hadara 0.1.0-rc.0 → 0.2.0-rc.0

package/README.md

@@ -1,54 +1,253 @@
 # HADARA
 
-**HADARA** is a portable agentic development workbench.
+<p align="center">
+  <img src="https://raw.githubusercontent.com/ictseoyoungmin/HADARA-dev/main/docs/assets/hadara_sub_right_name.png" alt="HADARA" width="720">
+</p>
+
+<p align="center">
+  <img alt="Release candidate" src="https://img.shields.io/badge/release-0.2.0--rc.0-blue">
+  <img alt="Node.js" src="https://img.shields.io/badge/node-%3E%3D22-brightgreen">
+  <img alt="License" src="https://img.shields.io/badge/license-MIT-lightgrey">
+</p>
+
+**HADARA** is a portable agentic development workbench for keeping long-running AI-assisted software work inspectable, resumable, and evidence-backed.
 
 > Unbroken Context, Verified Development.
 
 HADARA is named from **Harness + Dara**. A harness safely binds and controls complex systems; Dara carries layered associations of holding, wisdom, durability, and continuity. HADARA binds non-deterministic LLM agent work into a production-oriented workflow through Task Capsules, Session Continuity, Policy Layers, Evidence Logs, and Handoff Protocols.
 
-This repository is a **bootstrap skeleton** for developing HADARA using the HADARA protocol itself.
+This repository is both the HADARA source checkout and the HADARA protocol workspace used to build it.
+
+## Release Status
+
+The current source checkout targets:
+
+```text
+hadara@0.2.0-rc.0
+```
+
+T-0268 refreshed package smoke, clean-checkout smoke, release artifact, release dry-run, and publish dry-run evidence for `0.2.0-rc.0`. T-0269 is the approval-gated publish capsule for this RC.
+
+Current publish boundaries:
+
+| Surface | Status |
+|---|---|
+| npm package | Primary release target. |
+| `hadara@0.1.0-rc.0` | Published first RC. |
+| `hadara@0.2.0-rc.0` | Current source and publish-candidate version. |
+| GitHub Release | Secondary target, still approval-gated. |
+| Docker image | Deferred. |
+| PyPI/Python package | Advisory preview only. |
+| Installer scripts / USB launchers | Deferred. |
+
+No release command should publish, create a GitHub Release, build Docker images, upload artifacts, or load token values unless an operator explicitly approves the mutation path for the active release capsule.
+
+## Install
+
+Requires Node.js 22.
+
+Install the current RC:
+
+```bash
+npm install -g hadara@0.2.0-rc.0
+hadara doctor --json
+hadara task list --json
+hadara tools list --json
+```
+
+Run without a global install:
+
+```bash
+npx hadara@0.2.0-rc.0 doctor --json
+npx hadara@0.2.0-rc.0 tools list --json
+```
+
+Previous RC: `hadara@0.1.0-rc.0` remains available on npm for comparison or rollback, but new installs should use the current RC once it is published.
+
+## What HADARA Gives You
+
+| Capability | Purpose |
+|---|---|
+| Task Capsules | Keep each unit of work scoped, evidenced, and resumable. |
+| Evidence Logs | Record public, reduced proof of validation without raw private logs. |
+| Handoff Protocol | Preserve current state for the next operator or agent. |
+| Policy Surfaces | Inspect command risk and release boundaries before mutation. |
+| CLI JSON Reports | Give agents and automation stable read models. |
+| Read-only MCP Bridge | Expose project/task/evidence state without default write tools. |
+| Dashboard and TUI | Provide local operator observation surfaces over existing read models. |
+| Release Gates | Check release readiness through evidence-backed dry-run reports. |
 
