@nathapp/nax 0.67.9 → 0.67.10

package/dist/nax.js

@@ -17224,7 +17224,11 @@ var init_schemas_review = __esm(() => {
     timeoutMs: exports_external.number().int().positive().default(600000),
     excludePatterns: exports_external.array(exports_external.string()).optional(),
     parallel: exports_external.boolean().default(false),
-    maxConcurrentSessions: exports_external.number().int().min(1).max(4).default(2)
+    maxConcurrentSessions: exports_external.number().int().min(1).max(4).default(2),
+    substantiation: exports_external.object({
+      requote: exports_external.boolean().default(true),
+      maxRequotes: exports_external.number().int().min(0).default(5)
+    }).optional()
   });
   ReviewConfigSchema = exports_external.object({
     enabled: exports_external.boolean(),
@@ -17450,6 +17454,18 @@ var init_schemas3 = __esm(() => {
           ":!.nax/",
           ":!.nax-pids"
         ]
+      },
+      adversarial: {
+        model: "balanced",
+        diffMode: "ref",
+        rules: [],
+        timeoutMs: 600000,
+        parallel: false,
+        maxConcurrentSessions: 2,
+        substantiation: {
+          requote: true,
+          maxRequotes: 5
+        }
       }
     }),
     plan: PlanConfigSchema.default({
@@ -21922,7 +21938,8 @@ function makeParseRetryStrategy(opts) {
         if (ctx.site === "complete") {
           getSafeLogger()?.warn(opts.reviewerKind, "makeParseRetryStrategy: lastOutput is not populated on complete-kind ops \u2014 retry will never fire", { storyId: ctx.storyId });
         }
-        return { retry: false };
+        const fallback = opts.exhaustedFallback ? opts.exhaustedFallback("") : undefined;
+        return { retry: false, ...fallback !== undefined ? { fallback } : {} };
       }
       let parsed;
       try {
@@ -30626,6 +30643,26 @@ ${config2.rules.map((r) => `- ${r}`).join(`
       diffBlock
     ].join("");
   }
+  static requoteVerbatim(opts) {
+    const file3 = opts.finding.verifiedBy?.file ?? opts.finding.file;
+    const line = opts.finding.verifiedBy?.line ?? opts.finding.line;
+    return `Your previous verifiedBy.observed value did not match the referenced file on disk.
+
+You MUST use your file-reading tool to open ${file3} and copy the actual bytes around line ${line}. Do NOT quote from memory or from the prior conversation \u2014 the previous quote was wrong precisely because it was not read from disk. If you reply without a file-read tool call, the quote will be rejected.
+
+Return ONLY this JSON object:
+{"file":"${file3}","line":${line},"observed":"exact 1-3 line quote"}
+
+Finding issue: ${opts.finding.issue}
+Referenced file: ${file3}
+Referenced line: ${line}
+
+Rules:
+- Read ${file3} with your file tool first. Then copy observed verbatim from the read result.
+- observed must be a 1-3 line excerpt that proves the claim, taken from at or near line ${line}.
+- If after reading the file you cannot find anything that proves the claim, set observed to "".
+- Do not return a full review. Do not include markdown fences or explanation.`;
+  }
 }
 var ADVERSARIAL_ROLE = `You are an adversarial code reviewer with full access to the repository.
 
@@ -31249,8 +31286,335 @@ var init_adversarial_helpers = __esm(() => {
   init_severity();
 });
 
+// src/review/semantic-helpers.ts
+function validateLLMShape(parsed) {
+  if (typeof parsed !== "object" || parsed === null)
+    return null;
+  const obj = parsed;
+  if (typeof obj.passed !== "boolean")
+    return null;
+  if (!Array.isArray(obj.findings))
+    return null;
+  return { passed: obj.passed, findings: obj.findings };
+}
+function parseLLMResponse(raw) {
+  try {
+    return validateLLMShape(tryParseLLMJson(raw));
+  } catch {
+    return null;
+  }
+}
+function formatFindings2(findings) {
+  return findings.map((f) => `[${f.severity}] ${f.file}:${f.line} \u2014 ${f.issue}
+  Suggestion: ${f.suggestion}`).join(`
+`);
+}
+function normalizeSeverity2(sev) {
+  if (sev === "warn")
+    return "warning";
+  if (sev === "critical" || sev === "error" || sev === "warning" || sev === "info" || sev === "low" || sev === "unverifiable")
+    return sev;
+  return "info";
+}
+function sanitizeRefModeFindings(findings, diffMode, blockingThreshold = "error") {
+  if (diffMode !== "ref")
+    return findings;
+  return findings.map((finding) => needsDowngradeForMissingEvidence(finding, blockingThreshold) ? downgradeToUnverifiable(finding) : finding);
+}
+function needsDowngradeForMissingEvidence(finding, blockingThreshold) {
+  if (!isBlockingSeverity(finding.severity, blockingThreshold))
+    return false;
+  return mentionsUnverifiedSource(finding) || !hasVerifiedEvidence(finding);
+}
+function mentionsUnverifiedSource(finding) {
+  const text = `${finding.issue} ${finding.suggestion}`.toLowerCase();
+  return UNVERIFIED_FINDING_PATTERNS.some((pattern) => text.includes(pattern));
+}
+function hasVerifiedEvidence(finding) {
+  const evidence = finding.verifiedBy;
+  return !!evidence?.file?.trim() && !!evidence.observed?.trim();
+}
+function downgradeToUnverifiable(finding) {
+  return {
+    ...finding,
+    severity: "unverifiable"
+  };
+}
+function llmFindingToFinding(f) {
+  const metaExtras = {};
+  if (f.verifiedBy)
+    metaExtras.verifiedBy = f.verifiedBy;
+  if (f.acQuote)
+    metaExtras.acQuote = f.acQuote;
+  if (f.acIndex != null)
+    metaExtras.acIndex = f.acIndex;
+  return {
+    source: "semantic-review",
+    severity: normalizeSeverity2(f.severity),
+    category: "",
+    file: f.file,
+    line: f.line,
+    message: f.issue,
+    suggestion: f.suggestion ?? undefined,
+    fixTarget: "source",
+    meta: Object.keys(metaExtras).length > 0 ? metaExtras : undefined
+  };
+}
+function toReviewFindings(findings) {
+  return findings.map(llmFindingToFinding);
+}
+var UNVERIFIED_FINDING_PATTERNS;
+var init_semantic_helpers = __esm(() => {
+  init_severity();
+  UNVERIFIED_FINDING_PATTERNS = [
+    "cannot verify",
+    "can't verify",
+    "from diff alone",
+    "missing from diff",
+    "not found in diff",
+    "not present in diff",
+    "does not appear in diff"
+  ];
+});
+
+// src/review/semantic-evidence.ts
+import { isAbsolute as isAbsolute8 } from "path";
+async function substantiateSemanticEvidence(findings, diffMode, workdir, storyId, blockingThreshold = "error") {
+  if (diffMode !== "ref")
+    return findings;
+  return Promise.all(findings.map(async (finding) => {
+    if (!isBlockingSeverity(finding.severity, blockingThreshold))
+      return finding;
+    const evidence = await checkFindingEvidence({ finding, workdir });
+    if (evidence.status !== "unmatched")
+      return finding;
+    return downgradeUnsubstantiatedFinding({ finding, storyId, ...evidence });
+  }));
+}
+async function checkFindingEvidence(opts) {
+  const observed = opts.finding.verifiedBy?.observed?.trim();
