Parameters
- phase:
| "READY"
| "TICKET"
| "PLAN"
| "PLAN_REVIEW"
| "VALIDATION"
| "IMPLEMENTATION"
| "IMPL_REVIEW"
| "EVIDENCE_REVIEW"
| "COMPLETE"
| "ARCHITECTURE"
| "ARCH_REVIEW"
| "ARCH_COMPLETE"
| "REVIEW"
| "REVIEW_COMPLETE" - state: {
id: string;
schemaVersion: "v1";
phase:
| "READY"
| "TICKET"
| "PLAN"
| "PLAN_REVIEW"
| "VALIDATION"
| "IMPLEMENTATION"
| "IMPL_REVIEW"
| "EVIDENCE_REVIEW"
| "COMPLETE"
| "ARCHITECTURE"
| "ARCH_REVIEW"
| "ARCH_COMPLETE"
| "REVIEW"
| "REVIEW_COMPLETE";
claimedTaskClass?: "TRIVIAL"
| "STANDARD"
| "HIGH-RISK";
riskGate?:
| { status: "clear"; lastDecisionId?: string; clearedAt?: string }
| {
status: "blocked";
code: string;
message: string;
blockedAt: string;
lastDecisionId: string;
};
discoveryHealthGate?: | {
status: "clear";
clearedAt?: string;
lastDriftAssessment?: | "timeout"
| "unavailable"
| "clean"
| "drifted"
| "missing_discovery"
| "not_checked";
}
| {
status: "blocked";
code: | "DISCOVERY_HEALTH_UNAVAILABLE"
| "DISCOVERY_HEALTH_DEGRADED"
| "DISCOVERY_DRIFT_BLOCKED";
message: string;
blockedAt: string;
lastDriftAssessment?: | "timeout"
| "unavailable"
| "clean"
| "drifted"
| "missing_discovery"
| "not_checked";
};
binding: Readonly<
{
sessionId: string;
worktree: string;
fingerprint: string;
resolvedAt: string;
},
>;
ticket: | Readonly<
{
text: string;
digest: string;
source: "user"
| "external";
createdAt: string;
inputOrigin?:
| "manual_text"
| "external_reference"
| "mixed"
| "workspace"
| "branch"
| "pr"
| "unknown";
references?: Readonly<
{
ref: string;
type?: | "branch"
| "pr"
| "ticket"
| "issue"
| "commit"
| "url"
| "doc"
| "other";
title?: string;
source?: string;
extractedAt?: string;
},
>[];
},
>
| null;
architecture: | Readonly<
{
id: string;
title: string;
adrText: string;
status: "proposed"
| "accepted"
| "deprecated";
createdAt: string;
digest: string;
reviewFindings?: Readonly<
{
iteration: number;
planVersion: number;
reviewMode: "subagent"
| "self";
overallVerdict: "changes_requested" | "accept" | "unable_to_review";
blockingIssues: Readonly<
{ severity: ...; category: ...; message: ...; location?: ... },
>[];
majorRisks: Readonly<
{ severity: ...; category: ...; message: ...; location?: ... },
>[];
missingVerification: string[];
scopeCreep: string[];
unknowns: string[];
reviewedBy: Readonly<
{
sessionId: string;
actorId?: (...)
| (...);
actorSource?: (...) | (...) | (...) | (...) | (...);
actorAssurance?: (...) | (...) | (...) | (...);
},
>;
reviewedAt: string;
attestation?: Readonly<
{
mandateDigest: ...;
criteriaVersion: ...;
toolObligationId: ...;
iteration: ...;
planVersion: ...;
reviewedBy: ...;
},
>;
},
>[];
},
>
| null;
plan: | Readonly<
{
current: {
body: string;
digest: string;
sections: string[];
createdAt: string;
};
history: {
body: string;
digest: string;
sections: string[];
createdAt: string;
}[];
reviewFindings?: Readonly<
{
iteration: number;
planVersion: number;
reviewMode: "subagent"
| "self";
overallVerdict: "changes_requested" | "accept" | "unable_to_review";
blockingIssues: Readonly<
{ severity: ...; category: ...; message: ...; location?: ... },
>[];
majorRisks: Readonly<
{ severity: ...; category: ...; message: ...; location?: ... },
>[];
missingVerification: string[];
scopeCreep: string[];
unknowns: string[];
reviewedBy: Readonly<
{
sessionId: string;
actorId?: (...)
