projscan 4.12.0 → 4.13.0

package/README.md

@@ -24,9 +24,9 @@ Use projscan when an agent asks one of these questions:
 - Which files should I read before changing this feature?
 - Which proof commands should I run before handoff?
 - Which risks need fixes, reviewer attention, or release sign-off?
-- What is actually risky, and what should I fix first?
+- Which risk should I fix first?
 
-projscan runs core scans on your machine. It respects `.gitignore`, keeps `.env` values out of scans unless you opt in, and exposes the same evidence through a CLI and a 47-tool MCP server. The language layer uses 11 AST adapters covering 12 named languages.
+projscan runs core scans on your machine. It respects `.gitignore`, keeps `.env` values out of scans unless you opt in, and exposes the same evidence through a CLI and a 48-tool MCP server. The language layer uses 11 AST adapters covering 12 named languages.
 
 ```text
 Your agent / engineer
@@ -36,11 +36,14 @@ Your agent / engineer
   +----------------------------------------------------------------+
   |  projscan   (runs locally, source stays on this machine)       |
   |  ------------------------------------------------------------  |
-  |  Mission Control  ->  assess Proof Cards  ->  simulate risk    |
-  |                         |                       |              |
-  |                         |                       +- bounded extraction
-  |                         |                       +- regression test first
-  |                         |                       +- leave unchanged
+  |  Mission Control -> assess Cards -> simulate risk -> prove      |
+  |                         |              |              |         |
+  |                         |              |              +- allowed files
+  |                         |              |              +- forbidden files
+  |                         |              |              +- proof receipt
+  |                         |              +- bounded extraction       |
+  |                         |              +- regression test first    |
+  |                         |              +- leave unchanged          |
   |                         +- evidence strength                   |
   |                         +- trust memory                        |
   |                         +- AgentLoopKit handoff                |
@@ -84,12 +87,27 @@ Use these three workflows before scanning the full command catalog.
 projscan start --intent "what files do I need to change for auth?"
 projscan start --intent "what should we build next?" # Routes to a before-edit implementation workplan
 projscan understand --view change --intent "add auth token refresh" --format json
+projscan prove --intent "is my agent allowed to change billing retry logic?"
 projscan preflight --mode before_edit --format json
 ```
 
-You get a cited change map, read-first files, likely touched files, blocked inputs, and a before-edit proof gate.
+You get a cited change map, read-first files, likely touched files, blocked inputs, an executable Proof Contract, and a before-edit proof gate.
 
-Success criteria: the agent can name the files to read first, the likely files to touch, and the proof command to run before editing.
+Success criteria: the agent can name the files to read first, the likely files to touch, the forbidden files to avoid, and the proof commands to run before editing.
+
+### Before handing work to an agent
+
+```bash
+projscan prove --intent "is my agent allowed to change billing retry logic?" --save-contract .projscan/proof-contract.json
+projscan prove --record-command "npm test -- tests/billing/retry.test.ts" --exit-code 0 --duration-ms 1842 --summary "billing retry tests passed"
+projscan prove --changed --contract .projscan/proof-contract.json --format markdown
+```
+
+You get a Proof Contract before edits and a Proof Receipt after edits. The contract names allowed files, forbidden files, risky contracts, likely tests, missing regression-test evidence, proof commands, safe change shape, rollback, confidence, and reviewer guidance. The receipt checks the real working tree against that contract and classifies changed files as allowed production, expected tests, documentation, generated proof artifacts, config/security drift, forbidden touches, or unexpected production. It also reports proof replay status, risk delta, commit readiness, and a reviewer checklist.
+
+Proof Replay records command, exit code, duration, changed-file fingerprint, redacted summary, and optional log path in `.projscan/proof-ledger.jsonl`. `prove --changed` marks proof as passed, missing, failed, partial, or stale. If the agent edits new files after proof ran, the receipt says the proof is stale before a reviewer reads the diff.
+
+Success criteria: the reviewer sees whether the agent stayed inside the contract, whether the right proof ran, and whether that proof is still fresh.
 
 ### Before handoff or commit
 
@@ -173,6 +191,43 @@ npm run docs:screenshots
 npm run docs:demos
 ```
 
+## 4.13.0 Notes
+
+4.13.0 ships Proof Replay for Executable Proof Contracts:
+
+- `projscan prove --intent "<change>"` creates a local Proof Contract before
+  editing. It names allowed files, forbidden files, risky contracts, likely
+  tests, missing regression-test evidence, proof commands, rollback, confidence,
+  Trust Memory signals, evidence gaps, and reviewer guidance. Noisy feedback or
+  missing-signal feedback lowers the confidence reason instead of hiding it.
+- `projscan prove --changed` validates the current working tree against a saved
+  contract and emits a Proof Receipt for PRs, agents, and CI. Its changed-file
+  classes separate allowed production edits, expected tests, documentation,
+  generated proof artifacts, config/security drift, forbidden touches, and
+  unexpected production changes before giving a copyable reviewer decision.
+- `projscan prove --record-command "<command>" --exit-code <code>` appends a
+  local Proof Ledger row with command, duration, changed-file fingerprint,
+  redacted output summary, and optional log path. `prove --changed` replays
+  those rows and reports passed, missing, failed, partial, or stale proof.
+- Saved Mission Control bundles append Proof Ledger rows while `mission.sh`
+  runs the existing proof queue. The script still writes proof logs and status
+  JSONL for humans.
+- `projscan evidence-pack --pr-comment` includes the latest Proof Receipt
+  summary when a contract and ledger are available, so PR comments show proof
+  status, reviewer decision, scope, stale proof, failed proof, and the replay
+  command.
