cto-ai-cli 5.2.0 → 7.1.0

package/dist/engine/index.d.ts

@@ -1,5 +1,4 @@
 import { Project } from 'ts-morph';
-import { EventEmitter } from 'node:events';
 
 interface AnalyzedFile {
     path: string;
@@ -203,7 +202,6 @@ interface AdjacencyList {
 }
 declare function buildAdjacencyList(edges: GraphEdge[]): AdjacencyList;
 declare function bfsBidirectional(seeds: string[], adj: AdjacencyList, depth: number): Set<string>;
-declare function matchGlob(path: string, pattern: string): boolean;
 
 interface PolicySet {
     version: string;
@@ -220,634 +218,733 @@ interface PolicyRule {
     enabled: boolean;
 }
 type PolicyRuleType = 'include-always' | 'exclude-always' | 'budget-limit' | 'coverage-minimum' | 'risk-maximum' | 'secret-block';
+interface SecretFinding {
+    type: SecretType;
+    file: string;
+    line: number;
+    match: string;
+    redacted: string;
+    severity: 'critical' | 'high' | 'medium' | 'low';
+}
+type SecretType = 'api-key' | 'aws-key' | 'private-key' | 'password' | 'token' | 'connection-string' | 'env-variable' | 'pii' | 'high-entropy' | 'custom';
 
-declare function getConfigPath(projectPath: string): string;
-declare function getPolicyPath(projectPath: string): string;
-declare function getCTODir(projectPath: string): string;
-declare function loadConfig(projectPath: string): Promise<CTOConfig>;
-declare function saveConfig(projectPath: string, config: CTOConfig): Promise<string>;
-declare function initProjectConfig(projectPath: string): Promise<{
-    configPath: string;
-    policyPath: string;
-    created: string[];
-}>;
-declare function loadPolicyFromYAML(projectPath: string): Promise<PolicySet | null>;
-
-interface CacheOptions {
-    maxAgeMs: number;
-    maxEntries: number;
-    enabled: boolean;
+interface SemanticScore {
+    filePath: string;
+    score: number;
 }
+interface LearnerBoostInput {
+    filePath: string;
+    boost: number;
+}
+interface SelectionInput {
+    task: string;
+    analysis: ProjectAnalysis;
+    budget: number;
+    policies?: PolicySet;
+    depth?: number;
+    semanticScores?: SemanticScore[];
+    learnerBoosts?: LearnerBoostInput[];
+}
+declare function selectContext(input: SelectionInput): Promise<ContextSelection>;
+
 /**
- * Get a project analysis, using cache when possible.
+ * TF-IDF Semantic Matching Engine
  *
- * Cache hit: ~1-5ms (fingerprint check only)
- * Cache miss: full analyzeProject() + cache update
- */
-declare function getCachedAnalysis(projectPath: string, config?: Partial<CTOConfig>): Promise<ProjectAnalysis>;
-/**
- * Invalidate cache for a specific project (e.g., after a known file change).
- */
-declare function invalidateCache(projectPath?: string): void;
-/**
- * Get cache statistics for debugging/monitoring.
- */
-declare function getCacheStats(): {
-    entries: number;
-    totalHits: number;
-    projects: {
-        path: string;
-        hits: number;
-        ageMs: number;
-    }[];
-};
-/**
- * Configure cache behavior.
+ * Zero dependencies. Pure math.
+ *
+ * Computes term frequency–inverse document frequency vectors for all files
+ * in a project and matches task descriptions against file content semantically.
+ * This replaces naive keyword matching with real information retrieval.
+ *
+ * How it works:
+ *   1. Tokenize each file into terms (identifiers, words)
+ *   2. Compute TF (term frequency) per document
+ *   3. Compute IDF (inverse document frequency) across corpus
+ *   4. Score query against each document using cosine similarity
+ *
+ * Why this matters:
+ *   - "fix authentication" matches `auth.ts` even though "authentication" ≠ "auth"
+ *     because stemming normalizes both to "auth"
+ *   - Files that mention rare, task-specific terms rank higher than files
+ *     full of common terms like "import", "export", "function"
+ *   - BM25 variant avoids over-weighting long files
  */
-declare function configureCache(options: Partial<CacheOptions>): void;
-
-interface WatcherOptions {
-    debounceMs?: number;
-    config?: Partial<CTOConfig>;
+interface TfIdfIndex {
+    documents: Map<string, DocumentVector>;
+    idf: Map<string, number>;
+    avgDocLength: number;
+    totalDocs: number;
 }
-interface FileChangeEvent {
-    type: 'add' | 'change' | 'unlink';
-    path: string;
-    timestamp: Date;
+interface DocumentVector {
+    terms: Map<string, number>;
+    length: number;
 }
-declare class ProjectWatcher extends EventEmitter {
-    private watcher;
-    private projectPath;
-    private debounceMs;
-    private config;
-    private debounceTimer;
-    private pendingChanges;
-    private running;
-    constructor(projectPath: string, options?: WatcherOptions);
-    start(): Promise<void>;
-    stop(): Promise<void>;
-    isRunning(): boolean;
-    getProjectPath(): string;
-    private handleEvent;
-    private flush;
+interface SemanticMatch {
+    filePath: string;
+    score: number;
+    matchedTerms: string[];
 }
 /**
- * Start watching a project. Returns the watcher instance.
- * If already watching, returns the existing watcher.
+ * Build a TF-IDF index from file contents.
+ * Call this once per project analysis, then query multiple times.
  */
-declare function watchProject(projectPath: string, options?: WatcherOptions): Promise<ProjectWatcher>;
+declare function buildIndex(files: {
+    relativePath: string;
+    content: string;
+}[]): TfIdfIndex;
 /**
- * Stop watching a specific project.
+ * Query the index with a task description.
+ * Returns files ranked by semantic relevance (BM25 scoring).
  */
-declare function unwatchProject(projectPath: string): Promise<void>;
+declare function query(index: TfIdfIndex, taskDescription: string, maxResults?: number): SemanticMatch[];
 /**
- * Stop all active watchers. Call on process shutdown.
+ * Compute pairwise similarity between two documents in the index.
+ * Useful for finding related files (e.g., "what other files are similar to auth.ts?")
  */
-declare function unwatchAll(): Promise<void>;
+declare function similarity(index: TfIdfIndex, pathA: string, pathB: string): number;
 /**
- * Get all actively watched projects.
+ * Tokenize source code into meaningful terms.
+ * Handles camelCase, snake_case, PascalCase splitting.
+ * Applies stemming and stop word removal.
  */
-declare function getActiveWatchers(): {
-    path: string;
-    running: boolean;
-}[];
-
-type ChangeType = 'added' | 'modified' | 'deleted' | 'renamed';
-interface ChangedFile {
-    relativePath: string;
-    changeType: ChangeType;
-    linesAdded: number;
-    linesRemoved: number;
-}
-interface PRContextResult {
-    baseBranch: string;
-    currentBranch: string;
-    isGitRepo: boolean;
-    changedFiles: ChangedFile[];
-    dependencyFiles: string[];
-    allRelevantFiles: AnalyzedFile[];
-    totalChangedTokens: number;
-    totalContextTokens: number;
-    riskSummary: {
-        critical: number;
-        high: number;
-        medium: number;
-        low: number;
-        maxRiskFile: string;
-        maxRiskScore: number;
-    };
-    renderedSummary: string;
-}
-interface PRContextOptions {
-    baseBranch?: string;
-    depth?: number;
-    includeTests?: boolean;
-}
+declare function tokenize(text: string): string[];
 /**
- * Generate PR-focused context by analyzing git changes and expanding dependencies.
- *
- * @param analysis - Project analysis (from analyzeProject or getCachedAnalysis)
- * @param options - PR context options (baseBranch, depth, includeTests)
- * @returns Structured PR context with changed files, dependencies, risk summary
+ * Boost TF-IDF scores based on file path relevance to the task.
+ * This catches cases where the file content doesn't mention the task terms
+ * but the file path does (e.g., task "fix auth" → src/auth/middleware.ts).
  */
-declare function generatePRContext(analysis: ProjectAnalysis, options?: PRContextOptions): Promise<PRContextResult>;
+declare function boostByPath(matches: SemanticMatch[], allFiles: string[], taskDescription: string): SemanticMatch[];
 