+  const file3 = opts.finding.verifiedBy?.file?.trim() || opts.finding.file;
+  const line = opts.finding.verifiedBy?.line ?? opts.finding.line;
+  if (!observed)
+    return { status: "missing-observed", file: file3, line };
+  const contents = await readSafeFile(opts.workdir, file3);
+  if (contents === null)
+    return { status: "unreadable", file: file3, line, observed };
+  return matchesEvidence(contents, observed, line) ? { status: "matched", file: file3, line, observed } : { status: "unmatched", file: file3, line, observed };
+}
+function matchesEvidence(contents, observed, line) {
+  if (!line || line <= 0) {
+    return normalizedIncludes(contents, observed);
+  }
+  const lines = contents.split(`
+`);
+  const cited = Math.min(Math.max(0, line - 1), lines.length - 1);
+  const start = Math.max(0, cited - EVIDENCE_LINE_WINDOW);
+  const end = Math.min(lines.length, cited + EVIDENCE_LINE_WINDOW + 1);
+  const windowText = lines.slice(start, end).join(`
+`);
+  return normalizedIncludes(windowText, observed);
+}
+function downgradeUnsubstantiatedFinding(opts) {
+  _evidenceDeps.getLogger()?.warn("review", "Downgraded unsubstantiated review finding", {
+    storyId: opts.storyId,
+    event: opts.event ?? SEMANTIC_FINDING_DOWNGRADED_EVENT,
+    file: opts.file ?? opts.finding.verifiedBy?.file ?? opts.finding.file,
+    line: opts.line ?? opts.finding.verifiedBy?.line ?? opts.finding.line,
+    issue: opts.finding.issue?.slice(0, ISSUE_PREVIEW_CHARS),
+    observed: opts.observed?.slice(0, OBSERVED_PREVIEW_CHARS)
+  });
+  return { ...opts.finding, severity: "unverifiable" };
+}
+async function readSafeFile(workdir, file3) {
+  const validated = validateModulePath(file3, [workdir]);
+  if (validated.valid && validated.absolutePath) {
+    try {
+      return await Bun.file(validated.absolutePath).text();
+    } catch {
+      return null;
+    }
+  }
+  if (isAbsolute8(file3)) {
+    try {
+      return await Bun.file(file3).text();
+    } catch {
+      return null;
+    }
+  }
+  return null;
+}
+function normalizedIncludes(contents, observed) {
+  const normalizedObserved = normalizeEvidenceText(observed);
+  return normalizedObserved.length > 0 && normalizeEvidenceText(contents).includes(normalizedObserved);
+}
+function normalizeEvidenceText(text) {
+  return stripWrappingQuotes(text).replace(/\s+/g, " ").trim();
+}
+function stripWrappingQuotes(text) {
+  let trimmed = text.trim();
+  while (trimmed.length >= 2 && isMatchingWrapper(trimmed[0], trimmed[trimmed.length - 1])) {
+    trimmed = trimmed.slice(1, -1).trim();
+  }
+  return trimmed;
+}
+function isMatchingWrapper(first, last) {
+  return first === "`" && last === "`" || first === `"` && last === `"` || first === "'" && last === "'";
+}
+var OBSERVED_PREVIEW_CHARS = 160, ISSUE_PREVIEW_CHARS = 200, EVIDENCE_LINE_WINDOW = 10, SEMANTIC_FINDING_DOWNGRADED_EVENT = "review.semantic.finding.downgraded", ADVERSARIAL_FINDING_DOWNGRADED_EVENT = "review.adversarial.finding.downgraded", _evidenceDeps;
+var init_semantic_evidence = __esm(() => {
+  init_logger2();
+  init_path_security2();
+  init_semantic_helpers();
+  _evidenceDeps = {
+    getLogger: getSafeLogger
+  };
+});
+
+// src/review/finding-filters.ts
+async function substantiateAdversarialFindings(opts) {
+  const { findings, workdir, storyId, blockingThreshold } = opts;
+  return Promise.all(findings.map(async (finding) => {
+    if (!isBlockingSeverity(finding.severity, blockingThreshold))
+      return finding;
+    const evidence = await checkFindingEvidence({ finding, workdir });
+    if (evidence.status !== "unmatched" && evidence.status !== "missing-observed")
+      return finding;
+    return downgradeUnsubstantiatedFinding({
+      finding,
+      storyId,
+      event: ADVERSARIAL_FINDING_DOWNGRADED_EVENT,
+      file: evidence.file,
+      line: evidence.line,
+      observed: evidence.observed
+    });
+  }));
+}
+var init_finding_filters = __esm(() => {
+  init_adversarial_helpers();
+  init_semantic_evidence();
+  init_semantic_helpers();
+  init_semantic_evidence();
+  init_ac_quote_validator();
+});
+
+// src/review/requote-response.ts
+function parseRequoteResponse(output) {
+  const parsed = tryParseLLMJson(output);
+  if (!isRecord(parsed))
+    return null;
+  const canonical = extractCanonical(parsed);
+  if (canonical)
+    return canonical;
+  const findings = parsed.findings;
+  if (!Array.isArray(findings) || findings.length !== 1)
+    return null;
+  const finding = findings[0];
+  if (!isRecord(finding))
+    return null;
+  return extractCanonical(finding.verifiedBy) ?? extractCanonical(finding);
+}
+function extractCanonical(value) {
+  if (!isRecord(value))
+    return null;
+  if (typeof value.file !== "string" || typeof value.observed !== "string")
+    return null;
+  const file3 = value.file.trim();
+  if (!file3)
+    return null;
+  const line = coerceLine(value.line);
+  if (line === null)
+    return null;
+  return {
+    file: file3,
+    line: line === undefined ? undefined : line,
+    observed: value.observed
+  };
+}
+function coerceLine(value) {
+  if (value == null)
+    return;
+  if (typeof value === "number")
+    return value;
+  if (typeof value === "string" && /^\d+$/.test(value))
+    return Number.parseInt(value, 10);
+  return null;
+}
+function isRecord(value) {
+  return typeof value === "object" && value !== null && !Array.isArray(value);
+}
+var init_requote_response = () => {};
+
 // src/operations/adversarial-review.ts
-var FAIL_OPEN, adversarialParseRetry = (input) => makeParseRetryStrategy({
+async function requoteBlockingAdversarialFindings(findings, ctx) {
+  const threshold = ctx.input.blockingThreshold ?? "error";
+  const maxRequotes = ctx.input.adversarialConfig.substantiation?.maxRequotes ?? DEFAULT_MAX_REQUOTES;
+  const requoteEnabled = ctx.input.adversarialConfig.substantiation?.requote ?? true;
+  if (ctx.input.mode !== "ref" || !requoteEnabled || maxRequotes <= 0) {
+    return { findings, changed: false, extraCostUsd: 0 };
+  }
+  const next = [...findings];
+  let changed = false;
+  let extraCostUsd = 0;
+  let used = 0;
+  for (const [index, finding] of next.entries()) {
+    if (!isBlockingSeverity(finding.severity, threshold))
+      continue;
+    const initialEvidence = await checkFindingEvidence({ finding, workdir: ctx.input.workdir });
+    if (initialEvidence.status !== "unmatched")
+      continue;
+    if (used >= maxRequotes)
+      break;
+    used += 1;
+    const retry = await ctx.send(AdversarialReviewPromptBuilder.requoteVerbatim({ finding }));
+    extraCostUsd += retry.estimatedCostUsd ?? 0;
+    const requote = parseRequoteResponse(retry.output);
+    if (!requote) {
+      next[index] = downgradeUnsubstantiatedFinding({
+        finding,
+        storyId: ctx.input.story.id,
+        event: ADVERSARIAL_REQUOTE_FAILED_EVENT,
+        ...initialEvidence
+      });
