oxe-cc 0.9.2 → 1.0.0

package/lib/runtime/scheduler/scheduler.js

@@ -0,0 +1,196 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Scheduler = void 0;
+const bus_1 = require("../events/bus");
+class Scheduler {
+    constructor() {
+        this.cancelled = false;
+        this.paused = false;
+    }
+    async run(graph, ctx) {
+        this.cancelled = false;
+        this.paused = false;
+        const status = new Map();
+        for (const id of graph.nodes.keys())
+            status.set(id, 'pending');
+        const completed = [];
+        const failed = [];
+        const blocked = [];
+        this.emit(ctx, { type: 'RunStarted', payload: { run_id: ctx.runId } });
+        for (const wave of graph.waves) {
+            if (this.cancelled)
+                break;
+            const waveFailed = await this.runWave(wave.node_ids, graph, ctx, status, completed, failed, blocked);
+            if (waveFailed)
+                break;
+        }
+        // Any remaining pending nodes become blocked
+        for (const [id, s] of status) {
+            if (s === 'pending') {
+                status.set(id, 'blocked');
+                blocked.push(id);
+                this.emit(ctx, {
+                    type: 'WorkItemBlocked',
+                    work_item_id: id,
+                    payload: { reason: 'upstream_wave_failed' },
+                });
+            }
+        }
+        const finalStatus = this.cancelled
+            ? 'cancelled'
+            : failed.length > 0
+                ? 'failed'
+                : 'completed';
+        this.emit(ctx, {
+            type: 'RunCompleted',
+            payload: { run_id: ctx.runId, status: finalStatus },
+        });
+        return { run_id: ctx.runId, status: finalStatus, completed, failed, blocked };
+    }
+    async runWave(nodeIds, graph, ctx, status, completed, failed, blocked) {
+        // Partition: eligible vs blocked-by-dep
+        const eligible = [];
+        const depsNotMet = [];
+        for (const id of nodeIds) {
+            const node = graph.nodes.get(id);
+            const depsMet = node.depends_on.every((dep) => status.get(dep) === 'completed');
+            if (depsMet) {
+                eligible.push(id);
+            }
+            else {
+                depsNotMet.push(id);
+            }
+        }
+        // Nodes whose deps weren't met in this wave → blocked
+        for (const id of depsNotMet) {
+            status.set(id, 'blocked');
+            blocked.push(id);
+            this.emit(ctx, {
+                type: 'WorkItemBlocked',
+                work_item_id: id,
+                payload: { reason: 'dependency_not_met' },
+            });
+        }
+        // Separate read-only (no mutation_scope) from mutation nodes
+        const readOnly = eligible.filter((id) => {
+            const node = graph.nodes.get(id);
+            return node.mutation_scope.length === 0;
+        });
+        const mutations = eligible.filter((id) => !readOnly.includes(id));
+        // Run read-only nodes in parallel
+        if (readOnly.length > 0) {
+            await Promise.all(readOnly.map((id) => this.runNode(id, graph, ctx, status, completed, failed)));
+        }
+        // Run mutation nodes sequentially to avoid scope conflicts
+        for (const id of mutations) {
+            if (this.cancelled)
+                break;
+            await this.runNode(id, graph, ctx, status, completed, failed);
+        }
+        return failed.length > 0;
+    }
+    async runNode(nodeId, graph, ctx, status, completed, failed) {
+        const node = graph.nodes.get(nodeId);
+        status.set(nodeId, 'running');
+        this.emit(ctx, {
+            type: 'WorkItemReady',
+            work_item_id: nodeId,
+            payload: { title: node.title, wave: node.wave },
+        });
+        let lease = null;
+        let lastResult = null;
+        const maxAttempts = node.policy.max_retries + 1;
+        for (let attempt = 1; attempt <= maxAttempts; attempt++) {
+            const attemptId = `${nodeId}-a${attempt}`;
+            this.emit(ctx, {
+                type: 'AttemptStarted',
+                work_item_id: nodeId,
+                attempt_id: attemptId,
+                payload: { attempt_number: attempt },
+            });
+            try {
+                const wsReq = {
+                    work_item_id: nodeId,
+                    attempt_number: attempt,
+                    strategy: node.workspace_strategy,
+                    mutation_scope: node.mutation_scope,
+                };
+                lease = await ctx.workspaceManager.allocate(wsReq);
+                this.emit(ctx, {
+                    type: 'WorkspaceAllocated',
+                    work_item_id: nodeId,
+                    attempt_id: attemptId,
+                    payload: { workspace_id: lease.workspace_id, strategy: lease.strategy },
+                });
+                lastResult = await ctx.executor.execute(node, lease, ctx.runId, attempt);
+                if (lastResult.success) {
+                    this.emit(ctx, {
+                        type: 'WorkItemCompleted',
+                        work_item_id: nodeId,
+                        attempt_id: attemptId,
+                        payload: { attempt_number: attempt, evidence: lastResult.evidence },
+                    });
+                    status.set(nodeId, 'completed');
+                    completed.push(nodeId);
+                    return;
+                }
+                // Policy failures never retry
+                if (lastResult.failure_class === 'policy')
+                    break;
+                if (attempt < maxAttempts) {
+                    this.emit(ctx, {
+                        type: 'RetryScheduled',
+                        work_item_id: nodeId,
+                        payload: { next_attempt: attempt + 1, reason: lastResult.failure_class },
+                    });
+                }
+            }
+            catch (err) {
+                lastResult = {
+                    success: false,
+                    failure_class: 'env',
+                    evidence: [],
+                    output: String(err),
+                };
+                if (attempt < maxAttempts) {
+                    this.emit(ctx, {
+                        type: 'RetryScheduled',
+                        work_item_id: nodeId,
+                        payload: { next_attempt: attempt + 1, reason: 'env' },
+                    });
+                }
+            }
+            finally {
+                if (lease) {
+                    await ctx.workspaceManager.dispose(lease.workspace_id).catch(() => { });
+                    lease = null;
+                }
+            }
+        }
+        // All attempts exhausted
+        this.emit(ctx, {
+            type: 'WorkItemBlocked',
+            work_item_id: nodeId,
+            payload: { failure_class: lastResult?.failure_class ?? 'env', max_attempts: maxAttempts },
+        });
+        status.set(nodeId, 'failed');
+        failed.push(nodeId);
+    }
+    pause() {
+        this.paused = true;
+    }
+    resume() {
+        this.paused = false;
+    }
+    cancel() {
+        this.cancelled = true;
+    }
+    emit(ctx, input) {
+        const event = (0, bus_1.appendEvent)(ctx.projectRoot, ctx.sessionId, {
+            run_id: ctx.runId,
+            ...input,
+        });
+        ctx.onEvent?.(event);
+    }
+}
+exports.Scheduler = Scheduler;

