npm - forgeos - Versions diffs - 0.1.0-alpha.0 - Mend

forgeos 0.1.0-alpha.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (540) hide show

package/.npmignore +1 -0
package/AGENTS.md +277 -0
package/CHANGELOG.md +8 -0
package/CONTRIBUTING.md +58 -0
package/README.md +377 -0
package/bin/forge-bun.mjs +110 -0
package/bin/forge.mjs +19 -0
package/package.json +96 -0
package/packages/eslint-plugin-forge/index.ts +15 -0
package/packages/eslint-plugin-forge/package.json +10 -0
package/packages/eslint-plugin-forge/src/check-source.ts +95 -0
package/packages/eslint-plugin-forge/src/load-artifacts.ts +24 -0
package/packages/eslint-plugin-forge/src/rule-no-forge-guard-violation.ts +93 -0
package/src/forge/_generated/actionSubscriptions.json +2 -0
package/src/forge/_generated/actionSubscriptions.ts +10 -0
package/src/forge/_generated/agentAdapterManifest.json +2 -0
package/src/forge/_generated/agentAdapterManifest.ts +73 -0
package/src/forge/_generated/agentContract.json +2 -0
package/src/forge/_generated/agentContract.ts +912 -0
package/src/forge/_generated/agentQuickstart.md +32 -0
package/src/forge/_generated/aiContext.ts +59 -0
package/src/forge/_generated/aiModels.json +2 -0
package/src/forge/_generated/aiModels.ts +35 -0
package/src/forge/_generated/aiProviders.json +2 -0
package/src/forge/_generated/aiProviders.ts +23 -0
package/src/forge/_generated/aiRegistry.json +2 -0
package/src/forge/_generated/aiRegistry.ts +29 -0
package/src/forge/_generated/api.json +2 -0
package/src/forge/_generated/api.ts +8 -0
package/src/forge/_generated/appGraph.json +2 -0
package/src/forge/_generated/appGraph.ts +14511 -0
package/src/forge/_generated/appMap.md +35 -0
package/src/forge/_generated/artifactManifest.json +2 -0
package/src/forge/_generated/artifactManifest.ts +7 -0
package/src/forge/_generated/authClaims.json +2 -0
package/src/forge/_generated/authClaims.ts +13 -0
package/src/forge/_generated/authConfig.json +2 -0
package/src/forge/_generated/authConfig.ts +17 -0
package/src/forge/_generated/authContext.ts +23 -0
package/src/forge/_generated/authRegistry.json +2 -0
package/src/forge/_generated/authRegistry.ts +25 -0
package/src/forge/_generated/buildInfo.json +2 -0
package/src/forge/_generated/buildInfo.ts +9 -0
package/src/forge/_generated/capabilityMap.json +2 -0
package/src/forge/_generated/capabilityMap.md +15 -0
package/src/forge/_generated/capabilityMap.ts +17 -0
package/src/forge/_generated/client.ts +282 -0
package/src/forge/_generated/clientApi.ts +9 -0
package/src/forge/_generated/clientManifest.json +2 -0
package/src/forge/_generated/clientManifest.ts +39 -0
package/src/forge/_generated/clientTypes.ts +78 -0
package/src/forge/_generated/configRegistry.json +2 -0
package/src/forge/_generated/configRegistry.ts +4 -0
package/src/forge/_generated/dataGraph.json +2 -0
package/src/forge/_generated/dataGraph.ts +8 -0
package/src/forge/_generated/db.json +2 -0
package/src/forge/_generated/db.ts +2 -0
package/src/forge/_generated/dbSecurityManifest.json +2 -0
package/src/forge/_generated/dbSecurityManifest.ts +15 -0
package/src/forge/_generated/dbSessionContext.json +2 -0
package/src/forge/_generated/dbSessionContext.ts +39 -0
package/src/forge/_generated/deployManifest.json +2 -0
package/src/forge/_generated/deployManifest.ts +14 -0
package/src/forge/_generated/devManifest.json +2 -0
package/src/forge/_generated/devManifest.ts +47 -0
package/src/forge/_generated/envSchema.json +2 -0
package/src/forge/_generated/envSchema.ts +59 -0
package/src/forge/_generated/frontendGraph.json +2 -0
package/src/forge/_generated/frontendGraph.ts +27 -0
package/src/forge/_generated/importGuards.json +2 -0
package/src/forge/_generated/importGuards.ts +652 -0
package/src/forge/_generated/index.ts +67 -0
package/src/forge/_generated/liveProductionManifest.json +2 -0
package/src/forge/_generated/liveProductionManifest.ts +23 -0
package/src/forge/_generated/liveProtocol.json +2 -0
package/src/forge/_generated/liveProtocol.ts +21 -0
package/src/forge/_generated/liveQueryRegistry.json +2 -0
package/src/forge/_generated/liveQueryRegistry.ts +9 -0
package/src/forge/_generated/liveTransportConfig.json +2 -0
package/src/forge/_generated/liveTransportConfig.ts +19 -0
package/src/forge/_generated/makeRegistry.json +2 -0
package/src/forge/_generated/makeRegistry.ts +163 -0
package/src/forge/_generated/makeTemplates.json +2 -0
package/src/forge/_generated/makeTemplates.ts +61 -0
package/src/forge/_generated/mockMap.json +2 -0
package/src/forge/_generated/mockMap.ts +7 -0
package/src/forge/_generated/operationPlaybooks.md +145 -0
package/src/forge/_generated/packageGraph.json +2 -0
package/src/forge/_generated/packageGraph.ts +168569 -0
package/src/forge/_generated/packageUpgradeRegistry.json +2 -0
package/src/forge/_generated/packageUpgradeRegistry.ts +15 -0
package/src/forge/_generated/permissionMatrix.json +2 -0
package/src/forge/_generated/permissionMatrix.ts +7 -0
package/src/forge/_generated/policyRegistry.json +2 -0
package/src/forge/_generated/policyRegistry.ts +11 -0
package/src/forge/_generated/queryRegistry.json +2 -0
package/src/forge/_generated/queryRegistry.ts +9 -0
package/src/forge/_generated/react.d.ts +22 -0
package/src/forge/_generated/react.ts +29 -0
package/src/forge/_generated/reactManifest.json +2 -0
package/src/forge/_generated/reactManifest.ts +19 -0
package/src/forge/_generated/releaseManifest.json +2 -0
package/src/forge/_generated/releaseManifest.ts +25 -0
package/src/forge/_generated/rlsPolicies.json +2 -0
package/src/forge/_generated/rlsPolicies.sql +34 -0
package/src/forge/_generated/rlsPolicies.ts +6 -0
package/src/forge/_generated/runtimeGraph.json +2 -0
package/src/forge/_generated/runtimeGraph.ts +8 -0
package/src/forge/_generated/runtimeMatrix.json +2 -0
package/src/forge/_generated/runtimeMatrix.ts +229125 -0
package/src/forge/_generated/runtimeRegistry.ts +2 -0
package/src/forge/_generated/runtimeRules.md +79 -0
package/src/forge/_generated/secretRegistry.json +2 -0
package/src/forge/_generated/secretRegistry.ts +50 -0
package/src/forge/_generated/secretsContext.ts +11 -0
package/src/forge/_generated/serverApi.ts +10 -0
