npm - @aria_asi/cli - Versions diffs - 0.2.32 → 0.2.33 - Mend

@aria_asi/cli 0.2.32 → 0.2.33

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (51) hide show

package/dist/aria-connector/src/connectors/codebase-awareness.d.ts +8 -1
package/dist/aria-connector/src/connectors/codebase-awareness.d.ts.map +1 -1
package/dist/aria-connector/src/connectors/codebase-awareness.js +126 -71
package/dist/aria-connector/src/connectors/codebase-awareness.js.map +1 -1
package/dist/aria-connector/src/connectors/codex.d.ts.map +1 -1
package/dist/aria-connector/src/connectors/codex.js +51 -0
package/dist/aria-connector/src/connectors/codex.js.map +1 -1
package/dist/aria-connector/src/setup-wizard.d.ts.map +1 -1
package/dist/aria-connector/src/setup-wizard.js +91 -24
package/dist/aria-connector/src/setup-wizard.js.map +1 -1
package/dist/assets/hooks/aria-harness-via-sdk.mjs +10 -5
package/dist/assets/hooks/aria-pre-tool-gate.mjs +19 -0
package/dist/assets/hooks/aria-stop-gate.mjs +27 -2
package/dist/assets/hooks/lib/domain-output-quality.mjs +103 -0
package/dist/assets/hooks/lib/skill-autoload-gate.mjs +1 -0
package/dist/assets/opencode-plugins/harness-gate/index.js +67 -3
package/dist/assets/opencode-plugins/harness-gate/lib/skill-autoload-gate.js +1 -0
package/dist/assets/opencode-plugins/harness-outcome/index.js +39 -0
package/dist/assets/opencode-plugins/harness-stop/index.js +61 -1
package/dist/assets/opencode-plugins/harness-stop/lib/domain-output-quality.js +103 -0
package/dist/assets/opencode-plugins/harness-stop/lib/skill-autoload-gate.js +1 -0
package/dist/runtime/codex-bridge.mjs +71 -8
package/dist/runtime/harness-daemon.mjs +50 -2
package/dist/runtime/manifest.json +1 -1
package/dist/runtime/sdk/BUNDLED.json +1 -1
package/dist/runtime/sdk/index.d.ts +9 -0
package/dist/runtime/sdk/index.js +23 -1
package/dist/runtime/sdk/index.js.map +1 -1
package/dist/runtime/service.mjs +339 -10
package/dist/sdk/BUNDLED.json +1 -1
package/dist/sdk/index.d.ts +9 -0
package/dist/sdk/index.js +23 -1
package/dist/sdk/index.js.map +1 -1
package/hooks/aria-harness-via-sdk.mjs +10 -5
package/hooks/aria-pre-tool-gate.mjs +19 -0
package/hooks/aria-stop-gate.mjs +27 -2
package/hooks/lib/domain-output-quality.mjs +103 -0
package/hooks/lib/skill-autoload-gate.mjs +1 -0
package/opencode-plugins/harness-gate/index.js +67 -3
package/opencode-plugins/harness-gate/lib/skill-autoload-gate.js +1 -0
package/opencode-plugins/harness-outcome/index.js +39 -0
package/opencode-plugins/harness-stop/index.js +61 -1
package/opencode-plugins/harness-stop/lib/domain-output-quality.js +103 -0
package/opencode-plugins/harness-stop/lib/skill-autoload-gate.js +1 -0
package/package.json +1 -1
package/runtime-src/codex-bridge.mjs +71 -8
package/runtime-src/harness-daemon.mjs +50 -2
package/runtime-src/service.mjs +339 -10
package/src/connectors/codebase-awareness.ts +141 -77
package/src/connectors/codex.ts +51 -0
package/src/setup-wizard.ts +105 -25

package/runtime-src/service.mjs CHANGED Viewed

@@ -68,6 +68,7 @@ const OFFLINE_BUNDLE_PATH = join(STATE_DIR, 'offline-policy-bundle.enc');
 const RUNTIME_META_PATH = join(STATE_DIR, 'runtime-meta.json');
 const AUTONOMY_STATE_PATH = join(STATE_DIR, 'autonomy.json');
 const COGNITION_STATE_PATH = join(STATE_DIR, 'cognition-state.enc');
+const HIVE_FILE_LEASES_PATH = join(STATE_DIR, 'hive-file-leases.json');
 const REVOCATION_LOCK_PATH = join(STATE_DIR, 'revoked.json');
 const CONFIG_PATH = join(process.env.HOME || '', '.aria', 'config.json');
 const CODEBASE_AWARENESS_STATE_PATH = join(process.env.HOME || '', '.aria', 'codebase-awareness-state.json');
