martin-loop 0.1.5 → 1.3.0

package/dist/vendor/core/index.js

@@ -13,7 +13,7 @@ export { runContextIntegrityPrecheck } from "./context-integrity.js";
 // ─── Prompt packet compiler ──────────────────────────────────────────────────
 export { compilePromptPacket } from "./compiler.js";
 // ─── Persistence (RunStore, LedgerEvent, FileRunStore) ──────────────────────
-export { createFileRunStore, makeLedgerEvent, resolveRunsRoot } from "./persistence/index.js";
+export { createFileRunStore, makeLedgerEvent, readAllLoopRecords, readLatestLoopRecord, readLatestLoopRecordFromFile, readLoopRecordsFromFile, resolveRunsRoot } from "./persistence/index.js";
 export { compileAndPersistContext } from "./persistence/index.js";
 /**
  * Admission gate — must pass before any attempt is executed.
@@ -129,6 +129,7 @@ export async function runMartin(input) {
             runId: loop.loopId,
             payload: { workspaceId: input.workspaceId, projectId: input.projectId }
         }));
+        await persistLoopRecordIfSupported(input.store, loop);
     }
     const DEFAULT_FALLBACK_MODELS = [
         "claude-haiku-4-5",
@@ -177,8 +178,10 @@ export async function runMartin(input) {
                 payload: createRunExitPayload(leashExitDecision)
             }));
         }
+        const finalizedLoop = finalizeLoop(loop, leashExitDecision, now(), idFactory);
+        await persistLoopRecordIfSupported(input.store, finalizedLoop);
         return {
-            loop: finalizeLoop(loop, leashExitDecision, now(), idFactory),
+            loop: finalizedLoop,
             decision: leashExitDecision
         };
     }
@@ -213,8 +216,10 @@ export async function runMartin(input) {
                 payload: createRunExitPayload(secretExitDecision)
             }));
         }
+        const finalizedLoop = finalizeLoop(loop, secretExitDecision, now(), idFactory);
+        await persistLoopRecordIfSupported(input.store, finalizedLoop);
         return {
-            loop: finalizeLoop(loop, secretExitDecision, now(), idFactory),
+            loop: finalizedLoop,
             decision: secretExitDecision
         };
     }
@@ -255,8 +260,10 @@ export async function runMartin(input) {
                     payload: createRunExitPayload(preflightExitDecision)
                 }));
             }
+            const finalizedLoop = finalizeLoop(loop, preflightExitDecision, now(), idFactory);
+            await persistLoopRecordIfSupported(input.store, finalizedLoop);
             return {
-                loop: finalizeLoop(loop, preflightExitDecision, now(), idFactory),
+                loop: finalizedLoop,
                 decision: preflightExitDecision
             };
         }
@@ -289,8 +296,10 @@ export async function runMartin(input) {
                     }
                 }));
             }
+            const finalizedLoop = finalizeLoop(loop, poisoningExitDecision, now(), idFactory);
+            await persistLoopRecordIfSupported(input.store, finalizedLoop);
             return {
-                loop: finalizeLoop(loop, poisoningExitDecision, now(), idFactory),
+                loop: finalizedLoop,
                 decision: poisoningExitDecision
             };
         }
@@ -344,8 +353,10 @@ export async function runMartin(input) {
                     payload: createRunExitPayload(exitDecision)
                 }));
             }
+            const finalizedLoop = finalizeLoop(loop, exitDecision, now(), idFactory);
+            await persistLoopRecordIfSupported(input.store, finalizedLoop);
             return {
-                loop: finalizeLoop(loop, exitDecision, now(), idFactory),
+                loop: finalizedLoop,
                 decision: exitDecision
             };
         }
@@ -641,8 +652,10 @@ export async function runMartin(input) {
                     payload: createRunExitPayload(verifyOnlyExitDecision)
                 }));
             }
+            const finalizedLoop = finalizeLoop(loop, verifyOnlyExitDecision, now(), idFactory);
+            await persistLoopRecordIfSupported(input.store, finalizedLoop);
             return {
-                loop: finalizeLoop(loop, verifyOnlyExitDecision, now(), idFactory),
+                loop: finalizedLoop,
                 decision: verifyOnlyExitDecision
             };
         }
@@ -714,8 +727,10 @@ export async function runMartin(input) {
                     payload: createRunExitPayload(filesystemExitDecision)
                 }));
             }
+            const finalizedLoop = finalizeLoop(loop, filesystemExitDecision, now(), idFactory);
+            await persistLoopRecordIfSupported(input.store, finalizedLoop);
             return {
-                loop: finalizeLoop(loop, filesystemExitDecision, now(), idFactory),
+                loop: finalizedLoop,
                 decision: filesystemExitDecision
             };
         }
@@ -789,8 +804,10 @@ export async function runMartin(input) {
                     payload: createRunExitPayload(approvalExitDecision)
                 }));
             }
+            const finalizedLoop = finalizeLoop(loop, approvalExitDecision, now(), idFactory);
+            await persistLoopRecordIfSupported(input.store, finalizedLoop);
             return {
-                loop: finalizeLoop(loop, approvalExitDecision, now(), idFactory),
+                loop: finalizedLoop,
                 decision: approvalExitDecision
             };
         }
@@ -926,8 +943,10 @@ export async function runMartin(input) {
                     payload: createRunExitPayload(patchExitDecision)
                 }));
             }
+            const finalizedLoop = finalizeLoop(loop, patchExitDecision, now(), idFactory);
+            await persistLoopRecordIfSupported(input.store, finalizedLoop);
             return {
-                loop: finalizeLoop(loop, patchExitDecision, now(), idFactory),
+                loop: finalizedLoop,
                 decision: patchExitDecision
             };
         }
@@ -970,8 +989,10 @@ export async function runMartin(input) {
                     payload: createRunExitPayload(decision)
                 }));
             }
+            const finalizedLoop = finalizeLoop(loop, decision, now(), idFactory);
+            await persistLoopRecordIfSupported(input.store, finalizedLoop);
             return {
-                loop: finalizeLoop(loop, decision, now(), idFactory),
+                loop: finalizedLoop,
                 decision
             };
         }
@@ -989,8 +1010,10 @@ export async function runMartin(input) {
             payload: createRunExitPayload(decision)
         }));
     }
+    const finalizedLoop = finalizeLoop(loop, decision, now(), idFactory);
+    await persistLoopRecordIfSupported(input.store, finalizedLoop);
     return {
-        loop: finalizeLoop(loop, decision, now(), idFactory),
+        loop: finalizedLoop,
         decision
     };
 }
@@ -1050,6 +1073,9 @@ function finalizeLoop(loop, decision, timestamp, idFactory) {
         updatedAt: timestamp
     };
 }
+async function persistLoopRecordIfSupported(store, loop) {
+    await store?.writeLoopRecord?.(loop.loopId, loop);
+}
 function getAdapterTransport(adapter) {
     return adapter.metadata.transport ?? (adapter.kind === "agent-cli" ? "cli" : "http");
 }

