@bolloon/bolloon-agent 0.2.1 → 0.2.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (118) hide show
  1. package/bin/ipfs +0 -0
  2. package/dist/agents/judgment-protocol.js +479 -0
  3. package/dist/agents/parse-tool-call.js +304 -0
  4. package/dist/agents/pi-sdk.js +190 -267
  5. package/dist/agents/react-loop.js +86 -0
  6. package/dist/agents/session-store.js +157 -0
  7. package/dist/agents/tool-registry.js +136 -0
  8. package/dist/agents/workflow-pivot-loop.js +40 -0
  9. package/dist/bollharness/src/index.js +5 -0
  10. package/dist/bollharness/src/scripts/checks/check_adr_plan_numbering.js +6 -0
  11. package/dist/bollharness/src/scripts/checks/check_api_types.js +45 -0
  12. package/dist/bollharness/src/scripts/checks/check_artifact_link.js +146 -0
  13. package/dist/bollharness/src/scripts/checks/check_bridge_deps.js +6 -0
  14. package/dist/bollharness/src/scripts/checks/check_bugfix_binding.js +6 -0
  15. package/dist/bollharness/src/scripts/checks/check_bugfix_binding_ci.js +6 -0
  16. package/dist/bollharness/src/scripts/checks/check_doc_file_references.js +6 -0
  17. package/dist/bollharness/src/scripts/checks/check_doc_freshness.js +135 -0
  18. package/dist/bollharness/src/scripts/checks/check_doc_links.js +31 -0
  19. package/dist/bollharness/src/scripts/checks/check_file_existence_claims.js +6 -0
  20. package/dist/bollharness/src/scripts/checks/check_fragment_integrity.js +34 -0
  21. package/dist/bollharness/src/scripts/checks/check_hook_installed.js +63 -0
  22. package/dist/bollharness/src/scripts/checks/check_issue_closure.js +41 -0
  23. package/dist/bollharness/src/scripts/checks/check_mcp_parity.js +6 -0
  24. package/dist/bollharness/src/scripts/checks/check_security.js +48 -0
  25. package/dist/bollharness/src/scripts/checks/check_skill_parity.js +6 -0
  26. package/dist/bollharness/src/scripts/checks/check_versions.js +6 -0
  27. package/dist/bollharness/src/scripts/checks/finding.js +13 -0
  28. package/dist/bollharness/src/scripts/checks/next_decision_number.js +20 -0
  29. package/dist/bollharness/src/scripts/checks/regenerate_magic_docs.js +6 -0
  30. package/dist/bollharness/src/scripts/ci/detect_rebaseline_triggers.js +8 -0
  31. package/dist/bollharness/src/scripts/ci/scan_subprocess_cfg.js +8 -0
  32. package/dist/bollharness/src/scripts/ci/scan_verify_artifacts.js +8 -0
  33. package/dist/bollharness/src/scripts/ci/scan_yaml_schema.js +8 -0
  34. package/dist/bollharness/src/scripts/context_router.js +67 -0
  35. package/dist/bollharness/src/scripts/deploy-guard.js +157 -0
  36. package/dist/bollharness/src/scripts/guard-feedback.js +192 -0
  37. package/dist/bollharness/src/scripts/guard_router.js +158 -0
  38. package/dist/bollharness/src/scripts/hooks/_hook_output.js +6 -0
  39. package/dist/bollharness/src/scripts/hooks/auto-python3.js +6 -0
  40. package/dist/bollharness/src/scripts/hooks/deploy-progress-on-session-end.js +6 -0
  41. package/dist/bollharness/src/scripts/hooks/failure-analyzer.js +6 -0
  42. package/dist/bollharness/src/scripts/hooks/gate-judgment-inject.js +92 -0
  43. package/dist/bollharness/src/scripts/hooks/gate-transition-judgment.js +63 -0
  44. package/dist/bollharness/src/scripts/hooks/inbox-ack.js +6 -0
  45. package/dist/bollharness/src/scripts/hooks/inbox-inject-on-start.js +6 -0
  46. package/dist/bollharness/src/scripts/hooks/inbox-validate.js +6 -0
  47. package/dist/bollharness/src/scripts/hooks/inbox-write-ledger.js +6 -0
  48. package/dist/bollharness/src/scripts/hooks/initializer-agent.js +6 -0
  49. package/dist/bollharness/src/scripts/hooks/loop-detection.js +73 -0
  50. package/dist/bollharness/src/scripts/hooks/owner-guard.js +6 -0
  51. package/dist/bollharness/src/scripts/hooks/precompact.js +6 -0
