npm - @lamentis/naome - Versions diffs - 1.1.2 → 1.2.1 - Mend

@lamentis/naome 1.1.2 → 1.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (204) hide show

package/Cargo.lock +2 -2
package/Cargo.toml +1 -1
package/LICENSE +180 -21
package/README.md +49 -6
package/bin/naome-node.js +2 -1579
package/bin/naome.js +68 -16
package/crates/naome-cli/Cargo.toml +1 -1
package/crates/naome-cli/src/check_commands.rs +135 -0
package/crates/naome-cli/src/cli_args.rs +5 -0
package/crates/naome-cli/src/dispatcher.rs +37 -0
package/crates/naome-cli/src/install_bridge.rs +83 -0
package/crates/naome-cli/src/main.rs +60 -341
package/crates/naome-cli/src/prompt_commands.rs +68 -0
package/crates/naome-cli/src/quality_commands.rs +229 -0
package/crates/naome-cli/src/simple_commands.rs +53 -0
package/crates/naome-cli/src/workflow_commands.rs +153 -0
package/crates/naome-core/Cargo.toml +1 -1
package/crates/naome-core/src/decision/checks.rs +64 -0
package/crates/naome-core/src/decision/idle.rs +67 -0
package/crates/naome-core/src/decision/json.rs +36 -0
package/crates/naome-core/src/decision/states.rs +165 -0
package/crates/naome-core/src/decision.rs +131 -353
package/crates/naome-core/src/harness_health/integrity.rs +96 -0
package/crates/naome-core/src/harness_health.rs +14 -126
package/crates/naome-core/src/install_plan.rs +5 -0
package/crates/naome-core/src/intent/classifier.rs +171 -0
package/crates/naome-core/src/intent/envelope.rs +108 -0
package/crates/naome-core/src/intent/legacy.rs +138 -0
package/crates/naome-core/src/intent/legacy_response.rs +76 -0
package/crates/naome-core/src/intent/model.rs +71 -0
package/crates/naome-core/src/intent/patterns.rs +170 -0
package/crates/naome-core/src/intent/resolver.rs +162 -0
package/crates/naome-core/src/intent/resolver_active.rs +17 -0
package/crates/naome-core/src/intent/resolver_baseline.rs +55 -0
package/crates/naome-core/src/intent/resolver_catalog.rs +167 -0
package/crates/naome-core/src/intent/resolver_policy.rs +72 -0
package/crates/naome-core/src/intent/resolver_shared.rs +55 -0
package/crates/naome-core/src/intent/risk.rs +40 -0
package/crates/naome-core/src/intent/segment.rs +170 -0
package/crates/naome-core/src/intent.rs +64 -879
package/crates/naome-core/src/journal.rs +9 -20
package/crates/naome-core/src/lib.rs +15 -0
package/crates/naome-core/src/paths.rs +3 -1
package/crates/naome-core/src/quality/adapter_support.rs +89 -0
package/crates/naome-core/src/quality/adapters.rs +131 -0
package/crates/naome-core/src/quality/baseline.rs +75 -0
package/crates/naome-core/src/quality/checks/duplicate_blocks.rs +175 -0
package/crates/naome-core/src/quality/checks/near_duplicates.rs +130 -0
package/crates/naome-core/src/quality/checks.rs +228 -0
package/crates/naome-core/src/quality/cleanup.rs +84 -0
package/crates/naome-core/src/quality/config.rs +102 -0
package/crates/naome-core/src/quality/config_support.rs +24 -0
package/crates/naome-core/src/quality/mod.rs +108 -0
package/crates/naome-core/src/quality/scanner/repo_paths.rs +103 -0
package/crates/naome-core/src/quality/scanner.rs +379 -0
package/crates/naome-core/src/quality/structure/adapters.rs +84 -0
package/crates/naome-core/src/quality/structure/checks/basic.rs +153 -0
package/crates/naome-core/src/quality/structure/checks/directory.rs +144 -0
package/crates/naome-core/src/quality/structure/checks/pairing.rs +63 -0
package/crates/naome-core/src/quality/structure/checks.rs +124 -0
package/crates/naome-core/src/quality/structure/classify/roles.rs +188 -0
package/crates/naome-core/src/quality/structure/classify.rs +94 -0
package/crates/naome-core/src/quality/structure/config.rs +89 -0
package/crates/naome-core/src/quality/structure/defaults.rs +107 -0
