brainblast 0.6.4 → 0.7.0

package/dist/batchScan-JR2G5JCF.js

@@ -0,0 +1,14 @@
+import {
+  batchScan,
+  parseMintList,
+  renderBatchText
+} from "./chunk-QC27GNQ7.js";
+import "./chunk-FQA5BYWW.js";
+import "./chunk-VI2JBH2T.js";
+import "./chunk-2XJORJPQ.js";
+import "./chunk-3RG5ZIWI.js";
+export {
+  batchScan,
+  parseMintList,
+  renderBatchText
+};

package/dist/chunk-2UZGWXIX.js

@@ -0,0 +1,77 @@
+// src/trustGraph/render.ts
+function renderAuthority(p) {
+  const a = p.upgradeAuthority;
+  switch (a.kind) {
+    case "renounced":
+      return "\u{1F512} **Renounced** \u2014 program is frozen; no key can upgrade it.";
+    case "single-key":
+      return `\u26A0\uFE0F **Single key** \`${a.address}\` \u2014 one private key can replace this program at any time.`;
+    case "multisig":
+      return `\u{1F510} **Multisig** \`${a.address}\` \u2014 a threshold of signers can upgrade.`;
+    case "dao":
+      return `\u{1F3DB} **DAO** \`${a.address}\` \u2014 governance program controls upgrades.`;
+    case "unknown":
+      return a.address ? `\u2753 **Unclassified authority** \`${a.address}\` \u2014 needs research to confirm single-key vs multisig/DAO.` : "\u2753 **Unknown** \u2014 could not determine upgrade authority.";
+  }
+}
+function renderVerified(p) {
+  const v = p.verifiedBuild;
+  switch (v.state) {
+    case "verified":
+      return `\u2705 Verified build${v.commit ? ` @ \`${v.commit.slice(0, 12)}\`` : ""} \u2014 [registry](${v.registryUrl})`;
+    case "unverified":
+      return "\u274C Unverified \u2014 on-chain bytecode does not match any source we trust.";
+    case "unknown":
+      return "\u2753 Verified-build status not checked.";
+  }
+}
+function renderAudits(p) {
+  if (!p.audits.length) return "_No audits on file._";
+  return p.audits.map((a) => `- ${a.firm} (${a.date}) \u2014 [report](${a.reportUrl})${a.auditedCommit ? ` @ \`${a.auditedCommit.slice(0, 12)}\`` : ""}`).join("\n");
+}
+function renderParity(p) {
+  const { mainnet, devnet, testnet, notes } = p.parity;
+  const cells = [`mainnet=\`${mainnet}\``, `devnet=\`${devnet}\``];
+  if (testnet) cells.push(`testnet=\`${testnet}\``);
+  return cells.join(" \xB7 ") + (notes ? `  
+  _${notes}_` : "");
+}
+function renderProgram(p) {
+  return [
+    `### ${p.name}`,
+    "",
+    `\`${p.programId}\`${p.kind ? ` \xB7 kind: \`${p.kind}\`` : ""}`,
+    "",
+    `- **Upgrade authority:** ${renderAuthority(p)}`,
+    `- **Verified build:** ${renderVerified(p)}`,
+    `- **Parity:** ${renderParity(p)}`,
+    `- **Audits:**
+${renderAudits(p).split("\n").map((l) => "  " + l).join("\n")}`,
+    p.invokes && p.invokes.length ? `- **Invokes (CPI):** ${p.invokes.map((id) => `\`${id}\``).join(", ")}` : ""
+  ].filter(Boolean).join("\n");
+}
+function renderTrustGraphMd(g) {
+  const head = [
+    "# Trust Graph",
+    "",
+    `_Generated ${g.generatedAt}._`,
+    "",
+    "Every program your code transitively invokes, with the authority that controls it, the build-verification status, and the audits we found.",
+    ""
+  ].join("\n");
+  const body = g.programs.map(renderProgram).join("\n\n---\n\n");
+  const tail = g.unresolved.length ? [
+    "",
+    "---",
+    "",
+    "## Unresolved",
+    "",
+    ...g.unresolved.map((u) => `- \`${u.programId}\` \u2014 ${u.reason}`)
+  ].join("\n") : "";
+  return head + body + tail + "\n";
+}
+
+export {
+  renderProgram,
+  renderTrustGraphMd
+};

package/dist/{chunk-HXQNNGSC.js → chunk-34VXOLJF.js}

@@ -7,393 +7,7 @@ import {
   loadPack,
   resolveRules,
   walk
-} from "./chunk-2Y6UILTZ.js";
-
-// src/trustGraph/directory.ts