  52. package/dist/bollharness/src/scripts/hooks/review-agent-gatekeeper.js +6 -0
  53. package/dist/bollharness/src/scripts/hooks/risk-tracker.js +108 -0
  54. package/dist/bollharness/src/scripts/hooks/sanitize-on-read.js +6 -0
  55. package/dist/bollharness/src/scripts/hooks/session-reflection.js +7 -0
  56. package/dist/bollharness/src/scripts/hooks/session-start-magic-docs.js +7 -0
  57. package/dist/bollharness/src/scripts/hooks/session-start-reset-risk.js +7 -0
  58. package/dist/bollharness/src/scripts/hooks/session-start-toolkit-reminder.js +7 -0
  59. package/dist/bollharness/src/scripts/hooks/stop-evaluator.js +157 -0
  60. package/dist/bollharness/src/scripts/hooks/tool-call-counter.js +6 -0
  61. package/dist/bollharness/src/scripts/hooks/trace-analyzer.js +10 -0
  62. package/dist/bollharness/src/scripts/install/install-trust-token.js +7 -0
  63. package/dist/bollharness/src/scripts/install/multi_project_registry.js +9 -0
  64. package/dist/bollharness/src/scripts/install/phase2_auto.js +21 -0
  65. package/dist/bollharness/src/scripts/install/pre_commit_installer.js +6 -0
  66. package/dist/bollharness/src/scripts/install/tier_selector.js +7 -0
  67. package/dist/bollharness/src/scripts/install/transcript_miner.js +7 -0
  68. package/dist/bollharness/src/scripts/lib/claim_patterns.js +10 -0
  69. package/dist/bollharness/src/scripts/lib/sanitize_patterns.js +12 -0
  70. package/dist/bollharness/src/scripts/sanitize.js +6 -0
  71. package/dist/constraint-runtime/src/tools/PolymarketSDK/cancelOrder.js +6 -0
  72. package/dist/constraint-runtime/src/tools/PolymarketSDK/createOrder.js +6 -0
  73. package/dist/constraint-runtime/src/tools/PolymarketSDK/getMarket.js +5 -0
  74. package/dist/constraint-runtime/src/tools/PolymarketSDK/getOrders.js +6 -0
  75. package/dist/constraint-runtime/src/tools/PolymarketSDK/listMarkets.js +4 -0
  76. package/dist/constraint-runtime/src/tools/SafeSDK/deploySafe.js +6 -0
  77. package/dist/constraint-runtime/src/tools/WalletTools/autoPay.js +29 -0
  78. package/dist/constraint-runtime/src/tools/WalletTools/createWallet.js +10 -0
  79. package/dist/constraint-runtime/src/tools/WalletTools/getBalance.js +13 -0
  80. package/dist/constraint-runtime/src/tools/WalletTools/importWallet.js +22 -0
  81. package/dist/constraint-runtime/src/tools/WalletTools/sendTransaction.js +25 -0
  82. package/dist/constraint-runtime/src/tools/WalletTools/signMessage.js +10 -0
  83. package/dist/constraint-runtime/src/tools/WalletTools/transferToken.js +25 -0
  84. package/dist/electron/config.js.map +1 -0
  85. package/dist/electron/dialogs.js.map +1 -0
  86. package/dist/electron/first-run.js.map +1 -0
  87. package/dist/electron/ipc.js.map +1 -0
  88. package/dist/electron/logger.js.map +1 -0
  89. package/dist/electron/main.js.map +1 -0
  90. package/dist/electron/menu.js.map +1 -0
  91. package/dist/electron/paths.js.map +1 -0
  92. package/dist/electron/server.js +2 -1
  93. package/dist/electron/server.js.map +1 -0
  94. package/dist/electron/tray.js.map +1 -0
  95. package/dist/electron/window.js.map +1 -0
  96. package/dist/electron-preload.js +29 -0
  97. package/dist/electron-preload.js.map +1 -0
  98. package/dist/electron.js +5 -0
  99. package/dist/electron.js.map +1 -0
  100. package/dist/llm/config-store.js +24 -8
  101. package/dist/llm/pi-ai.js +33 -19
  102. package/dist/workflows/collaboration.js +374 -0
  103. package/dist/workflows/index.js +54 -0
  104. package/package.json +18 -4
  105. package/.comm/README.md +0 -21
  106. package/.comm/default/2026-06-17T08-23-00-017Z-8a735de8.md +0 -7
  107. package/CLAUDE.md +0 -3
  108. package/build/icon.icns +0 -0
  109. package/build/icon.ico +0 -0
  110. package/build/icon.png +0 -0