package/crates/naome-core/src/quality/structure/mod.rs +77 -0
package/crates/naome-core/src/quality/structure/model.rs +124 -0
package/crates/naome-core/src/quality/types.rs +292 -0
package/crates/naome-core/src/route/builtin_checks.rs +155 -0
package/crates/naome-core/src/route/builtin_context.rs +73 -0
package/crates/naome-core/src/route/builtin_integrity.rs +49 -0
package/crates/naome-core/src/route/builtin_require.rs +40 -0
package/crates/naome-core/src/route/context.rs +180 -0
package/crates/naome-core/src/route/execution.rs +96 -0
package/crates/naome-core/src/route/execution_baselines.rs +146 -0
package/crates/naome-core/src/route/execution_support.rs +57 -0
package/crates/naome-core/src/route/execution_tasks.rs +71 -0
package/crates/naome-core/src/route/git_ops.rs +72 -0
package/crates/naome-core/src/route/quality_gate.rs +73 -0
package/crates/naome-core/src/route/quality_gate_config.rs +126 -0
package/crates/naome-core/src/route/quality_gate_snapshot.rs +69 -0
package/crates/naome-core/src/route/worktree.rs +75 -0
package/crates/naome-core/src/route/worktree_files.rs +32 -0
package/crates/naome-core/src/route/worktree_plan.rs +131 -0
package/crates/naome-core/src/route.rs +44 -1155
package/crates/naome-core/src/task_state/admission.rs +63 -0
package/crates/naome-core/src/task_state/admission_proof.rs +72 -0
package/crates/naome-core/src/task_state/api.rs +130 -0
package/crates/naome-core/src/task_state/commit_gate.rs +138 -0
package/crates/naome-core/src/task_state/compact_proof.rs +160 -0
package/crates/naome-core/src/task_state/completed_refresh.rs +89 -0
package/crates/naome-core/src/task_state/completion.rs +72 -0
package/crates/naome-core/src/task_state/deleted_paths.rs +47 -0
package/crates/naome-core/src/task_state/diff.rs +95 -0
package/crates/naome-core/src/task_state/evidence.rs +154 -0
package/crates/naome-core/src/task_state/git_io.rs +86 -0
package/crates/naome-core/src/task_state/git_parse.rs +86 -0
package/crates/naome-core/src/task_state/git_refs.rs +37 -0
package/crates/naome-core/src/task_state/human_review_state.rs +31 -0
package/crates/naome-core/src/task_state/mod.rs +38 -0
package/crates/naome-core/src/task_state/process_guard.rs +40 -0
package/crates/naome-core/src/task_state/progress.rs +123 -0
package/crates/naome-core/src/task_state/proof.rs +139 -0
package/crates/naome-core/src/task_state/proof_entry.rs +66 -0
package/crates/naome-core/src/task_state/proof_model.rs +70 -0
package/crates/naome-core/src/task_state/proof_sources.rs +76 -0
package/crates/naome-core/src/task_state/push_gate.rs +49 -0
package/crates/naome-core/src/task_state/reconcile.rs +7 -0
package/crates/naome-core/src/task_state/repair.rs +168 -0
package/crates/naome-core/src/task_state/shape.rs +117 -0
package/crates/naome-core/src/task_state/task_diff_api.rs +170 -0
package/crates/naome-core/src/task_state/task_records.rs +131 -0
package/crates/naome-core/src/task_state/task_references.rs +126 -0
package/crates/naome-core/src/task_state/types.rs +87 -0
package/crates/naome-core/src/task_state/util.rs +137 -0
package/crates/naome-core/src/verification/render.rs +122 -0
package/crates/naome-core/src/verification.rs +177 -58
package/crates/naome-core/src/verification_contract.rs +49 -21
package/crates/naome-core/src/workflow/integrity.rs +123 -0
package/crates/naome-core/src/workflow/integrity_normalize.rs +7 -0
package/crates/naome-core/src/workflow/integrity_support.rs +110 -0
package/crates/naome-core/src/workflow/mod.rs +18 -0
package/crates/naome-core/src/workflow/mutation.rs +68 -0
package/crates/naome-core/src/workflow/output.rs +111 -0
package/crates/naome-core/src/workflow/phase_inference.rs +73 -0
package/crates/naome-core/src/workflow/phases.rs +169 -0
