npm - windows-exe-decompiler-mcp-server - Versions diffs - 0.1.0 - Mend

windows-exe-decompiler-mcp-server 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (190) hide show

package/CODEX_INSTALLATION.md +69 -0
package/COPILOT_INSTALLATION.md +77 -0
package/LICENSE +21 -0
package/README.md +314 -0
package/bin/windows-exe-decompiler-mcp-server.js +3 -0
package/dist/analysis-provenance.d.ts +184 -0
package/dist/analysis-provenance.js +74 -0
package/dist/analysis-task-runner.d.ts +31 -0
package/dist/analysis-task-runner.js +160 -0
package/dist/artifact-inventory.d.ts +23 -0
package/dist/artifact-inventory.js +175 -0
package/dist/cache-manager.d.ts +128 -0
package/dist/cache-manager.js +454 -0
package/dist/confidence-semantics.d.ts +66 -0
package/dist/confidence-semantics.js +122 -0
package/dist/config.d.ts +335 -0
package/dist/config.js +193 -0
package/dist/database.d.ts +227 -0
package/dist/database.js +601 -0
package/dist/decompiler-worker.d.ts +441 -0
package/dist/decompiler-worker.js +1962 -0
package/dist/dynamic-trace.d.ts +95 -0
package/dist/dynamic-trace.js +629 -0
package/dist/env-validator.d.ts +15 -0
package/dist/env-validator.js +249 -0
package/dist/error-handler.d.ts +28 -0
package/dist/error-handler.example.d.ts +22 -0
package/dist/error-handler.example.js +141 -0
package/dist/error-handler.js +139 -0
package/dist/ghidra-analysis-status.d.ts +49 -0
package/dist/ghidra-analysis-status.js +178 -0
package/dist/ghidra-config.d.ts +134 -0
package/dist/ghidra-config.js +464 -0
package/dist/index.d.ts +9 -0
package/dist/index.js +200 -0
package/dist/job-queue.d.ts +169 -0
package/dist/job-queue.js +407 -0
package/dist/logger.d.ts +106 -0
package/dist/logger.js +176 -0
package/dist/policy-guard.d.ts +115 -0
package/dist/policy-guard.js +243 -0
package/dist/process-output.d.ts +15 -0
package/dist/process-output.js +90 -0
package/dist/prompts/function-explanation-review.d.ts +5 -0
package/dist/prompts/function-explanation-review.js +64 -0
package/dist/prompts/semantic-name-review.d.ts +5 -0
package/dist/prompts/semantic-name-review.js +63 -0
package/dist/runtime-correlation.d.ts +34 -0
package/dist/runtime-correlation.js +279 -0
package/dist/runtime-paths.d.ts +3 -0
package/dist/runtime-paths.js +11 -0
package/dist/selection-diff.d.ts +667 -0
package/dist/selection-diff.js +53 -0
package/dist/semantic-name-suggestion-artifacts.d.ts +116 -0
package/dist/semantic-name-suggestion-artifacts.js +314 -0
package/dist/server.d.ts +129 -0
package/dist/server.js +578 -0
package/dist/tools/artifact-read.d.ts +235 -0
package/dist/tools/artifact-read.js +317 -0
package/dist/tools/artifacts-diff.d.ts +728 -0
package/dist/tools/artifacts-diff.js +304 -0
package/dist/tools/artifacts-list.d.ts +515 -0
package/dist/tools/artifacts-list.js +389 -0
package/dist/tools/attack-map.d.ts +290 -0
package/dist/tools/attack-map.js +519 -0
package/dist/tools/cache-observability.d.ts +4 -0
package/dist/tools/cache-observability.js +36 -0
package/dist/tools/code-function-cfg.d.ts +50 -0
package/dist/tools/code-function-cfg.js +102 -0
package/dist/tools/code-function-decompile.d.ts +55 -0
package/dist/tools/code-function-decompile.js +103 -0
package/dist/tools/code-function-disassemble.d.ts +43 -0
package/dist/tools/code-function-disassemble.js +185 -0
package/dist/tools/code-function-explain-apply.d.ts +255 -0
package/dist/tools/code-function-explain-apply.js +225 -0
package/dist/tools/code-function-explain-prepare.d.ts +535 -0
package/dist/tools/code-function-explain-prepare.js +276 -0
package/dist/tools/code-function-explain-review.d.ts +397 -0
package/dist/tools/code-function-explain-review.js +589 -0
package/dist/tools/code-function-rename-apply.d.ts +248 -0
package/dist/tools/code-function-rename-apply.js +220 -0
package/dist/tools/code-function-rename-prepare.d.ts +506 -0
package/dist/tools/code-function-rename-prepare.js +279 -0
package/dist/tools/code-function-rename-review.d.ts +574 -0
package/dist/tools/code-function-rename-review.js +761 -0
package/dist/tools/code-functions-list.d.ts +37 -0