  111. package/build/tray.png +0 -0
  112. package/build/trayTemplate.png +0 -0
  113. package/scripts/auto-evolve-oneshot.sh +0 -155
  114. package/scripts/auto-evolve-snapshot.sh +0 -136
  115. package/scripts/build-cli.js +0 -216
  116. package/scripts/detect-schema-changes.sh +0 -48
  117. package/scripts/lefthook-helper.sh +0 -69
  118. package/scripts/postinstall.js +0 -153
@@ -0,0 +1,157 @@
1
+ import * as fs from "fs";
2
+ const PROD_IP = "47.118.31.230";
3
+ const BRIDGE_VPS_HOSTS = ["46.250.229.84"];
4
+ const GUARDED_HOSTS = [PROD_IP, ...BRIDGE_VPS_HOSTS];
5
+ const DEPLOY_SH_PATTERN = /^bash\s+scripts\/deploy\.sh(\s+--(dry-run|yes))*\s*$/;
6
+ const SSH_READONLY_CMDS = new Set([
7
+ "journalctl", "cat", "ls", "head", "tail", "grep",
8
+ "ss", "curl", "dig", "status", "git", "file", "stat",
9
+ ]);
10
+ const SYSTEMCTL_WRITE_OPS = new Set(["restart", "stop", "start"]);
11
+ function getCommand() {
12
+ try {
13
+ const input = JSON.parse(fs.readFileSync(0, "utf-8"));
14
+ return input.tool_input?.command ?? null;
15
+ }
16
+ catch {
17
+ return null;
18
+ }
19
+ }
20
+ function isDeploySh(cmd) {
21
+ return DEPLOY_SH_PATTERN.test(cmd.trim());
22
+ }
23
+ function hasGuardedHost(cmd) {
24
+ return GUARDED_HOSTS.some(host => cmd.includes(host));
25
+ }
26
+ function whichGuardedHost(cmd) {
27
+ for (const host of GUARDED_HOSTS) {
28
+ if (cmd.includes(host))
29
+ return host;
30
+ }
31
+ return null;
32
+ }
33
+ function isCompoundCommand(cmd) {
34
+ let stripped = cmd.replace(/"[^"]*"/g, "");
35
+ stripped = stripped.replace(/'[^']*'/g, "");
36
+ return /[;&|]{1,2}/.test(stripped);
37
+ }
38
+ function checkScpDirection(cmd) {
39
+ const parts = cmd.split(/\s+/);
40
+ if (!parts.length || parts[0] !== "scp")
41
+ return "none";
42
+ const args = parts.slice(1).filter(p => !p.startsWith("-"));
43
+ if (args.length < 2)
44
+ return "none";
45
+ const lastArg = args[args.length - 1];
46
+ if (GUARDED_HOSTS.some(host => lastArg.includes(host))) {
47
+ return "upload";
48
+ }
49
+ for (const arg of args.slice(0, -1)) {
50
+ if (GUARDED_HOSTS.some(host => arg.includes(host))) {
51
+ return "download";
52
+ }
53
+ }
54
+ return "none";
55
+ }
56
+ function checkSshCommand(cmd) {
57
+ if (!cmd.includes("ssh") || !hasGuardedHost(cmd))
58
+ return "none";
59
+ const quoted = cmd.match(/"([^"]*)"/)?.[1] ?? cmd.match(/'([^']*)'/)?.[1];
60
+ if (!quoted)
61
+ return "none";
62
+ const remoteCmd = quoted.trim();
63
+ const parts = remoteCmd.split(/\s+/);
64
+ if (!parts.length)
65
+ return "none";
66
+ let idx = 0;
67
+ if (parts[0] === "sudo") {
68
+ idx = 1;
69
+ while (idx < parts.length && parts[idx].startsWith("-")) {
70
+ if (parts[idx] === "-u" && idx + 1 < parts.length) {
71
+ idx += 2;
72
+ }
73
+ else {
74
+ idx += 1;
75
+ }
76
+ }
77
+ }
78
+ const firstWord = parts[idx] ?? "";
79
+ if (firstWord === "systemctl") {
80
+ if (idx + 1 < parts.length && SYSTEMCTL_WRITE_OPS.has(parts[idx + 1])) {
81
+ return "write";
82
+ }
83
+ return "readonly";
84
+ }
85
+ if (SSH_READONLY_CMDS.has(firstWord)) {
86
+ return "readonly";
87
+ }
88
+ return "write";
89
+ }
90
+ function checkRsync(cmd) {
91
+ if (!cmd.includes("rsync") || !hasGuardedHost(cmd))
92
+ return "none";
93
+ const parts = cmd.split(/\s+/);
94
+ if (parts.includes("-n") || cmd.includes("--dry-run")) {
95
+ return "dryrun";
96
+ }
97
+ for (const p of parts) {
98
+ if (p.startsWith("-") && !p.startsWith("--") && p.includes("n")) {
99
+ return "dryrun";
100
+ }
101
+ }
102
+ return "write";
103
+ }
104
+ function block(reason, host = null) {
105
+ let guidance;
106
+ if (host === PROD_IP) {
107
+ guidance = `请使用标准部署流程:
108
+ 后端: bash scripts/deploy.sh --yes
109
+ Demo 正式: bash scripts/deploy-demo.sh <name> --channel prod --yes
110
