pumuki 6.3.72 → 6.3.73

package/scripts/pumuki-full-surface-smoke.ts

@@ -0,0 +1,261 @@
+import { spawnSync } from 'node:child_process';
+import { existsSync } from 'node:fs';
+import { join } from 'node:path';
+import {
+  installedBinMarkerPath,
+  resolveSmokeLayout,
+} from './pumuki-full-surface-smoke-lib';
+
+type SmokeRow = {
+  id: string;
+  bin: string;
+  args: ReadonlyArray<string>;
+  timeoutMs: number;
+  allowNonZero?: boolean;
+};
+
+const layout = resolveSmokeLayout({
+  scriptFileUrl: import.meta.url,
+  env: process.env,
+});
+
+const { pumukiPackageRoot, smokeCwd, binStrategy, binRoot } = layout;
+const node = process.execPath;
+const binPath = (name: string): string => join(binRoot, 'bin', name);
+
+const run = (row: SmokeRow): { code: number | null; signal: NodeJS.Signals | null; ms: number } => {
+  const started = Date.now();
+  const r = spawnSync(node, [binPath(row.bin), ...row.args], {
+    cwd: smokeCwd,
+    encoding: 'utf8',
+    timeout: row.timeoutMs,
+    maxBuffer: 50 * 1024 * 1024,
+    env: { ...process.env, FORCE_COLOR: '0' },
+  });
+  return { code: r.status, signal: r.signal, ms: Date.now() - started };
+};
+
+const rows: ReadonlyArray<SmokeRow> = [
+  { id: 'cli.help_implicit', bin: 'pumuki.js', args: [], timeoutMs: 15_000, allowNonZero: true },
+  { id: 'cli.help_explicit', bin: 'pumuki.js', args: ['--help'], timeoutMs: 15_000 },
+  {
+    id: 'cli.unknown_subcommand',
+    bin: 'pumuki.js',
+    args: ['__no_such_lifecycle_command__'],
+    timeoutMs: 15_000,
+    allowNonZero: true,
+  },
+  { id: 'doctor.json', bin: 'pumuki.js', args: ['doctor', '--json'], timeoutMs: 60_000 },
+  {
+    id: 'doctor.deep_json',
+    bin: 'pumuki.js',
+    args: ['doctor', '--deep', '--json'],
+    timeoutMs: 180_000,
+    allowNonZero: true,
+  },
+  { id: 'doctor.parity_json', bin: 'pumuki.js', args: ['doctor', '--parity', '--json'], timeoutMs: 120_000 },
+  { id: 'status.json', bin: 'pumuki.js', args: ['status', '--json'], timeoutMs: 90_000 },
+  {
+    id: 'audit.default_json',
+    bin: 'pumuki.js',
+    args: ['audit', '--json'],
+    timeoutMs: 300_000,
+    allowNonZero: true,
+  },
+  {
+    id: 'audit.pre_push_json',
+    bin: 'pumuki.js',
+    args: ['audit', '--stage=PRE_PUSH', '--json'],
+    timeoutMs: 300_000,
+    allowNonZero: true,
+  },
+  {
+    id: 'audit.ci_engine_json',
+    bin: 'pumuki.js',
+    args: ['audit', '--stage=CI', '--engine', '--json'],
+    timeoutMs: 300_000,
+    allowNonZero: true,
+  },
+  {
+    id: 'watch.once_json',
+    bin: 'pumuki.js',
+    args: [
+      'watch',
+      '--once',
+      '--json',
+      '--stage=PRE_COMMIT',
+      '--scope=repo',
+      '--interval-ms=200',
+      '--no-notify',
+    ],
+    timeoutMs: 180_000,
+  },
+  {
+    id: 'watch.once_staged_json',
+    bin: 'pumuki.js',
+    args: [
+      'watch',
+      '--once',
+      '--json',
+      '--stage=PRE_COMMIT',
+      '--scope=staged',
+      '--interval-ms=200',
+      '--no-notify',
+    ],
+    timeoutMs: 180_000,
