 -0
package/scripts/lib/hook-config-preview.js +275 -0
package/scripts/lib/hook-contracts.js +290 -0
package/scripts/lib/hook-safety-boundary-readiness.js +80 -0
package/scripts/lib/host-capability-matrix.js +351 -0
package/scripts/lib/host-support-context.js +254 -0
package/scripts/lib/http-hook-action.js +538 -0
package/scripts/lib/install-ai-readiness.js +84 -0
package/scripts/lib/install-intake-risk.js +1037 -0
package/scripts/lib/install-journey-intelligence.js +329 -0
package/scripts/lib/intervention-guidance.js +57 -0
package/scripts/lib/known-limitations.js +115 -0
package/scripts/lib/l8-path-truth.js +146 -0
package/scripts/lib/launch-hardening-gate.js +436 -0
package/scripts/lib/launch-readiness.js +628 -0
package/scripts/lib/learning-memory.js +686 -0
package/scripts/lib/lifecycle-hooks.js +802 -0
package/scripts/lib/local-package-smoke.js +423 -0
package/scripts/lib/local-pricing.js +299 -0
package/scripts/lib/mcp-enforcement.js +311 -0
package/scripts/lib/mcp-least-privilege-policy.js +303 -0
package/scripts/lib/mcp-tool-inventory.js +388 -0
package/scripts/lib/mcp-tool-risk.js +0 -0
package/scripts/lib/memory.js +335 -0
package/scripts/lib/metrics.js +699 -0
package/scripts/lib/micro-proof.js +133 -0
package/scripts/lib/next-run-context.js +436 -0
package/scripts/lib/operating-value.js +1648 -0
package/scripts/lib/optimization-v3.js +122 -0
package/scripts/lib/orchestration/adapters/_shared.js +49 -0
package/scripts/lib/orchestration/adapters/aider.js +18 -0
package/scripts/lib/orchestration/adapters/claude-code.js +35 -0
package/scripts/lib/orchestration/adapters/codex.js +35 -0
package/scripts/lib/orchestration/adapters/gemini-cli.js +18 -0
package/scripts/lib/orchestration/adapters/git.js +25 -0
package/scripts/lib/orchestration/adapters/index.js +31 -0
package/scripts/lib/orchestration/adapters/lm-studio.js +18 -0
package/scripts/lib/orchestration/adapters/ollama.js +18 -0
package/scripts/lib/orchestration/adapters/opencode.js +18 -0
package/scripts/lib/orchestration/adapters/openrouter.js +18 -0
package/scripts/lib/orchestration/adapters/test-runner.js +25 -0
package/scripts/lib/orchestration/cli.js +438 -0
package/scripts/lib/orchestration/execution-manager.js +279 -0
package/scripts/lib/orchestration/handoff.js +314 -0
package/scripts/lib/orchestration/index.js +456 -0
package/scripts/lib/orchestration/inventory.js +47 -0
package/scripts/lib/orchestration/model-discovery.js +498 -0
package/scripts/lib/orchestration/model-profiler.js +170 -0
package/scripts/lib/orchestration/model-profiles.js +252 -0
package/scripts/lib/orchestration/model-refresh-policy.js +72 -0
package/scripts/lib/orchestration/proof-writer.js +349 -0
package/scripts/lib/orchestration/provider-discovery/aider.js +49 -0
package/scripts/lib/orchestration/provider-discovery/claude-code.js +56 -0
package/scripts/lib/orchestration/provider-discovery/codex.js +49 -0
package/scripts/lib/orchestration/provider-discovery/common.js +186 -0
package/scripts/lib/orchestration/provider-discovery/gemini.js +106 -0
package/scripts/lib/orchestration/provider-discovery/lm-studio.js +118 -0
package/scripts/lib/orchestration/provider-discovery/models-dev.js +12 -0
package/scripts/lib/orchestration/provider-discovery/ollama.js +100 -0
package/scripts/lib/orchestration/provider-discovery/opencode.js +47 -0
package/scripts/lib/orchestration/provider-discovery/openrouter.js +44 -0
package/scripts/lib/orchestration/risk-classifier.js +130 -0
package/scripts/lib/orchestration/routing-policy.js +486 -0
package/scripts/lib/orchestration/settings.js +112 -0
package/scripts/lib/orchestration/state.js +165 -0
package/scripts/lib/orchestration/verification-manager.js +138 -0
package/scripts/lib/output-profiles.js +146 -0
package/scripts/lib/package-content-audit.js +368 -0
package/scripts/lib/package-runtime.js +278 -0
package/scripts/lib/plan-surface.js +53 -0
package/scripts/lib/plans.js +2318 -0
package/scripts/lib/policy-provider.js +27 -0
package/scripts/lib/prelaunch-activation-readiness.js +409 -0
package/scripts/lib/prelaunch-evidence-store.js +816 -0
package/scripts/lib/prelaunch-intelligence.js +869 -0
