@evomap/evolver 1.69.8 → 1.69.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (36) hide show
  1. package/assets/gep/candidates.jsonl +3 -6
  2. package/assets/gep/capsules.json +1 -4
  3. package/package.json +1 -1
  4. package/src/adapters/scripts/evolver-session-end.js +16 -7
  5. package/src/evolve.js +1 -1
  6. package/src/gep/.integrity +0 -0
  7. package/src/gep/a2aProtocol.js +1 -1
  8. package/src/gep/candidateEval.js +1 -1
  9. package/src/gep/candidates.js +1 -1
  10. package/src/gep/contentHash.js +1 -1
  11. package/src/gep/crypto.js +1 -1
  12. package/src/gep/curriculum.js +1 -1
  13. package/src/gep/deviceId.js +1 -1
  14. package/src/gep/envFingerprint.js +1 -1
  15. package/src/gep/explore.js +1 -1
  16. package/src/gep/hubReview.js +1 -1
  17. package/src/gep/hubSearch.js +1 -1
  18. package/src/gep/hubVerify.js +1 -1
  19. package/src/gep/integrityCheck.js +1 -1
  20. package/src/gep/issueReporter.js +18 -4
  21. package/src/gep/learningSignals.js +1 -1
  22. package/src/gep/memoryGraph.js +1 -1
  23. package/src/gep/memoryGraphAdapter.js +1 -1
  24. package/src/gep/mutation.js +1 -1
  25. package/src/gep/narrativeMemory.js +1 -1
  26. package/src/gep/personality.js +1 -1
  27. package/src/gep/policyCheck.js +1 -1
  28. package/src/gep/prompt.js +1 -1
  29. package/src/gep/reflection.js +1 -1
  30. package/src/gep/sanitize.js +22 -0
  31. package/src/gep/selector.js +1 -1
  32. package/src/gep/shield.js +1 -1
  33. package/src/gep/skillDistiller.js +1 -1
  34. package/src/gep/solidify.js +1 -1
  35. package/src/gep/strategy.js +1 -1
  36. package/src/gep/validator/stakeBootstrap.js +98 -1
package/assets/gep/candidates.jsonl CHANGED
@@ -1,6 +1,3 @@
1
- {"type":"CapabilityCandidate","id":"cand_b9a66a5c","title":"Harden session log detection and fallback behavior","source":"signals","created_at":"2026-04-21T04:07:13.243Z","signals":["memory_missing","user_missing","session_logs_missing"],"tags":["memory_missing","user_missing","session_logs_missing","area:memory"],"shape":{"title":"Harden session log detection and fallback behavior","input":"Recent session transcript + memory snippets + user instructions","output":"A safe, auditable evolution patch guided by GEP assets","invariants":"Protocol order, small reversible patches, validation, append-only events","params":"Signals: memory_missing, user_missing, session_logs_missing","failure_points":"Missing signals, over-broad changes, skipped validation, missing knowledge solidification","evidence":"Signal present: session_logs_missing"}}
2
- {"type":"CapabilityCandidate","id":"cand_b9a66a5c","title":"Harden session log detection and fallback behavior","source":"signals","created_at":"2026-04-21T04:07:15.158Z","signals":["memory_missing","user_missing","session_logs_missing"],"tags":["memory_missing","user_missing","session_logs_missing","area:memory"],"shape":{"title":"Harden session log detection and fallback behavior","input":"Recent session transcript + memory snippets + user instructions","output":"A safe, auditable evolution patch guided by GEP assets","invariants":"Protocol order, small reversible patches, validation, append-only events","params":"Signals: memory_missing, user_missing, session_logs_missing","failure_points":"Missing signals, over-broad changes, skipped validation, missing knowledge solidification","evidence":"Signal present: session_logs_missing"}}
3
