micro-contracts 0.9.0

package/dist/guardrails/drift.d.ts

@@ -0,0 +1,23 @@
+/**
+ * Drift detection for generated artifacts
+ *
+ * Verifies that generated files match the committed state after running generate.
+ */
+import type { DriftResult, CheckResult, CheckOptions } from './types.js';
+/**
+ * Check for drift in generated files
+ */
+export declare function checkDrift(generatedDir?: string): DriftResult;
+/**
+ * Check for uncommitted changes (including untracked files)
+ */
+export declare function checkUncommittedChanges(generatedDir?: string): DriftResult;
+/**
+ * Run drift check
+ */
+export declare function runDriftCheck(options: CheckOptions): Promise<CheckResult>;
+/**
+ * Format drift result for CLI output
+ */
+export declare function formatDriftResult(result: DriftResult): string;
+//# sourceMappingURL=drift.d.ts.map

package/dist/guardrails/drift.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"drift.d.ts","sourceRoot":"","sources":["../../src/guardrails/drift.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAEzE;;GAEG;AACH,wBAAgB,UAAU,CAAC,YAAY,GAAE,MAAoB,GAAG,WAAW,CAsB1E;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,YAAY,GAAE,MAAoB,GAAG,WAAW,CA6BvF;AAED;;GAEG;AACH,wBAAsB,aAAa,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,WAAW,CAAC,CA2C/E;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,WAAW,GAAG,MAAM,CAsB7D"}

package/dist/guardrails/drift.js

@@ -0,0 +1,127 @@
+/**
+ * Drift detection for generated artifacts
+ *
+ * Verifies that generated files match the committed state after running generate.
+ */
+import { execSync } from 'child_process';
+/**
+ * Check for drift in generated files
+ */
+export function checkDrift(generatedDir = 'packages/') {
+    try {
+        // Run git diff on the generated directory
+        const output = execSync(`git diff --name-only "${generatedDir}"`, {
+            encoding: 'utf8',
+            stdio: ['pipe', 'pipe', 'pipe'],
+        });
+        const changedFiles = output.trim().split('\n').filter(Boolean);
+        return {
+            valid: changedFiles.length === 0,
+            changedFiles,
+        };
+    }
+    catch (error) {
+        // Git command failed
+        return {
+            valid: false,
+            changedFiles: [],
+            error: error instanceof Error ? error.message : String(error),
+        };
+    }
+}
+/**
+ * Check for uncommitted changes (including untracked files)
+ */
+export function checkUncommittedChanges(generatedDir = 'packages/') {
+    try {
+        // Check for modified files
+        const modifiedOutput = execSync(`git diff --name-only "${generatedDir}"`, {
+            encoding: 'utf8',
+            stdio: ['pipe', 'pipe', 'pipe'],
+        });
+        // Check for untracked files
+        const untrackedOutput = execSync(`git ls-files --others --exclude-standard "${generatedDir}"`, {
+            encoding: 'utf8',
+            stdio: ['pipe', 'pipe', 'pipe'],
+        });
+        const modifiedFiles = modifiedOutput.trim().split('\n').filter(Boolean);
+        const untrackedFiles = untrackedOutput.trim().split('\n').filter(Boolean);
+        const allChangedFiles = [...modifiedFiles, ...untrackedFiles];
+        return {
+            valid: allChangedFiles.length === 0,
+            changedFiles: allChangedFiles,
+        };
+    }
+    catch (error) {
+        return {
+            valid: false,
+            changedFiles: [],
+            error: error instanceof Error ? error.message : String(error),
+        };
+    }
+}
+/**
+ * Run drift check
+ */
+export async function runDriftCheck(options) {
+    const start = Date.now();
+    const generatedDir = options.generatedDir || 'packages/';
+    try {
+        const result = checkUncommittedChanges(generatedDir);
+        if (result.error) {
+            return {
+                name: 'drift',
+                status: 'fail',
+                duration: Date.now() - start,
+                message: `Git error: ${result.error}`,
+            };
+        }
+        if (result.valid) {
+            return {
+                name: 'drift',
+                status: 'pass',
+                duration: Date.now() - start,
+                message: `No uncommitted changes in ${generatedDir}`,
+            };
+        }
+        const details = result.changedFiles.map(f => `  - ${f}`);
+        return {
+            name: 'drift',
+            status: 'fail',
+            duration: Date.now() - start,
+            message: `${result.changedFiles.length} file(s) have uncommitted changes`,
+            details,
+        };
+    }
+    catch (error) {
+        return {
+            name: 'drift',
+            status: 'fail',
+            duration: Date.now() - start,
+            message: error instanceof Error ? error.message : String(error),
+        };
+    }
+}
+/**
+ * Format drift result for CLI output
+ */
+export function formatDriftResult(result) {
+    const lines = [];
+    if (result.error) {
+        lines.push(`❌ Drift check failed: ${result.error}`);
+        return lines.join('\n');
+    }
+    if (result.valid) {
+        lines.push('✅ No drift detected - generated files match committed state');
+    }
+    else {
+        lines.push('❌ Generated code differs from committed code:\n');
+        for (const file of result.changedFiles) {
+            lines.push(`  - ${file}`);
+        }
+        lines.push('\n💡 Run `micro-contracts generate` to regenerate artifacts.');
+        lines.push('💡 Then commit the changes or verify they are expected.');
+    }
+    return lines.join('\n');
+}
+//# sourceMappingURL=drift.js.map

