@lannguyensi/harness 0.5.0

package/dist/runtime/ledger-record.d.ts

@@ -0,0 +1,43 @@
+import { type LedgerEntry } from "../policies/index.js";
+import type { PolicyDecision } from "./intercept.js";
+export interface LedgerRecordOptions {
+    mcpCommand: string[];
+    mcpEnv?: Record<string, string>;
+    cwd?: string;
+    timeoutMs?: number;
+}
+export interface PolicyDecisionPayload {
+    name: string;
+    outcome: PolicyDecision["outcome"];
+    enforcement: PolicyDecision["enforcement"];
+    reason: string;
+    ledgerTag: string;
+    extractValues: Record<string, string>;
+    requiresEval?: {
+        matchedCount: number;
+        reason: string;
+    };
+    evaluatedAt: string;
+}
+export declare function payloadFromDecision(decision: PolicyDecision): PolicyDecisionPayload;
+export declare function encodeLedgerContent(payload: PolicyDecisionPayload): string;
+/**
+ * Phase 5 #9 — preferred sort key for policy_decision rows.
+ *
+ * `evidence-ledger` stores `createdAt` at 1-second precision (SQLite
+ * `datetime('now')`), so two decisions evaluated within the same wall-
+ * clock second tie at `bt - at === 0`, and a stable sort returns the
+ * earliest entry as "latest". The decoded payload's `evaluatedAt` is
+ * `Date.toISOString()` (millisecond precision), which actually
+ * distinguishes back-to-back fires. Use it as the primary key, with a
+ * `createdAt` fallback for any future encoding that lacks `evaluatedAt`.
+ *
+ * Returns `NaN` only when both fields are unparseable; callers should
+ * tolerate ties by treating equal results as preserve-order.
+ */
+export declare function decisionSortKey(entry: LedgerEntry, payload: PolicyDecisionPayload): number;
+export declare function decodeLedgerContent(content: string): PolicyDecisionPayload | null;
+export declare function recordPolicyDecision(decision: PolicyDecision, sessionId: string, opts: LedgerRecordOptions): Promise<{
+    ok: boolean;
+    reason?: string;
+}>;

