projscan 4.15.0 → 4.17.0

package/dist/types/guard.d.ts

@@ -0,0 +1,32 @@
+import type { ProveProofStatus, ProveProofSufficiencyStatus, ProveReceipt, ProveScopeStatus } from './prove.js';
+export type GuardStatus = 'clear' | 'attention' | 'drift' | 'blocked';
+export type GuardReviewerAction = 'continue' | 'run-proof' | 'rerun-proof' | 'stop-and-recontract';
+export interface ComputeGuardOptions {
+    contractPath?: string;
+    baseRef?: string;
+    ledgerPath?: string;
+}
+export interface GuardReport {
+    schemaVersion: 1;
+    kind: 'agent-scope-guard';
+    status: GuardStatus;
+    exitCode: number;
+    summary: string;
+    reviewerAction: GuardReviewerAction;
+    drift: {
+        status: ProveScopeStatus;
+        files: string[];
+        forbiddenTouched: string[];
+        outsideAllowed: string[];
+        changedAfterProof: string[];
+    };
+    proof: {
+        status: ProveProofStatus;
+        sufficiencyStatus?: ProveProofSufficiencyStatus;
+        missingCommands: string[];
+        failedCommands: string[];
+        staleCommands: string[];
+    };
+    mutatedFiles: string[];
+    receipt?: ProveReceipt;
+}

package/dist/types/guard.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=guard.js.map

package/dist/types/guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"guard.js","sourceRoot":"","sources":["../../src/types/guard.ts"],"names":[],"mappings":""}

package/dist/types/passport.d.ts

@@ -0,0 +1,75 @@
+import type { ProveContract, ProveProofReplayStatus, ProveProofStatus, ProveProofSufficiencyStatus, ProveReceipt, ProveReviewerDecision, ProveScopeStatus, ProveVerifiedWorkflow, ProveVerdict } from './prove.js';
+import type { ProofRecipeConfig } from './config.js';
+export type AgentChangePassportStatus = 'ready' | 'needs-proof' | 'drifted' | 'blocked';
+export type AgentChangePassportReviewerAction = 'review' | 'run-proof' | 'rerun-proof' | 'stop-and-recontract';
+export interface ComputePassportOptions {
+    intent?: string;
+    contractPath?: string;
+    saveContractPath?: string;
+    outputPath?: string;
+    maxFiles?: number;
+    feedbackPath?: string;
+    baseRef?: string;
+    ledgerPath?: string;
+    taskId?: string;
+    emitBaseframe?: boolean;
+    proofRecipes?: ProofRecipeConfig[];
+}
+export interface AgentChangePassportBoundary {
+    contractId?: string;
+    allowedFiles: string[];
+    forbiddenFiles: string[];
+    likelyTests: string[];
+    riskyContracts: string[];
+    proofCommands: string[];
+    receiptCommand?: string;
+}
+export interface AgentChangePassportReceiptSummary {
+    scopeStatus: ProveScopeStatus;
+    proofStatus: ProveProofStatus;
+    proofSufficiencyStatus?: ProveProofSufficiencyStatus;
+    proofReplayStatus?: ProveProofReplayStatus;
+    changedFiles: string[];
+    forbiddenTouched: string[];
+    outsideAllowed: string[];
+    changedAfterProof: string[];
+    missingCommands: string[];
+    failedCommands: string[];
+    staleCommands: string[];
+    requiredReviewers: string[];
+}
+export interface AgentChangePassportReviewerSummary {
+    decision: ProveReviewerDecision;
+    action: AgentChangePassportReviewerAction;
+    summary: string;
+}
+export interface AgentChangePassportArtifacts {
+    contractPath?: string;
+    passportPath?: string;
+}
+export interface AgentChangePassportBaseframe {
+    taskId: string;
+    assessmentPath: string;
+    workflowPath: string;
+}
+export interface AgentChangePassport {
+    schemaVersion: 1;
+    kind: 'agent-change-passport';
+    generatedAt: string;
+    status: AgentChangePassportStatus;
+    intent?: string;
+    summary: string;
+    boundary: AgentChangePassportBoundary;
+    receipt: AgentChangePassportReceiptSummary;
+    reviewer: AgentChangePassportReviewerSummary;
+    nextCommands: string[];
+    warnings: string[];
+    artifacts: AgentChangePassportArtifacts;
+    baseframe?: AgentChangePassportBaseframe;
+    prove: {
+        verdict: ProveVerdict;
+        verifiedWorkflow: ProveVerifiedWorkflow;
+        contract?: ProveContract;
+        receipt?: ProveReceipt;
+    };
+}

