opensip-cli 0.1.7 → 0.1.9

package/dist/bootstrap/admit-tool-package.d.ts

@@ -21,12 +21,16 @@
  * not-yet-trusted package) pass `staticOnly: true` here and run the runtime
  * sections in a child-process probe instead.
  *
- * ADR-0054 transition: external runtimes still import in the host process until
- * the manifest/RPC contract can carry executable command specs across a worker
- * boundary. Every host-process import must therefore pass an explicit policy:
- * bundled imports are normal, non-bundled imports are named as temporary
- * `adr0054Transition` exceptions so the fitness check can keep the boundary
- * visible and narrow.
+ * ADR-0054 M4-G (capstone): external tool runtimes NEVER import in the host
+ * process. The capstone invariant is mechanized at the type level: a HOST import
+ * policy ({@link ToolRuntimeImportPolicy}) is `{ source: 'bundled' }` ONLY —
+ * `hostRuntimeImportPolicyFor` accepts only `'bundled'`, so a non-bundled host
+ * import is a COMPILE error, not a runtime guard. The forked dispatch worker (the
+ * isolation boundary) imports the untrusted external runtime via the distinct
+ * {@link workerRuntimeImportPolicyFor} (`{ source, inDispatchWorker: true }`),
+ * named for what it is. The host registers a manifest-derived synthetic Tool for
+ * external provenance (see `synthesize-external-tool.ts`) and never loads its
+ * runtime; the worker imports it when a command dispatches.
  */
 import { type RawToolPluginManifest, type Tool, type ToolPluginManifest, type ToolProvenance, type ToolSource } from '@opensip-cli/core';
 /**
@@ -44,13 +48,44 @@ export type ToolRuntimeLoad = {
     readonly reason: 'no-entry' | 'invalid-shape' | 'import-failed';
     readonly detail?: string;
 };
-export type ToolRuntimeImportPolicy = {
+/**
+ * The HOST import policy (ADR-0054 M4-G capstone). A host-process tool runtime
+ * import is `{ source: 'bundled' }` ONLY — bundled tools are the trusted
+ * computing base. External provenance can NOT produce a host policy: the type
+ * makes the external host-import unrepresentable (a compile error), not merely a
+ * runtime guard. External runtimes load only behind the worker boundary (see
+ * {@link WorkerRuntimeImportPolicy}).
+ */
+export interface ToolRuntimeImportPolicy {
     readonly source: 'bundled';
-} | {
+}
+/**
+ * The WORKER import policy (ADR-0054 M4-G). Inside the forked dispatch worker —
+ * the isolation boundary — importing the untrusted external runtime IS the goal.
+ * A worker import is either the bundled host policy (the worker re-runs the same
+ * bootstrap, which imports bundled tools too) or the named external worker policy
+ * (`{ source, inDispatchWorker: true }`). It is constructed ONLY by
+ * {@link workerRuntimeImportPolicyFor} on the worker-owned discovery path; the
+ * fitness check confines its use to the worker plane.
+ */
+export type WorkerRuntimeImportPolicy = ToolRuntimeImportPolicy | {
     readonly source: Exclude<ToolSource, 'bundled'>;
-    readonly adr0054Transition: true;
+    readonly inDispatchWorker: true;
 };
-export declare function hostRuntimeImportPolicyFor(source: ToolSource): ToolRuntimeImportPolicy;
+/**
+ * The bundled-only HOST import policy constructor. Accepts ONLY `'bundled'` — a
+ * `hostRuntimeImportPolicyFor('installed')` is a COMPILE error (the capstone
+ * invariant, type-enforced). External provenance never reaches a host import.
+ */
+export declare function hostRuntimeImportPolicyFor(source: 'bundled'): ToolRuntimeImportPolicy;
+/**
+ * The WORKER import policy constructor (ADR-0054 M4-G). Used ONLY on the
+ * worker-owned discovery path (inside the forked `__tool-command-worker`, gated
+ * on `OPENSIP_CLI_IN_TOOL_WORKER`). A bundled source produces the plain host
+ * policy; an external source produces the named `inDispatchWorker` policy — the
+ * legitimate place untrusted external runtime loads.
+ */
+export declare function workerRuntimeImportPolicyFor(source: ToolSource): WorkerRuntimeImportPolicy;
 /**
  * Resolve a tool package's entry, DYNAMIC-IMPORT it, and validate the exported
  * `tool` shape. This is the ONE runtime-load path every installation source
@@ -61,9 +96,14 @@ export declare function hostRuntimeImportPolicyFor(source: ToolSource): ToolRunt
  * module-resolution path still loads. A third-party tool is an untrusted
  * boundary, so `isValidTool` gates the exported symbol before it is touched.
  *
+ * ADR-0054 M4-G: the `policy` is `{ source: 'bundled' }` for a HOST import or the
+ * `inDispatchWorker` worker policy for an external import inside the dispatch
+ * worker. A bare external source can no longer be expressed (the type forbids it);
+ * the runtime check is defense-in-depth.
+ *
  * Never throws: returns a discriminated result the caller acts on.
  */
-export declare function importToolRuntime(dir: string, policy: ToolRuntimeImportPolicy): Promise<ToolRuntimeLoad>;
+export declare function importToolRuntime(dir: string, policy: WorkerRuntimeImportPolicy): Promise<ToolRuntimeLoad>;
 /** The named conformance sections of the admission pipeline, in run order. */
 export type AdmissionSection = 'manifest' | 'compatibility' | 'runtime-load' | 'tool-shape' | 'manifest-runtime-coherence';
 /** One section's verdict. `diagnostic` is present on failure (and only then). */

package/dist/bootstrap/admit-tool-package.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"admit-tool-package.d.ts","sourceRoot":"","sources":["../../src/bootstrap/admit-tool-package.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAIH,OAAO,EAKL,KAAK,qBAAqB,EAC1B,KAAK,IAAI,EACT,KAAK,kBAAkB,EACvB,KAAK,cAAc,EACnB,KAAK,UAAU,EAChB,MAAM,mBAAmB,CAAC;AAI3B;;;;;;GAMG;AACH,MAAM,MAAM,eAAe,GACvB;IAAE,QAAQ,CAAC,EAAE,EAAE,IAAI,CAAC;IAAC,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAA;CAAE,GAC1C;IACE,QAAQ,CAAC,EAAE,EAAE,KAAK,CAAC;IACnB,QAAQ,CAAC,MAAM,EAAE,UAAU,GAAG,eAAe,GAAG,eAAe,CAAC;IAChE,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;CAC1B,CAAC;AAEN,MAAM,MAAM,uBAAuB,GAC/B;IAAE,QAAQ,CAAC,MAAM,EAAE,SAAS,CAAA;CAAE,GAC9B;IACE,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;IAChD,QAAQ,CAAC,iBAAiB,EAAE,IAAI,CAAC;CAClC,CAAC;AAEN,wBAAgB,0BAA0B,CAAC,MAAM,EAAE,UAAU,GAAG,uBAAuB,CAGtF;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,iBAAiB,CACrC,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,uBAAuB,GAC9B,OAAO,CAAC,eAAe,CAAC,CAgC1B;AAED,8EAA8E;AAC9E,MAAM,MAAM,gBAAgB,GACxB,UAAU,GACV,eAAe,GACf,cAAc,GACd,YAAY,GACZ,4BAA4B,CAAC;AAEjC,iFAAiF;AACjF,MAAM,WAAW,sBAAsB;IACrC,QAAQ,CAAC,OAAO,EAAE,gBAAgB,CAAC;IACnC,QAAQ,CAAC,EAAE,EAAE,OAAO,CAAC;IACrB,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED;;;;;;GAMG;AACH,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,EAAE,EAAE,OAAO,CAAC;IACrB,QAAQ,CAAC,QAAQ,EAAE,SAAS,sBAAsB,EAAE,CAAC;IACrD;;;;OAIG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,qBAAqB,CAAC;IAC7C,4EAA4E;IAC5E,QAAQ,CAAC,QAAQ,CAAC,EAAE,kBAAkB,CAAC;IACvC,oDAAoD;IACpD,QAAQ,CAAC,UAAU,CAAC,EAAE,cAAc,CAAC;IACrC,0EAA0E;IAC1E,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,CAAC;IACrB,gEAAgE;IAChE,QAAQ,CAAC,qBAAqB,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,aAAa,CAAC;IAClE,+EAA+E;IAC/E,QAAQ,CAAC,iBAAiB,CAAC,EAAE,UAAU,GAAG,eAAe,GAAG,eAAe,CAAC;IAC5E,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IACpC;;;;OAIG;IACH,QAAQ,CAAC,cAAc,CAAC,EAAE,OAAO,CAAC;CACnC;AAED,yCAAyC;AACzC,MAAM,WAAW,uBAAuB;IACtC,+EAA+E;IAC/E,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,MAAM,EAAE,UAAU,CAAC;IAC5B,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,6EAA6E;IAC7E,QAAQ,CAAC,mBAAmB,EAAE,OAAO,CAAC;IACtC;;;;;OAKG;IACH,QAAQ,CAAC,UAAU,CAAC,EAAE,OAAO,CAAC;CAC/B;AAED;;;;GAIG;AACH,wBAAsB,gBAAgB,CAAC,IAAI,EAAE,uBAAuB,GAAG,OAAO,CAAC,eAAe,CAAC,CAiH9F"}
+{"version":3,"file":"admit-tool-package.d.ts","sourceRoot":"","sources":["../../src/bootstrap/admit-tool-package.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AAIH,OAAO,EAKL,KAAK,qBAAqB,EAC1B,KAAK,IAAI,EACT,KAAK,kBAAkB,EACvB,KAAK,cAAc,EACnB,KAAK,UAAU,EAChB,MAAM,mBAAmB,CAAC;AAI3B;;;;;;GAMG;AACH,MAAM,MAAM,eAAe,GACvB;IAAE,QAAQ,CAAC,EAAE,EAAE,IAAI,CAAC;IAAC,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAA;CAAE,GAC1C;IACE,QAAQ,CAAC,EAAE,EAAE,KAAK,CAAC;IACnB,QAAQ,CAAC,MAAM,EAAE,UAAU,GAAG,eAAe,GAAG,eAAe,CAAC;IAChE,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;CAC1B,CAAC;AAEN;;;;;;;GAOG;AACH,MAAM,WAAW,uBAAuB;IACtC,QAAQ,CAAC,MAAM,EAAE,SAAS,CAAC;CAC5B;AAED;;;;;;;;GAQG;AACH,MAAM,MAAM,yBAAyB,GACjC,uBAAuB,GACvB;IACE,QAAQ,CAAC,MAAM,EAAE,OAAO,CAAC,UAAU,EAAE,SAAS,CAAC,CAAC;IAChD,QAAQ,CAAC,gBAAgB,EAAE,IAAI,CAAC;CACjC,CAAC;AAEN;;;;GAIG;AACH,wBAAgB,0BAA0B,CAAC,MAAM,EAAE,SAAS,GAAG,uBAAuB,CAErF;AAED;;;;;;GAMG;AACH,wBAAgB,4BAA4B,CAAC,MAAM,EAAE,UAAU,GAAG,yBAAyB,CAG1F;AAOD;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAsB,iBAAiB,CACrC,GAAG,EAAE,MAAM,EACX,MAAM,EAAE,yBAAyB,GAChC,OAAO,CAAC,eAAe,CAAC,CAgC1B;AAED,8EAA8E;AAC9E,MAAM,MAAM,gBAAgB,GACxB,UAAU,GACV,eAAe,GACf,cAAc,GACd,YAAY,GACZ,4BAA4B,CAAC;AAEjC,iFAAiF;AACjF,MAAM,WAAW,sBAAsB;IACrC,QAAQ,CAAC,OAAO,EAAE,gBAAgB,CAAC;IACnC,QAAQ,CAAC,EAAE,EAAE,OAAO,CAAC;IACrB,QAAQ,CAAC,UAAU,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED;;;;;;GAMG;AACH,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,EAAE,EAAE,OAAO,CAAC;IACrB,QAAQ,CAAC,QAAQ,EAAE,SAAS,sBAAsB,EAAE,CAAC;IACrD;;;;OAIG;IACH,QAAQ,CAAC,WAAW,CAAC,EAAE,qBAAqB,CAAC;IAC7C,4EAA4E;IAC5E,QAAQ,CAAC,QAAQ,CAAC,EAAE,kBAAkB,CAAC;IACvC,oDAAoD;IACpD,QAAQ,CAAC,UAAU,CAAC,EAAE,cAAc,CAAC;IACrC,0EAA0E;IAC1E,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,CAAC;IACrB,gEAAgE;IAChE,QAAQ,CAAC,qBAAqB,CAAC,EAAE,OAAO,GAAG,MAAM,GAAG,aAAa,CAAC;IAClE,+EAA+E;IAC/E,QAAQ,CAAC,iBAAiB,CAAC,EAAE,UAAU,GAAG,eAAe,GAAG,eAAe,CAAC;IAC5E,QAAQ,CAAC,iBAAiB,CAAC,EAAE,MAAM,CAAC;IACpC;;;;OAIG;IACH,QAAQ,CAAC,cAAc,CAAC,EAAE,OAAO,CAAC;CACnC;AAED,yCAAyC;AACzC,MAAM,WAAW,uBAAuB;IACtC,+EAA+E;IAC/E,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,MAAM,EAAE,UAAU,CAAC;IAC5B,QAAQ,CAAC,WAAW,CAAC,EAAE,MAAM,CAAC;IAC9B,6EAA6E;IAC7E,QAAQ,CAAC,mBAAmB,EAAE,OAAO,CAAC;IACtC;;;;;OAKG;IACH,QAAQ,CAAC,UAAU,CAAC,EAAE,OAAO,CAAC;CAC/B;AAED;;;;GAIG;AACH,wBAAsB,gBAAgB,CAAC,IAAI,EAAE,uBAAuB,GAAG,OAAO,CAAC,eAAe,CAAC,CAuH9F"}