-type Grade = 'A+' | 'A' | 'A-' | 'B+' | 'B' | 'B-' | 'C+' | 'C' | 'C-' | 'D' | 'F';
-interface ContextScore {
-    overall: number;
-    grade: Grade;
-    dimensions: {
-        efficiency: DimensionScore;
-        coverage: DimensionScore;
-        riskControl: DimensionScore;
-        structure: DimensionScore;
-        governance: DimensionScore;
-    };
-    insights: ScoreInsight[];
-    comparison: {
-        naiveTokens: number;
-        optimizedTokens: number;
-        savedTokens: number;
-        savedPercent: number;
-        monthlySavingsUSD: number;
-    };
-    meta: {
-        projectName: string;
-        totalFiles: number;
-        totalTokens: number;
-        analyzedAt: Date;
-    };
-}
-interface DimensionScore {
-    score: number;
-    weight: number;
-    weighted: number;
-    detail: string;
-}
-interface ScoreInsight {
-    type: 'strength' | 'weakness' | 'opportunity';
-    title: string;
-    detail: string;
-    impact: 'high' | 'medium' | 'low';
-}
 /**
- * Compute the Context Score™ for a project.
+ * Persistent TF-IDF Index Cache
  *
- * @param analysis - Project analysis (from analyzeProject or getCachedAnalysis)
- * @param task - Representative task (default: "general code review")
- * @param budget - Token budget (default: 50000)
- */
-declare function computeContextScore(analysis: ProjectAnalysis, task?: string, budget?: number): Promise<ContextScore>;
-/**
- * Render the Context Score as a beautiful terminal-friendly string.
+ * Problem: Building a TF-IDF index reads every source file and tokenizes it.
+ * For a 50K-file repo, that's 5-10 seconds per query. With 20K devs running
+ * queries concurrently, re-indexing on every call is unacceptable.
+ *
+ * Solution: Persist the index to disk with per-file mtime tracking.
+ * On subsequent queries, only re-index files that changed since last build.
+ *
+ * Storage: .cto/index-cache.json
+ *   {
+ *     version: 2,
+ *     builtAt: ISO timestamp,
+ *     files: { [relativePath]: { mtime: number, terms: { [term]: count }, length: number } },
+ *     idf: { [term]: number },
+ *     avgDocLength: number,
+ *     totalDocs: number,
+ *   }
+ *
+ * Invalidation:
+ *   - Per-file: mtime changed → re-tokenize that file
+ *   - New files: not in cache → tokenize and add
+ *   - Deleted files: in cache but not on disk → remove
+ *   - Version bump: cache format changed → full rebuild
+ *
+ * The IDF values are recomputed after any incremental update because
+ * document frequency changes affect all terms globally.
  */
-declare function renderContextScore(score: ContextScore): string;
 
-interface BenchmarkResult {
-    project: string;
+interface IndexCacheStats {
+    /** Total files in the index */
     totalFiles: number;
-    totalTokens: number;
-    budget: number;
-    task: string;
-    strategies: {
-        cto: StrategyResult;
-        naive: StrategyResult;
-        random: StrategyResult;
-    };
-    winner: 'cto' | 'naive' | 'random';
-    ctoAdvantage: {
-        vsNaiveTokensSaved: number;
-        vsNaiveTokensSavedPercent: number;
-        vsRandomCoverageGain: number;
-        vsNaiveCostSavedMonthlyUSD: number;
-    };
-}
-interface StrategyResult {
-    filesSelected: number;
-    tokensUsed: number;
-    coverageScore: number;
-    criticalFilesCovered: number;
-    criticalFilesTotal: number;
-    highRiskCovered: number;
-    highRiskTotal: number;
-    costPerInteractionUSD: number;
-    timeMs: number;
+    /** Files that were re-indexed (changed or new) */
+    updatedFiles: number;
+    /** Files removed from cache (deleted from disk) */
+    removedFiles: number;
+    /** Files reused from cache (unchanged) */
+    cachedFiles: number;
+    /** Whether the cache existed before this build */
+    cacheHit: boolean;
+    /** Time to build/update the index (ms) */
+    buildTimeMs: number;
 }
 /**
- * Run a full benchmark comparing CTO vs naive vs random selection.
+ * Build or update a TF-IDF index with disk caching.
+ *
+ * First call: builds full index and writes cache to .cto/index-cache.json
+ * Subsequent calls: reads cache, updates only changed files, rewrites cache
+ *
+ * @param projectPath - Root of the project (for .cto/ directory)
+ * @param files - All files to index: { relativePath, absolutePath, content? }
+ *   If content is provided, it's used directly. Otherwise, the file is read from disk.
+ * @returns The TF-IDF index + stats about cache hits/misses
  */
-declare function runBenchmark(analysis: ProjectAnalysis, task?: string, budget?: number): Promise<BenchmarkResult>;
+declare function buildIndexCached(projectPath: string, files: {
+    relativePath: string;
+    absolutePath: string;
+    content?: string;
+}[]): {
+    index: TfIdfIndex;
+    stats: IndexCacheStats;
+};
 /**
- * Render benchmark results as a formatted comparison table.
+ * Invalidate the entire cache (force full rebuild on next call).
  */
-declare function renderBenchmark(result: BenchmarkResult): string;
-
-type TaskType = 'debug' | 'review' | 'refactor' | 'test' | 'docs' | 'feature' | 'architecture' | 'simple-edit';
-
-interface QualityBenchmarkResult {
-    project: string;
-    task: string;
-    taskType: TaskType;
-    budget: number;
-    strategies: {
-        cto: QualityMetrics;
-        naive: QualityMetrics;
-        random: QualityMetrics;
-    };
-    comparison: {
-        ctoVsNaiveRelevance: number;
-        ctoVsRandomRelevance: number;
-        ctoVsNaiveCompleteness: number;
-        ctoVsRandomCompleteness: number;
-        ctoNoiseReduction: number;
-    };
-    prompts: {
-        cto: {
-            rendered: string;
-            tokens: number;
-        };
-        naive: {
-            rendered: string;
-            tokens: number;
-        };
-    };
-    verdict: string;
-}
-interface QualityMetrics {
-    filesSelected: number;
-    tokensUsed: number;
-    relevanceScore: number;
-    completenessScore: number;
-    noiseRatio: number;
-    typeCoverage: number;
-    dependencyClosure: number;
-    relevantFilesIncluded: number;
-    relevantFilesTotal: number;
-    typeFilesIncluded: number;
-    typeFilesNeeded: number;
-    depsIncluded: number;
-    depsNeeded: number;
-}
+declare function invalidateCache(projectPath: string): void;
 /**
- * Run a quality benchmark comparing CTO vs naive vs random context selection.
- * Measures relevance, completeness, noise, and dependency closure.
+ * Get cache stats without rebuilding.
  */
-declare function runQualityBenchmark(analysis: ProjectAnalysis, task: string, budget?: number): Promise<QualityBenchmarkResult>;
-declare function renderQualityBenchmark(result: QualityBenchmarkResult): string;
-
-interface PredictorModel {
-    version: number;
-    trainedAt: string;
-    totalObservations: number;
-    taskTypeFrequency: Record<string, Record<string, number>>;
-    keywordFrequency: Record<string, Record<string, number>>;
-    fileStats: Record<string, {
-        totalSelections: number;
-        avgRiskScore: number;
-        avgTokens: number;
-        lastSelected: string;
-    }>;
-    coSelection: Record<string, Record<string, number>>;
-}
-interface PredictionResult {
-    filePath: string;
-    predictedScore: number;
-    reasons: string[];
-}
-interface PredictorConfig {
-    maxCoSelectionPairs: number;
-    decayFactor: number;
-    minObservations: number;
-}
-declare function loadModel(projectPath: string): Promise<PredictorModel>;
-declare function recordSelection(projectPath: string, task: string, selectedFiles: {
-    relativePath: string;
-    riskScore: number;
-    tokens: number;
-}[]): Promise<PredictorModel>;
-declare function predictRelevantFiles(projectPath: string, task: string, analysis: ProjectAnalysis, config?: Partial<PredictorConfig>): Promise<PredictionResult[]>;
-declare function getPredictorBoosts(projectPath: string, task: string, analysis: ProjectAnalysis): Promise<Map<string, number>>;
-declare function getModelStats(model: PredictorModel): {
-    observations: number;
-    taskTypes: number;
-    keywords: number;
-    trackedFiles: number;
-    coSelectionPairs: number;
-    trainedAt: string;
+declare function getCacheInfo(projectPath: string): {
+    exists: boolean;
+    fileCount: number;
+    builtAt: string | null;
 };
 