@@ -906,6 +907,248 @@ function writeJsonFile(filePath, payload, mode = 0o600) {
   writeFileSync(filePath, JSON.stringify(payload, null, 2) + '\n', { mode });
 }
+function readHiveFileLeaseState() {
+  const state = readJsonFile(HIVE_FILE_LEASES_PATH, { leases: [] });
+  return {
+    leases: Array.isArray(state.leases) ? state.leases : [],
+  };
+}
+function writeHiveFileLeaseState(state) {
+  writeJsonFile(HIVE_FILE_LEASES_PATH, {
+    updatedAt: new Date().toISOString(),
+    leases: Array.isArray(state.leases) ? state.leases : [],
+  });
+}
+function normalizeLeasePath(value) {
+  const raw = String(value || '').trim();
+  if (!raw) return '';
+  return raw.replace(/\\/g, '/').replace(/\/+/g, '/');
+}
+function pathsOverlap(left, right) {
+  const a = normalizeLeasePath(left);
+  const b = normalizeLeasePath(right);
+  if (!a || !b) return false;
+  return a === b || a.startsWith(`${b}/`) || b.startsWith(`${a}/`);
+}
+function coerceTargetFiles(body) {
+  const files = [];
+  const push = (value) => {
+    const normalized = normalizeLeasePath(value);
+    if (normalized && !files.includes(normalized)) files.push(normalized);
+  };
+  if (Array.isArray(body.files)) body.files.forEach(push);
+  if (Array.isArray(body.targetFiles)) body.targetFiles.forEach(push);
+  if (typeof body.filePath === 'string') push(body.filePath);
+  if (typeof body.target === 'string') {
+    try {
+      const parsed = JSON.parse(body.target);
+      if (typeof parsed?.filePath === 'string') push(parsed.filePath);
+      if (Array.isArray(parsed?.files)) parsed.files.forEach(push);
+      if (Array.isArray(parsed?.targetFiles)) parsed.targetFiles.forEach(push);
+    } catch {}
+  }
+  return files;
+}
+function extractVerifyText(body) {
+  const candidates = [body.verifyText, body.verifyBlock, body.text, body.target];
+  for (const candidate of candidates) {
+    if (typeof candidate === 'string' && candidate.trim()) return candidate;
+  }
+  return '';
+}
+function actionRequiresExplicitVerify(action, body) {
+  if (body.requireVerify === true) return true;
+  return /^(?:delete|deploy|db_mutation|infra_mutation)$/i.test(String(action || ''));
+}
+function buildObservedVerify(action, files, sessionId, roleProfile) {
+  const observations = files.slice(0, 12).map((filePath) => {
+    try {
+      const stats = statSync(filePath);
+      return {
+        path: filePath,
+        exists: true,
+        isFile: stats.isFile(),
+        isDirectory: stats.isDirectory(),
+        size: stats.size,
+        mtimeMs: stats.mtimeMs,
+      };
+    } catch {
+      return { path: filePath, exists: false };
+    }
+  });
+  return {
+    target: files,
+    role: roleProfile || 'unknown',
+    verified: [
+      'runtime observed target file metadata before action',
+      'Hive file lease check completed before mutation',
+    ],
+    observations,
+    rollback: 'Use VCS diff or prior file snapshot for rollback; no destructive rollback was inferred by runtime.',
+    axiom: 'truth_over_deception/no_harm/sacred_trust/reflection_before_action',
+    sessionId,
+    action,
+  };
+}
+function acquireHiveFileLease({ sessionId, actor, roleProfile, action, files, ttlMs = 120000 }) {
+  const now = Date.now();
+  const expiresAt = new Date(now + ttlMs).toISOString();
+  const normalizedFiles = files.map(normalizeLeasePath).filter(Boolean);
+  const state = readHiveFileLeaseState();
+  const activeLeases = state.leases.filter((lease) => Date.parse(lease.expiresAt || '') > now);
+  const conflicts = activeLeases.filter((lease) => {