+ Demo 内测: bash scripts/deploy-demo.sh <name> --channel preview --yes
111
+ Edge/Nginx: bash scripts/deploy-edge.sh --yes
112
+ 详见 Bolloon.md Development Commands。`;
113
+ }
114
+ else if (BRIDGE_VPS_HOSTS.includes(host ?? "")) {
115
+ guidance = `Bridge VPS 必须走 git pull 更新路径:
116
+ ssh root@${host} 'sudo -u boll git -C /opt/boll pull --ff-only'
117
+ scp/rsync 直传会重新制造 orphan worktree。
118
+ 详见 docs/issues/guard-20260408-0445-bridge-vps-orphan-worktree.md。`;
119
+ }
120
+ else {
121
+ guidance = "未识别的受保护服务器目标,请确认 deploy 路径。";
122
+ }
123
+ process.stderr.write(`BLOCKED: ${reason}\n${guidance}\n`);
124
+ process.exit(1);
125
+ }
126
+ export function main() {
127
+ const cmd = getCommand();
128
+ if (!cmd)
129
+ process.exit(0);
130
+ if (!hasGuardedHost(cmd))
131
+ process.exit(0);
132
+ const host = whichGuardedHost(cmd);
133
+ if (isCompoundCommand(cmd)) {
134
+ block("检测到复合命令中包含受保护服务器操作,禁止绕过标准部署路径", host);
135
+ }
136
+ if (isDeploySh(cmd))
137
+ process.exit(0);
138
+ const scpDir = checkScpDirection(cmd);
139
+ if (scpDir === "upload")
140
+ block("禁止手动 scp 上传到受保护服务器", host);
141
+ if (scpDir === "download")
142
+ process.exit(0);
143
+ const sshType = checkSshCommand(cmd);
144
+ if (sshType === "write")
145
+ block("禁止手动对受保护服务器执行写操作", host);
146
+ if (sshType === "readonly")
147
+ process.exit(0);
148
+ const rsyncType = checkRsync(cmd);
149
+ if (rsyncType === "write")
150
+ block("禁止手动 rsync 写入受保护服务器", host);
151
+ if (rsyncType === "dryrun")
152
+ process.exit(0);
153
+ block("检测到未识别的受保护服务器操作", host);
154
+ }
155
+ if (require.main === module) {
156
+ main();
157
+ }
@@ -0,0 +1,192 @@
1
+ import * as fs from "fs";
2
+ import * as path from "path";
3
+ import { match, loadFragment, FALLBACK_FRAGMENTS } from "./context_router";
4
+ import { readAllSignals, runGuards, writeSessionSignal } from "./guard_router";
5
+ const INJECTED_TTL = 3600;
6
+ const INJECTED_FILE = path.join(process.cwd(), ".boll", "guard", "injected.json");
7
+ const METRICS_DIR = path.join(process.cwd(), ".boll", "metrics");
8
+ const METRICS_FILE = path.join(METRICS_DIR, "guard-events.jsonl");
9
+ function emitMetric(event, data = {}) {
10
+ try {
11
+ if (!fs.existsSync(METRICS_DIR)) {
12
+ fs.mkdirSync(METRICS_DIR, { recursive: true });
13
+ }
14
+ const record = {
15
+ ts: new Date().toISOString(),
16
+ session_pid: process.ppid,
17
+ event,
18
+ ...data,
19
+ };
20
+ fs.appendFileSync(METRICS_FILE, JSON.stringify(record) + "\n", "utf-8");
21
+ }
22
+ catch { }
23
+ }
24
+ function readInjected() {
25
+ if (!fs.existsSync(INJECTED_FILE))
26
+ return new Set();
27
+ try {
28
+ const data = JSON.parse(fs.readFileSync(INJECTED_FILE, "utf-8"));
29
+ if (Date.now() / 1000 - data.timestamp > INJECTED_TTL)
30
+ return new Set();
31
+ return new Set(data.fragments || []);
32
+ }
33
+ catch {
34
+ return new Set();
35
+ }
36
+ }
37
+ function writeInjected(fragments) {
38
+ const guardDir = path.join(process.cwd(), ".boll", "guard");
39
+ if (!fs.existsSync(guardDir)) {
40
+ fs.mkdirSync(guardDir, { recursive: true });
41
+ }
42
+ const data = { timestamp: Date.now() / 1000, fragments: Array.from(fragments).sort() };
43
+ fs.writeFileSync(INJECTED_FILE, JSON.stringify(data, null, 2), "utf-8");
44
+ }
45
+ function getFilePath() {
46
+ if (process.argv.includes("--dry-run")) {
47
+ const idx = process.argv.indexOf("--dry-run");
48
+ if (idx + 1 < process.argv.length) {
49
+ return process.argv[idx + 1];
50
+ }
51
+ return null;
52
+ }
53
+ try {
54
+ const input = JSON.parse(fs.readFileSync(0, "utf-8"));
55
+ return input.tool_input?.file_path ?? input.tool_input?.path ?? null;
56
+ }
57
+ catch {
58
+ return null;
59
+ }
60
+ }
61
+ function makeRelative(filePath, repoRoot) {
62
+ try {
63
+ const resolved = path.resolve(filePath);
