npm - @lamentis/naome - Versions diffs - 1.3.0 → 1.3.2 - Mend

@lamentis/naome 1.3.0 → 1.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (149) hide show

package/Cargo.lock +2 -2
package/README.md +11 -2
package/bin/naome.js +62 -24
package/crates/naome-cli/Cargo.toml +1 -1
package/crates/naome-cli/src/context_commands.rs +47 -0
package/crates/naome-cli/src/dispatcher.rs +6 -0
package/crates/naome-cli/src/main.rs +43 -6
package/crates/naome-cli/src/quality_commands.rs +31 -46
package/crates/naome-cli/src/quality_output.rs +34 -0
package/crates/naome-cli/src/quality_reconcile_command.rs +45 -0
package/crates/naome-cli/src/repository_model_commands.rs +84 -0
package/crates/naome-cli/src/task_commands.rs +62 -0
package/crates/naome-cli/src/workflow_commands.rs +100 -3
package/crates/naome-core/Cargo.toml +1 -1
package/crates/naome-core/src/context/helpers.rs +75 -0
package/crates/naome-core/src/context/select.rs +134 -0
package/crates/naome-core/src/context/types.rs +43 -0
package/crates/naome-core/src/context.rs +6 -0
package/crates/naome-core/src/decision/states.rs +1 -1
package/crates/naome-core/src/decision.rs +4 -1
package/crates/naome-core/src/install_plan.rs +18 -0
package/crates/naome-core/src/intent/resolver_catalog/active.rs +38 -0
package/crates/naome-core/src/intent/resolver_catalog/baseline.rs +44 -0
package/crates/naome-core/src/intent/resolver_catalog/completed.rs +56 -0
package/crates/naome-core/src/intent/resolver_catalog/dirty.rs +32 -0
package/crates/naome-core/src/intent/resolver_catalog/ready.rs +32 -0
package/crates/naome-core/src/intent/resolver_catalog/system.rs +20 -0
package/crates/naome-core/src/intent/resolver_catalog.rs +12 -166
package/crates/naome-core/src/journal.rs +2 -7
package/crates/naome-core/src/lib.rs +33 -10
package/crates/naome-core/src/quality/adapter_ios.rs +131 -0
package/crates/naome-core/src/quality/adapter_support.rs +67 -0
package/crates/naome-core/src/quality/adapters.rs +81 -18
package/crates/naome-core/src/quality/cache.rs +7 -9
package/crates/naome-core/src/quality/checks/duplicate_blocks.rs +4 -7
package/crates/naome-core/src/quality/config.rs +21 -3
package/crates/naome-core/src/quality/mod.rs +138 -7
package/crates/naome-core/src/quality/reconcile.rs +138 -0
package/crates/naome-core/src/quality/reconcile_anchors.rs +64 -0
package/crates/naome-core/src/quality/scanner/analysis.rs +20 -5
package/crates/naome-core/src/quality/scanner.rs +62 -17
package/crates/naome-core/src/quality/semantic/checks.rs +17 -0
package/crates/naome-core/src/quality/semantic/route.rs +1 -1
package/crates/naome-core/src/quality/structure/adapter_ios.rs +149 -0
package/crates/naome-core/src/quality/structure/adapters.rs +60 -42
package/crates/naome-core/src/quality/structure/checks/directory.rs +6 -4
package/crates/naome-core/src/quality/structure/classify/roles.rs +51 -5
package/crates/naome-core/src/quality/structure/config.rs +24 -3
package/crates/naome-core/src/quality/structure/mod.rs +3 -0
package/crates/naome-core/src/quality/types.rs +20 -1
package/crates/naome-core/src/repository_model/detect.rs +188 -0
package/crates/naome-core/src/repository_model/explain.rs +121 -0
package/crates/naome-core/src/repository_model/path_scan.rs +67 -0
package/crates/naome-core/src/repository_model/path_support.rs +59 -0
package/crates/naome-core/src/repository_model/types.rs +152 -0
package/crates/naome-core/src/repository_model/world.rs +48 -0
package/crates/naome-core/src/repository_model/world_adapters.rs +145 -0
package/crates/naome-core/src/repository_model/world_path_facts.rs +55 -0
package/crates/naome-core/src/repository_model/world_paths.rs +168 -0
package/crates/naome-core/src/repository_model.rs +164 -0
package/crates/naome-core/src/route/builtin_checks.rs +40 -1
package/crates/naome-core/src/task_ledger/import.rs +142 -0
package/crates/naome-core/src/task_ledger/model.rs +13 -0
package/crates/naome-core/src/task_ledger/proof_record.rs +52 -0
package/crates/naome-core/src/task_ledger/read.rs +118 -0
package/crates/naome-core/src/task_ledger/render.rs +55 -0
package/crates/naome-core/src/task_ledger/write.rs +38 -0
package/crates/naome-core/src/task_ledger.rs +48 -0
package/crates/naome-core/src/task_state/api.rs +4 -2
package/crates/naome-core/src/task_state/completed_refresh.rs +5 -16
package/crates/naome-core/src/task_state/diff.rs +2 -2
package/crates/naome-core/src/task_state/evidence.rs +8 -3