package/dist/vendor/core/learning/bayesian-update.d.ts

@@ -0,0 +1,31 @@
+/**
+ * Applies a single-step Bayesian update to a prior probability.
+ *
+ * Formula: posterior = (prior * likelihood) / normalizing_constant
+ *
+ * The normalizing constant ensures the result stays in [0, 1]:
+ *   Z = prior * likelihood + (1 - prior) * (1 - likelihood)
+ *
+ * This is the standard Beta-Bernoulli update for binary outcomes.
+ * - likelihood > 0.5 → positive evidence → posterior increases
+ * - likelihood < 0.5 → negative evidence → posterior decreases
+ * - likelihood = 0.5 → no information → posterior unchanged
+ *
+ * @param prior     Current prior probability (0.0 – 1.0)
+ * @param likelihood Likelihood of observation given the hypothesis (0.0 – 1.0)
+ * @returns Updated posterior probability (0.0 – 1.0)
+ */
+export declare function updatePriorBayesian(prior: number, likelihood: number): number;
+/**
+ * Applies a Bayesian update to a PriorSet's individual symbol priors
+ * using confidence deltas from the hypothesis ledger.
+ *
+ * confidenceDelta > 0 → validated evidence → likelihood = 0.5 + delta/2
+ * confidenceDelta < 0 → invalidated evidence → likelihood = 0.5 + delta/2
+ *
+ * @param priors     Symbol → prior probability map
+ * @param symbol     The specific symbol to update
+ * @param confidenceDelta  From hypothesis ledger (−1.0 to +1.0)
+ * @returns New priors map with updated value for symbol
+ */
+export declare function updateSymbolPrior(priors: Record<string, number>, symbol: string, confidenceDelta: number): Record<string, number>;