package/src/forge/_generated/sourceMapManifest.json +2 -0
package/src/forge/_generated/sourceMapManifest.ts +7 -0
package/src/forge/_generated/sqlPlan.json +2 -0
package/src/forge/_generated/sqlPlan.ts +88 -0
package/src/forge/_generated/subscriptionManifest.json +2 -0
package/src/forge/_generated/subscriptionManifest.ts +7 -0
package/src/forge/_generated/symbolicationManifest.json +2 -0
package/src/forge/_generated/symbolicationManifest.ts +17 -0
package/src/forge/_generated/telemetryRegistry.json +2 -0
package/src/forge/_generated/telemetryRegistry.ts +9 -0
package/src/forge/_generated/telemetrySinks.json +2 -0
package/src/forge/_generated/telemetrySinks.ts +11 -0
package/src/forge/_generated/tenantScope.json +2 -0
package/src/forge/_generated/tenantScope.ts +8 -0
package/src/forge/_generated/testGraph.json +2 -0
package/src/forge/_generated/testGraph.ts +3054 -0
package/src/forge/_generated/testPlanRegistry.json +2 -0
package/src/forge/_generated/testPlanRegistry.ts +33 -0
package/src/forge/_generated/uiRoutes.json +2 -0
package/src/forge/_generated/uiRoutes.ts +16 -0
package/src/forge/_generated/uiScenarios.json +2 -0
package/src/forge/_generated/uiScenarios.ts +30 -0
package/src/forge/_generated/uiTestManifest.json +2 -0
package/src/forge/_generated/uiTestManifest.ts +27 -0
package/src/forge/_generated/workflowRegistry.json +2 -0
package/src/forge/_generated/workflowRegistry.ts +9 -0
package/src/forge/_generated/workflowSubscriptions.json +2 -0
package/src/forge/_generated/workflowSubscriptions.ts +10 -0
package/src/forge/agent-adapters/index.ts +1002 -0
package/src/forge/agent-adapters/types.ts +135 -0
package/src/forge/cli/agent-contract.ts +50 -0
package/src/forge/cli/ai.ts +148 -0
package/src/forge/cli/auth.ts +198 -0
package/src/forge/cli/build.ts +105 -0
package/src/forge/cli/bun-exec.ts +4 -0
package/src/forge/cli/commands.ts +1130 -0
package/src/forge/cli/db.ts +316 -0
package/src/forge/cli/deps.ts +277 -0
package/src/forge/cli/dev.ts +529 -0
package/src/forge/cli/doctor.ts +209 -0
package/src/forge/cli/feature.ts +485 -0
package/src/forge/cli/index.ts +25 -0
package/src/forge/cli/lint-forge.ts +119 -0
package/src/forge/cli/live.ts +179 -0
package/src/forge/cli/main.ts +92 -0
package/src/forge/cli/make.ts +133 -0
package/src/forge/cli/new.ts +505 -0
package/src/forge/cli/outbox.ts +297 -0
package/src/forge/cli/output.ts +114 -0
package/src/forge/cli/parse.ts +2211 -0
package/src/forge/cli/policy.ts +204 -0
package/src/forge/cli/query.ts +91 -0
package/src/forge/cli/refactor.ts +221 -0
package/src/forge/cli/release.ts +285 -0
package/src/forge/cli/rls.ts +322 -0
package/src/forge/cli/run.ts +76 -0
package/src/forge/cli/secrets.ts +274 -0
package/src/forge/cli/self-host.ts +468 -0
package/src/forge/cli/serve.ts +93 -0
package/src/forge/cli/telemetry.ts +219 -0
package/src/forge/cli/verify.ts +587 -0
package/src/forge/cli/version.ts +1 -0
package/src/forge/cli/windows.ts +413 -0
package/src/forge/cli/worker.ts +87 -0
package/src/forge/cli/workflow.ts +424 -0
package/src/forge/compiler/action-subscriptions/build.ts +116 -0
package/src/forge/compiler/action-subscriptions/constants.ts +2 -0
package/src/forge/compiler/action-subscriptions/index.ts +6 -0
package/src/forge/compiler/action-subscriptions/parse.ts +6 -0
package/src/forge/compiler/agent-contract/build.ts +1651 -0
package/src/forge/compiler/agent-contract/types.ts +326 -0
package/src/forge/compiler/ai-registry/build.ts +165 -0
package/src/forge/compiler/ai-registry/constants.ts +2 -0
package/src/forge/compiler/ai-registry/parse.ts +56 -0
package/src/forge/compiler/api-surface/build.ts +107 -0
package/src/forge/compiler/app-graph/build.ts +121 -0
package/src/forge/compiler/app-graph/classify.ts +10 -0
package/src/forge/compiler/app-graph/dup-symbol.ts +29 -0
package/src/forge/compiler/app-graph/extract.ts +124 -0
package/src/forge/compiler/app-graph/forge-apis.ts +29 -0
package/src/forge/compiler/app-graph/index.ts +15 -0
package/src/forge/compiler/app-graph/module-graph.ts +320 -0
package/src/forge/compiler/app-graph/parser.ts +119 -0
package/src/forge/compiler/app-graph/symbols.ts +48 -0
package/src/forge/compiler/app-graph/tsconfig-hash.ts +62 -0
package/src/forge/compiler/app-graph/types.ts +43 -0
package/src/forge/compiler/app-graph/versions.ts +14 -0
package/src/forge/compiler/cache/index.ts +17 -0
package/src/forge/compiler/cache/key.ts +46 -0
package/src/forge/compiler/cache/scheduler.ts +72 -0
package/src/forge/compiler/cache/store.ts +78 -0
package/src/forge/compiler/classifier/capabilities.ts +78 -0
package/src/forge/compiler/classifier/classify.ts +113 -0
package/src/forge/compiler/classifier/contexts.ts +188 -0
package/src/forge/compiler/classifier/index.ts +18 -0
package/src/forge/compiler/classifier/runtime-matrix.ts +45 -0
package/src/forge/compiler/classifier/secrets.ts +41 -0
package/src/forge/compiler/classifier/signals.ts +129 -0
package/src/forge/compiler/client-sdk/build-manifest.ts +151 -0
package/src/forge/compiler/client-sdk/render-client.ts +432 -0
package/src/forge/compiler/data-graph/build.ts +131 -0
package/src/forge/compiler/data-graph/constants.ts +5 -0
package/src/forge/compiler/data-graph/index.ts +6 -0
package/src/forge/compiler/data-graph/parse.ts +176 -0
package/src/forge/compiler/data-graph/rls/build.ts +222 -0
package/src/forge/compiler/data-graph/rls/types.ts +62 -0
package/src/forge/compiler/data-graph/sql/ddl.ts +390 -0
package/src/forge/compiler/data-graph/sql/naming.ts +10 -0
package/src/forge/compiler/data-graph/sql/serialize.ts +85 -0
package/src/forge/compiler/data-graph/sql/types.ts +37 -0
package/src/forge/compiler/dev-manifest/build.ts +170 -0
package/src/forge/compiler/dev-manifest/constants.ts +5 -0
package/src/forge/compiler/diagnostics/codes.ts +611 -0
package/src/forge/compiler/diagnostics/create.ts +245 -0
package/src/forge/compiler/diagnostics/index.ts +55 -0
package/src/forge/compiler/emitter/artifact-kind.ts +14 -0
package/src/forge/compiler/emitter/barrel.ts +44 -0
package/src/forge/compiler/emitter/constants.ts +7 -0
package/src/forge/compiler/emitter/emit.ts +237 -0
package/src/forge/compiler/emitter/index.ts +24 -0
package/src/forge/compiler/emitter/lock.ts +62 -0
