specfact-cli 0.46.2__py3-none-any.whl → 0.46.4__py3-none-any.whl

specfact_cli/__init__.py

@@ -45,6 +45,6 @@ def _bootstrap_bundle_paths() -> None:
 
 _bootstrap_bundle_paths()
 
-__version__ = "0.46.2"
+__version__ = "0.46.4"
 
 __all__ = ["__version__"]

specfact_cli/analyzers/code_analyzer.py

@@ -507,16 +507,16 @@ class CodeAnalyzer:
             }
         )
 
-        # Dependency Graph Analysis (requires pyan3 and networkx)
-        pyan3_available, _ = check_cli_tool_available("pyan3")
+        # Dependency Graph Analysis (requires pycg and networkx)
+        pycg_available, _ = check_cli_tool_available("pycg")
         networkx_available = check_python_package_available("networkx")
-        graph_enabled = pyan3_available and networkx_available
+        graph_enabled = pycg_available and networkx_available
         graph_used = graph_enabled  # Used if both dependencies are available
 
-        if not pyan3_available and not networkx_available:
-            reason = "pyan3 and networkx not installed (install: pip install pyan3 networkx)"
-        elif not pyan3_available:
-            reason = "pyan3 not installed (install: pip install pyan3)"
+        if not pycg_available and not networkx_available:
+            reason = "pycg and networkx not installed (install: pip install pycg networkx)"
+        elif not pycg_available:
+            reason = "pycg not installed (install: pip install pycg)"
         elif not networkx_available:
             reason = "networkx not installed (install: pip install networkx)"
         else:

specfact_cli/analyzers/graph_analyzer.py

@@ -3,6 +3,8 @@ Graph-based dependency and call graph analysis.
 
 Enhances AST and Semgrep analysis with graph-based dependency tracking,
 call graph extraction, and architecture visualization.
+
+Call graph extraction uses pycg (MIT) via subprocess. pyan3 (GPL-2.0) removed.
 """
 
 from __future__ import annotations
@@ -28,7 +30,7 @@ class GraphAnalyzer:
     """
     Graph-based dependency and call graph analysis.
 
-    Uses pyan for call graphs, NetworkX for dependency graphs,
+    Uses pycg for call graphs, NetworkX for dependency graphs,
     and provides graph-based insights to complement AST and Semgrep.
     """
 
@@ -55,7 +57,7 @@ class GraphAnalyzer:
     @ensure(lambda result: isinstance(result, dict), "Must return dict")
     def extract_call_graph(self, file_path: Path) -> dict[str, list[str]]:
         """
-        Extract call graph using pyan.
+        Extract call graph using pycg (MIT).
 
         Args:
             file_path: Path to Python file
@@ -63,75 +65,67 @@ class GraphAnalyzer:
         Returns:
             Dictionary mapping function names to list of called functions
         """
-        # Check if pyan3 is available using utility function
         from specfact_cli.utils.optional_deps import check_cli_tool_available
 
-        is_available, _ = check_cli_tool_available("pyan3")
+        is_available, _ = check_cli_tool_available("pycg")
         if not is_available:
-            # pyan3 not available, return empty
+            # pycg not available — return empty (graceful degradation)
             return {}
 
-        # Run pyan to generate DOT file
-        with tempfile.NamedTemporaryFile(mode="w", suffix=".dot", delete=False) as dot_file:
-            dot_path = Path(dot_file.name)
+        # Run pycg to generate JSON call graph
+        with tempfile.NamedTemporaryFile(mode="w", suffix=".json", delete=False) as json_file:
+            json_path = Path(json_file.name)
             try:
                 result = subprocess.run(
-                    ["pyan3", str(file_path), "--dot", "--no-defines", "--uses", "--defines"],
-                    stdout=dot_file,
+                    ["pycg", "--package", str(self.repo_path), str(file_path), "--output", str(json_path)],
                     stderr=subprocess.PIPE,
                     text=True,
-                    timeout=15,  # Reduced from 30 to 15 seconds for faster processing
+                    timeout=15,
                 )
 
                 if result.returncode == 0:
-                    # Parse DOT file to extract call relationships
-                    call_graph = self._parse_dot_file(dot_path)
+                    call_graph = self._parse_pycg_json(json_path)
                     file_key = str(file_path.relative_to(self.repo_path))
                     self.call_graphs[file_key] = call_graph
                     return call_graph
             finally:
-                # Clean up temp file
-                if dot_path.exists():
-                    dot_path.unlink()
+                if json_path.exists():
+                    json_path.unlink()
 
