@oss-autopilot/core 0.59.0 → 0.60.1

package/dist/core/ci-analysis.d.ts

@@ -5,14 +5,15 @@
 import type { Octokit } from '@octokit/rest';
 import { CIFailureCategory, ClassifiedCheck, CIStatusResult } from './types.js';
 /**
- * Classify a failing CI check as actionable, fork_limitation, auth_gate, or infrastructure (#81, #145).
+ * Classify a failing CI check as actionable, fork_limitation, auth_gate, or infrastructure (#81, #145, #743).
  * Default is 'actionable' — only known patterns get reclassified.
- * When conclusion is provided (cancelled, timed_out), the check is classified as infrastructure.
+ * Conclusion-based classification (cancelled, timed_out, action_required) takes precedence
+ * over name-based pattern matching.
  */
 export declare function classifyCICheck(name: string, description?: string, conclusion?: string): CIFailureCategory;
 /**
- * Classify all failing checks and return both the flat names array and classified array (#81, #145).
- * Accepts optional conclusion data to detect infrastructure failures.
+ * Classify all failing checks and return a ClassifiedCheck array (#81, #145, #743).
+ * Accepts optional conclusion data to detect infrastructure failures and auth gates.
  */
 export declare function classifyFailingChecks(failingCheckNames: string[], conclusions?: Map<string, string>): ClassifiedCheck[];
 /**

package/dist/core/ci-analysis.js

@@ -38,16 +38,21 @@ const INFRASTRUCTURE_PATTERNS = [
     /\bservice\s*unavailable/i,
     /\binfrastructure/i,
     /\bblacksmith\b/i,
+    /\breadthedocs\b/i,
 ];
 /**
- * Classify a failing CI check as actionable, fork_limitation, auth_gate, or infrastructure (#81, #145).
+ * Classify a failing CI check as actionable, fork_limitation, auth_gate, or infrastructure (#81, #145, #743).
  * Default is 'actionable' — only known patterns get reclassified.
- * When conclusion is provided (cancelled, timed_out), the check is classified as infrastructure.
+ * Conclusion-based classification (cancelled, timed_out, action_required) takes precedence
+ * over name-based pattern matching.
  */
 export function classifyCICheck(name, description, conclusion) {
     // Infrastructure: cancelled or timed_out jobs are transient failures (#145)
     if (conclusion === 'cancelled' || conclusion === 'timed_out')
         return 'infrastructure';
+    // Auth gate: action_required means the workflow needs external approval (e.g., fork PR or first-time contributor)
+    if (conclusion === 'action_required')
+        return 'auth_gate';
     const nameLower = name.toLowerCase();
     // Check name first (more reliable than description)
     if (AUTH_GATE_PATTERNS.some((p) => p.test(nameLower)))
@@ -69,8 +74,8 @@ export function classifyCICheck(name, description, conclusion) {
     return 'actionable';
 }
 /**
- * Classify all failing checks and return both the flat names array and classified array (#81, #145).
- * Accepts optional conclusion data to detect infrastructure failures.
+ * Classify all failing checks and return a ClassifiedCheck array (#81, #145, #743).
+ * Accepts optional conclusion data to detect infrastructure failures and auth gates.
  */
 export function classifyFailingChecks(failingCheckNames, conclusions) {
     return failingCheckNames.map((name) => {
@@ -93,14 +98,14 @@ export function analyzeCheckRuns(checkRuns) {
     const failingCheckNames = [];
     const failingCheckConclusions = new Map();
     for (const check of checkRuns) {
-        if (check.conclusion === 'failure' || check.conclusion === 'cancelled' || check.conclusion === 'timed_out') {
+        if (check.conclusion === 'failure' ||
+            check.conclusion === 'cancelled' ||
+            check.conclusion === 'timed_out' ||
+            check.conclusion === 'action_required') {
             hasFailingChecks = true;
             failingCheckNames.push(check.name);
             failingCheckConclusions.set(check.name, check.conclusion);
         }
-        else if (check.conclusion === 'action_required') {
-            hasPendingChecks = true; // Maintainer approval gate, not a real failure
-        }
         else if (check.status === 'in_progress' || check.status === 'queued') {
             hasPendingChecks = true;
         }

package/dist/core/state-persistence.d.ts

@@ -24,6 +24,7 @@ export declare function releaseLock(lockPath: string): void;
 export declare function atomicWriteFileSync(filePath: string, data: string, mode?: number): void;
 /**
  * Create a fresh state (v2: fresh GitHub fetching).
+ * Leverages Zod schema defaults to produce a complete state.
  */
 export declare function createFreshState(): AgentState;
 /**

