@fusionkit/cli 0.1.0

package/dist/test/e2e.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/test/e2e.test.js

@@ -0,0 +1,250 @@
+import assert from "node:assert/strict";
+import { mkdtempSync, readFileSync, rmSync, writeFileSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { after, before, test } from "node:test";
+import { defaultPolicy, generateMasterKeyHex, masterKeyFromMaterial, Plane, SecretStore, startPlaneServer } from "@fusionkit/plane";
+import { buildReceiptStory, generateEd25519KeyPair, verifyReceiptBundle } from "@fusionkit/protocol";
+import { Runner } from "@fusionkit/runner";
+import { PlaneClient, PlaneClientError } from "@fusionkit/sdk";
+import { git, makeRepo } from "@fusionkit/testkit";
+import { captureWorkspace, pullRun } from "@fusionkit/workspace";
+const SECRET_VALUE = "super-sensitive-value-1234";
+let planeDir;
+let runnerDir;
+let repoDir;
+let server;
+let client;
+let runner;
+before(async () => {
+    planeDir = mkdtempSync(join(tmpdir(), "warrant-e2e-plane-"));
+    runnerDir = mkdtempSync(join(tmpdir(), "warrant-e2e-runner-"));
+    repoDir = makeRepo({ files: { "README.md": "# e2e fixture\n" } });
+    const policy = defaultPolicy();
+    policy.runners.allowPools = ["eng-prod"];
+    policy.agents.allow = ["mock", "command"];
+    policy.secrets.releasable = [
+        { name: "MOCK_SECRET", scope: "e2e-test", pools: ["eng-prod"] }
+    ];
+    policy.consent = [{ when: "secret-release", approvers: ["security"] }];
+    const keys = generateEd25519KeyPair();
+    const secretStore = new SecretStore(join(planeDir, "secrets.enc"), masterKeyFromMaterial(generateMasterKeyHex()));
+    secretStore.set("MOCK_SECRET", SECRET_VALUE);
+    const plane = new Plane({
+        dataDir: join(planeDir, "data"),
+        policy,
+        planePrivateKeyPem: keys.privateKeyPem,
+        planePublicKeyPem: keys.publicKeyPem,
+        adminToken: "admin-token-test",
+        enrollToken: "enroll-token-test",
+        secretStore
+    });
+    const started = await startPlaneServer(plane, 0);
+    server = started.server;
+    const planeUrl = `http://127.0.0.1:${started.port}`;
+    client = new PlaneClient(planeUrl, "admin-token-test");
+    runner = new Runner({
+        planeUrl,
+        pool: "eng-prod",
+        dataDir: runnerDir,
+        enrollToken: "enroll-token-test"
+    });
+    await runner.ensureEnrolled();
+});
+after(() => {
+    server.close(() => undefined);
+    rmSync(planeDir, { recursive: true, force: true });
+    rmSync(runnerDir, { recursive: true, force: true });
+    rmSync(repoDir, { recursive: true, force: true });
+});
+function buildRequest(prompt) {
+    const captured = captureWorkspace(repoDir);
+    return {
+        requestedBy: { kind: "human", id: "e2e-tester" },
+        agentKind: "mock",
+        prompt,
+        pool: "eng-prod",
+        secretNames: ["MOCK_SECRET"],
+        workspace: captured.manifest,
+        network: { defaultDeny: true, allowHosts: [] },
+        budget: {},
+        disclosure: "minimal-context"
+    };
+}
+function buildNoSecretRequest(prompt) {
+    const captured = captureWorkspace(repoDir);
+    return {
+        requestedBy: { kind: "human", id: "e2e-tester" },
+        agentKind: "mock",
+        prompt,
+        pool: "eng-prod",
+        secretNames: [],
+        workspace: captured.manifest,
+        network: { defaultDeny: true, allowHosts: [] },
+        budget: {},
+        disclosure: "minimal-context"
+    };
+}
+function buildSecretEchoRequest(prompt) {
+    const captured = captureWorkspace(repoDir);
+    return {
+        requestedBy: { kind: "human", id: "e2e-tester" },
+        agentKind: "command",
+        prompt,
+        pool: "eng-prod",
+        secretNames: ["MOCK_SECRET"],
+        workspace: captured.manifest,
+        network: { defaultDeny: true, allowHosts: [] },
+        budget: {},
+        disclosure: "minimal-context",
+        execution: {
+            kind: "shell",
+            script: "printf \"$MOCK_SECRET\" && printf \"$MOCK_SECRET\\n\" > leaked-secret.txt",