-interface ProjectFingerprint {
-    stack: string[];
-    sizeClass: 'tiny' | 'small' | 'medium' | 'large' | 'huge';
-    hasTypes: boolean;
-    hasTests: boolean;
-    isMonorepo: boolean;
-    entryPointPatterns: string[];
-    dominantLanguage: string;
-}
-interface CrossRepoModel {
-    version: number;
+/**
+ * Usage Learner — Gets smarter with every use.
+ *
+ * Zero dependencies. Bayesian priors updated from real usage.
+ *
+ * How it works:
+ *   1. Every time context is selected, log what was included/excluded
+ *   2. When user accepts/rejects files, update file relevance priors
+ *   3. Next selection uses priors as boost signals alongside TF-IDF + risk
+ *
+ * Storage: .cto/learner.json — portable, versioned, <10KB typical
+ *
+ * The model is intentionally simple (no neural nets, no embeddings model):
+ *   - Beta distribution per file pattern (alpha=accepted, beta=rejected)
+ *   - Exponential decay so recent feedback weighs more
+ *   - Pattern-based: learns "test files matter for debug tasks", not
+ *     specific file paths (so it works across branches/renames)
+ */
+interface LearnerModel {
+    version: 2;
     updatedAt: string;
-    totalProjects: number;
-    totalObservations: number;
-    archetypes: Record<string, ArchetypeProfile>;
-    universalPatterns: PatternStats[];
-}
-interface ArchetypeProfile {
-    name: string;
-    fingerprint: ProjectFingerprint;
-    projectCount: number;
-    observationCount: number;
+    patterns: Record<string, PatternStats>;
     taskPatterns: Record<string, Record<string, PatternStats>>;
-    criticalKinds: {
-        kind: string;
-        importance: number;
-    }[];
-    criticalDirs: {
-        pattern: string;
-        importance: number;
-    }[];
+    totalSelections: number;
 }
 interface PatternStats {
-    pattern: string;
-    hitCount: number;
-    totalSelections: number;
-    hitRate: number;
-    avgRelevanceBoost: number;
+    alpha: number;
+    beta: number;
+    lastSeen: string;
 }
-interface CrossRepoPrediction {
+interface LearnerBoost {
     filePath: string;
     boost: number;
-    reason: string;
     confidence: number;
+    reason: string;
 }
-declare function computeFingerprint(analysis: ProjectAnalysis): ProjectFingerprint;
-declare function loadGlobalModel(): Promise<CrossRepoModel>;
-declare function recordCrossRepoSelection(analysis: ProjectAnalysis, task: string, selectedFiles: {
-    relativePath: string;
-    riskScore: number;
-    tokens: number;
-}[]): Promise<CrossRepoModel>;
-declare function predictFromCrossRepo(analysis: ProjectAnalysis, task: string): Promise<CrossRepoPrediction[]>;
-declare function getCrossRepoStats(model: CrossRepoModel): {
-    totalProjects: number;
-    totalObservations: number;
-    archetypes: {
-        name: string;
-        projects: number;
-        observations: number;
-    }[];
-    universalPatterns: number;
-};
-
-interface FeedbackEntry {
-    id: string;
-    timestamp: string;
-    task: string;
-    taskType: TaskType;
-    contextHash: string;
-    filesIncluded: string[];
-    tokensUsed: number;
-    budget: number;
-    outcome: FeedbackOutcome;
-    model?: string;
-    promptTokens?: number;
-    sessionId?: string;
-    strategy?: string;
-}
-interface FeedbackOutcome {
-    accepted: boolean;
-    compilable?: boolean;
-    testsPassed?: number;
-    testsTotal?: number;
-    linesGenerated?: number;
-    linesAccepted?: number;
-    timeToAcceptMs?: number;
-    userRating?: 1 | 2 | 3 | 4 | 5;
-    notes?: string;
-}
-interface FeedbackModel {
-    version: number;
-    updatedAt: string;
-    totalFeedback: number;
-    acceptRate: number;
-    fileAcceptance: Record<string, {
-        includedCount: number;
-        acceptedCount: number;
-        acceptRate: number;
-        ewmaAcceptRate: number;
-        avgTimeToAccept: number;
-        lastSeen: string;
-        bayesianLower: number;
-    }>;
-    taskTypeAcceptance: Record<string, {
-        totalCount: number;
-        acceptedCount: number;
-        acceptRate: number;
-        avgCompilable: number;
-        ewmaAcceptRate: number;
-    }>;
-    pairAcceptance: Record<string, {
-        count: number;
-        acceptedCount: number;
-        acceptRate: number;
-    }>;
-    sessions: Record<string, {
-        strategy: string;
-        entries: number;
-        acceptRate: number;
-    }>;
-    strategyComparison: Record<string, {
-        totalCount: number;
-        acceptedCount: number;
+/**
+ * Load the learner model from .cto/learner.json.
+ * Returns empty model if none exists.
+ */
+declare function loadLearner(projectPath: string): Promise<LearnerModel>;
+/**
+ * Save the learner model.
+ */
+declare function saveLearner(projectPath: string, model: LearnerModel): Promise<void>;
+/**
+ * Record a selection event — which files were included and which were excluded.
+ * Updates Bayesian priors with exponential decay.
+ */
+declare function recordSelection(model: LearnerModel, taskType: string, selectedFiles: string[], excludedFiles: string[]): LearnerModel;
+/**
+ * Get boost signals for files based on learned patterns.
+ * Returns boosts that should be applied during context selection.
+ */
+declare function getLearnerBoosts(model: LearnerModel, taskType: string, files: string[]): LearnerBoost[];
+/**
+ * Get learner stats for display.
+ */
+declare function getLearnerStats(model: LearnerModel): {
+    totalSelections: number;
+    patternsLearned: number;
+    taskTypes: string[];
+    topPatterns: {
+        pattern: string;
         acceptRate: number;
-        avgTimeToAccept: number;
-    }>;
-    insights: FeedbackInsight[];
-}
-interface FeedbackInsight {
-    type: 'positive' | 'negative' | 'opportunity';
-    title: string;
-    detail: string;
-    impact: number;
-}
-declare function loadFeedbackModel(projectPath: string): Promise<FeedbackModel>;
-declare function wilsonLowerBound(successes: number, total: number, z?: number): number;
-declare function recordFeedback(projectPath: string, entry: Omit<FeedbackEntry, 'id' | 'timestamp' | 'taskType'>): Promise<FeedbackModel>;
-declare function getFeedbackBoosts(projectPath: string, task: string): Promise<Map<string, number>>;
-interface TeamFeedbackExport {
-    version: number;
-    exportedAt: string;
-    projectName: string;
-    model: FeedbackModel;
-    entrySummary: {
-        total: number;
-        accepted: number;
-        sessions: number;
-    };
-}
-declare function exportFeedbackForTeam(projectPath: string, projectName: string): Promise<TeamFeedbackExport>;
-declare function importTeamFeedback(projectPath: string, teamExport: TeamFeedbackExport): Promise<FeedbackModel>;
-declare function renderFeedbackReport(model: FeedbackModel): string;
-declare function renderCrossRepoReport(stats: {
-    totalProjects: number;
-    totalObservations: number;
-    archetypes: {
-        name: string;
-        projects: number;
         observations: number;
     }[];
-    universalPatterns: number;
-}): string;
+};
+/**
+ * Extract a generalizable pattern from a file path.
+ * Examples: "src/engine/analyzer.ts" becomes "engine/(star).ts",
+ * "tests/unit/auth.test.ts" becomes "tests/(star)(star)/(star).test.ts".
+ * This way the learner generalizes across similar files,
+ * not just memorize specific paths.
+ */
+declare function extractPattern(filePath: string): string;
 