package/crates/naome-core/src/workflow/policy.rs +156 -0
package/crates/naome-core/src/workflow/processes.rs +91 -0
package/crates/naome-core/src/workflow/types.rs +42 -0
package/crates/naome-core/tests/decision.rs +24 -118
package/crates/naome-core/tests/harness_health.rs +5 -0
package/crates/naome-core/tests/intent.rs +97 -792
package/crates/naome-core/tests/intent_support/mod.rs +133 -0
package/crates/naome-core/tests/intent_v2.rs +90 -0
package/crates/naome-core/tests/quality.rs +319 -0
package/crates/naome-core/tests/quality_structure.rs +116 -0
package/crates/naome-core/tests/quality_structure_adapters.rs +98 -0
package/crates/naome-core/tests/quality_structure_policy.rs +125 -0
package/crates/naome-core/tests/quality_structure_support/mod.rs +249 -0
package/crates/naome-core/tests/repo_support/mod.rs +16 -0
package/crates/naome-core/tests/repo_support/repo.rs +113 -0
package/crates/naome-core/tests/repo_support/repo_factories.rs +99 -0
package/crates/naome-core/tests/repo_support/repo_helpers.rs +123 -0
package/crates/naome-core/tests/repo_support/routes.rs +81 -0
package/crates/naome-core/tests/repo_support/verification.rs +168 -0
package/crates/naome-core/tests/repo_support/verification_values.rs +135 -0
package/crates/naome-core/tests/route.rs +1 -1476
package/crates/naome-core/tests/route_baseline.rs +86 -0
package/crates/naome-core/tests/route_completion.rs +141 -0
package/crates/naome-core/tests/route_harness_refresh.rs +135 -0
package/crates/naome-core/tests/route_user_diff.rs +198 -0
package/crates/naome-core/tests/route_worktree.rs +54 -0
package/crates/naome-core/tests/task_state.rs +60 -429
package/crates/naome-core/tests/task_state_compact.rs +110 -0
package/crates/naome-core/tests/task_state_compact_support/mod.rs +5 -0
package/crates/naome-core/tests/task_state_compact_support/repo.rs +130 -0
package/crates/naome-core/tests/task_state_compact_support/states.rs +151 -0
package/crates/naome-core/tests/task_state_support/mod.rs +163 -0
package/crates/naome-core/tests/task_state_support/states.rs +84 -0
package/crates/naome-core/tests/verification.rs +4 -45
package/crates/naome-core/tests/verification_contract.rs +22 -78
package/crates/naome-core/tests/workflow_integrity.rs +85 -0
package/crates/naome-core/tests/workflow_policy.rs +139 -0
package/crates/naome-core/tests/workflow_support/mod.rs +194 -0
package/installer/agents.js +90 -0
package/installer/context.js +67 -0
package/installer/filesystem.js +166 -0
package/installer/flows.js +84 -0
package/installer/git-boundary.js +170 -0
package/installer/git-hook-content.js +36 -0
package/installer/git-hooks.js +134 -0
package/installer/git-local.js +2 -0
package/installer/git-shared.js +35 -0
package/installer/harness-file-ops.js +140 -0
package/installer/harness-files.js +56 -0
package/installer/harness-verification.js +123 -0
package/installer/install-plan.js +66 -0
package/installer/main.js +25 -0
package/installer/manifest-state.js +167 -0
package/installer/native-build.js +24 -0
package/installer/native-format.js +6 -0
package/installer/native.js +162 -0
package/installer/output.js +131 -0
package/installer/version.js +32 -0
package/native/darwin-arm64/naome +0 -0
package/native/linux-x64/naome +0 -0
package/package.json +3 -2
package/templates/naome-root/.naome/bin/check-harness-health.js +66 -85
package/templates/naome-root/.naome/bin/check-task-state.js +9 -10
package/templates/naome-root/.naome/bin/naome.js +51 -76
package/templates/naome-root/.naome/manifest.json +22 -18
package/templates/naome-root/.naome/repository-quality-baseline.json +5 -0
package/templates/naome-root/.naome/repository-quality.json +24 -0
package/templates/naome-root/.naome/repository-structure.json +90 -0