+- MCP now includes `projscan_prove`, bringing the MCP surface to 48 tools.
+
+## 4.12.1 Notes
+
+4.12.1 is the simulator precision patch for the Proof Cards V2 release:
+
+- `projscan simulate --plan` no longer treats one-letter filenames such as
+  `s.ts` as matches for broad plan text.
+- Simulator term-overlap evidence now filters generated agent/cache paths and
+  weak planning terms, so logs or proof artifacts do not become likely files
+  when the plan names no concrete repo target.
+
 ## 4.12.0 Notes
 
 4.12.0 is the Proof Cards V2 daily trust loop release:
@@ -245,6 +300,8 @@ npx -y projscan mcp --watch
 | What should I fix first?                     | `projscan bug-hunt --format json`                                                        |
 | What is risky and worth fixing this week?    | `projscan assess --goal "make this repo safer to ship this week"`                        |
 | Is this refactor worth doing?                | `projscan simulate --plan "split bugHunt.ts into ranking, evidence, and output modules"` |
+| Is my agent allowed to make this change?     | `projscan prove --intent "is my agent allowed to change billing retry logic?"`           |
+| Did the change stay inside scope?            | `projscan prove --changed --contract .projscan/proof-contract.json --format markdown`    |
 | Which files have high risk and low coverage? | `projscan coverage --format json`                                                        |
 | What should my agent do next?                | `projscan workplan --format json`                                                        |
 | Which proof belongs in this PR?              | `projscan evidence-pack --pr-comment`                                                    |
@@ -259,6 +316,7 @@ npx -y projscan mcp --watch
 | `projscan preflight`      | proceed, caution, or block gate for edit, commit, or merge                  |
 | `projscan assess`         | proof-first assessment with Proof Cards, risk delta, and fix-first guidance |
 | `projscan simulate`       | risk delta simulator for a proposed change plan before editing              |
+| `projscan prove`          | executable Proof Contracts and reviewer-ready Proof Receipts                |
 | `projscan evidence-pack`  | PR-ready proof with risks, owners, and next commands                        |
 | `projscan bug-hunt`       | ranked fix queue from health, hotspots, session, and preflight evidence     |
 | `projscan workplan`       | ordered agent tasks with proof and handoff text                             |
@@ -448,7 +506,7 @@ Supply-chain scanners may flag package strings or APIs used by `git`, `npm audit
 
 ## Install Notes
 
-`projscan@4.12.0` has seven direct runtime dependencies:
+`projscan@4.13.0` has seven direct runtime dependencies:
 
 - `@babel/parser`
 - `@babel/types`
@@ -458,7 +516,7 @@ Supply-chain scanners may flag package strings or APIs used by `git`, `npm audit
 - `ora`
 - `web-tree-sitter`
 
-If npm prints `allow-scripts` warnings during a global install, check which package names it lists. projscan core does not need `node-gyp` grammar builds at runtime in 4.12.0. Open an issue with the warning text if npm reports install scripts from `projscan@latest`, or run `projscan feedback intake --text "<warning text>" --format json` to turn it into a focused setup-trust task.
+If npm prints `allow-scripts` warnings during a global install, check which package names it lists. projscan core does not need `node-gyp` grammar builds at runtime in 4.13.0. Open an issue with the warning text if npm reports install scripts from `projscan@latest`, or run `projscan feedback intake --text "<warning text>" --format json` to turn it into a focused setup-trust task.
 
 The grammar packages are build-time sources, not global-install dependencies. Published grammar assets include `tree-sitter-python.wasm` and `tree-sitter-c_sharp.wasm`.
 

package/dist/cli/commands/prove.d.ts

@@ -0,0 +1,3 @@
+import type { ProveReport } from '../../types/prove.js';
+export declare function registerProve(): void;
+export declare function renderProveMarkdown(report: ProveReport): string;

package/dist/cli/commands/prove.js

@@ -0,0 +1,298 @@
+import chalk from 'chalk';
+import { assertFormatSupported, getRootPath, maybeCompactBanner, program, setupLogLevel, } from '../_shared.js';
+import { computeProve } from '../../core/prove.js';
+export function registerProve() {
+    program
+        .command('prove')
+        .description('Create or validate an executable Proof Contract for a change')
+        .option('--intent <text>', 'plain-language change intent to constrain before editing')
+        .option('--changed', 'validate the current working tree against a Proof Contract')
+        .option('--contract <path>', 'Proof Contract JSON path for --changed')
+        .option('--save-contract <path>', 'write the generated Proof Contract JSON in --intent mode')
+        .option('--max-files <count>', 'maximum likely touched files to include', parsePositiveInt)
+        .option('--feedback <path>', 'local projscan feedback artifact to apply as trust memory')
+        .option('--base-ref <ref>', 'base ref for changed-file detection')