package/dist/bootstrap/admit-tool-package.js

@@ -21,20 +21,43 @@
  * not-yet-trusted package) pass `staticOnly: true` here and run the runtime
  * sections in a child-process probe instead.
  *
- * ADR-0054 transition: external runtimes still import in the host process until
- * the manifest/RPC contract can carry executable command specs across a worker
- * boundary. Every host-process import must therefore pass an explicit policy:
- * bundled imports are normal, non-bundled imports are named as temporary
- * `adr0054Transition` exceptions so the fitness check can keep the boundary
- * visible and narrow.
+ * ADR-0054 M4-G (capstone): external tool runtimes NEVER import in the host
+ * process. The capstone invariant is mechanized at the type level: a HOST import
+ * policy ({@link ToolRuntimeImportPolicy}) is `{ source: 'bundled' }` ONLY —
+ * `hostRuntimeImportPolicyFor` accepts only `'bundled'`, so a non-bundled host
+ * import is a COMPILE error, not a runtime guard. The forked dispatch worker (the
+ * isolation boundary) imports the untrusted external runtime via the distinct
+ * {@link workerRuntimeImportPolicyFor} (`{ source, inDispatchWorker: true }`),
+ * named for what it is. The host registers a manifest-derived synthetic Tool for
+ * external provenance (see `synthesize-external-tool.ts`) and never loads its
+ * runtime; the worker imports it when a command dispatches.
  */
 import { pathToFileURL } from 'node:url';
 import { admitTool, assertManifestMatchesTool, loadToolManifest, readToolPackageMetadata, } from '@opensip-cli/core';
 import { isValidTool, toolValidationFailure } from './validate-tool.js';
+/**
+ * The bundled-only HOST import policy constructor. Accepts ONLY `'bundled'` — a
+ * `hostRuntimeImportPolicyFor('installed')` is a COMPILE error (the capstone
+ * invariant, type-enforced). External provenance never reaches a host import.
+ */
 export function hostRuntimeImportPolicyFor(source) {
+    return { source };
+}
+/**
+ * The WORKER import policy constructor (ADR-0054 M4-G). Used ONLY on the
+ * worker-owned discovery path (inside the forked `__tool-command-worker`, gated
+ * on `OPENSIP_CLI_IN_TOOL_WORKER`). A bundled source produces the plain host
+ * policy; an external source produces the named `inDispatchWorker` policy — the
+ * legitimate place untrusted external runtime loads.
+ */
+export function workerRuntimeImportPolicyFor(source) {
     if (source === 'bundled')
         return { source };
-    return { source, adr0054Transition: true };
+    return { source, inDispatchWorker: true };
+}
+/** Whether a runtime import policy authorizes loading the runtime (defense-in-depth). */
+function isAuthorizedImportPolicy(policy) {
+    return policy.source === 'bundled' || policy.inDispatchWorker === true;
 }
 /**
  * Resolve a tool package's entry, DYNAMIC-IMPORT it, and validate the exported
@@ -46,15 +69,20 @@ export function hostRuntimeImportPolicyFor(source) {
  * module-resolution path still loads. A third-party tool is an untrusted
  * boundary, so `isValidTool` gates the exported symbol before it is touched.
  *
+ * ADR-0054 M4-G: the `policy` is `{ source: 'bundled' }` for a HOST import or the
+ * `inDispatchWorker` worker policy for an external import inside the dispatch
+ * worker. A bare external source can no longer be expressed (the type forbids it);
+ * the runtime check is defense-in-depth.
+ *
  * Never throws: returns a discriminated result the caller acts on.
  */
 export async function importToolRuntime(dir, policy) {
-    if (policy.source !== 'bundled' && policy.adr0054Transition !== true) {
+    if (!isAuthorizedImportPolicy(policy)) {
         return {
             ok: false,
             reason: 'import-failed',
-            detail: 'external tool runtime import attempted without ADR-0054 transition policy; ' +
-                'load through the worker boundary instead',
+            detail: 'external tool runtime import attempted without a bundled or worker policy; ' +
+                'load through the worker boundary instead (ADR-0054 M4-G capstone)',
         };
     }
     const meta = readToolPackageMetadata(dir);
@@ -134,8 +162,14 @@ export async function admitToolPackage(opts) {
         };
     }
     // Section 3+4 — runtime load + tool shape: dynamic import (UNTRUSTED code
-    // executes here) and the exported-symbol gate.
-    const load = await importToolRuntime(opts.dir, hostRuntimeImportPolicyFor(opts.source));
+    // executes here) and the exported-symbol gate. ADR-0054 M4-G: this section
+    // runs ONLY in an isolation context — the bundled host bootstrap (source
+    // `'bundled'`) or the child-process `runtime-probe-entry` for `tools validate`
+    // (a separate process, like the dispatch worker). `workerRuntimeImportPolicyFor`
+    // produces the bundled host policy for `'bundled'` and the named
+    // `inDispatchWorker` policy for an external candidate in the probe child — never
+    // a bare external host import (the type forbids that).
+    const load = await importToolRuntime(opts.dir, workerRuntimeImportPolicyFor(opts.source));
     if (!load.ok) {
         if (load.reason === 'invalid-shape') {
             sections.push({ section: 'runtime-load', ok: true }, {

