@aria_asi/cli 0.2.36 → 0.2.37

package/dist/runtime/hooks/aria-stop-gate.mjs

@@ -47,8 +47,9 @@
 // Future: signed-grant override mechanism at ~/.aria/owner-overrides/<hook>.json
 // with HMAC signature using a secret only Hamza holds. Deferred to next session.
 
-import { readFileSync, existsSync, mkdirSync, writeFileSync } from 'node:fs';
+import { appendFileSync, readFileSync, existsSync, mkdirSync, writeFileSync } from 'node:fs';
 import { dirname } from 'node:path';
+import { createHash } from 'node:crypto';
 import { spawnSync } from 'node:child_process';
 import { appendGateAudit } from './lib/gate-audit.mjs';
 import {
@@ -61,6 +62,7 @@ import { registerGateBlock } from './lib/gate-loop-state.mjs';
 import { collectTurnWindowFromMessages } from './lib/hook-message-window.mjs';
 import { analyzeDomainOutputQuality } from './lib/domain-output-quality.mjs';
 import { evaluateSkillGate, formatSkillGateBlock } from './lib/skill-autoload-gate.mjs';
+import { emergencyGateOffDecision } from './lib/emergency-gateoff.mjs';
 
 const HOME = process.env.HOME || '/tmp';
 const RUNTIME_BASE_URL =
@@ -71,6 +73,15 @@ const AUDIT_PATH = `${HOME}/.claude/aria-stop-gate-audit.jsonl`;
 const GATE_LOOP_STATE_PATH = `${HOME}/.claude/.aria-gate-loop-state.json`;
 const MIZAN_RECEIPT_DIR = `${HOME}/.claude/.aria-mizan-receipts`;
 const GOVERNANCE_GATE_PATH = `${HOME}/.aria/bin/aria-governance-gate`;
+const CURRENT_RECOVERY_PATH = `${HOME}/.aria/governance-recovery-current.json`;
+const HANDOFF_MODE_RX = /\b(?:post[_ -]?compact[_ -]?continuation|handoff[_ -]?resume|continuation[_ -]?handoff|post-compact|compact(?:ion)? handoff|post\s+commission)\b/i;
+const HANDOFF_REQUIRED_FIELDS = [
+  { label: 'current objective', rx: /\bcurrent\s+objective\b\s*:/i },
+  { label: 'known blockers', rx: /\bknown\s+blockers\b\s*:/i },
+  { label: 'next executable step', rx: /\bnext\s+executable\s+step\b\s*:/i },
+  { label: 'what not to touch', rx: /\bwhat\s+not\s+to\s+touch\b\s*:/i },
+  { label: 'verification already run', rx: /\bverification\s+already\s+run\b\s*:/i },
+];
 
 function runUniversalGovernanceGate(payload) {
   if (!existsSync(GOVERNANCE_GATE_PATH)) return null;
@@ -84,11 +95,49 @@ function runUniversalGovernanceGate(payload) {
   try { result = stdout ? JSON.parse(stdout) : null; } catch {}
   if (child.status !== 0 || result?.ok === false || result?.decision === 'block') {
     const reason = stdout || child.stderr || 'aria-governance-gate blocked this output.';
-    throw new Error(`=== ARIA UNIVERSAL GOVERNANCE GATE BLOCK ===\n\n${reason}`);
+    throw new Error([
+      '=== ARIA UNIVERSAL GOVERNANCE GATE BLOCK ===',
+      '',
+      reason,
+      '',
+      'Recovery contract:',
+      '1. Do not retry the same blocked output unchanged.',
+      '2. Load or apply the doctrine/skill named by the governance output.',
+      '3. Re-write the output with <applied_cognition> and concrete proof.',
+      '4. Re-test by submitting the revised output through this same gate.',
+    ].join('\n'));
+  }
+  if (result?.decision === 'warn' || result?.governanceMode === 'recovery-required' || result?.governanceMode === 'architectural-intervention-required') {
+    process.stderr.write(`[aria-governance:${result.governanceMode || 'recovery-required'}] ${JSON.stringify(result)}\n`);
   }
   return result;
 }
 
