eyeling 1.21.9 → 1.22.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -0,0 +1,630 @@
1
+ package main
2
+
3
+ import (
4
+ "crypto/hmac"
5
+ "crypto/sha256"
6
+ "encoding/hex"
7
+ "encoding/json"
8
+ "errors"
9
+ "fmt"
10
+ "os"
11
+ "sort"
12
+ "strings"
13
+ "time"
14
+ )
15
+
16
+ type Data struct {
17
+ CaseName string `json:"caseName"`
18
+ Region string `json:"region"`
19
+ Question string `json:"question"`
20
+ Timestamps Timestamps `json:"timestamps"`
21
+ EvaluationContext EvaluationContext `json:"evaluationContext"`
22
+ Thresholds Thresholds `json:"thresholds"`
23
+ Signals Signals `json:"signals"`
24
+ Budget Budget `json:"budget"`
25
+ Packages []Package `json:"packages"`
26
+ InsightPolicy InsightPolicy `json:"insightPolicy"`
27
+ Integrity Integrity `json:"integrity"`
28
+ }
29
+
30
+ type Timestamps struct {
31
+ CreatedAt string `json:"createdAt"`
32
+ ExpiresAt string `json:"expiresAt"`
33
+ AuthorizedAt string `json:"authorizedAt"`
34
+ DutyPerformedAt string `json:"dutyPerformedAt"`
35
+ }
36
+
37
+ type EvaluationContext struct {
38
+ ScopeDevice string `json:"scopeDevice"`
39
+ ScopeEvent string `json:"scopeEvent"`
40
+ Purpose string `json:"purpose"`
41
+ ProhibitedReusePurpose string `json:"prohibitedReusePurpose"`
42
+ }
43
+
44
+ type Thresholds struct {
45
+ ExportOrdersIndexBelow int `json:"exportOrdersIndexBelow"`
46
+ TechnicalVacancyRatePctAbove float64 `json:"technicalVacancyRatePctAbove"`
47
+ GridCongestionHoursAbove int `json:"gridCongestionHoursAbove"`
48
+ ActiveNeedCountAtLeast int `json:"activeNeedCountAtLeast"`
49
+ }
50
+
51
+ type Cluster struct {
52
+ ID string `json:"id"`
53
+ Name string `json:"name"`
54
+ ExportOrdersIndex int `json:"exportOrdersIndex"`
55
+ EnergyIntensity int `json:"energyIntensity"`
56
+ }
57
+
58
+ type LabourMarket struct {
59
+ TechnicalVacancyRatePct float64 `json:"technicalVacancyRatePct"`
60
+ }
61
+
62
+ type Grid struct {
63
+ CongestionHours int `json:"congestionHours"`
64
+ RenewableCurtailmentMWh int `json:"renewableCurtailmentMWh"`
65
+ }
66
+
67
+ type Signals struct {
68
+ Clusters []Cluster `json:"clusters"`
69
+ LabourMarket LabourMarket `json:"labourMarket"`
70
+ Grid Grid `json:"grid"`
71
+ }
72
+
73
+ type Budget struct {
74
+ WindowName string `json:"windowName"`
75
+ MaxMEUR int `json:"maxMEUR"`
76
+ }
77
+
78
+ type Package struct {
79
+ ID string `json:"id"`
80
+ Name string `json:"name"`
81
+ CostMEUR int `json:"costMEUR"`
82
+ WorkerCoverage int `json:"workerCoverage"`
83
+ GridReliefMW int `json:"gridReliefMW"`
84
+ CoversExportWeakness bool `json:"coversExportWeakness"`
85
+ CoversSkillsStrain bool `json:"coversSkillsStrain"`
86
+ CoversGridStress bool `json:"coversGridStress"`
87
+ }
88
+
89
+ type InsightPolicy struct {
90
+ ID string `json:"id"`
91
+ Metric string `json:"metric"`
92
+ Type string `json:"type"`
93
+ SuggestionPolicy string `json:"suggestionPolicy"`
94
+ PolicyType string `json:"policyType"`
95
+ PolicyProfile string `json:"policyProfile"`
96
+ }
97
+
98
+ type Integrity struct {
99
+ HashAlgorithm string `json:"hashAlgorithm"`
100
+ MacAlgorithm string `json:"macAlgorithm"`
101
+ Secret string `json:"secret"`
102
+ VerificationMode string `json:"verificationMode"`
103
+ }
104
+
105
+ type Insight struct {
106
+ CreatedAt string `json:"createdAt"`
107
+ ExpiresAt string `json:"expiresAt"`
108
+ ID string `json:"id"`
109
+ Metric string `json:"metric"`
110
+ Region string `json:"region"`
111
+ ScopeDevice string `json:"scopeDevice"`
112
+ ScopeEvent string `json:"scopeEvent"`
113
