@evomap/evolver 1.85.0 → 1.85.1

package/README.md

@@ -136,11 +136,32 @@ Evolver integrates with major agent runtimes through `setup-hooks`. Run it once
 |---|---|---|
 | [Cursor](https://cursor.com) | `evolver setup-hooks --platform=cursor` | `~/.cursor/hooks.json` + scripts in `~/.cursor/hooks/`. Restart Cursor or open a new session. Fires on `sessionStart`, `afterFileEdit`, `stop`. |
 | [Claude Code](https://www.anthropic.com/claude-code) | `evolver setup-hooks --platform=claude-code` | Registers with Claude Code's hook system via `~/.claude/`. Restart the Claude Code CLI. |
-| [Codex](https://github.com/openai/codex) | `evolver setup-hooks --platform=codex` | `~/.codex/hooks.json` + scripts in `~/.codex/hooks/`, enables `codex_hooks` feature in `config.toml`. Restart the Codex CLI. |
+| [Codex](https://github.com/openai/codex) | `evolver setup-hooks --platform=codex` | `~/.codex/hooks.json` + scripts in `~/.codex/hooks/`, enables `codex_hooks` feature in `config.toml`. Restart the Codex CLI. See [Codex caveats](#codex-caveats) below. |
 | [Kiro](https://kiro.dev) | `evolver setup-hooks --platform=kiro` | Three `*.kiro.hook` files + scripts in `~/.kiro/hooks/`. Auto-discovered, no restart needed. |
 | [opencode](https://opencode.ai) | `evolver setup-hooks --platform=opencode` | Plugin at `~/.opencode/plugins/evolver.js` + scripts in `~/.opencode/hooks/`. Restart opencode. |
 | [OpenClaw](https://openclaw.com) | No setup needed | OpenClaw natively interprets the `sessions_spawn(...)` stdout directives Evolver emits. Just run `evolver` from inside an OpenClaw session. |
 
+#### Codex caveats
+
+The Codex CLI exposes `SessionStart` / `Stop` / `PostToolUse` hooks (which is
+how `setup-hooks --platform=codex` wires Evolver in), but it does **not**
+emit a session transcript file the way Cursor / Claude Code / opencode do.
+That means `evolver --review` cannot read raw session logs on Codex.
+
+Evolver compensates by reading, in order:
+
+1. `MEMORY.md` / `USER.md` in the workspace root (if you maintain them);
+2. the `<!-- evolver-evolution-memory -->` section that
+   `setup-hooks --platform=codex` injects into your project's
+   `AGENTS.md`;
+3. the tail of the local `memory_graph.jsonl` (the per-cycle outcome log
+   that Evolver writes itself).
+
+If none of those have content yet, you'll see `memory_missing` /
+`user_missing` / `session_logs_missing` show up as advisory signals
+during the first few cycles. They will go quiet on their own as
+`memory_graph.jsonl` accumulates outcomes — no manual setup required.
+
 ## Run from Source (Contributors Only)
 
 Skip this section entirely if you installed via `npm install -g @evomap/evolver` above. This path exists so contributors can hack on the engine.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@evomap/evolver",
-  "version": "1.85.0",
+  "version": "1.85.1",
   "description": "A GEP-powered self-evolution engine for AI agents. Features automated log analysis and Genome Evolution Protocol (GEP) for auditable, reusable evolution assets.",
   "main": "index.js",
   "bin": {