         return {}
 
     @beartype
-    @require(lambda dot_path: isinstance(dot_path, Path), "DOT path must be Path")
+    @require(lambda json_path: isinstance(json_path, Path), "JSON path must be Path")
     @ensure(lambda result: isinstance(result, dict), "Must return dict")
-    def _parse_dot_file(self, dot_path: Path) -> dict[str, list[str]]:
+    def _parse_pycg_json(self, json_path: Path) -> dict[str, list[str]]:
         """
-        Parse DOT file to extract call graph.
+        Parse pycg JSON output into caller → [callees] format.
+
+        PyCG's simple JSON format is an adjacency list: edge ``(src, dst)`` is
+        ``dst`` in the list for key ``src`` (caller → callees). See PyCG README
+        "Simple JSON format".
 
         Args:
-            dot_path: Path to DOT file
+            json_path: Path to pycg JSON output file
 
         Returns:
             Dictionary mapping function names to list of called functions
         """
-        call_graph: dict[str, list[str]] = defaultdict(list)
+        import json
 
-        if not dot_path.exists():
+        if not json_path.exists():
             return {}
 
         try:
-            content = dot_path.read_text(encoding="utf-8")
-            # Parse DOT format: "function_a" -> "function_b"
-            import re
-
-            # Pattern: "function_a" -> "function_b"
-            edge_pattern = r'"([^"]+)"\s*->\s*"([^"]+)"'
-            matches = re.finditer(edge_pattern, content)
-
-            for match in matches:
-                caller = match.group(1)
-                callee = match.group(2)
-                # Filter out internal Python functions (start with __)
+            raw: dict[str, list[str]] = json.loads(json_path.read_text(encoding="utf-8"))
+        except (json.JSONDecodeError, UnicodeDecodeError, OSError):
+            return {}
+
+        call_graph: dict[str, list[str]] = defaultdict(list)
+        for caller, callees in raw.items():
+            for callee in callees:
                 if not caller.startswith("__") and not callee.startswith("__"):
                     call_graph[caller].append(callee)
-        except (UnicodeDecodeError, Exception):
-            # Skip if parsing fails
-            pass
 
         return dict(call_graph)
 
@@ -209,7 +203,7 @@ class GraphAnalyzer:
         wait_on_shutdown: bool,
         progress_callback: Any | None,
     ) -> None:
-        """Populate graph with edges derived from pyan call graphs (parallel phase 2)."""
+        """Populate graph with edges derived from pycg call graphs (parallel phase 2)."""
         from concurrent.futures import ThreadPoolExecutor, as_completed
 
         loaded_contents = self._load_python_file_contents_index(python_files)
@@ -238,7 +232,7 @@ class GraphAnalyzer:
         """
         Build comprehensive dependency graph using NetworkX.
 
-        Combines AST-based imports with pyan call graphs for complete
+        Combines AST-based imports with pycg call graphs for complete
         dependency tracking.
 
         Args:

specfact_cli/modules/module_registry/module-package.yaml

@@ -1,5 +1,5 @@
 name: module-registry
-version: 0.1.18
+version: 0.1.20
 commands:
   - module
 category: core
@@ -17,5 +17,5 @@ publisher:
 description: 'Manage modules: search, list, show, install, and upgrade.'
 license: Apache-2.0
 integrity:
-  checksum: sha256:913da1a90a94691366c71fc23e91cfc57c38ffb97e4ea739229fc9897cc91131
-  signature: lclyeM5FB+AYl+VKScUXBi4+lBC8vSdXE7ki6L/m3C7TrW81x60It50jhcP0+VL3xlPPIPihIQ8KCh2NfWWVBg==
+  checksum: sha256:a92afa757a54ee63b84ae4a5f5b232cb5dbddacfcb31fcde3abcdb4927eada8c
+  signature: jelDGPZyCLLpyzqH4+S2t7V9ICy/puYEzdUu/GX0oPiWgMZRg8aZlnECZGy+m+sHvS0XX3hPAXCSp3IJf6hHDg==

specfact_cli/modules/module_registry/src/commands.py

@@ -545,7 +545,7 @@ def _uninstall_marketplace_default(normalized: str) -> None:
         )
         raise typer.Exit(1)
     try:
-        uninstall_module(normalized)
+        uninstall_module(normalized, confirm_user_scope=True)
     except ValueError as exc:
         console.print(f"[red]{exc}[/red]")
         raise typer.Exit(1) from exc

specfact_cli/registry/module_installer.py

@@ -33,12 +33,20 @@ from specfact_cli.registry.dependency_resolver import (
     resolve_dependencies,
 )
 from specfact_cli.registry.marketplace_client import download_module
-from specfact_cli.registry.module_discovery import discover_all_modules
+from specfact_cli.registry.module_discovery import (
+    MARKETPLACE_MODULES_ROOT as DISCOVERY_MARKETPLACE_MODULES_ROOT,
+    USER_MODULES_ROOT as DISCOVERY_USER_MODULES_ROOT,
+    discover_all_modules,
+)
 from specfact_cli.registry.module_security import assert_module_allowed, ensure_publisher_trusted
 from specfact_cli.runtime import is_debug_mode
 