-interface SemanticFingerprint {
-    filePath: string;
-    domains: SemanticDomain[];
-    exports: string[];
-    concepts: string[];
-    patterns: CodePattern[];
-    intentScore: Map<string, number>;
-}
-interface SemanticDomain {
+/**
+ * Multi-Repo Context Selection
+ *
+ * Discovers sibling repositories in a workspace and queries them
+ * for relevant files when selecting context for a task.
+ *
+ * How it works:
+ *   1. Discover sibling repos (scan parent dir or use explicit paths)
+ *   2. For each sibling: list source files, read contents, build TF-IDF index
+ *   3. Query each sibling's index with the task description
+ *   4. Return ranked matches with repo attribution
+ *
+ * This is NOT the cross-repo learning system (cross-repo.ts).
+ * This is actual multi-repo file discovery and querying.
+ */
+interface SiblingRepo {
+    /** Absolute path to the repo root */
+    path: string;
+    /** Short name (directory name) */
     name: string;
-    confidence: number;
-    signals: string[];
-}
-interface CodePattern {
-    type: 'route' | 'model' | 'middleware' | 'config' | 'test' | 'type' | 'util' | 'entry' | 'event' | 'error';
-    evidence: string;
-}
-interface SemanticAnalysis {
-    files: SemanticFingerprint[];
-    domainGraph: {
-        from: string;
-        to: string;
-        strength: number;
-    }[];
-    domainClusters: {
-        domain: string;
-        files: string[];
-        tokenBudget: number;
-    }[];
-}
-declare function analyzeSemantics(analysis: ProjectAnalysis): SemanticAnalysis;
-declare function semanticBoosts(semantics: SemanticAnalysis, task: string): Map<string, number>;
-declare function renderSemanticAnalysis(semantics: SemanticAnalysis): string;
-
-interface CompilabilityResult {
-    project: string;
-    task: string;
-    budget: number;
-    strategies: {
-        cto: CompilabilityMetrics;
-        naive: CompilabilityMetrics;
-        random: CompilabilityMetrics;
-    };
-    comparison: {
-        ctoVsNaiveTypeAvailability: number;
-        ctoVsRandomTypeAvailability: number;
-        ctoVsNaivePredictedErrors: number;
-        naiveMissingTypes: string[];
-        randomMissingTypes: string[];
-    };
-    verdict: string;
+    /** Detected stack (from package.json, tsconfig, etc.) */
+    stack: string[];
+    /** Number of source files found */
+    fileCount: number;
+}
+interface SiblingMatch {
+    /** Which sibling repo this file belongs to */
+    repoName: string;
+    /** Absolute path to the repo */
+    repoPath: string;
+    /** Relative path within the sibling repo */
+    relativePath: string;
+    /** Absolute path to the file */
+    absolutePath: string;
+    /** Semantic relevance score (0-1) */
+    score: number;
+    /** File content */
+    content: string;
+    /** Estimated token count */
+    tokens: number;
 }
-interface CompilabilityMetrics {
-    typeFilesAvailable: number;
-    typeFilesTotal: number;
-    typeAvailabilityPercent: number;
-    importChainsComplete: number;
-    importChainsTotal: number;
-    importCompletenessPercent: number;
-    missingTypeFiles: string[];
-    missingDependencies: string[];
-    predictedTypeErrors: number;
-    predictedImportErrors: number;
-    predictedTotalErrors: number;
-    compilabilityScore: number;
-    filesSelected: number;
-    tokensUsed: number;
+interface MultiRepoResult {
+    /** Sibling repos that were discovered/used */
+    siblings: SiblingRepo[];
+    /** Top matches from sibling repos, ranked by score */
+    matches: SiblingMatch[];
+    /** Total time spent indexing + querying (ms) */
+    timeMs: number;
 }
-declare function runCompilabilityBenchmark(analysis: ProjectAnalysis, task: string, budget?: number): Promise<CompilabilityResult>;
-declare function renderCompilabilityBenchmark(result: CompilabilityResult): string;
+/**
+ * Discover sibling repositories by scanning the parent directory.
+ * A directory is a "repo" if it contains a known project marker file.
+ */
+declare function discoverSiblingRepos(projectPath: string): SiblingRepo[];
+/**
+ * Query sibling repos for files relevant to a task.
+ *
+ * For each sibling:
+ *   1. List source files
+ *   2. Build TF-IDF index from file contents
+ *   3. Query with task description
+ *   4. Return top matches with content
+ *
+ * @param siblings - Sibling repos to query (from discoverSiblingRepos or explicit paths)
+ * @param task - Task description to match against
+ * @param maxPerRepo - Max matches per repo (default 5)
+ * @param minScore - Minimum semantic score to include (default 0.3)
+ */
+declare function querySiblingRepos(siblings: SiblingRepo[], task: string, maxPerRepo?: number, minScore?: number): MultiRepoResult;
+/**
+ * Parse explicit repo paths from a comma-separated string.
+ * Resolves relative paths against the current project's parent directory.
+ */
+declare function parseSiblingPaths(pathsStr: string, projectPath: string): SiblingRepo[];
+/**
+ * Render multi-repo results for CLI output.
+ */
+declare function renderMultiRepoSummary(result: MultiRepoResult): string;
 
