@hongmaple0820/scale-engine 0.26.0 → 0.27.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.en.md +19 -3
- package/README.md +19 -3
- package/dist/api/cli.js +57 -9
- package/dist/api/cli.js.map +1 -1
- package/dist/cli/phaseCommands.js +8 -8
- package/dist/cli/phaseCommands.js.map +1 -1
- package/dist/context/ContextBudget.d.ts +14 -0
- package/dist/context/ContextBudget.js +50 -14
- package/dist/context/ContextBudget.js.map +1 -1
- package/dist/context/ContextCompiler.d.ts +34 -0
- package/dist/context/ContextCompiler.js +120 -0
- package/dist/context/ContextCompiler.js.map +1 -0
- package/dist/eval/WorkflowEval.js +4 -6
- package/dist/eval/WorkflowEval.js.map +1 -1
- package/dist/governance/GovernanceRoi.d.ts +6 -1
- package/dist/governance/GovernanceRoi.js +32 -0
- package/dist/governance/GovernanceRoi.js.map +1 -1
- package/dist/guardrails/DependencyAuditor.js +38 -0
- package/dist/guardrails/DependencyAuditor.js.map +1 -1
- package/dist/index.d.ts +1 -0
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/runtime/AiOsRuntime.d.ts +53 -0
- package/dist/runtime/AiOsRuntime.js +142 -0
- package/dist/runtime/AiOsRuntime.js.map +1 -0
- package/dist/runtime/index.d.ts +1 -0
- package/dist/runtime/index.js +1 -0
- package/dist/runtime/index.js.map +1 -1
- package/dist/skills/routing/SkillPlanner.js +91 -3
- package/dist/skills/routing/SkillPlanner.js.map +1 -1
- package/dist/skills/routing/SkillRoutingTypes.d.ts +17 -0
- package/dist/tools/SafeCommandRunner.d.ts +16 -0
- package/dist/tools/SafeCommandRunner.js +83 -0
- package/dist/tools/SafeCommandRunner.js.map +1 -0
- package/dist/workflow/gates/GateSystem.js +3 -9
- package/dist/workflow/gates/GateSystem.js.map +1 -1
- package/docs/AI_ENGINEERING_OS_POSITIONING.md +462 -0
- package/docs/CONTEXT_BUDGET.md +43 -1
- package/docs/DEPENDENCY_AUDIT.md +29 -0
- package/docs/MEMORY_FABRIC.md +2 -0
- package/docs/README.md +1 -0
- package/docs/SKILL_RADAR.md +13 -0
- package/package.json +9 -2
|
@@ -0,0 +1,142 @@
|
|
|
1
|
+
import { resolve } from 'node:path';
|
|
2
|
+
import { buildContextPack, scanContextBudget, } from '../context/ContextBudget.js';
|
|
3
|
+
import { createGovernanceRoiReport, } from '../governance/GovernanceRoi.js';
|
|
4
|
+
import { evaluateProgressiveGovernance, } from '../governance/ProgressiveGovernance.js';
|
|
5
|
+
import { MemoryFabric, recallMemoryProviders, } from '../memory/index.js';
|
|
6
|
+
import { createSkillPlan, loadSkillRoutingPolicy, } from '../skills/routing/index.js';
|
|
7
|
+
import { SCALE_ENGINE_VERSION } from '../version.js';
|
|
8
|
+
export async function createAiOsPlan(input) {
|
|
9
|
+
const projectDir = resolve(input.projectDir ?? process.cwd());
|
|
10
|
+
const scaleDir = input.scaleDir ?? '.scale';
|
|
11
|
+
const level = normalizeSkillTaskLevel(input.level);
|
|
12
|
+
const files = input.files ?? [];
|
|
13
|
+
const services = input.services ?? [];
|
|
14
|
+
const taskId = input.taskId;
|
|
15
|
+
const budget = input.budget ?? 8_000;
|
|
16
|
+
const governance = evaluateProgressiveGovernance({
|
|
17
|
+
task: input.task,
|
|
18
|
+
changedFiles: files,
|
|
19
|
+
requestedMode: input.requestedMode,
|
|
20
|
+
});
|
|
21
|
+
const contextBudget = scanContextBudget({ projectDir, scaleDir, maxTaskTokens: budget });
|
|
22
|
+
const context = buildContextPack({
|
|
23
|
+
projectDir,
|
|
24
|
+
scaleDir,
|
|
25
|
+
task: input.task,
|
|
26
|
+
taskId,
|
|
27
|
+
level,
|
|
28
|
+
files,
|
|
29
|
+
budget,
|
|
30
|
+
});
|
|
31
|
+
const memoryRecall = await recallMemoryProviders({
|
|
32
|
+
projectDir,
|
|
33
|
+
scaleDir,
|
|
34
|
+
query: [input.task, files.join(' ')].filter(Boolean).join('\n'),
|
|
35
|
+
task: input.task,
|
|
36
|
+
files,
|
|
37
|
+
limit: input.memoryTopK ?? 5,
|
|
38
|
+
});
|
|
39
|
+
const memoryPack = await new MemoryFabric({
|
|
40
|
+
projectDir,
|
|
41
|
+
scaleDir,
|
|
42
|
+
knowledgeBase: input.knowledgeBase,
|
|
43
|
+
}).createContextPack({
|
|
44
|
+
task: input.task,
|
|
45
|
+
taskId,
|
|
46
|
+
level,
|
|
47
|
+
files,
|
|
48
|
+
budgetTokens: Math.max(1, Math.floor(budget / 2)),
|
|
49
|
+
knowledgeTopK: input.memoryTopK,
|
|
50
|
+
});
|
|
51
|
+
const skillPolicy = loadSkillRoutingPolicy(projectDir, scaleDir);
|
|
52
|
+
const skillPlan = createSkillPlan({
|
