soloforge 1.2.19 → 1.2.20

package/dist/engine/enforcement_guard.js

@@ -0,0 +1,305 @@
+/**
+ * 强制护栏注册表 — 问题十一 (Enforcement Guard)。
+ *
+ * 覆盖七类护栏: write、state、knowledge_injection、execution、
+ * external_side_effect、prompt、delivery。
+ * 护栏 finding 必须绑定 contract_id + diagnostic_code。
+ * 只有 contract state=enforced 且 hard_fail_allowed=true 时才能 hard fail。
+ */
+import { getDiagnosticByCode, createDiagnosticEvent } from "./diagnostic_registry.js";
+import { canContractHardFail } from "./contract_registry.js";
+const BUILTIN_GUARDS = [
+    {
+        guard_id: "guard-write-readonly",
+        guard_type: "write",
+        enforced: true,
+        trigger_description: "只读工作流写入业务源码",
+        block_condition: "route=skip_chat/direct_answer/read_only_analysis 且写入目标为业务源码",
+        allow_condition: "route 允许写入",
+        failure_behavior: "block",
+        contract_id: "command_execution_contract",
+        diagnostic_code: "SF-GUARD-0001",
+        required_context: ["route", "target_path"],
+    },
+    {
+        guard_id: "guard-write-scope",
+        guard_type: "write",
+        enforced: true,
+        trigger_description: "超出 output artifact 范围写入",
+        block_condition: "source_extraction 写入非 output artifact 路径",
+        allow_condition: "写入路径在 output artifact 范围内",
+        failure_behavior: "block",
+        contract_id: "artifact_contract",
+        diagnostic_code: "SF-GUARD-0002",
+        required_context: ["route", "target_path", "output_artifact_paths"],
+    },
+    {
+        guard_id: "guard-state-pseudo-promotion",
+        guard_type: "state",
+        enforced: true,
+        trigger_description: "非法状态转移: 终态/阻断态 → completed",
+        block_condition: "failed/blocked/requires_human → completed",
+        allow_condition: "合法状态转移路径",
+        failure_behavior: "block",
+        contract_id: "task_context_contract",
+        diagnostic_code: "SF-STATE-0001",
+        required_context: ["current_status", "target_status"],
+    },
+    {
+        guard_id: "guard-delivery-explicit",
+        guard_type: "delivery",
+        enforced: true,
+        trigger_description: "交付未显式触发",
+        block_condition: "delivery_readiness 自动触发 commit/push/PR/deploy",
+        allow_condition: "交付动作由 sf_deliver 显式触发",
+        failure_behavior: "block",
+        contract_id: "artifact_contract",
+        diagnostic_code: "SF-VERIFY-0002",
+        required_context: ["delivery_trigger"],
+    },
+    {
+        guard_id: "guard-knowledge-injectable",
+        guard_type: "knowledge_injection",
+        enforced: true,
+        trigger_description: "非 injectable 知识进入 prompt",
+        block_condition: "draft/quarantine/deprecated 知识被注入",
+        allow_condition: "知识状态为 active 且 injectable",
+        failure_behavior: "block",
+        contract_id: "knowledge_injection_contract",
+        diagnostic_code: "SF-GUARD-0001",
+        required_context: ["knowledge_state", "knowledge_lifecycle"],
+    },
+    {
+        guard_id: "guard-execution-destructive",
+        guard_type: "execution",
+        enforced: true,
+        trigger_description: "破坏性命令未确认",
+        block_condition: "destructive 命令无人工确认",
+        allow_condition: "命令经人工确认或有明确策略",
+        failure_behavior: "require_human",
+        contract_id: "command_execution_contract",
+        diagnostic_code: "SF-GUARD-0001",
+        required_context: ["command", "risk_level"],
+    },
+    {
+        guard_id: "guard-external-side-effect",
+        guard_type: "external_side_effect",
+        enforced: true,
+        trigger_description: "外部副作用未记录",
+        block_condition: "git push/PR/deploy/数据库迁移 无 evidence",
+        allow_condition: "副作用有完整 evidence 记录",
+        failure_behavior: "block",
+        contract_id: "delivery_readiness_contract",
+        diagnostic_code: "SF-FAILURE-0002",
+        required_context: ["action_type", "evidence"],
+    },
+    {
+        guard_id: "guard-prompt-auth",
+        guard_type: "prompt",
+        enforced: true,
+        trigger_description: "Prompt 授权超过 workflow contract",
+        block_condition: "prompt 包含超出 workflow 的权限",
+        allow_condition: "prompt 权限在 workflow 范围内",
+        failure_behavior: "block",
+        contract_id: "workflow_contract",
+        diagnostic_code: "SF-GUARD-0001",
+        required_context: ["workflow_id", "prompt_permissions"],
+    },
+];
+let runtimeGuards = null;
+function getRegistry() {
+    if (!runtimeGuards) {
+        runtimeGuards = new Map();
+        for (const entry of BUILTIN_GUARDS) {
+            runtimeGuards.set(entry.guard_id, { ...entry });
+        }
+    }
+    return runtimeGuards;
+}
+/** 列出所有护栏 */
+export function listAllGuards() {
+    return [...getRegistry().values()];
+}
+/** 按类型列出护栏 */
+export function listGuardsByType(type) {
+    return [...getRegistry().values()].filter((g) => g.guard_type === type);
+}
+/** 注册新护栏（运行时） */
+export function registerGuard(entry) {
+    const registry = getRegistry();
+    if (registry.has(entry.guard_id)) {
+        return { success: false, error: `护栏 ${entry.guard_id} 已存在` };
+    }
+    if (!getDiagnosticByCode(entry.diagnostic_code)) {
+        return { success: false, error: `诊断码 ${entry.diagnostic_code} 不存在` };
+    }
+    registry.set(entry.guard_id, { ...entry });
+    return { success: true };
+}
+/**
+ * 评估写入护栏。
+ * 检查 route 和 target_path 是否违反写入规则。
+ */
+export function evaluateWriteGuard(route, targetPath, outputArtifactPaths, contractId) {
+    const findings = [];
+    const read_only_routes = ["skip_chat", "direct_answer", "read_only_analysis"];
+    // 只读工作流写入检查
+    if (read_only_routes.some((r) => route.includes(r))) {
+        const guard = getRegistry().get("guard-write-readonly");
+        if (guard && guard.enforced) {
+            const canHardFail = canContractHardFail(guard.contract_id);
