projscan 4.14.0 → 4.15.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +71 -21
- package/dist/cli/commands/evidencePack.js +2 -0
- package/dist/cli/commands/evidencePack.js.map +1 -1
- package/dist/cli/commands/prove.js +172 -23
- package/dist/cli/commands/prove.js.map +1 -1
- package/dist/cli/commands/startConsole.d.ts +2 -2
- package/dist/cli/commands/startConsole.js +2 -260
- package/dist/cli/commands/startConsole.js.map +1 -1
- package/dist/cli/commands/startConsoleExecution.d.ts +5 -0
- package/dist/cli/commands/startConsoleExecution.js +108 -0
- package/dist/cli/commands/startConsoleExecution.js.map +1 -0
- package/dist/cli/commands/startConsoleMission.d.ts +6 -0
- package/dist/cli/commands/startConsoleMission.js +157 -0
- package/dist/cli/commands/startConsoleMission.js.map +1 -0
- package/dist/cli/commands/startMissionBundle.js +24 -27
- package/dist/cli/commands/startMissionBundle.js.map +1 -1
- package/dist/core/adoption.d.ts +8 -81
- package/dist/core/adoption.js +4 -549
- package/dist/core/adoption.js.map +1 -1
- package/dist/core/adoptionFirstRunDiagnostics.d.ts +20 -0
- package/dist/core/adoptionFirstRunDiagnostics.js +240 -0
- package/dist/core/adoptionFirstRunDiagnostics.js.map +1 -0
- package/dist/core/adoptionMcpConfig.d.ts +27 -0
- package/dist/core/adoptionMcpConfig.js +123 -0
- package/dist/core/adoptionMcpConfig.js.map +1 -0
- package/dist/core/adoptionMcpDoctor.d.ts +23 -0
- package/dist/core/adoptionMcpDoctor.js +87 -0
- package/dist/core/adoptionMcpDoctor.js.map +1 -0
- package/dist/core/adoptionWorkflowRecipes.d.ts +14 -0
- package/dist/core/adoptionWorkflowRecipes.js +110 -0
- package/dist/core/adoptionWorkflowRecipes.js.map +1 -0
- package/dist/core/bugHunt.js +26 -255
- package/dist/core/bugHunt.js.map +1 -1
- package/dist/core/bugHuntPreflightFindings.d.ts +2 -1
- package/dist/core/bugHuntPreflightFindings.js +20 -0
- package/dist/core/bugHuntPreflightFindings.js.map +1 -1
- package/dist/core/bugHuntReportAssembly.d.ts +20 -0
- package/dist/core/bugHuntReportAssembly.js +179 -0
- package/dist/core/bugHuntReportAssembly.js.map +1 -0
- package/dist/core/bugHuntSourceFindings.d.ts +3 -0
- package/dist/core/bugHuntSourceFindings.js +61 -0
- package/dist/core/bugHuntSourceFindings.js.map +1 -0
- package/dist/core/dogfood.js +4 -393
- package/dist/core/dogfood.js.map +1 -1
- package/dist/core/dogfoodMarketValidation.d.ts +5 -0
- package/dist/core/dogfoodMarketValidation.js +265 -0
- package/dist/core/dogfoodMarketValidation.js.map +1 -0
- package/dist/core/dogfoodRepoEvaluation.d.ts +4 -0
- package/dist/core/dogfoodRepoEvaluation.js +137 -0
- package/dist/core/dogfoodRepoEvaluation.js.map +1 -0
- package/dist/core/evidenceComment.js +50 -13
- package/dist/core/evidenceComment.js.map +1 -1
- package/dist/core/feedback.js +2 -252
- package/dist/core/feedback.js.map +1 -1
- package/dist/core/feedbackIntakeClassifier.d.ts +2 -0
- package/dist/core/feedbackIntakeClassifier.js +255 -0
- package/dist/core/feedbackIntakeClassifier.js.map +1 -0
- package/dist/core/intentRouterKeywordToolGuards.js +1 -55
- package/dist/core/intentRouterKeywordToolGuards.js.map +1 -1
- package/dist/core/intentRouterKeywordWeights.js +13 -28
- package/dist/core/intentRouterKeywordWeights.js.map +1 -1
- package/dist/core/intentRouterProductGuardSignals.d.ts +3 -0
- package/dist/core/intentRouterProductGuardSignals.js +59 -0
- package/dist/core/intentRouterProductGuardSignals.js.map +1 -0
- package/dist/core/markdownSafety.d.ts +3 -0
- package/dist/core/markdownSafety.js +14 -0
- package/dist/core/markdownSafety.js.map +1 -0
- package/dist/core/preflight.d.ts +2 -0
- package/dist/core/preflight.js.map +1 -1
- package/dist/core/preflightChangedFiles.d.ts +2 -0
- package/dist/core/preflightChangedFiles.js +1 -1
- package/dist/core/preflightChangedFiles.js.map +1 -1
- package/dist/core/preflightInputs.d.ts +2 -0
- package/dist/core/preflightInputs.js +5 -2
- package/dist/core/preflightInputs.js.map +1 -1
- package/dist/core/proofLedger.d.ts +5 -1
- package/dist/core/proofLedger.js +161 -12
- package/dist/core/proofLedger.js.map +1 -1
- package/dist/core/proofReplay.d.ts +9 -0
- package/dist/core/proofReplay.js +164 -0
- package/dist/core/proofReplay.js.map +1 -0
- package/dist/core/proofSufficiency.d.ts +19 -0
- package/dist/core/proofSufficiency.js +425 -0
- package/dist/core/proofSufficiency.js.map +1 -0
- package/dist/core/prove.d.ts +6 -0
- package/dist/core/prove.js +277 -87
- package/dist/core/prove.js.map +1 -1
- package/dist/core/qualityScorecard.js +8 -238
- package/dist/core/qualityScorecard.js.map +1 -1
- package/dist/core/qualityScorecardDimensions.d.ts +14 -0
- package/dist/core/qualityScorecardDimensions.js +99 -0
- package/dist/core/qualityScorecardDimensions.js.map +1 -0
- package/dist/core/qualityScorecardRisks.d.ts +8 -0
- package/dist/core/qualityScorecardRisks.js +107 -0
- package/dist/core/qualityScorecardRisks.js.map +1 -0
- package/dist/core/qualityScorecardSignals.d.ts +20 -0
- package/dist/core/qualityScorecardSignals.js +59 -0
- package/dist/core/qualityScorecardSignals.js.map +1 -0
- package/dist/core/releaseEvidence.d.ts +1 -0
- package/dist/core/releaseEvidence.js +15 -40
- package/dist/core/releaseEvidence.js.map +1 -1
- package/dist/core/releaseEvidenceBaseline.js +4 -1
- package/dist/core/releaseEvidenceBaseline.js.map +1 -1
- package/dist/core/releaseEvidenceProofReceipt.d.ts +6 -0
- package/dist/core/releaseEvidenceProofReceipt.js +140 -0
- package/dist/core/releaseEvidenceProofReceipt.js.map +1 -0
- package/dist/core/releaseEvidenceVerdict.d.ts +5 -2
- package/dist/core/releaseEvidenceVerdict.js +39 -1
- package/dist/core/releaseEvidenceVerdict.js.map +1 -1
- package/dist/core/repositoryScanner.d.ts +1 -0