+            shell: "sh"
+        }
+    };
+}
+async function uploadWorkspaceBlobs() {
+    const captured = captureWorkspace(repoDir);
+    await client.putBlob(captured.bundle);
+    if (captured.dirtyDiff)
+        await client.putBlob(captured.dirtyDiff);
+    for (const file of captured.untracked)
+        await client.putBlob(file.content);
+}
+let completedBundle;
+test("dry run disclosure report moves nothing", async () => {
+    const report = await client.dryRun(buildRequest("dry run probe"));
+    assert.equal(report.dryRun, true);
+    assert.equal(report.policyDecision.decision, "ask");
+    assert.deepEqual(report.secrets.map((s) => s.name), ["MOCK_SECRET"]);
+    assert.equal(report.network.defaultDeny, true);
+});
+test("policy denies a disallowed agent kind, fail closed", async () => {
+    const request = { ...buildRequest("nope"), agentKind: "codex" };
+    await assert.rejects(() => client.requestRun(request), (error) => {
+        assert.ok(error instanceof PlaneClientError);
+        assert.equal(error.status, 403);
+        return true;
+    });
+});
+test("policy denies unreleasable secrets without creating receipt residue", async () => {
+    const before = await client.listRuns();
+    const request = { ...buildRequest("unknown secret"), secretNames: ["UNKNOWN_SECRET"] };
+    await assert.rejects(() => client.requestRun(request), (error) => {
+        assert.ok(error instanceof PlaneClientError);
+        assert.equal(error.status, 403);
+        return true;
+    });
+    const after = await client.listRuns();
+    assert.equal(after.runs.length, before.runs.length);
+    assert.ok(!JSON.stringify(after).includes("UNKNOWN_SECRET"));
+});
+test("no-secret run records empty secret evidence", async () => {
+    await uploadWorkspaceBlobs();
+    const created = await client.requestRun(buildNoSecretRequest("no secret run"));
+    assert.equal(created.status, "created");
+    const processed = await runner.runOnce();
+    assert.equal(processed, created.runId);
+    const bundle = await client.getBundle(created.runId);
+    assert.equal(bundle.receipt.secretsReleased.length, 0);
+    assert.equal(bundle.events.some((event) => event.event.type === "secret.released"), false);
+    assert.deepEqual(buildReceiptStory(bundle).secrets, []);
+});
+test("governed run: consent, execution, secret injection, egress blocking, receipt", async () => {
+    await uploadWorkspaceBlobs();
+    const created = await client.requestRun(buildRequest("e2e task: touch files and probe network"));
+    assert.equal(created.status, "awaiting_approval");
+    // Runner cannot claim before approval.
+    assert.equal(await runner.runOnce(), undefined);
+    await client.approve(created.runId, { kind: "human", id: "security-lead" });
+    const processed = await runner.runOnce();
+    assert.equal(processed, created.runId);
+    const view = await client.getRun(created.runId);
+    assert.equal(view.status, "completed");
+    completedBundle = await client.getBundle(created.runId);
+    const { receipt, events } = completedBundle;
+    // Receipt answers the five questions.
+    assert.equal(receipt.status, "completed");
+    assert.equal(receipt.runner.attestationTier, "mock");
+    assert.deepEqual(receipt.secretsReleased.map((s) => s.name), ["MOCK_SECRET"]);
+    assert.ok(receipt.networkAccessed.some((n) => n.host === "denied.example.com" && n.decision === "blocked"), "egress probe must be recorded as blocked");
+    assert.ok(receipt.workspaceOut.diffHash, "run must produce a diff");
+    assert.ok(events.some((e) => e.event.type === "file.changed" && e.event.path === "MOCK_AGENT.md"));
+    assert.ok(events.some((e) => e.event.type === "consent.granted"));
+    assert.ok(events.some((e) => e.event.type === "boundary.crossed"));
+    // Secret value never appears anywhere in the bundle.
+    assert.ok(!JSON.stringify(completedBundle).includes(SECRET_VALUE));
+    // The agent saw the secret (injection worked) without the value leaking.