+            findings.push({
+                guard_id: guard.guard_id,
+                contract_id: guard.contract_id,
+                diagnostic_code: guard.diagnostic_code,
+                severity: canHardFail ? "hard_fail" : "warning",
+                action: guard.failure_behavior,
+                reason_zh: `只读路由 ${route} 不允许写入 ${targetPath}`,
+                blocked: canHardFail,
+                diagnostic_event: createDiagnosticEvent(guard.diagnostic_code, { route, targetPath }, contractId),
+            });
+        }
+    }
+    // scope 检查（source_extraction 超范围）
+    if (route.includes("source_extraction") && outputArtifactPaths.length > 0) {
+        if (!outputArtifactPaths.some((p) => targetPath.startsWith(p))) {
+            const guard = getRegistry().get("guard-write-scope");
+            if (guard && guard.enforced) {
+                const canHardFail = canContractHardFail(guard.contract_id);
+                findings.push({
+                    guard_id: guard.guard_id,
+                    contract_id: guard.contract_id,
+                    diagnostic_code: guard.diagnostic_code,
+                    severity: canHardFail ? "hard_fail" : "warning",
+                    action: guard.failure_behavior,
+                    reason_zh: `source_extraction 只能写入 output artifact 路径，不能写入 ${targetPath}`,
+                    blocked: canHardFail,
+                    diagnostic_event: createDiagnosticEvent(guard.diagnostic_code, { route, targetPath }, contractId),
+                });
+            }
+        }
+    }
+    return findings;
+}
+/**
+ * 评估状态护栏。
+ * 检查状态转移是否合法。
+ */
+export function evaluateStateGuard(currentStatus, targetStatus, contractId) {
+    const findings = [];
+    const BLOCKED_FROM = ["failed", "blocked", "requires_human"];
+    const BLOCKED_TO = "completed";
+    if (BLOCKED_FROM.includes(currentStatus) && targetStatus === BLOCKED_TO) {
+        const guard = getRegistry().get("guard-state-pseudo-promotion");
+        if (guard && guard.enforced) {
+            const canHardFail = canContractHardFail(guard.contract_id);
+            findings.push({
+                guard_id: guard.guard_id,
+                contract_id: guard.contract_id,
+                diagnostic_code: guard.diagnostic_code,
+                severity: canHardFail ? "hard_fail" : "warning",
+                action: guard.failure_behavior,
+                reason_zh: `非法状态转移: ${currentStatus} → completed`,
+                blocked: canHardFail,
+                diagnostic_event: createDiagnosticEvent(guard.diagnostic_code, { currentStatus, targetStatus }, contractId),
+            });
+        }
+    }
+    return findings;
+}
+/**
+ * 生成完整护栏评估报告。
+ */
+export function generateGuardEvaluationReport(workflowId, route, mutationAllowed, guardIds) {
+    const allowed = [];
+    const blocked = [];
+    const warnings = [];
+    const humanRequired = [];
+    for (const guardId of guardIds) {
+        const guard = getRegistry().get(guardId);
+        if (!guard)
+            continue;
+        if (!guard.enforced) {
+            allowed.push(guardId);
+            continue;
+        }
+        // 简化评估: 如果 mutation 不允许且 guard 是写入类型，则阻断
+        if (!mutationAllowed && guard.guard_type === "write") {
+            const canHardFail = canContractHardFail(guard.contract_id);
+            const finding = {
+                guard_id: guard.guard_id,
+                contract_id: guard.contract_id,
+                diagnostic_code: guard.diagnostic_code,
+                severity: canHardFail ? "hard_fail" : "warning",
+                action: guard.failure_behavior,
+                reason_zh: guard.trigger_description,
+                blocked: canHardFail,
+                diagnostic_event: createDiagnosticEvent(guard.diagnostic_code, { workflowId, route }),
+            };
+            blocked.push(finding);
+        }
+        else {
+            allowed.push(guardId);
+        }
+    }
+    return {
+        evaluated_at: new Date().toISOString(),
+        workflow_id: workflowId,
+        route,
+        mutation_allowed: mutationAllowed,
+        evaluated_guards: guardIds,
+        allowed,
+        blocked,
+        warnings,
+        human_required: humanRequired,
+    };
+}
+/**
+ * 校验所有 guard 的 contract_id 是否存在于 Contract Registry。
+ */
+export function validateGuardContractIds(contractExistsFn) {
+    const findings = [];
+    for (const guard of getRegistry().values()) {
+        if (!contractExistsFn(guard.contract_id)) {
+            findings.push({
+                guard_id: guard.guard_id,
+                contract_id: guard.contract_id,
+                severity: "hard_fail",
+            });
+        }
+    }
+    return findings;
+}
+/**
+ * 评估交付就绪护栏。
+ * 检查交付是否由 sf_deliver 显式触发，验证结果是否满足交付条件。
+ */
+export function evaluateDeliveryReadinessGuard(verificationResult, verificationPlan) {
+    const findings = [];
+    // guard-delivery-explicit: 交付必须由 sf_deliver 显式触发
+    const guard = getRegistry().get("guard-delivery-explicit");
+    if (guard && guard.enforced) {
+        // 如果验证结果不存在或是 plan_only，给出警告
+        if (!verificationResult || verificationResult.status === "not_executed") {
+            const canHardFail = canContractHardFail(guard.contract_id);
+            findings.push({
+                guard_id: guard.guard_id,
+                contract_id: guard.contract_id,
+                diagnostic_code: guard.diagnostic_code,
+                severity: canHardFail ? "hard_fail" : "warning",
+                action: guard.failure_behavior,
+                reason_zh: verificationResult
+                    ? `验证结果状态为 ${verificationResult.status}，未通过真实执行验证`
+                    : "无验证结果，不得交付",
+                blocked: canHardFail,