 
-USER_MODULES_ROOT = Path.home() / ".specfact" / "modules"
+# Single source of truth for install/uninstall: re-export the canonical roots
+# defined in module_discovery so discovery, install, and delete-safety stay in
+# lockstep (see also docs/agent-rules/55-dependency-hygiene.md).
+USER_MODULES_ROOT = DISCOVERY_USER_MODULES_ROOT
+MARKETPLACE_MODULES_ROOT = DISCOVERY_MARKETPLACE_MODULES_ROOT
 
 
 @beartype
@@ -66,7 +74,17 @@ class _BundleDepsInstallContext:
     logger: logging.Logger
 
 
-MARKETPLACE_MODULES_ROOT = Path.home() / ".specfact" / "marketplace-modules"
+@beartype
+def _path_is_under_user_modules_install_tree(module_dir: Path) -> bool:
+    """True when *module_dir* resolves under :data:`USER_MODULES_ROOT` (``--scope user`` tree)."""
+    try:
+        resolved = module_dir.resolve()
+        root = USER_MODULES_ROOT.resolve()
+    except OSError:
+        return False
+    return resolved == root or root in resolved.parents
+
+
 MODULE_DOWNLOAD_CACHE_ROOT = Path.home() / ".specfact" / "downloads" / "cache"
 _IGNORED_MODULE_DIR_NAMES = {"__pycache__", ".pytest_cache", ".mypy_cache", ".ruff_cache", "logs", "tests"}
 _IGNORED_MODULE_FILE_SUFFIXES = {".pyc", ".pyo"}
@@ -958,8 +976,17 @@ def uninstall_module(
     *,
     install_root: Path | None = None,
     source_map: dict[str, str] | None = None,
+    confirm_user_scope: bool = False,
 ) -> None:
-    """Uninstall a marketplace module from the local canonical user root."""
+    """Uninstall a marketplace module from discovered install roots.
+
+    Deleting under :data:`USER_MODULES_ROOT` (``~/.specfact/modules``) is guarded: callers must pass
+    ``confirm_user_scope=True`` (the ``specfact module uninstall`` CLI does this) or set environment
+    variable ``SPECFACT_CONFIRM_USER_SCOPE_UNINSTALL=1`` for explicit scripted removal. This prevents
+    accidental user-scope data loss from non-interactive or mistaken programmatic calls (for example
+    hooks or agents). Tests should pass ``install_root`` pointing at a temporary directory, or set the
+    env var for intentional user-root coverage.
+    """
     logger = get_bridge_logger(__name__)
 
     if source_map is None:
@@ -980,10 +1007,25 @@ def uninstall_module(
     else:
         candidate_roots = [USER_MODULES_ROOT, MARKETPLACE_MODULES_ROOT]
 
+    env_confirms_user = os.environ.get("SPECFACT_CONFIRM_USER_SCOPE_UNINSTALL", "").strip().lower() in {
+        "1",
+        "true",
+        "yes",
+        "on",
+    }
+
     for root in candidate_roots:
         module_path = root / module_name
         if not module_path.exists():
             continue
+        if _path_is_under_user_modules_install_tree(module_path) and not (confirm_user_scope or env_confirms_user):
+            raise ValueError(
+                "Refusing to remove a module under the canonical user install tree "
+                f"({USER_MODULES_ROOT}) at {module_path!s} without explicit confirmation. "
+                "User-scope modules must not be deleted by accident from library or hook code. "
+                "Use the `specfact module uninstall` command, pass confirm_user_scope=True from a "
+                "trusted caller, or set SPECFACT_CONFIRM_USER_SCOPE_UNINSTALL=1 for scripted uninstalls."
+            )
         shutil.rmtree(module_path)
         logger.debug("Uninstalled module '%s' from '%s'", module_name, root)
         return

specfact_cli/utils/optional_deps.py

@@ -3,6 +3,9 @@ Utilities for checking optional dependencies.
 
