edsger 0.75.1 → 0.77.0

package/dist/phases/find-shared/baseline.js

@@ -0,0 +1,56 @@
+/**
+ * Server-side scan baseline, shared across the find-* phases.
+ *
+ * A baseline pins a commit as the "everything before here is acknowledged"
+ * floor for a scope. On a fresh scan (no machine-local scan-state cursor) the
+ * find-* scanners use it as the diff base so only findings in code changed
+ * since the baseline are reported — the "only new" view DCM-style baselines
+ * provide — instead of re-filing the entire pre-existing backlog.
+ *
+ * Read here via the user's supabase session; written from the desktop app
+ * (services/db/quality-baselines.ts). Stored in `quality_scan_baselines`.
+ */
+import { logInfo } from '../../utils/logger.js';
+import { readScopedRow } from './scoped-read.js';
+/**
+ * Resolve the diff base for a scan, given the explicit `--full` flag, the
+ * machine-local last-scanned cursor, and the server baseline. Pure + exported
+ * for testing.
+ *
+ * - `--full` always wins → undefined (scan everything, ignore baseline).
+ * - otherwise prefer the local cursor (normal incremental), falling back to
+ *   the baseline so a fresh checkout still suppresses the pre-existing backlog.
+ */
+export function resolveScanBaseSha(opts) {
+    if (opts.full) {
+        return undefined;
+    }
+    // `||` (not `??`) so an empty-string cursor falls through to the baseline.
+    return opts.lastScannedSha || opts.baselineSha || undefined;
+}
+/**
+ * Fetch the pinned baseline commit for a scope, or null if none is set / no
+ * session is available. Never throws — a baseline read failure must not abort
+ * a scan (it just degrades to a full scan).
+ */
+export async function getScanBaseline(scope) {
+    const row = await readScopedRow('quality_scan_baselines', 'baseline_commit_sha', scope);
+    return row?.baseline_commit_sha ?? null;
+}
+/**
+ * Fetch the baseline and resolve the scan's diff base in one call, logging when
+ * the baseline floor is applied on a fresh checkout. Shared by every find-*
+ * phase so the baseline wiring lives in one place.
+ */
+export async function resolveScanBase(scope, opts) {
+    const baselineSha = await getScanBaseline(scope);
+    const baseSha = resolveScanBaseSha({
+        full: opts.full,
+        lastScannedSha: opts.lastScannedSha,
+        baselineSha,
+    });
+    if (!opts.full && !opts.lastScannedSha && baselineSha) {
+        logInfo(`No local scan history; using server baseline ${baselineSha.slice(0, 8)} — reporting only findings new since the baseline.`);
+    }
+    return baseSha;
+}

package/dist/phases/find-shared/custom-rules.d.ts

@@ -0,0 +1,39 @@
+/**
+ * Per-scope user-authored custom rules, shared across the find-* phases.
+ *
+ * Where the built-in rule packs (rule-packs.ts) ship stack-specific guidance,
+ * custom rules let a team write their *own* checks in natural language — the
+ * configurable-rules / CQLinq capability NDepend-style tools expose, without
+ * the query language. Each enabled rule's guidance is appended to the relevant
+ * scanner's system prompt so the agent flags violations like any other finding.
+ *
+ * Read here from the user's supabase session; authored from the desktop app
+ * (services/db/quality-custom-rules.ts). Stored in `quality_custom_rules`.
+ */
+import type { ScanScope } from './baseline.js';
+import type { FindPhaseKind } from './rule-packs.js';
+/** Phases that consume injected custom-rule guidance today. */
+export type CustomRulePhase = Extract<FindPhaseKind, 'smells' | 'architecture'>;
+export interface CustomRule {
+    label: string;
+    guidance: string;
+}
+/**
+ * Fetch the enabled custom rules for a scope + phase, oldest first. Never
+ * throws — a read failure (or no session) must not abort a scan; it just means
+ * no custom rules are injected.
+ */
+export declare function getCustomRules(scope: ScanScope, phase: CustomRulePhase): Promise<CustomRule[]>;
+/**
+ * Render custom rules into a markdown block for appending to a find-* system
+ * prompt. Returns '' when there are none, so callers can concatenate
+ * unconditionally (same contract as renderRulePacks). Pure + exported for
+ * testing.
+ */
+export declare function renderCustomRules(rules: CustomRule[]): string;
+/**
+ * Fetch + render the scope's custom rules for a phase in one call, logging how
+ * many were applied. Shared by the rule-consuming phases so the wiring lives in
+ * one place. Returns the markdown block ('' when none apply).
+ */
+export declare function resolveCustomRules(scope: ScanScope, phase: CustomRulePhase): Promise<string>;