package/lib/runtime/verification/index.d.ts

@@ -0,0 +1 @@
+export * from './verification-compiler';

package/lib/runtime/verification/index.js

@@ -0,0 +1,17 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./verification-compiler"), exports);

package/lib/runtime/verification/verification-compiler.d.ts

@@ -0,0 +1,56 @@
+import type { EvidenceType } from '../models/evidence';
+import type { VerificationStatus } from '../models/verification-result';
+export type CheckType = 'unit' | 'integration' | 'contract' | 'smoke' | 'policy' | 'security' | 'ux_snapshot' | 'performance_baseline' | 'custom';
+export interface AcceptanceCheck {
+    id: string;
+    type: CheckType;
+    command: string | null;
+    evidence_type_expected: EvidenceType;
+    acceptance_ref: string | null;
+    description: string;
+}
+export interface AcceptanceCheckSuite {
+    checks: AcceptanceCheck[];
+    compiled_at: string;
+    spec_hash: string;
+    plan_hash: string;
+}
+export interface CheckResult {
+    check_id: string;
+    acceptance_ref: string | null;
+    status: VerificationStatus;
+    stdout: string;
+    stderr: string;
+    exit_code: number | null;
+    duration_ms: number;
+    error: string | null;
+}
+interface Criterion {
+    id: string;
+    criterion: string;
+    howToVerify: string;
+}
+interface ParsedSpecLike {
+    objective: string | null;
+    criteria: Criterion[];
+}
+interface ParsedTaskLike {
+    id: string;
+    verifyCommand: string | null;
+    aceite: string[];
+}
+interface ParsedPlanLike {
+    tasks: ParsedTaskLike[];
+}
+export declare function compile(spec: ParsedSpecLike, plan: ParsedPlanLike): AcceptanceCheckSuite;
+export declare function runCheck(check: AcceptanceCheck, cwd: string, timeoutMs?: number): Promise<CheckResult>;
+export declare function runSuite(suite: AcceptanceCheckSuite, cwd: string, timeoutMs?: number): Promise<CheckResult[]>;
+export declare function summarizeSuite(results: CheckResult[]): {
+    total: number;
+    pass: number;
+    fail: number;
+    skip: number;
+    error: number;
+    allPassed: boolean;
+};
+export {};

