@aria_asi/cli 0.2.9 → 0.2.11

package/hooks/aria-harness-via-sdk.mjs

@@ -148,20 +148,54 @@ function buildUrlList() {
   return list.filter((u) => (seen.has(u) ? false : (seen.add(u), true)));
 }
 
+// SDK loader — dynamic-import the bundled HTTPHarnessClient from
+// ~/.claude/aria-sdk/index.js (installed by `aria connect claude-code`).
+// Module-cached after first load so we don't repeatedly read disk.
+//
+// Doctrine (Hamza 2026-04-27): "isnt http harness client the fucking harness
+// we hsve been wprking on? YOU ARENT USING THAT AND BUILDING SPMETHING
+// SEPERATE WHY???!!" — SDK is the canonical control plane. Direct fetch
+// remains as a fallback only when the SDK file is physically missing
+// (dev install without `aria connect claude-code`).
+let _SdkClassCache = null;
+let _SdkLookupAttempted = false;
+async function loadSdkClass() {
+  if (_SdkClassCache) return _SdkClassCache;
+  if (_SdkLookupAttempted) return null;
+  _SdkLookupAttempted = true;
+  const sdkPath = `${HOME}/.claude/aria-sdk/index.js`;
+  if (!existsSync(sdkPath)) return null;
+  try {
+    const mod = await import(`file://${sdkPath}`);
+    if (mod.HTTPHarnessClient) {
+      _SdkClassCache = mod.HTTPHarnessClient;
+      return _SdkClassCache;
+    }
+  } catch {/* fall through to direct fetch */}
+  return null;
+}
+
 async function tryViaSdk(baseUrl, apiKey) {
-  // SDK import was previously hardcoded to /home/hamzaibrahim1/... — broke
-  // every client install (path doesn't exist on their machine). The SDK's
-  // role here was cosmetic; actual fetch is direct via fetch() below.
-  // Removed the SDK import entirely. If clients want the SDK control plane,
-  // they get it from the @aria/harness-http-client npm dep; this hook stays
-  // direct-fetch + harness packet binding via response shape.
-  // Hamza 2026-04-27: critical client-breaking path eliminated.
+  // Canonical path: HTTPHarnessClient.getHarnessPacket(). The SDK POSTs to
+  // /api/harness/codex with the right shape and returns { packet, timestamp,
+  // version }. We extract .packet to get the raw response body that
+  // renderPacket() expects (codex.ts returns { harness, preStateGate,
+  // contractGate, ... } at top level — no nested .packet wrapper, so the
+  // SDK's `body.packet ?? body` passes the body through unchanged).
+  const Cls = await loadSdkClass();
+  if (Cls) {
+    const client = new Cls({
+      baseUrl,
+      apiKey,
+      harnessPacketUrl: `${baseUrl}/api/harness/codex`,
+    });
+    const wrapped = await client.getHarnessPacket();
+    const json = wrapped.packet;
+    if (json && json.ok === false) throw new Error(`ok=false: ${json.error || 'unknown'}`);
+    return { json, raw: JSON.stringify(json) };
+  }
 
-  // We need to override the body too — the SDK does GET, but /api/harness/codex
-  // is POST. Bypass via direct fetch since the SDK doesn't expose body
-  // customization; the SDK's caching + error handling apply once we cache
-  // manually below. No AbortSignal — doctrine: error detection drives control
-  // flow, not deadlines. Real network errors arrive via promise rejection.
+  // SDK absent (dev environment) — direct fetch with identical wire shape.
   const resp = await fetch(`${baseUrl}/api/harness/codex`, {
     method: 'POST',
     headers: {