package/dist/guardrails/drift.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"drift.js","sourceRoot":"","sources":["../../src/guardrails/drift.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AAGzC;;GAEG;AACH,MAAM,UAAU,UAAU,CAAC,eAAuB,WAAW;IAC3D,IAAI,CAAC;QACH,0CAA0C;QAC1C,MAAM,MAAM,GAAG,QAAQ,CAAC,yBAAyB,YAAY,GAAG,EAAE;YAChE,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;SAChC,CAAC,CAAC;QAEH,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAE/D,OAAO;YACL,KAAK,EAAE,YAAY,CAAC,MAAM,KAAK,CAAC;YAChC,YAAY;SACb,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,qBAAqB;QACrB,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,YAAY,EAAE,EAAE;YAChB,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAC9D,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,uBAAuB,CAAC,eAAuB,WAAW;IACxE,IAAI,CAAC;QACH,2BAA2B;QAC3B,MAAM,cAAc,GAAG,QAAQ,CAAC,yBAAyB,YAAY,GAAG,EAAE;YACxE,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;SAChC,CAAC,CAAC;QAEH,4BAA4B;QAC5B,MAAM,eAAe,GAAG,QAAQ,CAAC,6CAA6C,YAAY,GAAG,EAAE;YAC7F,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;SAChC,CAAC,CAAC;QAEH,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACxE,MAAM,cAAc,GAAG,eAAe,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAC1E,MAAM,eAAe,GAAG,CAAC,GAAG,aAAa,EAAE,GAAG,cAAc,CAAC,CAAC;QAE9D,OAAO;YACL,KAAK,EAAE,eAAe,CAAC,MAAM,KAAK,CAAC;YACnC,YAAY,EAAE,eAAe;SAC9B,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO;YACL,KAAK,EAAE,KAAK;YACZ,YAAY,EAAE,EAAE;YAChB,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAC9D,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,OAAqB;IACvD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACzB,MAAM,YAAY,GAAG,OAAO,CAAC,YAAY,IAAI,WAAW,CAAC;IAEzD,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,uBAAuB,CAAC,YAAY,CAAC,CAAC;QAErD,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YACjB,OAAO;gBACL,IAAI,EAAE,OAAO;gBACb,MAAM,EAAE,MAAM;gBACd,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;gBAC5B,OAAO,EAAE,cAAc,MAAM,CAAC,KAAK,EAAE;aACtC,CAAC;QACJ,CAAC;QAED,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YACjB,OAAO;gBACL,IAAI,EAAE,OAAO;gBACb,MAAM,EAAE,MAAM;gBACd,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;gBAC5B,OAAO,EAAE,6BAA6B,YAAY,EAAE;aACrD,CAAC;QACJ,CAAC;QAED,MAAM,OAAO,GAAG,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAEzD,OAAO;YACL,IAAI,EAAE,OAAO;YACb,MAAM,EAAE,MAAM;YACd,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;YAC5B,OAAO,EAAE,GAAG,MAAM,CAAC,YAAY,CAAC,MAAM,mCAAmC;YACzE,OAAO;SACR,CAAC;IAEJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO;YACL,IAAI,EAAE,OAAO;YACb,MAAM,EAAE,MAAM;YACd,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;YAC5B,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAChE,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,MAAmB;IACnD,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,KAAK,CAAC,IAAI,CAAC,yBAAyB,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC;QACpD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QACjB,KAAK,CAAC,IAAI,CAAC,6DAA6D,CAAC,CAAC;IAC5E,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;QAE9D,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;YACvC,KAAK,CAAC,IAAI,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;QAC5B,CAAC;QAED,KAAK,CAAC,IAAI,CAAC,8DAA8D,CAAC,CAAC;QAC3E,KAAK,CAAC,IAAI,CAAC,yDAAyD,CAAC,CAAC;IACxE,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}

