@kody-ade/kody-engine 0.2.60 → 0.2.61

package/dist/bin/kody2.js

@@ -3,7 +3,7 @@
 // package.json
 var package_default = {
   name: "@kody-ade/kody-engine",
-  version: "0.2.60",
+  version: "0.2.61",
   description: "kody2 \u2014 autonomous development engine. Single-session Claude Code agent behind a generic executor + declarative executable profiles.",
   license: "MIT",
   type: "module",
@@ -1381,14 +1381,6 @@ function postPrReviewComment(prNumber, body, cwd) {
 
 // src/scripts/applyApprovals.ts
 var API_TIMEOUT_MS4 = 3e4;
-var ALL_APPROVE_LABELS = [
-  { label: "kody-approve:all", description: "kody2: approve all soft risk gates" },
-  { label: "kody-approve:secrets", description: "kody2: approve the secrets risk gate and resume the flow" },
-  { label: "kody-approve:workflow-edit", description: "kody2: approve the workflow-edit risk gate and resume the flow" },
-  { label: "kody-approve:large-diff", description: "kody2: approve the large-diff risk gate and resume the flow" },
-  { label: "kody-approve:dep-change", description: "kody2: approve the dep-change risk gate and resume the flow" },
-  { label: "kody-approve:test-deletion", description: "kody2: approve the test-deletion risk gate and resume the flow" }
-];
 var applyApprovals = async (ctx) => {
   const issueArg = typeof ctx.args.issue === "number" ? ctx.args.issue : null;
   const prArg = typeof ctx.args.pr === "number" ? ctx.args.pr : null;
@@ -1405,28 +1397,13 @@ var applyApprovals = async (ctx) => {
     state = null;
   }
   const issueNumber = currentTarget.type === "issue" ? currentTarget.number : state?.flow?.issueNumber ?? null;
-  const prNumber = currentTarget.type === "pr" ? currentTarget.number : parsePrNumber(state?.core?.prUrl);
-  const targets = uniquePairs(
-    [
-      { type: "issue", number: issueNumber },
-      { type: "pr", number: prNumber }
-    ].filter((t) => typeof t.number === "number" && t.number > 0)
-  );
-  for (const spec of ALL_APPROVE_LABELS) {
-    ensureLabel(spec, ctx.cwd);
-  }
-  for (const t of targets) {
-    for (const spec of ALL_APPROVE_LABELS) {
-      addLabel(t.number, spec.label, ctx.cwd);
-    }
-  }
-  const confirmation = formatConfirmation(currentTarget, targets, state);
+  const flowName = state?.flow?.name ?? null;
+  const confirmation = formatConfirmation(currentTarget, flowName, issueNumber);
   try {
     if (currentTarget.type === "issue") postIssueComment(currentTarget.number, confirmation, ctx.cwd);
     else postPrReviewComment(currentTarget.number, confirmation, ctx.cwd);
   } catch {
   }
-  const flowName = state?.flow?.name;
   if (issueNumber && typeof flowName === "string" && flowName.length > 0) {
     try {
       execFileSync5("gh", ["issue", "comment", String(issueNumber), "--body", `@kody2 ${flowName}`], {
@@ -1443,56 +1420,20 @@ var applyApprovals = async (ctx) => {
   }
   ctx.output.exitCode = 0;
 };
-function parsePrNumber(url) {
-  if (!url) return null;
-  const m = url.match(/\/pull\/(\d+)(?:[/?#]|$)/);
-  if (!m) return null;
-  const n = parseInt(m[1], 10);
-  return Number.isFinite(n) ? n : null;
-}
-function uniquePairs(pairs) {
-  const seen = /* @__PURE__ */ new Set();
-  const out = [];
-  for (const p of pairs) {
-    const key = `${p.type}:${p.number}`;
-    if (seen.has(key)) continue;
-    seen.add(key);
-    out.push(p);
-  }
-  return out;
-}
-function ensureLabel(spec, cwd) {
-  try {
-    gh2(
-      ["label", "create", spec.label, "--force", "--color", "0e8a16", "--description", spec.description],
-      { cwd }
-    );
-  } catch {
-  }
-}
-function addLabel(number, label, cwd) {
-  try {
-    gh2(["issue", "edit", String(number), "--add-label", label], { cwd });
-  } catch {
-  }
-}
-function formatConfirmation(current, targets, state) {
-  const other = targets.find((t) => t.type !== current.type);
+function formatConfirmation(current, flowName, issueNumber) {
   const lines = [];
   lines.push("\u2705 **kody2 risk gates approved.**");
   lines.push("");
-  lines.push(
-    `Applied \`kody-approve:*\` labels on ${targets.map((t) => `${t.type} #${t.number}`).join(" and ")}.`
-  );
-  if (other && current.type === "pr") {
-    lines.push(`Mirrored to the originating issue (#${other.number}) so the orchestrator also sees the approval.`);
-  } else if (other && current.type === "issue") {
-    lines.push(`Mirrored to PR #${other.number} so a pending \`fix\` primitive also passes the gate.`);
-  }
