@lamentis/naome 1.3.9 → 1.3.11

package/crates/naome-core/tests/architecture.rs

@@ -0,0 +1,548 @@
+use std::fs;
+use std::path::{Path, PathBuf};
+use std::process::Command;
+use std::sync::atomic::{AtomicU64, Ordering};
+use std::time::{SystemTime, UNIX_EPOCH};
+
+use naome_core::{
+    default_architecture_config_text, scan_architecture, validate_architecture, ArchitectureConfig,
+    ArchitectureEdgeKind, ArchitectureScanOptions,
+};
+
+static FIXTURE_COUNTER: AtomicU64 = AtomicU64::new(0);
+const FORBIDDEN_DOMAIN_TO_INFRASTRUCTURE_CONFIG: &str = "layers:\n  domain:\n    paths:\n      - \"src/domain/**\"\n  infrastructure:\n    paths:\n      - \"src/infrastructure/**\"\nallowed_dependencies:\n  domain:\n  infrastructure:\n    - domain\nrules:\n  no_forbidden_layer_dependencies:\n    enabled: true\n    severity: error\n";
+
+#[test]
+fn parses_starter_architecture_config() {
+    let config = ArchitectureConfig::parse(default_architecture_config_text(), "test").unwrap();
+
+    assert!(config.layers.contains_key("application"));
+    assert_eq!(config.rule("max_file_lines").value, Some(400));
+    assert_eq!(
+        config.ignore[0].reason,
+        "Generated code is not architecture-owned."
+    );
+}
+
+#[test]
+fn path_extractor_builds_language_agnostic_graph_for_mixed_repo() {
+    let repo = FixtureRepo::new();
+    repo.write("src/domain/event.ts", "export const event = 1;\n");
+    repo.write("src/infrastructure/db.py", "client = object()\n");
+    repo.write("cmd/server/main.go", "package main\n");
+    repo.write(
+        "naome.arch.yaml",
+        r#"
+layers:
+  domain:
+    paths:
+      - "src/domain/**"
+  infrastructure:
+    paths:
+      - "src/infrastructure/**"
+contexts:
+  app:
+    paths:
+      - "src/**"
+    public_api:
+      - "src/index.ts"
+rules:
+  max_file_lines:
+    enabled: true
+    value: 400
+    severity: warning
+"#,
+    );
+
+    let scan = scan_architecture(repo.path(), ArchitectureScanOptions::default()).unwrap();
+    assert!(scan
+        .graph
+        .nodes
+        .iter()
+        .any(|node| node.id == "file:src/domain/event.ts"));
+    assert!(scan
+        .graph
+        .nodes
+        .iter()
+        .any(|node| node.id == "layer:domain"));
+    assert!(scan
+        .graph
+        .edges
+        .iter()
+        .any(|edge| { edge.from == "layer:domain" && edge.to == "file:src/domain/event.ts" }));
+    assert_eq!(
+        scan.file_facts
+            .get("cmd/server/main.go")
+            .unwrap()
+            .language
+            .as_deref(),
+        Some("go")
+    );
+}
+
+#[test]
+fn import_extractors_emit_file_and_external_dependency_edges() {
+    let repo = FixtureRepo::new();
+    repo.write(
+        "src/domain/event.ts",
+        "import { db } from '../infrastructure/db';\nimport React from 'react';\n",
+    );
+    repo.write("src/infrastructure/db.ts", "export const db = 1;\n");
+    repo.write(
+        "src/domain/service.py",
+        "from ..infrastructure.client import db\nimport requests\n",
+    );
+    repo.write("src/infrastructure/client.py", "db = object()\n");
+    repo.write(
+        "src/domain/lib.rs",
+        "use crate::infrastructure::db;\nextern crate serde;\n",
+    );
+    repo.write("src/infrastructure/db.rs", "pub fn connect() {}\n");
+    repo.write("cmd/server/main.go", "package main\nimport \"fmt\"\n");
+
+    let scan = scan_architecture(repo.path(), ArchitectureScanOptions::default()).unwrap();
+
+    assert!(scan.graph.edges.iter().any(|edge| {
+        edge.kind == ArchitectureEdgeKind::Imports
+            && edge.from == "file:src/domain/event.ts"
+            && edge.to == "file:src/infrastructure/db.ts"
+    }));
+    assert!(scan
+        .graph
+        .nodes
+        .iter()
+        .any(|node| node.id == "external:react"));
+    assert!(scan
+        .graph
+        .nodes
+        .iter()
+        .any(|node| node.id == "external:requests"));