| (...);
actorSource?: (...) | (...) | (...) | (...) | (...);
actorAssurance?: (...) | (...) | (...) | (...);
},
>;
reviewedAt: string;
attestation?: Readonly<
{
mandateDigest: ...;
criteriaVersion: ...;
toolObligationId: ...;
iteration: ...;
planVersion: ...;
reviewedBy: ...;
},
>;
},
>[];
},
>
| null;
selfReview: | {
iteration: number;
maxIterations: number;
prevDigest: string
| null;
currDigest: string;
revisionDelta: "none" | "minor" | "major";
verdict: "changes_requested" | "accept" | "unable_to_review";
}
| null;
validation: Readonly<
{
checkId: string;
passed: boolean;
detail: string;
executedAt: string;
kind: | "format"
| "build"
| "test"
| "lint"
| "typecheck"
| "security"
| "coverage";
command: string;
exitCode: number;
executionMs: number;
outputDigest: string;
timedOut: boolean;
derivedRepairGuidance?: | Readonly<
{
kind: "derived_repair_guidance";
advisory: true;
source: "run_check_output";
status: "available";
category: | "format"
| "build"
| "test"
| "lint"
| "typecheck"
| "security"
| "coverage"
| "timeout";
confidence: "high"
| "medium"
| "low";
affectedLocations: Readonly<
{ file: (...)
| (...); line: (...) | (...); column: (...) | (...) },
>[];
evidence: Readonly<{ stream: (...) | (...); excerpt: string }>[];
recommendedNextActions: string[];
notVerified: string[];
},
>
| Readonly<
{
kind: "derived_repair_guidance";
advisory: true;
source: "run_check_output";
status: "unavailable";
reason: "passed"
| "unparseable"
| "insufficient_confidence";
evidence: Readonly<{ stream: (...) | (...); excerpt: string }>[];
recommendedNextActions: string[];
notVerified: string[];
},
>;
},
>[];
implementation: | Readonly<
{
changedFiles: string[];
domainFiles: string[];
digest: string;
executedAt: string;
},
>
| null;
reducedCeremony: | Readonly<
{
profile: "reduced";
reason: string;
claimedTaskClass: "TRIVIAL"
| "STANDARD"
| "HIGH-RISK";
computedMinimumTaskClass: "TRIVIAL" | "STANDARD" | "HIGH-RISK";
touchedSurfaces: string[];
decidedAt: string;
},
>
| null;
implReview: | Readonly<
{
iteration: number;
maxIterations: number;
prevDigest: string
| null;
currDigest: string;
revisionDelta: "none" | "minor" | "major";
verdict: "changes_requested" | "accept" | "unable_to_review";
executedAt: string;
},
>
| null;
implReviewFindings?: Readonly<
{
iteration: number;
planVersion: number;
reviewMode: "subagent"
| "self";
overallVerdict: "changes_requested" | "accept" | "unable_to_review";
blockingIssues: Readonly<
{
severity: "minor"
| "major"
| "critical";
category:
| "completeness"
| "correctness"
| "feasibility"
| "risk"
| "quality";
message: string;
location?: string;
},
>[];
majorRisks: Readonly<
{
severity: "minor"
| "major"
| "critical";
category:
| "completeness"
| "correctness"
| "feasibility"
| "risk"
| "quality";
message: string;
location?: string;
},
>[];
missingVerification: string[];
scopeCreep: string[];
unknowns: string[];
reviewedBy: Readonly<
{
sessionId: string;
actorId?: string;
actorSource?: "unknown"
| "env"
| "git"
| "claim";
actorAssurance?: "best_effort" | "claim_validated" | "idp_verified";
},
>;
reviewedAt: string;
attestation?: Readonly<
{
mandateDigest: string;
criteriaVersion: string;
toolObligationId: string;
iteration: number;
planVersion: number;
reviewedBy: "flowguard-reviewer";
},
>;
},
>[];
reviewAssurance?: Readonly<
{
obligations: {
obligationId: string;
obligationType: "plan"
| "implement"
| "architecture"
| "review";
iteration: number;
planVersion: number;
criteriaVersion: string;
mandateDigest: string;
