@aisy/core 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +202 -0
- package/dist/agent-loop/index.d.ts +4 -0
- package/dist/agent-loop/index.d.ts.map +1 -0
- package/dist/agent-loop/index.js +352 -0
- package/dist/agent-loop/index.js.map +1 -0
- package/dist/agent-loop/types.d.ts +183 -0
- package/dist/agent-loop/types.d.ts.map +1 -0
- package/dist/agent-loop/types.js +3 -0
- package/dist/agent-loop/types.js.map +1 -0
- package/dist/bin/aisy.d.ts +3 -0
- package/dist/bin/aisy.d.ts.map +1 -0
- package/dist/bin/aisy.js +14 -0
- package/dist/bin/aisy.js.map +1 -0
- package/dist/cli/index.d.ts +17 -0
- package/dist/cli/index.d.ts.map +1 -0
- package/dist/cli/index.js +114 -0
- package/dist/cli/index.js.map +1 -0
- package/dist/context-engine/index.d.ts +4 -0
- package/dist/context-engine/index.d.ts.map +1 -0
- package/dist/context-engine/index.js +126 -0
- package/dist/context-engine/index.js.map +1 -0
- package/dist/context-engine/types.d.ts +54 -0
- package/dist/context-engine/types.d.ts.map +1 -0
- package/dist/context-engine/types.js +4 -0
- package/dist/context-engine/types.js.map +1 -0
- package/dist/eval/index.d.ts +20 -0
- package/dist/eval/index.d.ts.map +1 -0
- package/dist/eval/index.js +128 -0
- package/dist/eval/index.js.map +1 -0
- package/dist/eval/types.d.ts +62 -0
- package/dist/eval/types.d.ts.map +1 -0
- package/dist/eval/types.js +17 -0
- package/dist/eval/types.js.map +1 -0
- package/dist/gateway/index.d.ts +5 -0
- package/dist/gateway/index.d.ts.map +1 -0
- package/dist/gateway/index.js +288 -0
- package/dist/gateway/index.js.map +1 -0
- package/dist/gateway/types.d.ts +194 -0
- package/dist/gateway/types.d.ts.map +1 -0
- package/dist/gateway/types.js +94 -0
- package/dist/gateway/types.js.map +1 -0
- package/dist/goals/index.d.ts +11 -0
- package/dist/goals/index.d.ts.map +1 -0
- package/dist/goals/index.js +21 -0
- package/dist/goals/index.js.map +1 -0
- package/dist/goals/types.d.ts +47 -0
- package/dist/goals/types.d.ts.map +1 -0
- package/dist/goals/types.js +5 -0
- package/dist/goals/types.js.map +1 -0
- package/dist/index.d.ts +56 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +50 -0
- package/dist/index.js.map +1 -0
- package/dist/mcp/index.d.ts +5 -0
- package/dist/mcp/index.d.ts.map +1 -0
- package/dist/mcp/index.js +215 -0
- package/dist/mcp/index.js.map +1 -0
- package/dist/mcp/types.d.ts +148 -0
- package/dist/mcp/types.d.ts.map +1 -0
- package/dist/mcp/types.js +4 -0
- package/dist/mcp/types.js.map +1 -0
- package/dist/memory/index.d.ts +6 -0
- package/dist/memory/index.d.ts.map +1 -0
- package/dist/memory/index.js +419 -0
- package/dist/memory/index.js.map +1 -0
- package/dist/memory/types.d.ts +131 -0
- package/dist/memory/types.d.ts.map +1 -0
- package/dist/memory/types.js +33 -0
- package/dist/memory/types.js.map +1 -0
- package/dist/nightly/index.d.ts +4 -0
- package/dist/nightly/index.d.ts.map +1 -0
- package/dist/nightly/index.js +470 -0
- package/dist/nightly/index.js.map +1 -0
- package/dist/nightly/types.d.ts +326 -0
- package/dist/nightly/types.d.ts.map +1 -0
- package/dist/nightly/types.js +3 -0
- package/dist/nightly/types.js.map +1 -0
- package/dist/observability/index.d.ts +11 -0
- package/dist/observability/index.d.ts.map +1 -0
- package/dist/observability/index.js +396 -0
- package/dist/observability/index.js.map +1 -0
- package/dist/observability/types.d.ts +139 -0
- package/dist/observability/types.d.ts.map +1 -0
- package/dist/observability/types.js +4 -0
- package/dist/observability/types.js.map +1 -0
- package/dist/onboarding/index.d.ts +16 -0
- package/dist/onboarding/index.d.ts.map +1 -0
- package/dist/onboarding/index.js +787 -0
- package/dist/onboarding/index.js.map +1 -0
- package/dist/onboarding/interactive.d.ts +23 -0
- package/dist/onboarding/interactive.d.ts.map +1 -0
- package/dist/onboarding/interactive.js +45 -0
- package/dist/onboarding/interactive.js.map +1 -0
- package/dist/onboarding/types.d.ts +388 -0
- package/dist/onboarding/types.d.ts.map +1 -0
- package/dist/onboarding/types.js +35 -0
- package/dist/onboarding/types.js.map +1 -0
- package/dist/orchestration/index.d.ts +8 -0
- package/dist/orchestration/index.d.ts.map +1 -0
- package/dist/orchestration/index.js +706 -0
- package/dist/orchestration/index.js.map +1 -0
- package/dist/orchestration/types.d.ts +391 -0
- package/dist/orchestration/types.d.ts.map +1 -0
- package/dist/orchestration/types.js +30 -0
- package/dist/orchestration/types.js.map +1 -0
- package/dist/personality/index.d.ts +65 -0
- package/dist/personality/index.d.ts.map +1 -0
- package/dist/personality/index.js +339 -0
- package/dist/personality/index.js.map +1 -0
- package/dist/personality/types.d.ts +103 -0
- package/dist/personality/types.d.ts.map +1 -0
- package/dist/personality/types.js +15 -0
- package/dist/personality/types.js.map +1 -0
- package/dist/provider/index.d.ts +4 -0
- package/dist/provider/index.d.ts.map +1 -0
- package/dist/provider/index.js +236 -0
- package/dist/provider/index.js.map +1 -0
- package/dist/provider/types.d.ts +180 -0
- package/dist/provider/types.d.ts.map +1 -0
- package/dist/provider/types.js +4 -0
- package/dist/provider/types.js.map +1 -0
- package/dist/runtime/agent-cards.d.ts +14 -0
- package/dist/runtime/agent-cards.d.ts.map +1 -0
- package/dist/runtime/agent-cards.js +90 -0
- package/dist/runtime/agent-cards.js.map +1 -0
- package/dist/runtime/agent-runner.d.ts +30 -0
- package/dist/runtime/agent-runner.d.ts.map +1 -0
- package/dist/runtime/agent-runner.js +37 -0
- package/dist/runtime/agent-runner.js.map +1 -0
- package/dist/runtime/budget.d.ts +15 -0
- package/dist/runtime/budget.d.ts.map +1 -0
- package/dist/runtime/budget.js +24 -0
- package/dist/runtime/budget.js.map +1 -0
- package/dist/runtime/delegation-driver.d.ts +11 -0
- package/dist/runtime/delegation-driver.d.ts.map +1 -0
- package/dist/runtime/delegation-driver.js +132 -0
- package/dist/runtime/delegation-driver.js.map +1 -0
- package/dist/runtime/exact-cache.d.ts +10 -0
- package/dist/runtime/exact-cache.d.ts.map +1 -0
- package/dist/runtime/exact-cache.js +30 -0
- package/dist/runtime/exact-cache.js.map +1 -0
- package/dist/runtime/execute-tool.d.ts +29 -0
- package/dist/runtime/execute-tool.d.ts.map +1 -0
- package/dist/runtime/execute-tool.js +80 -0
- package/dist/runtime/execute-tool.js.map +1 -0
- package/dist/runtime/guardian.d.ts +9 -0
- package/dist/runtime/guardian.d.ts.map +1 -0
- package/dist/runtime/guardian.js +41 -0
- package/dist/runtime/guardian.js.map +1 -0
- package/dist/runtime/hook-gate.d.ts +17 -0
- package/dist/runtime/hook-gate.d.ts.map +1 -0
- package/dist/runtime/hook-gate.js +56 -0
- package/dist/runtime/hook-gate.js.map +1 -0
- package/dist/runtime/memory-adapter.d.ts +6 -0
- package/dist/runtime/memory-adapter.d.ts.map +1 -0
- package/dist/runtime/memory-adapter.js +38 -0
- package/dist/runtime/memory-adapter.js.map +1 -0
- package/dist/runtime/nightly-adapters.d.ts +48 -0
- package/dist/runtime/nightly-adapters.d.ts.map +1 -0
- package/dist/runtime/nightly-adapters.js +139 -0
- package/dist/runtime/nightly-adapters.js.map +1 -0
- package/dist/runtime/nightly-generator.d.ts +10 -0
- package/dist/runtime/nightly-generator.d.ts.map +1 -0
- package/dist/runtime/nightly-generator.js +335 -0
- package/dist/runtime/nightly-generator.js.map +1 -0
- package/dist/runtime/onboarding-node.d.ts +6 -0
- package/dist/runtime/onboarding-node.d.ts.map +1 -0
- package/dist/runtime/onboarding-node.js +356 -0
- package/dist/runtime/onboarding-node.js.map +1 -0
- package/dist/runtime/provider-anthropic.d.ts +43 -0
- package/dist/runtime/provider-anthropic.d.ts.map +1 -0
- package/dist/runtime/provider-anthropic.js +148 -0
- package/dist/runtime/provider-anthropic.js.map +1 -0
- package/dist/runtime/provider-cli.d.ts +18 -0
- package/dist/runtime/provider-cli.d.ts.map +1 -0