+      changed = true;
+      continue;
+    }
+    const updatedFinding = {
+      ...finding,
+      verifiedBy: {
+        file: requote.file,
+        line: requote.line,
+        observed: requote.observed
+      }
+    };
+    const requotedEvidence = await checkFindingEvidence({
+      finding: updatedFinding,
+      workdir: ctx.input.workdir
+    });
+    if (requotedEvidence.status === "matched") {
+      getSafeLogger()?.info("review", "Recovered adversarial finding via same-session requote", {
+        storyId: ctx.input.story.id,
+        event: ADVERSARIAL_REQUOTE_RECOVERED_EVENT,
+        file: requotedEvidence.file,
+        line: requotedEvidence.line
+      });
+      next[index] = updatedFinding;
+      changed = true;
+      continue;
+    }
+    next[index] = downgradeUnsubstantiatedFinding({
+      finding: updatedFinding,
+      storyId: ctx.input.story.id,
+      event: ADVERSARIAL_REQUOTE_FAILED_EVENT,
+      file: requotedEvidence.file,
+      line: requotedEvidence.line,
+      observed: requotedEvidence.observed
+    });
+    changed = true;
+  }
+  return { findings: next, changed, extraCostUsd };
+}
+var FAIL_OPEN, ADVERSARIAL_REQUOTE_RECOVERED_EVENT = "review.adversarial.finding.requote_recovered", ADVERSARIAL_REQUOTE_FAILED_EVENT = "review.adversarial.finding.requote_failed", DEFAULT_MAX_REQUOTES = 5, adversarialParseRetry = (input) => makeParseRetryStrategy({
   validate: (parsed) => validateAdversarialShape(parsed) !== null,
   reviewerKind: "adversarial",
   maxAttempts: 2,
@@ -31258,15 +31622,24 @@ var FAIL_OPEN, adversarialParseRetry = (input) => makeParseRetryStrategy({
     invalid: () => ReviewPromptBuilder.jsonRetry(),
     truncated: () => ReviewPromptBuilder.jsonRetryCondensed({ blockingThreshold: input.blockingThreshold })
   },
-  exhaustedFallback: (lastOutput) => /"passed"\s*:\s*false/.test(lastOutput) ? { passed: false, findings: [], looksLikeFail: true } : FAIL_OPEN,
+  exhaustedFallback: (lastOutput) => /"passed"\s*:\s*false/.test(lastOutput) ? { passed: false, findings: [], normalizedFindings: [], acDropped: [], looksLikeFail: true } : FAIL_OPEN,
   logContext: { blockingThreshold: input.blockingThreshold ?? "error" }
 }), adversarialReviewOp;
 var init_adversarial_review = __esm(() => {
   init_retry();
   init_config();
+  init_logger2();
   init_prompts();
   init_adversarial_helpers();
-  FAIL_OPEN = { passed: true, findings: [], failOpen: true };
+  init_finding_filters();
+  init_requote_response();
+  FAIL_OPEN = {
+    passed: true,
+    findings: [],
+    normalizedFindings: [],
+    acDropped: [],
+    failOpen: true
+  };
   adversarialReviewOp = {
     kind: "run",
     name: "adversarial-review",
@@ -31276,6 +31649,21 @@ var init_adversarial_review = __esm(() => {
     model: (input) => input.adversarialConfig.model,
     timeoutMs: (input) => input.adversarialConfig.timeoutMs,
     retry: (input) => adversarialParseRetry(input),
+    async hopBody(initialPrompt, ctx) {
+      const turn = await ctx.sendWithParseRetry(initialPrompt);
+      const parsed = validateAdversarialShape(tryParseLLMJson(turn.output));
+      if (!parsed)
+        return turn;
+      const requoted = await requoteBlockingAdversarialFindings(parsed.findings, ctx);
+      if (!requoted.changed)
+        return turn;
+      const passed = !requoted.findings.some((finding) => isBlockingSeverity(finding.severity, ctx.input.blockingThreshold ?? "error"));
+      return {
+        ...turn,
+        output: JSON.stringify({ passed, findings: requoted.findings }),
+        estimatedCostUsd: (turn.estimatedCostUsd ?? 0) + requoted.extraCostUsd
+      };
+    },
     build(input, _ctx) {
       const base = new AdversarialReviewPromptBuilder().buildAdversarialReviewPrompt(input.story, input.adversarialConfig, {
         mode: input.mode,
@@ -31298,12 +31686,42 @@ var init_adversarial_review = __esm(() => {
     parse(output, _input, _ctx) {
       const raw = tryParseLLMJson(output);
       const parsed = validateAdversarialShape(raw);
-      if (parsed)
-        return { passed: parsed.passed, findings: parsed.findings };
+      if (parsed) {
+        return {
+          passed: parsed.passed,
+          findings: parsed.findings,
+          normalizedFindings: [],
+          acDropped: []
+        };
+      }
       if (/"passed"\s*:\s*false/.test(output) && !/"findings"\s*:\s*\[\s*\{/.test(output)) {
-        return { passed: false, findings: [], looksLikeFail: true };
+        return { passed: false, findings: [], normalizedFindings: [], acDropped: [], looksLikeFail: true };
       }
       throw new ParseValidationError("[adversarial-review] parse failed: invalid JSON shape");
+    },
+    async verify(parsed, input, _verifyCtx) {
+      if (parsed.failOpen || parsed.looksLikeFail)
+        return parsed;
+      if (parsed.findings.length === 0)
+        return parsed;
+      const threshold = input.blockingThreshold ?? "error";
+      const findings = parsed.findings;
+      const substantiated = await substantiateAdversarialFindings({
+        findings,
+        workdir: input.workdir,
+        storyId: input.story.id,
+        blockingThreshold: threshold
+      });
+      const { accepted, dropped } = filterByAcQuote(substantiated, input.story.acceptanceCriteria);
+      const blocking = accepted.filter((f) => isBlockingSeverity(f.severity, threshold));
+      const passed = parsed.passed && blocking.length === 0;
+      return {
+        ...parsed,
+        passed,
+        findings: accepted,
+        normalizedFindings: toAdversarialReviewFindings(blocking),
+        acDropped: dropped
+      };
     }
   };
 });
@@ -31738,191 +32156,6 @@ var init_review_audit = __esm(() => {
   };
 });
 
-// src/review/semantic-helpers.ts
-function validateLLMShape(parsed) {
-  if (typeof parsed !== "object" || parsed === null)
-    return null;
-  const obj = parsed;
-  if (typeof obj.passed !== "boolean")
-    return null;
-  if (!Array.isArray(obj.findings))
-    return null;
-  return { passed: obj.passed, findings: obj.findings };
-}
-function parseLLMResponse(raw) {
-  try {
-    return validateLLMShape(tryParseLLMJson(raw));
-  } catch {
-    return null;
-  }
-}
-function formatFindings2(findings) {
-  return findings.map((f) => `[${f.severity}] ${f.file}:${f.line} \u2014 ${f.issue}
-  Suggestion: ${f.suggestion}`).join(`
-`);
-}
-function normalizeSeverity2(sev) {
-  if (sev === "warn")
-    return "warning";
-  if (sev === "critical" || sev === "error" || sev === "warning" || sev === "info" || sev === "low" || sev === "unverifiable")
-    return sev;
-  return "info";
-}
-function sanitizeRefModeFindings(findings, diffMode, blockingThreshold = "error") {
-  if (diffMode !== "ref")
-    return findings;
-  return findings.map((finding) => needsDowngradeForMissingEvidence(finding, blockingThreshold) ? downgradeToUnverifiable(finding) : finding);