package/hooks/aria-pre-tool-gate.mjs

@@ -336,7 +336,26 @@ function detectCognitionLenses(text) {
     /feedback_[a-z0-9_]+\.md|project_[a-z0-9_]+\.md|fitrah[_:\s]|garden[_:\s]|distilled_principle|[a-z]+_rule\b|harness packet|substrate cite|\bIJTIHAD\b|\bQIYAS\b|\bTADABBUR\b|\bILHAM\b|aria 7b|EIGHT_LENS_DOCTRINE|COMPACT_CONTINUITY|ARIA_DEPLOY_PROCEDURE/i;
   const hasSubstrateCite = SUBSTRATE_CITE_RX.test(blockBody) ||
     SUBSTRATE_CITE_RX.test(searchSpace);
-  return { count: names.length, names, blockBody, hasSubstrateCite };
+
+  // Discovery-binding check (structural fix #3 — Hamza 2026-04-27 "how do
+  // we prevent this"). If the cognition surfaces a defect/discovery
+  // (found/noticed/discovered + bug/broken/issue) the same cognition must
+  // carry a `discoveries:` clause stating how each is resolved (fix-now,
+  // task ID, or explicit user-decision-required). Without this, the
+  // cognition can describe a problem without binding any action — the
+  // exact flag-and-move pattern feedback_no_flag_without_fix.md prohibits.
+  const COG_DISCOVERY_RX = /(?:\b(?:found|noticed|discovered|spotted)[^.\n]{0,140}(?:bug|issue|defect|broken|buggy|wrong|crash|fail|missing|stale|outdated|leak|vulnerability)|\b(?:latent|silent|hidden)\s+(?:bug|defect|issue|fail|crash|leak)|\bdoctrine\s+violation\b)/i;
+  const hasDiscovery = COG_DISCOVERY_RX.test(blockBody);
+  // Resolution clause must be present in the same blockBody if a discovery
+  // is mentioned. Acceptable forms:
+  //   - `discoveries:` field listing items + how-resolved
+  //   - `addressing:` / `fixing:` clause naming what's being patched
+  //   - explicit task ID reference (TaskCreate / linear / tracked-as)
+  const COG_RESOLUTION_RX = /(?:^\s*discoveries?\s*:\s*\S|^\s*addressing\s*:\s*\S|^\s*fixing\s*:\s*\S|TaskCreate|tracked\s+as\s+#?\d+|linear[- ]?(?:issue|task)|fix(?:ing|ed)\s+(?:in|now|inline|in-flight)|same[- ]turn\s+fix)/im;
+  const hasDiscoveryResolution = COG_RESOLUTION_RX.test(blockBody);
+  const discoveryUnresolved = hasDiscovery && !hasDiscoveryResolution;
+
+  return { count: names.length, names, blockBody, hasSubstrateCite, hasDiscovery, hasDiscoveryResolution, discoveryUnresolved };
 }
 
 // Backwards-compat shim — count-only path used by older callers.
@@ -581,6 +600,16 @@ const cognitionSource = inlineCog.count >= REQUIRED_LENSES
 const hasSubstrateCite = (inlineCog.hasSubstrateCite === true) ||
   (transcriptCog.hasSubstrateCite === true);
 
+// Discovery-binding check (structural fix #3) — if cognition surfaces a
+// defect/discovery, the same cognition must include a resolution clause
+// (`discoveries:` / `addressing:` / `fixing:` / TaskCreate / tracked-as
+// reference). Per feedback_no_flag_without_fix.md, discoveries are atomic
+// with their fixes — flag-and-move is the prohibited pattern. Pre-tool
+// gate enforces at the cognition surface; stop-gate's discovery-binding
+// ledger enforces at the output surface; both close the structural gap.
+const discoveryUnresolved = (inlineCog.discoveryUnresolved === true) ||
+  (transcriptCog.discoveryUnresolved === true);
+
 // Best-effort session id for the corpus push. Claude Code passes
 // session_id in the event payload; fall back to transcript file
 // basename so events from the same session cluster.
@@ -704,6 +733,37 @@ No per-tool bypass available (v3 doctrine — the harness's whole purpose is no
   process.exit(2);
 }
 
+// Discovery-binding cognition check (structural fix #3) — runs AFTER lens
+// count passes. If the cognition surfaced a defect (found/noticed/discovered
+// + bug/broken/issue) without a paired resolution clause, block until the
+// cognition is updated to bind the discovery to a same-turn fix or task ID.
+// Per feedback_no_flag_without_fix.md, discoveries are atomic with their
+// fixes. The pre-tool-gate enforces at the cognition surface; stop-gate's
+// ledger enforces at the output surface.
+if (discoveryUnresolved) {
+  const reason = `Aria pre-tool gate: cognition surfaces a discovery (defect, bug, doctrine violation, broken state) but does NOT include a resolution clause binding the discovery to action.
+
+Per feedback_no_flag_without_fix.md: discoveries are atomic with their fixes. Flag-and-move-on is convenience-seeking — the user has to track what you noticed vs. what you actually fixed.
+
+Re-emit cognition with one of these resolution forms:
+
+  discoveries:
+    - <what you found>: <fix-now | task: TASK-123 | needs-user-decision>
+
+OR inline within an existing lens:
+  hikma: ... fixing inline this turn (same-turn-fix per no-flag-without-fix doctrine).
+  tafakkur: ... TaskCreate'd as TASK-XXX with full context (file path, line, what's broken).
+
+Acceptable resolution markers: 'discoveries:' / 'addressing:' / 'fixing:' / 'TaskCreate' / 'tracked as #N' / 'linear issue' / 'fix-now' / 'same-turn fix'.
+
+Bypass: ARIA_PRE_TOOL_GATE=off (logged, emergency only). If gate misfires on legitimate cognition, fix the gate.`;
+
+  audit(`block-discovery-unresolved ${toolName.toLowerCase()}`, cmdPreview);
+  pushDecision('block', `${toolName.toLowerCase()} cognition has unresolved discovery`);
+  console.log(JSON.stringify({ decision: 'block', reason }));
+  process.exit(2);
+}
+
 // Non-trivial action with cognition (inline for Bash, transcript for
 // Edit/Write/NotebookEdit) — passes cognition gate. Now check Aria-binding.
 