- package/dist/core/repositoryScanner.js +5 -4
- package/dist/core/repositoryScanner.js.map +1 -1
- package/dist/core/sessionResources.d.ts +14 -2
- package/dist/core/sessionResources.js +3 -3
- package/dist/core/sessionResources.js.map +1 -1
- package/dist/core/startInputs.d.ts +1 -1
- package/dist/core/startIntentTargets.d.ts +1 -1
- package/dist/core/startIntentTargets.js +1 -16
- package/dist/core/startIntentTargets.js.map +1 -1
- package/dist/core/startMissionInputStatusPolicy.d.ts +7 -0
- package/dist/core/startMissionInputStatusPolicy.js +74 -0
- package/dist/core/startMissionInputStatusPolicy.js.map +1 -0
- package/dist/core/startMissionPolicy.d.ts +6 -15
- package/dist/core/startMissionPolicy.js +4 -305
- package/dist/core/startMissionPolicy.js.map +1 -1
- package/dist/core/startMissionProofPolicy.d.ts +6 -0
- package/dist/core/startMissionProofPolicy.js +84 -0
- package/dist/core/startMissionProofPolicy.js.map +1 -0
- package/dist/core/startMissionRiskPolicy.d.ts +4 -0
- package/dist/core/startMissionRiskPolicy.js +85 -0
- package/dist/core/startMissionRiskPolicy.js.map +1 -0
- package/dist/core/startMissionRoutingPolicy.d.ts +6 -0
- package/dist/core/startMissionRoutingPolicy.js +67 -0
- package/dist/core/startMissionRoutingPolicy.js.map +1 -0
- package/dist/core/startMode.d.ts +1 -2
- package/dist/core/startMode.js +4 -151
- package/dist/core/startMode.js.map +1 -1
- package/dist/core/startModeIntentPolicy.d.ts +12 -0
- package/dist/core/startModeIntentPolicy.js +41 -0
- package/dist/core/startModeIntentPolicy.js.map +1 -0
- package/dist/core/startModeRoutingPolicy.d.ts +4 -0
- package/dist/core/startModeRoutingPolicy.js +117 -0
- package/dist/core/startModeRoutingPolicy.js.map +1 -0
- package/dist/core/startSearchQueryTargets.d.ts +1 -0
- package/dist/core/startSearchQueryTargets.js +17 -0
- package/dist/core/startSearchQueryTargets.js.map +1 -0
- package/dist/core/workplan.d.ts +3 -2
- package/dist/core/workplan.js +11 -585
- package/dist/core/workplan.js.map +1 -1
- package/dist/core/workplanCoordinationTasks.d.ts +3 -0
- package/dist/core/workplanCoordinationTasks.js +82 -0
- package/dist/core/workplanCoordinationTasks.js.map +1 -0
- package/dist/core/workplanModeTasks.d.ts +2 -0
- package/dist/core/workplanModeTasks.js +192 -0
- package/dist/core/workplanModeTasks.js.map +1 -0
- package/dist/core/workplanPreflightTasks.d.ts +2 -0
- package/dist/core/workplanPreflightTasks.js +126 -0
- package/dist/core/workplanPreflightTasks.js.map +1 -0
- package/dist/core/workplanQualitySignals.d.ts +7 -0
- package/dist/core/workplanQualitySignals.js +63 -0
- package/dist/core/workplanQualitySignals.js.map +1 -0
- package/dist/core/workplanReport.d.ts +4 -0
- package/dist/core/workplanReport.js +79 -0
- package/dist/core/workplanReport.js.map +1 -0
- package/dist/core/workplanRiskOwnership.d.ts +5 -0
- package/dist/core/workplanRiskOwnership.js +97 -0
- package/dist/core/workplanRiskOwnership.js.map +1 -0
- package/dist/core/workplanSuggestedActions.d.ts +2 -0
- package/dist/core/workplanSuggestedActions.js +43 -0
- package/dist/core/workplanSuggestedActions.js.map +1 -0
- package/dist/mcp/tools/prove.js +23 -17
- package/dist/mcp/tools/prove.js.map +1 -1
- package/dist/projscan-sbom.cdx.json +6 -6
- package/dist/tool-manifest.json +2 -2
- package/dist/types/config.d.ts +15 -0
- package/dist/types/evidencePack.d.ts +21 -0
- package/dist/types/prove.d.ts +79 -0
- package/dist/utils/changedFiles.js +57 -16
- package/dist/utils/changedFiles.js.map +1 -1
- package/dist/utils/config.js +2 -0
- package/dist/utils/config.js.map +1 -1
- package/dist/utils/configProofRecipes.d.ts +2 -0
- package/dist/utils/configProofRecipes.js +91 -0
- package/dist/utils/configProofRecipes.js.map +1 -0
- package/docs/GUIDE.md +120 -19
- package/package.json +1 -1
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
export function buildWorkplanHandoffPayload(report) {
|
|
2
|
+
const next = report.tasks.slice(0, 5).map((task) => task.handoffText);
|
|
3
|
+
const verificationCommands = unique(report.tasks.flatMap((task) => task.verification.commands)).slice(0, 12);
|
|
4
|
+
return {
|
|
5
|
+
summary: report.summary,
|
|
6
|
+
verdict: report.verdict,
|
|
7
|
+
mode: report.mode,
|
|
8
|
+
next,
|
|
9
|
+
verificationCommands,
|
|
10
|
+
coordination: report.coordination,
|
|
11
|
+
markdown: renderWorkplanHandoffMarkdown(report, next, verificationCommands),
|
|
12
|
+
};
|
|
13
|
+
}
|
|
14
|
+
function renderWorkplanHandoffMarkdown(report, next, verificationCommands) {
|
|
15
|
+
const lines = [
|
|
16
|
+
'# Agent Handoff',
|
|
17
|
+
'',
|
|
18
|
+
`**Mode:** ${report.mode}`,
|
|
19
|
+
`**Verdict:** ${report.verdict}`,
|
|
20
|
+
'',
|
|
21
|
+
report.summary,
|
|
22
|
+
'',
|
|
23
|
+
'## Next',
|
|
24
|
+
...(next.length > 0 ? next.map((item) => `- ${item}`) : ['- Preserve the current baseline.']),
|
|
25
|
+
'',
|
|
26
|
+
'## Verification',
|
|
27
|
+
...(verificationCommands.length > 0
|
|
28
|
+
? verificationCommands.map((command) => `- \`${command}\``)
|
|
29
|
+
: ['- `projscan preflight --format json`']),
|
|
30
|
+
'',
|
|
31
|
+
'## Coordination',
|
|
32
|
+
`- ${report.coordination.recommendedNextAgent}`,
|
|
33
|
+
...report.coordination.touchedFiles.slice(0, 10).map((file) => `- touched: ${file}`),
|
|
34
|
+
];
|
|
35
|
+
return `${lines.join('\n')}\n`;
|
|
36
|
+
}
|
|
37
|
+
export function rankWorkplanTasks(tasks) {
|
|
38
|
+
const seen = new Set();
|
|
39
|
+
return tasks
|
|
40
|
+
.filter((task) => {
|
|
41
|
+
if (seen.has(task.id))
|
|
42
|
+
return false;
|
|
43
|
+
seen.add(task.id);
|
|
44
|
+
return true;
|
|
45
|
+
})
|
|
46
|
+
.sort((a, b) => {
|
|
47
|
+
const priority = priorityRank(a.priority) - priorityRank(b.priority);
|
|
48
|
+
if (priority !== 0)