package/dist/tools/code-functions-list.js +91 -0
package/dist/tools/code-functions-rank.d.ts +34 -0
package/dist/tools/code-functions-rank.js +90 -0
package/dist/tools/code-functions-reconstruct.d.ts +2725 -0
package/dist/tools/code-functions-reconstruct.js +2807 -0
package/dist/tools/code-functions-search.d.ts +39 -0
package/dist/tools/code-functions-search.js +90 -0
package/dist/tools/code-reconstruct-export.d.ts +1212 -0
package/dist/tools/code-reconstruct-export.js +4002 -0
package/dist/tools/code-reconstruct-plan.d.ts +274 -0
package/dist/tools/code-reconstruct-plan.js +342 -0
package/dist/tools/dotnet-metadata-extract.d.ts +541 -0
package/dist/tools/dotnet-metadata-extract.js +355 -0
package/dist/tools/dotnet-reconstruct-export.d.ts +567 -0
package/dist/tools/dotnet-reconstruct-export.js +1151 -0
package/dist/tools/dotnet-types-list.d.ts +325 -0
package/dist/tools/dotnet-types-list.js +201 -0
package/dist/tools/dynamic-dependencies.d.ts +115 -0
package/dist/tools/dynamic-dependencies.js +213 -0
package/dist/tools/dynamic-memory-import.d.ts +10 -0
package/dist/tools/dynamic-memory-import.js +567 -0
package/dist/tools/dynamic-trace-import.d.ts +10 -0
package/dist/tools/dynamic-trace-import.js +235 -0
package/dist/tools/entrypoint-fallback-disasm.d.ts +30 -0
package/dist/tools/entrypoint-fallback-disasm.js +89 -0
package/dist/tools/ghidra-analyze.d.ts +88 -0
package/dist/tools/ghidra-analyze.js +208 -0
package/dist/tools/ghidra-health.d.ts +37 -0
package/dist/tools/ghidra-health.js +212 -0
package/dist/tools/ioc-export.d.ts +209 -0
package/dist/tools/ioc-export.js +542 -0
package/dist/tools/packer-detect.d.ts +165 -0
package/dist/tools/packer-detect.js +284 -0
package/dist/tools/pe-exports-extract.d.ts +175 -0
package/dist/tools/pe-exports-extract.js +253 -0
package/dist/tools/pe-fingerprint.d.ts +234 -0
package/dist/tools/pe-fingerprint.js +269 -0
package/dist/tools/pe-imports-extract.d.ts +105 -0
package/dist/tools/pe-imports-extract.js +245 -0
package/dist/tools/report-generate.d.ts +157 -0
package/dist/tools/report-generate.js +457 -0
package/dist/tools/report-summarize.d.ts +2131 -0
package/dist/tools/report-summarize.js +596 -0
package/dist/tools/runtime-detect.d.ts +135 -0
package/dist/tools/runtime-detect.js +247 -0
package/dist/tools/sample-ingest.d.ts +94 -0
package/dist/tools/sample-ingest.js +327 -0
package/dist/tools/sample-profile-get.d.ts +183 -0
package/dist/tools/sample-profile-get.js +121 -0
package/dist/tools/sandbox-execute.d.ts +441 -0
package/dist/tools/sandbox-execute.js +392 -0
package/dist/tools/strings-extract.d.ts +375 -0
package/dist/tools/strings-extract.js +314 -0
package/dist/tools/strings-floss-decode.d.ts +143 -0
package/dist/tools/strings-floss-decode.js +259 -0
package/dist/tools/system-health.d.ts +434 -0
package/dist/tools/system-health.js +446 -0
package/dist/tools/task-cancel.d.ts +21 -0
package/dist/tools/task-cancel.js +70 -0
package/dist/tools/task-status.d.ts +27 -0
package/dist/tools/task-status.js +106 -0
package/dist/tools/task-sweep.d.ts +22 -0
package/dist/tools/task-sweep.js +77 -0
package/dist/tools/tool-help.d.ts +340 -0
package/dist/tools/tool-help.js +261 -0
package/dist/tools/yara-scan.d.ts +554 -0
package/dist/tools/yara-scan.js +313 -0
package/dist/types.d.ts +266 -0
package/dist/types.js +41 -0
package/dist/worker-pool.d.ts +204 -0
package/dist/worker-pool.js +650 -0
package/dist/workflows/deep-static.d.ts +104 -0
package/dist/workflows/deep-static.js +276 -0
package/dist/workflows/function-explanation-review.d.ts +655 -0
package/dist/workflows/function-explanation-review.js +440 -0
package/dist/workflows/reconstruct.d.ts +2053 -0
package/dist/workflows/reconstruct.js +666 -0
package/dist/workflows/semantic-name-review.d.ts +2418 -0
package/dist/workflows/semantic-name-review.js +521 -0
package/dist/workflows/triage.d.ts +659 -0
package/dist/workflows/triage.js +1374 -0
package/dist/workspace-manager.d.ts +150 -0
package/dist/workspace-manager.js +411 -0
package/ghidra_scripts/DecompileFunction.java +487 -0