createdAt: string;
pluginHandshakeAt: string | null;
status: "pending" | "fulfilled" | "consumed" | "blocked";
invocationId: string | null;
blockedCode: string | null;
fulfilledAt: string | null;
consumedAt: string | null;
metadata?: Record<string, unknown>;
}[];
invocations: Readonly<
{
invocationId: string;
obligationId: string;
obligationType: "plan"
| "implement"
| "architecture"
| "review";
parentSessionId: string;
childSessionId: string;
agentType: "flowguard-reviewer";
invocationMode:
| "host_subagent_task"
| "sdk_session_prompt"
| "manual_attested"
| "native_subagent_attested";
hostVisible: boolean;
promptHash: string;
mandateDigest: string;
criteriaVersion: string;
findingsHash: string;
invokedAt: string;
fulfilledAt: string
| null;
consumedByObligationId: string | null;
capturedVerdict?: string;
capturedRawFindings?: Record<string, unknown>;
source?: "host-orchestrated" | "agent-submitted-attested";
reviewOutputMode: "structured_output" | "text_compat";
structuredOutputUsed: boolean;
reviewAssuranceLevel: "structured_high" | "text_compat_lower";
extractionMethod?: "direct_json" | "json_fence" | "outermost_braces";
modelCapabilityError?: string;
hostCapturedAgentId?: string;
hostCapturedAgentType?: "flowguard-reviewer";
hostCaptureSource?: "subagent_stop_hook" | "post_tool_use_hook";
},
>[];
},
>;
reviewDecision: | Readonly<
{
verdict: "approve"
| "changes_requested"
| "reject";
rationale: string;
decidedAt: string;
decidedBy: string;
decisionIdentity?: Readonly<
{
actorId: string;
actorEmail: string
| null;
actorDisplayName?: string | null;
actorSource: "unknown" | "env" | "git" | "claim" | "oidc";
actorAssurance: "best_effort" | "claim_validated" | "idp_verified";
},
>;
},
>
| null;
reviewReportPath: string
| null;
nextAdrNumber: number;
activeProfile:
| {
id: string;
name: string;
ruleContent: string;
phaseRuleContent?: Record<string, string>;
}
| null;
activeChecks: string[];
policySnapshot: Readonly<
{
mode: "solo"
| "team"
| "team-ci"
| "regulated";
hash: string;
resolvedAt: string;
requestedMode: "solo" | "team" | "team-ci" | "regulated";
source?: "default" | "explicit" | "central" | "repo";
effectiveGateBehavior: "auto_approve" | "human_gated";
degradedReason?: string;
resolutionReason?: string;
centralMinimumMode?: "solo" | "team" | "regulated";
policyDigest?: string;
policyVersion?: string;
policyPathHint?: string;
requireHumanGates: boolean;
maxSelfReviewIterations: number;
maxImplReviewIterations: number;
allowSelfApproval: boolean;
minimumActorAssuranceForApproval:
| "best_effort"
| "claim_validated"
| "idp_verified";
requireVerifiedActorsForApproval: boolean;
identityProvider?: | {
issuer: string;
audience: string[];
claimMapping: {
subjectClaim: string;
emailClaim: string;
nameClaim: string;
};
mode: "static";
signingKeys: (
| {
kind: "jwk";
kid: string;
alg: "RS256"
| "ES256";
jwk:
| { kty: "RSA"; n: string; e: string }
| { kty: "EC"; x: string; y: string; crv: string };
}
| { kind: "pem"; kid: string; alg: "RS256"
| "ES256"; pem: string }
)[];
}
| {
issuer: string;
audience: string[];
claimMapping: {
subjectClaim: string;
emailClaim: string;
nameClaim: string;
};
mode: "jwks";
jwksPath?: string;
jwksUri?: string;
cacheTtlSeconds: number;
};
identityProviderMode: "optional"
| "required";
selfReview?: {
subagentEnabled: boolean;
fallbackToSelf: boolean;
strictEnforcement: boolean;
};
reviewOutputPolicy?: "structured_required"
| "text_compat_allowed";
reviewInvocationPolicy?:
| "host_task_required"