package/scripts/build_binaries.js

@@ -208,13 +208,15 @@ if (!OPTS.skipObfuscate) {
   if (!OPTS.dryRun) {
     const O = require(require.resolve('javascript-obfuscator', { paths: [REPO_ROOT] }));
     const src = fs.readFileSync(BUNDLED_JS, 'utf8');
-    // Deterministic obfuscation: same release version + same source = same
-    // output. This makes binary diffs across re-runs meaningful and lets
-    // SHA256SUMS be reproduced by anyone with the source tree.
-    const seed = parseInt(crypto.createHash('sha256').update(`evolver:${releaseVersion}`).digest('hex').slice(0, 8), 16);
-    const t0 = Date.now();
-    const result = O.obfuscate(src, {
-      seed,
+    // Seed obfuscation from release version: gives same-version reruns a
+    // narrow PRNG path, but the obfuscator has internal non-determinism
+    // beyond the seed (Set iteration / stringArray rotation timing) so two
+    // runs with the same seed can still differ slightly. Empirically ~5%
+    // of those runs emit invalid syntax (e.g. mangling `new.target` to
+    // `#target`, which then crashes `bun compile`). Validate after each
+    // attempt and retry — see RETRY note in pipeline rationale below.
+    const baseSeed = parseInt(crypto.createHash('sha256').update(`evolver:${releaseVersion}`).digest('hex').slice(0, 8), 16);
+    const obfOpts = {
       compact: true,
       controlFlowFlattening: true,
       controlFlowFlatteningThreshold: 0.75,
@@ -237,12 +239,49 @@ if (!OPTS.skipObfuscate) {
       numbersToExpressions: true,
       unicodeEscapeSequence: true,
       target: 'node',
-    });
-    fs.writeFileSync(OBF_JS, result.getObfuscatedCode());
-    const obfSize = fs.statSync(OBF_JS).size;
-    console.log(`  obfuscation: ${((Date.now() - t0) / 1000).toFixed(1)}s, output ${(obfSize / 1024 / 1024).toFixed(2)} MB`);
+    };
+
+    const MAX_OBF_ATTEMPTS_RAW = process.env.OBF_MAX_ATTEMPTS;
+    const MAX_OBF_ATTEMPTS = MAX_OBF_ATTEMPTS_RAW === undefined
+      ? 4
+      : parseInt(MAX_OBF_ATTEMPTS_RAW, 10);
+    if (!Number.isInteger(MAX_OBF_ATTEMPTS) || MAX_OBF_ATTEMPTS < 1) {
+      console.error(`  ERROR: OBF_MAX_ATTEMPTS must be a positive integer; got ${JSON.stringify(MAX_OBF_ATTEMPTS_RAW)}.`);
+      process.exit(1);
+    }
+    let attempt = 0;
+    let usedSeed = baseSeed;
+    let lastValidationErr = null;
+    let succeeded = false;
+    while (attempt < MAX_OBF_ATTEMPTS) {
+      attempt++;
+      // Perturb seed on retries to dodge a stuck PRNG path. Attempt 1 keeps
+      // the canonical seed for best-effort reproducibility; later attempts
+      // shift by attempt index so the next deploy gets a fresh trajectory.
+      usedSeed = baseSeed + (attempt - 1);
+      const t0 = Date.now();
+      const result = O.obfuscate(src, { ...obfOpts, seed: usedSeed });
+      fs.writeFileSync(OBF_JS, result.getObfuscatedCode());
+      const obfSize = fs.statSync(OBF_JS).size;
+      const obfSecs = ((Date.now() - t0) / 1000).toFixed(1);
+
+      const check = spawnSync('node', ['--check', OBF_JS], { encoding: 'utf8' });
+      if (check.status === 0) {
+        console.log(`  obfuscation: ${obfSecs}s, output ${(obfSize / 1024 / 1024).toFixed(2)} MB (attempt ${attempt}/${MAX_OBF_ATTEMPTS}, seed=0x${usedSeed.toString(16)})`);
+        succeeded = true;
+        break;
+      }
+      lastValidationErr = (check.stderr || check.stdout || '').split('\n').slice(0, 3).join(' | ');
+      console.warn(`  attempt ${attempt}/${MAX_OBF_ATTEMPTS}: obfuscator output failed node --check (${lastValidationErr.slice(0, 200)}); retrying with perturbed seed...`);
+    }
+    if (!succeeded) {
+      console.error(`  ERROR: javascript-obfuscator produced syntactically invalid output in ${MAX_OBF_ATTEMPTS} attempts.`);
+      console.error(`         last error: ${lastValidationErr || '(none — loop did not run)'}`);
+      console.error(`         raise OBF_MAX_ATTEMPTS env var to retry more times, or temporarily run with --skip-obfuscate.`);
+      process.exit(2);
+    }
   } else {
-    console.log('  [dry-run] would obfuscate stage/bundled.js -> stage/bundled.obf.js');
+    console.log('  [dry-run] would obfuscate stage/bundled.js -> stage/bundled.obf.js (with retry-on-syntax-error)');
   }
 
