projscan 4.13.0 → 4.15.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (195) hide show
  1. package/README.md +90 -24
  2. package/dist/cli/commands/evidencePack.js +2 -0
  3. package/dist/cli/commands/evidencePack.js.map +1 -1
  4. package/dist/cli/commands/prove.js +253 -23
  5. package/dist/cli/commands/prove.js.map +1 -1
  6. package/dist/cli/commands/startConsole.d.ts +2 -2
  7. package/dist/cli/commands/startConsole.js +2 -260
  8. package/dist/cli/commands/startConsole.js.map +1 -1
  9. package/dist/cli/commands/startConsoleExecution.d.ts +5 -0
  10. package/dist/cli/commands/startConsoleExecution.js +108 -0
  11. package/dist/cli/commands/startConsoleExecution.js.map +1 -0
  12. package/dist/cli/commands/startConsoleMission.d.ts +6 -0
  13. package/dist/cli/commands/startConsoleMission.js +157 -0
  14. package/dist/cli/commands/startConsoleMission.js.map +1 -0
  15. package/dist/cli/commands/startMissionBundle.js +24 -27
  16. package/dist/cli/commands/startMissionBundle.js.map +1 -1
  17. package/dist/core/adoption.d.ts +8 -81
  18. package/dist/core/adoption.js +4 -549
  19. package/dist/core/adoption.js.map +1 -1
  20. package/dist/core/adoptionFirstRunDiagnostics.d.ts +20 -0
  21. package/dist/core/adoptionFirstRunDiagnostics.js +240 -0
  22. package/dist/core/adoptionFirstRunDiagnostics.js.map +1 -0
  23. package/dist/core/adoptionMcpConfig.d.ts +27 -0
  24. package/dist/core/adoptionMcpConfig.js +123 -0
  25. package/dist/core/adoptionMcpConfig.js.map +1 -0
  26. package/dist/core/adoptionMcpDoctor.d.ts +23 -0
  27. package/dist/core/adoptionMcpDoctor.js +87 -0
  28. package/dist/core/adoptionMcpDoctor.js.map +1 -0
  29. package/dist/core/adoptionWorkflowRecipes.d.ts +14 -0
  30. package/dist/core/adoptionWorkflowRecipes.js +110 -0
  31. package/dist/core/adoptionWorkflowRecipes.js.map +1 -0
  32. package/dist/core/bugHunt.js +26 -255
  33. package/dist/core/bugHunt.js.map +1 -1
  34. package/dist/core/bugHuntPreflightFindings.d.ts +2 -1
  35. package/dist/core/bugHuntPreflightFindings.js +20 -0
  36. package/dist/core/bugHuntPreflightFindings.js.map +1 -1
  37. package/dist/core/bugHuntReportAssembly.d.ts +20 -0
  38. package/dist/core/bugHuntReportAssembly.js +179 -0
  39. package/dist/core/bugHuntReportAssembly.js.map +1 -0
  40. package/dist/core/bugHuntSourceFindings.d.ts +3 -0
  41. package/dist/core/bugHuntSourceFindings.js +61 -0
  42. package/dist/core/bugHuntSourceFindings.js.map +1 -0
  43. package/dist/core/dogfood.js +4 -393
  44. package/dist/core/dogfood.js.map +1 -1
  45. package/dist/core/dogfoodMarketValidation.d.ts +5 -0
  46. package/dist/core/dogfoodMarketValidation.js +265 -0
  47. package/dist/core/dogfoodMarketValidation.js.map +1 -0
  48. package/dist/core/dogfoodRepoEvaluation.d.ts +4 -0
  49. package/dist/core/dogfoodRepoEvaluation.js +137 -0
  50. package/dist/core/dogfoodRepoEvaluation.js.map +1 -0
  51. package/dist/core/evidenceComment.js +50 -13
  52. package/dist/core/evidenceComment.js.map +1 -1
  53. package/dist/core/feedback.js +2 -252
  54. package/dist/core/feedback.js.map +1 -1
  55. package/dist/core/feedbackIntakeClassifier.d.ts +2 -0
  56. package/dist/core/feedbackIntakeClassifier.js +255 -0
  57. package/dist/core/feedbackIntakeClassifier.js.map +1 -0
  58. package/dist/core/intentRouterCatalog.js +34 -0
  59. package/dist/core/intentRouterCatalog.js.map +1 -1
  60. package/dist/core/intentRouterKeywordToolGuards.js +2 -46
  61. package/dist/core/intentRouterKeywordToolGuards.js.map +1 -1
  62. package/dist/core/intentRouterKeywordWeights.js +13 -28
  63. package/dist/core/intentRouterKeywordWeights.js.map +1 -1
  64. package/dist/core/intentRouterProductGuardSignals.d.ts +3 -0
  65. package/dist/core/intentRouterProductGuardSignals.js +59 -0
  66. package/dist/core/intentRouterProductGuardSignals.js.map +1 -0
  67. package/dist/core/intentRouterWorkflowKeywordWeights.js +29 -0
  68. package/dist/core/intentRouterWorkflowKeywordWeights.js.map +1 -1
  69. package/dist/core/markdownSafety.d.ts +3 -0
  70. package/dist/core/markdownSafety.js +14 -0
  71. package/dist/core/markdownSafety.js.map +1 -0
  72. package/dist/core/preflight.d.ts +2 -0
  73. package/dist/core/preflight.js.map +1 -1
  74. package/dist/core/preflightChangedFiles.d.ts +2 -0
  75. package/dist/core/preflightChangedFiles.js +1 -1
  76. package/dist/core/preflightChangedFiles.js.map +1 -1
  77. package/dist/core/preflightInputs.d.ts +2 -0
  78. package/dist/core/preflightInputs.js +5 -2
  79. package/dist/core/preflightInputs.js.map +1 -1
  80. package/dist/core/proofLedger.d.ts +6 -1
  81. package/dist/core/proofLedger.js +174 -15
  82. package/dist/core/proofLedger.js.map +1 -1
  83. package/dist/core/proofReplay.d.ts +9 -0
  84. package/dist/core/proofReplay.js +164 -0
  85. package/dist/core/proofReplay.js.map +1 -0
  86. package/dist/core/proofSufficiency.d.ts +19 -0
  87. package/dist/core/proofSufficiency.js +425 -0
  88. package/dist/core/proofSufficiency.js.map +1 -0
  89. package/dist/core/prove.d.ts +8 -0
  90. package/dist/core/prove.js +578 -88
  91. package/dist/core/prove.js.map +1 -1
  92. package/dist/core/qualityScorecard.js +8 -238
  93. package/dist/core/qualityScorecard.js.map +1 -1
  94. package/dist/core/qualityScorecardDimensions.d.ts +14 -0
  95. package/dist/core/qualityScorecardDimensions.js +99 -0
  96. package/dist/core/qualityScorecardDimensions.js.map +1 -0
  97. package/dist/core/qualityScorecardRisks.d.ts +8 -0
  98. package/dist/core/qualityScorecardRisks.js +107 -0
  99. package/dist/core/qualityScorecardRisks.js.map +1 -0
  100. package/dist/core/qualityScorecardSignals.d.ts +20 -0
  101. package/dist/core/qualityScorecardSignals.js +59 -0
  102. package/dist/core/qualityScorecardSignals.js.map +1 -0
  103. package/dist/core/releaseEvidence.d.ts +1 -0
  104. package/dist/core/releaseEvidence.js +15 -40
  105. package/dist/core/releaseEvidence.js.map +1 -1
  106. package/dist/core/releaseEvidenceBaseline.js +4 -1