-  const flowName = state?.flow?.name;
-  if (flowName) {
+  lines.push("The approval is recorded as this comment \u2014 kody2 reads it directly on the next run.");
+  if (flowName && issueNumber) {
     lines.push("");
-    lines.push(`Re-triggering the \`${flowName}\` flow now \u2014 it will resume from the existing branch/PR checkpoint.`);
+    if (current.type === "pr") {
+      lines.push(
+        `Re-triggering the \`${flowName}\` flow on the originating issue (#${issueNumber}) \u2014 it will resume from the existing branch/PR checkpoint.`
+      );
+    } else {
+      lines.push(`Re-triggering the \`${flowName}\` flow now \u2014 it will resume from the existing branch checkpoint.`);
+    }
   } else {
     lines.push("");
     lines.push("No active flow found in task state. Post `@kody2 <command>` to resume manually.");
@@ -2949,7 +2890,7 @@ function getIssueLabels(issueNumber, cwd) {
     return [];
   }
 }
-function addLabel2(issueNumber, label, cwd) {
+function addLabel(issueNumber, label, cwd) {
   gh2(["issue", "edit", String(issueNumber), "--add-label", label], { cwd });
 }
 function removeLabel(issueNumber, label, cwd) {
@@ -2981,12 +2922,12 @@ function setKodyLabel(issueNumber, spec, cwd) {
     }
   }
   try {
-    addLabel2(issueNumber, target, cwd);
+    addLabel(issueNumber, target, cwd);
   } catch (err) {
     if (looksLikeMissingLabel(err)) {
       try {
         createLabelInRepo(spec, cwd);
-        addLabel2(issueNumber, target, cwd);
+        addLabel(issueNumber, target, cwd);
         return;
       } catch (retryErr) {
         process.stderr.write(
@@ -3743,7 +3684,7 @@ var mirrorStateToPr = async (ctx) => {
   if (!issueNumber || issueTarget !== "issue") return;
   const prUrl = ctx.output.prUrl ?? ctx.data.prResult?.url;
   if (!prUrl) return;
-  const prNumber = parsePrNumber2(prUrl);
+  const prNumber = parsePrNumber(prUrl);
   if (!prNumber) return;
   let state;
   try {
@@ -3761,7 +3702,7 @@ var mirrorStateToPr = async (ctx) => {
     );
   }
 };
-function parsePrNumber2(prUrl) {
+function parsePrNumber(prUrl) {
   const m = prUrl.match(/\/pull\/(\d+)(?:[/?#]|$)/);
   if (!m) return null;
   const n = parseInt(m[1], 10);
@@ -4622,9 +4563,9 @@ function tryPostPr4(prNumber, body, cwd) {
 // src/scripts/riskGate.ts
 import { execFileSync as execFileSync18 } from "child_process";
 var ALL_GATES = ["secrets", "workflow-edit", "large-diff", "dep-change", "test-deletion"];
-var HARD_GATES = /* @__PURE__ */ new Set(["secrets"]);
-var APPROVE_ALL = "kody-approve:all";
-var GATED_LABEL = "kody:gated";
+var WAITING_LABEL = "kody:waiting";
+var ADVISORY_MARKER = "kody2 risk gate halted the flow";
+var APPROVE_COMMAND = /(^|\s)@kody2\s+approve\b/i;
 var DEFAULT_MAX_FILES = 20;
 var DEFAULT_MAX_DELETIONS = 500;
 var riskGate = async (ctx, profile, _agent, args) => {
@@ -4637,23 +4578,18 @@ var riskGate = async (ctx, profile, _agent, args) => {
   }
   const targetType = ctx.data.commentTargetType;
   const targetNumber = Number(ctx.data.commentTargetNumber ?? 0);
-  const labels = collectApprovalLabels(ctx, targetType, targetNumber);
-  const approveAll = labels.includes(APPROVE_ALL);
-  const pending = violations.filter((v) => !isApproved(v, labels, approveAll));
+  const approved = hasApproval(ctx, targetType, targetNumber);
   ctx.data.riskGate = {
     violations,
-    pending,
-    decision: pending.length === 0 ? "allow" : "halt"
+    pending: approved ? [] : violations,
+    decision: approved ? "allow" : "halt"
   };
-  if (pending.length === 0 || !targetType || targetNumber <= 0) return;
-  for (const v of pending) {
-    ensureApproveLabel(v.name, ctx.cwd);
-  }
+  if (approved || !targetType || targetNumber <= 0) return;
   try {
     setKodyLabel(
       targetNumber,
       {
-        label: GATED_LABEL,
+        label: WAITING_LABEL,
         color: "fbca04",
         description: "kody2: awaiting human approval of risk gate(s)"
       },
@@ -4662,16 +4598,54 @@ var riskGate = async (ctx, profile, _agent, args) => {
   } catch {
   }
   const compareUrl = computeCompareUrl(ctx);
-  const body = formatAdvisory(pending, compareUrl);
+  const body = formatAdvisory(violations, compareUrl);
   try {
     if (targetType === "issue") postIssueComment(targetNumber, body, ctx.cwd);
     else postPrReviewComment(targetNumber, body, ctx.cwd);
   } catch {
   }
   if (!ctx.output.reason) {
