@dmsdc-ai/aigentry-telepty 0.1.97 → 0.3.3

package/src/prompt-symbol-registry.js

@@ -0,0 +1,97 @@
+// src/prompt-symbol-registry.js — Per-CLI prompt-symbol detection (0.3.2)
+// See docs/superpowers/specs/2026-04-26-prompt-symbol-render-gate.md
+//
+// Maps `session.command` (e.g. 'claude', 'codex', 'gemini') to a
+//   { symbol, byteSeq, detect(screen) → { found, line_index?, col? } }
+// entry. The detect() function takes the rendered screen text from
+// `cmux read-screen` (already terminal-state-applied; no ANSI stripping
+// needed) and returns the LAST occurrence (closest to the bottom) so
+// transcript echoes earlier in the viewport do not produce false positives.
+//
+// Adding a new CLI: append a new entry + write a unit test against a
+// captured `cmux read-screen` sample.
+
+'use strict';
+
+const ENTRIES = {
+  // claude renders an empty input row as "❯" + spaces, sandwiched between
+  // two horizontal-rule lines made of U+2500 ('─').
+  claude: {
+    symbol: '❯',
+    byteSeq: Buffer.from([0xE2, 0x9D, 0xAF]),
+    detect(screen) {
+      const lines = String(screen == null ? '' : screen).split('\n');
+      for (let i = lines.length - 1; i >= 1; i--) {
+        const line = lines[i];
+        if (!/^❯\s*$/.test(line)) continue;
+        const above = lines[i - 1] || '';
+        const below = lines[i + 1] || '';
+        if (above.includes('─') || below.includes('─')) {
+          return { found: true, line_index: i, col: line.indexOf('❯') + 1 };
+        }
+      }
+      return { found: false };
+    },
+  },
+  // codex renders idle as " › <placeholder>" (column 2). Status footer
+  // ("gpt-5.5 …" or "gpt-5 …") sits 1–2 lines below.
+  codex: {
+    symbol: '›',
+    byteSeq: Buffer.from([0xE2, 0x80, 0xBA]),
+    detect(screen) {
+      const lines = String(screen == null ? '' : screen).split('\n');
+      for (let i = lines.length - 1; i >= 0; i--) {
+        const line = lines[i];
+        if (!/^ › /.test(line)) continue;
+        const footer = (lines[i + 1] || '') + '\n' + (lines[i + 2] || '');
+        if (/gpt-\d/.test(footer)) {
+          return { found: true, line_index: i, col: 2 };
+        }
+      }
+      return { found: false };
+    },
+  },
+  // gemini empty input: " *   Type your message or @path/to/file"
+  // gemini non-empty: " *   <user typed text>"
+  // Geometry: bracketed by U+2580 ('▀') above and U+2584 ('▄') below.
+  gemini: {
+    symbol: '*',
+    byteSeq: Buffer.from([0x2A]),
+    detect(screen) {
+      const lines = String(screen == null ? '' : screen).split('\n');
+      for (let i = lines.length - 1; i >= 1; i--) {
+        const line = lines[i];
+        if (!/^ \* {2,}/.test(line)) continue;
+        const above = lines[i - 1] || '';
+        const below = lines[i + 1] || '';
+        if (above.includes('▀') || below.includes('▄')) {
+          return { found: true, line_index: i, col: 2 };
+        }
+      }
+      return { found: false };
+    },
+  },
+};
+
+// Normalize: strip path and args
+//   '/usr/local/bin/claude --resume' → 'claude'
+//   'codex resume'                   → 'resume' (false negative — see note)
+//
+// The naive split/pop returns the LAST whitespace-or-slash-delimited token,
+// which is correct for absolute paths but wrong for `<bin> <subcmd>` forms.
+// We compensate by also trying the FIRST path-stripped token before falling
+// back to the last token, matching whichever ENTRIES key exists.