-interface CompileProofResult {
-    project: string;
-    task: string;
-    budget: number;
-    cto: CompileProofStrategy;
-    naive: CompileProofStrategy;
-    random: CompileProofStrategy;
-    headline: string;
-    details: string;
-}
-interface CompileProofStrategy {
-    name: string;
-    filesIncluded: number;
-    tokensUsed: number;
-    typeFilesIncluded: string[];
-    typeFilesMissing: string[];
-    compileErrors: number;
-    errorMessages: string[];
-    compiles: boolean;
-}
-declare function runCompileProof(analysis: ProjectAnalysis, task: string, budget?: number): Promise<CompileProofResult>;
-declare function renderCompileProof(result: CompileProofResult): string;
+/**
+ * Shared Context Pipeline
+ *
+ * Single function that runs the full context selection pipeline:
+ *   read files → build TF-IDF index → query → boost → load learner → selectContext
+ *
+ * Used by both CLI and MCP server. No duplication.
+ */
 
-interface ModelProfile {
-    id: string;
-    name: string;
-    provider: 'openai' | 'anthropic' | 'google' | 'mistral' | 'meta' | 'custom';
-    contextWindow: number;
-    maxOutput: number;
-    costPer1MInput: number;
-    costPer1MOutput: number;
-    strengths: ModelStrength[];
-    recommendedBudgetPercent: number;
-}
-type ModelStrength = 'code-generation' | 'analysis' | 'refactoring' | 'debugging' | 'documentation' | 'testing' | 'general';
-interface MultiModelResult {
+interface ContextPipelineInput {
+    projectPath: string;
     task: string;
-    models: ModelOptimization[];
-    recommendation: {
-        bestValue: string;
-        bestQuality: string;
-        bestSpeed: string;
-        reasoning: string;
-    };
+    analysis: ProjectAnalysis;
+    budget?: number;
+    /** Optional sibling repos for cross-repo context */
+    siblingRepos?: SiblingRepo[];
 }
-interface ModelOptimization {
-    model: ModelProfile;
-    budget: number;
+interface ContextPipelineResult {
     selection: ContextSelection;
-    estimatedCost: number;
-    qualityScore: number;
-    recommendation: string;
+    taskType: string;
+    fileContentMap: Map<string, string>;
+    semanticMap: Map<string, SemanticMatch>;
+    learnerMap: Map<string, LearnerBoost>;
+    /** Cross-repo results (only present if siblingRepos were provided) */
+    multiRepo?: MultiRepoResult;
+    /** Index cache stats (how many files were cached vs rebuilt) */
+    indexCacheStats?: IndexCacheStats;
 }
-declare const MODEL_REGISTRY: ModelProfile[];
-declare function optimizeForModels(analysis: ProjectAnalysis, task: string, models?: string[]): Promise<MultiModelResult>;
-declare function renderMultiModelResult(result: MultiModelResult): string;
+/**
+ * Run the full context selection pipeline.
+ * One function, used everywhere. No copy-paste.
+ */
+declare function runContextPipeline(input: ContextPipelineInput): Promise<ContextPipelineResult>;
 
 declare function scoreAllFiles(files: AnalyzedFile[], graph: ProjectGraph, weights?: RiskWeights): void;
 declare function scoreFile(file: AnalyzedFile, graph: ProjectGraph, weights?: RiskWeights): number;
 
 declare function calculateCoverage(targetPaths: string[], includedPaths: string[], allFiles: AnalyzedFile[], graph: ProjectGraph, depth?: number): CoverageResult;
 
-interface SelectionInput {
-    task: string;
-    analysis: ProjectAnalysis;
-    budget: number;
-    policies?: PolicySet;
-    depth?: number;
-}
-declare function selectContext(input: SelectionInput): Promise<ContextSelection>;
-
 declare function getPruneLevelForRisk(riskScore: number): PruneLevel;
 declare function optimizeBudget(files: AnalyzedFile[], budget: number): Promise<BudgetPlan>;
 
 declare function pruneFile(file: AnalyzedFile, level: PruneLevel): Promise<PrunedContent>;
 declare function pruneFiles(files: AnalyzedFile[], levelFn: (file: AnalyzedFile) => PruneLevel): Promise<PrunedContent[]>;
 