package/scripts/lib/pricing-experiment.js +118 -0
package/scripts/lib/pro-moment-events.js +77 -0
package/scripts/lib/pro-moment-state.js +227 -0
package/scripts/lib/pro-moments.js +1216 -0
package/scripts/lib/product-learning-events.js +629 -0
package/scripts/lib/project-profile.js +555 -0
package/scripts/lib/prompt-compiler.js +280 -0
package/scripts/lib/prompt-lint.js +32 -0
package/scripts/lib/prompt-suggestions.js +52 -0
package/scripts/lib/proof-canonical.js +398 -0
package/scripts/lib/proof-drilldown.js +383 -0
package/scripts/lib/proof-events.js +342 -0
package/scripts/lib/proof-history.js +243 -0
package/scripts/lib/proof-metrics.js +296 -0
package/scripts/lib/proof-outcome-evidence.js +134 -0
package/scripts/lib/proof-receipt.js +335 -0
package/scripts/lib/proof-record.js +461 -0
package/scripts/lib/public-activation-distribution-gate.js +258 -0
package/scripts/lib/public-cli.js +3891 -0
package/scripts/lib/public-distribution-truth.js +211 -0
package/scripts/lib/public-install-claim-checker.js +294 -0
package/scripts/lib/publish-provenance-readiness.js +283 -0
package/scripts/lib/readiness-delta.js +218 -0
package/scripts/lib/readiness-evidence-closure.js +196 -0
package/scripts/lib/reentry-memory-capture.js +241 -0
package/scripts/lib/reentry-memory-retrieval.js +302 -0
package/scripts/lib/reentry-memory-status.js +146 -0
package/scripts/lib/reentry-memory-store.js +178 -0
package/scripts/lib/reentry-state.js +66 -0
package/scripts/lib/release-candidate-bundle.js +166 -0
package/scripts/lib/remediation.js +81 -0
package/scripts/lib/repo-map.js +391 -0
package/scripts/lib/run-improvements-lifecycle.js +330 -0
package/scripts/lib/run-improvements.js +789 -0
package/scripts/lib/runtime-decision-policy.js +387 -0
package/scripts/lib/safe-path-engine.js +705 -0
package/scripts/lib/safe-run-controller.js +887 -0
package/scripts/lib/score.js +262 -0
package/scripts/lib/seamless-enforcement.js +329 -0
package/scripts/lib/seamless-outcome.js +689 -0
package/scripts/lib/seamless-reality-gate.js +5043 -0
package/scripts/lib/security-risk-classifier.js +511 -0
package/scripts/lib/security-scan.js +384 -0
package/scripts/lib/session-context-optimizer.js +1211 -0
package/scripts/lib/session-timing.js +315 -0
package/scripts/lib/skill-hygiene.js +805 -0
package/scripts/lib/skill-packs.js +161 -0
package/scripts/lib/skills-operating-layer.js +580 -0
package/scripts/lib/smart-work-routing.js +768 -0
package/scripts/lib/source-catalog.js +700 -0
package/scripts/lib/status-value-summary.js +32 -0
package/scripts/lib/support-bundle.js +578 -0
package/scripts/lib/task-continuation.js +440 -0
package/scripts/lib/test-helpers.js +15 -0
package/scripts/lib/tier.js +38 -0
package/scripts/lib/token-context-quality-gate.js +370 -0
package/scripts/lib/token-cost-capture.js +187 -0
package/scripts/lib/token-cost-intelligence.js +358 -0
package/scripts/lib/token-efficiency-evidence.js +213 -0
package/scripts/lib/token-evidence.js +699 -0
package/scripts/lib/tokenish.js +17 -0
package/scripts/lib/tool-output-sandbox.js +304 -0
package/scripts/lib/trust-audit.js +136 -0
package/scripts/lib/unified-events.js +396 -0
package/scripts/lib/upgrade-interruption-recovery.js +407 -0
package/scripts/lib/usage-ledger.js +201 -0
package/scripts/lib/value-ledger.js +130 -0
package/scripts/lib/value-proof-calibration.js +531 -0
package/scripts/lib/visual-qa.js +231 -0
package/scripts/lib/voice-alpha.js +29 -0
package/scripts/lib/work-aware-orchestration.js +976 -0
package/scripts/lib/work-control-receipts.js +577 -0
package/scripts/lib/work-ledger.js +1123 -0
package/scripts/lib/work-panel-preview.js +352 -0
package/scripts/lib/workflow-discipline.js +280 -0
package/scripts/lib/workflow-signals.js +419 -0
package/scripts/lib/workspace-map.js +281 -0
package/scripts/lib/workspace-registry.js +1367 -0
package/scripts/lib/workspace-resolver.js +480 -0

package/scripts/lib/session-timing.js ADDED Viewed

@@ -0,0 +1,315 @@
+"use strict";
+// ── Session Timing Evidence v1 ────────────────────────────────────────────────
+//
+// Records and derives timing events for Avorelo sessions.