package/dist/bootstrap/admit-tool-package.js.map

@@ -1 +1 @@
-{"version":3,"file":"admit-tool-package.js","sourceRoot":"","sources":["../../src/bootstrap/admit-tool-package.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAEzC,OAAO,EACL,SAAS,EACT,yBAAyB,EACzB,gBAAgB,EAChB,uBAAuB,GAMxB,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EAAE,WAAW,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAwBxE,MAAM,UAAU,0BAA0B,CAAC,MAAkB;IAC3D,IAAI,MAAM,KAAK,SAAS;QAAE,OAAO,EAAE,MAAM,EAAE,CAAC;IAC5C,OAAO,EAAE,MAAM,EAAE,iBAAiB,EAAE,IAAI,EAAE,CAAC;AAC7C,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,GAAW,EACX,MAA+B;IAE/B,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,IAAI,MAAM,CAAC,iBAAiB,KAAK,IAAI,EAAE,CAAC;QACrE,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,eAAe;YACvB,MAAM,EACJ,6EAA6E;gBAC7E,0CAA0C;SAC7C,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GAAG,uBAAuB,CAAC,GAAG,CAAC,CAAC;IAC1C,IAAI,CAAC,IAAI;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;IACpD,IAAI,GAAuB,CAAC;IAC5B,IAAI,CAAC;QACH,GAAG,GAAG,CAAC,MAAM,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAEtD,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,eAAe;YACvB,MAAM,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAC/D,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;QAC3B,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,eAAe;YACvB,MAAM,EAAE,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,qCAAqC;SACjF,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;AACtC,CAAC;AAqED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,IAA6B;IAClE,MAAM,QAAQ,GAA6B,EAAE,CAAC;IAE9C,4EAA4E;IAC5E,sDAAsD;IACtD,MAAM,WAAW,GAAG,gBAAgB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;IAC5D,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;QAC9B,QAAQ,CAAC,IAAI,CAAC;YACZ,OAAO,EAAE,UAAU;YACnB,EAAE,EAAE,KAAK;YACT,UAAU,EAAE,+BAA+B;SAC5C,CAAC,CAAC;QACH,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;IACjC,CAAC;IACD,QAAQ,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAEjD,0EAA0E;IAC1E,sDAAsD;IACtD,MAAM,MAAM,GAAG,SAAS,CAAC;QACvB,QAAQ,EAAE,WAAW;QACrB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,GAAG,CAAC,IAAI,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC;QAC5E,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;KAC9C,CAAC,CAAC;IACH,IAAI,MAAM,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,OAAO,EAAE,eAAe;YACxB,EAAE,EAAE,KAAK;YACT,UAAU,EAAE,MAAM,CAAC,UAAU,IAAI,gCAAgC;SAClE,CAAC,CAAC;QACH,OAAO;YACL,EAAE,EAAE,KAAK;YACT,QAAQ;YACR,WAAW;YACX,qBAAqB,EAAE,MAAM,CAAC,QAAQ;SACvC,CAAC;IACJ,CAAC;IACD,QAAQ,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,eAAe,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IACtD,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,MAAM,CAAC;IAExC,IAAI,IAAI,CAAC,UAAU,KAAK,IAAI,EAAE,CAAC;QAC7B,OAAO;YACL,EAAE,EAAE,IAAI;YACR,QAAQ;YACR,WAAW;YACX,QAAQ;YACR,UAAU;YACV,qBAAqB,EAAE,OAAO;SAC/B,CAAC;IACJ,CAAC;IAED,0EAA0E;IAC1E,+CAA+C;IAC/C,MAAM,IAAI,GAAG,MAAM,iBAAiB,CAAC,IAAI,CAAC,GAAG,EAAE,0BAA0B,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;IACxF,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;QACb,IAAI,IAAI,CAAC,MAAM,KAAK,eAAe,EAAE,CAAC;YACpC,QAAQ,CAAC,IAAI,CACX,EAAE,OAAO,EAAE,cAAc,EAAE,EAAE,EAAE,IAAI,EAAE,EACrC;gBACE,OAAO,EAAE,YAAY;gBACrB,EAAE,EAAE,KAAK;gBACT,UAAU,EAAE,uCAAuC;aACpD,CACF,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,IAAI,CAAC;gBACZ,OAAO,EAAE,cAAc;gBACvB,EAAE,EAAE,KAAK;gBACT,UAAU,EAAE,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM;aACvC,CAAC,CAAC;QACL,CAAC;QACD,OAAO;YACL,EAAE,EAAE,KAAK;YACT,QAAQ;YACR,QAAQ;YACR,UAAU;YACV,qBAAqB,EAAE,OAAO;YAC9B,iBAAiB,EAAE,IAAI,CAAC,MAAM;YAC9B,GAAG,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,iBAAiB,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;SACzE,CAAC;IACJ,CAAC;IACD,QAAQ,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,cAAc,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAE1F,0EAA0E;IAC1E,wEAAwE;IACxE,IAAI,CAAC;QACH,yBAAyB,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,QAAQ,CAAC,IAAI,CAAC;YACZ,OAAO,EAAE,4BAA4B;YACrC,EAAE,EAAE,KAAK;YACT,UAAU,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SACnE,CAAC,CAAC;QACH,OAAO;YACL,EAAE,EAAE,KAAK;YACT,QAAQ;YACR,QAAQ;YACR,UAAU;YACV,qBAAqB,EAAE,OAAO;YAC9B,cAAc,EAAE,KAAK;SACtB,CAAC;IACJ,CAAC;IACD,QAAQ,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,4BAA4B,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAEnE,OAAO;QACL,EAAE,EAAE,IAAI;QACR,QAAQ;QACR,QAAQ;QACR,UAAU;QACV,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,qBAAqB,EAAE,OAAO;KAC/B,CAAC;AACJ,CAAC"}
+{"version":3,"file":"admit-tool-package.js","sourceRoot":"","sources":["../../src/bootstrap/admit-tool-package.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAiCG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAEzC,OAAO,EACL,SAAS,EACT,yBAAyB,EACzB,gBAAgB,EAChB,uBAAuB,GAMxB,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EAAE,WAAW,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AA6CxE;;;;GAIG;AACH,MAAM,UAAU,0BAA0B,CAAC,MAAiB;IAC1D,OAAO,EAAE,MAAM,EAAE,CAAC;AACpB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,4BAA4B,CAAC,MAAkB;IAC7D,IAAI,MAAM,KAAK,SAAS;QAAE,OAAO,EAAE,MAAM,EAAE,CAAC;IAC5C,OAAO,EAAE,MAAM,EAAE,gBAAgB,EAAE,IAAI,EAAE,CAAC;AAC5C,CAAC;AAED,yFAAyF;AACzF,SAAS,wBAAwB,CAAC,MAAiC;IACjE,OAAO,MAAM,CAAC,MAAM,KAAK,SAAS,IAAI,MAAM,CAAC,gBAAgB,KAAK,IAAI,CAAC;AACzE,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,GAAW,EACX,MAAiC;IAEjC,IAAI,CAAC,wBAAwB,CAAC,MAAM,CAAC,EAAE,CAAC;QACtC,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,eAAe;YACvB,MAAM,EACJ,6EAA6E;gBAC7E,mEAAmE;SACtE,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GAAG,uBAAuB,CAAC,GAAG,CAAC,CAAC;IAC1C,IAAI,CAAC,IAAI;QAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;IACpD,IAAI,GAAuB,CAAC;IAC5B,IAAI,CAAC;QACH,GAAG,GAAG,CAAC,MAAM,MAAM,CAAC,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAEtD,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,eAAe;YACvB,MAAM,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SAC/D,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;QAC3B,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,eAAe;YACvB,MAAM,EAAE,qBAAqB,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,qCAAqC;SACjF,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;AACtC,CAAC;AAqED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,IAA6B;IAClE,MAAM,QAAQ,GAA6B,EAAE,CAAC;IAE9C,4EAA4E;IAC5E,sDAAsD;IACtD,MAAM,WAAW,GAAG,gBAAgB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC;IAC5D,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;QAC9B,QAAQ,CAAC,IAAI,CAAC;YACZ,OAAO,EAAE,UAAU;YACnB,EAAE,EAAE,KAAK;YACT,UAAU,EAAE,+BAA+B;SAC5C,CAAC,CAAC;QACH,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;IACjC,CAAC;IACD,QAAQ,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAEjD,0EAA0E;IAC1E,sDAAsD;IACtD,MAAM,MAAM,GAAG,SAAS,CAAC;QACvB,QAAQ,EAAE,WAAW;QACrB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,GAAG,CAAC,IAAI,CAAC,WAAW,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC;QAC5E,mBAAmB,EAAE,IAAI,CAAC,mBAAmB;KAC9C,CAAC,CAAC;IACH,IAAI,MAAM,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,OAAO,EAAE,eAAe;YACxB,EAAE,EAAE,KAAK;YACT,UAAU,EAAE,MAAM,CAAC,UAAU,IAAI,gCAAgC;SAClE,CAAC,CAAC;QACH,OAAO;YACL,EAAE,EAAE,KAAK;YACT,QAAQ;YACR,WAAW;YACX,qBAAqB,EAAE,MAAM,CAAC,QAAQ;SACvC,CAAC;IACJ,CAAC;IACD,QAAQ,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,eAAe,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IACtD,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,MAAM,CAAC;IAExC,IAAI,IAAI,CAAC,UAAU,KAAK,IAAI,EAAE,CAAC;QAC7B,OAAO;YACL,EAAE,EAAE,IAAI;YACR,QAAQ;YACR,WAAW;YACX,QAAQ;YACR,UAAU;YACV,qBAAqB,EAAE,OAAO;SAC/B,CAAC;IACJ,CAAC;IAED,0EAA0E;IAC1E,2EAA2E;IAC3E,yEAAyE;IACzE,+EAA+E;IAC/E,iFAAiF;IACjF,iEAAiE;IACjE,iFAAiF;IACjF,uDAAuD;IACvD,MAAM,IAAI,GAAG,MAAM,iBAAiB,CAAC,IAAI,CAAC,GAAG,EAAE,4BAA4B,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;IAC1F,IAAI,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC;QACb,IAAI,IAAI,CAAC,MAAM,KAAK,eAAe,EAAE,CAAC;YACpC,QAAQ,CAAC,IAAI,CACX,EAAE,OAAO,EAAE,cAAc,EAAE,EAAE,EAAE,IAAI,EAAE,EACrC;gBACE,OAAO,EAAE,YAAY;gBACrB,EAAE,EAAE,KAAK;gBACT,UAAU,EAAE,uCAAuC;aACpD,CACF,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,IAAI,CAAC;gBACZ,OAAO,EAAE,cAAc;gBACvB,EAAE,EAAE,KAAK;gBACT,UAAU,EAAE,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM;aACvC,CAAC,CAAC;QACL,CAAC;QACD,OAAO;YACL,EAAE,EAAE,KAAK;YACT,QAAQ;YACR,QAAQ;YACR,UAAU;YACV,qBAAqB,EAAE,OAAO;YAC9B,iBAAiB,EAAE,IAAI,CAAC,MAAM;YAC9B,GAAG,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,iBAAiB,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;SACzE,CAAC;IACJ,CAAC;IACD,QAAQ,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,cAAc,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,YAAY,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAE1F,0EAA0E;IAC1E,wEAAwE;IACxE,IAAI,CAAC;QACH,yBAAyB,CAAC,QAAQ,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,QAAQ,CAAC,IAAI,CAAC;YACZ,OAAO,EAAE,4BAA4B;YACrC,EAAE,EAAE,KAAK;YACT,UAAU,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC;SACnE,CAAC,CAAC;QACH,OAAO;YACL,EAAE,EAAE,KAAK;YACT,QAAQ;YACR,QAAQ;YACR,UAAU;YACV,qBAAqB,EAAE,OAAO;YAC9B,cAAc,EAAE,KAAK;SACtB,CAAC;IACJ,CAAC;IACD,QAAQ,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,4BAA4B,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;IAEnE,OAAO;QACL,EAAE,EAAE,IAAI;QACR,QAAQ;QACR,QAAQ;QACR,UAAU;QACV,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,qBAAqB,EAAE,OAAO;KAC/B,CAAC;AACJ,CAAC"}

package/dist/bootstrap/baseline-seams.js

@@ -109,7 +109,7 @@ export function buildBaselineSeams(deps) {
             // are not recoverable without storing the full original envelope).
             const synthetic = {
                 schemaVersion: 2,
-                tool: tool,
+                tool,
                 runId: `baseline:${tool}`,
                 createdAt: new Date(capturedAt).toISOString(),
                 verdict: {