-## Quick Start
+HADARA is deliberately conservative. Read surfaces are broad; write and release surfaces are narrow, explicit, and evidence-oriented.
+
+## Common Commands
+
+Project and protocol health:
+
+```bash
+hadara doctor --json
+hadara status --json
+hadara ops status --json
+hadara tools list --json
+hadara protocol doctor --json
+hadara protocol doctor --scope docs --json
+```
+
+Task workflow:
+
+```bash
+hadara task next --json
+hadara task create "implement a focused change" --json
+hadara task status --task T-0001 --json
+hadara task ready --task T-0001 --level done --json
+hadara task finish --task T-0001 --json
+hadara task finish --task T-0001 --execute --json
+hadara task close --task T-0001 --json
+hadara task close --task T-0001 --execute --json
+hadara task audit-close --task T-0001 --json
+```
+
+Evidence and handoff:
+
+```bash
+hadara evidence collect --task T-0001 --json
+hadara evidence add-command --task T-0001 --summary "Focused validation passed." --result passed --json
+hadara evidence list --task T-0001 --json
+hadara handoff suggest --task T-0001 --json
+```
+
+Release and package readiness:
+
+```bash
+hadara package smoke --dry-run --json
+hadara package smoke --execute --attach-evidence --task T-0001 --json
+hadara smoke clean-checkout --execute --attach-evidence --task T-0001 --json
+hadara release artifact --execute --json --output dist-release --attach-evidence --task T-0001
+hadara release gate --mode strict --json
+hadara release dry-run --json
+hadara release publish --mode dry-run --json
+```
+
+`package smoke --execute`, `smoke clean-checkout --execute`, and `release artifact --execute` create local validation artifacts and reduced public evidence only. They must not publish packages, create GitHub Releases, build Docker images, push images, or load publish token values.
+
+`release publish --mode dry-run` reports readiness, token presence by name, approval requirements, and mutation privacy flags without running `npm publish`. Any publish execution must happen only in a separate approval-gated release capsule with explicit operator confirmation.
+
+## Task Capsule Lifecycle
+
+HADARA task workflow commands have distinct read/write boundaries. The full command semantics live in `docs/TASK_WORKFLOW_COMMANDS.md`.
+
+Phase 6 reports support optional actor/run metadata for future multi-agent-compatible workflows. Commands such as `task complete`, `task finish`, `task ready`, `task close`, `task audit-close`, `handoff suggest`, and `dev docker-check` may accept metadata such as `--agent-id`, `--run-id`, `--actor-role`, and `--parent-run-id`. These fields improve provenance but do not enable a scheduler or full multi-agent runtime.
+
+```bash
+hadara task next --json
+
+# If a matching capsule already exists:
+hadara task status --task T-XXXX --json
+
+# If no matching capsule exists, create one first:
+hadara task create "implement a focused change" --json
+hadara task status --task T-XXXX --json
+
+# Do the scoped work.
+
+hadara evidence add-command --task T-XXXX --summary "..." --result passed --json
+hadara task ready --task T-XXXX --level done --json
+
+# Optional workflow compression / next action preview:
+hadara task complete --task T-XXXX --json
+
+hadara task finish --task T-XXXX --json
+hadara task finish --task T-XXXX --execute --json
+
+hadara task close --task T-XXXX --json
+hadara task close --task T-XXXX --execute --json
+
+hadara task audit-close --task T-XXXX --json
+```
+
+Important distinctions:
+
+| Command | Boundary |
+|---|---|
+| `task status` | Read-only operator console. `ok:true` means the report was generated, not that the task is ready. |
+| `task complete` | Read-only workflow compressor. It reports the current stage and next action. |
+| `task finish --execute` | Writes only bounded status bookkeeping in `TASK.md` and `docs/TASK_BOARD.md`. |
+| `task close --execute` | Appends close evidence only. |
+| `task audit-close` | Read-only close proof audit. |
+
+## Initialize a Project
+
+```bash
+hadara init                  # default: standard
+hadara init --profile basic
+hadara init --profile standard
+hadara init --profile governed
+```
+
+| Profile | Use When |
+|---|---|
+| `basic` | Small project, only task/handoff discipline needed. |
+| `standard` | Default multi-session project with planning and validation docs. |
+| `governed` | Long-lived project with security, refactor, roadmap, or operational governance needs. |
+
+Init maintenance commands dry-run by default unless `--execute` is supplied:
+
+```bash
+hadara init doctor --json
+hadara init upgrade --profile governed --json
+hadara init register-doc --path docs/specs/LOCAL.md --when "Local work" --purpose "Local spec" --json
+hadara init enable-integration --integration mcp --json
+```
+
+`register-doc` can use `--require-exists` when missing referenced docs should be treated as an error. `enable-integration` registers project guidance docs only; it does not enable Hermes/MCP runtime behavior or change capability gates. `upgrade` creates missing scaffold docs and updates known generated profile metadata; it does not rewrite unrelated user-authored content.
+
+## Develop from Source
+
+Use Node.js 22.
 
 ```bash
 npm install
-npm run dev -- doctor
-npm run dev -- task create "implement ProviderClient contract"
-npm run dev -- task list
-npm test
+npm run build
+node dist/cli/main.js doctor --json
+npm run check
 ```
 