   payloadJs = OBF_JS;
@@ -386,3 +425,21 @@ console.log('  next: gh release upload v<ver> dist-binaries/* --repo EvoMap/evol
 //   in GitHub Actions on `runs-on: macos-latest, ubuntu-latest` should
 //   set up the matrix so each runner smoke-tests its own native target.
 //
+// Stage 2 retry-on-syntax-error (added 2026-05-22, v1.85.0 deploy
+// post-mortem):
+//
+//   The v1.85.0 release deploy hit `bun compile` failing with
+//   `Expected "in" but found ","` at offset ~1.5MB into bundled.obf.js.
+//   The failing region contained `(#target,this)` — javascript-obfuscator
+//   had mangled `new.target` into `#target` (a private class field syntax
+//   that's only legal inside a class body). A from-scratch rebuild on the
+//   same source + seed produced a different output (15.18 MB vs 15.14 MB)
+//   that compiled cleanly, confirming the obfuscator has internal
+//   non-determinism beyond the user-supplied seed.
+//
+//   Mitigation: after each obfuscation attempt, run `node --check` on the
+//   output; if syntax is invalid, perturb the seed by +attempt and retry
+//   up to OBF_MAX_ATTEMPTS times (default 4). Cost of validation is
+//   ~1 second on 15 MB; cost of catching the failure here vs after a
+//   doomed bun compile pass is roughly 50s saved per failure.
+//

package/src/adapters/scripts/evolver-session-end.js

@@ -2,16 +2,40 @@
 // evolver-session-end.js
 // Records evolution outcome at session end.
 // Collects git diff stats, extracts signals, records via Hub API or local memory.
-// Input: stdin JSON. Output: stdout JSON with followup_message.
+// Input: stdin JSON. Output: stdout JSON with `systemMessage` (Claude Code Stop
+// hook notification) — or empty `{}` on Cursor where systemMessage is mishandled.
 
 const fs = require('fs');
+const path = require('path');
+const os = require('os');
 const { spawnSync } = require('child_process');
 // 10 MB — prevents RangeError on large child process output (e.g. git log/diff
 // on large repos). See GHSA reports / issue #451.
 const MAX_EXEC_BUFFER = 10 * 1024 * 1024;
 
+const path = require('path');
 const { findEvolverRoot, findMemoryGraph } = require('./_runtimePaths');
 
+// Workspace-id must use the same resolution as the reader in
+// src/evolve/pipeline/collect.js (which goes through src/gep/paths.js#
+// getWorkspaceRoot()). Otherwise writer and reader could land on
+// different `.evolver/workspace-id` files when EVOLVER_REPO_ROOT or
+// OPENCLAW_WORKSPACE is set, or when a `<repoRoot>/workspace`
+// subdirectory exists — in which case the IDs would never match and
+// every memory-graph entry would silently get dropped (Bugbot PR #109
+// round-1 MEDIUM). Lazy-load the canonical resolver from the resolved
+// evolver root; fall back to env-only when paths.js is unreachable.
+function resolveWorkspaceIdForWriter() {
+  if (process.env.EVOLVER_WORKSPACE_ID) return String(process.env.EVOLVER_WORKSPACE_ID);
+  const evolverRoot = findEvolverRoot();
+  if (!evolverRoot) return null;
+  try {
+    const paths = require(path.join(evolverRoot, 'src', 'gep', 'paths.js'));
+    if (typeof paths.getWorkspaceId === 'function') return paths.getWorkspaceId();
+  } catch { /* paths.js unreachable — return null */ }
+  return null;
+}
+
 function runGit(args, cwd) {
   // Argv-array form, no shell. Avoids POSIX `2>/dev/null` redirects that
   // break on Windows cmd.exe (#537). Failures (e.g. no HEAD~1 in a fresh
@@ -52,6 +76,31 @@ function getGitDiffStats() {
   };
 }
 