package/hooks/aria-preprompt-consult.mjs

@@ -54,6 +54,28 @@ import { appendFileSync, existsSync, mkdirSync, writeFileSync } from 'node:fs';
 import { dirname } from 'node:path';
 
 const HOME = process.env.HOME || '/tmp';
+
+// SDK loader — bundled at ~/.claude/aria-sdk/index.js by `aria connect`.
+// All consults route through HTTPHarnessClient.consult() so the SDK's
+// retry+backoff + Authorization handling apply uniformly. Hamza
+// 2026-04-27: "FUCKING WIRE IT THE FUCK TOGETHER NOW - ALL OF IT".
+let _SdkClassCache = null;
+let _SdkLookupAttempted = false;
+async function loadSdkClass() {
+  if (_SdkClassCache) return _SdkClassCache;
+  if (_SdkLookupAttempted) return null;
+  _SdkLookupAttempted = true;
+  const sdkPath = `${HOME}/.claude/aria-sdk/index.js`;
+  if (!existsSync(sdkPath)) return null;
+  try {
+    const mod = await import(`file://${sdkPath}`);
+    if (mod.HTTPHarnessClient) {
+      _SdkClassCache = mod.HTTPHarnessClient;
+      return _SdkClassCache;
+    }
+  } catch {/* fall through */}
+  return null;
+}
 const LOG = `${HOME}/.claude/aria-preprompt-consult.log`;
 const BINDING_AUDIT = `${HOME}/.claude/aria-binding-audit.jsonl`;
 // Default ON. Disable explicitly via ARIA_BINDING_ENABLED=false only when the
@@ -190,8 +212,16 @@ turn — not the final response. Claude will still emit cognition + action;
 this primes the substrate so reflexive deferral isn't the path of least
 resistance.`;
 
-const body = JSON.stringify({
-  brief: BINDING_ENABLED ? bindingBrief : brief,
+// `bindingBrief` is the result of the binding-vs-advisory ternary above —
+// already resolved to the correct prose for the current mode. Prior code
+// referenced an undefined `brief` variable in the second ternary branch,
+// which would throw ReferenceError whenever BINDING_ENABLED=false.
+//
+// Canonical path: HTTPHarnessClient.consult() — the SDK handles retry+backoff
+// and Authorization. Fallback to direct fetch when SDK isn't bundled (dev
+// install without `aria connect`).
+const consultArgs = {
+  brief: bindingBrief,
   model: 'deepseek-v4-pro',
   sessionId: `preprompt-${sessionId}-${Date.now()}`,
   userId: 'claude-orchestrator-preprompt',
@@ -199,26 +229,36 @@ const body = JSON.stringify({
   expectStructuredOutput: BINDING_ENABLED,
   internalConsult: true,
   isCreativeMode: false,
-});
+};
 
