hazo_collect 0.2.1

package/CHANGE_LOG.md

@@ -0,0 +1,44 @@
+# hazo_collect — Change Log
+
+## 0.2.1 — 2026-06-12
+
+### Test-app improvements (no API changes)
+
+- **Shadcn UI** — test-app upgraded from hand-rolled HTML to hazo_ui shadcn components: collapsible `SidebarLayout` (hazo_debug pattern), `Button`, `Table`, `Select`, `Card` across all pages
+- **Registry page** — `Button` (outline/sm + sm), `Table` family, `StatusBadge` for valid column
+- **Run page** — `Select` for plugin picker, `Card`/`CardContent` for RunResult, `Table` for recent runs, `StatusBadge` for status
+- **status_badge.tsx** — new shared pill helper (success / partial / failed / valid / invalid → green / yellow / red)
+- **Token wiring** — `globals.css` now imports `hazo_ui/dist/styles.css` at the correct depth and maps all shadcn HSL tokens via `@theme inline`
+- **Fix** — `assertThrows` callbacks in autotest scenarios made synchronous (3 callsites)
+
+## 0.2.0 — 2026-06-12
+
+### Phase 1 Core: Manager Vertical + Secrets + SDK
+
+First fully-functional vertical slice: discover a Node collector → run it in-process → write its
+own data via the shared adapter → persist the RunResult scorecard, health, and watermark.
+
+- **Contract versioning** — `src/contract-version.ts` exports `CONTRACT_VERSION = '1.0.0'`;
+  `contract_version` field stamped into `RunEnvelopeSchema` and `RunResultSchema`.
+- **hazo_secure/secrets** — new `SecretsProvider` interface + `EnvSecretsProvider` /
+  `StaticSecretsProvider` / `LookupSecretsProvider` impls + `SecretsError`
+  (`HAZO_SECURE_SECRET_NOT_FOUND`). `hazo_secure` bumped to v1.3.0.
+- **Node author SDK** (`hazo_collect/sdk`) — `defineCollector` / `defineSink` / `getCollector` /
+  `resetCollectorRegistry` Map-registry; `createHttpHelper` with exponential back-off + jitter.
+- **Node runtime adapter** (`src/runtime/node.ts`) — `nodeRuntime` builds `CollectorContext`
+  (`ctx.write` / `ctx.http` / `ctx.log` / `ctx.envelope`) and dispatches to the worker; worker
+  throws are captured, never re-thrown.
+- **Registry** (`src/registry/`) — `createInMemoryRegistry()` backed by SDK Map; `persistRegistry()`
+  upserts `hazo_collect_plugin_registry`, quarantines invalid manifests.
+- **Manager** (`src/manager/`) — `createManager()` 12-step pipeline: registry → validate → secrets →
+  watermark → envelope → run row → dispatch → assemble → update → watermark advance (success only)
+  → health upsert → return `DbResult<RunResult>`. Plugin-level failures never cause a rejected
+  promise. `hazo_secure` wired as optional peer dep `^1.3.0`.
+- **Exports** — `./server` now re-exports `createManager`, `nodeRuntime`, `createInMemoryRegistry`,
+  `persistRegistry`.
+- **Tests** — 68 tests green: 8 manager integration, 7 registry, 3 runtime, 17 SDK, 21 schema/
+  validation/write-adapter, 12 autotest scenarios (server + discover + runs_db).
+
+## 0.1.0 — 2026-06-11
+
+- Initial release.