package/crates/naome-core/src/task_state/mod.rs +1 -1
package/crates/naome-core/src/task_state/progress.rs +13 -0
package/crates/naome-core/src/task_state/proof_model.rs +8 -8
package/crates/naome-core/src/task_state/repair.rs +2 -2
package/crates/naome-core/src/task_state/task_diff_api.rs +9 -18
package/crates/naome-core/src/task_state/types.rs +24 -0
package/crates/naome-core/src/verification.rs +29 -18
package/crates/naome-core/src/workflow/agent/capability.rs +194 -0
package/crates/naome-core/src/workflow/agent/context_delta.rs +42 -0
package/crates/naome-core/src/workflow/agent/decision.rs +32 -0
package/crates/naome-core/src/workflow/agent/execution.rs +80 -0
package/crates/naome-core/src/workflow/agent/proof.rs +24 -0
package/crates/naome-core/src/workflow/agent/support.rs +58 -0
package/crates/naome-core/src/workflow/agent/watchdog.rs +47 -0
package/crates/naome-core/src/workflow/agent.rs +34 -0
package/crates/naome-core/src/workflow/agent_types.rs +105 -0
package/crates/naome-core/src/workflow/doctor.rs +39 -0
package/crates/naome-core/src/workflow/mod.rs +11 -0
package/crates/naome-core/src/workflow/output.rs +8 -2
package/crates/naome-core/src/workflow/phase_inference.rs +1 -1
package/crates/naome-core/tests/context.rs +99 -0
package/crates/naome-core/tests/harness_health.rs +33 -40
package/crates/naome-core/tests/install_plan.rs +12 -0
package/crates/naome-core/tests/quality.rs +178 -2
package/crates/naome-core/tests/quality_performance.rs +39 -2
package/crates/naome-core/tests/quality_structure_adapters.rs +39 -0
package/crates/naome-core/tests/repo_support/mod.rs +7 -1
package/crates/naome-core/tests/repo_support/verification_values.rs +148 -1
package/crates/naome-core/tests/repository_model.rs +281 -0
package/crates/naome-core/tests/route_user_diff.rs +49 -1
package/crates/naome-core/tests/semantic_legacy.rs +72 -38
package/crates/naome-core/tests/task_ledger.rs +328 -0
package/crates/naome-core/tests/task_state.rs +34 -14
package/crates/naome-core/tests/task_state_support/mod.rs +2 -1
package/crates/naome-core/tests/task_state_support/states.rs +28 -11
package/crates/naome-core/tests/verification.rs +14 -39
package/crates/naome-core/tests/verification_contract.rs +6 -52
package/crates/naome-core/tests/workflow_agent.rs +233 -0
package/crates/naome-core/tests/workflow_agent_support/mod.rs +159 -0
package/crates/naome-core/tests/workflow_doctor.rs +21 -0
package/crates/naome-core/tests/workflow_integrity.rs +2 -20
package/crates/naome-core/tests/workflow_support/mod.rs +59 -20
package/installer/codex-hooks.js +121 -0
package/installer/context.js +10 -0
package/installer/filesystem.js +4 -0
package/installer/flows.js +8 -4
package/installer/harness-files.js +6 -0
package/installer/install-plan.js +4 -0
package/installer/main.js +1 -1
package/installer/native.js +1 -1
package/native/darwin-arm64/naome +0 -0
package/native/linux-x64/naome +0 -0
package/package.json +1 -1
package/templates/naome-root/.codex/config.toml +2 -0
package/templates/naome-root/.codex/hooks.json +70 -0
package/templates/naome-root/.naome/bin/check-harness-health.js +8 -6
package/templates/naome-root/.naome/bin/check-task-state.js +12 -7
package/templates/naome-root/.naome/bin/codex-hook-io.js +122 -0
package/templates/naome-root/.naome/bin/codex-hook-policy.js +180 -0
package/templates/naome-root/.naome/bin/codex-hook-runtime.js +174 -0
package/templates/naome-root/.naome/bin/codex-hook.js +6 -0
package/templates/naome-root/.naome/bin/naome.js +35 -4
package/templates/naome-root/.naome/manifest.json +12 -6
package/templates/naome-root/.naome/repository-model.json +6 -0
package/templates/naome-root/.naome/repository-quality.json +3 -1
package/templates/naome-root/.naome/verification.json +15 -1
package/templates/naome-root/AGENTS.md +38 -83
package/templates/naome-root/docs/naome/agent-workflow.md +54 -18
package/templates/naome-root/docs/naome/codex-hooks.md +82 -0
package/templates/naome-root/docs/naome/context-economy.md +73 -0
package/templates/naome-root/docs/naome/first-run.md +25 -14
package/templates/naome-root/docs/naome/index.md +18 -10
package/templates/naome-root/docs/naome/repository-model.md +92 -0
package/templates/naome-root/docs/naome/repository-quality.md +47 -7
package/templates/naome-root/docs/naome/repository-structure.md +10 -3
package/templates/naome-root/docs/naome/task-ledger.md +71 -0
package/templates/naome-root/docs/naome/testing.md +16 -3