package/lib/runtime/verification/verification-compiler.js

@@ -0,0 +1,147 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.compile = compile;
+exports.runCheck = runCheck;
+exports.runSuite = runSuite;
+exports.summarizeSuite = summarizeSuite;
+const crypto_1 = __importDefault(require("crypto"));
+const child_process_1 = require("child_process");
+function inferCheckType(howToVerify) {
+    const v = howToVerify.toLowerCase();
+    if (v.includes('npm test') || v.includes('jest') || v.includes('vitest') || v.includes('node --test'))
+        return 'unit';
+    if (v.includes('postman') || v.includes('newman') || v.includes('integration'))
+        return 'integration';
+    if (v.includes('smoke') || v.includes('curl'))
+        return 'smoke';
+    if (v.includes('eslint') || v.includes('lint') || v.includes('oxe-policy'))
+        return 'policy';
+    if (v.includes('security') || v.includes('audit') || v.includes('trivy'))
+        return 'security';
+    return 'custom';
+}
+function inferEvidenceType(checkType) {
+    switch (checkType) {
+        case 'unit': return 'junit_xml';
+        case 'integration': return 'api_output';
+        case 'security': return 'security_report';
+        case 'policy': return 'log';
+        default: return 'stdout';
+    }
+}
+function compile(spec, plan) {
+    const checks = [];
+    const seenRefs = new Set();
+    // Generate checks from spec criteria
+    for (const criterion of spec.criteria) {
+        // Find the verify command from the task that references this criterion
+        const task = plan.tasks.find((t) => t.aceite.includes(criterion.id));
+        const command = task?.verifyCommand ?? null;
+        const type = inferCheckType(criterion.howToVerify);
+        checks.push({
+            id: `check-${criterion.id.toLowerCase()}`,
+            type,
+            command: command ?? (criterion.howToVerify.startsWith('#') ? null : criterion.howToVerify),
+            evidence_type_expected: inferEvidenceType(type),
+            acceptance_ref: criterion.id,
+            description: criterion.criterion,
+        });
+        seenRefs.add(criterion.id);
+    }
+    // Add checks for task verify commands not already covered
+    for (const task of plan.tasks) {
+        if (!task.verifyCommand)
+            continue;
+        const uncovered = task.aceite.filter((ref) => !seenRefs.has(ref));
+        if (uncovered.length === 0 && checks.some((c) => c.command === task.verifyCommand))
+            continue;
+        checks.push({
+            id: `check-task-${task.id.toLowerCase()}`,
+            type: inferCheckType(task.verifyCommand),
+            command: task.verifyCommand,
+            evidence_type_expected: 'stdout',
+            acceptance_ref: uncovered[0] ?? null,
+            description: `Verify command for task ${task.id}`,
+        });
+    }
+    return {
+        checks,
+        compiled_at: new Date().toISOString(),
+        spec_hash: hashObject(spec),
+        plan_hash: hashObject(plan),
+    };
+}
+async function runCheck(check, cwd, timeoutMs = 60000) {
+    if (!check.command) {
+        return {
+            check_id: check.id,
+            acceptance_ref: check.acceptance_ref,
+            status: 'skip',
+            stdout: '',
+            stderr: '',
+            exit_code: null,
+            duration_ms: 0,
+            error: null,
+        };
+    }
+    const start = Date.now();
+    try {
+        // Split command into program + args (simple split; no shell expansion)
+        const parts = check.command.split(/\s+/);
+        const prog = parts[0];
+        const args = parts.slice(1);
+        const result = (0, child_process_1.spawnSync)(prog, args, {
+            cwd,
+            encoding: 'utf8',
+            timeout: timeoutMs,
+            maxBuffer: 2 * 1024 * 1024,
+        });
+        const duration_ms = Date.now() - start;
+        const status = result.status === 0 ? 'pass' : 'fail';
+        return {
+            check_id: check.id,
+            acceptance_ref: check.acceptance_ref,
+            status,
+            stdout: result.stdout ?? '',
+            stderr: result.stderr ?? '',
+            exit_code: result.status ?? null,
+            duration_ms,
+            error: result.error ? String(result.error) : null,
+        };
+    }
+    catch (err) {
+        return {
+            check_id: check.id,
+            acceptance_ref: check.acceptance_ref,
+            status: 'error',
+            stdout: '',
+            stderr: '',
+            exit_code: null,
+            duration_ms: Date.now() - start,
+            error: String(err),
+        };
+    }
+}
+async function runSuite(suite, cwd, timeoutMs = 60000) {
+    const results = [];
+    for (const check of suite.checks) {
+        results.push(await runCheck(check, cwd, timeoutMs));
+    }
+    return results;
+}
+function summarizeSuite(results) {
+    const counts = { total: results.length, pass: 0, fail: 0, skip: 0, error: 0 };
+    for (const r of results)
+        counts[r.status]++;
+    return { ...counts, allPassed: counts.fail === 0 && counts.error === 0 };
+}
+function hashObject(obj) {
+    return crypto_1.default
+        .createHash('sha256')
+        .update(JSON.stringify(obj))
+        .digest('hex')
+        .slice(0, 12);
+}