package/dist/types/passport.js

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=passport.js.map

package/dist/types/passport.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"passport.js","sourceRoot":"","sources":["../../src/types/passport.ts"],"names":[],"mappings":""}

package/dist/types.d.ts

@@ -25,8 +25,11 @@ export type * from './types/trial.js';
 export type * from './types/understand.js';
 export type * from './types/qualityScorecard.js';
 export type * from './types/assess.js';
+export type * from './types/baseframe.js';
 export type * from './types/simulate.js';
 export type * from './types/prove.js';
+export type * from './types/passport.js';
+export type * from './types/guard.js';
 export type * from './types/proofLedger.js';
 export type * from './types/regressionPlan.js';
 export type * from './types/start.js';

package/dist/utils/formatSupport.d.ts

@@ -6,6 +6,8 @@ export declare const COMMAND_FORMAT_SUPPORT: {
     readonly assess: readonly ["console", "json", "markdown"];
     readonly simulate: readonly ["console", "json", "markdown"];
     readonly prove: readonly ["console", "json", "markdown"];
+    readonly passport: readonly ["console", "json", "markdown"];
+    readonly guard: readonly ["console", "json", "markdown"];
     readonly 'apply-fix': readonly ["console", "json"];
     readonly audit: readonly ["console", "json", "markdown", "sarif"];
     readonly badge: readonly ["console"];

package/dist/utils/formatSupport.js

@@ -11,6 +11,8 @@ export const COMMAND_FORMAT_SUPPORT = {
     assess: ['console', 'json', 'markdown'],
     simulate: ['console', 'json', 'markdown'],
     prove: ['console', 'json', 'markdown'],
+    passport: ['console', 'json', 'markdown'],
+    guard: ['console', 'json', 'markdown'],
     'apply-fix': ['console', 'json'],
     audit: ['console', 'json', 'markdown', 'sarif'],
     badge: ['console'],

