@o-lang/olang 1.2.29 → 1.2.30
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/runtime/RuntimeAPI.js +46 -30
package/package.json
CHANGED
|
@@ -3,7 +3,7 @@ const path = require('path');
|
|
|
3
3
|
const crypto = require('crypto'); // ✅ CRYPTOGRAPHIC AUDIT LOGS
|
|
4
4
|
|
|
5
5
|
// ✅ O-Lang Kernel Version (Safety Logic & Governance Rules)
|
|
6
|
-
const KERNEL_VERSION = '1.2.
|
|
6
|
+
const KERNEL_VERSION = '1.2.30-alpha'; // 🔁 Update when safety rules change
|
|
7
7
|
|
|
8
8
|
class RuntimeAPI {
|
|
9
9
|
constructor({ verbose = false } = {}) {
|
|
@@ -878,41 +878,57 @@ class RuntimeAPI {
|
|
|
878
878
|
if (!output || typeof output !== 'string') return { passed: true };
|
|
879
879
|
|
|
880
880
|
// ── __verified_intent takes priority ──────────────────────────────────────
|
|
881
|
-
|
|
882
|
-
|
|
883
|
-
|
|
884
|
-
|
|
885
|
-
|
|
886
|
-
|
|
887
|
-
|
|
888
|
-
|
|
889
|
-
|
|
890
|
-
|
|
891
|
-
|
|
892
|
-
|
|
893
|
-
language: 'multi'
|
|
894
|
-
};
|
|
895
|
-
}
|
|
896
|
-
}
|
|
881
|
+
const intent = this.context.__verified_intent;
|
|
882
|
+
if (intent) {
|
|
883
|
+
if (intent.prohibited_actions && Array.isArray(intent.prohibited_actions)) {
|
|
884
|
+
const lower = output.toLowerCase();
|
|
885
|
+
for (const action of intent.prohibited_actions) {
|
|
886
|
+
if (lower.includes(action.toLowerCase())) {
|
|
887
|
+
return {
|
|
888
|
+
passed: false,
|
|
889
|
+
reason: `Output violates prohibited action "${action}" defined in __verified_intent`,
|
|
890
|
+
detected: action,
|
|
891
|
+
language: 'multi'
|
|
892
|
+
};
|
|
897
893
|
}
|
|
894
|
+
}
|
|
895
|
+
}
|
|
898
896
|
|
|
899
|
-
|
|
900
|
-
|
|
901
|
-
|
|
902
|
-
|
|
903
|
-
|
|
904
|
-
|
|
905
|
-
|
|
906
|
-
|
|
907
|
-
|
|
908
|
-
|
|
909
|
-
|
|
897
|
+
if (intent.prohibited_topics && Array.isArray(intent.prohibited_topics)) {
|
|
898
|
+
for (const topic of intent.prohibited_topics) {
|
|
899
|
+
const isRegex = typeof topic === 'object' && topic.pattern;
|
|
900
|
+
let matched = false;
|
|
901
|
+
let detected = '';
|
|
902
|
+
|
|
903
|
+
if (isRegex) {
|
|
904
|
+
try {
|
|
905
|
+
const re = new RegExp(topic.pattern, topic.flags || 'i');
|
|
906
|
+
const match = output.match(re);
|
|
907
|
+
matched = !!match;
|
|
908
|
+
detected = match ? match[0] : topic.pattern;
|
|
909
|
+
} catch (e) {
|
|
910
|
+
this.addWarning(`Invalid prohibited_topic regex: "${topic.pattern}" — ${e.message}`);
|
|
911
|
+
continue;
|
|
910
912
|
}
|
|
913
|
+
} else {
|
|
914
|
+
matched = output.toLowerCase().includes(topic.toLowerCase());
|
|
915
|
+
detected = topic;
|
|
911
916
|
}
|
|
912
917
|
|
|
913
|
-
|
|
914
|
-
|
|
918
|
+
if (matched) {
|
|
919
|
+
return {
|
|
920
|
+
passed: false,
|
|
921
|
+
reason: `Output violates prohibited topic "${isRegex ? topic.pattern : topic}" defined in __verified_intent`,
|
|
922
|
+
detected,
|
|
923
|
+
language: 'multi'
|
|
924
|
+
};
|
|
925
|
+
}
|
|
915
926
|
}
|
|
927
|
+
}
|
|
928
|
+
|
|
929
|
+
// __verified_intent present and passed — skip hardcoded patterns
|
|
930
|
+
return { passed: true };
|
|
931
|
+
}
|
|
916
932
|
|
|
917
933
|
// ── No __verified_intent — fall through to hardcoded patterns ─────────────
|
|
918
934
|
// 🔑 Extract allowed capabilities from workflow allowlist
|