| "host_task_preferred"
| "sdk_allowed";
audit: {
emitTransitions: boolean;
emitToolCalls: boolean;
enableChainHash: boolean;
timestampAssurance: {
enabled: boolean;
mode: "local_only"
| "ntp_check"
| "tsa_critical";
strict: boolean;
criticalEvents: string[];
tsaUrl?: string;
trustAnchors?: string[];
ntpServers?: string[];
ntpDriftThresholdMs: number;
tsaTimeoutMs: number;
};
};
actorClassification: Record<string, string>;
enforceRiskClassification: boolean;
allowRiskDowngradeOverride: boolean;
allowReducedCeremony: boolean;
discoveryHealth: {
enforcement: "advisory" | "required" | "off";
onDegraded: "allow" | "warn" | "block";
onDrift: "allow" | "warn" | "block";
};
validationEvidence: {
enforcement: "advisory"
| "required"
| "off";
allowNoCommands: boolean;
};
},
>;
initiatedBy: string;
initiatedByIdentity?: Readonly<
{
actorId: string;
actorEmail: string
| null;
actorDisplayName?: string | null;
actorSource: "unknown" | "env" | "git" | "claim" | "oidc";
actorAssurance: "best_effort" | "claim_validated" | "idp_verified";
},
>;
actorInfo?: Readonly<
{
id: string;
email: string
| null;
displayName?: string | null;
source: "unknown" | "env" | "git" | "claim" | "oidc";
assurance: "best_effort" | "claim_validated" | "idp_verified";
verificationMeta?: Readonly<
{
issuer: string;
audience: string[];
keyId: string;
algorithm: string;
verifiedAt: string;
},
>;
},
>;
discoveryDigest?: string
| null;
discoverySummary?:
| {
primaryLanguages: string[];
frameworks: string[];
topologyKind: "unknown"
| "monorepo"
| "single-project";
moduleCount: number;
hasApiSurface: boolean;
hasPersistenceSurface: boolean;
hasCiCd: boolean;
hasSecuritySurface: boolean;
codeSurfaceStatus?: "ok" | "partial" | "failed";
apiEndpointCount?: number;
hasAuthBoundary?: boolean;
}
| null;
detectedStack?: | {
summary: string;
items: {
kind: | "language"
| "framework"
| "runtime"
| "buildTool"
| "tool"
| "testFramework"
| "qualityTool"
| "database";
id: string;
version?: string;
evidence?: string;
}[];
versions: {
id: string;
version: string;
target: | "language"
| "framework"
| "runtime"
| "buildTool"
| "tool"
| "testFramework"
| "qualityTool"
| "database";
evidence?: string;
}[];
targets?: {
kind: "compilerTarget";
id: string;
value: string;
evidence?: string;
}[];
scopes?: {
path: string;
summary?: string;
items: {
kind: | "language"
| "framework"
| "runtime"
| "buildTool"
| "tool"
| "testFramework"
| "qualityTool"
| "database";
id: string;
version?: string;
evidence?: string;
}[];
versions: {
id: string;
version: string;
target: | "language"
| "framework"
| "runtime"
| "buildTool"
| "tool"
| "testFramework"
| "qualityTool"
| "database";
evidence?: string;
}[];
}[];
}
| null;
verificationCandidates?: {
kind: | "format"
| "build"
| "test"
| "lint"
| "typecheck"
| "security"
| "coverage";
command: string;
source: string;
confidence: "high"
| "medium"
| "low";
reason: string;
}[];
transition: | {
from: | "READY"
| "TICKET"
| "PLAN"
| "PLAN_REVIEW"
| "VALIDATION"
| "IMPLEMENTATION"
| "IMPL_REVIEW"
| "EVIDENCE_REVIEW"
| "COMPLETE"
| "ARCHITECTURE"
| "ARCH_REVIEW"
| "ARCH_COMPLETE"
| "REVIEW"
| "REVIEW_COMPLETE";
to: | "READY"
| "TICKET"
| "PLAN"
| "PLAN_REVIEW"
| "VALIDATION"
| "IMPLEMENTATION"
| "IMPL_REVIEW"
| "EVIDENCE_REVIEW"
| "COMPLETE"
| "ARCHITECTURE"
| "ARCH_REVIEW"
| "ARCH_COMPLETE"
| "REVIEW"
| "REVIEW_COMPLETE";
event: | "TICKET_SELECTED"
| "ARCHITECTURE_SELECTED"
| "REVIEW_SELECTED"
| "PLAN_READY"
| "SELF_REVIEW_MET"
| "SELF_REVIEW_PENDING"