-Linux/macOS portable launcher:
+For HADARA-dev itself, Docker is the preferred validation path because host `node_modules` on mounted workspaces can be unreliable:
 
 ```bash
-chmod +x ./start.sh
-./start.sh doctor
+npm run dev:docker-check
+npm run dev:docker-sync-build
 ```
 
-Windows launcher:
+Focused validation:
 
-```bat
-START.bat doctor
+```bash
+npm run test:focused -- tests/unit/release-dry-run.test.ts
 ```
 
-## Development Principle
+## Release Discipline
 
-HADARA development must dogfood the HADARA workflow:
+HADARA release work is evidence-first.
 
-1. Read `docs/PROJECT_STATE.md`
-2. Read `docs/AGENT_HANDOFF.md`
-3. Read `docs/TASK_BOARD.md`
-4. Work inside a Task Capsule
-5. Attach evidence before marking work complete
-6. Update handoff before stopping
+Before any npm publish:
 
-## Store Separation
+1. Confirm the git worktree is clean.
+2. Run `hadara release dry-run --json`.
+3. Run `hadara release publish --mode dry-run --json`.
+4. Confirm `NPM_TOKEN` presence without printing the token value.
+5. Confirm the exact package version is not already on npm.
+6. Generate fresh package, clean-checkout, and release-artifact evidence for the active release capsule.
+7. Publish only after explicit operator approval.
+8. Verify with `npm view hadara@<version> version`.
+9. Attach reduced publish evidence.
+10. Update release notes, Project State, Agent Handoff, and the active Task Capsule.
+
+Never write token values, private logs, raw npm output, private paths, or local machine state into committed evidence.
 
-HADARA separates **portable runtime state** from **project-owned development state**.
+## Store Separation
 
-### Portable / USB Store
+HADARA separates portable runtime state from project-owned development state.
 
-Located under the HADARA installation root:
+Portable/local runtime state:
 
 ```text
 data/
@@ -61,49 +260,44 @@ data/
   exports/
 ```
 
-This is **not committed**. It is local, portable, and may live on a USB drive.
-
-### Project Repo Store
-
-Located inside each project repository:
+Project-owned reproducible state:
 
 ```text
 docs/
 tasks/
 .hadara/
 AGENTS.md
-.hermes.md
-HERMES.md
 ```
 
-This is committed when it represents reproducible project state, conventions, or agent context.
+Portable/local state is not committed. Project docs, Task Capsules, and reduced public evidence are committed when they represent reproducible context.
 
-## Initial CLI Commands
+## Optional / Deferred Integrations
+
+Hermes and MCP surfaces exist for compatibility experiments and read-only bridge work. They are not generated by `hadara init` and are not part of the default scaffold. Use them only when a project explicitly opts into integration guidance.
 
