[importlinter]
root_packages =
    terok
include_external_packages = True

# ── Layer architecture (independent verification) ─────────────────
#
# Duplicates tach's layer list to catch agent-modified tach.toml.
# import-linter computes layers from the actual import graph, not
# from editable labels.

[importlinter:contract:architecture]
name = Layered architecture
type = layers
layers =
    terok.cli | terok.tui
    terok.lib.domain
    terok.lib.orchestration
    terok.lib.core
    terok.lib.integrations

# ── Cross-package boundaries (tach can't do this) ────────────────
#
# ``protected`` contracts: "module X may ONLY be imported by modules Y, Z".
#
# Every sibling-wheel import funnels through a single adapter in
# ``terok.lib.integrations`` — that adapter is the *only* allowed
# importer.  A new ``from terok_sandbox import …`` anywhere else is a
# CI failure: route it through the adapter instead (and extend the
# adapter's re-export surface if the symbol is new).

[importlinter:contract:sandbox-boundary]
name = terok_sandbox access restricted to the integrations adapter
type = protected
protected_modules = terok_sandbox
allowed_importers =
    terok.lib.integrations.sandbox

[importlinter:contract:executor-boundary]
name = terok_executor access restricted to the integrations adapter
type = protected
protected_modules = terok_executor
allowed_importers =
    terok.lib.integrations.executor

[importlinter:contract:clearance-boundary]
name = terok_clearance access restricted to the integrations adapter
type = protected
protected_modules = terok_clearance
allowed_importers =
    terok.lib.integrations.clearance

[importlinter:contract:shield-boundary]
name = terok_shield access restricted to the integrations adapter
type = protected
protected_modules = terok_shield
allowed_importers =
    terok.lib.integrations.shield