package/templates/naome-root/.naome/task-contract.schema.json +93 -11
package/templates/naome-root/.naome/upgrade-state.json +1 -1
package/templates/naome-root/.naome/verification.json +38 -0
package/templates/naome-root/AGENTS.md +3 -0
package/templates/naome-root/docs/naome/agent-workflow.md +25 -12
package/templates/naome-root/docs/naome/execution.md +25 -21
package/templates/naome-root/docs/naome/index.md +5 -3
package/templates/naome-root/docs/naome/repository-quality.md +46 -0
package/templates/naome-root/docs/naome/repository-structure.md +51 -0
package/templates/naome-root/docs/naome/testing.md +13 -0
package/crates/naome-core/src/task_state.rs +0 -2210

package/crates/naome-core/src/task_state/repair.rs ADDED Viewed

@@ -0,0 +1,168 @@
+use std::collections::HashSet;
+use std::path::Path;
+use serde_json::Value;
+use crate::install_plan::MACHINE_OWNED_PATHS;
+use crate::models::NaomeError;
+use super::types::CONTROL_STATE_PATH;
+use super::util::{
+    is_non_empty_string, matches_any_pattern, normalize_path, read_json, string_array,
+};
+pub(super) fn is_harness_repair_diff(
+    root: &Path,
+    changed_paths: &[String],
+) -> Result<bool, NaomeError> {
+    let machine_owned_paths = read_machine_owned_paths(root)?;
+    if machine_owned_paths.is_empty() {
+        return Ok(false);
+    }
+    let has_repair_signal = changed_paths
+        .iter()
+        .any(|path| machine_owned_paths.contains(path) || is_repair_archive_path(path));
+    if !has_repair_signal {
+        return Ok(false);
+    }
+    Ok(changed_paths
+        .iter()
+        .all(|path| machine_owned_paths.contains(path) || is_repair_support_path(path)))
+}
+pub(super) fn is_repair_support_path(path: &str) -> bool {
+    path == ".naome/manifest.json"
+        || path == ".naome/upgrade-state.json"
+        || is_repair_archive_path(path)
+}
+pub(super) fn is_packaged_machine_owned_path(path: &str) -> bool {
+    MACHINE_OWNED_PATHS.iter().any(|owned| *owned == path)
+}
+pub(super) fn is_safe_harness_refresh_path(path: &str) -> bool {
+    is_packaged_machine_owned_path(path) || is_repair_support_path(path)
+}
+pub(super) fn is_deterministic_harness_refresh_diff(changed_paths: &[String]) -> bool {
+    !changed_paths.is_empty()
+        && changed_paths
+            .iter()
+            .any(|path| is_packaged_machine_owned_path(path) || is_repair_archive_path(path))
+        && changed_paths
+            .iter()
+            .all(|path| is_safe_harness_refresh_path(path))
+}
+pub(super) fn is_repair_archive_path(path: &str) -> bool {
+    path.starts_with(".naome/archive/repair-")
+}
+pub(super) fn is_completed_task_diff(task_state: &Value, changed_paths: &[String]) -> bool {
+    if task_state.get("status").and_then(Value::as_str) != Some("complete") {
+        return false;
+    }
+    let Some(active_task) = task_state.get("activeTask") else {
+        return false;
+    };
+    let allowed_paths = string_array(active_task.get("allowedPaths")).unwrap_or_default();
+    let task_paths: Vec<&String> = changed_paths
+        .iter()
+        .filter(|path| path.as_str() != CONTROL_STATE_PATH)
+        .collect();
+    !task_paths.is_empty()
+        && task_paths
+            .iter()
+            .all(|path| matches_any_pattern(path, &allowed_paths))
+}
+pub(super) fn is_naome_baseline_diff(changed_paths: &[String]) -> bool {
+    changed_paths.iter().all(|path| {
+        path == "AGENTS.md"
+            || path == ".gitignore"
+            || path == ".naomeignore"
+            || path.starts_with(".naome/")
+            || path.starts_with("docs/naome/")
+    })
+}
+pub(super) fn is_install_or_upgrade_baseline_diff(
+    root: &Path,
