@aikdna/studio-core 0.3.0 → 0.4.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aikdna/studio-core",
-  "version": "0.3.0",
+  "version": "0.4.1",
   "description": "KDNA Studio Core — pure logic library for authoring, validating, and compiling KDNA domain judgment packages.",
   "type": "commonjs",
   "main": "src/index.js",

package/src/compile/index.js

@@ -1,114 +1,145 @@
 /**
- * Compile locked cards into KDNA domain JSON files.
+ * Compile locked cards into KDNA domain JSON files — SPEC-compatible output.
  *
- * Only locked cards enter compilation output.
- * Draft/Revised cards are silently excluded.
- * Supports full 6-file output: Core / Patterns / Scenarios / Cases / Reasoning / Evolution.
+ * KDNA SPEC v1.0-rc requirements:
+ *   - Every file MUST have meta: { version, domain, created, purpose, load_condition }
+ *   - Minimum output: KDNA_Core.json + KDNA_Patterns.json
+ *   - Maximum 6 KDNA JSON files per domain
+ *   - KDNA_Scenarios.json: { meta, scenes[] }
+ *   - KDNA_Reasoning.json: { meta, reasoning_chains[] }
+ *   - KDNA_Evolution.json: { meta, stages[], capability_layers[], measurements[] }
+ *
+ * Only locked cards enter compilation. Draft/Revised excluded silently.
  */
-const provenance = require('../provenance');
 
-function compileCore(cards) {
-  const axioms = cards.filter(c => c.type === 'axiom' && c.locked).map(c => ({ id: c.id, ...c.fields }));
-  const ontology = cards.filter(c => c.type === 'ontology' && c.locked).map(c => ({ id: c.id, ...c.fields }));
-  const frameworks = [];
-  const stances = [];
-  const boundaries = cards.filter(c => c.type === 'boundary' && c.locked).map(c => ({
-    id: c.id,
-    scope: c.fields?.scope || '',
-    out_of_scope: c.fields?.out_of_scope || '',
-    acceptable_exceptions: c.fields?.acceptable_exceptions || [],
-  }));
-  const risks = cards.filter(c => c.type === 'risk' && c.locked).map(c => ({ id: c.id, ...c.fields }));
+function makeMeta(project) {
+  return {
+    version: (project.release && project.release.version) || '0.1.0',
+    domain: project.name,
+    created: project.created || new Date().toISOString().slice(0, 10),
+    purpose: project.release?.description || `Domain judgment for ${project.name}`,
+    load_condition: 'Load when the task matches applies_when on domain axioms.',
+  };
+}
+
+function compileCore(cards, project) {
+  const lockedAxioms = cards.filter(c => c.type === 'axiom' && c.locked).map(c => ({ id: c.id, ...c.fields }));
+  const lockedOntology = cards.filter(c => c.type === 'ontology' && c.locked).map(c => ({ id: c.id, ...c.fields }));
+  const lockedBoundaries = cards.filter(c => c.type === 'boundary' && c.locked);
+  const lockedRisks = cards.filter(c => c.type === 'risk' && c.locked).map(c => ({ id: c.id, ...c.fields }));
 
-  return { axioms, ontology, frameworks, stances, boundaries, risks };
+  return {
+    meta: makeMeta(project),
+    axioms: lockedAxioms,
+    ontology: lockedOntology,
+    frameworks: [],
+    stances: [],
+    core_structure: [],
+    boundaries: lockedBoundaries.map(c => ({
+      id: c.id,
+      scope: c.fields?.scope || '',
+      out_of_scope: c.fields?.out_of_scope || '',
+      acceptable_exceptions: c.fields?.acceptable_exceptions || [],
+    })),
+    risks: lockedRisks,
+  };
 }
 
-function compilePatterns(cards) {
-  const misunderstandings = cards.filter(c => c.type === 'misunderstanding' && c.locked).map(c => ({
+function compilePatterns(cards, project) {
+  const lockedMisunderstandings = cards.filter(c => c.type === 'misunderstanding' && c.locked).map(c => ({
     id: c.id,
     wrong: c.fields?.wrong || '',
     correct: c.fields?.correct || '',
     key_distinction: c.fields?.key_distinction || '',
-    failure_risk: c.fields?.failure_risk || null,
+    why: c.fields?.why || `What bad judgment results from believing "${(c.fields?.wrong || '').slice(0, 40)}"`,
+    failure_risk: c.fields?.failure_risk || 'No specific failure risk declared',
     applies_when: c.fields?.applies_when || [],
     does_not_apply_when: c.fields?.does_not_apply_when || [],
   }));
-  const selfCheckQuestions = cards.filter(c => c.type === 'self_check' && c.locked).map(c => c.fields?.question || '');
-  const aesthetics = cards.filter(c => c.type === 'aesthetic' && c.locked).map(c => ({ id: c.id, ...c.fields }));
+  const lockedSelfChecks = cards.filter(c => c.type === 'self_check' && c.locked).map(c => c.fields?.question || '');
+  const lockedAesthetics = cards.filter(c => c.type === 'aesthetic' && c.locked).map(c => ({ id: c.id, ...c.fields }));
 