package/README.md

@@ -0,0 +1,104 @@
+# hazo_collect
+
+Collector-manager engine for the Ocdata platform. Handles plugin discovery, contract validation, execution orchestration, result persistence, and watermark/health tracking.
+
+## Installation
+
+```bash
+npm install hazo_collect
+```
+
+Peer deps: `hazo_core`, `hazo_connect`. Optional: `hazo_secure` (for secrets injection).
+
+## Quick start
+
+### 1. Define a collector (SDK)
+
+```ts
+import { defineCollector } from 'hazo_collect/sdk';
+import { parseManifest } from 'hazo_collect';
+
+defineCollector({
+  manifest: parseManifest({
+    name: 'my_source',
+    kind: 'source',
+    version: '1.0.0',
+    runtime: 'node',
+    entry: './my_source.js',
+    idempotency_key: ['record_id'],
+  }),
+  async run(ctx) {
+    const rows = [{ record_id: 'r1', data: 'hello' }];
+    await ctx.write({ plugin: 'my_source', rows, idempotency_key: ['record_id'] });
+    return { records_fetched: rows.length, records_written: rows.length };
+  },
+});
+```
+
+### 2. Create a manager and run the collector
+
+```ts
+import { createManager, nodeRuntime, createInMemoryRegistry } from 'hazo_collect/server';
+
+const manager = createManager({
+  getHazoConnect: () => adapter,      // hazo_connect adapter
+  getCollector: name => registry.get(name),
+  runtime: nodeRuntime,
+});
+
+const result = await manager.runNow({ plugin: 'my_source' });
+// result.data: RunResult — status, records_fetched, records_written, errors, watermark
+```
+
+## API
+
+### `hazo_collect` (client-safe)
+
+| Export | Description |
+|---|---|
+| `CONTRACT_VERSION` | Current contract version string (`"1.0.0"`) |
+| `parseManifest(obj)` | Parse + validate a plugin manifest; throws `HazoValidationError` on invalid input |
+| `parseRunResult(obj)` | Parse + validate a `RunResult` object |
+| `parseRunEnvelope(obj)` | Parse + validate a `RunEnvelope`; applies defaults |
+| `validateInputs(manifest, payload)` | Validate run inputs against a manifest's JSON schema |
+
+### `hazo_collect/server`
+
+| Export | Description |
+|---|---|
+| `createManager(opts)` | Main orchestration pipeline — resolve → validate → run → persist |
+| `nodeRuntime` | Execution adapter for in-process Node.js collectors |
+| `createInMemoryRegistry()` | In-memory registry backed by the SDK Map |
+| `persistRegistry(adapter, manifests)` | Upsert manifests into `hazo_collect_plugin_registry`; quarantines invalid entries |
+| `discover(opts)` | Scan directories for `manifest.json` files and return parsed entries |
+| `createWriteAdapter(adapter, runId)` | Create a `ctx.write` function bound to a specific run |
+
+### `hazo_collect/sdk`
+
+| Export | Description |
+|---|---|
+| `defineCollector(def)` | Register a collector in the module-level registry |
+| `getCollector(name)` | Look up a registered collector by name |
+| `listCollectors()` | Return all registered collectors |
+| `defineSink(def)` | Register a sink (data destination) |
+| `getSink(name)` | Look up a registered sink |
+| `resetCollectorRegistry()` | Clear all registrations (test hygiene) |
+
+## Database tables
+
+Run migrations from `hazo_collect/ddl/sqlite.sql` (SQLite) or `hazo_collect/ddl/postgres.sql` (PostgreSQL):
+
+- `hazo_collect_plugin_registry` — discovered manifest catalogue with validity + quarantine info
+- `hazo_collect_plugin_runs` — per-run scorecard (status, records, contract_version, watermark)
+- `hazo_collect_plugin_health` — rolling health state (consecutive failures, last status)
+- `hazo_collect_landing` — idempotent landing zone for collector output rows
+
+## Tailwind v4 (`@source` required)
+
+```css
+@source "../node_modules/hazo_collect/dist";
+```
+
+## License
+
+MIT