+    changed_paths: &[String],
+) -> Result<bool, NaomeError> {
+    if !is_naome_baseline_diff(changed_paths) {
+        return Ok(false);
+    }
+    let has_setup_signal = changed_paths.iter().any(|path| {
+        matches!(
+            path.as_str(),
+            "AGENTS.md"
+                | ".gitignore"
+                | ".naomeignore"
+                | ".naome/init-state.json"
+                | ".naome/manifest.json"
+                | ".naome/package.json"
+                | ".naome/task-contract.schema.json"
+                | ".naome/upgrade-state.json"
+        )
+    });
+    if !has_setup_signal {
+        return Ok(false);
+    }
+    if read_init_incomplete(root)? || read_upgrade_baseline_signal(root)? {
+        return Ok(true);
+    }
+    Ok(changed_paths.iter().any(|path| {
+        matches!(
+            path.as_str(),
+            ".naome/init-state.json" | ".naome/manifest.json" | ".naome/upgrade-state.json"
+        )
+    }))
+}
+pub(super) fn read_init_incomplete(root: &Path) -> Result<bool, NaomeError> {
+    let Some(init_state) = read_json(root, ".naome/init-state.json", &mut Vec::new())? else {
+        return Ok(false);
+    };
+    Ok(
+        init_state.get("initialized").and_then(Value::as_bool) != Some(true)
+            || init_state.get("intakeStatus").and_then(Value::as_str) != Some("complete"),
+    )
+}
+pub(super) fn read_upgrade_baseline_signal(root: &Path) -> Result<bool, NaomeError> {
+    let Some(upgrade_state) = read_json(root, ".naome/upgrade-state.json", &mut Vec::new())? else {
+        return Ok(false);
+    };
+    Ok(upgrade_state.get("fromVersion").is_some()
+        || upgrade_state
+            .get("pending")
+            .and_then(Value::as_array)
+            .is_some_and(|pending| !pending.is_empty())
+        || upgrade_state
+            .get("completed")
+            .and_then(Value::as_array)
+            .is_some_and(|completed| !completed.is_empty()))
+}
+pub(super) fn read_machine_owned_paths(root: &Path) -> Result<HashSet<String>, NaomeError> {
+    let Some(manifest) = read_json(root, ".naome/manifest.json", &mut Vec::new())? else {
+        return Ok(HashSet::new());
+    };
+    Ok(manifest
+        .get("machineOwned")
+        .and_then(Value::as_array)
+        .into_iter()
+        .flatten()
+        .filter_map(Value::as_str)
+        .filter(|value| is_non_empty_string(value))
+        .map(normalize_path)
+        .collect())
+}

package/crates/naome-core/src/task_state/shape.rs ADDED Viewed

@@ -0,0 +1,117 @@
+use serde_json::Value;
+use super::proof::validate_control_state_patterns;
+pub(super) use super::task_records::{
+    format_blocker, validate_blocker, validate_human_review, validate_prompt_record,
+    validate_revisions,
+};
+pub(super) use super::task_references::{
+    read_verification_check_ids, validate_active_task_references, validate_pending_upgrade,
+    validate_required_check_ids,
+};
+use super::types::ALLOWED_STATUS;
+use super::util::{
+    is_id, is_iso_datetime, require_string, require_string_array, require_string_array_allow_empty,
+};
+pub(super) fn validate_task_state_shape(task_state: &Value, errors: &mut Vec<String>) {
+    let Some(object) = task_state.as_object() else {
+        errors.push(".naome/task-state.json must be a JSON object.".to_string());
+        return;
+    };
+    match (
+        object.get("schema").and_then(Value::as_str),
+        object.get("version").and_then(Value::as_i64),
+    ) {
+        (Some("naome.task-state.v1"), Some(1)) | (Some("naome.task-state.v2"), Some(2)) => {}
+        _ => errors.push(
+            ".naome/task-state.json schema/version must be naome.task-state.v1/1 or naome.task-state.v2/2."