|
53
|
+
taskId: taskId ?? `AIOS-${Date.now()}`,
|
|
54
|
+
taskName: input.task,
|
|
55
|
+
description: input.task,
|
|
56
|
+
level,
|
|
57
|
+
files,
|
|
58
|
+
services,
|
|
59
|
+
policy: skillPolicy,
|
|
60
|
+
});
|
|
61
|
+
const adaptiveWorkflow = createAdaptiveWorkflow(governance, skillPlan);
|
|
62
|
+
const roi = createGovernanceRoiReport({
|
|
63
|
+
taskId,
|
|
64
|
+
contextBudget,
|
|
65
|
+
contextPack: context,
|
|
66
|
+
governance,
|
|
67
|
+
memoryRecall,
|
|
68
|
+
skillPlan,
|
|
69
|
+
});
|
|
70
|
+
return {
|
|
71
|
+
version: SCALE_ENGINE_VERSION,
|
|
72
|
+
generatedAt: new Date().toISOString(),
|
|
73
|
+
task: {
|
|
74
|
+
taskId,
|
|
75
|
+
task: input.task,
|
|
76
|
+
level,
|
|
77
|
+
files,
|
|
78
|
+
services,
|
|
79
|
+
},
|
|
80
|
+
governance,
|
|
81
|
+
adaptiveWorkflow,
|
|
82
|
+
context,
|
|
83
|
+
memory: {
|
|
84
|
+
providerOrder: memoryRecall.providerOrder,
|
|
85
|
+
selectedProviders: memoryRecall.selectedProviders,
|
|
86
|
+
fallbackUsed: memoryRecall.fallbackUsed,
|
|
87
|
+
items: memoryRecall.items,
|
|
88
|
+
warnings: memoryRecall.warnings,
|
|
89
|
+
contextPack: memoryPack,
|
|
90
|
+
},
|
|
91
|
+
skillPlan,
|
|
92
|
+
roi,
|
|
93
|
+
recommendations: recommendations({ governance, context, memoryRecall, skillPlan }),
|
|
94
|
+
};
|
|
95
|
+
}
|
|
96
|
+
function createAdaptiveWorkflow(governance, skillPlan) {
|
|
97
|
+
const gates = new Set();
|
|
98
|
+
gates.add('context-compiler');
|
|
99
|
+
gates.add('memory-provider-recall');
|
|
100
|
+
if (skillPlan.required || skillPlan.executionPlan.steps.length > 0)
|
|
101
|
+
gates.add('skill-evidence');
|
|
102
|
+
gates.add('runtime-evidence');
|
|
103
|
+
if (governance.effectiveMode === 'expanded' || governance.effectiveMode === 'critical')
|
|
104
|
+
gates.add('impact-analysis');
|
|
105
|
+
if (governance.effectiveMode === 'critical')
|
|
106
|
+
gates.add('security-review');
|
|
107
|
+
return {
|
|
108
|
+
strategy: 'risk-adaptive-runtime-v1',
|
|
109
|
+
mode: governance.effectiveMode,
|
|
110
|
+
requiredBehaviors: governance.requiredBehaviors,
|
|
111
|
+
gates: Array.from(gates),
|
|
112
|
+
exitCriteria: [
|
|
113
|
+
'Context compiler explains included and omitted sections.',
|
|
114
|
+
'Memory recall records provider, score, and evidence paths.',
|
|
115
|
+
'Skill plan lists required proof and fallback policy.',
|
|
116
|
+
'Governance ROI states benefit and overhead before completion.',
|
|
117
|
+
],
|
|
118
|
+
};
|
|
119
|
+
}
|
|
120
|
+
function recommendations(options) {
|
|
121
|
+
const output = [];
|
|
122
|
+
if (options.context.compiler?.estimatedTokenSavings) {
|
|
123
|
+
output.push(`Keep context compiler active; estimated savings ${options.context.compiler.estimatedTokenSavings} tokens for this task pack.`);
|
|
124
|
+
}
|
|
125
|
+
if (options.memoryRecall.items.length === 0) {
|
|
126
|
+
output.push('No memory recall result found; continue with local evidence and settle reusable knowledge after verification.');
|
|
127
|
+
}
|
|
128
|
+
if (options.skillPlan.executionPlan.steps.length > 0) {
|
|
129
|
+
output.push(`Follow ${options.skillPlan.executionPlan.steps.length} skill routing step(s) and record evidence before ship.`);
|
|
130
|
+
}
|
|
131
|
+
if (options.governance.effectiveMode === 'critical') {
|
|
132
|
+
output.push('Critical workflow mode requires security review and rollback or disable strategy.');
|
|
133
|
+
}
|
|
134
|
+
return output;
|
|
135
|
+
}
|
|
136
|
+
function normalizeSkillTaskLevel(value) {
|
|
137
|
+
const normalized = String(value ?? 'M').trim().toUpperCase();
|
|
138
|
+
if (normalized === 'S' || normalized === 'M' || normalized === 'L' || normalized === 'CRITICAL')
|
|
139
|
+
return normalized;
|
|
140
|
+
throw new Error(`Invalid task level "${String(value)}"; expected S, M, L, or CRITICAL.`);
|
|
141
|
+
}
|
|
142
|
+