-}
-function needsDowngradeForMissingEvidence(finding, blockingThreshold) {
-  if (!isBlockingSeverity(finding.severity, blockingThreshold))
-    return false;
-  return mentionsUnverifiedSource(finding) || !hasVerifiedEvidence(finding);
-}
-function mentionsUnverifiedSource(finding) {
-  const text = `${finding.issue} ${finding.suggestion}`.toLowerCase();
-  return UNVERIFIED_FINDING_PATTERNS.some((pattern) => text.includes(pattern));
-}
-function hasVerifiedEvidence(finding) {
-  const evidence = finding.verifiedBy;
-  return !!evidence?.file?.trim() && !!evidence.observed?.trim();
-}
-function downgradeToUnverifiable(finding) {
-  return {
-    ...finding,
-    severity: "unverifiable"
-  };
-}
-function llmFindingToFinding(f) {
-  const metaExtras = {};
-  if (f.verifiedBy)
-    metaExtras.verifiedBy = f.verifiedBy;
-  if (f.acQuote)
-    metaExtras.acQuote = f.acQuote;
-  if (f.acIndex != null)
-    metaExtras.acIndex = f.acIndex;
-  return {
-    source: "semantic-review",
-    severity: normalizeSeverity2(f.severity),
-    category: "",
-    file: f.file,
-    line: f.line,
-    message: f.issue,
-    suggestion: f.suggestion ?? undefined,
-    fixTarget: "source",
-    meta: Object.keys(metaExtras).length > 0 ? metaExtras : undefined
-  };
-}
-function toReviewFindings(findings) {
-  return findings.map(llmFindingToFinding);
-}
-var UNVERIFIED_FINDING_PATTERNS;
-var init_semantic_helpers = __esm(() => {
-  init_severity();
-  UNVERIFIED_FINDING_PATTERNS = [
-    "cannot verify",
-    "can't verify",
-    "from diff alone",
-    "missing from diff",
-    "not found in diff",
-    "not present in diff",
-    "does not appear in diff"
-  ];
-});
-
-// src/review/semantic-evidence.ts
-import { isAbsolute as isAbsolute8 } from "path";
-async function substantiateSemanticEvidence(findings, diffMode, workdir, storyId, blockingThreshold = "error") {
-  if (diffMode !== "ref")
-    return findings;
-  return Promise.all(findings.map(async (finding) => {
-    if (!isBlockingSeverity(finding.severity, blockingThreshold))
-      return finding;
-    const evidence = await checkFindingEvidence({ finding, workdir });
-    if (evidence.status !== "unmatched")
-      return finding;
-    return downgradeUnsubstantiatedFinding({ finding, storyId, ...evidence });
-  }));
-}
-async function checkFindingEvidence(opts) {
-  const observed = opts.finding.verifiedBy?.observed?.trim();
-  const file3 = opts.finding.verifiedBy?.file?.trim() || opts.finding.file;
-  const line = opts.finding.verifiedBy?.line ?? opts.finding.line;
-  if (!observed)
-    return { status: "missing-observed", file: file3, line };
-  const contents = await readSafeFile(opts.workdir, file3);
-  if (contents === null)
-    return { status: "unreadable", file: file3, line, observed };
-  return matchesEvidence(contents, observed, line) ? { status: "matched", file: file3, line, observed } : { status: "unmatched", file: file3, line, observed };
-}
-function matchesEvidence(contents, observed, line) {
-  if (!line || line <= 0) {
-    return normalizedIncludes(contents, observed);
-  }
-  const lines = contents.split(`
-`);
-  const cited = Math.min(Math.max(0, line - 1), lines.length - 1);
-  const start = Math.max(0, cited - EVIDENCE_LINE_WINDOW);
-  const end = Math.min(lines.length, cited + EVIDENCE_LINE_WINDOW + 1);
-  const windowText = lines.slice(start, end).join(`
-`);
-  return normalizedIncludes(windowText, observed);
-}
-function downgradeUnsubstantiatedFinding(opts) {
-  _evidenceDeps.getLogger()?.warn("review", "Downgraded unsubstantiated review finding", {
-    storyId: opts.storyId,
-    event: opts.event ?? SEMANTIC_FINDING_DOWNGRADED_EVENT,
-    file: opts.file ?? opts.finding.verifiedBy?.file ?? opts.finding.file,
-    line: opts.line ?? opts.finding.verifiedBy?.line ?? opts.finding.line,
-    issue: opts.finding.issue?.slice(0, ISSUE_PREVIEW_CHARS),
-    observed: opts.observed?.slice(0, OBSERVED_PREVIEW_CHARS)
-  });
-  return { ...opts.finding, severity: "unverifiable" };
-}
-async function readSafeFile(workdir, file3) {
-  const validated = validateModulePath(file3, [workdir]);
-  if (validated.valid && validated.absolutePath) {
-    try {
-      return await Bun.file(validated.absolutePath).text();
-    } catch {
-      return null;
-    }
-  }
-  if (isAbsolute8(file3)) {
-    try {
-      return await Bun.file(file3).text();
-    } catch {
-      return null;
-    }
-  }
-  return null;
-}
-function normalizedIncludes(contents, observed) {
-  const normalizedObserved = normalizeEvidenceText(observed);
-  return normalizedObserved.length > 0 && normalizeEvidenceText(contents).includes(normalizedObserved);
-}
-function normalizeEvidenceText(text) {
-  return stripWrappingQuotes(text).replace(/\s+/g, " ").trim();
-}
-function stripWrappingQuotes(text) {
-  let trimmed = text.trim();
-  while (trimmed.length >= 2 && isMatchingWrapper(trimmed[0], trimmed[trimmed.length - 1])) {
-    trimmed = trimmed.slice(1, -1).trim();
-  }
-  return trimmed;
-}
-function isMatchingWrapper(first, last) {
-  return first === "`" && last === "`" || first === `"` && last === `"` || first === "'" && last === "'";
-}
-var OBSERVED_PREVIEW_CHARS = 160, ISSUE_PREVIEW_CHARS = 200, EVIDENCE_LINE_WINDOW = 10, SEMANTIC_FINDING_DOWNGRADED_EVENT = "review.semantic.finding.downgraded", ADVERSARIAL_FINDING_DOWNGRADED_EVENT = "review.adversarial.finding.downgraded", _evidenceDeps;
-var init_semantic_evidence = __esm(() => {
-  init_logger2();
-  init_path_security2();
-  init_semantic_helpers();
-  _evidenceDeps = {
-    getLogger: getSafeLogger
-  };
-});
-
 // src/review/adversarial.ts
 import { relative as relative7, sep } from "path";
 function recordAdversarialAudit(opts) {
@@ -31955,7 +32188,6 @@ async function runAdversarialReview(opts) {
     agentManager,
     config: naxConfig,
     featureName,
-    priorFailures,
     blockingThreshold,
     featureContextMarkdown,
     contextBundle,
@@ -32076,13 +32308,13 @@ async function runAdversarialReview(opts) {
   let opResult;
   try {
     opResult = await _adversarialDeps.callOp(callCtx, adversarialReviewOp, {
+      workdir,
       story,
       adversarialConfig,
       mode: diffMode,
       diff,
       storyGitRef: effectiveRef,
       stat,
-      priorFailures,
       testInventory,
       excludePatterns: adversarialConfig.excludePatterns,
       testGlobs: resolvedTestPatterns.globs,
@@ -32167,27 +32399,11 @@ async function runAdversarialReview(opts) {
       durationMs: Date.now() - startTime
     };
   }
-  const rawParsedRaw = {
-    passed: opResult.passed,
-    findings: opResult.findings
-  };
-  const blockingThresholdEffective = blockingThreshold ?? "error";
-  const substantiatedFindings = await Promise.all(rawParsedRaw.findings.map(async (finding) => {
-    if (!isBlockingSeverity(finding.severity, blockingThresholdEffective))