+ SuggestionPolicy string `json:"suggestionPolicy"`
114
+ Threshold int `json:"threshold"`
115
+ Type string `json:"type"`
116
+ }
117
+
118
+ type Constraint struct {
119
+ LeftOperand string `json:"leftOperand"`
120
+ Operator string `json:"operator"`
121
+ RightOperand string `json:"rightOperand"`
122
+ }
123
+
124
+ type Duty struct {
125
+ Action string `json:"action"`
126
+ Constraint Constraint `json:"constraint"`
127
+ }
128
+
129
+ type Permission struct {
130
+ Action string `json:"action"`
131
+ Constraint Constraint `json:"constraint"`
132
+ Target string `json:"target"`
133
+ }
134
+
135
+ type Prohibition struct {
136
+ Action string `json:"action"`
137
+ Constraint Constraint `json:"constraint"`
138
+ Target string `json:"target"`
139
+ }
140
+
141
+ type Policy struct {
142
+ Duty Duty `json:"duty"`
143
+ Permission Permission `json:"permission"`
144
+ Profile string `json:"profile"`
145
+ Prohibition Prohibition `json:"prohibition"`
146
+ Type string `json:"type"`
147
+ }
148
+
149
+ type Envelope struct {
150
+ Insight Insight `json:"insight"`
151
+ Policy Policy `json:"policy"`
152
+ }
153
+
154
+ type Derived struct {
155
+ ExportWeakness bool `json:"exportWeakness"`
156
+ SkillsStrain bool `json:"skillsStrain"`
157
+ GridStress bool `json:"gridStress"`
158
+ ActiveNeedCount int `json:"activeNeedCount"`
159
+ NeedsRetoolingPulse bool `json:"needsRetoolingPulse"`
160
+ EligiblePackageIDs []string `json:"eligiblePackageIds"`
161
+ RecommendedPackageID *string `json:"recommendedPackageId"`
162
+ RecommendedPackageName *string `json:"recommendedPackageName"`
163
+ }
164
+
165
+ type IntegrityResult struct {
166
+ CanonicalEnvelope string `json:"canonicalEnvelope"`
167
+ PayloadHashSHA256 string `json:"payloadHashSHA256"`
168
+ EnvelopeHmacSHA256 string `json:"envelopeHmacSHA256"`
169
+ VerificationMode string `json:"verificationMode"`
170
+ }
171
+
172
+ type Answer struct {
173
+ Name string `json:"name"`
174
+ Region string `json:"region"`
175
+ Metric string `json:"metric"`
176
+ ActiveNeedCount int `json:"activeNeedCount"`
177
+ Threshold int `json:"threshold"`
178
+ RecommendedPackage *string `json:"recommendedPackage"`
179
+ BudgetCapMEUR int `json:"budgetCapMEUR"`
180
+ PackageCostMEUR *int `json:"packageCostMEUR"`
181
+ PayloadHashSHA256 string `json:"payloadHashSHA256"`
182
+ EnvelopeHmacSHA256 string `json:"envelopeHmacSHA256"`
183
+ }
184
+
185
+ type Checks struct {
186
+ PayloadHashMatches bool `json:"payloadHashMatches"`
187
+ SignatureVerifies bool `json:"signatureVerifies"`
188
+ ThresholdReached bool `json:"thresholdReached"`
189
+ ScopeComplete bool `json:"scopeComplete"`
190
+ MinimizationRespected bool `json:"minimizationRespected"`
191
+ AuthorizationAllowed bool `json:"authorizationAllowed"`
192
+ DutyTimely bool `json:"dutyTimely"`
193
+ SurveillanceReuseProhibited bool `json:"surveillanceReuseProhibited"`
194
+ PackageWithinBudget bool `json:"packageWithinBudget"`
195
+ PackageCoversAllActiveNeeds bool `json:"packageCoversAllActiveNeeds"`
196
+ LowestCostEligiblePackageChosen bool `json:"lowestCostEligiblePackageChosen"`
197
+ }
198
+
199
+ type Result struct {
200
+ CaseName string `json:"caseName"`
201
+ Derived Derived `json:"derived"`
202
+ Envelope Envelope `json:"envelope"`
203
+ Integrity IntegrityResult `json:"integrity"`
204
+ Answer Answer `json:"answer"`
205
+ ReasonWhy []string `json:"reasonWhy"`
206
+ Checks Checks `json:"checks"`
207
+ AllChecksPass bool `json:"allChecksPass"`
208
+ ArcText string `json:"arcText"`
209
+ }
210
+
211
+ func assertTrue(condition bool, message string) error {