//# sourceMappingURL=AiOsRuntime.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"AiOsRuntime.js","sourceRoot":"","sources":["../../src/runtime/AiOsRuntime.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AACnC,OAAO,EACL,gBAAgB,EAChB,iBAAiB,GAElB,MAAM,6BAA6B,CAAA;AACpC,OAAO,EACL,yBAAyB,GAE1B,MAAM,gCAAgC,CAAA;AACvC,OAAO,EACL,6BAA6B,GAG9B,MAAM,wCAAwC,CAAA;AAE/C,OAAO,EACL,YAAY,EACZ,qBAAqB,GAGtB,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EACL,eAAe,EACf,sBAAsB,GAGvB,MAAM,4BAA4B,CAAA;AACnC,OAAO,EAAE,oBAAoB,EAAE,MAAM,eAAe,CAAA;AAoDpD,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,KAAuB;IAC1D,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,CAAC,UAAU,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC,CAAA;IAC7D,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,QAAQ,CAAA;IAC3C,MAAM,KAAK,GAAG,uBAAuB,CAAC,KAAK,CAAC,KAAK,CAAC,CAAA;IAClD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,IAAI,EAAE,CAAA;IAC/B,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,EAAE,CAAA;IACrC,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAA;IAC3B,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,IAAI,KAAK,CAAA;IAEpC,MAAM,UAAU,GAAG,6BAA6B,CAAC;QAC/C,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,YAAY,EAAE,KAAK;QACnB,aAAa,EAAE,KAAK,CAAC,aAAa;KACnC,CAAC,CAAA;IACF,MAAM,aAAa,GAAG,iBAAiB,CAAC,EAAE,UAAU,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAA;IACxF,MAAM,OAAO,GAAG,gBAAgB,CAAC;QAC/B,UAAU;QACV,QAAQ;QACR,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,MAAM;QACN,KAAK;QACL,KAAK;QACL,MAAM;KACP,CAAC,CAAA;IACF,MAAM,YAAY,GAAG,MAAM,qBAAqB,CAAC;QAC/C,UAAU;QACV,QAAQ;QACR,KAAK,EAAE,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;QAC/D,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,KAAK;QACL,KAAK,EAAE,KAAK,CAAC,UAAU,IAAI,CAAC;KAC7B,CAAC,CAAA;IACF,MAAM,UAAU,GAAG,MAAM,IAAI,YAAY,CAAC;QACxC,UAAU;QACV,QAAQ;QACR,aAAa,EAAE,KAAK,CAAC,aAAa;KACnC,CAAC,CAAC,iBAAiB,CAAC;QACnB,IAAI,EAAE,KAAK,CAAC,IAAI;QAChB,MAAM;QACN,KAAK;QACL,KAAK;QACL,YAAY,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACjD,aAAa,EAAE,KAAK,CAAC,UAAU;KAChC,CAAC,CAAA;IACF,MAAM,WAAW,GAAG,sBAAsB,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAA;IAChE,MAAM,SAAS,GAAG,eAAe,CAAC;QAChC,MAAM,EAAE,MAAM,IAAI,QAAQ,IAAI,CAAC,GAAG,EAAE,EAAE;QACtC,QAAQ,EAAE,KAAK,CAAC,IAAI;QACpB,WAAW,EAAE,KAAK,CAAC,IAAI;QACvB,KAAK;QACL,KAAK;QACL,QAAQ;QACR,MAAM,EAAE,WAAW;KACpB,CAAC,CAAA;IACF,MAAM,gBAAgB,GAAG,sBAAsB,CAAC,UAAU,EAAE,SAAS,CAAC,CAAA;IACtE,MAAM,GAAG,GAAG,yBAAyB,CAAC;QACpC,MAAM;QACN,aAAa;QACb,WAAW,EAAE,OAAO;QACpB,UAAU;QACV,YAAY;QACZ,SAAS;KACV,CAAC,CAAA;IAEF,OAAO;QACL,OAAO,EAAE,oBAAoB;QAC7B,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACrC,IAAI,EAAE;YACJ,MAAM;YACN,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,KAAK;YACL,KAAK;YACL,QAAQ;SACT;QACD,UAAU;QACV,gBAAgB;QAChB,OAAO;QACP,MAAM,EAAE;YACN,aAAa,EAAE,YAAY,CAAC,aAAa;YACzC,iBAAiB,EAAE,YAAY,CAAC,iBAAiB;YACjD,YAAY,EAAE,YAAY,CAAC,YAAY;YACvC,KAAK,EAAE,YAAY,CAAC,KAAK;YACzB,QAAQ,EAAE,YAAY,CAAC,QAAQ;YAC/B,WAAW,EAAE,UAAU;SACxB;QACD,SAAS;QACT,GAAG;QACH,eAAe,EAAE,eAAe,CAAC,EAAE,UAAU,EAAE,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,CAAC;KACnF,CAAA;AACH,CAAC;AAED,SAAS,sBAAsB,CAAC,UAAuC,EAAE,SAAoB;IAC3F,MAAM,KAAK,GAAG,IAAI,GAAG,EAAU,CAAA;IAC/B,KAAK,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAA;IAC7B,KAAK,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAA;IACnC,IAAI,SAAS,CAAC,QAAQ,IAAI,SAAS,CAAC,aAAa,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC;QAAE,KAAK,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAA;IAC/F,KAAK,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAA;IAC7B,IAAI,UAAU,CAAC,aAAa,KAAK,UAAU,IAAI,UAAU,CAAC,aAAa,KAAK,UAAU;QAAE,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAA;IACpH,IAAI,UAAU,CAAC,aAAa,KAAK,UAAU;QAAE,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAA;IACzE,OAAO;QACL,QAAQ,EAAE,0BAA0B;QACpC,IAAI,EAAE,UAAU,CAAC,aAAa;QAC9B,iBAAiB,EAAE,UAAU,CAAC,iBAAiB;QAC/C,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;QACxB,YAAY,EAAE;YACZ,0DAA0D;YAC1D,4DAA4D;YAC5D,sDAAsD;YACtD,+DAA+D;SAChE;KACF,CAAA;AACH,CAAC;AAED,SAAS,eAAe,CAAC,OAKxB;IACC,MAAM,MAAM,GAAa,EAAE,CAAA;IAC3B,IAAI,OAAO,CAAC,OAAO,CAAC,QAAQ,EAAE,qBAAqB,EAAE,CAAC;QACpD,MAAM,CAAC,IAAI,CAAC,mDAAmD,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,6BAA6B,CAAC,CAAA;IAC7I,CAAC;IACD,IAAI,OAAO,CAAC,YAAY,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5C,MAAM,CAAC,IAAI,CAAC,+GAA+G,CAAC,CAAA;IAC9H,CAAC;IACD,IAAI,OAAO,CAAC,SAAS,CAAC,aAAa,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrD,MAAM,CAAC,IAAI,CAAC,UAAU,OAAO,CAAC,SAAS,CAAC,aAAa,CAAC,KAAK,CAAC,MAAM,yDAAyD,CAAC,CAAA;IAC9H,CAAC;IACD,IAAI,OAAO,CAAC,UAAU,CAAC,aAAa,KAAK,UAAU,EAAE,CAAC;QACpD,MAAM,CAAC,IAAI,CAAC,mFAAmF,CAAC,CAAA;IAClG,CAAC;IACD,OAAO,MAAM,CAAA;AACf,CAAC;AAED,SAAS,uBAAuB,CAAC,KAAc;IAC7C,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAA;IAC5D,IAAI,UAAU,KAAK,GAAG,IAAI,UAAU,KAAK,GAAG,IAAI,UAAU,KAAK,GAAG,IAAI,UAAU,KAAK,UAAU;QAAE,OAAO,UAAU,CAAA;IAClH,MAAM,IAAI,KAAK,CAAC,uBAAuB,MAAM,CAAC,KAAK,CAAC,mCAAmC,CAAC,CAAA;AAC1F,CAAC"}
