@guilz-dev/belay 0.1.0

package/dist/commands/approve.js

@@ -0,0 +1,65 @@
+import path from 'node:path';
+import { approvedApprovalsPath, loadApprovalState, loadConfigFile, pendingApprovalsPath, saveApprovalState, } from '../config-io.js';
+import { recordApproval } from '../core/approval-service.js';
+import { recordCapabilityApproval } from '../core/capability-approval.js';
+import { recordEgressApproval } from '../core/egress-approval.js';
+import { createEgressApprovalStore } from '../services/egress-service.js';
+import { createCapabilityApprovalStore } from '../services/sandbox-service.js';
+export async function approvePending(options) {
+    const repoRoot = path.resolve(options.targetDir ?? process.cwd());
+    const config = await loadConfigFile(repoRoot);
+    const pending = await loadApprovalState(repoRoot, 'pending-approvals.json', config);
+    const match = pending.approvals.find((approval) => approval.approvalId === options.approvalId);
+    if (match?.kind === 'egress') {
+        const result = await recordEgressApproval({
+            approvalId: options.approvalId,
+            config,
+            scope: (options.scope === 'domain' ? 'domain' : 'once'),
+            token: options.token,
+            requireSignedToken: config.approvalSigning.required,
+            store: createEgressApprovalStore(repoRoot, config),
+        });
+        return { ok: result.ok, message: result.message };
+    }
+    if (options.scope === 'path') {
+        const result = await recordCapabilityApproval({
+            approvalId: options.approvalId,
+            config,
+            scope: 'path',
+            scopePath: options.scopePath,
+            token: options.token,
+            requireSignedToken: config.approvalSigning.required,
+            store: createCapabilityApprovalStore(repoRoot, config),
+        });
+        return { ok: result.ok, message: result.message };
+    }
+    const result = await recordApproval({
+        approvalId: options.approvalId,
+        config,
+        token: options.token,
+        requireSignedToken: config.approvalSigning.required,
+        store: {
+            async loadPending() {
+                const filePath = pendingApprovalsPath(repoRoot, config);
+                return {
+                    filePath,
+                    state: await loadApprovalState(repoRoot, 'pending-approvals.json', config),
+                };
+            },
+            async loadApproved() {
+                const filePath = approvedApprovalsPath(repoRoot, config);
+                return {
+                    filePath,
+                    state: await loadApprovalState(repoRoot, 'approved-approvals.json', config),
+                };
+            },
+            async writePending(_filePath, state) {
+                await saveApprovalState(repoRoot, 'pending-approvals.json', state, config);
+            },
+            async writeApproved(_filePath, state) {
+                await saveApprovalState(repoRoot, 'approved-approvals.json', state, config);
+            },
+        },
+    });
+    return { ok: result.ok, message: result.message };
+}