package/ghidra_scripts/DecompileFunction.py +150 -0
package/ghidra_scripts/ExtractCFG.java +256 -0
package/ghidra_scripts/ExtractCFG.py +233 -0
package/ghidra_scripts/ExtractFunctions.java +442 -0
package/ghidra_scripts/ExtractFunctions.py +101 -0
package/ghidra_scripts/README.md +125 -0
package/ghidra_scripts/SearchFunctionReferences.java +380 -0
package/helpers/DotNetMetadataProbe/DotNetMetadataProbe.csproj +9 -0
package/helpers/DotNetMetadataProbe/Program.cs +566 -0
package/install-to-codex.ps1 +178 -0
package/install-to-copilot.ps1 +303 -0
package/package.json +101 -0
package/requirements.txt +9 -0
package/workers/requirements-dynamic.txt +11 -0
package/workers/requirements.txt +8 -0
package/workers/speakeasy_compat.py +175 -0
package/workers/static_worker.py +5183 -0
package/workers/yara_rules/default.yar +33 -0
package/workers/yara_rules/malware_families.yar +93 -0
package/workers/yara_rules/packers.yar +80 -0

package/dist/tools/code-function-explain-apply.d.ts ADDED Viewed

@@ -0,0 +1,255 @@
+import { z } from 'zod';
+import type { ToolArgs, ToolDefinition, WorkerResult } from '../types.js';
+import type { WorkspaceManager } from '../workspace-manager.js';
+import type { DatabaseManager } from '../database.js';
+export declare const codeFunctionExplainApplyInputSchema: z.ZodObject<{
+    sample_id: z.ZodString;
+    explanations: z.ZodArray<z.ZodEffects<z.ZodObject<{
+        address_or_function: z.ZodOptional<z.ZodString>;
+        address: z.ZodOptional<z.ZodString>;
+        function: z.ZodOptional<z.ZodString>;
+        summary: z.ZodString;
+        behavior: z.ZodString;
+        confidence: z.ZodNumber;
+        assumptions: z.ZodDefault<z.ZodOptional<z.ZodArray<z.ZodString, "many">>>;
+        evidence_used: z.ZodDefault<z.ZodOptional<z.ZodArray<z.ZodString, "many">>>;
+        rewrite_guidance: z.ZodOptional<z.ZodUnion<[z.ZodString, z.ZodArray<z.ZodString, "many">]>>;
+    }, "strip", z.ZodTypeAny, {
+        summary: string;
+        confidence: number;
+        evidence_used: string[];
+        behavior: string;
+        assumptions: string[];
+        function?: string | undefined;
+        address?: string | undefined;
+        rewrite_guidance?: string | string[] | undefined;
+        address_or_function?: string | undefined;
+    }, {
+        summary: string;
+        confidence: number;
+        behavior: string;
+        function?: string | undefined;
+        address?: string | undefined;
+        evidence_used?: string[] | undefined;
+        assumptions?: string[] | undefined;
+        rewrite_guidance?: string | string[] | undefined;
+        address_or_function?: string | undefined;
+    }>, {
+        summary: string;
+        confidence: number;
+        evidence_used: string[];
+        behavior: string;
+        assumptions: string[];
+        function?: string | undefined;
+        address?: string | undefined;
+        rewrite_guidance?: string | string[] | undefined;
+        address_or_function?: string | undefined;
+    }, {
+        summary: string;
+        confidence: number;
+        behavior: string;
+        function?: string | undefined;
+        address?: string | undefined;
+        evidence_used?: string[] | undefined;
+        assumptions?: string[] | undefined;
+        rewrite_guidance?: string | string[] | undefined;
+        address_or_function?: string | undefined;
+    }>, "many">;
+    client_name: z.ZodOptional<z.ZodString>;
+    model_name: z.ZodOptional<z.ZodString>;
+    prepare_artifact_id: z.ZodOptional<z.ZodString>;
+    session_tag: z.ZodOptional<z.ZodString>;
+}, "strip", z.ZodTypeAny, {
+    sample_id: string;
+    explanations: {
+        summary: string;
+        confidence: number;
+        evidence_used: string[];
+        behavior: string;
+        assumptions: string[];
+        function?: string | undefined;
+        address?: string | undefined;
+        rewrite_guidance?: string | string[] | undefined;
+        address_or_function?: string | undefined;
+    }[];
+    session_tag?: string | undefined;