package/dist/phases/find-shared/custom-rules.js

@@ -0,0 +1,75 @@
+/**
+ * Per-scope user-authored custom rules, shared across the find-* phases.
+ *
+ * Where the built-in rule packs (rule-packs.ts) ship stack-specific guidance,
+ * custom rules let a team write their *own* checks in natural language — the
+ * configurable-rules / CQLinq capability NDepend-style tools expose, without
+ * the query language. Each enabled rule's guidance is appended to the relevant
+ * scanner's system prompt so the agent flags violations like any other finding.
+ *
+ * Read here from the user's supabase session; authored from the desktop app
+ * (services/db/quality-custom-rules.ts). Stored in `quality_custom_rules`.
+ */
+import { getSupabase, hasSupabaseSession } from '../../supabase/client.js';
+import { logInfo, logWarning } from '../../utils/logger.js';
+/**
+ * Fetch the enabled custom rules for a scope + phase, oldest first. Never
+ * throws — a read failure (or no session) must not abort a scan; it just means
+ * no custom rules are injected.
+ */
+export async function getCustomRules(scope, phase) {
+    if (!hasSupabaseSession()) {
+        return [];
+    }
+    try {
+        const query = getSupabase()
+            .from('quality_custom_rules')
+            .select('label, guidance')
+            .eq('phase', phase)
+            .eq('enabled', true);
+        const scoped = scope.productId
+            ? query.eq('product_id', scope.productId)
+            : query.eq('repository_id', scope.repoId);
+        const { data, error } = await scoped.order('created_at', {
+            ascending: true,
+        });
+        if (error) {
+            logWarning(`Could not read quality_custom_rules: ${error.message}`);
+            return [];
+        }
+        return data ?? [];
+    }
+    catch (err) {
+        logWarning(`Could not read quality_custom_rules: ${err instanceof Error ? err.message : String(err)}`);
+        return [];
+    }
+}
+/**
+ * Render custom rules into a markdown block for appending to a find-* system
+ * prompt. Returns '' when there are none, so callers can concatenate
+ * unconditionally (same contract as renderRulePacks). Pure + exported for
+ * testing.
+ */
+export function renderCustomRules(rules) {
+    if (rules.length === 0) {
+        return '';
+    }
+    const sections = rules
+        .map((r) => `### ${r.label}\n${r.guidance}`)
+        .join('\n\n');
+    return `\n\n**Custom rules** — this team has defined the following project-specific checks. Treat each as an additional category, applying the same severity rubric and output format as the generic categories above:\n\n${sections}`;
+}
+/**
+ * Fetch + render the scope's custom rules for a phase in one call, logging how
+ * many were applied. Shared by the rule-consuming phases so the wiring lives in
+ * one place. Returns the markdown block ('' when none apply).
+ */
+export async function resolveCustomRules(scope, phase) {
+    const rules = await getCustomRules(scope, phase);
+    if (rules.length > 0) {
+        logInfo(`Applying ${rules.length} custom ${phase} rule(s): ${rules
+            .map((r) => r.label)
+            .join(', ')}`);
+    }
+    return renderCustomRules(rules);
+}