+    assert!(scan
+        .graph
+        .nodes
+        .iter()
+        .any(|node| node.id == "external:fmt"));
+    assert!(scan.graph.edges.iter().any(|edge| {
+        edge.kind == ArchitectureEdgeKind::Imports
+            && edge.from == "file:src/domain/service.py"
+            && edge.to == "file:src/infrastructure/client.py"
+    }));
+    assert!(scan.graph.edges.iter().any(|edge| {
+        edge.kind == ArchitectureEdgeKind::Imports
+            && edge.from == "file:src/domain/lib.rs"
+            && edge.to == "file:src/infrastructure/db.rs"
+    }));
+}
+
+#[test]
+fn import_resolution_covers_common_language_forms_without_dropping_layer_edges() {
+    let repo = FixtureRepo::new();
+    repo.write("naome.arch.yaml", FORBIDDEN_DOMAIN_TO_INFRASTRUCTURE_CONFIG);
+    repo.write(
+        "src/domain/event.ts",
+        "import {\n  db\n} from '../infrastructure/db';\n",
+    );
+    repo.write("src/infrastructure/db.ts", "export const db = 1;\n");
+    repo.write(
+        "src/domain/rust_item.rs",
+        "use crate::infrastructure::pool::Pool;\n",
+    );
+    repo.write("src/infrastructure/pool.rs", "pub struct Pool;\n");
+    repo.write(
+        "src/domain/python_from_relative.py",
+        "from ..infrastructure import client\n",
+    );
+    repo.write(
+        "src/domain/python_from_absolute.py",
+        "from src.infrastructure.client import db\n",
+    );
+    repo.write(
+        "src/domain/python_import_list.py",
+        "import requests, src.infrastructure.client\n",
+    );
+    repo.write("src/infrastructure/client.py", "db = object()\n");
+
+    let report = validate_architecture(repo.path(), ArchitectureScanOptions::default()).unwrap();
+
+    assert_eq!(report.summary.errors, 5);
+    let violation_paths = report
+        .violations
+        .iter()
+        .map(|violation| violation.path.as_deref().unwrap_or(""))
+        .collect::<Vec<_>>();
+    assert!(violation_paths.contains(&"src/domain/event.ts"));
+    assert!(violation_paths.contains(&"src/domain/rust_item.rs"));
+    assert!(violation_paths.contains(&"src/domain/python_from_relative.py"));
+    assert!(violation_paths.contains(&"src/domain/python_from_absolute.py"));
+    assert!(violation_paths.contains(&"src/domain/python_import_list.py"));
+}
+
+#[test]
+fn relative_import_resolution_prefers_source_language_extensions() {
+    let repo = FixtureRepo::new();
+    repo.write("src/domain/mod.rs", "mod db;\n");
+    repo.write("src/domain/db.ts", "export const wrong = true;\n");
+    repo.write("src/domain/db.rs", "pub fn right() {}\n");
+
+    let scan = scan_architecture(repo.path(), ArchitectureScanOptions::default()).unwrap();
+
+    assert!(scan.graph.edges.iter().any(|edge| {
+        edge.kind == ArchitectureEdgeKind::Imports
+            && edge.from == "file:src/domain/mod.rs"
+            && edge.to == "file:src/domain/db.rs"
+    }));
+    assert!(!scan.graph.edges.iter().any(|edge| {
+        edge.kind == ArchitectureEdgeKind::Imports
+            && edge.from == "file:src/domain/mod.rs"
+            && edge.to == "file:src/domain/db.ts"
+    }));
+}
+
+#[test]
+fn import_resolver_handles_language_specific_module_roots() {
+    let repo = FixtureRepo::new();
+    repo.write(
+        "packages/app/src/domain/event.rs",
+        "use crate::infrastructure::db::Pool;\n",
+    );
+    repo.write(
+        "packages/app/src/infrastructure/db.rs",
+        "pub struct Pool;\n",
+    );
+    repo.write(
+        "src/domain/service.rs",
+        "mod helper;\nuse self::helper::Thing;\nuse super::infra;\n",
+    );
+    repo.write("src/domain/helper.rs", "pub fn wrong() {}\n");
+    repo.write("src/domain/service/helper.rs", "pub fn right() {}\n");
+    repo.write("src/infra.rs", "pub fn wrong() {}\n");
+    repo.write("src/domain/infra.rs", "pub fn right() {}\n");
+    repo.write("go.mod", "module github.com/acme/app\n");
+    repo.write(
+        "domain/event.go",