212
+ if !condition {
213
+ return errors.New(message)
214
+ }
215
+ return nil
216
+ }
217
+
218
+ func readJSON(path string) (Data, error) {
219
+ var data Data
220
+ b, err := os.ReadFile(path)
221
+ if err != nil {
222
+ return data, err
223
+ }
224
+ err = json.Unmarshal(b, &data)
225
+ return data, err
226
+ }
227
+
228
+ func parseTime(value string) time.Time {
229
+ t, err := time.Parse(time.RFC3339Nano, value)
230
+ if err != nil {
231
+ panic(err)
232
+ }
233
+ return t
234
+ }
235
+
236
+ func stableStringify(value any) string {
237
+ switch v := value.(type) {
238
+ case nil:
239
+ return "null"
240
+ case map[string]any:
241
+ keys := make([]string, 0, len(v))
242
+ for key := range v {
243
+ keys = append(keys, key)
244
+ }
245
+ sort.Strings(keys)
246
+ parts := make([]string, 0, len(keys))
247
+ for _, key := range keys {
248
+ parts = append(parts, fmt.Sprintf("%s:%s", stableStringify(key), stableStringify(v[key])))
249
+ }
250
+ return "{" + strings.Join(parts, ",") + "}"
251
+ case []any:
252
+ parts := make([]string, 0, len(v))
253
+ for _, item := range v {
254
+ parts = append(parts, stableStringify(item))
255
+ }
256
+ return "[" + strings.Join(parts, ",") + "]"
257
+ default:
258
+ b, _ := json.Marshal(v)
259
+ return string(b)
260
+ }
261
+ }
262
+
263
+ func canonicalValue(value any) any {
264
+ b, _ := json.Marshal(value)
265
+ var out any
266
+ _ = json.Unmarshal(b, &out)
267
+ return out
268
+ }
269
+
270
+ func validateInstance(data Data) error {
271
+ if err := assertTrue(data.CaseName != "", "caseName is required"); err != nil {
272
+ return err
273
+ }
274
+ if err := assertTrue(data.Region != "", "region is required"); err != nil {
275
+ return err
276
+ }
277
+ if err := assertTrue(len(data.Signals.Clusters) > 0, "signals.clusters is required"); err != nil {
278
+ return err
279
+ }
280
+ if err := assertTrue(len(data.Packages) > 0, "packages is required"); err != nil {
281
+ return err
282
+ }
283
+ return nil
284
+ }
285
+
286
+ func countTrue(values ...bool) int {
287
+ total := 0
288
+ for _, value := range values {
289
+ if value {
290
+ total++
291
+ }
292
+ }
293
+ return total
294
+ }
295
+
296
+ func clauseR1ExportWeakness(data Data) bool {
297
+ for _, cluster := range data.Signals.Clusters {
298
+ if cluster.ExportOrdersIndex < data.Thresholds.ExportOrdersIndexBelow {
299
+ return true
300
+ }
301
+ }
302
+ return false
303
+ }
304
+
305
+ func clauseR2SkillsStrain(data Data) bool {
306
+ return data.Signals.LabourMarket.TechnicalVacancyRatePct > data.Thresholds.TechnicalVacancyRatePctAbove
307
+ }
308
+
309
+ func clauseR3GridStress(data Data) bool {
310
+ return data.Signals.Grid.CongestionHours > data.Thresholds.GridCongestionHoursAbove
311
+ }
312
+
313
+ func clauseR4ActiveNeedCount(exportWeakness, skillsStrain, gridStress bool) int {
314
+ return countTrue(exportWeakness, skillsStrain, gridStress)
315
+ }
316
+
317
+ func clauseR5NeedsRetoolingPulse(data Data, activeNeedCount int) bool {
318
+ return activeNeedCount >= data.Thresholds.ActiveNeedCountAtLeast
319
+ }
320
+
321
+ func deriveInsight(data Data) Insight {
322
+ return Insight{
323
+ CreatedAt: data.Timestamps.CreatedAt,
324
+ ExpiresAt: data.Timestamps.ExpiresAt,
325
+ ID: data.InsightPolicy.ID,
326
+ Metric: data.InsightPolicy.Metric,
327
+ Region: data.Region,
328
+ ScopeDevice: data.EvaluationContext.ScopeDevice,
329
+ ScopeEvent: data.EvaluationContext.ScopeEvent,
330
+ SuggestionPolicy: data.InsightPolicy.SuggestionPolicy,
331
+ Threshold: data.Thresholds.ActiveNeedCountAtLeast,
332