package/SETUP_CHECKLIST.md

@@ -0,0 +1,112 @@
+# hazo_collect — Setup Checklist
+
+Follow these steps when adding hazo_collect to a consuming application.
+
+## 1. Install the package
+
+```bash
+npm install hazo_collect
+```
+
+Peer dependencies (install separately):
+```bash
+npm install hazo_core hazo_connect
+# Optional — needed for secrets injection:
+npm install hazo_secure
+```
+
+## 2. Run database migrations
+
+Apply the DDL for your database engine:
+
+```bash
+# SQLite
+sqlite3 your.db < node_modules/hazo_collect/ddl/sqlite.sql
+
+# PostgreSQL
+psql $DATABASE_URL -f node_modules/hazo_collect/ddl/postgres.sql
+```
+
+Tables created:
+- `hazo_collect_plugin_registry`
+- `hazo_collect_plugin_runs`
+- `hazo_collect_plugin_health`
+- `hazo_collect_landing`
+
+## 3. Register your collectors
+
+In your app's startup code (runs once, before the manager is called):
+
+```ts
+import { defineCollector } from 'hazo_collect/sdk';
+import { parseManifest } from 'hazo_collect';
+
+defineCollector({
+  manifest: parseManifest({
+    name: 'my_source',
+    kind: 'source',
+    version: '1.0.0',
+    runtime: 'node',
+    entry: './my_source.js',
+    idempotency_key: ['record_id'],
+  }),
+  async run(ctx) {
+    // ... fetch data and write via ctx.write(...)
+    return { records_fetched: 0, records_written: 0 };
+  },
+});
+```
+
+## 4. Wire up the manager
+
+```ts
+import { createManager, nodeRuntime, createInMemoryRegistry } from 'hazo_collect/server';
+
+const registry = createInMemoryRegistry();
+const manager = createManager({
+  getHazoConnect: () => hazoConnectAdapter,
+  getCollector: name => registry.get(name),
+  runtime: nodeRuntime,
+});
+```
+
+## 5. Expose API routes (Next.js example)
+
+```ts
+// app/api/collect/manager/run/route.ts
+import { createRunHandler } from 'hazo_collect/server';
+
+export const POST = createRunHandler({ getManager: () => manager });
+```
+
+Or call directly:
+
+```ts
+const result = await manager.runNow({ plugin: 'my_source' });
+```
+
+## 6. Optional: wire secrets (hazo_secure)
+
+```ts
+import { EnvSecretsProvider } from 'hazo_secure';
+
+const manager = createManager({
+  ...opts,
+  getSecretsProvider: () => new EnvSecretsProvider(),
+});
+```
+
+## 7. Tailwind v4: add `@source`
+
+In your CSS entry point:
+
+```css
+@source "../node_modules/hazo_collect/dist";
+```
+
+## 8. Verify
+
+```ts
+const result = await manager.runNow({ plugin: 'your_plugin_name' });
+console.log(result.data.status); // 'success' | 'partial' | 'failed'
+```