package/dist/guardrails/index.d.ts

@@ -0,0 +1,19 @@
+/**
+ * Guardrails module
+ *
+ * Provides AI-driven development guardrails for protecting generated artifacts
+ * and enforcing change policies.
+ */
+export type { GuardrailsConfig, ChecksConfig, CheckCommandConfig, AllowlistResult, AllowlistViolation, DriftResult, GeneratedManifest, GeneratedFileInfo, ManifestResult, ManifestMismatch, CheckOptions, CheckResult, CheckSummary, CheckDefinition, GateNumber, } from './types.js';
+export { DEFAULT_GUARDRAILS, findGuardrailsConfig, loadGuardrailsConfig, loadGuardrailsConfigWithPath, generateGuardrailsTemplate, createGuardrailsConfig, } from './config.js';
+export type { LoadedGuardrailsConfig } from './config.js';
+export { matchWithNegation, matchGlob, getChangedFiles, verifyAllowlist, runAllowlistCheck, formatAllowlistResult, } from './allowlist.js';
+export { checkDrift, checkUncommittedChanges, runDriftCheck, formatDriftResult, } from './drift.js';
+export { hashFile, getGeneratedFiles, generateManifest, writeManifest, loadManifest, verifyManifest, runManifestCheck, formatManifestResult, } from './manifest.js';
+export { findOpenAPISpecs, runLintCheck, } from './lint.js';
+export { findTsConfigs, runTypecheckCheck, } from './typecheck.js';
+export { checkMarkdownFile, findMarkdownFiles, runDocsCheck, } from './docs.js';
+export { getImplementedOverlays, checkSecurityConsistency, findOverlayDirs, runSecurityCheck, } from './security.js';
+export { runAllChecks, formatCheckResults, getAvailableChecks, GATE_DESCRIPTIONS, } from './runner.js';
+export type { CheckSummaryWithGates } from './runner.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/guardrails/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/guardrails/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,YAAY,EACV,gBAAgB,EAChB,YAAY,EACZ,kBAAkB,EAClB,eAAe,EACf,kBAAkB,EAClB,WAAW,EACX,iBAAiB,EACjB,iBAAiB,EACjB,cAAc,EACd,gBAAgB,EAChB,YAAY,EACZ,WAAW,EACX,YAAY,EACZ,eAAe,EACf,UAAU,GACX,MAAM,YAAY,CAAC;AAGpB,OAAO,EACL,kBAAkB,EAClB,oBAAoB,EACpB,oBAAoB,EACpB,4BAA4B,EAC5B,0BAA0B,EAC1B,sBAAsB,GACvB,MAAM,aAAa,CAAC;AAErB,YAAY,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAC;AAG1D,OAAO,EACL,iBAAiB,EACjB,SAAS,EACT,eAAe,EACf,eAAe,EACf,iBAAiB,EACjB,qBAAqB,GACtB,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EACL,UAAU,EACV,uBAAuB,EACvB,aAAa,EACb,iBAAiB,GAClB,MAAM,YAAY,CAAC;AAGpB,OAAO,EACL,QAAQ,EACR,iBAAiB,EACjB,gBAAgB,EAChB,aAAa,EACb,YAAY,EACZ,cAAc,EACd,gBAAgB,EAChB,oBAAoB,GACrB,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,gBAAgB,EAChB,YAAY,GACb,MAAM,WAAW,CAAC;AAGnB,OAAO,EACL,aAAa,EACb,iBAAiB,GAClB,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EACL,iBAAiB,EACjB,iBAAiB,EACjB,YAAY,GACb,MAAM,WAAW,CAAC;AAGnB,OAAO,EACL,sBAAsB,EACtB,wBAAwB,EACxB,eAAe,EACf,gBAAgB,GACjB,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,kBAAkB,EAClB,iBAAiB,GAClB,MAAM,aAAa,CAAC;AAErB,YAAY,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC"}

package/dist/guardrails/index.js

@@ -0,0 +1,25 @@
+/**
+ * Guardrails module
+ *
+ * Provides AI-driven development guardrails for protecting generated artifacts
+ * and enforcing change policies.
+ */
+// Config
+export { DEFAULT_GUARDRAILS, findGuardrailsConfig, loadGuardrailsConfig, loadGuardrailsConfigWithPath, generateGuardrailsTemplate, createGuardrailsConfig, } from './config.js';
+// Allowlist
+export { matchWithNegation, matchGlob, getChangedFiles, verifyAllowlist, runAllowlistCheck, formatAllowlistResult, } from './allowlist.js';
+// Drift
+export { checkDrift, checkUncommittedChanges, runDriftCheck, formatDriftResult, } from './drift.js';
+// Manifest
+export { hashFile, getGeneratedFiles, generateManifest, writeManifest, loadManifest, verifyManifest, runManifestCheck, formatManifestResult, } from './manifest.js';
+// Lint
+export { findOpenAPISpecs, runLintCheck, } from './lint.js';
+// Typecheck
+export { findTsConfigs, runTypecheckCheck, } from './typecheck.js';
+// Docs
+export { checkMarkdownFile, findMarkdownFiles, runDocsCheck, } from './docs.js';
+// Security
+export { getImplementedOverlays, checkSecurityConsistency, findOverlayDirs, runSecurityCheck, } from './security.js';
+// Check runner
+export { runAllChecks, formatCheckResults, getAvailableChecks, GATE_DESCRIPTIONS, } from './runner.js';
+//# sourceMappingURL=index.js.map