+                diagnostic_event: createDiagnosticEvent(guard.diagnostic_code, { verification_status: verificationResult?.status ?? "missing" }, guard.contract_id),
+            });
+        }
+    }
+    return findings;
+}
+/** 重置注册表（测试用） */
+export function resetGuardRegistry() {
+    runtimeGuards = null;
+}
+//# sourceMappingURL=enforcement_guard.js.map

package/dist/engine/enforcement_guard.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"enforcement_guard.js","sourceRoot":"","sources":["../../src/engine/enforcement_guard.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,mBAAmB,EAAE,qBAAqB,EAAwB,MAAM,0BAA0B,CAAC;AAC5G,OAAO,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAkD7D,MAAM,cAAc,GAAqC;IACvD;QACE,QAAQ,EAAE,sBAAsB;QAChC,UAAU,EAAE,OAAO;QACnB,QAAQ,EAAE,IAAI;QACd,mBAAmB,EAAE,aAAa;QAClC,eAAe,EAAE,6DAA6D;QAC9E,eAAe,EAAE,YAAY;QAC7B,gBAAgB,EAAE,OAAO;QACzB,WAAW,EAAE,4BAA4B;QACzC,eAAe,EAAE,eAAe;QAChC,gBAAgB,EAAE,CAAC,OAAO,EAAE,aAAa,CAAC;KAC3C;IACD;QACE,QAAQ,EAAE,mBAAmB;QAC7B,UAAU,EAAE,OAAO;QACnB,QAAQ,EAAE,IAAI;QACd,mBAAmB,EAAE,yBAAyB;QAC9C,eAAe,EAAE,0CAA0C;QAC3D,eAAe,EAAE,2BAA2B;QAC5C,gBAAgB,EAAE,OAAO;QACzB,WAAW,EAAE,mBAAmB;QAChC,eAAe,EAAE,eAAe;QAChC,gBAAgB,EAAE,CAAC,OAAO,EAAE,aAAa,EAAE,uBAAuB,CAAC;KACpE;IACD;QACE,QAAQ,EAAE,8BAA8B;QACxC,UAAU,EAAE,OAAO;QACnB,QAAQ,EAAE,IAAI;QACd,mBAAmB,EAAE,4BAA4B;QACjD,eAAe,EAAE,2CAA2C;QAC5D,eAAe,EAAE,UAAU;QAC3B,gBAAgB,EAAE,OAAO;QACzB,WAAW,EAAE,uBAAuB;QACpC,eAAe,EAAE,eAAe;QAChC,gBAAgB,EAAE,CAAC,gBAAgB,EAAE,eAAe,CAAC;KACtD;IACD;QACE,QAAQ,EAAE,yBAAyB;QACnC,UAAU,EAAE,UAAU;QACtB,QAAQ,EAAE,IAAI;QACd,mBAAmB,EAAE,SAAS;QAC9B,eAAe,EAAE,+CAA+C;QAChE,eAAe,EAAE,uBAAuB;QACxC,gBAAgB,EAAE,OAAO;QACzB,WAAW,EAAE,mBAAmB;QAChC,eAAe,EAAE,gBAAgB;QACjC,gBAAgB,EAAE,CAAC,kBAAkB,CAAC;KACvC;IACD;QACE,QAAQ,EAAE,4BAA4B;QACtC,UAAU,EAAE,qBAAqB;QACjC,QAAQ,EAAE,IAAI;QACd,mBAAmB,EAAE,0BAA0B;QAC/C,eAAe,EAAE,mCAAmC;QACpD,eAAe,EAAE,2BAA2B;QAC5C,gBAAgB,EAAE,OAAO;QACzB,WAAW,EAAE,8BAA8B;QAC3C,eAAe,EAAE,eAAe;QAChC,gBAAgB,EAAE,CAAC,iBAAiB,EAAE,qBAAqB,CAAC;KAC7D;IACD;QACE,QAAQ,EAAE,6BAA6B;QACvC,UAAU,EAAE,WAAW;QACvB,QAAQ,EAAE,IAAI;QACd,mBAAmB,EAAE,UAAU;QAC/B,eAAe,EAAE,qBAAqB;QACtC,eAAe,EAAE,eAAe;QAChC,gBAAgB,EAAE,eAAe;QACjC,WAAW,EAAE,4BAA4B;QACzC,eAAe,EAAE,eAAe;QAChC,gBAAgB,EAAE,CAAC,SAAS,EAAE,YAAY,CAAC;KAC5C;IACD;QACE,QAAQ,EAAE,4BAA4B;QACtC,UAAU,EAAE,sBAAsB;QAClC,QAAQ,EAAE,IAAI;QACd,mBAAmB,EAAE,UAAU;QAC/B,eAAe,EAAE,qCAAqC;QACtD,eAAe,EAAE,oBAAoB;QACrC,gBAAgB,EAAE,OAAO;QACzB,WAAW,EAAE,6BAA6B;QAC1C,eAAe,EAAE,iBAAiB;QAClC,gBAAgB,EAAE,CAAC,aAAa,EAAE,UAAU,CAAC;KAC9C;IACD;QACE,QAAQ,EAAE,mBAAmB;QAC7B,UAAU,EAAE,QAAQ;QACpB,QAAQ,EAAE,IAAI;QACd,mBAAmB,EAAE,+BAA+B;QACpD,eAAe,EAAE,0BAA0B;QAC3C,eAAe,EAAE,yBAAyB;QAC1C,gBAAgB,EAAE,OAAO;QACzB,WAAW,EAAE,mBAAmB;QAChC,eAAe,EAAE,eAAe;QAChC,gBAAgB,EAAE,CAAC,aAAa,EAAE,oBAAoB,CAAC;KACxD;CACF,CAAC;AAEF,IAAI,aAAa,GAA8C,IAAI,CAAC;AAEpE,SAAS,WAAW;IAClB,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,aAAa,GAAG,IAAI,GAAG,EAAE,CAAC;QAC1B,KAAK,MAAM,KAAK,IAAI,cAAc,EAAE,CAAC;YACnC,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,EAAE,GAAG,KAAK,EAAE,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IACD,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,aAAa;AACb,MAAM,UAAU,aAAa;IAC3B,OAAO,CAAC,GAAG,WAAW,EAAE,CAAC,MAAM,EAAE,CAAC,CAAC;AACrC,CAAC;AAED,cAAc;AACd,MAAM,UAAU,gBAAgB,CAAC,IAAe;IAC9C,OAAO,CAAC,GAAG,WAAW,EAAE,CAAC,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,IAAI,CAAC,CAAC;AAC1E,CAAC;AAED,iBAAiB;AACjB,MAAM,UAAU,aAAa,CAAC,KAA4B;IACxD,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAC/B,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC;QACjC,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,KAAK,CAAC,QAAQ,MAAM,EAAE,CAAC;IAC/D,CAAC;IACD,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,eAAe,CAAC,EAAE,CAAC;QAChD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,KAAK,CAAC,eAAe,MAAM,EAAE,CAAC;IACvE,CAAC;IACD,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,EAAE,GAAG,KAAK,EAAE,CAAC,CAAC;IAC3C,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;AAC3B,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAChC,KAAa,EACb,UAAkB,EAClB,mBAA6B,EAC7B,UAAkB;IAElB,MAAM,QAAQ,GAAmB,EAAE,CAAC;IACpC,MAAM,gBAAgB,GAAG,CAAC,WAAW,EAAE,eAAe,EAAE,oBAAoB,CAAC,CAAC;IAE9E,YAAY;IACZ,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACpD,MAAM,KAAK,GAAG,WAAW,EAAE,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;QACxD,IAAI,KAAK,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,mBAAmB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;YAC3D,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,eAAe,EAAE,KAAK,CAAC,eAAe;gBACtC,QAAQ,EAAE,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;gBAC/C,MAAM,EAAE,KAAK,CAAC,gBAAgB;gBAC9B,SAAS,EAAE,QAAQ,KAAK,UAAU,UAAU,EAAE;gBAC9C,OAAO,EAAE,WAAW;gBACpB,gBAAgB,EAAE,qBAAqB,CAAC,KAAK,CAAC,eAAe,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,EAAE,UAAU,CAAC;aAClG,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,kCAAkC;IAClC,IAAI,KAAK,CAAC,QAAQ,CAAC,mBAAmB,CAAC,IAAI,mBAAmB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1E,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC/D,MAAM,KAAK,GAAG,WAAW,EAAE,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;YACrD,IAAI,KAAK,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;gBAC5B,MAAM,WAAW,GAAG,mBAAmB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;gBAC3D,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAE,KAAK,CAAC,QAAQ;oBACxB,WAAW,EAAE,KAAK,CAAC,WAAW;oBAC9B,eAAe,EAAE,KAAK,CAAC,eAAe;oBACtC,QAAQ,EAAE,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;oBAC/C,MAAM,EAAE,KAAK,CAAC,gBAAgB;oBAC9B,SAAS,EAAE,kDAAkD,UAAU,EAAE;oBACzE,OAAO,EAAE,WAAW;oBACpB,gBAAgB,EAAE,qBAAqB,CAAC,KAAK,CAAC,eAAe,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,EAAE,UAAU,CAAC;iBAClG,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