+    allowNonZero: true,
+  },
+  { id: 'loop.list_json', bin: 'pumuki.js', args: ['loop', 'list', '--json'], timeoutMs: 30_000 },
+  {
+    id: 'loop.run_smoke',
+    bin: 'pumuki.js',
+    args: ['loop', 'run', '--objective=smoke-surface', '--max-attempts=1', '--json'],
+    timeoutMs: 300_000,
+    allowNonZero: true,
+  },
+  {
+    id: 'adapter.install_dry_repo_json',
+    bin: 'pumuki.js',
+    args: ['adapter', 'install', '--agent=repo', '--dry-run', '--json'],
+    timeoutMs: 30_000,
+  },
+  {
+    id: 'adapter.install_dry_codex_json',
+    bin: 'pumuki.js',
+    args: ['adapter', 'install', '--agent=codex', '--dry-run', '--json'],
+    timeoutMs: 30_000,
+  },
+  {
+    id: 'analytics.hotspots_report',
+    bin: 'pumuki.js',
+    args: ['analytics', 'hotspots', 'report', '--top=3', '--since-days=30', '--json'],
+    timeoutMs: 120_000,
+    allowNonZero: true,
+  },
+  {
+    id: 'analytics.hotspots_diagnose',
+    bin: 'pumuki.js',
+    args: ['analytics', 'hotspots', 'diagnose', '--json'],
+    timeoutMs: 120_000,
+    allowNonZero: true,
+  },
+  {
+    id: 'policy.reconcile_json',
+    bin: 'pumuki.js',
+    args: ['policy', 'reconcile', '--json'],
+    timeoutMs: 120_000,
+    allowNonZero: true,
+  },
+  {
+    id: 'policy.reconcile_strict_json',
+    bin: 'pumuki.js',
+    args: ['policy', 'reconcile', '--strict', '--json'],
+    timeoutMs: 120_000,
+    allowNonZero: true,
+  },
+  { id: 'sdd.status_json', bin: 'pumuki.js', args: ['sdd', 'status', '--json'], timeoutMs: 60_000 },
+  {
+    id: 'sdd.validate_pre_write_json',
+    bin: 'pumuki.js',
+    args: ['sdd', 'validate', '--stage=PRE_WRITE', '--json'],
+    timeoutMs: 120_000,
+    allowNonZero: true,
+  },
+  {
+    id: 'sdd.validate_precommit_json',
+    bin: 'pumuki.js',
+    args: ['sdd', 'validate', '--stage=PRE_COMMIT', '--json'],
+    timeoutMs: 120_000,
+    allowNonZero: true,
+  },
+  {
+    id: 'sdd.validate_prepush_json',
+    bin: 'pumuki.js',
+    args: ['sdd', 'validate', '--stage=PRE_PUSH', '--json'],
+    timeoutMs: 120_000,
+    allowNonZero: true,
+  },
+  {
+    id: 'sdd.validate_ci_json',
+    bin: 'pumuki.js',
+    args: ['sdd', 'validate', '--stage=CI', '--json'],
+    timeoutMs: 120_000,
+    allowNonZero: true,
+  },
+  { id: 'hook.pre_write', bin: 'pumuki-pre-write.js', args: [], timeoutMs: 300_000, allowNonZero: true },
+  { id: 'hook.pre_commit', bin: 'pumuki-pre-commit.js', args: [], timeoutMs: 300_000, allowNonZero: true },
+  { id: 'hook.pre_push', bin: 'pumuki-pre-push.js', args: [], timeoutMs: 300_000, allowNonZero: true },
+  { id: 'hook.ci', bin: 'pumuki-ci.js', args: [], timeoutMs: 300_000, allowNonZero: true },
+];
+
+const main = (): number => {
+  if (binStrategy === 'installed') {
+    const marker = installedBinMarkerPath(layout);
+    if (!existsSync(marker)) {
+      process.stderr.write(
+        `[pumuki] smoke: PUMUKI_SMOKE_BIN_STRATEGY=installed pero no existe ${marker}. ` +
+          'Ejecuta npm install en el consumidor o revisa PUMUKI_SMOKE_REPO_ROOT.\n'