package/dist/guardrails/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/guardrails/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAqBH,SAAS;AACT,OAAO,EACL,kBAAkB,EAClB,oBAAoB,EACpB,oBAAoB,EACpB,4BAA4B,EAC5B,0BAA0B,EAC1B,sBAAsB,GACvB,MAAM,aAAa,CAAC;AAIrB,YAAY;AACZ,OAAO,EACL,iBAAiB,EACjB,SAAS,EACT,eAAe,EACf,eAAe,EACf,iBAAiB,EACjB,qBAAqB,GACtB,MAAM,gBAAgB,CAAC;AAExB,QAAQ;AACR,OAAO,EACL,UAAU,EACV,uBAAuB,EACvB,aAAa,EACb,iBAAiB,GAClB,MAAM,YAAY,CAAC;AAEpB,WAAW;AACX,OAAO,EACL,QAAQ,EACR,iBAAiB,EACjB,gBAAgB,EAChB,aAAa,EACb,YAAY,EACZ,cAAc,EACd,gBAAgB,EAChB,oBAAoB,GACrB,MAAM,eAAe,CAAC;AAEvB,OAAO;AACP,OAAO,EACL,gBAAgB,EAChB,YAAY,GACb,MAAM,WAAW,CAAC;AAEnB,YAAY;AACZ,OAAO,EACL,aAAa,EACb,iBAAiB,GAClB,MAAM,gBAAgB,CAAC;AAExB,OAAO;AACP,OAAO,EACL,iBAAiB,EACjB,iBAAiB,EACjB,YAAY,GACb,MAAM,WAAW,CAAC;AAEnB,WAAW;AACX,OAAO,EACL,sBAAsB,EACtB,wBAAwB,EACxB,eAAe,EACf,gBAAgB,GACjB,MAAM,eAAe,CAAC;AAEvB,eAAe;AACf,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,kBAAkB,EAClB,iBAAiB,GAClB,MAAM,aAAa,CAAC"}

package/dist/guardrails/lint.d.ts

@@ -0,0 +1,20 @@
+/**
+ * OpenAPI lint check for guardrails
+ *
+ * Supports both built-in linter and external command execution.
+ */
+import type { CheckResult, CheckOptions } from './types.js';
+/**
+ * Find OpenAPI spec files based on guardrails config or defaults
+ */
+export declare function findOpenAPISpecs(options: CheckOptions): Promise<string[]>;
+/**
+ * Run lint check on all OpenAPI specs
+ */
+export declare function runLintCheck(options: CheckOptions): Promise<CheckResult>;
+/**
+ * Run a custom command check (generic check execution)
+ * This is used for checks defined in guardrails.yaml
+ */
+export declare function runCustomCommandCheck(name: string, commandTemplate: string, options: CheckOptions): Promise<CheckResult>;
+//# sourceMappingURL=lint.d.ts.map

package/dist/guardrails/lint.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"lint.d.ts","sourceRoot":"","sources":["../../src/guardrails/lint.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAMH,OAAO,KAAK,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAO5D;;GAEG;AACH,wBAAsB,gBAAgB,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,CAuC/E;AAuDD;;GAEG;AACH,wBAAsB,YAAY,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,WAAW,CAAC,CAwB9E;AA8DD;;;GAGG;AACH,wBAAsB,qBAAqB,CACzC,IAAI,EAAE,MAAM,EACZ,eAAe,EAAE,MAAM,EACvB,OAAO,EAAE,YAAY,GACpB,OAAO,CAAC,WAAW,CAAC,CAwDtB"}