+/**
+ * Closed-Loop A/B Testing Engine
+ *
+ * The missing piece: the feedback system records data but never closes the loop.
+ * This module adds real experimentation:
+ *
+ *   1. Define experiments with control + variant strategies
+ *   2. Assign requests to groups (deterministic hashing for consistency)
+ *   3. Collect outcomes per group
+ *   4. Compute statistical significance (z-test for proportions)
+ *   5. Auto-promote winning variants when significance threshold met
+ *
+ * Example experiment:
+ *   - Control: default composite scoring (semantic 0.55, risk 0.25, learner 0.20)
+ *   - Variant: reranker-heavy scoring (reranker 0.70, risk 0.15, learner 0.15)
+ *   - Metric: acceptance rate
+ *   - Significance: p < 0.05
+ *
+ * Storage: .cto/experiments.json
+ * Design: Pure functions. No external deps. Deterministic assignment.
+ */
+interface Experiment {
+    /** Unique experiment ID */
+    id: string;
+    /** Human-readable name */
+    name: string;
+    /** What we're testing */
+    description: string;
+    /** Current status */
+    status: 'running' | 'concluded' | 'paused';
+    /** When the experiment started */
+    startedAt: string;
+    /** When it concluded (if applicable) */
+    concludedAt?: string;
+    /** Traffic split: 0.5 = 50/50 */
+    trafficSplit: number;
+    /** Minimum observations per group before significance test */
+    minObservations: number;
+    /** P-value threshold for significance */
+    significanceThreshold: number;
+    /** Control group config */
+    control: ExperimentGroup;
+    /** Variant group config */
+    variant: ExperimentGroup;
+    /** Conclusion (when experiment ends) */
+    conclusion?: ExperimentConclusion;
+}
+interface ExperimentGroup {
+    /** Group name */
+    name: string;
+    /** Strategy parameters (passed to the engine) */
+    params: Record<string, unknown>;
+    /** Collected metrics */
+    metrics: GroupMetrics;
+}
+interface GroupMetrics {
+    /** Total observations */
+    total: number;
+    /** Successful outcomes (accepted) */
+    successes: number;
+    /** Accept rate = successes / total */
+    acceptRate: number;
+    /** Average time to accept (ms) */
+    avgTimeToAccept: number;
+    /** Compilable rate */
+    compilableRate: number;
+    /** Sum of time values (for running average) */
+    timeSum: number;
+    /** Count of compilable results */
+    compilableCount: number;
+}
+interface ExperimentConclusion {
+    /** Which group won */
+    winner: 'control' | 'variant' | 'no_difference';
+    /** Observed p-value */
+    pValue: number;
+    /** Effect size (difference in accept rates) */
+    effectSize: number;
+    /** Confidence interval for effect size */
+    confidenceInterval: [number, number];
+    /** Human-readable summary */
+    summary: string;
+}
+interface AssignmentResult {
+    /** Which group the request was assigned to */
+    group: 'control' | 'variant';
+    /** The strategy params for this group */
+    params: Record<string, unknown>;
+    /** Experiment ID for tracking */
+    experimentId: string;
+}
+declare function loadExperiments(projectPath: string): Experiment[];
+declare function saveExperiments(projectPath: string, experiments: Experiment[]): void;
+declare function createExperiment(id: string, name: string, description: string, controlParams: Record<string, unknown>, variantParams: Record<string, unknown>, options?: {
+    trafficSplit?: number;
+    minObservations?: number;
+    significanceThreshold?: number;
+}): Experiment;
+/**
+ * Assign a request to control or variant group.
+ * Uses deterministic hashing: same (experiment_id, task) → same group.
+ * This ensures consistency (retries get the same group).
+ */
+declare function assignGroup(experiment: Experiment, task: string): AssignmentResult | null;
+/**
+ * Record an outcome for an experiment group.
+ * Updates running statistics and checks for significance.
+ */
+declare function recordOutcome(experiment: Experiment, group: 'control' | 'variant', outcome: {
+    accepted: boolean;
+    compilable?: boolean;
+    timeToAcceptMs?: number;
+}): Experiment;
+interface SignificanceResult {
+    /** Two-sided p-value */
+    pValue: number;
+    /** Z-score */
+    zScore: number;
+    /** Effect size: variant rate - control rate */
+    effectSize: number;
+    /** 95% confidence interval for effect size */
+    confidenceInterval: [number, number];
+    /** Whether the result is significant at the experiment's threshold */
+    significant: boolean;
+}
+/**
+ * Two-proportion z-test for A/B testing.
+ *
+ * H0: p_control = p_variant
+ * H1: p_control ≠ p_variant (two-sided)
+ *
+ * This is the standard test for comparing conversion rates.
+ */
+declare function testSignificance(experiment: Experiment): SignificanceResult;
+/**
+ * Get the active experiment for this project (if any).
+ */
+declare function getActiveExperiment(experiments: Experiment[]): Experiment | null;
+/**
+ * Get all concluded experiments with their results.
+ */
+declare function getConcludedExperiments(experiments: Experiment[]): Experiment[];
+/**
+ * Render experiment summary for CLI/dashboard.
+ */
+declare function renderExperimentSummary(experiment: Experiment): string;
+
+/**
+ * Polyglot Dependency Graph — Import Parsing for Python, Go, Java, Rust
+ *
+ * Problem: The existing graph.ts uses ts-morph (AST) which only handles TS/JS.
+ * For a 20K-dev org with Java, Python, Go, Rust — the dependency graph is empty.
+ * No graph → no hub detection → no risk scoring → useless context selection.
+ *
+ * Solution: Regex-based import parsers for each language. Not AST-accurate, but
+ * good enough for dependency graph construction. We don't need perfect resolution;
+ * we need to know "file A probably depends on file B" for hub/risk scoring.
+ *
+ * Each parser:
+ *   1. Extracts import specifiers from file content using regex
+ *   2. Resolves specifiers to relative file paths within the project
+ *   3. Returns edges: { from: relativePath, to: relativePath }
+ *
+ * Supported languages:
+ *   - Python: import x, from x import y, relative imports
+ *   - Go: import "pkg", import ( "pkg" ... )
+ *   - Java: import com.example.Foo, package declaration
+ *   - Rust: use crate::x, mod x, use super::x
+ *
+ * Design: Pure functions. No external deps. Deterministic.
+ */
+
+type SupportedLanguage = 'python' | 'go' | 'java' | 'rust' | 'typescript';
+interface ImportSpec {
+    /** The raw import specifier as written in the source */
+    raw: string;
+    /** Whether this is a relative import */
+    isRelative: boolean;
+}
+declare function detectLanguage(filePath: string): SupportedLanguage | null;
+/**
+ * Parse imports from a non-TS file and resolve to project-relative paths.
+ * Returns dependency edges for the project graph.
+ *
+ * @param filePath - Absolute path to the source file
+ * @param relativePath - Project-relative path (e.g., "src/auth/login.py")
+ * @param projectPath - Absolute path to the project root
+ * @param allRelativePaths - Set of all file paths in the project (for resolution)
+ * @param content - Optional file content (read from disk if not provided)
+ */
+declare function parseImports(filePath: string, relativePath: string, projectPath: string, allRelativePaths: Set<string>, content?: string): GraphEdge[];
+/**
+ * Parse imports for ALL non-TS files in a project.
+ * Call this alongside ts-morph's buildProjectGraph for TS files.
+ */
+declare function parseAllPolyglotImports(files: {
+    relativePath: string;
+    absolutePath: string;
+    content?: string;
+}[], projectPath: string): GraphEdge[];
+/**
+ * Estimate cyclomatic complexity from source code using regex.
+ * Not AST-accurate but good enough for risk scoring.
+ */
+declare function estimateComplexity(content: string, lang: SupportedLanguage): number;
+
+/**
+ * Multi-Stage Reranker
+ *
+ * The problem: BM25 retrieval gets 54% precision. Adding risk scoring drops it
+ * to 33% because high-risk irrelevant files fill the budget.
+ *
+ * The solution: a 3-stage pipeline that turns BM25 candidates into a precision-
+ * optimized selection:
+ *
+ *   Stage 1: RETRIEVE (BM25 top-K) — already done by tfidf.ts
+ *   Stage 2: RERANK (multi-signal rescoring)
+ *     - Term coverage: what fraction of UNIQUE query terms does the file match?
+ *     - Term specificity: are the matched terms rare (high IDF) or generic?
+ *     - Bigram proximity: do query terms appear near each other in the file?
+ *     - Dependency signal: is this file in the dependency cone of a top match?
+ *     - Path relevance: does the file path match query terms?
+ *   Stage 3: QUALITY GATE (adaptive cutoff)
+ *     - Hard floor: files below absolute threshold are excluded
+ *     - Elbow detection: find the natural drop-off point in scores
+ *     - Don't fill budget with noise — stop when quality degrades
+ *
+ * This is a cross-encoder-like approach using hand-crafted features instead
+ * of a neural model. No ML dependencies. Deterministic.
+ */
+
+interface RerankInput {
+    /** Task description */
+    task: string;
+    /** BM25 candidates from tfidf.query() */
+    candidates: SemanticMatch[];
+    /** The TF-IDF index (for IDF weights) */
+    index: TfIdfIndex;
+    /** File contents for bigram proximity analysis */
+    fileContents: Map<string, string>;
+    /** Dependency edges: from → to[] */
+    dependencies: Map<string, string[]>;
+    /** All file paths in the project */
+    allFilePaths: string[];
+}
+interface RerankResult {
+    /** Reranked and filtered files — only high-quality matches */
+    files: RerankedFile[];
+    /** Files that were cut by the quality gate */
+    filtered: FilteredFile[];
+    /** The quality threshold used */
+    qualityThreshold: number;
+    /** Telemetry data for observability and debugging */
+    telemetry: RerankTelemetry;
+}
+interface RerankTelemetry {
+    /** Total candidates received from BM25 */
+    candidatesIn: number;
+    /** Files that passed the quality gate */
+    candidatesOut: number;
+    /** Files filtered out */
+    candidatesFiltered: number;
+    /** Timing in milliseconds */
+    durationMs: number;
+    /** Signal weight configuration used */
+    weights: typeof WEIGHTS;
+    /** Quality gate thresholds used */
+    gateConfig: {
+        absoluteFloor: number;
+        elbowDropRatio: number;
+        minTermCoverage: number;
+    };
+    /** Aggregate signal statistics across all candidates (before gate) */
+    signalStats: {
+        termCoverage: {
+            min: number;
+            max: number;
+            mean: number;
+            median: number;
+        };
+        termSpecificity: {
+            min: number;
+            max: number;
+            mean: number;
+            median: number;
+        };
+        bigramProximity: {
+            min: number;
+            max: number;
+            mean: number;
+            median: number;
+        };
+        dependencySignal: {
+            min: number;
+            max: number;
+            mean: number;
+            median: number;
+        };
+        pathRelevance: {
+            min: number;
+            max: number;
+            mean: number;
+            median: number;
+        };
+    };
+    /** Filter reason breakdown: reason → count */
+    filterReasons: Record<string, number>;
+    /** Score distribution: [min, p25, p50, p75, max] across all scored candidates */
+    scoreDistribution: [number, number, number, number, number];
+    /** Number of unique query terms */
+    queryTermCount: number;
+    /** Size of the dependency relevance cone */
+    relevanceConeSize: number;
+}
+interface RerankedFile {
+    filePath: string;
+    /** Final reranked score (0-1) */
+    score: number;
+    /** Original BM25 score */
+    bm25Score: number;
+    /** Individual signal scores */
+    signals: {
+        termCoverage: number;
+        termSpecificity: number;
+        bigramProximity: number;
+        dependencySignal: number;
+        pathRelevance: number;
+    };
+}
+interface FilteredFile {
+    filePath: string;
+    score: number;
+    reason: string;
+}
+declare const WEIGHTS: {
+    termCoverage: number;
+    termSpecificity: number;
+    bigramProximity: number;
+    dependencySignal: number;
+    pathRelevance: number;
+};
+/**
+ * Rerank BM25 candidates using multi-signal scoring + quality gate.
+ * Returns only files that pass the quality threshold.
+ */
+declare function rerank(input: RerankInput): RerankResult;
+
+declare function countTokensTiktoken(text: string): number;
+declare function countTokensChars4(sizeInBytes: number): number;
+declare function estimateTokens(content: string, sizeInBytes: number, method?: 'chars4' | 'tiktoken'): number;
+declare function estimateFileTokens(filePath: string, method?: 'chars4' | 'tiktoken'): Promise<number>;
+declare function freeEncoder(): void;
+
 type LogLevel = 'debug' | 'info' | 'warn' | 'error';
 interface LogEntry {
     level: LogLevel;
@@ -877,173 +974,36 @@ declare class CtoError extends Error {
 declare function isCtoError(err: unknown): err is CtoError;
 declare function wrapError(err: unknown, code: CtoErrorCode, module: string, context?: Record<string, unknown>): CtoError;
 