+        "package domain\nimport \"github.com/acme/app/infrastructure/db\"\n",
+    );
+    repo.write(
+        "domain/external.go",
+        "package domain\nimport \"github.com/other/db\"\n",
+    );
+    repo.write("infrastructure/db/db.go", "package db\n");
+
+    let scan = scan_architecture(repo.path(), ArchitectureScanOptions::default()).unwrap();
+
+    let has = |from, to| has_import_edge(&scan, from, to);
+    assert!(has(
+        "file:packages/app/src/domain/event.rs",
+        "file:packages/app/src/infrastructure/db.rs"
+    ));
+    assert!(has("file:src/domain/service.rs", "file:src/domain/service/helper.rs"));
+    assert!(!has("file:src/domain/service.rs", "file:src/domain/helper.rs"));
+    assert!(has("file:src/domain/service.rs", "file:src/domain/infra.rs"));
+    assert!(!has("file:src/domain/service.rs", "file:src/infra.rs"));
+    assert!(has("file:domain/event.go", "file:infrastructure/db/db.go"));
+    assert!(!has("file:domain/external.go", "file:infrastructure/db/db.go"));
+}
+
+#[test]
+fn missing_layer_allowlist_is_treated_as_no_allowed_dependencies() {
+    let repo = FixtureRepo::new();
+    repo.write(
+        "naome.arch.yaml",
+        r#"
+layers:
+  domain:
+    paths:
+      - "src/domain/**"
+  infrastructure:
+    paths:
+      - "src/infrastructure/**"
+rules:
+  no_forbidden_layer_dependencies:
+    enabled: true
+    severity: error
+"#,
+    );
+    repo.write(
+        "src/domain/event.ts",
+        "import { db } from '../infrastructure/db';\n",
+    );
+    repo.write("src/infrastructure/db.ts", "export const db = 1;\n");
+
+    let report = validate_architecture(repo.path(), ArchitectureScanOptions::default()).unwrap();
+
+    assert_eq!(report.status, "fail");
+    assert!(report.violations.iter().any(|violation| {
+        violation.id == "arch.no_forbidden_layer_dependencies"
+            && violation.path.as_deref() == Some("src/domain/event.ts")
+    }));
+}
+
+#[test]
+fn overlapping_target_layers_do_not_create_false_forbidden_dependency() {
+    let repo = FixtureRepo::new();
+    repo.write("naome.arch.yaml", "layers:\n  application:\n    paths:\n      - \"src/**\"\n  domain:\n    paths:\n      - \"src/domain/**\"\nallowed_dependencies:\n  application:\n    - domain\n  domain:\nrules:\n  no_forbidden_layer_dependencies:\n    enabled: true\n    severity: error\n");
+    repo.write("src/domain/event.ts", "import { type } from './types';\n");
+    repo.write("src/domain/types.ts", "export const type = 1;\n");
+    let report = validate_architecture(repo.path(), ArchitectureScanOptions::default()).unwrap();
+    assert_eq!(report.status, "pass");
+}
+
+#[test]
+fn late_review_import_forms_keep_forbidden_layer_edges_visible() {
+    let repo = FixtureRepo::new();
+    repo.write("naome.arch.yaml", FORBIDDEN_DOMAIN_TO_INFRASTRUCTURE_CONFIG);
+    repo.write("src/domain/grouped.rs", "use crate::{domain::types, infrastructure::db};\n");
+    repo.write("src/domain/types.rs", "pub struct Event;\n");
+    repo.write("src/infrastructure/db.rs", "pub fn connect() {}\n");
+    repo.write("src/domain/visible.rs", "pub(crate) use crate::infrastructure::db as database;\n");
+    repo.write("src/domain/nested.rs", "use crate::{domain::types, infrastructure::{db, cache}};\n");
+    repo.write("src/infrastructure/cache.rs", "pub fn cache() {}\n");
+    repo.write("src/domain/parenthesized.py", "from src.infrastructure import (\n    client,\n)\n");
+    repo.write("src/infrastructure/client.py", "db = object()\n");
+    repo.write("src/domain/dynamic.ts", "const db = await import(\n  '../infrastructure/db_client'\n);\n");
+    repo.write("src/infrastructure/db_client.ts", "export const db = 1;\n");
+    repo.write("src/domain/export_literal.ts", "export const fixture = '../infrastructure/db_client';\n");
+    repo.write("src/domain/commented.ts", "// await import('../infrastructure/db_client')\n");
+    repo.write("go.mod", "module github.com/acme/app\n");