package/dist/utils/formatSupport.js.map

@@ -1 +1 @@
-{"version":3,"file":"formatSupport.js","sourceRoot":"","sources":["../../src/utils/formatSupport.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,cAAc,GAAG;IAC5B,SAAS;IACT,MAAM;IACN,UAAU;IACV,OAAO;IACP,MAAM;CACoC,CAAC;AAE7C,MAAM,CAAC,MAAM,sBAAsB,GAAG;IACpC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC;IACzD,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACvC,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACzC,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACtC,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAC/C,KAAK,EAAE,CAAC,SAAS,CAAC;IAClB,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,EAAE,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAC5C,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACjC,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACjC,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC7C,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC7B,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,IAAI,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACrC,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC;IACxD,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC7B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,cAAc,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACnC,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAChD,IAAI,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACrC,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,GAAG,EAAE,CAAC,SAAS,CAAC;IAChB,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC9C,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,IAAI,EAAE,CAAC,SAAS,CAAC;IACjB,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAC/C,IAAI,EAAE,CAAC,SAAS,CAAC;IACjB,oBAAoB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACzC,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,cAAc,EAAE,CAAC,SAAS,CAAC;IAC3B,GAAG,EAAE,CAAC,SAAS,CAAC;IAChB,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAChD,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACjC,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,eAAe,EAAE,CAAC,SAAS,CAAC;IAC5B,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAClD,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,cAAc,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACnC,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC9B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAClD,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAC/C,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACvC,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC1C,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC9B,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,KAAK,EAAE,CAAC,SAAS,CAAC;IAClB,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,eAAe,EAAE,CAAC,SAAS,CAAC;IAC5B,kBAAkB,EAAE,CAAC,SAAS,CAAC;IAC/B,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC3C,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;CAC6B,CAAC;AAI7D,MAAM,UAAU,UAAU,CAAC,UAAmC,cAAc;IAC1E,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC5B,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,WAAmB;IACzD,OAAQ,sBAAkE,CAAC,WAAW,CAAC,CAAC;AAC1F,CAAC;AAED,MAAM,UAAU,iBAAiB;IAI/B,OAAO,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC;QACzE,OAAO,EAAE,OAA4B;QACrC,OAAO;KACR,CAAC,CAAC,CAAC;AACN,CAAC"}
+{"version":3,"file":"formatSupport.js","sourceRoot":"","sources":["../../src/utils/formatSupport.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,cAAc,GAAG;IAC5B,SAAS;IACT,MAAM;IACN,UAAU;IACV,OAAO;IACP,MAAM;CACoC,CAAC;AAE7C,MAAM,CAAC,MAAM,sBAAsB,GAAG;IACpC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC;IACzD,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACvC,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACzC,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACtC,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACzC,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACtC,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAC/C,KAAK,EAAE,CAAC,SAAS,CAAC;IAClB,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,EAAE,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAC5C,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACjC,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACjC,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC7C,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC7B,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,IAAI,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACrC,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC;IACxD,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC7B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,cAAc,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACnC,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAChD,IAAI,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACrC,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,GAAG,EAAE,CAAC,SAAS,CAAC;IAChB,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC9C,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,IAAI,EAAE,CAAC,SAAS,CAAC;IACjB,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAC/C,IAAI,EAAE,CAAC,SAAS,CAAC;IACjB,oBAAoB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACzC,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,cAAc,EAAE,CAAC,SAAS,CAAC;IAC3B,GAAG,EAAE,CAAC,SAAS,CAAC;IAChB,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAChD,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACjC,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,eAAe,EAAE,CAAC,SAAS,CAAC;IAC5B,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAClD,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,cAAc,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACnC,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC9B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAClD,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAC/C,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACvC,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC1C,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC9B,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,KAAK,EAAE,CAAC,SAAS,CAAC;IAClB,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,eAAe,EAAE,CAAC,SAAS,CAAC;IAC5B,kBAAkB,EAAE,CAAC,SAAS,CAAC;IAC/B,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC3C,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;CAC6B,CAAC;AAI7D,MAAM,UAAU,UAAU,CAAC,UAAmC,cAAc;IAC1E,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC5B,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,WAAmB;IACzD,OAAQ,sBAAkE,CAAC,WAAW,CAAC,CAAC;AAC1F,CAAC;AAED,MAAM,UAAU,iBAAiB;IAI/B,OAAO,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC;QACzE,OAAO,EAAE,OAA4B;QACrC,OAAO;KACR,CAAC,CAAC,CAAC;AACN,CAAC"}