package/dist/vendor/core/learning/bayesian-update.js

@@ -0,0 +1,60 @@
+// ─── Bayesian Update ─────────────────────────────────────────────────────────
+/**
+ * Applies a single-step Bayesian update to a prior probability.
+ *
+ * Formula: posterior = (prior * likelihood) / normalizing_constant
+ *
+ * The normalizing constant ensures the result stays in [0, 1]:
+ *   Z = prior * likelihood + (1 - prior) * (1 - likelihood)
+ *
+ * This is the standard Beta-Bernoulli update for binary outcomes.
+ * - likelihood > 0.5 → positive evidence → posterior increases
+ * - likelihood < 0.5 → negative evidence → posterior decreases
+ * - likelihood = 0.5 → no information → posterior unchanged
+ *
+ * @param prior     Current prior probability (0.0 – 1.0)
+ * @param likelihood Likelihood of observation given the hypothesis (0.0 – 1.0)
+ * @returns Updated posterior probability (0.0 – 1.0)
+ */
+export function updatePriorBayesian(prior, likelihood) {
+    if (prior < 0 || prior > 1)
+        throw new Error(`prior must be in [0, 1], got ${prior}`);
+    if (likelihood < 0 || likelihood > 1)
+        throw new Error(`likelihood must be in [0, 1], got ${likelihood}`);
+    // P(H|E) = P(E|H) * P(H) / P(E)
+    // P(E) = P(E|H)*P(H) + P(E|¬H)*P(¬H)
+    const pEgivenH = likelihood;
+    const pEgivenNotH = 1 - likelihood;
+    const pH = prior;
+    const pNotH = 1 - prior;
+    const pE = pEgivenH * pH + pEgivenNotH * pNotH;
+    // Avoid division by zero (shouldn't happen with valid inputs)
+    if (pE === 0)
+        return prior;
+    return (pEgivenH * pH) / pE;
+}
+/**
+ * Applies a Bayesian update to a PriorSet's individual symbol priors
+ * using confidence deltas from the hypothesis ledger.
+ *
+ * confidenceDelta > 0 → validated evidence → likelihood = 0.5 + delta/2
+ * confidenceDelta < 0 → invalidated evidence → likelihood = 0.5 + delta/2
+ *
+ * @param priors     Symbol → prior probability map
+ * @param symbol     The specific symbol to update
+ * @param confidenceDelta  From hypothesis ledger (−1.0 to +1.0)
+ * @returns New priors map with updated value for symbol
+ */
+export function updateSymbolPrior(priors, symbol, confidenceDelta) {
+    const currentPrior = priors[symbol] ?? 0.5;
+    // Map confidenceDelta (−1..+1) to likelihood (0..1)
+    // delta=+1.0 → likelihood=1.0 (strong positive evidence)
+    // delta=0.0  → likelihood=0.5 (no information)
+    // delta=−1.0 → likelihood=0.0 (strong negative evidence)
+    const likelihood = Math.max(0, Math.min(1, 0.5 + confidenceDelta / 2));
+    return {
+        ...priors,
+        [symbol]: updatePriorBayesian(currentPrior, likelihood)
+    };
+}
+//# sourceMappingURL=bayesian-update.js.map

package/dist/vendor/core/learning/prior-sets.d.ts

@@ -0,0 +1,42 @@
+export type PromotionGate = "development" | "backtest" | "shadow" | "live";
+export interface PriorSet {
+    priorSetId: string;
+    taskClass: string;
+    version: number;
+    confidence: number;
+    priors: Record<string, number>;
+    lastUpdatedAt: string;
+    promotionGate: PromotionGate;
+    sampleCount: number;
+}
+export interface PriorStore {
+    priorSets: PriorSet[];
+}
+export interface CreatePriorSetInput {
+    priorSetId: string;
+    taskClass: string;
+    priors: Record<string, number>;
+}
+export declare function createPriorSet(input: CreatePriorSetInput): PriorSet;
+export declare function loadPriorStore(storeDir: string): Promise<PriorStore>;
+export declare function savePriorStore(store: PriorStore, storeDir: string): Promise<void>;
+/**
+ * Promotes a PriorSet to the next gate in the sequence.
+ * Gates must advance sequentially: development → backtest → shadow → live.
+ * Throws if the target gate is not the immediate next gate.
+ */
+export declare function promotePriorSet(priorSetId: string, targetGate: PromotionGate, storeDir: string): Promise<PriorSet>;
+/**
+ * Rolls back a PriorSet to the previous gate.
+ * Rollback is always available from any gate above development.
+ * Throws if already at development.
+ */
+export declare function rollbackPriorSet(priorSetId: string, storeDir: string): Promise<PriorSet>;
+/**
+ * Returns all PriorSets from the store.
+ */
+export declare function listPriorSets(storeDir: string): Promise<PriorSet[]>;
+/**
+ * Returns a single PriorSet by ID, or null if not found.
+ */
+export declare function getPriorSet(priorSetId: string, storeDir: string): Promise<PriorSet | null>;