package/dist/commands/audit.d.ts

@@ -0,0 +1,59 @@
+import type { AuditRecord } from '../core/audit-types.js';
+export type AuditSubcommand = 'query' | 'summarize' | 'replay';
+export interface AuditOptions {
+    targetDir?: string;
+    subcommand: AuditSubcommand;
+    json?: boolean;
+    since?: string;
+    until?: string;
+    verdict?: string;
+    reason?: string;
+    kind?: string;
+    fingerprint?: string;
+    event?: string;
+    location?: string;
+    opacity?: string;
+    effect?: string;
+    confidence?: string;
+    limit?: number;
+    configPath?: string;
+}
+export declare function loadAuditRecords(repoRoot: string): Promise<AuditRecord[]>;
+export declare function auditProject(options: AuditOptions): Promise<{
+    subcommand: string;
+    records: AuditRecord[];
+    count: number;
+    roundTrips?: undefined;
+    lines?: undefined;
+    bypassAttempts?: undefined;
+    noisyRules?: undefined;
+    candidateConfigPath?: undefined;
+    configWarning?: undefined;
+    changedCount?: undefined;
+    diffs?: undefined;
+} | {
+    subcommand: string;
+    roundTrips: import("../core/audit-types.js").ApprovalRoundTrip[];
+    lines: string[];
+    bypassAttempts: import("../core/audit-types.js").BypassAttempt[];
+    noisyRules: import("../core/audit-types.js").NoisyRuleCandidate[];
+    records?: undefined;
+    count?: undefined;
+    candidateConfigPath?: undefined;
+    configWarning?: undefined;
+    changedCount?: undefined;
+    diffs?: undefined;
+} | {
+    subcommand: string;
+    candidateConfigPath: string | null;
+    configWarning: string | undefined;
+    changedCount: number;
+    diffs: import("../core/reclassify.js").ReclassifyDiff[];
+    records?: undefined;
+    count?: undefined;
+    roundTrips?: undefined;
+    lines?: undefined;
+    bypassAttempts?: undefined;
+    noisyRules?: undefined;
+}>;
+export declare function formatAuditReport(report: Awaited<ReturnType<typeof auditProject>>): string;

