npm - @lamentis/naome - Versions diffs - 1.1.2 → 1.2.0 - Mend

@lamentis/naome 1.1.2 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (125) hide show

package/Cargo.lock +2 -2
package/Cargo.toml +1 -1
package/LICENSE +180 -21
package/README.md +49 -6
package/bin/naome.js +54 -16
package/crates/naome-cli/Cargo.toml +1 -1
package/crates/naome-cli/src/check_commands.rs +135 -0
package/crates/naome-cli/src/cli_args.rs +5 -0
package/crates/naome-cli/src/dispatcher.rs +36 -0
package/crates/naome-cli/src/install_bridge.rs +83 -0
package/crates/naome-cli/src/main.rs +57 -341
package/crates/naome-cli/src/prompt_commands.rs +68 -0
package/crates/naome-cli/src/quality_commands.rs +141 -0
package/crates/naome-cli/src/simple_commands.rs +53 -0
package/crates/naome-cli/src/workflow_commands.rs +153 -0
package/crates/naome-core/Cargo.toml +1 -1
package/crates/naome-core/src/harness_health/integrity.rs +96 -0
package/crates/naome-core/src/harness_health.rs +14 -126
package/crates/naome-core/src/install_plan.rs +3 -0
package/crates/naome-core/src/intent/classifier.rs +171 -0
package/crates/naome-core/src/intent/envelope.rs +108 -0
package/crates/naome-core/src/intent/legacy.rs +138 -0
package/crates/naome-core/src/intent/legacy_response.rs +76 -0
package/crates/naome-core/src/intent/model.rs +71 -0
package/crates/naome-core/src/intent/patterns.rs +170 -0
package/crates/naome-core/src/intent/resolver.rs +162 -0
package/crates/naome-core/src/intent/resolver_active.rs +17 -0
package/crates/naome-core/src/intent/resolver_baseline.rs +55 -0
package/crates/naome-core/src/intent/resolver_catalog.rs +167 -0
package/crates/naome-core/src/intent/resolver_policy.rs +72 -0
package/crates/naome-core/src/intent/resolver_shared.rs +55 -0
package/crates/naome-core/src/intent/risk.rs +40 -0
package/crates/naome-core/src/intent/segment.rs +170 -0
package/crates/naome-core/src/intent.rs +64 -879
package/crates/naome-core/src/journal.rs +9 -20
package/crates/naome-core/src/lib.rs +13 -0
package/crates/naome-core/src/quality/adapters.rs +178 -0
package/crates/naome-core/src/quality/baseline.rs +75 -0
package/crates/naome-core/src/quality/checks/duplicate_blocks.rs +175 -0
package/crates/naome-core/src/quality/checks/near_duplicates.rs +130 -0
package/crates/naome-core/src/quality/checks.rs +228 -0
package/crates/naome-core/src/quality/cleanup.rs +72 -0
package/crates/naome-core/src/quality/config.rs +109 -0
package/crates/naome-core/src/quality/mod.rs +90 -0
package/crates/naome-core/src/quality/scanner/repo_paths.rs +103 -0
package/crates/naome-core/src/quality/scanner.rs +367 -0
package/crates/naome-core/src/quality/types.rs +289 -0
package/crates/naome-core/src/route.rs +62 -0
package/crates/naome-core/src/task_state/admission.rs +63 -0
package/crates/naome-core/src/task_state/admission_proof.rs +72 -0
package/crates/naome-core/src/task_state/api.rs +130 -0
package/crates/naome-core/src/task_state/commit_gate.rs +138 -0
package/crates/naome-core/src/task_state/compact_proof.rs +160 -0
package/crates/naome-core/src/task_state/completed_refresh.rs +89 -0
package/crates/naome-core/src/task_state/completion.rs +72 -0
package/crates/naome-core/src/task_state/deleted_paths.rs +47 -0
package/crates/naome-core/src/task_state/diff.rs +95 -0
package/crates/naome-core/src/task_state/evidence.rs +154 -0
package/crates/naome-core/src/task_state/git_io.rs +86 -0
package/crates/naome-core/src/task_state/git_parse.rs +86 -0
package/crates/naome-core/src/task_state/git_refs.rs +37 -0
package/crates/naome-core/src/task_state/human_review_state.rs +31 -0
package/crates/naome-core/src/task_state/mod.rs +38 -0
package/crates/naome-core/src/task_state/process_guard.rs +40 -0