package/dist/ddl/postgres.sql

@@ -0,0 +1,78 @@
+-- hazo_collect — PostgreSQL DDL
+-- Consumers MAY copy this verbatim or wrap with their own role grants.
+-- Idempotent — safe to re-run.
+--
+-- Tables:
+--   hazo_collect_plugin_runs      — one row per plugin run (RunResult scorecard)
+--   hazo_collect_plugin_health    — latest health snapshot per plugin
+--   hazo_collect_plugin_registry  — discovered manifest catalogue
+--   hazo_collect_watermarks       — per-plugin incremental watermark
+--   hazo_collect_landing          — raw as-fetched payloads (idempotent on plugin+key)
+
+CREATE TABLE IF NOT EXISTS hazo_collect_plugin_runs (
+  id               UUID        PRIMARY KEY DEFAULT gen_random_uuid(),
+  plugin           TEXT        NOT NULL,
+  run_id           TEXT        NOT NULL UNIQUE,
+  kind             TEXT        NOT NULL CHECK (kind IN ('source', 'sink')),
+  started_at       TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+  completed_at     TIMESTAMPTZ,
+  status           TEXT        NOT NULL CHECK (status IN ('success', 'partial', 'failed', 'running')),
+  records_fetched  INT         NOT NULL DEFAULT 0,
+  records_written  INT         NOT NULL DEFAULT 0,
+  watermark        TEXT,
+  errors           JSONB       NOT NULL DEFAULT '[]'::jsonb,
+  metrics          JSONB,
+  correlation_id   TEXT,
+  env              TEXT,
+  contract_version TEXT
+);
+
+CREATE INDEX IF NOT EXISTS hazo_collect_plugin_runs_plugin_idx
+  ON hazo_collect_plugin_runs (plugin, started_at DESC);
+
+CREATE INDEX IF NOT EXISTS hazo_collect_plugin_runs_run_id_idx
+  ON hazo_collect_plugin_runs (run_id);
+
+CREATE TABLE IF NOT EXISTS hazo_collect_plugin_health (
+  plugin               TEXT        PRIMARY KEY,
+  last_success_at      TIMESTAMPTZ,
+  last_run_at          TIMESTAMPTZ,
+  last_status          TEXT,
+  state                TEXT        NOT NULL DEFAULT 'ok' CHECK (state IN ('ok', 'stale', 'failed')),
+  consecutive_failures INT         NOT NULL DEFAULT 0
+);
+
+CREATE TABLE IF NOT EXISTS hazo_collect_plugin_registry (
+  name              TEXT        PRIMARY KEY,
+  kind              TEXT        NOT NULL CHECK (kind IN ('source', 'sink')),
+  version           TEXT        NOT NULL,
+  runtime           TEXT        NOT NULL CHECK (runtime IN ('node', 'python')),
+  manifest          JSONB       NOT NULL,
+  source            TEXT        NOT NULL DEFAULT 'folder' CHECK (source IN ('folder', 'db')),
+  discovered_at     TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+  valid             BOOLEAN     NOT NULL DEFAULT TRUE,
+  quarantine_reason TEXT
+);
+
+CREATE TABLE IF NOT EXISTS hazo_collect_watermarks (
+  plugin      TEXT        PRIMARY KEY,
+  watermark   TEXT        NOT NULL,
+  updated_at  TIMESTAMPTZ NOT NULL DEFAULT NOW()
+);
+
+CREATE TABLE IF NOT EXISTS hazo_collect_landing (
+  id               UUID        PRIMARY KEY DEFAULT gen_random_uuid(),
+  plugin           TEXT        NOT NULL,
+  run_id           TEXT        NOT NULL,
+  idempotency_key  TEXT        NOT NULL,
+  payload          JSONB       NOT NULL,
+  fetched_at       TIMESTAMPTZ NOT NULL DEFAULT NOW(),
+  window_since     TEXT,
+  window_until     TEXT,
+  CONSTRAINT hazo_collect_landing_plugin_key UNIQUE (plugin, idempotency_key)
+);
+
+CREATE INDEX IF NOT EXISTS hazo_collect_landing_plugin_idx
+  ON hazo_collect_landing (plugin, fetched_at DESC);
+
+NOTIFY pgrst, 'reload schema';