|
|
49
|
+
return priority;
|
|
50
|
+
const evidence = strongestEvidenceRank(a.evidence) - strongestEvidenceRank(b.evidence);
|
|
51
|
+
if (evidence !== 0)
|
|
52
|
+
return evidence;
|
|
53
|
+
return a.id.localeCompare(b.id);
|
|
54
|
+
});
|
|
55
|
+
}
|
|
56
|
+
function strongestEvidenceRank(evidence) {
|
|
57
|
+
if (evidence.some((item) => item.severity === 'error'))
|
|
58
|
+
return 0;
|
|
59
|
+
if (evidence.some((item) => item.severity === 'warning'))
|
|
60
|
+
return 1;
|
|
61
|
+
return 2;
|
|
62
|
+
}
|
|
63
|
+
function priorityRank(priority) {
|
|
64
|
+
if (priority === 'p0')
|
|
65
|
+
return 0;
|
|
66
|
+
if (priority === 'p1')
|
|
67
|
+
return 1;
|
|
68
|
+
return 2;
|
|
69
|
+
}
|
|
70
|
+
export function summarizeWorkplan(mode, verdict, tasks, risks) {
|
|
71
|
+
if (tasks.length === 0)
|
|
72
|
+
return `${verdict}: ${mode} workplan has no recommended tasks`;
|
|
73
|
+
const riskText = risks.length > 0 ? `${risks.length} top risk(s)` : 'no top risks';
|
|
74
|
+
return `${verdict}: ${mode} workplan has ${tasks.length} task(s), starting with ${tasks[0]?.title}; ${riskText}`;
|
|
75
|
+
}
|
|
76
|
+
function unique(values) {
|
|
77
|
+
return [...new Set(values)];
|
|
78
|
+
}
|
|
79
|
+
//# sourceMappingURL=workplanReport.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"workplanReport.js","sourceRoot":"","sources":["../../src/core/workplanReport.ts"],"names":[],"mappings":"AAWA,MAAM,UAAU,2BAA2B,CAAC,MAAsB;IAChE,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACtE,MAAM,oBAAoB,GAAG,MAAM,CACjC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAC3D,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACf,OAAO;QACL,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,IAAI;QACJ,oBAAoB;QACpB,YAAY,EAAE,MAAM,CAAC,YAAY;QACjC,QAAQ,EAAE,6BAA6B,CAAC,MAAM,EAAE,IAAI,EAAE,oBAAoB,CAAC;KAC5E,CAAC;AACJ,CAAC;AAED,SAAS,6BAA6B,CACpC,MAAsB,EACtB,IAAc,EACd,oBAA8B;IAE9B,MAAM,KAAK,GAAG;QACZ,iBAAiB;QACjB,EAAE;QACF,aAAa,MAAM,CAAC,IAAI,EAAE;QAC1B,gBAAgB,MAAM,CAAC,OAAO,EAAE;QAChC,EAAE;QACF,MAAM,CAAC,OAAO;QACd,EAAE;QACF,SAAS;QACT,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,kCAAkC,CAAC,CAAC;QAC7F,EAAE;QACF,iBAAiB;QACjB,GAAG,CAAC,oBAAoB,CAAC,MAAM,GAAG,CAAC;YACjC,CAAC,CAAC,oBAAoB,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,OAAO,IAAI,CAAC;YAC3D,CAAC,CAAC,CAAC,sCAAsC,CAAC,CAAC;QAC7C,EAAE;QACF,iBAAiB;QACjB,KAAK,MAAM,CAAC,YAAY,CAAC,oBAAoB,EAAE;QAC/C,GAAG,MAAM,CAAC,YAAY,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,cAAc,IAAI,EAAE,CAAC;KACrF,CAAC;IACF,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,KAAqB;IACrD,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,OAAO,KAAK;SACT,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE;QACf,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAAE,OAAO,KAAK,CAAC;QACpC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;SACD,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACb,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACrE,IAAI,QAAQ,KAAK,CAAC;YAAE,OAAO,QAAQ,CAAC;QACpC,MAAM,QAAQ,GAAG,qBAAqB,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,qBAAqB,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACvF,IAAI,QAAQ,KAAK,CAAC;YAAE,OAAO,QAAQ,CAAC;QACpC,OAAO,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;AACP,CAAC;AAED,SAAS,qBAAqB,CAAC,QAA4B;IACzD,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,KAAK,OAAO,CAAC;QAAE,OAAO,CAAC,CAAC;IACjE,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,KAAK,SAAS,CAAC;QAAE,OAAO,CAAC,CAAC;IACnE,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,YAAY,CAAC,QAA0B;IAC9C,IAAI,QAAQ,KAAK,IAAI;QAAE,OAAO,CAAC,CAAC;IAChC,IAAI,QAAQ,KAAK,IAAI;QAAE,OAAO,CAAC,CAAC;IAChC,OAAO,CAAC,CAAC;AACX,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,IAAkB,EAClB,OAAyB,EACzB,KAAqB,EACrB,KAAwB;IAExB,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,GAAG,OAAO,KAAK,IAAI,oCAAoC,CAAC;IACvF,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,MAAM,cAAc,CAAC,CAAC,CAAC,cAAc,CAAC;IACnF,OAAO,GAAG,OAAO,KAAK,IAAI,iBAAiB,KAAK,CAAC,MAAM,2BAA2B,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,KAAK,QAAQ,EAAE,CAAC;AACnH,CAAC;AAED,SAAS,MAAM,CAAC,MAAgB;IAC9B,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;AAC9B,CAAC"}
|
|
@@ -0,0 +1,5 @@
|
|
|
1
|
+
import type { OwnershipLookup } from './ownership.js';
|
|
2
|
+
import type { PreflightReason, SessionConflict, WorkplanTask, WorkplanTopRisk } from '../types.js';
|
|
3
|
+
export declare function buildTopRisks(reasons: PreflightReason[], conflicts: SessionConflict[], extraRisks?: WorkplanTopRisk[]): WorkplanTopRisk[];
|
|
4
|
+
export declare function annotateTasksWithOwners(tasks: WorkplanTask[], ownership: OwnershipLookup | undefined): WorkplanTask[];
|
|
5
|
+
export declare function annotateTopRisksWithOwners(risks: WorkplanTopRisk[], ownership: OwnershipLookup | undefined): WorkplanTopRisk[];
|
|
@@ -0,0 +1,97 @@
|
|
|
1
|
+
const MAX_TOP_RISKS = 8;
|
|
2
|
+
const HANDOFF_LIMIT = 320;
|
|
3
|
+
export function buildTopRisks(reasons, conflicts, extraRisks = []) {
|
|
4
|
+
const reasonRisks = reasons.map((reason) => ({
|
|
5
|
+
...reasonToEvidence(reason),
|
|
6
|
+
priority: reason.severity === 'error' ? 'p0' : 'p1',
|
|
7
|
+
}));
|
|
8
|
+
const conflictRisks = conflicts.map((conflict) => ({
|
|
9
|
+
source: 'coordination',
|
|
10
|
+
message: conflict.message,
|
|
11
|
+
severity: conflict.severity,
|
|
12
|
+
file: conflict.files[0],
|
|
13
|
+
priority: conflict.severity === 'error' ? 'p0' : 'p1',
|
|
14
|
+
}));
|
|
15
|
+
const seen = new Set();
|
|
16
|
+
return [...reasonRisks, ...conflictRisks, ...extraRisks]
|
|
17
|
+
.map((risk, index) => ({ risk, index }))
|
|
18
|
+
.filter((entry) => {
|
|
19
|
+
const { risk } = entry;
|
|
20
|
+