+// Timing is EVIDENCE — not savings. Duration does not automatically become
+// "time saved". Activation timing is readiness timing, not savings timing.
+// No network. No secrets.
+const fs = require("fs");
+const path = require("path");
+const crypto = require("crypto");
+const SCHEMA_VERSION = 1;
+const CONTRACT = "avorelo.sessionTiming.v1";
+const SESSION_TIMING_DIR_REL = ".claude/cco/orchestration/session-timing";
+const SESSION_TIMING_LATEST_REL = ".claude/cco/orchestration/session-timing/latest-session-timing.json";
+const SESSION_TIMING_EVENTS_REL = ".claude/cco/events/session-timing.jsonl";
+// Receipt paths to read timestamps from
+const ACTIVATION_STATE_REL = ".claude/cco/state/activation.json";
+const SESSION_CONTEXT_REL = ".claude/cco/orchestration/session-context/latest-context.json";
+const OPERATING_VALUE_REL = ".claude/cco/orchestration/operating-value/latest-value.json";
+const PROOF_REL = ".claude/cco/receipts/latest-proof.json";
+const WORK_CONTROL_REL = ".claude/cco/orchestration/work-control/latest-receipt.json";
+function shortId() {
+  return crypto.randomBytes(4).toString("hex");
+}
+function nowIso() {
+  return new Date().toISOString();
+}
+function ensureDirFor(filePath) {
+  const dir = path.dirname(filePath);
+  if (!fs.existsSync(dir)) fs.mkdirSync(dir, { recursive: true });
+}
+function safeReadJson(filePath) {
+  try {
+    if (!fs.existsSync(filePath)) return null;
+    return JSON.parse(fs.readFileSync(filePath, "utf8"));
+  } catch {
+    return null;
+  }
+}
+function fileModTimeIso(filePath) {
+  try {
+    if (!fs.existsSync(filePath)) return null;
+    return new Date(fs.statSync(filePath).mtimeMs).toISOString();
+  } catch {
+    return null;
+  }
+}
+function parseIso(s) {
+  if (!s) return null;
+  const d = new Date(s);
+  return isNaN(d.getTime()) ? null : d.getTime();
+}
+function diffMs(startIso, endIso) {
+  const s = parseIso(startIso);
+  const e = parseIso(endIso);
+  if (s === null || e === null) return null;
+  const diff = e - s;
+  return diff >= 0 ? diff : null;
+}
+// ── Read timing events from existing orchestration artifacts ──────────────────
+function gatherTimingEvents(cwd) {
+  const events = [];
+  // Activation event — from activation state file or its mtime
+  const activationPath = path.resolve(cwd, ACTIVATION_STATE_REL);
+  const activationData = safeReadJson(activationPath);
+  const activationTs = (activationData && (activationData.createdAt || activationData.activatedAt))
+    || fileModTimeIso(activationPath);
+  if (activationTs) {
+    events.push({
+      event: "activation_completed",
+      timestamp: activationTs,
+      source: activationData ? "activation_state_json" : "file_mtime",
+      sessionId: activationData && activationData.activationId || null,
+      evidencePath: ACTIVATION_STATE_REL,
+    });
+  }
+  // Session context handoff event
+  const scPath = path.resolve(cwd, SESSION_CONTEXT_REL);
+  const scData = safeReadJson(scPath);
+  const scTs = (scData && scData.createdAt) || fileModTimeIso(scPath);
+  if (scTs) {
+    events.push({
+      event: "session_context_generated",
+      timestamp: scTs,
+      source: scData ? "session_context_json" : "file_mtime",
+      sessionId: scData && scData.contextId || null,
+      evidencePath: SESSION_CONTEXT_REL,
+    });
+  }
+  // Work control receipt event
+  const wcPath = path.resolve(cwd, WORK_CONTROL_REL);
+  const wcData = safeReadJson(wcPath);
+  const wcTs = (wcData && wcData.createdAt) || fileModTimeIso(wcPath);