| "APPROVE"
| "CHANGES_REQUESTED"
| "REJECT"
| "ALL_PASSED"
| "CHECK_FAILED"
| "IMPL_COMPLETE"
| "REDUCED_CEREMONY"
| "REVIEW_MET"
| "REVIEW_PENDING"
| "REVIEW_DONE"
| "ERROR"
| "ABORT";
at: string;
}
| null;
error: | Readonly<
{
code: string;
message: string;
recoveryHint: string;
occurredAt: string;
},
>
| null;
createdAt: string;
archiveStatus?: "pending"
| "verified"
| "failed"
| "created"
| null;
}id: string
schemaVersion: "v1"
phase:
| "READY"
| "TICKET"
| "PLAN"
| "PLAN_REVIEW"
| "VALIDATION"
| "IMPLEMENTATION"
| "IMPL_REVIEW"
| "EVIDENCE_REVIEW"
| "COMPLETE"
| "ARCHITECTURE"
| "ARCH_REVIEW"
| "ARCH_COMPLETE"
| "REVIEW"
| "REVIEW_COMPLETE"
OptionalclaimedTaskClass?: "TRIVIAL" | "STANDARD" | "HIGH-RISK"
OptionalriskGate?:
| { status: "clear"; lastDecisionId?: string; clearedAt?: string }
| {
status: "blocked";
code: string;
message: string;
blockedAt: string;
lastDecisionId: string;
}
OptionaldiscoveryHealthGate?:
| {
status: "clear";
clearedAt?: string;
lastDriftAssessment?: | "timeout"
| "unavailable"
| "clean"
| "drifted"
| "missing_discovery"
| "not_checked";
}
| {
status: "blocked";
code: | "DISCOVERY_HEALTH_UNAVAILABLE"
| "DISCOVERY_HEALTH_DEGRADED"
| "DISCOVERY_DRIFT_BLOCKED";
message: string;
blockedAt: string;
lastDriftAssessment?: | "timeout"
| "unavailable"
| "clean"
| "drifted"
| "missing_discovery"
| "not_checked";
}
binding: Readonly<
{
sessionId: string;
worktree: string;
fingerprint: string;
resolvedAt: string;
},
>
ticket:
| Readonly<
{
text: string;
digest: string;
source: "user"
| "external";
createdAt: string;
inputOrigin?:
| "manual_text"
| "external_reference"
| "mixed"
| "workspace"
| "branch"
| "pr"
| "unknown";
references?: Readonly<
{
ref: string;
type?: | "branch"
| "pr"
| "ticket"
| "issue"
| "commit"
| "url"
| "doc"
| "other";
title?: string;
source?: string;
extractedAt?: string;
},
>[];
},
>
| null
architecture:
| Readonly<
{
id: string;
title: string;
adrText: string;
status: "proposed"
| "accepted"
| "deprecated";
createdAt: string;
digest: string;
reviewFindings?: Readonly<
{
iteration: number;
planVersion: number;
reviewMode: "subagent"
| "self";
overallVerdict: "changes_requested" | "accept" | "unable_to_review";
blockingIssues: Readonly<
{ severity: ...; category: ...; message: ...; location?: ... },
>[];
majorRisks: Readonly<
{ severity: ...; category: ...; message: ...; location?: ... },
>[];
missingVerification: string[];
scopeCreep: string[];
unknowns: string[];
reviewedBy: Readonly<
{
sessionId: string;
actorId?: (...)
| (...);
actorSource?: (...) | (...) | (...) | (...) | (...);
actorAssurance?: (...) | (...) | (...) | (...);
},
>;
reviewedAt: string;
attestation?: Readonly<
{
mandateDigest: ...;
criteriaVersion: ...;
toolObligationId: ...;
iteration: ...;
planVersion: ...;
reviewedBy: ...;
},
>;
},
>[];
},
>
| null
plan:
| Readonly<
{
current: {
body: string;
digest: string;
sections: string[];
createdAt: string;
};
history: {
body: string;
digest: string;
sections: string[];
createdAt: string;
}[];
reviewFindings?: Readonly<
{
iteration: number;
planVersion: number;
reviewMode: "subagent"
| "self";
overallVerdict: "changes_requested" | "accept" | "unable_to_review";
blockingIssues: Readonly<
{ severity: ...; category: ...; message: ...; location?: ... },
>[];
majorRisks: Readonly<
{ severity: ...; category: ...; message: ...; location?: ... },
>[];
missingVerification: string[];
scopeCreep: string[];
unknowns: string[];
reviewedBy: Readonly<
{
sessionId: string;
actorId?: (...)