const key = `${risk.source}:${risk.file ?? ''}:${risk.message}`;
|
|
21
|
+
if (seen.has(key))
|
|
22
|
+
return false;
|
|
23
|
+
seen.add(key);
|
|
24
|
+
return true;
|
|
25
|
+
})
|
|
26
|
+
.sort((a, b) => {
|
|
27
|
+
const priority = priorityRank(a.risk.priority) - priorityRank(b.risk.priority);
|
|
28
|
+
if (priority !== 0)
|
|
29
|
+
return priority;
|
|
30
|
+
return a.index - b.index;
|
|
31
|
+
})
|
|
32
|
+
.map((entry) => entry.risk)
|
|
33
|
+
.slice(0, MAX_TOP_RISKS);
|
|
34
|
+
}
|
|
35
|
+
export function annotateTasksWithOwners(tasks, ownership) {
|
|
36
|
+
if (!ownership)
|
|
37
|
+
return tasks;
|
|
38
|
+
return tasks.map((task) => {
|
|
39
|
+
const owner = ownerForTask(task, ownership);
|
|
40
|
+
if (!owner)
|
|
41
|
+
return task;
|
|
42
|
+
return {
|
|
43
|
+
...task,
|
|
44
|
+
owner,
|
|
45
|
+
handoffText: compact(`${task.handoffText} Owner: ${owner}.`, HANDOFF_LIMIT),
|
|
46
|
+
};
|
|
47
|
+
});
|
|
48
|
+
}
|
|
49
|
+
export function annotateTopRisksWithOwners(risks, ownership) {
|
|
50
|
+
if (!ownership)
|
|
51
|
+
return risks;
|
|
52
|
+
return risks.map((risk) => {
|
|
53
|
+
const owner = ownerForFiles([risk.file].filter((file) => typeof file === 'string'), ownership);
|
|
54
|
+
return owner ? { ...risk, owner } : risk;
|
|
55
|
+
});
|
|
56
|
+
}
|
|
57
|
+
function reasonToEvidence(reason) {
|
|
58
|
+
return {
|
|
59
|
+
source: reason.source,
|
|
60
|
+
message: reason.message,
|
|
61
|
+
severity: reason.severity,
|
|
62
|
+
...(reason.file ? { file: reason.file } : {}),
|
|
63
|
+
...(reason.issueId ? { issueId: reason.issueId } : {}),
|
|
64
|
+
...(reason.tool ? { tool: reason.tool } : {}),
|
|
65
|
+
};
|
|
66
|
+
}
|
|
67
|
+
function ownerForTask(task, ownership) {
|
|
68
|
+
const evidenceFiles = task.evidence
|
|
69
|
+
.map((item) => item.file)
|
|
70
|
+
.filter((file) => typeof file === 'string' && file.length > 0);
|
|
71
|
+
return ownerForFiles([...task.files, ...evidenceFiles], ownership);
|
|
72
|
+
}
|
|
73
|
+
function ownerForFiles(files, ownership) {
|
|
74
|
+
for (const file of unique(files)) {
|
|
75
|
+
const owner = ownership(file);
|
|
76
|
+
if (owner)
|
|
77
|
+
return owner;
|
|
78
|
+
}
|
|
79
|
+
return undefined;
|
|
80
|
+
}
|
|
81
|
+
function priorityRank(priority) {
|
|
82
|
+
if (priority === 'p0')
|
|
83
|
+
return 0;
|
|
84
|
+
if (priority === 'p1')
|
|
85
|
+
return 1;
|
|
86
|
+
return 2;
|
|
87
|
+
}
|
|
88
|
+
function unique(values) {
|
|
89
|
+
return [...new Set(values)];
|
|
90
|
+
}
|
|
91
|
+
function compact(value, maxLength) {
|
|
92
|
+
const oneLine = value.replace(/\s+/g, ' ').trim();
|
|
93
|
+
if (oneLine.length <= maxLength)
|
|
94
|
+
return oneLine;
|
|
95
|
+
return `${oneLine.slice(0, maxLength - 3).trimEnd()}...`;
|
|
96
|
+
}
|
|
97
|
+
//# sourceMappingURL=workplanRiskOwnership.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"workplanRiskOwnership.js","sourceRoot":"","sources":["../../src/core/workplanRiskOwnership.ts"],"names":[],"mappings":"AASA,MAAM,aAAa,GAAG,CAAC,CAAC;AACxB,MAAM,aAAa,GAAG,GAAG,CAAC;AAE1B,MAAM,UAAU,aAAa,CAC3B,OAA0B,EAC1B,SAA4B,EAC5B,aAAgC,EAAE;IAElC,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;QAC3C,GAAG,gBAAgB,CAAC,MAAM,CAAC;QAC3B,QAAQ,EAAE,MAAM,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAE,IAAc,CAAC,CAAC,CAAE,IAAc;KAC1E,CAAC,CAAC,CAAC;IACJ,MAAM,aAAa,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QACjD,MAAM,EAAE,cAAuB;QAC/B,OAAO,EAAE,QAAQ,CAAC,OAAO;QACzB,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,IAAI,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;QACvB,QAAQ,EAAE,QAAQ,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAE,IAAc,CAAC,CAAC,CAAE,IAAc;KAC5E,CAAC,CAAC,CAAC;IACJ,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,OAAO,CAAC,GAAG,WAAW,EAAE,GAAG,aAAa,EAAE,GAAG,UAAU,CAAC;SACrD,GAAG,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;SACvC,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE;QAChB,MAAM,EAAE,IAAI,EAAE,GAAG,KAAK,CAAC;QACvB,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,IAAI,IAAI,EAAE,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;QAChE,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QAChC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACd,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;SACD,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACb,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC/E,IAAI,QAAQ,KAAK,CAAC;YAAE,OAAO,QAAQ,CAAC;QACpC,OAAO,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC;IAC3B,CAAC,CAAC;SACD,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC;SAC1B,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC;AAC7B,CAAC;AAED,MAAM,UAAU,uBAAuB,CACrC,KAAqB,EACrB,SAAsC;IAEtC,IAAI,CAAC,SAAS;QAAE,OAAO,KAAK,CAAC;IAC7B,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACxB,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;QAC5C,IAAI,CAAC,KAAK;YAAE,OAAO,IAAI,CAAC;QACxB,OAAO;YACL,GAAG,IAAI;YACP,KAAK;YACL,WAAW,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC,WAAW,WAAW,KAAK,GAAG,EAAE,aAAa,CAAC;SAC5E,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,0BAA0B,CACxC,KAAwB,EACxB,SAAsC;IAEtC,IAAI,CAAC,SAAS;QAAE,OAAO,KAAK,CAAC;IAC7B,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE;QACxB,MAAM,KAAK,GAAG,aAAa,CACzB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAkB,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,EACtE,SAAS,CACV,CAAC;QACF,OAAO,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;IAC3C,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,gBAAgB,CAAC,MAAuB;IAC/C,OAAO;QACL,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7C,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACtD,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC9C,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