  107. package/dist/core/releaseEvidenceBaseline.js.map +1 -1
  108. package/dist/core/releaseEvidenceProofReceipt.d.ts +6 -0
  109. package/dist/core/releaseEvidenceProofReceipt.js +140 -0
  110. package/dist/core/releaseEvidenceProofReceipt.js.map +1 -0
  111. package/dist/core/releaseEvidenceVerdict.d.ts +5 -2
  112. package/dist/core/releaseEvidenceVerdict.js +39 -1
  113. package/dist/core/releaseEvidenceVerdict.js.map +1 -1
  114. package/dist/core/repositoryScanner.d.ts +1 -0
  115. package/dist/core/repositoryScanner.js +5 -4
  116. package/dist/core/repositoryScanner.js.map +1 -1
  117. package/dist/core/sessionResources.d.ts +14 -2
  118. package/dist/core/sessionResources.js +3 -3
  119. package/dist/core/sessionResources.js.map +1 -1
  120. package/dist/core/startFixedRouteCriteria.js +4 -0
  121. package/dist/core/startFixedRouteCriteria.js.map +1 -1
  122. package/dist/core/startInputs.d.ts +1 -1
  123. package/dist/core/startIntentTargets.d.ts +1 -1
  124. package/dist/core/startIntentTargets.js +1 -16
  125. package/dist/core/startIntentTargets.js.map +1 -1
  126. package/dist/core/startMissionInputStatusPolicy.d.ts +7 -0
  127. package/dist/core/startMissionInputStatusPolicy.js +74 -0
  128. package/dist/core/startMissionInputStatusPolicy.js.map +1 -0
  129. package/dist/core/startMissionPolicy.d.ts +6 -15
  130. package/dist/core/startMissionPolicy.js +4 -305
  131. package/dist/core/startMissionPolicy.js.map +1 -1
  132. package/dist/core/startMissionProofPolicy.d.ts +6 -0
  133. package/dist/core/startMissionProofPolicy.js +84 -0
  134. package/dist/core/startMissionProofPolicy.js.map +1 -0
  135. package/dist/core/startMissionRiskPolicy.d.ts +4 -0
  136. package/dist/core/startMissionRiskPolicy.js +85 -0
  137. package/dist/core/startMissionRiskPolicy.js.map +1 -0
  138. package/dist/core/startMissionRoutingPolicy.d.ts +6 -0
  139. package/dist/core/startMissionRoutingPolicy.js +67 -0
  140. package/dist/core/startMissionRoutingPolicy.js.map +1 -0
  141. package/dist/core/startMode.d.ts +1 -2
  142. package/dist/core/startMode.js +4 -151
  143. package/dist/core/startMode.js.map +1 -1
  144. package/dist/core/startModeIntentPolicy.d.ts +12 -0
  145. package/dist/core/startModeIntentPolicy.js +41 -0
  146. package/dist/core/startModeIntentPolicy.js.map +1 -0
  147. package/dist/core/startModeRoutingPolicy.d.ts +4 -0
  148. package/dist/core/startModeRoutingPolicy.js +117 -0
  149. package/dist/core/startModeRoutingPolicy.js.map +1 -0
  150. package/dist/core/startRouteActions.js +5 -0
  151. package/dist/core/startRouteActions.js.map +1 -1
  152. package/dist/core/startSearchQueryTargets.d.ts +1 -0
  153. package/dist/core/startSearchQueryTargets.js +17 -0
  154. package/dist/core/startSearchQueryTargets.js.map +1 -0
  155. package/dist/core/workplan.d.ts +3 -2
  156. package/dist/core/workplan.js +11 -585
  157. package/dist/core/workplan.js.map +1 -1
  158. package/dist/core/workplanCoordinationTasks.d.ts +3 -0
  159. package/dist/core/workplanCoordinationTasks.js +82 -0
  160. package/dist/core/workplanCoordinationTasks.js.map +1 -0
  161. package/dist/core/workplanModeTasks.d.ts +2 -0
  162. package/dist/core/workplanModeTasks.js +192 -0
  163. package/dist/core/workplanModeTasks.js.map +1 -0
  164. package/dist/core/workplanPreflightTasks.d.ts +2 -0
  165. package/dist/core/workplanPreflightTasks.js +126 -0
  166. package/dist/core/workplanPreflightTasks.js.map +1 -0
  167. package/dist/core/workplanQualitySignals.d.ts +7 -0
  168. package/dist/core/workplanQualitySignals.js +63 -0
  169. package/dist/core/workplanQualitySignals.js.map +1 -0
  170. package/dist/core/workplanReport.d.ts +4 -0
  171. package/dist/core/workplanReport.js +79 -0
  172. package/dist/core/workplanReport.js.map +1 -0
  173. package/dist/core/workplanRiskOwnership.d.ts +5 -0
  174. package/dist/core/workplanRiskOwnership.js +97 -0
  175. package/dist/core/workplanRiskOwnership.js.map +1 -0
  176. package/dist/core/workplanSuggestedActions.d.ts +2 -0
  177. package/dist/core/workplanSuggestedActions.js +43 -0
  178. package/dist/core/workplanSuggestedActions.js.map +1 -0
  179. package/dist/mcp/tools/prove.js +24 -18
  180. package/dist/mcp/tools/prove.js.map +1 -1
  181. package/dist/projscan-sbom.cdx.json +6 -6
  182. package/dist/tool-manifest.json +3 -3
  183. package/dist/types/config.d.ts +15 -0
  184. package/dist/types/evidencePack.d.ts +21 -0
  185. package/dist/types/proofLedger.d.ts +1 -1
  186. package/dist/types/prove.d.ts +96 -1
  187. package/dist/utils/changedFiles.js +57 -16
  188. package/dist/utils/changedFiles.js.map +1 -1
  189. package/dist/utils/config.js +2 -0
  190. package/dist/utils/config.js.map +1 -1
  191. package/dist/utils/configProofRecipes.d.ts +2 -0
  192. package/dist/utils/configProofRecipes.js +91 -0
  193. package/dist/utils/configProofRecipes.js.map +1 -0
  194. package/docs/GUIDE.md +145 -25
  195. package/package.json +1 -1
package/dist/core/workplanReport.js ADDED
@@ -0,0 +1,79 @@
1
+ export function buildWorkplanHandoffPayload(report) {
2
+ const next = report.tasks.slice(0, 5).map((task) => task.handoffText);
3
+ const verificationCommands = unique(report.tasks.flatMap((task) => task.verification.commands)).slice(0, 12);
4
+ return {
5
+ summary: report.summary,
6
+ verdict: report.verdict,
7
+ mode: report.mode,
8
+ next,
9
+ verificationCommands,
10
+ coordination: report.coordination,
11
+ markdown: renderWorkplanHandoffMarkdown(report, next, verificationCommands),
12
+ };
13
+ }
14
+ function renderWorkplanHandoffMarkdown(report, next, verificationCommands) {
15
+ const lines = [
16
+ '# Agent Handoff',
17
+ '',
18
+ `**Mode:** ${report.mode}`,
19
+ `**Verdict:** ${report.verdict}`,
20
+ '',
21
+ report.summary,
22
+ '',
23
+ '## Next',
24
+ ...(next.length > 0 ? next.map((item) => `- ${item}`) : ['- Preserve the current baseline.']),
25
+ '',
26
+ '## Verification',
27