,kBAAkB,CAChC,aAAqB,EACrB,YAAoB,EACpB,UAAkB;IAElB,MAAM,QAAQ,GAAmB,EAAE,CAAC;IACpC,MAAM,YAAY,GAAa,CAAC,QAAQ,EAAE,SAAS,EAAE,gBAAgB,CAAC,CAAC;IACvE,MAAM,UAAU,GAAG,WAAW,CAAC;IAE/B,IAAI,YAAY,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,YAAY,KAAK,UAAU,EAAE,CAAC;QACxE,MAAM,KAAK,GAAG,WAAW,EAAE,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;QAChE,IAAI,KAAK,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;YAC5B,MAAM,WAAW,GAAG,mBAAmB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;YAC3D,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,eAAe,EAAE,KAAK,CAAC,eAAe;gBACtC,QAAQ,EAAE,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;gBAC/C,MAAM,EAAE,KAAK,CAAC,gBAAgB;gBAC9B,SAAS,EAAE,WAAW,aAAa,cAAc;gBACjD,OAAO,EAAE,WAAW;gBACpB,gBAAgB,EAAE,qBAAqB,CAAC,KAAK,CAAC,eAAe,EAAE,EAAE,aAAa,EAAE,YAAY,EAAE,EAAE,UAAU,CAAC;aAC5G,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,6BAA6B,CAC3C,UAAkB,EAClB,KAAa,EACb,eAAwB,EACxB,QAAkB;IAElB,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,MAAM,OAAO,GAAmB,EAAE,CAAC;IACnC,MAAM,QAAQ,GAAmB,EAAE,CAAC;IACpC,MAAM,aAAa,GAAmB,EAAE,CAAC;IAEzC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,KAAK,GAAG,WAAW,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACzC,IAAI,CAAC,KAAK;YAAE,SAAS;QAErB,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;YACpB,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACtB,SAAS;QACX,CAAC;QAED,yCAAyC;QACzC,IAAI,CAAC,eAAe,IAAI,KAAK,CAAC,UAAU,KAAK,OAAO,EAAE,CAAC;YACrD,MAAM,WAAW,GAAG,mBAAmB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;YAC3D,MAAM,OAAO,GAAiB;gBAC5B,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,eAAe,EAAE,KAAK,CAAC,eAAe;gBACtC,QAAQ,EAAE,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;gBAC/C,MAAM,EAAE,KAAK,CAAC,gBAAgB;gBAC9B,SAAS,EAAE,KAAK,CAAC,mBAAmB;gBACpC,OAAO,EAAE,WAAW;gBACpB,gBAAgB,EAAE,qBAAqB,CAAC,KAAK,CAAC,eAAe,EAAE,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC;aACtF,CAAC;YACF,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACxB,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACxB,CAAC;IACH,CAAC;IAED,OAAO;QACL,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACtC,WAAW,EAAE,UAAU;QACvB,KAAK;QACL,gBAAgB,EAAE,eAAe;QACjC,gBAAgB,EAAE,QAAQ;QAC1B,OAAO;QACP,OAAO;QACP,QAAQ;QACR,cAAc,EAAE,aAAa;KAC9B,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,wBAAwB,CACtC,gBAAyC;IAEzC,MAAM,QAAQ,GAA4E,EAAE,CAAC;IAC7F,KAAK,MAAM,KAAK,IAAI,WAAW,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC;QAC3C,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC;YACzC,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,QAAQ,EAAE,WAAW;aACtB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,8BAA8B,CAC5C,kBAAuF,EACvF,gBAAmF;IAEnF,MAAM,QAAQ,GAAmB,EAAE,CAAC;IAEpC,iDAAiD;IACjD,MAAM,KAAK,GAAG,WAAW,EAAE,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;IAC3D,IAAI,KAAK,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;QAC5B,6BAA6B;QAC7B,IAAI,CAAC,kBAAkB,IAAI,kBAAkB,CAAC,MAAM,KAAK,cAAc,EAAE,CAAC;YACxE,MAAM,WAAW,GAAG,mBAAmB,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;YAC3D,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,eAAe,EAAE,KAAK,CAAC,eAAe;gBACtC,QAAQ,EAAE,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;gBAC/C,MAAM,EAAE,KAAK,CAAC,gBAAgB;gBAC9B,SAAS,EAAE,kBAAkB;oBAC3B,CAAC,CAAC,WAAW,kBAAkB,CAAC,MAAM,YAAY;oBAClD,CAAC,CAAC,YAAY;gBAChB,OAAO,EAAE,WAAW;gBACpB,gBAAgB,EAAE,qBAAqB,CACrC,KAAK,CAAC,eAAe,EACrB,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,MAAM,IAAI,SAAS,EAAE,EAChE,KAAK,CAAC,WAAW,CAClB;aACF,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,iBAAiB;AACjB,MAAM,UAAU,kBAAkB;IAChC,aAAa,GAAG,IAAI,CAAC;AACvB,CAAC"}

package/dist/engine/failure_report.d.ts

@@ -0,0 +1,74 @@
+/**
+ * 失败报告 — 问题十三 (Failure / Recovery Policy)。
+ *
+ * 核心规则:
+ * - 失败必须分类为明确 FailureClass
+ * - deterministic 不无限重试
+ * - scope_insufficient 不静默扩大
+ * - external_side_effect 部分成功必须记录已发生动作
+ * - retry 必须有预算、原因和新证据
+ * - unknown failure 不标记 completed
+ */
+import { type DiagnosticEvent } from "./diagnostic_registry.js";
+export type FailureClass = "deterministic" | "fixable" | "scope_insufficient" | "external_side_effect" | "state_inconsistent" | "human_required" | "unknown";
+export type RecoveryAction = "retry" | "escalate" | "expand_scope" | "require_human" | "rollback" | "abort";
+export interface FailureReport {
+    failure_id: string;
+    task_id: string;
+    contract_id?: string;
+    failure_class: FailureClass;
+    /** 脱敏后的摘要，不含 raw output */
+    redacted_summary: string;
+    /** 稳定内容哈希，用于去重和追溯 */
+    error_output_hash: string;
+    /** 原始输出不保留，只存 evidence ref */
+    evidence_ref?: string;
+    retry_count: number;
+    retry_budget: number;
+    retry_remaining: number;
+    occurred_at: string;
+    actions_taken: string[];
+    external_side_effects?: string[];
+    diagnostic_event: DiagnosticEvent | null;
+}
+export interface RecoveryPolicy {
+    policy_id: string;
+    failure_class: FailureClass;
+    max_retries: number;
+    action: RecoveryAction;
+    requires_new_evidence: boolean;
+    requires_human_confirmation: boolean;
+    diagnostic_code: string;
+}
+export interface RecoveryAttempt {
+    attempt_id: string;
+    failure_id: string;
+    policy_id: string;
+    action: RecoveryAction;
+    new_evidence_ids: string[];
+    result: "success" | "failure" | "in_progress";
+    attempted_at: string;
+}
+/** 按 FailureClass 获取恢复策略 */
+export declare function getRecoveryPolicy(failureClass: FailureClass): RecoveryPolicy | undefined;
+/** 列出所有恢复策略 */
+export declare function listRecoveryPolicies(): RecoveryPolicy[];
+/** 检查是否包含敏感内容 */
+export declare function containsSensitiveContent(content: string): boolean;
+/** 创建失败报告（含自检: 脱敏后仍含敏感内容时强制二次脱敏） */