- package/dist/runtime/provider-cli.js +73 -0
- package/dist/runtime/provider-cli.js.map +1 -0
- package/dist/runtime/provider-openai.d.ts +30 -0
- package/dist/runtime/provider-openai.d.ts.map +1 -0
- package/dist/runtime/provider-openai.js +114 -0
- package/dist/runtime/provider-openai.js.map +1 -0
- package/dist/runtime/providers.d.ts +43 -0
- package/dist/runtime/providers.d.ts.map +1 -0
- package/dist/runtime/providers.js +72 -0
- package/dist/runtime/providers.js.map +1 -0
- package/dist/runtime/sandbox-bash.d.ts +21 -0
- package/dist/runtime/sandbox-bash.d.ts.map +1 -0
- package/dist/runtime/sandbox-bash.js +51 -0
- package/dist/runtime/sandbox-bash.js.map +1 -0
- package/dist/runtime/scoped-tool-executor.d.ts +10 -0
- package/dist/runtime/scoped-tool-executor.d.ts.map +1 -0
- package/dist/runtime/scoped-tool-executor.js +30 -0
- package/dist/runtime/scoped-tool-executor.js.map +1 -0
- package/dist/runtime/session-log.d.ts +6 -0
- package/dist/runtime/session-log.d.ts.map +1 -0
- package/dist/runtime/session-log.js +54 -0
- package/dist/runtime/session-log.js.map +1 -0
- package/dist/runtime/settings.d.ts +24 -0
- package/dist/runtime/settings.d.ts.map +1 -0
- package/dist/runtime/settings.js +29 -0
- package/dist/runtime/settings.js.map +1 -0
- package/dist/runtime/spawn-plan.d.ts +13 -0
- package/dist/runtime/spawn-plan.d.ts.map +1 -0
- package/dist/runtime/spawn-plan.js +107 -0
- package/dist/runtime/spawn-plan.js.map +1 -0
- package/dist/runtime/spend.d.ts +41 -0
- package/dist/runtime/spend.d.ts.map +1 -0
- package/dist/runtime/spend.js +0 -0
- package/dist/runtime/spend.js.map +1 -0
- package/dist/runtime/sub-agent-runner.d.ts +19 -0
- package/dist/runtime/sub-agent-runner.d.ts.map +1 -0
- package/dist/runtime/sub-agent-runner.js +47 -0
- package/dist/runtime/sub-agent-runner.js.map +1 -0
- package/dist/safety/grants.d.ts +7 -0
- package/dist/safety/grants.d.ts.map +1 -0
- package/dist/safety/grants.js +53 -0
- package/dist/safety/grants.js.map +1 -0
- package/dist/safety/index.d.ts +72 -0
- package/dist/safety/index.d.ts.map +1 -0
- package/dist/safety/index.js +464 -0
- package/dist/safety/index.js.map +1 -0
- package/dist/safety/types.d.ts +254 -0
- package/dist/safety/types.d.ts.map +1 -0
- package/dist/safety/types.js +3 -0
- package/dist/safety/types.js.map +1 -0
- package/dist/skills/index.d.ts +4 -0
- package/dist/skills/index.d.ts.map +1 -0
- package/dist/skills/index.js +463 -0
- package/dist/skills/index.js.map +1 -0
- package/dist/skills/types.d.ts +177 -0
- package/dist/skills/types.d.ts.map +1 -0
- package/dist/skills/types.js +3 -0
- package/dist/skills/types.js.map +1 -0
- package/dist/testing/clock.d.ts +8 -0
- package/dist/testing/clock.d.ts.map +1 -0
- package/dist/testing/clock.js +13 -0
- package/dist/testing/clock.js.map +1 -0
- package/dist/testing/effect-verifier.d.ts +15 -0
- package/dist/testing/effect-verifier.d.ts.map +1 -0
- package/dist/testing/effect-verifier.js +27 -0
- package/dist/testing/effect-verifier.js.map +1 -0
- package/dist/testing/index.d.ts +5 -0
- package/dist/testing/index.d.ts.map +1 -0
- package/dist/testing/index.js +5 -0
- package/dist/testing/index.js.map +1 -0
- package/dist/testing/provider-fake.d.ts +14 -0
- package/dist/testing/provider-fake.d.ts.map +1 -0
- package/dist/testing/provider-fake.js +18 -0
- package/dist/testing/provider-fake.js.map +1 -0
- package/dist/testing/sandbox-stub.d.ts +15 -0
- package/dist/testing/sandbox-stub.d.ts.map +1 -0
- package/dist/testing/sandbox-stub.js +15 -0
- package/dist/testing/sandbox-stub.js.map +1 -0
- package/dist/tools/index.d.ts +11 -0
- package/dist/tools/index.d.ts.map +1 -0
- package/dist/tools/index.js +0 -0
- package/dist/tools/index.js.map +1 -0
- package/dist/tools/types.d.ts +138 -0
- package/dist/tools/types.d.ts.map +1 -0
- package/dist/tools/types.js +4 -0
- package/dist/tools/types.js.map +1 -0
- package/dist/triggers/index.d.ts +4 -0
- package/dist/triggers/index.d.ts.map +1 -0
- package/dist/triggers/index.js +187 -0
- package/dist/triggers/index.js.map +1 -0
- package/dist/triggers/types.d.ts +74 -0
- package/dist/triggers/types.d.ts.map +1 -0
- package/dist/triggers/types.js +5 -0
- package/dist/triggers/types.js.map +1 -0
- package/package.json +36 -0
|
@@ -0,0 +1,396 @@
|
|
|
1
|
+
import { createHash } from 'node:crypto';
|
|
2
|
+
// ---------------------------------------------------------------------------
|
|
3
|
+
// Hashing helper — node:crypto, deterministic over canonical JSON.
|
|
4
|
+
// ---------------------------------------------------------------------------
|
|
5
|
+
function sha256(input) {
|
|
6
|
+
return createHash('sha256').update(input).digest('hex');
|
|
7
|
+
}
|
|
8
|
+
/** Stable JSON: sorts object keys recursively so the hash is order-insensitive. */
|
|
9
|
+
function canonical(value) {
|
|
10
|
+
return JSON.stringify(sortKeys(value));
|
|
11
|
+
}
|
|
12
|
+
function sortKeys(value) {
|
|
13
|
+
if (Array.isArray(value))
|
|
14
|
+
return value.map(sortKeys);
|
|
15
|
+
if (value !== null && typeof value === 'object') {
|
|
16
|
+
const out = {};
|
|
17
|
+
for (const key of Object.keys(value).sort()) {
|
|
18
|
+
out[key] = sortKeys(value[key]);
|
|
19
|
+
}
|
|
20
|
+
return out;
|
|
21
|
+
}
|
|
22
|
+
return value;
|
|
23
|
+
}
|
|
24
|
+
// ---------------------------------------------------------------------------
|
|
25
|
+
// Trace verifier / VerificationRunner (§5.1, ADR-0017, ADR-0026)
|
|
26
|
+
//
|
|
27
|
+
// Deterministic effect matching. The model is never on this path: a step
|
|
28
|
+
// closes only when the injected EffectProbe confirms the declared criterion
|
|
29
|
+
// against the real world. Every failure mode (absent effect, probe throw,
|
|
30
|
+
// unbound probe) is fail-closed → pass:false, never "pass on error" (§7).
|
|
31
|
+
// ---------------------------------------------------------------------------
|
|
32
|
+
export function makeVerificationRunner() {
|
|
33
|
+
return {
|
|
34
|
+
async verify(trace, probe) {
|
|
35
|
+
// Cold start / unbound probe seam (AC-12-23): fail-closed. With no probe
|
|
36
|
+
// bound there is no effect to confirm, so verify() refuses (throws) rather
|
|
37
|
+
// than fabricating a verdict — no step can close. Both throw and pass:false
|
|
38
|
+
// are fail-closed; the contract here is a hard refusal.
|
|
39
|
+
if (probe === null || probe === undefined) {
|
|
40
|
+
throw new Error('effect probe not bound (cold start) — verification fail-closed');
|
|
41
|
+
}
|
|
42
|
+
try {
|
|
43
|
+
switch (trace.kind) {
|
|
44
|
+
case 'file': {
|
|
45
|
+
// pass iff exists === existsExpected AND, when sha256 declared, the
|
|
46
|
+
// content hash matches — content is the effect, not mere presence.
|
|
47
|
+
const observed = await probe.file(trace.path);
|
|
48
|
+
if (observed.exists !== trace.existsExpected) {
|
|
49
|
+
return { pass: false, kind: 'file', observed, reason: `file exists=${observed.exists}, expected ${trace.existsExpected}` };
|
|
50
|
+
}
|
|
51
|
+
if (trace.sha256 !== undefined && observed.sha256 !== trace.sha256) {
|
|
52
|
+
return { pass: false, kind: 'file', observed, reason: `sha256 ${observed.sha256 ?? '<none>'} != declared ${trace.sha256}` };
|
|
53
|
+
}
|
|
54
|
+
return { pass: true, kind: 'file', observed };
|
|
55
|
+
}
|
|
56
|
+
case 'sql': {
|
|
57
|
+
// pass iff the returned row count satisfies the predicate.
|
|
58
|
+
const observed = await probe.sql(trace.query);
|
|
59
|
+
const ok = matchRows(observed.rows, trace.expectRows);
|
|
60
|
+
return ok
|
|
61
|
+
? { pass: true, kind: 'sql', observed }
|
|
62
|
+
: { pass: false, kind: 'sql', observed, reason: `rows ${observed.rows} fails predicate ${JSON.stringify(trace.expectRows)}` };
|
|
63
|
+
}
|
|
64
|
+
case 'http': {
|
|
65
|
+
// pass iff response status equals the expected status.