package/installer/filesystem.js CHANGED Viewed

@@ -30,6 +30,10 @@ export function copyTemplateFile(ctx, sourcePath) {
   const relativePath = relative(ctx.templateRoot, sourcePath);
   const targetPath = join(ctx.targetRoot, relativePath);
+  if (ctx.optionalCodexHookPaths.includes(relativePath) && !ctx.codexHooksEnabled) {
+    return;
+  }
   if (hasSymlinkInTargetPath(ctx, relativePath)) {
     ctx.skipped.push(relativePath);
     ctx.unsafeSkipped.push(relativePath);

package/installer/flows.js CHANGED Viewed

@@ -17,9 +17,11 @@ import { installNativeDecisionBinary, patchInstalledMachineOwnedIntegrity } from
 import { printError } from "./output.js";
 import { compareVersions } from "./version.js";
 import { confirmAgentsTakeover, takeoverExistingAgents } from "./agents.js";
+import { ensureCodexHooks, resolveCodexHooksPreference } from "./codex-hooks.js";
 export async function runFreshInstall(ctx) {
   await confirmAgentsTakeover(ctx);
+  await resolveCodexHooksPreference(ctx);
   for (const sourcePath of walk(ctx.templateRoot)) {
     copyTemplateFile(ctx, sourcePath);
@@ -35,7 +37,7 @@ export async function runFreshInstall(ctx) {
   ensureLocalOnlySourceControlBoundary(ctx);
 }
-export function runExistingInstall(ctx, existingInstall) {
+export async function runExistingInstall(ctx, existingInstall) {
   const comparison = compareVersions(ctx, existingInstall.version, ctx.packageVersion);
   if (comparison > 0) {
@@ -52,10 +54,10 @@ export function runExistingInstall(ctx, existingInstall) {
     }
     ensureArchiveDirectory(ctx);
-    runRepair(ctx, existingInstall.version, { fromVersion: existingInstall.version });
+    await runRepair(ctx, existingInstall.version, { fromVersion: existingInstall.version });
   } else {
     ensureArchiveDirectory(ctx);
-    runRepair(ctx, existingInstall.version);
+    await runRepair(ctx, existingInstall.version);
   }
 }
@@ -68,11 +70,13 @@ function rejectUnsupportedHistoricalInstall(ctx, version) {
   process.exit(1);
 }
-function runRepair(ctx, version, options = {}) {
+async function runRepair(ctx, version, options = {}) {
   ctx.summaryTitle = "NAOME harness checked";
+  await resolveCodexHooksPreference(ctx);
   ensureCoreHarnessFiles(ctx, `repair-${version}`);
   ensureTaskControlHarnessFiles(ctx, `repair-${version}`);
   ensureHarnessHealthFiles(ctx, `repair-${version}`);
+  ensureCodexHooks(ctx, `repair-${version}`);
   installNativeDecisionBinary(ctx);
   patchInstalledMachineOwnedIntegrity(ctx);
   ensureBuiltInVerificationChecks(ctx);

package/installer/harness-files.js CHANGED Viewed

@@ -13,10 +13,14 @@ export {
 export function ensureCoreHarnessFiles(ctx, archiveDirName) {
   ensureNaomeIgnore(ctx);
   ensureTemplateFile(ctx, ".naome/verification.json");
+  ensureTemplateFile(ctx, ".naome/repository-model.json");
   replaceHarnessFile(ctx, "AGENTS.md", archiveDirName);
   replaceHarnessFile(ctx, "docs/naome/index.md", archiveDirName);
   replaceHarnessFile(ctx, "docs/naome/first-run.md", archiveDirName);
   replaceHarnessFile(ctx, "docs/naome/agent-workflow.md", archiveDirName);
+  replaceHarnessFile(ctx, "docs/naome/context-economy.md", archiveDirName);
+  replaceHarnessFile(ctx, "docs/naome/task-ledger.md", archiveDirName);
+  ensureTemplateFile(ctx, "docs/naome/repository-model.md");
   ensureTemplateFile(ctx, "docs/naome/security.md");
   replaceHarnessFile(ctx, "docs/naome/upgrade.md", archiveDirName);
 }
@@ -33,6 +37,7 @@ export function ensureTaskControlHarnessFiles(ctx, archiveDirName) {
   replaceHarnessFile(ctx, "AGENTS.md", archiveDirName);
   replaceHarnessFile(ctx, "docs/naome/index.md", archiveDirName);
   replaceHarnessFile(ctx, "docs/naome/agent-workflow.md", archiveDirName);
+  replaceHarnessFile(ctx, "docs/naome/context-economy.md", archiveDirName);
   replaceHarnessFile(ctx, "docs/naome/execution.md", archiveDirName);
   replaceHarnessFile(ctx, "docs/naome/upgrade.md", archiveDirName);
 }
@@ -49,6 +54,7 @@ export function ensureHarnessHealthFiles(ctx, archiveDirName) {
   replaceHarnessFile(ctx, "docs/naome/index.md", archiveDirName);
   replaceHarnessFile(ctx, "docs/naome/first-run.md", archiveDirName);
   replaceHarnessFile(ctx, "docs/naome/agent-workflow.md", archiveDirName);
+  replaceHarnessFile(ctx, "docs/naome/context-economy.md", archiveDirName);
   replaceHarnessFile(ctx, "docs/naome/execution.md", archiveDirName);
   ensureTemplateFile(ctx, "docs/naome/security.md");
   replaceHarnessFile(ctx, "docs/naome/upgrade.md", archiveDirName);