package/src/forge/compiler/emitter/render.ts +73 -0
package/src/forge/compiler/emitter/write.ts +35 -0
package/src/forge/compiler/frontend-graph/build.ts +495 -0
package/src/forge/compiler/fs/index.ts +23 -0
package/src/forge/compiler/fs/memory.ts +233 -0
package/src/forge/compiler/fs/node.ts +139 -0
package/src/forge/compiler/fs/profile.ts +108 -0
package/src/forge/compiler/fs/types.ts +52 -0
package/src/forge/compiler/guards/artifacts.ts +96 -0
package/src/forge/compiler/guards/check-ai-usage.ts +98 -0
package/src/forge/compiler/guards/check-import-guards.ts +106 -0
package/src/forge/compiler/guards/check-process-env.ts +98 -0
package/src/forge/compiler/guards/check-query-usage.ts +76 -0
package/src/forge/compiler/guards/index.ts +11 -0
package/src/forge/compiler/guards/propagate-contexts.ts +57 -0
package/src/forge/compiler/index.ts +17 -0
package/src/forge/compiler/integration/add.ts +496 -0
package/src/forge/compiler/integration/index.ts +17 -0
package/src/forge/compiler/integration/plan.ts +283 -0
package/src/forge/compiler/integration/render.ts +189 -0
package/src/forge/compiler/integration/snapshot.ts +52 -0
package/src/forge/compiler/integration/templates/ai.ts +131 -0
package/src/forge/compiler/integration/templates/index.ts +8 -0
package/src/forge/compiler/integration/templates/posthog.ts +145 -0
package/src/forge/compiler/integration/templates/render.ts +113 -0
package/src/forge/compiler/integration/templates/sentry.ts +151 -0
package/src/forge/compiler/integration/templates/stripe.ts +109 -0
package/src/forge/compiler/integration/templates/types.ts +14 -0
package/src/forge/compiler/integration/templates/zod.ts +55 -0
package/src/forge/compiler/live-production/types.ts +122 -0
package/src/forge/compiler/live-query-registry/build.ts +150 -0
package/src/forge/compiler/live-query-registry/constants.ts +2 -0
package/src/forge/compiler/make-registry/build.ts +179 -0
package/src/forge/compiler/orchestrator/discover.ts +214 -0
package/src/forge/compiler/orchestrator/fast-check.ts +117 -0
package/src/forge/compiler/orchestrator/generate-lock.ts +138 -0
package/src/forge/compiler/orchestrator/guards.ts +5 -0
package/src/forge/compiler/orchestrator/index.ts +27 -0
package/src/forge/compiler/orchestrator/manifest-hashes.ts +21 -0
package/src/forge/compiler/orchestrator/manifest.ts +92 -0
package/src/forge/compiler/orchestrator/orphans.ts +51 -0
package/src/forge/compiler/orchestrator/plan.ts +876 -0
package/src/forge/compiler/orchestrator/profile.ts +36 -0
package/src/forge/compiler/orchestrator/run.ts +277 -0
package/src/forge/compiler/orchestrator/serialize.ts +886 -0
package/src/forge/compiler/orchestrator/session.ts +96 -0
package/src/forge/compiler/orchestrator/types.ts +31 -0
package/src/forge/compiler/orchestrator/verify.ts +38 -0
package/src/forge/compiler/orchestrator/workspace-index.ts +154 -0
package/src/forge/compiler/package-graph/capabilities-stub.ts +33 -0
package/src/forge/compiler/package-graph/checksum.ts +97 -0
package/src/forge/compiler/package-graph/compiler.ts +392 -0
package/src/forge/compiler/package-graph/constants.ts +4 -0
package/src/forge/compiler/package-graph/dts-extractor.ts +142 -0
package/src/forge/compiler/package-graph/exports-discovery.ts +84 -0
package/src/forge/compiler/package-graph/extract-dts.ts +32 -0
package/src/forge/compiler/package-graph/index.ts +33 -0
package/src/forge/compiler/package-graph/jsdoc.ts +62 -0
package/src/forge/compiler/package-graph/read-file.ts +21 -0
package/src/forge/compiler/package-graph/resolve.ts +127 -0
package/src/forge/compiler/package-manager/adapter.ts +237 -0
package/src/forge/compiler/package-manager/bun-executable.ts +92 -0
package/src/forge/compiler/package-manager/commands.ts +47 -0
package/src/forge/compiler/package-manager/detect.ts +79 -0
package/src/forge/compiler/package-manager/executor.ts +117 -0
package/src/forge/compiler/package-manager/index.ts +22 -0
package/src/forge/compiler/package-manager/parse-spec.ts +16 -0
package/src/forge/compiler/package-manager/version.ts +27 -0
package/src/forge/compiler/package-upgrades/apply.ts +195 -0
package/src/forge/compiler/package-upgrades/comparator.ts +181 -0
package/src/forge/compiler/package-upgrades/impact.ts +139 -0
package/src/forge/compiler/package-upgrades/markdown.ts +97 -0
package/src/forge/compiler/package-upgrades/planner.ts +532 -0
package/src/forge/compiler/package-upgrades/risk.ts +208 -0
package/src/forge/compiler/package-upgrades/types.ts +174 -0
package/src/forge/compiler/policy-registry/build.ts +266 -0
package/src/forge/compiler/policy-registry/constants.ts +2 -0
package/src/forge/compiler/policy-registry/parse.ts +81 -0
package/src/forge/compiler/primitives/compare.ts +26 -0
package/src/forge/compiler/primitives/hash.ts +40 -0
package/src/forge/compiler/primitives/header.ts +45 -0
package/src/forge/compiler/primitives/index.ts +45 -0
package/src/forge/compiler/primitives/paths.ts +24 -0
package/src/forge/compiler/primitives/result.ts +164 -0
package/src/forge/compiler/primitives/serialize.ts +66 -0
package/src/forge/compiler/primitives/sort.ts +87 -0
package/src/forge/compiler/query-registry/build.ts +114 -0
package/src/forge/compiler/query-registry/constants.ts +2 -0
package/src/forge/compiler/recipes/definitions.ts +289 -0
package/src/forge/compiler/recipes/helpers.ts +37 -0
package/src/forge/compiler/recipes/index.ts +21 -0
package/src/forge/compiler/recipes/registry.ts +102 -0
package/src/forge/compiler/release/build.ts +100 -0
package/src/forge/compiler/release/types.ts +119 -0
package/src/forge/compiler/runtime-graph/build.ts +137 -0
package/src/forge/compiler/runtime-graph/constants.ts +5 -0
package/src/forge/compiler/runtime-graph/index.ts +5 -0
package/src/forge/compiler/sandbox/artifact-sanitize.ts +26 -0
package/src/forge/compiler/sandbox/backends/child.ts +123 -0
package/src/forge/compiler/sandbox/backends/docker.ts +173 -0
package/src/forge/compiler/sandbox/index.ts +51 -0
package/src/forge/compiler/sandbox/inspect.ts +143 -0
package/src/forge/compiler/sandbox/inspector-entry.ts +115 -0
package/src/forge/compiler/sandbox/limits.ts +31 -0