+    repo.write("src/domain/commented.go", "package domain\nimport (\n  // \"github.com/acme/app/src/infrastructure/dbgo\"\n)\n");
+    repo.write("src/infrastructure/dbgo/dbgo.go", "package dbgo\n");
+
+    let report = validate_architecture(repo.path(), ArchitectureScanOptions::default()).unwrap();
+    let violation_paths = report
+        .violations
+        .iter()
+        .map(|violation| violation.path.as_deref().unwrap_or(""))
+        .collect::<Vec<_>>();
+
+    assert!(violation_paths.contains(&"src/domain/grouped.rs"));
+    assert!(violation_paths.contains(&"src/domain/visible.rs"));
+    assert!(violation_paths.contains(&"src/domain/nested.rs"));
+    assert!(violation_paths.contains(&"src/domain/parenthesized.py"));
+    assert!(violation_paths.contains(&"src/domain/dynamic.ts"));
+    assert!(!violation_paths.contains(&"src/domain/export_literal.ts"));
+    assert!(!violation_paths.contains(&"src/domain/commented.ts"));
+    assert!(!violation_paths.contains(&"src/domain/commented.go"));
+}
+
+#[test]
+fn unresolved_relative_imports_are_represented_explicitly() {
+    let repo = FixtureRepo::new();
+    repo.write("src/app.ts", "import missing from './missing';\n");
+
+    let scan = scan_architecture(repo.path(), ArchitectureScanOptions::default()).unwrap();
+
+    assert!(scan
+        .graph
+        .nodes
+        .iter()
+        .any(|node| node.id == "unknown-import:./missing"));
+    assert!(scan.graph.edges.iter().any(|edge| {
+        edge.kind == ArchitectureEdgeKind::Imports
+            && edge.from == "file:src/app.ts"
+            && edge.to == "unknown-import:./missing"
+    }));
+}
+
+#[test]
+fn validates_forbidden_layer_dependency_from_import_edges() {
+    let repo = FixtureRepo::new();
+    repo.write("naome.arch.yaml", FORBIDDEN_DOMAIN_TO_INFRASTRUCTURE_CONFIG);
+    repo.write(
+        "src/domain/event.ts",
+        "import { db } from '../infrastructure/db';\n",
+    );
+    repo.write("src/infrastructure/db.ts", "export const db = 1;\n");
+
+    let report = validate_architecture(repo.path(), ArchitectureScanOptions::default()).unwrap();
+
+    assert_eq!(report.status, "fail");
+    let violation = report
+        .violations
+        .iter()
+        .find(|violation| violation.id == "arch.no_forbidden_layer_dependencies")
+        .expect("expected forbidden layer dependency violation");
+    assert_eq!(violation.path.as_deref(), Some("src/domain/event.ts"));
+    assert_eq!(violation.source_range.as_ref().unwrap().start_line, 1);
+    assert!(violation
+        .agent_instruction
+        .contains("Do not import infrastructure from domain"));
+}
+
+#[test]
+fn exact_entrypoint_layer_paths_keep_bootstrap_out_of_cli_layer() {
+    let repo = FixtureRepo::new();
+    repo.write(
+        "naome.arch.yaml",
+        r#"
+layers:
+  cli:
+    paths:
+      - "packages/naome/bin/naome.js"
+  installer:
+    paths:
+      - "packages/naome/bin/naome-node.js"
+      - "packages/naome/installer/**"
+allowed_dependencies:
+  cli:
+  installer:
+rules:
+  no_forbidden_layer_dependencies:
+    enabled: true
+    severity: error
+"#,
+    );
+    repo.write(
+        "packages/naome/bin/naome.js",
+        "console.log('native wrapper');\n",
+    );
+    repo.write(
+        "packages/naome/bin/naome-node.js",
+        "import { runNaomeNodeCli } from '../installer/main.js';\nawait runNaomeNodeCli();\n",
+    );
+    repo.write(
+        "packages/naome/installer/main.js",
+        "export async function runNaomeNodeCli() {}\n",
+    );
+
+    let report = validate_architecture(repo.path(), ArchitectureScanOptions::default()).unwrap();
+    let scan = scan_architecture(repo.path(), ArchitectureScanOptions::default()).unwrap();
+
+    assert_eq!(report.status, "pass");
+    assert_eq!(
+        scan.file_facts
+            .get("packages/naome/bin/naome-node.js")
+            .unwrap()
+            .layers,