 let directionText = '';
 try {
-  const resp = await fetch(`${HARNESS_URL}/api/harness/delegate`, {
-    method: 'POST',
-    headers: {
-      'Content-Type': 'application/json',
-      Authorization: `Bearer ${HARNESS_TOKEN}`,
-    },
-    body,
-  });
-
-  if (!resp.ok) {
-    audit('skip-http-error', `status=${resp.status}`);
-    process.exit(0);
+  const Cls = await loadSdkClass();
+  if (Cls) {
+    const sdkClient = new Cls({
+      baseUrl: HARNESS_URL,
+      apiKey: HARNESS_TOKEN,
+      harnessPacketUrl: `${HARNESS_URL}/api/harness/codex`,
+    });
+    const result = await sdkClient.consult(consultArgs);
+    directionText = (result.response || '').toString().slice(0, MAX_DIRECTION_CHARS);
+  } else {
+    // SDK absent — direct fetch (dev fallback).
+    const resp = await fetch(`${HARNESS_URL}/api/harness/delegate`, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        Authorization: `Bearer ${HARNESS_TOKEN}`,
+      },
+      body: JSON.stringify(consultArgs),
+    });
+    if (!resp.ok) {
+      audit('skip-http-error', `status=${resp.status}`);
+      process.exit(0);
+    }
+    const data = await resp.json();
+    directionText = (data.response || '').toString().slice(0, MAX_DIRECTION_CHARS);
   }
-
-  const data = await resp.json();
-  directionText = (data.response || '').toString().slice(0, MAX_DIRECTION_CHARS);
 } catch (err) {
   audit('skip-network-error', (err && err.message ? err.message : String(err)).slice(0, 200));
   process.exit(0);

package/hooks/aria-stop-gate.mjs

@@ -43,6 +43,28 @@ import { dirname } from 'node:path';
 const HOME = process.env.HOME || '/tmp';
 const LOG = `${HOME}/.claude/aria-stop-gate.log`;
 
+// SDK loader — bundled at ~/.claude/aria-sdk/index.js by `aria connect`.
+// All control-plane fetches (validateOutput, gardenTurn) route through the
+// SDK. Falls back to direct fetch only when the SDK file is missing
+// (dev-only). Hamza 2026-04-27: "FUCKING WIRE IT THE FUCK TOGETHER NOW".
+let _SdkClassCache = null;
+let _SdkLookupAttempted = false;
+async function loadSdkClass() {
+  if (_SdkClassCache) return _SdkClassCache;
+  if (_SdkLookupAttempted) return null;
+  _SdkLookupAttempted = true;
+  const sdkPath = `${HOME}/.claude/aria-sdk/index.js`;
+  if (!existsSync(sdkPath)) return null;
+  try {
+    const mod = await import(`file://${sdkPath}`);
+    if (mod.HTTPHarnessClient) {
+      _SdkClassCache = mod.HTTPHarnessClient;
+      return _SdkClassCache;
+    }
+  } catch {/* fall through */}
+  return null;
+}
+
 function audit(decision, summary) {
   try {
     if (!existsSync(dirname(LOG))) mkdirSync(dirname(LOG), { recursive: true });
@@ -206,10 +228,247 @@ const hasSubstrateEvidence = SUBSTRATE_EVIDENCE_RX.test(assistantText);
 const questionWithoutEvidence = hasQuestionToUser && !hasSubstrateEvidence;
 