+      );
+      return 2;
+    }
+  }
+
+  const lines: string[] = [];
+  lines.push('# Pumuki superficie — smoke');
+  lines.push('');
+  lines.push(`- binStrategy: \`${binStrategy}\` (PUMUKI_SMOKE_BIN_STRATEGY=source|installed)`);
+  lines.push(`- binRoot: \`${binRoot}\``);
+  lines.push(`- pumukiPackageRoot (script host): \`${pumukiPackageRoot}\``);
+  lines.push(`- smokeCwd (gate/doctor cwd): \`${smokeCwd}\``);
+  lines.push(`- node: \`${node}\``);
+  lines.push(`- filas: **${rows.length}** (incluye CLI, doctor/status, audit×3, watch×2, loop, adapter×2, analytics×2, policy×2, sdd×5, hooks×4)`);
+  lines.push('');
+  lines.push('| id | exit | ms | ok |');
+  lines.push('|----|------|----|----|');
+  let failed = 0;
+  for (const row of rows) {
+    const { code, signal, ms } = run(row);
+    const exit = signal ? `signal:${signal}` : String(code ?? 'null');
+    const ok =
+      signal !== null
+        ? false
+        : row.allowNonZero
+          ? true
+          : code === 0;
+    if (!ok) {
+      failed += 1;
+    }
+    lines.push(`| ${row.id} | ${exit} | ${ms} | ${ok ? 'yes' : 'no'} |`);
+  }
+  lines.push('');
+  lines.push('## Interpretación de exit codes');
+  lines.push('');
+  lines.push('- `audit` devuelve el **mismo código que el gate** del alcance auditado (p. ej. 1 si hay `BLOCK` en el repo). Eso es correcto, no indica CLI roto.');
+  lines.push('- `doctor --deep` puede devolver **1** si `doctorHasBlockingIssues` (issues `error` o `deep.blocking`) o mismatch de parity esperado.');
+  lines.push('- Los **hooks** (`pre-commit`, etc.) reflejan el gate sobre el estado actual del worktree; 1 con cambios locales o rama protegida es esperable.');
+  lines.push('- `sdd validate` y `policy reconcile --strict` pueden devolver **1** según política del repo; el smoke los marca con `allowNonZero`.');
+  lines.push('');
+  lines.push('## No cubierto aquí (manual o destructivo)');
+  lines.push('');
+  lines.push('- `pumuki install|uninstall|remove|update|bootstrap` (mutan hooks/artefactos).');
+  lines.push('- `pumuki framework` / menú interactivo (`pumuki-framework.js`).');
+  lines.push('- Servidores MCP stdio (`pumuki-mcp-*-stdio.js`): esperan JSON-RPC por stdin; probar con cliente MCP.');
+  lines.push('- `pumuki sdd session|sync|learn|evidence|state-sync|auto-sync`: requieren ids / evidencia / cambios reales.');
+  lines.push('- `pumuki doctor|status --remote-checks`: dependen de red / GitHub.');
+  lines.push('');
+  lines.push('## Otro repo (consumidor)');
+  lines.push('');
+  lines.push(
+    '- **Bins del tree pumuki (desarrollo):** `PUMUKI_SMOKE_REPO_ROOT=/ruta/al/repo npm run -s smoke:pumuki-surface` desde la raíz de **pumuki** (`PUMUKI_SMOKE_BIN_STRATEGY=source` por defecto).'
+  );
+  lines.push(
+    '- **Bins instalados en el consumidor (`node_modules/pumuki`):** `PUMUKI_SMOKE_REPO_ROOT=/ruta/al/repo PUMUKI_SMOKE_BIN_STRATEGY=installed npm run -s smoke:pumuki-surface` o `npm run -s smoke:pumuki-surface-installed` (exige `PUMUKI_SMOKE_REPO_ROOT`).'