package/dist/bootstrap/baseline-seams.js.map

@@ -1 +1 @@
-{"version":3,"file":"baseline-seams.js","sourceRoot":"","sources":["../../src/bootstrap/baseline-seams.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC,OAAO,EACL,kBAAkB,EAGlB,cAAc,GAEf,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,YAAY,EAAkB,MAAM,wBAAwB,CAAC;AACtE,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAEnD,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAY3D,uFAAuF;AACvF,SAAS,eAAe,CAAC,IAAY;IACnC,OAAO,IAAI,kBAAkB,CAC3B,0BAA0B,IAAI,oDAAoD;QAChF,+EAA+E;QAC/E,wEAAwE;QACxE,iBAAiB,IAAI,uDAAuD;QAC5E,iFAAiF;QACjF,eAAe,EACjB,EAAE,IAAI,EAAE,qCAAqC,EAAE,CAChD,CAAC;AACJ,CAAC;AAED,oFAAoF;AACpF,4NAA4N;AAC5N,SAAS,qBAAqB,CAC5B,IAAY,EACZ,OAA0B;IAE1B,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QACvB,IAAI,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YACnB,MAAM,IAAI,kBAAkB,CAC1B,gBAAgB,IAAI,aAAa,CAAC,CAAC,MAAM,6CAA6C;gBACpF,uFAAuF,EACzF,EAAE,IAAI,EAAE,qCAAqC,EAAE,CAChD,CAAC;QACJ,CAAC;QACD,OAAO,EAAE,WAAW,EAAE,CAAC,CAAC,WAAW,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;IACpD,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAAC,IAGlC;IACC,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IACtC,MAAM,OAAO,GAAG,GAAiB,EAAE,CAAC,IAAI,YAAY,CAAC,YAAY,EAAE,CAAC,CAAC;IAErE,OAAO;QACL,0EAA0E;QAC1E,iEAAiE;QACjE,YAAY,EAAE,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE;YAC/B,MAAM,GAAG,GAAG,QAA0B,CAAC;YACvC,MAAM,OAAO,GAAG,qBAAqB,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;YACzD,OAAO,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YAC9B,MAAM,CAAC,IAAI,CAAC;gBACV,GAAG,EAAE,4BAA4B;gBACjC,MAAM,EAAE,oBAAoB;gBAC5B,IAAI;gBACJ,KAAK,EAAE,OAAO,CAAC,MAAM;aACtB,CAAC,CAAC;YACH,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;QAC3B,CAAC;QAED,eAAe,EAAE,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE;YAClC,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;YACvB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC;gBAAE,OAAO,OAAO,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC;YACrE,MAAM,GAAG,GAAG,QAA0B,CAAC;YACvC,OAAO,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACrE,CAAC;QAED,kFAAkF;QAClF,uMAAuM;QACvM,mBAAmB,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;YACxC,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;YACvB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC;gBAAE,MAAM,eAAe,CAAC,IAAI,CAAC,CAAC;YACpD,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;YACzC,+FAA+F;YAC/F,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;gBAC7B,MAAM,IAAI,kBAAkB,CAC1B,0BAA0B,IAAI,4CAA4C,EAC1E,EAAE,IAAI,EAAE,0CAA0C,EAAE,CACrD,CAAC;YACJ,CAAC;YACD,MAAM,OAAO,GAAG,IAAI;iBACjB,IAAI,CAAC,IAAI,CAAC;iBACV,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC;iBACrB,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC;YAE1C,2EAA2E;YAC3E,wEAAwE;YACxE,yEAAyE;YACzE,0EAA0E;YAC1E,qEAAqE;YACrE,IAAI,MAAM,GAAG,CAAC,CAAC;YACf,IAAI,QAAQ,GAAG,CAAC,CAAC;YACjB,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;gBACxB,IAAI,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC;oBAAE,MAAM,IAAI,CAAC,CAAC;;oBAC/C,QAAQ,IAAI,CAAC,CAAC;YACrB,CAAC;YACD,MAAM,OAAO,GAAG;gBACd,KAAK,EAAE,OAAO,CAAC,MAAM;gBACrB,MAAM,EAAE,OAAO,CAAC,MAAM,GAAG,MAAM;gBAC/B,MAAM,EAAE,MAAM;gBACd,MAAM;gBACN,QAAQ;aACT,CAAC;YAEF,4EAA4E;YAC5E,0EAA0E;YAC1E,uEAAuE;YACvE,mEAAmE;YACnE,sEAAsE;YACtE,6EAA6E;YAC7E,mEAAmE;YACnE,MAAM,SAAS,GAAmB;gBAChC,aAAa,EAAE,CAAC;gBAChB,IAAI,EAAE,IAA8B;gBACpC,KAAK,EAAE,YAAY,IAAI,EAAE;gBACzB,SAAS,EAAE,IAAI,IAAI,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE;gBAC7C,OAAO,EAAE;oBACP,KAAK,EAAE,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,GAAG,OAAO,CAAC,KAAK;oBAChE,MAAM,EAAE,MAAM,KAAK,CAAC;oBACpB,OAAO;iBACR;gBACD,KAAK,EAAE,EAAE;gBACT,OAAO;aACR,CAAC;YACF,MAAM,kBAAkB,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QAC5C,CAAC;QAED,kFAAkF;QAClF,8MAA8M;QAC9M,0BAA0B,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;YAC/C,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;YACvB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC;gBAAE,MAAM,eAAe,CAAC,IAAI,CAAC,CAAC;YACpD,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;YACzC,iEAAiE;YACjE,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;gBAC7B,MAAM,IAAI,kBAAkB,CAC1B,0BAA0B,IAAI,4CAA4C,EAC1E,EAAE,IAAI,EAAE,0CAA0C,EAAE,CACrD,CAAC;YACJ,CAAC;YACD,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7B,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC;YACvF,MAAM,IAAI,GAAG;gBACX,OAAO,EAAE,GAAG;gBACZ,IAAI;gBACJ,UAAU,EAAE,IAAI,IAAI,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE;gBAC9C,oEAAoE;gBACpE,2EAA2E;gBAC3E,sEAAsE;gBACtE,sEAAsE;gBACtE,IAAI,EAAE,sFAAsF;gBAC5F,WAAW,EAAE,YAAY,CAAC,MAAM;gBAChC,YAAY;aACb,CAAC;YACF,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;YACjD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAChD,MAAM,SAAS,CAAC,IAAI,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;QAC5C,CAAC;KACF,CAAC;AACJ,CAAC"}
+{"version":3,"file":"baseline-seams.js","sourceRoot":"","sources":["../../src/bootstrap/baseline-seams.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAEpC,OAAO,EACL,kBAAkB,EAGlB,cAAc,GAEf,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,YAAY,EAAkB,MAAM,wBAAwB,CAAC;AACtE,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAEnD,OAAO,EAAE,kBAAkB,EAAE,MAAM,uBAAuB,CAAC;AAY3D,uFAAuF;AACvF,SAAS,eAAe,CAAC,IAAY;IACnC,OAAO,IAAI,kBAAkB,CAC3B,0BAA0B,IAAI,oDAAoD;QAChF,+EAA+E;QAC/E,wEAAwE;QACxE,iBAAiB,IAAI,uDAAuD;QAC5E,iFAAiF;QACjF,eAAe,EACjB,EAAE,IAAI,EAAE,qCAAqC,EAAE,CAChD,CAAC;AACJ,CAAC;AAED,oFAAoF;AACpF,4NAA4N;AAC5N,SAAS,qBAAqB,CAC5B,IAAY,EACZ,OAA0B;IAE1B,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QACvB,IAAI,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YACnB,MAAM,IAAI,kBAAkB,CAC1B,gBAAgB,IAAI,aAAa,CAAC,CAAC,MAAM,6CAA6C;gBACpF,uFAAuF,EACzF,EAAE,IAAI,EAAE,qCAAqC,EAAE,CAChD,CAAC;QACJ,CAAC;QACD,OAAO,EAAE,WAAW,EAAE,CAAC,CAAC,WAAW,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;IACpD,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAAC,IAGlC;IACC,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IACtC,MAAM,OAAO,GAAG,GAAiB,EAAE,CAAC,IAAI,YAAY,CAAC,YAAY,EAAE,CAAC,CAAC;IAErE,OAAO;QACL,0EAA0E;QAC1E,iEAAiE;QACjE,YAAY,EAAE,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE;YAC/B,MAAM,GAAG,GAAG,QAA0B,CAAC;YACvC,MAAM,OAAO,GAAG,qBAAqB,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,CAAC,CAAC;YACzD,OAAO,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YAC9B,MAAM,CAAC,IAAI,CAAC;gBACV,GAAG,EAAE,4BAA4B;gBACjC,MAAM,EAAE,oBAAoB;gBAC5B,IAAI;gBACJ,KAAK,EAAE,OAAO,CAAC,MAAM;aACtB,CAAC,CAAC;YACH,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;QAC3B,CAAC;QAED,eAAe,EAAE,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE;YAClC,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;YACvB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC;gBAAE,OAAO,OAAO,CAAC,MAAM,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC;YACrE,MAAM,GAAG,GAAG,QAA0B,CAAC;YACvC,OAAO,OAAO,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACrE,CAAC;QAED,kFAAkF;QAClF,uMAAuM;QACvM,mBAAmB,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;YACxC,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;YACvB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC;gBAAE,MAAM,eAAe,CAAC,IAAI,CAAC,CAAC;YACpD,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;YACzC,+FAA+F;YAC/F,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;gBAC7B,MAAM,IAAI,kBAAkB,CAC1B,0BAA0B,IAAI,4CAA4C,EAC1E,EAAE,IAAI,EAAE,0CAA0C,EAAE,CACrD,CAAC;YACJ,CAAC;YACD,MAAM,OAAO,GAAG,IAAI;iBACjB,IAAI,CAAC,IAAI,CAAC;iBACV,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC;iBACrB,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC;YAE1C,2EAA2E;YAC3E,wEAAwE;YACxE,yEAAyE;YACzE,0EAA0E;YAC1E,qEAAqE;YACrE,IAAI,MAAM,GAAG,CAAC,CAAC;YACf,IAAI,QAAQ,GAAG,CAAC,CAAC;YACjB,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;gBACxB,IAAI,cAAc,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC;oBAAE,MAAM,IAAI,CAAC,CAAC;;oBAC/C,QAAQ,IAAI,CAAC,CAAC;YACrB,CAAC;YACD,MAAM,OAAO,GAAG;gBACd,KAAK,EAAE,OAAO,CAAC,MAAM;gBACrB,MAAM,EAAE,OAAO,CAAC,MAAM,GAAG,MAAM;gBAC/B,MAAM,EAAE,MAAM;gBACd,MAAM;gBACN,QAAQ;aACT,CAAC;YAEF,4EAA4E;YAC5E,0EAA0E;YAC1E,uEAAuE;YACvE,mEAAmE;YACnE,sEAAsE;YACtE,6EAA6E;YAC7E,mEAAmE;YACnE,MAAM,SAAS,GAAmB;gBAChC,aAAa,EAAE,CAAC;gBAChB,IAAI;gBACJ,KAAK,EAAE,YAAY,IAAI,EAAE;gBACzB,SAAS,EAAE,IAAI,IAAI,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE;gBAC7C,OAAO,EAAE;oBACP,KAAK,EAAE,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,GAAG,OAAO,CAAC,KAAK;oBAChE,MAAM,EAAE,MAAM,KAAK,CAAC;oBACpB,OAAO;iBACR;gBACD,KAAK,EAAE,EAAE;gBACT,OAAO;aACR,CAAC;YACF,MAAM,kBAAkB,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QAC5C,CAAC;QAED,kFAAkF;QAClF,8MAA8M;QAC9M,0BAA0B,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;YAC/C,MAAM,IAAI,GAAG,OAAO,EAAE,CAAC;YACvB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC;gBAAE,MAAM,eAAe,CAAC,IAAI,CAAC,CAAC;YACpD,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;YACzC,iEAAiE;YACjE,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;gBAC7B,MAAM,IAAI,kBAAkB,CAC1B,0BAA0B,IAAI,4CAA4C,EAC1E,EAAE,IAAI,EAAE,0CAA0C,EAAE,CACrD,CAAC;YACJ,CAAC;YACD,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7B,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC;YACvF,MAAM,IAAI,GAAG;gBACX,OAAO,EAAE,GAAG;gBACZ,IAAI;gBACJ,UAAU,EAAE,IAAI,IAAI,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE;gBAC9C,oEAAoE;gBACpE,2EAA2E;gBAC3E,sEAAsE;gBACtE,sEAAsE;gBACtE,IAAI,EAAE,sFAAsF;gBAC5F,WAAW,EAAE,YAAY,CAAC,MAAM;gBAChC,YAAY;aACb,CAAC;YACF,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;YACjD,MAAM,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAChD,MAAM,SAAS,CAAC,IAAI,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;QAC5C,CAAC;KACF,CAAC;AACJ,CAAC"}

package/dist/bootstrap/bind-external-dispatch.d.ts

@@ -0,0 +1,36 @@
+/**
+ * bind-external-dispatch — per-tool wiring of the ADR-0054 out-of-process
+ * dispatch hook (`RunActionHooks.maybeDispatchExternal`).
+ *
+ * `mountOneTool` calls {@link buildMaybeDispatchExternal} to bind a dispatch
+ * hook to one tool. At dispatch time the hook resolves the tool's provenance
+ * from `currentScope().toolProvenance` (recorded by the bootstrap, paired with
+ * the tool registry by stable id):
+ *
+ *   - BUNDLED provenance (or no provenance recorded) → returns `false`; the
+ *     command action runs the handler in-process, byte-identical to before.
+ *     Bundled tools are the trusted computing base (ADR-0054 trust tiers).
+ *   - EXTERNAL provenance (installed / project-local / user-global) → forks the
+ *     worker via {@link dispatchExternalToolCommand}, which imports the untrusted
+ *     runtime in the worker, runs the handler, and replays the slim result
+ *     through the host seams; returns `true` so the action skips the in-process
+ *     path.
+ *
+ * ADR-0054 M4-E trust-tier flip: external tools fork the worker **by default**.
+ * The former `OPENSIP_CLI_EXTERNAL_WORKER` opt-in gate is retired (M4-C landed
+ * the full host-RPC seam surface, closing the parity gap that blocked the flip).
+ * `OPENSIP_CLI_NO_WORKER` is now BUNDLED-ONLY — it never lets an external tool
+ * run in-host (an external tool that cannot fork is a hard error, raised by the
+ * supervisor, not a silent in-process fallback).
+ *
+ * Resolving provenance from the scope (not threading it through the mount chain)
+ * keeps this additive: the mount signature is unchanged and host commands — whose
+ * lean context has no run plane — never carry the hook.
+ */
+import { type Tool, type ToolCliContext } from '@opensip-cli/core';
+/**
+ * Build the `maybeDispatchExternal` hook bound to one tool + its host context.
+ * The returned hook is merged onto the bound `ToolCliContext` by `mountOneTool`.
+ */
+export declare function buildMaybeDispatchExternal(tool: Tool, ctx: ToolCliContext): (commandName: string, opts: Record<string, unknown>, positionals: readonly unknown[]) => Promise<boolean>;
+//# sourceMappingURL=bind-external-dispatch.d.ts.map

package/dist/bootstrap/bind-external-dispatch.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"bind-external-dispatch.d.ts","sourceRoot":"","sources":["../../src/bootstrap/bind-external-dispatch.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAEH,OAAO,EAEL,KAAK,IAAI,EACT,KAAK,cAAc,EAEpB,MAAM,mBAAmB,CAAC;AA4B3B;;;GAGG;AACH,wBAAgB,0BAA0B,CACxC,IAAI,EAAE,IAAI,EACV,GAAG,EAAE,cAAc,GAClB,CACD,WAAW,EAAE,MAAM,EACnB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC7B,WAAW,EAAE,SAAS,OAAO,EAAE,KAC5B,OAAO,CAAC,OAAO,CAAC,CAuBpB"}