package/dist/runtime/ledger-record.js

@@ -0,0 +1,239 @@
+// Phase 4 #5 — `policy_decision` audit-log writer.
+//
+// Writes one ledger entry per policy decision via grounding-mcp's
+// `ledger_add` verb. The verb only accepts the four fact/hypothesis/rejected/
+// unknown types, so we stash the structured payload as JSON inside `content`
+// behind a `policy_decision:` prefix that `harness audit` and
+// `harness explain --trace` (Phase 4 #6/#7) grep for.
+import { spawn } from "node:child_process";
+import { parseLedgerTimestamp } from "../policies/index.js";
+const DEFAULT_TIMEOUT_MS = 5_000;
+const SOURCE = "harness-policy-intercept";
+const PREFIX = "policy_decision";
+function expandHomePath(p) {
+    if (p === "~")
+        return process.env.HOME ?? "";
+    if (p.startsWith("~/"))
+        return `${process.env.HOME ?? ""}/${p.slice(2)}`;
+    return p;
+}
+export function payloadFromDecision(decision) {
+    return {
+        name: decision.policyName,
+        outcome: decision.outcome,
+        enforcement: decision.enforcement,
+        reason: decision.reason,
+        ledgerTag: decision.ledgerTag,
+        extractValues: decision.extractValues,
+        ...(decision.requiresEval && { requiresEval: decision.requiresEval }),
+        evaluatedAt: decision.evaluatedAt,
+    };
+}
+export function encodeLedgerContent(payload) {
+    return `${PREFIX}:${payload.name}:${payload.outcome} ${JSON.stringify(payload)}`;
+}
+/**
+ * Phase 5 #9 — preferred sort key for policy_decision rows.
+ *
+ * `evidence-ledger` stores `createdAt` at 1-second precision (SQLite
+ * `datetime('now')`), so two decisions evaluated within the same wall-
+ * clock second tie at `bt - at === 0`, and a stable sort returns the
+ * earliest entry as "latest". The decoded payload's `evaluatedAt` is
+ * `Date.toISOString()` (millisecond precision), which actually
+ * distinguishes back-to-back fires. Use it as the primary key, with a
+ * `createdAt` fallback for any future encoding that lacks `evaluatedAt`.
+ *
+ * Returns `NaN` only when both fields are unparseable; callers should
+ * tolerate ties by treating equal results as preserve-order.
+ */
+export function decisionSortKey(entry, payload) {
+    const evaluatedMs = parseLedgerTimestamp(payload.evaluatedAt);
+    if (!Number.isNaN(evaluatedMs))
+        return evaluatedMs;
+    if (entry.createdAt instanceof Date)
+        return entry.createdAt.getTime();
+    return parseLedgerTimestamp(entry.createdAt);
+}
+export function decodeLedgerContent(content) {
+    if (!content.startsWith(`${PREFIX}:`))
+        return null;
+    const space = content.indexOf(" ");
+    if (space === -1)
+        return null;
+    try {
+        const obj = JSON.parse(content.slice(space + 1));
+        return obj;
+    }
+    catch {
+        return null;
+    }
+}
+export async function recordPolicyDecision(decision, sessionId, opts) {
+    const list = opts.mcpCommand;
+    if (!list || list.length === 0) {
+        return { ok: false, reason: "grounding-mcp command is empty" };
+    }
+    const exe = expandHomePath(list[0]);
+    const args = list.slice(1).map(expandHomePath);
+    const timeoutMs = opts.timeoutMs ?? DEFAULT_TIMEOUT_MS;
+    const payload = payloadFromDecision(decision);
+    const content = encodeLedgerContent(payload);
+    return new Promise((resolve) => {
+        let child;
+        try {
+            child = spawn(exe, args, {
+                cwd: opts.cwd,
+                env: { ...process.env, ...(opts.mcpEnv ?? {}) },
+                stdio: ["pipe", "pipe", "pipe"],
+            });
+        }
+        catch (err) {
+            resolve({ ok: false, reason: `spawn failed: ${err.message}` });
+            return;
+        }
+        let settled = false;
+        const settle = (r) => {
+            if (settled)
+                return;
+            settled = true;
+            try {
+                child.kill("SIGTERM");
+            }
+            catch {
+                /* ignore */
+            }
+            resolve(r);
+        };
+        let stdoutBuf = "";
+        let stderrBuf = "";
+        let recordSent = false;
+        let fallbackSent = false;
+        /**
+         * Phase 5 #4 — write attempt with type='policy_decision'. When
+         * the connected grounding-mcp pre-dates that change, the call
+         * returns a zod / CHECK constraint error; we then retry with the
+         * legacy type='fact' + prefix-encoded content path.
+         */
+        const sendInitialAdd = () => {
+            child.stdin.write(`${JSON.stringify({
+                jsonrpc: "2.0",
+                id: 2,
+                method: "tools/call",
+                params: {
+                    name: "ledger_add",
+                    arguments: {
+                        sessionId,
+                        type: "policy_decision",
+                        content,
+                        source: SOURCE,
+                    },
+                },
+            })}\n`);
+        };
+        const sendFallbackAdd = () => {
+            fallbackSent = true;
+            child.stdin.write(`${JSON.stringify({
+                jsonrpc: "2.0",
+                id: 3,
+                method: "tools/call",
+                params: {
+                    name: "ledger_add",
+                    arguments: {
+                        sessionId,
+                        type: "fact",
+                        content,
+                        source: SOURCE,
+                    },
+                },
+            })}\n`);
+        };
+        child.stdout.on("data", (chunk) => {
+            stdoutBuf += chunk.toString("utf8");
+            let nl = stdoutBuf.indexOf("\n");
+            while (nl !== -1) {
+                const line = stdoutBuf.slice(0, nl).trim();
+                stdoutBuf = stdoutBuf.slice(nl + 1);
+                if (line) {
+                    try {
+                        const msg = JSON.parse(line);
+                        if (msg.id === 1 && !recordSent) {
+                            child.stdin.write(`${JSON.stringify({
+                                jsonrpc: "2.0",
+                                method: "notifications/initialized",
+                            })}\n`);
+                            sendInitialAdd();
+                            recordSent = true;
+                        }
+                        else if (msg.id === 2) {
+                            if (msg.error) {
+                                // Likely an old grounding-mcp without the
+                                // policy_decision enum value — retry once with the
+                                // legacy fact-with-prefix encoding.
+                                if (!fallbackSent) {
+                                    sendFallbackAdd();
+                                    return;
+                                }
+                                settle({
+                                    ok: false,
+                                    reason: `ledger_add error: ${msg.error.message ?? "unknown"}`,
+                                });
+                                return;
+                            }
+                            settle({ ok: true });
+                            return;
+                        }
+                        else if (msg.id === 3) {
+                            if (msg.error) {
+                                settle({
+                                    ok: false,
+                                    reason: `ledger_add error: ${msg.error.message ?? "unknown"}`,
+                                });
+                                return;
+                            }
+                            settle({ ok: true });
+                            return;
+                        }
+                    }
+                    catch {
+                        /* ignore non-JSON */
+                    }
+                }
+                nl = stdoutBuf.indexOf("\n");
+            }
+        });
+        child.stderr.on("data", (c) => {
+            stderrBuf += c.toString("utf8");
+        });
+        child.on("error", (err) => {
+            settle({ ok: false, reason: `spawn failed: ${err.message}` });
+        });
+        child.on("exit", () => {
+            const tail = stderrBuf.trim().split("\n").pop()?.trim() || "(no stderr)";
+            settle({ ok: false, reason: `grounding-mcp exited: ${tail}` });
+        });
+        child.stdin.on("error", () => {
+            /* EPIPE; exit listener handles */
+        });
+        try {
+            child.stdin.write(`${JSON.stringify({
+                jsonrpc: "2.0",
+                id: 1,
+                method: "initialize",
+                params: {
+                    protocolVersion: "2024-11-05",
+                    capabilities: {},
+                    clientInfo: { name: "harness-policy-intercept", version: "0.4.0" },
+                },
+            })}\n`);
+        }
+        catch (err) {
+            settle({ ok: false, reason: `init write failed: ${err.message}` });
+            return;
+        }
+        const t = setTimeout(() => {
+            settle({ ok: false, reason: `grounding-mcp timeout after ${timeoutMs}ms` });
+        }, timeoutMs);
+        t.unref();
+    });
+}
+//# sourceMappingURL=ledger-record.js.map