+  );
+  lines.push('');
+  lines.push(`**Resumen:** ${failed} filas con fallo estricto (sin allowNonZero).`);
+  process.stdout.write(lines.join('\n'));
+  process.stdout.write('\n');
+  return failed > 0 ? 1 : 0;
+};
+
+process.exitCode = main();

package/scripts/pumuki-smoke-installed-wrapper.cjs

@@ -0,0 +1,31 @@
+#!/usr/bin/env node
+'use strict';
+
+const { spawnSync } = require('node:child_process');
+const { join } = require('node:path');
+
+if (!process.env.PUMUKI_SMOKE_REPO_ROOT || !String(process.env.PUMUKI_SMOKE_REPO_ROOT).trim()) {
+  console.error(
+    '[pumuki] smoke:pumuki-surface-installed requires PUMUKI_SMOKE_REPO_ROOT (absolute path to consumer repo).'
+  );
+  process.exit(1);
+}
+
+const root = join(__dirname, '..');
+const env = {
+  ...process.env,
+  PUMUKI_SMOKE_BIN_STRATEGY: 'installed',
+};
+
+const result = spawnSync(
+  'npx',
+  ['--yes', 'tsx@4.21.0', 'scripts/pumuki-full-surface-smoke.ts'],
+  {
+    cwd: root,
+    env,
+    stdio: 'inherit',
+  }
+);
+
+const code = typeof result.status === 'number' ? result.status : 1;
+process.exitCode = code;

package/scripts/ruralgo-s1-evidence-pack-lib.ts

@@ -0,0 +1,200 @@
+import { mkdirSync, writeFileSync } from 'node:fs';
+import { dirname, resolve } from 'node:path';
+
+type RuralGoS1EvidenceEntry = {
+  title: string;
+  mode: 'shell' | 'mcp';
+  command: string;
+  capture: ReadonlyArray<string>;
+  expectedFragments: ReadonlyArray<string>;
+  incs: ReadonlyArray<string>;
+};
+
+export type RuralGoS1EvidencePackOptions = {
+  cwd: string;
+  consumerRoot: string;
+  packageVersion: string;
+  generatedAt: string;
+};
+
+const resolvePumukiPackageSelector = (packageVersion: string): string => {
+  const trimmed = packageVersion.trim();
+  const isStableSemver = /^\d+\.\d+\.\d+(?:[-+][0-9A-Za-z.-]+)?$/.test(trimmed);
+  if (isStableSemver) {
+    return `pumuki@${trimmed}`;
+  }
+  return 'pumuki@latest';
+};
+
+const EVIDENCE_ENTRIES: ReadonlyArray<RuralGoS1EvidenceEntry> = [
+  {
+    title: 'Lifecycle status',
+    mode: 'shell',
+    command: 'npm run pumuki:status',
+    capture: [
+      'Bloque `governance truth` completo.',
+      'Indicadores de contrato efectivo, rama y skills surface.',
+    ],
+    expectedFragments: [
+      'governance truth',
+      'governance_effective',
+      'contract_surface',
+      'current_branch',
+    ],
+    incs: ['PUMUKI-INC-070', 'PUMUKI-INC-071', 'PUMUKI-INC-073', 'PUMUKI-INC-076'],
+  },
+  {
+    title: 'Lifecycle doctor',
+    mode: 'shell',
+    command: 'npm run pumuki:doctor',
+    capture: [
+      'Veredicto humano final.',
+      'Bloque `governance truth` con `next_action` visible.',
+    ],
+    expectedFragments: [
+      'governance truth',
+      'next_action',
+      'reason_code',
+      'WARN',
+    ],
+    incs: ['PUMUKI-INC-070', 'PUMUKI-INC-071', 'PUMUKI-INC-073'],
+  },
+  {
+    title: 'PRE_WRITE canónico',
+    mode: 'shell',
+    command: 'npx --yes --package pumuki@latest pumuki sdd validate --stage=PRE_WRITE --json',
+    capture: [