package/installer/install-plan.js CHANGED Viewed

@@ -34,6 +34,9 @@ function parseInstallPlan(ctx, output) {
     assertInstallPlanArray(ctx, installPlan, "machineOwned");
     assertInstallPlanArray(ctx, installPlan, "projectOwned");
     assertInstallPlanArray(ctx, installPlan, "localOnlyMachineOwned");
+    if (installPlan.optionalCodexHookPaths !== undefined) {
+      assertInstallPlanArray(ctx, installPlan, "optionalCodexHookPaths");
+    }
     assertInstallPlanArray(ctx, installPlan, "gitignoreEntries");
     assertInstallPlanArray(ctx, installPlan, "gitExcludeEntries");
     assertInstallPlanArray(ctx, installPlan, "gitUntrackPaths");
@@ -60,6 +63,7 @@ function assignInstallPlan(ctx, installPlan) {
   ctx.machineOwnedPaths = installPlan.machineOwned;
   ctx.projectOwnedPaths = installPlan.projectOwned;
   ctx.localOnlyMachineOwnedPaths = installPlan.localOnlyMachineOwned;
+  ctx.optionalCodexHookPaths = installPlan.optionalCodexHookPaths ?? ctx.optionalCodexHookPaths;
   ctx.localOnlyGitIgnoreEntries = installPlan.gitignoreEntries;
   ctx.localOnlyGitExcludeEntries = installPlan.gitExcludeEntries;
   ctx.localOnlyGitUntrackPaths = installPlan.gitUntrackPaths;

package/installer/main.js CHANGED Viewed

@@ -14,7 +14,7 @@ export async function runNaomeNodeCli() {
   printHeader(ctx);
   const existingInstall = readExistingInstall(ctx);
   if (existingInstall) {
-    runExistingInstall(ctx, existingInstall);
+    await runExistingInstall(ctx, existingInstall);
   } else {
     await runFreshInstall(ctx);
   }

package/installer/native.js CHANGED Viewed

@@ -62,8 +62,8 @@ export function findNativeDecisionBinary(ctx) {
     candidates.push(resolve(ctx.targetRoot, process.env.NAOME_NATIVE_BIN));
   }
-  candidates.push(join(ctx.packageRoot, "native", `${process.platform}-${process.arch}`, ctx.nativeBinaryName));
   candidates.push(join(ctx.packageRoot, "target", "release", ctx.nativeBinaryName));
+  candidates.push(join(ctx.packageRoot, "native", `${process.platform}-${process.arch}`, ctx.nativeBinaryName));
   for (const candidate of candidates) {
     if (existsSync(candidate) && lstatSync(candidate).isFile()) {

package/native/darwin-arm64/naome CHANGED Viewed

Binary file

package/native/linux-x64/naome CHANGED Viewed

Binary file

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@lamentis/naome",
-  "version": "1.3.0",
+  "version": "1.3.2",
   "description": "Native-first CLI for the NAOME agent harness.",
   "license": "Apache-2.0",
   "type": "module",

package/templates/naome-root/.codex/config.toml ADDED Viewed

	@@ -0,0 +1,2 @@
1	+ [features]
2	+ codex_hooks = true

package/templates/naome-root/.codex/hooks.json ADDED Viewed

@@ -0,0 +1,70 @@
+{
+  "schema": "naome.codex-hooks.v1",
+  "version": 1,
+  "hooks": {
+    "SessionStart": [
+      {
+        "matcher": "startup|resume|clear",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "node .naome/bin/codex-hook.js --event SessionStart"
+          }
+        ]
+      }
+    ],
+    "UserPromptSubmit": [
+      {
+        "hooks": [
+          {
+            "type": "command",
+            "command": "node .naome/bin/codex-hook.js --event UserPromptSubmit"
+          }
+        ]
+      }
+    ],
+    "PreToolUse": [
+      {
+        "matcher": "*",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "node .naome/bin/codex-hook.js --event PreToolUse"
+          }
+        ]
+      }
+    ],
+    "PermissionRequest": [
+      {
+        "matcher": "*",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "node .naome/bin/codex-hook.js --event PermissionRequest"
+          }
+        ]
+      }
+    ],
+    "PostToolUse": [
+      {
+        "matcher": "*",
+        "hooks": [
+          {
+            "type": "command",
+            "command": "node .naome/bin/codex-hook.js --event PostToolUse"
+          }
+        ]
+      }
+    ],
+    "Stop": [
+      {
+        "hooks": [
+          {
+            "type": "command",
+            "command": "node .naome/bin/codex-hook.js --event Stop"
+          }
+        ]
+      }
+    ]
+  }
+}