-import { readFileSync, existsSync } from "fs";
-import { fileURLToPath } from "url";
-import { join } from "path";
-import { parse } from "yaml";
-var cache = null;
-function bundledPath() {
-  const here = fileURLToPath(new URL(".", import.meta.url));
-  const candidates = [
-    join(here, "programs", "directory.yaml"),
-    // dist/programs/directory.yaml
-    join(here, "..", "..", "programs", "directory.yaml"),
-    // src/../../programs/
-    join(here, "..", "programs", "directory.yaml")
-    // fallback
-  ];
-  for (const c of candidates) {
-    if (existsSync(c)) return c;
-  }
-  return candidates[0];
-}
-function loadDirectory(path = bundledPath()) {
-  if (cache && path === bundledPath()) return cache;
-  const raw = parse(readFileSync(path, "utf8"));
-  if (!raw || !Array.isArray(raw.programs)) {
-    throw new Error(`invalid program directory at ${path}: missing 'programs' array`);
-  }
-  const m = /* @__PURE__ */ new Map();
-  for (const p of raw.programs) {
-    if (!p.programId || !p.name) throw new Error(`directory entry missing programId/name: ${JSON.stringify(p)}`);
-    if (m.has(p.programId)) throw new Error(`directory has duplicate programId ${p.programId}`);
-    m.set(p.programId, { ...p, provenance: { ...p.provenance ?? {}, directoryFile: path } });
-  }
-  if (path === bundledPath()) cache = m;
-  return m;
-}
-
-// src/trustGraph/base58.ts
-var ALPHA = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
-var MAP = {};
-for (let i = 0; i < ALPHA.length; i++) MAP[ALPHA[i]] = i;
-function base58Encode(bytes) {
-  let zeros = 0;
-  while (zeros < bytes.length && bytes[zeros] === 0) zeros++;
-  const buf = Array.from(bytes);
-  const out = [];
-  let start = zeros;
-  while (start < buf.length) {
-    let rem = 0;
-    for (let i = start; i < buf.length; i++) {
-      const acc = rem * 256 + buf[i];
-      buf[i] = Math.floor(acc / 58);
-      rem = acc % 58;
-    }
-    out.push(rem);
-    if (buf[start] === 0) start++;
-  }
-  let s = "";
-  for (let i = 0; i < zeros; i++) s += "1";
-  for (let i = out.length - 1; i >= 0; i--) s += ALPHA[out[i]];
-  return s;
-}
-function base58Decode(s) {
-  let zeros = 0;
-  while (zeros < s.length && s[zeros] === "1") zeros++;
-  const buf = [];
-  for (let i = zeros; i < s.length; i++) {
-    const v = MAP[s[i]];
-    if (v === void 0) throw new Error(`base58: invalid char '${s[i]}' at ${i}`);
-    let carry = v;
-    for (let j = 0; j < buf.length; j++) {
-      const acc = buf[j] * 58 + carry;
-      buf[j] = acc & 255;
-      carry = acc >>> 8;
-    }
-    while (carry > 0) {
-      buf.push(carry & 255);
-      carry >>>= 8;
-    }
-  }
-  const out = new Uint8Array(zeros + buf.length);
-  for (let i = 0; i < buf.length; i++) out[zeros + buf.length - 1 - i] = buf[i];
-  return out;
-}
-function isValidSolanaAddress(s) {
-  if (typeof s !== "string" || s.length < 32 || s.length > 44) return false;
-  try {
-    return base58Decode(s).length === 32;
-  } catch {
-    return false;
-  }
-}
-
-// src/trustGraph/programCache.ts
-import { readFileSync as readFileSync2, writeFileSync, mkdirSync, existsSync as existsSync2 } from "fs";
-import { join as join2, dirname } from "path";
-import { homedir } from "os";
-var DEFAULT_TTL_HOURS = 168;
-var SCHEMA_VERSION = "1.0";
-function defaultCachePath() {
-  const envOverride = process.env["BRAINBLAST_CACHE_PATH"];
-  return envOverride ?? join2(homedir(), ".brainblast", "program-cache.json");
-}
-function emptyCache() {
-  return { schemaVersion: SCHEMA_VERSION, entries: {} };
-}
-function loadProgramCache(cachePath) {
