@haaaiawd/second-nature 0.1.18 → 0.1.20

package/runtime/cli/read-models/operator-explain-map.d.ts

@@ -1,6 +1,6 @@
-/**
- * Maps T5.3.1 operator explain query results into CLI ExplainReadModel (T1.2.1).
- */
-import type { OperatorExplainReadModel } from "../../observability/query/explain-query.js";
-import type { ExplainReadModel, ExplainSubjectKind } from "./types.js";
-export declare function mapOperatorExplainToReadModel(op: OperatorExplainReadModel, subjectKind: ExplainSubjectKind): ExplainReadModel;
+/**
+ * Maps T5.3.1 operator explain query results into CLI ExplainReadModel (T1.2.1).
+ */
+import type { OperatorExplainReadModel } from "../../observability/query/explain-query.js";
+import type { ExplainReadModel, ExplainSubjectKind } from "./types.js";
+export declare function mapOperatorExplainToReadModel(op: OperatorExplainReadModel, subjectKind: ExplainSubjectKind): ExplainReadModel;

package/runtime/cli/read-models/operator-explain-map.js

@@ -1,10 +1,10 @@
-export function mapOperatorExplainToReadModel(op, subjectKind) {
-    return {
-        subjectType: subjectKind,
-        conclusion: op.summary,
-        keyFactors: op.events.map((e) => `${e.eventId}:${e.summary}`),
-        evidenceRefs: op.relatedEventIds.map((id) => `audit_event:${id}`),
-        warnings: op.warnings.length ? op.warnings : undefined,
-        relatedAuditEventIds: op.relatedEventIds.length ? op.relatedEventIds : undefined,
-    };
-}
+export function mapOperatorExplainToReadModel(op, subjectKind) {
+    return {
+        subjectType: subjectKind,
+        conclusion: op.summary,
+        keyFactors: op.events.map((e) => `${e.eventId}:${e.summary}`),
+        evidenceRefs: op.relatedEventIds.map((id) => `audit_event:${id}`),
+        warnings: op.warnings.length ? op.warnings : undefined,
+        relatedAuditEventIds: op.relatedEventIds.length ? op.relatedEventIds : undefined,
+    };
+}