 This module provides functions to check if optional dependencies are installed
 and available, enabling graceful degradation when they're not present.
+
+Enhanced-analysis CLI tools: pycg (MIT), bandit (MIT), graphviz (MIT).
+pyan3 (GPL-2.0), syft (wrong PyPI package), bearer (wrong PyPI package) removed.
 """
 
 from __future__ import annotations
@@ -77,7 +80,7 @@ def check_cli_tool_available(
     (where tools installed via pip are typically located).
 
     Args:
-        tool_name: Name of the CLI tool (e.g., "pyan3", "syft", "bearer")
+        tool_name: Name of the CLI tool (e.g., "pycg", "bandit", "graphviz")
         version_flag: Flag to check version (default: "--version")
         timeout: Timeout in seconds (default: 5)
 
@@ -126,24 +129,18 @@ def check_enhanced_analysis_dependencies() -> dict[str, tuple[bool, str | None]]
     """
     Check availability of all enhanced analysis optional dependencies.
 
-    Note: Currently only pyan3 is actually used in the codebase.
-    syft and bearer are planned but not yet implemented.
-
     Returns:
         Dictionary mapping dependency name to (is_available, error_message) tuple:
-        - "pyan3": (bool, str | None) - Python call graph analysis (USED)
-        - "syft": (bool, str | None) - SBOM generation (PLANNED, not yet used)
-        - "bearer": (bool, str | None) - Data flow analysis (PLANNED, not yet used)
-        - "graphviz": (bool, str | None) - Graph visualization (Python package, PLANNED, not yet used)
+        - "pycg": (bool, str | None) - Python call graph analysis (MIT; replaces GPL pyan3)
+        - "bandit": (bool, str | None) - SAST security scanner (MIT)
+        - "graphviz": (bool, str | None) - Graph visualization (Python package)
     """
     results: dict[str, tuple[bool, str | None]] = {}
 
-    # Check CLI tools
-    results["pyan3"] = check_cli_tool_available("pyan3")
-    # Note: syft and bearer are checked but not yet used in the codebase
-    # They are included here for future use when SBOM and data flow analysis are implemented
-    results["syft"] = check_cli_tool_available("syft")
-    results["bearer"] = check_cli_tool_available("bearer")
+    # pycg: MIT-licensed call graph tool (replaces pyan3 which was GPL-2.0)
+    results["pycg"] = check_cli_tool_available("pycg")
+    # bandit: MIT-licensed SAST scanner (replaces bearer which was the wrong PyPI package)
+    results["bandit"] = check_cli_tool_available("bandit")
 
     # Check Python packages
     graphviz_available = check_python_package_available("graphviz")
@@ -169,7 +166,7 @@ def get_enhanced_analysis_installation_hint() -> str:
     pip install specfact-cli[enhanced-analysis]
 
 Or install individually:
-    pip install pyan3 syft bearer graphviz
+    pip install pycg bandit graphviz
 
 Note: graphviz also requires the system Graphviz library:
     - Ubuntu/Debian: sudo apt-get install graphviz

specfact_cli/utils/project_artifact_write.py

@@ -2,6 +2,7 @@
 
 from __future__ import annotations
 
+import json
 import re
 import shutil
 from dataclasses import dataclass
@@ -10,7 +11,7 @@ from enum import StrEnum
 from pathlib import Path
 from typing import Any, Final, cast
 
-import json5
+import commentjson
 from beartype import beartype
 from icontract import ensure, require
 
@@ -80,7 +81,7 @@ def _ordered_unique_strings(items: list[str]) -> list[str]:
 
 def _write_new_vscode_settings_file(settings_path: Path, prompt_files: list[str]) -> None:
     payload: dict[str, Any] = {"chat": {"promptFilesRecommendations": list(prompt_files)}}
-    text = json5.dumps(payload, indent=4, quote_keys=True, trailing_commas=False) + "\n"
+    text = json.dumps(payload, indent=4) + "\n"
     settings_path.write_text(text, encoding="utf-8")
 
 
@@ -103,7 +104,7 @@ def _load_root_dict_from_settings_text(
 ) -> tuple[dict[str, Any], Path | None]:
     out_backup = backup_path
     try:
-        loaded = json5.loads(raw_text)
+        loaded = commentjson.loads(raw_text)
     except ValueError as exc:
         if not explicit_replace_unparseable:
             raise StructuredJsonDocumentError(
@@ -212,8 +213,8 @@ def merge_vscode_settings_prompt_recommendations(
     unusable ``chat`` / ``promptFilesRecommendations`` shape, raises ``StructuredJsonDocumentError``
     unless ``explicit_replace_unparseable`` is True (backup, then recoverable rewrite).
 