+ Type: data.InsightPolicy.Type,
333
+ }
334
+ }
335
+
336
+ func derivePolicy(data Data) Policy {
337
+ return Policy{
338
+ Duty: Duty{
339
+ Action: "odrl:delete",
340
+ Constraint: Constraint{
341
+ LeftOperand: "odrl:dateTime",
342
+ Operator: "odrl:eq",
343
+ RightOperand: data.Timestamps.ExpiresAt,
344
+ },
345
+ },
346
+ Permission: Permission{
347
+ Action: "odrl:use",
348
+ Constraint: Constraint{
349
+ LeftOperand: "odrl:purpose",
350
+ Operator: "odrl:eq",
351
+ RightOperand: data.EvaluationContext.Purpose,
352
+ },
353
+ Target: data.InsightPolicy.ID,
354
+ },
355
+ Profile: data.InsightPolicy.PolicyProfile,
356
+ Prohibition: Prohibition{
357
+ Action: "odrl:distribute",
358
+ Constraint: Constraint{
359
+ LeftOperand: "odrl:purpose",
360
+ Operator: "odrl:eq",
361
+ RightOperand: data.EvaluationContext.ProhibitedReusePurpose,
362
+ },
363
+ Target: data.InsightPolicy.ID,
364
+ },
365
+ Type: data.InsightPolicy.PolicyType,
366
+ }
367
+ }
368
+
369
+ func packageCoversAllActiveNeeds(pkg Package, exportWeakness, skillsStrain, gridStress bool) bool {
370
+ return (!exportWeakness || pkg.CoversExportWeakness) &&
371
+ (!skillsStrain || pkg.CoversSkillsStrain) &&
372
+ (!gridStress || pkg.CoversGridStress)
373
+ }
374
+
375
+ func clauseS1EligiblePackages(data Data, exportWeakness, skillsStrain, gridStress bool) []Package {
376
+ eligible := make([]Package, 0)
377
+ for _, pkg := range data.Packages {
378
+ if pkg.CostMEUR <= data.Budget.MaxMEUR && packageCoversAllActiveNeeds(pkg, exportWeakness, skillsStrain, gridStress) {
379
+ eligible = append(eligible, pkg)
380
+ }
381
+ }
382
+ sort.Slice(eligible, func(i, j int) bool { return eligible[i].CostMEUR < eligible[j].CostMEUR })
383
+ return eligible
384
+ }
385
+
386
+ func clauseS2RecommendedPackage(data Data, exportWeakness, skillsStrain, gridStress bool) ([]Package, *Package) {
387
+ eligible := clauseS1EligiblePackages(data, exportWeakness, skillsStrain, gridStress)
388
+ if len(eligible) == 0 {
389
+ return eligible, nil
390
+ }
391
+ recommended := eligible[0]
392
+ return eligible, &recommended
393
+ }
394
+
395
+ func clauseG1AuthorizedUse(data Data) bool {
396
+ return data.EvaluationContext.Purpose == "regional_stabilization" && !parseTime(data.Timestamps.AuthorizedAt).After(parseTime(data.Timestamps.ExpiresAt))
397
+ }
398
+
399
+ func clauseG2SurveillanceReuseProhibited(data Data) bool {
400
+ return data.EvaluationContext.ProhibitedReusePurpose == "firm_surveillance"
401
+ }
402
+
403
+ func clauseG3DutyTimely(data Data) bool {
404
+ return !parseTime(data.Timestamps.DutyPerformedAt).After(parseTime(data.Timestamps.ExpiresAt))
405
+ }
406
+
407
+ func clauseM1CanonicalEnvelope(data Data) (Envelope, string) {
408
+ envelope := Envelope{Insight: deriveInsight(data), Policy: derivePolicy(data)}
409
+ return envelope, stableStringify(canonicalValue(envelope))
410
+ }
411
+
412
+ func sha256Hex(text string) string {
413
+ sum := sha256.Sum256([]byte(text))
414
+ return hex.EncodeToString(sum[:])
415
+ }
416
+
417
+ func hmacSHA256Hex(secret, text string) string {
418
+ mac := hmac.New(sha256.New, []byte(secret))
419
+ _, _ = mac.Write([]byte(text))
420
+ return hex.EncodeToString(mac.Sum(nil))
421
+ }
422
+
423
+ func clauseM4MinimizationRespected(insight Insight) bool {
424
+ b, _ := json.Marshal(insight)
425
+ s := strings.ToLower(string(b))
426
+ return !strings.Contains(s, "salary") && !strings.Contains(s, "payroll") && !strings.Contains(s, "invoice") && !strings.Contains(s, "medical") && !strings.Contains(s, "firmname")
427
+ }
428
+
429