package/dist/runtime/ledger-record.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ledger-record.js","sourceRoot":"","sources":["../../src/runtime/ledger-record.ts"],"names":[],"mappings":"AAAA,mDAAmD;AACnD,EAAE;AACF,kEAAkE;AAClE,8EAA8E;AAC9E,6EAA6E;AAC7E,8DAA8D;AAC9D,sDAAsD;AAEtD,OAAO,EAAE,KAAK,EAAE,MAAM,oBAAoB,CAAC;AAC3C,OAAO,EAAE,oBAAoB,EAAoB,MAAM,sBAAsB,CAAC;AAU9E,MAAM,kBAAkB,GAAG,KAAK,CAAC;AACjC,MAAM,MAAM,GAAG,0BAA0B,CAAC;AAC1C,MAAM,MAAM,GAAG,iBAAiB,CAAC;AAEjC,SAAS,cAAc,CAAC,CAAS;IAC/B,IAAI,CAAC,KAAK,GAAG;QAAE,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,CAAC;IAC7C,IAAI,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,IAAI,EAAE,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;IACzE,OAAO,CAAC,CAAC;AACX,CAAC;AAaD,MAAM,UAAU,mBAAmB,CACjC,QAAwB;IAExB,OAAO;QACL,IAAI,EAAE,QAAQ,CAAC,UAAU;QACzB,OAAO,EAAE,QAAQ,CAAC,OAAO;QACzB,WAAW,EAAE,QAAQ,CAAC,WAAW;QACjC,MAAM,EAAE,QAAQ,CAAC,MAAM;QACvB,SAAS,EAAE,QAAQ,CAAC,SAAS;QAC7B,aAAa,EAAE,QAAQ,CAAC,aAAa;QACrC,GAAG,CAAC,QAAQ,CAAC,YAAY,IAAI,EAAE,YAAY,EAAE,QAAQ,CAAC,YAAY,EAAE,CAAC;QACrE,WAAW,EAAE,QAAQ,CAAC,WAAW;KAClC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,OAA8B;IAChE,OAAO,GAAG,MAAM,IAAI,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,OAAO,IAAI,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC;AACnF,CAAC;AAED;;;;;;;;;;;;;GAaG;AACH,MAAM,UAAU,eAAe,CAC7B,KAAkB,EAClB,OAA8B;IAE9B,MAAM,WAAW,GAAG,oBAAoB,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;IAC9D,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC;QAAE,OAAO,WAAW,CAAC;IACnD,IAAI,KAAK,CAAC,SAAS,YAAY,IAAI;QAAE,OAAO,KAAK,CAAC,SAAS,CAAC,OAAO,EAAE,CAAC;IACtE,OAAO,oBAAoB,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;AAC/C,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,OAAe;IACjD,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,MAAM,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACnD,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACnC,IAAI,KAAK,KAAK,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAC9B,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC,CAA0B,CAAC;QAC1E,OAAO,GAAG,CAAC;IACb,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,QAAwB,EACxB,SAAiB,EACjB,IAAyB;IAEzB,MAAM,IAAI,GAAG,IAAI,CAAC,UAAU,CAAC;IAC7B,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,gCAAgC,EAAE,CAAC;IACjE,CAAC;IACD,MAAM,GAAG,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC,CAAE,CAAC,CAAC;IACrC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAC/C,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,IAAI,kBAAkB,CAAC;IACvD,MAAM,OAAO,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IAC9C,MAAM,OAAO,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;IAE7C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,IAAI,KAAK,CAAC;QACV,IAAI,CAAC;YACH,KAAK,GAAG,KAAK,CAAC,GAAG,EAAE,IAAI,EAAE;gBACvB,GAAG,EAAE,IAAI,CAAC,GAAG;gBACb,GAAG,EAAE,EAAE,GAAG,OAAO,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC,EAAE;gBAC/C,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;aAChC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,iBAAkB,GAAa,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;YAC1E,OAAO;QACT,CAAC;QAED,IAAI,OAAO,GAAG,KAAK,CAAC;QACpB,MAAM,MAAM,GAAG,CAAC,CAAmC,EAAQ,EAAE;YAC3D,IAAI,OAAO;gBAAE,OAAO;YACpB,OAAO,GAAG,IAAI,CAAC;YACf,IAAI,CAAC;gBACH,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YACxB,CAAC;YAAC,MAAM,CAAC;gBACP,YAAY;YACd,CAAC;YACD,OAAO,CAAC,CAAC,CAAC,CAAC;QACb,CAAC,CAAC;QAEF,IAAI,SAAS,GAAG,EAAE,CAAC;QACnB,IAAI,SAAS,GAAG,EAAE,CAAC;QACnB,IAAI,UAAU,GAAG,KAAK,CAAC;QACvB,IAAI,YAAY,GAAG,KAAK,CAAC;QAEzB;;;;;WAKG;QACH,MAAM,cAAc,GAAG,GAAS,EAAE;YAChC,KAAK,CAAC,KAAK,CAAC,KAAK,CACf,GAAG,IAAI,CAAC,SAAS,CAAC;gBAChB,OAAO,EAAE,KAAK;gBACd,EAAE,EAAE,CAAC;gBACL,MAAM,EAAE,YAAY;gBACpB,MAAM,EAAE;oBACN,IAAI,EAAE,YAAY;oBAClB,SAAS,EAAE;wBACT,SAAS;wBACT,IAAI,EAAE,iBAAiB;wBACvB,OAAO;wBACP,MAAM,EAAE,MAAM;qBACf;iBACF;aACF,CAAC,IAAI,CACP,CAAC;QACJ,CAAC,CAAC;QAEF,MAAM,eAAe,GAAG,GAAS,EAAE;YACjC,YAAY,GAAG,IAAI,CAAC;YACpB,KAAK,CAAC,KAAK,CAAC,KAAK,CACf,GAAG,IAAI,CAAC,SAAS,CAAC;gBAChB,OAAO,EAAE,KAAK;gBACd,EAAE,EAAE,CAAC;gBACL,MAAM,EAAE,YAAY;gBACpB,MAAM,EAAE;oBACN,IAAI,EAAE,YAAY;oBAClB,SAAS,EAAE;wBACT,SAAS;wBACT,IAAI,EAAE,MAAM;wBACZ,OAAO;wBACP,MAAM,EAAE,MAAM;qBACf;iBACF;aACF,CAAC,IAAI,CACP,CAAC;QACJ,CAAC,CAAC;QAEF,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;YACxC,SAAS,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YACpC,IAAI,EAAE,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACjC,OAAO,EAAE,KAAK,CAAC,CAAC,EAAE,CAAC;gBACjB,MAAM,IAAI,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC3C,SAAS,GAAG,SAAS,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;gBACpC,IAAI,IAAI,EAAE,CAAC;oBACT,IAAI,CAAC;wBACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAG1B,CAAC;wBACF,IAAI,GAAG,CAAC,EAAE,KAAK,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;4BAChC,KAAK,CAAC,KAAK,CAAC,KAAK,CACf,GAAG,IAAI,CAAC,SAAS,CAAC;gCAChB,OAAO,EAAE,KAAK;gCACd,MAAM,EAAE,2BAA2B;6BACpC,CAAC,IAAI,CACP,CAAC;4BACF,cAAc,EAAE,CAAC;4BACjB,UAAU,GAAG,IAAI,CAAC;wBACpB,CAAC;6BAAM,IAAI,GAAG,CAAC,EAAE,KAAK,CAAC,EAAE,CAAC;4BACxB,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;gCACd,0CAA0C;gCAC1C,mDAAmD;gCACnD,oCAAoC;gCACpC,IAAI,CAAC,YAAY,EAAE,CAAC;oCAClB,eAAe,EAAE,CAAC;oCAClB,OAAO;gCACT,CAAC;gCACD,MAAM,CAAC;oCACL,EAAE,EAAE,KAAK;oCACT,MAAM,EAAE,qBAAqB,GAAG,CAAC,KAAK,CAAC,OAAO,IAAI,SAAS,EAAE;iCAC9D,CAAC,CAAC;gCACH,OAAO;4BACT,CAAC;4BACD,MAAM,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;4BACrB,OAAO;wBACT,CAAC;6BAAM,IAAI,GAAG,CAAC,EAAE,KAAK,CAAC,EAAE,CAAC;4BACxB,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;gCACd,MAAM,CAAC;oCACL,EAAE,EAAE,KAAK;oCACT,MAAM,EAAE,qBAAqB,GAAG,CAAC,KAAK,CAAC,OAAO,IAAI,SAAS,EAAE;iCAC9D,CAAC,CAAC;gCACH,OAAO;4BACT,CAAC;4BACD,MAAM,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;4BACrB,OAAO;wBACT,CAAC;oBACH,CAAC;oBAAC,MAAM,CAAC;wBACP,qBAAqB;oBACvB,CAAC;gBACH,CAAC;gBACD,EAAE,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YAC/B,CAAC;QACH,CAAC,CAAC,CAAC;QACH,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,CAAS,EAAE,EAAE;YACpC,SAAS,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAClC,CAAC,CAAC,CAAC;QACH,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;YAC/B,MAAM,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,iBAAiB,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QAChE,CAAC,CAAC,CAAC;QACH,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,GAAG,EAAE;YACpB,MAAM,IAAI,GAAG,SAAS,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,aAAa,CAAC;YACzE,MAAM,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,yBAAyB,IAAI,EAAE,EAAE,CAAC,CAAC;QACjE,CAAC,CAAC,CAAC;QACH,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,OAAO,EAAE,GAAG,EAAE;YAC3B,kCAAkC;QACpC,CAAC,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,KAAK,CAAC,KAAK,CAAC,KAAK,CACf,GAAG,IAAI,CAAC,SAAS,CAAC;gBAChB,OAAO,EAAE,KAAK;gBACd,EAAE,EAAE,CAAC;gBACL,MAAM,EAAE,YAAY;gBACpB,MAAM,EAAE;oBACN,eAAe,EAAE,YAAY;oBAC7B,YAAY,EAAE,EAAE;oBAChB,UAAU,EAAE,EAAE,IAAI,EAAE,0BAA0B,EAAE,OAAO,EAAE,OAAO,EAAE;iBACnE;aACF,CAAC,IAAI,CACP,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,sBAAuB,GAAa,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;YAC9E,OAAO;QACT,CAAC;QAED,MAAM,CAAC,GAAG,UAAU,CAAC,GAAG,EAAE;YACxB,MAAM,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,+BAA+B,SAAS,IAAI,EAAE,CAAC,CAAC;QAC9E,CAAC,EAAE,SAAS,CAAC,CAAC;QACd,CAAC,CAAC,KAAK,EAAE,CAAC;IACZ,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/runtime/session-id.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Resolve the active grounding session id.
+ *
+ * Empty strings are treated as "not provided" — both for the explicit
+ * argument and for the env var, since `--session ''` from a forgetful
+ * shell expansion or `CLAUDE_SESSION_ID=` from a stale exec env should
+ * fall through to the next tier rather than be honoured as a literal
+ * empty session.
+ */
+export declare function resolveSessionId(explicit?: string): string;