+    client_name?: string | undefined;
+    model_name?: string | undefined;
+    prepare_artifact_id?: string | undefined;
+}, {
+    sample_id: string;
+    explanations: {
+        summary: string;
+        confidence: number;
+        behavior: string;
+        function?: string | undefined;
+        address?: string | undefined;
+        evidence_used?: string[] | undefined;
+        assumptions?: string[] | undefined;
+        rewrite_guidance?: string | string[] | undefined;
+        address_or_function?: string | undefined;
+    }[];
+    session_tag?: string | undefined;
+    client_name?: string | undefined;
+    model_name?: string | undefined;
+    prepare_artifact_id?: string | undefined;
+}>;
+export declare const codeFunctionExplainApplyOutputSchema: z.ZodObject<{
+    ok: z.ZodBoolean;
+    data: z.ZodOptional<z.ZodObject<{
+        sample_id: z.ZodString;
+        accepted_count: z.ZodNumber;
+        rejected_count: z.ZodNumber;
+        accepted_explanations: z.ZodArray<z.ZodObject<{
+            address: z.ZodNullable<z.ZodString>;
+            function: z.ZodNullable<z.ZodString>;
+            behavior: z.ZodString;
+            confidence: z.ZodNumber;
+            rewrite_guidance_count: z.ZodNumber;
+        }, "strip", z.ZodTypeAny, {
+            function: string | null;
+            address: string | null;
+            confidence: number;
+            behavior: string;
+            rewrite_guidance_count: number;
+        }, {
+            function: string | null;
+            address: string | null;
+            confidence: number;
+            behavior: string;
+            rewrite_guidance_count: number;
+        }>, "many">;
+        artifact: z.ZodObject<{
+            id: z.ZodString;
+            type: z.ZodLiteral<"semantic_function_explanations">;
+            path: z.ZodString;
+            sha256: z.ZodString;
+            mime: z.ZodOptional<z.ZodString>;
+        }, "strip", z.ZodTypeAny, {
+            path: string;
+            type: "semantic_function_explanations";
+            id: string;
+            sha256: string;
+            mime?: string | undefined;
+        }, {
+            path: string;
+            type: "semantic_function_explanations";
+            id: string;
+            sha256: string;
+            mime?: string | undefined;
+        }>;
+        next_steps: z.ZodArray<z.ZodString, "many">;
+    }, "strip", z.ZodTypeAny, {
+        sample_id: string;
+        artifact: {
+            path: string;
+            type: "semantic_function_explanations";
+            id: string;
+            sha256: string;
+            mime?: string | undefined;
+        };
+        accepted_count: number;
+        rejected_count: number;
+        next_steps: string[];
+        accepted_explanations: {
+            function: string | null;
+            address: string | null;
+            confidence: number;
+            behavior: string;
+            rewrite_guidance_count: number;
+        }[];
+    }, {
+        sample_id: string;
+        artifact: {
+            path: string;
+            type: "semantic_function_explanations";
+            id: string;
+            sha256: string;
+            mime?: string | undefined;
+        };
+        accepted_count: number;
+        rejected_count: number;
+        next_steps: string[];
+        accepted_explanations: {
+            function: string | null;
+            address: string | null;
+            confidence: number;
+            behavior: string;
+            rewrite_guidance_count: number;
+        }[];
+    }>>;
+    warnings: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    errors: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+    artifacts: z.ZodOptional<z.ZodArray<z.ZodAny, "many">>;
+    metrics: z.ZodOptional<z.ZodObject<{
+        elapsed_ms: z.ZodNumber;
+        tool: z.ZodString;
+    }, "strip", z.ZodTypeAny, {
+        elapsed_ms: number;
+        tool: string;
+    }, {
+        elapsed_ms: number;
+        tool: string;
+    }>>;