package/dist/vendor/core/learning/prior-sets.js

@@ -0,0 +1,111 @@
+import { readFile, writeFile } from "node:fs/promises";
+import { existsSync } from "node:fs";
+import { join } from "node:path";
+// ─── Gate ordering ────────────────────────────────────────────────────────────
+const GATE_ORDER = ["development", "backtest", "shadow", "live"];
+function gateIndex(gate) {
+    return GATE_ORDER.indexOf(gate);
+}
+function nextGate(current) {
+    const idx = gateIndex(current);
+    return idx < GATE_ORDER.length - 1 ? GATE_ORDER[idx + 1] ?? null : null;
+}
+function prevGate(current) {
+    const idx = gateIndex(current);
+    return idx > 0 ? GATE_ORDER[idx - 1] ?? null : null;
+}
+// ─── Factory ──────────────────────────────────────────────────────────────────
+export function createPriorSet(input) {
+    const confidence = Object.keys(input.priors).length > 0
+        ? Object.values(input.priors).reduce((a, b) => a + b, 0) / Object.keys(input.priors).length
+        : 0;
+    return {
+        priorSetId: input.priorSetId,
+        taskClass: input.taskClass,
+        version: 1,
+        confidence,
+        priors: { ...input.priors },
+        lastUpdatedAt: new Date().toISOString(),
+        promotionGate: "development",
+        sampleCount: 0
+    };
+}
+// ─── Persistence ─────────────────────────────────────────────────────────────
+const STORE_FILE = "prior-sets.json";
+export async function loadPriorStore(storeDir) {
+    const path = join(storeDir, STORE_FILE);
+    if (!existsSync(path))
+        return { priorSets: [] };
+    const raw = await readFile(path, "utf8");
+    return JSON.parse(raw);
+}
+export async function savePriorStore(store, storeDir) {
+    await writeFile(join(storeDir, STORE_FILE), JSON.stringify(store, null, 2), "utf8");
+}
+// ─── Operations ───────────────────────────────────────────────────────────────
+/**
+ * Promotes a PriorSet to the next gate in the sequence.
+ * Gates must advance sequentially: development → backtest → shadow → live.
+ * Throws if the target gate is not the immediate next gate.
+ */
+export async function promotePriorSet(priorSetId, targetGate, storeDir) {
+    const store = await loadPriorStore(storeDir);
+    const idx = store.priorSets.findIndex(p => p.priorSetId === priorSetId);
+    if (idx === -1)
+        throw new Error(`PriorSet not found: ${priorSetId}`);
+    const current = store.priorSets[idx];
+    const expected = nextGate(current.promotionGate);
+    if (expected === null || targetGate !== expected) {
+        throw new Error(`Invalid promotion: ${current.promotionGate} → ${targetGate}. ` +
+            `Expected next gate: ${expected ?? "none (already at live)"}. Gates must advance sequentially.`);
+    }
+    const updated = {
+        ...current,
+        promotionGate: targetGate,
+        version: current.version + 1,
+        lastUpdatedAt: new Date().toISOString()
+    };
+    store.priorSets[idx] = updated;
+    await savePriorStore(store, storeDir);
+    return updated;
+}
+/**
+ * Rolls back a PriorSet to the previous gate.
+ * Rollback is always available from any gate above development.
+ * Throws if already at development.
+ */
+export async function rollbackPriorSet(priorSetId, storeDir) {
+    const store = await loadPriorStore(storeDir);
+    const idx = store.priorSets.findIndex(p => p.priorSetId === priorSetId);
+    if (idx === -1)
+        throw new Error(`PriorSet not found: ${priorSetId}`);
+    const current = store.priorSets[idx];
+    const prev = prevGate(current.promotionGate);
+    if (prev === null) {
+        throw new Error(`Cannot rollback ${priorSetId}: already at development gate.`);
+    }
+    const updated = {
+        ...current,
+        promotionGate: prev,
+        version: current.version + 1,
+        lastUpdatedAt: new Date().toISOString()
+    };
+    store.priorSets[idx] = updated;
+    await savePriorStore(store, storeDir);
+    return updated;
+}
+/**
+ * Returns all PriorSets from the store.
+ */
+export async function listPriorSets(storeDir) {
+    const store = await loadPriorStore(storeDir);
+    return store.priorSets;
+}
+/**
+ * Returns a single PriorSet by ID, or null if not found.
+ */
+export async function getPriorSet(priorSetId, storeDir) {
+    const store = await loadPriorStore(storeDir);
+    return store.priorSets.find(p => p.priorSetId === priorSetId) ?? null;
+}
+//# sourceMappingURL=prior-sets.js.map