+export declare function createFailureReport(taskId: string, failureClass: FailureClass, errorOutput: string, retryCount: number, retryBudget: number, contractId?: string, externalSideEffects?: string[]): FailureReport;
+/**
+ * 判断是否允许重试。
+ * - deterministic 不允许
+ * - 超预算不允许
+ * - human_required 不允许
+ */
+export declare function canRetry(failureClass: FailureClass, retryCount: number, retryBudget: number): boolean;
+/**
+ * 验证失败处理规则。
+ */
+export declare function validateFailureHandling(report: FailureReport): Array<{
+    error: string;
+    severity: "hard_fail" | "warning";
+}>;
+//# sourceMappingURL=failure_report.d.ts.map

package/dist/engine/failure_report.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"failure_report.d.ts","sourceRoot":"","sources":["../../src/engine/failure_report.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAyB,KAAK,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAGvF,MAAM,MAAM,YAAY,GACpB,eAAe,GACf,SAAS,GACT,oBAAoB,GACpB,sBAAsB,GACtB,oBAAoB,GACpB,gBAAgB,GAChB,SAAS,CAAC;AAEd,MAAM,MAAM,cAAc,GAAG,OAAO,GAAG,UAAU,GAAG,cAAc,GAAG,eAAe,GAAG,UAAU,GAAG,OAAO,CAAC;AAE5G,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,YAAY,CAAC;IAC5B,2BAA2B;IAC3B,gBAAgB,EAAE,MAAM,CAAC;IACzB,qBAAqB;IACrB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,8BAA8B;IAC9B,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,eAAe,EAAE,MAAM,CAAC;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,qBAAqB,CAAC,EAAE,MAAM,EAAE,CAAC;IACjC,gBAAgB,EAAE,eAAe,GAAG,IAAI,CAAC;CAC1C;AAED,MAAM,WAAW,cAAc;IAC7B,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,YAAY,CAAC;IAC5B,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,cAAc,CAAC;IACvB,qBAAqB,EAAE,OAAO,CAAC;IAC/B,2BAA2B,EAAE,OAAO,CAAC;IACrC,eAAe,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,eAAe;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,cAAc,CAAC;IACvB,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,MAAM,EAAE,SAAS,GAAG,SAAS,GAAG,aAAa,CAAC;IAC9C,YAAY,EAAE,MAAM,CAAC;CACtB;AAoBD,4BAA4B;AAC5B,wBAAgB,iBAAiB,CAAC,YAAY,EAAE,YAAY,GAAG,cAAc,GAAG,SAAS,CAExF;AAED,eAAe;AACf,wBAAgB,oBAAoB,IAAI,cAAc,EAAE,CAEvD;AAiCD,iBAAiB;AACjB,wBAAgB,wBAAwB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAEjE;AAED,oCAAoC;AACpC,wBAAgB,mBAAmB,CACjC,MAAM,EAAE,MAAM,EACd,YAAY,EAAE,YAAY,EAC1B,WAAW,EAAE,MAAM,EACnB,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,MAAM,EACnB,UAAU,CAAC,EAAE,MAAM,EACnB,mBAAmB,CAAC,EAAE,MAAM,EAAE,GAC7B,aAAa,CAkCf;AAED;;;;;GAKG;AACH,wBAAgB,QAAQ,CAAC,YAAY,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,OAAO,CAKrG;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,MAAM,EAAE,aAAa,GAAG,KAAK,CAAC;IAAE,KAAK,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,WAAW,GAAG,SAAS,CAAA;CAAE,CAAC,CAiC1H"}

package/dist/engine/failure_report.js

@@ -0,0 +1,143 @@
+/**
+ * 失败报告 — 问题十三 (Failure / Recovery Policy)。
+ *
+ * 核心规则:
+ * - 失败必须分类为明确 FailureClass
+ * - deterministic 不无限重试
+ * - scope_insufficient 不静默扩大
+ * - external_side_effect 部分成功必须记录已发生动作
+ * - retry 必须有预算、原因和新证据
+ * - unknown failure 不标记 completed
+ */
+import { createDiagnosticEvent } from "./diagnostic_registry.js";
+import { createHash } from "node:crypto";
+// 内置恢复策略
+const BUILTIN_RECOVERY_POLICIES = [
+    { policy_id: "rp-deterministic", failure_class: "deterministic", max_retries: 0, action: "escalate",
+        requires_new_evidence: true, requires_human_confirmation: true, diagnostic_code: "SF-FAILURE-0001" },
+    { policy_id: "rp-fixable", failure_class: "fixable", max_retries: 3, action: "retry",
+        requires_new_evidence: true, requires_human_confirmation: false, diagnostic_code: "SF-FAILURE-0001" },
+    { policy_id: "rp-scope-insufficient", failure_class: "scope_insufficient", max_retries: 1, action: "require_human",
+        requires_new_evidence: true, requires_human_confirmation: true, diagnostic_code: "SF-FAILURE-0001" },
+    { policy_id: "rp-external-side-effect", failure_class: "external_side_effect", max_retries: 0, action: "rollback",
+        requires_new_evidence: true, requires_human_confirmation: true, diagnostic_code: "SF-FAILURE-0002" },
+    { policy_id: "rp-state-inconsistent", failure_class: "state_inconsistent", max_retries: 0, action: "abort",
+        requires_new_evidence: true, requires_human_confirmation: true, diagnostic_code: "SF-STATE-0001" },
+    { policy_id: "rp-human-required", failure_class: "human_required", max_retries: 0, action: "require_human",
+        requires_new_evidence: false, requires_human_confirmation: true, diagnostic_code: "SF-FAILURE-0001" },
+    { policy_id: "rp-unknown", failure_class: "unknown", max_retries: 0, action: "escalate",
+        requires_new_evidence: true, requires_human_confirmation: true, diagnostic_code: "SF-FAILURE-0001" },
+];
+/** 按 FailureClass 获取恢复策略 */
+export function getRecoveryPolicy(failureClass) {
+    return BUILTIN_RECOVERY_POLICIES.find((p) => p.failure_class === failureClass);
+}
+/** 列出所有恢复策略 */
+export function listRecoveryPolicies() {
+    return [...BUILTIN_RECOVERY_POLICIES];
+}
+// 敏感内容模式 — raw output/secret/PII
+const SENSITIVE_PATTERNS = [
+    /sk-[a-zA-Z0-9]{20,}/, // API key
+    /\b\d{11}\b/, // 手机号
+    /password\s*[:=]\s*\S+/i, // password=
+    /secret\s*[:=]\s*\S+/i, // secret=
+    /api_key\s*[:=]\s*\S+/i, // api_key=
+    /token\s*[:=]\s*\S+/i, // token=
+    /raw_stdout/i, // raw stdout 标记
+    /raw_stderr/i, // raw stderr 标记
+];
+/** 脱敏: 全局替换所有敏感内容，返回 redacted summary */
+function redactErrorOutput(raw) {
+    let result = raw;
+    // 全局替换所有敏感模式（使用 replaceAll 语义，确保多次出现都处理）
+    for (const pattern of SENSITIVE_PATTERNS) {
+        result = result.replace(new RegExp(pattern.source, pattern.flags.includes("g") ? pattern.flags : pattern.flags + "g"), "[REDACTED]");
+    }
+    // 截断防止大段输出
+    if (result.length > 200) {
+        result = result.substring(0, 200) + "...[truncated]";