package/templates/naome-root/.naome/bin/check-harness-health.js CHANGED Viewed

@@ -10,15 +10,17 @@ const nativeBinaryName = process.platform === "win32" ? "naome.exe" : "naome";
 const expectedMachineOwnedIntegrity = Object.freeze({
   ".naome/bin/check-harness-health.js": "sha256:dc4de52b79c69600b9ba47b924e2c2b8de61a2cbfab6d1ccc0f1924d963db657",
-  ".naome/bin/check-task-state.js": "sha256:43c02868072d0d13499aefba2e9a5ec9517d59539fd19ff0f11e3e4623a51b44",
-  ".naome/bin/naome.js": "sha256:3d2edd9cf7b04ffb8845db2c55ce1b9c243bd3aba112f53af4af3c11fae5b8e1",
+  ".naome/bin/check-task-state.js": "sha256:df54489a22b426180266e5e0fb5f9ec381477419f688435248afbf2b9b38ea81",
+  ".naome/bin/naome.js": "sha256:d343f367da21bf45272331eec2ea34862a0bf056978780c62d6cae02e0f7993a",
   ".naome/package.json": "sha256:8005a3491db7d92f36ac66369861589f9c47123d3a7c71e643fc2c06168cd45a",
   ".naome/task-contract.schema.json": "sha256:1b3b62350328d0d6d660e36d1d1baaa2b88718530db774f9ab2a9e2fcba369c8",
-  "AGENTS.md": "sha256:9192ea81f90bb19f8043513c49b5da9e9598ee694da8356f345e7ccbca0e28df",
-  "docs/naome/agent-workflow.md": "sha256:97788255e26282ca1b7fcaaf86c9408c9040246727e3de96b4126fcb68c10b38",
+  "AGENTS.md": "sha256:e8b2fc786c1c72b69ba8f2b2ffce4f459e799c7453ce9ff4a9f6448a8f9e6b4f",
+  "docs/naome/agent-workflow.md": "sha256:78faeb4eed157b60f0b60bc43da36c713fc4a3436b93bd963ce5f3c12dc91f22",
+  "docs/naome/context-economy.md": "sha256:3ed5075815ecf4ada46a5e65438769310307c35759fcd46b13dc0b96e02bebd9",
   "docs/naome/execution.md": "sha256:bfc5d55838942ec8e3d790b59e3c634ff5bf6a2298265cef3dca9788a097eafb",
-  "docs/naome/first-run.md": "sha256:a1dd0bd17ec9d71955a473cd2c4a615538e89a7d81e8f4e1015a50ab9efe3558",
-  "docs/naome/index.md": "sha256:a674102cc801702dc77102afb59be0f5ab189dc638caf0bef358b9d6087d0742",
+  "docs/naome/first-run.md": "sha256:f1a2412f1b542e61c79b5ba65a3fdaa810b0f95cf79d9f734256418cdcfb19aa",
+  "docs/naome/index.md": "sha256:07ef776f49130319a5280bdb3ae38af22141708253f38eb983a4336fbae1b25a",
+  "docs/naome/task-ledger.md": "sha256:1e524085a2f88811941fd9f2f48ca826bc3e0e4816039d07e795637847714cbd",
   "docs/naome/upgrade.md": "sha256:2c60f0441bbd98bd528d109b30a7ded4b0ad55d61ffb9f52edac9e93b7999cb1"
 });