+// Detect whether the hook is running inside Cursor.
+//
+// Why: Claude Code's Stop hook spec says `systemMessage` is a notification
+// shown to the user and is NOT fed back into Claude's context. Cursor's
+// Claude Code-compatible runtime currently splices it into the next
+// inference round as if it were a user prompt, so Claude "responds" to the
+// evolution receipt — visible to users as an unexplained extra reasoning
+// turn after every task. Until Cursor fixes this, suppress systemMessage
+// on Cursor while keeping the local-memory append intact.
+//
+// Detection (any of):
+//   - TERM_PROGRAM=cursor
+//   - CURSOR_TRACE_ID / CURSOR_SESSION_ID set
+//   - EVOLVER_HOOK_HOST=cursor (manual override)
+// Escape hatch: EVOLVER_HOOK_VERBOSE=1 forces the message on regardless.
+function isCursorHost() {
+  const verbose = String(process.env.EVOLVER_HOOK_VERBOSE || '').toLowerCase();
+  if (verbose === '1' || verbose === 'true') return false;
+  if (String(process.env.EVOLVER_HOOK_HOST || '').toLowerCase() === 'cursor') return true;
+  if (String(process.env.TERM_PROGRAM || '').toLowerCase() === 'cursor') return true;
+  if (process.env.CURSOR_TRACE_ID) return true;
+  if (process.env.CURSOR_SESSION_ID) return true;
+  return false;
+}
+
 function detectSignals(text) {
   if (!text) return [];
   const lower = text.toLowerCase();
@@ -113,6 +162,21 @@ function recordToLocal(graphPath, outcome) {
         score: outcome.score,
         note: outcome.summary,
       },
+      // Tag the originating workspace so the review-time reader in
+      // collect.js can scope user-level fallback entries to the current
+      // cwd. Without this, two unrelated projects sharing the user-level
+      // fallback file (~/.evolver/memory/evolution/memory_graph.jsonl,
+      // used by npm-global installs) would cross-pollinate each other's
+      // review context — a prompt-injection / disclosure surface flagged
+      // by Bugbot on PR #105 round-2.
+      //
+      // workspace_id is the forge-resistant tag (PR #108 round-3): the
+      // reader compares it against the secret in the workspace's own
+      // .evolver/workspace-id file. cwd is retained as a backward-compat
+      // tag so older entries written before this hardening still pass
+      // the cwd check.
+      cwd: process.cwd(),
+      workspace_id: resolveWorkspaceIdForWriter(),
       source: 'hook:session-end',
     };
     fs.appendFileSync(graphPath, JSON.stringify(entry) + '\n', 'utf8');
@@ -125,16 +189,23 @@ function recordToLocal(graphPath, outcome) {
 function main() {
   let inputData = '';
   let handled = false;
+  let watchdog = null;
+  const finish = (payload) => {
+    if (handled) return;
+    handled = true;
+    if (watchdog) clearTimeout(watchdog);
+    process.stdout.write(JSON.stringify(payload || {}));
+    process.exit(0);
+  };
   process.stdin.setEncoding('utf8');
   process.stdin.on('data', chunk => { inputData += chunk; });
   process.stdin.on('end', () => {
     if (handled) return;
-    handled = true;
     try {
       const diffInfo = getGitDiffStats();
 
       if (!diffInfo.hasChanges) {
-        process.stdout.write(JSON.stringify({}));
+        finish({});
         return;
       }
 
@@ -162,22 +233,46 @@ function main() {
       const target = hubOk ? 'Hub' : localOk ? 'local memory' : 'nowhere (no Hub or local path)';
       const msg = `[Evolution] Session outcome recorded to ${target}: ${outcome.summary}`;
 
-      process.stdout.write(JSON.stringify({
-        followup_message: msg,
-        stopMessage: msg,
-        additionalContext: msg,
-      }));
+      // Stop hook output schema (per Claude Code docs):
+      //   - decision: "approve" | "block"
+      //   - reason: string (shown when decision is set)
+      //   - systemMessage: string (notification displayed to user)
+      //   - continue: boolean
+      //   - stopReason: string
+      //
+      // Earlier versions emitted `followup_message`, `stopMessage`, and
+      // `additionalContext` together. `followup_message` is the field that
+      // re-injects the receipt into Claude's next inference round, which
+      // caused the agent to "respond" to its own evolution log line —
+      // visible to users as an unexplained extra reasoning turn after
+      // every task. The evolver is supposed to be observational, so we
+      // now use `systemMessage` only — that surfaces the receipt to the
+      // user without forcing another inference round.
+      //
+      // Cursor compatibility: Cursor's Claude Code-compatible runtime
+      // currently treats `systemMessage` as a user prompt for the next
+      // inference round. When we detect Cursor, omit systemMessage too.
+      // The receipt is always appended to ~/.evolver/logs/evolution.log
+      // so it is never silently lost; users can opt back in to the inline
+      // notification with EVOLVER_HOOK_VERBOSE=1.
+      try {
+        const logDir = process.env.EVOLVER_HOOK_LOG_DIR
+          || path.join(os.homedir(), '.evolver', 'logs');
+        fs.mkdirSync(logDir, { recursive: true });
+        fs.appendFileSync(
+          path.join(logDir, 'evolution.log'),
+          `${new Date().toISOString()} ${msg}\n`,
+          'utf8'
+        );
+      } catch { /* best-effort, never break the hook on log write */ }
+
+      finish(isCursorHost() ? {} : { systemMessage: msg });
     } catch (e) {
-      process.stdout.write(JSON.stringify({}));
+      finish({});
     }
   });
 
-  setTimeout(() => {
-    if (handled) return;
-    handled = true;
-    process.stdout.write(JSON.stringify({}));
-    process.exit(0);
-  }, 7000);
+  watchdog = setTimeout(() => finish({}), 7000);
 }
 
 main();