package/crates/naome-core/src/task_state/progress.rs +123 -0
package/crates/naome-core/src/task_state/proof.rs +139 -0
package/crates/naome-core/src/task_state/proof_entry.rs +66 -0
package/crates/naome-core/src/task_state/proof_model.rs +70 -0
package/crates/naome-core/src/task_state/proof_sources.rs +76 -0
package/crates/naome-core/src/task_state/push_gate.rs +49 -0
package/crates/naome-core/src/task_state/reconcile.rs +7 -0
package/crates/naome-core/src/task_state/repair.rs +168 -0
package/crates/naome-core/src/task_state/shape.rs +117 -0
package/crates/naome-core/src/task_state/task_diff_api.rs +170 -0
package/crates/naome-core/src/task_state/task_records.rs +131 -0
package/crates/naome-core/src/task_state/task_references.rs +126 -0
package/crates/naome-core/src/task_state/types.rs +87 -0
package/crates/naome-core/src/task_state/util.rs +137 -0
package/crates/naome-core/src/verification/render.rs +122 -0
package/crates/naome-core/src/verification.rs +176 -58
package/crates/naome-core/src/verification_contract.rs +49 -21
package/crates/naome-core/src/workflow/integrity.rs +123 -0
package/crates/naome-core/src/workflow/integrity_normalize.rs +7 -0
package/crates/naome-core/src/workflow/integrity_support.rs +110 -0
package/crates/naome-core/src/workflow/mod.rs +18 -0
package/crates/naome-core/src/workflow/mutation.rs +68 -0
package/crates/naome-core/src/workflow/output.rs +111 -0
package/crates/naome-core/src/workflow/phase_inference.rs +73 -0
package/crates/naome-core/src/workflow/phases.rs +169 -0
package/crates/naome-core/src/workflow/policy.rs +156 -0
package/crates/naome-core/src/workflow/processes.rs +91 -0
package/crates/naome-core/src/workflow/types.rs +42 -0
package/crates/naome-core/tests/harness_health.rs +3 -0
package/crates/naome-core/tests/intent.rs +97 -792
package/crates/naome-core/tests/intent_support/mod.rs +133 -0
package/crates/naome-core/tests/intent_v2.rs +90 -0
package/crates/naome-core/tests/quality.rs +425 -0
package/crates/naome-core/tests/route.rs +88 -188
package/crates/naome-core/tests/task_state.rs +3 -0
package/crates/naome-core/tests/task_state_compact.rs +110 -0
package/crates/naome-core/tests/task_state_compact_support/mod.rs +5 -0
package/crates/naome-core/tests/task_state_compact_support/repo.rs +130 -0
package/crates/naome-core/tests/task_state_compact_support/states.rs +151 -0
package/crates/naome-core/tests/workflow_integrity.rs +85 -0
package/crates/naome-core/tests/workflow_policy.rs +139 -0
package/crates/naome-core/tests/workflow_support/mod.rs +194 -0
package/native/darwin-arm64/naome +0 -0
package/native/linux-x64/naome +0 -0
package/package.json +2 -2
package/templates/naome-root/.naome/bin/check-harness-health.js +66 -85
package/templates/naome-root/.naome/bin/check-task-state.js +9 -10
package/templates/naome-root/.naome/bin/naome.js +34 -63
package/templates/naome-root/.naome/manifest.json +20 -18
package/templates/naome-root/.naome/repository-quality-baseline.json +5 -0
package/templates/naome-root/.naome/repository-quality.json +24 -0
package/templates/naome-root/.naome/task-contract.schema.json +93 -11
package/templates/naome-root/.naome/upgrade-state.json +1 -1
package/templates/naome-root/.naome/verification.json +37 -0
package/templates/naome-root/AGENTS.md +3 -0
package/templates/naome-root/docs/naome/agent-workflow.md +25 -12
package/templates/naome-root/docs/naome/execution.md +25 -21
package/templates/naome-root/docs/naome/index.md +4 -3
package/templates/naome-root/docs/naome/repository-quality.md +43 -0
package/templates/naome-root/docs/naome/testing.md +12 -0
package/crates/naome-core/src/task_state.rs +0 -2210