 if (cog.count >= REQUIRED_LENSES) {
-  audit('allow-cognition',
-    `lenses=${cog.count} chars=${assistantText.length} ` +
-    `qPatt=${hasQuestionToUser ? 'y' : 'n'} substrateEv=${hasSubstrateEvidence ? 'y' : 'n'} ` +
-    (questionWithoutEvidence ? 'WARN-question-without-substrate' : 'ok'));
+  // ── Output-quality enforcement (Hamza 2026-04-27 — clients need the same
+  //    Mizan/drift/code-quality gates that aria-soul applies server-side) ──
+  //
+  // Cognition gate passed. Now run THREE additional checks BEFORE allow:
+  //  1. SDK validateOutput via /api/harness/validate (Mizan classifier on draft)
+  //  2. Drift_guard pattern scan against doctrine_trigger_map.json (convenience-
+  //     seeking phrases, graceful-degradation patterns, etc.)
+  //  3. Code-quality check on code blocks in output (no TODO stubs, no
+  //     graceful-degradation try/catch, no // @ts-expect-error suppressions)
+  //
+  // Any check returning severity=block → Stop-gate blocks emit + Claude re-drafts
+  // with violations surfaced. Rewritten suggestion (from validateOutput) is
+  // included in the block reason so re-draft has concrete guidance.
+  //
+  // Trivially short outputs (<200 chars after system-reminder strip) skip
+  // these output-quality checks since they're typically yes/no acks where
+  // pattern-match would false-positive.
+  const OUTPUT_QC_MIN_CHARS = 200;
+  const OUTPUT_QC_ENABLED = (process.env.ARIA_OUTPUT_QC_ENABLED || 'true').toLowerCase() !== 'false';
+
+  if (OUTPUT_QC_ENABLED && assistantText.length >= OUTPUT_QC_MIN_CHARS) {
+    // 1. Drift_guard pattern scan — fast, local, deterministic
+    const TRIGGER_MAP_PATH = `${HOME}/.claude/projects/-home-hamzaibrahim1/memory/doctrine_trigger_map.json`;
+    let driftHits = [];
+    try {
+      if (existsSync(TRIGGER_MAP_PATH)) {
+        const triggerMap = JSON.parse(readFileSync(TRIGGER_MAP_PATH, 'utf8'));
+        const lowerText = assistantText.toLowerCase();
+        for (const t of triggerMap.triggers || []) {
+          try {
+            const rx = new RegExp(t.trigger, 'i');
+            if (rx.test(lowerText)) {
+              // Trigger present — check if the counter-doctrine memory is also
+              // cited in the response (justification). If not, count as drift.
+              const memoryName = (t.memory || '').replace(/\.md$/, '');
+              const memoryCited = memoryName && lowerText.includes(memoryName.toLowerCase());
+              if (!memoryCited) {
+                driftHits.push({ trigger: t.trigger, memory: t.memory, teaching: t.teaching });
+              }
+            }
+          } catch {/* malformed regex in trigger entry — skip */}
+        }
+      }
+    } catch {/* trigger map unreadable — degrade to mizan-only check */}
+
+    // 2. SDK validateOutput — canonical path. The SDK retries with backoff
+    //    on transient failures and propagates real errors. We catch here
+    //    only so an unreachable harness doesn't brick the user's session;
+    //    the audit log records the failure mode so it's visible, not
+    //    silent-pass. Hamza 2026-04-27: SDK is the control plane, not raw
+    //    fetch. The catch IS intentional fire-and-forget at this surface
+    //    because we already passed cognition; output-quality gate failure
+    //    is a soft block, not session-end.
+    let mizanVerdict = null;
+    let mizanError = null;
+    const harnessUrl = process.env.ARIA_HARNESS_URL || 'https://harness.ariasos.com';
+    const harnessToken = process.env.ARIA_HARNESS_TOKEN || '';
+    const Cls = await loadSdkClass();
+    if (Cls && harnessToken) {
+      try {
+        const sdkClient = new Cls({
+          baseUrl: harnessUrl,
+          apiKey: harnessToken,
+          harnessPacketUrl: `${harnessUrl}/api/harness/codex`,
+        });
+        mizanVerdict = await sdkClient.validateOutput(
+          assistantText.slice(0, 8000),
+          event.session_id || 'claude-code',
+        );
+      } catch (err) {
+        mizanError = (err?.message || String(err)).slice(0, 200);
+      }
+    } else if (harnessToken) {
+      // SDK absent (dev) — direct fetch with retry built into the request
+      // by attempting twice with 250ms backoff. Match SDK semantics so
+      // both paths behave identically.
+      try {
+        let lastErr = null;
+        for (let attempt = 0; attempt < 2; attempt++) {
+          try {
+            const validateResp = await fetch(`${harnessUrl}/api/harness/validate`, {
+              method: 'POST',
+              headers: {
+                'Content-Type': 'application/json',