+}, "strip", z.ZodTypeAny, {
+    ok: boolean;
+    metrics?: {
+        elapsed_ms: number;
+        tool: string;
+    } | undefined;
+    data?: {
+        sample_id: string;
+        artifact: {
+            path: string;
+            type: "semantic_function_explanations";
+            id: string;
+            sha256: string;
+            mime?: string | undefined;
+        };
+        accepted_count: number;
+        rejected_count: number;
+        next_steps: string[];
+        accepted_explanations: {
+            function: string | null;
+            address: string | null;
+            confidence: number;
+            behavior: string;
+            rewrite_guidance_count: number;
+        }[];
+    } | undefined;
+    warnings?: string[] | undefined;
+    errors?: string[] | undefined;
+    artifacts?: any[] | undefined;
+}, {
+    ok: boolean;
+    metrics?: {
+        elapsed_ms: number;
+        tool: string;
+    } | undefined;
+    data?: {
+        sample_id: string;
+        artifact: {
+            path: string;
+            type: "semantic_function_explanations";
+            id: string;
+            sha256: string;
+            mime?: string | undefined;
+        };
+        accepted_count: number;
+        rejected_count: number;
+        next_steps: string[];
+        accepted_explanations: {
+            function: string | null;
+            address: string | null;
+            confidence: number;
+            behavior: string;
+            rewrite_guidance_count: number;
+        }[];
+    } | undefined;
+    warnings?: string[] | undefined;
+    errors?: string[] | undefined;
+    artifacts?: any[] | undefined;
+}>;
+export declare const codeFunctionExplainApplyToolDefinition: ToolDefinition;
+export declare function createCodeFunctionExplainApplyHandler(workspaceManager: WorkspaceManager, database: DatabaseManager): (args: ToolArgs) => Promise<WorkerResult>;
+//# sourceMappingURL=code-function-explain-apply.d.ts.map

package/dist/tools/code-function-explain-apply.js ADDED Viewed

@@ -0,0 +1,225 @@
+import { z } from 'zod';
+import { persistSemanticFunctionExplanationsArtifact, SEMANTIC_FUNCTION_EXPLANATIONS_ARTIFACT_TYPE, } from '../semantic-name-suggestion-artifacts.js';
+const TOOL_NAME = 'code.function.explain.apply';
+const ExplanationSuggestionInputSchema = z
+    .object({
+    address_or_function: z
+        .string()
+        .optional()
+        .describe('Optional combined identifier when the reviewing client returns a single address_or_function field'),
+    address: z.string().optional().describe('Optional function address for precise matching'),
+    function: z.string().optional().describe('Optional function symbol/name for fallback matching'),
+    summary: z.string().min(1).max(1200).describe('Evidence-grounded plain-language explanation of the function'),
+    behavior: z.string().min(1).max(160).describe('Short behavior label, such as resolve_dynamic_imports or dispatch_exported_command'),
+    confidence: z.number().min(0).max(1).describe('Heuristic support score for the explanation'),
+    assumptions: z.array(z.string()).optional().default([]).describe('Assumptions that must hold for the explanation to remain valid'),
+    evidence_used: z.array(z.string()).optional().default([]).describe('Evidence sources used by the external LLM'),
+    rewrite_guidance: z
+        .union([z.string().min(1), z.array(z.string().min(1))])
+        .optional()
+        .describe('One or more rewrite-oriented guidance items derived from the evidence'),
+})
+    .refine((value) => Boolean(value.address_or_function?.trim()) ||
+    Boolean(value.address?.trim()) ||
+    Boolean(value.function?.trim()), {
+    message: 'Each explanation must provide at least one of `address_or_function`, `address`, or `function`.',
+});
+function normalizeExplanationIdentifier(explanation) {
+    const normalizedAddress = explanation.address?.trim() || null;
+    const normalizedFunction = explanation.function?.trim() || null;
+    if (normalizedAddress || normalizedFunction) {