-  const path = cachePath ?? defaultCachePath();
-  if (!existsSync2(path)) return emptyCache();
-  try {
-    const raw = JSON.parse(readFileSync2(path, "utf8"));
-    if (raw?.schemaVersion !== SCHEMA_VERSION) {
-      return emptyCache();
-    }
-    if (!raw.entries || typeof raw.entries !== "object") return emptyCache();
-    return { schemaVersion: SCHEMA_VERSION, entries: raw.entries };
-  } catch {
-    return emptyCache();
-  }
-}
-function saveProgramCache(cache2, cachePath) {
-  const path = cachePath ?? defaultCachePath();
-  mkdirSync(dirname(path), { recursive: true });
-  writeFileSync(path, JSON.stringify(cache2, null, 2), "utf8");
-}
-function getCacheEntry(cache2, programId, ttlHoursOverride) {
-  const entry = cache2.entries[programId];
-  if (!entry) return null;
-  if (isEntryExpired(entry, ttlHoursOverride)) return null;
-  return entry.program;
-}
-function putCacheEntry(cache2, programId, program, sourceRun, ttlHours = DEFAULT_TTL_HOURS) {
-  cache2.entries[programId] = {
-    program,
-    cachedAt: (/* @__PURE__ */ new Date()).toISOString(),
-    sourceRun,
-    ttlHours
-  };
-  return cache2;
-}
-function getCacheEntryMeta(cache2, programId) {
-  return cache2.entries[programId] ?? null;
-}
-function isEntryExpired(entry, ttlHoursOverride) {
-  const ttl = ttlHoursOverride ?? entry.ttlHours ?? DEFAULT_TTL_HOURS;
-  if (ttl <= 0) return true;
-  const cachedMs = Date.parse(entry.cachedAt);
-  if (Number.isNaN(cachedMs)) return true;
-  const ageMs = Date.now() - cachedMs;
-  return ageMs >= ttl * 36e5;
-}
-function cacheSize(cache2, ttlHoursOverride) {
-  return Object.values(cache2.entries).filter((e) => !isEntryExpired(e, ttlHoursOverride)).length;
-}
-
-// src/trustGraph/rpc.ts
-var BPF_UPGRADEABLE_LOADER = "BPFLoaderUpgradeab1e11111111111111111111111";
-var BPF_LOADER_2 = "BPFLoader2111111111111111111111111111111111";
-var NATIVE_LOADER = "NativeLoader1111111111111111111111111111111";
-var DEFAULT_RPC = "https://api.mainnet-beta.solana.com";
-async function rpc(method, params, opts) {
-  const url = opts.rpcUrl ?? DEFAULT_RPC;
-  const fetchImpl = opts.fetchImpl ?? fetch;
-  const ac = new AbortController();
-  const t = setTimeout(() => ac.abort(), opts.timeoutMs ?? 1e4);
-  try {
-    const res = await fetchImpl(url, {
-      method: "POST",
-      headers: { "content-type": "application/json" },
-      body: JSON.stringify({ jsonrpc: "2.0", id: 1, method, params }),
-      signal: ac.signal
-    });
-    if (!res.ok) throw new Error(`rpc ${method}: HTTP ${res.status}`);
-    const body = await res.json();
-    if (body.error) throw new Error(`rpc ${method}: ${body.error.message}`);
-    if (body.result === void 0) throw new Error(`rpc ${method}: empty result`);
-    return body.result;
-  } finally {
-    clearTimeout(t);
-  }
-}
-async function getAccountInfo(address, opts = {}) {
-  if (!isValidSolanaAddress(address)) throw new Error(`invalid Solana address: ${address}`);
-  const result = await rpc(
-    "getAccountInfo",
-    [address, { encoding: "base64", commitment: "confirmed" }],
-    opts
-  );
-  if (!result || !result.value) return null;
-  const v = result.value;
-  const [b64] = v.data;
-  return {
-    owner: v.owner,
-    data: Buffer.from(b64, "base64"),
-    executable: v.executable,
-    lamports: v.lamports
-  };
-}
-async function probeUpgradeAuthority(programId, opts = {}) {
-  const acct = await getAccountInfo(programId, opts);
-  if (!acct) {
-    return {
-      kind: "unknown",
-      address: null,
-      source: "rpc",
-      checkedAt: (/* @__PURE__ */ new Date()).toISOString()