+        vec!["installer"]
+    );
+}
+
+#[test]
+fn validates_file_size_budget_with_stable_json_shape() {
+    let repo = FixtureRepo::new();
+    repo.write(
+        "naome.arch.yaml",
+        r#"
+rules:
+  max_file_lines:
+    enabled: true
+    value: 2
+    severity: error
+"#,
+    );
+    repo.write("src/too_big.rs", "one\ntwo\nthree\n");
+
+    let report = validate_architecture(repo.path(), ArchitectureScanOptions::default()).unwrap();
+    let json = serde_json::to_string(&report).unwrap();
+
+    assert_eq!(report.status, "fail");
+    assert!(json.contains("\"schema\":\"naome.arch.validation.v1\""));
+    assert!(json.contains("\"id\":\"arch.max_file_lines\""));
+    let violation = report
+        .violations
+        .iter()
+        .find(|violation| violation.path.as_deref() == Some("src/too_big.rs"))
+        .expect("expected src/too_big.rs file-size violation");
+    assert_eq!(violation.agent_instruction, "Reduce src/too_big.rs below 2 lines or add a justified generated-code ignore rule if it is not manually owned.");
+}
+
+#[test]
+fn changed_only_generated_boundary_reports_changed_generated_file() {
+    let repo = FixtureRepo::new();
+    repo.init_git();
+    repo.write(
+        "naome.arch.yaml",
+        r#"
+rules:
+  generated_manual_boundary:
+    enabled: true
+    severity: error
+ignore:
+  - path: "generated/**"
+    reason: "Generated code is not manually edited."
+"#,
+    );
+    repo.write("generated/client.ts", "export const generated = true;\n");
+
+    let report = validate_architecture(
+        repo.path(),
+        ArchitectureScanOptions {
+            changed_only: true,
+            config_path: None,
+        },
+    )
+    .unwrap();
+
+    assert_eq!(report.status, "fail");
+    assert!(report.changed_only_degraded_to_full_scan);
+    assert_eq!(report.violations[0].id, "arch.generated_manual_boundary");
+    assert_eq!(
+        report.violations[0].path.as_deref(),
+        Some("generated/client.ts")
+    );
+}
+
+struct FixtureRepo {
+    root: PathBuf,
+}
+
+impl FixtureRepo {
+    fn new() -> Self {
+        let nonce = SystemTime::now()
+            .duration_since(UNIX_EPOCH)
+            .unwrap()
+            .as_nanos();
+        let counter = FIXTURE_COUNTER.fetch_add(1, Ordering::Relaxed);
+        let root = std::env::temp_dir().join(format!(
+            "naome-arch-fixture-{}-{nonce}-{counter}",
+            std::process::id()
+        ));
+        fs::create_dir_all(&root).unwrap();
+        fs::write(
+            root.join(".naomeignore"),
+            ".naome/archive/\n.naome/tasks/\n",
+        )
+        .unwrap();
+        Self { root }
+    }
+
+    fn path(&self) -> &Path {
+        &self.root
+    }
+
+    fn write(&self, relative_path: &str, content: &str) {
+        let path = self.root.join(relative_path);
+        fs::create_dir_all(path.parent().unwrap()).unwrap();
+        fs::write(path, content).unwrap();
+    }
+
+    fn init_git(&self) {
+        run_git(&self.root, &["init"]);
+        run_git(&self.root, &["config", "user.email", "naome@example.com"]);
+        run_git(&self.root, &["config", "user.name", "NAOME Test"]);
+        self.write("README.md", "# Fixture\n");
+        run_git(&self.root, &["add", "."]);
+        run_git(&self.root, &["commit", "-m", "baseline"]);
+    }
+}
+
+fn run_git(root: &Path, args: &[&str]) {
+    let result = Command::new("git")
+        .args(args)
+        .current_dir(root)
+        .output()
+        .unwrap();
+    assert!(
+        result.status.success(),
+        "git {:?} failed: {}{}",
+        args,
+        String::from_utf8_lossy(&result.stdout),
+        String::from_utf8_lossy(&result.stderr)
+    );
+}
+
+fn has_import_edge(scan: &naome_core::ArchitectureScanReport, from: &str, to: &str) -> bool {
+    scan.graph.edges.iter().any(|edge| {
+        edge.kind == ArchitectureEdgeKind::Imports && edge.from == from && edge.to == to
+    })
+}