 ```bash
-hadara init
-hadara doctor
-hadara task create "..."
-hadara task list
-hadara task show T-0001
-hadara evidence collect --task T-0001
-hadara handoff update --task T-0001
-hadara hermes detect
-hadara hermes export-context
+hadara init enable-integration --integration hermes --execute --json
+hadara init enable-integration --integration mcp --execute --json
+hadara hermes detect --json
+hadara hermes export-context --json
 hadara mcp serve
 ```
 
-Current CLI is a seed implementation. Full agent execution, provider integration, dashboard, and MCP server runtime are intentionally stubbed for later tasks.
+The default MCP server remains read-only. Evidence attach is opt-in, approval-recorded, and audited.
 
-## Test Suites
+## Deferred
 
-```bash
-npm run test:unit
-npm run test:contract
-npm run test:harness
-npm run check
-```
+These are intentionally not part of the current default runtime:
+
+- Full multi-agent scheduler/controller.
+- Broad MCP write tools.
+- Shell execution through agents.
+- Real provider execution as the default path.
+- GitHub Release automation as a default path.
+- Docker image publishing.
+- Installer scripts and USB portable launchers.
+- Live dashboard streaming.
 
 ## License
 
-TBD. Recommended candidates: Apache-2.0 or MIT.
+HADARA is released under the MIT License. You can use, copy, modify, distribute, and build on it under the terms in `LICENSE`.

package/dist/agent/evidence.js

@@ -41,7 +41,7 @@ function toAttachment(projectRoot, appended, summary, result) {
         kind: 'command-log',
         summary,
         result,
-        evidencePath: appended.evidence.evidencePath ?? '',
+        evidencePath: (0, evidence_1.persistedEvidencePath)(appended.evidence) ?? '',
         markdownPath: toPortablePath(node_path_1.default.relative(projectRoot, appended.markdownPath))
     };
 }

package/dist/cli/actor.js

@@ -0,0 +1,17 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getActorContextOption = getActorContextOption;
+const actor_context_1 = require("../core/actor-context");
+const args_1 = require("./args");
+function getActorContextOption(args) {
+    const agentId = (0, args_1.getStringOption)(args, '--agent-id');
+    const runId = (0, args_1.getStringOption)(args, '--run-id');
+    const role = (0, args_1.getStringOption)(args, '--actor-role');
+    const parentRunId = (0, args_1.getStringOption)(args, '--parent-run-id');
+    if (agentId === undefined && runId === undefined && role === undefined && parentRunId === undefined)
+        return undefined;
+    if (role !== undefined && !(0, actor_context_1.isHadaraActorRole)(role)) {
+        throw new Error(`unsupported --actor-role: ${role}`);
+    }
+    return (0, actor_context_1.resolveHadaraActorContext)({ agentId, runId, role, parentRunId }).actor;
+}

package/dist/cli/dashboard.js

@@ -11,10 +11,19 @@ const node_fs_1 = __importDefault(require("node:fs"));
 const node_http_1 = __importDefault(require("node:http"));
 const node_path_1 = __importDefault(require("node:path"));
 const active_run_state_1 = require("../services/active-run-state");
+const dashboard_bootstrap_1 = require("../services/dashboard-bootstrap");
+const dashboard_cache_1 = require("../services/dashboard-cache");
+const dashboard_core_1 = require("../services/dashboard-core");
+const dashboard_refresh_1 = require("../services/dashboard-refresh");
+const dashboard_task_detail_1 = require("../services/dashboard-task-detail");
+const dashboard_heavy_projection_1 = require("../services/dashboard-heavy-projection");
+const evidence_lint_1 = require("../services/evidence-lint");
 const evidence_list_1 = require("../services/evidence-list");
+const dashboard_timeline_1 = require("../services/dashboard-timeline");
 const operational_debt_1 = require("../services/operational-debt");
 const operations_status_service_1 = require("../services/operations-status-service");
 const task_read_model_1 = require("../services/task-read-model");
+const task_workbench_1 = require("../services/task-workbench");
 const args_1 = require("./args");
 const DASHBOARD_HTML = node_path_1.default.join('docs', 'design', 'dashboard', 'index.html');
 const DASHBOARD_FIXTURE = node_path_1.default.join('docs', 'design', 'fixtures', 'hadara.ops.status.sample.json');
@@ -43,6 +52,7 @@ function serveDashboard(projectRoot, options = {}) {
     server.listen(port, host, () => {