package/runtime/cli/read-models/types.d.ts

@@ -1,79 +1,129 @@
-export interface RuntimeSummary {
-    host: "openclaw-plugin";
-    serviceStatus: "idle" | "running" | "degraded" | "unknown";
-    updatedAt: string;
-}
-export interface RhythmSummary {
-    mode: "active" | "quiet" | "maintenance_only" | "paused_for_interrupt" | "unknown";
-    windowId?: string;
-}
-export interface QuietSummary {
-    mode: "active" | "quiet" | "maintenance_only" | "paused_for_interrupt" | "unknown";
-    lastEvent?: string;
-    interrupted?: boolean;
-}
-export interface ConnectorSummary {
-    platformId: string;
-    status: "healthy" | "degraded" | "blocked" | "unknown";
-    channel?: string;
-    failureClass?: string;
-}
-export interface CredentialSummary {
-    platformId: string;
-    status: "missing" | "pending_verification" | "active" | "expired" | "revoked" | "failed";
-    nextStep?: string;
-}
-export interface RiskSummary {
-    level: "low" | "medium" | "high";
-    flags: string[];
-}
-export interface StatusReadModel {
-    runtime: RuntimeSummary;
-    rhythm: RhythmSummary;
-    quiet: QuietSummary;
-    connectors: ConnectorSummary[];
-    credentials: CredentialSummary[];
-    risk: RiskSummary;
-}
-export interface DailyReportReadModel {
-    day: string;
-    summary: string;
-    highlights: string[];
-    sourceRefs: string[];
-}
-export interface QuietReadModel {
-    scope?: string;
-    mode: "active" | "quiet" | "maintenance_only" | "paused_for_interrupt" | "unknown";
-    sourceCount: number;
-    reportCount: number;
-    recentJournalCount: number;
-}
-export interface SessionDetailReadModel {
-    requestedSessionId: string;
-    traceId: string;
-    decisionCount: number;
-    attemptCount: number;
-    governanceCount: number;
-    keyFactors: string[];
-    evidenceRefs: string[];
-}
-export interface CredentialReadModel {
-    platformId: string;
-    status: "missing" | "pending_verification" | "active" | "expired" | "revoked" | "failed";
-    verificationDeadline?: string;
-    attemptsRemaining?: number;
-    nextStep?: string;
-}
-export type ExplainSubjectKind = "decision" | "platform-selection" | "outreach" | "soul-change" | "fallback" | "probe" | "delivery" | "report" | "source_ref";
-export interface ExplainReadModel {
-    subjectType: ExplainSubjectKind;
-    conclusion: string;
-    keyFactors: string[];
-    evidenceRefs: string[];
-    policyRefs?: string[];
-    requiredUserInput?: string[];
-    nextStep?: string;
-    /** Operator / lived-experience audit warnings (e.g. no user-visible contact) */
-    warnings?: string[];
-    relatedAuditEventIds?: string[];
-}
+export interface RuntimeSummary {
+    host: "openclaw-plugin";
+    /**
+     * T1.2.9 (SN-CODE-04): `awaiting_sources` signals that the last runtime cycle was
+     * control-plane denied (decision_denied) — no eligible intent found, NOT a delivery
+     * or execution fault. Operators must not interpret this as a runtime crash.
+     */
+    serviceStatus: "idle" | "running" | "degraded" | "awaiting_sources" | "unknown";
+    updatedAt: string;
+}
+export interface RhythmSummary {
+    mode: "active" | "quiet" | "maintenance_only" | "paused_for_interrupt" | "unknown";
+    windowId?: string;
+}
+export interface QuietSummary {
+    mode: "active" | "quiet" | "maintenance_only" | "paused_for_interrupt" | "unknown";
+    lastEvent?: string;
+    interrupted?: boolean;
+}
+export interface ConnectorSummary {
+    platformId: string;
+    status: "healthy" | "degraded" | "blocked" | "unknown";
+    channel?: string;
+    failureClass?: string;
+}
+export interface CredentialSummary {
+    platformId: string;
+    status: "missing" | "pending_verification" | "active" | "expired" | "revoked" | "failed";
+    nextStep?: string;
+}
+export interface RiskSummary {
+    level: "low" | "medium" | "high";
+    flags: string[];
+}
+/**
+ * T1.2.5 (CH-14-04): delivery posture summarises why `deliveryCapability.target` is `none`