|
|
66
|
+
const observed = await probe.http(trace.method, trace.url);
|
|
67
|
+
return observed.status === trace.expectStatus
|
|
68
|
+
? { pass: true, kind: 'http', observed }
|
|
69
|
+
: { pass: false, kind: 'http', observed, reason: `status ${observed.status} != expected ${trace.expectStatus}` };
|
|
70
|
+
}
|
|
71
|
+
case 'exit': {
|
|
72
|
+
// pass iff the process exit code equals the expected code.
|
|
73
|
+
const observed = await probe.exit(trace.argv);
|
|
74
|
+
return observed.code === trace.expectCode
|
|
75
|
+
? { pass: true, kind: 'exit', observed }
|
|
76
|
+
: { pass: false, kind: 'exit', observed, reason: `exit ${observed.code} != expected ${trace.expectCode}` };
|
|
77
|
+
}
|
|
78
|
+
}
|
|
79
|
+
}
|
|
80
|
+
catch (err) {
|
|
81
|
+
// §7 dependency-unavailable: probe raised/timed out → trace failed.
|
|
82
|
+
const reason = err instanceof Error ? err.message : String(err);
|
|
83
|
+
return { pass: false, kind: trace.kind, observed: null, reason: `probe error: ${reason}` };
|
|
84
|
+
}
|
|
85
|
+
},
|
|
86
|
+
};
|
|
87
|
+
}
|
|
88
|
+
function matchRows(rows, expect) {
|
|
89
|
+
if (typeof expect === 'number')
|
|
90
|
+
return rows === expect;
|
|
91
|
+
switch (expect.op) {
|
|
92
|
+
case '=': return rows === expect.n;
|
|
93
|
+
case '>': return rows > expect.n;
|
|
94
|
+
case '>=': return rows >= expect.n;
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
// ---------------------------------------------------------------------------
|
|
98
|
+
// Trace linter R1–R5 (§4 data structures, ADR-0026, Eng-5)
|
|
99
|
+
//
|
|
100
|
+
// Runs at plan time, before the gate. The first failing step short-circuits.
|
|
101
|
+
// The gate is never downgraded: a broken plan is a hard rejection (§7).
|
|
102
|
+
// ---------------------------------------------------------------------------
|
|
103
|
+
const VALID_TRACE_KINDS = new Set(['file', 'sql', 'http', 'exit']);
|
|
104
|
+
/** Tier ≥ 2 tools (ADR-0011): any write/send/exec/db/git tool is irreversible. */
|
|
105
|
+
function isTier2Tool(tool) {
|
|
106
|
+
return (/write|send|delete|exec|drop|push/i.test(tool) ||
|
|
107
|
+
/^(git|db|telegram|http|fs)[._]/i.test(tool) ||
|
|
108
|
+
tool === 'bash');
|
|
109
|
+
}
|
|
110
|
+
/** R3 no-op argv: the exit trace asserts nothing about the world. */
|
|
111
|
+
function isNoOpArgv(argv) {
|
|
112
|
+
const cmd = argv[0];
|
|
113
|
+
if (cmd === undefined)
|
|
114
|
+
return true;
|
|
115
|
+
return cmd === 'echo' || cmd === 'true' || cmd === ':' || cmd === 'printf';
|
|
116
|
+
}
|
|
117
|
+
/** R4 self-referential: a file trace pointing at the model's own plan artifact. */
|
|
118
|
+
function isSelfReferentialPath(path) {
|
|
119
|
+
const base = path.split('/').pop() ?? path;
|
|
120
|
+
return base === 'PLAN.md' || base === 'TODO.md';
|
|
121
|
+
}
|
|
122
|
+
export function makeTraceLinter() {
|
|
123
|
+
return {
|
|
124
|
+
lint(plan) {
|
|
125
|
+
// Set of paths produced by some step in the plan. A file trace whose
|
|
126
|
+
// target is in this set asserts a real effect the plan created; a trace
|
|
127
|
+
// whose target is NOT produced by any step only re-asserts a pre-existing
|
|
128
|
+
// file, which proves nothing (R3 vacuous, §4.4).
|
|
129
|
+
const producedPaths = new Set();
|
|
130
|
+
for (const s of plan.steps) {
|
|
131
|
+
if (s.producesPath !== undefined)
|
|
132
|
+
producedPaths.add(s.producesPath);
|
|
133
|
+
}
|
|
134
|
+
for (let i = 0; i < plan.steps.length; i++) {
|
|
135
|
+
const step = plan.steps[i];
|
|
136
|
+
const trace = step.trace;
|
|
137
|
+
// R1 missing — a step has no trace.
|
|
138
|
+
if (trace === undefined || trace === null) {
|
|
139
|
+
return { ok: false, rule: 'R1', stepIndex: i };
|
|
140
|
+
}
|
|
141
|
+
// R5 out-of-enum — kind outside file | sql | http | exit.
|
|
142
|
+
if (!VALID_TRACE_KINDS.has(trace.kind)) {
|
|
143
|
+
return { ok: false, rule: 'R5', stepIndex: i };
|
|
144
|
+
}
|
|
145
|
+
// R2 unflagged-irreversible — Tier ≥ 2 tool but irreversible !== true.
|
|
146
|
+
if (step.irreversible !== true && step.tools.some(isTier2Tool)) {
|
|
147
|
+
return { ok: false, rule: 'R2', stepIndex: i };
|
|
148
|
+
}
|
|
149
|
+
// R4 self-referential — file trace pointing at PLAN.md/TODO.md.
|
|
150
|
+
if (trace.kind === 'file' && isSelfReferentialPath(trace.path)) {
|
|
151
|
+
return { ok: false, rule: 'R4', stepIndex: i };
|
|
152
|
+
}
|
|
153
|
+
// R3 vacuous — the trace asserts nothing about the world.
|
|
154
|
+
if (trace.kind === 'exit' && isNoOpArgv(trace.argv)) {
|
|
155
|
+
return { ok: false, rule: 'R3', stepIndex: i };
|
|
156
|
+
}
|
|
157
|
+
if (trace.kind === 'http' && isLoopback(trace.url) && isReadMethod(trace.method)) {
|
|
158
|
+
return { ok: false, rule: 'R3', stepIndex: i };
|
|
159
|
+
}
|
|
160
|
+
// R3 pre-existing target — a file trace whose path is not produced by any
|
|
161
|
+
// step in the plan re-asserts a file that already existed; verifying
|
|
162
|
+
// something already true proves no effect (§4.4).
|
|
163
|
+
if (trace.kind === 'file' && !producedPaths.has(trace.path)) {
|
|
164
|
+
return { ok: false, rule: 'R3', stepIndex: i };
|
|
165
|
+
}
|
|
166
|
+
}
|
|
167
|
+
return { ok: true };
|
|
168
|
+
},
|
|
169
|
+
};
|
|
170
|
+
}
|
|
171
|
+
function isLoopback(url) {
|
|
172
|
+
return /^https?:\/\/(localhost|127\.0\.0\.1|\[::1\])/i.test(url);
|
|
173
|
+
}
|
|
174
|
+
function isReadMethod(method) {
|
|
175
|
+
return ['GET', 'HEAD'].includes(method.toUpperCase());
|
|
176
|
+
}
|
|
177
|
+
// ---------------------------------------------------------------------------
|
|
178
|
+
// Cycle detector (§4 tool-call signature; ADR-0020)
|
|
179
|
+
//
|
|
180
|
+
// Detects a period-1/2/3 cycle in the trailing window. A cycle "trips" only
|
|
181
|
+
// when it repeats strictly more than `threshold` times (default 3, configurable
|
|
182
|
+
// per §4/§10 and GuardianDeps.tripThreshold) — i.e. the trailing run forming a
|
|
183
|
+
// period-p block is at least p*threshold + 1 long. Shorter periods win first so
|
|
184
|
+
// A-A-A-A is period 1, not a degenerate period-2/3 reading.
|
|
185
|
+
// ---------------------------------------------------------------------------
|
|
186
|
+
const DEFAULT_TRIP_THRESHOLD = 3;
|
|
187
|
+
export function makeCycleDetector(threshold = DEFAULT_TRIP_THRESHOLD) {
|
|
188
|
+
return {
|
|
189
|
+
detect(window) {
|
|
190
|
+
for (const period of [1, 2, 3]) {
|
|
191
|
+
if (matchesPeriod(window, period, threshold))
|
|
192
|
+
return { period };
|
|
193
|
+
}
|
|
194
|
+
return null;
|
|
195
|
+
},
|
|
196
|
+
};
|
|
197
|
+
}
|
|
198
|
+
/** True when the tail of `window` is a period-`p` cycle repeating > `threshold` times. */
|
|
199
|
+
function matchesPeriod(window, p, threshold) {
|
|
200
|
+
// > `threshold` repeats of a length-p block means at least p*threshold + 1
|
|
201
|
+
// trailing elements that are consistent with period p (w[i] === w[i - p]).
|
|
202
|
+
const needed = p * threshold + 1;
|
|
203
|
+
if (window.length < needed)
|
|
204
|
+
return false;
|
|
205
|
+
const start = window.length - needed;
|
|
206
|
+
for (let i = start + p; i < window.length; i++) {
|
|
207
|
+
if (window[i] !== window[i - p])
|
|
208
|
+
return false;
|
|
209
|
+
}
|
|
210
|
+
return true;
|
|
211
|
+
}
|
|
212
|
+
// ---------------------------------------------------------------------------
|
|
213
|
+
// Tool-call signature (§4) — order-insensitive, canonicalized.