-    Parses with JSON5 (comments and trailing commas). Serialized output is canonical JSON5/JSON without
-    preserving original comment text or formatting from the input file.
+    Parses with commentjson (strips ``//`` and ``/* */`` comments and trailing commas via MIT library).
+    Serialized output is canonical JSON without preserving original comment text or formatting.
     """
     repo_root = repo_path.resolve()
     settings_path = (repo_path / settings_relative).resolve()
@@ -249,6 +250,6 @@ def merge_vscode_settings_prompt_recommendations(
             prompt_files=tuple(prompt_files),
         ),
     )
-    out_text = json5.dumps(loaded, indent=4, quote_keys=True, trailing_commas=False) + "\n"
+    out_text = json.dumps(loaded, indent=4) + "\n"
     settings_path.write_text(out_text, encoding="utf-8")
     return settings_path

{specfact_cli-0.46.2.dist-info → specfact_cli-0.46.4.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: specfact-cli
-Version: 0.46.2
+Version: 0.46.4
 Summary: The swiss knife CLI for agile DevOps teams. Keep backlog, specs, tests, and code in sync with validation and contract enforcement for new projects and long-lived codebases.
 Project-URL: Homepage, https://github.com/nold-ai/specfact-cli
 Project-URL: Repository, https://github.com/nold-ai/specfact-cli.git
@@ -224,12 +224,12 @@ Classifier: Topic :: Software Development :: Testing
 Requires-Python: >=3.11
 Requires-Dist: azure-identity>=1.17.1
 Requires-Dist: beartype>=0.22.4
+Requires-Dist: commentjson>=0.9.0
 Requires-Dist: cryptography>=43.0.0
 Requires-Dist: gitpython>=3.1.45
 Requires-Dist: graphviz>=0.20.1
 Requires-Dist: icontract>=2.7.1
 Requires-Dist: jinja2>=3.1.6
-Requires-Dist: json5>=0.9.28
 Requires-Dist: jsonschema>=4.23.0
 Requires-Dist: networkx>=3.4.2
 Requires-Dist: opentelemetry-exporter-otlp-proto-http>=1.27.0
@@ -248,16 +248,18 @@ Provides-Extra: contracts
 Requires-Dist: crosshair-tool>=0.0.97; extra == 'contracts'
 Requires-Dist: hypothesis>=6.142.4; extra == 'contracts'
 Provides-Extra: dev
+Requires-Dist: bandit>=1.7.0; extra == 'dev'
 Requires-Dist: basedpyright>=1.32.1; extra == 'dev'
-Requires-Dist: bearer>=3.1.0; extra == 'dev'
 Requires-Dist: beartype>=0.22.4; extra == 'dev'
 Requires-Dist: crosshair-tool>=0.0.97; extra == 'dev'
 Requires-Dist: graphviz>=0.20.1; extra == 'dev'
 Requires-Dist: hypothesis>=6.142.4; extra == 'dev'
 Requires-Dist: icontract>=2.7.1; extra == 'dev'
 Requires-Dist: isort>=7.0.0; extra == 'dev'
+Requires-Dist: pip-audit>=2.0.0; extra == 'dev'
+Requires-Dist: pip-licenses>=4.0.0; extra == 'dev'
 Requires-Dist: pip-tools>=7.5.1; extra == 'dev'
-Requires-Dist: pyan3>=1.2.0; extra == 'dev'
+Requires-Dist: pycg==0.0.7; extra == 'dev'
 Requires-Dist: pylint>=4.0.2; extra == 'dev'
 Requires-Dist: pytest-asyncio>=1.2.0; extra == 'dev'
 Requires-Dist: pytest-cov>=7.0.0; extra == 'dev'
@@ -271,10 +273,8 @@ Requires-Dist: setuptools<82,>=69.0.0; extra == 'dev'
 Requires-Dist: tomlkit>=0.13.3; extra == 'dev'
 Requires-Dist: types-pyyaml>=6.0.12.20250516; extra == 'dev'
 Provides-Extra: enhanced-analysis
-Requires-Dist: bearer>=3.1.0; extra == 'enhanced-analysis'
 Requires-Dist: graphviz>=0.20.1; extra == 'enhanced-analysis'
-Requires-Dist: pyan3>=1.2.0; extra == 'enhanced-analysis'
-Requires-Dist: syft>=0.9.5; extra == 'enhanced-analysis'
+Requires-Dist: pycg==0.0.7; extra == 'enhanced-analysis'
 Provides-Extra: scanning
 Requires-Dist: semgrep>=1.144.0; extra == 'scanning'
 Description-Content-Type: text/markdown
@@ -308,7 +308,7 @@ uvx specfact-cli code review run --path . --scope full
 **Sample output:**
 
 ```text
-SpecFact CLI - v0.46.1
+SpecFact CLI - v0.46.4
 
 Running Ruff checks...
 Running Radon complexity checks...
@@ -367,14 +367,15 @@ This repository uses a **modular** local hook layout (parity with `specfact-cli-
 separate verify / format / YAML / Markdown / workflow / lint / Block 2 hooks). If you copy
 [`.pre-commit-config.yaml`](.pre-commit-config.yaml) into another repo, you must also vendor the
 referenced `scripts/*.sh` entrypoints (at minimum `scripts/pre-commit-quality-checks.sh`,
-`scripts/pre-commit-verify-modules.sh`, and `scripts/git-branch-module-signature-flag.sh`) so hook
+`scripts/pre-commit-verify-modules.sh`, `scripts/module-verify-policy.sh`, and
+`scripts/git-branch-module-signature-flag.sh`) so hook
 `entry:` paths resolve. Alternatively, skip vendoring the modular file and use the remote hook below.
 
 For a **single-hook** setup in downstream repos, keep using the stable id and script shim:
 