+    const diff = await client.getBlob(receipt.workspaceOut.diffHash);
+    const diffText = diff.toString("utf8");
+    assert.ok(diffText.includes("secret:present"));
+    assert.ok(!diffText.includes(SECRET_VALUE));
+});
+test("receipt bundle verifies offline; tampering is detected", () => {
+    const verification = verifyReceiptBundle(completedBundle);
+    assert.deepEqual(verification.problems, []);
+    assert.equal(verification.ok, true);
+    const tampered = structuredClone(completedBundle);
+    const secretEvent = tampered.events.find((e) => e.event.type === "secret.released");
+    assert.ok(secretEvent, "fixture must include a secret.released event");
+    tampered.events = tampered.events.filter((e) => e !== secretEvent);
+    tampered.events.forEach((e, i) => {
+        e.seq = i;
+    });
+    const tamperedResult = verifyReceiptBundle(tampered);
+    assert.equal(tamperedResult.ok, false);
+    const forgedReceipt = structuredClone(completedBundle);
+    forgedReceipt.receipt.secretsReleased = [];
+    const forgedResult = verifyReceiptBundle(forgedReceipt);
+    assert.equal(forgedResult.ok, false);
+});
+test("released secret values are redacted from diff and log artifacts", async () => {
+    await uploadWorkspaceBlobs();
+    const created = await client.requestRun(buildSecretEchoRequest("print and write a secret so artifacts must redact it"));
+    assert.equal(created.status, "awaiting_approval");
+    await client.approve(created.runId, { kind: "human", id: "security-lead" });
+    const processed = await runner.runOnce();
+    assert.equal(processed, created.runId);
+    const bundle = await client.getBundle(created.runId);
+    assert.equal(bundle.receipt.status, "completed");
+    assert.deepEqual(bundle.receipt.secretsReleased.map((secret) => secret.name), ["MOCK_SECRET"]);
+    assert.ok(!JSON.stringify(bundle).includes(SECRET_VALUE));
+    const disclosedHashes = new Set(bundle.receipt.boundaryDisclosures.map((item) => item.contentHash));
+    assert.ok(disclosedHashes.size >= 2, "expected diff and log disclosures");
+    for (const hash of disclosedHashes) {
+        const content = (await client.getBlob(hash)).toString("utf8");
+        assert.ok(!content.includes(SECRET_VALUE));
+        assert.ok(content.includes("[REDACTED:MOCK_SECRET]"));
+    }
+    const jsonl = await client.exportJsonl();
+    assert.ok(!jsonl.includes(SECRET_VALUE));
+});
+test("pull applies the run output divergence-safely", async () => {
+    const diff = await client.getBlob(completedBundle.receipt.workspaceOut.diffHash);
+    // Clean repo at base ref: fast path applies in place.
+    const clean = pullRun(repoDir, completedBundle.receipt.runId, completedBundle.contract.workspace.baseRef, diff);
+    assert.deepEqual(clean, { mode: "applied" });
+    const content = readFileSync(join(repoDir, "MOCK_AGENT.md"), "utf8");
+    assert.ok(content.includes("e2e task"));
+    assert.ok(content.includes("secret:present"));
+    // Diverged repo: results land on a branch, checkout untouched.
+    git(repoDir, ["add", "-A"]);
+    git(repoDir, ["commit", "--quiet", "-m", "absorb pulled output"]);
+    writeFileSync(join(repoDir, "local-edit.txt"), "concurrent local work\n");
+    git(repoDir, ["add", "-A"]);
+    git(repoDir, ["commit", "--quiet", "-m", "diverge"]);
+    const diverged = pullRun(repoDir, completedBundle.receipt.runId, completedBundle.contract.workspace.baseRef, diff);
+    assert.equal(diverged.mode, "branch");
+});
+test("audit export emits JSONL for every event", async () => {
+    const jsonl = await client.exportJsonl();
+    const lines = jsonl.trim().split("\n");
+    assert.ok(lines.length >= completedBundle.events.length);
+    for (const line of lines) {
+        const parsed = JSON.parse(line);
+        assert.ok(parsed.runId.startsWith("run_"));
+        assert.match(parsed.hash, /^[0-9a-f]{64}$/);
+    }
+    assert.ok(!jsonl.includes(SECRET_VALUE));
+});

package/dist/test/fusion-quickstart.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/test/fusion-quickstart.test.js

@@ -0,0 +1,189 @@
+import assert from "node:assert/strict";
+import { execFileSync, spawnSync } from "node:child_process";
+import { createServer } from "node:http";
+import { mkdirSync, mkdtempSync, readFileSync, rmSync, writeFileSync } from "node:fs";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+import { after, test } from "node:test";
+import { defaultKeyEnv, loadEnvFileInto, startFusionStack } from "../fusion-quickstart.js";
+const SENTINEL = "FUSION_OK";
+/**
+ * Create a real git repo with a genuinely failing test, so each panel model has
+ * a concrete coding task to fuse over.