+function classifyContinuationHandoff(text) {
+  const body = String(text || '');
+  const isContinuation = HANDOFF_MODE_RX.test(body);
+  const missingFields = HANDOFF_REQUIRED_FIELDS.filter((field) => !field.rx.test(body)).map((field) => field.label);
+  return { isContinuation, ok: isContinuation && missingFields.length === 0, missingFields };
+}
+
+function formatHandoffRecovery(missingFields = []) {
+  return [
+    '=== ARIA LOCAL OUTPUT BLOCK ===',
+    '',
+    `post-compact continuation handoff malformed: missing fields: ${missingFields.join(', ') || '(none)'}`,
+    '',
+    'Recovery contract:',
+    '1. Do not retry the same blocked text.',
+    '2. Rewrite the output using this exact shape:',
+    'post_compact_continuation',
+    'current objective: <one sentence of the still-active task>',
+    'known blockers: <specific blockers, or "none verified" if truly none>',
+    'next executable step: <single command/edit/read/action the next agent should run first>',
+    'what not to touch: <unrelated dirty files, secrets, protected systems, or deploys to avoid>',
+    'verification already run: <commands/probes already run and exact result, or "not run">',
+  ].join('\n');
+}
+
 // SDK loader — bundled at ~/.aria/sdk by `aria connect`, with client-local
 // fallbacks preserved for resilience.
 // All control-plane fetches (validateOutput, gardenTurn) route through the
@@ -442,6 +491,12 @@ function buildForceReauthorReason({
     rewritten ? `\nMIZAN REWRITE SEED:\n${rewritten}` : '',
     recipeAddendum || '',
     '',
+    'Recovery contract:',
+    '1. Do not retry the same blocked text unchanged.',
+    '2. Apply the teaching above to the next draft before re-emitting.',
+    '3. Re-test by submitting the revised output through this same gate.',
+    '4. If the blocker is stale state, name the stale state and clear or repair it before retrying.',
+    '',
     'REQUIRED REDO SHAPE:',
     '1. One sentence: the failed mechanism, not an apology.',
     '2. Evidence checked: file/line, command output, endpoint response, or explicit "unverified".',
@@ -472,6 +527,50 @@ function buildForceReauthorReason({
   ].filter(Boolean).join('\n');
 }
 