package/dist/bootstrap/bind-external-dispatch.js

@@ -0,0 +1,81 @@
+/**
+ * bind-external-dispatch — per-tool wiring of the ADR-0054 out-of-process
+ * dispatch hook (`RunActionHooks.maybeDispatchExternal`).
+ *
+ * `mountOneTool` calls {@link buildMaybeDispatchExternal} to bind a dispatch
+ * hook to one tool. At dispatch time the hook resolves the tool's provenance
+ * from `currentScope().toolProvenance` (recorded by the bootstrap, paired with
+ * the tool registry by stable id):
+ *
+ *   - BUNDLED provenance (or no provenance recorded) → returns `false`; the
+ *     command action runs the handler in-process, byte-identical to before.
+ *     Bundled tools are the trusted computing base (ADR-0054 trust tiers).
+ *   - EXTERNAL provenance (installed / project-local / user-global) → forks the
+ *     worker via {@link dispatchExternalToolCommand}, which imports the untrusted
+ *     runtime in the worker, runs the handler, and replays the slim result
+ *     through the host seams; returns `true` so the action skips the in-process
+ *     path.
+ *
+ * ADR-0054 M4-E trust-tier flip: external tools fork the worker **by default**.
+ * The former `OPENSIP_CLI_EXTERNAL_WORKER` opt-in gate is retired (M4-C landed
+ * the full host-RPC seam surface, closing the parity gap that blocked the flip).
+ * `OPENSIP_CLI_NO_WORKER` is now BUNDLED-ONLY — it never lets an external tool
+ * run in-host (an external tool that cannot fork is a hard error, raised by the
+ * supervisor, not a silent in-process fallback).
+ *
+ * Resolving provenance from the scope (not threading it through the mount chain)
+ * keeps this additive: the mount signature is unchanged and host commands — whose
+ * lean context has no run plane — never carry the hook.
+ */
+import { currentScope, } from '@opensip-cli/core';
+import { dispatchExternalToolCommand } from './dispatch-external-tool-command.js';
+import { provenanceRecordFor } from './tool-provenance.js';
+/** Find the admitted manifest for `tool` (same stable-id-then-name match). */
+function manifestFor(tool) {
+    /* v8 ignore next -- defensive: `manifestFor` is only reached from the external-dispatch arm, which has already resolved an EXTERNAL provenance record off `currentScope()?.toolProvenance` (so a scope exists for this synchronous hook body), and `RunScope` always initializes `toolManifests` to `[]` — so `currentScope()?.toolManifests` is never undefined here and the `?? []` arm cannot execute. */
+    const recorded = currentScope()?.toolManifests ?? [];
+    return (recorded.find((m) => m.stableId !== undefined && m.stableId === tool.metadata.id) ??
+        recorded.find((m) => m.id === tool.metadata.name));
+}
+/**
+ * Resolve the tool's RAW config namespace block for the WORKER deep pass
+ * (ADR-0054 M4-E). The namespace is the tool's manifest config descriptor key;
+ * the block is read from the host-validated document (`scope.configDocument`).
+ * `undefined` when the tool declares no descriptor or the document has no block —
+ * the worker then runs no deep pass for it.
+ */
+function deepConfigBlockFor(tool) {
+    const namespace = manifestFor(tool)?.config?.namespace;
+    if (namespace === undefined)
+        return undefined;
+    return currentScope()?.configDocument?.[namespace];
+}
+/**
+ * Build the `maybeDispatchExternal` hook bound to one tool + its host context.
+ * The returned hook is merged onto the bound `ToolCliContext` by `mountOneTool`.
+ */
+export function buildMaybeDispatchExternal(tool, ctx) {
+    return async (commandName, opts, positionals) => {
+        const provenance = provenanceRecordFor(tool, currentScope()?.toolProvenance ?? []);
+        if (provenance === undefined || provenance.source === 'bundled') {
+            // No external provenance recorded (or bundled) → in-process (the trusted /
+            // unknown path), byte-identical to before. ADR-0054 trust tiers: bundled
+            // tools are the trusted computing base.
+            return false;
+        }
+        // ADR-0054 M4-E trust-tier flip: an external tool ALWAYS forks the worker
+        // (no opt-in gate). `OPENSIP_CLI_NO_WORKER` does not apply here — it is
+        // bundled-only; the supervisor hard-errors if the fork fails (never an
+        // in-host run of untrusted code).
+        await dispatchExternalToolCommand({
+            provenance,
+            commandName,
+            opts,
+            positionals,
+            ctx,
+            config: deepConfigBlockFor(tool),
+        });
+        return true;
+    };
+}
+//# sourceMappingURL=bind-external-dispatch.js.map

package/dist/bootstrap/bind-external-dispatch.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"bind-external-dispatch.js","sourceRoot":"","sources":["../../src/bootstrap/bind-external-dispatch.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA4BG;AAEH,OAAO,EACL,YAAY,GAIb,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EAAE,2BAA2B,EAAE,MAAM,qCAAqC,CAAC;AAClF,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAE3D,8EAA8E;AAC9E,SAAS,WAAW,CAAC,IAAU;IAC7B,6YAA6Y;IAC7Y,MAAM,QAAQ,GAAG,YAAY,EAAE,EAAE,aAAa,IAAI,EAAE,CAAC;IACrD,OAAO,CACL,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,IAAI,CAAC,CAAC,QAAQ,KAAK,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QACjF,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAClD,CAAC;AACJ,CAAC;AAED;;;;;;GAMG;AACH,SAAS,kBAAkB,CAAC,IAAU;IACpC,MAAM,SAAS,GAAG,WAAW,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,SAAS,CAAC;IACvD,IAAI,SAAS,KAAK,SAAS;QAAE,OAAO,SAAS,CAAC;IAC9C,OAAO,YAAY,EAAE,EAAE,cAAc,EAAE,CAAC,SAAS,CAAC,CAAC;AACrD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,0BAA0B,CACxC,IAAU,EACV,GAAmB;IAMnB,OAAO,KAAK,EAAE,WAAW,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE;QAC9C,MAAM,UAAU,GAAG,mBAAmB,CAAC,IAAI,EAAE,YAAY,EAAE,EAAE,cAAc,IAAI,EAAE,CAAC,CAAC;QACnF,IAAI,UAAU,KAAK,SAAS,IAAI,UAAU,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAChE,2EAA2E;YAC3E,yEAAyE;YACzE,wCAAwC;YACxC,OAAO,KAAK,CAAC;QACf,CAAC;QACD,0EAA0E;QAC1E,wEAAwE;QACxE,uEAAuE;QACvE,kCAAkC;QAClC,MAAM,2BAA2B,CAAC;YAChC,UAAU;YACV,WAAW;YACX,IAAI;YACJ,WAAW;YACX,GAAG;YACH,MAAM,EAAE,kBAAkB,CAAC,IAAI,CAAC;SACjC,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;AACJ,CAAC"}

package/dist/bootstrap/build-command-registration-input.d.ts

@@ -11,7 +11,7 @@
  * sequencing (registries, bootstrap, mounting, registration, dispatch).
  */
 import { SessionReplayRegistry } from '../session-replay-registry.js';
-import type { CommandSpec, PluginLayout, ScaffoldContext, ScaffoldFile, ToolCliContext, ToolRegistry } from '@opensip-cli/core';
+import type { CommandSpec, PluginLayout, ScaffoldContext, ScaffoldFile, ToolCliContext, ToolProvenance, ToolRegistry } from '@opensip-cli/core';
 /** The structured input consumed by `registerCliCommands`. */
 export interface CommandRegistrationInput {
     readonly pluginLayouts: readonly NonNullable<PluginLayout>[];
@@ -37,5 +37,16 @@ export interface CommandRegistrationInput {
  * are absent (this warning is intentionally loud when a bundled tool is
  * missing, as it affects `init` scaffolding).
  */
-export declare function buildCommandRegistrationInput(registry: ToolRegistry): CommandRegistrationInput;
+export declare function buildCommandRegistrationInput(registry: ToolRegistry, 
+/**
+ * ADR-0054 M4-F: the admitted-tool provenance + project cwd, threaded so the
+ * session-replay registry gives an EXTERNAL tool a WORKER-backed `replaySession`
+ * (its untrusted runtime never executes in the host). Bundled tools replay
+ * in-host. Defaulted so the registry stays buildable without them (replay then
+ * treats every tool as bundled — the pre-M4-F behavior).
+ */
+opts?: {
+    readonly provenance?: readonly ToolProvenance[];
+    readonly cwd?: string;
+}): CommandRegistrationInput;
 //# sourceMappingURL=build-command-registration-input.d.ts.map

package/dist/bootstrap/build-command-registration-input.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"build-command-registration-input.d.ts","sourceRoot":"","sources":["../../src/bootstrap/build-command-registration-input.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAKH,OAAO,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AAItE,OAAO,KAAK,EACV,WAAW,EACX,YAAY,EACZ,eAAe,EACf,YAAY,EACZ,cAAc,EACd,YAAY,EACb,MAAM,mBAAmB,CAAC;AAE3B,8DAA8D;AAC9D,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,aAAa,EAAE,SAAS,WAAW,CAAC,YAAY,CAAC,EAAE,CAAC;IAC7D,QAAQ,CAAC,aAAa,EAAE,SAAS;QAC/B,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAC;QAC9B,QAAQ,CAAC,gBAAgB,EAAE,CAAC,CAAC,GAAG,EAAE,eAAe,KAAK,SAAS,YAAY,EAAE,CAAC,GAAG,SAAS,CAAC;QAC3F,QAAQ,CAAC,gBAAgB,EAAE,CAAC,MAAM,SAAS,MAAM,EAAE,CAAC,GAAG,SAAS,CAAC;QACjE,QAAQ,CAAC,mBAAmB,EAAE,CAAC,MAAM,MAAM,CAAC,GAAG,SAAS,CAAC;KAC1D,EAAE,CAAC;IACJ,QAAQ,CAAC,qBAAqB,EAAE,qBAAqB,CAAC;IACtD,QAAQ,CAAC,gBAAgB,EAAE,SAAS,WAAW,CAAC,OAAO,EAAE,cAAc,CAAC,EAAE,CAAC;IAC3E;;;;;OAKG;IACH,QAAQ,CAAC,oBAAoB,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;CACpD;AAED;;;;;GAKG;AACH,wBAAgB,6BAA6B,CAAC,QAAQ,EAAE,YAAY,GAAG,wBAAwB,CA6D9F"}
+{"version":3,"file":"build-command-registration-input.d.ts","sourceRoot":"","sources":["../../src/bootstrap/build-command-registration-input.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAMH,OAAO,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AAKtE,OAAO,KAAK,EACV,WAAW,EACX,YAAY,EACZ,eAAe,EACf,YAAY,EACZ,cAAc,EACd,cAAc,EACd,YAAY,EAEb,MAAM,mBAAmB,CAAC;AAE3B,8DAA8D;AAC9D,MAAM,WAAW,wBAAwB;IACvC,QAAQ,CAAC,aAAa,EAAE,SAAS,WAAW,CAAC,YAAY,CAAC,EAAE,CAAC;IAC7D,QAAQ,CAAC,aAAa,EAAE,SAAS;QAC/B,QAAQ,CAAC,MAAM,EAAE,YAAY,CAAC;QAC9B,QAAQ,CAAC,gBAAgB,EAAE,CAAC,CAAC,GAAG,EAAE,eAAe,KAAK,SAAS,YAAY,EAAE,CAAC,GAAG,SAAS,CAAC;QAC3F,QAAQ,CAAC,gBAAgB,EAAE,CAAC,MAAM,SAAS,MAAM,EAAE,CAAC,GAAG,SAAS,CAAC;QACjE,QAAQ,CAAC,mBAAmB,EAAE,CAAC,MAAM,MAAM,CAAC,GAAG,SAAS,CAAC;KAC1D,EAAE,CAAC;IACJ,QAAQ,CAAC,qBAAqB,EAAE,qBAAqB,CAAC;IACtD,QAAQ,CAAC,gBAAgB,EAAE,SAAS,WAAW,CAAC,OAAO,EAAE,cAAc,CAAC,EAAE,CAAC;IAC3E;;;;;OAKG;IACH,QAAQ,CAAC,oBAAoB,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;CACpD;AAED;;;;;GAKG;AACH,wBAAgB,6BAA6B,CAC3C,QAAQ,EAAE,YAAY;AACtB;;;;;;GAMG;AACH,IAAI,CAAC,EAAE;IAAE,QAAQ,CAAC,UAAU,CAAC,EAAE,SAAS,cAAc,EAAE,CAAC;IAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,MAAM,CAAA;CAAE,GAChF,wBAAwB,CA+E1B"}

package/dist/bootstrap/build-command-registration-input.js

@@ -11,8 +11,10 @@
  * sequencing (registries, bootstrap, mounting, registration, dispatch).
  */
 import { logger, resolveToolHooks } from '@opensip-cli/core';
+import { buildHostDispatchCtx } from '../cli-context.js';
 import { internalCommandNames } from '../commands/internal-command-visibility.js';
 import { SessionReplayRegistry } from '../session-replay-registry.js';
+import { dispatchExternalToolHook } from './dispatch-external-tool-hook.js';
 import { EXPECTED_SCAFFOLDING_TOOL_IDS } from './register-tools.js';
 /**
  * Collects the registry-derived data needed for CLI command registration.
@@ -20,7 +22,15 @@ import { EXPECTED_SCAFFOLDING_TOOL_IDS } from './register-tools.js';
  * are absent (this warning is intentionally loud when a bundled tool is
  * missing, as it affects `init` scaffolding).
  */
-export function buildCommandRegistrationInput(registry) {
+export function buildCommandRegistrationInput(registry, 
+/**
+ * ADR-0054 M4-F: the admitted-tool provenance + project cwd, threaded so the
+ * session-replay registry gives an EXTERNAL tool a WORKER-backed `replaySession`
+ * (its untrusted runtime never executes in the host). Bundled tools replay
+ * in-host. Defaulted so the registry stays buildable without them (replay then
+ * treats every tool as bundled — the pre-M4-F behavior).
+ */
+opts) {
     // Source the plugin-supporting domains from the registered tools'
     // declared layouts — the kernel never enumerates them (ADR-0009).
     const pluginLayouts = registry
@@ -60,7 +70,24 @@ export function buildCommandRegistrationInput(registry) {
             });
         }
     }
-    const sessionReplayRegistry = SessionReplayRegistry.fromTools(registry);
+    // ADR-0054 M4-F: inject the external-replay dispatcher (forks the replay HOOK
+    // worker) so `session-replay-registry.ts` need not import the dispatch chain
+    // (that would form a module cycle). Bundled tools replay in-host.
+    const cwd = opts?.cwd;
+    const sessionReplayRegistry = SessionReplayRegistry.fromTools(registry, {
+        provenance: opts?.provenance ?? [],
+        ...(cwd === undefined
+            ? {}
+            : {
+                dispatchExternalReplay: (provenance, stored) => dispatchExternalToolHook({
+                    provenance,
+                    hook: 'sessionReplay',
+                    hookArg: stored,
+                    cwd,
+                    ctx: buildHostDispatchCtx(),
+                }),
+            }),
+    });
     // The live tool command surface, sourced from the populated registry so the
     // `completion` command derives its flags from the same specs the runtime
     // mounts (no hand-maintained flag list to drift).