+    if (lease.sessionId === sessionId) return false;
+    const leaseFiles = Array.isArray(lease.files) ? lease.files : [];
+    return normalizedFiles.some((file) => leaseFiles.some((leaseFile) => pathsOverlap(file, leaseFile)));
+  });
+  if (conflicts.length > 0) {
+    writeHiveFileLeaseState({ leases: activeLeases });
+    return {
+      status: 'blocked',
+      leaseId: null,
+      expiresAt: null,
+      conflicts: conflicts.map((lease) => ({
+        leaseId: lease.leaseId,
+        sessionId: lease.sessionId,
+        actor: lease.actor,
+        roleProfile: lease.roleProfile,
+        action: lease.action,
+        files: lease.files,
+        expiresAt: lease.expiresAt,
+      })),
+    };
+  }
+  const existing = activeLeases.filter((lease) => lease.sessionId !== sessionId);
+  const lease = {
+    leaseId: `hive_lease_${randomUUID()}`,
+    sessionId,
+    actor: actor || 'unknown',
+    roleProfile: roleProfile || 'unknown',
+    action,
+    files: normalizedFiles,
+    grantedAt: new Date(now).toISOString(),
+    expiresAt,
+  };
+  writeHiveFileLeaseState({ leases: [...existing, lease] });
+  return { status: 'granted', leaseId: lease.leaseId, expiresAt, conflicts: [] };
+}
+function releaseHiveFileLease(sessionId, files = []) {
+  const normalizedFiles = files.map(normalizeLeasePath).filter(Boolean);
+  const state = readHiveFileLeaseState();
+  const now = Date.now();
+  const leases = state.leases.filter((lease) => {
+    if (Date.parse(lease.expiresAt || '') <= now) return false;
+    if (lease.sessionId !== sessionId) return true;
+    if (normalizedFiles.length === 0) return false;
+    const leaseFiles = Array.isArray(lease.files) ? lease.files : [];
+    return !normalizedFiles.some((file) => leaseFiles.some((leaseFile) => pathsOverlap(file, leaseFile)));
+  });
+  writeHiveFileLeaseState({ leases });
+  return { released: state.leases.length - leases.length, active: leases.length };
+}
+function validateVerifyAndHive({ req, body, action }) {
+  const sessionId = deriveSessionId(req, body, 'runtime-action');
+  const files = coerceTargetFiles(body);
+  const roleProfile = body.roleProfile || body.role_profile || body?.metadata?.roleProfile || body?.metadata?.role_profile || null;
+  const actor = body.actor || body?.metadata?.actor || req.headers['x-aria-actor'] || 'runtime-client';
+  const explicitVerifyRequired = actionRequiresExplicitVerify(action, body);
+  const verifyText = extractVerifyText(body);
+  const hasVerifyBlock = VERIFY_BLOCK_RX.test(verifyText);
+  const canUseObservedVerify = !explicitVerifyRequired && files.length > 0 && /^(?:write|edit|bash)$/i.test(String(action || ''));
+  if (explicitVerifyRequired && !hasVerifyBlock) {
+    return {
+      allowed: false,
+      reason: 'verify block required before this high-risk action. Include <verify> with target, role, verified, rollback, and axiom.',
+      requiredGates: ['verify-block'],
+      verify: { status: 'missing', required: true },
+      hive: { status: 'not_checked', conflicts: [] },
+    };
+  }
+  if (!hasVerifyBlock && !canUseObservedVerify && explicitVerifyRequired) {
+    return {
+      allowed: false,
+      reason: 'verify block required before mutation, or target files must be provided so runtime can perform observed verification.',
+      requiredGates: ['verify-block-or-observed-target-files'],
+      verify: { status: 'missing', required: true },
+      hive: { status: 'not_checked', conflicts: [] },
+    };
+  }
+  if (!hasVerifyBlock && !canUseObservedVerify && files.length === 0) {
+    return {
+      allowed: true,