-declare function countTokensTiktoken(text: string): number;
-declare function countTokensChars4(sizeInBytes: number): number;
-declare function estimateTokens(content: string, sizeInBytes: number, method?: 'chars4' | 'tiktoken'): number;
-declare function estimateFileTokens(filePath: string, method?: 'chars4' | 'tiktoken'): Promise<number>;
-declare function freeEncoder(): void;
-
-type MonorepoTool = 'npm-workspaces' | 'yarn-workspaces' | 'pnpm-workspaces' | 'turborepo' | 'nx' | 'lerna' | 'none';
-interface PackageInfo {
-    name: string;
-    path: string;
-    relativePath: string;
-    files: number;
-    tokens: number;
-    dependencies: string[];
-    dependents: string[];
-    isShared: boolean;
-    entryPoints: string[];
-}
-interface CrossPackageEdge {
-    from: string;
-    to: string;
-    files: number;
-    type: 'dependency' | 'devDependency' | 'peer';
-}
-interface MonorepoAnalysis {
-    detected: boolean;
-    tool: MonorepoTool;
-    rootPath: string;
-    packages: PackageInfo[];
-    sharedPackages: PackageInfo[];
-    crossPackageEdges: CrossPackageEdge[];
-    isolationScore: number;
-    totalTokens: number;
-    packageTokenMap: Record<string, number>;
-}
-interface PackageContextResult {
-    targetPackage: string;
-    includedPackages: string[];
-    excludedPackages: string[];
-    originalTokens: number;
-    optimizedTokens: number;
-    savedTokens: number;
-    savedPercent: number;
-}
-declare function detectMonorepoTool(rootPath: string): Promise<MonorepoTool>;
-declare function analyzeMonorepo(rootPath: string, analysis?: ProjectAnalysis): Promise<MonorepoAnalysis>;
-declare function selectPackageContext(monorepo: MonorepoAnalysis, targetPackage: string): PackageContextResult;
-declare function renderMonorepoAnalysis(mono: MonorepoAnalysis): string;
-declare function renderPackageContext(result: PackageContextResult): string;
-
-interface QualityGateConfig {
-    threshold: number;
-    failOnSecrets: boolean;
-    failOnRegression: boolean;
-    regressionLimit: number;
-    baselinePath: string;
-    secretSeverities: string[];
-}
-interface QualityGateCheck {
-    name: string;
-    passed: boolean;
-    detail: string;
-    severity: 'error' | 'warning' | 'info';
-}
-interface Baseline {
-    score: number;
-    grade: string;
-    timestamp: string;
-    commit?: string;
-    branch?: string;
-    dimensions: Record<string, number>;
-}
-interface QualityGateResult {
-    passed: boolean;
-    score: number;
-    grade: string;
-    previousScore: number | null;
-    delta: number | null;
-    checks: QualityGateCheck[];
-    baseline: Baseline | null;
-    prComment: string;
-    summary: string;
-}
-declare const DEFAULT_GATE_CONFIG: QualityGateConfig;
-declare function loadBaseline(projectPath: string, baselinePath?: string): Promise<Baseline | null>;
-declare function saveBaseline(projectPath: string, score: ContextScore, commit?: string, branch?: string, baselinePath?: string): Promise<void>;
-declare function runQualityGate(score: ContextScore, analysis: ProjectAnalysis, secretFindings: {
-    severity: string;
-}[], config?: Partial<QualityGateConfig>): Promise<QualityGateResult>;
-
-interface ReviewResult {
-    branch: string;
-    baseBranch: string;
-    isGitRepo: boolean;
-    changedFiles: ReviewFile[];
-    totalLinesChanged: number;
-    breakingChanges: BreakingChange[];
-    missingFiles: MissingFile[];
-    impactRadius: ImpactRadius;
-    reviewQuality: ReviewQuality;
-    reviewPrompt: string;
-    renderedSummary: string;
-}
-interface ReviewFile {
-    relativePath: string;
-    changeType: 'added' | 'modified' | 'deleted' | 'renamed';
-    linesAdded: number;
-    linesRemoved: number;
-    riskScore: number;
-    kind: string;
-    hunks: DiffHunk[];
-    hasExportChanges: boolean;
-    hasTypeChanges: boolean;
-}
-interface DiffHunk {
-    startLine: number;
-    endLine: number;
-    header: string;
-    additions: string[];
-    deletions: string[];
-}
-interface BreakingChange {
-    file: string;
-    type: 'export-removed' | 'export-renamed' | 'type-changed' | 'interface-changed' | 'function-signature' | 'enum-modified' | 'default-export-changed';
-    severity: 'critical' | 'high' | 'medium';
-    description: string;
-    affectedFiles: string[];
-    line?: number;
-}
-interface MissingFile {
-    file: string;
-    reason: string;
-    severity: 'high' | 'medium' | 'low';
-    relatedChangedFile: string;
-    relationship: 'imports' | 'imported-by' | 'sibling-type' | 'test' | 'co-located';
-}
-interface ImpactRadius {
-    directlyAffected: number;
-    transitivelyAffected: number;
-    totalAffected: number;
-    affectedTests: number;
-    riskScore: number;
-    hotspots: {
-        file: string;
-        dependents: number;
-        riskScore: number;
-    }[];
-}
-interface ReviewQuality {
-    score: number;
-    grade: string;
-    factors: ReviewFactor[];
-}
-interface ReviewFactor {
-    name: string;
-    score: number;
-    weight: number;
-    detail: string;
+declare function scanContentForSecrets(content: string, filePath: string, customPatterns?: string[], extraPiiSafeDomains?: Set<string>): SecretFinding[];
+declare function scanFileForSecrets(filePath: string, projectPath: string, customPatterns?: string[]): Promise<SecretFinding[]>;
+declare function scanProjectForSecrets(projectPath: string, filePaths: string[], customPatterns?: string[]): Promise<SecretFinding[]>;
+declare function sanitizeContent(content: string, customPatterns?: string[]): string;
+interface AuditResult {
+    findings: SecretFinding[];
+    summary: {
+        totalFiles: number;
+        filesScanned: number;
+        filesWithSecrets: number;
+        totalFindings: number;
+        bySeverity: {
+            critical: number;
+            high: number;
+            medium: number;
+            low: number;
+        };
+        byType: Record<string, number>;
+    };
+    recommendations: string[];
 }
-interface ReviewOptions {
-    baseBranch?: string;
-    depth?: number;
-    includeTests?: boolean;
-    maxPromptFiles?: number;
-    maxPromptTokens?: number;
+interface AuditOptions {
+    customPatterns?: string[];
+    entropyThreshold?: number;
+    includePII?: boolean;
+    useAllowlist?: boolean;
+    incrementalScan?: boolean;
+    severityOverrides?: Partial<Record<SecretType, SecretFinding['severity']>>;
+    piiSafeDomains?: string[];
 }
-declare function analyzeForReview(analysis: ProjectAnalysis, options?: ReviewOptions): Promise<ReviewResult>;
-declare function renderReviewSummary(branch: string, baseBranch: string, changedFiles: ReviewFile[], breakingChanges: BreakingChange[], missingFiles: MissingFile[], impactRadius: ImpactRadius, reviewQuality: ReviewQuality): string;
+declare function auditProject(projectPath: string, filePaths: string[], options?: AuditOptions): Promise<AuditResult>;
 