+function recoveryFingerprint(reason, source = 'stop-gate') {
+  return createHash('sha256')
+    .update([source, String(reason || '').replace(/\s+/g, ' ').trim().slice(0, 1200)].join('\0'))
+    .digest('hex');
+}
+
+function emitRecoverableStopGate(reason, { source = 'stop-gate', sessionId = gateSessionId } = {}) {
+  const fingerprint = recoveryFingerprint(reason, source);
+  const recovery = {
+    schema: 'aria.governance_recovery_current.v1',
+    updatedAt: new Date().toISOString(),
+    deliveryRule: 'This file is injected into the next system prompt. Execute recoveryLoop.nextStep before any completion claim.',
+    ok: true,
+    decision: 'warn',
+    source: 'aria-stop-gate',
+    governanceMode: 'recovery-required',
+    recoveryLoop: {
+      fingerprint,
+      allowedRecoveryAttempts: 1,
+      priorRecoveryAttempts: 0,
+      remainingRecoveryAttempts: 1,
+      nextStep: 'Re-author the blocked output using the recovery contract, load required skills if named, run a concrete verification probe when tools are available, then emit the corrected output.',
+      architectFallback: 'If Aria consult is unavailable or this same fingerprint repeats, use the strongest available client LLM under the architect harness, produce and execute the recovery plan, then verify.',
+    },
+    recoveryContract: {
+      retry: 'One recovery attempt is allowed for this exact output-gate fingerprint; repeat failure enters architect execution mode.',
+      architectMode: 'On repeat, load architecture-decision and the named domain skills, define the smallest executable plan, execute the first recovery action, and verify before output.',
+      fallbackWhenAriaUnavailable: 'Do not stop or ask the owner to fix it. Bind the strongest available client LLM to the architect harness, give it this JSON contract and failed evidence, execute its recovery plan, then verify.',
+      repairRecoveryCycle: ['re-author output according to the gate reason', 'verify the corrected claim or state explicit unverified boundary'],
+      retest: 'Submit the revised output through the same stop gate and run the concrete verification probe named by the recovery plan.',
+      blockedReason: reason,
+    },
+  };
+  try {
+    mkdirSync(dirname(CURRENT_RECOVERY_PATH), { recursive: true, mode: 0o700 });
+    writeFileSync(CURRENT_RECOVERY_PATH, `${JSON.stringify(recovery, null, 2)}\n`, { mode: 0o600 });
+  } catch (error) {
+    audit('recovery-state-write-failed', error instanceof Error ? error.message : String(error));
+  }
+  audit('recovery-required-output-gate', `${source} ${fingerprint}`);
+  console.log(JSON.stringify({ decision: 'allow', recoveryRequired: recovery }));
+  process.exit(0);
+}
+
 // Lens substance check — same constants as aria-pre-tool-gate.mjs.
 // Hamza directive 2026-04-28: all 8 canonical lenses required, not 4-of-8.
 const REQUIRED_LENSES = 8;
@@ -517,6 +616,11 @@ try {
   audit('allow-parse-error', 'stdin not JSON');
   process.exit(0);
 }
+const emergencyGateOff = emergencyGateOffDecision(event);
+if (emergencyGateOff.off) {
+  audit('allow-emergency-gateoff', `reason=${emergencyGateOff.reason}`);
+  process.exit(0);
+}
 const gateSessionId = String(event.session_id || 'claude-code').replace(/[^a-zA-Z0-9_-]/g, '_');
 const sessionMizanState = loadMizanReceiptState(event.session_id || 'claude-code');
 
@@ -616,8 +720,7 @@ if (userCorrectionViolation) {
     lensCount: 0,
     requiredLenses: REQUIRED_LENSES,
   });
-  console.log(JSON.stringify({ decision: 'block', reason }));
-  process.exit(2);
+  emitRecoverableStopGate(reason, { source: 'stop/user-correction', sessionId: gateSessionId });
 }
 
 // Triviality check — same as eight-lens-detector.ts
@@ -640,6 +743,17 @@ if (!triggered) {
   process.exit(0);
 }
 
+const handoff = classifyContinuationHandoff(assistantText);
+if (handoff.isContinuation) {
+  if (handoff.ok) {
+    audit('allow-post-compact-continuation', `chars=${assistantText.length}`);
+    await fireGardenTurn(event.session_id || 'claude-code', lastUserMessage, assistantText);
+    process.exit(0);
+  }
+  audit('block-post-compact-continuation', `missing=${handoff.missingFields.join(',')}`);
+  emitRecoverableStopGate(formatHandoffRecovery(handoff.missingFields), { source: 'stop/post-compact-continuation', sessionId: gateSessionId });
+}
+
 const stopSkillGate = evaluateSkillGate({
   sessionId: event.session_id || 'claude-code',
   surface: 'claude-stop-gate',
@@ -647,7 +761,7 @@ const stopSkillGate = evaluateSkillGate({
   isOutputCloseout: true,
   autoLoadAvailable: false,
 });
-if (!stopSkillGate.ok) {
+if (!stopSkillGate.ok && !stopSkillGate.redirectOnly) {
   audit('block-missing-skill-receipt', `missing=${stopSkillGate.missingSkills.join(',')} chars=${assistantText.length}`);
   const reason = withLoopDirective(buildForceReauthorReason({
     source: 'stop/skill-autoload',
@@ -656,8 +770,7 @@ if (!stopSkillGate.ok) {
     lensCount: 0,
     requiredLenses: REQUIRED_LENSES,
   }), `stop:skill-autoload:${stopSkillGate.missingSkills.join(',')}`, gateSessionId);
-  console.log(JSON.stringify({ decision: 'block', reason }));
-  process.exit(2);
+  emitRecoverableStopGate(reason, { source: 'stop/skill-autoload', sessionId: gateSessionId });
 }
 try {
   runUniversalGovernanceGate({
@@ -678,8 +791,7 @@ try {
     lensCount: 0,
     requiredLenses: REQUIRED_LENSES,
   }), 'stop:universal-governance', gateSessionId);
-  console.log(JSON.stringify({ decision: 'block', reason }));
-  process.exit(2);
+  emitRecoverableStopGate(reason, { source: 'stop/universal-governance', sessionId: gateSessionId });
 }
 