package/dist/vendor/core/learning/promotion-gate.d.ts

@@ -0,0 +1,17 @@
+export interface GuardedPromotionInput {
+    candidateId: string;
+    holdoutPassed: number;
+    holdoutTotal: number;
+    regressionCount: number;
+    rollbackPlan: string;
+    humanApproved: boolean;
+    permanentChange: boolean;
+}
+export interface GuardedPromotionDecision {
+    candidateId: string;
+    decision: "promote" | "reject";
+    reasons: string[];
+    allowedClaimWording: string;
+    nonClaims: string[];
+}
+export declare function evaluateGuardedPromotion(input: GuardedPromotionInput): GuardedPromotionDecision;

package/dist/vendor/core/learning/promotion-gate.js

@@ -0,0 +1,23 @@
+export function evaluateGuardedPromotion(input) {
+    const reasons = [];
+    if (input.holdoutTotal <= 0 || input.holdoutPassed !== input.holdoutTotal) {
+        reasons.push("holdout suite did not pass completely");
+    }
+    if (input.regressionCount > 0) {
+        reasons.push("regressions detected");
+    }
+    if (input.rollbackPlan.trim().length === 0) {
+        reasons.push("rollback plan missing");
+    }
+    if (input.permanentChange && !input.humanApproved) {
+        reasons.push("human approval required for permanent change");
+    }
+    return {
+        candidateId: input.candidateId,
+        decision: reasons.length === 0 ? "promote" : "reject",
+        reasons,
+        allowedClaimWording: "guarded self-improvement candidate promotion only after holdout, rollback, and human approval gates pass.",
+        nonClaims: ["unqualified self-improving", "silent self-modification"]
+    };
+}
+//# sourceMappingURL=promotion-gate.js.map

package/dist/vendor/core/leash/blast-radius.d.ts

@@ -0,0 +1,42 @@
+/**
+ * Blast Radius Estimator — pre-execution risk scoring.
+ *
+ * Before any attempt runs, estimates the potential scope of impact (0–100)
+ * based on:
+ * - Objective language (refactor/migrate/delete keywords increase radius)
+ * - Known hotspot files in the likely path (files with regression history)
+ * - Repository size (larger repos have wider potential impact)
+ * - Files explicitly in scope (each hotspot-adjacent file adds risk)
+ *
+ * The router uses this score to gate high-risk tasks onto high-trust models.
+ * The CLI displays it in the pre-run Mission Brief.
+ */
+import type { RepoHotspot } from "../graph/hotspots.js";
+export interface BlastRadiusInput {
+    /** The task objective text, used for keyword analysis */
+    objective: string;
+    /** Absolute path to the repository root */
+    repoRoot: string;
+    /** Files the task has explicitly identified as targets (optional) */
+    currentFiles?: string[];
+    /** Hotspot data from MartinGraph.assembleHotspotContext() (optional) */
+    hotspots?: RepoHotspot[];
+}
+export interface BlastRadiusResult {
+    /** Risk score 0–100. >70 triggers high-trust route enforcement. */
+    score: number;
+    /** Files identified as likely to be touched based on scope + hotspot data */
+    filesAtRisk: string[];
+    /** Subset of filesAtRisk that have recorded regression history */
+    hotspotsInPath: string[];
+    /** Categorical risk label derived from score */
+    regressionRisk: "low" | "medium" | "high";
+    /** Human-readable explanation of what drove the score */
+    rationale: string;
+}
+/**
+ * Estimates the blast radius of a planned task before execution.
+ * Non-throwing: if directory reads fail, falls back gracefully with
+ * a conservative medium score.
+ */
+export declare function estimateBlastRadius(input: BlastRadiusInput): Promise<BlastRadiusResult>;