package/src/forge/compiler/sandbox/scrub-env.ts +60 -0
package/src/forge/compiler/sandbox/secret-scan.ts +54 -0
package/src/forge/compiler/sandbox/serialize.ts +106 -0
package/src/forge/compiler/sandbox/types.ts +7 -0
package/src/forge/compiler/secret-registry/build.ts +123 -0
package/src/forge/compiler/telemetry-registry/build.ts +89 -0
package/src/forge/compiler/telemetry-registry/constants.ts +2 -0
package/src/forge/compiler/telemetry-registry/parse.ts +13 -0
package/src/forge/compiler/test-graph/build.ts +277 -0
package/src/forge/compiler/types/action-subscriptions.ts +19 -0
package/src/forge/compiler/types/ai-registry.ts +33 -0
package/src/forge/compiler/types/app-graph.ts +80 -0
package/src/forge/compiler/types/capability.ts +29 -0
package/src/forge/compiler/types/classification.ts +9 -0
package/src/forge/compiler/types/cli.ts +159 -0
package/src/forge/compiler/types/data-graph.ts +24 -0
package/src/forge/compiler/types/dev-manifest.ts +41 -0
package/src/forge/compiler/types/diagnostic.ts +12 -0
package/src/forge/compiler/types/emit.ts +25 -0
package/src/forge/compiler/types/frontend-graph.ts +81 -0
package/src/forge/compiler/types/import-guards.ts +19 -0
package/src/forge/compiler/types/index.ts +98 -0
package/src/forge/compiler/types/integration.ts +25 -0
package/src/forge/compiler/types/json.ts +3 -0
package/src/forge/compiler/types/live-query-registry.ts +32 -0
package/src/forge/compiler/types/lock.ts +37 -0
package/src/forge/compiler/types/package-graph.ts +84 -0
package/src/forge/compiler/types/policy-registry.ts +69 -0
package/src/forge/compiler/types/query-registry.ts +18 -0
package/src/forge/compiler/types/runtime-graph.ts +30 -0
package/src/forge/compiler/types/runtime-matrix.ts +16 -0
package/src/forge/compiler/types/runtime.ts +30 -0
package/src/forge/compiler/types/sandbox.ts +24 -0
package/src/forge/compiler/types/secret-registry.ts +38 -0
package/src/forge/compiler/types/telemetry-registry.ts +26 -0
package/src/forge/compiler/types/test-graph.ts +45 -0
package/src/forge/compiler/types/workflow-registry.ts +42 -0
package/src/forge/compiler/workflow-registry/build.ts +180 -0
package/src/forge/compiler/workflow-registry/constants.ts +2 -0
package/src/forge/compiler/workflow-registry/index.ts +5 -0
package/src/forge/compiler/workflow-registry/parse.ts +19 -0
package/src/forge/dev/server.ts +1379 -0
package/src/forge/dev/types.ts +49 -0
package/src/forge/dev/watch.ts +109 -0
package/src/forge/dev-console/cycle.ts +652 -0
package/src/forge/dev-console/types.ts +99 -0
package/src/forge/feature/compiler.ts +656 -0
package/src/forge/feature/examples.ts +125 -0
package/src/forge/feature/types.ts +177 -0
package/src/forge/impact/index.ts +1160 -0
package/src/forge/impact/types.ts +151 -0
package/src/forge/intent/index.ts +490 -0
package/src/forge/intent/types.ts +73 -0
package/src/forge/make/fields.ts +146 -0
package/src/forge/make/index.ts +1101 -0
package/src/forge/make/naming.ts +42 -0
package/src/forge/make/templates.ts +525 -0
package/src/forge/make/types.ts +151 -0
package/src/forge/platform/module.ts +20 -0
package/src/forge/policy.ts +1 -0
package/src/forge/react/index.ts +418 -0
package/src/forge/refactor/index.ts +1936 -0
package/src/forge/refactor/text-utils.ts +34 -0
package/src/forge/refactor/types.ts +191 -0
package/src/forge/refactor/workspace-fs.ts +171 -0
package/src/forge/repair/index.ts +656 -0
package/src/forge/repair/rules/index.ts +476 -0
package/src/forge/repair/types.ts +175 -0
package/src/forge/review/index.ts +992 -0
package/src/forge/review/types.ts +196 -0
package/src/forge/runtime/ai/check.ts +86 -0
package/src/forge/runtime/ai/context.ts +394 -0
package/src/forge/runtime/ai/cost-estimator.ts +41 -0
package/src/forge/runtime/ai/mock.ts +49 -0
package/src/forge/runtime/ai/providers.ts +78 -0
package/src/forge/runtime/ai/state.ts +17 -0
package/src/forge/runtime/ai/types.ts +67 -0
package/src/forge/runtime/auth/authenticate.ts +58 -0
package/src/forge/runtime/auth/claims.ts +119 -0
package/src/forge/runtime/auth/config.ts +148 -0
package/src/forge/runtime/auth/errors.ts +45 -0
package/src/forge/runtime/auth/evaluate.ts +126 -0
package/src/forge/runtime/auth/resolve.ts +74 -0
package/src/forge/runtime/auth/types.ts +87 -0
package/src/forge/runtime/auth/verifier.ts +138 -0
package/src/forge/runtime/context/create-context.ts +204 -0
package/src/forge/runtime/context/create-query-context.ts +34 -0
package/src/forge/runtime/db/adapter.ts +31 -0
package/src/forge/runtime/db/factory.ts +83 -0
package/src/forge/runtime/db/generated-client.ts +294 -0
package/src/forge/runtime/db/memory-adapter.ts +706 -0
package/src/forge/runtime/db/migrate.ts +132 -0
package/src/forge/runtime/db/outbox.ts +54 -0
package/src/forge/runtime/db/pglite-adapter.ts +51 -0
package/src/forge/runtime/db/postgres-adapter.ts +112 -0
package/src/forge/runtime/db/read-only-client.ts +97 -0
package/src/forge/runtime/db/session-context.ts +62 -0
package/src/forge/runtime/executor.ts +446 -0
package/src/forge/runtime/live/dependency-tracker.ts +57 -0
package/src/forge/runtime/live/invalidation-log.ts +189 -0
package/src/forge/runtime/live/live-query-runner.ts +267 -0
package/src/forge/runtime/live/registry.ts +28 -0
package/src/forge/runtime/live/sse.ts +75 -0
package/src/forge/runtime/live/subscription-manager.ts +443 -0
package/src/forge/runtime/live/types.ts +143 -0
package/src/forge/runtime/outbox/claim.ts +153 -0
package/src/forge/runtime/outbox/process.ts +298 -0
package/src/forge/runtime/outbox/retry.ts +8 -0
package/src/forge/runtime/outbox/subscriptions.ts +33 -0
package/src/forge/runtime/outbox/types.ts +69 -0
package/src/forge/runtime/policy/check.ts +157 -0
package/src/forge/runtime/policy/load.ts +55 -0
package/src/forge/runtime/query/registry.ts +19 -0
package/src/forge/runtime/query/run-query.ts +347 -0
package/src/forge/runtime/release/runtime.ts +322 -0
package/src/forge/runtime/release/symbolicate.ts +175 -0
package/src/forge/runtime/runner/command-transaction.ts +193 -0
package/src/forge/runtime/runner/run-entry.ts +226 -0
package/src/forge/runtime/secrets/check.ts +78 -0
package/src/forge/runtime/secrets/create-context.ts +138 -0