+  if (wcTs) {
+    events.push({
+      event: "work_control_receipt_written",
+      timestamp: wcTs,
+      source: wcData ? "work_control_json" : "file_mtime",
+      sessionId: wcData && wcData.receiptId || null,
+      evidencePath: WORK_CONTROL_REL,
+    });
+  }
+  // Proof event
+  const proofPath = path.resolve(cwd, PROOF_REL);
+  const proofData = safeReadJson(proofPath);
+  const proofTs = (proofData && proofData.createdAt) || fileModTimeIso(proofPath);
+  if (proofTs) {
+    events.push({
+      event: "proof_written",
+      timestamp: proofTs,
+      source: proofData ? "proof_json" : "file_mtime",
+      sessionId: proofData && proofData.proofId || null,
+      evidencePath: PROOF_REL,
+    });
+  }
+  // Operating value event
+  const ovPath = path.resolve(cwd, OPERATING_VALUE_REL);
+  const ovData = safeReadJson(ovPath);
+  const ovTs = (ovData && ovData.createdAt) || fileModTimeIso(ovPath);
+  if (ovTs) {
+    events.push({
+      event: "operating_value_generated",
+      timestamp: ovTs,
+      source: ovData ? "operating_value_json" : "file_mtime",
+      sessionId: ovData && ovData.valueId || null,
+      evidencePath: OPERATING_VALUE_REL,
+    });
+  }
+  // Sort chronologically
+  events.sort((a, b) => {
+    const ta = parseIso(a.timestamp) || 0;
+    const tb = parseIso(b.timestamp) || 0;
+    return ta - tb;
+  });
+  return events;
+}
+// ── Derive timing summary ─────────────────────────────────────────────────────
+function deriveTimingSummary(events) {
+  const byEvent = {};
+  events.forEach((e) => { byEvent[e.event] = e.timestamp; });
+  const activationTs = byEvent["activation_completed"];
+  const handoffTs = byEvent["session_context_generated"];
+  const proofTs = byEvent["proof_written"];
+  const ovTs = byEvent["operating_value_generated"];
+  // Session window: earliest to latest event timestamp
+  const timestamps = events.map((e) => parseIso(e.timestamp)).filter(Boolean);
+  const sessionStart = timestamps.length ? new Date(Math.min(...timestamps)).toISOString() : null;
+  const sessionEnd = timestamps.length ? new Date(Math.max(...timestamps)).toISOString() : null;
+  return {
+    activationDurationMs: null, // cannot measure activation duration without start+end within activation
+    timeToHandoffMs: diffMs(activationTs, handoffTs),
+    timeToDashboardReadyMs: diffMs(activationTs, ovTs),
+    timeToProofMs: diffMs(activationTs, proofTs),
+    sessionDurationMs: diffMs(sessionStart, sessionEnd),
+    timeToFirstUsefulActionMs: null, // requires explicit first-useful-action marker
+    sessionStart,
+    sessionEnd,
+  };
+}
+// ── Record a timing event ─────────────────────────────────────────────────────
+function recordTimingEvent(cwd, eventName, meta = {}) {
+  const eventsPath = path.resolve(cwd, SESSION_TIMING_EVENTS_REL);
+  ensureDirFor(eventsPath);
+  const entry = {
+    event: eventName,
+    timestamp: nowIso(),
+    source: "explicit_mark",
+    ...meta,
+  };
+  fs.appendFileSync(eventsPath, JSON.stringify(entry) + "\n", "utf8");
+  return entry;
+}
+// ── Build session timing summary ──────────────────────────────────────────────
+function buildSessionTimingSummary(cwd, options = {}) {
+  const timingId = `st-${Date.now()}-${shortId()}`;
+  const createdAt = nowIso();
+  const artifactEvents = gatherTimingEvents(cwd);
+  // Also read explicit events from session-timing.jsonl
+  const explicitEventsPath = path.resolve(cwd, SESSION_TIMING_EVENTS_REL);
+  const explicitEvents = [];