package/dist/vendor/core/leash/blast-radius.js

@@ -0,0 +1,156 @@
+/**
+ * Blast Radius Estimator — pre-execution risk scoring.
+ *
+ * Before any attempt runs, estimates the potential scope of impact (0–100)
+ * based on:
+ * - Objective language (refactor/migrate/delete keywords increase radius)
+ * - Known hotspot files in the likely path (files with regression history)
+ * - Repository size (larger repos have wider potential impact)
+ * - Files explicitly in scope (each hotspot-adjacent file adds risk)
+ *
+ * The router uses this score to gate high-risk tasks onto high-trust models.
+ * The CLI displays it in the pre-run Mission Brief.
+ */
+import { readdir } from "node:fs/promises";
+import { join } from "node:path";
+/** Keywords that strongly suggest broad file scope changes */
+const HIGH_BLAST_KEYWORDS = [
+    "refactor",
+    "migrate",
+    "restructure",
+    "rename",
+    "move",
+    "delete",
+    "remove all",
+    "overhaul",
+    "rewrite",
+    "reorganize",
+    "consolidate"
+];
+/** Keywords that suggest narrow, test-scoped changes (reduce risk) */
+const LOW_BLAST_KEYWORDS = [
+    "test",
+    "spec",
+    "fixture",
+    "mock",
+    "stub",
+    "snapshot",
+    "add test",
+    "write test"
+];
+/**
+ * Estimates the blast radius of a planned task before execution.
+ * Non-throwing: if directory reads fail, falls back gracefully with
+ * a conservative medium score.
+ */
+export async function estimateBlastRadius(input) {
+    const { objective, repoRoot, currentFiles = [], hotspots = [] } = input;
+    const objectiveLower = objective.toLowerCase();
+    const rationale = [];
+    let score = 10; // Every task has nonzero blast radius
+    // ── Keyword analysis ──────────────────────────────────────────────────────
+    const highKeywordsFound = HIGH_BLAST_KEYWORDS.filter((k) => objectiveLower.includes(k));
+    if (highKeywordsFound.length > 0) {
+        const delta = Math.min(25, highKeywordsFound.length * 12);
+        score += delta;
+        rationale.push(`Objective contains high-scope keywords: ${highKeywordsFound.join(", ")} (+${String(delta)})`);
+    }
+    const lowKeywordsFound = LOW_BLAST_KEYWORDS.filter((k) => objectiveLower.includes(k));
+    if (lowKeywordsFound.length > 0 && highKeywordsFound.length === 0) {
+        score -= 10;
+        rationale.push(`Objective is test-scoped (${lowKeywordsFound[0]}), reducing radius (-10)`);
+    }
+    // ── Repository size ───────────────────────────────────────────────────────
+    const repoFileCount = await countFiles(repoRoot);
+    if (repoFileCount > 500) {
+        score += 20;
+        rationale.push(`Large repository (${String(repoFileCount)} files, +20)`);
+    }
+    else if (repoFileCount > 100) {
+        score += 8;
+        rationale.push(`Medium repository (${String(repoFileCount)} files, +8)`);
+    }
+    // ── Hotspot overlap ───────────────────────────────────────────────────────
+    const filesAtRisk = [...currentFiles];
+    const hotspotsInPath = [];
+    // Add hotspot files that are likely in scope (high regression count)
+    const criticalHotspots = hotspots.filter((h) => h.regressionCount > 2);
+    for (const hotspot of criticalHotspots) {
+        const delta = 15;
+        score += delta;
+        hotspotsInPath.push(hotspot.file);
+        if (!filesAtRisk.includes(hotspot.file))
+            filesAtRisk.push(hotspot.file);
+        rationale.push(`Hotspot in path: ${hotspot.file} (${String(hotspot.regressionCount)} regressions, +${String(delta)})`);
+    }
+    // Files with any regression history add smaller penalty
+    const mildHotspots = hotspots.filter((h) => h.regressionCount > 0 && h.regressionCount <= 2);
+    for (const hotspot of mildHotspots) {
+        score += 5;
+        if (!filesAtRisk.includes(hotspot.file))
+            filesAtRisk.push(hotspot.file);
+    }
+    if (mildHotspots.length > 0) {
+        rationale.push(`${String(mildHotspots.length)} files with minor regression history (+${String(mildHotspots.length * 5)})`);
+    }
+    // ── Explicit files in scope ────────────────────────────────────────────────
+    if (currentFiles.length > 0) {
+        const adjacentHotspots = currentFiles.filter((f) => hotspots.some((h) => h.file === f && h.regressionCount > 0));
+        if (adjacentHotspots.length > 0) {
+            score += adjacentHotspots.length * 10;
+            rationale.push(`${String(adjacentHotspots.length)} explicitly targeted files have regression history (+${String(adjacentHotspots.length * 10)})`);
+        }
+    }
+    // ── Clamp and label ───────────────────────────────────────────────────────
+    const clampedScore = Math.max(0, Math.min(100, score));
+    const regressionRisk = clampedScore >= 70 ? "high" : clampedScore >= 40 ? "medium" : "low";
+    if (rationale.length === 0) {
+        rationale.push("No elevated risk signals detected");
+    }
+    return {
+        score: clampedScore,
+        filesAtRisk,
+        hotspotsInPath,
+        regressionRisk,
+        rationale: rationale.join("; ")
+    };
+}
+/**
+ * Counts source files in a directory (non-recursive for performance).
+ * Only counts .ts, .tsx, .js, .jsx, .py, .go, .rs files — not config/docs.
+ * Returns 0 on any error (missing dir, permission denied, etc.).
+ */
+async function countFiles(dir) {
+    const SOURCE_EXTENSIONS = new Set([
+        ".ts", ".tsx", ".js", ".jsx", ".py", ".go", ".rs", ".java", ".cs", ".rb"
+    ]);
+    async function countRecursive(current, depth) {
+        if (depth > 6)
+            return 0; // don't recurse into deep vendor trees
+        try {
+            const entries = await readdir(current, { withFileTypes: true });
+            let count = 0;
+            for (const entry of entries) {
+                if (entry.name.startsWith(".") || entry.name === "node_modules" || entry.name === "dist") {
+                    continue;
+                }
+                if (entry.isDirectory()) {
+                    count += await countRecursive(join(current, entry.name), depth + 1);
+                }
+                else if (SOURCE_EXTENSIONS.has(extname(entry.name))) {
+                    count += 1;
+                }
+            }
+            return count;
+        }
+        catch {
+            return 0;
+        }
+    }
+    return countRecursive(dir, 0);
+}
+function extname(name) {
+    const dot = name.lastIndexOf(".");
+    return dot >= 0 ? name.slice(dot) : "";
+}
+//# sourceMappingURL=blast-radius.js.map