package/src/forge/runtime/secrets/env-loader.ts +94 -0
package/src/forge/runtime/secrets/runtime-bundle.ts +47 -0
package/src/forge/runtime/secrets/types.ts +31 -0
package/src/forge/runtime/telemetry/buffer.ts +87 -0
package/src/forge/runtime/telemetry/context.ts +192 -0
package/src/forge/runtime/telemetry/correlation.ts +13 -0
package/src/forge/runtime/telemetry/flush.ts +190 -0
package/src/forge/runtime/telemetry/process.ts +20 -0
package/src/forge/runtime/telemetry/scrubber.ts +115 -0
package/src/forge/runtime/telemetry/sinks/local-jsonl.ts +39 -0
package/src/forge/runtime/telemetry/sinks/posthog.ts +64 -0
package/src/forge/runtime/telemetry/sinks/sentry.ts +60 -0
package/src/forge/runtime/telemetry/spans.ts +58 -0
package/src/forge/runtime/telemetry/types.ts +64 -0
package/src/forge/runtime/workflows/cancel.ts +26 -0
package/src/forge/runtime/workflows/create-run.ts +98 -0
package/src/forge/runtime/workflows/process-run.ts +182 -0
package/src/forge/runtime/workflows/process-step.ts +190 -0
package/src/forge/runtime/workflows/process.ts +260 -0
package/src/forge/runtime/workflows/registry.ts +51 -0
package/src/forge/runtime/workflows/resolve-step.ts +46 -0
package/src/forge/runtime/workflows/retry-run.ts +44 -0
package/src/forge/runtime/workflows/retry.ts +8 -0
package/src/forge/runtime/workflows/sanitize.ts +19 -0
package/src/forge/runtime/workflows/start-from-outbox.ts +71 -0
package/src/forge/runtime/workflows/types.ts +77 -0
package/src/forge/server.ts +96 -0
package/src/forge/ui/index.ts +770 -0
package/src/forge/ui/types.ts +191 -0
package/templates/b2b-support-web/.env.example +22 -0
package/templates/b2b-support-web/.vscode/settings.json +14 -0
package/templates/b2b-support-web/AGENTS.md +108 -0
package/templates/b2b-support-web/README.md +48 -0
package/templates/b2b-support-web/forge.config.ts +3 -0
package/templates/b2b-support-web/package.json +34 -0
package/templates/b2b-support-web/src/actions/captureTicketCreated.ts +14 -0
package/templates/b2b-support-web/src/commands/closeTicket.ts +20 -0
package/templates/b2b-support-web/src/commands/createTicket.ts +47 -0
package/templates/b2b-support-web/src/commands/manageBilling.ts +9 -0
package/templates/b2b-support-web/src/forge/schema.ts +35 -0
package/templates/b2b-support-web/src/policies.ts +9 -0
package/templates/b2b-support-web/src/queries/getTicket.ts +6 -0
package/templates/b2b-support-web/src/queries/listTickets.ts +6 -0
package/templates/b2b-support-web/src/queries/liveTickets.ts +9 -0
package/templates/b2b-support-web/src/workflows/triageTicketWorkflow.ts +64 -0
package/templates/b2b-support-web/tsconfig.json +14 -0
package/templates/b2b-support-web/web/app/globals.css +77 -0
package/templates/b2b-support-web/web/app/layout.tsx +13 -0
package/templates/b2b-support-web/web/app/page.tsx +13 -0
package/templates/b2b-support-web/web/app/providers.tsx +21 -0
package/templates/b2b-support-web/web/app/tickets/page.tsx +21 -0
package/templates/b2b-support-web/web/components/CreateTicketForm.tsx +43 -0
package/templates/b2b-support-web/web/components/PolicyDeniedDemo.tsx +31 -0
package/templates/b2b-support-web/web/components/TicketList.tsx +52 -0
package/templates/b2b-support-web/web/components/TraceDetails.tsx +18 -0
package/templates/b2b-support-web/web/components/TriageStatus.tsx +13 -0
package/templates/b2b-support-web/web/lib/forge.ts +13 -0
package/templates/b2b-support-web/web/next-env.d.ts +5 -0
package/templates/b2b-support-web/web/next.config.ts +8 -0
package/templates/b2b-support-web/web/package.json +21 -0
package/templates/b2b-support-web/web/tsconfig.json +30 -0
package/templates/minimal-web/.vscode/settings.json +14 -0
package/templates/minimal-web/README.md +21 -0
package/templates/minimal-web/forge.config.ts +3 -0
package/templates/minimal-web/package.json +32 -0
package/templates/minimal-web/src/actions/logNoteCreated.ts +11 -0
package/templates/minimal-web/src/commands/createNote.ts +26 -0
package/templates/minimal-web/src/forge/schema.ts +12 -0
package/templates/minimal-web/src/policies.ts +6 -0
package/templates/minimal-web/src/queries/listNotes.ts +8 -0
package/templates/minimal-web/src/queries/liveNotes.ts +8 -0
package/templates/minimal-web/tsconfig.json +15 -0
package/templates/minimal-web/web/index.html +12 -0
package/templates/minimal-web/web/package.json +21 -0
package/templates/minimal-web/web/src/App.tsx +89 -0
package/templates/minimal-web/web/src/lib/forge.ts +13 -0
package/templates/minimal-web/web/src/main.tsx +13 -0
package/templates/minimal-web/web/src/styles.css +156 -0
package/templates/minimal-web/web/tsconfig.json +18 -0

package/src/forge/repair/rules/index.ts ADDED Viewed

@@ -0,0 +1,476 @@
+import { createDiagnostic } from "../../compiler/diagnostics/create.ts";
+import { hashStable } from "../../compiler/primitives/hash.ts";
+import type {
+  FailureInput,
+  FailureKind,
+  RepairAffected,
+  RepairConfidence,
+  RepairDiagnosis,
+  RepairRule,
+  SuggestedRepair,
+} from "../types.ts";
+const REPAIR_VERSION = "repair-0.1.0";
+function emptyAffected(): RepairAffected {
+  return {
+    files: [],
+    commands: [],
+    queries: [],
+    liveQueries: [],
+    actions: [],
+    workflows: [],
+    tables: [],
+    policies: [],
+    components: [],
+    packages: [],
+  };
+}
+function push(values: string[], value: string | undefined): void {
+  if (value && !values.includes(value)) {
+    values.push(value);
+  }
+}
+function affectedFromDiagnostics(input: FailureInput): RepairAffected {
+  const affected = emptyAffected();
+  const haystack = `${input.stdout}\n${input.stderr}\n${input.diagnostics.map((d) => `${d.message} ${d.file ?? ""}`).join("\n")}`;
+  for (const diagnostic of input.diagnostics) {
+    push(affected.files, diagnostic.file);
+    const policy = diagnostic.message.match(/\b([a-z][a-z0-9_-]+\.[a-z][a-z0-9_-]+)\b/i)?.[1];
+    if (policy) push(affected.policies, policy);
+  }
+  const command = haystack.match(/\bcommand\s+([a-zA-Z][a-zA-Z0-9_]*)\b/)?.[1] ??
+    haystack.match(/src\/commands\/([a-zA-Z][a-zA-Z0-9_]*)\.ts/)?.[1];
+  push(affected.commands, command);
+  const query = haystack.match(/\bquery\s+([a-zA-Z][a-zA-Z0-9_]*)\b/)?.[1] ??