package/docs/GUIDE.md

@@ -26,6 +26,8 @@ This guide starts with demonstrated workflows before the command reference. For
   - [assess](#assess)
   - [simulate](#simulate)
   - [prove](#prove)
+  - [passport](#passport)
+  - [guard](#guard)
   - [evidence-pack](#evidence-pack)
   - [privacy-check](#privacy-check)
   - [mission-proof](#mission-proof)
@@ -138,6 +140,8 @@ projscan prove --intent "is my agent allowed to change billing retry logic?" --s
 # Make the bounded edit, then run the proof command.
 projscan prove --run -- npm test -- tests/billing/retry.test.ts
 projscan prove --changed --contract .projscan/proof-contract.json --format markdown
+projscan passport --contract .projscan/proof-contract.json --format markdown
+projscan guard --contract .projscan/proof-contract.json
 ```
 
 The path is `start -> prove -> run -> changed`. Agent-permission intents route
@@ -165,6 +169,13 @@ and MCP clients. It names the phase, next action, next command, scope status,
 proof status, proof sufficiency status, risk delta direction, reviewer decision,
 and stale/missing/failed proof flags.
 
+`projscan passport` packages the contract and receipt into a reviewer handoff.
+It includes allowed files, forbidden files, changed files, proof replay, Proof
+Sufficiency, reviewer action, and next commands. `projscan guard` checks the
+current working tree against the same contract and reports drift, missing proof,
+stale proof, or a clear state. Use `guard --watch` during an agent session when
+you want repeated scope checks without running proof commands.
+
 Team Proof Recipes let the repo encode path-specific proof in `proofRecipes`;
 when a matching recipe is configured, `prove --intent` adds its required
 commands, reviewers, and forbidden files to the Proof Contract. `prove --changed`
@@ -336,6 +347,8 @@ When the agent first opens a repo, or before starting a refactor, the question i
 - **`projscan_assess` / `projscan assess`** — proof-first assessment. Composes quality-scorecard, bug-hunt, and preflight into Proof Cards with local evidence, impact, a safe fix shape, verification commands, feedback or suppression guidance, and risk delta. Proof Cards include evidence strength, confidence reason, ranking reasons, trust memory, evidence gaps, and an AgentLoopKit handoff packet. Use `projscan assess --goal "make this repo safer to ship this week"` for a broad weekly pass, `projscan assess --mode fix-first --format markdown` when you want one or two next actions instead of a long list, `--feedback .projscan-feedback.json` when local reviewer memory should affect ranking, or `--baseline previous-assess.json` to compare against a prior assessment. The command is read-only and does not release, tag, publish, or deploy.
 - **`projscan_simulate` / `projscan simulate`** — risk delta simulator. Evaluates a proposed change plan before editing and returns likely touched files, affected tests, contract surfaces, rollout steps, proof commands, confidence, projected before/after risk, alternatives, and a recommended option. Use `projscan simulate --plan "split bugHunt.ts into ranking, evidence, and output modules"` before doing a refactor. The command is read-only and does not execute the plan.
 - **`projscan_prove` / `projscan prove`** — executable Proof Contracts, Verified Workflow JSON, Proof Replay, and Proof Sufficiency. Use `projscan prove --intent "<change>"` before editing to get allowed files, forbidden files, risky contracts, likely tests, proof commands, rollback, confidence, Trust Memory signals, reviewer guidance, and `proofRequirements`. Use `projscan prove --run -- <command...>` to execute a local proof command and record a `prove-run` ledger row. Use `projscan prove --record-command "<command>" --exit-code <code>` for imported proof outcomes from CI or another runner. Use `projscan prove --changed --contract .projscan/proof-contract.json --format markdown` after editing to produce a Proof Receipt with changed-file classes, scope drift, forbidden touches, proof status, `proofReplay`, `changedAfterProof`, receipt fingerprint, `proofSufficiency`, stale proof, failed proof, risk delta, reviewer decision, and commit readiness. MCP can create and replay contracts and record imported proof; only the CLI `prove --run` executes local commands. Read `verifiedWorkflow` when an agent needs the next action without parsing Markdown.