package/dist/vendor/core/leash/policy-leash.d.ts

@@ -0,0 +1,31 @@
+import { type LeashInput, type PolicyResult } from "@martin/policy";
+import type { SafetyLeashDecision } from "../leash.js";
+export interface PolicyLeashOptions {
+    /** Explicit compiled policy path. Raw Rego fails closed inside @martin/policy. */
+    policyPath?: string;
+    /** Explicit compiled WASM policy path. Takes precedence over policyPath. */
+    policyWasmPath?: string;
+    /** Repository root used for .martin/policy.wasm discovery. */
+    repoRoot?: string;
+    timeoutMs?: number;
+}
+export interface PolicyDeniedInput {
+    surface: string;
+    command?: string | null;
+    path?: string;
+    value?: string | null;
+    reasons: string[];
+}
+export interface PolicyLeashVerdict {
+    allow: boolean;
+    reasons: string[];
+    deniedInputs: PolicyDeniedInput[];
+    inputsEvaluated: number;
+    source?: PolicyResult["source"];
+    policyPath?: string;
+    error?: string;
+}
+export type PolicyBackedSafetyLeashDecision = SafetyLeashDecision & {
+    policyVerdict: PolicyLeashVerdict;
+};
+export declare function applyPolicyToLeashDecision(decision: SafetyLeashDecision, inputs: LeashInput[], options?: PolicyLeashOptions): Promise<PolicyBackedSafetyLeashDecision>;