+function lookup(command) {
+  if (!command) return null;
+  const raw = String(command).trim();
+  if (!raw) return null;
+  const tokens = raw.split(/\s+/).filter(Boolean);
+  for (const tok of tokens) {
+    const base = tok.split('/').filter(Boolean).pop() || '';
+    const key = base.toLowerCase();
+    if (ENTRIES[key]) return ENTRIES[key];
+  }
+  return null;
+}
+
+module.exports = { lookup, ENTRIES };

package/src/report-enforcement.js

@@ -0,0 +1,86 @@
+// src/report-enforcement.js — REPORT enforcement helpers (0.2.0)
+// See specs/enforce-report-spec.md
+//
+// Exports pure, testable helpers:
+//   - classifyReportPrompt(prompt): categorize an inject prompt
+//   - buildAutoSummary(session, opts): scrape last lines of output with redaction
+//   - ANSI_STRIPPER_RE, SECRET_DENYLIST_RE: regex constants (exported for tests)
+//   - REPORT_PREFIX_RE, REPORT_STATUS_*_RE: classification regexes
+
+'use strict';
+
+// Prefix patterns that identify a content REPORT inject (reverse-match required)
+const REPORT_PREFIX_RE = /^\s*(REPORT|STATUS|SPEC|OWNER-DIAGNOSIS|ENFORCE-SPEC|LOG-FIX-SPEC|LOG-FIX-IMPLEMENTED|FIX-SPEC|FIX-IMPLEMENTED|SPEC-SYNC|DIAGNOSIS|ENFORCE-IMPLEMENTED)[:\s]/;
+const REPORT_STATUS_BLOCKED_RE = /^\s*STATUS:\s*blocked\b/i;
+const REPORT_STATUS_DISMISSED_RE = /^\s*STATUS:\s*dismissed\b/i;
+const REPORT_STATUS_ERROR_RE = /^\s*STATUS:\s*error\b/i;
+
+// ANSI stripper (matches session-state.js)
+const ANSI_STRIPPER_RE = /\x1b\[[0-9;]*[a-zA-Z]|\x1b\][^\x07]*\x07|\x1b[()][AB012]|\x1b\[[\?]?[0-9;]*[hlm]/g;
+
+// Secret denylist — redact common credential patterns
+const SECRET_DENYLIST_RE = /(api[_-]?key\s*[:=]\s*\S+|password\s*[:=]\s*\S+|token\s*[:=]\s*\S+|secret\s*[:=]\s*\S+)/gi;
+
+// Default config (overridable via options)
+const DEFAULT_AUTO_SUMMARY_LINES = 40;
+const DEFAULT_AUTO_SUMMARY_MAX_BYTES = 4096;
+
+/**
+ * Classify incoming inject prompt for REPORT enforcement.
+ * Returns one of: 'report_dismissed', 'report_blocked', 'report_error',
+ * 'report_complete', or null (not a report).
+ *
+ * Order matters: STATUS variants checked before generic prefix.
+ */
+function classifyReportPrompt(prompt) {
+  if (typeof prompt !== 'string') return null;
+  if (REPORT_STATUS_DISMISSED_RE.test(prompt)) return 'report_dismissed';
+  if (REPORT_STATUS_BLOCKED_RE.test(prompt)) return 'report_blocked';
+  if (REPORT_STATUS_ERROR_RE.test(prompt)) return 'report_error';
+  if (REPORT_PREFIX_RE.test(prompt)) return 'report_complete';
+  return null;
+}
+
+/**
+ * Build an auto_summary from a session's output ring.
+ * - Strips ANSI sequences
+ * - Filters blank lines
+ * - Takes last N non-blank lines
+ * - Redacts secrets via denylist regex
+ * - Caps at max_bytes total (UTF-8 byte length)
+ *
+ * @param {Object} session — { outputRing: string[] }
+ * @param {Object} [options]
+ * @param {number} [options.maxLines] — default 40
+ * @param {number} [options.maxBytes] — default 4096
+ * @returns {string}
+ */
+function buildAutoSummary(session, options = {}) {
+  const maxLines = options.maxLines || DEFAULT_AUTO_SUMMARY_LINES;
+  const maxBytes = options.maxBytes || DEFAULT_AUTO_SUMMARY_MAX_BYTES;
+  if (!session || !session.outputRing || session.outputRing.length === 0) return '';
+
+  const raw = session.outputRing.join('');
+  const stripped = raw.replace(ANSI_STRIPPER_RE, '');
+  const lines = stripped.split(/\r?\n/).map(l => l.trim()).filter(l => l.length > 0);
+  const tail = lines.slice(-maxLines);
+  let joined = tail.join('\n');
+  joined = joined.replace(SECRET_DENYLIST_RE, '[REDACTED]');
+  if (Buffer.byteLength(joined, 'utf8') > maxBytes) {
+    joined = joined.slice(0, maxBytes);
+  }
+  return joined;
+}
+
+module.exports = {
+  classifyReportPrompt,
+  buildAutoSummary,
+  REPORT_PREFIX_RE,
+  REPORT_STATUS_BLOCKED_RE,
+  REPORT_STATUS_DISMISSED_RE,
+  REPORT_STATUS_ERROR_RE,
+  ANSI_STRIPPER_RE,
+  SECRET_DENYLIST_RE,
+  DEFAULT_AUTO_SUMMARY_LINES,
+  DEFAULT_AUTO_SUMMARY_MAX_BYTES,
+};

package/src/submit-gate.js

@@ -0,0 +1,269 @@
+// src/submit-gate.js — Render-gated submit helpers (0.3.0)
+// See docs/superpowers/specs/2026-04-26-inject-submit-enter-reliability.md
+//
+// Pure helpers (no I/O, no module-level state) used by daemon.js POST /submit
+// to close the open-loop trap where Enter is fired before the target REPL is
+// ready to consume it.