package/dist/runtime/session-id.js

@@ -0,0 +1,37 @@
+// Phase 5 #2 — shared sessionId resolver.
+//
+// Three Phase 4 verbs (`audit`, `explain --trace`, `policy intercept`)
+// previously defaulted to the literal string `"default"` when no
+// session was given. Real Claude Code sessions are UUIDs that arrive
+// via the hook event's `session_id`. When the user later runs
+// `harness audit` or `harness explain --trace` without `--session`, the
+// read path looked at `"default"` and silently returned an empty
+// audit/trace even though the writes had landed correctly under the
+// real UUID.
+//
+// This helper lifts the precedence chain into one place:
+//   1. explicit value (from a `--session` flag or the runtime's
+//      `event.session_id`)
+//   2. `$CLAUDE_SESSION_ID` env (set by the Claude Code harness inside
+//      every session)
+//   3. literal `"default"` — preserves prior behaviour for ad-hoc
+//      invocations outside a Claude Code session.
+const FALLBACK = "default";
+/**
+ * Resolve the active grounding session id.
+ *
+ * Empty strings are treated as "not provided" — both for the explicit
+ * argument and for the env var, since `--session ''` from a forgetful
+ * shell expansion or `CLAUDE_SESSION_ID=` from a stale exec env should
+ * fall through to the next tier rather than be honoured as a literal
+ * empty session.
+ */
+export function resolveSessionId(explicit) {
+    if (typeof explicit === "string" && explicit.length > 0)
+        return explicit;
+    const env = process.env.CLAUDE_SESSION_ID;
+    if (typeof env === "string" && env.length > 0)
+        return env;
+    return FALLBACK;
+}
+//# sourceMappingURL=session-id.js.map

package/dist/runtime/session-id.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"session-id.js","sourceRoot":"","sources":["../../src/runtime/session-id.ts"],"names":[],"mappings":"AAAA,0CAA0C;AAC1C,EAAE;AACF,uEAAuE;AACvE,iEAAiE;AACjE,qEAAqE;AACrE,8DAA8D;AAC9D,wEAAwE;AACxE,iEAAiE;AACjE,oEAAoE;AACpE,aAAa;AACb,EAAE;AACF,yDAAyD;AACzD,gEAAgE;AAChE,2BAA2B;AAC3B,uEAAuE;AACvE,sBAAsB;AACtB,kEAAkE;AAClE,kDAAkD;AAElD,MAAM,QAAQ,GAAG,SAAS,CAAC;AAE3B;;;;;;;;GAQG;AACH,MAAM,UAAU,gBAAgB,CAAC,QAAiB;IAChD,IAAI,OAAO,QAAQ,KAAK,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,QAAQ,CAAC;IACzE,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;IAC1C,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,GAAG,CAAC;IAC1D,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/dist/schema/extract.d.ts