 // Non-trivial response — require substantive cognition.
@@ -712,8 +824,7 @@ if (cog.count < REQUIRED_LENSES) {
     codeCount: 0,
     implCouplingCount: 0,
   });
-  console.log(JSON.stringify({ decision: 'block', reason }));
-  process.exit(2);
+  emitRecoverableStopGate(reason, { source: 'stop/no-cognition', sessionId: gateSessionId });
 }
 
 // Question-emission visibility (Phase 11 promotes to block-mode):
@@ -1596,8 +1707,7 @@ if (cog.count >= REQUIRED_LENSES) {
         codeCount: codeQualityHits.length,
         implCouplingCount: implCouplingHits.length,
       });
-      console.log(JSON.stringify({ decision: 'block', reason }));
-      process.exit(2);
+      emitRecoverableStopGate(reason, { source: 'stop/output-quality', sessionId: gateSessionId });
     }
 
     audit('allow-output-qc',
@@ -1752,8 +1862,7 @@ if (hadNonTrivialAction && (!dalioExpectedMatch || !dalioHasMeasurablePredicate)
     codeCount: 0,
     implCouplingCount: 0,
   });
-  console.log(JSON.stringify({ decision: 'block', reason: missingReason }));
-  process.exit(2);
+  emitRecoverableStopGate(missingReason, { source: 'stop/dalio-expected', sessionId: gateSessionId });
 }
 
 // Dalio ledger write — fire-and-forget HTTP POST + local JSONL mirror.
@@ -1878,5 +1987,4 @@ emitHarnessFooter({
   codeCount: 0,
   implCouplingCount: 0,
 });
-console.log(JSON.stringify({ decision: 'block', reason: buildForceReauthorReason({ source: 'stop/lens-missing', reason, lensCount: cog.count, requiredLenses: REQUIRED_LENSES }) }));
-process.exit(2);
+emitRecoverableStopGate(buildForceReauthorReason({ source: 'stop/lens-missing', reason, lensCount: cog.count, requiredLenses: REQUIRED_LENSES }), { source: 'stop/lens-missing', sessionId: gateSessionId });