+      reason: 'no target files supplied for Hive lease; remote action gate will still evaluate the action',
+      requiredGates: [],
+      verify: { status: 'skipped', required: false },
+      hive: { status: 'skipped', leaseId: null, expiresAt: null, conflicts: [] },
+    };
+  }
+  const hive = files.length > 0
+    ? acquireHiveFileLease({ sessionId, actor, roleProfile, action, files })
+    : { status: 'skipped', leaseId: null, expiresAt: null, conflicts: [] };
+  if (hive.status === 'blocked') {
+    const verify = hasVerifyBlock
+      ? { status: 'provided', required: explicitVerifyRequired }
+      : { status: 'observed', required: false, block: buildObservedVerify(action, files, sessionId, roleProfile) };
+    const queued = enqueueAutonomyJob({
+      kind: 'tool_lane:queued_action',
+      surface: 'tool_lane',
+      sessionId,
+      priority: 15,
+      message: 'Tool lane contention queued this action instead of failing it.',
+      payload: { action, files, verify },
+      metadata: {
+        actor,
+        roleProfile,
+        conflicts: hive.conflicts,
+        recovery: {
+          mode: 'queued_not_failed',
+          reason: 'overlapping_hive_file_lease',
+          next: 'Retry when the overlapping Hive lease expires or a tool-lane worker claims this queued action.',
+        },
+      },
+    });
+    return {
+      allowed: false,
+      queued: true,
+      queue: {
+        jobId: queued.job.jobId,
+        kind: queued.job.kind,
+        status: queued.job.status,
+        queueDepth: queued.stats.queued,
+      },
+      reason: `Tool lane queued this action because another active session is editing overlapping file(s): ${hive.conflicts.map((c) => `${c.sessionId}:${(c.files || []).join(',')}`).join(' | ')}`,
+      requiredGates: ['hive-file-lease'],
+      verify,
+      hive,
+    };
+  }
+  return {
+    allowed: true,
+    reason: 'verify and Hive pre-action checks passed',
+    requiredGates: [],
+    verify: hasVerifyBlock ? { status: 'provided', required: explicitVerifyRequired } : { status: 'observed', required: false, block: buildObservedVerify(action, files, sessionId, roleProfile) },
+    hive,
+  };
+}
 function ensureRuntimeMeta() {
   const existing = readJsonFile(RUNTIME_META_PATH, null);
   if (existing?.runtimeId) return existing;
@@ -972,6 +1215,33 @@ function queueStats(state) {
   };
 }
+function enqueueAutonomyJob(jobDef) {
+  const state = sweepAutonomyState(loadAutonomyState());
+  const now = new Date().toISOString();
+  const job = {
+    jobId: randomUUID(),
+    kind: jobDef.kind,
+    surface: jobDef.surface || 'tool_lane',
+    sessionId: jobDef.sessionId || null,
+    payload: jobDef.payload || {},
+    metadata: jobDef.metadata || {},
+    priority: Number.isFinite(Number(jobDef.priority)) ? Number(jobDef.priority) : 25,
+    status: 'queued',
+    attempts: 0,
+    maxAttempts: Number.isFinite(Number(jobDef.maxAttempts)) ? Number(jobDef.maxAttempts) : 3,
+    createdAt: now,
+    updatedAt: now,
+    workerId: null,
+    claimedAt: null,
+    claimExpiresAt: null,
+    progress: [{ at: now, status: 'queued', message: jobDef.message || 'Queued for tool lane execution.' }],
+    garden: null,
+  };
+  state.jobs.push(job);
+  saveAutonomyState(state);
+  return { job, stats: queueStats(state) };
+}
 function asJsonPayload(value) {
   if (value == null) return null;
   if (typeof value === 'string') {
@@ -1459,7 +1729,7 @@ function buildOwnerBypassPacket(message, reason = 'owner-local-bypass') {
 }
 async function loadRuntimePacket(req, body, client, packetRequest, message) {