+ ...(verificationCommands.length > 0
28
+ ? verificationCommands.map((command) => `- \`${command}\``)
29
+ : ['- `projscan preflight --format json`']),
30
+ '',
31
+ '## Coordination',
32
+ `- ${report.coordination.recommendedNextAgent}`,
33
+ ...report.coordination.touchedFiles.slice(0, 10).map((file) => `- touched: ${file}`),
34
+ ];
35
+ return `${lines.join('\n')}\n`;
36
+ }
37
+ export function rankWorkplanTasks(tasks) {
38
+ const seen = new Set();
39
+ return tasks
40
+ .filter((task) => {
41
+ if (seen.has(task.id))
42
+ return false;
43
+ seen.add(task.id);
44
+ return true;
45
+ })
46
+ .sort((a, b) => {
47
+ const priority = priorityRank(a.priority) - priorityRank(b.priority);
48
+ if (priority !== 0)
49
+ return priority;
50
+ const evidence = strongestEvidenceRank(a.evidence) - strongestEvidenceRank(b.evidence);
51
+ if (evidence !== 0)
52
+ return evidence;
53
+ return a.id.localeCompare(b.id);
54
+ });
55
+ }
56
+ function strongestEvidenceRank(evidence) {
57
+ if (evidence.some((item) => item.severity === 'error'))
58
+ return 0;
59
+ if (evidence.some((item) => item.severity === 'warning'))
60
+ return 1;
61
+ return 2;
62
+ }
63
+ function priorityRank(priority) {
64
+ if (priority === 'p0')
65
+ return 0;
66
+ if (priority === 'p1')
67
+ return 1;
68
+ return 2;
69
+ }
70
+ export function summarizeWorkplan(mode, verdict, tasks, risks) {
71
+ if (tasks.length === 0)
72
+ return `${verdict}: ${mode} workplan has no recommended tasks`;
73
+ const riskText = risks.length > 0 ? `${risks.length} top risk(s)` : 'no top risks';
74
+ return `${verdict}: ${mode} workplan has ${tasks.length} task(s), starting with ${tasks[0]?.title}; ${riskText}`;
75
+ }
76
+ function unique(values) {
77
+ return [...new Set(values)];
78
+ }
79
+ //# sourceMappingURL=workplanReport.js.map
package/dist/core/workplanReport.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"workplanReport.js","sourceRoot":"","sources":["../../src/core/workplanReport.ts"],"names":[],"mappings":"AAWA,MAAM,UAAU,2BAA2B,CAAC,MAAsB;IAChE,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACtE,MAAM,oBAAoB,GAAG,MAAM,CACjC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAC3D,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACf,OAAO;QACL,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,IAAI;QACJ,oBAAoB;QACpB,YAAY,EAAE,MAAM,CAAC,YAAY;QACjC,QAAQ,EAAE,6BAA6B,CAAC,MAAM,EAAE,IAAI,EAAE,oBAAoB,CAAC;KAC5E,CAAC;AACJ,CAAC;AAED,SAAS,6BAA6B,CACpC,MAAsB,EACtB,IAAc,EACd,oBAA8B;IAE9B,MAAM,KAAK,GAAG;QACZ,iBAAiB;QACjB,EAAE;QACF,aAAa,MAAM,CAAC,IAAI,EAAE;QAC1B,gBAAgB,MAAM,CAAC,OAAO,EAAE;QAChC,EAAE;QACF,MAAM,CAAC,OAAO;QACd,EAAE;QACF,SAAS;QACT,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,kCAAkC,CAAC,CAAC;QAC7F,EAAE;QACF,iBAAiB;QACjB,GAAG,CAAC,oBAAoB,CAAC,MAAM,GAAG,CAAC;YACjC,CAAC,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,OAAO,IAAI,CAAC;YAC3D,CAAC,CAAC,CAAC,sCAAsC,CAAC,CAAC;QAC7C,EAAE;QACF,iBAAiB;QACjB,KAAK,MAAM,CAAC,YAAY,CAAC,oBAAoB,EAAE;QAC/C,GAAG,MAAM,CAAC,YAAY,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,cAAc,IAAI,EAAE,CAAC;KACrF,CAAC;IACF,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,KAAqB;IACrD,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,OAAO,KAAK;SACT,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE;QACf,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAAE,OAAO,KAAK,CAAC;QACpC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;SACD,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACb,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACrE,IAAI,QAAQ,KAAK,CAAC;YAAE,OAAO,QAAQ,CAAC;QACpC,MAAM,QAAQ,GAAG,qBAAqB,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,qBAAqB,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACvF,IAAI,QAAQ,KAAK,CAAC;YAAE,OAAO,QAAQ,CAAC;QACpC,OAAO,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;AACP,CAAC;AAED,SAAS,qBAAqB,CAAC,QAA4B;IACzD,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,KAAK,OAAO,CAAC;QAAE,OAAO,CAAC,CAAC;IACjE,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC;QAAE,OAAO,CAAC,CAAC;IACnE,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,YAAY,CAAC,QAA0B;IAC9C,IAAI,QAAQ,KAAK,IAAI;QAAE,OAAO,CAAC,CAAC;IAChC,IAAI,QAAQ,KAAK,IAAI;QAAE,OAAO,CAAC,CAAC;IAChC,OAAO,CAAC,CAAC;AACX,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,IAAkB,EAClB,OAAyB,EACzB,KAAqB,EACrB,KAAwB;IAExB,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,GAAG,OAAO,KAAK,IAAI,oCAAoC,CAAC;IACvF,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,MAAM,cAAc,CAAC,CAAC,CAAC,cAAc,CAAC;IACnF,OAAO,GAAG,OAAO,KAAK,IAAI,iBAAiB,KAAK,CAAC,MAAM,2BAA2B,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,KAAK,QAAQ,EAAE,CAAC;AACnH,CAAC;AAED,SAAS,MAAM,CAAC,MAAgB;IAC9B,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;AAC9B,CAAC"}
package/dist/core/workplanRiskOwnership.d.ts ADDED
@@ -0,0 +1,5 @@
1
+ import type { OwnershipLookup } from './ownership.js';
2
+ import type { PreflightReason, SessionConflict, WorkplanTask, WorkplanTopRisk } from '../types.js';
3
+ export declare function buildTopRisks(reasons: PreflightReason[], conflicts: SessionConflict[], extraRisks?: WorkplanTopRisk[]): WorkplanTopRisk[];
4
+ export declare function annotateTasksWithOwners(tasks: WorkplanTask[], ownership: OwnershipLookup | undefined): WorkplanTask[];
5
+ export declare function annotateTopRisksWithOwners(risks: WorkplanTopRisk[], ownership: OwnershipLookup | undefined): WorkplanTopRisk[];
package/dist/core/workplanRiskOwnership.js ADDED
@@ -0,0 +1,97 @@
1
+ const MAX_TOP_RISKS = 8;
2
+ const HANDOFF_LIMIT = 320;
3
+ export function buildTopRisks(reasons, conflicts, extraRisks = []) {
4
+ const reasonRisks = reasons.map((reason) => ({
5
+ ...reasonToEvidence(reason),
6
+ priority: reason.severity === 'error' ? 'p0' : 'p1',
7
+ }));
8
+ const conflictRisks = conflicts.map((conflict) => ({
9
+ source: 'coordination',
10
+ message: conflict.message,
11
+ severity: conflict.severity,
12
+ file: conflict.files[0],
13