+    haystack.match(/src\/queries\/([a-zA-Z][a-zA-Z0-9_]*)\.ts/)?.[1];
+  if (query?.toLowerCase().startsWith("live")) push(affected.liveQueries, query);
+  else push(affected.queries, query);
+  const pkg = haystack.match(/\b(stripe|posthog|sentry|openai|anthropic|ai|jose)\b/i)?.[1];
+  push(affected.packages, pkg);
+  affected.files.sort();
+  affected.commands.sort();
+  affected.queries.sort();
+  affected.liveQueries.sort();
+  affected.policies.sort();
+  affected.packages.sort();
+  return affected;
+}
+function diagnosis(input: FailureInput, args: {
+  failureKind: FailureKind;
+  code: string;
+  summary: string;
+  likelyCause: string;
+  suggestedRepairs: SuggestedRepair[];
+  recommendedChecks?: string[];
+  confidence: RepairConfidence;
+}): RepairDiagnosis {
+  const affected = affectedFromDiagnostics(input);
+  const id = `repair_${hashStable(`${args.code}:${args.summary}:${input.source.kind}:${input.source.id ?? ""}:${input.source.file ?? ""}`).slice(0, 12)}`;
+  const diagnostics =
+    input.diagnostics.length > 0
+      ? input.diagnostics
+      : [
+          createDiagnostic({
+            severity: "error",
+            code: args.code,
+            message: args.summary,
+            file: input.source.file,
+          }),
+        ];
+  return {
+    schemaVersion: "0.1.0",
+    repairVersion: REPAIR_VERSION,
+    id,
+    failureKind: args.failureKind,
+    source: input.source,
+    diagnostics,
+    summary: args.summary,
+    likelyCause: args.likelyCause,
+    affected,
+    suggestedRepairs: args.suggestedRepairs,
+    recommendedChecks: args.recommendedChecks ?? [
+      "forge generate",
+      "forge check",
+      "forge verify --changed",
+      "forge verify --strict",
+    ],
+    confidence: args.confidence,
+  };
+}
+function hasCode(input: FailureInput, ...codes: string[]): boolean {
+  const text = `${input.stdout}\n${input.stderr}\n${input.diagnostics.map((d) => `${d.code}\n${d.message}`).join("\n")}`;
+  return codes.some((code) => text.includes(code));
+}
+function firstPolicy(input: FailureInput): string {
+  const text = `${input.stdout}\n${input.stderr}\n${input.diagnostics.map((d) => d.message).join("\n")}`;
+  return text.match(/\b([a-z][a-z0-9_-]+\.[a-z][a-z0-9_-]+)\b/i)?.[1] ?? "resource.action";
+}
+function firstSecret(input: FailureInput): string {
+  const text = `${input.stdout}\n${input.stderr}\n${input.diagnostics.map((d) => d.message).join("\n")}`;
+  return text
+    .match(/\b[A-Z][A-Z0-9_]{2,}\b/g)
+    ?.find((candidate) => !candidate.startsWith("FORGE_")) ?? "SECRET_NAME";
+}
+function firstCommand(input: FailureInput): string {
+  const affected = affectedFromDiagnostics(input);
+  return affected.commands[0] ?? "commandName";
+}
+function firstPackage(input: FailureInput): string {
+  const affected = affectedFromDiagnostics(input);
+  return affected.packages[0] ?? "package-name";
+}
+export const repairRules: RepairRule[] = [
+  {
+    id: "generated-drift",
+    matches: (input) => hasCode(input, "FORGE_DRIFT", "FORGE_ORPHANED_GENERATED_FILE"),
+    diagnose: (input) =>
+      diagnosis(input, {
+        failureKind: "generated-drift",
+        code: "FORGE_DRIFT",
+        summary: "Generated artifacts are stale.",
+        likelyCause: "Source files or compiler inputs changed without regenerating Forge artifacts.",
+        confidence: "high",
+        suggestedRepairs: [
+          {
+            id: "run-generate",
+            kind: "run-command",
+            title: "Regenerate Forge artifacts",
+            description: "Run the deterministic generator to update generated files and forge.lock.",
+            command: "forge generate",
+            confidence: "high",
+            risk: { level: "low", reasons: ["deterministic generated output"] },
+            requiresConfirmation: false,
+          },
+        ],
+      }),
+  },
+  {
+    id: "runtime-guard",
+    matches: (input) => hasCode(input, "FORGE_GUARD_VIOLATION", "FORGE_RUNTIME_GUARD_BLOCKED"),
+    diagnose: (input) => {
+      const command = firstCommand(input);
+      const pkg = firstPackage(input);
+      return diagnosis(input, {
+        failureKind: "runtime-guard",
+        code: "FORGE_GUARD_VIOLATION",
+        summary: `A forbidden package or capability is reachable from deterministic runtime code.`,
+        likelyCause: "A network, secret, AI, or server-only package was imported from a command/query/liveQuery path.",
+        confidence: command !== "commandName" ? "medium" : "low",
+        suggestedRepairs: [
+          {
+            id: "extract-action",
+            kind: "refactor",
+            title: "Move side effect to an action",
+            description: "Make the command emit an event and move the package call to an action.",
+            command: `forge refactor extract-action ${command} --package ${pkg} --event ${command}.requested`,
+            confidence: command !== "commandName" ? "medium" : "low",
+            risk: { level: "medium", reasons: ["changes runtime side-effect boundary"] },
+            requiresConfirmation: true,
+          },
+        ],
+      });
+    },
+  },
+  {
+    id: "policy-auth",
+    matches: (input) =>
+      hasCode(input, "FORGE_POLICY_UNKNOWN", "FORGE_POLICY_MISSING", "FORGE_POLICY_DENIED", "FORGE_AUTH_TENANT_MISSING", "FORGE_AUTH_INVALID_TOKEN"),
+    diagnose: (input) => {
+      const policy = firstPolicy(input);
+      return diagnosis(input, {
+        failureKind: "policy-auth",
+        code: "FORGE_POLICY_UNKNOWN",
+        summary: `Policy or auth configuration needs attention for ${policy}.`,
+        likelyCause: "A runtime entry references a missing policy, an auth context is incomplete, or the caller role is denied.",
+        confidence: "medium",
+        suggestedRepairs: [
+          {
+            id: "make-policy",
+            kind: "make",
+            title: "Create missing policy",
+            description: "Create the policy with conservative owner/admin/member roles, then review access intentionally.",
+            command: `forge make policy ${policy} --roles owner,admin,member --apply --yes`,
+            confidence: "medium",
+            risk: { level: "high", reasons: ["permission changes require human review"] },
+            requiresConfirmation: true,
+          },
+          {
+            id: "simulate-policy",
+            kind: "run-command",
+            title: "Simulate policy",
+            description: "Check whether the expected role is allowed before changing permissions.",
+            command: `forge policy simulate ${policy} --role member`,
+            confidence: "high",
+            risk: { level: "low", reasons: ["read-only diagnostic command"] },
+            requiresConfirmation: false,
+          },
+        ],
+      });
+    },
+  },
+  {
+    id: "secrets",
+    matches: (input) =>
+      hasCode(input, "FORGE_SECRET_DIRECT_PROCESS_ENV", "FORGE_SECRET_MISSING", "FORGE_SECRET_FORBIDDEN_CONTEXT"),
+    diagnose: (input) => {
+      const secret = firstSecret(input);
+      return diagnosis(input, {
+        failureKind: "secrets",
+        code: "FORGE_SECRET_DIRECT_PROCESS_ENV",
+        summary: `Secret/config usage is unsafe or missing for ${secret}.`,
+        likelyCause: "Code reads process.env directly, accesses secrets in a forbidden runtime, or the environment lacks a required secret.",
+        confidence: "high",
+        suggestedRepairs: [
+          {
+            id: "replace-process-env",
+            kind: "refactor",
+            title: "Replace process.env access",