package/dist/phases/find-shared/detect-context.d.ts

@@ -0,0 +1,40 @@
+/**
+ * Deterministic project-context detection, shared across the find-* phases.
+ *
+ * The find-* auditors are LLM-driven and already language-agnostic for the
+ * generic smell/bug/architecture categories — the agent reads whatever source
+ * is in the repo. This module adds the missing piece needed for *targeted*,
+ * stack-specific rules: a cheap, no-LLM detection of which languages and
+ * frameworks a repository actually contains, so the right rule packs (see
+ * `rule-packs.ts`) can be selected and injected into the system prompt.
+ *
+ * It mirrors the role that Phase 1 detection plays for `quality-benchmark`,
+ * but stays deterministic (manifest-file inspection only) so a scan never pays
+ * an extra model round-trip just to figure out the stack.
+ *
+ * Polyglot repos are first-class: a monorepo with `apps/mobile/pubspec.yaml`
+ * and `services/api/go.mod` resolves to `{ languages: ['dart','go'],
+ * frameworks: ['flutter'] }`, and every matching rule pack is selected.
+ *
+ * Detection is best-effort and must never throw — a malformed manifest simply
+ * contributes nothing.
+ */
+/**
+ * Detected stack for a repository. Values are lowercased so callers can do
+ * case-insensitive set membership without re-normalising — same convention as
+ * `selectToolsForContext` in the quality-benchmark tool catalog.
+ */
+export interface ProjectContext {
+    /** Languages present, e.g. ['dart', 'go', 'ts']. */
+    languages: string[];
+    /** Frameworks present, e.g. ['flutter', 'react']. */
+    frameworks: string[];
+    /** Marker filenames that were found, e.g. ['pubspec.yaml', 'package.json']. */
+    files_present: string[];
+}
+/**
+ * Detect the languages and frameworks present in a repository checkout.
+ *
+ * @param repoRoot absolute path to the repo checkout (cwd of the auditor).
+ */
+export declare function detectProjectContext(repoRoot: string): ProjectContext;