,IAAkB,EAAE,SAA0B;IAClE,MAAM,aAAa,GAAG,IAAI,CAAC,QAAQ;SAChC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;SACxB,MAAM,CAAC,CAAC,IAAI,EAAkB,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACjF,OAAO,aAAa,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,EAAE,GAAG,aAAa,CAAC,EAAE,SAAS,CAAC,CAAC;AACrE,CAAC;AAED,SAAS,aAAa,CAAC,KAAe,EAAE,SAA0B;IAChE,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC;QACjC,MAAM,KAAK,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;QAC9B,IAAI,KAAK;YAAE,OAAO,KAAK,CAAC;IAC1B,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,SAAS,YAAY,CAAC,QAAqC;IACzD,IAAI,QAAQ,KAAK,IAAI;QAAE,OAAO,CAAC,CAAC;IAChC,IAAI,QAAQ,KAAK,IAAI;QAAE,OAAO,CAAC,CAAC;IAChC,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,MAAM,CAAC,MAAgB;IAC9B,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;AAC9B,CAAC;AAED,SAAS,OAAO,CAAC,KAAa,EAAE,SAAiB;IAC/C,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IAClD,IAAI,OAAO,CAAC,MAAM,IAAI,SAAS;QAAE,OAAO,OAAO,CAAC;IAChD,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,GAAG,CAAC,CAAC,CAAC,OAAO,EAAE,KAAK,CAAC;AAC3D,CAAC"}
|
|
@@ -0,0 +1,43 @@
|
|
|
1
|
+
import { escapeDoubleQuoted } from './startShellArgs.js';
|
|
2
|
+
export function buildWorkplanSuggestedActions(preflightActions, tasks) {
|
|
3
|
+
return dedupeActions([
|
|
4
|
+
...preflightActions,
|
|
5
|
+
...tasks.flatMap((task) => taskToSuggestedActions(task)),
|
|
6
|
+
]);
|
|
7
|
+
}
|
|
8
|
+
function taskToSuggestedActions(task) {
|
|
9
|
+
return task.suggestedTools.slice(0, 3).flatMap((tool) => {
|
|
10
|
+
const command = commandForSuggestedTool(tool, task);
|
|
11
|
+
if (!command)
|
|
12
|
+
return [];
|
|
13
|
+
return [
|
|
14
|
+
{
|
|
15
|
+
label: `Use ${tool} for ${task.title}`,
|
|
16
|
+
tool: tool.startsWith('projscan_') ? tool : undefined,
|
|
17
|
+
command,
|
|
18
|
+
},
|
|
19
|
+
];
|
|
20
|
+
});
|
|
21
|
+
}
|
|
22
|
+
function commandForSuggestedTool(tool, task) {
|
|
23
|
+
if (!tool.startsWith('projscan_'))
|
|
24
|
+
return task.verification.commands[0];
|
|
25
|
+
if (tool === 'projscan_file' && task.files[0]) {
|
|
26
|
+
return `projscan file "${escapeDoubleQuoted(task.files[0])}" --format json`;
|
|
27
|
+
}
|
|
28
|
+
const prefix = `projscan ${tool.slice('projscan_'.length).replace(/_/g, '-')}`;
|
|
29
|
+
return task.verification.commands.find((command) => command.startsWith(prefix));
|
|
30
|
+
}
|
|
31
|
+
function dedupeActions(actions) {
|
|
32
|
+
const seen = new Set();
|
|
33
|
+
const out = [];
|
|
34
|
+
for (const action of actions) {
|
|
35
|
+
const key = `${action.label}:${action.command ?? ''}:${action.tool ?? ''}`;
|
|
36
|
+
if (seen.has(key))
|
|
37
|
+
continue;
|
|
38
|
+
seen.add(key);
|
|
39
|
+
out.push(action);
|
|
40
|
+
}
|
|
41
|
+
return out.slice(0, 12);
|
|
42
|
+
}
|
|
43
|
+
//# sourceMappingURL=workplanSuggestedActions.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"workplanSuggestedActions.js","sourceRoot":"","sources":["../../src/core/workplanSuggestedActions.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAGzD,MAAM,UAAU,6BAA6B,CAC3C,gBAA4C,EAC5C,KAAqB;IAErB,OAAO,aAAa,CAAC;QACnB,GAAG,gBAAgB;QACnB,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,sBAAsB,CAAC,IAAI,CAAC,CAAC;KACzD,CAAC,CAAC;AACL,CAAC;AAED,SAAS,sBAAsB,CAAC,IAAkB;IAChD,OAAO,IAAI,CAAC,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE;QACtD,MAAM,OAAO,GAAG,uBAAuB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACpD,IAAI,CAAC,OAAO;YAAE,OAAO,EAAE,CAAC;QACxB,OAAO;YACL;gBACE,KAAK,EAAE,OAAO,IAAI,QAAQ,IAAI,CAAC,KAAK,EAAE;gBACtC,IAAI,EAAE,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;gBACrD,OAAO;aACR;SACF,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,uBAAuB,CAAC,IAAY,EAAE,IAAkB;IAC/D,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC;QAAE,OAAO,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IACxE,IAAI,IAAI,KAAK,eAAe,IAAI,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;QAC9C,OAAO,kBAAkB,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,iBAAiB,CAAC;IAC9E,CAAC;IACD,MAAM,MAAM,GAAG,YAAY,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,EAAE,CAAC;IAC/E,OAAO,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;AAClF,CAAC;AAED,SAAS,aAAa,CAAC,OAAmC;IACxD,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,GAAG,GAA+B,EAAE,CAAC;IAC3C,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,MAAM,GAAG,GAAG,GAAG,MAAM,CAAC,KAAK,IAAI,MAAM,CAAC,OAAO,IAAI,EAAE,IAAI,MAAM,CAAC,IAAI,IAAI,EAAE,EAAE,CAAC;QAC3E,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,SAAS;QAC5B,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACd,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACnB,CAAC;IACD,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AAC1B,CAAC"}
|
package/dist/mcp/tools/prove.js
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { computeProve } from '../../core/prove.js';
|
|
2
|
+
import { loadConfig } from '../../utils/config.js';
|
|
2
3
|
export const proveTool = {
|
|
3
4
|
name: 'projscan_prove',
|
|
4
5
|
description: 'Create, record, or replay a local Proof Contract for a change. Returns allowed files, forbidden files, proof commands, ledger evidence, scope drift, a reviewer-ready Proof Receipt, and verifiedWorkflow status for agent handoff.',
|
|
@@ -63,23 +64,28 @@ export const proveTool = {
|
|
|
63
64
|
},
|
|
64
65
|
},
|
|
65
66
|
},
|
|
66
|
-
handler: async (args, rootPath) =>
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
73
|
-
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
|
|
79
|
-
|
|
80
|
-
|
|
81
|
-
|
|
82
|
-
|
|
67
|
+
handler: async (args, rootPath) => {
|
|
68
|
+
const { config } = await loadConfig(rootPath);
|
|
69
|
+
const changed = args.changed === true;
|
|
70
|
+
return {
|
|
71
|
+