+    }
+    return result;
+}
+/** 稳定内容哈希 */
+function stableHash(content) {
+    return createHash("sha256").update(content).digest("hex").substring(0, 16);
+}
+/** 检查是否包含敏感内容 */
+export function containsSensitiveContent(content) {
+    return SENSITIVE_PATTERNS.some((p) => p.test(content));
+}
+/** 创建失败报告（含自检: 脱敏后仍含敏感内容时强制二次脱敏） */
+export function createFailureReport(taskId, failureClass, errorOutput, retryCount, retryBudget, contractId, externalSideEffects) {
+    const policy = getRecoveryPolicy(failureClass);
+    const diagCode = policy?.diagnostic_code ?? "SF-FAILURE-0001";
+    const diagEvent = createDiagnosticEvent(diagCode, { failure_class: failureClass, retry_count: retryCount }, contractId, taskId);
+    const hash = stableHash(errorOutput);
+    let redacted = redactErrorOutput(errorOutput);
+    // 自检: 脱敏后仍含敏感内容时强制替换为占位符
+    if (containsSensitiveContent(redacted)) {
+        redacted = "[内容已全部脱敏，原始输出不可展示]";
+    }
+    return {
+        failure_id: `fr-${taskId}-${hash}`,
+        task_id: taskId,
+        contract_id: contractId,
+        failure_class: failureClass,
+        redacted_summary: redacted,
+        error_output_hash: hash,
+        evidence_ref: undefined,
+        retry_count: retryCount,
+        retry_budget: retryBudget,
+        retry_remaining: Math.max(0, retryBudget - retryCount),
+        occurred_at: new Date().toISOString(),
+        actions_taken: [],
+        external_side_effects: externalSideEffects,
+        diagnostic_event: diagEvent,
+    };
+}
+/**
+ * 判断是否允许重试。
+ * - deterministic 不允许
+ * - 超预算不允许
+ * - human_required 不允许
+ */
+export function canRetry(failureClass, retryCount, retryBudget) {
+    if (failureClass === "deterministic" || failureClass === "human_required" || failureClass === "unknown") {
+        return false;
+    }
+    return retryCount < retryBudget;
+}
+/**
+ * 验证失败处理规则。
+ */
+export function validateFailureHandling(report) {
+    const errors = [];
+    if (report.failure_class === "deterministic" && report.retry_count > 0) {
+        errors.push({
+            error: `deterministic 失败不应重试，但已重试 ${report.retry_count} 次`,
+            severity: "hard_fail",
+        });
+    }
+    if (report.failure_class === "external_side_effect" && !report.external_side_effects) {
+        errors.push({
+            error: "external_side_effect 失败必须记录已发生动作",
+            severity: "hard_fail",
+        });
+    }
+    if (report.retry_remaining < 0) {
+        errors.push({
+            error: `重试次数超过预算: ${report.retry_count}/${report.retry_budget}`,
+            severity: "hard_fail",
+        });
+    }
+    // 红线: redacted_summary 不得包含敏感原文
+    if (containsSensitiveContent(report.redacted_summary)) {
+        errors.push({
+            error: "FailureReport redacted_summary 仍包含敏感内容（secret/PII/raw output）",
+            severity: "hard_fail",
+        });
+    }
+    return errors;
+}
+//# sourceMappingURL=failure_report.js.map

package/dist/engine/failure_report.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"failure_report.js","sourceRoot":"","sources":["../../src/engine/failure_report.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,OAAO,EAAE,qBAAqB,EAAwB,MAAM,0BAA0B,CAAC;AACvF,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAqDzC,SAAS;AACT,MAAM,yBAAyB,GAA8B;IAC3D,EAAE,SAAS,EAAE,kBAAkB,EAAE,aAAa,EAAE,eAAe,EAAE,WAAW,EAAE,CAAC,EAAE,MAAM,EAAE,UAAU;QACjG,qBAAqB,EAAE,IAAI,EAAE,2BAA2B,EAAE,IAAI,EAAE,eAAe,EAAE,iBAAiB,EAAE;IACtG,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,EAAE,MAAM,EAAE,OAAO;QAClF,qBAAqB,EAAE,IAAI,EAAE,2BAA2B,EAAE,KAAK,EAAE,eAAe,EAAE,iBAAiB,EAAE;IACvG,EAAE,SAAS,EAAE,uBAAuB,EAAE,aAAa,EAAE,oBAAoB,EAAE,WAAW,EAAE,CAAC,EAAE,MAAM,EAAE,eAAe;QAChH,qBAAqB,EAAE,IAAI,EAAE,2BAA2B,EAAE,IAAI,EAAE,eAAe,EAAE,iBAAiB,EAAE;IACtG,EAAE,SAAS,EAAE,yBAAyB,EAAE,aAAa,EAAE,sBAAsB,EAAE,WAAW,EAAE,CAAC,EAAE,MAAM,EAAE,UAAU;QAC/G,qBAAqB,EAAE,IAAI,EAAE,2BAA2B,EAAE,IAAI,EAAE,eAAe,EAAE,iBAAiB,EAAE;IACtG,EAAE,SAAS,EAAE,uBAAuB,EAAE,aAAa,EAAE,oBAAoB,EAAE,WAAW,EAAE,CAAC,EAAE,MAAM,EAAE,OAAO;QACxG,qBAAqB,EAAE,IAAI,EAAE,2BAA2B,EAAE,IAAI,EAAE,eAAe,EAAE,eAAe,EAAE;IACpG,EAAE,SAAS,EAAE,mBAAmB,EAAE,aAAa,EAAE,gBAAgB,EAAE,WAAW,EAAE,CAAC,EAAE,MAAM,EAAE,eAAe;QACxG,qBAAqB,EAAE,KAAK,EAAE,2BAA2B,EAAE,IAAI,EAAE,eAAe,EAAE,iBAAiB,EAAE;IACvG,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,EAAE,WAAW,EAAE,CAAC,EAAE,MAAM,EAAE,UAAU;QACrF,qBAAqB,EAAE,IAAI,EAAE,2BAA2B,EAAE,IAAI,EAAE,eAAe,EAAE,iBAAiB,EAAE;CACvG,CAAC;AAEF,4BAA4B;AAC5B,MAAM,UAAU,iBAAiB,CAAC,YAA0B;IAC1D,OAAO,yBAAyB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,KAAK,YAAY,CAAC,CAAC;AACjF,CAAC;AAED,eAAe;AACf,MAAM,UAAU,oBAAoB;IAClC,OAAO,CAAC,GAAG,yBAAyB,CAAC,CAAC;AACxC,CAAC;AAED,iCAAiC;AACjC,MAAM,kBAAkB,GAAa;IACnC,qBAAqB,EAAiB,UAAU;IAChD,YAAY,EAA2B,MAAM;IAC7C,wBAAwB,EAAc,YAAY;IAClD,sBAAsB,EAAe,UAAU;IAC/C,uBAAuB,EAAc,WAAW;IAChD,qBAAqB,EAAgB,SAAS;IAC9C,aAAa,EAA0B,gBAAgB;IACvD,aAAa,EAA0B,gBAAgB;CACxD,CAAC;AAEF,yCAAyC;AACzC,SAAS,iBAAiB,CAAC,GAAW;IACpC,IAAI,MAAM,GAAG,GAAG,CAAC;IACjB,yCAAyC;IACzC,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;QACzC,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,GAAG,GAAG,CAAC,EAAE,YAAY,CAAC,CAAC;IACvI,CAAC;IACD,WAAW;IACX,IAAI,MAAM,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACxB,MAAM,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,gBAAgB,CAAC;IACvD,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,aAAa;AACb,SAAS,UAAU,CAAC,OAAe;IACjC,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AAC7E,CAAC;AAED,iBAAiB;AACjB,MAAM,UAAU,wBAAwB,CAAC,OAAe;IACtD,OAAO,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AACzD,CAAC;AAED,oCAAoC;AACpC,MAAM,UAAU,mBAAmB,CACjC,MAAc,EACd,YAA0B,EAC1B,WAAmB,EACnB,UAAkB,EAClB,WAAmB,EACnB,UAAmB,EACnB,mBAA8B;IAE9B,MAAM,MAAM,GAAG,iBAAiB,CAAC,YAAY,CAAC,CAAC;IAC/C,MAAM,QAAQ,GAAG,MAAM,EAAE,eAAe,IAAI,iBAAiB,CAAC;IAC9D,MAAM,SAAS,GAAG,qBAAqB,CACrC,QAAQ,EACR,EAAE,aAAa,EAAE,YAAY,EAAE,WAAW,EAAE,UAAU,EAAE,EACxD,UAAU,EACV,MAAM,CACP,CAAC;IAEF,MAAM,IAAI,GAAG,UAAU,CAAC,WAAW,CAAC,CAAC;IACrC,IAAI,QAAQ,GAAG,iBAAiB,CAAC,WAAW,CAAC,CAAC;IAE9C,yBAAyB;IACzB,IAAI,wBAAwB,CAAC,QAAQ,CAAC,EAAE,CAAC;QACvC,QAAQ,GAAG,oBAAoB,CAAC;IAClC,CAAC;IAED,OAAO;QACL,UAAU,EAAE,MAAM,MAAM,IAAI,IAAI,EAAE;QAClC,OAAO,EAAE,MAAM;QACf,WAAW,EAAE,UAAU;QACvB,aAAa,EAAE,YAAY;QAC3B,gBAAgB,EAAE,QAAQ;QAC1B,iBAAiB,EAAE,IAAI;QACvB,YAAY,EAAE,SAAS;QACvB,WAAW,EAAE,UAAU;QACvB,YAAY,EAAE,WAAW;QACzB,eAAe,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,WAAW,GAAG,UAAU,CAAC;QACtD,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACrC,aAAa,EAAE,EAAE;QACjB,qBAAqB,EAAE,mBAAmB;QAC1C,gBAAgB,EAAE,SAAS;KAC5B,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,QAAQ,CAAC,YAA0B,EAAE,UAAkB,EAAE,WAAmB;IAC1F,IAAI,YAAY,KAAK,eAAe,IAAI,YAAY,KAAK,gBAAgB,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC;QACxG,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,UAAU,GAAG,WAAW,CAAC;AAClC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,uBAAuB,CAAC,MAAqB;IAC3D,MAAM,MAAM,GAAgE,EAAE,CAAC;IAE/E,IAAI,MAAM,CAAC,aAAa,KAAK,eAAe,IAAI,MAAM,CAAC,WAAW,GAAG,CAAC,EAAE,CAAC;QACvE,MAAM,CAAC,IAAI,CAAC;YACV,KAAK,EAAE,6BAA6B,MAAM,CAAC,WAAW,IAAI;YAC1D,QAAQ,EAAE,WAAW;SACtB,CAAC,CAAC;IACL,CAAC;IAED,IAAI,MAAM,CAAC,aAAa,KAAK,sBAAsB,IAAI,CAAC,MAAM,CAAC,qBAAqB,EAAE,CAAC;QACrF,MAAM,CAAC,IAAI,CAAC;YACV,KAAK,EAAE,kCAAkC;YACzC,QAAQ,EAAE,WAAW;SACtB,CAAC,CAAC;IACL,CAAC;IAED,IAAI,MAAM,CAAC,eAAe,GAAG,CAAC,EAAE,CAAC;QAC/B,MAAM,CAAC,IAAI,CAAC;YACV,KAAK,EAAE,aAAa,MAAM,CAAC,WAAW,IAAI,MAAM,CAAC,YAAY,EAAE;YAC/D,QAAQ,EAAE,WAAW;SACtB,CAAC,CAAC;IACL,CAAC;IAED,gCAAgC;IAChC,IAAI,wBAAwB,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE,CAAC;QACtD,MAAM,CAAC,IAAI,CAAC;YACV,KAAK,EAAE,+DAA+D;YACtE,QAAQ,EAAE,WAAW;SACtB,CAAC,CAAC;IACL,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/engine/governance_report.d.ts

@@ -10,6 +10,7 @@ import type { DualLayerGovernanceFinding } from "../types.js";
 import { type OutputArtifact, type ArtifactGovernanceFinding } from "./artifact_contract_registry.js";
 import { type ConfigResolutionReport, type ConfigEvidenceEntry, type ConfigPrecedenceGovernanceFinding } from "./config_precedence_contract.js";
 import { type CorePrinciplesReport } from "./core_engineering_principles.js";
+import { type ContractGovernanceFinding } from "./contract_registry.js";
 export interface PolicySummary {
     policy_id: string;
     escape_count: number;
@@ -63,6 +64,13 @@ export interface GovernanceReport {
             findings: string[];
         }>;
     };
+    contract_governance?: {
+        total_contracts: number;
+        hard_fail_count: number;
+        warning_count: number;
+        advisory_count: number;
+        findings: ContractGovernanceFinding[];
+    };
 }
 /**
  * 生成治理健康报告。
@@ -88,5 +96,5 @@ export interface GovernanceReport {
  * @param options - 报告选项，包含审计池和能力状态存储
  * @returns 治理报告，包含任务统计、逃逸分析和降级建议
  */
-export declare function generateReport(auditStats: AuditPoolStats, auditItems: AuditItem[], escapeReports: EscapeReport[], escapeStats: EscapeReportStats, decisions: ActionDecision[], now?: Date, sampleDecisions?: SamplingDecision[], dualLayerFindings?: DualLayerGovernanceFinding[], dualLayerMechanismCount?: number, artifacts?: OutputArtifact[], configReports?: ConfigResolutionReport[], configEntries?: ConfigEvidenceEntry[], corePrinciples?: CorePrinciplesReport[]): GovernanceReport;
+export declare function generateReport(auditStats: AuditPoolStats, auditItems: AuditItem[], escapeReports: EscapeReport[], escapeStats: EscapeReportStats, decisions: ActionDecision[], now?: Date, sampleDecisions?: SamplingDecision[], dualLayerFindings?: DualLayerGovernanceFinding[], dualLayerMechanismCount?: number, artifacts?: OutputArtifact[], configReports?: ConfigResolutionReport[], configEntries?: ConfigEvidenceEntry[], corePrinciples?: CorePrinciplesReport[], contractFindings?: ContractGovernanceFinding[], totalRegistryContracts?: number): GovernanceReport;
 //# sourceMappingURL=governance_report.d.ts.map

package/dist/engine/governance_report.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"governance_report.d.ts","sourceRoot":"","sources":["../../src/engine/governance_report.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACjE,OAAO,KAAK,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AAC1E,OAAO,KAAK,EAAE,cAAc,EAAc,MAAM,gCAAgC,CAAC;AACjF,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAC1D,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,aAAa,CAAC;AAC9D,OAAO,EAA6B,KAAK,cAAc,EAAE,KAAK,yBAAyB,EAAE,MAAM,iCAAiC,CAAC;AACjI,OAAO,EAA4B,KAAK,sBAAsB,EAAE,KAAK,mBAAmB,EAAE,KAAK,iCAAiC,EAAE,MAAM,iCAAiC,CAAC;AAC1K,OAAO,EAAE,KAAK,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AAE7E,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,MAAM,EAAE,cAAc,CAAC;CACxB;AAED,MAAM,WAAW,MAAM;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,gBAAgB;IAC/B,gBAAgB,EAAE,MAAM,CAAC;IACzB,yBAAyB,EAAE,MAAM,CAAC;IAClC,eAAe,EAAE,MAAM,CAAC;IACxB,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,0BAA0B,EAAE,CAAC;CACxC;AAED,MAAM,WAAW,gBAAgB;IAC/B,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtC,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,aAAa,EAAE,MAAM,CAAC;IACtB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACvC,eAAe,EAAE,aAAa,EAAE,CAAC;IACjC,oBAAoB,EAAE,aAAa,EAAE,CAAC;IACtC,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,kBAAkB,CAAC,EAAE,gBAAgB,CAAC;IACtC,mBAAmB,CAAC,EAAE;QACpB,cAAc,EAAE,MAAM,CAAC;QACvB,eAAe,EAAE,MAAM,CAAC;QACxB,cAAc,EAAE,MAAM,CAAC;QACvB,QAAQ,EAAE,yBAAyB,EAAE,CAAC;KACvC,CAAC;IACF,4BAA4B,CAAC,EAAE;QAC7B,eAAe,EAAE,MAAM,CAAC;QACxB,cAAc,EAAE,MAAM,CAAC;QACvB,QAAQ,EAAE,iCAAiC,EAAE,CAAC;KAC/C,CAAC;IACF,0BAA0B,CAAC,EAAE;QAC3B,UAAU,EAAE,MAAM,CAAC;QACnB,cAAc,EAAE,OAAO,CAAC;QACxB,UAAU,EAAE,KAAK,CAAC;YAChB,YAAY,EAAE,MAAM,CAAC;YACrB,MAAM,EAAE,MAAM,CAAC;YACf,QAAQ,EAAE,MAAM,EAAE,CAAC;SACpB,CAAC,CAAC;KACJ,CAAC;CACH;AAqBD;;;;;;;;;;;;;;;;;;GAkBG;AACH;;;;GAIG;AACH,wBAAgB,cAAc,CAC5B,UAAU,EAAE,cAAc,EAC1B,UAAU,EAAE,SAAS,EAAE,EACvB,aAAa,EAAE,YAAY,EAAE,EAC7B,WAAW,EAAE,iBAAiB,EAC9B,SAAS,EAAE,cAAc,EAAE,EAC3B,GAAG,CAAC,EAAE,IAAI,EACV,eAAe,CAAC,EAAE,gBAAgB,EAAE,EACpC,iBAAiB,CAAC,EAAE,0BAA0B,EAAE,EAChD,uBAAuB,CAAC,EAAE,MAAM,EAChC,SAAS,CAAC,EAAE,cAAc,EAAE,EAC5B,aAAa,CAAC,EAAE,sBAAsB,EAAE,EACxC,aAAa,CAAC,EAAE,mBAAmB,EAAE,EACrC,cAAc,CAAC,EAAE,oBAAoB,EAAE,GACtC,gBAAgB,CAkIlB"}