+            description: "Use ctx.secrets where a runtime context is available.",
+            command: `forge refactor replace-process-env ${secret} --yes`,
+            confidence: "high",
+            risk: { level: "low", reasons: ["mechanical secret access replacement"] },
+            requiresConfirmation: true,
+          },
+          {
+            id: "check-secrets",
+            kind: "run-command",
+            title: "Check secrets",
+            description: "Validate secret registry and missing environment names.",
+            command: "forge secrets check",
+            confidence: "high",
+            risk: { level: "low", reasons: ["read-only diagnostic command"] },
+            requiresConfirmation: false,
+          },
+        ],
+      });
+    },
+  },
+  {
+    id: "ai",
+    matches: (input) => hasCode(input, "FORGE_AI_FORBIDDEN_CONTEXT", "FORGE_AI_SECRET_MISSING", "FORGE_AI_PROVIDER_UNKNOWN", "FORGE_AI_GENERATION_FAILED"),
+    diagnose: (input) =>
+      diagnosis(input, {
+        failureKind: "ai",
+        code: "FORGE_AI_FORBIDDEN_CONTEXT",
+        summary: "AI usage failed or appears in a forbidden runtime context.",
+        likelyCause: "AI calls belong in actions/workflows/endpoints/server, not deterministic commands/queries/liveQueries.",
+        confidence: "medium",
+        suggestedRepairs: [
+          {
+            id: "ai-check",
+            kind: "run-command",
+            title: "Check AI providers",
+            description: "Validate provider configuration and mock mode.",
+            command: "forge ai check",
+            confidence: "high",
+            risk: { level: "low", reasons: ["read-only diagnostic command"] },
+            requiresConfirmation: false,
+          },
+          {
+            id: "move-ai",
+            kind: "manual",
+            title: "Move AI call to action/workflow",
+            description: "Store AI output in the database from an action/workflow; queries should read the stored result.",
+            confidence: "medium",
+            risk: { level: "medium", reasons: ["changes runtime architecture"] },
+            requiresConfirmation: true,
+          },
+        ],
+      }),
+  },
+  {
+    id: "query-readonly",
+    matches: (input) =>
+      hasCode(input, "FORGE_QUERY_WRITE_FORBIDDEN", "FORGE_QUERY_EMIT_FORBIDDEN", "FORGE_QUERY_SECRET_FORBIDDEN", "FORGE_QUERY_AI_FORBIDDEN"),
+    diagnose: (input) =>
+      diagnosis(input, {
+        failureKind: "query-readonly",
+        code: "FORGE_QUERY_WRITE_FORBIDDEN",
+        summary: "A query performs work that is forbidden in read-only runtime.",
+        likelyCause: "Queries and liveQueries must be deterministic reads without writes, emits, secrets, AI, or integrations.",
+        confidence: "medium",
+        suggestedRepairs: [
+          {
+            id: "make-command",
+            kind: "make",
+            title: "Move mutation to a command",
+            description: "Create a command for writes or event emission, then keep the query read-only.",
+            command: "forge make command <name> --table <table> --policy <policy>",
+            confidence: "medium",
+            risk: { level: "medium", reasons: ["requires choosing command/table/policy names"] },
+            requiresConfirmation: true,
+          },
+        ],
+      }),
+  },
+  {
+    id: "livequery",
+    matches: (input) =>
+      hasCode(input, "FORGE_LIVE_INVALIDATION_MISSING", "FORGE_LIVE_RERUN_FAILED", "FORGE_LIVE_SNAPSHOT_TOO_LARGE", "FORGE_LIVEQUERY_UNKNOWN", "FORGE_UI_LIVE_UPDATE_TIMEOUT"),
+    diagnose: (input) =>
+      diagnosis(input, {
+        failureKind: "livequery-reactivity",
+        code: "FORGE_LIVE_INVALIDATION_MISSING",
+        summary: "LiveQuery reactivity or subscription delivery failed.",
+        likelyCause: "A write was not tracked, the liveQuery dependency is unknown, the tenant scope mismatched, or the snapshot is too large.",
+        confidence: "medium",
+        suggestedRepairs: [
+          {
+            id: "live-debug",
+            kind: "run-command",
+            title: "Inspect live subscriptions",
+            description: "Inspect liveQuery state and invalidation history.",
+            command: "forge live invalidations --json",
+            confidence: "high",
+            risk: { level: "low", reasons: ["read-only diagnostic command"] },
+            requiresConfirmation: false,
+          },
+        ],
+      }),
+  },
+  {
+    id: "workflow",
+    matches: (input) => hasCode(input, "FORGE_WORKFLOW_STEP_FAILED", "FORGE_WORKFLOW_STEP_DEAD", "FORGE_WORKFLOW_RUN_NOT_FOUND"),
+    diagnose: (input) =>
+      diagnosis(input, {
+        failureKind: "workflow",
+        code: "FORGE_WORKFLOW_STEP_FAILED",
+        summary: "Workflow run or step failed.",
+        likelyCause: "A workflow step threw, missed a secret, received invalid input, or exhausted retries.",
+        confidence: "medium",
+        suggestedRepairs: [
+          {
+            id: "workflow-inspect",
+            kind: "run-command",
+            title: "Inspect workflow run",
+            description: "Inspect step state, attempts, traceId, and last error.",
+            command: "forge workflow inspect <runId> --json",
+            confidence: "high",
+            risk: { level: "low", reasons: ["read-only diagnostic command"] },
+            requiresConfirmation: false,
+          },
+        ],
+      }),
+  },
+  {
+    id: "outbox",
+    matches: (input) => hasCode(input, "FORGE_OUTBOX_PROCESS_FAILED", "FORGE_OUTBOX_DELIVERY_NOT_FOUND", "dead-letter", "delivery dead"),
+    diagnose: (input) =>
+      diagnosis(input, {
+        failureKind: "outbox",
+        code: "FORGE_OUTBOX_PROCESS_FAILED",
+        summary: "Outbox delivery failed or is dead-lettered.",
+        likelyCause: "The subscribed action failed repeatedly, often due to secret, integration, payload, or network configuration.",
+        confidence: "medium",
+        suggestedRepairs: [
+          {
+            id: "outbox-retry",
+            kind: "run-command",
+            title: "Retry delivery after fixing action",
+            description: "Retry the delivery once the underlying action/integration issue is fixed.",
+            command: "forge outbox retry <deliveryId>",
+            confidence: "medium",
+            risk: { level: "medium", reasons: ["replays a side-effect delivery"] },
+            requiresConfirmation: true,
+          },
+        ],
+      }),
+  },
+  {
+    id: "package-upgrade",
+    matches: (input) =>
+      hasCode(input, "FORGE_DEPS_API_BREAKING_CHANGE", "FORGE_DEPS_REMOVED_EXPORT_USED", "FORGE_DEPS_SIGNATURE_CHANGED_USED", "FORGE_DEPS_APPLY_FAILED"),
+    diagnose: (input) =>
+      diagnosis(input, {
+        failureKind: "package-upgrade",
+        code: "FORGE_DEPS_API_BREAKING_CHANGE",
+        summary: "Package upgrade introduced an API or runtime compatibility issue.",
+        likelyCause: "The upgrade plan contains removed exports, changed signatures, new capabilities, or failing callsites.",
+        confidence: "medium",
+        suggestedRepairs: [
+          {
+            id: "deps-check",
+            kind: "run-command",
+            title: "Inspect package upgrade risk",
+            description: "Re-run the upgrade checker and inspect affected callsites.",
+            command: "forge deps upgrade-check --json",
+            confidence: "high",
+            risk: { level: "low", reasons: ["read-only diagnostic command"] },