+ */
+function materializeSampleRepo(root) {
+    mkdirSync(root, { recursive: true });
+    const git = (args) => {
+        execFileSync("git", args, { cwd: root });
+    };
+    git(["init", "--quiet", "--initial-branch=main"]);
+    git(["config", "user.email", "fusion@warrant.local"]);
+    git(["config", "user.name", "warrant-fusion"]);
+    writeFileSync(join(root, "package.json"), JSON.stringify({ name: "fusion-sample", private: true, scripts: { test: "node --test" } }, null, 2) + "\n");
+    writeFileSync(join(root, "calculator.js"), "exports.add = (left, right) => left - right;\n");
+    writeFileSync(join(root, "calculator.test.js"), [
+        "const assert = require('node:assert/strict');",
+        "const { add } = require('./calculator.js');",
+        "assert.equal(add(2, 3), 5);",
+        ""
+    ].join("\n"));
+    writeFileSync(join(root, "README.md"), "# fusion sample\n\n`add` is buggy (it subtracts); `npm test` fails until it is fixed.\n");
+    git(["add", "-A"]);
+    git(["commit", "--quiet", "-m", "failing calculator sample"]);
+    return root;
+}
+async function readBody(req) {
+    const chunks = [];
+    for await (const chunk of req)
+        chunks.push(chunk);
+    return Buffer.concat(chunks).toString("utf8");
+}
+async function closeServer(server) {
+    await new Promise((resolve, reject) => server.close((error) => (error ? reject(error) : resolve())));
+}
+const tmpRoots = [];
+function freshDir(prefix) {
+    const dir = mkdtempSync(join(tmpdir(), prefix));
+    tmpRoots.push(dir);
+    return dir;
+}
+after(() => {
+    for (const dir of tmpRoots)
+        rmSync(dir, { recursive: true, force: true });
+});
+test("loadEnvFileInto fills missing keys from a .env without overriding existing ones", () => {
+    const dir = freshDir("fusion-env-");
+    const envPath = join(dir, ".env");
+    writeFileSync(envPath, ["# comment", "export OPENAI_API_KEY=sk-from-file", 'ANTHROPIC_API_KEY="sk-ant-quoted"', "", "BARE=1"].join("\n"));
+    const env = { OPENAI_API_KEY: "sk-already-set" };
+    loadEnvFileInto(envPath, env);
+    assert.equal(env.OPENAI_API_KEY, "sk-already-set", "existing values must win");
+    assert.equal(env.ANTHROPIC_API_KEY, "sk-ant-quoted", "quotes are stripped");
+    assert.equal(env.BARE, "1");
+    loadEnvFileInto(join(dir, "missing.env"), env); // no-op when absent
+});
+test("defaultKeyEnv maps cloud providers to their conventional key env vars", () => {
+    assert.equal(defaultKeyEnv("openai"), "OPENAI_API_KEY");
+    assert.equal(defaultKeyEnv("anthropic"), "ANTHROPIC_API_KEY");
+    assert.equal(defaultKeyEnv("google"), "GEMINI_API_KEY");
+    assert.equal(defaultKeyEnv("openai-compatible"), undefined);
+    assert.equal(defaultKeyEnv("mlx"), undefined);
+});
+test("materializeSampleRepo creates a real git repo whose tests fail until add() is fixed", () => {
+    const repo = materializeSampleRepo(join(freshDir("fusion-sample-"), "repo"));
+    assert.match(readFileSync(join(repo, "calculator.js"), "utf8"), /left - right/);
+    const env = { ...process.env };
+    delete env.NODE_TEST_CONTEXT;
+    const tests = spawnSync("node", ["--test"], { cwd: repo, encoding: "utf8", env });
+    assert.notEqual(tests.status, 0, "the sample repo's tests must fail before a fix");
+    const isRepo = spawnSync("git", ["rev-parse", "--is-inside-work-tree"], { cwd: repo, encoding: "utf8" });
+    assert.equal(isRepo.stdout.trim(), "true");
+});
+/** A fake OpenAI-compatible endpoint that answers directly (no tool calls). */
+async function startFakeAnswerModel(answer) {
+    let calls = 0;
+    const server = createServer((req, res) => {
+        void (async () => {
+            const path = new URL(req.url ?? "/", "http://localhost").pathname;
+            if (req.method === "GET" && path === "/v1/models") {
+                res.writeHead(200, { "content-type": "application/json" });
+                res.end(JSON.stringify({ object: "list", data: [{ id: "fake", object: "model" }] }));
+                return;
+            }
+            if (req.method === "POST" && path === "/v1/chat/completions") {
+                await readBody(req);
+                calls += 1;
+                res.writeHead(200, { "content-type": "application/json" });
+                res.end(JSON.stringify({
+                    id: "chatcmpl_fake",
+                    object: "chat.completion",
+                    created: 0,
+                    model: "fake",