|
|
214
|
+
// ---------------------------------------------------------------------------
|
|
215
|
+
function signature(call) {
|
|
216
|
+
return sha256(`${call.name}${canonical(call.args)}`);
|
|
217
|
+
}
|
|
218
|
+
// ---------------------------------------------------------------------------
|
|
219
|
+
// Loop Guardian (§5.2, ADR-0020, Eng-12)
|
|
220
|
+
//
|
|
221
|
+
// Consulted on every tool dispatch. Pushes a signature into a bounded ring
|
|
222
|
+
// window tagged with the current re-plan epoch, then trips on a period-1/2/3
|
|
223
|
+
// cycle repeating > 3 times WITHIN the current epoch. note("replan") advances
|
|
224
|
+
// the epoch (clearing the live window) but never resets a budget — Core owns
|
|
225
|
+
// the monotonic cap (§5.2). On trip the run halts and stays halted; work is
|
|
226
|
+
// never deleted and the Guardian never auto-resumes (AC-12-17). A window that
|
|
227
|
+
// cannot be rebuilt (windowSize 0) fails safe by tripping (AC-12-27).
|
|
228
|
+
// ---------------------------------------------------------------------------
|
|
229
|
+
export function makeLoopGuardian(deps) {
|
|
230
|
+
const windowSize = deps.windowSize ?? 12;
|
|
231
|
+
// Wire the injected trip threshold (cap on full cycle repeats) into the
|
|
232
|
+
// detector; falls back to the default when unset (§4, §10, GuardianDeps).
|
|
233
|
+
const detector = makeCycleDetector(deps.tripThreshold ?? DEFAULT_TRIP_THRESHOLD);
|
|
234
|
+
let window = [];
|
|
235
|
+
let tripped = false;
|
|
236
|
+
// windowSize 0 means the window cannot be rebuilt after a crash; fail-safe.
|
|
237
|
+
const cannotRebuild = windowSize <= 0;
|
|
238
|
+
return {
|
|
239
|
+
observe(call) {
|
|
240
|
+
if (cannotRebuild) {
|
|
241
|
+
// §7 crash recovery: no window to protect with → pause unattended runs.
|
|
242
|
+
return { trip: true };
|
|
243
|
+
}
|
|
244
|
+
// Once halted the Guardian stays halted; it does not auto-resume.
|
|
245
|
+
if (tripped)
|
|
246
|
+
return { trip: true };
|
|
247
|
+
window.push(signature(call));
|
|
248
|
+
if (window.length > windowSize)
|
|
249
|
+
window = window.slice(window.length - windowSize);
|
|
250
|
+
const cycle = detector.detect(window);
|
|
251
|
+
if (cycle !== null) {
|
|
252
|
+
tripped = true;
|
|
253
|
+
// journal `guardian.tripped` with the offending window (best-effort:
|
|
254
|
+
// the journal write is fire-and-forget; the trip verdict is the gate).
|
|
255
|
+
// Swallow the rejection: when the journal is fail-closed (secret set not
|
|
256
|
+
// yet loaded) the forensic note is dropped on purpose — the synchronous
|
|
257
|
+
// trip verdict already halts the loop, and a leaked unhandled rejection
|
|
258
|
+
// would be worse than a missing best-effort log line.
|
|
259
|
+
void deps.journal
|
|
260
|
+
.append('12', 'guardian.tripped', { window: [...window], period: cycle.period })
|
|
261
|
+
.catch(() => { });
|
|
262
|
+
return { trip: true, period: cycle.period };
|
|
263
|
+
}
|
|
264
|
+
return { trip: false };
|
|
265
|
+
},
|
|
266
|
+
note(event) {
|
|
267
|
+
if (event !== 'replan')
|
|
268
|
+
return;
|
|
269
|
+
// Advance the re-plan epoch: clear the live window so signatures from the
|
|
270
|
+
// prior attempt do not count toward a cycle in the new epoch (Eng-12).
|
|
271
|
+
// This is NOT a budget reset and never widens the trip threshold.
|
|
272
|
+
// A latched trip is a permanent STOP signal (ADR-0020, §5.2): once halted
|
|
273
|
+
// the Guardian never auto-resumes, so a re-plan must NOT clear `tripped` —
|
|
274
|
+
// resuming requires an explicit human-confirmation path outside this gate.
|
|
275
|
+
window = [];
|
|
276
|
+
},
|
|
277
|
+
};
|
|
278
|
+
}
|
|
279
|
+
// ---------------------------------------------------------------------------
|
|
280
|
+
// Secret redactor (§5.3, CSO-M3)
|
|
281
|
+
//
|
|
282
|
+
// Strips every known vault secret VALUE from arbitrary structures before the
|
|
283
|
+
// journal persists them. Safe to call before the vault is loaded — it returns
|
|
284
|
+
// the value unchanged but reports isLoaded:false, which makes append()
|
|
285
|
+
// fail-closed so nothing unredacted is ever written (§7).
|
|
286
|
+
// ---------------------------------------------------------------------------
|
|
287
|
+
export function makeSecretRedactor() {
|
|
288
|
+
let loaded = false;
|
|
289
|
+
// The literal value plus every value-derived encoding we strip (§4, §5.3,
|
|
290
|
+
// CSO-M3): raw, base64, URL-encoded, and hex. Precomputed at load time so the
|
|
291
|
+
// redact hot-path is a flat substring sweep, not a per-string re-derivation.
|
|
292
|
+
let needles = [];
|
|
293
|
+
// Derive the strippable encodings for a single secret VALUE. A secret echoed
|
|
294
|
+
// as base64 / URL-encoded / hex must never reach the journal in the clear.
|
|
295
|
+
const encodingsOf = (secret) => [
|
|
296
|
+
secret,
|
|
297
|
+
Buffer.from(secret).toString('base64'),
|
|
298
|
+
encodeURIComponent(secret),
|
|
299
|
+
Buffer.from(secret).toString('hex'),
|
|
300
|
+
];
|
|
301
|
+
const redactString = (s) => {
|
|
302
|
+
let out = s;
|
|
303
|
+
for (const needle of needles) {
|
|
304
|
+
if (needle.length === 0)
|
|
305
|
+
continue;
|
|
306
|
+
out = out.split(needle).join('«redacted»');
|
|
307
|
+
}
|
|
308
|
+
return out;
|
|
309
|
+
};
|
|
310
|
+
const walk = (value) => {
|
|
311
|
+
if (typeof value === 'string')
|
|
312
|
+
return redactString(value);
|
|
313
|
+
if (Array.isArray(value))
|
|
314
|
+
return value.map(walk);
|
|
315
|
+
if (value !== null && typeof value === 'object') {
|
|
316
|
+
const out = {};
|
|
317
|
+
for (const [k, v] of Object.entries(value)) {
|
|
318
|
+
out[k] = walk(v);
|
|
319
|
+
}
|
|
320
|
+
return out;
|
|
321
|
+
}
|
|
322
|
+
return value;
|
|
323
|
+
};
|
|
324
|
+
return {
|
|
325
|
+
redact(value) {
|
|
326
|
+
return walk(value);
|
|
327
|
+
},
|
|
328
|
+
loadVaultValues(next) {
|
|
329
|
+
const acc = [];
|
|
330
|
+
for (const secret of next) {
|
|
331
|
+
if (secret.length === 0)
|
|
332
|
+
continue;
|
|
333
|
+
acc.push(...encodingsOf(secret));
|
|
334
|
+
}
|
|
335
|
+
needles = acc;
|
|
336
|
+
loaded = true;
|
|
337
|
+
},
|
|
338
|
+
get isLoaded() {
|
|
339
|
+
return loaded;
|
|
340
|
+
},
|
|
341
|
+
};
|
|
342
|
+
}
|
|
343
|
+
// ---------------------------------------------------------------------------
|
|
344
|
+
// Append-only journal / AuditLog (§5.3, ADR-0021, CSO-M3)
|
|
345
|
+
//
|
|
346
|
+
// Each append: (1) refuses if the secret set is not loaded (fail-closed,
|
|
347
|
+
// AC-12-21/§7); (2) redacts the payload BEFORE persistence; (3) assigns a
|
|
348
|
+
// gap-free monotonic seq; (4) chains prevHash for tamper-evidence; (5) "fsyncs"
|
|
349
|
+
// — here, commits to the in-memory durable log (the disk lineage is the same
|
|
350
|
+
// shape, ADR-0021). read() verifies the prevHash chain and throws if a tamper
|
|
351
|
+
// breaks it, flagging the run unverifiable (AC-12-22).
|
|
352
|
+
// ---------------------------------------------------------------------------
|
|
353
|
+
const GENESIS_HASH = '0'.repeat(64);
|
|
354
|
+
export function makeAuditLog(deps) {
|
|
355
|
+
const entries = [];
|
|
356
|
+
const entryHash = (e) => sha256(canonical({ seq: e.seq, ts: e.ts, source: e.source, kind: e.kind, prevHash: e.prevHash, payloadHash: e.payloadHash }));
|
|
357
|
+
return {
|
|
358
|
+
async append(source, kind, payload) {
|
|
359
|
+
// Fail-closed: never persist before the known-secret set is loaded, so an
|
|
360
|
+
// unredacted value can never touch the log (CSO-M3, AC-12-21, AC-12-23).
|
|
361
|
+
if (!deps.secretRedactor.isLoaded) {
|
|
362
|
+
throw new Error('journal append refused: secret set not loaded (fail-closed)');
|
|
363
|
+
}
|
|
364
|
+
// Redact BEFORE persistence — an unredacted payload never reaches storage.