-  if (body.packet) return body.packet;
+  if (body.packet) return enrichPacketWithCodebaseSnapshot(body.packet);
   const apiKey = resolveApiKey(req, body);
   ensureOfflineBundleSeeded(apiKey, leaseCache.get(hashKey(apiKey)) || loadEncryptedLease(apiKey));
   try {
@@ -1474,7 +1744,7 @@ async function loadRuntimePacket(req, body, client, packetRequest, message) {
       doctrineBundleHash: lease?.claims?.doctrine_bundle_hash || null,
       lastUpstreamError: null,
     });
-    return packet;
+    return enrichPacketWithCodebaseSnapshot(packet);
   } catch (error) {
     const bundle = ensureOfflineBundleSeeded(apiKey, leaseCache.get(hashKey(apiKey)) || loadEncryptedLease(apiKey)) || loadEncryptedOfflineBundle(apiKey);
     const bundleStatus = computeOfflineBundleStatus(bundle);
@@ -1486,19 +1756,52 @@ async function loadRuntimePacket(req, body, client, packetRequest, message) {
           lastUpstreamError: error instanceof Error ? error.message : String(error),
           lastUpstreamOkAt: bundle.lastUpstreamOkAt || bundle.cachedAt || new Date().toISOString(),
         });
-        return fallbackPacket;
+        return enrichPacketWithCodebaseSnapshot(fallbackPacket);
       }
     }
     if (!isOwnerBypassRequest(req, body)) {
       throw error;
     }
-    return buildOwnerBypassPacket(
+    return enrichPacketWithCodebaseSnapshot(buildOwnerBypassPacket(
       message || packetRequest?.message || '',
       error instanceof Error ? error.message : 'owner-local-bypass',
-    );
+    ));
   }
 }
+function enrichPacketWithCodebaseSnapshot(packet) {
+  if (!packet || typeof packet !== 'object') return packet;
+  const codebase = compactCodebaseSnapshot();
+  return {
+    ...packet,
+    runtime: {
+      ...(packet.runtime && typeof packet.runtime === 'object' ? packet.runtime : {}),
+      codebase_awareness: codebase,
+    },
+  };
+}
+function buildMizanPacketRequest(body = {}) {
+  const context = body.context && typeof body.context === 'object' ? body.context : body;
+  const existing = body.packetRequest && typeof body.packetRequest === 'object' ? body.packetRequest : {};
+  const message = String(
+    context.message ||
+    context.intendedAction ||
+    body.message ||
+    body.text ||
+    ''
+  );
+  const platform = String(context.platform || context.surface || body.platform || body.client || 'mounted-runtime');
+  return {
+    stage: 'preflight',
+    actor: String(context.actor || platform || 'mizan'),
+    system: String(context.system || platform || 'aria-mounted-runtime'),
+    platform,
+    message,
+    ...existing,
+  };
+}
 async function buildRuntimeTurnContext(req, body, client) {
   const sessionId = deriveSessionId(req, body, body.provider === 'anthropic' ? 'anthropic' : 'openai');
   const userId = deriveUserId(req, body);
@@ -2100,6 +2403,8 @@ function compactCodebaseSnapshot() {
     ? config.schemaImages
     : {};
   const repoSnapshots = Array.isArray(awareness.repoSnapshots) ? awareness.repoSnapshots : [];
+  const heartbeatAt = awareness?.daemon?.heartbeatAt || null;
+  const heartbeatAgeMs = heartbeatAt ? Date.now() - Date.parse(heartbeatAt) : null;
   return {
     repositories: repositories.slice(0, 6).map((repo) => ({
       name: repo?.name || null,
@@ -2112,6 +2417,8 @@ function compactCodebaseSnapshot() {
     awareness: {
       status: awareness.status || 'idle',
       updatedAt: awareness.updatedAt || null,
+      daemon: awareness.daemon || null,
+      stale: typeof heartbeatAgeMs === 'number' ? heartbeatAgeMs > 120000 : true,