| (...);
actorSource?: (...) | (...) | (...) | (...) | (...);
actorAssurance?: (...) | (...) | (...) | (...);
},
>;
reviewedAt: string;
attestation?: Readonly<
{
mandateDigest: ...;
criteriaVersion: ...;
toolObligationId: ...;
iteration: ...;
planVersion: ...;
reviewedBy: ...;
},
>;
},
>[];
},
>
| null
selfReview:
| {
iteration: number;
maxIterations: number;
prevDigest: string
| null;
currDigest: string;
revisionDelta: "none" | "minor" | "major";
verdict: "changes_requested" | "accept" | "unable_to_review";
}
| null
validation: Readonly<
{
checkId: string;
passed: boolean;
detail: string;
executedAt: string;
kind: | "format"
| "build"
| "test"
| "lint"
| "typecheck"
| "security"
| "coverage";
command: string;
exitCode: number;
executionMs: number;
outputDigest: string;
timedOut: boolean;
derivedRepairGuidance?: | Readonly<
{
kind: "derived_repair_guidance";
advisory: true;
source: "run_check_output";
status: "available";
category: | "format"
| "build"
| "test"
| "lint"
| "typecheck"
| "security"
| "coverage"
| "timeout";
confidence: "high"
| "medium"
| "low";
affectedLocations: Readonly<
{ file: (...)
| (...); line: (...) | (...); column: (...) | (...) },
>[];
evidence: Readonly<{ stream: (...) | (...); excerpt: string }>[];
recommendedNextActions: string[];
notVerified: string[];
},
>
| Readonly<
{
kind: "derived_repair_guidance";
advisory: true;
source: "run_check_output";
status: "unavailable";
reason: "passed"
| "unparseable"
| "insufficient_confidence";
evidence: Readonly<{ stream: (...) | (...); excerpt: string }>[];
recommendedNextActions: string[];
notVerified: string[];
},
>;
},
>[]
implementation:
| Readonly<
{
changedFiles: string[];
domainFiles: string[];
digest: string;
executedAt: string;
},
>
| null
reducedCeremony:
| Readonly<
{
profile: "reduced";
reason: string;
claimedTaskClass: "TRIVIAL"
| "STANDARD"
| "HIGH-RISK";
computedMinimumTaskClass: "TRIVIAL" | "STANDARD" | "HIGH-RISK";
touchedSurfaces: string[];
decidedAt: string;
},
>
| null
implReview:
| Readonly<
{
iteration: number;
maxIterations: number;
prevDigest: string
| null;
currDigest: string;
revisionDelta: "none" | "minor" | "major";
verdict: "changes_requested" | "accept" | "unable_to_review";
executedAt: string;
},
>
| null
OptionalimplReviewFindings?: Readonly<
{
iteration: number;
planVersion: number;
reviewMode: "subagent"
| "self";
overallVerdict: "changes_requested" | "accept" | "unable_to_review";
blockingIssues: Readonly<
{
severity: "minor"
| "major"
| "critical";
category:
| "completeness"
| "correctness"
| "feasibility"
| "risk"
| "quality";
message: string;
location?: string;
},
>[];
majorRisks: Readonly<
{
severity: "minor"
| "major"
| "critical";
category:
| "completeness"
| "correctness"
| "feasibility"
| "risk"
| "quality";
message: string;
location?: string;
},
>[];
missingVerification: string[];
scopeCreep: string[];
unknowns: string[];
reviewedBy: Readonly<
{
sessionId: string;
actorId?: string;
actorSource?: "unknown"
| "env"
| "git"
| "claim";
actorAssurance?: "best_effort" | "claim_validated" | "idp_verified";
},
>;
reviewedAt: string;
attestation?: Readonly<
{
mandateDigest: string;
criteriaVersion: string;
toolObligationId: string;
iteration: number;
planVersion: number;
reviewedBy: "flowguard-reviewer";
},
>;
},
>[]
OptionalreviewAssurance?: Readonly<
{
obligations: {
obligationId: string;
obligationType: "plan"
| "implement"
| "architecture"
| "review";
iteration: number;
planVersion: number;
criteriaVersion: string;
mandateDigest: string;
createdAt: string;
pluginHandshakeAt: string | null;
status: "pending" | "fulfilled" | "consumed" | "blocked";
invocationId: string | null;
blockedCode: string | null;
fulfilledAt: string | null;
consumedAt: string | null;