@@ -0,0 +1,5 @@
+import { z } from "zod";
+export declare const ExtractExpressionSchema: z.ZodEffects<z.ZodString, string, string>;
+export type ExtractExpression = z.infer<typeof ExtractExpressionSchema>;
+export declare const ExtractMapSchema: z.ZodEffects<z.ZodRecord<z.ZodString, z.ZodEffects<z.ZodString, string, string>>, Record<string, string>, Record<string, string>>;
+export type ExtractMap = z.infer<typeof ExtractMapSchema>;

package/dist/schema/extract.js

@@ -0,0 +1,23 @@
+import { z } from "zod";
+import { ExtractGrammarError, validateExtractGrammar, } from "../policies/extract.js";
+export const ExtractExpressionSchema = z.string().min(1).superRefine((v, ctx) => {
+    try {
+        validateExtractGrammar(v);
+    }
+    catch (err) {
+        if (err instanceof ExtractGrammarError) {
+            // Strip the leading `extract expression "<expr>": ` prefix so the
+            // message reads naturally next to the zod path. The path already
+            // points at the offending field.
+            const msg = err.message.replace(/^extract expression "[^"]*": /, "");
+            ctx.addIssue({ code: z.ZodIssueCode.custom, message: msg });
+            return;
+        }
+        throw err;
+    }
+});
+const VAR_NAME_RE = /^[A-Z][A-Z0-9_]*$/;
+export const ExtractMapSchema = z
+    .record(ExtractExpressionSchema)
+    .refine((m) => Object.keys(m).every((k) => VAR_NAME_RE.test(k)), { message: "extract variable names must be SCREAMING_SNAKE_CASE" });
+//# sourceMappingURL=extract.js.map

package/dist/schema/extract.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"extract.js","sourceRoot":"","sources":["../../src/schema/extract.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EACL,mBAAmB,EACnB,sBAAsB,GACvB,MAAM,wBAAwB,CAAC;AAEhC,MAAM,CAAC,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE;IAC9E,IAAI,CAAC;QACH,sBAAsB,CAAC,CAAC,CAAC,CAAC;IAC5B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,mBAAmB,EAAE,CAAC;YACvC,kEAAkE;YAClE,iEAAiE;YACjE,iCAAiC;YACjC,MAAM,GAAG,GAAG,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,+BAA+B,EAAE,EAAE,CAAC,CAAC;YACrE,GAAG,CAAC,QAAQ,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,YAAY,CAAC,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,CAAC,CAAC;YAC5D,OAAO;QACT,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC,CAAC,CAAC;AAIH,MAAM,WAAW,GAAG,mBAAmB,CAAC;AAExC,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC;KAC9B,MAAM,CAAC,uBAAuB,CAAC;KAC/B,MAAM,CACL,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EACvD,EAAE,OAAO,EAAE,qDAAqD,EAAE,CACnE,CAAC"}

package/dist/schema/grounding.d.ts

@@ -0,0 +1,65 @@
+import { z } from "zod";
+export declare const GroundingSessionSchema: z.ZodObject<{
+    auto_start: z.ZodDefault<z.ZodBoolean>;
+    id_format: z.ZodDefault<z.ZodString>;
+}, "strict", z.ZodTypeAny, {
+    auto_start: boolean;
+    id_format: string;
+}, {
+    auto_start?: boolean | undefined;
+    id_format?: string | undefined;
+}>;
+export declare const EvidenceLedgerSchema: z.ZodObject<{
+    path: z.ZodDefault<z.ZodString>;
+    retention_days: z.ZodDefault<z.ZodNumber>;
+}, "strict", z.ZodTypeAny, {
+    path: string;
+    retention_days: number;
+}, {
+    path?: string | undefined;
+    retention_days?: number | undefined;
+}>;
+export declare const GroundingSchema: z.ZodObject<{
+    session: z.ZodDefault<z.ZodObject<{
+        auto_start: z.ZodDefault<z.ZodBoolean>;
+        id_format: z.ZodDefault<z.ZodString>;
+    }, "strict", z.ZodTypeAny, {
+        auto_start: boolean;
+        id_format: string;
+    }, {
+        auto_start?: boolean | undefined;
+        id_format?: string | undefined;
+    }>>;
+    evidence_ledger: z.ZodDefault<z.ZodObject<{
+        path: z.ZodDefault<z.ZodString>;
+        retention_days: z.ZodDefault<z.ZodNumber>;
+    }, "strict", z.ZodTypeAny, {
+        path: string;
+        retention_days: number;
+    }, {
+        path?: string | undefined;
+        retention_days?: number | undefined;
+    }>>;
+    policies_source: z.ZodDefault<z.ZodNullable<z.ZodString>>;
+}, "strict", z.ZodTypeAny, {
+    session: {
+        auto_start: boolean;
+        id_format: string;
+    };
+    evidence_ledger: {
+        path: string;
+        retention_days: number;
+    };
+    policies_source: string | null;
+}, {
+    session?: {
+        auto_start?: boolean | undefined;
+        id_format?: string | undefined;
+    } | undefined;
+    evidence_ledger?: {
+        path?: string | undefined;
+        retention_days?: number | undefined;
+    } | undefined;
+    policies_source?: string | null | undefined;
+}>;
+export type Grounding = z.infer<typeof GroundingSchema>;