64
+ return path.relative(repoRoot, resolved);
65
+ }
66
+ catch {
67
+ return null;
68
+ }
69
+ }
70
+ function appendFindings(outputParts, findings) {
71
+ outputParts.push("\n\n## Guard Findings\n");
72
+ for (const raw of findings) {
73
+ const f = raw;
74
+ const blockingTag = f.blocking ? " [blocking]" : "";
75
+ const skills = f.required_skills.join(", ");
76
+ const skillsLine = skills ? `\n required_skills: ${skills}` : "";
77
+ outputParts.push(`- ${f.severity}${blockingTag} ${f.category}: ${f.message}${skillsLine}`);
78
+ }
79
+ }
80
+ const REPO_ROOT = process.cwd();
81
+ const checksDir = path.join(REPO_ROOT, "src", "scripts", "checks");
82
+ export async function main() {
83
+ const startMs = Date.now();
84
+ const checkOnly = process.argv.includes("--check-only");
85
+ const once = process.argv.includes("--once");
86
+ const dryRun = process.argv.includes("--dry-run");
87
+ emitMetric("hook_trigger", {
88
+ mode: checkOnly ? "check_only" : "post_tool_use",
89
+ once,
90
+ dry_run: dryRun,
91
+ });
92
+ if (once) {
93
+ const guardDir = path.join(process.cwd(), ".boll", "guard");
94
+ const sessionFile = path.join(guardDir, `once-${process.pid}.flag`);
95
+ if (fs.existsSync(sessionFile)) {
96
+ try {
97
+ const ts = parseFloat(fs.readFileSync(sessionFile, "utf-8").trim());
98
+ if (Date.now() / 1000 - ts < 3600) {
99
+ process.exit(0);
100
+ }
101
+ }
102
+ catch { }
103
+ }
104
+ if (!fs.existsSync(guardDir)) {
105
+ fs.mkdirSync(guardDir, { recursive: true });
106
+ }
107
+ fs.writeFileSync(sessionFile, String(Date.now() / 1000), "utf-8");
108
+ }
109
+ const outputParts = [];
110
+ if (checkOnly) {
111
+ const signal = readAllSignals(process.pid);
112
+ const findings = signal.findings;
113
+ if (findings.length) {
114
+ appendFindings(outputParts, findings);
115
+ process.stderr.write(outputParts.join("\n") + "\n");
116
+ emitMetric("check_only_findings", {
117
+ findings_count: findings.length,
118
+ elapsed_ms: Date.now() - startMs,
119
+ });
120
+ process.exit(0);
121
+ }
122
+ process.exit(0);
123
+ }
124
+ let filePath = getFilePath();
125
+ if (!filePath)
126
+ process.exit(0);
127
+ filePath = makeRelative(filePath, REPO_ROOT);
128
+ if (!filePath) {
129
+ emitMetric("path_rejected", { reason: "outside_repo_or_unresolvable" });
130
+ process.exit(0);
131
+ }
132
+ const alreadyInjected = readInjected();
133
+ let fragments = match(filePath);
134
+ if (!fragments.length) {
135
+ fragments = Array.isArray(FALLBACK_FRAGMENTS) ? FALLBACK_FRAGMENTS : [FALLBACK_FRAGMENTS];
136
+ }
137
+ const newFragments = fragments.filter(f => !alreadyInjected.has(f));
138
+ const contentParts = [];
139
+ for (const name of newFragments) {
140
+ const text = loadFragment(name);
141
+ if (text)
142
+ contentParts.push(text);
143
+ }
144
+ if (newFragments.length) {
145
+ const totalBytes = contentParts.reduce((sum, p) => sum + Buffer.byteLength(p, "utf-8"), 0);
146
+ emitMetric("fragment_inject", {
147
+ file_path: filePath,
148
+ fragments: newFragments,
149
+ count: newFragments.length,
150
+ bytes: totalBytes,
151
+ est_tokens: Math.ceil(totalBytes / 4),
152
+ });
153
+ }
154
+ if (contentParts.length) {
155
+ outputParts.push("## Context\n");
156
+ outputParts.push(contentParts.join("\n\n---\n\n"));
157
+ newFragments.forEach(f => alreadyInjected.add(f));
158
+ writeInjected(alreadyInjected);
159
+ }
160
+ const findings = await runGuards(filePath, checksDir);
161
+ if (findings.length) {
162
+ const blockingCount = findings.filter(f => f.blocking).length;
163
+ const categories = {};
164
+ const severities = {};
165
+ for (const f of findings) {
166
+ categories[f.category] = (categories[f.category] || 0) + 1;
167
+ severities[f.severity] = (severities[f.severity] || 0) + 1;