package/dist/phases/find-shared/detect-context.js

@@ -0,0 +1,247 @@
+/**
+ * Deterministic project-context detection, shared across the find-* phases.
+ *
+ * The find-* auditors are LLM-driven and already language-agnostic for the
+ * generic smell/bug/architecture categories — the agent reads whatever source
+ * is in the repo. This module adds the missing piece needed for *targeted*,
+ * stack-specific rules: a cheap, no-LLM detection of which languages and
+ * frameworks a repository actually contains, so the right rule packs (see
+ * `rule-packs.ts`) can be selected and injected into the system prompt.
+ *
+ * It mirrors the role that Phase 1 detection plays for `quality-benchmark`,
+ * but stays deterministic (manifest-file inspection only) so a scan never pays
+ * an extra model round-trip just to figure out the stack.
+ *
+ * Polyglot repos are first-class: a monorepo with `apps/mobile/pubspec.yaml`
+ * and `services/api/go.mod` resolves to `{ languages: ['dart','go'],
+ * frameworks: ['flutter'] }`, and every matching rule pack is selected.
+ *
+ * Detection is best-effort and must never throw — a malformed manifest simply
+ * contributes nothing.
+ */
+import { readdirSync, readFileSync, statSync } from 'node:fs';
+import { join } from 'node:path';
+/** Directories never worth walking — vendored, generated, or VCS metadata. */
+const SKIP_DIRS = new Set([
+    'node_modules',
+    '.git',
+    'dist',
+    'build',
+    'out',
+    '.next',
+    '.dart_tool',
+    'target',
+    'vendor',
+    'Pods',
+    '.gradle',
+    '__pycache__',
+    '.venv',
+    'venv',
+]);
+/**
+ * How deep to walk looking for manifest files. Root + a couple of levels
+ * catches the common monorepo layouts (`apps/<x>/`, `packages/<x>/`,
+ * `services/<x>/`) without descending into the whole tree.
+ */
+const MAX_DEPTH = 3;
+/**
+ * Walk the repo (bounded depth, skipping vendored dirs) and collect the
+ * absolute paths of every manifest file we know how to read. Defensive: any
+ * unreadable directory is skipped silently.
+ */
+function collectManifests(repoRoot) {
+    // marker filename → list of absolute paths where it was found
+    const found = new Map();
+    const record = (marker, absPath) => {
+        const list = found.get(marker) ?? [];
+        list.push(absPath);
+        found.set(marker, list);
+    };
+    const walk = (dir, depth) => {
+        if (depth > MAX_DEPTH) {
+            return;
+        }
+        let entries;
+        try {
+            entries = readdirSync(dir);
+        }
+        catch {
+            return;
+        }
+        for (const entry of entries) {
+            const abs = join(dir, entry);
+            let isDir = false;
+            try {
+                isDir = statSync(abs).isDirectory();
+            }
+            catch {
+                continue;
+            }
+            if (isDir) {
+                if (!SKIP_DIRS.has(entry) && !entry.startsWith('.')) {
+                    walk(abs, depth + 1);
+                }
+                continue;
+            }
+            // File: record exact-name and extension-based markers.
+            if (MARKER_FILES.has(entry)) {
+                record(entry, abs);
+            }
+            else if (entry.endsWith('.csproj')) {
+                record('*.csproj', abs);
+            }
+            else if (entry.endsWith('.gemspec')) {
+                record('*.gemspec', abs);
+            }
+        }
+    };
+    walk(repoRoot, 0);
+    return found;
+}
+/** Exact-name manifest files we look for. */
+const MARKER_FILES = new Set([
+    'pubspec.yaml',
+    'package.json',
+    'tsconfig.json',
+    'go.mod',
+    'Cargo.toml',
+    'pyproject.toml',
+    'requirements.txt',
+    'setup.py',
+    'Pipfile',
+    'Gemfile',
+    'pom.xml',
+    'build.gradle',
+    'build.gradle.kts',
+]);
+function safeRead(paths) {
+    if (!paths || paths.length === 0) {
+        return '';
+    }
+    let out = '';
+    for (const p of paths) {
+        try {
+            out += `\n${readFileSync(p, 'utf-8')}`;
+        }
+        catch {
+            // unreadable manifest contributes nothing
+        }
+    }
+    return out;
+}
+/** Add every framework whose marker regex matches `haystack`. */
+function addFrameworks(frameworks, haystack, markers) {
+    for (const [re, name] of markers) {
+        if (re.test(haystack)) {
+            frameworks.add(name);
+        }
+    }
+}
+function detectDart({ manifests, languages, frameworks }) {
+    if (!manifests.has('pubspec.yaml')) {
+        return;
+    }
+    languages.add('dart');
+    const pubspec = safeRead(manifests.get('pubspec.yaml'));
+    // Flutter projects declare `flutter:` as a dependency / SDK constraint.
+    if (/\bflutter\s*:/.test(pubspec) || /sdk:\s*flutter/.test(pubspec)) {
+        frameworks.add('flutter');
+    }
+}
+const JS_FRAMEWORK_MARKERS = [
+    [/"react-native"\s*:/, 'react-native'],
+    [/"react"\s*:/, 'react'],
+    [/"next"\s*:/, 'next'],
+    [/"vue"\s*:/, 'vue'],
+    [/"@angular\/core"\s*:/, 'angular'],
+    [/"svelte"\s*:/, 'svelte'],
+    [/"express"\s*:/, 'express'],
+    [/"@nestjs\/core"\s*:/, 'nest'],
+];
+function detectJsTs({ manifests, languages, frameworks }) {
+    if (!manifests.has('package.json')) {
+        return;
+    }
+    languages.add('js');
+    const pkg = safeRead(manifests.get('package.json'));
+    if (manifests.has('tsconfig.json') || /"typescript"\s*:/.test(pkg)) {
+        languages.add('ts');
+    }
+    addFrameworks(frameworks, pkg, JS_FRAMEWORK_MARKERS);
+}
+const PY_FRAMEWORK_MARKERS = [
+    [/\bdjango\b/i, 'django'],
+    [/\bfastapi\b/i, 'fastapi'],
+    [/\bflask\b/i, 'flask'],
+];
+function detectPython({ manifests, languages, frameworks }) {
+    const hasPy = manifests.has('pyproject.toml') ||
+        manifests.has('requirements.txt') ||
+        manifests.has('setup.py') ||
+        manifests.has('Pipfile');
+    if (!hasPy) {
+        return;
+    }
+    languages.add('py');
+    const py = safeRead(manifests.get('pyproject.toml')) +
+        safeRead(manifests.get('requirements.txt')) +
+        safeRead(manifests.get('Pipfile'));
+    addFrameworks(frameworks, py, PY_FRAMEWORK_MARKERS);
+}
+function detectRuby({ manifests, languages, frameworks }) {
+    if (!manifests.has('Gemfile') && !manifests.has('*.gemspec')) {
+        return;
+    }
+    languages.add('ruby');
+    if (/\brails\b/i.test(safeRead(manifests.get('Gemfile')))) {
+        frameworks.add('rails');
+    }
+}
+function detectJvm({ manifests, languages }) {
+    const hasJvm = manifests.has('pom.xml') ||
+        manifests.has('build.gradle') ||
+        manifests.has('build.gradle.kts');
+    if (!hasJvm) {
+        return;
+    }
+    languages.add('java');
+    const gradle = safeRead(manifests.get('build.gradle')) +
+        safeRead(manifests.get('build.gradle.kts'));
+    if (manifests.has('build.gradle.kts') || /\bkotlin\b/i.test(gradle)) {
+        languages.add('kotlin');
+    }
+}
+/** Single-marker languages with no framework inference. */
+const SIMPLE_LANGUAGES = [
+    ['go.mod', 'go'],
+    ['Cargo.toml', 'rust'],
+    ['*.csproj', 'cs'],
+];
+/**
+ * Detect the languages and frameworks present in a repository checkout.
+ *
+ * @param repoRoot absolute path to the repo checkout (cwd of the auditor).
+ */
+export function detectProjectContext(repoRoot) {
+    const manifests = collectManifests(repoRoot);
+    const acc = {
+        manifests,
+        languages: new Set(),
+        frameworks: new Set(),
+    };
+    for (const [marker, lang] of SIMPLE_LANGUAGES) {
+        if (manifests.has(marker)) {
+            acc.languages.add(lang);
+        }
+    }
+    detectDart(acc);
+    detectJsTs(acc);
+    detectPython(acc);
+    detectRuby(acc);
+    detectJvm(acc);
+    return {
+        languages: [...acc.languages],
+        frameworks: [...acc.frameworks],
+        files_present: [...manifests.keys()],
+    };
+}