+        .option('--record-command <command>', 'record a proof command outcome without executing it')
+        .option('--exit-code <code>', 'exit code for --record-command', parseExitCode)
+        .option('--duration-ms <ms>', 'duration in milliseconds for --record-command', parseDurationMs)
+        .option('--summary <text>', 'safe proof output summary for --record-command')
+        .option('--log <path>', 'redacted proof log path for --record-command')
+        .option('--ledger <path>', 'proof ledger JSONL path')
+        .action(async (cmdOpts) => {
+        setupLogLevel();
+        maybeCompactBanner();
+        const format = assertFormatSupported('prove');
+        try {
+            const selectedModes = [cmdOpts.intent, cmdOpts.changed, cmdOpts.recordCommand].filter(Boolean);
+            if (selectedModes.length > 1) {
+                throw new Error('prove accepts either --intent or --changed or --record-command');
+            }
+            if (selectedModes.length === 0) {
+                throw new Error('prove requires --intent "<change>", --changed, or --record-command');
+            }
+            const report = await computeProve(getRootPath(), {
+                intent: cmdOpts.intent,
+                changed: Boolean(cmdOpts.changed),
+                contractPath: cmdOpts.contract,
+                saveContractPath: cmdOpts.saveContract,
+                maxFiles: cmdOpts.maxFiles,
+                feedbackPath: cmdOpts.feedback,
+                baseRef: cmdOpts.baseRef,
+                ledgerPath: cmdOpts.ledger,
+                recordCommand: cmdOpts.recordCommand,
+                exitCode: cmdOpts.exitCode,
+                durationMs: cmdOpts.durationMs,
+                summary: cmdOpts.summary,
+                logPath: cmdOpts.log,
+            });
+            if (format === 'json') {
+                console.log(JSON.stringify(report, null, 2));
+                return;
+            }
+            if (format === 'markdown') {
+                console.log(renderProveMarkdown(report));
+                return;
+            }
+            printProveConsole(report);
+        }
+        catch (err) {
+            console.error(chalk.red(err instanceof Error ? err.message : String(err)));
+            process.exit(1);
+        }
+    });
+}
+function printProveConsole(report) {
+    const color = report.verdict === 'blocked'
+        ? chalk.red
+        : report.verdict === 'needs-review'
+            ? chalk.yellow
+            : chalk.green;
+    console.log(color(`Projscan Prove: ${report.verdict}`));
+    console.log(report.summary);
+    console.log('');
+    if (report.contract && report.mode === 'intent') {
+        printContractConsole(report.contract);
+    }
+    if (report.ledgerRecord) {
+        console.log(chalk.bold('Recorded Proof'));
+        console.log(`- ${report.ledgerRecord.status}: ${report.ledgerRecord.command}`);
+        console.log(`- ${report.ledgerRecord.changedFiles.length} changed file(s) fingerprinted`);
+    }
+    if (report.receipt) {
+        printReceiptConsole(report.receipt);
+    }
+}
+function printContractConsole(contract) {
+    console.log(chalk.bold('Allowed Files'));
+    printList(contract.allowedFiles, 'No concrete allowed files inferred');
+    console.log('');
+    console.log(chalk.bold('Forbidden Files'));
+    printList(contract.forbiddenFiles.slice(0, 8), 'No forbidden files inferred');
+    console.log('');
+    console.log(chalk.bold('Proof Commands'));
+    printList(contract.proofCommands.slice(0, 8), 'No proof commands inferred');
+}
+function printReceiptConsole(receipt) {
+    console.log(chalk.bold('Scope Decision'));
+    console.log(`- ${receipt.scope.status}`);
+    console.log('');
+    console.log(chalk.bold('Changed Files'));
+    printList(receipt.scope.changedFiles, 'No changed files detected');
+    console.log('');
+    console.log(chalk.bold('Allowed production'));
+    printList(receipt.scope.allowedProduction, 'No allowed production files touched');
+    console.log('');
+    console.log(chalk.bold('Expected tests'));
+    printList(receipt.scope.expectedTests, 'No expected tests touched');
+    if (receipt.scope.forbiddenTouched.length > 0) {
+        console.log('');
+        console.log(chalk.bold('Forbidden Touched'));
+        printList(receipt.scope.forbiddenTouched, 'No forbidden files touched');
+    }
+    console.log('');
+    console.log(chalk.bold('Proof Commands'));
+    printList(receipt.proofStatus.commandsRequired.slice(0, 8), 'No proof commands required');
+    console.log('');
+    console.log(chalk.bold('Proof Replay'));
+    console.log(`- status: ${receipt.proofStatus.status}`);
+    console.log(`- reviewer decision: ${receipt.reviewerDecision}`);
+}
+export function renderProveMarkdown(report) {
+    return report.receipt ? renderReceiptMarkdown(report, report.receipt) : renderContractMarkdown(report);
+}
+function renderContractMarkdown(report) {
+    const contract = report.contract;
+    const lines = ['# Projscan Proof Contract', ''];
+    lines.push(`- **Verdict:** ${report.verdict}`);
+    lines.push(`- **Summary:** ${report.summary}`);
+    if (!contract)