package/crates/naome-core/tests/harness_health.rs

@@ -19,6 +19,7 @@ const MACHINE_OWNED_PATHS: &[&str] = &[
     "docs/naome/first-run.md",
     "docs/naome/agent-workflow.md",
     "docs/naome/context-economy.md",
+    "docs/naome/architecture-fitness.md",
     "docs/naome/execution.md",
     "docs/naome/task-ledger.md",
     "docs/naome/upgrade.md",

package/installer/harness-files.js

@@ -22,6 +22,7 @@ export function ensureCoreHarnessFiles(ctx, archiveDirName) {
   replaceHarnessFile(ctx, "docs/naome/task-ledger.md", archiveDirName);
   ensureTemplateFile(ctx, "docs/naome/repository-model.md");
   ensureTemplateFile(ctx, "docs/naome/security.md");
+  ensureTemplateFile(ctx, "docs/naome/architecture-fitness.md");
   replaceHarnessFile(ctx, "docs/naome/upgrade.md", archiveDirName);
 }
 
@@ -39,6 +40,7 @@ export function ensureTaskControlHarnessFiles(ctx, archiveDirName) {
   replaceHarnessFile(ctx, "docs/naome/agent-workflow.md", archiveDirName);
   replaceHarnessFile(ctx, "docs/naome/context-economy.md", archiveDirName);
   replaceHarnessFile(ctx, "docs/naome/execution.md", archiveDirName);
+  ensureTemplateFile(ctx, "docs/naome/architecture-fitness.md");
   replaceHarnessFile(ctx, "docs/naome/upgrade.md", archiveDirName);
 }
 
@@ -57,6 +59,7 @@ export function ensureHarnessHealthFiles(ctx, archiveDirName) {
   replaceHarnessFile(ctx, "docs/naome/context-economy.md", archiveDirName);
   replaceHarnessFile(ctx, "docs/naome/execution.md", archiveDirName);
   ensureTemplateFile(ctx, "docs/naome/security.md");
+  ensureTemplateFile(ctx, "docs/naome/architecture-fitness.md");
   replaceHarnessFile(ctx, "docs/naome/upgrade.md", archiveDirName);
   ensureNaomeIgnore(ctx);
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@lamentis/naome",
-  "version": "1.3.9",
+  "version": "1.3.11",
   "description": "Native-first CLI for the NAOME agent harness.",
   "license": "Apache-2.0",
   "type": "module",

package/templates/naome-root/.naome/bin/check-harness-health.js

@@ -10,18 +10,18 @@ const nativeBinaryName = process.platform === "win32" ? "naome.exe" : "naome";
 const expectedNativeBinaryIntegrity = "sha256:generated";
 
 const expectedMachineOwnedIntegrity = Object.freeze({
-  "AGENTS.md": "sha256:e8b2fc786c1c72b69ba8f2b2ffce4f459e799c7453ce9ff4a9f6448a8f9e6b4f",
-  ".naome/package.json": "sha256:8005a3491db7d92f36ac66369861589f9c47123d3a7c71e643fc2c06168cd45a",
-  ".naome/bin/naome.js": "sha256:a34c2e50a68d15ff2722a57590ccddc504e025d3c98ea62fd700d7ec1a789b9a",
-  ".naome/bin/check-task-state.js": "sha256:2612577b7e4ab45d9d39dd5ac54c8e7ed749d237d78f1a8d252f4dfa0b4eaaab",
   ".naome/bin/check-harness-health.js": "sha256:802d7419774981a6af1826b3882270ff8f41259d516f98c52a02b4ddc184c467",
+  ".naome/bin/check-task-state.js": "sha256:2612577b7e4ab45d9d39dd5ac54c8e7ed749d237d78f1a8d252f4dfa0b4eaaab",
+  ".naome/bin/naome.js": "sha256:f129c580fb70b3a1d92d0ab0de9fa6c131b2fc51a8dcdebe9d6f5a812a3be61b",
+  ".naome/package.json": "sha256:8005a3491db7d92f36ac66369861589f9c47123d3a7c71e643fc2c06168cd45a",
   ".naome/task-contract.schema.json": "sha256:1b3b62350328d0d6d660e36d1d1baaa2b88718530db774f9ab2a9e2fcba369c8",
-  "docs/naome/index.md": "sha256:07ef776f49130319a5280bdb3ae38af22141708253f38eb983a4336fbae1b25a",
-  "docs/naome/first-run.md": "sha256:1466ce8c65e19a1514885f917db14e8a772350e3f6d1c03a66326963365919e1",
+  "AGENTS.md": "sha256:e8b2fc786c1c72b69ba8f2b2ffce4f459e799c7453ce9ff4a9f6448a8f9e6b4f",
   "docs/naome/agent-workflow.md": "sha256:0be1c29adfbcd3fd73c4f904080ffc67237692fe413871a30243538c4db38ac7",
   "docs/naome/context-economy.md": "sha256:3ed5075815ecf4ada46a5e65438769310307c35759fcd46b13dc0b96e02bebd9",
-  "docs/naome/task-ledger.md": "sha256:6ca7222c80079b4662fb718d3c71d686770646f1fa52b83b0e90aed1c5a1101b",
   "docs/naome/execution.md": "sha256:bfc5d55838942ec8e3d790b59e3c634ff5bf6a2298265cef3dca9788a097eafb",
+  "docs/naome/first-run.md": "sha256:1466ce8c65e19a1514885f917db14e8a772350e3f6d1c03a66326963365919e1",
+  "docs/naome/index.md": "sha256:cac748ed375d86d288460456fc5d606b29bd99d91148522c303d5400a083dbc5",
+  "docs/naome/task-ledger.md": "sha256:6ca7222c80079b4662fb718d3c71d686770646f1fa52b83b0e90aed1c5a1101b",
   "docs/naome/upgrade.md": "sha256:2c60f0441bbd98bd528d109b30a7ded4b0ad55d61ffb9f52edac9e93b7999cb1"
 });
 