+ func clauseM5ScopeComplete(insight Insight) bool {
430
+ return insight.ScopeDevice != "" && insight.ScopeEvent != "" && insight.ExpiresAt != ""
431
+ }
432
+
433
+ func yesNo(value bool) string {
434
+ if value {
435
+ return "PASS"
436
+ }
437
+ return "FAIL"
438
+ }
439
+
440
+ func evaluate(data Data) (Result, error) {
441
+ if err := validateInstance(data); err != nil {
442
+ return Result{}, err
443
+ }
444
+
445
+ exportWeakness := clauseR1ExportWeakness(data)
446
+ skillsStrain := clauseR2SkillsStrain(data)
447
+ gridStress := clauseR3GridStress(data)
448
+ activeNeedCount := clauseR4ActiveNeedCount(exportWeakness, skillsStrain, gridStress)
449
+ needsRetoolingPulse := clauseR5NeedsRetoolingPulse(data, activeNeedCount)
450
+
451
+ envelope, canonicalEnvelope := clauseM1CanonicalEnvelope(data)
452
+ payloadHashSHA256 := sha256Hex(canonicalEnvelope)
453
+ envelopeHmacSHA256 := hmacSHA256Hex(data.Integrity.Secret, canonicalEnvelope)
454
+
455
+ eligible, recommended := clauseS2RecommendedPackage(data, exportWeakness, skillsStrain, gridStress)
456
+ recommendedID := (*string)(nil)
457
+ recommendedName := (*string)(nil)
458
+ packageCostMEUR := (*int)(nil)
459
+ if recommended != nil {
460
+ recommendedID = &recommended.ID
461
+ recommendedName = &recommended.Name
462
+ packageCostMEUR = &recommended.CostMEUR
463
+ }
464
+
465
+ checks := Checks{
466
+ PayloadHashMatches: payloadHashSHA256 == sha256Hex(canonicalEnvelope),
467
+ SignatureVerifies: data.Integrity.VerificationMode == "trustedPrecomputedInput" && envelopeHmacSHA256 == hmacSHA256Hex(data.Integrity.Secret, canonicalEnvelope),
468
+ ThresholdReached: needsRetoolingPulse,
469
+ ScopeComplete: clauseM5ScopeComplete(envelope.Insight),
470
+ MinimizationRespected: clauseM4MinimizationRespected(envelope.Insight),
471
+ AuthorizationAllowed: clauseG1AuthorizedUse(data),
472
+ DutyTimely: clauseG3DutyTimely(data),
473
+ SurveillanceReuseProhibited: clauseG2SurveillanceReuseProhibited(data),
474
+ PackageWithinBudget: recommended != nil && recommended.CostMEUR <= data.Budget.MaxMEUR,
475
+ PackageCoversAllActiveNeeds: recommended != nil && packageCoversAllActiveNeeds(*recommended, exportWeakness, skillsStrain, gridStress),
476
+ LowestCostEligiblePackageChosen: recommended != nil && recommended.ID == eligible[0].ID,
477
+ }
478
+
479
+ clusterBits := make([]string, 0, len(data.Signals.Clusters))
480
+ for _, cluster := range data.Signals.Clusters {
481
+ clusterBits = append(clusterBits, fmt.Sprintf("%s=%d", cluster.Name, cluster.ExportOrdersIndex))
482
+ }
483
+
484
+ reasonWhy := []string{
485
+ fmt.Sprintf("ExportWeakness holds because at least one cluster has exportOrdersIndex < %d (%s).", data.Thresholds.ExportOrdersIndexBelow, strings.Join(clusterBits, ", ")),
486
+ fmt.Sprintf("SkillsStrain holds because the technical vacancy rate is %g%% and the threshold is > %g%%.", data.Signals.LabourMarket.TechnicalVacancyRatePct, data.Thresholds.TechnicalVacancyRatePctAbove),
487
+ fmt.Sprintf("GridStress holds because congestion hours = %d and the threshold is > %d.", data.Signals.Grid.CongestionHours, data.Thresholds.GridCongestionHoursAbove),
488
+ "The recommendation rule selects the least-cost package that covers every active need and remains within budget.",
489
+ func() string {
490
+ if recommended != nil {
491
+ return fmt.Sprintf("The selected package is \"%s\" with cost €%dM, workerCoverage=%d, gridReliefMW=%d.", recommended.Name, recommended.CostMEUR, recommended.WorkerCoverage, recommended.GridReliefMW)
492
+ }
493
+ return "No eligible package exists within budget."