package/dist/guardrails/lint.js

@@ -0,0 +1,274 @@
+/**
+ * OpenAPI lint check for guardrails
+ *
+ * Supports both built-in linter and external command execution.
+ */
+import fs from 'fs';
+import yaml from 'js-yaml';
+import { spawn } from 'child_process';
+import { lintSpec } from '../generator/linter.js';
+import { loadGuardrailsConfig, loadGuardrailsConfigWithPath } from './config.js';
+import { glob } from 'glob';
+/**
+ * Find OpenAPI spec files based on guardrails config or defaults
+ */
+export async function findOpenAPISpecs(options) {
+    // Try to load guardrails config to find spec patterns
+    const config = loadGuardrailsConfig(options.guardrailsPath);
+    // Look for YAML files in spec directories - prioritize openapi/ subdirs
+    const defaultPatterns = [
+        'spec/**/openapi/*.yaml',
+        'spec/**/openapi/*.yml',
+    ];
+    const specFiles = [];
+    for (const pattern of defaultPatterns) {
+        const matches = await glob(pattern, {
+            ignore: [
+                '**/node_modules/**',
+                '**/*.overlay.yaml',
+                '**/spectral.yaml',
+                '**/.generated-manifest.json',
+                '**/_shared/**', // Exclude shared schemas
+            ],
+        });
+        // Filter to only OpenAPI specs (have openapi and paths fields)
+        for (const match of matches) {
+            try {
+                const content = fs.readFileSync(match, 'utf-8');
+                const doc = yaml.load(content);
+                // Must have both 'openapi' version and 'paths' to be a full spec
+                if (doc && typeof doc === 'object' && 'openapi' in doc && 'paths' in doc) {
+                    specFiles.push(match);
+                }
+            }
+            catch {
+                // Not a valid YAML or not an OpenAPI spec
+            }
+        }
+    }
+    return [...new Set(specFiles)]; // Deduplicate
+}
+/**
+ * Execute an external command and capture output
+ */
+async function executeCommand(command) {
+    return new Promise((resolve) => {
+        // Use shell to execute the full command string
+        // This allows complex commands like "cmd1 && cmd2" or commands with pipes
+        const child = spawn(command, [], {
+            shell: true,
+            stdio: ['ignore', 'pipe', 'pipe'],
+        });
+        let stdout = '';
+        let stderr = '';
+        child.stdout?.on('data', (data) => {
+            stdout += data.toString();
+        });
+        child.stderr?.on('data', (data) => {
+            stderr += data.toString();
+        });
+        child.on('close', (code) => {
+            resolve({ exitCode: code ?? 1, stdout, stderr });
+        });
+        child.on('error', (err) => {
+            resolve({ exitCode: 1, stdout: '', stderr: err.message });
+        });
+    });
+}
+/**
+ * Expand placeholders in command template
+ */
+function expandPlaceholders(command, context) {
+    let result = command;
+    if (context.files) {
+        result = result.replace(/\{files\}/g, context.files.join(' '));
+    }
+    if (context.cwd) {
+        result = result.replace(/\{cwd\}/g, context.cwd);
+    }
+    return result;
+}
+/**
+ * Run lint check on all OpenAPI specs
+ */
+export async function runLintCheck(options) {
+    const start = Date.now();
+    try {
+        // Load guardrails config to check for custom command
+        const { config } = loadGuardrailsConfigWithPath(options.guardrailsPath);
+        const lintConfig = config?.checks?.lint;
+        // If custom command is configured and enabled, use it
+        if (lintConfig?.command && lintConfig.enabled !== false) {
+            return await runExternalLintCheck(lintConfig.command, options, start);
+        }
+        // Otherwise, use built-in linter
+        return await runBuiltinLintCheck(options, start);
+    }
+    catch (error) {
+        return {
+            name: 'lint',
+            status: 'fail',
+            duration: Date.now() - start,
+            message: error instanceof Error ? error.message : String(error),
+        };
+    }
+}
+/**
+ * Run external lint command
+ */
+async function runExternalLintCheck(commandTemplate, options, start) {
+    // Find OpenAPI specs
+    const specFiles = await findOpenAPISpecs(options);
+    if (specFiles.length === 0) {
+        return {
+            name: 'lint',
+            status: 'skip',
+            duration: Date.now() - start,
+            message: 'No OpenAPI specs found',
+        };
+    }
+    // Expand placeholders
+    const command = expandPlaceholders(commandTemplate, {
+        files: specFiles,
+        cwd: process.cwd(),
+    });
+    if (options.verbose) {
+        console.log(`Running: ${command}`);
+    }
+    // Execute command
+    const { exitCode, stdout, stderr } = await executeCommand(command);
+    // Parse output for details
+    const output = (stdout + stderr).trim();