+ * and which layer set it — workspace heartbeat default vs OpenClaw cron config vs host probe.
+ *
+ * CH-15-02 implementation note: `loadStatus` currently always emits `workspace_default_none`
+ * because the workspace heartbeat hardcodes `target: none` and no T1.1.2 HostCapabilityReport
+ * probe is wired into the read model path yet.  The other two `source` values are reserved for
+ * future integration:
+ *   - `openclaw_cron_delivery_none`: when the OpenClaw cron layer exposes `delivery.mode: none`
+ *     in the host config and that value is surfaced via a new probe or bridge field.
+ *   - `host_capability_probe`: when `HostCapabilityReport.deliveryTarget` is read from the DB
+ *     (T1.1.2) and routed into `loadStatus`.
+ * Do NOT infer either value without a real observation — see ADR-007 "no proof, not sent".
+ */
+export interface DeliveryPosture {
+    /** Current effective verdict: none = no delivery channel; available = a valid target exists. */
+    verdict: "none" | "available";
+    /**
+     * Stable source discriminator for operator tooling (CH-15-02: only workspace_default_none
+     * is emitted today; cron/probe values require additional host-side wiring):
+     *   workspace_default_none — workspace heartbeat hardcodes target:none (no host probe ran).
+     *   openclaw_cron_delivery_none — cron layer has delivery.mode:none (host config decision).
+     *   host_capability_probe — a HostCapabilityReport probe determined the posture.
+     */
+    source: "workspace_default_none" | "openclaw_cron_delivery_none" | "host_capability_probe";
+    /** Human-readable reason code included in explain surfaces. */
+    reasonCode: string;
+}
+export interface StatusReadModel {
+    runtime: RuntimeSummary;
+    rhythm: RhythmSummary;
+    quiet: QuietSummary;
+    connectors: ConnectorSummary[];
+    credentials: CredentialSummary[];
+    risk: RiskSummary;
+    /**
+     * T1.2.5: structured delivery posture so operators can distinguish workspace default "none"
+     * from cron-layer "none" without inspecting raw heartbeat JSON.
+     */
+    deliveryPosture?: DeliveryPosture;
+}
+export interface DailyReportReadModel {
+    day: string;
+    summary: string;
+    highlights: string[];
+    sourceRefs: string[];
+}
+export interface QuietReadModel {
+    scope?: string;
+    mode: "active" | "quiet" | "maintenance_only" | "paused_for_interrupt" | "unknown";
+    sourceCount: number;
+    reportCount: number;
+    recentJournalCount: number;
+}
+export interface SessionDetailReadModel {
+    requestedSessionId: string;
+    traceId: string;
+    decisionCount: number;
+    attemptCount: number;
+    governanceCount: number;
+    keyFactors: string[];
+    evidenceRefs: string[];
+}
+export interface CredentialReadModel {
+    platformId: string;
+    status: "missing" | "pending_verification" | "active" | "expired" | "revoked" | "failed";
+    verificationDeadline?: string;
+    attemptsRemaining?: number;
+    nextStep?: string;
+}
+export type ExplainSubjectKind = "decision" | "platform-selection" | "outreach" | "soul-change" | "fallback" | "probe" | "delivery" | "report" | "source_ref";
+export interface ExplainReadModel {
+    subjectType: ExplainSubjectKind;
+    conclusion: string;
+    keyFactors: string[];
+    evidenceRefs: string[];
+    policyRefs?: string[];
+    requiredUserInput?: string[];
+    nextStep?: string;
+    /** Operator / lived-experience audit warnings (e.g. no user-visible contact) */
+    warnings?: string[];
+    relatedAuditEventIds?: string[];
+}
+/** T1.2.7 (SN-CODE-02) — minimal audit read-side summary for operator `audit` command. */
+export interface AuditEventSummaryEntry {
+    eventId: string;
+    family: string;
+    plane: string;
+    createdAt: string;
+    sensitivity: string;
+}
+export interface AuditSummaryReadModel {
+    totalEvents: number;
+    events: AuditEventSummaryEntry[];
+}