+ priority: conflict.severity === 'error' ? 'p0' : 'p1',
14
+ }));
15
+ const seen = new Set();
16
+ return [...reasonRisks, ...conflictRisks, ...extraRisks]
17
+ .map((risk, index) => ({ risk, index }))
18
+ .filter((entry) => {
19
+ const { risk } = entry;
20
+ const key = `${risk.source}:${risk.file ?? ''}:${risk.message}`;
21
+ if (seen.has(key))
22
+ return false;
23
+ seen.add(key);
24
+ return true;
25
+ })
26
+ .sort((a, b) => {
27
+ const priority = priorityRank(a.risk.priority) - priorityRank(b.risk.priority);
28
+ if (priority !== 0)
29
+ return priority;
30
+ return a.index - b.index;
31
+ })
32
+ .map((entry) => entry.risk)
33
+ .slice(0, MAX_TOP_RISKS);
34
+ }
35
+ export function annotateTasksWithOwners(tasks, ownership) {
36
+ if (!ownership)
37
+ return tasks;
38
+ return tasks.map((task) => {
39
+ const owner = ownerForTask(task, ownership);
40
+ if (!owner)
41
+ return task;
42
+ return {
43
+ ...task,
44
+ owner,
45
+ handoffText: compact(`${task.handoffText} Owner: ${owner}.`, HANDOFF_LIMIT),
46
+ };
47
+ });
48
+ }
49
+ export function annotateTopRisksWithOwners(risks, ownership) {
50
+ if (!ownership)
51
+ return risks;
52
+ return risks.map((risk) => {
53
+ const owner = ownerForFiles([risk.file].filter((file) => typeof file === 'string'), ownership);
54
+ return owner ? { ...risk, owner } : risk;
55
+ });
56
+ }
57
+ function reasonToEvidence(reason) {
58
+ return {
59
+ source: reason.source,
60
+ message: reason.message,
61
+ severity: reason.severity,
62
+ ...(reason.file ? { file: reason.file } : {}),
63
+ ...(reason.issueId ? { issueId: reason.issueId } : {}),
64
+ ...(reason.tool ? { tool: reason.tool } : {}),
65
+ };
66
+ }
67
+ function ownerForTask(task, ownership) {
68
+ const evidenceFiles = task.evidence
69
+ .map((item) => item.file)
70
+ .filter((file) => typeof file === 'string' && file.length > 0);
71
+ return ownerForFiles([...task.files, ...evidenceFiles], ownership);
72
+ }
73
+ function ownerForFiles(files, ownership) {
74
+ for (const file of unique(files)) {
75
+ const owner = ownership(file);
76
+ if (owner)
77
+ return owner;
78
+ }
79
+ return undefined;
80
+ }
81
+ function priorityRank(priority) {
82
+ if (priority === 'p0')
83
+ return 0;
84
+ if (priority === 'p1')
85
+ return 1;
86
+ return 2;
87
+ }
88
+ function unique(values) {
89
+ return [...new Set(values)];
90
+ }
91
+ function compact(value, maxLength) {
92
+ const oneLine = value.replace(/\s+/g, ' ').trim();
93
+ if (oneLine.length <= maxLength)
94
+ return oneLine;
95
+ return `${oneLine.slice(0, maxLength - 3).trimEnd()}...`;
96
+ }
97
+ //# sourceMappingURL=workplanRiskOwnership.js.map
package/dist/core/workplanRiskOwnership.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"workplanRiskOwnership.js","sourceRoot":"","sources":["../../src/core/workplanRiskOwnership.ts"],"names":[],"mappings":"AASA,MAAM,aAAa,GAAG,CAAC,CAAC;AACxB,MAAM,aAAa,GAAG,GAAG,CAAC;AAE1B,MAAM,UAAU,aAAa,CAC3B,OAA0B,EAC1B,SAA4B,EAC5B,aAAgC,EAAE;IAElC,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QAC3C,GAAG,gBAAgB,CAAC,MAAM,CAAC;QAC3B,QAAQ,EAAE,MAAM,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAE,IAAc,CAAC,CAAC,CAAE,IAAc;KAC1E,CAAC,CAAC,CAAC;IACJ,MAAM,aAAa,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QACjD,MAAM,EAAE,cAAuB;QAC/B,OAAO,EAAE,QAAQ,CAAC,OAAO;QACzB,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;QACvB,QAAQ,EAAE,QAAQ,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAE,IAAc,CAAC,CAAC,CAAE,IAAc;KAC5E,CAAC,CAAC,CAAC;IACJ,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,OAAO,CAAC,GAAG,WAAW,EAAE,GAAG,aAAa,EAAE,GAAG,UAAU,CAAC;SACrD,GAAG,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;SACvC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;QAChB,MAAM,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC;QACvB,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,IAAI,IAAI,EAAE,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;QAChE,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QAChC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACd,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;SACD,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACb,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC/E,IAAI,QAAQ,KAAK,CAAC;YAAE,OAAO,QAAQ,CAAC;QACpC,OAAO,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC;IAC3B,CAAC,CAAC;SACD,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC;SAC1B,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC;AAC7B,CAAC;AAED,MAAM,UAAU,uBAAuB,CACrC,KAAqB,EACrB,SAAsC;IAEtC,IAAI,CAAC,SAAS;QAAE,OAAO,KAAK,CAAC;IAC7B,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACxB,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;QAC5C,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QACxB,OAAO;YACL,GAAG,IAAI;YACP,KAAK;YACL,WAAW,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,WAAW,WAAW,KAAK,GAAG,EAAE,aAAa,CAAC;SAC5E,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,0BAA0B,CACxC,KAAwB,EACxB,SAAsC;IAEtC,IAAI,CAAC,SAAS;QAAE,OAAO,KAAK,CAAC;IAC7B,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACxB,MAAM,KAAK,GAAG,aAAa,CACzB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAkB,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,EACtE,SAAS,CACV,CAAC;QACF,OAAO,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;IAC3C,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,gBAAgB,CAAC,MAAuB;IAC/C,OAAO;QACL,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7C,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACtD,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC9C,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,IAAkB,EAAE,SAA0B;IAClE,MAAM,aAAa,GAAG,IAAI,CAAC,QAAQ;SAChC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;SACxB,MAAM,CAAC,CAAC,IAAI,EAAkB,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACjF,OAAO,aAAa,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,EAAE,GAAG,aAAa,CAAC,EAAE,SAAS,CAAC,CAAC;AACrE,CAAC;AAED,SAAS,aAAa,CAAC,KAAe,EAAE,SAA0B;IAChE,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;QACjC,MAAM,KAAK,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;QAC9B,IAAI,KAAK;YAAE,OAAO,KAAK,CAAC;IAC1B,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,YAAY,CAAC,QAAqC;IACzD,IAAI,QAAQ,KAAK,IAAI;QAAE,OAAO,CAAC,CAAC;IAChC,IAAI,QAAQ,KAAK,IAAI;QAAE,OAAO,CAAC,CAAC;IAChC,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,MAAM,CAAC,MAAgB;IAC9B,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;AAC9B,CAAC;AAED,SAAS,OAAO,CAAC,KAAa,EAAE,SAAiB;IAC/C,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IAClD,IAAI,OAAO,CAAC,MAAM,IAAI,SAAS;QAAE,OAAO,OAAO,CAAC;IAChD,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,GAAG,CAAC,CAAC,CAAC,OAAO,EAAE,KAAK,CAAC;AAC3D,CAAC"}