+//
+// Exports:
+//   - awaitReplReady(sessionId, stateManager, opts) → Promise<{ ready, last_state, waited_ms, reason? }>
+//   - verifyBodyConsumed(session, bodyText, opts)   → Promise<{ consumed, waited_ms, reason? }>
+//   - isReady(state, minConfidence)                  (test surface)
+//   - isFailed(state)                                (test surface)
+//   - READY_STATES, FAIL_STATES                      (test surface)
+
+'use strict';
+
+// States where the REPL is willing to accept a keystroke.
+// `idle`   — prompt detected, silence + (OSC 133 OR matched prompt pattern)
+// `waiting` — interactive prompt (y/n, password, etc.) — Enter still applies
+const READY_STATES = new Set(['idle', 'waiting']);
+
+// States where waiting will never produce readiness; resolve immediately.
+const FAIL_STATES = new Set(['dead', 'error', 'restarting']);
+
+function isReady(state, minConfidence) {
+  if (!state) return false;
+  if (!READY_STATES.has(state.state)) return false;
+  if (typeof state.confidence === 'number' && state.confidence < minConfidence) return false;
+  return true;
+}
+
+function isFailed(state) {
+  return !!(state && FAIL_STATES.has(state.state));
+}
+
+/**
+ * Wait until the session's REPL is ready to accept Enter.
+ *
+ * Resolves immediately when the session is already in a READY_STATES with
+ * confidence ≥ minConfidence, or when the state is unrecoverable (FAIL_STATES).
+ * Otherwise listens for transitions until the session reaches readiness or
+ * the bounded timeout elapses.
+ *
+ * @param {string} sessionId
+ * @param {{ getState: Function, onTransition: Function }} stateManager
+ * @param {{ timeoutMs?: number, minConfidence?: number }} [opts]
+ * @returns {Promise<{ ready: boolean, last_state: string|null, waited_ms: number, reason?: string }>}
+ */
+function awaitReplReady(sessionId, stateManager, opts = {}) {
+  const timeoutMs = Number.isFinite(opts.timeoutMs) ? opts.timeoutMs : 5000;
+  // Default 0.5: below the lowest legitimate IDLE confidence (0.6, the
+  // silence-fallback emit at session-state.js:380) with explicit margin.
+  // Admits AI-CLI TUIs that emit no OSC 133 and whose Unicode-box input
+  // line does not match PROMPT_PATTERNS — the dominant fresh-spawn case.
+  // Per-request override via `min_confidence` body field on POST /submit.
+  // See: docs/superpowers/specs/2026-04-26-submit-gate-fixes-v2.md §2.2
+  const minConfidence = Number.isFinite(opts.minConfidence) ? opts.minConfidence : 0.5;
+  const start = Date.now();
+
+  if (!stateManager || typeof stateManager.getState !== 'function') {
+    return Promise.resolve({ ready: false, reason: 'no_state_manager', last_state: null, waited_ms: 0 });
+  }
+
+  const initial = stateManager.getState(sessionId);
+  if (!initial) {
+    return Promise.resolve({ ready: false, reason: 'no_state', last_state: null, waited_ms: 0 });
+  }
+  if (isReady(initial, minConfidence)) {
+    return Promise.resolve({ ready: true, last_state: initial.state, waited_ms: 0 });
+  }
+  if (isFailed(initial)) {
+    return Promise.resolve({
+      ready: false,
+      reason: `session_${initial.state}`,
+      last_state: initial.state,
+      waited_ms: 0,
+    });
+  }
+
+  return new Promise((resolve) => {
+    let settled = false;
+
+    const finish = (result) => {
+      if (settled) return;
+      settled = true;
+      clearTimeout(timer);
+      resolve({ ...result, waited_ms: Date.now() - start });
+    };
+
+    // stateManager.onTransition is add-only (no removal API). We make the
+    // listener idempotent via the `settled` flag so it harmlessly no-ops
+    // after this call resolves.