package/crates/naome-core/src/task_state/mod.rs ADDED Viewed

@@ -0,0 +1,38 @@
+mod admission;
+mod admission_proof;
+mod api;
+mod commit_gate;
+mod compact_proof;
+mod completed_refresh;
+mod completion;
+mod deleted_paths;
+mod diff;
+mod evidence;
+mod git_io;
+mod git_parse;
+mod git_refs;
+mod human_review_state;
+mod process_guard;
+mod progress;
+mod proof;
+mod proof_entry;
+mod proof_model;
+mod proof_sources;
+mod push_gate;
+mod reconcile;
+mod repair;
+mod shape;
+mod task_diff_api;
+mod task_records;
+mod task_references;
+mod types;
+mod util;
+pub use api::validate_task_state;
+pub use completed_refresh::completed_task_harness_refresh_diff;
+pub(crate) use proof_model::canonical_proof_check_ids;
+pub use task_diff_api::{
+    completed_task_commit_diff, completed_task_commit_paths, harness_refresh_diff,
+    harness_refresh_with_unrelated_diff,
+};
+pub use types::{TaskStateMode, TaskStateOptions, TaskStateReport};

package/crates/naome-core/src/task_state/process_guard.rs ADDED Viewed

@@ -0,0 +1,40 @@
+use std::path::Path;
+use crate::models::NaomeError;
+use crate::workflow::tracked_process_report;
+pub(super) enum ProcessGate {
+    Completion,
+    Commit,
+}
+pub(super) fn validate_no_active_processes(
+    root: &Path,
+    errors: &mut Vec<String>,
+    gate: ProcessGate,
+) -> Result<(), NaomeError> {
+    let report = tracked_process_report(root)?;
+    if report.active.is_empty() {
+        return Ok(());
+    }
+    let commands = report
+        .active
+        .iter()
+        .map(|process| process.command.clone())
+        .collect::<Vec<_>>();
+    errors.push(process_error_message(gate, &commands));
+    Ok(())
+}
+fn process_error_message(gate: ProcessGate, commands: &[String]) -> String {
+    let command_list = commands.join(", ");
+    match gate {
+        ProcessGate::Completion => format!(
+            "Task has active tracked processes: {command_list}. Stop them or document allowAfterCompletion before completion. Human options: stop_tracked_processes, document_long_running_process."
+        ),
+        ProcessGate::Commit => format!(
+            "NAOME commit gate blocked active tracked processes: {command_list}. Stop them or mark allowAfterCompletion before committing."
+        ),
+    }
+}