package/dist/phases/find-shared/mcp.d.ts

@@ -12,22 +12,43 @@ export interface ProductBasics {
     description?: string;
 }
 export declare function fetchProductBasics(productId: string): Promise<ProductBasics>;
+/**
+ * Build prompt "product basics" from a bare repository row (repo-scoped scans
+ * have no product to read). Falls back to the repo id as the display name.
+ */
+export declare function fetchRepositoryBasics(repoId: string): Promise<ProductBasics>;
 /**
  * Fetch the product's open issues for dedup context. Filters out terminal
  * statuses (shipped/archived/closed/...) since those can't conflict with new
  * findings the agent might surface.
  */
 export declare function fetchOpenIssues(productId: string): Promise<IssueInfo[]>;
+/**
+ * Same as `fetchOpenIssues` but scoped to a single repository (repo-scoped
+ * scans). Used for dedup context when filing findings against a bare repo.
+ */
+export declare function fetchOpenIssuesByRepo(repoId: string): Promise<IssueInfo[]>;
 export declare function isTerminalStatus(status: string): boolean;
 export interface CreateIssueInput {
-    productId: string;
+    /** Product scope. Provide this OR repoId (repo-scoped scans). */
+    productId?: string;
+    /** Repository scope. Provide this OR productId. */
+    repoId?: string;
     /** Issue title for `name`. */
     title: string;
     /** Already-formatted markdown body. The caller decides the layout. */
     description: string;
+    /**
+     * Origin tag written to `issues.source`. Omit to accept the DB default
+     * ('manual'). The find-* scanners pass 'quality' so automated findings can be
+     * told apart from hand-written and externally-synced issues.
+     */
+    source?: string;
 }
 /**
- * File a new issue via MCP. Returns the new issue id, or null if MCP returned
- * an error / unexpected shape (already logged).
+ * File a new issue via MCP. The issue is scoped to a product OR a single
+ * repository — exactly one of `productId` / `repoId` should be set. Returns the
+ * new issue id, or null if MCP returned an error / unexpected shape (already
+ * logged).
  */
 export declare function createIssue(input: CreateIssueInput): Promise<string | null>;