-export { type Baseline, type BenchmarkResult, type BreakingChange, type ChangeType, type ChangedFile, type CompilabilityMetrics, type CompilabilityResult, type CompileProofResult, type CompileProofStrategy, type ContextScore, type CrossPackageEdge, type CrossRepoModel, type CrossRepoPrediction, CtoError, type CtoErrorCode, DEFAULT_GATE_CONFIG, type DiffHunk, type DimensionScore, type FeedbackEntry, type FeedbackInsight, type FeedbackModel, type FeedbackOutcome, type FileChangeEvent, type Grade, type ImpactRadius, type LogEntry, type LogLevel, type Logger, MODEL_REGISTRY, type MissingFile, type ModelOptimization, type ModelProfile, type MonorepoAnalysis, type MonorepoTool, type MultiModelResult, type PRContextOptions, type PRContextResult, type PackageContextResult, type PackageInfo, type PredictionResult, type PredictorModel, type ProjectFingerprint, ProjectWatcher, type QualityBenchmarkResult, type QualityGateCheck, type QualityGateConfig, type QualityGateResult, type QualityMetrics, type ReviewFactor, type ReviewFile, type ReviewOptions, type ReviewQuality, type ReviewResult, type ScoreInsight, type SelectionInput, type SemanticAnalysis, type SemanticDomain, type SemanticFingerprint, type StrategyResult, type TeamFeedbackExport, type WatcherOptions, analyzeForReview, analyzeMonorepo, analyzeProject, analyzeSemantics, bfsBidirectional, buildAdjacencyList, buildProjectGraph, calculateCoverage, classifyFileKind, computeContextScore, computeFingerprint, configureCache, countTokensChars4, countTokensTiktoken, createLogger, createProject, detectMonorepoTool, detectStack, estimateFileTokens, estimateTokens, exportFeedbackForTeam, freeEncoder, generatePRContext, getActiveWatchers, getCTODir, getCacheStats, getCachedAnalysis, getConfigPath, getCrossRepoStats, getFeedbackBoosts, getModelStats, getPolicyPath, getPredictorBoosts, getPruneLevelForRisk, importTeamFeedback, initProjectConfig, invalidateCache, isCtoError, loadBaseline, loadConfig, loadFeedbackModel, loadGlobalModel, loadModel, loadPolicyFromYAML, matchGlob, optimizeBudget, optimizeForModels, predictFromCrossRepo, predictRelevantFiles, pruneFile, pruneFiles, recordCrossRepoSelection, recordFeedback, recordSelection, renderBenchmark, renderCompilabilityBenchmark, renderCompileProof, renderContextScore, renderCrossRepoReport, renderFeedbackReport, renderMonorepoAnalysis, renderMultiModelResult, renderPackageContext, renderQualityBenchmark, renderReviewSummary, renderSemanticAnalysis, runBenchmark, runCompilabilityBenchmark, runCompileProof, runQualityBenchmark, runQualityGate, saveBaseline, saveConfig, scoreAllFiles, scoreFile, selectContext, selectPackageContext, semanticBoosts, setJsonLogging, setLogLevel, unwatchAll, unwatchProject, walkProject, watchProject, wilsonLowerBound, wrapError };
+export { type AssignmentResult, type ContextPipelineInput, type ContextPipelineResult, CtoError, type CtoErrorCode, type DocumentVector, type Experiment, type ExperimentConclusion, type ExperimentGroup, type FilteredFile, type GroupMetrics, type ImportSpec, type IndexCacheStats, type LearnerBoost, type LearnerBoostInput, type LearnerModel, type LogEntry, type LogLevel, type Logger, type MultiRepoResult, type PatternStats, type RerankInput, type RerankResult, type RerankedFile, type SecretFinding, type SecretType, type SelectionInput, type SemanticMatch, type SemanticScore, type SiblingMatch, type SiblingRepo, type SignificanceResult, type SupportedLanguage, type TfIdfIndex, analyzeProject, assignGroup, auditProject, bfsBidirectional, boostByPath, buildAdjacencyList, buildIndex, buildIndexCached, buildProjectGraph, calculateCoverage, classifyFileKind, countTokensChars4, countTokensTiktoken, createExperiment, createLogger, createProject, detectLanguage, detectStack, discoverSiblingRepos, estimateComplexity, estimateFileTokens, estimateTokens, extractPattern, freeEncoder, getActiveExperiment, getCacheInfo, getConcludedExperiments, getLearnerBoosts, getLearnerStats, getPruneLevelForRisk, invalidateCache, isCtoError, loadExperiments, loadLearner, optimizeBudget, parseAllPolyglotImports, parseImports, parseSiblingPaths, pruneFile, pruneFiles, query, querySiblingRepos, recordOutcome, recordSelection, renderExperimentSummary, renderMultiRepoSummary, rerank, runContextPipeline, sanitizeContent, saveExperiments, saveLearner, scanContentForSecrets, scanFileForSecrets, scanProjectForSecrets, scoreAllFiles, scoreFile, selectContext, setJsonLogging, setLogLevel, similarity, testSignificance, tokenize, walkProject, wrapError };