+- **`projscan_passport` / `projscan passport`**: Agent Change Passport for reviewer handoff. It returns the Proof Contract boundary, current receipt, proof replay, Proof Sufficiency, reviewer action, next commands, and optional Baseframe assessment paths. MCP returns evidence and does not run proof commands.
+- **`projscan guard`**: local scope guard for a saved Proof Contract. It reports clear, attention, drift, or blocked for the current working tree and can poll with `--watch`.
 - **`projscan_understand` / `projscan understand`** — cited repo-comprehension surface. Returns repo maps, runtime flow maps, contract maps, change-readiness guidance, verification tiers, unknowns, read-first files, and exact next commands.
 - **`projscan_adoption` / `projscan init team` / `projscan init mcp` / `projscan mcp doctor` / `projscan init policy` / `projscan init github-action` / `projscan recipes` / `projscan first-run` / `projscan telemetry` / `projscan dogfood`** — adoption layer. Returns MCP client config snippets, setup verification, policy starters, PR workflow scaffolding with validated PR comments and block-only enforcement, baseline memory, ownership routing, first-PR onboarding steps, repeatable team-bootstrap and PR-automation recipes, multi-repo dogfood evidence, measured reviewer feedback, default-off telemetry controls, adoption trial reports, and setup diagnostics.
 - **`projscan_release_train` / `projscan release-train`** — product-line readiness planner. Plans upcoming product lines with version, scope, readiness, and next-action evidence.
@@ -964,6 +977,40 @@ projscan prove --changed --contract .projscan/proof-contract.json --format markd
 
 Creates a local Proof Contract, records explicit proof command outcomes in the Proof Ledger, and checks the current working tree against the saved contract after the edit. `prove --run` executes only the command after `--` and keeps shell execution disabled. `prove --record-command` imports external proof into the local ledger without running it.
 
+### passport
+
+```bash
+projscan passport --intent "is my agent allowed to change billing retry logic?" --save-contract .projscan/proof-contract.json --format markdown
+projscan passport --contract .projscan/proof-contract.json --output .projscan/passport.json --format json
+projscan passport --intent "Implement password reset" --task-id auth-password-reset-20260627-01 --emit-baseframe
+```
+
+Creates an Agent Change Passport from the Proof Contract and current Proof
+Receipt. The passport names the approved boundary, changed files, proof replay,
+Proof Sufficiency, reviewer decision, reviewer action, next commands, and saved
+artifact paths. It does not execute tests. Run proof through `projscan prove
+--run -- <command...>` before you expect the passport to report ready proof.
+
+Passport JSON writes stay under `.projscan/passport.json` or
+`.projscan/passports/<name>.json`. ProjScan rejects traversal, symlink paths, and
+existing files that are not Agent Change Passports. Add `--task-id <id>
+--emit-baseframe` when a Baseframe Suite task also needs
+`.baseframe/evidence/<task-id>/projscan-assessment.json`.
+
+### guard
+
+```bash
+projscan guard --contract .projscan/proof-contract.json
+projscan guard --contract .projscan/proof-contract.json --watch
+projscan guard --contract .projscan/proof-contract.json --fail-on-drift
+```
+
+Checks the current working tree against a saved Proof Contract. Guard reports
+`clear` when scope and proof satisfy the receipt, `attention` when proof is
+missing or stale, `drift` when files changed outside the boundary, and `blocked`
+when the contract is missing or proof failed. `--watch` polls until interrupted.
+`--fail-on-drift` exits non-zero for drift or a missing contract.
+
 ### evidence-pack
 