metadata?: Record<string, unknown>;
}[];
invocations: Readonly<
{
invocationId: string;
obligationId: string;
obligationType: "plan"
| "implement"
| "architecture"
| "review";
parentSessionId: string;
childSessionId: string;
agentType: "flowguard-reviewer";
invocationMode:
| "host_subagent_task"
| "sdk_session_prompt"
| "manual_attested"
| "native_subagent_attested";
hostVisible: boolean;
promptHash: string;
mandateDigest: string;
criteriaVersion: string;
findingsHash: string;
invokedAt: string;
fulfilledAt: string
| null;
consumedByObligationId: string | null;
capturedVerdict?: string;
capturedRawFindings?: Record<string, unknown>;
source?: "host-orchestrated" | "agent-submitted-attested";
reviewOutputMode: "structured_output" | "text_compat";
structuredOutputUsed: boolean;
reviewAssuranceLevel: "structured_high" | "text_compat_lower";
extractionMethod?: "direct_json" | "json_fence" | "outermost_braces";
modelCapabilityError?: string;
hostCapturedAgentId?: string;
hostCapturedAgentType?: "flowguard-reviewer";
hostCaptureSource?: "subagent_stop_hook" | "post_tool_use_hook";
},
>[];
},
>
reviewDecision:
| Readonly<
{
verdict: "approve"
| "changes_requested"
| "reject";
rationale: string;
decidedAt: string;
decidedBy: string;
decisionIdentity?: Readonly<
{
actorId: string;
actorEmail: string
| null;
actorDisplayName?: string | null;
actorSource: "unknown" | "env" | "git" | "claim" | "oidc";
actorAssurance: "best_effort" | "claim_validated" | "idp_verified";
},
>;
},
>
| null
reviewReportPath: string | null
nextAdrNumber: number
activeProfile:
| {
id: string;
name: string;
ruleContent: string;
phaseRuleContent?: Record<string, string>;
}
| null
activeChecks: string[]
policySnapshot: Readonly<
{
mode: "solo"
| "team"
| "team-ci"
| "regulated";
hash: string;
resolvedAt: string;
requestedMode: "solo" | "team" | "team-ci" | "regulated";
source?: "default" | "explicit" | "central" | "repo";
effectiveGateBehavior: "auto_approve" | "human_gated";
degradedReason?: string;
resolutionReason?: string;
centralMinimumMode?: "solo" | "team" | "regulated";
policyDigest?: string;
policyVersion?: string;
policyPathHint?: string;
requireHumanGates: boolean;
maxSelfReviewIterations: number;
maxImplReviewIterations: number;
allowSelfApproval: boolean;
minimumActorAssuranceForApproval:
| "best_effort"
| "claim_validated"
| "idp_verified";
requireVerifiedActorsForApproval: boolean;
identityProvider?: | {
issuer: string;
audience: string[];
claimMapping: {
subjectClaim: string;
emailClaim: string;
nameClaim: string;
};
mode: "static";
signingKeys: (
| {
kind: "jwk";
kid: string;
alg: "RS256"
| "ES256";
jwk:
| { kty: "RSA"; n: string; e: string }
| { kty: "EC"; x: string; y: string; crv: string };
}
| { kind: "pem"; kid: string; alg: "RS256"
| "ES256"; pem: string }
)[];
}
| {
issuer: string;
audience: string[];
claimMapping: {
subjectClaim: string;
emailClaim: string;
nameClaim: string;
};
mode: "jwks";
jwksPath?: string;
jwksUri?: string;
cacheTtlSeconds: number;
};
identityProviderMode: "optional"
| "required";
selfReview?: {
subagentEnabled: boolean;
fallbackToSelf: boolean;
strictEnforcement: boolean;
};
reviewOutputPolicy?: "structured_required"
| "text_compat_allowed";
reviewInvocationPolicy?:
| "host_task_required"
| "host_task_preferred"
| "sdk_allowed";
audit: {
emitTransitions: boolean;
emitToolCalls: boolean;
enableChainHash: boolean;
timestampAssurance: {
enabled: boolean;
mode: "local_only"
| "ntp_check"
| "tsa_critical";
strict: boolean;
criticalEvents: string[];
tsaUrl?: string;
trustAnchors?: string[];
ntpServers?: string[];
ntpDriftThresholdMs: number;
tsaTimeoutMs: number;
};
};
actorClassification: Record<string, string>;
enforceRiskClassification: boolean;
allowRiskDowngradeOverride: boolean;