+        return {
+            address: normalizedAddress,
+            function: normalizedFunction,
+        };
+    }
+    const identifier = explanation.address_or_function?.trim();
+    if (!identifier) {
+        return {
+            address: null,
+            function: null,
+        };
+    }
+    if (/^(0x)?[0-9a-f]+$/i.test(identifier)) {
+        return {
+            address: identifier,
+            function: null,
+        };
+    }
+    return {
+        address: null,
+        function: identifier,
+    };
+}
+function normalizeRewriteGuidance(input) {
+    if (!input) {
+        return [];
+    }
+    const values = Array.isArray(input) ? input : [input];
+    return values.map((item) => item.trim()).filter((item) => item.length > 0).slice(0, 8);
+}
+export const codeFunctionExplainApplyInputSchema = z.object({
+    sample_id: z.string().describe('Sample ID (format: sha256:<hex>)'),
+    explanations: z
+        .array(ExplanationSuggestionInputSchema)
+        .min(1)
+        .describe('Structured explanation outputs returned by an external MCP client / LLM'),
+    client_name: z
+        .string()
+        .optional()
+        .describe('Optional client identifier, such as claude-desktop or codex-cli'),
+    model_name: z
+        .string()
+        .optional()
+        .describe('Optional model identifier for provenance only'),
+    prepare_artifact_id: z
+        .string()
+        .optional()
+        .describe('Optional semantic_explanation_prepare_bundle artifact ID that produced this review task'),
+    session_tag: z
+        .string()
+        .optional()
+        .describe('Optional semantic explanation session tag used for artifact grouping'),
+});
+export const codeFunctionExplainApplyOutputSchema = z.object({
+    ok: z.boolean(),
+    data: z
+        .object({
+        sample_id: z.string(),
+        accepted_count: z.number().int().nonnegative(),
+        rejected_count: z.number().int().nonnegative(),
+        accepted_explanations: z.array(z.object({
+            address: z.string().nullable(),
+            function: z.string().nullable(),
+            behavior: z.string(),
+            confidence: z.number().min(0).max(1),
+            rewrite_guidance_count: z.number().int().nonnegative(),
+        })),
+        artifact: z.object({
+            id: z.string(),
+            type: z.literal(SEMANTIC_FUNCTION_EXPLANATIONS_ARTIFACT_TYPE),
+            path: z.string(),
+            sha256: z.string(),
+            mime: z.string().optional(),
+        }),
+        next_steps: z.array(z.string()),
+    })
+        .optional(),
+    warnings: z.array(z.string()).optional(),
+    errors: z.array(z.string()).optional(),
+    artifacts: z.array(z.any()).optional(),
+    metrics: z
+        .object({
+        elapsed_ms: z.number(),
+        tool: z.string(),
+    })
+        .optional(),
+});
+export const codeFunctionExplainApplyToolDefinition = {
+    name: TOOL_NAME,
+    description: 'Persist structured function explanations returned by any external MCP client / LLM so export and report layers can consume them.',
+    inputSchema: codeFunctionExplainApplyInputSchema,
+    outputSchema: codeFunctionExplainApplyOutputSchema,
+};
+export function createCodeFunctionExplainApplyHandler(workspaceManager, database) {
+    return async (args) => {
+        const startTime = Date.now();
+        try {
+            const input = codeFunctionExplainApplyInputSchema.parse(args);
+            const sample = database.findSample(input.sample_id);
+            if (!sample) {
+                return {
+                    ok: false,
+                    errors: [`Sample not found: ${input.sample_id}`],
+                    metrics: {
+                        elapsed_ms: Date.now() - startTime,
+                        tool: TOOL_NAME,
+                    },
+                };
+            }
+            const acceptedExplanations = [];
+            const acceptedSummary = [];
+            const warnings = [];