168
+ }
169
+ emitMetric("guard_findings", {
170
+ file_path: filePath,
171
+ findings_count: findings.length,
172
+ blocking_count: blockingCount,
173
+ categories,
174
+ severities,
175
+ });
176
+ writeSessionSignal(findings);
177
+ appendFindings(outputParts, findings);
178
+ }
179
+ emitMetric("hook_done", {
180
+ file_path: filePath,
181
+ had_output: outputParts.length > 0,
182
+ elapsed_ms: Date.now() - startMs,
183
+ });
184
+ if (outputParts.length) {
185
+ process.stderr.write(outputParts.join("\n") + "\n");
186
+ process.exit(2);
187
+ }
188
+ process.exit(0);
189
+ }
190
+ if (require.main === module) {
191
+ main();
192
+ }
@@ -0,0 +1,158 @@
1
+ import * as fs from "fs";
2
+ import * as path from "path";
3
+ export const GUARD_MAP = {
4
+ "bridge_agent/": ["check_bridge_deps"],
5
+ "backend/product/bridge/": ["check_bridge_deps"],
6
+ "mcp-server/": ["check_mcp_parity"],
7
+ "mcp-server-node/": ["check_mcp_parity"],
8
+ "docs/issues/": ["check_issue_closure"],
9
+ "backend/product/routes/": ["check_doc_freshness"],
10
+ "docs/ROADMAP.md": ["check_doc_freshness"],
11
+ "Bolloon.md": ["check_doc_freshness"],
12
+ "docs/magic/": ["check_doc_freshness"],
13
+ ".boll/rules/backend-routes.md": ["check_doc_freshness"],
14
+ ".boll/settings.json": ["check_hook_installed"],
15
+ ".githooks/": ["check_hook_installed"],
16
+ "scripts/context_router.ts": ["check_fragment_integrity"],
17
+ "scripts/context-fragments/": ["check_fragment_integrity"],
18
+ };
19
+ export const DEFAULT_GUARDS = [];
20
+ export const CATEGORY_TO_SKILLS = {
21
+ closure_semantics: ["lead", "boll-ops"],
22
+ contract_drift: ["boll-dev", "boll-eng-test"],
23
+ bridge_boundary: ["boll-bridge", "boll-ops"],
24
+ policy_freeze: ["lead", "arch", "plan-lock"],
25
+ doc_integrity: ["boll-ops"],
26
+ version_drift: ["boll-ops"],
27
+ artifact_linkage: ["lead"],
28
+ governance_bootstrap: ["boll-ops"],
29
+ };
30
+ const SESSION_TTL_SECONDS = 3600;
31
+ export function route(filePath) {
32
+ const matched = [];
33
+ const sortedPatterns = Object.keys(GUARD_MAP).sort((a, b) => b.length - a.length);
34
+ for (const pattern of sortedPatterns) {
35
+ if (filePath.startsWith(pattern) || filePath === pattern.replace(/\/$/, "")) {
36
+ matched.push(...GUARD_MAP[pattern]);
37
+ }
38
+ }
39
+ if (matched.length === 0) {
40
+ return [...DEFAULT_GUARDS];
41
+ }
42
+ return [...new Set(matched)];
43
+ }
44
+ export async function runGuards(filePath, checksDir) {
45
+ const guardNames = route(filePath);
46
+ const findings = [];
47
+ for (const name of guardNames) {
48
+ try {
49
+ const checkModule = await import(path.join(checksDir, `${name}.js`));
50
+ if (!checkModule.run) {
51
+ findings.push({
52
+ severity: "P1",
53
+ message: `${name} has no run() function`,
54
+ file: `scripts/checks/${name}.ts`,
55
+ blocking: false,
56
+ category: "governance_bootstrap",
57
+ problem_class: "unknown",
58
+ required_skills: [],
59
+ required_reads: [],
60
+ });
61
+ continue;
62
+ }
63
+ const result = checkModule.run(checksDir, { mode: "full" });
64
+ if (Array.isArray(result)) {
65
+ findings.push(...result);
66
+ }
67
+ else {
68
+ findings.push(result);
69
+ }
70
+ }
71
+ catch (exc) {
72
+ findings.push({
73
+ severity: "P0",
74
+ message: `Failed to import guard ${name}: ${exc}`,
75
+ file: `scripts/checks/${name}.ts`,
76
+ blocking: true,
77
+ category: "governance_bootstrap",
78
+ problem_class: "unknown",
79
+ required_skills: [],
80
+ required_reads: [],
81
+ });
82
+ }
83
+ }
84
+ return findings;
85
+ }
86
+ function getGuardDir() {
87
+ return path.join(process.cwd(), ".boll", "guard");
88
+ }
89
+ export function writeSessionSignal(findings) {
90
+ const guardDir = getGuardDir();
91
+ if (!fs.existsSync(guardDir)) {