- {"type":"CapabilityCandidate","id":"cand_b9a66a5c","title":"Harden session log detection and fallback behavior","source":"signals","created_at":"2026-04-21T04:07:17.084Z","signals":["memory_missing","user_missing","session_logs_missing"],"tags":["memory_missing","user_missing","session_logs_missing","area:memory"],"shape":{"title":"Harden session log detection and fallback behavior","input":"Recent session transcript + memory snippets + user instructions","output":"A safe, auditable evolution patch guided by GEP assets","invariants":"Protocol order, small reversible patches, validation, append-only events","params":"Signals: memory_missing, user_missing, session_logs_missing","failure_points":"Missing signals, over-broad changes, skipped validation, missing knowledge solidification","evidence":"Signal present: session_logs_missing"}}
4
- {"type":"CapabilityCandidate","id":"cand_b9a66a5c","title":"Harden session log detection and fallback behavior","source":"signals","created_at":"2026-04-21T04:07:25.649Z","signals":["memory_missing","user_missing","session_logs_missing"],"tags":["memory_missing","user_missing","session_logs_missing","area:memory"],"shape":{"title":"Harden session log detection and fallback behavior","input":"Recent session transcript + memory snippets + user instructions","output":"A safe, auditable evolution patch guided by GEP assets","invariants":"Protocol order, small reversible patches, validation, append-only events","params":"Signals: memory_missing, user_missing, session_logs_missing","failure_points":"Missing signals, over-broad changes, skipped validation, missing knowledge solidification","evidence":"Signal present: session_logs_missing"}}
5
- {"type":"CapabilityCandidate","id":"cand_b9a66a5c","title":"Harden session log detection and fallback behavior","source":"signals","created_at":"2026-04-21T04:07:27.637Z","signals":["memory_missing","user_missing","session_logs_missing"],"tags":["memory_missing","user_missing","session_logs_missing","area:memory"],"shape":{"title":"Harden session log detection and fallback behavior","input":"Recent session transcript + memory snippets + user instructions","output":"A safe, auditable evolution patch guided by GEP assets","invariants":"Protocol order, small reversible patches, validation, append-only events","params":"Signals: memory_missing, user_missing, session_logs_missing","failure_points":"Missing signals, over-broad changes, skipped validation, missing knowledge solidification","evidence":"Signal present: session_logs_missing"}}
6
- {"type":"CapabilityCandidate","id":"cand_b9a66a5c","title":"Harden session log detection and fallback behavior","source":"signals","created_at":"2026-04-21T04:07:29.461Z","signals":["memory_missing","user_missing","session_logs_missing"],"tags":["memory_missing","user_missing","session_logs_missing","area:memory"],"shape":{"title":"Harden session log detection and fallback behavior","input":"Recent session transcript + memory snippets + user instructions","output":"A safe, auditable evolution patch guided by GEP assets","invariants":"Protocol order, small reversible patches, validation, append-only events","params":"Signals: memory_missing, user_missing, session_logs_missing","failure_points":"Missing signals, over-broad changes, skipped validation, missing knowledge solidification","evidence":"Signal present: session_logs_missing"}}
1
+ {"type":"CapabilityCandidate","id":"cand_b9a66a5c","title":"Harden session log detection and fallback behavior","source":"signals","created_at":"2026-04-21T12:31:17.295Z","signals":["memory_missing","user_missing","session_logs_missing"],"tags":["memory_missing","user_missing","session_logs_missing","area:memory"],"shape":{"title":"Harden session log detection and fallback behavior","input":"Recent session transcript + memory snippets + user instructions","output":"A safe, auditable evolution patch guided by GEP assets","invariants":"Protocol order, small reversible patches, validation, append-only events","params":"Signals: memory_missing, user_missing, session_logs_missing","failure_points":"Missing signals, over-broad changes, skipped validation, missing knowledge solidification","evidence":"Signal present: session_logs_missing"}}