package/crates/naome-core/src/task_state/progress.rs ADDED Viewed

@@ -0,0 +1,123 @@
+use std::path::Path;
+use serde_json::Value;
+use crate::models::NaomeError;
+use super::diff::validate_changed_paths;
+use super::git_io::read_git_changed_paths;
+use super::human_review_state::validate_human_review_state;
+use super::reconcile::format_dirty_diff_admission_blocker;
+use super::shape::{
+    format_blocker, validate_active_task, validate_active_task_references, validate_blocker,
+    validate_pending_upgrade,
+};
+use super::util::{joined_strings, read_json};
+pub(super) fn validate_progress(
+    task_state: &Value,
+    root: &Path,
+    errors: &mut Vec<String>,
+) -> Result<(), NaomeError> {
+    let status = checked_status(task_state, root, errors)?;
+    match status {
+        "planning" | "implementing" | "revising" | "verifying" => {
+            validate_active_task(task_state.get("activeTask"), errors);
+            validate_pending_upgrade(task_state, root, errors)?;
+            validate_active_task_references(
+                task_state.get("activeTask"),
+                root,
+                errors,
+                Some(status),
+            )?;
+            if let Some(active_task) = task_state.get("activeTask") {
+                validate_changed_paths(active_task, root, errors)?;
+            }
+        }
+        "needs_human_review" => {
+            validate_human_review_state(task_state, root, errors)?;
+            errors.push(format_blocker(
+                "Human review required",
+                task_state.get("blocker"),
+            ));
+        }
+        "blocked" => {
+            validate_active_task(task_state.get("activeTask"), errors);
+            validate_blocker(task_state.get("blocker"), errors);
+            errors.push(format_blocker("Task is blocked", task_state.get("blocker")));
+        }
+        "complete" => errors.push(
+            "Task is complete; use node .naome/bin/check-task-state.js for completion validation."
+                .to_string(),
+        ),
+        "idle" => errors.push(
+            "No active task is in progress; use --admission before starting feature work."
+                .to_string(),
+        ),
+        _ => {}
+    }
+    Ok(())
+}
+pub(super) fn checked_status<'a>(
+    task_state: &'a Value,
+    root: &Path,
+    errors: &mut Vec<String>,
+) -> Result<&'a str, NaomeError> {
+    validate_init_complete(root, errors)?;
+    validate_upgrade_complete(root, errors)?;
+    Ok(task_state
+        .get("status")
+        .and_then(Value::as_str)
+        .unwrap_or("invalid"))
+}
+pub(super) fn validate_upgrade_complete(
+    root: &Path,
+    errors: &mut Vec<String>,
+) -> Result<(), NaomeError> {
+    let Some(upgrade_state) = read_json(root, ".naome/upgrade-state.json", errors)? else {
+        return Ok(());
+    };
+    if upgrade_state.get("status").and_then(Value::as_str) != Some("complete") {
+        let pending = joined_strings(upgrade_state.get("pending"), "unknown");
+        errors.push(format!("NAOME upgrade is not complete. Finish docs/naome/upgrade.md before feature work. Pending: {pending}"));
+    }
+    Ok(())
+}
+pub(super) fn validate_init_complete(
+    root: &Path,
+    errors: &mut Vec<String>,
+) -> Result<(), NaomeError> {
+    let Some(init_state) = read_json(root, ".naome/init-state.json", errors)? else {
+        return Ok(());
+    };
+    if init_state.get("initialized").and_then(Value::as_bool) != Some(true)
+        || init_state.get("intakeStatus").and_then(Value::as_str) != Some("complete")
+    {
+        errors.push(
+            "NAOME intake is not complete. Finish docs/naome/first-run.md before feature work."
+                .to_string(),
+        );
+    }
+    Ok(())
+}
+pub(super) fn validate_clean_git_diff(
+    task_state: &Value,
+    root: &Path,
+    errors: &mut Vec<String>,
+) -> Result<(), NaomeError> {
+    let changed_paths = read_git_changed_paths(root)?;
+    if !changed_paths.is_empty() {
+        errors.push(format_dirty_diff_admission_blocker(
+            task_state,
+            root,
+            &changed_paths,
+        )?);
+    }
+    Ok(())
+}