+        return lines.join('\n');
+    lines.push(`- **Intent:** ${contract.intent}`);
+    lines.push(`- **Confidence:** ${contract.confidence}`);
+    lines.push(`- **Evidence strength:** ${contract.evidenceStrength.level} (${contract.evidenceStrength.score})`);
+    lines.push('');
+    lines.push('## Allowed Files');
+    pushList(lines, contract.allowedFiles, 'No concrete allowed files inferred.');
+    lines.push('');
+    lines.push('## Forbidden Files');
+    pushList(lines, contract.forbiddenFiles, 'No forbidden files inferred.');
+    lines.push('');
+    lines.push('## Risky Contracts');
+    pushList(lines, contract.riskyContracts, 'No public contract inferred.');
+    lines.push('');
+    lines.push('## Likely Tests');
+    pushList(lines, contract.likelyTests, 'Add or identify a regression test first.');
+    lines.push('');
+    lines.push('## Proof Commands');
+    pushCodeList(lines, contract.proofCommands);
+    lines.push('');
+    lines.push('## Reviewer Guidance');
+    lines.push(contract.reviewerGuidance);
+    return lines.join('\n');
+}
+function renderReceiptMarkdown(report, receipt) {
+    const lines = ['# Projscan Proof Receipt', ''];
+    lines.push(`- **Verdict:** ${report.verdict}`);
+    lines.push(`- **Summary:** ${receipt.summary}`);
+    lines.push(`- **Commit readiness:** ${receipt.commitReadiness}`);
+    lines.push(`- **Scope:** ${receipt.scope.status}`);
+    lines.push(`- **Proof status:** ${receipt.proofStatus.status}`);
+    lines.push(`- **Reviewer decision:** ${receipt.reviewerDecision}`);
+    lines.push('');
+    lines.push('## Scope Decision');
+    lines.push(`- **Status:** ${receipt.scope.status}`);
+    lines.push(`- **Allowed production:** ${receipt.scope.allowedProduction.length}`);
+    lines.push(`- **Expected tests:** ${receipt.scope.expectedTests.length}`);
+    lines.push(`- **Unexpected production:** ${receipt.scope.unexpectedProduction.length}`);
+    lines.push(`- **Forbidden touched:** ${receipt.scope.forbiddenTouched.length}`);
+    lines.push('');
+    lines.push('## Changed File Classes');
+    lines.push('');
+    lines.push('### Allowed production');
+    pushList(lines, receipt.scope.allowedProduction, 'No allowed production files touched.');
+    lines.push('');
+    lines.push('### Expected tests');
+    pushList(lines, receipt.scope.expectedTests, 'No expected tests touched.');
+    lines.push('');
+    lines.push('### Unexpected production');
+    pushList(lines, receipt.scope.unexpectedProduction, 'No unexpected production files touched.');
+    lines.push('');
+    lines.push('### Config and security');
+    pushList(lines, unique([...receipt.scope.configTouched, ...receipt.scope.securitySensitiveTouched]), 'No config or security-sensitive files touched.');
+    lines.push('');
+    lines.push('### Documentation and generated artifacts');
+    pushList(lines, unique([...receipt.scope.documentationTouched, ...receipt.scope.generatedTouched]), 'No documentation or generated artifacts touched.');
+    lines.push('');
+    lines.push('## Changed Files');
+    pushList(lines, receipt.scope.changedFiles, 'No changed files detected.');
+    lines.push('');
+    lines.push('## Forbidden Touched');
+    pushList(lines, receipt.scope.forbiddenTouched, 'No forbidden files touched.');
+    lines.push('');
+    lines.push('## Outside Allowed Scope');
+    pushList(lines, receipt.scope.outsideAllowed, 'No changed files outside allowed scope.');
+    lines.push('');
+    lines.push('## Proof Commands');
+    pushCodeList(lines, receipt.proofStatus.commandsRequired);
+    lines.push('');
+    lines.push('## Proof Replay');
+    lines.push(`- **Proof status:** ${receipt.proofStatus.status}`);
+    lines.push(`- **Reviewer decision:** ${receipt.reviewerDecision}`);
+    lines.push(`- **Risk delta:** ${receipt.riskDeltaDirection} (${receipt.riskDelta.delta})`);
+    lines.push(`- **Commands required:** ${receipt.proofStatus.commandsRequired.length}`);
+    lines.push(`- **Commands recorded:** ${receipt.proofStatus.commandsRun.length}`);
+    lines.push('');
+    lines.push('### Command Evidence');
+    pushCommandEvidence(lines, receipt.proofStatus.commandEvidence);
+    lines.push('');
+    lines.push('### Missing Commands');
+    pushCodeList(lines, receipt.proofStatus.missingCommands);
+    lines.push('');
+    lines.push('### Failed Commands');
+    pushCodeList(lines, receipt.proofStatus.failedCommands);
+    lines.push('');
+    lines.push('### Stale Commands');
+    pushCodeList(lines, receipt.proofStatus.staleCommands);
+    lines.push('');
+    lines.push('## Evidence Gaps');
+    pushList(lines, receipt.evidenceGaps, 'No evidence gaps reported.');
+    lines.push('');
+    lines.push('## Reviewer Guidance');
+    lines.push(receipt.reviewerGuidance);
+    lines.push('');
+    lines.push('## Reviewer Checklist');
+    lines.push('- [ ] Confirm unexpected production/config/security files are intentional or removed.');
+    lines.push('- [ ] Confirm expected tests or a documented regression-test gap cover the change.');
+    lines.push('- [ ] Run every required proof command before approval.');
+    lines.push('- [ ] Confirm new risks and evidence gaps are acceptable for this commit.');