-  const terminology = {
-    standard_terms: [],
-    banned_terms: [],
+  return {
+    meta: makeMeta(project),
+    terminology: {
+      standard_terms: [],
+      banned_terms: [],
+    },
+    misunderstandings: lockedMisunderstandings,
+    self_check: lockedSelfChecks,
+    aesthetics: lockedAesthetics,
   };
-
-  return { terminology, misunderstandings, self_check: selfCheckQuestions, aesthetics };
 }
 
-function compileScenarios(cards) {
+function compileScenarios(cards, project) {
   const locked = cards.filter(c => c.type === 'scenario' && c.locked);
-  if (locked.length === 0) return [];
-  return locked.map(c => ({ id: c.id, ...c.fields }));
+  if (locked.length === 0) return null;
+  return {
+    meta: makeMeta(project),
+    scenes: locked.map(c => ({ id: c.id, ...c.fields })),
+  };
 }
 
-function compileCases(cards) {
+function compileCases(cards, project) {
   const locked = cards.filter(c => c.type === 'case' && c.locked);
-  if (locked.length === 0) return [];
-  return locked.map(c => ({ id: c.id, ...c.fields }));
+  if (locked.length === 0) return null;
+  return {
+    meta: makeMeta(project),
+    cases: locked.map(c => ({ id: c.id, ...c.fields })),
+  };
 }
 
-function compileReasoning(cards) {
-  // Reasoning chains from axiom implications
+function compileReasoning(cards, project) {
   const lockedAxioms = cards.filter(c => c.type === 'axiom' && c.locked);
-  if (lockedAxioms.length === 0) return [];
-  return lockedAxioms.map(ax => ({
-    id: `chain_${ax.id}`,
-    from: ax.fields?.one_sentence || '',
-    logic: [ax.fields?.full_statement || ''],
-    so_what: ax.fields?.why || 'Agent judgment changes when this axiom is loaded.',
-  }));
+  if (lockedAxioms.length === 0) return null;
+  return {
+    meta: makeMeta(project),
+    reasoning_chains: lockedAxioms.map(ax => ({
+      id: `chain_${ax.id}`,
+      one_sentence: ax.fields?.one_sentence || '',
+      logic: [ax.fields?.full_statement || ''],
+      so_what: ax.fields?.why || 'Agent judgment changes when this axiom is loaded.',
+    })),
+  };
 }
 
-function compileEvolution(cards) {
+function compileEvolution(cards, project) {
   const lockedCards = cards.filter(c => c.locked);
-  if (lockedCards.length === 0) return { stages: [], capability_layers: [], measurements: [] };
+  if (lockedCards.length === 0) return null;
 
-  // Build evolution from audit logs
   const stages = [];
   const seenAxioms = new Set();
   for (const card of lockedCards) {
     if (seenAxioms.has(card.id)) continue;
     seenAxioms.add(card.id);
     for (const entry of (card.audit_log || [])) {
-      if (entry.event === 'locked' || entry.event === 'published') {
+      if (entry.event === 'locked') {
         stages.push({
-          card_id: card.id,
-          event: entry.event,
-          at: entry.at,
-          by: entry.by,
+          id: `stage_${card.id}`,
+          name: card.fields?.one_sentence || card.fields?.question || card.id,
+          description: `Card ${card.id} was locked by ${entry.by} at ${entry.at}. Type: ${card.type}.`,
+          indicators: [`${card.type} card locked`, 'Human judgment confirmed'],
         });
       }
     }
   }
 