+                .to_string(),
+        ),
+    }
+    let status = object.get("status").and_then(Value::as_str);
+    if !status.is_some_and(|value| ALLOWED_STATUS.contains(&value)) {
+        errors.push(format!(
+            ".naome/task-state.json status must be one of: {}.",
+            ALLOWED_STATUS.join(", ")
+        ));
+    }
+    if let Some(updated_at) = object.get("updatedAt") {
+        if !updated_at.is_null() && !updated_at.as_str().is_some_and(is_iso_datetime) {
+            errors.push(
+                ".naome/task-state.json updatedAt must be an ISO timestamp or null.".to_string(),
+            );
+        }
+    }
+}
+pub(super) fn validate_idle_state(task_state: &Value, errors: &mut Vec<String>) {
+    if !task_state.get("activeTask").is_some_and(Value::is_null) {
+        errors.push("idle task state must have activeTask set to null.".to_string());
+    }
+    if !task_state.get("blocker").is_some_and(Value::is_null) {
+        errors.push("idle task state must have blocker set to null.".to_string());
+    }
+}
+pub(super) fn validate_active_task(active_task: Option<&Value>, errors: &mut Vec<String>) {
+    let Some(active_task) = active_task.and_then(Value::as_object) else {
+        errors.push("activeTask must be an object for active task states.".to_string());
+        return;
+    };
+    if !active_task
+        .get("id")
+        .and_then(Value::as_str)
+        .is_some_and(is_id)
+    {
+        errors.push("activeTask.id must be kebab-case lowercase.".to_string());
+    }
+    require_string(active_task.get("request"), "activeTask.request", errors);
+    validate_prompt_record(
+        active_task.get("userPrompt"),
+        "activeTask.userPrompt",
+        errors,
+    );
+    require_string_array(
+        active_task.get("allowedPaths"),
+        "activeTask.allowedPaths",
+        errors,
+    );
+    require_string_array(
+        active_task.get("declaredChangeTypes"),
+        "activeTask.declaredChangeTypes",
+        errors,
+    );
+    require_string_array_allow_empty(
+        active_task.get("requiredCheckIds"),
+        "activeTask.requiredCheckIds",
+        errors,
+    );
+    validate_control_state_patterns(
+        active_task.get("allowedPaths"),
+        "activeTask.allowedPaths",
+        errors,
+    );
+    let proof_results = active_task.get("proofResults");
+    let proof_batches = active_task.get("proofBatches");
+    if proof_results.is_some_and(|value| !value.is_array()) {
+        errors.push("activeTask.proofResults must be an array when present.".to_string());
+    }
+    if proof_batches.is_some_and(|value| !value.is_array()) {
+        errors.push("activeTask.proofBatches must be an array when present.".to_string());
+    }
+    if proof_results.is_none() && proof_batches.is_none() {
+        errors.push(
+            "activeTask.proofResults or activeTask.proofBatches must be present.".to_string(),
+        );
+    }
+    validate_revisions(active_task.get("revisions"), errors);
+    validate_human_review(active_task.get("humanReview"), errors);
+}

package/crates/naome-core/src/task_state/task_diff_api.rs ADDED Viewed

@@ -0,0 +1,170 @@
+use std::collections::HashSet;
+use std::path::Path;
+use serde_json::Value;
+use crate::harness_health::validate_harness_health;
+use crate::models::NaomeError;
+use super::completion::validate_complete_task_against_entries;
+use super::git_io::{read_git_changed_entries, read_git_changed_paths};
+use super::reconcile::{
+    is_packaged_machine_owned_path, is_repair_archive_path, is_safe_harness_refresh_path,
+};
+use super::shape::{
+    read_verification_check_ids, validate_active_task, validate_active_task_references,
+    validate_pending_upgrade, validate_required_check_ids, validate_task_state_shape,
+};
+use super::types::{
+    CompletedTaskCommitDiff, HarnessRefreshDiff, HarnessRefreshWithUnrelatedDiff, TaskStateOptions,
+    CONTROL_STATE_PATH,
+};
+use super::util::{matches_any_pattern, read_json, string_array};
+pub fn completed_task_commit_paths(root: &Path) -> Result<Vec<String>, NaomeError> {
+    Ok(completed_task_commit_diff(root)?