 ```yaml
 - repo: https://github.com/nold-ai/specfact-cli
-  rev: v0.46.1
+  rev: v0.46.4
   hooks:
     - id: specfact-smart-checks
 ```

{specfact_cli-0.46.2.dist-info → specfact_cli-0.46.4.dist-info}/RECORD

@@ -1,4 +1,4 @@
-specfact_cli/__init__.py,sha256=vp1QTe54XWLmrxIQvJDKCgQbraaS5N7ufHPU2kqaDEc,1504
+specfact_cli/__init__.py,sha256=l87i_0NORlszKunQixcew2HQdb8tkv3WRKOvjs_ZlY8,1504
 specfact_cli/__main__.py,sha256=EpP5xlutNYI5AuMlMw8fGt1TywZUR1-CXHpzpWKyNuo,141
 specfact_cli/cli.py,sha256=Td4-LRNKfB0IuUhpd5HV4EVh55bzhM_6krXsGZbU7nY,39395
 specfact_cli/runtime.py,sha256=4tEcOsz2bE6-KuZF5nuHvHuwinO7l8fNAGzrra9pNrc,13474
@@ -20,11 +20,11 @@ specfact_cli/agents/registry.py,sha256=NE2WzNUpgNDAhl5BIqxVoAPyjLALdcf13Jwddah7i
 specfact_cli/agents/sync_agent.py,sha256=AWp0k5AGaaKJvhpQ7rss3vCxG78hYRgskNU1LBfNABo,4351
 specfact_cli/analyzers/__init__.py,sha256=p-fms9MQ_euOMklUXNBk_LH4htlWSWldkFvXF1jreMw,357
 specfact_cli/analyzers/ambiguity_scanner.py,sha256=1rxDPjf56C4MrypJWutkXhbV1lS7uN0m7UHo--LCM8c,40334
-specfact_cli/analyzers/code_analyzer.py,sha256=sThm9DGMotjIDxvPLCSlYikVi154c21Oirw3syKPrGc,83129
+specfact_cli/analyzers/code_analyzer.py,sha256=0q496rD1a3SfNuY9vTplUJ29-ZUbNSogAAxyDIDZLSg,83119
 specfact_cli/analyzers/constitution_evidence_extractor.py,sha256=gkgSFfkDsQ3RtXFkTudz30XwUZ3qrhhg6ph256nb_-s,22110
 specfact_cli/analyzers/contract_extractor.py,sha256=MuuMCwsHbKnLZRQvihnxs2-Y5f2za6IxbugwEVJDuNQ,16895
 specfact_cli/analyzers/control_flow_analyzer.py,sha256=4xHFcdgrASFPDeLUEkSULii3ylRPdl__09ER3t2hrc0,10930
-specfact_cli/analyzers/graph_analyzer.py,sha256=yI1auOMmLZuP5T1L8jsbxyLr8Bj5yjtQerstLPya848,19012
+specfact_cli/analyzers/graph_analyzer.py,sha256=zVTANf_v7jHYffXQBpn21sCwH4DADshlNAHfX13NLHc,18808
 specfact_cli/analyzers/relationship_mapper.py,sha256=ZWymy5bkMp_chSBjh4dKMObjki8KyqYsWXLoDbg0HMs,16800
 specfact_cli/analyzers/requirement_extractor.py,sha256=GZmvHgdkyOXbIT-FZiEmGJVcO30VSNAGKWRWSmspI60,11378
 specfact_cli/analyzers/test_pattern_extractor.py,sha256=4BUSrk9Xe7DA6HMTsK26tvhCkhifVdOtw8yhT6SkBNI,14621
@@ -124,10 +124,10 @@ specfact_cli/modules/init/src/__init__.py,sha256=hCfRT0VH7kl70Rm_jHlNFlCLerJoI8I
 specfact_cli/modules/init/src/app.py,sha256=laUNKmpNqrFl1Jab3bBYICAaq3GUsj5hN5yjVFYAjvE,107
 specfact_cli/modules/init/src/commands.py,sha256=DQPQGXoCBWowa6ivhjuhTSMT9wj_0BmLKJzwpOqNYPk,28519