   return {
-    stages: stages.sort((a, b) => a.at.localeCompare(b.at)),
-    capability_layers: [
-      { layer: 1, name: 'Foundation', description: 'Core axioms and patterns established.' },
+    meta: makeMeta(project),
+    stages: stages.sort((a, b) => a.id.localeCompare(b.id)),
+    evolution_layers: [
+      { id: 'layer_1', name: 'Foundation', capability: 'Core axioms and patterns established.', from_stage: stages[0]?.id || 'none', to_stage: stages[stages.length - 1]?.id || 'none' },
     ],
-    measurements: [
-      { metric: 'locked_axioms', value: lockedCards.filter(c => c.type === 'axiom').length },
-      { metric: 'locked_misunderstandings', value: lockedCards.filter(c => c.type === 'misunderstanding').length },
-      { metric: 'self_checks', value: lockedCards.filter(c => c.type === 'self_check').length },
+    measurement: [
+      { id: 'meas_axioms', what: 'locked_axioms', how: 'Count of locked axiom cards', threshold: `${lockedCards.filter(c => c.type === 'axiom').length}` },
+      { id: 'meas_misunderstandings', what: 'locked_misunderstandings', how: 'Count of locked misunderstanding cards', threshold: `${lockedCards.filter(c => c.type === 'misunderstanding').length}` },
+      { id: 'meas_self_checks', what: 'self_checks', how: 'Count of locked self-check cards', threshold: `${lockedCards.filter(c => c.type === 'self_check').length}` },
     ],
   };
 }
 
-function compileManifest(project) {
-  const lockedCount = (project.cards || []).filter(c => c.locked).length;
-  const cards = project.cards || [];
-  const hasScenarios = cards.some(c => c.type === 'scenario' && c.locked);
-  const hasCases = cards.some(c => c.type === 'case' && c.locked);
-  const fileCount = 2 + (hasScenarios ? 1 : 0) + (hasCases ? 1 : 0) + 2; // Core+Patterns+Reasoning+Evolution (+ Scenarios + Cases)
+function compileManifest(project, files) {
+  const kdnaFileCount = Object.keys(files).filter(f => f.startsWith('KDNA_')).length;
   return {
     kdna_spec: '1.0-rc',
     name: project.name,
@@ -116,31 +147,30 @@ function compileManifest(project) {
     status: 'experimental',
     access: (project.release && project.release.access) || 'open',
     author: project.author || { name: '', id: '' },
-    description: project.name,
-    file_count: 2,
-    created: project.created,
-    updated: project.updated,
+    description: project.release?.description || project.name,
+    file_count: kdnaFileCount,
+    created: project.created || new Date().toISOString().slice(0, 10),
+    updated: project.updated || new Date().toISOString().slice(0, 10),
   };
 }
 
 function compileDomain(project) {
   const cards = project.cards || [];
-  const core = compileCore(cards);
-  const patterns = compilePatterns(cards);
-  const scenarios = compileScenarios(cards);
-  const cases = compileCases(cards);
-  const reasoning = compileReasoning(cards);
-  const evolution = compileEvolution(cards);
-  const manifest = compileManifest(project);
+  const core = compileCore(cards, project);
+  const patterns = compilePatterns(cards, project);
+  const scenarios = compileScenarios(cards, project);
+  const cases = compileCases(cards, project);
+  const reasoning = compileReasoning(cards, project);
+  const evolution = compileEvolution(cards, project);
 
   const files = {};
   files['KDNA_Core.json'] = JSON.stringify(core, null, 2);
   files['KDNA_Patterns.json'] = JSON.stringify(patterns, null, 2);
-  if (scenarios.length > 0) files['KDNA_Scenarios.json'] = JSON.stringify({ scenes: scenarios }, null, 2);
-  if (cases.length > 0) files['KDNA_Cases.json'] = JSON.stringify({ cases }, null, 2);
-  if (reasoning.length > 0) files['KDNA_Reasoning.json'] = JSON.stringify({ chains: reasoning }, null, 2);
-  if (evolution.stages && evolution.stages.length > 0) files['KDNA_Evolution.json'] = JSON.stringify(evolution, null, 2);
-  files['kdna.json'] = JSON.stringify(manifest, null, 2);
+  if (scenarios) files['KDNA_Scenarios.json'] = JSON.stringify(scenarios, null, 2);
+  if (cases) files['KDNA_Cases.json'] = JSON.stringify(cases, null, 2);
+  if (reasoning) files['KDNA_Reasoning.json'] = JSON.stringify(reasoning, null, 2);
+  if (evolution) files['KDNA_Evolution.json'] = JSON.stringify(evolution, null, 2);
+  files['kdna.json'] = JSON.stringify(compileManifest(project, files), null, 2);
 
   const excludedCount = cards.filter(c => !c.locked && !['deprecated'].includes(c.status)).length;
 