package/templates/naome-root/.naome/bin/check-task-state.js CHANGED Viewed

@@ -10,15 +10,17 @@ const nativeBinaryName = process.platform === "win32" ? "naome.exe" : "naome";
 const expectedMachineOwnedIntegrity = Object.freeze({
   ".naome/bin/check-harness-health.js": "sha256:dc4de52b79c69600b9ba47b924e2c2b8de61a2cbfab6d1ccc0f1924d963db657",
-  ".naome/bin/check-task-state.js": "sha256:43c02868072d0d13499aefba2e9a5ec9517d59539fd19ff0f11e3e4623a51b44",
-  ".naome/bin/naome.js": "sha256:3d2edd9cf7b04ffb8845db2c55ce1b9c243bd3aba112f53af4af3c11fae5b8e1",
+  ".naome/bin/check-task-state.js": "sha256:df54489a22b426180266e5e0fb5f9ec381477419f688435248afbf2b9b38ea81",
+  ".naome/bin/naome.js": "sha256:d343f367da21bf45272331eec2ea34862a0bf056978780c62d6cae02e0f7993a",
   ".naome/package.json": "sha256:8005a3491db7d92f36ac66369861589f9c47123d3a7c71e643fc2c06168cd45a",
   ".naome/task-contract.schema.json": "sha256:1b3b62350328d0d6d660e36d1d1baaa2b88718530db774f9ab2a9e2fcba369c8",
-  "AGENTS.md": "sha256:9192ea81f90bb19f8043513c49b5da9e9598ee694da8356f345e7ccbca0e28df",
-  "docs/naome/agent-workflow.md": "sha256:97788255e26282ca1b7fcaaf86c9408c9040246727e3de96b4126fcb68c10b38",
+  "AGENTS.md": "sha256:e8b2fc786c1c72b69ba8f2b2ffce4f459e799c7453ce9ff4a9f6448a8f9e6b4f",
+  "docs/naome/agent-workflow.md": "sha256:78faeb4eed157b60f0b60bc43da36c713fc4a3436b93bd963ce5f3c12dc91f22",
+  "docs/naome/context-economy.md": "sha256:3ed5075815ecf4ada46a5e65438769310307c35759fcd46b13dc0b96e02bebd9",
   "docs/naome/execution.md": "sha256:bfc5d55838942ec8e3d790b59e3c634ff5bf6a2298265cef3dca9788a097eafb",
-  "docs/naome/first-run.md": "sha256:a1dd0bd17ec9d71955a473cd2c4a615538e89a7d81e8f4e1015a50ab9efe3558",
-  "docs/naome/index.md": "sha256:a674102cc801702dc77102afb59be0f5ab189dc638caf0bef358b9d6087d0742",
+  "docs/naome/first-run.md": "sha256:f1a2412f1b542e61c79b5ba65a3fdaa810b0f95cf79d9f734256418cdcfb19aa",
+  "docs/naome/index.md": "sha256:07ef776f49130319a5280bdb3ae38af22141708253f38eb983a4336fbae1b25a",
+  "docs/naome/task-ledger.md": "sha256:1e524085a2f88811941fd9f2f48ca826bc3e0e4816039d07e795637847714cbd",
   "docs/naome/upgrade.md": "sha256:2c60f0441bbd98bd528d109b30a7ded4b0ad55d61ffb9f52edac9e93b7999cb1"
 });
@@ -154,7 +156,10 @@ function findHarnessRoot(startPath) {
   let current = resolve(startPath);
   while (true) {
-    if (existsSync(join(current, ".naome", "task-state.json"))) {
+    if (
+      existsSync(join(current, ".naome", "task-state.json")) ||
+      existsSync(join(current, ".naome", "tasks", "active.json"))
+    ) {
       return current;
     }

package/templates/naome-root/.naome/bin/codex-hook-io.js ADDED Viewed

@@ -0,0 +1,122 @@
+"use strict";
+const { createHash } = require("node:crypto");
+const { existsSync, mkdirSync, readFileSync, writeFileSync } = require("node:fs");
+const { dirname } = require("node:path");
+const { spawnSync } = require("node:child_process");
+const CACHE = ".naome/cache/codex-hook-state.json";
+function readPayload() {
+  try {
+    return JSON.parse(readFileSync(0, "utf8") || "{}");
+  } catch {
+    return {};
+  }
+}
+function eventName(payload) {
+  const index = process.argv.indexOf("--event");
+  return index !== -1 && process.argv[index + 1] ? process.argv[index + 1] : payload?.hook_event_name || payload?.event || "";
+}
+function commandOf(payload) {
+  return [payload?.tool_input?.command, payload?.toolInput?.command, payload?.command].find((value) => typeof value === "string" && value);
+}
+function promptOf(payload) {
+  return [payload?.prompt, payload?.user_prompt, payload?.tool_input?.prompt, payload?.toolInput?.prompt, payload?.reason, payload?.message].find((value) => typeof value === "string" && value) || "";
+}
+function readJson(path) {
+  try {
+    return existsSync(path) ? JSON.parse(readFileSync(path, "utf8")) : null;
+  } catch {
+    return null;
+  }
+}
+function parseJson(value) {
+  try {
+    return JSON.parse(value);
+  } catch {
+    return null;
+  }
+}
+function readCache() {
+  return readJson(CACHE) || {};
+}
+function writeCache(value) {
+  try {
+    mkdirSync(dirname(CACHE), { recursive: true });
+    writeFileSync(CACHE, `${JSON.stringify(value)}\n`);
+  } catch {
+    // Best-effort cache only.
+  }
+}
+function run(command, args, env = process.env) {
+  return spawnSync(command, args, { cwd: process.cwd(), encoding: "utf8", env });
+}
+function runGit(args) {
+  return run("git", args);
+}
+function runNaome(args) {
+  return run(process.execPath, [".naome/bin/naome.js", ...args], { ...process.env, NO_COLOR: "1" });
+}
+function taskCheck(args) {
+  return run(process.execPath, [".naome/bin/check-task-state.js", ...args]);
+}
+function diffSignature() {
+  return createHash("sha256")
+    .update(runGit(["status", "--porcelain=v1"]).stdout || "")
+    .update(runGit(["diff", "--no-ext-diff", "HEAD", "--"]).stdout || "")
+    .digest("hex");
+}
+function decide(decision, reason, messages) {
+  write(decisionObject(decision, reason, messages));
+}
+function decisionObject(decision, reason, messages) {
+  if (decision !== "block") {
+    return {};
+  }
+  const detail = messages.filter(Boolean).join("; ");
+  return { decision, reason: compact(detail ? `${reason}: ${detail}` : reason) };
+}
+function write(value) {
+  process.stdout.write(`${JSON.stringify(value)}\n`);
+}
+function compact(value) {
+  const text = String(value);
+  return text.length > 500 ? `${text.slice(0, 497)}...` : text;
+}
+module.exports = {
+  commandOf,
+  compact,
+  decide,
+  decisionObject,
+  diffSignature,
+  eventName,
+  parseJson,
+  promptOf,
+  readCache,
+  readJson,
+  readPayload,
+  run,
+  runGit,
+  runNaome,
+  taskCheck,
+  write,
+  writeCache
+};