+    const lines = output.split('\n').filter(line => line.trim());
+    if (exitCode === 0) {
+        return {
+            name: 'lint',
+            status: 'pass',
+            duration: Date.now() - start,
+            message: `${specFiles.length} spec(s) passed lint`,
+            details: options.verbose && lines.length > 0 ? lines : undefined,
+        };
+    }
+    // Count errors and warnings from output
+    const errorCount = (output.match(/error/gi) || []).length;
+    const warningCount = (output.match(/warning/gi) || []).length;
+    return {
+        name: 'lint',
+        status: 'fail',
+        duration: Date.now() - start,
+        message: `Lint failed with ${errorCount} error(s), ${warningCount} warning(s)`,
+        details: lines.slice(0, 50), // Limit output
+    };
+}
+/**
+ * Run a custom command check (generic check execution)
+ * This is used for checks defined in guardrails.yaml
+ */
+export async function runCustomCommandCheck(name, commandTemplate, options) {
+    const start = Date.now();
+    try {
+        // Find OpenAPI specs for {files} placeholder
+        const specFiles = await findOpenAPISpecs(options);
+        // Expand placeholders
+        const command = expandPlaceholders(commandTemplate, {
+            files: specFiles.length > 0 ? specFiles : undefined,
+            cwd: process.cwd(),
+        });
+        if (options.verbose) {
+            console.log(`Running: ${command}`);
+        }
+        // Execute command
+        const { exitCode, stdout, stderr } = await executeCommand(command);
+        // Parse output for details
+        const output = (stdout + stderr).trim();
+        const lines = output.split('\n').filter(line => line.trim());
+        if (exitCode === 0) {
+            return {
+                name,
+                status: 'pass',
+                duration: Date.now() - start,
+                message: `${name} passed`,
+                details: options.verbose && lines.length > 0 ? lines : undefined,
+            };
+        }
+        // Count errors and warnings from output
+        const errorCount = (output.match(/error/gi) || []).length;
+        const warningCount = (output.match(/warning/gi) || []).length;
+        return {
+            name,
+            status: 'fail',
+            duration: Date.now() - start,
+            message: errorCount > 0 || warningCount > 0
+                ? `${name} failed with ${errorCount} error(s), ${warningCount} warning(s)`
+                : `${name} failed (exit code: ${exitCode})`,
+            details: lines.slice(0, 50), // Limit output
+        };
+    }
+    catch (error) {
+        return {
+            name,
+            status: 'fail',
+            duration: Date.now() - start,
+            message: error instanceof Error ? error.message : String(error),
+        };
+    }
+}
+/**
+ * Run built-in lint check
+ */
+async function runBuiltinLintCheck(options, start) {
+    // Find all OpenAPI specs
+    const specFiles = await findOpenAPISpecs(options);
+    if (specFiles.length === 0) {
+        return {
+            name: 'lint',
+            status: 'skip',
+            duration: Date.now() - start,
+            message: 'No OpenAPI specs found',
+        };
+    }
+    const allErrors = [];
+    const allWarnings = [];
+    let hasErrors = false;
+    for (const specFile of specFiles) {
+        try {
+            const content = fs.readFileSync(specFile, 'utf-8');
+            const spec = yaml.load(content);
+            const result = lintSpec(spec, { strict: false });
+            if (result.errors.length > 0) {
+                hasErrors = true;
+                for (const error of result.errors) {
+                    allErrors.push(`${specFile}: [${error.code}] ${error.message}`);
+                }
+            }
+            if (result.warnings.length > 0) {
+                for (const warning of result.warnings) {
+                    allWarnings.push(`${specFile}: [${warning.code}] ${warning.message}`);
+                }
+            }
+        }
+        catch (error) {
+            allErrors.push(`${specFile}: Failed to parse - ${error instanceof Error ? error.message : String(error)}`);
+            hasErrors = true;
+        }
+    }
+    if (hasErrors) {
+        return {
+            name: 'lint',
+            status: 'fail',
+            duration: Date.now() - start,
+            message: `${allErrors.length} error(s) in ${specFiles.length} spec(s)`,
+            details: options.verbose ? [...allErrors, ...allWarnings.map(w => `⚠️ ${w}`)] : allErrors,
+        };
+    }
+    return {
+        name: 'lint',
+        status: 'pass',
+        duration: Date.now() - start,
+        message: `${specFiles.length} spec(s) passed lint`,
+        details: options.verbose && allWarnings.length > 0
+            ? allWarnings.map(w => `⚠️ ${w}`)
+            : undefined,
+    };
+}
+//# sourceMappingURL=lint.js.map