         const address = server.address();
         const actualPort = typeof address === 'object' && address ? address.port : port;
+        (0, dashboard_refresh_1.warmDashboardProjections)(projectRoot);
         // console.log(`[HADARA] Dashboard serving sample fixture at http://${host}:${actualPort}/dashboard/`);
         console.log(`[HADARA] Dashboard serving at http://${host}:${actualPort}/dashboard/ with read-only APIs under /api/.`);
     });
@@ -85,32 +95,93 @@ function createDashboardApiResponse(projectRoot, requestUrl, method) {
     const headOnly = normalizedMethod === 'HEAD';
     if (url.pathname === '/api/status')
         return jsonResponse((0, operations_status_service_1.createOpsStatusReport)(projectRoot), headOnly);
+    if (url.pathname === '/api/dashboard/core') {
+        const bypassProjection = url.searchParams.get('cache') === 'bypass';
+        const status = bypassProjection ? null : (0, dashboard_refresh_1.createDashboardProjectionStatusReport)(projectRoot);
+        return jsonResponse((0, dashboard_core_1.createDashboardCoreReport)(projectRoot, {
+            bypassProjection,
+            projectionFreshness: status?.projections.core.freshness,
+            refreshState: status?.refresh.state,
+            pendingSections: status?.pendingSections,
+            staleSections: status?.staleSections
+        }), headOnly);
+    }
+    if (url.pathname === '/api/dashboard/projection/status')
+        return jsonResponse((0, dashboard_refresh_1.createDashboardProjectionStatusReport)(projectRoot), headOnly);
+    if (url.pathname === '/api/dashboard/refresh')
+        return jsonResponse((0, dashboard_refresh_1.triggerDashboardProjectionRefresh)(projectRoot, 'api'), headOnly);
+    if (url.pathname === '/api/dashboard/timeline')
+        return jsonResponse((0, dashboard_heavy_projection_1.createProjectedDashboardTimelineReport)(projectRoot), headOnly);
+    if (url.pathname === '/api/dashboard/debt')
+        return jsonResponse((0, dashboard_heavy_projection_1.createProjectedDashboardDebtReport)(projectRoot), headOnly);
+    if (url.pathname === '/api/dashboard/bootstrap') {
+        const selectedTaskId = url.searchParams.get('selectedTaskId')?.trim();
+        const tier = url.searchParams.get('tier') === 'core' ? 'core' : 'full';
+        const keyParts = ['bootstrap'];
+        if (tier === 'core')
+            keyParts.push('core');
+        if (selectedTaskId)
+            keyParts.push('selected', selectedTaskId);
+        const key = (0, dashboard_cache_1.createDashboardCacheKey)(projectRoot, ...keyParts);
+        const cached = (0, dashboard_cache_1.getOrCreateCachedReport)(key, { ttlMs: dashboard_cache_1.DASHBOARD_CACHE_TTLS.bootstrap, bypass: url.searchParams.get('cache') === 'bypass' }, () => (0, dashboard_bootstrap_1.createDashboardBootstrapReport)(projectRoot, { tier, ...(selectedTaskId ? { selectedTaskId } : {}) }));
+        return jsonResponse((0, dashboard_cache_1.withDashboardCacheMetadata)(cached.value, cached.cache), headOnly);
+    }
+    if (url.pathname === '/api/dashboard/task-detail') {
+        const taskId = url.searchParams.get('taskId')?.trim();
+        if (!taskId)
+            return missingTaskId(headOnly);
+        const key = (0, dashboard_cache_1.createDashboardCacheKey)(projectRoot, 'task-detail', taskId);
+        const cached = (0, dashboard_cache_1.getOrCreateCachedReport)(key, { ttlMs: dashboard_cache_1.DASHBOARD_CACHE_TTLS.taskDetail, bypass: url.searchParams.get('cache') === 'bypass' }, () => (0, dashboard_task_detail_1.createDashboardTaskDetailReport)(projectRoot, taskId));
+        return jsonResponse((0, dashboard_cache_1.withDashboardCacheMetadata)(cached.value, cached.cache), headOnly);
+    }
+    if (url.pathname === '/api/dashboard/cache/status')
+        return jsonResponse((0, dashboard_cache_1.createDashboardCacheStatusReport)(), headOnly);
     if (url.pathname === '/api/tasks')
         return jsonResponse((0, task_read_model_1.createTaskListReport)(projectRoot), headOnly);
     if (url.pathname === '/api/active-run')
         return jsonResponse((0, active_run_state_1.safeCreateActiveRunProjection)(projectRoot), headOnly);
     if (url.pathname === '/api/debt')
         return jsonResponse((0, operational_debt_1.createOperationalDebtReport)(projectRoot), headOnly);
+    if (url.pathname === '/api/timeline') {