-      return finding;
-    const evidence = await checkFindingEvidence({ finding, workdir });
-    if (evidence.status !== "unmatched" && evidence.status !== "missing-observed")
-      return finding;
-    return downgradeUnsubstantiatedFinding({
-      finding,
-      storyId: story.id,
-      event: ADVERSARIAL_FINDING_DOWNGRADED_EVENT,
-      file: evidence.file,
-      line: evidence.line,
-      observed: evidence.observed
-    });
-  }));
-  const rawParsed = { ...rawParsedRaw, findings: substantiatedFindings };
+  const threshold = blockingThreshold ?? "error";
+  const allFindings = opResult.findings;
+  const blockingFindings = allFindings.filter((f) => isBlockingSeverity(f.severity, threshold));
+  const advisoryFindings = allFindings.filter((f) => !isBlockingSeverity(f.severity, threshold));
+  const acDropped = opResult.acDropped ?? [];
   let diffFiles;
   let diffAvailable;
   if (diff && diff.length > 0) {
@@ -32203,13 +32419,6 @@ async function runAdversarialReview(opts) {
       diffAvailable = true;
     }
   }
-  const { accepted: acGroundedFindings, dropped: acDropped } = filterByAcQuote(rawParsed.findings, story.acceptanceCriteria);
-  if (acDropped.length > 0) {
-    logger?.warn("review", "Adversarial findings dropped: acQuote validation failed", {
-      storyId: story.id,
-      dropped: acDropped.map((d) => ({ file: d.finding.file, issue: d.finding.issue, code: d.code }))
-    });
-  }
   const adversarialDropAnalysis = acDropped.map((d) => ({
     finding: {
       file: d.finding.file ?? "<unknown>",
@@ -32223,10 +32432,6 @@ async function runAdversarialReview(opts) {
     rawCategory: d.finding.category ?? "",
     counterfactual: analyzeStructuralCounterfactual({ acIndex: d.finding.acIndex, category: d.finding.category, file: d.finding.file }, story.acceptanceCriteria, diffFiles)
   }));
-  const parsed = { ...rawParsed, findings: acGroundedFindings };
-  const threshold = blockingThresholdEffective;
-  const blockingFindings = parsed.findings.filter((f) => isBlockingSeverity(f.severity, threshold));
-  const advisoryFindings = parsed.findings.filter((f) => !isBlockingSeverity(f.severity, threshold));
   const adversarialAcceptAnalysis = blockingFindings.map((f) => ({
     finding: {
       file: f.file,
@@ -32249,11 +32454,11 @@ async function runAdversarialReview(opts) {
       }))
     });
   }
+  const durationMs = Date.now() - startTime;
   if (blockingFindings.length > 0) {
-    const durationMs2 = Date.now() - startTime;
     logger?.warn("review", `Adversarial review failed: ${blockingFindings.length} blocking findings`, {
       storyId: story.id,
-      durationMs: durationMs2,
+      durationMs,
       findings: blockingFindings.map((f) => ({
         severity: f.severity,
         category: f.category,
@@ -32274,72 +32479,37 @@ async function runAdversarialReview(opts) {
       blockingThreshold: threshold,
       result: {
         passed: false,
-        findings: llmFindingsToReviewFindings(parsed.findings, { source: "adversarial-review" })
+        findings: llmFindingsToReviewFindings(allFindings, { source: "adversarial-review" })
       },
       advisoryFindings: advisoryFindings.length > 0 ? llmFindingsToReviewFindings(advisoryFindings, { source: "adversarial-review" }) : undefined,
       diffAvailable,
       adversarialDropAnalysis,
       adversarialAcceptAnalysis
     });
+    const output = blockingFindings.length > 0 ? `Adversarial review failed:
+
+${formatFindings(blockingFindings)}` : "Adversarial review failed (no findings)";
     return {
       check: "adversarial",
       success: false,
       command: "",
       exitCode: 1,
-      output: `Adversarial review failed:
-
-${formatFindings(blockingFindings)}`,
-      durationMs: durationMs2,
-      findings: toAdversarialReviewFindings(blockingFindings),
+      output,
+      durationMs,
+      findings: blockingFindings.length > 0 ? toAdversarialReviewFindings(blockingFindings) : undefined,
       advisoryFindings: advisoryFindings.length > 0 ? toAdversarialReviewFindings(advisoryFindings) : undefined,
       cost: llmCost
     };
   }
-  if (!parsed.passed && blockingFindings.length === 0) {
-    if (acDropped.length > 0) {
-      const durationMs3 = Date.now() - startTime;
-      logger?.warn("review", "Adversarial review fail-closed: blocking findings dropped as ungrounded", {
-        storyId: story.id,
-        durationMs: durationMs3,
-        droppedCount: acDropped.length,
-        dropCodes: acDropped.map((d) => d.code)
-      });
-      const dropSummary = acDropped.map((d, i) => `${i + 1}. [${d.code}] ${d.finding.file ?? "<unknown>"}: ${d.finding.issue}`).join(`
-`);
-      recordAdversarialAudit({
-        runtime,
-        workdir,
-        projectDir,
-        storyId: story.id,
-        featureName,
-        parsed: true,
-        failOpen: false,
-        passed: false,
-        blockingThreshold: threshold,
-        result: { passed: false, findings: [] },
-        advisoryFindings: advisoryFindings.length > 0 ? llmFindingsToReviewFindings(advisoryFindings, { source: "adversarial-review" }) : undefined,
-        diffAvailable,
-        adversarialDropAnalysis,
-        adversarialAcceptAnalysis: []
-      });
-      return {
-        check: "adversarial",
-        success: false,
-        command: "",
-        exitCode: 1,
-        output: `Adversarial review failed: ${acDropped.length} blocking finding(s) dropped as ungrounded \u2014 the model emitted "passed: false" with concerns it could not ground in any acceptance criterion. Either re-classify these as "info" upstream or extend the ACs. Drops:
-
-${dropSummary}`,
-        durationMs: durationMs3,
-        advisoryFindings: advisoryFindings.length > 0 ? toAdversarialReviewFindings(advisoryFindings) : undefined,
-        cost: llmCost
-      };
-    }
-    const durationMs2 = Date.now() - startTime;
-    logger?.info("review", "Adversarial review passed (all findings below blocking threshold)", {
+  if (!opResult.passed && acDropped.length > 0) {
+    logger?.warn("review", "Adversarial review fail-closed: blocking findings dropped as ungrounded", {
       storyId: story.id,
-      durationMs: durationMs2
+      durationMs,
+      droppedCount: acDropped.length,
+      dropCodes: acDropped.map((d) => d.code)
     });
+    const dropSummary = acDropped.map((d, i) => `${i + 1}. [${d.code}] ${d.finding.file ?? "<unknown>"}: ${d.finding.issue}`).join(`
+`);
     recordAdversarialAudit({
       runtime,
       workdir,
@@ -32348,12 +32518,9 @@ ${dropSummary}`,
       featureName,
       parsed: true,
       failOpen: false,
-      passed: true,
+      passed: false,
       blockingThreshold: threshold,
-      result: {
-        passed: true,
-        findings: llmFindingsToReviewFindings(parsed.findings, { source: "adversarial-review" })
-      },