package/dist/bootstrap/build-command-registration-input.js.map

@@ -1 +1 @@
-{"version":3,"file":"build-command-registration-input.js","sourceRoot":"","sources":["../../src/bootstrap/build-command-registration-input.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,MAAM,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAE7D,OAAO,EAAE,oBAAoB,EAAE,MAAM,4CAA4C,CAAC;AAClF,OAAO,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AAEtE,OAAO,EAAE,6BAA6B,EAAE,MAAM,qBAAqB,CAAC;AA+BpE;;;;;GAKG;AACH,MAAM,UAAU,6BAA6B,CAAC,QAAsB;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,MAAM,aAAa,GAAG,QAAQ;SAC3B,IAAI,EAAE;SACN,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC;SAC1B,MAAM,CAAC,CAAC,CAAC,EAA8B,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;IAE9D,8EAA8E;IAC9E,gFAAgF;IAChF,kFAAkF;IAClF,MAAM,aAAa,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;QAClD,MAAM,MAAM,GAAG,CAAC,CAAC,YAAY,CAAC;QAC9B,IAAI,MAAM,KAAK,SAAS;YAAE,OAAO,EAAE,CAAC;QACpC,MAAM,KAAK,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;QAClC,OAAO;YACL;gBACE,MAAM;gBACN,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;gBACxC,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;gBACxC,mBAAmB,EAAE,KAAK,CAAC,mBAAmB;aAC/C;SACF,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,6EAA6E;IAC7E,6EAA6E;IAC7E,qEAAqE;IACrE,2EAA2E;IAC3E,6EAA6E;IAC7E,6EAA6E;IAC7E,KAAK,MAAM,UAAU,IAAI,6BAA6B,EAAE,CAAC;QACvD,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,UAAU,CAAC,EAAE,CAAC;YACpF,MAAM,CAAC,IAAI,CAAC;gBACV,GAAG,EAAE,kCAAkC;gBACvC,MAAM,EAAE,eAAe;gBACvB,IAAI,EAAE,UAAU;gBAChB,GAAG,EAAE,0BAA0B,UAAU,6EAA6E;aACvH,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,MAAM,qBAAqB,GAAG,qBAAqB,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;IAExE,4EAA4E;IAC5E,yEAAyE;IACzE,kDAAkD;IAClD,MAAM,gBAAgB,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC;IAE9E,6EAA6E;IAC7E,6EAA6E;IAC7E,wEAAwE;IACxE,MAAM,oBAAoB,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;IAE5D,OAAO;QACL,aAAa;QACb,aAAa;QACb,qBAAqB;QACrB,gBAAgB;QAChB,oBAAoB;KACrB,CAAC;AACJ,CAAC"}
+{"version":3,"file":"build-command-registration-input.js","sourceRoot":"","sources":["../../src/bootstrap/build-command-registration-input.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,MAAM,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAE7D,OAAO,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAC;AACzD,OAAO,EAAE,oBAAoB,EAAE,MAAM,4CAA4C,CAAC;AAClF,OAAO,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AAEtE,OAAO,EAAE,wBAAwB,EAAE,MAAM,kCAAkC,CAAC;AAC5E,OAAO,EAAE,6BAA6B,EAAE,MAAM,qBAAqB,CAAC;AAiCpE;;;;;GAKG;AACH,MAAM,UAAU,6BAA6B,CAC3C,QAAsB;AACtB;;;;;;GAMG;AACH,IAAiF;IAEjF,kEAAkE;IAClE,kEAAkE;IAClE,MAAM,aAAa,GAAG,QAAQ;SAC3B,IAAI,EAAE;SACN,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC;SAC1B,MAAM,CAAC,CAAC,CAAC,EAA8B,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;IAE9D,8EAA8E;IAC9E,gFAAgF;IAChF,kFAAkF;IAClF,MAAM,aAAa,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;QAClD,MAAM,MAAM,GAAG,CAAC,CAAC,YAAY,CAAC;QAC9B,IAAI,MAAM,KAAK,SAAS;YAAE,OAAO,EAAE,CAAC;QACpC,MAAM,KAAK,GAAG,gBAAgB,CAAC,CAAC,CAAC,CAAC;QAClC,OAAO;YACL;gBACE,MAAM;gBACN,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;gBACxC,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;gBACxC,mBAAmB,EAAE,KAAK,CAAC,mBAAmB;aAC/C;SACF,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,6EAA6E;IAC7E,6EAA6E;IAC7E,qEAAqE;IACrE,2EAA2E;IAC3E,6EAA6E;IAC7E,6EAA6E;IAC7E,KAAK,MAAM,UAAU,IAAI,6BAA6B,EAAE,CAAC;QACvD,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,KAAK,UAAU,CAAC,EAAE,CAAC;YACpF,MAAM,CAAC,IAAI,CAAC;gBACV,GAAG,EAAE,kCAAkC;gBACvC,MAAM,EAAE,eAAe;gBACvB,IAAI,EAAE,UAAU;gBAChB,GAAG,EAAE,0BAA0B,UAAU,6EAA6E;aACvH,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,6EAA6E;IAC7E,kEAAkE;IAClE,MAAM,GAAG,GAAG,IAAI,EAAE,GAAG,CAAC;IACtB,MAAM,qBAAqB,GAAG,qBAAqB,CAAC,SAAS,CAAC,QAAQ,EAAE;QACtE,UAAU,EAAE,IAAI,EAAE,UAAU,IAAI,EAAE;QAClC,GAAG,CAAC,GAAG,KAAK,SAAS;YACnB,CAAC,CAAC,EAAE;YACJ,CAAC,CAAC;gBACE,sBAAsB,EAAE,CAAC,UAAU,EAAE,MAAyB,EAAE,EAAE,CAChE,wBAAwB,CAAC;oBACvB,UAAU;oBACV,IAAI,EAAE,eAAe;oBACrB,OAAO,EAAE,MAAM;oBACf,GAAG;oBACH,GAAG,EAAE,oBAAoB,EAAE;iBAC5B,CAAC;aACL,CAAC;KACP,CAAC,CAAC;IAEH,4EAA4E;IAC5E,yEAAyE;IACzE,kDAAkD;IAClD,MAAM,gBAAgB,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC;IAE9E,6EAA6E;IAC7E,6EAA6E;IAC7E,wEAAwE;IACxE,MAAM,oBAAoB,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;IAE5D,OAAO;QACL,aAAa;QACb,aAAa;QACb,qBAAqB;QACrB,gBAAgB;QAChB,oBAAoB;KACrB,CAAC;AACJ,CAAC"}

package/dist/bootstrap/build-per-run-scope.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"build-per-run-scope.d.ts","sourceRoot":"","sources":["../../src/bootstrap/build-per-run-scope.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAKH,OAAO,EAIL,KAAK,gBAAgB,EACrB,KAAK,MAAM,EAEX,KAAK,cAAc,EAGnB,QAAQ,EAIR,KAAK,kBAAkB,EACvB,KAAK,cAAc,EACnB,KAAK,YAAY,EAClB,MAAM,mBAAmB,CAAC;AAQ3B,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAoDzD,4DAA4D;AAC5D,MAAM,WAAW,qBAAqB;IACpC,QAAQ,CAAC,OAAO,EAAE,cAAc,CAAC;IACjC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB;;;;;OAKG;IACH,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B;;;OAGG;IACH,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,WAAW,EAAE,UAAU,CAAC,OAAO,eAAe,CAAC,CAAC;IACzD,QAAQ,CAAC,UAAU,EAAE;QACnB,QAAQ,CAAC,SAAS,EAAE,gBAAgB,CAAC;QACrC,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAC;KAC9B,CAAC;IACF,QAAQ,CAAC,SAAS,EAAE,SAAS,kBAAkB,EAAE,CAAC;IAClD;;;;OAIG;IACH,QAAQ,CAAC,UAAU,EAAE,SAAS,cAAc,EAAE,CAAC;IAC/C,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC;IAC3B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB;;;;;OAKG;IACH,QAAQ,CAAC,EAAE,EAAE;QACX,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;QACzB,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC;KACrC,CAAC;CACH;AAED;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,qBAAqB,GAAG,QAAQ,CAiKvE"}
+{"version":3,"file":"build-per-run-scope.d.ts","sourceRoot":"","sources":["../../src/bootstrap/build-per-run-scope.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAKH,OAAO,EAIL,KAAK,gBAAgB,EACrB,KAAK,MAAM,EAEX,KAAK,cAAc,EAGnB,QAAQ,EAIR,KAAK,kBAAkB,EACvB,KAAK,cAAc,EACnB,KAAK,YAAY,EAClB,MAAM,mBAAmB,CAAC;AAS3B,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AAoDzD,4DAA4D;AAC5D,MAAM,WAAW,qBAAqB;IACpC,QAAQ,CAAC,OAAO,EAAE,cAAc,CAAC;IACjC,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,GAAG,EAAE,MAAM,CAAC;IACrB;;;;;OAKG;IACH,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B;;;OAGG;IACH,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,WAAW,EAAE,UAAU,CAAC,OAAO,eAAe,CAAC,CAAC;IACzD,QAAQ,CAAC,UAAU,EAAE;QACnB,QAAQ,CAAC,SAAS,EAAE,gBAAgB,CAAC;QACrC,QAAQ,CAAC,KAAK,EAAE,YAAY,CAAC;KAC9B,CAAC;IACF,QAAQ,CAAC,SAAS,EAAE,SAAS,kBAAkB,EAAE,CAAC;IAClD;;;;OAIG;IACH,QAAQ,CAAC,UAAU,EAAE,SAAS,cAAc,EAAE,CAAC;IAC/C,QAAQ,CAAC,MAAM,CAAC,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,OAAO,CAAC,EAAE,OAAO,CAAC;IAC3B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB;;;;;OAKG;IACH,QAAQ,CAAC,EAAE,EAAE;QACX,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;QACzB,QAAQ,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC;KACrC,CAAC;CACH;AAED;;;;;;;GAOG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,qBAAqB,GAAG,QAAQ,CAyLvE"}