+        .map(|diff| diff.task_paths)
+        .unwrap_or_default())
+}
+pub fn completed_task_commit_diff(
+    root: &Path,
+) -> Result<Option<CompletedTaskCommitDiff>, NaomeError> {
+    let mut read_errors = Vec::new();
+    let Some(task_state) = read_json(root, ".naome/task-state.json", &mut read_errors)? else {
+        return Ok(None);
+    };
+    if !read_errors.is_empty()
+        || task_state.get("status").and_then(Value::as_str) != Some("complete")
+    {
+        return Ok(None);
+    }
+    let Some(active_task) = task_state.get("activeTask") else {
+        return Ok(None);
+    };
+    let allowed_paths = string_array(active_task.get("allowedPaths")).unwrap_or_default();
+    let mut task_entries = Vec::new();
+    let mut unrelated_paths = Vec::new();
+    for entry in read_git_changed_entries(root)? {
+        if entry.path == CONTROL_STATE_PATH || matches_any_pattern(&entry.path, &allowed_paths) {
+            task_entries.push(entry);
+        } else {
+            unrelated_paths.push(entry.path);
+        }
+    }
+    if task_entries.is_empty() {
+        return Ok(None);
+    }
+    let mut errors = Vec::new();
+    validate_task_state_shape(&task_state, &mut errors);
+    validate_active_task(Some(active_task), &mut errors);
+    validate_pending_upgrade(&task_state, root, &mut errors)?;
+    validate_active_task_references(Some(active_task), root, &mut errors, Some("complete"))?;
+    if !task_state.get("blocker").is_some_and(Value::is_null) {
+        errors.push("complete task state must have blocker set to null.".to_string());
+    }
+    let check_ids = read_verification_check_ids(root, &mut errors)?;
+    validate_required_check_ids(active_task, &check_ids, &mut errors);
+    validate_complete_task_against_entries(
+        active_task,
+        root,
+        &check_ids,
+        &task_entries,
+        &mut errors,
+    )?;
+    if !errors.is_empty() {
+        return Ok(None);
+    }
+    let mut task_paths: Vec<String> = task_entries
+        .into_iter()
+        .map(|entry| entry.path)
+        .collect::<HashSet<_>>()
+        .into_iter()
+        .collect();
+    task_paths.sort();
+    unrelated_paths.sort();
+    Ok(Some(CompletedTaskCommitDiff {
+        task_paths,
+        unrelated_paths,
+    }))
+}
+pub fn harness_refresh_diff(root: &Path) -> Result<Option<HarnessRefreshDiff>, NaomeError> {
+    let changed_paths = read_git_changed_paths(root)?;
+    let has_repair_signal = changed_paths
+        .iter()
+        .any(|path| is_packaged_machine_owned_path(path) || is_repair_archive_path(path));
+    if !has_repair_signal {
+        return Ok(None);
+    }
+    let mut harness_paths = Vec::new();
+    let mut unrelated_paths = Vec::new();
+    for path in changed_paths {
+        if is_safe_harness_refresh_path(&path) {
+            harness_paths.push(path);
+        } else {
+            unrelated_paths.push(path);
+        }
+    }
+    if harness_paths.is_empty() {
+        return Ok(None);
+    }
+    harness_paths.sort();
+    unrelated_paths.sort();
+    Ok(Some(HarnessRefreshDiff {
+        harness_paths,
+        unrelated_paths,
+    }))
+}
+pub fn harness_refresh_with_unrelated_diff(
+    root: &Path,
+) -> Result<Option<HarnessRefreshWithUnrelatedDiff>, NaomeError> {
+    let Some(diff) = harness_refresh_diff(root)? else {
+        return Ok(None);
+    };
+    if diff.unrelated_paths.is_empty() {
+        return Ok(None);
+    }
+    Ok(Some(HarnessRefreshWithUnrelatedDiff {
+        harness_paths: diff.harness_paths,
+        unrelated_paths: diff.unrelated_paths,
+    }))
+}
+pub(super) fn validate_harness_health_gate(
+    root: &Path,
+    options: &TaskStateOptions,
+    errors: &mut Vec<String>,
+) -> Result<(), NaomeError> {
+    let Some(health_options) = options.harness_health.clone() else {
+        return Ok(());
+    };
+    let health_errors = validate_harness_health(root, health_options)?;
+    if health_errors.is_empty() {
+        return Ok(());
+    }
+    errors.push(
+        "Harness health failed; normal NAOME task work is repair-only until machine-owned harness files are healthy. Human options: repair_harness, review_harness_health."