package/lib/runtime/workspace/index.d.ts

@@ -0,0 +1,5 @@
+export * from './workspace-manager';
+export { InplaceWorkspaceManager } from './strategies/inplace';
+export { GitWorktreeManager } from './strategies/git-worktree';
+export { EphemeralContainerManager } from './strategies/ephemeral-container';
+export type { ContainerOptions } from './strategies/ephemeral-container';

package/lib/runtime/workspace/index.js

@@ -0,0 +1,24 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EphemeralContainerManager = exports.GitWorktreeManager = exports.InplaceWorkspaceManager = void 0;
+__exportStar(require("./workspace-manager"), exports);
+var inplace_1 = require("./strategies/inplace");
+Object.defineProperty(exports, "InplaceWorkspaceManager", { enumerable: true, get: function () { return inplace_1.InplaceWorkspaceManager; } });
+var git_worktree_1 = require("./strategies/git-worktree");
+Object.defineProperty(exports, "GitWorktreeManager", { enumerable: true, get: function () { return git_worktree_1.GitWorktreeManager; } });
+var ephemeral_container_1 = require("./strategies/ephemeral-container");
+Object.defineProperty(exports, "EphemeralContainerManager", { enumerable: true, get: function () { return ephemeral_container_1.EphemeralContainerManager; } });

package/lib/runtime/workspace/strategies/ephemeral-container.d.ts

@@ -0,0 +1,22 @@
+import type { WorkspaceManager, WorkspaceRequest } from '../workspace-manager';
+import type { WorkspaceLease, SnapshotRef } from '../../models/workspace';
+export interface ContainerOptions {
+    image: string;
+    mountPath: string;
+    extraEnv?: Record<string, string>;
+    /** Gracefully fall back to git_worktree if Docker is unavailable */
+    fallback?: boolean;
+}
+export declare class EphemeralContainerManager implements WorkspaceManager {
+    private readonly projectRoot;
+    private readonly opts;
+    private readonly fallbackManager;
+    private containerIds;
+    private useFallback;
+    constructor(projectRoot: string, opts?: ContainerOptions);
+    get usingFallback(): boolean;
+    allocate(req: WorkspaceRequest): Promise<WorkspaceLease>;
+    snapshot(id: string): Promise<SnapshotRef>;
+    reset(id: string, snapRef: SnapshotRef): Promise<void>;
+    dispose(id: string): Promise<void>;
+}