package/dist/bootstrap/build-per-run-scope.js

@@ -24,6 +24,7 @@ import { resolveSignalSink } from '@opensip-cli/output';
 import { buildDatastoreThunk } from '../cli-context.js';
 import { buildTargets } from './build-targets.js';
 import { composeAndValidateToolConfig, wireCapabilityRegistry } from './config-and-capabilities.js';
+import { shouldRunHookInHost } from './tool-provenance.js';
 const FORBIDDEN_SCOPE_CONTRIBUTION_KEYS = new Set(['__proto__', 'prototype', 'constructor']);
 /**
  * @throws {PluginIncompatibleError} When a tool returns an invalid scope
@@ -97,6 +98,10 @@ export function buildPerRunScope(input) {
     const { config: toolConfig, document: configDocument } = composeAndValidateToolConfig({
         tools,
         manifests,
+        // ADR-0054 M4-E: provenance drives the two-pass fold — bundled tools' Zod is
+        // composed host-side; external tools validate from their manifest descriptor
+        // (coarse, no Zod import); the deep Zod pass runs in the worker.
+        provenance,
         configPath: project.scope === 'project' ? project.configPath : undefined,
         env: process.env,
     });
@@ -104,6 +109,10 @@ export function buildPerRunScope(input) {
     // validated config document the composer already read (ADR-0023: one
     // reader — `buildTargets` is a pure builder, never a second `readYamlFile`).
     const targets = buildTargets({ document: configDocument });
+    // Lazy datastore thunk; its `dispose` (registered on the scope below) closes
+    // the cached SQLite connection on teardown — checkpointing/truncating the WAL
+    // and freeing the handle, which otherwise leaked for the process lifetime.
+    const datastoreThunk = buildDatastoreThunk(project, logger);
     const scope = new RunScope({
         logger,
         projectContext: project,
@@ -115,7 +124,7 @@ export function buildPerRunScope(input) {
         // first access. The thunk captures `project` so non-action paths
         // (post-action handlers, error printers) that read via
         // `getOrOpenDatastore()` find the same instance.
-        datastore: buildDatastoreThunk(project, logger),
+        datastore: datastoreThunk,
         // Presentation settings the render paths read via currentScope()?.ui.
         // bannerSize stays an untyped string at the kernel boundary; the
         // cli-ui render sites narrow it with normalizeBannerSize.
@@ -135,6 +144,9 @@ export function buildPerRunScope(input) {
         // `currentScope()?.correlation` and forwarded into spawned/forked children.
         correlation,
     });
+    // Close the datastore on scope teardown — the "consumer responsibility"
+    // RunScope.dispose() documents. No-op when no command opened it.
+    scope.onDispose(datastoreThunk.dispose);
     // Observability of the assembly step (consistent with the contributeScope /
     // capabilities diagnostics below). Do NOT log the `repo` VALUE at debug — it
     // can be a filesystem path; log the boolean `hasRepo` instead.
@@ -150,7 +162,16 @@ export function buildPerRunScope(input) {
     // --json consumers and the uniform diagnostics snapshot see the full
     // per-run construction (addresses architecture review findings on observability
     // of steps 6/7 and blast-radius files).
-    const contributing = tools.list().filter((t) => !!resolveToolHooks(t).contributeScope);
+    // ADR-0054 M4-F: the HOST process never executes an EXTERNAL tool's
+    // `contributeScope` (running its runtime closure is the load-time hole the ADR
+    // rejects). External subscopes are contributed worker-side — the dispatch
+    // worker re-runs this SAME builder with the host-skip INACTIVE, so the
+    // dispatched external tool's subscope is installed there (the isolation
+    // boundary). Bundled tools contribute in-host exactly as before. The
+    // diagnostics count only the tools whose hook actually runs in-host.
+    const contributing = tools
+        .list()
+        .filter((t) => !!resolveToolHooks(t).contributeScope && shouldRunHookInHost(t, provenance));
     scope.diagnostics.event('load', 'debug', `${contributing.length} tool(s) contributed subscope`, {
         tools: contributing.map((t) => t.metadata.id ?? t.metadata.name),
     });
@@ -165,7 +186,7 @@ export function buildPerRunScope(input) {
     // (`{ contribution, onDispose }`); we install `contribution` and register
     // `onDispose` on `scope.onDispose(...)` so `dispose()` reclaims the resource.
     // The bare-`ScopeContribution` form (graph/simulation) carries no disposer.
-    for (const tool of tools.list()) {
+    for (const tool of contributing) {
         const result = resolveToolHooks(tool).contributeScope?.();
         if (!result)
             continue;
@@ -179,10 +200,13 @@ export function buildPerRunScope(input) {
         }
     }
     // §5.3 Phase 4: per-run capability registry (manifest domains → real registrars).
+    // M4-F: pass provenance so the registry installs an external tool's REAL
+    // registrar in-host only when the host-skip is inactive (i.e. in the worker).
     const capabilities = wireCapabilityRegistry({
         tools,
         manifests,
         registry: createCapabilityRegistry(logger),
+        provenance,
     });
     const wired = capabilities.listDomains().map((d) => d.id);
     scope.diagnostics.event('load', 'debug', `wired ${wired.length} capability domain(s)`, {