package/dist/phases/find-shared/mcp.js

@@ -6,6 +6,7 @@
  * Centralising the calls means a schema change in MCP only needs touching one
  * place, and the per-phase orchestrators stay focused on their own logic.
  */
+import { getRepositoryBasics } from '../../api/github.js';
 import { callMcpEndpoint } from '../../api/mcp-client.js';
 import { getSupabase, hasSupabaseSession } from '../../supabase/client.js';
 import { logError, logWarning } from '../../utils/logger.js';
@@ -25,6 +26,17 @@ export async function fetchProductBasics(productId) {
         return { name: productId };
     }
 }
+/**
+ * Build prompt "product basics" from a bare repository row (repo-scoped scans
+ * have no product to read). Falls back to the repo id as the display name.
+ */
+export async function fetchRepositoryBasics(repoId) {
+    const basics = await getRepositoryBasics(repoId).catch(() => null);
+    return {
+        name: basics?.fullName || repoId,
+        description: basics?.description ?? undefined,
+    };
+}
 /**
  * Fetch the product's open issues for dedup context. Filters out terminal
  * statuses (shipped/archived/closed/...) since those can't conflict with new
@@ -43,6 +55,23 @@ export async function fetchOpenIssues(productId) {
         return [];
     }
 }
+/**
+ * Same as `fetchOpenIssues` but scoped to a single repository (repo-scoped
+ * scans). Used for dedup context when filing findings against a bare repo.
+ */
+export async function fetchOpenIssuesByRepo(repoId) {
+    try {
+        const result = (await callMcpEndpoint('issues/list', {
+            repository_id: repoId,
+        }));
+        const all = result.issues || [];
+        return all.filter((i) => !isTerminalStatus(i.status));
+    }
+    catch (error) {
+        logWarning(`Could not load existing issues for dedup: ${error instanceof Error ? error.message : String(error)}`);
+        return [];
+    }
+}
 export function isTerminalStatus(status) {
     return (status === 'shipped' ||
         status === 'archived' ||
@@ -51,19 +80,25 @@ export function isTerminalStatus(status) {
         status === 'completed');
 }
 /**
- * File a new issue via MCP. Returns the new issue id, or null if MCP returned
- * an error / unexpected shape (already logged).
+ * File a new issue via MCP. The issue is scoped to a product OR a single
+ * repository — exactly one of `productId` / `repoId` should be set. Returns the
+ * new issue id, or null if MCP returned an error / unexpected shape (already
+ * logged).
  */
 export async function createIssue(input) {
+    const productId = input.productId ?? null;
+    const repositoryId = input.repoId ?? null;
     try {
         if (hasSupabaseSession()) {
             try {
                 const { data, error } = await getSupabase()
                     .from('issues')
                     .insert({
-                    product_id: input.productId,
+                    product_id: productId,
+                    repository_id: repositoryId,
                     name: input.title,
                     description: input.description,
+                    ...(input.source ? { source: input.source } : {}),
                 })
                     .select('id')
                     .single();
@@ -77,9 +112,11 @@ export async function createIssue(input) {
             }
         }
         const result = (await callMcpEndpoint('issues/create', {
-            product_id: input.productId,
+            ...(productId ? { product_id: productId } : {}),
+            ...(repositoryId ? { repository_id: repositoryId } : {}),
             name: input.title,
             description: input.description,
+            ...(input.source ? { source: input.source } : {}),
         }));
         return result.issue?.id || result.id || null;
     }

package/dist/phases/find-shared/rule-config.d.ts

@@ -0,0 +1,37 @@
+/**
+ * Per-scope rule-pack configuration, shared across the find-* phases.
+ *
+ * Lets a team tune which stack-aware rule packs the scanners apply via a preset
+ * plus explicit per-pack toggles — the configurable-rules capability DCM-style
+ * tools expose. Read here from the user's supabase session; edited from the
+ * desktop app (services/db/quality-rule-configs.ts). Stored in
+ * `quality_rule_configs`.
+ */
+import type { ScanScope } from './baseline.js';
+import { type RulePack } from './rule-packs.js';
+export type RulePreset = 'minimal' | 'recommended' | 'strict';
+export interface RuleConfig {
+    preset: RulePreset;
+    disabledPacks: string[];
+}
+/**
+ * Apply a rule config to the packs detection selected. Pure + exported for
+ * testing.
+ *
+ * - no config → unchanged (default is 'recommended' = all detected packs).
+ * - 'minimal' → no packs (generic categories only).
+ * - otherwise → detected packs minus the explicitly disabled ones.
+ */
+export declare function applyRuleConfig(packs: RulePack[], config: RuleConfig | null): RulePack[];
+/**
+ * Fetch the rule config for a scope, or null if none is set / no session is
+ * available. Never throws — a read failure must not abort a scan (it just
+ * degrades to the default 'recommended' behaviour).
+ */
+export declare function getRuleConfig(scope: ScanScope): Promise<RuleConfig | null>;
+/**
+ * Detect the repo's stack, apply the scope's rule config, and return the rule
+ * packs to inject — logging the detected stack and chosen packs. Shared by the
+ * pack-consuming phases (find-smells, find-architecture).
+ */
+export declare function resolveStackRulePacks(repoRoot: string, scope: ScanScope): Promise<RulePack[]>;