+            .to_string(),
+    );
+    errors.extend(
+        health_errors
+            .into_iter()
+            .map(|error| format!("Harness health: {error}")),
+    );
+    Ok(())
+}

package/crates/naome-core/src/task_state/task_records.rs ADDED Viewed

@@ -0,0 +1,131 @@
+use serde_json::Value;
+use super::util::{
+    is_iso_datetime, is_non_empty_string, require_string, require_string_array,
+    require_string_array_allow_empty, string_array,
+};
+pub(super) fn validate_revisions(revisions: Option<&Value>, errors: &mut Vec<String>) {
+    let Some(revisions) = revisions else {
+        return;
+    };
+    let Some(revisions) = revisions.as_array() else {
+        errors.push("activeTask.revisions must be an array when present.".to_string());
+        return;
+    };
+    for (index, revision) in revisions.iter().enumerate() {
+        let prefix = format!("activeTask.revisions[{index}]");
+        let Some(object) = revision.as_object() else {
+            errors.push(format!("{prefix} must be an object."));
+            continue;
+        };
+        require_string(object.get("request"), &format!("{prefix}.request"), errors);
+        validate_prompt_record(
+            object.get("userPrompt"),
+            &format!("{prefix}.userPrompt"),
+            errors,
+        );
+        if !object
+            .get("requestedAt")
+            .and_then(Value::as_str)
+            .is_some_and(is_iso_datetime)
+        {
+            errors.push(format!("{prefix}.requestedAt must be an ISO timestamp."));
+        }
+        if let Some(proof_stale) = object.get("proofStale") {
+            if !proof_stale.is_boolean() {
+                errors.push(format!("{prefix}.proofStale must be boolean when present."));
+            }
+        }
+    }
+}
+pub(super) fn validate_prompt_record(
+    prompt_record: Option<&Value>,
+    field_name: &str,
+    errors: &mut Vec<String>,
+) {
+    let Some(object) = prompt_record.and_then(Value::as_object) else {
+        errors.push(format!(
+            "{field_name} must be an object with receivedAt and text."
+        ));
+        return;
+    };
+    if !object
+        .get("receivedAt")
+        .and_then(Value::as_str)
+        .is_some_and(is_iso_datetime)
+    {
+        errors.push(format!("{field_name}.receivedAt must be an ISO timestamp."));
+    }
+    require_string(object.get("text"), &format!("{field_name}.text"), errors);
+}
+pub(super) fn validate_human_review(human_review: Option<&Value>, errors: &mut Vec<String>) {
+    let Some(object) = human_review.and_then(Value::as_object) else {
+        errors.push("activeTask.humanReview must be an object.".to_string());
+        return;
+    };
+    if !object.get("required").is_some_and(Value::is_boolean) {
+        errors.push("activeTask.humanReview.required must be boolean.".to_string());
+    }
+    if !object.get("approved").is_some_and(Value::is_boolean) {
+        errors.push("activeTask.humanReview.approved must be boolean.".to_string());
+    }
+    if let Some(reason) = object.get("reason") {
+        if !reason.is_null() && !reason.as_str().is_some_and(is_non_empty_string) {
+            errors.push("activeTask.humanReview.reason must be a string or null.".to_string());
+        }
+    }
+}
+pub(super) fn validate_blocker(blocker: Option<&Value>, errors: &mut Vec<String>) {
+    let Some(object) = blocker.and_then(Value::as_object) else {
+        errors.push(
+            "blocker must be an object when task state is blocked or needs human review."
+                .to_string(),
+        );
+        return;
+    };
+    require_string(object.get("type"), "blocker.type", errors);
+    require_string(object.get("message"), "blocker.message", errors);
+    require_string_array_allow_empty(object.get("paths"), "blocker.paths", errors);
+    require_string_array(object.get("humanOptions"), "blocker.humanOptions", errors);
+}
+pub(super) fn format_blocker(prefix: &str, blocker: Option<&Value>) -> String {
+    let Some(object) = blocker.and_then(Value::as_object) else {
+        return format!("{prefix}.");
+    };
+    let mut parts = vec![format!(
+        "{prefix}: {}",
+        object
+            .get("message")
+            .and_then(Value::as_str)
+            .unwrap_or("No message recorded.")
+    )];
+    if let Some(paths) = string_array(object.get("paths")) {
+        if !paths.is_empty() {
+            parts.push(format!("Paths: {}", paths.join(", ")));
+        }
+    }
+    if let Some(options) = string_array(object.get("humanOptions")) {
+        if !options.is_empty() {
+            parts.push(format!("Human options: {}", options.join(", ")));
+        }
+    }
+    parts.join(" ")
+}