 specfact_cli/modules/init/src/first_run_selection.py,sha256=nt7TS9gbQzUoSv8UXipunIo6A3IZS3JQWidyjDdvci4,12729
-specfact_cli/modules/module_registry/module-package.yaml,sha256=GDXxk9t_kUDfi7-BS8clunyfZvw9df8zMF5dYROqIKU,699
+specfact_cli/modules/module_registry/module-package.yaml,sha256=fysoEfp4SLjw0qG9Le989VQxotdTwenzxFNChVSRUhI,699
 specfact_cli/modules/module_registry/src/__init__.py,sha256=Y97pOZc6y1DLxUBSHeh15AQ-sWCrg67ESyUNI5NRShY,42
 specfact_cli/modules/module_registry/src/app.py,sha256=sAKRXfaJNVM22rA952DFpG-12c8dazEb_zBQuc1KCF0,351
-specfact_cli/modules/module_registry/src/commands.py,sha256=973tmw7lsAgtFiWp7Kin2oarb_bRSqSu7wS6NRS7fw8,54721
+specfact_cli/modules/module_registry/src/commands.py,sha256=cIDGZJWZvEP0Xyj7EAfptaczgK0zyWqPUGihyjOvul8,54746
 specfact_cli/modules/upgrade/module-package.yaml,sha256=K0_ngKhlMaPpve8UTvuzXrvaA1zWBk-te30ygmkr28Q,646
 specfact_cli/modules/upgrade/src/__init__.py,sha256=hCfRT0VH7kl70Rm_jHlNFlCLerJoI8InHi7OS74WIL8,39
 specfact_cli/modules/upgrade/src/app.py,sha256=lOeaPyWumUuuWbmOTZB7ZbdmvKjDzma0B8fTU976Z00,113
@@ -147,7 +147,7 @@ specfact_cli/registry/marketplace_client.py,sha256=BH1WKr80UccV4VX-N2sL0IxQIC_Et
 specfact_cli/registry/metadata.py,sha256=mSIW8UZgBzBdiAH_52K8GL-VBMgZoyGQXIXg0bsl1Oc,806
 specfact_cli/registry/module_discovery.py,sha256=YljgvmHTULV8JHht1RpaCXyInvbMb675p0C8ilJYWRU,6183
 specfact_cli/registry/module_grouping.py,sha256=Qly2YKxlsn1Wt9hDRlHMMZeui85w3KbbT86VAJ4Mz2o,3186
-specfact_cli/registry/module_installer.py,sha256=U_Sk7MGvZ3TiPOUxsAKs2QhBtRqHIjkb0fal1JMzFFs,39841
+specfact_cli/registry/module_installer.py,sha256=oKIvuW5Fngf4xZNZkoR5dzB4JwyznY5AR2pYE87bRk4,41946
 specfact_cli/registry/module_lifecycle.py,sha256=17QhSER6lQV4JeTn3rvF6lsFRTIjT_UrIzMGpVveFEw,9541
 specfact_cli/registry/module_packages.py,sha256=xXlpeN31_Nj-jFhj4dWbIaRrPWaOvwOkyTrBp2MpSWU,56850
 specfact_cli/registry/module_security.py,sha256=RfKJmkR9sdBXP7q1YBsK1Io-ys0vhHshhPR06uk5TjM,4517
@@ -204,12 +204,12 @@ specfact_cli/utils/icontract_helpers.py,sha256=tbT-Qsh6vxy4eQidf1iGPxVMgkSGtm4z6
 specfact_cli/utils/ide_setup.py,sha256=wpZhm7J73wvm5fGLEMnC49DjL2LACv8PDQVE869_UVE,42210
 specfact_cli/utils/incremental_check.py,sha256=jpU7l-doutVswUNIgsy9U-reJLQdSWjj1KASZZH0XTU,17333
 specfact_cli/utils/metadata.py,sha256=K4h6Udk3_ZO6u3BxRhioeo4gBLeIGVS7BdsfDS5nEdw,5302