package/dist/guardrails/lint.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"lint.js","sourceRoot":"","sources":["../../src/guardrails/lint.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,MAAM,IAAI,CAAC;AAEpB,OAAO,IAAI,MAAM,SAAS,CAAC;AAC3B,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AAEtC,OAAO,EAAE,QAAQ,EAAsC,MAAM,wBAAwB,CAAC;AAEtF,OAAO,EAAE,oBAAoB,EAAE,4BAA4B,EAAE,MAAM,aAAa,CAAC;AAEjF,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,OAAqB;IAC1D,sDAAsD;IACtD,MAAM,MAAM,GAAG,oBAAoB,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;IAE5D,wEAAwE;IACxE,MAAM,eAAe,GAAG;QACtB,wBAAwB;QACxB,uBAAuB;KACxB,CAAC;IAEF,MAAM,SAAS,GAAa,EAAE,CAAC;IAE/B,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;QACtC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE;YAClC,MAAM,EAAE;gBACN,oBAAoB;gBACpB,mBAAmB;gBACnB,kBAAkB;gBAClB,6BAA6B;gBAC7B,eAAe,EAAG,yBAAyB;aAC5C;SACF,CAAC,CAAC;QAEH,+DAA+D;QAC/D,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBAChD,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAA4B,CAAC;gBAC1D,iEAAiE;gBACjE,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,SAAS,IAAI,GAAG,IAAI,OAAO,IAAI,GAAG,EAAE,CAAC;oBACzE,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBACxB,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,0CAA0C;YAC5C,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,cAAc;AAChD,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,cAAc,CAAC,OAAe;IAC3C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,+CAA+C;QAC/C,0EAA0E;QAC1E,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,EAAE,EAAE,EAAE;YAC/B,KAAK,EAAE,IAAI;YACX,KAAK,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,CAAC;SAClC,CAAC,CAAC;QAEH,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,IAAI,MAAM,GAAG,EAAE,CAAC;QAEhB,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;YAChC,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC5B,CAAC,CAAC,CAAC;QAEH,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE;YAChC,MAAM,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAC5B,CAAC,CAAC,CAAC;QAEH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,IAAI,EAAE,EAAE;YACzB,OAAO,CAAC,EAAE,QAAQ,EAAE,IAAI,IAAI,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;YACxB,OAAO,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QAC5D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,OAAe,EAAE,OAG5C;IACC,IAAI,MAAM,GAAG,OAAO,CAAC;IAErB,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,YAAY,EAAE,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IACjE,CAAC;IAED,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC;IACnD,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,OAAqB;IACtD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAEzB,IAAI,CAAC;QACH,qDAAqD;QACrD,MAAM,EAAE,MAAM,EAAE,GAAG,4BAA4B,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;QACxE,MAAM,UAAU,GAAG,MAAM,EAAE,MAAM,EAAE,IAAI,CAAC;QAExC,sDAAsD;QACtD,IAAI,UAAU,EAAE,OAAO,IAAI,UAAU,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;YACxD,OAAO,MAAM,oBAAoB,CAAC,UAAU,CAAC,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;QACxE,CAAC;QAED,iCAAiC;QACjC,OAAO,MAAM,mBAAmB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAEnD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO;YACL,IAAI,EAAE,MAAM;YACZ,MAAM,EAAE,MAAM;YACd,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;YAC5B,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAChE,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,oBAAoB,CACjC,eAAuB,EACvB,OAAqB,EACrB,KAAa;IAEb,qBAAqB;IACrB,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAElD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3B,OAAO;YACL,IAAI,EAAE,MAAM;YACZ,MAAM,EAAE,MAAM;YACd,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;YAC5B,OAAO,EAAE,wBAAwB;SAClC,CAAC;IACJ,CAAC;IAED,sBAAsB;IACtB,MAAM,OAAO,GAAG,kBAAkB,CAAC,eAAe,EAAE;QAClD,KAAK,EAAE,SAAS;QAChB,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE;KACnB,CAAC,CAAC;IAEH,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,YAAY,OAAO,EAAE,CAAC,CAAC;IACrC,CAAC;IAED,kBAAkB;IAClB,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,CAAC;IAEnE,2BAA2B;IAC3B,MAAM,MAAM,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC;IACxC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;IAE7D,IAAI,QAAQ,KAAK,CAAC,EAAE,CAAC;QACnB,OAAO;YACL,IAAI,EAAE,MAAM;YACZ,MAAM,EAAE,MAAM;YACd,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;YAC5B,OAAO,EAAE,GAAG,SAAS,CAAC,MAAM,sBAAsB;YAClD,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;SACjE,CAAC;IACJ,CAAC;IAED,wCAAwC;IACxC,MAAM,UAAU,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;IAC1D,MAAM,YAAY,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;IAE9D,OAAO;QACL,IAAI,EAAE,MAAM;QACZ,MAAM,EAAE,MAAM;QACd,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;QAC5B,OAAO,EAAE,oBAAoB,UAAU,cAAc,YAAY,aAAa;QAC9E,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,eAAe;KAC7C,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,IAAY,EACZ,eAAuB,EACvB,OAAqB;IAErB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAEzB,IAAI,CAAC;QACH,6CAA6C;QAC7C,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAC;QAElD,sBAAsB;QACtB,MAAM,OAAO,GAAG,kBAAkB,CAAC,eAAe,EAAE;YAClD,KAAK,EAAE,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS;YACnD,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO,CAAC,GAAG,CAAC,YAAY,OAAO,EAAE,CAAC,CAAC;QACrC,CAAC;QAED,kBAAkB;QAClB,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,CAAC;QAEnE,2BAA2B;QAC3B,MAAM,MAAM,GAAG,CAAC,MAAM,GAAG,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC;QACxC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;QAE7D,IAAI,QAAQ,KAAK,CAAC,EAAE,CAAC;YACnB,OAAO;gBACL,IAAI;gBACJ,MAAM,EAAE,MAAM;gBACd,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;gBAC5B,OAAO,EAAE,GAAG,IAAI,SAAS;gBACzB,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS;aACjE,CAAC;QACJ,CAAC;QAED,wCAAwC;QACxC,MAAM,UAAU,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;QAC1D,MAAM,YAAY,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;QAE9D,OAAO;YACL,IAAI;YACJ,MAAM,EAAE,MAAM;YACd,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;YAC5B,OAAO,EAAE,UAAU,GAAG,CAAC,IAAI,YAAY,GAAG,CAAC;gBACzC,CAAC,CAAC,GAAG,IAAI,gBAAgB,UAAU,cAAc,YAAY,aAAa;gBAC1E,CAAC,CAAC,GAAG,IAAI,uBAAuB,QAAQ,GAAG;YAC7C,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,eAAe;SAC7C,CAAC;IAEJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO;YACL,IAAI;YACJ,MAAM,EAAE,MAAM;YACd,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;YAC5B,OAAO,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAChE,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,mBAAmB,CAAC,OAAqB,EAAE,KAAa;IACrE,yBAAyB;IACzB,MAAM,SAAS,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAC;IAElD,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC3B,OAAO;YACL,IAAI,EAAE,MAAM;YACZ,MAAM,EAAE,MAAM;YACd,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;YAC5B,OAAO,EAAE,wBAAwB;SAClC,CAAC;IACJ,CAAC;IAED,MAAM,SAAS,GAAa,EAAE,CAAC;IAC/B,MAAM,WAAW,GAAa,EAAE,CAAC;IACjC,IAAI,SAAS,GAAG,KAAK,CAAC;IAEtB,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QACjC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YACnD,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAgB,CAAC;YAE/C,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC,CAAC;YAEjD,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC7B,SAAS,GAAG,IAAI,CAAC;gBACjB,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;oBAClC,SAAS,CAAC,IAAI,CAAC,GAAG,QAAQ,MAAM,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;gBAClE,CAAC;YACH,CAAC;YAED,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC/B,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;oBACtC,WAAW,CAAC,IAAI,CAAC,GAAG,QAAQ,MAAM,OAAO,CAAC,IAAI,KAAK,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC;gBACxE,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,SAAS,CAAC,IAAI,CAAC,GAAG,QAAQ,uBAAuB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAC3G,SAAS,GAAG,IAAI,CAAC;QACnB,CAAC;IACH,CAAC;IAED,IAAI,SAAS,EAAE,CAAC;QACd,OAAO;YACL,IAAI,EAAE,MAAM;YACZ,MAAM,EAAE,MAAM;YACd,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;YAC5B,OAAO,EAAE,GAAG,SAAS,CAAC,MAAM,gBAAgB,SAAS,CAAC,MAAM,UAAU;YACtE,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,SAAS,EAAE,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS;SAC1F,CAAC;IACJ,CAAC;IAED,OAAO;QACL,IAAI,EAAE,MAAM;QACZ,MAAM,EAAE,MAAM;QACd,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;QAC5B,OAAO,EAAE,GAAG,SAAS,CAAC,MAAM,sBAAsB;QAClD,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC;YAChD,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC;YACjC,CAAC,CAAC,SAAS;KACd,CAAC;AACJ,CAAC"}