package/crates/naome-core/src/task_state/proof.rs ADDED Viewed

@@ -0,0 +1,139 @@
+use std::collections::HashSet;
+use std::path::Path;
+use serde_json::Value;
+use crate::models::NaomeError;
+use super::diff::task_diff_from_entries;
+pub(super) use super::evidence::{
+    evidence_entry_path, validate_control_state_paths, validate_control_state_patterns,
+    validate_evidence_array, validate_evidence_paths,
+};
+use super::git_io::read_git_changed_entries;
+use super::proof_entry::validate_proof_result;
+use super::proof_model::canonical_proofs;
+use super::types::ChangedEntry;
+use super::util::{is_iso_datetime, matches_any_pattern, normalize_path, string_array};
+pub(super) fn validate_proof_result_entries(
+    active_task: &Value,
+    check_ids: &HashSet<String>,
+    root: &Path,
+    errors: &mut Vec<String>,
+) -> Result<(), NaomeError> {
+    if let Some(proofs) = active_task.get("proofResults").and_then(Value::as_array) {
+        for (index, proof) in proofs.iter().enumerate() {
+            validate_proof_result(proof, index, check_ids, root, errors, active_task)?;
+        }
+    }
+    for proof in canonical_proofs(active_task, root, errors)? {
+        if proof.command.trim().is_empty() {
+            errors.push(format!(
+                "activeTask proof command is empty: {}",
+                proof.check_id
+            ));
+        }
+        if proof.cwd.trim().is_empty() {
+            errors.push(format!("activeTask proof cwd is empty: {}", proof.check_id));
+        }
+        if !is_iso_datetime(&proof.checked_at) {
+            errors.push(format!(
+                "activeTask proof checkedAt must be an ISO timestamp: {}",
+                proof.check_id
+            ));
+        }
+    }
+    Ok(())
+}
+pub(super) fn validate_proof_results(
+    active_task: &Value,
+    check_ids: &HashSet<String>,
+    root: &Path,
+    errors: &mut Vec<String>,
+) -> Result<(), NaomeError> {
+    let Some(required_check_ids) = active_task
+        .get("requiredCheckIds")
+        .and_then(Value::as_array)
+    else {
+        return Ok(());
+    };
+    let proofs = canonical_proofs(active_task, root, errors)?;
+    for check_id in required_check_ids {
+        let Some(check_id) = check_id.as_str().filter(|value| !value.trim().is_empty()) else {
+            continue;
+        };
+        match proofs.iter().find(|proof| proof.check_id == check_id) {
+            Some(proof) if proof.exit_code == 0 => {}
+            Some(_) => errors.push(format!(
+                "activeTask.proofResults failed proof result: {check_id}"
+            )),
+            None => errors.push(format!(
+                "activeTask.proofResults missing proof result: {check_id}"
+            )),
+        }
+    }
+    validate_proof_result_entries(active_task, check_ids, root, errors)
+}
+pub(super) fn validate_proof_evidence_covers_changed_paths(
+    active_task: Option<&Value>,
+    root: &Path,
+    errors: &mut Vec<String>,
+) -> Result<(), NaomeError> {
+    let Some(active_task) = active_task else {
+        return Ok(());
+    };
+    let mut proof_errors = Vec::new();
+    let proofs = canonical_proofs(active_task, root, &mut proof_errors)?;
+    if proofs.is_empty() {
+        return Ok(());
+    }
+    let entries = read_git_changed_entries(root)?;
+    validate_proof_evidence_covers_changed_entries(active_task, root, &entries, errors)
+}
+pub(super) fn validate_proof_evidence_covers_changed_entries(
+    active_task: &Value,
+    root: &Path,
+    entries: &[ChangedEntry],
+    errors: &mut Vec<String>,
+) -> Result<(), NaomeError> {
+    let mut proof_errors = Vec::new();
+    let proofs = canonical_proofs(active_task, root, &mut proof_errors)?;
+    if proofs.is_empty() {
+        return Ok(());
+    }
+    let changed_paths = task_diff_from_entries(active_task, entries);
+    let evidence_paths: HashSet<String> = proofs
+        .iter()
+        .flat_map(|proof| proof.evidence.clone())
+        .filter_map(|entry| evidence_entry_path(&entry).map(normalize_path))
+        .collect();
+    let allowed_paths = string_array(active_task.get("allowedPaths")).unwrap_or_default();
+    let changed_allowed_paths: Vec<String> = changed_paths
+        .diff_paths
+        .into_iter()
+        .filter(|path| matches_any_pattern(path, &allowed_paths))
+        .collect();
+    let missing_paths: Vec<String> = changed_allowed_paths
+        .into_iter()
+        .filter(|path| !evidence_paths.contains(path))
+        .collect();
+    if !missing_paths.is_empty() {
+        errors.push(format!(
+            "activeTask.proofResults evidence missing changed allowed paths: {}",
+            missing_paths.join(", ")
+        ));
+    }
+    Ok(())
+}

package/crates/naome-core/src/task_state/proof_entry.rs ADDED Viewed

@@ -0,0 +1,66 @@
+use std::collections::HashSet;
+use std::path::Path;
+use serde_json::Value;
+use crate::models::NaomeError;
+use super::proof::{
+    validate_control_state_paths, validate_evidence_array, validate_evidence_paths,
+};
+use super::util::{is_iso_datetime, require_string};
+pub(super) fn validate_proof_result(
+    proof: &Value,
+    index: usize,
+    check_ids: &HashSet<String>,
+    root: &Path,
+    errors: &mut Vec<String>,
+    active_task: &Value,
+) -> Result<(), NaomeError> {
+    let prefix = format!("activeTask.proofResults[{index}]");
+    let Some(object) = proof.as_object() else {
+        errors.push(format!("{prefix} must be an object."));
+        return Ok(());
+    };
+    require_string(object.get("checkId"), &format!("{prefix}.checkId"), errors);
+    require_string(object.get("command"), &format!("{prefix}.command"), errors);
+    require_string(object.get("cwd"), &format!("{prefix}.cwd"), errors);
+    validate_evidence_array(
+        object.get("evidence"),
+        &format!("{prefix}.evidence"),
+        errors,
+    );
+    validate_control_state_paths(
+        object.get("evidence"),
+        &format!("{prefix}.evidence"),
+        errors,
+    );
+    if object.get("exitCode").and_then(Value::as_i64).is_none() {
+        errors.push(format!("{prefix}.exitCode must be an integer."));
+    }
+    if !object
+        .get("checkedAt")
+        .and_then(Value::as_str)
+        .is_some_and(is_iso_datetime)
+    {
+        errors.push(format!("{prefix}.checkedAt must be an ISO timestamp."));
+    }
+    if let Some(check_id) = object.get("checkId").and_then(Value::as_str) {
+        if !check_id.trim().is_empty() && !check_ids.contains(check_id) {
+            errors.push(format!("{prefix}.checkId unknown check id: {check_id}"));
+        }
+    }
+    validate_evidence_paths(
+        object.get("evidence"),
+        &format!("{prefix}.evidence"),
+        root,
+        errors,
+        active_task,
+    )
+}