2
+ {"type":"CapabilityCandidate","id":"cand_b9a66a5c","title":"Harden session log detection and fallback behavior","source":"signals","created_at":"2026-04-21T12:31:19.041Z","signals":["memory_missing","user_missing","session_logs_missing"],"tags":["memory_missing","user_missing","session_logs_missing","area:memory"],"shape":{"title":"Harden session log detection and fallback behavior","input":"Recent session transcript + memory snippets + user instructions","output":"A safe, auditable evolution patch guided by GEP assets","invariants":"Protocol order, small reversible patches, validation, append-only events","params":"Signals: memory_missing, user_missing, session_logs_missing","failure_points":"Missing signals, over-broad changes, skipped validation, missing knowledge solidification","evidence":"Signal present: session_logs_missing"}}
3
+ {"type":"CapabilityCandidate","id":"cand_b9a66a5c","title":"Harden session log detection and fallback behavior","source":"signals","created_at":"2026-04-21T12:31:20.900Z","signals":["memory_missing","user_missing","session_logs_missing"],"tags":["memory_missing","user_missing","session_logs_missing","area:memory"],"shape":{"title":"Harden session log detection and fallback behavior","input":"Recent session transcript + memory snippets + user instructions","output":"A safe, auditable evolution patch guided by GEP assets","invariants":"Protocol order, small reversible patches, validation, append-only events","params":"Signals: memory_missing, user_missing, session_logs_missing","failure_points":"Missing signals, over-broad changes, skipped validation, missing knowledge solidification","evidence":"Signal present: session_logs_missing"}}
package/assets/gep/capsules.json CHANGED
@@ -1,4 +1 @@
1
- {
2
- "version": 1,
3
- "capsules": []
4
- }
1
+ {"version":1,"capsules":[]}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@evomap/evolver",
3
- "version": "1.69.8",
3
+ "version": "1.69.11",
4
4
  "description": "A GEP-powered self-evolution engine for AI agents. Features automated log analysis and Genome Evolution Protocol (GEP) for auditable, reusable evolution assets.",
5
5
  "main": "index.js",
6
6
  "bin": {
package/src/adapters/scripts/evolver-session-end.js CHANGED
@@ -6,7 +6,7 @@
6
6
 
7
7
  const fs = require('fs');
8
8
  const path = require('path');
9
- const { execSync } = require('child_process');
9
+ const { execSync, spawnSync } = require('child_process');
10
10
  // 10 MB — prevents RangeError on large child process output (e.g. git log/diff
11
11
  // on large repos). See GHSA reports / issue #451.
12
12
  const MAX_EXEC_BUFFER = 10 * 1024 * 1024;
@@ -105,12 +105,21 @@ function recordToHub(outcome) {
105
105
  summary: outcome.summary,
106
106
  sender_id: nodeId || undefined,
107
107
  });
108
- const curlCmd = `curl -s -m 8 -X POST`
109
- + ` -H "Content-Type: application/json"`
110
- + ` -H "Authorization: Bearer ${apiKey}"`
111
- + ` -d '${payload.replace(/'/g, "'\\''")}'`
112
- + ` "${hubUrl.replace(/\/+$/, '')}/a2a/evolution/record"`;
113
- execSync(curlCmd, { timeout: 10000, stdio: ['pipe', 'pipe', 'pipe'], maxBuffer: MAX_EXEC_BUFFER });
108
+ // Argv-array form avoids shell interpretation of apiKey, payload, or the
109
+ // hub URL. Values cannot break out through shell metacharacters.
110
+ const res = spawnSync('curl', [
111
+ '-s', '-m', '8', '-X', 'POST',
112
+ '-H', 'Content-Type: application/json',
113
+ '-H', `Authorization: Bearer ${apiKey}`,
114
+ '-d', payload,
115
+ `${hubUrl.replace(/\/+$/, '')}/a2a/evolution/record`,
116
+ ], {
117
+ timeout: 10000,
118
+ stdio: ['pipe', 'pipe', 'pipe'],
119
+ maxBuffer: MAX_EXEC_BUFFER,
120
+ shell: false,
121
+ });
122
+ if (res.status !== 0 || res.error) return false;
114
123
  return true;
115
124
  } catch {
116
125
  return false;