 ```bash
@@ -1566,6 +1613,7 @@ _Structural / agent-native:_
 - `projscan_assess` — proof-first assessment with Proof Cards, risk delta, and fix-first guidance.
 - `projscan_simulate` — risk delta simulator for proposed change plans before editing.
 - `projscan_prove` — Proof Contracts and Proof Receipts for proposed and completed changes. MCP records and replays imported proof; only CLI `prove --run` executes commands.
+- `projscan_passport`: Agent Change Passport with boundary, receipt, proof status, reviewer action, and next commands.
 - `projscan_adoption` — adoption helper for MCP client snippets, MCP setup doctor, agent workflow recipes, and first-run diagnostics.
 - `projscan_release_train` — product-line readiness plan with scope and next-action evidence.
 - `projscan_evidence_pack` — approval packet with planning, bug-hunt, workplan, preflight, changelog, and website prompt evidence.

package/docs/integrations/baseframe-suite-v1.md

@@ -0,0 +1,163 @@
+# Baseframe Suite Integration v1
+
+ProjScan produces the repository-risk assessment for a specific task. AgentLoopKit
+can consume that assessment to create a task contract, and AgentFlight can later
+consume both artifacts for review readiness. The products stay separate:
+ProjScan does not depend on AgentLoopKit or AgentFlight packages and does not
+write their artifacts.
+
+## Artifact Paths
+
+All artifacts are local files inside the target repository:
+
+```text
+.baseframe/
+  agent-workflow.json
+  evidence/
+    <task-id>/
+      projscan-assessment.json
+      agentloopkit-task.json
+      agentflight-result.json
+```
+
+ProjScan owns only:
+
+```text
+.baseframe/evidence/<task-id>/projscan-assessment.json
+```
+
+ProjScan may create or update `.baseframe/agent-workflow.json`. It preserves
+unknown fields and existing AgentLoopKit or AgentFlight sections, and updates
+only shared task timestamps plus `tools.projscan`.
+
+## Command
+
+```bash
+projscan assess \
+  --intent "Implement password reset" \
+  --task-id auth-password-reset-20260626-01 \
+  --emit-baseframe
+```
+
+The command prints the relative assessment path:
+
+```text
+.baseframe/evidence/auth-password-reset-20260626-01/projscan-assessment.json
+```
+
+An explicit ProjScan-owned output path is also supported:
+
+```bash
+projscan assess \
+  --intent "Implement password reset" \
+  --task-id auth-password-reset-20260626-01 \
+  --output .baseframe/evidence/auth-password-reset-20260626-01/projscan-assessment.json
+```
+
+Task IDs must be filesystem-safe: 1 to 128 characters, start and end with a
+letter or number, and contain only letters, numbers, hyphen, or underscore.
+
+## Assessment Schema
+
+```ts
+type ProjScanAssessmentV1 = {
+  schemaVersion: "1.0";
+  kind: "projscan-assessment";
+  producer: { name: "projscan"; version: string };
+  taskId: string;
+  intent: string;
+  generatedAt: string;
+  repository: { root: string; branch?: string; commit?: string };
+  verdict: "proceed" | "caution" | "block" | "unknown";
+  summary: string;
+  repositoryType?: string;
+  impactedAreas: Array<{ name: string; paths: string[]; reason: string }>;
+  reviewFocus: Array<{
+    path: string;
+    priority: "high" | "medium" | "low";
+    reasons: string[];
+  }>;
+  risks: Array<{
+    id: string;
+    severity: "info" | "warning" | "blocking";
+    category: string;
+    message: string;
+    files?: string[];
+    suggestedAction?: string;
+  }>;
+  suggestedChecks: Array<{
+    command: string;
+    reason: string;
+    required: boolean;
+  }>;
+  artifacts?: Array<{ kind: "report" | "scan" | "log"; path: string }>;
+};
+```
+
+ProjScan maps local evidence from `assess`, quality scorecard, bug hunt,
+preflight, language detection, and framework detection. When a signal is not
+available, ProjScan emits `unknown`, omits optional fields, uses empty arrays,
+and explains the limitation in `summary`.
+
+## Workflow Manifest
+
+ProjScan writes manifest paths relative to the repository root:
+
+```ts
+type BaseframeAgentWorkflowV1 = {
+  schemaVersion: "1.0";
+  taskId: string;
+  intent: string;
+  createdAt: string;
+  updatedAt: string;
+  tools: {
+    projscan?: {
+      status: "created" | "completed" | "failed";
+      assessmentPath: string;
+      version: string;
+    };
+    agentloopkit?: {
+      status: "created" | "completed" | "failed";
+      taskPath?: string;
+      version?: string;
+    };
+    agentflight?: {
+      status: "created" | "completed" | "failed";
+      resultPath?: string;
+      version?: string;
+    };
+  };
+};
+```
+
+Writes are local and atomic. ProjScan rejects malformed task IDs, traversal
+paths, symlinked Baseframe directories, and existing output files that are not a
+matching ProjScan assessment for the same task.
+
+## AgentLoopKit Consumption
+
+AgentLoopKit should read:
+
+```text
+.baseframe/evidence/<task-id>/projscan-assessment.json
+```
+
+It should use `taskId`, `intent`, `verdict`, `impactedAreas`, `reviewFocus`,
+`risks`, and `suggestedChecks` to create its own task contract artifact at:
+
+```text
+.baseframe/evidence/<task-id>/agentloopkit-task.json
+```
+
+ProjScan does not call AgentLoopKit and does not write that file.
+
+## Independent Use
+
+The existing assessment workflows remain unchanged:
+
+```bash
+projscan assess --mode fix-first --format markdown
+projscan assess --goal "make this repo safer to ship this week" --format json
+```
+
+Use the Baseframe flags only when a stable suite artifact is needed.

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "projscan",
   "mcpName": "io.github.abhiyoheswaran1/projscan",
-  "version": "4.15.0",
+  "version": "4.17.0",
   "description": "Local code intelligence for agent-assisted engineering. Focused daily workflows for repo orientation before edits, proof before handoff or commit, and release-candidate review, with AST-backed evidence through an MCP server and CLI. Runs locally by default.",
   "type": "module",
   "main": "./dist/index.js",
@@ -14,6 +14,7 @@
     "README.md",
     "docs/2.0-MIGRATION.md",
     "docs/GUIDE.md",
+    "docs/integrations/baseframe-suite-v1.md",
     "docs/PLUGIN-AUTHORING.md",
     "docs/PLUGIN-GALLERY.md",
     "docs/ROADMAP.md",