494
+ }(),
495
+ fmt.Sprintf("Use is permitted only for purpose \"%s\" and expires at %s.", data.EvaluationContext.Purpose, data.Timestamps.ExpiresAt),
496
+ }
497
+
498
+ answer := Answer{
499
+ Name: data.CaseName,
500
+ Region: data.Region,
501
+ Metric: data.InsightPolicy.Metric,
502
+ ActiveNeedCount: activeNeedCount,
503
+ Threshold: data.Thresholds.ActiveNeedCountAtLeast,
504
+ RecommendedPackage: recommendedName,
505
+ BudgetCapMEUR: data.Budget.MaxMEUR,
506
+ PackageCostMEUR: packageCostMEUR,
507
+ PayloadHashSHA256: payloadHashSHA256,
508
+ EnvelopeHmacSHA256: envelopeHmacSHA256,
509
+ }
510
+
511
+ arcLines := []string{
512
+ "=== Answer ===",
513
+ fmt.Sprintf("Name: %s", answer.Name),
514
+ fmt.Sprintf("Region: %s", answer.Region),
515
+ fmt.Sprintf("Metric: %s", answer.Metric),
516
+ fmt.Sprintf("Active need count: %d/%d", answer.ActiveNeedCount, answer.Threshold),
517
+ fmt.Sprintf("Recommended package: %s", derefString(answer.RecommendedPackage)),
518
+ fmt.Sprintf("Budget cap: €%dM", answer.BudgetCapMEUR),
519
+ fmt.Sprintf("Package cost: €%sM", derefIntString(answer.PackageCostMEUR)),
520
+ fmt.Sprintf("Payload SHA-256: %s", answer.PayloadHashSHA256),
521
+ fmt.Sprintf("Envelope HMAC-SHA-256: %s", answer.EnvelopeHmacSHA256),
522
+ "",
523
+ "=== Reason Why ===",
524
+ }
525
+ arcLines = append(arcLines, reasonWhy...)