package/templates/naome-root/.naome/bin/codex-hook-policy.js ADDED Viewed

@@ -0,0 +1,180 @@
+"use strict";
+const { readFileSync } = require("node:fs");
+const CHEAP = new Set(["diff-check", "repository-quality-check", "repository-semantic-check", "task-state-progress-check"]);
+const EXPENSIVE = new Set(["installer-tests", "rust-build", "package-dry-run", "harness-health-tests", "task-state-tests", "verification-contract-tests"]);
+function classifyPrompt(prompt) {
+  const value = prompt.toLowerCase();
+  if (/status|where are we|progress/.test(value)) return "status_request";
+  if (/review|comment|pr feedback/.test(value)) return "review";
+  if (/commit/.test(value)) return "commit";
+  if (/push/.test(value) && !/ci|check|fail/.test(value)) return "push";
+  if (/ci|check|failing|failed|workflow|actions/.test(value)) return "ci_fix";
+  if (/continue|keep going|resume|do so/.test(value)) return "continuation";
+  return "new_task";
+}
+function riskyPromptCodes(prompt) {
+  const value = prompt.toLowerCase();
+  return [
+    ["reset|clean|rm\\s+-rf", "risky-destructive"],
+    ["force push|--force|--force-with-lease|\\spush\\s+-f", "risky-force-push"],
+    ["--no-verify|bypass.*hook|skip.*hook", "risky-hook-bypass"],
+    ["publish|release|npm publish", "risky-release"]
+  ].filter(([pattern]) => new RegExp(pattern).test(value)).map(([, code]) => code);
+}
+function permissionRiskCodes(value) {
+  const lower = value.toLowerCase();
+  return [...new Set([
+    ["https?:|network|fetch|curl|wget|push|pull|gh\\s+|npm\\s+(install|publish)", "network"],
+    ["\\bgit\\b|push|commit|merge|rebase", "git"],
+    ["write|stage|commit|push|apply|patch|install|sync", "write"],
+    ["publish|npm publish", "publish"],
+    ["release|tag", "release"],
+    ["reset|clean|--force|-f\\b|rm\\s+-rf", "destructive"]
+  ].filter(([pattern]) => new RegExp(pattern).test(lower)).map(([, code]) => code))];
+}
+function hardBlockedCommand(command) {
+  const value = command.replace(/\s+/g, " ").trim();
+  return [
+    [/(\bgit\s+reset\b.*\B--hard\b|\bgit\s+reset\s+--hard\b)/, "destructive-git-reset-hard: hard reset requires explicit human review."],
+    [/\bgit\s+clean\b.*(^|\s)-[^\s]*f|\bgit\s+clean\b.*--force\b/, "destructive-git-clean: forced clean requires explicit human review."],
+    [/\brm\b(?=.*(?:^|\s)-[^\s]*r)(?=.*(?:^|\s)-[^\s]*f)(?=.*(?:^|\s)(?:--\s+)?(?:\.\/)?(?:[^/\s]+\/)*\.git(?:\/|\s|$))/, "destructive-git-dir-removal: removing .git is blocked."],
+    [/--no-verify\b/, "hook-bypass-command: --no-verify is blocked."],
+    [/\bgit\s+push\b.*(?:--force(?:-with-lease)?\b|(^|\s)-f(\s|$))/, "force-push-command: force pushes require fresh human review."]
+  ].find(([pattern]) => pattern.test(value))?.[1] || null;
+}
+function searchSegments(command) {
+  return command
+    .split(/&&|\|\||[;|]/)
+    .map((part) => part.trim().replace(/^(?:cd\s+\S+\s+)?/, ""))
+    .filter((part) => /^(rg|grep|find)\b/.test(part));
+}
+function forbiddenPath(payload, command) {
+  const input = payload?.tool_input || payload?.toolInput || {};
+  const values = [command, ...["path", "file_path", "filepath", "target_file", "pattern"].map((key) => input[key])].filter(Boolean);
+  return values.some((value) => tokens(value).some(blockedPath)) ? "read-boundary-violation: command or tool input touches a path blocked by .naomeignore." : null;
+}
+function blockedPath(path) {
+  if (/(^|\/)\.naome\/archive(\/|$)/.test(path)) return true;
+  return ignoredPatterns().some((pattern) => pathMatches(path, pattern));
+}
+function tokens(value) {
+  return String(value).replace(/\\/g, "/").split(/[\s"'`,]+/).map((token) => token.replace(/^\.\//, "").replace(/[):;]+$/, "")).filter(Boolean);
+}
+function ignoredPatterns() {
+  try {
+    return readFileSync(".naomeignore", "utf8").split(/\r?\n/).map((line) => line.trim()).filter((line) => line && !line.startsWith("#"));
+  } catch {