+        const taskId = url.searchParams.get('taskId')?.trim();
+        const key = taskId ? (0, dashboard_cache_1.createDashboardCacheKey)(projectRoot, 'timeline', taskId) : (0, dashboard_cache_1.createDashboardCacheKey)(projectRoot, 'timeline');
+        const cached = (0, dashboard_cache_1.getOrCreateCachedReport)(key, { ttlMs: dashboard_cache_1.DASHBOARD_CACHE_TTLS.timeline, bypass: url.searchParams.get('cache') === 'bypass' }, () => (0, dashboard_timeline_1.createDashboardTimelineReport)(projectRoot, taskId ? { taskId } : {}));
+        return jsonResponse((0, dashboard_cache_1.withDashboardCacheMetadata)(cached.value, cached.cache), headOnly);
+    }
+    if (url.pathname === '/api/task-workbench') {
+        const taskId = url.searchParams.get('taskId')?.trim();
+        if (!taskId)
+            return missingTaskId(headOnly);
+        return jsonResponse((0, task_workbench_1.createTaskWorkbenchReport)(projectRoot, taskId), headOnly);
+    }
+    if (url.pathname === '/api/evidence-lint') {
+        const taskId = url.searchParams.get('taskId')?.trim();
+        if (!taskId)
+            return missingTaskId(headOnly);
+        return jsonResponse((0, evidence_lint_1.createEvidenceLintReport)(projectRoot, taskId), headOnly);
+    }
     if (url.pathname === '/api/evidence') {
         const taskId = url.searchParams.get('taskId')?.trim();
-        if (!taskId) {
-            return jsonResponse({
-                schemaVersion: 'hadara.dashboard.api.error.v1',
-                command: 'dashboard.api',
-                ok: false,
-                issues: [
-                    {
-                        severity: 'error',
-                        code: 'TASK_ID_REQUIRED',
-                        message: 'Missing required query parameter: taskId.'
-                    }
-                ]
-            }, headOnly, 400);
-        }
+        if (!taskId)
+            return missingTaskId(headOnly);
         return jsonResponse((0, evidence_list_1.createEvidenceListReport)(projectRoot, { taskId }), headOnly);
     }
     return notFound();
 }
+function missingTaskId(headOnly) {
+    return jsonResponse({
+        schemaVersion: 'hadara.dashboard.api.error.v1',
+        command: 'dashboard.api',
+        ok: false,
+        issues: [
+            {
+                severity: 'error',
+                code: 'TASK_ID_REQUIRED',
+                message: 'Missing required query parameter: taskId.'
+            }
+        ]
+    }, headOnly, 400);
+}
 function safePathname(requestUrl) {
     const url = safeUrl(requestUrl);
     return url?.pathname ?? null;

package/dist/cli/dev.js

@@ -0,0 +1,43 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.handleDevCommand = handleDevCommand;
+const docker_check_1 = require("../dev/docker-check");
+const actor_1 = require("./actor");
+const args_1 = require("./args");
+function handleDevCommand(input) {
+    const sub = input.args[1];
+    if (sub !== 'docker-check')
+        return false;
+    const report = (0, docker_check_1.createDevDockerCheckReport)(input.projectRoot, {
+        focusedTests: getFocusedTests(input.args),
+        syncDist: (0, args_1.getFlag)(input.args, '--sync-dist'),
+        fullCheck: (0, args_1.getFlag)(input.args, '--full'),
+        actor: (0, actor_1.getActorContextOption)(input.args),
+        distBeforeHash: (0, args_1.getStringOption)(input.args, '--before-hash'),
+        allowMissingBeforeHash: (0, args_1.getFlag)(input.args, '--allow-missing-before-hash')
+    });
+    if (input.jsonOutput) {
+        console.log(JSON.stringify(report, null, 2));
+    }
+    else {
+        console.log((0, docker_check_1.formatDevDockerCheckReport)(report));
+    }
+    if (!report.ok)
+        process.exitCode = 6;
+    return true;
+}
+function getFocusedTests(args) {
+    const index = args.indexOf('--focused');
+    if (index === -1)
+        return [];
+    const values = [];
+    for (let i = index + 1; i < args.length; i += 1) {
+        const value = args[i];
+        if (value.startsWith('--'))
+            break;
+        values.push(value);
+    }
+    if (values.length === 0)
+        throw new Error('dev docker-check --focused requires at least one test path');
+    return values;
+}

package/dist/cli/evidence.js

@@ -6,7 +6,9 @@ exports.parseEvidenceResult = parseEvidenceResult;
 exports.parseEvidenceVisibility = parseEvidenceVisibility;