package/dist/core/workplanSuggestedActions.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import type { PreflightSuggestedAction, WorkplanTask } from '../types.js';
2
+ export declare function buildWorkplanSuggestedActions(preflightActions: PreflightSuggestedAction[], tasks: WorkplanTask[]): PreflightSuggestedAction[];
package/dist/core/workplanSuggestedActions.js ADDED
@@ -0,0 +1,43 @@
1
+ import { escapeDoubleQuoted } from './startShellArgs.js';
2
+ export function buildWorkplanSuggestedActions(preflightActions, tasks) {
3
+ return dedupeActions([
4
+ ...preflightActions,
5
+ ...tasks.flatMap((task) => taskToSuggestedActions(task)),
6
+ ]);
7
+ }
8
+ function taskToSuggestedActions(task) {
9
+ return task.suggestedTools.slice(0, 3).flatMap((tool) => {
10
+ const command = commandForSuggestedTool(tool, task);
11
+ if (!command)
12
+ return [];
13
+ return [
14
+ {
15
+ label: `Use ${tool} for ${task.title}`,
16
+ tool: tool.startsWith('projscan_') ? tool : undefined,
17
+ command,
18
+ },
19
+ ];
20
+ });
21
+ }
22
+ function commandForSuggestedTool(tool, task) {
23
+ if (!tool.startsWith('projscan_'))
24
+ return task.verification.commands[0];
25
+ if (tool === 'projscan_file' && task.files[0]) {
26
+ return `projscan file "${escapeDoubleQuoted(task.files[0])}" --format json`;
27
+ }
28
+ const prefix = `projscan ${tool.slice('projscan_'.length).replace(/_/g, '-')}`;
29
+ return task.verification.commands.find((command) => command.startsWith(prefix));
30
+ }
31
+ function dedupeActions(actions) {
32
+ const seen = new Set();
33
+ const out = [];
34
+ for (const action of actions) {
35
+ const key = `${action.label}:${action.command ?? ''}:${action.tool ?? ''}`;
36
+ if (seen.has(key))
37
+ continue;
38
+ seen.add(key);
39
+ out.push(action);
40
+ }
41
+ return out.slice(0, 12);
42
+ }
43
+ //# sourceMappingURL=workplanSuggestedActions.js.map
package/dist/core/workplanSuggestedActions.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"workplanSuggestedActions.js","sourceRoot":"","sources":["../../src/core/workplanSuggestedActions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAGzD,MAAM,UAAU,6BAA6B,CAC3C,gBAA4C,EAC5C,KAAqB;IAErB,OAAO,aAAa,CAAC;QACnB,GAAG,gBAAgB;QACnB,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;KACzD,CAAC,CAAC;AACL,CAAC;AAED,SAAS,sBAAsB,CAAC,IAAkB;IAChD,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;QACtD,MAAM,OAAO,GAAG,uBAAuB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACpD,IAAI,CAAC,OAAO;YAAE,OAAO,EAAE,CAAC;QACxB,OAAO;YACL;gBACE,KAAK,EAAE,OAAO,IAAI,QAAQ,IAAI,CAAC,KAAK,EAAE;gBACtC,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;gBACrD,OAAO;aACR;SACF,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,uBAAuB,CAAC,IAAY,EAAE,IAAkB;IAC/D,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC;QAAE,OAAO,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IACxE,IAAI,IAAI,KAAK,eAAe,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;QAC9C,OAAO,kBAAkB,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,iBAAiB,CAAC;IAC9E,CAAC;IACD,MAAM,MAAM,GAAG,YAAY,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,EAAE,CAAC;IAC/E,OAAO,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;AAClF,CAAC;AAED,SAAS,aAAa,CAAC,OAAmC;IACxD,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,GAAG,GAA+B,EAAE,CAAC;IAC3C,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,MAAM,GAAG,GAAG,GAAG,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,OAAO,IAAI,EAAE,IAAI,MAAM,CAAC,IAAI,IAAI,EAAE,EAAE,CAAC;QAC3E,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,SAAS;QAC5B,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACd,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACnB,CAAC;IACD,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AAC1B,CAAC"}
package/dist/mcp/tools/prove.js CHANGED
@@ -1,7 +1,8 @@
1
1
  import { computeProve } from '../../core/prove.js';
2
+ import { loadConfig } from '../../utils/config.js';
2
3
  export const proveTool = {
3
4
  name: 'projscan_prove',
4
- description: 'Create, record, or replay a local Proof Contract for a change. Returns allowed files, forbidden files, proof commands, ledger evidence, scope drift, and a reviewer-ready Proof Receipt.',
5
+ description: 'Create, record, or replay a local Proof Contract for a change. Returns allowed files, forbidden files, proof commands, ledger evidence, scope drift, a reviewer-ready Proof Receipt, and verifiedWorkflow status for agent handoff.',
5
6
  inputSchema: {
6
7
  type: 'object',
7
8
  properties: {
@@ -63,23 +64,28 @@ export const proveTool = {
63
64
  },
64
65
  },
65
66
  },
66
- handler: async (args, rootPath) => ({
67
- prove: await computeProve(rootPath, {
68
- intent: stringArg(args.intent),
69
- changed: args.changed === true,
70
- contractPath: stringArg(args.contract_path),
71
- saveContractPath: stringArg(args.save_contract_path),
72
- maxFiles: finiteNumberArg(args.max_files),
73
- feedbackPath: stringArg(args.feedback_path),
74
- baseRef: stringArg(args.base_ref),
75
- ledgerPath: stringArg(args.ledger_path),
76
- recordCommand: stringArg(args.record_command),
77
- exitCode: integerArg(args.exit_code),
78
- durationMs: finiteNumberArg(args.duration_ms),
79
- summary: stringArg(args.summary),