@@ -151,7 +181,8 @@ function compileDomain(project) {
       locked_cards: cards.filter(c => c.locked).length,
       excluded_cards: excludedCount,
       deprecated_cards: cards.filter(c => c.status === 'deprecated').length,
-      files_output: Object.keys(files).length,
+      kdna_files: Object.keys(files).filter(f => f.startsWith('KDNA_')).length,
+      total_files: Object.keys(files).length,
     },
   };
 }
@@ -168,12 +199,8 @@ function generateReadme(project, options = {}) {
   const lines = [];
   lines.push(`# ${project.name}`);
   lines.push('');
-  if (options.description) {
-    lines.push(options.description);
-    lines.push('');
-  }
+  if (options.description) { lines.push(options.description); lines.push(''); }
 
-  // Four Questions
   lines.push('## Where it comes from');
   lines.push('');
   lines.push(options.origin || `Domain expertise encoded into ${locked.length} judgment cards through structured interview and human lock.`);
@@ -182,11 +209,7 @@ function generateReadme(project, options = {}) {
   lines.push('## Where it applies');
   lines.push('');
   const appliesWhen = [...new Set(lockedAxioms.flatMap(ax => ax.fields?.applies_when || []))];
-  if (appliesWhen.length > 0) {
-    appliesWhen.forEach(w => lines.push(`- ${w}`));
-  } else {
-    lines.push('- As declared in each axiom\'s applies_when field.');
-  }
+  appliesWhen.length ? appliesWhen.forEach(w => lines.push(`- ${w}`)) : lines.push('- As declared in each axiom\'s applies_when field.');
   lines.push('');
 
   lines.push('## How it is verified');
@@ -200,19 +223,14 @@ function generateReadme(project, options = {}) {
   lines.push('## When it does NOT apply');
   lines.push('');
   const notApply = [...new Set(lockedAxioms.flatMap(ax => ax.fields?.does_not_apply_when || []))];
-  if (notApply.length > 0) {
-    notApply.forEach(w => lines.push(`- ${w}`));
-  }
-  const outOfScope = lockedBoundaries.flatMap(b => [b.fields?.out_of_scope || '']).filter(Boolean);
-  for (const oos of outOfScope) {
+  notApply.forEach(w => lines.push(`- ${w}`));
+  for (const oos of lockedBoundaries.flatMap(b => [b.fields?.out_of_scope || '']).filter(Boolean)) {
     if (!notApply.includes(oos)) lines.push(`- ${oos}`);
   }
   lines.push('');
 
-  // Top Axioms
   if (lockedAxioms.length > 0) {
-    lines.push('## Top Axioms');
-    lines.push('');
+    lines.push('## Top Axioms'); lines.push('');
     lockedAxioms.forEach(ax => {
       lines.push(`- **${ax.fields?.one_sentence || ax.id}**`);
       if (ax.fields?.failure_risk) lines.push(`  - Failure risk: ${ax.fields.failure_risk}`);
@@ -220,10 +238,8 @@ function generateReadme(project, options = {}) {
     lines.push('');
   }
 
-  // Top Misunderstandings
   if (lockedMisunderstandings.length > 0) {
-    lines.push('## Top Misunderstandings');
-    lines.push('');
+    lines.push('## Top Misunderstandings'); lines.push('');
     lockedMisunderstandings.forEach(ms => {
       lines.push(`- WRONG: ${ms.fields?.wrong}`);
       lines.push(`  CORRECT: ${ms.fields?.correct}`);
@@ -231,24 +247,20 @@ function generateReadme(project, options = {}) {
     lines.push('');
   }
 
-  // Self-checks
   if (lockedSelfChecks.length > 0) {
-    lines.push('## Eval Score');
-    lines.push('');
+    lines.push('## Eval Score'); lines.push('');
     lines.push(`- quality_badge: ${tests.filter(t => t.result === 'with_kdna_better').length >= 5 ? 'tested' : 'untested'}`);
     lines.push(`- eval cases: ${tests.length}`);
     lines.push('');
   }
 