package/lib/runtime/workspace/strategies/ephemeral-container.js

@@ -0,0 +1,109 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.EphemeralContainerManager = void 0;
+const child_process_1 = require("child_process");
+const crypto_1 = __importDefault(require("crypto"));
+const git_worktree_1 = require("./git-worktree");
+function isDockerAvailable() {
+    const result = (0, child_process_1.spawnSync)('docker', ['version', '--format', '{{.Server.Version}}'], {
+        encoding: 'utf8',
+        timeout: 5000,
+    });
+    return result.status === 0;
+}
+class EphemeralContainerManager {
+    constructor(projectRoot, opts = { image: 'node:20-alpine', mountPath: '/workspace', fallback: true }) {
+        this.projectRoot = projectRoot;
+        this.opts = opts;
+        this.containerIds = new Map();
+        this.useFallback = false;
+        this.fallbackManager = new git_worktree_1.GitWorktreeManager(projectRoot);
+        if (!isDockerAvailable()) {
+            if (opts.fallback !== false) {
+                this.useFallback = true;
+            }
+            else {
+                throw new Error('Docker is not available and fallback is disabled');
+            }
+        }
+    }
+    get usingFallback() { return this.useFallback; }
+    async allocate(req) {
+        if (this.useFallback)
+            return this.fallbackManager.allocate(req);
+        const wsId = `ws-container-${req.work_item_id}-a${req.attempt_number}`;
+        const envArgs = Object.entries(this.opts.extraEnv ?? {}).flatMap(([k, v]) => ['-e', `${k}=${v}`]);
+        const result = (0, child_process_1.spawnSync)('docker', [
+            'run', '-d',
+            '-v', `${this.projectRoot}:${this.opts.mountPath}`,
+            '-w', this.opts.mountPath,
+            ...envArgs,
+            this.opts.image,
+            'sleep', '3600',
+        ], { encoding: 'utf8' });
+        if (result.status !== 0) {
+            if (this.opts.fallback !== false) {
+                this.useFallback = true;
+                return this.fallbackManager.allocate(req);
+            }
+            throw new Error(`docker run failed: ${result.stderr}`);
+        }
+        const containerId = result.stdout.trim().slice(0, 12);
+        this.containerIds.set(wsId, containerId);
+        return {
+            workspace_id: wsId,
+            strategy: 'ephemeral_container',
+            branch: null,
+            base_commit: null,
+            root_path: `docker:${containerId}:${this.opts.mountPath}`,
+            ttl_minutes: 60,
+        };
+    }
+    async snapshot(id) {
+        if (this.useFallback)
+            return this.fallbackManager.snapshot(id);
+        const containerId = this.containerIds.get(id);
+        if (!containerId)
+            throw new Error(`Container for workspace ${id} not found`);
+        const tag = `oxe-snap-${crypto_1.default.randomBytes(4).toString('hex')}`;
+        (0, child_process_1.execFileSync)('docker', ['commit', containerId, tag]);
+        return {
+            snapshot_id: tag,
+            workspace_id: id,
+            commit: tag,
+            created_at: new Date().toISOString(),
+        };
+    }
+    async reset(id, snapRef) {
+        if (this.useFallback)
+            return this.fallbackManager.reset(id, snapRef);
+        const containerId = this.containerIds.get(id);
+        if (!containerId)
+            return;
+        // Stop current container and start from snapshot
+        (0, child_process_1.spawnSync)('docker', ['stop', containerId]);
+        (0, child_process_1.spawnSync)('docker', ['rm', containerId]);
+        const result = (0, child_process_1.spawnSync)('docker', [
+            'run', '-d',
+            '-v', `${this.projectRoot}:${this.opts.mountPath}`,
+            snapRef.commit,
+            'sleep', '3600',
+        ], { encoding: 'utf8' });
+        const newId = result.stdout.trim().slice(0, 12);
+        this.containerIds.set(id, newId);
+    }
+    async dispose(id) {
+        if (this.useFallback)
+            return this.fallbackManager.dispose(id);
+        const containerId = this.containerIds.get(id);
+        if (!containerId)
+            return;
+        (0, child_process_1.spawnSync)('docker', ['stop', containerId], { encoding: 'utf8' });
+        (0, child_process_1.spawnSync)('docker', ['rm', containerId], { encoding: 'utf8' });
+        this.containerIds.delete(id);
+    }
+}
+exports.EphemeralContainerManager = EphemeralContainerManager;