+      result: { passed: false, findings: [] },
       advisoryFindings: advisoryFindings.length > 0 ? llmFindingsToReviewFindings(advisoryFindings, { source: "adversarial-review" }) : undefined,
       diffAvailable,
       adversarialDropAnalysis,
@@ -32361,19 +32528,18 @@ ${dropSummary}`,
     });
     return {
       check: "adversarial",
-      success: true,
+      success: false,
       command: "",
-      exitCode: 0,
-      output: "Adversarial review passed (all findings were advisory \u2014 below blocking threshold)",
-      durationMs: durationMs2,
+      exitCode: 1,
+      output: `Adversarial review failed: ${acDropped.length} blocking finding(s) dropped as ungrounded \u2014 the model emitted "passed: false" with concerns it could not ground in any acceptance criterion. Drops:
+
+${dropSummary}`,
+      durationMs,
       advisoryFindings: advisoryFindings.length > 0 ? toAdversarialReviewFindings(advisoryFindings) : undefined,
       cost: llmCost
     };
   }
-  const durationMs = Date.now() - startTime;
-  if (parsed.passed) {
-    logger?.info("review", "Adversarial review passed", { storyId: story.id, durationMs });
-  }
+  logger?.info("review", "Adversarial review passed", { storyId: story.id, durationMs });
   recordAdversarialAudit({
     runtime,
     workdir,
@@ -32382,23 +32548,23 @@ ${dropSummary}`,
     featureName,
     parsed: true,
     failOpen: false,
-    passed: parsed.passed,
+    passed: true,
     blockingThreshold: threshold,
     result: {
-      passed: parsed.passed,
-      findings: llmFindingsToReviewFindings(parsed.findings, { source: "adversarial-review" })
+      passed: true,
+      findings: llmFindingsToReviewFindings(allFindings, { source: "adversarial-review" })
     },
     advisoryFindings: advisoryFindings.length > 0 ? llmFindingsToReviewFindings(advisoryFindings, { source: "adversarial-review" }) : undefined,
     diffAvailable,
     adversarialDropAnalysis,
-    adversarialAcceptAnalysis
+    adversarialAcceptAnalysis: []
   });
   return {
     check: "adversarial",
-    success: parsed.passed,
+    success: true,
     command: "",
-    exitCode: parsed.passed ? 0 : 1,
-    output: parsed.passed ? "Adversarial review passed" : "Adversarial review failed (no findings)",
+    exitCode: 0,
+    output: allFindings.length === 0 ? "Adversarial review passed" : "Adversarial review passed (all findings were advisory \u2014 below blocking threshold)",
     durationMs,
     advisoryFindings: advisoryFindings.length > 0 ? toAdversarialReviewFindings(advisoryFindings) : undefined,
     cost: llmCost
@@ -32413,13 +32579,11 @@ var init_adversarial = __esm(() => {
   init_adversarial_review();
   init_call();
   init_test_runners();
-  init_ac_quote_validator();
   init_ac_structural_counterfactual();
   init_adversarial_helpers();
   init_diff_utils();
   init_finding_projection();
   init_review_audit();
-  init_semantic_evidence();
   _adversarialDeps = {
     writeReviewAudit,
     callOp
@@ -35003,57 +35167,10 @@ var init_acceptance_fix = __esm(() => {
   };
 });
 
-// src/review/requote-response.ts
-function parseRequoteResponse(output) {
-  const parsed = tryParseLLMJson(output);
-  if (!isRecord(parsed))
-    return null;
-  const canonical = extractCanonical(parsed);
-  if (canonical)
-    return canonical;
-  const findings = parsed.findings;
-  if (!Array.isArray(findings) || findings.length !== 1)
-    return null;
-  const finding = findings[0];
-  if (!isRecord(finding))
-    return null;
-  return extractCanonical(finding.verifiedBy) ?? extractCanonical(finding);
-}
-function extractCanonical(value) {
-  if (!isRecord(value))
-    return null;
-  if (typeof value.file !== "string" || typeof value.observed !== "string")
-    return null;
-  const file3 = value.file.trim();
-  if (!file3)
-    return null;
-  const line = coerceLine(value.line);
-  if (line === null)
-    return null;
-  return {
-    file: file3,
-    line: line === undefined ? undefined : line,
-    observed: value.observed
-  };
-}
-function coerceLine(value) {
-  if (value == null)
-    return;
-  if (typeof value === "number")
-    return value;
-  if (typeof value === "string" && /^\d+$/.test(value))
-    return Number.parseInt(value, 10);
-  return null;
-}
-function isRecord(value) {
-  return typeof value === "object" && value !== null && !Array.isArray(value);
-}
-var init_requote_response = () => {};
-
 // src/operations/semantic-review.ts
 async function requoteBlockingFindings(findings, ctx) {
   const threshold = ctx.input.blockingThreshold ?? "error";
-  const maxRequotes = ctx.input.semanticConfig.substantiation?.maxRequotes ?? DEFAULT_MAX_REQUOTES;
+  const maxRequotes = ctx.input.semanticConfig.substantiation?.maxRequotes ?? DEFAULT_MAX_REQUOTES2;
   const requoteEnabled = ctx.input.semanticConfig.substantiation?.requote ?? true;
   if (ctx.input.mode !== "ref" || !requoteEnabled || maxRequotes <= 0) {
     return { findings, changed: false, extraCostUsd: 0 };
@@ -35120,7 +35237,7 @@ async function requoteBlockingFindings(findings, ctx) {
   }
   return { findings: next, changed, extraCostUsd };
 }
-var FAIL_OPEN2, SEMANTIC_REQUOTE_RECOVERED_EVENT = "review.semantic.finding.requote_recovered", SEMANTIC_REQUOTE_FAILED_EVENT = "review.semantic.finding.requote_failed", DEFAULT_MAX_REQUOTES = 5, semanticReviewHopBody = async (initialPrompt, ctx) => {
+var FAIL_OPEN2, SEMANTIC_REQUOTE_RECOVERED_EVENT = "review.semantic.finding.requote_recovered", SEMANTIC_REQUOTE_FAILED_EVENT = "review.semantic.finding.requote_failed", DEFAULT_MAX_REQUOTES2 = 5, semanticReviewHopBody = async (initialPrompt, ctx) => {
   const turn = await ctx.sendWithParseRetry(initialPrompt);
   const parsed = validateLLMShape(tryParseLLMJson(turn.output));
   if (!parsed)
@@ -35140,10 +35257,9 @@ var init_semantic_review = __esm(() => {
   init_config();
   init_logger2();
   init_prompts();
+  init_finding_filters();
   init_requote_response();
-  init_semantic_evidence();
-  init_semantic_helpers();
-  FAIL_OPEN2 = { passed: true, findings: [], failOpen: true };
+  FAIL_OPEN2 = { passed: true, findings: [], normalizedFindings: [], failOpen: true };
   semanticReviewOp = {
     kind: "run",
     name: "semantic-review",
@@ -35160,6 +35276,7 @@ var init_semantic_review = __esm(() => {
         invalid: () => ReviewPromptBuilder.jsonRetry(),
         truncated: () => ReviewPromptBuilder.jsonRetryCondensed({ blockingThreshold: input.blockingThreshold })
       },
+      exhaustedFallback: (lastOutput) => /"passed"\s*:\s*false/.test(lastOutput) ? { passed: false, findings: [], normalizedFindings: [], looksLikeFail: true } : FAIL_OPEN2,
       logContext: { blockingThreshold: input.blockingThreshold ?? "error" }
     }),
     hopBody: semanticReviewHopBody,
@@ -35181,11 +35298,36 @@ var init_semantic_review = __esm(() => {
     parse(output, _input, _ctx) {