package/dist/schema/grounding.js

@@ -0,0 +1,21 @@
+import { z } from "zod";
+export const GroundingSessionSchema = z
+    .object({
+    auto_start: z.boolean().default(true),
+    id_format: z.string().min(1).default("gs-{repo}-{rand:8}"),
+})
+    .strict();
+export const EvidenceLedgerSchema = z
+    .object({
+    path: z.string().min(1).default("~/.evidence-ledger/ledger.db"),
+    retention_days: z.number().int().positive().default(90),
+})
+    .strict();
+export const GroundingSchema = z
+    .object({
+    session: GroundingSessionSchema.default({}),
+    evidence_ledger: EvidenceLedgerSchema.default({}),
+    policies_source: z.string().min(1).nullable().default(null),
+})
+    .strict();
+//# sourceMappingURL=grounding.js.map

package/dist/schema/grounding.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"grounding.js","sourceRoot":"","sources":["../../src/schema/grounding.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,CAAC,MAAM,sBAAsB,GAAG,CAAC;KACpC,MAAM,CAAC;IACN,UAAU,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IACrC,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,oBAAoB,CAAC;CAC3D,CAAC;KACD,MAAM,EAAE,CAAC;AAEZ,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC;KAClC,MAAM,CAAC;IACN,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,8BAA8B,CAAC;IAC/D,cAAc,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC;CACxD,CAAC;KACD,MAAM,EAAE,CAAC;AAEZ,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC;KAC7B,MAAM,CAAC;IACN,OAAO,EAAE,sBAAsB,CAAC,OAAO,CAAC,EAAE,CAAC;IAC3C,eAAe,EAAE,oBAAoB,CAAC,OAAO,CAAC,EAAE,CAAC;IACjD,eAAe,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;CAC5D,CAAC;KACD,MAAM,EAAE,CAAC"}

package/dist/schema/hooks.d.ts

@@ -0,0 +1,86 @@
+import { z } from "zod";
+export declare const HookEventSchema: z.ZodEnum<["SessionStart", "UserPromptSubmit", "PreToolUse", "PostToolUse", "Stop", "SubagentStop", "PreCompact"]>;
+export declare const HookBlockingSchema: z.ZodUnion<[z.ZodLiteral<false>, z.ZodLiteral<"soft">, z.ZodLiteral<"hard">]>;
+export declare const HookSchema: z.ZodObject<{
+    name: z.ZodString;
+    event: z.ZodEnum<["SessionStart", "UserPromptSubmit", "PreToolUse", "PostToolUse", "Stop", "SubagentStop", "PreCompact"]>;
+    command: z.ZodString;
+    match: z.ZodOptional<z.ZodString>;
+    path_match: z.ZodOptional<z.ZodString>;
+    bash_match: z.ZodOptional<z.ZodString>;
+    blocking: z.ZodUnion<[z.ZodLiteral<false>, z.ZodLiteral<"soft">, z.ZodLiteral<"hard">]>;
+    budget_ms: z.ZodDefault<z.ZodNumber>;
+    description: z.ZodOptional<z.ZodString>;
+}, "strict", z.ZodTypeAny, {
+    name: string;
+    event: "SessionStart" | "UserPromptSubmit" | "PreToolUse" | "PostToolUse" | "Stop" | "SubagentStop" | "PreCompact";
+    command: string;
+    blocking: false | "soft" | "hard";
+    budget_ms: number;
+    match?: string | undefined;
+    path_match?: string | undefined;
+    bash_match?: string | undefined;
+    description?: string | undefined;
+}, {
+    name: string;
+    event: "SessionStart" | "UserPromptSubmit" | "PreToolUse" | "PostToolUse" | "Stop" | "SubagentStop" | "PreCompact";
+    command: string;
+    blocking: false | "soft" | "hard";
+    match?: string | undefined;
+    path_match?: string | undefined;
+    bash_match?: string | undefined;
+    budget_ms?: number | undefined;
+    description?: string | undefined;
+}>;
+export declare const HooksSchema: z.ZodEffects<z.ZodArray<z.ZodObject<{
+    name: z.ZodString;
+    event: z.ZodEnum<["SessionStart", "UserPromptSubmit", "PreToolUse", "PostToolUse", "Stop", "SubagentStop", "PreCompact"]>;
+    command: z.ZodString;
+    match: z.ZodOptional<z.ZodString>;
+    path_match: z.ZodOptional<z.ZodString>;
+    bash_match: z.ZodOptional<z.ZodString>;
+    blocking: z.ZodUnion<[z.ZodLiteral<false>, z.ZodLiteral<"soft">, z.ZodLiteral<"hard">]>;
+    budget_ms: z.ZodDefault<z.ZodNumber>;
+    description: z.ZodOptional<z.ZodString>;
+}, "strict", z.ZodTypeAny, {
+    name: string;
+    event: "SessionStart" | "UserPromptSubmit" | "PreToolUse" | "PostToolUse" | "Stop" | "SubagentStop" | "PreCompact";
+    command: string;
+    blocking: false | "soft" | "hard";
+    budget_ms: number;
+    match?: string | undefined;
+    path_match?: string | undefined;
+    bash_match?: string | undefined;
+    description?: string | undefined;
+}, {
+    name: string;
+    event: "SessionStart" | "UserPromptSubmit" | "PreToolUse" | "PostToolUse" | "Stop" | "SubagentStop" | "PreCompact";
+    command: string;
+    blocking: false | "soft" | "hard";
+    match?: string | undefined;
+    path_match?: string | undefined;
+    bash_match?: string | undefined;
+    budget_ms?: number | undefined;
+    description?: string | undefined;
+}>, "many">, {
+    name: string;
+    event: "SessionStart" | "UserPromptSubmit" | "PreToolUse" | "PostToolUse" | "Stop" | "SubagentStop" | "PreCompact";
+    command: string;
+    blocking: false | "soft" | "hard";
+    budget_ms: number;
+    match?: string | undefined;
+    path_match?: string | undefined;
+    bash_match?: string | undefined;
+    description?: string | undefined;
+}[], {
+    name: string;
+    event: "SessionStart" | "UserPromptSubmit" | "PreToolUse" | "PostToolUse" | "Stop" | "SubagentStop" | "PreCompact";
+    command: string;
+    blocking: false | "soft" | "hard";
+    match?: string | undefined;
+    path_match?: string | undefined;
+    bash_match?: string | undefined;
+    budget_ms?: number | undefined;
+    description?: string | undefined;
+}[]>;
+export type Hook = z.infer<typeof HookSchema>;