80
- logPath: stringArg(args.log_path),
81
- }),
82
- }),
67
+ handler: async (args, rootPath) => {
68
+ const { config } = await loadConfig(rootPath);
69
+ const changed = args.changed === true;
70
+ return {
71
+ prove: await computeProve(rootPath, {
72
+ intent: stringArg(args.intent),
73
+ changed,
74
+ contractPath: stringArg(args.contract_path),
75
+ saveContractPath: stringArg(args.save_contract_path),
76
+ maxFiles: finiteNumberArg(args.max_files),
77
+ feedbackPath: stringArg(args.feedback_path),
78
+ baseRef: stringArg(args.base_ref),
79
+ ledgerPath: stringArg(args.ledger_path),
80
+ recordCommand: stringArg(args.record_command),
81
+ exitCode: integerArg(args.exit_code),
82
+ durationMs: finiteNumberArg(args.duration_ms),
83
+ summary: stringArg(args.summary),
84
+ logPath: stringArg(args.log_path),
85
+ proofRecipes: changed ? undefined : config.proofRecipes,
86
+ }),
87
+ };
88
+ },
83
89
  };
84
90
  function stringArg(value) {
85
91
  return typeof value === 'string' ? value : undefined;
package/dist/mcp/tools/prove.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"prove.js","sourceRoot":"","sources":["../../../src/mcp/tools/prove.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAGnD,MAAM,CAAC,MAAM,SAAS,GAAY;IAChC,IAAI,EAAE,gBAAgB;IACtB,WAAW,EACT,0LAA0L;IAC5L,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ;QACd,UAAU,EAAE;YACV,MAAM,EAAE;gBACN,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,2DAA2D;aACzE;YACD,OAAO,EAAE;gBACP,IAAI,EAAE,SAAS;gBACf,WAAW,EAAE,6DAA6D;aAC3E;YACD,aAAa,EAAE;gBACb,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,iEAAiE;aAC/E;YACD,kBAAkB,EAAE;gBAClB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,2EAA2E;aACzF;YACD,SAAS,EAAE;gBACT,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,+DAA+D;aAC7E;YACD,aAAa,EAAE;gBACb,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,iEAAiE;aAC/E;YACD,QAAQ,EAAE;gBACR,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,mDAAmD;aACjE;YACD,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,yCAAyC;aACvD;YACD,cAAc,EAAE;gBACd,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,yDAAyD;aACvE;YACD,SAAS,EAAE;gBACT,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,+BAA+B;aAC7C;YACD,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,8CAA8C;aAC5D;YACD,OAAO,EAAE;gBACP,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,wDAAwD;aACtE;YACD,QAAQ,EAAE;gBACR,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,sDAAsD;aACpE;YACD,UAAU,EAAE;gBACV,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,+CAA+C;aAC7D;SACF;KACF;IACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAC;QAClC,KAAK,EAAE,MAAM,YAAY,CAAC,QAAQ,EAAE;YAClC,MAAM,EAAE,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC;YAC9B,OAAO,EAAE,IAAI,CAAC,OAAO,KAAK,IAAI;YAC9B,YAAY,EAAE,SAAS,CAAC,IAAI,CAAC,aAAa,CAAC;YAC3C,gBAAgB,EAAE,SAAS,CAAC,IAAI,CAAC,kBAAkB,CAAC;YACpD,QAAQ,EAAE,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC;YACzC,YAAY,EAAE,SAAS,CAAC,IAAI,CAAC,aAAa,CAAC;YAC3C,OAAO,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC;YACjC,UAAU,EAAE,SAAS,CAAC,IAAI,CAAC,WAAW,CAAC;YACvC,aAAa,EAAE,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC;YAC7C,QAAQ,EAAE,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC;YACpC,UAAU,EAAE,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC;YAC7C,OAAO,EAAE,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC;YAChC,OAAO,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC;SAClC,CAAC;KACH,CAAC;CACH,CAAC;AAEF,SAAS,SAAS,CAAC,KAAc;IAC/B,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AACvD,CAAC;AAED,SAAS,eAAe,CAAC,KAAc;IACrC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AACjF,CAAC;AAED,SAAS,UAAU,CAAC,KAAc;IAChC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AAClF,CAAC"}
1
+ {"version":3,"file":"prove.js","sourceRoot":"","sources":["../../../src/mcp/tools/prove.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAGnD,MAAM,CAAC,MAAM,SAAS,GAAY;IAChC,IAAI,EAAE,gBAAgB;IACtB,WAAW,EACT,qOAAqO;IACvO,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ;QACd,UAAU,EAAE;YACV,MAAM,EAAE;gBACN,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,2DAA2D;aACzE;YACD,OAAO,EAAE;gBACP,IAAI,EAAE,SAAS;gBACf,WAAW,EAAE,6DAA6D;aAC3E;YACD,aAAa,EAAE;gBACb,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,iEAAiE;aAC/E;YACD,kBAAkB,EAAE;gBAClB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,2EAA2E;aACzF;YACD,SAAS,EAAE;gBACT,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,+DAA+D;aAC7E;YACD,aAAa,EAAE;gBACb,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,iEAAiE;aAC/E;YACD,QAAQ,EAAE;gBACR,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,mDAAmD;aACjE;YACD,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,yCAAyC;aACvD;YACD,cAAc,EAAE;gBACd,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,yDAAyD;aACvE;YACD,SAAS,EAAE;gBACT,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,+BAA+B;aAC7C;YACD,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,8CAA8C;aAC5D;YACD,OAAO,EAAE;gBACP,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,wDAAwD;aACtE;YACD,QAAQ,EAAE;gBACR,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,sDAAsD;aACpE;YACD,UAAU,EAAE;gBACV,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,+CAA+C;aAC7D;SACF;KACF;IACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;QAChC,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC9C,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,KAAK,IAAI,CAAC;QACtC,OAAO;YACL,KAAK,EAAE,MAAM,YAAY,CAAC,QAAQ,EAAE;gBAClC,MAAM,EAAE,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC;gBAC9B,OAAO;gBACP,YAAY,EAAE,SAAS,CAAC,IAAI,CAAC,aAAa,CAAC;gBAC3C,gBAAgB,EAAE,SAAS,CAAC,IAAI,CAAC,kBAAkB,CAAC;gBACpD,QAAQ,EAAE,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC;gBACzC,YAAY,EAAE,SAAS,CAAC,IAAI,CAAC,aAAa,CAAC;gBAC3C,OAAO,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC;gBACjC,UAAU,EAAE,SAAS,CAAC,IAAI,CAAC,WAAW,CAAC;gBACvC,aAAa,EAAE,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC;gBAC7C,QAAQ,EAAE,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC;gBACpC,UAAU,EAAE,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC;gBAC7C,OAAO,EAAE,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC;gBAChC,OAAO,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC;gBACjC,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,YAAY;aACxD,CAAC;SACH,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,SAAS,SAAS,CAAC,KAAc;IAC/B,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AACvD,CAAC;AAED,SAAS,eAAe,CAAC,KAAc;IACrC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AACjF,CAAC;AAED,SAAS,UAAU,CAAC,KAAc;IAChC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AAClF,CAAC"}