|
package/dist/runtime/index.d.ts
CHANGED
package/dist/runtime/index.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/runtime/index.ts"],"names":[],"mappings":"AAAA,cAAc,4BAA4B,CAAA;AAC1C,cAAc,oBAAoB,CAAA;AAClC,cAAc,oBAAoB,CAAA;AAClC,cAAc,uBAAuB,CAAA;AACrC,cAAc,uBAAuB,CAAA"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/runtime/index.ts"],"names":[],"mappings":"AAAA,cAAc,4BAA4B,CAAA;AAC1C,cAAc,oBAAoB,CAAA;AAClC,cAAc,oBAAoB,CAAA;AAClC,cAAc,uBAAuB,CAAA;AACrC,cAAc,uBAAuB,CAAA;AACrC,cAAc,kBAAkB,CAAA"}
|
|
@@ -25,6 +25,14 @@ export function createSkillPlan(options) {
|
|
|
25
25
|
requiredVerification,
|
|
26
26
|
mode: resolvePlanMode(level, intents, options.policy),
|
|
27
27
|
required,
|
|
28
|
+
executionPlan: createExecutionPlan({
|
|
29
|
+
intents,
|
|
30
|
+
requiredSkills,
|
|
31
|
+
recommendedSkills,
|
|
32
|
+
requiredArtifacts,
|
|
33
|
+
recommendedArtifacts,
|
|
34
|
+
requiredVerification,
|
|
35
|
+
}),
|
|
28
36
|
generatedAt: new Date().toISOString(),
|
|
29
37
|
};
|
|
30
38
|
}
|
|
@@ -67,13 +75,93 @@ ${list(plan.recommendedArtifacts)}
|
|
|
67
75
|
|
|
68
76
|
${list(plan.requiredVerification)}
|
|
69
77
|
|
|
78
|
+
## Execution Plan
|
|
79
|
+
|
|
80
|
+
| Kind | ID | Required | Priority | Reason | Evidence | Fallback |
|
|
81
|
+
| --- | --- | --- | ---: | --- | --- | --- |
|
|
82
|
+
${executionRows(plan.executionPlan.steps)}
|
|
83
|
+
|
|
70
84
|
## Skipped Skills
|
|
71
85
|
|
|
72
|
-
|
|
73
|
-
| --- | --- | --- |
|
|
74
|
-
| | | |
|
|
86
|
+
No skipped skills recorded at plan time. Record runtime skips and fallback evidence in \`skill-evidence.md\`.
|
|
75
87
|
`;
|
|
76
88
|
}
|
|
89
|
+
function createExecutionPlan(options) {
|
|
90
|
+
const intentReason = options.intents.length
|
|
91
|
+
? `Detected intents: ${options.intents.map(intent => `${intent.domain}(${intent.score})`).join(', ')}.`
|
|
92
|
+
: 'No domain-specific intent detected; keep evidence lightweight.';
|
|
93
|
+
const steps = [];
|
|
94
|
+
let priority = 100;
|
|
95
|
+
for (const skill of options.requiredSkills) {
|
|
96
|
+
steps.push({
|
|
97
|
+
kind: 'skill',
|
|
98
|
+
id: skill,
|
|
99
|
+
required: true,
|
|
100
|
+
priority: priority--,
|
|
101
|
+
reason: intentReason,
|
|
102
|
+
evidenceRequired: 'Record used/executed status and concrete output path in skill-evidence.md.',
|
|
103
|
+
fallback: 'If unavailable, record skipped/fallback status with manual evidence; block when routing mode is block.',
|
|
104
|
+
});
|
|
105
|
+
}
|
|
106
|
+
for (const skill of options.recommendedSkills) {
|
|
107
|
+
steps.push({
|
|
108
|
+
kind: 'skill',
|
|
109
|
+
id: skill,
|
|
110
|
+
required: false,
|
|
111
|
+
priority: priority--,
|
|
112
|
+
reason: intentReason,
|
|
113
|
+
evidenceRequired: 'Record used or skipped status when it materially affects delivery quality.',
|
|
114
|
+
fallback: 'Use the nearest built-in verification or explain why the recommendation was not needed.',
|
|
115
|
+
});
|
|
116
|
+
}
|
|
117
|
+
for (const artifact of options.requiredArtifacts) {
|
|
118
|
+
steps.push({
|
|
119
|
+
kind: 'artifact',
|
|
120
|
+
id: artifact,
|
|
121
|
+
required: true,
|
|
122
|
+
priority: priority--,
|
|
123
|
+
reason: 'Required artifact for task evidence and gate review.',
|
|
124
|
+
evidenceRequired: `Write substantive ${artifact} content before verification or ship.`,
|
|
125
|
+
fallback: 'No silent fallback; document accepted non-goal only when the gate policy allows it.',
|
|
126
|
+
});
|
|
127
|
+
}
|
|
128
|
+
for (const artifact of options.recommendedArtifacts) {
|
|
129
|
+
steps.push({
|
|
130
|
+
kind: 'artifact',
|
|
131
|
+
id: artifact,
|
|
132
|
+
required: false,
|
|
133
|
+
priority: priority--,
|
|
134
|
+
reason: 'Recommended artifact for clearer review and future recall.',
|
|
135
|
+
evidenceRequired: `Write ${artifact} when it reduces ambiguity or review risk.`,
|
|
136
|
+
fallback: 'Mention omission in summary when the artifact is not useful for this task.',