+      'Salida JSON completa.',
+      'Campos de session/mode y remediación inmediata.',
+    ],
+    expectedFragments: [
+      '"stage":"PRE_WRITE"',
+      '"decision"',
+      '"next_action"',
+    ],
+    incs: ['PUMUKI-INC-070', 'PUMUKI-INC-072'],
+  },
+  {
+    title: 'Hook pre-commit / gate',
+    mode: 'shell',
+    command: 'git commit --allow-empty -m "test: pumuki s1 validation"',
+    capture: [
+      'Bloque de gate con `reason_code`, `instruction` y `next_action`.',
+      'Si bloquea, conservar `NEXT:` y `REMEDIATION:`.',
+    ],
+    expectedFragments: [
+      'reason_code=',
+      'instruction=',
+      'next_action=',
+    ],
+    incs: ['PUMUKI-INC-071', 'PUMUKI-INC-073', 'PUMUKI-INC-076'],
+  },
+  {
+    title: 'MCP pre_flight_check',
+    mode: 'mcp',
+    command: 'mcp::pre_flight_check(stage=PRE_WRITE)',
+    capture: [
+      'Payload completo de `result`.',
+      'Campos `reason_code`, `instruction`, `next_action`, `hints`.',
+    ],
+    expectedFragments: [
+      'reason_code',
+      'instruction',
+      'next_action',
+      'hints',
+    ],
+    incs: ['PUMUKI-INC-071', 'PUMUKI-INC-072', 'PUMUKI-INC-073'],
+  },
+  {
+    title: 'MCP auto_execute_ai_start',
+    mode: 'mcp',
+    command: 'mcp::auto_execute_ai_start(stage=PRE_WRITE)',
+    capture: [
+      'Payload completo de `result`.',
+      'Campos `action`, `reason_code`, `next_action`, `confidence_pct`.',
+    ],
+    expectedFragments: [
+      'action',
+      'reason_code',
+      'next_action',
+      'confidence_pct',
+    ],
+    incs: ['PUMUKI-INC-071', 'PUMUKI-INC-073', 'PUMUKI-INC-076'],
+  },
+];
+
+const renderEntry = (params: {
+  entry: RuralGoS1EvidenceEntry;
+  consumerRoot: string;
+}): string => {
+  const command = params.entry.mode === 'shell'
+    ? `cd ${params.consumerRoot} && ${params.entry.command}`
+    : params.entry.command;
+
+  return [
+    `### ${params.entry.title}`,
+    '',
+    `- mode: ${params.entry.mode}`,
+    `- command: \`${command}\``,
+    `- incs: ${params.entry.incs.join(', ')}`,
+    '- capture:',
+    ...params.entry.capture.map((item) => `  - ${item}`),
+    '- expected_fragments:',
+    ...params.entry.expectedFragments.map((item) => `  - ${item}`),
+    '',
+  ].join('\n');
+};
+
+export const buildRuralGoS1EvidencePackMarkdown = (
+  options: RuralGoS1EvidencePackOptions
+): string => {
+  const pumukiPackageSelector = resolvePumukiPackageSelector(options.packageVersion);
+  const evidenceEntries: ReadonlyArray<RuralGoS1EvidenceEntry> = EVIDENCE_ENTRIES.map((entry) =>
+    entry.title === 'PRE_WRITE canónico'
+      ? {
+        ...entry,
+        command: `npx --yes --package ${pumukiPackageSelector} pumuki sdd validate --stage=PRE_WRITE --json`,
+      }
+      : entry
+  );
+
+  return [
+    '# RuralGo S1 Evidence Pack',
+    '',
+    `- generated_at: ${options.generatedAt}`,
+    `- consumer_root: \`${options.consumerRoot}\``,
+    `- package_version: ${options.packageVersion}`,