+            for (const explanation of input.explanations) {
+                const normalizedIdentifier = normalizeExplanationIdentifier(explanation);
+                const rewriteGuidance = normalizeRewriteGuidance(explanation.rewrite_guidance);
+                const summary = explanation.summary.trim();
+                const behavior = explanation.behavior.trim();
+                if (summary.length === 0 || behavior.length === 0) {
+                    warnings.push(`Rejected explanation for ${normalizedIdentifier.address || normalizedIdentifier.function || explanation.address_or_function || 'unknown'} because summary or behavior was empty after normalization.`);
+                    continue;
+                }
+                acceptedExplanations.push({
+                    address: normalizedIdentifier.address,
+                    function: normalizedIdentifier.function,
+                    summary,
+                    behavior,
+                    confidence: explanation.confidence,
+                    assumptions: explanation.assumptions || [],
+                    evidence_used: explanation.evidence_used || [],
+                    rewrite_guidance: rewriteGuidance,
+                });
+                acceptedSummary.push({
+                    address: normalizedIdentifier.address,
+                    function: normalizedIdentifier.function,
+                    behavior,
+                    confidence: explanation.confidence,
+                    rewrite_guidance_count: rewriteGuidance.length,
+                });
+            }
+            if (acceptedExplanations.length === 0) {
+                return {
+                    ok: false,
+                    errors: ['No explanations were accepted after normalization.'],
+                    warnings: warnings.length > 0 ? warnings : undefined,
+                    metrics: {
+                        elapsed_ms: Date.now() - startTime,
+                        tool: TOOL_NAME,
+                    },
+                };
+            }
+            const payload = {
+                schema_version: 1,
+                sample_id: input.sample_id,
+                created_at: new Date().toISOString(),
+                session_tag: input.session_tag || null,
+                client_name: input.client_name || null,
+                model_name: input.model_name || null,
+                prepare_artifact_id: input.prepare_artifact_id || null,
+                explanations: acceptedExplanations,
+            };
+            const artifact = await persistSemanticFunctionExplanationsArtifact(workspaceManager, database, payload);
+            return {
+                ok: true,
+                data: {
+                    sample_id: input.sample_id,
+                    accepted_count: acceptedExplanations.length,
+                    rejected_count: input.explanations.length - acceptedExplanations.length,
+                    accepted_explanations: acceptedSummary,
+                    artifact,
+                    next_steps: [
+                        'rerun code.reconstruct.export to propagate explanation summaries and rewrite guidance into rewrite output',
+                        'rerun report.generate or report.summarize if you want explanation artifacts reflected in higher-level analyst output',
+                    ],
+                },
+                warnings: warnings.length > 0 ? warnings : undefined,
+                artifacts: [artifact],
+                metrics: {
+                    elapsed_ms: Date.now() - startTime,
+                    tool: TOOL_NAME,
+                },
+            };
+        }
+        catch (error) {
+            return {
+                ok: false,
+                errors: [error instanceof Error ? error.message : String(error)],
+                metrics: {
+                    elapsed_ms: Date.now() - startTime,
+                    tool: TOOL_NAME,
+                },
+            };
+        }
+    };
+}
+//# sourceMappingURL=code-function-explain-apply.js.map