-specfact_cli/utils/optional_deps.py,sha256=WCwKt_v3HOtu-vdY2oLlxgyYm5b1n5ZrYnDzSSmv3Js,6352
+specfact_cli/utils/optional_deps.py,sha256=uZ_8f6F1Mc_c-S1NLVDiuukMqATxhBWTUxRVmmvpdfA,6202
 specfact_cli/utils/performance.py,sha256=HL6UJc5kSqosVTKfUXbFw0o4LY-rZHH-pq75VTjKQ-M,7675
 specfact_cli/utils/persona_ownership.py,sha256=BUzUbYOXXOI5ROa9I0xWvDWujoW4jDMarGomzcWfA-U,1553
 specfact_cli/utils/progress.py,sha256=AyYOsSjm6hAm_wo-pXvfx2Bq8P1d7geyaiDsZ2r8Z04,8670
 specfact_cli/utils/progressive_disclosure.py,sha256=LMSPCogHL_vm1gl1Zr3zgOMuJV2-hWX9vjZMU1y8uUY,12944
-specfact_cli/utils/project_artifact_write.py,sha256=9WO9apH1RvCzjEtkLteJbax2n1bQTr3bTUhOJahfhiQ,9598
+specfact_cli/utils/project_artifact_write.py,sha256=SqdHQORKxqA54UdUlW0-9CWiququYE0JUQdQh_YLB7c,9564
 specfact_cli/utils/prompts.py,sha256=-Ah8WMQ87EX5LgB9sWhPCLHwbDrGqCFC-ujDyRo4JmU,6319
 specfact_cli/utils/sdd_discovery.py,sha256=LHYdldSprtOEDEXJ1myg_5JGRWIwaitk3pHKi2IT9n8,7939
 specfact_cli/utils/source_scanner.py,sha256=VmyJE8gvViGR124TuQjODr_0mBlV9kJxE14t0PjQwgE,24928
@@ -286,8 +286,8 @@ specfact_cli/resources/templates/policies/kanban.yaml,sha256=9jt7YYfZ8e8aB5skY2D
 specfact_cli/resources/templates/policies/mixed.yaml,sha256=-fkrT-TLKLTBzjKeKr8bEJHFC-nh1TlyLOEFfgRdSi8,243
 specfact_cli/resources/templates/policies/safe.yaml,sha256=uiwe5_ABvaU4nmq6rsLUn8zRotkBITItPUsdPZPTHTw,157
 specfact_cli/resources/templates/policies/scrum.yaml,sha256=6FHYOntkjCxHAn-ga14IQzA1PvYUJgxfLsEQYtWJILM,188
-specfact_cli-0.46.2.dist-info/METADATA,sha256=lmUwYav26-wEeClaxp80SRhQQ8UHofGk1vl3c4hOx1w,24039
-specfact_cli-0.46.2.dist-info/WHEEL,sha256=QccIxa26bgl1E6uMy58deGWi-0aeIkkangHcxk2kWfw,87
-specfact_cli-0.46.2.dist-info/entry_points.txt,sha256=pwDD5Ttu6AF3p3T05M4G0aR2BELFyUu3214kjMRGEow,96
-specfact_cli-0.46.2.dist-info/licenses/LICENSE,sha256=nWX_6oozyEFlF3mDaSWyBD9HLpyLRmCYYqdcgoVOrOk,11361
-specfact_cli-0.46.2.dist-info/RECORD,,
+specfact_cli-0.46.4.dist-info/METADATA,sha256=1VWUlv4JclZo8U9gAFdVQX1pisvC4d1iqQf9VlpfQL0,24060
+specfact_cli-0.46.4.dist-info/WHEEL,sha256=QccIxa26bgl1E6uMy58deGWi-0aeIkkangHcxk2kWfw,87
+specfact_cli-0.46.4.dist-info/entry_points.txt,sha256=pwDD5Ttu6AF3p3T05M4G0aR2BELFyUu3214kjMRGEow,96
+specfact_cli-0.46.4.dist-info/licenses/LICENSE,sha256=nWX_6oozyEFlF3mDaSWyBD9HLpyLRmCYYqdcgoVOrOk,11361
+specfact_cli-0.46.4.dist-info/RECORD,,