allowReducedCeremony: boolean;
discoveryHealth: {
enforcement: "advisory" | "required" | "off";
onDegraded: "allow" | "warn" | "block";
onDrift: "allow" | "warn" | "block";
};
validationEvidence: {
enforcement: "advisory"
| "required"
| "off";
allowNoCommands: boolean;
};
},
>
initiatedBy: string
OptionalinitiatedByIdentity?: Readonly<
{
actorId: string;
actorEmail: string
| null;
actorDisplayName?: string | null;
actorSource: "unknown" | "env" | "git" | "claim" | "oidc";
actorAssurance: "best_effort" | "claim_validated" | "idp_verified";
},
>
OptionalactorInfo?: Readonly<
{
id: string;
email: string
| null;
displayName?: string | null;
source: "unknown" | "env" | "git" | "claim" | "oidc";
assurance: "best_effort" | "claim_validated" | "idp_verified";
verificationMeta?: Readonly<
{
issuer: string;
audience: string[];
keyId: string;
algorithm: string;
verifiedAt: string;
},
>;
},
>
OptionaldiscoveryDigest?: string | null
OptionaldiscoverySummary?:
| {
primaryLanguages: string[];
frameworks: string[];
topologyKind: "unknown"
| "monorepo"
| "single-project";
moduleCount: number;
hasApiSurface: boolean;
hasPersistenceSurface: boolean;
hasCiCd: boolean;
hasSecuritySurface: boolean;
codeSurfaceStatus?: "ok" | "partial" | "failed";
apiEndpointCount?: number;
hasAuthBoundary?: boolean;
}
| null
OptionaldetectedStack?:
| {
summary: string;
items: {
kind: | "language"
| "framework"
| "runtime"
| "buildTool"
| "tool"
| "testFramework"
| "qualityTool"
| "database";
id: string;
version?: string;
evidence?: string;
}[];
versions: {
id: string;
version: string;
target: | "language"
| "framework"
| "runtime"
| "buildTool"
| "tool"
| "testFramework"
| "qualityTool"
| "database";
evidence?: string;
}[];
targets?: {
kind: "compilerTarget";
id: string;
value: string;
evidence?: string;
}[];
scopes?: {
path: string;
summary?: string;
items: {
kind: | "language"
| "framework"
| "runtime"
| "buildTool"
| "tool"
| "testFramework"
| "qualityTool"
| "database";
id: string;
version?: string;
evidence?: string;
}[];
versions: {
id: string;
version: string;
target: | "language"
| "framework"
| "runtime"
| "buildTool"
| "tool"
| "testFramework"
| "qualityTool"
| "database";
evidence?: string;
}[];
}[];
}
| null
OptionalverificationCandidates?: {
kind:
| "format"
| "build"
| "test"
| "lint"
| "typecheck"
| "security"
| "coverage";
command: string;
source: string;
confidence: "high"
| "medium"
| "low";
reason: string;
}[]
transition:
| {
from: | "READY"
| "TICKET"
| "PLAN"
| "PLAN_REVIEW"
| "VALIDATION"
| "IMPLEMENTATION"
| "IMPL_REVIEW"
| "EVIDENCE_REVIEW"
| "COMPLETE"
| "ARCHITECTURE"
| "ARCH_REVIEW"
| "ARCH_COMPLETE"
| "REVIEW"
| "REVIEW_COMPLETE";
to: | "READY"
| "TICKET"
| "PLAN"
| "PLAN_REVIEW"
| "VALIDATION"
| "IMPLEMENTATION"
| "IMPL_REVIEW"
| "EVIDENCE_REVIEW"
| "COMPLETE"
| "ARCHITECTURE"
| "ARCH_REVIEW"
| "ARCH_COMPLETE"
| "REVIEW"
| "REVIEW_COMPLETE";
event: | "TICKET_SELECTED"
| "ARCHITECTURE_SELECTED"
| "REVIEW_SELECTED"
| "PLAN_READY"
| "SELF_REVIEW_MET"
| "SELF_REVIEW_PENDING"
| "APPROVE"
| "CHANGES_REQUESTED"
| "REJECT"
| "ALL_PASSED"
| "CHECK_FAILED"
| "IMPL_COMPLETE"
| "REDUCED_CEREMONY"
| "REVIEW_MET"
| "REVIEW_PENDING"
| "REVIEW_DONE"
| "ERROR"
| "ABORT";
at: string;
}
| null
error:
| Readonly<
{
code: string;
message: string;
recoveryHint: string;
occurredAt: string;
},
>
| null
createdAt: string
OptionalarchiveStatus?: "pending" | "verified" | "failed" | "created" | null
NextAction with code, guidance text, and available commands.
Resolve the next action for the current phase and state.
Pure function — no side effects. Deterministic for the same inputs. Covers all 14 phases across 3 flows via an exhaustive lookup table. TypeScript enforces compile-time phase exhaustiveness.