92
+ fs.mkdirSync(guardDir, { recursive: true });
93
+ }
94
+ const pid = process.pid;
95
+ const target = path.join(guardDir, `session-${pid}.json`);
96
+ const tmp = path.join(guardDir, `session-${pid}.tmp`);
97
+ const data = {
98
+ pid,
99
+ timestamp: Date.now() / 1000,
100
+ findings,
101
+ };
102
+ fs.writeFileSync(tmp, JSON.stringify(data, null, 2), "utf-8");
103
+ fs.renameSync(tmp, target);
104
+ return target;
105
+ }
106
+ export function readAllSignals(pid) {
107
+ const guardDir = getGuardDir();
108
+ if (!fs.existsSync(guardDir)) {
109
+ return { severity: null, blocking: false, required_skills: [], findings: [] };
110
+ }
111
+ const severityOrder = { P0: 0, P1: 1, P2: 2 };
112
+ const now = Date.now() / 1000;
113
+ const allFindings = [];
114
+ let maxSeverity = null;
115
+ let blocking = false;
116
+ const skills = new Set();
117
+ let paths;
118
+ if (pid !== undefined) {
119
+ paths = [path.join(guardDir, `session-${pid}.json`)];
120
+ }
121
+ else {
122
+ paths = fs.readdirSync(guardDir)
123
+ .filter(f => f.startsWith("session-") && f.endsWith(".json"))
124
+ .map(f => path.join(guardDir, f));
125
+ }
126
+ for (const p of paths) {
127
+ if (!fs.existsSync(p))
128
+ continue;
129
+ try {
130
+ const data = JSON.parse(fs.readFileSync(p, "utf-8"));
131
+ const ts = data.timestamp;
132
+ if (now - ts > SESSION_TTL_SECONDS) {
133
+ try {
134
+ fs.unlinkSync(p);
135
+ }
136
+ catch { }
137
+ continue;
138
+ }
139
+ for (const f of data.findings) {
140
+ allFindings.push(f);
141
+ const sev = f.severity;
142
+ if (maxSeverity === null || severityOrder[sev] < severityOrder[maxSeverity]) {
143
+ maxSeverity = sev;
144
+ }
145
+ if (f.blocking)
146
+ blocking = true;
147
+ f.required_skills.forEach(s => skills.add(s));
148
+ }
149
+ }
150
+ catch { }
151
+ }
152
+ return {
153
+ severity: maxSeverity,
154
+ blocking,
155
+ required_skills: Array.from(skills).sort(),
156
+ findings: allFindings,
157
+ };
158
+ }
@@ -0,0 +1,6 @@
1
+ #!/usr/bin/env node
2
+ process.stdout.write(`\n\n## Bollharness Context\n\n` +
3
+ `bollharness is an AI Agent Session Governance Framework.\n\n` +
4
+ `For more information, see Bolloon.md in the project root.\n`);
5
+ process.exit(0);
6
+ export {};
@@ -0,0 +1,6 @@
1
+ export function main() {
2
+ process.exit(0);
3
+ }
4
+ if (require.main === module) {
5
+ main();
6
+ }
@@ -0,0 +1,6 @@
1
+ export function main() {
2
+ process.exit(0);
3
+ }
4
+ if (require.main === module) {
5
+ main();
6
+ }
@@ -0,0 +1,6 @@
1
+ export function main() {
2
+ process.exit(0);
3
+ }
4
+ if (require.main === module) {
5
+ main();
6
+ }
@@ -0,0 +1,92 @@
1
+ import * as fs from "fs";
2
+ import * as path from "path";
3
+ const REPO_ROOT = process.cwd();
4
+ function getCurrentGate() {
5
+ const envGate = process.env.BOLL_GATE_TO;
6
+ if (envGate) {
7
+ return parseInt(envGate, 10);
8
+ }
9
+ try {
10
+ const gateFile = path.join(REPO_ROOT, ".boll", "gate", "current");
11
+ if (fs.existsSync(gateFile)) {
12
+ const content = fs.readFileSync(gateFile, "utf-8").trim();
13
+ const state = JSON.parse(content);
14
+ return state.current_gate;
15
+ }
16
+ }
17
+ catch { }
18
+ const envGateFinal = process.env.BOLL_GATE;
19
+ if (envGateFinal) {
20
+ return parseInt(envGateFinal, 10);
21
+ }
22
+ return 0;
23
+ }
24
+ async function getCoreJudgments() {
25
+ try {
26
+ const judgmentPath = path.join(REPO_ROOT, "src", "bollharness-integration", "context-router-judgment.js");
27
+ if (!fs.existsSync(judgmentPath)) {
28
+ return "";
29
+ }
30
+ const { getCoreJudgmentsForSession } = await import(judgmentPath);
31
+ return await getCoreJudgmentsForSession(0.9);
32
+ }
33
+ catch (e) {
34
+ console.error("[Gate Judgment] Failed to load core judgments:", e);
35