package/dist/schema/hooks.js

@@ -0,0 +1,42 @@
+import { z } from "zod";
+export const HookEventSchema = z.enum([
+    "SessionStart",
+    "UserPromptSubmit",
+    "PreToolUse",
+    "PostToolUse",
+    "Stop",
+    "SubagentStop",
+    "PreCompact",
+]);
+export const HookBlockingSchema = z.union([
+    z.literal(false),
+    z.literal("soft"),
+    z.literal("hard"),
+]);
+export const HookSchema = z
+    .object({
+    name: z.string().min(1),
+    event: HookEventSchema,
+    command: z.string().min(1),
+    match: z.string().min(1).optional(),
+    path_match: z.string().min(1).optional(),
+    bash_match: z.string().min(1).optional(),
+    blocking: HookBlockingSchema,
+    budget_ms: z.number().int().positive().default(30000),
+    description: z.string().optional(),
+})
+    .strict();
+export const HooksSchema = z.array(HookSchema).superRefine((hooks, ctx) => {
+    const seen = new Set();
+    hooks.forEach((h, i) => {
+        if (seen.has(h.name)) {
+            ctx.addIssue({
+                code: z.ZodIssueCode.custom,
+                path: [i, "name"],
+                message: `duplicate hook name: ${h.name}`,
+            });
+        }
+        seen.add(h.name);
+    });
+});
+//# sourceMappingURL=hooks.js.map

package/dist/schema/hooks.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hooks.js","sourceRoot":"","sources":["../../src/schema/hooks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,CAAC,MAAM,eAAe,GAAG,CAAC,CAAC,IAAI,CAAC;IACpC,cAAc;IACd,kBAAkB;IAClB,YAAY;IACZ,aAAa;IACb,MAAM;IACN,cAAc;IACd,YAAY;CACb,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC;IACxC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC;IAChB,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC;IACjB,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC;CAClB,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC;KACxB,MAAM,CAAC;IACN,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IACvB,KAAK,EAAE,eAAe;IACtB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;IAC1B,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACnC,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACxC,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,EAAE;IACxC,QAAQ,EAAE,kBAAkB;IAC5B,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IACrD,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACnC,CAAC;KACD,MAAM,EAAE,CAAC;AAEZ,MAAM,CAAC,MAAM,WAAW,GAAG,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,WAAW,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;IACxE,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACrB,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;YACrB,GAAG,CAAC,QAAQ,CAAC;gBACX,IAAI,EAAE,CAAC,CAAC,YAAY,CAAC,MAAM;gBAC3B,IAAI,EAAE,CAAC,CAAC,EAAE,MAAM,CAAC;gBACjB,OAAO,EAAE,wBAAwB,CAAC,CAAC,IAAI,EAAE;aAC1C,CAAC,CAAC;QACL,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IACnB,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}