-    };
-  }
-  if (acct.owner === BPF_LOADER_2 || acct.owner === NATIVE_LOADER) {
-    return {
-      kind: "renounced",
-      address: null,
-      source: "rpc",
-      checkedAt: (/* @__PURE__ */ new Date()).toISOString()
-    };
-  }
-  if (acct.owner !== BPF_UPGRADEABLE_LOADER) {
-    throw new Error(
-      `program ${programId} is owned by ${acct.owner}, not a known loader; not a deployed program?`
-    );
-  }
-  if (acct.data.length < 36) throw new Error(`program account too small: ${acct.data.length}`);
-  const tag = acct.data[0] | acct.data[1] << 8 | acct.data[2] << 16 | acct.data[3] << 24;
-  if (tag !== 2) throw new Error(`expected Program (tag=2) state, got tag=${tag}`);
-  const programDataAddr = base58Encode(acct.data.subarray(4, 36));
-  const pd = await getAccountInfo(programDataAddr, opts);
-  if (!pd) {
-    throw new Error(`program ${programId} ProgramData ${programDataAddr} not found`);
-  }
-  if (pd.data.length < 45) throw new Error(`ProgramData account too small: ${pd.data.length}`);
-  const pdTag = pd.data[0] | pd.data[1] << 8 | pd.data[2] << 16 | pd.data[3] << 24;
-  if (pdTag !== 3) throw new Error(`expected ProgramData (tag=3), got tag=${pdTag}`);
-  const optionTag = pd.data[12];
-  const checkedAt = (/* @__PURE__ */ new Date()).toISOString();
-  if (optionTag === 0) {
-    return { kind: "renounced", address: null, source: "rpc", checkedAt };
-  }
-  if (optionTag !== 1) throw new Error(`unexpected Option tag in ProgramData: ${optionTag}`);
-  const authority = base58Encode(pd.data.subarray(13, 45));
-  return { kind: "unknown", address: authority, source: "rpc", checkedAt };
-}
-
-// src/trustGraph/build.ts
-async function buildTrustGraph(programIds, opts = {}) {
-  const dir = loadDirectory(opts.directoryPath);
-  const programs = [];
-  const unresolved = [];
-  const cacheEnabled = opts.cachePath !== null;
-  const cachePathArg = opts.cachePath === null ? void 0 : opts.cachePath;
-  const cache2 = cacheEnabled ? loadProgramCache(cachePathArg) : null;
-  const newFromRpc = [];
-  const runId = (/* @__PURE__ */ new Date()).toISOString().replace(/[-:T]/g, "").slice(0, 14);
-  const seen = /* @__PURE__ */ new Set();
-  const ordered = programIds.filter((id) => seen.has(id) ? false : (seen.add(id), true));
-  for (const id of ordered) {
-    const directoryHit = dir.get(id);
-    if (directoryHit) {
-      programs.push(directoryHit);
-      continue;
-    }
-    if (cache2) {
-      const cached = getCacheEntry(cache2, id);
-      if (cached) {
-        const meta = getCacheEntryMeta(cache2, id);
-        programs.push({
-          ...cached,
-          provenance: {
-            ...cached.provenance ?? {},
-            notes: [
-              cached.provenance?.notes,
-              `cache-hit: cachedAt=${meta.cachedAt} sourceRun=${meta.sourceRun}`
-            ].filter(Boolean).join("; ")
-          }
-        });
-        continue;
-      }
-    }
-    if (opts.probeRpc === false) {
-      unresolved.push({
-        programId: id,
-        reason: "not_in_directory_or_cache_and_rpc_disabled"
-      });
-      continue;
-    }
-    let authority;
-    try {
-      authority = await probeUpgradeAuthority(id, opts);
-    } catch (e) {
-      unresolved.push({ programId: id, reason: `rpc_error: ${e?.message ?? String(e)}` });
-      continue;
-    }
-    const probed = {
-      programId: id,
-      name: `Unknown program (${id.slice(0, 8)}\u2026)`,
-      kind: "app",
-      upgradeAuthority: authority,
-      verifiedBuild: { state: "unknown" },
-      audits: [],
-      parity: { mainnet: "unknown", devnet: "unknown" },