+    lines.push('');
+    lines.push('## Copyable Decision');
+    lines.push(`projscan prove: ${receipt.commitReadiness} (${receipt.scope.status}); proof ${receipt.proofStatus.status}; reviewer decision ${receipt.reviewerDecision}.`);
+    return lines.join('\n');
+}
+function printList(values, empty) {
+    if (values.length === 0) {
+        console.log(`- ${empty}`);
+        return;
+    }
+    for (const value of values)
+        console.log(`- ${value}`);
+}
+function pushList(lines, values, empty) {
+    if (values.length === 0) {
+        lines.push(`- ${empty}`);
+        return;
+    }
+    for (const value of values)
+        lines.push(`- ${value}`);
+}
+function pushCodeList(lines, values) {
+    if (values.length === 0) {
+        lines.push('- No proof commands required.');
+        return;
+    }
+    for (const value of values)
+        lines.push(`- \`${value}\``);
+}
+function pushCommandEvidence(lines, values) {
+    if (values.length === 0) {
+        lines.push('- No proof command evidence recorded.');
+        return;
+    }
+    for (const value of values)
+        lines.push(formatCommandEvidence(value));
+}
+function formatCommandEvidence(value) {
+    const state = value.fresh ? 'fresh' : value.staleReason ? 'stale' : value.status;
+    const exit = typeof value.exitCode === 'number' ? ` exit ${value.exitCode}` : ' no exit code';
+    const duration = typeof value.durationMs === 'number' ? `, ${value.durationMs}ms` : '';
+    const log = value.logPath ? `, log ${value.logPath}` : '';
+    const summary = value.outputSummary ? ` - ${value.outputSummary}` : '';
+    const stale = value.staleReason ? ` (${value.staleReason})` : '';
+    return `- **${value.status} ${state}:** \`${value.command}\` (${exit}${duration}${log})${stale}${summary}`;
+}
+function unique(values) {
+    return [...new Set(values)];
+}
+function parsePositiveInt(value) {
+    const parsed = Number.parseInt(value, 10);
+    if (!Number.isFinite(parsed) || parsed <= 0) {
+        throw new Error('value must be a positive integer');
+    }
+    return parsed;
+}
+function parseExitCode(value) {
+    const parsed = Number(value);
+    if (!Number.isInteger(parsed) || parsed < 0) {
+        throw new Error('exit code must be a non-negative integer');
+    }
+    return parsed;
+}
+function parseDurationMs(value) {
+    const parsed = Number(value);
+    if (!Number.isFinite(parsed) || parsed < 0) {
+        throw new Error('duration-ms must be a non-negative number');
+    }
+    return parsed;
+}
+//# sourceMappingURL=prove.js.map

package/dist/cli/commands/prove.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"prove.js","sourceRoot":"","sources":["../../../src/cli/commands/prove.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EACL,qBAAqB,EACrB,WAAW,EACX,kBAAkB,EAClB,OAAO,EACP,aAAa,GACd,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAGnD,MAAM,UAAU,aAAa;IAC3B,OAAO;SACJ,OAAO,CAAC,OAAO,CAAC;SAChB,WAAW,CAAC,8DAA8D,CAAC;SAC3E,MAAM,CAAC,iBAAiB,EAAE,0DAA0D,CAAC;SACrF,MAAM,CAAC,WAAW,EAAE,4DAA4D,CAAC;SACjF,MAAM,CAAC,mBAAmB,EAAE,wCAAwC,CAAC;SACrE,MAAM,CAAC,wBAAwB,EAAE,0DAA0D,CAAC;SAC5F,MAAM,CAAC,qBAAqB,EAAE,yCAAyC,EAAE,gBAAgB,CAAC;SAC1F,MAAM,CAAC,mBAAmB,EAAE,2DAA2D,CAAC;SACxF,MAAM,CAAC,kBAAkB,EAAE,qCAAqC,CAAC;SACjE,MAAM,CAAC,4BAA4B,EAAE,qDAAqD,CAAC;SAC3F,MAAM,CAAC,oBAAoB,EAAE,gCAAgC,EAAE,aAAa,CAAC;SAC7E,MAAM,CAAC,oBAAoB,EAAE,+CAA+C,EAAE,eAAe,CAAC;SAC9F,MAAM,CAAC,kBAAkB,EAAE,gDAAgD,CAAC;SAC5E,MAAM,CAAC,cAAc,EAAE,8CAA8C,CAAC;SACtE,MAAM,CAAC,iBAAiB,EAAE,yBAAyB,CAAC;SACpD,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;QACxB,aAAa,EAAE,CAAC;QAChB,kBAAkB,EAAE,CAAC;QACrB,MAAM,MAAM,GAAG,qBAAqB,CAAC,OAAO,CAAC,CAAC;QAE9C,IAAI,CAAC;YACH,MAAM,aAAa,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAC/F,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC7B,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAC;YACpF,CAAC;YACD,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC/B,MAAM,IAAI,KAAK,CAAC,oEAAoE,CAAC,CAAC;YACxF,CAAC;YACD,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,WAAW,EAAE,EAAE;gBAC/C,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC;gBACjC,YAAY,EAAE,OAAO,CAAC,QAAQ;gBAC9B,gBAAgB,EAAE,OAAO,CAAC,YAAY;gBACtC,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,YAAY,EAAE,OAAO,CAAC,QAAQ;gBAC9B,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,UAAU,EAAE,OAAO,CAAC,MAAM;gBAC1B,aAAa,EAAE,OAAO,CAAC,aAAa;gBACpC,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,OAAO,EAAE,OAAO,CAAC,GAAG;aACrB,CAAC,CAAC;YAEH,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;gBACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBAC7C,OAAO;YACT,CAAC;YACD,IAAI,MAAM,KAAK,UAAU,EAAE,CAAC;gBAC1B,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC,CAAC;gBACzC,OAAO;YACT,CAAC;YACD,iBAAiB,CAAC,MAAM,CAAC,CAAC;QAC5B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC3E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC;AAED,SAAS,iBAAiB,CAAC,MAAmB;IAC5C,MAAM,KAAK,GACT,MAAM,CAAC,OAAO,KAAK,SAAS;QAC1B,CAAC,CAAC,KAAK,CAAC,GAAG;QACX,CAAC,CAAC,MAAM,CAAC,OAAO,KAAK,cAAc;YACjC,CAAC,CAAC,KAAK,CAAC,MAAM;YACd,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC;IACpB