|
|
365
|
+
const redacted = deps.secretRedactor.redact(payload);
|
|
366
|
+
const seq = entries.length + 1; // monotonic, gap-free per session
|
|
367
|
+
const prev = entries[entries.length - 1];
|
|
368
|
+
const prevHash = prev ? entryHash(prev) : GENESIS_HASH;
|
|
369
|
+
const entry = {
|
|
370
|
+
seq,
|
|
371
|
+
ts: deps.clock.now(),
|
|
372
|
+
source,
|
|
373
|
+
kind,
|
|
374
|
+
prevHash,
|
|
375
|
+
payloadHash: sha256(canonical(redacted)),
|
|
376
|
+
payload: redacted,
|
|
377
|
+
};
|
|
378
|
+
entries.push(entry); // commit (fsync in the disk lineage)
|
|
379
|
+
return entry;
|
|
380
|
+
},
|
|
381
|
+
read(filter) {
|
|
382
|
+
// Tamper-evidence: verify the prevHash chain on read. A broken link flags
|
|
383
|
+
// the run unverifiable rather than silently accepting it (AC-12-22, §7).
|
|
384
|
+
let expectedPrev = GENESIS_HASH;
|
|
385
|
+
for (const e of entries) {
|
|
386
|
+
if (e.prevHash !== expectedPrev) {
|
|
387
|
+
throw new Error(`journal chain broken at seq ${e.seq}: run is unverifiable from this point`);
|
|
388
|
+
}
|
|
389
|
+
expectedPrev = entryHash(e);
|
|
390
|
+
}
|
|
391
|
+
return entries.filter(e => (filter.kind === undefined || e.kind === filter.kind) &&
|
|
392
|
+
(filter.since === undefined || e.seq >= filter.since));
|
|
393
|
+
},
|
|
394
|
+
};
|
|
395
|
+
}
|
|
396
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/observability/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAA;AAoDxC,8EAA8E;AAC9E,mEAAmE;AACnE,8EAA8E;AAE9E,SAAS,MAAM,CAAC,KAAa;IAC3B,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;AACzD,CAAC;AAED,mFAAmF;AACnF,SAAS,SAAS,CAAC,KAAc;IAC/B,OAAO,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAA;AACxC,CAAC;AAED,SAAS,QAAQ,CAAC,KAAc;IAC9B,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;IACpD,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAChD,MAAM,GAAG,GAA4B,EAAE,CAAA;QACvC,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,KAAgC,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC;YACvE,GAAG,CAAC,GAAG,CAAC,GAAG,QAAQ,CAAE,KAAiC,CAAC,GAAG,CAAC,CAAC,CAAA;QAC9D,CAAC;QACD,OAAO,GAAG,CAAA;IACZ,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC;AAED,8EAA8E;AAC9E,iEAAiE;AACjE,EAAE;AACF,yEAAyE;AACzE,4EAA4E;AAC5E,0EAA0E;AAC1E,0EAA0E;AAC1E,8EAA8E;AAE9E,MAAM,UAAU,sBAAsB;IACpC,OAAO;QACL,KAAK,CAAC,MAAM,CAAC,KAAwB,EAAE,KAAkB;YACvD,yEAAyE;YACzE,2EAA2E;YAC3E,4EAA4E;YAC5E,wDAAwD;YACxD,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;gBAC1C,MAAM,IAAI,KAAK,CAAC,gEAAgE,CAAC,CAAA;YACnF,CAAC;YACD,IAAI,CAAC;gBACH,QAAQ,KAAK,CAAC,IAAI,EAAE,CAAC;oBACnB,KAAK,MAAM,CAAC,CAAC,CAAC;wBACZ,oEAAoE;wBACpE,mEAAmE;wBACnE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;wBAC7C,IAAI,QAAQ,CAAC,MAAM,KAAK,KAAK,CAAC,cAAc,EAAE,CAAC;4BAC7C,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,eAAe,QAAQ,CAAC,MAAM,cAAc,KAAK,CAAC,cAAc,EAAE,EAAE,CAAA;wBAC5H,CAAC;wBACD,IAAI,KAAK,CAAC,MAAM,KAAK,SAAS,IAAI,QAAQ,CAAC,MAAM,KAAK,KAAK,CAAC,MAAM,EAAE,CAAC;4BACnE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,QAAQ,CAAC,MAAM,IAAI,QAAQ,gBAAgB,KAAK,CAAC,MAAM,EAAE,EAAE,CAAA;wBAC7H,CAAC;wBACD,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAA;oBAC/C,CAAC;oBACD,KAAK,KAAK,CAAC,CAAC,CAAC;wBACX,2DAA2D;wBAC3D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;wBAC7C,MAAM,EAAE,GAAG,SAAS,CAAC,QAAQ,CAAC,IAAI,EAAE,KAAK,CAAC,UAAU,CAAC,CAAA;wBACrD,OAAO,EAAE;4BACP,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE;4BACvC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,QAAQ,CAAC,IAAI,oBAAoB,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,EAAE,CAAA;oBACjI,CAAC;oBACD,KAAK,MAAM,CAAC,CAAC,CAAC;wBACZ,uDAAuD;wBACvD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,CAAC,GAAG,CAAC,CAAA;wBAC1D,OAAO,QAAQ,CAAC,MAAM,KAAK,KAAK,CAAC,YAAY;4BAC3C,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE;4BACxC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,QAAQ,CAAC,MAAM,gBAAgB,KAAK,CAAC,YAAY,EAAE,EAAE,CAAA;oBACpH,CAAC;oBACD,KAAK,MAAM,CAAC,CAAC,CAAC;wBACZ,2DAA2D;wBAC3D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;wBAC7C,OAAO,QAAQ,CAAC,IAAI,KAAK,KAAK,CAAC,UAAU;4BACvC,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE;4BACxC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,QAAQ,CAAC,IAAI,gBAAgB,KAAK,CAAC,UAAU,EAAE,EAAE,CAAA;oBAC9G,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,oEAAoE;gBACpE,MAAM,MAAM,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAA;gBAC/D,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,gBAAgB,MAAM,EAAE,EAAE,CAAA;YAC5F,CAAC;QACH,CAAC;KACF,CAAA;AACH,CAAC;AAED,SAAS,SAAS,CAAC,IAAY,EAAE,MAAoD;IACnF,IAAI,OAAO,MAAM,KAAK,QAAQ;QAAE,OAAO,IAAI,KAAK,MAAM,CAAA;IACtD,QAAQ,MAAM,CAAC,EAAE,EAAE,CAAC;QAClB,KAAK,GAAG,CAAC,CAAC,OAAO,IAAI,KAAK,MAAM,CAAC,CAAC,CAAA;QAClC,KAAK,GAAG,CAAC,CAAC,OAAO,IAAI,GAAG,MAAM,CAAC,CAAC,CAAA;QAChC,KAAK,IAAI,CAAC,CAAC,OAAO,IAAI,IAAI,MAAM,CAAC,CAAC,CAAA;IACpC,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,2DAA2D;AAC3D,EAAE;AACF,6EAA6E;AAC7E,wEAAwE;AACxE,8EAA8E;AAE9E,MAAM,iBAAiB,GAAwB,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC,CAAA;AAEvF,kFAAkF;AAClF,SAAS,WAAW,CAAC,IAAY;IAC/B,OAAO,CACL,mCAAmC,CAAC,IAAI,CAAC,IAAI,CAAC;QAC9C,iCAAiC,CAAC,IAAI,CAAC,IAAI,CAAC;QAC5C,IAAI,KAAK,MAAM,CAChB,CAAA;AACH,CAAC;AAED,qEAAqE;AACrE,SAAS,UAAU,CAAC,IAAc;IAChC,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAA;IACnB,IAAI,GAAG,KAAK,SAAS;QAAE,OAAO,IAAI,CAAA;IAClC,OAAO,GAAG,KAAK,MAAM,IAAI,GAAG,KAAK,MAAM,IAAI,GAAG,KAAK,GAAG,IAAI,GAAG,KAAK,QAAQ,CAAA;AAC5E,CAAC;AAED,mFAAmF;AACnF,SAAS,qBAAqB,CAAC,IAAY;IACzC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,IAAI,CAAA;IAC1C,OAAO,IAAI,KAAK,SAAS,IAAI,IAAI,KAAK,SAAS,CAAA;AACjD,CAAC;AAED,MAAM,UAAU,eAAe;IAC7B,OAAO;QACL,IAAI,CAAC,IAAmC;YACtC,qEAAqE;YACrE,wEAAwE;YACxE,0EAA0E;YAC1E,iDAAiD;YACjD,MAAM,aAAa,GAAG,IAAI,GAAG,EAAU,CAAA;YACvC,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;gBAC3B,IAAI,CAAC,CAAC,YAAY,KAAK,SAAS;oBAAE,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC,CAAA;YACrE,CAAC;YAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAE,CAAA;gBAC3B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAA;gBAExB,oCAAoC;gBACpC,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;oBAC1C,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,EAAE,CAAA;gBAChD,CAAC;gBACD,0DAA0D;gBAC1D,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAE,KAA0B,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC7D,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,EAAE,CAAA;gBAChD,CAAC;gBACD,uEAAuE;gBACvE,IAAI,IAAI,CAAC,YAAY,KAAK,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;oBAC/D,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,EAAE,CAAA;gBAChD,CAAC;gBACD,gEAAgE;gBAChE,IAAI,KAAK,CAAC,IAAI,KAAK,MAAM,IAAI,qBAAqB,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC/D,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,EAAE,CAAA;gBAChD,CAAC;gBACD,0DAA0D;gBAC1D,IAAI,KAAK,CAAC,IAAI,KAAK,MAAM,IAAI,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;oBACpD,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,EAAE,CAAA;gBAChD,CAAC;gBACD,IAAI,KAAK,CAAC,IAAI,KAAK,MAAM,IAAI,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;oBACjF,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,EAAE,CAAA;gBAChD,CAAC;gBACD,0EAA0E;gBAC1E,qEAAqE;gBACrE,kDAAkD;gBAClD,IAAI,KAAK,CAAC,IAAI,KAAK,MAAM,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC5D,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,EAAE,CAAA;gBAChD,CAAC;YACH,CAAC;YACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAA;QACrB,CAAC;KACF,CAAA;AACH,CAAC;AAED,SAAS,UAAU,CAAC,GAAW;IAC7B,OAAO,+CAA+C,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;AAClE,CAAC;AAED,SAAS,YAAY,CAAC,MAAc;IAClC,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAA;AACvD,CAAC;AAED,8EAA8E;AAC9E,oDAAoD;AACpD,EAAE;AACF,4EAA4E;AAC5E,gFAAgF;AAChF,+EAA+E;AAC/E,gFAAgF;AAChF,4DAA4D;AAC5D,8EAA8E;AAE9E,MAAM,sBAAsB,GAAG,CAAC,CAAA;AAEhC,MAAM,UAAU,iBAAiB,CAAC,YAAoB,sBAAsB;IAC1E,OAAO;QACL,MAAM,CAAC,MAAgB;YACrB,KAAK,MAAM,MAAM,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,CAAC,CAAU,EAAE,CAAC;gBACxC,IAAI,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,SAAS,CAAC;oBAAE,OAAO,EAAE,MAAM,EAAE,CAAA;YACjE,CAAC;YACD,OAAO,IAAI,CAAA;QACb,CAAC;KACF,CAAA;AACH,CAAC;AAED,0FAA0F;AAC1F,SAAS,aAAa,CAAC,MAAgB,EAAE,CAAY,EAAE,SAAiB;IACtE,2EAA2E;IAC3E,2EAA2E;IAC3E,MAAM,MAAM,GAAG,CAAC,GAAG,SAAS,GAAG,CAAC,CAAA;IAChC,IAAI,MAAM,CAAC,MAAM,GAAG,MAAM;QAAE,OAAO,KAAK,CAAA;IACxC,MAAM,KAAK,GAAG,MAAM,CAAC,MAAM,GAAG,MAAM,CAAA;IACpC,KAAK,IAAI,CAAC,GAAG,KAAK,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC/C,IAAI,MAAM,CAAC,CAAC,CAAC,KAAK,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC;YAAE,OAAO,KAAK,CAAA;IAC/C,CAAC;IACD,OAAO,IAAI,CAAA;AACb,CAAC;AAED,8EAA8E;AAC9E,+DAA+D;AAC/D,8EAA8E;AAE9E,SAAS,SAAS,CAAC,IAAc;IAC/B,OAAO,MAAM,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;AACvD,CAAC;AAED,8EAA8E;AAC9E,yCAAyC;AACzC,EAAE;AACF,2EAA2E;AAC3E,6EAA6E;AAC7E,8EAA8E;AAC9E,6EAA6E;AAC7E,4EAA4E;AAC5E,8EAA8E;AAC9E,sEAAsE;AACtE,8EAA8E;AAE9E,MAAM,UAAU,gBAAgB,CAAC,IAAkB;IACjD,MAAM,UAAU,GAAG,IAAI,CAAC,UAAU,IAAI,EAAE,CAAA;IACxC,wEAAwE;IACxE,0EAA0E;IAC1E,MAAM,QAAQ,GAAG,iBAAiB,CAAC,IAAI,CAAC,aAAa,IAAI,sBAAsB,CAAC,CAAA;IAChF,IAAI,MAAM,GAAa,EAAE,CAAA;IACzB,IAAI,OAAO,GAAG,KAAK,CAAA;IAEnB,4EAA4E;IAC5E,MAAM,aAAa,GAAG,UAAU,IAAI,CAAC,CAAA;IAErC,OAAO;QACL,OAAO,CAAC,IAAc;YACpB,IAAI,aAAa,EAAE,CAAC;gBAClB,wEAAwE;gBACxE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAA;YACvB,CAAC;YACD,kEAAkE;YAClE,IAAI,OAAO;gBAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAA;YAElC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAA;YAC5B,IAAI,MAAM,CAAC,MAAM,GAAG,UAAU;gBAAE,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,GAAG,UAAU,CAAC,CAAA;YAEjF,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,CAAA;YACrC,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;gBACnB,OAAO,GAAG,IAAI,CAAA;gBACd,qEAAqE;gBACrE,uEAAuE;gBACvE,yEAAyE;gBACzE,wEAAwE;gBACxE,wEAAwE;gBACxE,sDAAsD;gBACtD,KAAK,IAAI,CAAC,OAAO;qBACd,MAAM,CAAC,IAAI,EAAE,kBAAkB,EAAE,EAAE,MAAM,EAAE,CAAC,GAAG,MAAM,CAAC,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC;qBAC/E,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAA;gBAClB,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,CAAA;YAC7C,CAAC;YACD,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAA;QACxB,CAAC;QAED,IAAI,CAAC,KAAe;YAClB,IAAI,KAAK,KAAK,QAAQ;gBAAE,OAAM;YAC9B,0EAA0E;YAC1E,uEAAuE;YACvE,kEAAkE;YAClE,0EAA0E;YAC1E,2EAA2E;YAC3E,2EAA2E;YAC3E,MAAM,GAAG,EAAE,CAAA;QACb,CAAC;KACF,CAAA;AACH,CAAC;AAED,8EAA8E;AAC9E,iCAAiC;AACjC,EAAE;AACF,6EAA6E;AAC7E,8EAA8E;AAC9E,uEAAuE;AACvE,0DAA0D;AAC1D,8EAA8E;AAE9E,MAAM,UAAU,kBAAkB;IAChC,IAAI,MAAM,GAAG,KAAK,CAAA;IAClB,0EAA0E;IAC1E,8EAA8E;IAC9E,6EAA6E;IAC7E,IAAI,OAAO,GAAa,EAAE,CAAA;IAE1B,6EAA6E;IAC7E,2EAA2E;IAC3E,MAAM,WAAW,GAAG,CAAC,MAAc,EAAY,EAAE,CAAC;QAChD,MAAM;QACN,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;QACtC,kBAAkB,CAAC,MAAM,CAAC;QAC1B,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC;KACpC,CAAA;IAED,MAAM,YAAY,GAAG,CAAC,CAAS,EAAU,EAAE;QACzC,IAAI,GAAG,GAAG,CAAC,CAAA;QACX,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;gBAAE,SAAQ;YACjC,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QAC5C,CAAC;QACD,OAAO,GAAG,CAAA;IACZ,CAAC,CAAA;IAED,MAAM,IAAI,GAAG,CAAC,KAAc,EAAW,EAAE;QACvC,IAAI,OAAO,KAAK,KAAK,QAAQ;YAAE,OAAO,YAAY,CAAC,KAAK,CAAC,CAAA;QACzD,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;QAChD,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAChD,MAAM,GAAG,GAA4B,EAAE,CAAA;YACvC,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAgC,CAAC,EAAE,CAAC;gBACtE,GAAG,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC,CAAA;YAClB,CAAC;YACD,OAAO,GAAG,CAAA;QACZ,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC,CAAA;IAED,OAAO;QACL,MAAM,CAAI,KAAQ;YAChB,OAAO,IAAI,CAAC,KAAK,CAAM,CAAA;QACzB,CAAC;QACD,eAAe,CAAC,IAAyB;YACvC,MAAM,GAAG,GAAa,EAAE,CAAA;YACxB,KAAK,MAAM,MAAM,IAAI,IAAI,EAAE,CAAC;gBAC1B,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;oBAAE,SAAQ;gBACjC,GAAG,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAA;YAClC,CAAC;YACD,OAAO,GAAG,GAAG,CAAA;YACb,MAAM,GAAG,IAAI,CAAA;QACf,CAAC;QACD,IAAI,QAAQ;YACV,OAAO,MAAM,CAAA;QACf,CAAC;KACF,CAAA;AACH,CAAC;AAED,8EAA8E;AAC9E,0DAA0D;AAC1D,EAAE;AACF,yEAAyE;AACzE,0EAA0E;AAC1E,gFAAgF;AAChF,6EAA6E;AAC7E,8EAA8E;AAC9E,uDAAuD;AACvD,8EAA8E;AAE9E,MAAM,YAAY,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAA;AAEnC,MAAM,UAAU,YAAY,CAAC,IAAkB;IAC7C,MAAM,OAAO,GAAmB,EAAE,CAAA;IAElC,MAAM,SAAS,GAAG,CAAC,CAAe,EAAU,EAAE,CAC5C,MAAM,CAAC,SAAS,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,WAAW,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAA;IAE/H,OAAO;QACL,KAAK,CAAC,MAAM,CAAC,MAAc,EAAE,IAAY,EAAE,OAAgB;YACzD,0EAA0E;YAC1E,yEAAyE;YACzE,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,CAAC;gBAClC,MAAM,IAAI,KAAK,CAAC,6DAA6D,CAAC,CAAA;YAChF,CAAC;YACD,2EAA2E;YAC3E,MAAM,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;YACpD,MAAM,GAAG,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,CAAA,CAAC,kCAAkC;YACjE,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;YACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,YAAY,CAAA;YACtD,MAAM,KAAK,GAAiB;gBAC1B,GAAG;gBACH,EAAE,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE;gBACpB,MAAM;gBACN,IAAI;gBACJ,QAAQ;gBACR,WAAW,EAAE,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;gBACxC,OAAO,EAAE,QAAQ;aAClB,CAAA;YACD,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA,CAAC,qCAAqC;YACzD,OAAO,KAAK,CAAA;QACd,CAAC;QAED,IAAI,CAAC,MAAqB;YACxB,0EAA0E;YAC1E,yEAAyE;YACzE,IAAI,YAAY,GAAG,YAAY,CAAA;YAC/B,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;gBACxB,IAAI,CAAC,CAAC,QAAQ,KAAK,YAAY,EAAE,CAAC;oBAChC,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAC,GAAG,uCAAuC,CAAC,CAAA;gBAC9F,CAAC;gBACD,YAAY,GAAG,SAAS,CAAC,CAAC,CAAC,CAAA;YAC7B,CAAC;YACD,OAAO,OAAO,CAAC,MAAM,CACnB,CAAC,CAAC,EAAE,CACF,CAAC,MAAM,CAAC,IAAI,KAAK,SAAS,IAAI,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,IAAI,CAAC;gBACrD,CAAC,MAAM,CAAC,KAAK,KAAK,SAAS,IAAI,CAAC,CAAC,GAAG,IAAI,MAAM,CAAC,KAAK,CAAC,CACxD,CAAA;QACH,CAAC;KACF,CAAA;AACH,CAAC"}
|
|
@@ -0,0 +1,139 @@
|
|
|
1
|
+
export type { VerificationTrace, VerificationTraceFile, VerificationTraceSQL, VerificationTraceHTTP, VerificationTraceExit, ToolCall, LoopGuardian, Clock, } from '../agent-loop/types.js';
|
|
2
|
+
export interface TraceResult {
|
|
3
|
+
pass: boolean;
|
|
4
|
+
kind: "file" | "sql" | "http" | "exit";
|
|
5
|
+
/** The real observed value (hash, row count, status, exit code) — redacted at journal sink */
|
|
6
|
+
observed: unknown;
|
|
7
|
+
/** Why it failed, for the human-facing card */
|
|
8
|
+
reason?: string;
|
|
9
|
+
}
|
|
10
|
+
/**
|
|
11
|
+
* Deterministic effect probe.