package/dist/ddl/sqlite.sql

@@ -0,0 +1,75 @@
+-- hazo_collect — SQLite DDL
+-- Idempotent — safe to re-run.
+--
+-- SQLite companion to postgres.sql.
+-- Type mapping: UUID→TEXT, BOOLEAN→INTEGER(0/1), TIMESTAMPTZ→TEXT, JSONB→TEXT.
+--
+-- Tables:
+--   hazo_collect_plugin_runs
+--   hazo_collect_plugin_health
+--   hazo_collect_plugin_registry
+--   hazo_collect_watermarks
+--   hazo_collect_landing
+
+CREATE TABLE IF NOT EXISTS hazo_collect_plugin_runs (
+  id               TEXT    PRIMARY KEY,
+  plugin           TEXT    NOT NULL,
+  run_id           TEXT    NOT NULL UNIQUE,
+  kind             TEXT    NOT NULL CHECK (kind IN ('source', 'sink')),
+  started_at       TEXT    NOT NULL DEFAULT (datetime('now')),
+  completed_at     TEXT,
+  status           TEXT    NOT NULL CHECK (status IN ('success', 'partial', 'failed', 'running')),
+  records_fetched  INTEGER NOT NULL DEFAULT 0,
+  records_written  INTEGER NOT NULL DEFAULT 0,
+  watermark        TEXT,
+  errors           TEXT    NOT NULL DEFAULT '[]',
+  metrics          TEXT,
+  correlation_id   TEXT,
+  env              TEXT,
+  contract_version TEXT
+);
+
+CREATE INDEX IF NOT EXISTS hazo_collect_plugin_runs_plugin_idx
+  ON hazo_collect_plugin_runs (plugin, started_at DESC);
+
+CREATE TABLE IF NOT EXISTS hazo_collect_plugin_health (
+  plugin               TEXT    PRIMARY KEY,
+  last_success_at      TEXT,
+  last_run_at          TEXT,
+  last_status          TEXT,
+  state                TEXT    NOT NULL DEFAULT 'ok' CHECK (state IN ('ok', 'stale', 'failed')),
+  consecutive_failures INTEGER NOT NULL DEFAULT 0
+);
+
+CREATE TABLE IF NOT EXISTS hazo_collect_plugin_registry (
+  name              TEXT    PRIMARY KEY,
+  kind              TEXT    NOT NULL CHECK (kind IN ('source', 'sink')),
+  version           TEXT    NOT NULL,
+  runtime           TEXT    NOT NULL CHECK (runtime IN ('node', 'python')),
+  manifest          TEXT    NOT NULL,
+  source            TEXT    NOT NULL DEFAULT 'folder' CHECK (source IN ('folder', 'db')),
+  discovered_at     TEXT    NOT NULL DEFAULT (datetime('now')),
+  valid             INTEGER NOT NULL DEFAULT 1,
+  quarantine_reason TEXT
+);
+
+CREATE TABLE IF NOT EXISTS hazo_collect_watermarks (
+  plugin      TEXT    PRIMARY KEY,
+  watermark   TEXT    NOT NULL,
+  updated_at  TEXT    NOT NULL DEFAULT (datetime('now'))
+);
+
+CREATE TABLE IF NOT EXISTS hazo_collect_landing (
+  id               TEXT    PRIMARY KEY,
+  plugin           TEXT    NOT NULL,
+  run_id           TEXT    NOT NULL,
+  idempotency_key  TEXT    NOT NULL,
+  payload          TEXT    NOT NULL,
+  fetched_at       TEXT    NOT NULL DEFAULT (datetime('now')),
+  window_since     TEXT,
+  window_until     TEXT,
+  CONSTRAINT hazo_collect_landing_plugin_key UNIQUE (plugin, idempotency_key)
+);
+
+CREATE INDEX IF NOT EXISTS hazo_collect_landing_plugin_idx
+  ON hazo_collect_landing (plugin, fetched_at DESC);