-  // Files
-  lines.push('## Files');
-  lines.push('');
-  const fileCount = 2
+  lines.push('## Files'); lines.push('');
+  const kdnaFileCount = 2
     + (cards.filter(c => c.type === 'scenario' && c.locked).length > 0 ? 1 : 0)
     + (cards.filter(c => c.type === 'case' && c.locked).length > 0 ? 1 : 0)
     + (lockedAxioms.length > 0 ? 1 : 0)
-    + (cards.filter(c => c.status === 'locked' || c.status === 'tested').length > 0 ? 1 : 0);
-  lines.push(`${fileCount} KDNA JSON files + evals/ + demo/`);
+    + (locked.length > 0 ? 1 : 0);
+  lines.push(`${kdnaFileCount} KDNA JSON files + evals/ + demo/`);
   lines.push('');
 
   return lines.join('\n');

package/src/packaging/index.js

@@ -1,30 +1,31 @@
 /**
- * Packaging adapter — call kdna-cli for pack, verify, sign, publish operations.
+ * Packaging adapter — secure delegation to kdna-cli.
  *
- * Studio Core does not re-implement these. It provides structured interfaces
- * that delegate to kdna-cli subprocess calls.
+ * All subprocess calls use execFileSync (not execSync with string interpolation)
+ * to prevent command injection. Studio Core calls kdna-cli as the canonical
+ * implementation of pack/verify/sign/publish operations.
  */
 
-const { execSync } = require('child_process');
+const { execFileSync } = require('child_process');
 const path = require('path');
 
 function packDomain(domainDir, outputDir = null) {
   const args = ['pack', domainDir];
   if (outputDir) args.push('--output', outputDir);
-  const result = execSync(`kdna ${args.join(' ')}`, { encoding: 'utf8' });
+  const result = execFileSync('kdna', args, { encoding: 'utf8', timeout: 60000 });
   return { success: true, output: result.trim() };
 }
 
 function packEncryptedDomain(domainDir, licensePath, outputDir = null) {
   const args = ['pack', domainDir, '--encrypt', '--license', licensePath];
   if (outputDir) args.push('--output', outputDir);
-  const result = execSync(`kdna ${args.join(' ')}`, { encoding: 'utf8' });
+  const result = execFileSync('kdna', args, { encoding: 'utf8', timeout: 60000 });
   return { success: true, output: result.trim() };
 }
 
 function verifyDomain(domainPath) {
   try {
-    const result = execSync(`kdna verify ${domainPath} --json`, { encoding: 'utf8' });
+    const result = execFileSync('kdna', ['verify', domainPath, '--json'], { encoding: 'utf8', timeout: 30000 });
     return JSON.parse(result);
   } catch (e) {
     const stdout = (e.stdout || '').toString();
@@ -32,23 +33,28 @@ function verifyDomain(domainPath) {
   }
 }
 
+function validateDomain(domainPath) {
+  try {
+    const result = execFileSync('kdna', ['validate', domainPath], { encoding: 'utf8', timeout: 30000 });
+    return { success: true, output: result.trim() };
+  } catch (e) {
+    return { success: false, error: e.message, stderr: (e.stderr || '').toString() };
+  }
+}
+
 function inspectContainer(filePath) {
   try {
-    const result = execSync(`kdna inspect ${filePath} --json`, { encoding: 'utf8' });
+    const result = execFileSync('kdna', ['inspect', filePath, '--json'], { encoding: 'utf8', timeout: 15000 });
     return JSON.parse(result);
-  } catch {
-    return null;
-  }
+  } catch { return null; }
 }
 
-function signDomain(domainDir, identityDir = null) {
-  // Uses kdna publish --check for signing
-  const args = ['publish', '--check', domainDir];
+function signDomain(domainDir) {
   try {
-    const result = execSync(`kdna ${args.join(' ')}`, { encoding: 'utf8', env: { ...process.env } });
+    const result = execFileSync('kdna', ['publish', '--check', domainDir], { encoding: 'utf8', timeout: 30000 });
     return { success: true, output: result.trim() };
   } catch (e) {
-    return { success: false, error: e.stderr?.toString() || e.message };
+    return { success: false, error: (e.stderr || '').toString() || e.message };
   }
 }
 
@@ -56,18 +62,14 @@ function generateLicense(domain, issuedTo, savePath = null) {
   const args = ['license', 'generate', domain, '--to', issuedTo];
   if (savePath) args.push('--save', savePath);
   try {
-    const result = execSync(`kdna ${args.join(' ')}`, { encoding: 'utf8' });
+    const result = execFileSync('kdna', args, { encoding: 'utf8', timeout: 15000 });
     return { success: true, output: result.trim() };
   } catch (e) {
-    return { success: false, error: e.stderr?.toString() || e.message };
+    return { success: false, error: (e.stderr || '').toString() || e.message };
   }
 }
 
 module.exports = {
-  packDomain,
-  packEncryptedDomain,
-  verifyDomain,
-  inspectContainer,
-  signDomain,
-  generateLicense,
+  packDomain, packEncryptedDomain, verifyDomain, validateDomain,
+  inspectContainer, signDomain, generateLicense,
 };