       const raw = tryParseLLMJson(output);
       const parsed = validateLLMShape(raw);
-      if (parsed)
-        return { passed: parsed.passed, findings: parsed.findings };
-      if (/"passed"\s*:\s*false/.test(output))
-        return { passed: false, findings: [], looksLikeFail: true };
+      if (parsed) {
+        return {
+          passed: parsed.passed,
+          findings: parsed.findings,
+          normalizedFindings: []
+        };
+      }
+      if (/"passed"\s*:\s*false/.test(output)) {
+        return { passed: false, findings: [], normalizedFindings: [], looksLikeFail: true };
+      }
       return FAIL_OPEN2;
+    },
+    async verify(parsed, input, _verifyCtx) {
+      if (parsed.failOpen || parsed.looksLikeFail)
+        return parsed;
+      if (parsed.findings.length === 0)
+        return parsed;
+      const threshold = input.blockingThreshold ?? "error";
+      const findings = parsed.findings;
+      const sanitized = sanitizeRefModeFindings(findings, input.mode, threshold);
+      const substantiated = await substantiateSemanticEvidence(sanitized, input.mode, input.workdir, input.story.id, threshold);
+      const { accepted } = filterByAcGroundingMinimal(substantiated, input.story.acceptanceCriteria);
+      const blocking = accepted.filter((f) => isBlockingSeverity(f.severity, threshold));
+      const passed = parsed.passed && blocking.length === 0;
+      return {
+        ...parsed,
+        passed,
+        findings: accepted,
+        normalizedFindings: toReviewFindings(blocking)
+      };
     }
   };
 });
@@ -39360,30 +39502,21 @@ async function runSemanticReview(opts) {
       durationMs: Date.now() - startTime
     };
   }
-  const parsed = { passed: opResult.passed, findings: opResult.findings };
-  const sanitizedFindings = await substantiateSemanticEvidence(sanitizeRefModeFindings(parsed.findings, diffMode, blockingThreshold ?? "error"), diffMode, workdir, story.id, blockingThreshold ?? "error");
-  const { accepted: acGroundedFindings, dropped: acDropped } = filterByAcGroundingMinimal(sanitizedFindings, story.acceptanceCriteria);
-  if (acDropped.length > 0) {
-    logger?.warn("review", "Semantic findings dropped: acIndex missing or out of range", {
-      storyId: story.id,
-      dropped: acDropped.map((d) => ({ file: d.finding.file, issue: d.finding.issue, code: d.code }))
-    });
-  }
-  const sanitizedParsed = { ...parsed, findings: acGroundedFindings };
   const threshold = blockingThreshold ?? "error";
-  const blockingFindings = sanitizedParsed.findings.filter((f) => isBlockingSeverity(f.severity, threshold));
-  const advisoryFindings = sanitizedParsed.findings.filter((f) => !isBlockingSeverity(f.severity, threshold));
+  const allFindings = opResult.findings;
+  const blockingFindings = allFindings.filter((f) => isBlockingSeverity(f.severity, threshold));
+  const advisoryFindings = allFindings.filter((f) => !isBlockingSeverity(f.severity, threshold));
   if (advisoryFindings.length > 0) {
     logger?.debug("review", `Semantic review: ${advisoryFindings.length} advisory findings (below threshold '${threshold}')`, {
       storyId: story.id,
       findings: advisoryFindings.map((f) => ({ severity: f.severity, file: f.file, issue: f.issue }))
     });
   }
-  if (!sanitizedParsed.passed && blockingFindings.length > 0) {
-    const durationMs2 = Date.now() - startTime;
+  const durationMs = Date.now() - startTime;
+  if (blockingFindings.length > 0) {
     logger?.warn("review", `Semantic review failed: ${blockingFindings.length} blocking findings`, {
       storyId: story.id,
-      durationMs: durationMs2
+      durationMs
     });
     logger?.debug("review", "Semantic review findings", {
       storyId: story.id,
@@ -39410,7 +39543,7 @@ ${formatFindings2(blockingFindings)}`;
       blockingThreshold: threshold,
       result: {
         passed: false,
-        findings: llmFindingsToReviewFindings(sanitizedParsed.findings, { source: "semantic-review" })
+        findings: llmFindingsToReviewFindings(allFindings, { source: "semantic-review" })
       },
       advisoryFindings: advisoryFindings.length > 0 ? llmFindingsToReviewFindings(advisoryFindings, { source: "semantic-review" }) : undefined
     });
@@ -39420,53 +39553,16 @@ ${formatFindings2(blockingFindings)}`;
       command: "",
       exitCode: 1,
       output,
-      durationMs: durationMs2,
+      durationMs,
       findings: toReviewFindings(blockingFindings),
       advisoryFindings: advisoryFindings.length > 0 ? toReviewFindings(advisoryFindings) : undefined,
       cost: llmCost
     };
   }
-  if (!sanitizedParsed.passed && blockingFindings.length === 0) {
-    if (acDropped.length > 0) {
-      const durationMs3 = Date.now() - startTime;
-      logger?.warn("review", "Semantic review fail-closed: blocking findings dropped (acIndex invalid)", {
-        storyId: story.id,
-        durationMs: durationMs3,
-        droppedCount: acDropped.length,
-        dropCodes: acDropped.map((d) => d.code)
-      });
-      const dropSummary = acDropped.map((d, i) => `${i + 1}. [${d.code}] ${d.finding.file ?? "<unknown>"}: ${d.finding.issue}`).join(`
-`);
-      recordSemanticAudit({
-        runtime,
-        workdir,
-        projectDir,
-        storyId: story.id,
-        featureName,
-        parsed: true,
-        failOpen: false,
-        passed: false,
-        blockingThreshold: threshold,
-        result: { passed: false, findings: [] },
-        advisoryFindings: advisoryFindings.length > 0 ? llmFindingsToReviewFindings(advisoryFindings, { source: "semantic-review" }) : undefined
-      });
-      return {
-        check: "semantic",
-        success: false,
-        command: "",
-        exitCode: 1,
-        output: `Semantic review failed: ${acDropped.length} blocking finding(s) dropped \u2014 acIndex was missing or out of range. The model emitted "passed: false" without valid AC attribution. Either re-classify these as "info" or ensure each error finding includes a valid acIndex. Drops:
-
-${dropSummary}`,
-        durationMs: durationMs3,
-        advisoryFindings: advisoryFindings.length > 0 ? toReviewFindings(advisoryFindings) : undefined,
-        cost: llmCost
-      };
-    }
-    const durationMs2 = Date.now() - startTime;
-    logger?.info("review", "Semantic review passed (all findings below blocking threshold)", {
+  if (!opResult.passed && allFindings.length === 0) {
+    logger?.warn("review", "Semantic review fail-closed: blocking findings dropped (acIndex invalid)", {
       storyId: story.id,
-      durationMs: durationMs2
+      durationMs
     });
     recordSemanticAudit({
       runtime,
@@ -39476,29 +39572,23 @@ ${dropSummary}`,
       featureName,
       parsed: true,
       failOpen: false,
-      passed: true,
+      passed: false,
       blockingThreshold: threshold,
-      result: {
-        passed: true,