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,mBAAmB,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IACxD,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC5B,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;QAChD,oBAAoB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACxC,CAAC;IACD,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC;QAC1C,OAAO,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,YAAY,CAAC,MAAM,KAAK,MAAM,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC,CAAC;QAC/E,OAAO,CAAC,GAAG,CAAC,KAAK,MAAM,CAAC,YAAY,CAAC,YAAY,CAAC,MAAM,gCAAgC,CAAC,CAAC;IAC5F,CAAC;IACD,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,mBAAmB,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACtC,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB,CAAC,QAAuB;IACnD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC;IACzC,SAAS,CAAC,QAAQ,CAAC,YAAY,EAAE,oCAAoC,CAAC,CAAC;IACvE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC;IAC3C,SAAS,CAAC,QAAQ,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,6BAA6B,CAAC,CAAC;IAC9E,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC;IAC1C,SAAS,CAAC,QAAQ,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,4BAA4B,CAAC,CAAC;AAC9E,CAAC;AAED,SAAS,mBAAmB,CAAC,OAAqB;IAChD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC;IAC1C,OAAO,CAAC,GAAG,CAAC,KAAK,OAAO,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IACzC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC;IACzC,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,YAAY,EAAE,2BAA2B,CAAC,CAAC;IACnE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,CAAC;IAC9C,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,iBAAiB,EAAE,qCAAqC,CAAC,CAAC;IAClF,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC;IAC1C,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,aAAa,EAAE,2BAA2B,CAAC,CAAC;IACpE,IAAI,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9C,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC;QAC7C,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,gBAAgB,EAAE,4BAA4B,CAAC,CAAC;IAC1E,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC;IAC1C,SAAS,CAAC,OAAO,CAAC,WAAW,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,4BAA4B,CAAC,CAAC;IAC1F,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,aAAa,OAAO,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC,CAAC;IACvD,OAAO,CAAC,GAAG,CAAC,wBAAwB,OAAO,CAAC,gBAAgB,EAAE,CAAC,CAAC;AAClE,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,MAAmB;IACrD,OAAO,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,qBAAqB,CAAC,MAAM,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,sBAAsB,CAAC,MAAM,CAAC,CAAC;AACzG,CAAC;AAED,SAAS,sBAAsB,CAAC,MAAmB;IACjD,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;IACjC,MAAM,KAAK,GAAa,CAAC,2BAA2B,EAAE,EAAE,CAAC,CAAC;IAC1D,KAAK,CAAC,IAAI,CAAC,kBAAkB,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IAC/C,KAAK,CAAC,IAAI,CAAC,kBAAkB,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IAC/C,IAAI,CAAC,QAAQ;QAAE,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACvC,KAAK,CAAC,IAAI,CAAC,iBAAiB,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;IAC/C,KAAK,CAAC,IAAI,CAAC,qBAAqB,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;IACvD,KAAK,CAAC,IAAI,CAAC,4BAA4B,QAAQ,CAAC,gBAAgB,CAAC,KAAK,KAAK,QAAQ,CAAC,gBAAgB,CAAC,KAAK,GAAG,CAAC,CAAC;IAC/G,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC/B,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,YAAY,EAAE,qCAAqC,CAAC,CAAC;IAC9E,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACjC,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,cAAc,EAAE,8BAA8B,CAAC,CAAC;IACzE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACjC,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,cAAc,EAAE,8BAA8B,CAAC,CAAC;IACzE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAC9B,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,WAAW,EAAE,0CAA0C,CAAC,CAAC;IAClF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IAChC,YAAY,CAAC,KAAK,EAAE,QAAQ,CAAC,aAAa,CAAC,CAAC;IAC5C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;IACnC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC;IACtC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAS,qBAAqB,CAAC,MAAmB,EAAE,OAAqB;IACvE,MAAM,KAAK,GAAa,CAAC,0BAA0B,EAAE,EAAE,CAAC,CAAC;IACzD,KAAK,CAAC,IAAI,CAAC,kBAAkB,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IAC/C,KAAK,CAAC,IAAI,CAAC,kBAAkB,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC;IAChD,KAAK,CAAC,IAAI,CAAC,2BAA2B,OAAO,CAAC,eAAe,EAAE,CAAC,CAAC;IACjE,KAAK,CAAC,IAAI,CAAC,gBAAgB,OAAO,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IACnD,KAAK,CAAC,IAAI,CAAC,uBAAuB,OAAO,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC,CAAC;IAChE,KAAK,CAAC,IAAI,CAAC,4BAA4B,OAAO,CAAC,gBAAgB,EAAE,CAAC,CAAC;IACnE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IAChC,KAAK,CAAC,IAAI,CAAC,iBAAiB,OAAO,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IACpD,KAAK,CAAC,IAAI,CAAC,6BAA6B,OAAO,CAAC,KAAK,CAAC,iBAAiB,CAAC,MAAM,EAAE,CAAC,CAAC;IAClF,KAAK,CAAC,IAAI,CAAC,yBAAyB,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,EAAE,CAAC,CAAC;IAC1E,KAAK,CAAC,IAAI,CAAC,gCAAgC,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,MAAM,EAAE,CAAC,CAAC;IACxF,KAAK,CAAC,IAAI,CAAC,4BAA4B,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,MAAM,EAAE,CAAC,CAAC;IAChF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;IACtC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;IACrC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,iBAAiB,EAAE,sCAAsC,CAAC,CAAC;IACzF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACjC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,aAAa,EAAE,4BAA4B,CAAC,CAAC;IAC3E,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;IACxC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,oBAAoB,EAAE,yCAAyC,CAAC,CAAC;IAC/F,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;IACtC,QAAQ,CACN,KAAK,EACL,MAAM,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,aAAa,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC,EACnF,gDAAgD,CACjD,CAAC;IACF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,2CAA2C,CAAC,CAAC;IACxD,QAAQ,CACN,KAAK,EACL,MAAM,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,oBAAoB,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,EAClF,kDAAkD,CACnD,CAAC;IACF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC/B,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,YAAY,EAAE,4BAA4B,CAAC,CAAC;IAC1E,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;IACnC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,gBAAgB,EAAE,6BAA6B,CAAC,CAAC;IAC/E,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IACvC,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,cAAc,EAAE,yCAAyC,CAAC,CAAC;IACzF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IAChC,YAAY,CAAC,KAAK,EAAE,OAAO,CAAC,WAAW,CAAC,gBAAgB,CAAC,CAAC;IAC1D,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAC9B,KAAK,CAAC,IAAI,CAAC,uBAAuB,OAAO,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC,CAAC;IAChE,KAAK,CAAC,IAAI,CAAC,4BAA4B,OAAO,CAAC,gBAAgB,EAAE,CAAC,CAAC;IACnE,KAAK,CAAC,IAAI,CAAC,qBAAqB,OAAO,CAAC,kBAAkB,KAAK,OAAO,CAAC,SAAS,CAAC,KAAK,GAAG,CAAC,CAAC;IAC3F,KAAK,CAAC,IAAI,CAAC,4BAA4B,OAAO,CAAC,WAAW,CAAC,gBAAgB,CAAC,MAAM,EAAE,CAAC,CAAC;IACtF,KAAK,CAAC,IAAI,CAAC,4BAA4B,OAAO,CAAC,WAAW,CAAC,WAAW,CAAC,MAAM,EAAE,CAAC,CAAC;IACjF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;IACnC,mBAAmB,CAAC,KAAK,EAAE,OAAO,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC;IAChE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;IACnC,YAAY,CAAC,KAAK,EAAE,OAAO,CAAC,WAAW,CAAC,eAAe,CAAC,CAAC;IACzD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;IAClC,YAAY,CAAC,KAAK,EAAE,OAAO,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;IACxD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACjC,YAAY,CAAC,KAAK,EAAE,OAAO,CAAC,WAAW,CAAC,aAAa,CAAC,CAAC;IACvD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC/B,QAAQ,CAAC,KAAK,EAAE,OAAO,CAAC,YAAY,EAAE,4BAA4B,CAAC,CAAC;IACpE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;IACnC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;IACrC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;IACpC,KAAK,CAAC,IAAI,CAAC,uFAAuF,CAAC,CAAC;IACpG,KAAK,CAAC,IAAI,CAAC,oFAAoF,CAAC,CAAC;IACjG,KAAK,CAAC,IAAI,CAAC,yDAAyD,CAAC,CAAC;IACtE,KAAK,CAAC,IAAI,CAAC,2EAA2E,CAAC,CAAC;IACxF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;IACnC,KAAK,CAAC,IAAI,CACR,mBAAmB,OAAO,CAAC,eAAe,KAAK,OAAO,CAAC,KAAK,CAAC,MAAM,YAAY,OAAO,CAAC,WAAW,CAAC,MAAM,uBAAuB,OAAO,CAAC,gBAAgB,GAAG,CAC5J,CAAC;IACF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAS,SAAS,CAAC,MAAgB,EAAE,KAAa;IAChD,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,EAAE,CAAC,CAAC;QAC1B,OAAO;IACT,CAAC;IACD,KAAK,MAAM,KAAK,IAAI,MAAM;QAAE,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,EAAE,CAAC,CAAC;AACxD,CAAC;AAED,SAAS,QAAQ,CAAC,KAAe,EAAE,MAAgB,EAAE,KAAa;IAChE,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,KAAK,CAAC,IAAI,CAAC,KAAK,KAAK,EAAE,CAAC,CAAC;QACzB,OAAO;IACT,CAAC;IACD,KAAK,MAAM,KAAK,IAAI,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,KAAK,KAAK,EAAE,CAAC,CAAC;AACvD,CAAC;AAED,SAAS,YAAY,CAAC,KAAe,EAAE,MAAgB;IACrD,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,KAAK,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAC5C,OAAO;IACT,CAAC;IACD,KAAK,MAAM,KAAK,IAAI,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,OAAO,KAAK,IAAI,CAAC,CAAC;AAC3D,CAAC;AAED,SAAS,mBAAmB,CAAC,KAAe,EAAE,MAAsD;IAClG,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,KAAK,CAAC,IAAI,CAAC,uCAAuC,CAAC,CAAC;QACpD,OAAO;IACT,CAAC;IACD,KAAK,MAAM,KAAK,IAAI,MAAM;QAAE,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC,CAAC;AACvE,CAAC;AAED,SAAS,qBAAqB,CAAC,KAA6D;IAC1F,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC;IACjF,MAAM,IAAI,GAAG,OAAO,KAAK,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,SAAS,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC;IAC9F,MAAM,QAAQ,GAAG,OAAO,KAAK,CAAC,UAAU,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,KAAK,CAAC,UAAU,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;IACvF,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAC1D,MAAM,OAAO,GAAG,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IACvE,MAAM,KAAK,GAAG,KAAK,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,KAAK,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IACjE,OAAO,OAAO,KAAK,CAAC,MAAM,IAAI,KAAK,SAAS,KAAK,CAAC,OAAO,OAAO,IAAI,GAAG,QAAQ,GAAG,GAAG,IAAI,KAAK,GAAG,OAAO,EAAE,CAAC;AAC7G,CAAC;AAED,SAAS,MAAM,CAAI,MAAW;IAC5B,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;AAC9B,CAAC;AAED,SAAS,gBAAgB,CAAC,KAAa;IACrC,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAC1C,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,MAAM,IAAI,CAAC,EAAE,CAAC;QAC5C,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACtD,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,aAAa,CAAC,KAAa;IAClC,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC7B,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5C,MAAM,IAAI,KAAK,CAAC,0CAA0C,CAAC,CAAC;IAC9D,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,eAAe,CAAC,KAAa;IACpC,MAAM,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC7B,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3C,MAAM,IAAI,KAAK,CAAC,2CAA2C,CAAC,CAAC;IAC/D,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/cli/commands/startMissionBundle.js

@@ -115,13 +115,16 @@ function missionUnsafeCommandBlock() {
 function missionProofLogSetup(report) {
     return [
         'MISSION_DIR=$(CDPATH= cd "$(dirname "$0")" && pwd)',
+        'PROJSCAN_ROOT=$(git -C "$MISSION_DIR" rev-parse --show-toplevel 2>/dev/null || pwd)',
         'PROOF_LOG_DIR="${MISSION_DIR}/proof-logs"',
         'PROOF_STATUS_FILE="${PROOF_LOG_DIR}/status.jsonl"',
         'PROOF_REPORT_FILE="${PROOF_LOG_DIR}/run-report.md"',
         'PROOF_SUMMARY_FILE="${PROOF_LOG_DIR}/summary.json"',
+        'PROOF_LEDGER_FILE="${PROJSCAN_ROOT}/.projscan/proof-ledger.jsonl"',
         'mkdir -p "$PROOF_LOG_DIR"',
         ': > "$PROOF_STATUS_FILE"',
         ': > "$PROOF_REPORT_FILE"',
+        ...scriptAppendProofLedgerFunction(),
         ...scriptInitRunReport(report),
         scriptWriteSummaryJson('running'),
         scriptPrintExpanded('Proof logs: ${PROOF_LOG_DIR}'),
@@ -523,6 +526,7 @@ function scriptCommandBlock(label, command, logTarget) {
         'status=$?',
         'set -e',
         scriptAppendStatusJsonl(logTarget.id, label, logTarget.logName, command),
+        scriptAppendProofLedgerJsonl(logTarget.id, label, logTarget.logName, command),
         scriptAppendReportRow(logTarget.id, label, logTarget.logName),
         'if [ "$status" -ne 0 ]; then',
         `  ${scriptPrintError(`Command failed. See proof-logs/${logTarget.logName}.`)}`,
@@ -549,6 +553,40 @@ function scriptAppendStatusJsonl(id, label, logName, command) {
     }).replace(/}$/, ',"exitCode":');
     return `printf '%s%s%s\\n' ${shellQuote(prefix)} "$status" '}' >> "$PROOF_STATUS_FILE"`;
 }
+function scriptAppendProofLedgerFunction() {
+    return [
+        'append_proof_ledger_row() {',
+        '  mkdir -p "$(dirname "$PROOF_LEDGER_FILE")" 2>/dev/null || true',
+        '  node - "$PROJSCAN_ROOT" "$MISSION_DIR" "$1" "$2" "$3" "$4" "$5" <<\'NODE\' >> "$PROOF_LEDGER_FILE" 2>/dev/null || true',
+        'const crypto = require("node:crypto");',
+        'const path = require("node:path");',
+        'const { execFileSync } = require("node:child_process");',
+        'const [root, missionDir, id, label, logName, command, exitCodeRaw] = process.argv.slice(2);',
+        'function normalize(value) { return String(value || "").split(path.sep).join("/").replace(/^\\.\\//, ""); }',
+        'function changedFiles() {',
+        '  try {',
+        '    const output = execFileSync("git", ["-C", root, "status", "--porcelain", "--untracked-files=all"], { encoding: "utf8", stdio: ["ignore", "pipe", "ignore"] });',
+        '    return [...new Set(output.split("\\n").map((line) => line.slice(3).trim()).filter(Boolean).map((file) => file.includes(" -> ") ? file.split(" -> ").pop() : file).map(normalize).filter((file) => !file.startsWith(".projscan/")))].sort();',
+        '  } catch {',
+        '    return [];',
+        '  }',
+        '}',
+        'const files = changedFiles();',
+        'const fingerprint = crypto.createHash("sha256").update(files.join("\\n")).digest("hex");',
+        'const completedAt = new Date().toISOString();',
+        'const exitCode = Number.parseInt(exitCodeRaw, 10);',
+        'const logPath = normalize(path.relative(root, path.join(missionDir, "proof-logs", logName)));',
+        'const digest = crypto.createHash("sha256").update(`${command}\\n${completedAt}\\n${exitCode}`).digest("hex").slice(0, 12);',
+        'const record = { schemaVersion: 1, id: `proof-ledger-${digest}`, command, normalizedCommand: command.trim().replace(/\\s+/g, " "), cwd: normalize(path.relative(root, missionDir) || "."), exitCode, status: exitCode === 0 ? "passed" : "failed", startedAt: completedAt, completedAt, durationMs: 0, changedFileFingerprint: fingerprint, changedFiles: files, outputSummary: `Mission proof ${label} exited ${exitCode}.`, source: "mission", logPath };',
+        'process.stdout.write(`${JSON.stringify(record)}\\n`);',
+        'NODE',
+        '}',
+        '',
+    ];
+}
+function scriptAppendProofLedgerJsonl(id, label, logName, command) {
+    return `append_proof_ledger_row ${shellQuote(id)} ${shellQuote(label)} ${shellQuote(logName)} ${shellQuote(command)} "$status"`;
+}
 function scriptInitRunReport(report) {
     const mission = report.missionControl;
     return [