+  if (fs.existsSync(explicitEventsPath)) {
+    try {
+      const lines = fs.readFileSync(explicitEventsPath, "utf8").split("\n").filter(Boolean);
+      lines.forEach((line) => {
+        try { explicitEvents.push(JSON.parse(line)); } catch {}
+      });
+    } catch {}
+  }
+  // Merge and deduplicate by event name (prefer explicit over artifact)
+  const explicitByEvent = {};
+  explicitEvents.forEach((e) => { explicitByEvent[e.event] = e; });
+  const allEvents = [...artifactEvents];
+  explicitEvents.forEach((ee) => {
+    if (!allEvents.find((ae) => ae.event === ee.event && ae.timestamp === ee.timestamp)) {
+      allEvents.push(ee);
+    }
+  });
+  allEvents.sort((a, b) => {
+    const ta = parseIso(a.timestamp) || 0;
+    const tb = parseIso(b.timestamp) || 0;
+    return ta - tb;
+  });
+  // First-useful-action from explicit events
+  const fuaEvent = explicitByEvent["first_useful_action"];
+  const activationEvent = allEvents.find((e) => e.event === "activation_completed");
+  const timeToFirstUsefulActionMs = fuaEvent && activationEvent
+    ? diffMs(activationEvent.timestamp, fuaEvent.timestamp)
+    : null;
+  const derived = deriveTimingSummary(allEvents);
+  derived.timeToFirstUsefulActionMs = timeToFirstUsefulActionMs;
+  const caveats = [
+    "Timing is evidence, not savings. Duration does not automatically mean time saved.",
+    "Activation timing measures readiness readiness, not time saved versus a baseline.",
+    "Timestamps from file mtimes may be imprecise for files updated outside Avorelo.",
+  ];
+  return {
+    schemaVersion: SCHEMA_VERSION,
+    contract: CONTRACT,
+    timingId,
+    createdAt,
+    cwd,
+    events: allEvents,
+    derived,
+    confidence: allEvents.length >= 3 ? "medium" : "low",
+    caveats,
+    redacted: true,
+  };
+}
+// ── Write / read ───────────────────────────────────────────────────────────────
+function writeSessionTiming(cwd, timing) {
+  const latestPath = path.resolve(cwd, SESSION_TIMING_LATEST_REL);
+  ensureDirFor(latestPath);
+  fs.writeFileSync(latestPath, JSON.stringify(timing, null, 2), "utf8");
+}
+function readSessionTiming(cwd) {
+  const latestPath = path.resolve(cwd, SESSION_TIMING_LATEST_REL);
+  return safeReadJson(latestPath);
+}
+// ── Text format ────────────────────────────────────────────────────────────────
+function formatSessionTimingText(timing) {
+  if (!timing) return "Session timing unavailable.\n";
+  const d = timing.derived;
+  const fmtMs = (ms) => ms === null ? "unavailable" : ms < 1000 ? `${ms}ms` : `${(ms / 1000).toFixed(1)}s`;
+  const lines = [
+    "Avorelo Session Timing",
+    "",
+    `  Events recorded: ${timing.events.length}`,
+    `  Confidence:      ${timing.confidence}`,
+    "",
+    `  Time to handoff:       ${fmtMs(d.timeToHandoffMs)}`,
+    `  Time to dashboard:     ${fmtMs(d.timeToDashboardReadyMs)}`,
+    `  Time to proof:         ${fmtMs(d.timeToProofMs)}`,
+    `  Session duration:      ${fmtMs(d.sessionDurationMs)}`,
+    d.timeToFirstUsefulActionMs !== null
+      ? `  First useful action:   ${fmtMs(d.timeToFirstUsefulActionMs)}`
+      : null,
+    "",
+    "  Note: Timing is evidence — not savings. No time-saved claim is made from duration alone.",
+    "",
+  ].filter((l) => l !== null);
+  return lines.join("\n");
+}
+module.exports = {
+  CONTRACT,
+  SESSION_TIMING_LATEST_REL,
+  SESSION_TIMING_EVENTS_REL,
+  buildSessionTimingSummary,
+  writeSessionTiming,
+  readSessionTiming,
+  recordTimingEvent,
+  formatSessionTimingText,
+};