+ return "";
36
+ }
37
+ }
38
+ async function getGateJudgments(gate) {
39
+ try {
40
+ const judgmentPath = path.join(REPO_ROOT, "src", "bollharness-integration", "context-router-judgment.js");
41
+ if (!fs.existsSync(judgmentPath)) {
42
+ return "";
43
+ }
44
+ const { generateJudgmentInjection } = await import(judgmentPath);
45
+ return await generateJudgmentInjection(".", gate);
46
+ }
47
+ catch (e) {
48
+ console.error("[Gate Judgment] Failed to load gate judgments:", e);
49
+ return "";
50
+ }
51
+ }
52
+ async function getContextChainInjection(gate) {
53
+ try {
54
+ const chainPath = path.join(REPO_ROOT, "src", "bollharness-integration", "context-chain-router.js");
55
+ if (!fs.existsSync(chainPath)) {
56
+ return "";
57
+ }
58
+ const { generateContextChainInjection } = await import(chainPath);
59
+ return await generateContextChainInjection(gate);
60
+ }
61
+ catch (e) {
62
+ console.error("[Gate Judgment] Failed to load context chains:", e);
63
+ return "";
64
+ }
65
+ }
66
+ export async function main() {
67
+ const gate = getCurrentGate();
68
+ const INJECT_GATES = [0, 3];
69
+ if (!INJECT_GATES.includes(gate)) {
70
+ process.exit(0);
71
+ }
72
+ const judgments = gate === 0
73
+ ? await getCoreJudgments()
74
+ : await getGateJudgments(gate);
75
+ const chains = await getContextChainInjection(gate);
76
+ if (judgments || chains) {
77
+ process.stdout.write("\n");
78
+ if (judgments) {
79
+ process.stdout.write(judgments + "\n\n");
80
+ }
81
+ if (chains) {
82
+ process.stdout.write(chains + "\n");
83
+ }
84
+ }
85
+ process.exit(0);
86
+ }
87
+ if (require.main === module) {
88
+ main().catch((e) => {
89
+ console.error("[Gate Judgment] Error:", e);
90
+ process.exit(1);
91
+ });
92
+ }
@@ -0,0 +1,63 @@
1
+ import * as fs from "fs";
2
+ import * as path from "path";
3
+ const REPO_ROOT = process.cwd();
4
+ async function getGateJudgments(gate, filePath = ".") {
5
+ try {
6
+ const judgmentPath = path.join(REPO_ROOT, "src", "bollharness-integration", "context-router-judgment.js");
7
+ if (!fs.existsSync(judgmentPath)) {
8
+ return "";
9
+ }
10
+ const { generateJudgmentInjection } = await import(judgmentPath);
11
+ return await generateJudgmentInjection(filePath, gate);
12
+ }
13
+ catch (e) {
14
+ console.error("[Gate Transition Judgment] Failed to load judgments:", e);
15
+ return "";
16
+ }
17
+ }
18
+ async function getContextChainInjection(gate) {
19
+ try {
20
+ const chainPath = path.join(REPO_ROOT, "src", "bollharness-integration", "context-chain-router.js");
21
+ if (!fs.existsSync(chainPath)) {
22
+ return "";
23
+ }
24
+ const { generateContextChainInjection } = await import(chainPath);
25
+ return await generateContextChainInjection(gate);
26
+ }
27
+ catch (e) {
28
+ console.error("[Gate Transition Judgment] Failed to load context chains:", e);
29
+ return "";
30
+ }
31
+ }
32
+ export async function main() {
33
+ const args = process.argv.slice(2);
34
+ const envGate = process.env.BOLL_GATE_TO;
35
+ const gate = args[0]
36
+ ? parseInt(args[0], 10)
37
+ : envGate
38
+ ? parseInt(envGate, 10)
39
+ : 0;
40
+ const filePath = args[1] || ".";
41
+ const INJECT_GATES = [0, 3];
42
+ if (!INJECT_GATES.includes(gate)) {
43
+ process.exit(0);
44
+ }
45
+ const judgments = await getGateJudgments(gate, filePath);
46
+ const chains = await getContextChainInjection(gate);
47
+ if (judgments || chains) {
48
+ process.stdout.write("\n");
49
+ if (judgments) {
50
+ process.stdout.write(judgments + "\n\n");
51
+ }
52
+ if (chains) {
53
+ process.stdout.write(chains + "\n");
54
+ }
55
+ }
56
+ process.exit(0);
57
+ }
58
+ if (require.main === module) {
59
+ main().catch((e) => {
60
+ console.error("[Gate Transition Judgment] Error:", e);
61
+ process.exit(1);
62
+ });
63
+ }