package/dist/index-C47n5Xur.d.ts

@@ -0,0 +1,60 @@
+import { HazoCoreLogger } from 'hazo_core';
+import { M as Manifest, R as RunEnvelope } from './run-envelope-COvdsleR.js';
+import { DbResult, HazoConnectAdapter } from 'hazo_connect/server';
+
+interface LandingRow {
+    idempotency_key: string;
+    payload: unknown;
+    run_id: string;
+    window?: {
+        since?: string;
+        until?: string;
+    };
+}
+interface CanonicalTarget {
+    table: string;
+    keyCols: string[];
+    rows: Record<string, unknown>[];
+}
+interface WriteArgs {
+    plugin: string;
+    landing: LandingRow[];
+    canonical?: CanonicalTarget;
+}
+interface WriteResult {
+    landingWritten: number;
+    canonicalWritten: number;
+}
+interface WriteAdapter {
+    write(args: WriteArgs): Promise<DbResult<WriteResult>>;
+}
+declare function createWriteAdapter(adapter: HazoConnectAdapter): WriteAdapter;
+
+interface CollectorContext {
+    envelope: RunEnvelope;
+    write: WriteAdapter['write'];
+    http: (url: string | URL, init?: RequestInit) => Promise<Response>;
+    log: HazoCoreLogger;
+}
+type CollectorOutcome = {
+    status?: 'success' | 'partial' | 'failed';
+    records_fetched: number;
+    records_written: number;
+    watermark?: string;
+    metrics?: Record<string, number>;
+};
+type CollectorDefinition = {
+    manifest: Manifest;
+    run(ctx: CollectorContext): Promise<CollectorOutcome>;
+};
+type SinkDefinition = {
+    manifest: Manifest;
+};
+declare function defineCollector(def: CollectorDefinition): CollectorDefinition;
+declare function getCollector(name: string): CollectorDefinition | undefined;
+declare function listCollectors(): CollectorDefinition[];
+declare function defineSink(def: SinkDefinition): SinkDefinition;
+declare function getSink(name: string): SinkDefinition | undefined;
+declare function resetCollectorRegistry(): void;
+
+export { type CanonicalTarget as C, type LandingRow as L, type SinkDefinition as S, type WriteAdapter as W, type CollectorContext as a, type CollectorDefinition as b, type CollectorOutcome as c, type WriteArgs as d, type WriteResult as e, createWriteAdapter as f, defineCollector as g, defineSink as h, getCollector as i, getSink as j, listCollectors as l, resetCollectorRegistry as r };

package/dist/index.d.ts

@@ -0,0 +1,10 @@
+import { M as Manifest } from './run-envelope-COvdsleR.js';
+export { a as ManifestSchema, R as RunEnvelope, b as RunEnvelopeSchema, p as parseManifest, c as parseRunEnvelope } from './run-envelope-COvdsleR.js';
+export { R as RunError, a as RunResult, b as RunResultSchema, p as parseRunResult } from './run-result-qW7bJEZ-.js';
+import 'zod';
+
+declare const CONTRACT_VERSION = "1.0.0";
+
+declare function validateInputs(manifest: Manifest, payload: unknown): void;
+
+export { CONTRACT_VERSION, Manifest, validateInputs };