|
|
137
|
+
});
|
|
138
|
+
}
|
|
139
|
+
for (const verification of options.requiredVerification) {
|
|
140
|
+
steps.push({
|
|
141
|
+
kind: 'verification',
|
|
142
|
+
id: verification,
|
|
143
|
+
required: true,
|
|
144
|
+
priority: priority--,
|
|
145
|
+
reason: 'Required verification evidence for detected task intent.',
|
|
146
|
+
evidenceRequired: `Attach command, screenshot, report, or reviewer evidence for ${verification}.`,
|
|
147
|
+
fallback: 'If the verification cannot run, record the blocker and a lower-fidelity fallback.',
|
|
148
|
+
});
|
|
149
|
+
}
|
|
150
|
+
return {
|
|
151
|
+
strategy: 'intent-evidence-graph-v1',
|
|
152
|
+
steps,
|
|
153
|
+
fallbackPolicy: 'Required steps need concrete evidence or an explicit skipped/fallback record; recommended steps may be skipped with a reason.',
|
|
154
|
+
evidenceSummary: unique(steps.map(step => step.evidenceRequired)),
|
|
155
|
+
};
|
|
156
|
+
}
|
|
157
|
+
function executionRows(steps) {
|
|
158
|
+
return steps.length
|
|
159
|
+
? steps.map(step => `| ${step.kind} | ${step.id} | ${step.required ? 'yes' : 'no'} | ${step.priority} | ${escapeMarkdownCell(step.reason)} | ${escapeMarkdownCell(step.evidenceRequired)} | ${escapeMarkdownCell(step.fallback)} |`).join('\n')
|
|
160
|
+
: '| none | none | no | 0 | no routing step required | no extra evidence | continue with standard verification |';
|
|
161
|
+
}
|
|
162
|
+
function escapeMarkdownCell(value) {
|
|
163
|
+
return value.replace(/\|/g, '\\|').replace(/\r?\n/g, ' ');
|
|
164
|
+
}
|
|
77
165
|
function resolvePlanMode(level, intents, policy) {
|
|
78
166
|
if (policy.policy.mode === 'off')
|
|
79
167
|
return 'off';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SkillPlanner.js","sourceRoot":"","sources":["../../../src/skills/routing/SkillPlanner.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"SkillPlanner.js","sourceRoot":"","sources":["../../../src/skills/routing/SkillPlanner.ts"],"names":[],"mappings":"AASA,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAA;AAQhE,MAAM,UAAU,eAAe,CAAC,OAA+B;IAC7D,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,IAAI,GAAG,CAAA;IAClC,MAAM,OAAO,GAAG,IAAI,oBAAoB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;IAC1E,MAAM,cAAc,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IACnG,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,gBAAgB,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAA;IAE9G,MAAM,iBAAiB,GAAG,MAAM,CAAC;QAC/B,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACtC,GAAG,cAAc,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,iBAAiB,IAAI,EAAE,CAAC;KACpE,CAAC,CAAA;IACF,MAAM,oBAAoB,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,oBAAoB,IAAI,EAAE,CAAC,CAAC,CAAA;IACxG,MAAM,cAAc,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,cAAc,IAAI,EAAE,CAAC,CAAC,CAAA;IAC5F,MAAM,iBAAiB,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,iBAAiB,IAAI,EAAE,CAAC,CAAC;SAC/F,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAA;IACnD,MAAM,oBAAoB,GAAG,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,oBAAoB,IAAI,EAAE,CAAC,CAAC,CAAA;IAExG,OAAO;QACL,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,KAAK;QACL,OAAO;QACP,cAAc;QACd,iBAAiB;QACjB,iBAAiB;QACjB,oBAAoB;QACpB,oBAAoB;QACpB,IAAI,EAAE,eAAe,CAAC,KAAK,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC;QACrD,QAAQ;QACR,aAAa,EAAE,mBAAmB,CAAC;YACjC,OAAO;YACP,cAAc;YACd,iBAAiB;YACjB,iBAAiB;YACjB,oBAAoB;YACpB,oBAAoB;SACrB,CAAC;QACF,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACtC,CAAA;AACH,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,IAAe;IAC/C,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM;QACpC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,KAAK,MAAM,CAAC,MAAM,MAAM,MAAM,CAAC,KAAK,MAAM,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;QAChH,CAAC,CAAC,mDAAmD,CAAA;IAEvD,OAAO;;eAEM,IAAI,CAAC,MAAM;YACd,IAAI,CAAC,QAAQ;aACZ,IAAI,CAAC,KAAK;YACX,IAAI,CAAC,IAAI;gBACL,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI;iBAC3B,IAAI,CAAC,WAAW;;;;;;EAM/B,UAAU;;;;EAIV,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC;;;;EAIzB,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC;;;;EAI5B,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC;;;;EAI5B,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC;;;;EAI/B,IAAI,CAAC,IAAI,CAAC,oBAAoB,CAAC;;;;;;EAM/B,aAAa,CAAC,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC;;;;;CAKxC,CAAA;AACD,CAAC;AAED,SAAS,mBAAmB,CAAC,OAO5B;IACC,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC,MAAM;QACzC,CAAC,CAAC,qBAAqB,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG;QACvG,CAAC,CAAC,gEAAgE,CAAA;IACpE,MAAM,KAAK,GAA6B,EAAE,CAAA;IAC1C,IAAI,QAAQ,GAAG,GAAG,CAAA;IAElB,KAAK,MAAM,KAAK,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;QAC3C,KAAK,CAAC,IAAI,CAAC;YACT,IAAI,EAAE,OAAO;YACb,EAAE,EAAE,KAAK;YACT,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,QAAQ,EAAE;YACpB,MAAM,EAAE,YAAY;YACpB,gBAAgB,EAAE,4EAA4E;YAC9F,QAAQ,EAAE,wGAAwG;SACnH,CAAC,CAAA;IACJ,CAAC;IACD,KAAK,MAAM,KAAK,IAAI,OAAO,CAAC,iBAAiB,EAAE,CAAC;QAC9C,KAAK,CAAC,IAAI,CAAC;YACT,IAAI,EAAE,OAAO;YACb,EAAE,EAAE,KAAK;YACT,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,QAAQ,EAAE;YACpB,MAAM,EAAE,YAAY;YACpB,gBAAgB,EAAE,4EAA4E;YAC9F,QAAQ,EAAE,yFAAyF;SACpG,CAAC,CAAA;IACJ,CAAC;IACD,KAAK,MAAM,QAAQ,IAAI,OAAO,CAAC,iBAAiB,EAAE,CAAC;QACjD,KAAK,CAAC,IAAI,CAAC;YACT,IAAI,EAAE,UAAU;YAChB,EAAE,EAAE,QAAQ;YACZ,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,QAAQ,EAAE;YACpB,MAAM,EAAE,sDAAsD;YAC9D,gBAAgB,EAAE,qBAAqB,QAAQ,uCAAuC;YACtF,QAAQ,EAAE,qFAAqF;SAChG,CAAC,CAAA;IACJ,CAAC;IACD,KAAK,MAAM,QAAQ,IAAI,OAAO,CAAC,oBAAoB,EAAE,CAAC;QACpD,KAAK,CAAC,IAAI,CAAC;YACT,IAAI,EAAE,UAAU;YAChB,EAAE,EAAE,QAAQ;YACZ,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,QAAQ,EAAE;YACpB,MAAM,EAAE,4DAA4D;YACpE,gBAAgB,EAAE,SAAS,QAAQ,4CAA4C;YAC/E,QAAQ,EAAE,4EAA4E;SACvF,CAAC,CAAA;IACJ,CAAC;IACD,KAAK,MAAM,YAAY,IAAI,OAAO,CAAC,oBAAoB,EAAE,CAAC;QACxD,KAAK,CAAC,IAAI,CAAC;YACT,IAAI,EAAE,cAAc;YACpB,EAAE,EAAE,YAAY;YAChB,QAAQ,EAAE,IAAI;YACd,QAAQ,EAAE,QAAQ,EAAE;YACpB,MAAM,EAAE,0DAA0D;YAClE,gBAAgB,EAAE,gEAAgE,YAAY,GAAG;YACjG,QAAQ,EAAE,mFAAmF;SAC9F,CAAC,CAAA;IACJ,CAAC;IAED,OAAO;QACL,QAAQ,EAAE,0BAA0B;QACpC,KAAK;QACL,cAAc,EAAE,+HAA+H;QAC/I,eAAe,EAAE,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;KAClE,CAAA;AACH,CAAC;AAED,SAAS,aAAa,CAAC,KAA+B;IACpD,OAAO,KAAK,CAAC,MAAM;QACjB,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,KAAK,IAAI,CAAC,IAAI,MAAM,IAAI,CAAC,EAAE,MAAM,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,MAAM,IAAI,CAAC,QAAQ,MAAM,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,kBAAkB,CAAC,IAAI,CAAC,gBAAgB,CAAC,MAAM,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;QAC/O,CAAC,CAAC,+GAA+G,CAAA;AACrH,CAAC;AAED,SAAS,kBAAkB,CAAC,KAAa;IACvC,OAAO,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAA;AAC3D,CAAC;AAED,SAAS,eAAe,CAAC,KAAqB,EAAE,OAAqB,EAAE,MAAkC;IACvG,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,KAAK;QAAE,OAAO,KAAK,CAAA;IAC9C,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,OAAO;QAAE,OAAO,OAAO,CAAA;IAClD,MAAM,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,WAAW,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAA;IAC7G,OAAO,iBAAiB,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAA;AAC7C,CAAC;AAED,SAAS,IAAI,CAAC,KAAe;IAC3B,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAA;AAC5E,CAAC;AAED,SAAS,MAAM,CAAI,KAAU;IAC3B,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAA;AAC5B,CAAC"}
|
|
@@ -42,6 +42,22 @@ export interface TaskIntent {
|
|
|
42
42
|
score: number;
|
|
43
43
|
reasons: string[];
|
|
44
44
|
}
|
|
45
|
+
export type SkillPlanExecutionStepKind = 'skill' | 'artifact' | 'verification';
|
|
46
|
+
export interface SkillPlanExecutionStep {
|
|
47
|
+
kind: SkillPlanExecutionStepKind;
|
|
48
|
+
id: string;
|
|
49
|
+
required: boolean;
|
|
50
|
+
priority: number;
|
|
51
|
+
reason: string;
|
|
52
|
+
evidenceRequired: string;
|
|
53
|
+
fallback: string;
|
|
54
|
+
}
|
|
55
|
+
export interface SkillPlanExecutionPlan {
|
|
56
|
+
strategy: 'intent-evidence-graph-v1';
|
|
57
|
+
steps: SkillPlanExecutionStep[];
|
|
58
|
+
fallbackPolicy: string;
|
|
59
|
+
evidenceSummary: string[];
|
|
60
|
+
}
|
|
45
61
|
export interface SkillPlan {
|
|
46
62
|
taskId: string;
|
|
47
63
|
taskName: string;
|
|
@@ -54,6 +70,7 @@ export interface SkillPlan {
|
|
|
54
70
|
requiredVerification: string[];
|
|
55
71
|
mode: SkillRoutingMode;
|
|
56
72
|
required: boolean;
|
|
73
|
+
executionPlan: SkillPlanExecutionPlan;
|
|
57
74
|
generatedAt: string;
|
|
58
75
|
}
|
|
59
76