prove: await computeProve(rootPath, {
|
|
72
|
+
intent: stringArg(args.intent),
|
|
73
|
+
changed,
|
|
74
|
+
contractPath: stringArg(args.contract_path),
|
|
75
|
+
saveContractPath: stringArg(args.save_contract_path),
|
|
76
|
+
maxFiles: finiteNumberArg(args.max_files),
|
|
77
|
+
feedbackPath: stringArg(args.feedback_path),
|
|
78
|
+
baseRef: stringArg(args.base_ref),
|
|
79
|
+
ledgerPath: stringArg(args.ledger_path),
|
|
80
|
+
recordCommand: stringArg(args.record_command),
|
|
81
|
+
exitCode: integerArg(args.exit_code),
|
|
82
|
+
durationMs: finiteNumberArg(args.duration_ms),
|
|
83
|
+
summary: stringArg(args.summary),
|
|
84
|
+
logPath: stringArg(args.log_path),
|
|
85
|
+
proofRecipes: changed ? undefined : config.proofRecipes,
|
|
86
|
+
}),
|
|
87
|
+
};
|
|
88
|
+
},
|
|
83
89
|
};
|
|
84
90
|
function stringArg(value) {
|
|
85
91
|
return typeof value === 'string' ? value : undefined;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"prove.js","sourceRoot":"","sources":["../../../src/mcp/tools/prove.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAGnD,MAAM,CAAC,MAAM,SAAS,GAAY;IAChC,IAAI,EAAE,gBAAgB;IACtB,WAAW,EACT,qOAAqO;IACvO,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ;QACd,UAAU,EAAE;YACV,MAAM,EAAE;gBACN,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,2DAA2D;aACzE;YACD,OAAO,EAAE;gBACP,IAAI,EAAE,SAAS;gBACf,WAAW,EAAE,6DAA6D;aAC3E;YACD,aAAa,EAAE;gBACb,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,iEAAiE;aAC/E;YACD,kBAAkB,EAAE;gBAClB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,2EAA2E;aACzF;YACD,SAAS,EAAE;gBACT,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,+DAA+D;aAC7E;YACD,aAAa,EAAE;gBACb,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,iEAAiE;aAC/E;YACD,QAAQ,EAAE;gBACR,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,mDAAmD;aACjE;YACD,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,yCAAyC;aACvD;YACD,cAAc,EAAE;gBACd,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,yDAAyD;aACvE;YACD,SAAS,EAAE;gBACT,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,+BAA+B;aAC7C;YACD,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,8CAA8C;aAC5D;YACD,OAAO,EAAE;gBACP,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,wDAAwD;aACtE;YACD,QAAQ,EAAE;gBACR,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,sDAAsD;aACpE;YACD,UAAU,EAAE;gBACV,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,+CAA+C;aAC7D;SACF;KACF;IACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"prove.js","sourceRoot":"","sources":["../../../src/mcp/tools/prove.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAGnD,MAAM,CAAC,MAAM,SAAS,GAAY;IAChC,IAAI,EAAE,gBAAgB;IACtB,WAAW,EACT,qOAAqO;IACvO,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ;QACd,UAAU,EAAE;YACV,MAAM,EAAE;gBACN,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,2DAA2D;aACzE;YACD,OAAO,EAAE;gBACP,IAAI,EAAE,SAAS;gBACf,WAAW,EAAE,6DAA6D;aAC3E;YACD,aAAa,EAAE;gBACb,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,iEAAiE;aAC/E;YACD,kBAAkB,EAAE;gBAClB,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,2EAA2E;aACzF;YACD,SAAS,EAAE;gBACT,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,+DAA+D;aAC7E;YACD,aAAa,EAAE;gBACb,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,iEAAiE;aAC/E;YACD,QAAQ,EAAE;gBACR,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,mDAAmD;aACjE;YACD,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,yCAAyC;aACvD;YACD,cAAc,EAAE;gBACd,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,yDAAyD;aACvE;YACD,SAAS,EAAE;gBACT,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,+BAA+B;aAC7C;YACD,WAAW,EAAE;gBACX,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,8CAA8C;aAC5D;YACD,OAAO,EAAE;gBACP,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,wDAAwD;aACtE;YACD,QAAQ,EAAE;gBACR,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,sDAAsD;aACpE;YACD,UAAU,EAAE;gBACV,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,+CAA+C;aAC7D;SACF;KACF;IACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;QAChC,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC9C,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,KAAK,IAAI,CAAC;QACtC,OAAO;YACL,KAAK,EAAE,MAAM,YAAY,CAAC,QAAQ,EAAE;gBAClC,MAAM,EAAE,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC;gBAC9B,OAAO;gBACP,YAAY,EAAE,SAAS,CAAC,IAAI,CAAC,aAAa,CAAC;gBAC3C,gBAAgB,EAAE,SAAS,CAAC,IAAI,CAAC,kBAAkB,CAAC;gBACpD,QAAQ,EAAE,eAAe,CAAC,IAAI,CAAC,SAAS,CAAC;gBACzC,YAAY,EAAE,SAAS,CAAC,IAAI,CAAC,aAAa,CAAC;gBAC3C,OAAO,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC;gBACjC,UAAU,EAAE,SAAS,CAAC,IAAI,CAAC,WAAW,CAAC;gBACvC,aAAa,EAAE,SAAS,CAAC,IAAI,CAAC,cAAc,CAAC;gBAC7C,QAAQ,EAAE,UAAU,CAAC,IAAI,CAAC,SAAS,CAAC;gBACpC,UAAU,EAAE,eAAe,CAAC,IAAI,CAAC,WAAW,CAAC;gBAC7C,OAAO,EAAE,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC;gBAChC,OAAO,EAAE,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC;gBACjC,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,YAAY;aACxD,CAAC;SACH,CAAC;IACJ,CAAC;CACF,CAAC;AAEF,SAAS,SAAS,CAAC,KAAc;IAC/B,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AACvD,CAAC;AAED,SAAS,eAAe,CAAC,KAAc;IACrC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AACjF,CAAC;AAED,SAAS,UAAU,CAAC,KAAc;IAChC,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC;AAClF,CAAC"}
|
|
@@ -1,23 +1,23 @@
|
|
|
1
1
|
{
|
|
2
2
|
"bomFormat": "CycloneDX",
|
|
3
3
|
"specVersion": "1.5",
|
|
4
|
-
"serialNumber": "urn:uuid:
|
|
4
|
+
"serialNumber": "urn:uuid:72d058b0-5373-4f94-91ab-a48d32e9bac5",
|
|
5
5
|
"version": 1,
|
|
6
6
|
"metadata": {
|
|
7
|
-
"timestamp": "2026-06-
|
|
7
|
+
"timestamp": "2026-06-25T09:44:00.014Z",
|
|
8
8
|
"tools": [
|
|
9
9
|
{
|
|
10
10
|
"vendor": "projscan",
|
|
11
11
|
"name": "projscan-sbom-generator",
|
|
12
|
-
"version": "4.