+                    choices: [{ index: 0, message: { role: "assistant", content: answer }, finish_reason: "stop" }],
+                    usage: { prompt_tokens: 1, completion_tokens: 1, total_tokens: 2 }
+                }));
+                return;
+            }
+            res.writeHead(404).end();
+        })().catch((error) => res.writeHead(500).end(String(error)));
+    });
+    await new Promise((resolve) => server.listen(0, "127.0.0.1", resolve));
+    const address = server.address();
+    assert.ok(typeof address === "object" && address !== null);
+    return {
+        url: `http://127.0.0.1:${address.port}`,
+        solveCalls: () => calls,
+        judgeCalls: () => 0,
+        close: () => closeServer(server)
+    };
+}
+test("agent front door: panel produces a trajectory the judge step consumes", async () => {
+    const repo = materializeSampleRepo(join(freshDir("fusion-agent-"), "repo"));
+    const model = await startFakeAnswerModel("This repo is a calculator sample.");
+    // Fake FusionKit judge step: records the candidate trajectories + conversation it
+    // receives and returns a terminal assistant answer (no tool calls) as an OpenAI
+    // chat completion, which is what the new front door proxies to the harness.
+    let stepTrajectories = [];
+    let stepMessages = [];
+    const synth = createServer((req, res) => {
+        void (async () => {
+            const path = new URL(req.url ?? "/", "http://localhost").pathname;
+            if (req.method === "POST" && path === "/v1/fusion/trajectory:step") {
+                const body = JSON.parse(await readBody(req));
+                stepTrajectories = body.trajectories ?? [];
+                stepMessages = body.messages ?? [];
+                res.writeHead(200, { "content-type": "application/json" });
+                res.end(JSON.stringify({
+                    id: "chatcmpl-step",
+                    object: "chat.completion",
+                    created: 0,
+                    model: "fusion-panel",
+                    choices: [
+                        {
+                            index: 0,
+                            message: { role: "assistant", content: `${SENTINEL}: this repo is a calculator sample` },
+                            finish_reason: "stop"
+                        }
+                    ],
+                    usage: { prompt_tokens: 0, completion_tokens: 0, total_tokens: 0 }
+                }));
+                return;
+            }
+            res.writeHead(404).end();
+        })().catch((error) => res.writeHead(500).end(String(error)));
+    });
+    await new Promise((resolve) => synth.listen(0, "127.0.0.1", resolve));
+    const synthAddress = synth.address();
+    assert.ok(typeof synthAddress === "object" && synthAddress !== null);
+    const synthesisUrl = `http://127.0.0.1:${synthAddress.port}`;
+    const stack = await startFusionStack({
+        repo,
+        outputRoot: freshDir("fusion-agent-runs-"),
+        models: [{ id: "alpha", model: "fake", provider: "openai-compatible", baseUrl: model.url }],
+        endpoints: { alpha: model.url },
+        synthesisUrl,
+        log: () => { }
+    });
+    try {
+        const response = await fetch(`${stack.fusionUrl}/v1/chat/completions`, {
+            method: "POST",
+            headers: { "content-type": "application/json" },
+            body: JSON.stringify({ model: "fusion-panel", messages: [{ role: "user", content: "What's in this repo?" }] })
+        });
+        assert.equal(response.status, 200);
+        const body = (await response.json());
+        assert.match(body.choices[0]?.message.content ?? "", new RegExp(SENTINEL));
+        assert.ok(model.solveCalls() >= 1, "the panel model agent must run");
+        assert.equal(stepTrajectories.length, 1, "the panel's one trajectory must reach the judge step");
+        const trajectory = stepTrajectories[0];
+        assert.equal(trajectory.model_id, "alpha");
+        assert.ok(Array.isArray(trajectory.steps) && trajectory.steps.length >= 1, "trajectory must carry steps");
+        assert.match(trajectory.final_output ?? "", /calculator sample/);
+        assert.ok(stepMessages.some((message) => message.role === "user"), "the conversation must reach the judge");
+    }
+    finally {
+        await stack.close();
+        await model.close();
+        await closeServer(synth);
+    }
+});

package/dist/test/gateway-e2e.test.d.ts

@@ -0,0 +1 @@
+export {};