package/runtime/cli/runtime/runtime-artifact-boundary.d.ts

@@ -1,28 +1,28 @@
-export type SurfaceMode = "host_safe_carrier" | "workspace_full_runtime" | "capability_probe";
-export type RuntimeArtifactModule = "runtime_registration" | "ops_router" | "heartbeat_bridge_adapter" | "host_capability_adapter" | "probe_runner" | "read_model_adapter" | "fallback_shell";
-export interface RuntimeArtifactBoundary {
-    surfaceMode: SurfaceMode;
-    includes: RuntimeArtifactModule[];
-    fallbackAllowed: boolean;
-    sourcePathDependencyAllowed: false;
-}
-export type ResolvePackagedRuntimeResult = {
-    ok: true;
-    runtimeRoot: string;
-    boundary: RuntimeArtifactBoundary;
-    resolvedModules: Partial<Record<RuntimeArtifactModule, string>>;
-} | {
-    ok: false;
-    code: "runtime_artifact_missing" | "runtime_layout_incomplete";
-    message: string;
-    runtimeRoot: string;
-    missingPaths: string[];
-};
-/** Relative paths under `plugin/runtime/` that the packaging script must copy. */
-export declare const PACKAGED_RUNTIME_REQUIRED_ENTRIES: readonly string[];
-export declare function detectForbiddenSourcePathDependencies(sourceText: string): string[];
-export declare function defaultRuntimeArtifactBoundary(surfaceMode?: SurfaceMode): RuntimeArtifactBoundary;
-/**
- * Verify packaged plugin `runtime/` tree and entrypoints required for ADR-006 closure.
- */
-export declare function resolvePackagedRuntime(packageRoot: string): ResolvePackagedRuntimeResult;
+export type SurfaceMode = "host_safe_carrier" | "workspace_full_runtime" | "capability_probe";
+export type RuntimeArtifactModule = "runtime_registration" | "ops_router" | "heartbeat_bridge_adapter" | "host_capability_adapter" | "probe_runner" | "read_model_adapter" | "fallback_shell";
+export interface RuntimeArtifactBoundary {
+    surfaceMode: SurfaceMode;
+    includes: RuntimeArtifactModule[];
+    fallbackAllowed: boolean;
+    sourcePathDependencyAllowed: false;
+}
+export type ResolvePackagedRuntimeResult = {
+    ok: true;
+    runtimeRoot: string;
+    boundary: RuntimeArtifactBoundary;
+    resolvedModules: Partial<Record<RuntimeArtifactModule, string>>;
+} | {
+    ok: false;
+    code: "runtime_artifact_missing" | "runtime_layout_incomplete";
+    message: string;
+    runtimeRoot: string;
+    missingPaths: string[];
+};
+/** Relative paths under `plugin/runtime/` that the packaging script must copy. */
+export declare const PACKAGED_RUNTIME_REQUIRED_ENTRIES: readonly string[];
+export declare function detectForbiddenSourcePathDependencies(sourceText: string): string[];
+export declare function defaultRuntimeArtifactBoundary(surfaceMode?: SurfaceMode): RuntimeArtifactBoundary;
+/**
+ * Verify packaged plugin `runtime/` tree and entrypoints required for ADR-006 closure.
+ */
+export declare function resolvePackagedRuntime(packageRoot: string): ResolvePackagedRuntimeResult;