|
export interface SkillGateResult {
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
export interface ParsedCommand {
|
|
2
|
+
file: string;
|
|
3
|
+
args: string[];
|
|
4
|
+
}
|
|
5
|
+
export interface SafeCommandResult {
|
|
6
|
+
exitCode: number;
|
|
7
|
+
stdout: string;
|
|
8
|
+
stderr: string;
|
|
9
|
+
}
|
|
10
|
+
export interface SafeCommandOptions {
|
|
11
|
+
cwd?: string;
|
|
12
|
+
timeout?: number;
|
|
13
|
+
allowShell?: boolean;
|
|
14
|
+
}
|
|
15
|
+
export declare function parseCommandLine(command: string): ParsedCommand;
|
|
16
|
+
export declare function runSafeCommand(command: string, options?: SafeCommandOptions): Promise<SafeCommandResult>;
|
|
@@ -0,0 +1,83 @@
|
|
|
1
|
+
import { execa } from 'execa';
|
|
2
|
+
const SHELL_META = new Set(['|', '&', ';', '<', '>', '`', '$', '(', ')']);
|
|
3
|
+
export function parseCommandLine(command) {
|
|
4
|
+
const tokens = [];
|
|
5
|
+
let current = '';
|
|
6
|
+
let quote = null;
|
|
7
|
+
for (let index = 0; index < command.length; index += 1) {
|
|
8
|
+
const char = command[index];
|
|
9
|
+
if (quote) {
|
|
10
|
+
if (char === quote) {
|
|
11
|
+
quote = null;
|
|
12
|
+
}
|
|
13
|
+
else if (quote === '"' && char === '\\' && index + 1 < command.length) {
|
|
14
|
+
index += 1;
|
|
15
|
+
current += command[index];
|
|
16
|
+
}
|
|
17
|
+
else {
|
|
18
|
+
current += char;
|
|
19
|
+
}
|
|
20
|
+
continue;
|
|
21
|
+
}
|
|
22
|
+
if (char === '"' || char === "'") {
|
|
23
|
+
quote = char;
|
|
24
|
+
continue;
|
|
25
|
+
}
|
|
26
|
+
if (/\s/.test(char)) {
|
|
27
|
+
if (current) {
|
|
28
|
+
tokens.push(current);
|
|
29
|
+
current = '';
|
|
30
|
+
}
|
|
31
|
+
continue;
|
|
32
|
+
}
|
|
33
|
+
if (char === '\\' && index + 1 < command.length) {
|
|
34
|
+
index += 1;
|
|
35
|
+
current += command[index];
|
|
36
|
+
continue;
|
|
37
|
+
}
|
|
38
|
+
if (SHELL_META.has(char)) {
|
|
39
|
+
throw new Error(`Shell metacharacter "${char}" is not allowed in verification commands. Use package scripts or set SCALE_ALLOW_SHELL_COMMANDS=1 for a trusted local run.`);
|
|
40
|
+
}
|
|
41
|
+
current += char;
|
|
42
|
+
}
|
|
43
|
+
if (quote)
|
|
44
|
+
throw new Error('Unterminated quote in command');
|
|
45
|
+
if (current)
|
|
46
|
+
tokens.push(current);
|
|
47
|
+
if (tokens.length === 0)
|
|
48
|
+
throw new Error('Command is empty');
|
|
49
|
+
return { file: tokens[0], args: tokens.slice(1) };
|
|
50
|
+
}
|
|
51
|
+
export async function runSafeCommand(command, options = {}) {
|
|
52
|
+
const allowShell = options.allowShell || process.env.SCALE_ALLOW_SHELL_COMMANDS === '1';
|
|
53
|
+
const execaOptions = {
|
|
54
|
+
cwd: options.cwd,
|
|
55
|
+
timeout: options.timeout,
|
|
56
|
+
reject: false,
|
|
57
|
+
};
|
|
58
|
+
const result = allowShell
|
|
59
|
+
? await execa(command, { ...execaOptions, shell: true })
|
|
60
|
+
: await runWithoutShell(command, execaOptions);
|
|
61
|
+
return {
|
|
62
|
+
exitCode: result.exitCode ?? 1,
|
|
63
|
+
stdout: commandOutputToString(result.stdout),
|
|
64
|
+
stderr: commandOutputToString(result.stderr),
|
|
65
|
+
};
|
|
66
|
+
}
|
|
67
|
+
function commandOutputToString(value) {
|
|
68
|
+
if (typeof value === 'string')
|
|
69
|
+
return value;
|
|
70
|
+
if (value === undefined || value === null)
|
|
71
|
+
return '';
|
|
72
|
+
if (value instanceof Uint8Array)
|
|
73
|
+
return new TextDecoder().decode(value);
|
|
74
|
+
return String(value);
|
|
75
|
+
}
|
|
76
|
+
async function runWithoutShell(command, options) {
|
|
77
|
+
const parsed = parseCommandLine(command);
|
|
78
|
+
return execa(parsed.file, parsed.args, {
|
|
79
|
+
...options,
|
|
80
|
+
shell: false,
|
|
81
|
+
});
|
|
82
|
+
}
|
|
83
|
+