|
|
12
|
+
"version": "4.15.0"
|
|
13
13
|
}
|
|
14
14
|
],
|
|
15
15
|
"component": {
|
|
16
16
|
"type": "application",
|
|
17
|
-
"bom-ref": "pkg:npm/projscan@4.
|
|
17
|
+
"bom-ref": "pkg:npm/projscan@4.15.0",
|
|
18
18
|
"name": "projscan",
|
|
19
|
-
"version": "4.
|
|
20
|
-
"purl": "pkg:npm/projscan@4.
|
|
19
|
+
"version": "4.15.0",
|
|
20
|
+
"purl": "pkg:npm/projscan@4.15.0"
|
|
21
21
|
}
|
|
22
22
|
},
|
|
23
23
|
"components": [
|
package/dist/tool-manifest.json
CHANGED
package/dist/types/config.d.ts
CHANGED
|
@@ -25,6 +25,12 @@ export interface ProjscanConfig {
|
|
|
25
25
|
* direct CLI flags for a single run.
|
|
26
26
|
*/
|
|
27
27
|
reportPolicies?: Record<string, ReportPolicyPreset>;
|
|
28
|
+
/**
|
|
29
|
+
* Optional team-specific proof rules for `projscan prove`. Recipes add
|
|
30
|
+
* required commands, reviewers, and forbidden drift when a matched file is
|
|
31
|
+
* part of a Proof Contract or Proof Receipt.
|
|
32
|
+
*/
|
|
33
|
+
proofRecipes?: ProofRecipeConfig[];
|
|
28
34
|
/**
|
|
29
35
|
* Monorepo-specific configuration (0.14.0+). Currently scopes the
|
|
30
36
|
* cross-package import policy: each entry says "package P may only import
|
|
@@ -56,6 +62,15 @@ export interface ReportPolicyPreset {
|
|
|
56
62
|
reportScope?: string[];
|
|
57
63
|
redactPaths?: boolean;
|
|
58
64
|
}
|
|
65
|
+
export interface ProofRecipeConfig {
|
|
66
|
+
id: string;
|
|
67
|
+
matches: string[];
|
|
68
|
+
requiredCommands: string[];
|
|
69
|
+
requiredReviewers?: string[];
|
|
70
|
+
forbiddenFiles?: string[];
|
|
71
|
+
riskSurface?: string;
|
|
72
|
+
reason?: string;
|
|
73
|
+
}
|
|
59
74
|
/**
|
|
60
75
|
* One cross-package import rule. `from` is the package name (matches
|
|
61
76
|
* WorkspacePackage.name). Exactly one of `allow` / `deny` is required. Both
|
|
@@ -57,9 +57,30 @@ export interface EvidencePackProofReceiptSummary {
|
|
|
57
57
|
reviewerDecision: string;
|
|
58
58
|
scopeStatus?: string;
|
|
59
59
|
riskDeltaDirection?: string;
|
|
60
|
+
proofSufficiencyStatus?: string;
|
|
61
|
+
proofReplayStatus?: string;
|
|
62
|
+
changedAfterProof: string[];
|
|
63
|
+
receiptFingerprint?: string;
|
|
64
|
+
weakRequirements: string[];
|
|
65
|
+
missingRequirements: string[];
|
|
66
|
+
staleRequirements: string[];
|
|
67
|
+
failedRequirements: string[];
|
|
60
68
|
missingCommands: string[];
|
|
61
69
|
failedCommands: string[];
|
|
62
70
|
staleCommands: string[];
|
|
71
|
+
teamProofRecipes?: string[];
|
|
72
|
+
requiredReviewers?: string[];
|
|
73
|
+
recipeGaps?: string[];
|
|
74
|
+
recipeDrift?: string[];
|
|
75
|
+
proofEvidenceSources?: EvidencePackProofEvidenceSources;
|
|
76
|
+
}
|
|
77
|
+
export interface EvidencePackProofEvidenceSources {
|
|
78
|
+
total: number;
|
|
79
|
+
executed: number;
|
|
80
|
+
recorded: number;
|
|
81
|
+
mission: number;
|
|
82
|
+
external: number;
|
|
83
|
+
unknown: number;
|
|
63
84
|
}
|
|
64
85
|
export interface EvidencePackPrCommentValidationCheck {
|
|
65
86
|
id: string;
|
package/dist/types/prove.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import type { AssessConfidence, AssessEvidenceStrengthLevel, RiskDeltaSnapshot } from './assess.js';
|
|
2
|
+
import type { ProofRecipeConfig } from './config.js';
|
|
2
3
|
import type { ProofLedgerRecord } from './proofLedger.js';
|
|
3
4
|
export type ProveMode = 'intent' | 'changed' | 'record' | 'run';
|
|
4
5
|
export type ProveVerdict = 'ready' | 'needs-review' | 'blocked';
|
|
@@ -7,6 +8,11 @@ export type ProveProofStatus = 'not-run' | 'missing' | 'partial' | 'passed' | 'f
|
|
|
7
8
|
export type ProveRiskDeltaDirection = 'improved' | 'worse' | 'flat';
|
|
8
9
|
export type ProveReviewerDecision = 'safe-to-review' | 'needs-focused-review' | 'stop';
|
|
9
10
|
export type ProveProofCommandStatus = 'passed' | 'failed' | 'missing' | 'stale';
|
|
11
|
+
export type ProveProofReplayStatus = 'verified' | 'needs-proof' | 'stale' | 'failed' | 'drifted';
|
|
12
|
+
export type ProveProofReplayEventKind = 'contract' | 'change-set' | 'proof-command' | 'proof-sufficiency' | 'receipt';
|
|
13
|
+
export type ProveProofReplayEventStatus = 'passed' | 'missing' | 'missing-contract' | 'stale' | 'failed' | 'drifted' | 'strong' | 'adequate' | 'weak' | ProveProofReplayStatus;
|
|
14
|
+
export type ProveRiskSurface = 'production' | 'test' | 'documentation' | 'config' | 'security' | 'public-api' | 'cli' | 'mcp' | 'dependency' | 'generated' | 'custom' | 'unknown';
|
|
15
|
+
export type ProveProofSufficiencyStatus = 'strong' | 'adequate' | 'weak' | 'missing' | 'stale' | 'failed';
|
|
10
16
|
export type ProveChangedFileKind = 'allowed-production' | 'expected-test' | 'documentation' | 'config' | 'security-sensitive' | 'generated' | 'forbidden' | 'unexpected-production' | 'unexpected-test' | 'unknown';
|
|
11
17
|