+    '- objective: validar S1 contra PUMUKI-INC-071/073/076 y reunir soporte adicional para 070/072.',
+    '',
+    '## Uso',
+    '',
+    '- Ejecuta los comandos shell desde el consumer real tras repinear la semver publicada.',
+    '- Captura las respuestas MCP desde una sesión conectada al servidor enterprise.',
+    '- No muevas un INC a `FIXED` si falta convergencia entre lifecycle, hooks y MCP.',
+    '',
+    ...evidenceEntries.map((entry) =>
+      renderEntry({
+        entry,
+        consumerRoot: options.consumerRoot,
+      })
+    ),
+    '## Criterio rápido de cierre',
+    '',
+    '- `PUMUKI-INC-071`: candidato a FIXED si lifecycle, hooks y MCP exponen contrato efectivo del repo.',
+    '- `PUMUKI-INC-073`: candidato a FIXED si el verde parcial desaparece y se ve governance real.',
+    '- `PUMUKI-INC-076`: candidato a FIXED si hooks y surfaces muestran GitFlow/naming como parte del gate.',
+    '- `PUMUKI-INC-072`: no cerrar salvo que el pre-edit gate aparezca de forma homogénea y automática.',
+    '',
+  ].join('\n');
+};
+
+export const writeRuralGoS1EvidencePack = (params: {
+  cwd: string;
+  outFile: string;
+  markdown: string;
+}): string => {
+  const outputPath = resolve(params.cwd, params.outFile);
+  mkdirSync(dirname(outputPath), { recursive: true });
+  writeFileSync(outputPath, params.markdown, 'utf8');
+  return outputPath;
+};

package/scripts/framework-menu-consumer-runtime-evidence-classic.ts

@@ -1,140 +0,0 @@
-import type { EnterpriseEvidenceSeverity } from './framework-menu-evidence-summary-types';
-import type { FrameworkMenuEvidenceSummary } from './framework-menu-evidence-summary-lib';
-import { renderLegacyPanel, resolveLegacyPanelOuterWidth } from './framework-menu-legacy-audit-lib';
-import { applyCliPalette, buildCliDesignTokens } from './framework-menu-ui-components-lib';
-import type { CliPaletteRole } from './framework-menu-ui-components-types';
-
-const enterpriseSeverityToRole = (severity: EnterpriseEvidenceSeverity): CliPaletteRole => {
-  if (severity === 'CRITICAL') {
-    return 'critical';
-  }
-  if (severity === 'HIGH') {
-    return 'high';
-  }
-  if (severity === 'MEDIUM') {
-    return 'medium';
-  }
-  return 'low';
-};
-
-const outcomeToRole = (outcome: string | null): CliPaletteRole => {
-  const normalized = (outcome ?? '').trim().toUpperCase();
-  if (normalized === 'BLOCK' || normalized === 'BLOCKED') {
-    return 'critical';
-  }
-  if (normalized === 'WARN') {
-    return 'statusWarning';
-  }
-  if (normalized === 'PASS' || normalized === 'ALLOW' || normalized === 'ALLOWED') {
-    return 'goal';
-  }
-  return 'sectionTitle';
-};
-
-export const formatVintageEvidenceReportLines = (
-  summary: FrameworkMenuEvidenceSummary,
-  tokens: ReturnType<typeof buildCliDesignTokens>
-): string[] => {
-  if (summary.status !== 'ok') {
-    return [
-      applyCliPalette('PUMUKI — Classic evidence view', 'title', tokens),
-      applyCliPalette(
-        summary.status === 'missing'
-          ? 'No .ai_evidence.json — run an engine audit (1, 11–14) first.'