package/crates/naome-core/src/task_state/proof_model.rs ADDED Viewed

@@ -0,0 +1,70 @@
+use std::path::Path;
+use serde_json::Value;
+use crate::models::NaomeError;
+use super::compact_proof::compact_proofs;
+use super::proof_sources::{check_id_from_proof, read_verification_defaults};
+#[derive(Debug, Clone)]
+pub(super) struct CanonicalProof {
+    pub(super) check_id: String,
+    pub(super) command: String,
+    pub(super) cwd: String,
+    pub(super) exit_code: i64,
+    pub(super) checked_at: String,
+    pub(super) evidence: Vec<Value>,
+}
+#[derive(Debug, Clone)]
+pub(super) struct VerificationDefaults {
+    pub(super) command: String,
+    pub(super) cwd: String,
+}
+pub(super) fn canonical_proofs(
+    active_task: &Value,
+    root: &Path,
+    errors: &mut Vec<String>,
+) -> Result<Vec<CanonicalProof>, NaomeError> {
+    let defaults = read_verification_defaults(root, errors)?;
+    let mut proofs = legacy_proofs(active_task);
+    proofs.extend(compact_proofs(active_task, root, errors, &defaults)?);
+    Ok(proofs)
+}
+pub(crate) fn canonical_proof_check_ids(active_task: &Value) -> Vec<String> {
+    let mut check_ids = Vec::new();
+    if let Some(proofs) = active_task.get("proofResults").and_then(Value::as_array) {
+        check_ids.extend(proofs.iter().filter_map(check_id_from_proof));
+    }
+    if let Some(batches) = active_task.get("proofBatches").and_then(Value::as_array) {
+        for batch in batches {
+            if let Some(proofs) = batch.get("proofs").and_then(Value::as_array) {
+                check_ids.extend(proofs.iter().filter_map(check_id_from_proof));
+            }
+        }
+    }
+    check_ids
+}
+fn legacy_proofs(active_task: &Value) -> Vec<CanonicalProof> {
+    active_task
+        .get("proofResults")
+        .and_then(Value::as_array)
+        .into_iter()
+        .flatten()
+        .filter_map(|proof| {
+            let evidence = proof.get("evidence")?.as_array()?.clone();
+            Some(CanonicalProof {
+                check_id: proof.get("checkId")?.as_str()?.to_string(),
+                command: proof.get("command")?.as_str()?.to_string(),
+                cwd: proof.get("cwd")?.as_str()?.to_string(),
+                exit_code: proof.get("exitCode")?.as_i64()?,
+                checked_at: proof.get("checkedAt")?.as_str()?.to_string(),
+                evidence,
+            })
+        })
+        .collect()
+}