package/templates/naome-root/.naome/bin/check-task-state.js

@@ -10,18 +10,18 @@ const nativeBinaryName = process.platform === "win32" ? "naome.exe" : "naome";
 const expectedNativeBinaryIntegrity = "sha256:generated";
 
 const expectedMachineOwnedIntegrity = Object.freeze({
-  "AGENTS.md": "sha256:e8b2fc786c1c72b69ba8f2b2ffce4f459e799c7453ce9ff4a9f6448a8f9e6b4f",
-  ".naome/package.json": "sha256:8005a3491db7d92f36ac66369861589f9c47123d3a7c71e643fc2c06168cd45a",
-  ".naome/bin/naome.js": "sha256:a34c2e50a68d15ff2722a57590ccddc504e025d3c98ea62fd700d7ec1a789b9a",
-  ".naome/bin/check-task-state.js": "sha256:2612577b7e4ab45d9d39dd5ac54c8e7ed749d237d78f1a8d252f4dfa0b4eaaab",
   ".naome/bin/check-harness-health.js": "sha256:802d7419774981a6af1826b3882270ff8f41259d516f98c52a02b4ddc184c467",
+  ".naome/bin/check-task-state.js": "sha256:2612577b7e4ab45d9d39dd5ac54c8e7ed749d237d78f1a8d252f4dfa0b4eaaab",
+  ".naome/bin/naome.js": "sha256:f129c580fb70b3a1d92d0ab0de9fa6c131b2fc51a8dcdebe9d6f5a812a3be61b",
+  ".naome/package.json": "sha256:8005a3491db7d92f36ac66369861589f9c47123d3a7c71e643fc2c06168cd45a",
   ".naome/task-contract.schema.json": "sha256:1b3b62350328d0d6d660e36d1d1baaa2b88718530db774f9ab2a9e2fcba369c8",
-  "docs/naome/index.md": "sha256:07ef776f49130319a5280bdb3ae38af22141708253f38eb983a4336fbae1b25a",
-  "docs/naome/first-run.md": "sha256:1466ce8c65e19a1514885f917db14e8a772350e3f6d1c03a66326963365919e1",
+  "AGENTS.md": "sha256:e8b2fc786c1c72b69ba8f2b2ffce4f459e799c7453ce9ff4a9f6448a8f9e6b4f",
   "docs/naome/agent-workflow.md": "sha256:0be1c29adfbcd3fd73c4f904080ffc67237692fe413871a30243538c4db38ac7",
   "docs/naome/context-economy.md": "sha256:3ed5075815ecf4ada46a5e65438769310307c35759fcd46b13dc0b96e02bebd9",
-  "docs/naome/task-ledger.md": "sha256:6ca7222c80079b4662fb718d3c71d686770646f1fa52b83b0e90aed1c5a1101b",
   "docs/naome/execution.md": "sha256:bfc5d55838942ec8e3d790b59e3c634ff5bf6a2298265cef3dca9788a097eafb",
+  "docs/naome/first-run.md": "sha256:1466ce8c65e19a1514885f917db14e8a772350e3f6d1c03a66326963365919e1",
+  "docs/naome/index.md": "sha256:cac748ed375d86d288460456fc5d606b29bd99d91148522c303d5400a083dbc5",
+  "docs/naome/task-ledger.md": "sha256:6ca7222c80079b4662fb718d3c71d686770646f1fa52b83b0e90aed1c5a1101b",
   "docs/naome/upgrade.md": "sha256:2c60f0441bbd98bd528d109b30a7ded4b0ad55d61ffb9f52edac9e93b7999cb1"
 });
 