export interface ProveTrustMemorySummary {
|
|
12
18
|
status: string;
|
|
@@ -25,6 +31,7 @@ export interface ProveVerifiedWorkflow {
|
|
|
25
31
|
staleProof: boolean;
|
|
26
32
|
missingProof: boolean;
|
|
27
33
|
failedProof: boolean;
|
|
34
|
+
proofSufficiencyStatus?: ProveProofSufficiencyStatus;
|
|
28
35
|
}
|
|
29
36
|
export interface ProveChangedFileClassification {
|
|
30
37
|
file: string;
|
|
@@ -42,6 +49,8 @@ export interface ProveContract {
|
|
|
42
49
|
likelyTests: string[];
|
|
43
50
|
missingRegressionTests: string[];
|
|
44
51
|
proofCommands: string[];
|
|
52
|
+
proofRequirements?: ProveProofRequirement[];
|
|
53
|
+
teamProofRecipes?: ProveMatchedProofRecipe[];
|
|
45
54
|
safeChangeShape: string;
|
|
46
55
|
rollbackPlan: string;
|
|
47
56
|
confidence: AssessConfidence;
|
|
@@ -58,6 +67,24 @@ export interface ProveContract {
|
|
|
58
67
|
riskDelta: RiskDeltaSnapshot;
|
|
59
68
|
verifiedWorkflow: ProveVerifiedWorkflow;
|
|
60
69
|
}
|
|
70
|
+
export interface ProveProofRequirement {
|
|
71
|
+
id: string;
|
|
72
|
+
surface: ProveRiskSurface;
|
|
73
|
+
files: string[];
|
|
74
|
+
requiredCommands: string[];
|
|
75
|
+
requiredReview: string;
|
|
76
|
+
reason: string;
|
|
77
|
+
source?: 'inferred' | 'recipe';
|
|
78
|
+
recipeId?: string;
|
|
79
|
+
requiredReviewers?: string[];
|
|
80
|
+
}
|
|
81
|
+
export interface ProveMatchedProofRecipe extends ProofRecipeConfig {
|
|
82
|
+
matchedFiles: string[];
|
|
83
|
+
forbiddenTouched?: string[];
|
|
84
|
+
missingCommands?: string[];
|
|
85
|
+
failedCommands?: string[];
|
|
86
|
+
staleCommands?: string[];
|
|
87
|
+
}
|
|
61
88
|
export interface ProveReceiptScope {
|
|
62
89
|
status: ProveScopeStatus;
|
|
63
90
|
changedFiles: string[];
|
|
@@ -88,18 +115,46 @@ export interface ProveProofCommandEvidence {
|
|
|
88
115
|
command: string;
|
|
89
116
|
status: ProveProofCommandStatus;
|
|
90
117
|
fresh: boolean;
|
|
118
|
+
source?: ProofLedgerRecord['source'];
|
|
91
119
|
exitCode?: number;
|
|
92
120
|
durationMs?: number;
|
|
93
121
|
completedAt?: string;
|
|
122
|
+
recordedChangedFiles?: string[];
|
|
123
|
+
recordedChangedFileFingerprint?: string;
|
|
94
124
|
outputSummary?: string;
|
|
95
125
|
logPath?: string;
|
|
96
126
|
staleReason?: string;
|
|
97
127
|
}
|
|
128
|
+
export interface ProveProofReplay {
|
|
129
|
+
status: ProveProofReplayStatus;
|
|
130
|
+
summary: string;
|
|
131
|
+
events: ProveProofReplayEvent[];
|
|
132
|
+
changedAfterProof: string[];
|
|
133
|
+
replayCommand: string;
|
|
134
|
+
receiptFingerprint: string;
|
|
135
|
+
}
|
|
136
|
+
export interface ProveProofReplayEvent {
|
|
137
|
+
kind: ProveProofReplayEventKind;
|
|
138
|
+
status: ProveProofReplayEventStatus;
|
|
139
|
+
summary: string;
|
|
140
|
+
command?: string;
|
|
141
|
+
completedAt?: string;
|
|
142
|
+
changedFiles?: string[];
|
|
143
|
+
changedAfterProof?: string[];
|
|
144
|
+
source?: ProofLedgerRecord['source'];
|
|
145
|
+
}
|
|
98
146
|
export interface ProveReceipt {
|
|
99
147
|
summary: string;
|
|
100
148
|
commitReadiness: ProveVerdict;
|
|
101
149
|
scope: ProveReceiptScope;
|
|
102
150
|
proofStatus: ProveReceiptProofStatus;
|
|
151
|
+
proofSufficiency?: ProveProofSufficiency;
|
|
152
|
+
proofReplay?: ProveProofReplay;
|
|
153
|
+
teamProofRecipes?: ProveMatchedProofRecipe[];
|
|
154
|
+
requiredReviewers?: string[];
|
|
155
|
+
recipeForbiddenTouched?: string[];
|
|
156
|
+
recipeDrift?: string[];
|
|
157
|
+
recipeGaps?: string[];
|
|
103
158
|
riskDelta: RiskDeltaSnapshot;
|
|
104
159
|
riskDeltaDirection: ProveRiskDeltaDirection;
|
|
105
160
|
reviewerDecision: ProveReviewerDecision;
|
|
@@ -108,6 +163,30 @@ export interface ProveReceipt {
|
|
|
108
163
|
reviewerGuidance: string;
|
|
109
164
|
verifiedWorkflow: ProveVerifiedWorkflow;
|
|
110
165
|
}
|
|
166
|
+
export interface ProveProofSufficiency {
|
|
167
|
+
status: ProveProofSufficiencyStatus;
|
|
168
|
+
summary: string;
|
|
169
|
+
requirements: ProveProofRequirementResult[];
|
|
170
|
+
gaps: string[];
|
|
171
|
+
weakRequirements: string[];
|
|
172
|
+
missingRequirements: string[];
|
|
173
|
+
staleRequirements: string[];
|
|
174
|
+
failedRequirements: string[];
|
|
175
|
+
}
|
|
176
|
+
export interface ProveProofRequirementResult {
|
|
177
|
+
id: string;
|
|
178
|
+
surface: ProveRiskSurface;
|
|
179
|
+
status: ProveProofSufficiencyStatus;
|
|
180
|
+
files: string[];
|
|
181
|
+
requiredCommands: string[];
|
|
182
|
+
matchedCommands: string[];
|
|
183
|
+
requiredReview: string;
|
|
184
|
+
reason: string;
|
|
185
|
+
gaps: string[];
|
|
186
|
+
source?: 'inferred' | 'recipe';
|
|
187
|
+
recipeId?: string;
|
|
188
|
+
requiredReviewers?: string[];
|
|
189
|
+
}
|
|
111
190
|
export interface ProveReport {
|
|
112
191
|
schemaVersion: 1;
|
|
113
192
|
mode: ProveMode;
|