package/runtime/cli/runtime/runtime-artifact-boundary.js

@@ -1,94 +1,94 @@
-/**
- * Packaged runtime artifact boundary (cli-system / ADR-006).
- *
- * Core logic: resolve plugin-local `runtime/` layout produced by build-plugin-package;
- * forbid dev-only imports that reach repo `src/` from published surfaces.
- *
- * Boundaries: filesystem checks only; does not execute host loaders.
- *
- * Test coverage: tests/unit/cli/runtime-artifact-boundary.test.ts
- */
-import fs from "node:fs";
-import path from "node:path";
-/** Relative paths under `plugin/runtime/` that the packaging script must copy. */
-export const PACKAGED_RUNTIME_REQUIRED_ENTRIES = [
-    "cli/index.js",
-    "storage/index.js",
-    "observability/index.js",
-    "core/second-nature/index.js",
-    "core/second-nature/runtime/service-entry.js",
-    "guidance/index.js",
-    "connectors/index.js",
-    "shared/types/index.js",
-];
-const DEFAULT_INCLUDES = [
-    "runtime_registration",
-    "ops_router",
-    "heartbeat_bridge_adapter",
-    "read_model_adapter",
-    "fallback_shell",
-];
-const SOURCE_REPO_PATH_PATTERN = /(?:from\s+["']|import\s+["']|require\s*\(\s*["'])(?:\.\.\/)+src\//i;
-export function detectForbiddenSourcePathDependencies(sourceText) {
-    const hits = [];
-    const lines = sourceText.split(/\r?\n/);
-    for (let i = 0; i < lines.length; i += 1) {
-        const line = lines[i];
-        if (SOURCE_REPO_PATH_PATTERN.test(line)) {
-            hits.push(`line ${i + 1}: ${line.trim()}`);
-        }
-    }
-    return hits;
-}
-export function defaultRuntimeArtifactBoundary(surfaceMode = "workspace_full_runtime") {
-    return {
-        surfaceMode,
-        includes: [...DEFAULT_INCLUDES],
-        fallbackAllowed: true,
-        sourcePathDependencyAllowed: false,
-    };
-}
-/**
- * Verify packaged plugin `runtime/` tree and entrypoints required for ADR-006 closure.
- */
-export function resolvePackagedRuntime(packageRoot) {
-    const runtimeRoot = path.join(packageRoot, "runtime");
-    if (!fs.existsSync(runtimeRoot) || !fs.statSync(runtimeRoot).isDirectory()) {
-        return {
-            ok: false,
-            code: "runtime_artifact_missing",
-            message: `runtime directory missing under ${packageRoot}`,
-            runtimeRoot,
-            missingPaths: [runtimeRoot],
-        };
-    }
-    const missingPaths = [];
-    for (const rel of PACKAGED_RUNTIME_REQUIRED_ENTRIES) {
-        const abs = path.join(runtimeRoot, rel);
-        if (!fs.existsSync(abs)) {
-            missingPaths.push(abs);
-        }
-    }
-    if (missingPaths.length > 0) {
-        return {
-            ok: false,
-            code: "runtime_layout_incomplete",
-            message: "packaged runtime is missing one or more required compiled modules",
-            runtimeRoot,
-            missingPaths,
-        };
-    }
-    const resolvedModules = {
-        ops_router: path.join(runtimeRoot, "cli/index.js"),
-        runtime_registration: path.join(runtimeRoot, "core/second-nature/runtime/service-entry.js"),
-        heartbeat_bridge_adapter: path.join(runtimeRoot, "core/second-nature/heartbeat/index.js"),
-        read_model_adapter: path.join(runtimeRoot, "cli/read-models/index.js"),
-        fallback_shell: path.join(runtimeRoot, "cli/index.js"),
-    };
-    return {
-        ok: true,
-        runtimeRoot,
-        boundary: defaultRuntimeArtifactBoundary(),
-        resolvedModules,
-    };
-}
+/**
+ * Packaged runtime artifact boundary (cli-system / ADR-006).
+ *
+ * Core logic: resolve plugin-local `runtime/` layout produced by build-plugin-package;
+ * forbid dev-only imports that reach repo `src/` from published surfaces.
+ *
+ * Boundaries: filesystem checks only; does not execute host loaders.
+ *
+ * Test coverage: tests/unit/cli/runtime-artifact-boundary.test.ts
+ */
+import fs from "node:fs";
+import path from "node:path";
+/** Relative paths under `plugin/runtime/` that the packaging script must copy. */
+export const PACKAGED_RUNTIME_REQUIRED_ENTRIES = [
+    "cli/index.js",
+    "storage/index.js",
+    "observability/index.js",
+    "core/second-nature/index.js",
+    "core/second-nature/runtime/service-entry.js",
+    "guidance/index.js",
+    "connectors/index.js",
+    "shared/types/index.js",
+];
+const DEFAULT_INCLUDES = [
+    "runtime_registration",
+    "ops_router",
+    "heartbeat_bridge_adapter",
+    "read_model_adapter",
+    "fallback_shell",
+];
+const SOURCE_REPO_PATH_PATTERN = /(?:from\s+["']|import\s+["']|require\s*\(\s*["'])(?:\.\.\/)+src\//i;
+export function detectForbiddenSourcePathDependencies(sourceText) {
+    const hits = [];
+    const lines = sourceText.split(/\r?\n/);
+    for (let i = 0; i < lines.length; i += 1) {
+        const line = lines[i];
+        if (SOURCE_REPO_PATH_PATTERN.test(line)) {
+            hits.push(`line ${i + 1}: ${line.trim()}`);
+        }
+    }
+    return hits;
+}
+export function defaultRuntimeArtifactBoundary(surfaceMode = "workspace_full_runtime") {
+    return {
+        surfaceMode,
+        includes: [...DEFAULT_INCLUDES],
+        fallbackAllowed: true,
+        sourcePathDependencyAllowed: false,
+    };
+}
+/**
+ * Verify packaged plugin `runtime/` tree and entrypoints required for ADR-006 closure.
+ */
+export function resolvePackagedRuntime(packageRoot) {
+    const runtimeRoot = path.join(packageRoot, "runtime");
+    if (!fs.existsSync(runtimeRoot) || !fs.statSync(runtimeRoot).isDirectory()) {
+        return {
+            ok: false,
+            code: "runtime_artifact_missing",
+            message: `runtime directory missing under ${packageRoot}`,
+            runtimeRoot,
+            missingPaths: [runtimeRoot],
+        };
+    }
+    const missingPaths = [];
+    for (const rel of PACKAGED_RUNTIME_REQUIRED_ENTRIES) {
+        const abs = path.join(runtimeRoot, rel);
+        if (!fs.existsSync(abs)) {
+            missingPaths.push(abs);
+        }
+    }
+    if (missingPaths.length > 0) {
+        return {
+            ok: false,
+            code: "runtime_layout_incomplete",
+            message: "packaged runtime is missing one or more required compiled modules",
+            runtimeRoot,
+            missingPaths,
+        };
+    }
+    const resolvedModules = {
+        ops_router: path.join(runtimeRoot, "cli/index.js"),
+        runtime_registration: path.join(runtimeRoot, "core/second-nature/runtime/service-entry.js"),
+        heartbeat_bridge_adapter: path.join(runtimeRoot, "core/second-nature/heartbeat/index.js"),
+        read_model_adapter: path.join(runtimeRoot, "cli/read-models/index.js"),
+        fallback_shell: path.join(runtimeRoot, "cli/index.js"),
+    };
+    return {
+        ok: true,
+        runtimeRoot,
+        boundary: defaultRuntimeArtifactBoundary(),
+        resolvedModules,
+    };
+}