package/dist/commands/audit.js

@@ -0,0 +1,132 @@
+import { existsSync } from 'node:fs';
+import { readFile } from 'node:fs/promises';
+import path from 'node:path';
+import { loadConfigFile } from '../config-io.js';
+import { detectBypassAttempts, detectNoisyRules } from '../core/audit-analysis.js';
+import { parseAuditNdjson, toAuditRecord } from '../core/audit-metrics.js';
+import { buildApprovalRoundTrips, filterAuditRecords, summarizeRoundTrips, } from '../core/audit-query.js';
+import { mergeConfig } from '../core/config.js';
+import { diffReclassification } from '../core/reclassify.js';
+export async function loadAuditRecords(repoRoot) {
+    const config = await loadConfigFile(repoRoot);
+    const auditLogPath = path.join(repoRoot, config.audit.logPath);
+    let raw = '';
+    try {
+        raw = await readFile(auditLogPath, 'utf8');
+    }
+    catch {
+        raw = '';
+    }
+    return parseAuditNdjson(raw).map(toAuditRecord);
+}
+export async function auditProject(options) {
+    const repoRoot = path.resolve(options.targetDir ?? process.cwd());
+    const records = await loadAuditRecords(repoRoot);
+    const filter = {
+        since: options.since,
+        until: options.until,
+        verdict: options.verdict,
+        reason: options.reason,
+        kind: options.kind,
+        fingerprint: options.fingerprint,
+        event: options.event,
+        location: options.location,
+        opacity: options.opacity,
+        effect: options.effect,
+        confidence: options.confidence,
+        limit: options.limit,
+    };
+    if (options.subcommand === 'query') {
+        const filtered = filterAuditRecords(records, filter);
+        return { subcommand: 'query', records: filtered, count: filtered.length };
+    }
+    if (options.subcommand === 'summarize') {
+        const filtered = filterAuditRecords(records, filter);
+        const trips = buildApprovalRoundTrips(filtered);
+        const bypassAttempts = detectBypassAttempts(filtered);
+        const noisyRules = detectNoisyRules(filtered, trips);
+        return {
+            subcommand: 'summarize',
+            roundTrips: trips,
+            lines: summarizeRoundTrips(trips),
+            bypassAttempts,
+            noisyRules,
+        };
+    }
+    const config = await loadConfigFile(repoRoot);
+    let candidateConfig = config;
+    let configWarning;
+    if (options.configPath) {
+        if (!existsSync(options.configPath)) {
+            configWarning = `Candidate config not found: ${options.configPath}`;
+        }
+        else {
+            const raw = JSON.parse(await readFile(options.configPath, 'utf8'));
+            candidateConfig = mergeConfig(raw, config);
+        }
+    }
+    const filtered = filterAuditRecords(records, filter);
+    const diffs = (await Promise.all(filtered.map((record) => diffReclassification(record, candidateConfig, repoRoot)))).filter((diff) => diff !== null);
+    return {
+        subcommand: 'replay',
+        candidateConfigPath: options.configPath ?? null,
+        configWarning,
+        changedCount: diffs.length,
+        diffs,
+    };
+}
+export function formatAuditReport(report) {
+    if (report.subcommand === 'query') {
+        const records = report.records ?? [];
+        const count = report.count ?? records.length;
+        const lines = [`audit query: ${count} record(s)`];
+        for (const record of records.slice(0, 50)) {
+            const v2Axes = typeof record.location === 'string'
+                ? ` location=${record.location} opacity=${record.opacity ?? '?'} effect=${record.effect ?? '?'} confidence=${record.confidence ?? '?'}`
+                : '';
+            lines.push(`- ${record.timestamp ?? '?'} [${record.event ?? '?'}] ${record.verdict ?? '?'} (${record.reason ?? '?'})${v2Axes} ${record.summary ?? ''}`);
+        }
+        if (count > 50) {
+            lines.push(`... ${count - 50} more`);
+        }
+        return `${lines.join('\n')}\n`;
+    }
+    if (report.subcommand === 'summarize') {
+        const lines = ['audit summarize:', ''];
+        const summaryLines = report.lines ?? [];
+        const bypassAttempts = report.bypassAttempts ?? [];
+        const noisyRules = report.noisyRules ?? [];
+        if (summaryLines.length === 0) {
+            lines.push('No deny → approve → execute round-trips found.');
+        }
+        else {
+            lines.push('Round-trips:');
+            for (const line of summaryLines) {
+                lines.push(`- ${line}`);
+            }
+        }
+        if (bypassAttempts.length > 0) {
+            lines.push('', `Bypass attempts (${bypassAttempts.length}):`);
+            for (const attempt of bypassAttempts.slice(0, 10)) {
+                lines.push(`- [${attempt.signal}] denied "${attempt.denySummary}" → tried "${attempt.attemptSummary}"`);
+            }
+        }
+        if (noisyRules.length > 0) {
+            lines.push('', 'Noisy rule candidates:');
+            for (const rule of noisyRules) {
+                lines.push(`- ${rule.reason}: ${(rule.approvalRate * 100).toFixed(0)}% approved after deny (${rule.approvedCount}/${rule.denyCount})`);
+            }
+        }
+        return `${lines.join('\n')}\n`;
+    }
+    const lines = [
+        `audit replay: ${report.changedCount} verdict change(s)`,
+        report.candidateConfigPath ? `Candidate config: ${report.candidateConfigPath}` : '',
+        report.configWarning ?? '',
+    ].filter(Boolean);
+    const diffs = report.diffs ?? [];
+    for (const diff of diffs.slice(0, 30)) {
+        lines.push(`- ${diff.summary ?? diff.fingerprint}: ${diff.previousVerdict}/${diff.previousReason} → ${diff.nextVerdict}/${diff.nextReason}`);
+    }
+    return `${lines.join('\n')}\n`;
+}

package/dist/commands/classify-for-report.d.ts

@@ -0,0 +1,9 @@
+import type { ClassifyForReportResult, ExplainKind } from '../types.js';
+export declare function classifyForReport(params: {
+    targetDir?: string;
+    cwd?: string;
+    kind?: ExplainKind;
+    command?: string;
+    toolName?: string;
+    payload?: Record<string, unknown>;
+}): Promise<ClassifyForReportResult>;