|
|
12
|
+
* Production: touches the real world.
|
|
13
|
+
* Tests: fake implementation scripted to report an absent effect (Eng-11 seam).
|
|
14
|
+
*/
|
|
15
|
+
export interface EffectProbe {
|
|
16
|
+
file(path: string): Promise<{
|
|
17
|
+
exists: boolean;
|
|
18
|
+
sha256?: string;
|
|
19
|
+
}> | {
|
|
20
|
+
exists: boolean;
|
|
21
|
+
sha256?: string;
|
|
22
|
+
};
|
|
23
|
+
sql(query: string): Promise<{
|
|
24
|
+
rows: number;
|
|
25
|
+
}> | {
|
|
26
|
+
rows: number;
|
|
27
|
+
};
|
|
28
|
+
http(method: string, url: string): Promise<{
|
|
29
|
+
status: number;
|
|
30
|
+
}> | {
|
|
31
|
+
status: number;
|
|
32
|
+
};
|
|
33
|
+
exit(argv: string[]): Promise<{
|
|
34
|
+
code: number;
|
|
35
|
+
}> | {
|
|
36
|
+
code: number;
|
|
37
|
+
};
|
|
38
|
+
}
|
|
39
|
+
export interface TraceVerifier {
|
|
40
|
+
/** Runs the probe via the injected EffectProbe and matches against the declared trace. */
|
|
41
|
+
verify(trace: import('../agent-loop/types.js').VerificationTrace, probe: EffectProbe): Promise<TraceResult>;
|
|
42
|
+
}
|
|
43
|
+
export type LintRule = "R1" | "R2" | "R3" | "R4" | "R5";
|
|
44
|
+
export type LintResult = {
|
|
45
|
+
ok: true;
|
|
46
|
+
} | {
|
|
47
|
+
ok: false;
|
|
48
|
+
rule: LintRule;
|
|
49
|
+
stepIndex: number;
|
|
50
|
+
};
|
|
51
|
+
export interface LintablePlanStep {
|
|
52
|
+
trace?: import('../agent-loop/types.js').VerificationTrace;
|
|
53
|
+
irreversible: boolean;
|
|
54
|
+
tools: string[];
|
|
55
|
+
producesPath?: string;
|
|
56
|
+
}
|
|
57
|
+
export interface TraceLinter {
|
|
58
|
+
/**
|
|
59
|
+
* Returns { ok: true } when all steps pass R1–R5.
|
|
60
|
+
* Returns { ok: false, rule, stepIndex } on the first failing step.
|
|
61
|
+
* R1 – missing trace
|
|
62
|
+
* R2 – Tier ≥ 2 tool but irreversible !== true
|
|
63
|
+
* R3 – vacuous trace (no-op argv, loopback http, already-existing non-produced path)
|
|
64
|
+
* R4 – self-referential trace (points at PLAN.md/TODO.md or the step's own prose)
|
|
65
|
+
* R5 – out-of-enum kind
|
|
66
|
+
*/
|
|
67
|
+
lint(plan: {
|
|
68
|
+
steps: LintablePlanStep[];
|
|
69
|
+
}): LintResult;
|
|
70
|
+
}
|
|
71
|
+
export interface JournalEntry {
|
|
72
|
+
/** Monotonic, gap-free per session */
|
|
73
|
+
seq: number;
|
|
74
|
+
/** ISO timestamp from injected Clock; never on any cached prefix */
|
|
75
|
+
ts: string;
|
|
76
|
+
/** Component id: "01".."12" */
|
|
77
|
+
source: string;
|
|
78
|
+
/** e.g. "step.verified" | "guardian.tripped" | "decision" | "verify.pass" | "verify.fail" */
|
|
79
|
+
kind: string;
|
|
80
|
+
/** Hash of previous entry for tamper-evidence chaining */
|
|
81
|
+
prevHash: string;
|
|
82
|
+
/** Hash of the payload */
|
|
83
|
+
payloadHash: string;
|
|
84
|
+
/** Already secret-redacted before append() returns */
|
|
85
|
+
payload: unknown;
|
|
86
|
+
}
|
|
87
|
+
export interface JournalFilter {
|
|
88
|
+
sessionId?: string;
|
|
89
|
+
kind?: string;
|
|
90
|
+
/** Inclusive lower bound on seq */
|
|
91
|
+
since?: number;
|
|
92
|
+
}
|
|
93
|
+
export interface Journal {
|
|
94
|
+
/** Redacts payload, chains prevHash, fsyncs. Throws when secret set not loaded. */
|
|
95
|
+
append(source: string, kind: string, payload: unknown): Promise<JournalEntry>;
|
|
96
|
+
read(filter: JournalFilter): JournalEntry[];
|
|
97
|
+
}
|
|
98
|
+
export interface AuditLogDeps {
|
|
99
|
+
clock: import('../agent-loop/types.js').Clock;
|
|
100
|
+
secretRedactor: SecretRedactor;
|
|
101
|
+
}
|
|
102
|
+
/** Alias for external callers that prefer the AuditLog name */
|
|
103
|
+
export type AuditLog = Journal;
|
|
104
|
+
export interface SecretRedactor {
|
|
105
|
+
/**
|
|
106
|
+
* Strips every known vault secret VALUE (and value-derived encodings) from arbitrary structures.
|
|
107
|
+
* Safe to call before the vault is loaded — returns value unchanged but tracks that
|
|
108
|
+
* no vault set is loaded, causing append() to fail-closed.