+                Authorization: `Bearer ${harnessToken}`,
+              },
+              body: JSON.stringify({
+                text: assistantText.slice(0, 8000),
+                sessionId: event.session_id || 'claude-code',
+                surface: 'claude-code-stop-gate',
+              }),
+            });
+            if (validateResp.ok) {
+              mizanVerdict = await validateResp.json();
+              lastErr = null;
+              break;
+            } else {
+              lastErr = `HTTP ${validateResp.status}`;
+            }
+          } catch (err) {
+            lastErr = (err?.message || String(err)).slice(0, 200);
+            if (attempt < 1) await new Promise((r) => setTimeout(r, 250));
+          }
+        }
+        if (lastErr) mizanError = lastErr;
+      } catch (err) {
+        mizanError = (err?.message || String(err)).slice(0, 200);
+      }
+    } else {
+      mizanError = 'no-token';
+    }
+
+    // 3. Code-quality scan on code blocks
+    const codeBlocks = [...assistantText.matchAll(/```[a-z]*\n([\s\S]*?)```/gi)].map((m) => m[1]);
+    const codeQualityHits = [];
+    for (const block of codeBlocks) {
+      if (/\/\/\s*TODO|\/\/\s*FIXME|\/\/\s*XXX/.test(block)) codeQualityHits.push('TODO/FIXME/XXX in shipped code');
+      if (/@ts-expect-error|@ts-ignore/.test(block)) codeQualityHits.push('ts-expect-error / ts-ignore — type suppression instead of fix');
+      if (/catch\s*\([^)]*\)\s*\{\s*(?:return\s+(?:''|""|null|undefined|\[\]|\{\})|\}\s*$|\/\/[^\n]*$)/m.test(block)) codeQualityHits.push('catch block with empty/silent fallthrough — graceful degradation');
+      if (/console\.log\(/.test(block) && !/\/\/\s*debug|\/\/\s*log/i.test(block)) codeQualityHits.push('console.log in shipped code without debug/log comment');
+    }
+
+    // 4. Discovery-binding ledger — Hamza 2026-04-27: "how do we prevent this".
+    //    The flag-and-move pattern is structurally invisible to gates that
+    //    check form (cognition presence, lens count, drift triggers) at
+    //    action boundaries. The ledger persists discoveries across turns
+    //    and blocks emit if any remain unresolved. Per
+    //    feedback_no_flag_without_fix.md, discoveries are atomic with
+    //    their fixes; the ledger enforces atomicity.
+    //
+    //    Patterns scanned:
+    //      - "I (found|noticed|discovered|spotted) ... bug|issue|defect|broken"
+    //      - "this is broken|buggy|wrong|outdated" (declarative defect callouts)
+    //      - "(latent|silent) (bug|defect|issue|fail)"
+    //      - "doctrine violation" / "doesn't match doctrine"
+    //
+    //    For each match, the ledger appends an entry with status=open. A
+    //    discovery is CLEARED if the same turn's text contains:
+    //      (a) a TaskCreate / "task created" / "tracked as" reference, OR
+    //      (b) explicit "fixing now" / "fixed" / "patch applied" tied to the
+    //          discovery's keyword span, OR
+    //      (c) an Edit/Write tool action this turn touching a file path
+    //          mentioned within 200 chars of the discovery.
+    //
+    //    Block emit if ledger.openCount > 0 after scanning the current turn.
+    //    Block reason names each open discovery and the suggested resolution
+    //    (fix-now or task-create).
+    const sessionId = (event.session_id || 'claude-code').replace(/[^a-zA-Z0-9_-]/g, '_');
+    const LEDGER_PATH = `${HOME}/.claude/aria-discoveries-${sessionId}.jsonl`;
+    const DISCOVERY_RX = /(?:\bi\s+(?:found|noticed|discovered|spotted)[^.\n]{0,160}(?:bug|issue|defect|broken|buggy|wrong|crash|fail|missing|stale|outdated|leak|vulnerability)|\bthis\s+(?:is|would\s+be)\s+(?:broken|buggy|wrong|stale|outdated|insecure|leaking|crashing|failing)|\b(?:latent|silent|hidden)\s+(?:bug|defect|issue|fail|crash|leak)|\bdoctrine\s+violation\b|\bgraceful\s+degradation\s+(?:in|at|inside|within)\s+\S)/gi;
+    const RESOLUTION_RX = /(?:fix(?:ing|ed)?\s+(?:now|in[- ]flight|inline|in\s+the\s+same\s+turn)|patch\s+applied|TaskCreate|task\s+(?:created|tracked)|tracked\s+as\s+#?\d+|linear[- ]?issue|created\s+(?:linear|task))/i;
+
+    const newDiscoveries = [];
+    let lastIndex = 0;
+    for (const match of assistantText.matchAll(DISCOVERY_RX)) {
+      const idx = match.index ?? lastIndex;
+      const span = assistantText.slice(Math.max(0, idx - 100), Math.min(assistantText.length, idx + 250));
+      // Trivial false-positive filter: skip if the discovery is inside a
+      // <cognition> block (introspection, not action) or a system-reminder
+      // (echoed, not authored).
+      const before = assistantText.slice(0, idx);