+{"version":3,"file":"governance_report.d.ts","sourceRoot":"","sources":["../../src/engine/governance_report.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACjE,OAAO,KAAK,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AAC1E,OAAO,KAAK,EAAE,cAAc,EAAc,MAAM,gCAAgC,CAAC;AACjF,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAC1D,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,aAAa,CAAC;AAC9D,OAAO,EAA6B,KAAK,cAAc,EAAE,KAAK,yBAAyB,EAAE,MAAM,iCAAiC,CAAC;AACjI,OAAO,EAA4B,KAAK,sBAAsB,EAAE,KAAK,mBAAmB,EAAE,KAAK,iCAAiC,EAAE,MAAM,iCAAiC,CAAC;AAC1K,OAAO,EAAE,KAAK,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AAC7E,OAAO,EAAE,KAAK,yBAAyB,EAAE,MAAM,wBAAwB,CAAC;AAExE,MAAM,WAAW,aAAa;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,MAAM,EAAE,cAAc,CAAC;CACxB;AAED,MAAM,WAAW,MAAM;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,gBAAgB;IAC/B,gBAAgB,EAAE,MAAM,CAAC;IACzB,yBAAyB,EAAE,MAAM,CAAC;IAClC,eAAe,EAAE,MAAM,CAAC;IACxB,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,0BAA0B,EAAE,CAAC;CACxC;AAED,MAAM,WAAW,gBAAgB;IAC/B,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtC,aAAa,EAAE,MAAM,GAAG,IAAI,CAAC;IAC7B,aAAa,EAAE,MAAM,CAAC;IACtB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACvC,eAAe,EAAE,aAAa,EAAE,CAAC;IACjC,oBAAoB,EAAE,aAAa,EAAE,CAAC;IACtC,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,kBAAkB,CAAC,EAAE,gBAAgB,CAAC;IACtC,mBAAmB,CAAC,EAAE;QACpB,cAAc,EAAE,MAAM,CAAC;QACvB,eAAe,EAAE,MAAM,CAAC;QACxB,cAAc,EAAE,MAAM,CAAC;QACvB,QAAQ,EAAE,yBAAyB,EAAE,CAAC;KACvC,CAAC;IACF,4BAA4B,CAAC,EAAE;QAC7B,eAAe,EAAE,MAAM,CAAC;QACxB,cAAc,EAAE,MAAM,CAAC;QACvB,QAAQ,EAAE,iCAAiC,EAAE,CAAC;KAC/C,CAAC;IACF,0BAA0B,CAAC,EAAE;QAC3B,UAAU,EAAE,MAAM,CAAC;QACnB,cAAc,EAAE,OAAO,CAAC;QACxB,UAAU,EAAE,KAAK,CAAC;YAChB,YAAY,EAAE,MAAM,CAAC;YACrB,MAAM,EAAE,MAAM,CAAC;YACf,QAAQ,EAAE,MAAM,EAAE,CAAC;SACpB,CAAC,CAAC;KACJ,CAAC;IACF,mBAAmB,CAAC,EAAE;QACpB,eAAe,EAAE,MAAM,CAAC;QACxB,eAAe,EAAE,MAAM,CAAC;QACxB,aAAa,EAAE,MAAM,CAAC;QACtB,cAAc,EAAE,MAAM,CAAC;QACvB,QAAQ,EAAE,yBAAyB,EAAE,CAAC;KACvC,CAAC;CACH;AAqBD;;;;;;;;;;;;;;;;;;GAkBG;AACH;;;;GAIG;AACH,wBAAgB,cAAc,CAC5B,UAAU,EAAE,cAAc,EAC1B,UAAU,EAAE,SAAS,EAAE,EACvB,aAAa,EAAE,YAAY,EAAE,EAC7B,WAAW,EAAE,iBAAiB,EAC9B,SAAS,EAAE,cAAc,EAAE,EAC3B,GAAG,CAAC,EAAE,IAAI,EACV,eAAe,CAAC,EAAE,gBAAgB,EAAE,EACpC,iBAAiB,CAAC,EAAE,0BAA0B,EAAE,EAChD,uBAAuB,CAAC,EAAE,MAAM,EAChC,SAAS,CAAC,EAAE,cAAc,EAAE,EAC5B,aAAa,CAAC,EAAE,sBAAsB,EAAE,EACxC,aAAa,CAAC,EAAE,mBAAmB,EAAE,EACrC,cAAc,CAAC,EAAE,oBAAoB,EAAE,EACvC,gBAAgB,CAAC,EAAE,yBAAyB,EAAE,EAC9C,sBAAsB,CAAC,EAAE,MAAM,GAC9B,gBAAgB,CAgJlB"}

package/dist/engine/governance_report.js

@@ -44,7 +44,7 @@ function deepCopySummary(summary) {
  * @param options - 报告选项，包含审计池和能力状态存储
  * @returns 治理报告，包含任务统计、逃逸分析和降级建议
  */
-export function generateReport(auditStats, auditItems, escapeReports, escapeStats, decisions, now, sampleDecisions, dualLayerFindings, dualLayerMechanismCount, artifacts, configReports, configEntries, corePrinciples) {
+export function generateReport(auditStats, auditItems, escapeReports, escapeStats, decisions, now, sampleDecisions, dualLayerFindings, dualLayerMechanismCount, artifacts, configReports, configEntries, corePrinciples, contractFindings, totalRegistryContracts) {
     console.error("[soloForge] 治理报告: 生成治理健康报告");
     const nonFPReports = escapeReports.filter((r) => r.failure_type !== "false_positive");
     const fpReports = escapeReports.filter((r) => r.failure_type === "false_positive");
@@ -132,7 +132,7 @@ export function generateReport(auditStats, auditItems, escapeReports, escapeStat
             findings: cpFindings,
         };
     }
-    // 核心原则治理 
+    // 核心原则治理
     if (corePrinciples && corePrinciples.length > 0)
         console.error("[soloForge] 治理报告: 检查核心原则遵循性，报告数=" + corePrinciples.length);
     let corePrinciplesGovernance;
@@ -149,6 +149,19 @@ export function generateReport(auditStats, auditItems, escapeReports, escapeStat
             })),
         };
     }
+    // 契约治理汇总
+    if (contractFindings && contractFindings.length > 0)
+        console.error("[soloForge] 治理报告: 检查契约治理，发现数=" + contractFindings.length);
+    let contractGovernance;
+    if (contractFindings) {
+        contractGovernance = {
+            total_contracts: totalRegistryContracts ?? new Set(contractFindings.map((f) => f.contract_id)).size,
+            hard_fail_count: contractFindings.filter((f) => f.severity === "hard_fail").length,
+            warning_count: contractFindings.filter((f) => f.severity === "warning").length,
+            advisory_count: contractFindings.filter((f) => f.severity === "advisory").length,
+            findings: [...contractFindings],
+        };
+    }
     return {
         generated_at: (now ?? new Date()).toISOString(),
         total_tasks: auditStats.total,
@@ -164,6 +177,7 @@ export function generateReport(auditStats, auditItems, escapeReports, escapeStat
         artifact_governance: artifactGovernance,
         config_precedence_governance: configPrecedenceGovernance,
         core_principles_governance: corePrinciplesGovernance,
+        contract_governance: contractGovernance,
     };
 }
 //# sourceMappingURL=governance_report.js.map