package/dist/projscan-sbom.cdx.json CHANGED
@@ -1,23 +1,23 @@
1
1
  {
2
2
  "bomFormat": "CycloneDX",
3
3
  "specVersion": "1.5",
4
- "serialNumber": "urn:uuid:0d1f3873-6042-4d25-8c38-1a7246808289",
4
+ "serialNumber": "urn:uuid:72d058b0-5373-4f94-91ab-a48d32e9bac5",
5
5
  "version": 1,
6
6
  "metadata": {
7
- "timestamp": "2026-06-24T06:50:33.122Z",
7
+ "timestamp": "2026-06-25T09:44:00.014Z",
8
8
  "tools": [
9
9
  {
10
10
  "vendor": "projscan",
11
11
  "name": "projscan-sbom-generator",
12
- "version": "4.13.0"
12
+ "version": "4.15.0"
13
13
  }
14
14
  ],
15
15
  "component": {
16
16
  "type": "application",
17
- "bom-ref": "pkg:npm/projscan@4.13.0",
17
+ "bom-ref": "pkg:npm/projscan@4.15.0",
18
18
  "name": "projscan",
19
- "version": "4.13.0",
20
- "purl": "pkg:npm/projscan@4.13.0"
19
+ "version": "4.15.0",
20
+ "purl": "pkg:npm/projscan@4.15.0"
21
21
  }
22
22
  },
23
23
  "components": [
package/dist/tool-manifest.json CHANGED
@@ -1,8 +1,8 @@
1
1
  {
2
2
  "name": "projscan",
3
- "version": "4.13.0",
3
+ "version": "4.15.0",
4
4
  "mcpProtocolVersion": null,
5
- "generatedAt": "2026-06-24T06:50:39.589Z",
5
+ "generatedAt": "2026-06-25T09:44:07.310Z",
6
6
  "toolCount": 48,
7
7
  "tools": [
8
8
  {
@@ -1056,7 +1056,7 @@
1056
1056
  },
1057
1057
  {
1058
1058
  "name": "projscan_prove",
1059
- "description": "Create, record, or replay a local Proof Contract for a change. Returns allowed files, forbidden files, proof commands, ledger evidence, scope drift, and a reviewer-ready Proof Receipt.",
1059
+ "description": "Create, record, or replay a local Proof Contract for a change. Returns allowed files, forbidden files, proof commands, ledger evidence, scope drift, a reviewer-ready Proof Receipt, and verifiedWorkflow status for agent handoff.",
1060
1060
  "inputSchema": {
1061
1061
  "type": "object",
1062
1062
  "properties": {
package/dist/types/config.d.ts CHANGED
@@ -25,6 +25,12 @@ export interface ProjscanConfig {
25
25
  * direct CLI flags for a single run.
26
26
  */
27
27
  reportPolicies?: Record<string, ReportPolicyPreset>;
28
+ /**
29
+ * Optional team-specific proof rules for `projscan prove`. Recipes add
30
+ * required commands, reviewers, and forbidden drift when a matched file is
31
+ * part of a Proof Contract or Proof Receipt.
32
+ */
33
+ proofRecipes?: ProofRecipeConfig[];
28
34
  /**
29
35
  * Monorepo-specific configuration (0.14.0+). Currently scopes the
30
36
  * cross-package import policy: each entry says "package P may only import
@@ -56,6 +62,15 @@ export interface ReportPolicyPreset {
56
62
  reportScope?: string[];
57
63
  redactPaths?: boolean;
58
64
  }
65
+ export interface ProofRecipeConfig {
66
+ id: string;
67
+ matches: string[];
68
+ requiredCommands: string[];
69
+ requiredReviewers?: string[];
70
+ forbiddenFiles?: string[];
71
+ riskSurface?: string;
72
+ reason?: string;
73
+ }
59
74
  /**
60
75
  * One cross-package import rule. `from` is the package name (matches
61
76
  * WorkspacePackage.name). Exactly one of `allow` / `deny` is required. Both
package/dist/types/evidencePack.d.ts CHANGED
@@ -57,9 +57,30 @@ export interface EvidencePackProofReceiptSummary {
57
57
  reviewerDecision: string;
58
58
  scopeStatus?: string;
59
59
  riskDeltaDirection?: string;
60
+ proofSufficiencyStatus?: string;
61
+ proofReplayStatus?: string;
62
+ changedAfterProof: string[];
63
+ receiptFingerprint?: string;
64
+ weakRequirements: string[];
65
+ missingRequirements: string[];
66
+ staleRequirements: string[];
67
+ failedRequirements: string[];
60
68
  missingCommands: string[];
61
69
  failedCommands: string[];
62
70
  staleCommands: string[];
71
+ teamProofRecipes?: string[];
72
+ requiredReviewers?: string[];
73
+ recipeGaps?: string[];
74
+ recipeDrift?: string[];
75
+ proofEvidenceSources?: EvidencePackProofEvidenceSources;
76
+ }
77
+ export interface EvidencePackProofEvidenceSources {
78
+ total: number;
79
+ executed: number;
80
+ recorded: number;
81
+ mission: number;
82
+ external: number;
83
+ unknown: number;
63
84
  }
64
85
  export interface EvidencePackPrCommentValidationCheck {
65
86
  id: string;
package/dist/types/proofLedger.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- export type ProofLedgerSource = 'prove-record' | 'mission' | 'external';
1
+ export type ProofLedgerSource = 'prove-record' | 'prove-run' | 'mission' | 'external';
2
2
  export type ProofLedgerStatus = 'passed' | 'failed';
3
3
  export interface ProofLedgerRecord {
4
4
  schemaVersion: 1;
package/dist/types/prove.d.ts CHANGED
@@ -1,18 +1,38 @@
1
1
  import type { AssessConfidence, AssessEvidenceStrengthLevel, RiskDeltaSnapshot } from './assess.js';
2
+ import type { ProofRecipeConfig } from './config.js';
2
3
  import type { ProofLedgerRecord } from './proofLedger.js';
3
- export type ProveMode = 'intent' | 'changed' | 'record';
4
+ export type ProveMode = 'intent' | 'changed' | 'record' | 'run';
4
5
  export type ProveVerdict = 'ready' | 'needs-review' | 'blocked';
5
6
  export type ProveScopeStatus = 'within-contract' | 'drifted' | 'missing-contract';
6
7
  export type ProveProofStatus = 'not-run' | 'missing' | 'partial' | 'passed' | 'failed' | 'stale';
7
8
  export type ProveRiskDeltaDirection = 'improved' | 'worse' | 'flat';