-      provenance: { rpcUrl: opts.rpcUrl, notes: "live-probed; not in curated directory" }
-    };
-    programs.push(probed);
-    newFromRpc.push(id);
-    if (cache2) {
-      putCacheEntry(cache2, id, probed, runId);
-    }
-  }
-  if (cache2 && newFromRpc.length > 0) {
-    saveProgramCache(cache2, cachePathArg);
-  }
-  return { programs, unresolved, generatedAt: (/* @__PURE__ */ new Date()).toISOString() };
-}
-
-// src/trustGraph/render.ts
-function renderAuthority(p) {
-  const a = p.upgradeAuthority;
-  switch (a.kind) {
-    case "renounced":
-      return "\u{1F512} **Renounced** \u2014 program is frozen; no key can upgrade it.";
-    case "single-key":
-      return `\u26A0\uFE0F **Single key** \`${a.address}\` \u2014 one private key can replace this program at any time.`;
-    case "multisig":
-      return `\u{1F510} **Multisig** \`${a.address}\` \u2014 a threshold of signers can upgrade.`;
-    case "dao":
-      return `\u{1F3DB} **DAO** \`${a.address}\` \u2014 governance program controls upgrades.`;
-    case "unknown":
-      return a.address ? `\u2753 **Unclassified authority** \`${a.address}\` \u2014 needs research to confirm single-key vs multisig/DAO.` : "\u2753 **Unknown** \u2014 could not determine upgrade authority.";
-  }
-}
-function renderVerified(p) {
-  const v = p.verifiedBuild;
-  switch (v.state) {
-    case "verified":
-      return `\u2705 Verified build${v.commit ? ` @ \`${v.commit.slice(0, 12)}\`` : ""} \u2014 [registry](${v.registryUrl})`;
-    case "unverified":
-      return "\u274C Unverified \u2014 on-chain bytecode does not match any source we trust.";
-    case "unknown":
-      return "\u2753 Verified-build status not checked.";
-  }
-}
-function renderAudits(p) {
-  if (!p.audits.length) return "_No audits on file._";
-  return p.audits.map((a) => `- ${a.firm} (${a.date}) \u2014 [report](${a.reportUrl})${a.auditedCommit ? ` @ \`${a.auditedCommit.slice(0, 12)}\`` : ""}`).join("\n");
-}
-function renderParity(p) {
-  const { mainnet, devnet, testnet, notes } = p.parity;
-  const cells = [`mainnet=\`${mainnet}\``, `devnet=\`${devnet}\``];
-  if (testnet) cells.push(`testnet=\`${testnet}\``);
-  return cells.join(" \xB7 ") + (notes ? `  
-  _${notes}_` : "");
-}
-function renderProgram(p) {
-  return [
-    `### ${p.name}`,
-    "",
-    `\`${p.programId}\`${p.kind ? ` \xB7 kind: \`${p.kind}\`` : ""}`,
-    "",
-    `- **Upgrade authority:** ${renderAuthority(p)}`,
-    `- **Verified build:** ${renderVerified(p)}`,
-    `- **Parity:** ${renderParity(p)}`,
-    `- **Audits:**
-${renderAudits(p).split("\n").map((l) => "  " + l).join("\n")}`,
-    p.invokes && p.invokes.length ? `- **Invokes (CPI):** ${p.invokes.map((id) => `\`${id}\``).join(", ")}` : ""
-  ].filter(Boolean).join("\n");
-}
-function renderTrustGraphMd(g) {
-  const head = [
-    "# Trust Graph",
-    "",
-    `_Generated ${g.generatedAt}._`,
-    "",
-    "Every program your code transitively invokes, with the authority that controls it, the build-verification status, and the audits we found.",
-    ""
-  ].join("\n");
-  const body = g.programs.map(renderProgram).join("\n\n---\n\n");
-  const tail = g.unresolved.length ? [
-    "",
-    "---",
-    "",
-    "## Unresolved",
-    "",
-    ...g.unresolved.map((u) => `- \`${u.programId}\` \u2014 ${u.reason}`)
-  ].join("\n") : "";
-  return head + body + tail + "\n";
-}
+} from "./chunk-CRYFCQYM.js";
 
 // src/costAnalysis.ts
 import { Project, SyntaxKind } from "ts-morph";
@@ -696,7 +310,7 @@ function startWatch(targetDir, opts = {}) {
 }
 
 // src/fixers/applyDiff.ts