+    return [".naome/archive/"];
+  }
+}
+function pathMatches(path, pattern) {
+  const actual = String(path).replace(/\\/g, "/");
+  const glob = String(pattern).replace(/\\/g, "/");
+  if (glob.endsWith("/")) return actual.startsWith(glob);
+  if (glob.endsWith("/**")) return actual.startsWith(glob.slice(0, -3));
+  if (!glob.includes("*")) return actual === glob;
+  return new RegExp(`^${glob.replace(/[.+?^${}()|[\]\\]/g, "\\$&").replace(/\*\*/g, ".*").replace(/\*/g, "[^/]*")}$`).test(actual);
+}
+function looksLikeWriteTool(payload, command) {
+  const name = String(payload?.tool_name || payload?.toolName || payload?.name || "").toLowerCase();
+  if (/edit|write|patch|notebookedit|multiedit/.test(name)) return true;
+  if (!command) return false;
+  if (/^(git status|git diff|rg\b|grep\b|find\b|sed\b|cat\b|nl\b|wc\b|ls\b|pwd\b)/.test(command.trim())) return false;
+  return />|>>|\b(apply_patch|cp|mv|touch|mkdir|rm|npm install|cargo build|node --test|writeFileSync)\b/.test(command);
+}
+function touchedPaths(payload, command) {
+  const paths = [];
+  collectInputPaths(payload?.tool_input || payload?.toolInput || {}, paths);
+  collectCommandPaths(command, paths);
+  return [...new Set(paths.map(cleanPath).filter(Boolean))];
+}
+function collectInputPaths(value, paths) {
+  if (Array.isArray(value)) return value.forEach((entry) => collectInputPaths(entry, paths));
+  if (!value || typeof value !== "object") return;
+  for (const [key, child] of Object.entries(value)) {
+    if (/^(path|paths|file|files|file_path|filepath|target_file)$/.test(key)) collectPathValue(child, paths);
+    if (child && typeof child === "object") collectInputPaths(child, paths);
+  }
+}
+function collectPathValue(value, paths) {
+  if (Array.isArray(value)) return value.forEach((entry) => collectPathValue(entry, paths));
+  if (typeof value === "string") paths.push(value);
+}
+function collectCommandPaths(command, paths) {
+  if (!command) return;
+  for (const segment of command.split(/&&|\|\||[;]/).map((part) => part.trim())) {
+    const parts = tokens(segment);
+    if (/^(touch|mkdir|rm)$/.test(parts[0])) paths.push(...parts.slice(1).filter((part) => !part.startsWith("-")));
+    if (/^(cp|mv)$/.test(parts[0])) paths.push(...parts.slice(1).filter((part) => !part.startsWith("-")).slice(-1));
+  }
+}
+function cleanPath(path) {
+  return String(path).replace(/\\/g, "/").replace(/^\.\//, "").replace(/[):;]+$/, "");
+}
+function scopeDrift(paths, allowed) {
+  if (!Array.isArray(allowed)) return [];
+  return paths.filter((path) => !isControlStatePath(path) && !allowed.some((pattern) => pathMatches(path, pattern)));
+}
+function isControlStatePath(path) {
+  return path === ".naome/task-state.json" || path.startsWith(".naome/tasks/") || path.startsWith(".naome/cache/");
+}
+function owedProof(paths, verification) {
+  const checks = new Set();
+  for (const type of verification?.changeTypes || []) {
+    if (paths.some((path) => (type.paths || []).some((pattern) => pathMatches(path, pattern)))) {
+      for (const check of type.requiredChecks || []) if (!CHEAP.has(check)) checks.add(check);
+    }
+  }
+  return [...checks].sort();
+}
+function expensiveProof(checks) {
+  return checks.filter((check) => EXPENSIVE.has(check));
+}
+function pushUnique(codes, code, messages, message) {
+  if (!codes.includes(code)) codes.push(code);
+  if (!messages.includes(message)) messages.push(message);
+}
+function primaryReason(codes) {
+  if (codes.includes("scope-drift")) return "scope-drift";
+  if (codes.some((code) => code.endsWith("-failed"))) return "cheap-gate-failed";
+  return codes[0] || "naome-hook-warning";
+}
+module.exports = {
+  classifyPrompt,
+  expensiveProof,
+  forbiddenPath,
+  hardBlockedCommand,
+  looksLikeWriteTool,
+  owedProof,
+  permissionRiskCodes,
+  primaryReason,
+  pushUnique,
+  riskyPromptCodes,
+  scopeDrift,
+  searchSegments, touchedPaths
+};