-          : 'Invalid .ai_evidence.json — regenerate from a gate run.',
-        'muted',
-        tokens
-      ),
-    ];
-  }
-
-  const ent = summary.byEnterpriseSeverity ?? {
-    CRITICAL: summary.bySeverity.CRITICAL,
-    HIGH: summary.bySeverity.ERROR,
-    MEDIUM: summary.bySeverity.WARN,
-    LOW: summary.bySeverity.INFO,
-  };
-
-  const lines: string[] = [
-    applyCliPalette('PUMUKI — Classic evidence view (severities + platforms)', 'title', tokens),
-    '',
-    `${applyCliPalette('Stage', 'sectionTitle', tokens)}: ${summary.stage ?? 'unknown'}  ${applyCliPalette('Outcome', 'sectionTitle', tokens)}: ${applyCliPalette(String(summary.outcome ?? 'unknown'), outcomeToRole(summary.outcome), tokens)}`,
-    `${applyCliPalette('Findings', 'sectionTitle', tokens)}: ${summary.totalFindings}  ${applyCliPalette('Scanned', 'muted', tokens)}: ${summary.filesScanned}  ${applyCliPalette('Affected', 'muted', tokens)}: ${summary.filesAffected}`,
-    '',
-    applyCliPalette('Enterprise severities', 'sectionTitle', tokens),
-  ];
-
-  const order: EnterpriseEvidenceSeverity[] = ['CRITICAL', 'HIGH', 'MEDIUM', 'LOW'];
-  for (const band of order) {
-    const count = ent[band] ?? 0;
-    if (count === 0) {
-      continue;
-    }
-    lines.push(
-      `  ${applyCliPalette(`${band}:`, enterpriseSeverityToRole(band), tokens)} ${count}`
-    );
-  }
-
-  lines.push('', applyCliPalette('Legacy severities', 'sectionTitle', tokens));
-  lines.push(
-    `  ${applyCliPalette('CRITICAL', 'critical', tokens)} ${summary.bySeverity.CRITICAL}  ` +
-      `${applyCliPalette('ERROR', 'high', tokens)} ${summary.bySeverity.ERROR}  ` +
-      `${applyCliPalette('WARN', 'medium', tokens)} ${summary.bySeverity.WARN}  ` +
-      `${applyCliPalette('INFO', 'low', tokens)} ${summary.bySeverity.INFO}`
-  );
-
-  if (summary.platformAuditRows && summary.platformAuditRows.length > 0) {
-    lines.push('', applyCliPalette('Platforms (from evidence snapshot)', 'sectionTitle', tokens));
-    for (const row of summary.platformAuditRows) {
-      lines.push(
-        `  ${applyCliPalette(row.platform, 'rule', tokens)}: ${row.violations} violations`
-      );
-    }
-    lines.push(
-      applyCliPalette(
-        'Note: platform buckets are heuristic (path + ruleId); "Other" is not absence of iOS/Android work.',
-        'muted',
-        tokens
-      )
-    );
-  }
-
-  lines.push('', applyCliPalette('Top violations (ranked)', 'sectionTitle', tokens));
-  if (summary.topFindings.length === 0) {
-    lines.push(applyCliPalette('  (none)', 'goal', tokens));
-  } else {
-    for (const finding of summary.topFindings) {
-      const role = enterpriseSeverityToRole(finding.severity);
-      lines.push(
-        `  ${applyCliPalette(`[${finding.severity}]`, role, tokens)} ${finding.ruleId}`
-      );
-      lines.push(
-        `      ${applyCliPalette(`${finding.file}:${finding.line}`, 'muted', tokens)}`
-      );
-    }
-  }
-
-  return lines;
-};
-
-export const renderVintageEvidenceReport = (params: {
-  write: (text: string) => void;
-  summary: FrameworkMenuEvidenceSummary;
-  useColor: () => boolean;
-}): void => {
-  if (process.env.PUMUKI_MENU_VINTAGE_REPORT === '0') {
-    return;
-  }
-  const tokens = buildCliDesignTokens({
-    width: resolveLegacyPanelOuterWidth(),
-    color: params.useColor(),
-  });
-
-  const lines = formatVintageEvidenceReportLines(params.summary, tokens);
-  params.write(
-    `\n${renderLegacyPanel(lines, {
-      width: resolveLegacyPanelOuterWidth(),
-      color: params.useColor(),
-    })}\n`
-  );
-};