package/lib/runtime/workspace/strategies/git-worktree.d.ts

@@ -0,0 +1,12 @@
+import type { WorkspaceManager, WorkspaceRequest } from '../workspace-manager';
+import type { WorkspaceLease, SnapshotRef } from '../../models/workspace';
+export declare class GitWorktreeManager implements WorkspaceManager {
+    private readonly projectRoot;
+    private leases;
+    constructor(projectRoot: string);
+    allocate(req: WorkspaceRequest): Promise<WorkspaceLease>;
+    snapshot(id: string): Promise<SnapshotRef>;
+    reset(id: string, snapRef: SnapshotRef): Promise<void>;
+    dispose(id: string): Promise<void>;
+    private git;
+}

package/lib/runtime/workspace/strategies/git-worktree.js

@@ -0,0 +1,79 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.GitWorktreeManager = void 0;
+const child_process_1 = require("child_process");
+const path_1 = __importDefault(require("path"));
+const fs_1 = __importDefault(require("fs"));
+const crypto_1 = __importDefault(require("crypto"));
+class GitWorktreeManager {
+    constructor(projectRoot) {
+        this.projectRoot = projectRoot;
+        this.leases = new Map();
+    }
+    async allocate(req) {
+        const wsId = `ws-${req.work_item_id}-a${req.attempt_number}`;
+        const branch = `oxe/${req.work_item_id}-attempt${req.attempt_number}`;
+        const worktreePath = path_1.default.join(this.projectRoot, '.oxe', 'workspaces', wsId);
+        const baseCommit = this.git(['rev-parse', 'HEAD']).trim();
+        fs_1.default.mkdirSync(path_1.default.dirname(worktreePath), { recursive: true });
+        // Create worktree on a new branch starting from HEAD
+        this.git(['worktree', 'add', worktreePath, '-b', branch]);
+        const lease = {
+            workspace_id: wsId,
+            strategy: 'git_worktree',
+            branch,
+            base_commit: baseCommit,
+            root_path: worktreePath,
+            ttl_minutes: 45,
+        };
+        this.leases.set(wsId, lease);
+        return lease;
+    }
+    async snapshot(id) {
+        const lease = this.leases.get(id);
+        if (!lease || !lease.root_path)
+            throw new Error(`Workspace ${id} not found`);
+        const commit = this.git(['rev-parse', 'HEAD'], lease.root_path).trim();
+        return {
+            snapshot_id: `snap-${crypto_1.default.randomBytes(4).toString('hex')}`,
+            workspace_id: id,
+            commit,
+            created_at: new Date().toISOString(),
+        };
+    }
+    async reset(id, snapRef) {
+        const lease = this.leases.get(id);
+        if (!lease)
+            return;
+        this.git(['reset', '--hard', snapRef.commit], lease.root_path);
+    }
+    async dispose(id) {
+        const lease = this.leases.get(id);
+        if (!lease)
+            return;
+        try {
+            this.git(['worktree', 'remove', lease.root_path, '--force']);
+        }
+        catch {
+            // worktree may already be gone
+        }
+        try {
+            if (lease.branch)
+                this.git(['branch', '-D', lease.branch]);
+        }
+        catch {
+            // branch may already be deleted
+        }
+        this.leases.delete(id);
+    }
+    git(args, cwd) {
+        return (0, child_process_1.execFileSync)('git', args, {
+            cwd: cwd ?? this.projectRoot,
+            encoding: 'utf8',
+        });
+    }
+}
+exports.GitWorktreeManager = GitWorktreeManager;