+    const handler = (id, _from, to) => {
+      if (settled) return;
+      if (id !== sessionId) return;
+      if (READY_STATES.has(to)) {
+        const cur = stateManager.getState(sessionId);
+        if (isReady(cur, minConfidence)) {
+          finish({ ready: true, last_state: to });
+        }
+      } else if (FAIL_STATES.has(to)) {
+        finish({ ready: false, reason: `session_${to}`, last_state: to });
+      }
+    };
+
+    stateManager.onTransition(handler);
+
+    const timer = setTimeout(() => {
+      const cur = stateManager.getState(sessionId);
+      finish({ ready: false, reason: 'timeout', last_state: cur ? cur.state : null });
+    }, timeoutMs);
+  });
+}
+
+/**
+ * Verify that the inject body has been consumed (i.e., disappeared from the
+ * input box) by polling the session's outputRing tail.
+ *
+ * Semantics:
+ *   - body never visible in tail (ANSI-heavy render, line wrap, truncation):
+ *     return { consumed: true, waited_ms: 0, reason: 'never_visible' }
+ *     This is optimistic — without screen evidence we trust the dispatch.
+ *   - body visible, then disappears: { consumed: true }
+ *   - body visible for the entire timeout: { consumed: false, reason: 'still_visible' }
+ *
+ * @param {{ outputRing?: string[] }} session
+ * @param {string} bodyText
+ * @param {{ timeoutMs?: number, intervalMs?: number, tailBytes?: number, stripAnsi?: Function, now?: Function, sleep?: Function }} [opts]
+ * @returns {Promise<{ consumed: boolean, waited_ms: number, reason?: string }>}
+ */
+async function verifyBodyConsumed(session, bodyText, opts = {}) {
+  const timeoutMs = Number.isFinite(opts.timeoutMs) ? opts.timeoutMs : 1500;
+  const intervalMs = Number.isFinite(opts.intervalMs) ? opts.intervalMs : 200;
+  const tailBytes = Number.isFinite(opts.tailBytes) ? opts.tailBytes : 8192;
+  const stripAnsi = typeof opts.stripAnsi === 'function' ? opts.stripAnsi : (s) => s;
+  const now = typeof opts.now === 'function' ? opts.now : () => Date.now();
+  const sleep = typeof opts.sleep === 'function' ? opts.sleep : (ms) => new Promise((r) => setTimeout(r, ms));
+
+  if (!session || !Array.isArray(session.outputRing)) {
+    return { consumed: false, reason: 'no_ring', waited_ms: 0 };
+  }
+
+  const needle = normalize(bodyText);
+  if (!needle) {
+    return { consumed: true, reason: 'empty_body', waited_ms: 0 };
+  }
+
+  const start = now();
+  let everSeen = false;
+
+  while (true) {
+    const haystack = normalize(stripAnsi(readTail(session, tailBytes)));
+    const visible = haystack.indexOf(needle) !== -1;
+    if (visible) {
+      everSeen = true;
+    } else {
+      return {
+        consumed: true,
+        waited_ms: now() - start,
+        reason: everSeen ? 'consumed' : 'never_visible',
+      };
+    }
+    if (now() - start >= timeoutMs) {
+      return { consumed: false, reason: 'still_visible', waited_ms: now() - start };
+    }
+    await sleep(intervalMs);
+  }
+}
+
+function normalize(s) {
+  return String(s == null ? '' : s).replace(/\s+/g, ' ').trim();
+}
+
+function readTail(session, maxBytes) {
+  if (!session.outputRing || session.outputRing.length === 0) return '';
+  let total = 0;
+  const parts = [];
+  for (let i = session.outputRing.length - 1; i >= 0 && total < maxBytes; i--) {
+    const chunk = session.outputRing[i];
+    parts.unshift(chunk);
+    total += chunk.length;
+  }
+  return parts.join('');
+}
+
+/**
+ * Layer 3 (0.3.2+): poll the rendered terminal screen via `cmux read-screen`
+ * for the per-CLI prompt symbol and resolve only when the symbol has been
+ * stably rendered for ≥ stabilityMs. Layered ABOVE awaitReplReady — strictly
+ * additive: skips cleanly on non-cmux backends and unknown CLIs.