package/dist/index.js

@@ -0,0 +1,159 @@
+// src/contract-version.ts
+var CONTRACT_VERSION = "1.0.0";
+
+// src/schema/manifest.ts
+import { z } from "zod";
+import { fromZodValidation } from "hazo_core";
+var RetrySchema = z.object({
+  max: z.number().int().min(0).default(3),
+  backoff: z.enum(["exponential", "linear", "constant"]).default("exponential"),
+  base_ms: z.number().int().min(0).default(1e3),
+  jitter: z.boolean().default(true)
+});
+var ManifestSchema = z.object({
+  name: z.string().min(1),
+  kind: z.enum(["source", "sink"]),
+  version: z.string().min(1),
+  runtime: z.enum(["node", "python"]),
+  entry: z.string().min(1),
+  schedule: z.string().optional(),
+  timezone: z.string().default("UTC"),
+  timeout_sec: z.number().int().min(1).default(600),
+  concurrency: z.number().int().min(1).default(1),
+  retry: RetrySchema.optional(),
+  inputs: z.record(z.unknown()).optional(),
+  // JSON-Schema object
+  produces: z.array(z.string()).optional(),
+  consumes: z.array(z.string()).optional(),
+  secrets: z.array(z.string()).optional(),
+  idempotency_key: z.array(z.string()).min(1),
+  labels: z.record(z.string()).optional()
+});
+function parseManifest(input) {
+  const result = ManifestSchema.safeParse(input);
+  if (!result.success) {
+    throw fromZodValidation(result.error, {
+      pkg: "hazo_collect",
+      code: "HAZO_COLLECT_INVALID_MANIFEST"
+    });
+  }
+  return result.data;
+}
+
+// src/schema/run-result.ts
+import { z as z2 } from "zod";
+import { fromZodValidation as fromZodValidation2 } from "hazo_core";
+var RunErrorSchema = z2.object({
+  code: z2.string(),
+  message: z2.string(),
+  retryable: z2.boolean().optional(),
+  context: z2.unknown().optional()
+});
+var RunResultSchema = z2.object({
+  plugin: z2.string(),
+  run_id: z2.string(),
+  kind: z2.enum(["source", "sink"]),
+  started_at: z2.string(),
+  completed_at: z2.string(),
+  status: z2.enum(["success", "partial", "failed"]),
+  records_fetched: z2.number().int().min(0),
+  records_written: z2.number().int().min(0),
+  watermark: z2.string().optional(),
+  errors: z2.array(RunErrorSchema).default([]),
+  metrics: z2.record(z2.number()).optional(),
+  contract_version: z2.string().default(CONTRACT_VERSION)
+});
+function parseRunResult(input) {
+  const result = RunResultSchema.safeParse(input);
+  if (!result.success) {
+    throw fromZodValidation2(result.error, {
+      pkg: "hazo_collect",
+      code: "HAZO_COLLECT_INVALID_RUN_RESULT"
+    });
+  }
+  return result.data;
+}
+
+// src/schema/run-envelope.ts
+import { z as z3 } from "zod";
+import { fromZodValidation as fromZodValidation3 } from "hazo_core";
+var RunEnvelopeSchema = z3.object({
+  run_id: z3.string(),
+  correlation_id: z3.string(),
+  plugin: z3.string(),
+  inputs: z3.record(z3.unknown()).default({}),
+  secrets: z3.record(z3.string()).default({}),
+  window: z3.object({
+    since: z3.string().optional(),
+    until: z3.string().optional()
+  }).optional(),
+  attempt: z3.number().int().min(1).default(1),
+  contract_version: z3.string().default(CONTRACT_VERSION)
+});
+function parseRunEnvelope(input) {
+  const result = RunEnvelopeSchema.safeParse(input);
+  if (!result.success) {
+    throw fromZodValidation3(result.error, {
+      pkg: "hazo_collect",
+      code: "HAZO_COLLECT_INVALID_RUN_ENVELOPE"
+    });
+  }
+  return result.data;
+}
+
+// src/validate/inputs.ts
+import { Ajv } from "ajv";
+import { HazoValidationError } from "hazo_core";
+var ajv = new Ajv({ allErrors: true });
+function validateInputs(manifest, payload) {
+  if (!manifest.inputs) {
+    return;
+  }
+  const schemaIsValid = ajv.validateSchema(manifest.inputs);
+  if (!schemaIsValid) {
+    const issues = (ajv.errors ?? []).map((e) => ({
+      path: [e.instancePath || e.schemaPath],
+      message: e.message ?? "invalid schema"
+    }));
+    throw new HazoValidationError({
+      code: "HAZO_COLLECT_MALFORMED_MANIFEST",
+      pkg: "hazo_collect",
+      message: `manifest "${manifest.name}" has an invalid inputs JSON-Schema`,
+      issues
+    });
+  }
+  let validate;
+  try {
+    validate = ajv.compile(manifest.inputs);
+  } catch (err) {
+    throw new HazoValidationError({
+      code: "HAZO_COLLECT_MALFORMED_MANIFEST",
+      pkg: "hazo_collect",
+      message: `manifest "${manifest.name}" inputs schema could not be compiled: ${String(err)}`,
+      issues: []
+    });
+  }
+  const valid = validate(payload);
+  if (!valid) {
+    const issues = (validate.errors ?? []).map((e) => ({
+      path: [e.instancePath],
+      message: e.message ?? "validation failed"
+    }));
+    throw new HazoValidationError({
+      code: "HAZO_COLLECT_INVALID_INPUTS",
+      pkg: "hazo_collect",
+      message: `inputs for plugin "${manifest.name}" failed validation`,
+      issues
+    });
+  }
+}
+export {
+  CONTRACT_VERSION,
+  ManifestSchema,
+  RunEnvelopeSchema,
+  RunResultSchema,
+  parseManifest,
+  parseRunEnvelope,
+  parseRunResult,
+  validateInputs
+};