-import { readFileSync as readFileSync3, writeFileSync as writeFileSync2 } from "fs";
+import { readFileSync, writeFileSync } from "fs";
 function parseDiff(diff) {
   const lines = diff.split("\n");
   const fileLine = lines.find((l) => l.startsWith("+++ b"));
@@ -713,21 +327,21 @@ function parseDiff(diff) {
 }
 function applyDiffToFile(diff) {
   const { filePath, oldStart, oldCount, newLines } = parseDiff(diff);
-  const content = readFileSync3(filePath, "utf8");
+  const content = readFileSync(filePath, "utf8");
   const fileLines = content.split("\n");
   const removedLines = diff.split("\n").filter((l) => l.startsWith("-") && !l.startsWith("---")).map((l) => l.slice(1));
   const actual = fileLines.slice(oldStart - 1, oldStart - 1 + oldCount);
   if (JSON.stringify(actual) !== JSON.stringify(removedLines)) return false;
   fileLines.splice(oldStart - 1, oldCount, ...newLines);
-  writeFileSync2(filePath, fileLines.join("\n"));
+  writeFileSync(filePath, fileLines.join("\n"));
   return true;
 }
 
 // src/pack.ts
-import { existsSync as existsSync3, mkdirSync as mkdirSync2, writeFileSync as writeFileSync3 } from "fs";
-import { join as join3 } from "path";
+import { existsSync, mkdirSync, writeFileSync as writeFileSync2 } from "fs";
+import { join } from "path";
 function initPack(dir, opts) {
-  if (existsSync3(join3(dir, PACK_MANIFEST_FILE))) {
+  if (existsSync(join(dir, PACK_MANIFEST_FILE))) {
     throw new Error(`${dir} already contains a ${PACK_MANIFEST_FILE}`);
   }
   const manifest = {
@@ -737,9 +351,9 @@ function initPack(dir, opts) {
     author: opts.author ?? "unknown",
     ...opts.description ? { description: opts.description } : {}
   };
-  mkdirSync2(dir, { recursive: true });
-  mkdirSync2(join3(dir, "rules"), { recursive: true });
-  mkdirSync2(join3(dir, "fixtures"), { recursive: true });
+  mkdirSync(dir, { recursive: true });
+  mkdirSync(join(dir, "rules"), { recursive: true });
+  mkdirSync(join(dir, "fixtures"), { recursive: true });
   const manifestYaml = [
     `id: ${manifest.id}`,
     `name: ${manifest.name}`,
@@ -748,18 +362,18 @@ function initPack(dir, opts) {
     ...manifest.description ? [`description: ${manifest.description}`] : [],
     ""
   ].join("\n");
-  const manifestFile = join3(dir, PACK_MANIFEST_FILE);
-  writeFileSync3(manifestFile, manifestYaml, "utf8");
+  const manifestFile = join(dir, PACK_MANIFEST_FILE);
+  writeFileSync2(manifestFile, manifestYaml, "utf8");
   return manifestFile;
 }
 function validatePack(dir) {
   const { manifest, rules } = loadPack(dir);
-  const fixturesRoot = join3(dir, "fixtures");
+  const fixturesRoot = join(dir, "fixtures");
   const ruleResults = rules.map((rule) => {
-    const ruleFixturesDir = join3(fixturesRoot, rule.id);
-    const vulnerableDir = join3(ruleFixturesDir, "vulnerable");
-    const fixedDir = join3(ruleFixturesDir, "fixed");
-    if (!existsSync3(vulnerableDir) || !existsSync3(fixedDir)) {
+    const ruleFixturesDir = join(fixturesRoot, rule.id);
+    const vulnerableDir = join(ruleFixturesDir, "vulnerable");
+    const fixedDir = join(ruleFixturesDir, "fixed");
+    if (!existsSync(vulnerableDir) || !existsSync(fixedDir)) {
       return {
         ruleId: rule.id,
         status: "missing-fixtures",
@@ -792,10 +406,10 @@ function validatePack(dir) {
 
 // src/telemetry.ts
 import { createHash, randomUUID } from "crypto";
-import { appendFileSync, existsSync as existsSync4, mkdirSync as mkdirSync3, readFileSync as readFileSync4, writeFileSync as writeFileSync4 } from "fs";
+import { appendFileSync, existsSync as existsSync2, mkdirSync as mkdirSync2, readFileSync as readFileSync2, writeFileSync as writeFileSync3 } from "fs";
 import { execFileSync } from "child_process";
-import { homedir as homedir2 } from "os";
-import { dirname as dirname2, join as join4, resolve } from "path";
+import { homedir } from "os";
+import { dirname, join as join2, resolve } from "path";
 function sha256Hex(s) {
   return createHash("sha256").update(s).digest("hex");
 }
@@ -803,24 +417,24 @@ function isTelemetryEnabled(targetDir) {
   const env = process.env.BRAINBLAST_TELEMETRY;
   if (env === "1" || env === "true") return true;
   if (env === "0" || env === "false") return false;
-  const configPath = join4(targetDir, ".agent-research", "config.json");
-  if (!existsSync4(configPath)) return false;
+  const configPath = join2(targetDir, ".agent-research", "config.json");
+  if (!existsSync2(configPath)) return false;
   try {
-    const cfg = JSON.parse(readFileSync4(configPath, "utf8"));
+    const cfg = JSON.parse(readFileSync2(configPath, "utf8"));
     return cfg?.telemetry === true;
   } catch {
     return false;
   }
 }
 function getUserHash() {
-  const idPath = join4(homedir2(), ".brainblast", "telemetry-id");
+  const idPath = join2(homedir(), ".brainblast", "telemetry-id");
   let id;
-  if (existsSync4(idPath)) {
-    id = readFileSync4(idPath, "utf8").trim();
+  if (existsSync2(idPath)) {
+    id = readFileSync2(idPath, "utf8").trim();
   } else {
     id = randomUUID();
-    mkdirSync3(dirname2(idPath), { recursive: true });
-    writeFileSync4(idPath, id, "utf8");
+    mkdirSync2(dirname(idPath), { recursive: true });
+    writeFileSync3(idPath, id, "utf8");
   }
   return sha256Hex(id).slice(0, 16);
 }
@@ -838,15 +452,15 @@ function getRepoHash(targetDir) {
   return sha256Hex(key).slice(0, 16);
 }
 function telemetryFilePath(targetDir) {
-  return join4(targetDir, ".agent-research", "telemetry.ndjson");
+  return join2(targetDir, ".agent-research", "telemetry.ndjson");
 }
 var DEFAULT_REGISTRY_URL = "https://registry.brainblast.tech";
 async function submitTelemetry(targetDir, registryUrl = process.env.BRAINBLAST_REGISTRY_URL || DEFAULT_REGISTRY_URL) {
   const file = telemetryFilePath(targetDir);
-  if (!existsSync4(file)) {
+  if (!existsSync2(file)) {
     return { submitted: 0, accepted: 0, rejected: 0, graduations: [] };
   }
-  const events = readFileSync4(file, "utf8").trim().split("\n").filter(Boolean).map((line) => JSON.parse(line));
+  const events = readFileSync2(file, "utf8").trim().split("\n").filter(Boolean).map((line) => JSON.parse(line));
   if (events.length === 0) {
     return { submitted: 0, accepted: 0, rejected: 0, graduations: [] };
   }
@@ -865,7 +479,7 @@ async function submitTelemetry(targetDir, registryUrl = process.env.BRAINBLAST_R
 function recordGraduationEvents(targetDir, events) {
   if (events.length === 0) return;
   const file = telemetryFilePath(targetDir);
-  mkdirSync3(dirname2(file), { recursive: true });
+  mkdirSync2(dirname(file), { recursive: true });
   const repo_hash = getRepoHash(targetDir);
   const user_hash = getUserHash();
   const timestamp = (/* @__PURE__ */ new Date()).toISOString();
@@ -874,21 +488,6 @@ function recordGraduationEvents(targetDir, events) {
 }
 
 export {
-  loadDirectory,
-  base58Encode,
-  base58Decode,
-  isValidSolanaAddress,
-  DEFAULT_TTL_HOURS,
-  defaultCachePath,
-  loadProgramCache,
-  saveProgramCache,
-  getCacheEntry,
-  putCacheEntry,
-  getCacheEntryMeta,
-  isEntryExpired,
-  cacheSize,
-  buildTrustGraph,
-  renderTrustGraphMd,
   rentExemptMinimum,
   lamportsToSol,
   analyzeCosts,