package/dist/bootstrap/build-per-run-scope.js.map

@@ -1 +1 @@
-{"version":3,"file":"build-per-run-scope.js","sourceRoot":"","sources":["../../src/bootstrap/build-per-run-scope.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAE3C,OAAO,EAAE,aAAa,EAAE,2BAA2B,EAAE,MAAM,qBAAqB,CAAC;AACjF,OAAO,EACL,wBAAwB,EACxB,kBAAkB,EAClB,0BAA0B,EAG1B,uBAAuB,EAGvB,gBAAgB,EAChB,QAAQ,EACR,gBAAgB,GAMjB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAExD,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAExD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,4BAA4B,EAAE,sBAAsB,EAAE,MAAM,8BAA8B,CAAC;AAIpG,MAAM,iCAAiC,GAAG,IAAI,GAAG,CAAC,CAAC,WAAW,EAAE,WAAW,EAAE,aAAa,CAAC,CAAC,CAAC;AAE7F;;;GAGG;AACH,SAAS,wBAAwB,CAC/B,KAAe,EACf,IAAU,EACV,YAA+B;IAE/B,IAAI,OAAO,YAAY,KAAK,QAAQ,IAAI,YAAY,KAAK,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QAC7F,MAAM,IAAI,uBAAuB,CAC/B,SAAS,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,CAAC,EAAE,4CAA4C,EAC3F;YACE,IAAI,EAAE,mCAAmC;YACzC,UAAU,EAAE,4CAA4C;SACzD,CACF,CAAC;IACJ,CAAC;IAED,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;QAC5C,IAAI,iCAAiC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/C,MAAM,IAAI,uBAAuB,CAC/B,SAAS,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,CAAC,EAAE,mCAAmC,GAAG,GAAG,EACxF;gBACE,IAAI,EAAE,yCAAyC;gBAC/C,UAAU,EAAE,wBAAwB,GAAG,GAAG;aAC3C,CACF,CAAC;QACJ,CAAC;QACD,2EAA2E;QAC3E,wEAAwE;QACxE,0EAA0E;QAC1E,0EAA0E;QAC1E,iEAAiE;QACjE,IAAI,GAAG,IAAI,KAAK,EAAE,CAAC;YACjB,MAAM,IAAI,uBAAuB,CAC/B,SAAS,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,CAAC,EAAE,uCAAuC,GAAG,GAAG,EAC5F;gBACE,IAAI,EAAE,qCAAqC;gBAC3C,UAAU,EAAE,cAAc,GAAG,kBAAkB;aAChD,CACF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;AACrC,CAAC;AA8CD;;;;;;;GAOG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAA4B;IAC3D,MAAM,EACJ,OAAO,EACP,KAAK,EACL,WAAW,EACX,UAAU,EACV,SAAS,EACT,UAAU,EACV,MAAM,EACN,OAAO,EACP,MAAM,EACN,EAAE,GACH,GAAG,KAAK,CAAC;IAEV,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,GAAG,UAAU,CAAC;IAExC,4EAA4E;IAC5E,4EAA4E;IAC5E,MAAM,cAAc,GAAG,2BAA2B,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;IAEtE,uDAAuD;IACvD,MAAM,UAAU,GAAG,iBAAiB,CAAC;QACnC,MAAM;QACN,KAAK,EAAE,cAAc;QACrB,OAAO;QACP,QAAQ,EAAE,IAAI,CAAC,gBAAgB,EAAE,CAAC,WAAW,EAAE,OAAO,CAAC,EAAE,sCAAsC;KAChG,CAAC,CAAC;IAEH,uEAAuE;IACvE,2EAA2E;IAC3E,yEAAyE;IACzE,MAAM,EAAE,WAAW,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,mBAAmB,CAAC;QAChE,KAAK;QACL,IAAI,EAAE,KAAK,CAAC,QAAQ;QACpB,aAAa,EAAE,KAAK,CAAC,aAAa;QAClC,MAAM;QACN,OAAO;QACP,cAAc;QACd,OAAO;QACP,GAAG,EAAE,KAAK,CAAC,GAAG;KACf,CAAC,CAAC;IAEH,yEAAyE;IACzE,uEAAuE;IACvE,oEAAoE;IACpE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,cAAc,EAAE,GAAG,4BAA4B,CAAC;QACpF,KAAK;QACL,SAAS;QACT,UAAU,EAAE,OAAO,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;QACxE,GAAG,EAAE,OAAO,CAAC,GAAG;KACjB,CAAC,CAAC;IAEH,wEAAwE;IACxE,qEAAqE;IACrE,6EAA6E;IAC7E,MAAM,OAAO,GAAG,YAAY,CAAC,EAAE,QAAQ,EAAE,cAAc,EAAE,CAAC,CAAC;IAE3D,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC;QACzB,MAAM;QACN,cAAc,EAAE,OAAO;QACvB,SAAS;QACT,KAAK;QACL,UAAU;QACV,KAAK;QACL,+DAA+D;QAC/D,iEAAiE;QACjE,uDAAuD;QACvD,iDAAiD;QACjD,SAAS,EAAE,mBAAmB,CAAC,OAAO,EAAE,MAAM,CAAC;QAC/C,sEAAsE;QACtE,iEAAiE;QACjE,0DAA0D;QAC1D,yEAAyE;QACzE,yEAAyE;QACzE,EAAE,EAAE;YACF,UAAU,EAAE,WAAW,CAAC,EAAE,EAAE,MAAM,IAAI,MAAM;YAC5C,OAAO,EAAE,EAAE,CAAC,OAAO;YACnB,MAAM,EAAE,EAAE,CAAC,MAAM;SAClB;QACD,4EAA4E;QAC5E,yEAAyE;QACzE,2EAA2E;QAC3E,aAAa,EAAE,SAAS;QACxB,cAAc,EAAE,UAAU;QAC1B,2DAA2D;QAC3D,4EAA4E;QAC5E,WAAW;KACZ,CAAC,CAAC;IAEH,4EAA4E;IAC5E,6EAA6E;IAC7E,+DAA+D;IAC/D,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,2BAA2B,EAAE;QACpE,IAAI,EAAE,WAAW,CAAC,IAAI;QACtB,aAAa,EAAE,WAAW,CAAC,aAAa;QACxC,WAAW;QACX,UAAU,EAAE,OAAO,KAAK,SAAS;QACjC,OAAO,EAAE,WAAW,CAAC,IAAI,KAAK,SAAS;KACxC,CAAC,CAAC;IAEH,8EAA8E;IAC9E,4EAA4E;IAC5E,qEAAqE;IACrE,gFAAgF;IAChF,wCAAwC;IACxC,MAAM,YAAY,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;IACvF,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,GAAG,YAAY,CAAC,MAAM,+BAA+B,EAAE;QAC9F,KAAK,EAAE,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC;KACjE,CAAC,CAAC;IACH,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,8BAA8B,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC;IAE/E,wEAAwE;IACxE,4EAA4E;IAC5E,4EAA4E;IAC5E,6EAA6E;IAC7E,EAAE;IACF,wEAAwE;IACxE,6DAA6D;IAC7D,0EAA0E;IAC1E,8EAA8E;IAC9E,4EAA4E;IAC5E,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;QAChC,MAAM,MAAM,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC,eAAe,EAAE,EAAE,CAAC;QAC1D,IAAI,CAAC,MAAM;YAAE,SAAS;QACtB,IAAI,0BAA0B,CAAC,MAAM,CAAC,EAAE,CAAC;YACvC,wBAAwB,CAAC,KAAK,EAAE,IAAI,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;YAC3D,IAAI,MAAM,CAAC,SAAS;gBAAE,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC1D,CAAC;aAAM,CAAC;YACN,wBAAwB,CAAC,KAAK,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAED,kFAAkF;IAClF,MAAM,YAAY,GAAG,sBAAsB,CAAC;QAC1C,KAAK;QACL,SAAS;QACT,QAAQ,EAAE,wBAAwB,CAAC,MAAM,CAAC;KAC3C,CAAC,CAAC;IAEH,MAAM,KAAK,GAAG,YAAY,CAAC,WAAW,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC1D,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,KAAK,CAAC,MAAM,uBAAuB,EAAE;QACrF,OAAO,EAAE,KAAK;KACf,CAAC,CAAC;IACH,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,oBAAoB,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAE9D,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE;QACnB,YAAY;QACZ,UAAU;QACV,OAAO;QACP,GAAG,kBAAkB,CAAC,OAAO,EAAE,cAAc,CAAC;KAC/C,CAAC,CAAC;IAEH,4EAA4E;IAC5E,MAAM,oBAAoB,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;IAC7F,KAAK,CAAC,WAAW,CAAC,KAAK,CACrB,UAAU,EACV,OAAO,EACP,uBAAuB,oBAAoB,oBAAoB,CAChE,CAAC;IAEF,OAAO,KAAK,CAAC;AACf,CAAC;AAcD;;;;;;;;;;;;;;;GAeG;AACH,SAAS,mBAAmB,CAAC,KAA+B;IAK1D,MAAM,WAAW,GACf,aAAa,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,SAAS;QACzC,KAAK,CAAC,OAAO,KAAK,IAAI;QACtB,KAAK,CAAC,cAAc,EAAE,IAAI,KAAK,KAAK,CAAC;IAEvC,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC;IAC9F,MAAM,IAAI,GAAG,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;IAE1E,MAAM,OAAO,GAAG,kBAAkB,EAAE,CAAC;IAErC,MAAM,WAAW,GAAmB;QAClC,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,aAAa,EAAE,KAAK,CAAC,aAAa;QAClC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC1B,CAAC;IAEF,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,OAAO,EAAE,CAAC;AAC/C,CAAC;AAED,2FAA2F;AAC3F,SAAS,kBAAkB,CACzB,OAA4E,EAC5E,cAAuB;IAEvB,OAAO,OAAO,CAAC,KAAK,KAAK,SAAS,IAAI,OAAO,CAAC,UAAU,KAAK,SAAS;QACpE,CAAC,CAAC,EAAE,cAAc,EAAE,cAAyC,EAAE;QAC/D,CAAC,CAAC,EAAE,CAAC;AACT,CAAC;AAED,sFAAsF;AACtF,mFAAmF;AACnF,iFAAiF;AACjF,gFAAgF;AAChF,2BAA2B"}
+{"version":3,"file":"build-per-run-scope.js","sourceRoot":"","sources":["../../src/bootstrap/build-per-run-scope.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAE3C,OAAO,EAAE,aAAa,EAAE,2BAA2B,EAAE,MAAM,qBAAqB,CAAC;AACjF,OAAO,EACL,wBAAwB,EACxB,kBAAkB,EAClB,0BAA0B,EAG1B,uBAAuB,EAGvB,gBAAgB,EAChB,QAAQ,EACR,gBAAgB,GAMjB,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAExD,OAAO,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AAExD,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,4BAA4B,EAAE,sBAAsB,EAAE,MAAM,8BAA8B,CAAC;AACpG,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAI3D,MAAM,iCAAiC,GAAG,IAAI,GAAG,CAAC,CAAC,WAAW,EAAE,WAAW,EAAE,aAAa,CAAC,CAAC,CAAC;AAE7F;;;GAGG;AACH,SAAS,wBAAwB,CAC/B,KAAe,EACf,IAAU,EACV,YAA+B;IAE/B,IAAI,OAAO,YAAY,KAAK,QAAQ,IAAI,YAAY,KAAK,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QAC7F,MAAM,IAAI,uBAAuB,CAC/B,SAAS,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,CAAC,EAAE,4CAA4C,EAC3F;YACE,IAAI,EAAE,mCAAmC;YACzC,UAAU,EAAE,4CAA4C;SACzD,CACF,CAAC;IACJ,CAAC;IAED,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;QAC5C,IAAI,iCAAiC,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/C,MAAM,IAAI,uBAAuB,CAC/B,SAAS,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,CAAC,EAAE,mCAAmC,GAAG,GAAG,EACxF;gBACE,IAAI,EAAE,yCAAyC;gBAC/C,UAAU,EAAE,wBAAwB,GAAG,GAAG;aAC3C,CACF,CAAC;QACJ,CAAC;QACD,2EAA2E;QAC3E,wEAAwE;QACxE,0EAA0E;QAC1E,0EAA0E;QAC1E,iEAAiE;QACjE,IAAI,GAAG,IAAI,KAAK,EAAE,CAAC;YACjB,MAAM,IAAI,uBAAuB,CAC/B,SAAS,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,CAAC,EAAE,uCAAuC,GAAG,GAAG,EAC5F;gBACE,IAAI,EAAE,qCAAqC;gBAC3C,UAAU,EAAE,cAAc,GAAG,kBAAkB;aAChD,CACF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;AACrC,CAAC;AA8CD;;;;;;;GAOG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAA4B;IAC3D,MAAM,EACJ,OAAO,EACP,KAAK,EACL,WAAW,EACX,UAAU,EACV,SAAS,EACT,UAAU,EACV,MAAM,EACN,OAAO,EACP,MAAM,EACN,EAAE,GACH,GAAG,KAAK,CAAC;IAEV,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,GAAG,UAAU,CAAC;IAExC,4EAA4E;IAC5E,4EAA4E;IAC5E,MAAM,cAAc,GAAG,2BAA2B,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;IAEtE,uDAAuD;IACvD,MAAM,UAAU,GAAG,iBAAiB,CAAC;QACnC,MAAM;QACN,KAAK,EAAE,cAAc;QACrB,OAAO;QACP,QAAQ,EAAE,IAAI,CAAC,gBAAgB,EAAE,CAAC,WAAW,EAAE,OAAO,CAAC,EAAE,sCAAsC;KAChG,CAAC,CAAC;IAEH,uEAAuE;IACvE,2EAA2E;IAC3E,yEAAyE;IACzE,MAAM,EAAE,WAAW,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,mBAAmB,CAAC;QAChE,KAAK;QACL,IAAI,EAAE,KAAK,CAAC,QAAQ;QACpB,aAAa,EAAE,KAAK,CAAC,aAAa;QAClC,MAAM;QACN,OAAO;QACP,cAAc;QACd,OAAO;QACP,GAAG,EAAE,KAAK,CAAC,GAAG;KACf,CAAC,CAAC;IAEH,yEAAyE;IACzE,uEAAuE;IACvE,oEAAoE;IACpE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,cAAc,EAAE,GAAG,4BAA4B,CAAC;QACpF,KAAK;QACL,SAAS;QACT,6EAA6E;QAC7E,6EAA6E;QAC7E,iEAAiE;QACjE,UAAU;QACV,UAAU,EAAE,OAAO,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS;QACxE,GAAG,EAAE,OAAO,CAAC,GAAG;KACjB,CAAC,CAAC;IAEH,wEAAwE;IACxE,qEAAqE;IACrE,6EAA6E;IAC7E,MAAM,OAAO,GAAG,YAAY,CAAC,EAAE,QAAQ,EAAE,cAAc,EAAE,CAAC,CAAC;IAE3D,6EAA6E;IAC7E,8EAA8E;IAC9E,2EAA2E;IAC3E,MAAM,cAAc,GAAG,mBAAmB,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC5D,MAAM,KAAK,GAAG,IAAI,QAAQ,CAAC;QACzB,MAAM;QACN,cAAc,EAAE,OAAO;QACvB,SAAS;QACT,KAAK;QACL,UAAU;QACV,KAAK;QACL,+DAA+D;QAC/D,iEAAiE;QACjE,uDAAuD;QACvD,iDAAiD;QACjD,SAAS,EAAE,cAAc;QACzB,sEAAsE;QACtE,iEAAiE;QACjE,0DAA0D;QAC1D,yEAAyE;QACzE,yEAAyE;QACzE,EAAE,EAAE;YACF,UAAU,EAAE,WAAW,CAAC,EAAE,EAAE,MAAM,IAAI,MAAM;YAC5C,OAAO,EAAE,EAAE,CAAC,OAAO;YACnB,MAAM,EAAE,EAAE,CAAC,MAAM;SAClB;QACD,4EAA4E;QAC5E,yEAAyE;QACzE,2EAA2E;QAC3E,aAAa,EAAE,SAAS;QACxB,cAAc,EAAE,UAAU;QAC1B,2DAA2D;QAC3D,4EAA4E;QAC5E,WAAW;KACZ,CAAC,CAAC;IAEH,wEAAwE;IACxE,iEAAiE;IACjE,KAAK,CAAC,SAAS,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;IAExC,4EAA4E;IAC5E,6EAA6E;IAC7E,+DAA+D;IAC/D,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,2BAA2B,EAAE;QACpE,IAAI,EAAE,WAAW,CAAC,IAAI;QACtB,aAAa,EAAE,WAAW,CAAC,aAAa;QACxC,WAAW;QACX,UAAU,EAAE,OAAO,KAAK,SAAS;QACjC,OAAO,EAAE,WAAW,CAAC,IAAI,KAAK,SAAS;KACxC,CAAC,CAAC;IAEH,8EAA8E;IAC9E,4EAA4E;IAC5E,qEAAqE;IACrE,gFAAgF;IAChF,wCAAwC;IACxC,oEAAoE;IACpE,+EAA+E;IAC/E,0EAA0E;IAC1E,uEAAuE;IACvE,wEAAwE;IACxE,qEAAqE;IACrE,qEAAqE;IACrE,MAAM,YAAY,GAAG,KAAK;SACvB,IAAI,EAAE;SACN,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,eAAe,IAAI,mBAAmB,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC;IAC9F,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,GAAG,YAAY,CAAC,MAAM,+BAA+B,EAAE;QAC9F,KAAK,EAAE,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC;KACjE,CAAC,CAAC;IACH,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,8BAA8B,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC;IAE/E,wEAAwE;IACxE,4EAA4E;IAC5E,4EAA4E;IAC5E,6EAA6E;IAC7E,EAAE;IACF,wEAAwE;IACxE,6DAA6D;IAC7D,0EAA0E;IAC1E,8EAA8E;IAC9E,4EAA4E;IAC5E,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;QAChC,MAAM,MAAM,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC,eAAe,EAAE,EAAE,CAAC;QAC1D,IAAI,CAAC,MAAM;YAAE,SAAS;QACtB,IAAI,0BAA0B,CAAC,MAAM,CAAC,EAAE,CAAC;YACvC,wBAAwB,CAAC,KAAK,EAAE,IAAI,EAAE,MAAM,CAAC,YAAY,CAAC,CAAC;YAC3D,IAAI,MAAM,CAAC,SAAS;gBAAE,KAAK,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAC1D,CAAC;aAAM,CAAC;YACN,wBAAwB,CAAC,KAAK,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAED,kFAAkF;IAClF,yEAAyE;IACzE,8EAA8E;IAC9E,MAAM,YAAY,GAAG,sBAAsB,CAAC;QAC1C,KAAK;QACL,SAAS;QACT,QAAQ,EAAE,wBAAwB,CAAC,MAAM,CAAC;QAC1C,UAAU;KACX,CAAC,CAAC;IAEH,MAAM,KAAK,GAAG,YAAY,CAAC,WAAW,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC1D,KAAK,CAAC,WAAW,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,KAAK,CAAC,MAAM,uBAAuB,EAAE;QACrF,OAAO,EAAE,KAAK;KACf,CAAC,CAAC;IACH,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,oBAAoB,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IAE9D,MAAM,CAAC,MAAM,CAAC,KAAK,EAAE;QACnB,YAAY;QACZ,UAAU;QACV,OAAO;QACP,GAAG,kBAAkB,CAAC,OAAO,EAAE,cAAc,CAAC;KAC/C,CAAC,CAAC;IAEH,4EAA4E;IAC5E,MAAM,oBAAoB,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;IAC7F,KAAK,CAAC,WAAW,CAAC,KAAK,CACrB,UAAU,EACV,OAAO,EACP,uBAAuB,oBAAoB,oBAAoB,CAChE,CAAC;IAEF,OAAO,KAAK,CAAC;AACf,CAAC;AAcD;;;;;;;;;;;;;;;GAeG;AACH,SAAS,mBAAmB,CAAC,KAA+B;IAK1D,MAAM,WAAW,GACf,aAAa,CAAC,KAAK,CAAC,MAAM,CAAC,KAAK,SAAS;QACzC,KAAK,CAAC,OAAO,KAAK,IAAI;QACtB,KAAK,CAAC,cAAc,EAAE,IAAI,KAAK,KAAK,CAAC;IAEvC,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC;IAC9F,MAAM,IAAI,GAAG,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC;IAE1E,MAAM,OAAO,GAAG,kBAAkB,EAAE,CAAC;IAErC,MAAM,WAAW,GAAmB;QAClC,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,aAAa,EAAE,KAAK,CAAC,aAAa;QAClC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/B,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC1B,CAAC;IAEF,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,OAAO,EAAE,CAAC;AAC/C,CAAC;AAED,2FAA2F;AAC3F,SAAS,kBAAkB,CACzB,OAA4E,EAC5E,cAAuB;IAEvB,OAAO,OAAO,CAAC,KAAK,KAAK,SAAS,IAAI,OAAO,CAAC,UAAU,KAAK,SAAS;QACpE,CAAC,CAAC,EAAE,cAAc,EAAE,cAAyC,EAAE;QAC/D,CAAC,CAAC,EAAE,CAAC;AACT,CAAC;AAED,sFAAsF;AACtF,mFAAmF;AACnF,iFAAiF;AACjF,gFAAgF;AAChF,2BAA2B"}