 const evidence_1 = require("../evidence/evidence");
 const evidence_json_1 = require("./evidence-json");
+const evidence_lint_1 = require("../services/evidence-lint");
 const evidence_list_1 = require("../services/evidence-list");
+const evidence_migration_1 = require("../services/evidence-migration");
 const args_1 = require("./args");
 function handleEvidenceCommand(input) {
     const sub = input.args[1];
@@ -22,7 +24,7 @@ function handleEvidenceCommand(input) {
         }
         else {
             for (const record of report.records) {
-                console.log(`${record.time} | ${record.kind} | ${record.result} | ${record.visibility} | ${record.summary}`);
+                console.log(`${record.time} | ${(0, evidence_1.persistedEvidenceKind)(record)} | ${(0, evidence_1.persistedEvidenceResult)(record)} | ${record.visibility} | ${record.summary}`);
             }
             for (const issue of report.issues) {
                 console.log(`[${issue.severity}] ${issue.code}: ${issue.message}`);
@@ -32,6 +34,68 @@ function handleEvidenceCommand(input) {
             process.exitCode = 6;
         return true;
     }
+    if (sub === 'lint') {
+        const taskId = (0, args_1.getRequiredStringOption)(input.args, '--task');
+        const report = (0, evidence_lint_1.createEvidenceLintReport)(input.projectRoot, taskId);
+        if (input.jsonOutput) {
+            console.log(JSON.stringify(report, null, 2));
+        }
+        else {
+            console.log(`[HADARA] evidence lint ${taskId}: ${report.ok ? 'ok' : 'issues'}`);
+            for (const issue of report.issues) {
+                console.log(`[${issue.severity}] ${issue.code}: ${issue.message}`);
+            }
+        }
+        if (!report.ok)
+            process.exitCode = 6;
+        return true;
+    }
+    if (sub === 'migrate') {
+        const taskId = (0, args_1.getRequiredStringOption)(input.args, '--task');
+        const report = (0, evidence_migration_1.createEvidenceMigrationPreviewReport)({
+            projectRoot: input.projectRoot,
+            taskId,
+            toVersion: (0, args_1.getStringOption)(input.args, '--to', 'v2') ?? 'v2',
+            execute: (0, args_1.getFlag)(input.args, '--execute'),
+            beforeHash: (0, args_1.getStringOption)(input.args, '--before-hash')
+        });
+        if (input.jsonOutput) {
+            console.log(JSON.stringify(report, null, 2));
+        }
+        else {
+            const execution = report.mode === 'execute' ? ` | applied ${report.execution.applied ? 'yes' : 'no'}` : '';
+            console.log(`[HADARA] evidence migrate ${taskId}: ${report.ok ? 'ok' : 'issues'} | planned ${report.summary.plannedTransforms} | skipped ${report.summary.skippedRecords}${execution}`);
+            for (const issue of report.issues) {
+                console.log(`[${issue.severity}] ${issue.code}: ${issue.message}`);
+            }
+        }
+        if (!report.ok)
+            process.exitCode = 6;
+        return true;
+    }
+    if (sub === 'add-command') {
+        const taskId = (0, args_1.getRequiredStringOption)(input.args, '--task');
+        const summary = (0, args_1.getStringOption)(input.args, '--summary') ?? 'Command completed.';
+        const result = parseEvidenceResult((0, args_1.getStringOption)(input.args, '--result', 'unknown') ?? 'unknown');
+        const visibility = parseEvidenceVisibility((0, args_1.getStringOption)(input.args, '--visibility', 'public') ?? 'public', (0, args_1.getFlag)(input.args, '--private'));
+        if (input.jsonOutput) {
+            const report = (0, evidence_json_1.createEvidenceCollectReport)(input.projectRoot, {
+                taskId,
+                kind: 'command-log',
+                summary,
+                result,
+                visibility
+            });
+            console.log(JSON.stringify({ ...report, command: 'evidence.add-command' }, null, 2));
+            if (!report.ok)
+                process.exitCode = 6;
+        }
+        else {
+            const filePath = (0, evidence_1.appendEvidence)(input.projectRoot, { taskId, kind: 'command-log', summary, result, visibility });
+            console.log(`[HADARA] Command evidence updated: ${filePath}`);
+        }
+        return true;
+    }
     if (sub !== 'collect')
         return false;
     const taskId = (0, args_1.getRequiredStringOption)(input.args, '--task');