526
+ arcLines = append(arcLines, "", "=== Check ===")
527
+ checkOrder := []struct {
528
+ name string
529
+ ok bool
530
+ }{
531
+ {"payloadHashMatches", checks.PayloadHashMatches},
532
+ {"signatureVerifies", checks.SignatureVerifies},
533
+ {"thresholdReached", checks.ThresholdReached},
534
+ {"scopeComplete", checks.ScopeComplete},
535
+ {"minimizationRespected", checks.MinimizationRespected},
536
+ {"authorizationAllowed", checks.AuthorizationAllowed},
537
+ {"dutyTimely", checks.DutyTimely},
538
+ {"surveillanceReuseProhibited", checks.SurveillanceReuseProhibited},
539
+ {"packageWithinBudget", checks.PackageWithinBudget},
540
+ {"packageCoversAllActiveNeeds", checks.PackageCoversAllActiveNeeds},
541
+ {"lowestCostEligiblePackageChosen", checks.LowestCostEligiblePackageChosen},
542
+ }
543
+ for _, item := range checkOrder {
544
+ arcLines = append(arcLines, fmt.Sprintf("- %s: %s", yesNo(item.ok), item.name))
545
+ }
546
+
547
+ allChecksPass := checks.PayloadHashMatches && checks.SignatureVerifies && checks.ThresholdReached && checks.ScopeComplete && checks.MinimizationRespected && checks.AuthorizationAllowed && checks.DutyTimely && checks.SurveillanceReuseProhibited && checks.PackageWithinBudget && checks.PackageCoversAllActiveNeeds && checks.LowestCostEligiblePackageChosen
548
+
549
+ return Result{
550
+ CaseName: data.CaseName,
551
+ Derived: Derived{
552
+ ExportWeakness: exportWeakness,
553
+ SkillsStrain: skillsStrain,
554
+ GridStress: gridStress,
555
+ ActiveNeedCount: activeNeedCount,
556
+ NeedsRetoolingPulse: needsRetoolingPulse,
557
+ EligiblePackageIDs: func() []string {
558
+ ids := make([]string, 0, len(eligible))
559
+ for _, pkg := range eligible {
560
+ ids = append(ids, pkg.ID)
561
+ }
562
+ return ids
563
+ }(),
564
+ RecommendedPackageID: recommendedID,
565
+ RecommendedPackageName: recommendedName,
566
+ },
567
+ Envelope: envelope,
568
+ Integrity: IntegrityResult{
569
+ CanonicalEnvelope: canonicalEnvelope,
570
+ PayloadHashSHA256: payloadHashSHA256,
571
+ EnvelopeHmacSHA256: envelopeHmacSHA256,
572
+ VerificationMode: data.Integrity.VerificationMode,
573
+ },
574
+ Answer: answer,
575
+ ReasonWhy: reasonWhy,
576
+ Checks: checks,
577
+ AllChecksPass: allChecksPass,
578
+ ArcText: strings.Join(arcLines, "\n"),
579
+ }, nil
580
+ }
581
+
582
+ func derefString(value *string) string {
583
+ if value == nil {
584
+ return "<nil>"
585
+ }
586
+ return *value
587
+ }
588
+
589
+ func derefIntString(value *int) string {
590
+ if value == nil {
591
+ return "<nil>"
592
+ }
593
+ return fmt.Sprintf("%d", *value)
594
+ }
595
+
596
+ func main() {
597
+ inputPath := "flandor.data.json"
598
+ jsonMode := false
599
+ for _, arg := range os.Args[1:] {
600
+ if arg == "--json" {
601
+ jsonMode = true
602
+ } else if !strings.HasPrefix(arg, "--") {
603
+ inputPath = arg
604
+ }
605
+ }
606
+
607
+ data, err := readJSON(inputPath)
608
+ if err != nil {
609
+ fmt.Fprintln(os.Stderr, err)
610
+ os.Exit(1)
611
+ }
612
+
613
+ result, err := evaluate(data)
614
+ if err != nil {
615
+ fmt.Fprintln(os.Stderr, err)
616
+ os.Exit(1)
617
+ }
618
+
619
+ if jsonMode {
620
+ enc := json.NewEncoder(os.Stdout)
621
+ enc.SetIndent("", " ")
622
+ _ = enc.Encode(result)
623
+ } else {
624
+ fmt.Println(result.ArcText)
625
+ }
626
+
627
+ if !result.AllChecksPass {
628
+ os.Exit(1)
629
+ }
630
+ }
@@ -2,7 +2,7 @@
2
2
 
3
3
  ## Status
4
4
 
5
- This document is the **normative specification** for the Flandor case. The file `flandor.model.mjs` is the **reference ECMAScript implementation** of these clauses. The file `flandor.data.json` is the **instance** evaluated in this bundle. The file `flandor.expected.json` is the **conformance vector** for that instance.
5
+ This document is the **normative specification** for the Flandor case. The file `flandor.model.go` is the **reference Go implementation** of these clauses. The file `flandor.data.json` is the **instance** evaluated in this bundle. The file `flandor.expected.json` is the **conformance vector** for that instance.
6
6
 
7
7
  ## Insight Economy context
8
8
 
@@ -15,7 +15,6 @@ The product being traded is therefore not raw data, and not even a general forec
15
15
  - “iff” means “if and only if”.
16
16
  - A clause identifier such as `R1` or `M3` is normative.
17
17
  - A conforming implementation may be written in any language, but it shall produce the same derived values and pass/fail outcomes for the supplied instance.
18
- - The reference implementation uses ECMAScript because you preferred an international-standard JS language.
19
18
 
20
19
  ## Vocabulary
21
20