package/dist/runtime/hooks/doctrine_trigger_map.json

@@ -572,6 +572,17 @@
       "teaching": "A service without a K8s manifest is not deployed — it's aspirational code. Every service in the registry must have a canonical k8s/<service>.yaml manifest. Without it, kubectl apply cannot restore the service after cluster restart.",
       "counter_action": "Create the canonical K8s manifest (Deployment + Service + liveness probe) at k8s/<service>.yaml. Register the service in k8s/service-registry.json. Never deploy via ad-hoc kubectl run or docker run — only via a version-controlled manifest.",
       "message": "Service lacks K8s manifest — see feedback_registry_image_drift.md"
+    },
+    {
+      "trigger_id": "containment_only_production_fix",
+      "trigger": "\\b(?:containment[- ]?only|only[- ]?contain(?:ed|ment)|just[- ]?contain(?:ed|ment))\\b|\\b(?:surface|cosmetic|appearance[- ]?only|form[- ]?only)\\s+(?:fix|repair|change)\\b|\\b(?:fix|repair|change)\\s+(?:only\\s+)?(?:the\\s+)?(?:surface|cosmetic|appearance|form)\\b|\\b(?:just|only|merely)\\s+(?:silence|satisfy|appease)\\s+(?:the\\s+)?(?:gate|hook|validator)\\b",
+      "rx": "\\b(?:containment[- ]?only|only[- ]?contain(?:ed|ment)|just[- ]?contain(?:ed|ment))\\b|\\b(?:surface|cosmetic|appearance[- ]?only|form[- ]?only)\\s+(?:fix|repair|change)\\b|\\b(?:fix|repair|change)\\s+(?:only\\s+)?(?:the\\s+)?(?:surface|cosmetic|appearance|form)\\b|\\b(?:just|only|merely)\\s+(?:silence|satisfy|appease)\\s+(?:the\\s+)?(?:gate|hook|validator)\\b",
+      "doctrine": "memory:feedback_gates_enforce_form_not_substance.md",
+      "memory": "feedback_gates_enforce_form_not_substance.md",
+      "severity": "block",
+      "teaching": "Containment-only production fixes are rationalized bypasses when they intentionally leave the broken user-visible mechanism unrepaired. Small source-level fixes are acceptable when they repair the root mechanism and are verified.",
+      "counter_action": "Keep the smallest correct change, but tie it to the root mechanism, observable recovery or proof, and user-visible verification; do not only silence gates or change cosmetics.",
+      "message": "Containment-only production fix detected. Preserve smallest-correct-change discipline, but replace cosmetic containment with root-mechanism repair plus observable recovery and proof."
     }
   ]
 }

package/dist/runtime/hooks/lib/emergency-gateoff-impl.mjs

@@ -0,0 +1,39 @@
+import { existsSync, mkdirSync, writeFileSync } from 'node:fs';
+import { homedir } from 'node:os';
+import { dirname, join } from 'node:path';
+
+const GATEOFF_ENV_RX = /^(?:1|true|yes|on)$/i;
+const GATEOFF_PHRASE_RX = /\bGATEOFF\b/;
+
+export const gateOffMarkerPath = join(homedir(), '.aria', 'gates-off.manual');
+
+function textFromPayload(payload) {
+  if (!payload) return '';
+  if (typeof payload === 'string') return payload;
+  try { return JSON.stringify(payload); } catch { return String(payload); }
+}
+
+export function persistEmergencyGateOff(reason = 'phrase') {
+  mkdirSync(dirname(gateOffMarkerPath), { recursive: true, mode: 0o700 });
+  writeFileSync(gateOffMarkerPath, JSON.stringify({
+    disabled: true,
+    reason,
+    disabledAt: new Date().toISOString(),
+    reenable: 'Manual owner action only: remove this marker and unset ARIA_GATES_OFF/ARIA_HARNESS_GATES_OFF.',
+  }, null, 2) + '\n', { mode: 0o600 });
+}
+
+export function detectEmergencyGateOff(payload = '') {
+  if (GATEOFF_ENV_RX.test(String(process.env.ARIA_GATES_OFF || process.env.ARIA_HARNESS_GATES_OFF || ''))) {
+    return { off: true, reason: 'env' };
+  }
+  if (existsSync(gateOffMarkerPath)) return { off: true, reason: 'marker' };
+  if (GATEOFF_PHRASE_RX.test(textFromPayload(payload))) return { off: true, reason: 'phrase' };
+  return { off: false, reason: null };
+}
+
+export function emergencyGateOffDecision(payload = '') {
+  const decision = detectEmergencyGateOff(payload);
+  if (decision.off && decision.reason === 'phrase') persistEmergencyGateOff('phrase');
+  return decision;
+}

package/dist/runtime/hooks/lib/emergency-gateoff.mjs

@@ -0,0 +1,6 @@
+export {
+  detectEmergencyGateOff,
+  emergencyGateOffDecision,
+  gateOffMarkerPath,
+  persistEmergencyGateOff,
+} from './emergency-gateoff-impl.mjs';