//# sourceMappingURL=SafeCommandRunner.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"SafeCommandRunner.js","sourceRoot":"","sources":["../../src/tools/SafeCommandRunner.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAgB,MAAM,OAAO,CAAA;AAE3C,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC,CAAA;AAmBzE,MAAM,UAAU,gBAAgB,CAAC,OAAe;IAC9C,MAAM,MAAM,GAAa,EAAE,CAAA;IAC3B,IAAI,OAAO,GAAG,EAAE,CAAA;IAChB,IAAI,KAAK,GAAqB,IAAI,CAAA;IAElC,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,OAAO,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,EAAE,CAAC;QACvD,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,CAAA;QAE3B,IAAI,KAAK,EAAE,CAAC;YACV,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;gBACnB,KAAK,GAAG,IAAI,CAAA;YACd,CAAC;iBAAM,IAAI,KAAK,KAAK,GAAG,IAAI,IAAI,KAAK,IAAI,IAAI,KAAK,GAAG,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;gBACxE,KAAK,IAAI,CAAC,CAAA;gBACV,OAAO,IAAI,OAAO,CAAC,KAAK,CAAC,CAAA;YAC3B,CAAC;iBAAM,CAAC;gBACN,OAAO,IAAI,IAAI,CAAA;YACjB,CAAC;YACD,SAAQ;QACV,CAAC;QAED,IAAI,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,EAAE,CAAC;YACjC,KAAK,GAAG,IAAI,CAAA;YACZ,SAAQ;QACV,CAAC;QAED,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACpB,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;gBACpB,OAAO,GAAG,EAAE,CAAA;YACd,CAAC;YACD,SAAQ;QACV,CAAC;QAED,IAAI,IAAI,KAAK,IAAI,IAAI,KAAK,GAAG,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;YAChD,KAAK,IAAI,CAAC,CAAA;YACV,OAAO,IAAI,OAAO,CAAC,KAAK,CAAC,CAAA;YACzB,SAAQ;QACV,CAAC;QAED,IAAI,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,wBAAwB,IAAI,6HAA6H,CAAC,CAAA;QAC5K,CAAC;QAED,OAAO,IAAI,IAAI,CAAA;IACjB,CAAC;IAED,IAAI,KAAK;QAAE,MAAM,IAAI,KAAK,CAAC,+BAA+B,CAAC,CAAA;IAC3D,IAAI,OAAO;QAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IACjC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,MAAM,IAAI,KAAK,CAAC,kBAAkB,CAAC,CAAA;IAE5D,OAAO,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAA;AACnD,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,OAAe,EAAE,UAA8B,EAAE;IACpF,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,GAAG,CAAC,0BAA0B,KAAK,GAAG,CAAA;IACvF,MAAM,YAAY,GAAY;QAC5B,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,MAAM,EAAE,KAAK;KACd,CAAA;IAED,MAAM,MAAM,GAAG,UAAU;QACvB,CAAC,CAAC,MAAM,KAAK,CAAC,OAAO,EAAE,EAAE,GAAG,YAAY,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;QACxD,CAAC,CAAC,MAAM,eAAe,CAAC,OAAO,EAAE,YAAY,CAAC,CAAA;IAEhD,OAAO;QACL,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,CAAC;QAC9B,MAAM,EAAE,qBAAqB,CAAC,MAAM,CAAC,MAAM,CAAC;QAC5C,MAAM,EAAE,qBAAqB,CAAC,MAAM,CAAC,MAAM,CAAC;KAC7C,CAAA;AACH,CAAC;AAED,SAAS,qBAAqB,CAAC,KAAc;IAC3C,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAA;IAC3C,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,IAAI;QAAE,OAAO,EAAE,CAAA;IACpD,IAAI,KAAK,YAAY,UAAU;QAAE,OAAO,IAAI,WAAW,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAA;IACvE,OAAO,MAAM,CAAC,KAAK,CAAC,CAAA;AACtB,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,OAAe,EAAE,OAAgB;IAC9D,MAAM,MAAM,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAA;IACxC,OAAO,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE;QACrC,GAAG,OAAO;QACV,KAAK,EAAE,KAAK;KACb,CAAC,CAAA;AACJ,CAAC"}
|
|
@@ -4,12 +4,12 @@ import { EvidenceStore } from '../EvidenceStore.js';
|
|
|
4
4
|
import { WorkflowArtifactWriter } from '../WorkflowArtifactWriter.js';
|
|
5
5
|
import { detectVerificationCommands } from '../VerificationCommands.js';
|
|
6
6
|
import { registerMetaGovernanceGates } from './MetaGovernanceGates.js';
|
|
7
|
-
import { execa } from 'execa';
|
|
8
7
|
import { createHash } from 'node:crypto';
|
|
9
8
|
import { RuntimeEvidenceLedger } from '../../runtime/RuntimeEvidenceLedger.js';
|
|
10
9
|
import { compressCommandOutput } from '../../tools/CommandOutputCompressor.js';
|
|
11
10
|
import { CommandRunLedger } from '../../tools/CommandRunLedger.js';
|
|
12
11
|
import { auditDependencies } from '../../guardrails/DependencyAuditor.js';
|
|
12
|
+
import { runSafeCommand } from '../../tools/SafeCommandRunner.js';
|
|
13
13
|
function tail(value, maxLength = 1000) {
|
|
14
14
|
return value.length > maxLength ? value.slice(-maxLength) : value;
|
|
15
15
|
}
|
|
@@ -19,16 +19,10 @@ function sha256(value) {
|
|
|
19
19
|
export async function runShellCommand(command, timeout, cwd = process.cwd(), options = {}) {
|
|
20
20
|
const start = Date.now();
|
|
21
21
|
try {
|
|
22
|
-
const result = await
|
|
23
|
-
shell: true,
|
|
24
|
-
timeout,
|
|
25
|
-
cwd,
|
|
26
|
-
reject: false,
|
|
27
|
-
all: false,
|
|
28
|
-
});
|
|
22
|
+
const result = await runSafeCommand(command, { timeout, cwd });
|
|
29
23
|
const end = Date.now();
|
|
30
24
|
return finalizeCommandResult(command, {
|
|
31
|
-
code: result.exitCode
|
|
25
|
+
code: result.exitCode,
|
|
32
26
|
stdout: result.stdout ?? '',
|
|
33
27
|
stderr: result.stderr ?? '',
|
|
34
28
|
durationMs: end - start,
|