       repoSnapshots: repoSnapshots.slice(0, 4).map((repo) => ({
         repoName: repo?.repoName || repo?.name || null,
         filesIndexed: repo?.filesIndexed || repo?.fileCount || null,
@@ -3365,7 +3672,8 @@ async function handleRoute(req, res) {
     if (url.pathname === '/phase/pre' || url.pathname === '/mizan/pre') {
       const apiKey = resolveApiKey(req, body);
-      const packet = body.packet || await client.getHarnessPacket(body.packetRequest || {});
+      const packetRequest = buildMizanPacketRequest(body);
+      const packet = body.packet || await loadRuntimePacket(req, body, client, packetRequest, packetRequest.message || body.text || '');
       const bundle = evaluateMizanPre(packet, body.context || body, {
         sessionId: body.sessionId || body.context?.sessionId || deriveSessionId(req, body, 'mizan-pre'),
         runtimeId: ensureRuntimeMeta().runtimeId,
@@ -3385,7 +3693,8 @@ async function handleRoute(req, res) {
     if (url.pathname === '/phase/mid' || url.pathname === '/mizan/mid') {
       const apiKey = resolveApiKey(req, body);
-      const packet = body.packet || null;
+      const packetRequest = buildMizanPacketRequest(body);
+      const packet = body.packet || await loadRuntimePacket(req, body, client, packetRequest, packetRequest.message || body.message || '');
       const bundle = evaluateMizanMid(body.message || '', body.plannedApproach || '', packet, body.context || body, {
         sessionId: body.sessionId || body.context?.sessionId || deriveSessionId(req, body, 'mizan-mid'),
         runtimeId: ensureRuntimeMeta().runtimeId,
@@ -3405,7 +3714,8 @@ async function handleRoute(req, res) {
     if (url.pathname === '/phase/post' || url.pathname === '/mizan/post') {
       const apiKey = resolveApiKey(req, body);
-      const packet = body.packet || null;
+      const packetRequest = buildMizanPacketRequest(body);
+      const packet = body.packet || await loadRuntimePacket(req, body, client, packetRequest, packetRequest.message || body.text || '');
       const bundle = evaluateMizanPost(body.text || '', body.evidence || {}, packet, body.context || body, {
         sessionId: body.sessionId || body.context?.sessionId || deriveSessionId(req, body, 'mizan-post'),
         runtimeId: ensureRuntimeMeta().runtimeId,
@@ -3595,8 +3905,27 @@ async function handleRoute(req, res) {
     }
     if (url.pathname === '/check-action') {
-      const result = await client.checkAction(body.action, body.target || '');
-      return json(res, 200, { ok: true, ...result });
+      const action = body.action || 'write';
+      const localGate = validateVerifyAndHive({ req, body, action });
+      if (!localGate.allowed) {
+        return json(res, 200, { ok: true, allowed: false, ...localGate });
+      }
+      let result;
+      try {
+        result = await client.checkAction(action, body.target || '');
+      } catch (error) {
+        releaseHiveFileLease(deriveSessionId(req, body, 'runtime-action'), coerceTargetFiles(body));
+        throw error;
+      }
+      if (result?.allowed === false) {
+        releaseHiveFileLease(deriveSessionId(req, body, 'runtime-action'), coerceTargetFiles(body));
+      }
+      return json(res, 200, { ok: true, ...result, verify: localGate.verify, hive: localGate.hive });
+    }
+    if (url.pathname === '/hive/release') {
+      const sessionId = deriveSessionId(req, body, 'runtime-action');
+      return json(res, 200, { ok: true, hive: releaseHiveFileLease(sessionId, coerceTargetFiles(body)) });
     }
     if (url.pathname === '/validate-output' || url.pathname === '/api/harness/validate') {