8
9
  export type ProveReviewerDecision = 'safe-to-review' | 'needs-focused-review' | 'stop';
9
10
  export type ProveProofCommandStatus = 'passed' | 'failed' | 'missing' | 'stale';
11
+ export type ProveProofReplayStatus = 'verified' | 'needs-proof' | 'stale' | 'failed' | 'drifted';
12
+ export type ProveProofReplayEventKind = 'contract' | 'change-set' | 'proof-command' | 'proof-sufficiency' | 'receipt';
13
+ export type ProveProofReplayEventStatus = 'passed' | 'missing' | 'missing-contract' | 'stale' | 'failed' | 'drifted' | 'strong' | 'adequate' | 'weak' | ProveProofReplayStatus;
14
+ export type ProveRiskSurface = 'production' | 'test' | 'documentation' | 'config' | 'security' | 'public-api' | 'cli' | 'mcp' | 'dependency' | 'generated' | 'custom' | 'unknown';
15
+ export type ProveProofSufficiencyStatus = 'strong' | 'adequate' | 'weak' | 'missing' | 'stale' | 'failed';
10
16
  export type ProveChangedFileKind = 'allowed-production' | 'expected-test' | 'documentation' | 'config' | 'security-sensitive' | 'generated' | 'forbidden' | 'unexpected-production' | 'unexpected-test' | 'unknown';
11
17
  export interface ProveTrustMemorySummary {
12
18
  status: string;
13
19
  summary: string;
14
20
  signals: string[];
15
21
  }
22
+ export interface ProveVerifiedWorkflow {
23
+ phase: 'contract' | 'receipt' | 'record';
24
+ status: ProveVerdict;
25
+ nextAction: string;
26
+ nextCommand: string;
27
+ reviewerDecision?: ProveReviewerDecision;
28
+ scopeStatus?: ProveScopeStatus;
29
+ proofStatus?: ProveProofStatus;
30
+ riskDeltaDirection?: ProveRiskDeltaDirection;
31
+ staleProof: boolean;
32
+ missingProof: boolean;
33
+ failedProof: boolean;
34
+ proofSufficiencyStatus?: ProveProofSufficiencyStatus;
35
+ }
16
36
  export interface ProveChangedFileClassification {
17
37
  file: string;
18
38
  kind: ProveChangedFileKind;
@@ -29,6 +49,8 @@ export interface ProveContract {
29
49
  likelyTests: string[];
30
50
  missingRegressionTests: string[];
31
51
  proofCommands: string[];
52
+ proofRequirements?: ProveProofRequirement[];
53
+ teamProofRecipes?: ProveMatchedProofRecipe[];
32
54
  safeChangeShape: string;
33
55
  rollbackPlan: string;
34
56
  confidence: AssessConfidence;
@@ -43,6 +65,25 @@ export interface ProveContract {
43
65
  reviewerGuidance: string;
44
66
  receiptCommand: string;
45
67
  riskDelta: RiskDeltaSnapshot;
68
+ verifiedWorkflow: ProveVerifiedWorkflow;
69
+ }
70
+ export interface ProveProofRequirement {
71
+ id: string;
72
+ surface: ProveRiskSurface;
73
+ files: string[];
74
+ requiredCommands: string[];
75
+ requiredReview: string;
76
+ reason: string;
77
+ source?: 'inferred' | 'recipe';
78
+ recipeId?: string;
79
+ requiredReviewers?: string[];
80
+ }
81
+ export interface ProveMatchedProofRecipe extends ProofRecipeConfig {
82
+ matchedFiles: string[];
83
+ forbiddenTouched?: string[];
84
+ missingCommands?: string[];
85
+ failedCommands?: string[];
86
+ staleCommands?: string[];
46
87
  }
47
88
  export interface ProveReceiptScope {
48
89
  status: ProveScopeStatus;
@@ -74,24 +115,77 @@ export interface ProveProofCommandEvidence {
74
115
  command: string;
75
116
  status: ProveProofCommandStatus;
76
117
  fresh: boolean;
118
+ source?: ProofLedgerRecord['source'];
77
119
  exitCode?: number;
78
120
  durationMs?: number;
79
121
  completedAt?: string;
122
+ recordedChangedFiles?: string[];
123
+ recordedChangedFileFingerprint?: string;
80
124
  outputSummary?: string;
81
125
  logPath?: string;
82
126
  staleReason?: string;
83
127
  }
128
+ export interface ProveProofReplay {
129
+ status: ProveProofReplayStatus;
130
+ summary: string;
131
+ events: ProveProofReplayEvent[];
132
+ changedAfterProof: string[];
133
+ replayCommand: string;
134
+ receiptFingerprint: string;
135
+ }
136
+ export interface ProveProofReplayEvent {
137
+ kind: ProveProofReplayEventKind;
138
+ status: ProveProofReplayEventStatus;
139
+ summary: string;
140
+ command?: string;
141
+ completedAt?: string;
142
+ changedFiles?: string[];
143
+ changedAfterProof?: string[];
144
+ source?: ProofLedgerRecord['source'];
145
+ }
84
146
  export interface ProveReceipt {
85
147
  summary: string;
86
148
  commitReadiness: ProveVerdict;
87
149
  scope: ProveReceiptScope;
88
150
  proofStatus: ProveReceiptProofStatus;
151
+ proofSufficiency?: ProveProofSufficiency;
152
+ proofReplay?: ProveProofReplay;
153
+ teamProofRecipes?: ProveMatchedProofRecipe[];
154
+ requiredReviewers?: string[];
155
+ recipeForbiddenTouched?: string[];
156
+ recipeDrift?: string[];
157
+ recipeGaps?: string[];
89
158
  riskDelta: RiskDeltaSnapshot;
90
159
  riskDeltaDirection: ProveRiskDeltaDirection;
91
160
  reviewerDecision: ProveReviewerDecision;
92
161
  newRisks: string[];
93
162
  evidenceGaps: string[];
94
163
  reviewerGuidance: string;
164
+ verifiedWorkflow: ProveVerifiedWorkflow;
165
+ }
166
+ export interface ProveProofSufficiency {
167
+ status: ProveProofSufficiencyStatus;
168
+ summary: string;
169
+ requirements: ProveProofRequirementResult[];
170
+ gaps: string[];
171
+ weakRequirements: string[];
172
+ missingRequirements: string[];
173
+ staleRequirements: string[];
174
+ failedRequirements: string[];
175
+ }
176
+ export interface ProveProofRequirementResult {
177
+ id: string;
178
+ surface: ProveRiskSurface;
179
+ status: ProveProofSufficiencyStatus;
180
+ files: string[];
181
+ requiredCommands: string[];
182
+ matchedCommands: string[];
183
+ requiredReview: string;
184
+ reason: string;
185
+ gaps: string[];
186
+ source?: 'inferred' | 'recipe';
187
+ recipeId?: string;
188
+ requiredReviewers?: string[];
95
189
  }
96
190
  export interface ProveReport {
97
191
  schemaVersion: 1;
@@ -102,6 +196,7 @@ export interface ProveReport {
102
196
  receipt?: ProveReceipt;
103
197
  commands: string[];
104
198
  warnings: string[];
199
+ verifiedWorkflow: ProveVerifiedWorkflow;
105
200
  savedContractPath?: string;
106
201
  ledgerRecord?: ProofLedgerRecord;
107
202
  }