package/crates/naome-core/src/task_state/proof_sources.rs ADDED Viewed

@@ -0,0 +1,76 @@
+use std::collections::HashMap;
+use std::path::Path;
+use serde_json::Value;
+use crate::models::NaomeError;
+use super::proof::{
+    validate_control_state_paths, validate_evidence_array, validate_evidence_paths,
+};
+use super::proof_model::VerificationDefaults;
+use super::util::read_json;
+pub(super) fn read_path_sets(
+    active_task: &Value,
+    root: &Path,
+    errors: &mut Vec<String>,
+) -> Result<HashMap<String, Vec<Value>>, NaomeError> {
+    let mut sets = HashMap::new();
+    let Some(path_sets) = active_task.get("proofPathSets") else {
+        return Ok(sets);
+    };
+    let Some(path_sets) = path_sets.as_object() else {
+        errors.push("activeTask.proofPathSets must be an object when present.".to_string());
+        return Ok(sets);
+    };
+    for (name, value) in path_sets {
+        let prefix = format!("activeTask.proofPathSets.{name}");
+        validate_evidence_array(Some(value), &prefix, errors);
+        validate_control_state_paths(Some(value), &prefix, errors);
+        validate_evidence_paths(Some(value), &prefix, root, errors, active_task)?;
+        if let Some(paths) = value.as_array() {
+            sets.insert(name.clone(), paths.clone());
+        }
+    }
+    Ok(sets)
+}
+pub(super) fn read_verification_defaults(
+    root: &Path,
+    errors: &mut Vec<String>,
+) -> Result<HashMap<String, VerificationDefaults>, NaomeError> {
+    let Some(verification) = read_json(root, ".naome/verification.json", errors)? else {
+        return Ok(HashMap::new());
+    };
+    let mut defaults = HashMap::new();
+    for check in verification
+        .get("checks")
+        .and_then(Value::as_array)
+        .into_iter()
+        .flatten()
+    {
+        let (Some(id), Some(command), Some(cwd)) = (
+            check.get("id").and_then(Value::as_str),
+            check.get("command").and_then(Value::as_str),
+            check.get("cwd").and_then(Value::as_str),
+        ) else {
+            continue;
+        };
+        defaults.insert(
+            id.to_string(),
+            VerificationDefaults {
+                command: command.to_string(),
+                cwd: cwd.to_string(),
+            },
+        );
+    }
+    Ok(defaults)
+}
+pub(super) fn check_id_from_proof(proof: &Value) -> Option<String> {
+    proof
+        .get("checkId")
+        .and_then(Value::as_str)
+        .map(ToString::to_string)
+}

package/crates/naome-core/src/task_state/push_gate.rs ADDED Viewed

@@ -0,0 +1,49 @@
+use std::path::Path;
+use serde_json::Value;
+use crate::models::NaomeError;
+use super::repair::{is_completed_task_diff, is_harness_repair_diff, is_naome_baseline_diff};
+use super::shape::validate_blocker;
+use super::types::BLOCKING_STATUS;
+pub(super) fn validate_push_gate(task_state: &Value, errors: &mut Vec<String>) {
+    let status = task_state
+        .get("status")
+        .and_then(Value::as_str)
+        .unwrap_or("invalid");
+    if !BLOCKING_STATUS.contains(&status) {
+        return;
+    }
+    if status == "blocked" || status == "needs_human_review" {
+        validate_blocker(task_state.get("blocker"), errors);
+    }
+    errors.push(format!("NAOME push gate blocked because task state is {status}. Resolve the active task before pushing. Human options: continue_current_task, request_task_changes, mark_task_blocked, cancel_task_state."));
+}
+pub(super) fn format_dirty_diff_admission_blocker(
+    task_state: &Value,
+    root: &Path,
+    changed_paths: &[String],
+) -> Result<String, NaomeError> {
+    let prefix = format!(
+        "Task admission requires a clean git diff. Changed paths: {}.",
+        changed_paths.join(", ")
+    );
+    if is_harness_repair_diff(root, changed_paths)? {
+        return Ok(format!("{prefix} These look like completed Harness Repair changes. Run NAOME intent for the next natural-language request before deciding whether to baseline, review, or cancel the repair diff."));
+    }
+    if is_completed_task_diff(task_state, changed_paths) {
+        return Ok(format!("{prefix} These look like completed task changes. Run NAOME intent for the next natural-language request; deterministic policy can baseline a valid completed task before creating the next task."));
+    }
+    if is_naome_baseline_diff(changed_paths) {
+        return Ok(format!("{prefix} These look like completed NAOME install or upgrade changes. Run NAOME intent for the next natural-language request; deterministic policy can baseline setup before creating the next task."));
+    }
+    Ok(format!("{prefix} Ask the user to choose exactly one: review_task_diff, request_task_changes, cancel_task_changes. Do not start new feature work or commit without explicit user selection."))
+}

package/crates/naome-core/src/task_state/reconcile.rs ADDED Viewed

@@ -0,0 +1,7 @@
+pub(super) use super::completed_refresh::add_completed_task_diff_notice;
+pub(super) use super::push_gate::{format_dirty_diff_admission_blocker, validate_push_gate};
+pub(super) use super::repair::{
+    is_deterministic_harness_refresh_diff, is_harness_repair_diff,
+    is_install_or_upgrade_baseline_diff, is_packaged_machine_owned_path, is_repair_archive_path,
+    is_safe_harness_refresh_path,
+};