+            requiresConfirmation: false,
+          },
+        ],
+      }),
+  },
+  {
+    id: "frontend-client",
+    matches: (input) => hasCode(input, "server-only", "client", "ForgeError", "React", "FORGE_UI_EXPECTATION_FAILED", "FORGE_UI_SELECTOR_NOT_FOUND", "FORGE_UI_CONSOLE_ERROR", "FORGE_UI_NETWORK_ERROR"),
+    diagnose: (input) =>
+      diagnosis(input, {
+        failureKind: "frontend-client",
+        code: "FORGE_REPAIR_FRONTEND_CLIENT",
+        summary: "Frontend/client failure needs client-safe API or hook review.",
+        likelyCause: "A frontend component may import server-only code or use Forge client hooks without the expected provider/auth context.",
+        confidence: "low",
+        suggestedRepairs: [
+          {
+            id: "client-safe-imports",
+            kind: "manual",
+            title: "Use generated client-safe entrypoints",
+            description: "Import from generated client/react surfaces instead of server adapters.",
+            confidence: "low",
+            risk: { level: "medium", reasons: ["requires component-specific review"] },
+            requiresConfirmation: true,
+          },
+        ],
+      }),
+  },
+  {
+    id: "release-deploy",
+    matches: (input) => hasCode(input, "FORGE_RELEASE_", "FORGE_SOURCEMAP_", "self-host", "deploy"),
+    diagnose: (input) =>
+      diagnosis(input, {
+        failureKind: "release-deploy",
+        code: "FORGE_RELEASE_ARTIFACT_MISSING",
+        summary: "Release or deployment verification failed.",
+        likelyCause: "Release artifacts, source maps, self-host files, or environment configuration are missing or stale.",
+        confidence: "medium",
+        suggestedRepairs: [
+          {
+            id: "release-check",
+            kind: "run-command",
+            title: "Run release and self-host checks",
+            description: "Inspect release/deploy generated artifacts and runtime health assumptions.",
+            command: "forge release check",
+            confidence: "high",
+            risk: { level: "low", reasons: ["read-only diagnostic command"] },
+            requiresConfirmation: false,
+          },
+        ],
+      }),
+  },
+];
+export function explainDiagnostic(code: string): string {
+  const explanations: Record<string, string> = {
+    FORGE_DRIFT: "Generated artifacts are stale. Run forge generate, then forge generate --check.",
+    FORGE_GUARD_VIOLATION: "A package or capability is used in a runtime context where it is forbidden. Move side effects to actions/workflows.",
+    FORGE_POLICY_UNKNOWN: "A runtime entry references a missing policy. Create or correct the policy, then simulate expected roles.",
+    FORGE_POLICY_DENIED: "The caller auth context does not satisfy the policy. Fix test auth or intentionally update policy roles.",
+    FORGE_SECRET_DIRECT_PROCESS_ENV: "Code reads process.env directly. Use ctx.secrets/ctx.config in allowed runtime contexts.",
+    FORGE_AI_FORBIDDEN_CONTEXT: "AI is being used in a deterministic context. Move AI calls to action/workflow/server runtime.",
+    FORGE_WORKFLOW_STEP_FAILED: "A workflow step failed. Inspect the workflow run and trace before retrying.",
+    FORGE_OUTBOX_PROCESS_FAILED: "An outbox delivery failed. Inspect the subscribed action and retry after fixing the cause.",
+    FORGE_DEPS_API_BREAKING_CHANGE: "A package upgrade changed API/runtime compatibility. Inspect the upgrade plan and affected callsites.",
+  };
+  return explanations[code] ?? `${code}: no specific repair explanation is registered yet. Run forge repair diagnose --diagnostic ${code} --json for generic guidance.`;
+}

package/src/forge/repair/types.ts ADDED Viewed

@@ -0,0 +1,175 @@
+import type { Diagnostic } from "../compiler/types/diagnostic.ts";
+import type { PlannedFile, PlannedPatch } from "../make/types.ts";
+export type RepairSubcommand =
+  | "diagnose"
+  | "explain"
+  | "plan"
+  | "apply"
+  | "run"
+  | "list"
+  | "inspect"
+  | "rollback";
+export type FailureKind =
+  | "generated-drift"
+  | "runtime-guard"
+  | "policy-auth"
+  | "tenant-isolation"
+  | "rls"
+  | "query-readonly"
+  | "livequery-reactivity"
+  | "db-migration"
+  | "workflow"
+  | "outbox"
+  | "telemetry"
+  | "secrets"
+  | "ai"
+  | "package-upgrade"
+  | "frontend-client"
+  | "release-deploy"
+  | "typecheck"
+  | "test-failure"
+  | "unknown";
+export type RepairConfidence = "low" | "medium" | "high";
+export type RepairRiskLevel = "low" | "medium" | "high";
+export interface RepairSource {
+  kind:
+    | "test-run"
+    | "ui-run"
+    | "trace"
+    | "workflow-run"
+    | "outbox-delivery"
+    | "diagnostic"
+    | "manual";
+  id?: string;
+  file?: string;
+}
+export interface RepairAffected {
+  files: string[];
+  commands: string[];
+  queries: string[];
+  liveQueries: string[];
+  actions: string[];
+  workflows: string[];
+  tables: string[];
+  policies: string[];
+  components: string[];
+  packages: string[];
+}
+export interface SuggestedRepair {
+  id: string;
+  kind: "run-command" | "refactor" | "make" | "patch" | "manual";
+  title: string;
+  description: string;
+  command?: string;
+  patchPreview?: PlannedPatch[];
+  confidence: RepairConfidence;
+  risk: {
+    level: RepairRiskLevel;
+    reasons: string[];
+  };
+  requiresConfirmation: boolean;
+}
+export interface RepairDiagnosis {
+  schemaVersion: "0.1.0";
+  repairVersion: string;
+  id: string;
+  failureKind: FailureKind;
+  source: RepairSource;
+  diagnostics: Diagnostic[];
+  summary: string;
+  likelyCause: string;
+  affected: RepairAffected;
+  suggestedRepairs: SuggestedRepair[];
+  recommendedChecks: string[];
+  confidence: RepairConfidence;
+}
+export interface RepairPlan {
+  schemaVersion: "0.1.0";
+  repairVersion: string;
+  id: string;
+  diagnosis: RepairDiagnosis;
+  selectedRepair?: string;
+  filesToModify: PlannedPatch[];
+  filesToCreate: PlannedFile[];
+  filesToDelete: Array<{ file: string; description: string }>;
+  commandsToRun: string[];
+  verificationPlan: {
+    targeted: string[];
+    final: string[];
+  };
+  rollback: {
+    snapshotFile: string;
+    files: string[];
+    instructions: string[];
+  };
+  diagnostics: Diagnostic[];
+}
+export interface RepairApplyRecord {
+  schemaVersion: "0.1.0";
+  id: string;
+  repairId: string;
+  status: "applied" | "rolled-back" | "failed";
+  commandsRun: string[];
+  results: Array<{
+    command: string;
+    ok: boolean;
+    exitCode: number;
+    stdout?: string;
+    stderr?: string;
+  }>;
+}
+export interface FailureInput {
+  source: RepairSource;
+  diagnostics: Diagnostic[];
+  failedCommands: string[];
+  stdout: string;
+  stderr: string;
+}
+export interface RepairRule {
+  id: string;
+  matches(input: FailureInput): boolean;
+  diagnose(input: FailureInput): RepairDiagnosis;
+}
+export interface RepairCommandOptions {
+  subcommand: RepairSubcommand;
+  workspaceRoot: string;
+  json: boolean;
+  fromLastTestRun: boolean;
+  fromLastUiRun?: boolean;
+  from?: string;
+  traceId?: string;
+  workflowRunId?: string;
+  outboxDeliveryId?: string;
+  diagnosticCode?: string;
+  repairId?: string;
+  selectedRepair?: string;
+  write: boolean;
+  yes: boolean;
+  keepFailed: boolean;
+  allowMediumConfidence: boolean;
+  maxAttempts: number;
+  commitFriendly: boolean;
+}
+export interface RepairResult {
+  ok: boolean;
+  diagnosis?: RepairDiagnosis;
+  plan?: RepairPlan;
+  plans?: RepairPlan[];
+  record?: RepairApplyRecord;
+  explanation?: string;
+  diagnostics: Diagnostic[];
+  exitCode: 0 | 1;
+}