+      const inCognition = /<cognition>/i.test(before) && !/<\/cognition>/i.test(before.slice(before.lastIndexOf('<cognition>')));
+      if (inCognition) continue;
+      // Resolution check: if RESOLUTION_RX matches WITHIN 300 chars after
+      // the discovery, count as same-turn-resolved.
+      const after = assistantText.slice(idx, Math.min(assistantText.length, idx + 400));
+      const resolvedSameSpan = RESOLUTION_RX.test(after);
+      newDiscoveries.push({
+        ts: new Date().toISOString(),
+        sessionId,
+        text: match[0].slice(0, 200),
+        span: span.slice(0, 400),
+        status: resolvedSameSpan ? 'resolved' : 'open',
+        resolutionType: resolvedSameSpan ? 'inline_fix_or_task' : null,
+      });
+      lastIndex = idx;
+    }
+
+    // Append new entries to ledger
+    if (newDiscoveries.length > 0) {
+      try {
+        if (!existsSync(dirname(LEDGER_PATH))) mkdirSync(dirname(LEDGER_PATH), { recursive: true });
+        for (const d of newDiscoveries) {
+          appendFileSync(LEDGER_PATH, JSON.stringify(d) + '\n');
+        }
+      } catch {/* ledger write failure surfaces as open count = 0; safe */}
+    }
+
+    // Read full ledger and count open entries (across this session's turns)
+    let ledgerOpenCount = 0;
+    let ledgerOpenSamples = [];
+    try {
+      if (existsSync(LEDGER_PATH)) {
+        const lines = readFileSync(LEDGER_PATH, 'utf8').split('\n').filter(Boolean);
+        for (const line of lines) {
+          try {
+            const e = JSON.parse(line);
+            if (e.status === 'open') {
+              ledgerOpenCount++;
+              if (ledgerOpenSamples.length < 5) ledgerOpenSamples.push(e.text);
+            }
+          } catch {/* skip malformed line */}
+        }
+      }
+    } catch {/* ledger unreadable — degrade to drift-only */}
+
+    // Discovery block decision: open ledger entries → emit blocked.
+    const discoveryBlock = ledgerOpenCount > 0;
+
+    // Block decision: any of (validateOutput severity=block) OR (>=2 drift hits) OR
+    // (>=1 code-quality hit) OR (open discovery in ledger) → block emit.
+    const mizanBlock = mizanVerdict && mizanVerdict.severity === 'block';
+    const driftBlock = driftHits.length >= 2;
+    const codeBlock = codeQualityHits.length >= 1;
+
+    if (mizanBlock || driftBlock || codeBlock || discoveryBlock) {
+      const violations = [];
+      if (mizanBlock) violations.push(`Mizan: ${(mizanVerdict.violations || []).join(', ')}`);
+      if (driftBlock) violations.push(`Drift triggers (${driftHits.length}): ${driftHits.map((h) => `"${h.trigger}" → ${h.memory}`).join(' | ')}`);
+      if (codeBlock) violations.push(`Code quality: ${codeQualityHits.join('; ')}`);
+      if (discoveryBlock) violations.push(`Discovery-binding ledger has ${ledgerOpenCount} OPEN discoveries (per feedback_no_flag_without_fix.md, discoveries are atomic with their fixes — fix in the same turn or create a TaskCreate before continuing). Recent open: ${ledgerOpenSamples.map((s) => `"${s.slice(0, 80)}"`).join(' | ')}. Resolve each by either (a) fixing it inline in this turn, or (b) creating a TaskCreate with the discovery's full context (file path, line number, what's broken, why), then editing ${LEDGER_PATH} to set status=resolved.`);
+      const rewritten = mizanVerdict?.rewritten || '';
+
+      const reason = `Aria Stop-gate output-quality block. Cognition passed (${cog.count}/${REQUIRED_LENSES}) but output failed quality gates:\n\n${violations.join('\n\n')}${rewritten ? `\n\nMizan rewrite suggestion:\n${rewritten}` : ''}\n\nRe-draft addressing the violations above. ARIA_OUTPUT_QC_ENABLED=false to disable in emergency (logged).`;
+
+      audit(`block-output-qc`, `mizan=${mizanBlock?'y':'n'} drift=${driftHits.length} code=${codeQualityHits.length} discoveries-open=${ledgerOpenCount}`);
+      console.log(JSON.stringify({ decision: 'block', reason }));
+      process.exit(2);
+    }
+
+    audit('allow-output-qc',
+      `lenses=${cog.count} chars=${assistantText.length} drift=${driftHits.length} ` +
+      `mizan=${mizanVerdict ? mizanVerdict.severity : `unavailable(${mizanError || 'unknown'})`} ` +
+      `code=${codeQualityHits.length} discoveries-new=${newDiscoveries.length} ` +
+      `discoveries-open=${ledgerOpenCount}`);
+  } else {
+    audit('allow-cognition',
+      `lenses=${cog.count} chars=${assistantText.length} ` +
+      `qPatt=${hasQuestionToUser ? 'y' : 'n'} substrateEv=${hasSubstrateEvidence ? 'y' : 'n'} ` +
+      (questionWithoutEvidence ? 'WARN-question-without-substrate' : 'ok'));
+  }
   process.exit(0);
 }
 