|
|
109
|
+
*/
|
|
110
|
+
redact<T>(value: T): T;
|
|
111
|
+
/** Called by Safety (05) at start and on vault changes */
|
|
112
|
+
loadVaultValues(values: ReadonlySet<string>): void;
|
|
113
|
+
/** True once loadVaultValues has been called at least once */
|
|
114
|
+
readonly isLoaded: boolean;
|
|
115
|
+
}
|
|
116
|
+
export interface GuardianDeps {
|
|
117
|
+
/** Size of the bounded sliding window (default 12) */
|
|
118
|
+
windowSize?: number;
|
|
119
|
+
/** Trip threshold — how many full cycle repeats trigger a halt (default 3) */
|
|
120
|
+
tripThreshold?: number;
|
|
121
|
+
journal: Journal;
|
|
122
|
+
}
|
|
123
|
+
export interface VerificationRunner {
|
|
124
|
+
verify(trace: import('../agent-loop/types.js').VerificationTrace, probe: EffectProbe): Promise<TraceResult>;
|
|
125
|
+
}
|
|
126
|
+
export interface TraceEntry {
|
|
127
|
+
traceId: string;
|
|
128
|
+
stepIndex: number;
|
|
129
|
+
trace: import('../agent-loop/types.js').VerificationTrace;
|
|
130
|
+
result: TraceResult;
|
|
131
|
+
ts: string;
|
|
132
|
+
}
|
|
133
|
+
export interface CycleDetector {
|
|
134
|
+
/** Returns the detected period (1, 2, or 3) if a cycle of that length repeats > threshold times, else null */
|
|
135
|
+
detect(window: string[]): {
|
|
136
|
+
period: 1 | 2 | 3;
|
|
137
|
+
} | null;
|
|
138
|
+
}
|
|
139
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/observability/types.ts"],"names":[],"mappings":"AAIA,YAAY,EACV,iBAAiB,EACjB,qBAAqB,EACrB,oBAAoB,EACpB,qBAAqB,EACrB,qBAAqB,EACrB,QAAQ,EACR,YAAY,EACZ,KAAK,GACN,MAAM,wBAAwB,CAAA;AAI/B,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,OAAO,CAAA;IACb,IAAI,EAAE,MAAM,GAAG,KAAK,GAAG,MAAM,GAAG,MAAM,CAAA;IACtC,8FAA8F;IAC9F,QAAQ,EAAE,OAAO,CAAA;IACjB,+CAA+C;IAC/C,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB;AAED;;;;GAIG;AACH,MAAM,WAAW,WAAW;IAC1B,IAAI,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,MAAM,EAAE,OAAO,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC,GAAG;QAAE,MAAM,EAAE,OAAO,CAAC;QAAC,MAAM,CAAC,EAAE,MAAM,CAAA;KAAE,CAAA;IACxG,GAAG,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,GAAG;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,CAAA;IAChE,IAAI,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,GAAG;QAAE,MAAM,EAAE,MAAM,CAAA;KAAE,CAAA;IACnF,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,GAAG;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,CAAA;CACnE;AAED,MAAM,WAAW,aAAa;IAC5B,0FAA0F;IAC1F,MAAM,CAAC,KAAK,EAAE,OAAO,wBAAwB,EAAE,iBAAiB,EAAE,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,WAAW,CAAC,CAAA;CAC5G;AAID,MAAM,MAAM,QAAQ,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,CAAA;AAEvD,MAAM,MAAM,UAAU,GAClB;IAAE,EAAE,EAAE,IAAI,CAAA;CAAE,GACZ;IAAE,EAAE,EAAE,KAAK,CAAC;IAAC,IAAI,EAAE,QAAQ,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,CAAA;AAEpD,MAAM,WAAW,gBAAgB;IAC/B,KAAK,CAAC,EAAE,OAAO,wBAAwB,EAAE,iBAAiB,CAAA;IAC1D,YAAY,EAAE,OAAO,CAAA;IACrB,KAAK,EAAE,MAAM,EAAE,CAAA;IACf,YAAY,CAAC,EAAE,MAAM,CAAA;CACtB;AAED,MAAM,WAAW,WAAW;IAC1B;;;;;;;;OAQG;IACH,IAAI,CAAC,IAAI,EAAE;QAAE,KAAK,EAAE,gBAAgB,EAAE,CAAA;KAAE,GAAG,UAAU,CAAA;CACtD;AAID,MAAM,WAAW,YAAY;IAC3B,sCAAsC;IACtC,GAAG,EAAE,MAAM,CAAA;IACX,oEAAoE;IACpE,EAAE,EAAE,MAAM,CAAA;IACV,+BAA+B;IAC/B,MAAM,EAAE,MAAM,CAAA;IACd,6FAA6F;IAC7F,IAAI,EAAE,MAAM,CAAA;IACZ,0DAA0D;IAC1D,QAAQ,EAAE,MAAM,CAAA;IAChB,0BAA0B;IAC1B,WAAW,EAAE,MAAM,CAAA;IACnB,sDAAsD;IACtD,OAAO,EAAE,OAAO,CAAA;CACjB;AAED,MAAM,WAAW,aAAa;IAC5B,SAAS,CAAC,EAAE,MAAM,CAAA;IAClB,IAAI,CAAC,EAAE,MAAM,CAAA;IACb,mCAAmC;IACnC,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AAED,MAAM,WAAW,OAAO;IACtB,mFAAmF;IACnF,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,OAAO,CAAC,YAAY,CAAC,CAAA;IAC7E,IAAI,CAAC,MAAM,EAAE,aAAa,GAAG,YAAY,EAAE,CAAA;CAC5C;AAED,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,OAAO,wBAAwB,EAAE,KAAK,CAAA;IAC7C,cAAc,EAAE,cAAc,CAAA;CAC/B;AAED,+DAA+D;AAC/D,MAAM,MAAM,QAAQ,GAAG,OAAO,CAAA;AAI9B,MAAM,WAAW,cAAc;IAC7B;;;;OAIG;IACH,MAAM,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,GAAG,CAAC,CAAA;IACtB,0DAA0D;IAC1D,eAAe,CAAC,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,GAAG,IAAI,CAAA;IAClD,8DAA8D;IAC9D,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAA;CAC3B;AAKD,MAAM,WAAW,YAAY;IAC3B,sDAAsD;IACtD,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,8EAA8E;IAC9E,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,OAAO,EAAE,OAAO,CAAA;CACjB;AAID,MAAM,WAAW,kBAAkB;IACjC,MAAM,CACJ,KAAK,EAAE,OAAO,wBAAwB,EAAE,iBAAiB,EACzD,KAAK,EAAE,WAAW,GACjB,OAAO,CAAC,WAAW,CAAC,CAAA;CACxB;AAID,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,MAAM,CAAA;IACf,SAAS,EAAE,MAAM,CAAA;IACjB,KAAK,EAAE,OAAO,wBAAwB,EAAE,iBAAiB,CAAA;IACzD,MAAM,EAAE,WAAW,CAAA;IACnB,EAAE,EAAE,MAAM,CAAA;CACX;AAID,MAAM,WAAW,aAAa;IAC5B,8GAA8G;IAC9G,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,GAAG;QAAE,MAAM,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAA;KAAE,GAAG,IAAI,CAAA;CACvD"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/observability/types.ts"],"names":[],"mappings":"AAAA,gDAAgD;AAChD,4DAA4D"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
import type { OnboardingOps, OnboardingDeps, InSessionCommands, InSessionDeps, BootstrapFlow, CardPort, Clock } from './types.js';
|
|
2
|
+
export type { OnboardingOps, OnboardingDeps, InSessionCommands, InSessionDeps, InitResult, InitOutcome, InitStep, DoctorReport, DoctorCheck, DoctorDomain, CheckStatus, CheckSeverity, StatusReport, UsageReport, UsagePeriod, ContextBreakdown, ContextItem, BootstrapFlow, BootstrapState, BootstrapSpan, RouteTier, CostChargedEvent, PendingAction, Clock, FsPort, PrereqPort, CredentialValidators, MemoryPort, VaultPort, SandboxProbe, McpProbe, NightlyPort, CostTelemetryPort, ContextInventoryPort, EventSink, CardPort, ProviderCatalogEntry, ProviderSelection, ProvidersConfig, ProvidersOutPort, ProvidersInPort, } from './types.js';
|
|
3
|
+
export { REQUIRED_ENV_KEYS, SCAFFOLD_FILES, MEMORY_TREE_FILES, MEMORY_TREE_DIRS, } from './types.js';
|
|
4
|
+
export declare function makeOnboardingOps(deps: OnboardingDeps): OnboardingOps;
|
|
5
|
+
export declare function makeInSessionCommands(deps: InSessionDeps): InSessionCommands;
|
|
6
|
+
export interface BootstrapFlowDeps {
|
|
7
|
+
card: CardPort;
|
|
8
|
+
clock: Clock;
|
|
9
|
+
/** Ordered required setup steps (e.g. agent-name, persona, autonomy, budget). */
|
|
10
|
+
steps: string[];
|
|
11
|
+
events?: {
|
|
12
|
+
emit(event: string, payload?: unknown): void;
|
|
13
|
+
};
|
|
14
|
+
}
|
|
15
|
+
export declare function makeBootstrapFlow(deps: BootstrapFlowDeps): BootstrapFlow;
|
|
16
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/onboarding/index.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EACV,aAAa,EACb,cAAc,EACd,iBAAiB,EACjB,aAAa,EAWb,aAAa,EAGb,QAAQ,EACR,KAAK,EAKN,MAAM,YAAY,CAAA;AAKnB,YAAY,EACV,aAAa,EACb,cAAc,EACd,iBAAiB,EACjB,aAAa,EACb,UAAU,EACV,WAAW,EACX,QAAQ,EACR,YAAY,EACZ,WAAW,EACX,YAAY,EACZ,WAAW,EACX,aAAa,EACb,YAAY,EACZ,WAAW,EACX,WAAW,EACX,gBAAgB,EAChB,WAAW,EACX,aAAa,EACb,cAAc,EACd,aAAa,EACb,SAAS,EACT,gBAAgB,EAChB,aAAa,EAEb,KAAK,EACL,MAAM,EACN,UAAU,EACV,oBAAoB,EACpB,UAAU,EACV,SAAS,EACT,YAAY,EACZ,QAAQ,EACR,WAAW,EACX,iBAAiB,EACjB,oBAAoB,EACpB,SAAS,EACT,QAAQ,EACR,oBAAoB,EACpB,iBAAiB,EACjB,eAAe,EACf,gBAAgB,EAChB,eAAe,GAChB,MAAM,YAAY,CAAA;AACnB,OAAO,EACL,iBAAiB,EACjB,cAAc,EACd,iBAAiB,EACjB,gBAAgB,GACjB,MAAM,YAAY,CAAA;AAuBnB,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,cAAc,GAAG,aAAa,CA8oBrE;AAiBD,wBAAgB,qBAAqB,CAAC,IAAI,EAAE,aAAa,GAAG,iBAAiB,CAiF5E;AAQD,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,QAAQ,CAAA;IACd,KAAK,EAAE,KAAK,CAAA;IACZ,iFAAiF;IACjF,KAAK,EAAE,MAAM,EAAE,CAAA;IACf,MAAM,CAAC,EAAE;QAAE,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,OAAO,GAAG,IAAI,CAAA;KAAE,CAAA;CAC1D;AAED,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,iBAAiB,GAAG,aAAa,CAmDxE"}
|