-    ctx.output.reason = `risk gate halt: ${pending.map((p) => p.name).join(", ")}`;
+    ctx.output.reason = `risk gate halt: ${violations.map((p) => p.name).join(", ")}`;
   }
 };
+function hasApproval(ctx, targetType, targetNumber) {
+  const surfaces = [];
+  if (targetNumber > 0) surfaces.push(targetNumber);
+  if (targetType === "pr") {
+    const state = ctx.data.taskState;
+    const issueNum = state?.flow?.issueNumber;
+    if (typeof issueNum === "number" && issueNum > 0 && !surfaces.includes(issueNum)) {
+      surfaces.push(issueNum);
+    }
+  }
+  for (const n of surfaces) {
+    if (surfaceIsApproved(n, ctx.cwd)) return true;
+  }
+  return false;
+}
+function surfaceIsApproved(n, cwd) {
+  let comments = [];
+  try {
+    comments = getIssue(n, cwd).comments;
+  } catch {
+    return false;
+  }
+  const advisoryAt = latestAdvisoryTimestamp(comments);
+  for (const c of comments) {
+    if (!APPROVE_COMMAND.test(c.body)) continue;
+    if (advisoryAt !== null && c.createdAt <= advisoryAt) continue;
+    return true;
+  }
+  return false;
+}
+function latestAdvisoryTimestamp(comments) {
+  let latest = null;
+  for (const c of comments) {
+    if (!c.body.includes(ADVISORY_MARKER)) continue;
+    if (latest === null || c.createdAt > latest) latest = c.createdAt;
+  }
+  return latest;
+}
 function evaluateGates(ctx, profileName, changedFiles, gatesToRun, args) {
   const violations = [];
   if (gatesToRun.includes("secrets")) {
@@ -4736,25 +4710,6 @@ function evaluateGates(ctx, profileName, changedFiles, gatesToRun, args) {
   }
   return violations;
 }
-function collectApprovalLabels(ctx, targetType, targetNumber) {
-  const seen = /* @__PURE__ */ new Set();
-  if (targetNumber > 0) {
-    for (const l of getIssueLabels(targetNumber, ctx.cwd)) seen.add(l);
-  }
-  if (targetType === "pr") {
-    const state = ctx.data.taskState;
-    const issueNum = state?.flow?.issueNumber;
-    if (typeof issueNum === "number" && issueNum > 0 && issueNum !== targetNumber) {
-      for (const l of getIssueLabels(issueNum, ctx.cwd)) seen.add(l);
-    }
-  }
-  return [...seen];
-}
-function isApproved(v, labels, approveAll) {
-  if (labels.includes(`kody-approve:${v.name}`)) return true;
-  if (!HARD_GATES.has(v.name) && approveAll) return true;
-  return false;
-}
 function parseGates(spec) {
   if (spec === void 0 || spec === null || spec === "") return ALL_GATES;
   const list = String(spec).split(",").map((s) => s.trim()).filter(Boolean);
@@ -4861,31 +4816,13 @@ function listDeletedFilesInHeadCommit(cwd) {
     return [];
   }
 }
-function ensureApproveLabel(gate, cwd) {
-  try {
-    gh2(
-      [
-        "label",
-        "create",
-        `kody-approve:${gate}`,
-        "--force",
-        "--color",
-        "0e8a16",
-        "--description",
-        `kody2: approve the ${gate} risk gate and resume the flow`
-      ],
-      { cwd }
-    );
-  } catch {
-  }
-}
-function formatAdvisory(pending, compareUrl) {
+function formatAdvisory(violations, compareUrl) {
   const lines = [];
-  lines.push("\u23F8\uFE0F **kody2 risk gate halted the flow.**");
+  lines.push(`\u23F8\uFE0F **${ADVISORY_MARKER}.**`);
   lines.push("");
   lines.push("The branch was pushed but **no PR was opened** \u2014 waiting for human approval:");
   lines.push("");
-  for (const v of pending) {
+  for (const v of violations) {
     lines.push(`- **\`${v.name}\`** _(${v.severity})_ \u2014 ${v.reason}`);
   }
   lines.push("");
@@ -4893,12 +4830,12 @@ function formatAdvisory(pending, compareUrl) {
     lines.push(`\u{1F4CE} Review the branch diff: ${compareUrl}`);
     lines.push("");
   }
-  lines.push("**To approve and resume**, post a comment:");
+  lines.push("**To approve and resume**, post a comment on this issue or PR:");
   lines.push("");
   lines.push("> `@kody2 approve`");
   lines.push("");
   lines.push(
-    "kody2 will acknowledge all currently-pending gates (soft **and** hard), open the PR, and continue the flow from this checkpoint. No re-running the agent."
+    "kody2 will open the PR and continue the flow from this checkpoint. No re-running the agent."
   );
   return lines.join("\n");
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@kody-ade/kody-engine",
-  "version": "0.2.60",
+  "version": "0.2.61",
   "description": "kody2 — autonomous development engine. Single-session Claude Code agent behind a generic executor + declarative executable profiles.",
   "license": "MIT",
   "type": "module",