-        findings: llmFindingsToReviewFindings(sanitizedParsed.findings, { source: "semantic-review" })
-      },
+      result: { passed: false, findings: [] },
       advisoryFindings: advisoryFindings.length > 0 ? llmFindingsToReviewFindings(advisoryFindings, { source: "semantic-review" }) : undefined
     });
     return {
       check: "semantic",
-      success: true,
+      success: false,
       command: "",
-      exitCode: 0,
-      output: "Semantic review passed (all findings were advisory \u2014 below blocking threshold)",
-      durationMs: durationMs2,
+      exitCode: 1,
+      output: 'Semantic review failed: blocking finding(s) were dropped \u2014 acIndex was missing or out of range. The model emitted "passed: false" without valid AC attribution.',
+      durationMs,
       advisoryFindings: advisoryFindings.length > 0 ? toReviewFindings(advisoryFindings) : undefined,
       cost: llmCost
     };
   }
-  const durationMs = Date.now() - startTime;
-  if (sanitizedParsed.passed) {
-    logger?.info("review", "Semantic review passed", { storyId: story.id, durationMs });
-  }
+  logger?.info("review", "Semantic review passed", { storyId: story.id, durationMs });
   recordSemanticAudit({
     runtime,
     workdir,
@@ -39507,20 +39597,20 @@ ${dropSummary}`,
     featureName,
     parsed: true,
     failOpen: false,
-    passed: sanitizedParsed.passed,
+    passed: true,
     blockingThreshold: threshold,
     result: {
-      passed: sanitizedParsed.passed,
-      findings: llmFindingsToReviewFindings(sanitizedParsed.findings, { source: "semantic-review" })
+      passed: true,
+      findings: llmFindingsToReviewFindings(allFindings, { source: "semantic-review" })
     },
     advisoryFindings: advisoryFindings.length > 0 ? llmFindingsToReviewFindings(advisoryFindings, { source: "semantic-review" }) : undefined
   });
   return {
     check: "semantic",
-    success: sanitizedParsed.passed,
+    success: true,
     command: "",
-    exitCode: sanitizedParsed.passed ? 0 : 1,
-    output: sanitizedParsed.passed ? "Semantic review passed" : "Semantic review failed (no findings)",
+    exitCode: 0,
+    output: allFindings.length === 0 ? "Semantic review passed" : "Semantic review passed (all findings were advisory \u2014 below blocking threshold)",
     durationMs,
     advisoryFindings: advisoryFindings.length > 0 ? toReviewFindings(advisoryFindings) : undefined,
     cost: llmCost
@@ -39537,12 +39627,10 @@ var init_semantic = __esm(() => {
   init_semantic_review();
   init_prompts();
   init_test_runners();
-  init_ac_quote_validator();
   init_diff_utils();
   init_finding_projection();
   init_review_audit();
   init_semantic_debate();
-  init_semantic_evidence();
   init_semantic_helpers();
   _semanticDeps = {
     createDebateRunner: (opts) => new DebateRunner(opts),
@@ -41869,6 +41957,38 @@ async function callOp(ctx, op, input) {
   const rawOutput = outcome.result.output;
   const totalCost = outcome.result.estimatedCostUsd ?? 0;
   if (!rawOutput) {
+    if (maxRetriesExceeded) {
+      getSafeLogger()?.error("callop", "Op retry budget exhausted (empty output)", {
+        storyId: ctx.storyId,
+        opName: op.name,
+        site: "run",
+        totalAttempts: MAX_COMPLETE_RETRY_ATTEMPTS + 1
+      });
+      throw new NaxError(`callOp[${op.name}]: CALL_OP_MAX_RETRIES \u2014 exceeded MAX_COMPLETE_RETRY_ATTEMPTS (${MAX_COMPLETE_RETRY_ATTEMPTS})`, "CALL_OP_MAX_RETRIES", { stage: op.stage, storyId: ctx.storyId });
+    }
+    if (retryFallback !== undefined) {
+      if (typeof retryFallback !== "object" || retryFallback === null) {
+        throw new NaxError(`callOp[${op.name}]: exhaustedFallback returned a non-object (${typeof retryFallback}); fallback must be a plain object`, "CALL_OP_INVALID_FALLBACK", { stage: op.stage, storyId: ctx.storyId });
+      }
+      getSafeLogger()?.warn("callop", "Returning exhaustedFallback on empty output", {
+        storyId: ctx.storyId,
+        opName: op.name,
+        agentName: dispatchAgent
+      });
+      return { ...retryFallback, estimatedCostUsd: totalCost };
+    }
+    if (op.recover) {
+      const verifyCtx = makeVerifyCtx(buildCtx);
+      const recovered = await op.recover(input, verifyCtx);
+      if (recovered !== null) {
+        getSafeLogger()?.warn("callop", "Recovered from empty output via op.recover", {
+          storyId: ctx.storyId,
+          opName: op.name,
+          agentName: dispatchAgent
+        });
+        return recovered;
+      }
+    }
     throw new NaxError(`callOp[${op.name}]: agent returned no output`, "CALL_OP_NO_OUTPUT", {
       stage: op.stage,
       storyId: ctx.storyId,
@@ -52017,12 +52137,16 @@ function phasePassed(opName, output) {
   });
   return true;
 }
+function isFinding(value) {
+  return typeof value === "object" && value !== null && typeof value.source === "string" && value.source.length > 0;
+}
 function extractPhaseFindings(output) {
   if (output === null || output === undefined || typeof output !== "object") {
     return [];
   }
   const record2 = output;
-  const findings = Array.isArray(record2.findings) ? record2.findings : [];
+  const rawArray = Array.isArray(record2.normalizedFindings) ? record2.normalizedFindings : Array.isArray(record2.findings) ? record2.findings : [];
+  const findings = rawArray.filter(isFinding);
   const success2 = "success" in record2 ? record2.success === true : ("passed" in record2) ? record2.passed === true : findings.length === 0;
   return success2 ? [] : findings;
 }
@@ -52650,6 +52774,7 @@ async function assemblePlanInputsFromCtx(ctx) {
     blockingThreshold: ctx.config.review.blockingThreshold
   } : undefined;
   const adversarialReviewInput = ctx.config.review?.enabled === true && ctx.config.review.checks?.includes("adversarial") && ctx.config.review.adversarial ? {
+    workdir: ctx.workdir,
     story,
     adversarialConfig: ctx.config.review.adversarial,
     mode: ctx.config.review.adversarial.diffMode,
@@ -56943,7 +57068,7 @@ var package_default;
 var init_package = __esm(() => {
   package_default = {
     name: "@nathapp/nax",
-    version: "0.67.9",
+    version: "0.67.10",
     description: "AI Coding Agent Orchestrator \u2014 loops until done",
     type: "module",
     bin: {
@@ -57038,8 +57163,8 @@ var init_version = __esm(() => {
   NAX_VERSION = package_default.version;
   NAX_COMMIT = (() => {
     try {
-      if (/^[0-9a-f]{6,10}$/.test("ab2db4bb"))
-        return "ab2db4bb";
+      if (/^[0-9a-f]{6,10}$/.test("1d0ef5ac"))
+        return "1d0ef5ac";
     } catch {}
     try {
       const result = Bun.spawnSync(["git", "rev-parse", "--short", "HEAD"], {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nathapp/nax",
-  "version": "0.67.9",
+  "version": "0.67.10",
   "description": "AI Coding Agent Orchestrator — loops until done",
   "type": "module",
   "bin": {