package/dist/guardrails/manifest.d.ts

@@ -0,0 +1,43 @@
+/**
+ * Generated artifact manifest management
+ *
+ * Creates and verifies manifests for generated files to detect tampering.
+ */
+import type { GeneratedManifest, ManifestResult, CheckResult, CheckOptions } from './types.js';
+/**
+ * Calculate SHA-256 hash of file content
+ */
+export declare function hashFile(filePath: string): string;
+/**
+ * Get all generated files in a directory
+ */
+export declare function getGeneratedFiles(baseDir: string, patterns?: string[]): Promise<string[]>;
+/**
+ * Generate manifest for a directory of generated files
+ */
+export declare function generateManifest(baseDir: string, options?: {
+    generatorVersion?: string;
+    sourceMap?: Map<string, string>;
+    patterns?: string[];
+}): Promise<GeneratedManifest>;
+/**
+ * Write manifest to file
+ */
+export declare function writeManifest(manifest: GeneratedManifest, baseDir: string): string;
+/**
+ * Load manifest from file
+ */
+export declare function loadManifest(baseDir: string): GeneratedManifest | null;
+/**
+ * Verify generated files against manifest
+ */
+export declare function verifyManifest(baseDir: string): Promise<ManifestResult>;
+/**
+ * Run manifest verification check
+ */
+export declare function runManifestCheck(options: CheckOptions): Promise<CheckResult>;
+/**
+ * Format manifest result for CLI output
+ */
+export declare function formatManifestResult(result: ManifestResult): string;
+//# sourceMappingURL=manifest.d.ts.map

package/dist/guardrails/manifest.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"manifest.d.ts","sourceRoot":"","sources":["../../src/guardrails/manifest.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAMH,OAAO,KAAK,EACV,iBAAiB,EAEjB,cAAc,EAEd,WAAW,EACX,YAAY,EACb,MAAM,YAAY,CAAC;AAQpB;;GAEG;AACH,wBAAgB,QAAQ,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAGjD;AAED;;GAEG;AACH,wBAAsB,iBAAiB,CACrC,OAAO,EAAE,MAAM,EACf,QAAQ,GAAE,MAAM,EAAa,GAC5B,OAAO,CAAC,MAAM,EAAE,CAAC,CAkBnB;AAED;;GAEG;AACH,wBAAsB,gBAAgB,CACpC,OAAO,EAAE,MAAM,EACf,OAAO,GAAE;IACP,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,SAAS,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;CAChB,GACL,OAAO,CAAC,iBAAiB,CAAC,CAmC5B;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,QAAQ,EAAE,iBAAiB,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,CAIlF;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,iBAAiB,GAAG,IAAI,CAatE;AAED;;GAEG;AACH,wBAAsB,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CA0D7E;AAED;;GAEG;AACH,wBAAsB,gBAAgB,CAAC,OAAO,EAAE,YAAY,GAAG,OAAO,CAAC,WAAW,CAAC,CAuDlF;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,cAAc,GAAG,MAAM,CAyBnE"}