package/templates/naome-root/.naome/bin/naome.js

@@ -27,7 +27,7 @@ function main(argv) {
     return;
   }
 
-  if (["status", "next", "intent", "route", "explain", "context", "doctor", "task", "quality", "semantic", "repo", "structure", "cleanup", "refresh-integrity", "workflow"].includes(command)) {
+  if (["status", "next", "intent", "route", "explain", "context", "doctor", "task", "quality", "semantic", "arch", "repo", "structure", "cleanup", "refresh-integrity", "workflow"].includes(command)) {
     runNativeDecisionCommand(command, args);
     return;
   }
@@ -367,7 +367,7 @@ function findAncestorWithAnyMarker(startPath, markers) {
 }
 
 function printHelp() {
-  const commands = "naome status [--json]|naome next [--json]|naome intent --prompt-file <path> [--json]|naome intent --prompt <text> [--json]|naome route --prompt-file <path> [--execute] [--json]|naome route --prompt <text> [--execute] [--json]|naome explain --prompt-file <path> [--json]|naome explain --prompt <text> [--json]|naome context select --changed [--json]|naome context select --prompt-file <path> [--json]|naome context select --prompt <text> [--json]|naome doctor [--json]|naome task render-state [--write] [--json]|naome task migrate-ledger [--write] [--json]|naome quality init [--baseline|--deep-baseline] [--json]|naome quality check --changed [--include-scanned-paths] [--json]|naome quality check --path <path> [--path <path>...] [--include-scanned-paths] [--json]|naome quality report [--deep] [--include-scanned-paths] [--json]|naome quality cache status [--json]|naome quality cache clear|naome semantic report [--deep] [--json]|naome semantic check --changed [--json]|naome semantic check --path <path> [--path <path>...] [--json]|naome semantic route --finding <id> [--json]|naome semantic loop [--json]|naome repo model [--write] [--json]|naome repo check [--json]|naome repo explain --path <path> [--json]|naome structure report [--json]|naome structure explain --path <path> [--json]|naome cleanup plan [--json]|naome cleanup route --path <path> [--json]|naome refresh-integrity [--json]|naome workflow agent-plan|context-delta|proof-plan|capabilities|edit-watchdog|decision-gate|digest [--json]|naome workflow search-profile|check-search|phases|processes|mutations [--json]|naome install|naome sync|naome commit -m \"type(scope): message\"|node .naome/bin/naome.js commit -m \"type(scope): message\"".split("|");
+  const commands = "naome status [--json]|naome next [--json]|naome intent --prompt-file <path> [--json]|naome intent --prompt <text> [--json]|naome route --prompt-file <path> [--execute] [--json]|naome route --prompt <text> [--execute] [--json]|naome explain --prompt-file <path> [--json]|naome explain --prompt <text> [--json]|naome context select --changed [--json]|naome context select --prompt-file <path> [--json]|naome context select --prompt <text> [--json]|naome doctor [--json]|naome task render-state [--write] [--json]|naome task migrate-ledger [--write] [--json]|naome quality init [--baseline|--deep-baseline] [--json]|naome quality check --changed [--include-scanned-paths] [--json]|naome quality check --path <path> [--path <path>...] [--include-scanned-paths] [--json]|naome quality report [--deep] [--include-scanned-paths] [--json]|naome quality cache status [--json]|naome quality cache clear|naome semantic report [--deep] [--json]|naome semantic check --changed [--json]|naome semantic check --path <path> [--path <path>...] [--json]|naome semantic route --finding <id> [--json]|naome semantic loop [--json]|naome arch init [--config <path>] [--json]|naome arch explain [--config <path>] [--json]|naome arch scan [--config <path>] [--changed-only] [--write] [--output <path>] [--json]|naome arch validate [--config <path>] [--changed-only] [--json|--agent-feedback]|naome repo model [--write] [--json]|naome repo check [--json]|naome repo explain --path <path> [--json]|naome structure report [--json]|naome structure explain --path <path> [--json]|naome cleanup plan [--json]|naome cleanup route --path <path> [--json]|naome refresh-integrity [--json]|naome workflow agent-plan|context-delta|proof-plan|capabilities|edit-watchdog|decision-gate|digest [--json]|naome workflow search-profile|check-search|phases|processes|mutations [--json]|naome install|naome sync|naome commit -m \"type(scope): message\"|node .naome/bin/naome.js commit -m \"type(scope): message\"".split("|");
   console.log(["Usage:", ...commands.map((command) => `  ${command}`)].join("\n"));
 }