package/dist/commands/classify-for-report.js

@@ -0,0 +1,85 @@
+import path from 'node:path';
+import { getAdapter } from '../adapters/registry.js';
+import { repoShellClassifierOptions } from '../adapters/shared/gate-runtime.js';
+import { detectAdapterName, loadConfigFile } from '../config-io.js';
+import { isCapabilityBrokerDemotionActive } from '../core/capability/broker.js';
+import { classifySubagent, classifyToolUse } from '../core/index.js';
+import { isTransactionalEligible } from '../core/transactional/index.js';
+import { classifyShell } from '../core/v2/adapter.js';
+import { egressStatus } from '../services/egress-service.js';
+import { sandboxStatus } from '../services/sandbox-service.js';
+export async function classifyForReport(params) {
+    const repoRoot = path.resolve(params.targetDir ?? process.cwd());
+    const cwd = params.cwd ? path.resolve(params.cwd) : repoRoot;
+    const config = await loadConfigFile(repoRoot);
+    const egress = await egressStatus({ targetDir: repoRoot });
+    const sandbox = await sandboxStatus({ targetDir: repoRoot });
+    const adapter = getAdapter(config.adapter ?? detectAdapterName(repoRoot));
+    const classifierOptions = repoShellClassifierOptions(config, repoRoot, adapter.layout, {
+        brokerFsScope: isCapabilityBrokerDemotionActive(config),
+    });
+    const kind = params.kind ?? 'shell';
+    let input = params.command ?? '';
+    let result;
+    if (kind === 'shell') {
+        if (!params.command) {
+            throw new Error('classify-for-report requires a command for shell classification.');
+        }
+        result = await classifyShell(params.command, cwd, repoRoot, config, classifierOptions);
+        input = params.command;
+    }
+    else if (kind === 'subagent') {
+        const payload = params.payload ?? {
+            tool_name: 'Task',
+            tool_input: { description: params.command ?? '' },
+        };
+        if (!params.command && !params.payload) {
+            throw new Error('classify-for-report requires command or payload for subagent classification.');
+        }
+        result = classifySubagent(payload, repoRoot, classifierOptions);
+        input = params.command ?? JSON.stringify(payload);
+    }
+    else if (kind === 'tool') {
+        const payload = params.payload ??
+            {
+                tool_name: params.toolName ?? 'Shell',
+                tool_input: params.toolName === 'Shell'
+                    ? { command: params.command ?? '' }
+                    : { path: params.command ?? '' },
+            };
+        if (!params.command && !params.payload) {
+            throw new Error('classify-for-report requires command or payload for tool classification.');
+        }
+        result = await classifyToolUse(payload, repoRoot, cwd, config, classifierOptions);
+        input = params.command ?? JSON.stringify(payload);
+    }
+    else {
+        throw new Error(`Unknown classify kind: ${kind}`);
+    }
+    const transactionalEligible = kind === 'shell' && isTransactionalEligible(config, 'shell', result);
+    const permission = result.v2?.would ??
+        (result.verdict === 'allow' || result.verdict === 'allow_flagged' ? 'allow' : 'ask');
+    const tier = result.reason.startsWith('tier0_') || result.reason === 'external_effect'
+        ? 'Tier0'
+        : result.v2?.confidence === 'llm' || result.reason === 'unknown_local_effect'
+            ? 'Tier1'
+            : 'deterministic';
+    return {
+        repoRoot,
+        kind,
+        input,
+        cwd,
+        config,
+        policy: config.policy,
+        overrides: config.overrides,
+        egress: config.egress,
+        egressProxyRunning: egress.running && !egress.foreignProxy && !egress.repoRootMismatch,
+        sandbox: config.sandbox,
+        sandboxBrokerActive: classifierOptions.brokerFsScope === true,
+        l1FullActive: sandbox.l1FullActive,
+        transactionalEligible,
+        permission,
+        tier,
+        result,
+    };
+}

package/dist/commands/doctor.d.ts

@@ -0,0 +1,3 @@
+import type { DoctorOptions, DoctorReport } from '../types.js';
+export declare function doctorProject(options?: DoctorOptions): Promise<DoctorReport>;
+export declare function formatDoctorReport(report: DoctorReport): string;