+ *
+ * Resolution shape:
+ *   - { ready: true,  last_seen_at, waited_ms }
+ *   - { ready: false, reason: 'no_screen_primitive', waited_ms: 0 }   // skip
+ *   - { ready: false, reason: 'unknown_cli',         waited_ms: 0 }   // skip
+ *   - { ready: false, reason: 'no_prompt_symbol_seen', waited_ms }    // best-effort fall-through
+ *
+ * @param {{ backend?: string, cmuxWorkspaceId?: string|null, command?: string }} session
+ * @param {{ timeoutMs?: number, pollIntervalMs?: number, stabilityMs?: number, tailLines?: number, readScreen?: Function, registry?: { lookup: Function }, now?: Function, sleep?: Function }} [opts]
+ * @returns {Promise<{ ready: boolean, waited_ms: number, last_seen_at?: number, reason?: string }>}
+ */
+async function awaitPromptSymbol(session, opts = {}) {
+  const timeoutMs      = Number.isFinite(opts.timeoutMs)      ? opts.timeoutMs      : 8000;
+  const pollIntervalMs = Number.isFinite(opts.pollIntervalMs) ? opts.pollIntervalMs : 150;
+  const stabilityMs    = Number.isFinite(opts.stabilityMs)    ? opts.stabilityMs    : 200;
+  const tailLines      = Number.isFinite(opts.tailLines)      ? opts.tailLines      : 30;
+  const readScreen     = typeof opts.readScreen === 'function' ? opts.readScreen : defaultReadScreen;
+  const registry       = opts.registry || require('./prompt-symbol-registry');
+  const now            = typeof opts.now   === 'function' ? opts.now   : () => Date.now();
+  const sleep          = typeof opts.sleep === 'function' ? opts.sleep : (ms) => new Promise((r) => setTimeout(r, ms));
+
+  if (!session || session.backend !== 'cmux' || !session.cmuxWorkspaceId) {
+    return { ready: false, reason: 'no_screen_primitive', waited_ms: 0 };
+  }
+  const entry = registry.lookup(session.command);
+  if (!entry) {
+    return { ready: false, reason: 'unknown_cli', waited_ms: 0 };
+  }
+
+  const start = now();
+  let lastSeenAt = null;
+  while (true) {
+    const screen = readScreen(session.cmuxWorkspaceId, tailLines);
+    if (screen) {
+      const match = entry.detect(screen);
+      if (match && match.found) {
+        if (lastSeenAt === null) {
+          lastSeenAt = now();
+        } else if (now() - lastSeenAt >= stabilityMs) {
+          return { ready: true, last_seen_at: lastSeenAt, waited_ms: now() - start };
+        }
+      } else {
+        // symbol disappeared — reset the stability streak
+        lastSeenAt = null;
+      }
+    }
+    if (now() - start >= timeoutMs) {
+      return { ready: false, reason: 'no_prompt_symbol_seen', waited_ms: now() - start };
+    }
+    await sleep(pollIntervalMs);
+  }
+}
+
+function defaultReadScreen(workspaceId, lines) {
+  const { execSync } = require('child_process');
+  try {
+    const out = execSync(
+      `cmux read-screen --workspace ${workspaceId} --lines ${lines}`,
+      { timeout: 1000, stdio: ['pipe', 'pipe', 'pipe'], maxBuffer: 1 << 20 }
+    );
+    return out.toString('utf8');
+  } catch (_err) {
+    // cmux missing, workspace closed, permission denied — skip silently and
+    // let the caller decide (typically: poll again until timeout, then fall
+    // through to Layer 1).
+    return '';
+  }
+}
+
+module.exports = {
+  awaitReplReady,
+  verifyBodyConsumed,
+  awaitPromptSymbol,
+  defaultReadScreen,
+  isReady,
+  isFailed,
+  READY_STATES,
+  FAIL_STATES,
+};