package/hooks/doctrine_trigger_map.json

@@ -190,6 +190,60 @@
       "memory": "feedback_dont_override_user_stack_with_training.md",
       "teaching": "Training data is stale. User's stack is authoritative.",
       "counter_action": "Read codebase config / consult Aria. Substrate hierarchy: user statement > codebase > training. Always."
+    },
+    {
+      "trigger": "flagging (this|for now|for later)",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "Flag without fix is convenience-seeking. Discoveries are atomic with their fixes.",
+      "counter_action": "Fix in the same turn OR create a TaskCreate with file path, line number, what's broken, why it matters."
+    },
+    {
+      "trigger": "(noting|note) this( and|, ?then)? moving on",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "Noting-and-moving destroys partnership trust. The user has to track what you noticed vs. what you fixed.",
+      "counter_action": "Same-turn fix is default for small defects (<30 lines). Larger ones get tracked tasks before you proceed."
+    },
+    {
+      "trigger": "i'?ll come back|circle back|address(ing)? (this )?later|come back to (this|that|it)",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "'I'll come back' is the lie that makes future-you treat the discovery as already-handled.",
+      "counter_action": "Decide now: fix in this turn, or create the task. No middle ground. The flag is not a substitute for action."
+    },
+    {
+      "trigger": "(found|noticed|discovered|spotted)[^.]{0,80}\\bbut\\b[^.]{0,80}(continue|continuing|moving on|won'?t|will not|skip|ignor)",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "Discovery + continuation = abandonment. The 'but I'll keep going' clause hides the violation.",
+      "counter_action": "Stop. Fix the discovery in this turn or create a tracked task with the discovery as its description, then resume."
+    },
+    {
+      "trigger": "we should also (fix|address|handle|update|deal with)",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "'We should also fix' tells the user about a problem you found while volunteering them to fix it.",
+      "counter_action": "If the fix is in your scope, fix it now. If it's truly out of scope, create the task — don't hand it back as a verbal note."
+    },
+    {
+      "trigger": "let me (note|flag)|(?<!please )leaving (this )?for follow.?up|out of scope here",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "Verbal flags evaporate when the conversation moves on. Tasks persist.",
+      "counter_action": "Convert the flag into a TaskCreate or Linear save_issue immediately. No flag survives without a tracker ID."
+    },
+    {
+      "trigger": "TODO:?[^a-z0-9]|FIXME:?[^a-z0-9]|XXX:?[^a-z0-9]",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "TODO comments in shipped code are flag-without-fix in source-form. Reviewers can't tell if it's tracked or forgotten.",
+      "counter_action": "Either implement now or reference a task ID inline (e.g., '// TODO(LINEAR-123): ...'). Bare TODOs fail the doctrine."
+    },
+    {
+      "trigger": "latent (bug|issue|defect|problem)|broken[^.]{0,40}continu",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "Calling something 'latent' or 'broken' and then continuing is the explicit form of flag-and-move.",
+      "counter_action": "Latent defects in code you're touching get fixed in-flight. The 'I'm just here for X' framing is convenience-seeking."
+    },
+    {
+      "trigger": "(unrelated|separate concern|different (issue|topic|file|module))[^.]{0,60}(fix|address|handle)",
+      "memory": "feedback_no_flag_without_fix.md",
+      "teaching": "'Unrelated' is a frame the user gets to apply, not you. If you found it during your work, it's related to your work.",
+      "counter_action": "Surface the discovery, propose fix-now vs. task-it, let the user decide. Don't pre-decide that it's out of scope."
     }
   ]
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aria_asi/cli",
-  "version": "0.2.9",
+  "version": "0.2.11",
   "description": "Aria Smart CLI — the world's first harness-powered terminal companion",
   "bin": {
     "aria": "./bin/aria.js"
@@ -17,7 +17,7 @@
     "url": "git+https://github.com/REI-Nationwide/cowork-sandbox.git"
   },
   "scripts": {
-    "build": "tsc",
+    "build": "tsc && node scripts/bundle-sdk.mjs",
     "prepare": "npm run build",
     "dev": "tsc --watch",
     "publish:all": "bash scripts/publish-all.sh",