package/dist/core/state-persistence.js

@@ -5,13 +5,11 @@
  */
 import * as fs from 'fs';
 import * as path from 'path';
-import { INITIAL_STATE } from './types.js';
+import { AgentStateSchema } from './state-schema.js';
 import { getStatePath, getBackupDir, getDataDir } from './utils.js';
 import { errorMessage } from './errors.js';
 import { debug, warn } from './logger.js';
 const MODULE = 'state';
-// Current state version
-const CURRENT_STATE_VERSION = 2;
 // Lock file timeout: if a lock is older than this, it is considered stale
 const LOCK_TIMEOUT_MS = 30_000; // 30 seconds
 // Legacy path for migration
@@ -139,66 +137,12 @@ function migrateV1ToV2(rawState) {
     debug(MODULE, `Migration complete. Preserved ${Object.keys(repoScores).length} repo scores.`);
     return migratedState;
 }
-/**
- * Validate that a loaded state has the required structure.
- * Handles both v1 (with PR arrays) and v2 (without).
- */
-function isValidState(state) {
-    if (!state || typeof state !== 'object')
-        return false;
-    const s = state;
-    // Migrate older states that don't have repoScores
-    if (s.repoScores === undefined) {
-        s.repoScores = {};
-    }
-    // Migrate older states that don't have events
-    if (s.events === undefined) {
-        s.events = [];
-    }
-    // Migrate older states that don't have mergedPRs
-    if (s.mergedPRs === undefined) {
-        s.mergedPRs = [];
-    }
-    // Base requirements for all versions
-    const hasBaseFields = typeof s.version === 'number' &&
-        typeof s.repoScores === 'object' &&
-        s.repoScores !== null &&
-        Array.isArray(s.events) &&
-        typeof s.config === 'object' &&
-        s.config !== null;
-    if (!hasBaseFields)
-        return false;
-    // v1 requires base PR arrays to be present (they will be dropped during migration)
-    if (s.version === 1) {
-        return (Array.isArray(s.activePRs) &&
-            Array.isArray(s.dormantPRs) &&
-            Array.isArray(s.mergedPRs) &&
-            Array.isArray(s.closedPRs));
-    }
-    // v2+ doesn't require PR arrays
-    return true;
-}
 /**
  * Create a fresh state (v2: fresh GitHub fetching).
+ * Leverages Zod schema defaults to produce a complete state.
  */
 export function createFreshState() {
-    return {
-        version: CURRENT_STATE_VERSION,
-        activeIssues: [],
-        repoScores: {},
-        config: {
-            ...INITIAL_STATE.config,
-            setupComplete: false,
-            languages: [...INITIAL_STATE.config.languages],
-            labels: [...INITIAL_STATE.config.labels],
-            excludeRepos: [],
-            trustedProjects: [],
-            shelvedPRUrls: [],
-            dismissedIssues: {},
-        },
-        events: [],
-        lastRunAt: new Date().toISOString(),
-    };
+    return AgentStateSchema.parse({ version: 2 });
 }
 /**
  * Migrate state from legacy ./data/ location to ~/.oss-autopilot/.
@@ -298,13 +242,15 @@ function tryRestoreFromBackup() {
         const backupPath = path.join(backupDir, backupFile);
         try {
             const data = fs.readFileSync(backupPath, 'utf-8');
-            let state = JSON.parse(data);
-            if (isValidState(state)) {
+            let raw = JSON.parse(data);
+            // Migrate from v1 to v2 if needed (before schema validation)
+            if (typeof raw === 'object' && raw !== null && raw.version === 1) {
+                raw = migrateV1ToV2(raw);
+            }
+            const parsed = AgentStateSchema.safeParse(raw);
+            if (parsed.success) {
+                const state = parsed.data;
                 debug(MODULE, `Successfully restored state from backup: ${backupFile}`);
-                // Migrate from v1 to v2 if needed
-                if (state.version === 1) {
-                    state = migrateV1ToV2(state);
-                }
                 const repoCount = Object.keys(state.repoScores).length;
                 debug(MODULE, `Restored state v${state.version}: ${repoCount} repo scores`);
                 // Overwrite the corrupted main state file with the restored backup (atomic write)
@@ -313,6 +259,10 @@ function tryRestoreFromBackup() {
                 debug(MODULE, 'Restored backup written to main state file');
                 return state;
             }
+            // safeParse failed — log and try next backup
+            const summary = parsed.error.issues.map((i) => `${i.path.join('.')}: ${i.message}`).join('; ');
+            warn(MODULE, `Backup ${backupFile} failed schema validation: ${summary}`);
+            debug(MODULE, `Backup ${backupFile} full validation errors:`, parsed.error.issues);
         }
         catch (backupErr) {
             // This backup is also corrupted, try the next one
@@ -335,10 +285,29 @@ export function loadState() {
     try {
         if (fs.existsSync(statePath)) {
             const data = fs.readFileSync(statePath, 'utf-8');
-            let state = JSON.parse(data);
-            // Validate required fields exist
-            if (!isValidState(state)) {
-                warn(MODULE, 'Invalid state file structure, attempting to restore from backup...');
+            let raw = JSON.parse(data);
+            // Migrate from v1 to v2 if needed (before schema validation)
+            let wasMigrated = false;
+            if (typeof raw === 'object' && raw !== null && raw.version === 1) {
+                raw = migrateV1ToV2(raw);
+                wasMigrated = true;
+            }
+            // Validate through Zod schema (strips unknown keys in memory; stale keys persist on disk until next save)
+            const parsed = AgentStateSchema.safeParse(raw);
+            if (!parsed.success) {
+                const summary = parsed.error.issues.map((i) => `${i.path.join('.')}: ${i.message}`).join('; ');
+                warn(MODULE, `Invalid state file structure: ${summary}`);
+                warn(MODULE, 'Attempting to restore from backup...');
+                debug(MODULE, 'Full validation errors:', parsed.error.issues);
+                // Preserve the rejected state file so the user can recover
+                try {
+                    const rejectedPath = statePath + '.rejected-' + Date.now();
+                    fs.copyFileSync(statePath, rejectedPath);
+                    warn(MODULE, `Previous state preserved at: ${rejectedPath}`);
+                }
+                catch (preserveErr) {
+                    warn(MODULE, `Could not preserve rejected state file: ${errorMessage(preserveErr)}`);
+                }
                 const restoredState = tryRestoreFromBackup();
                 if (restoredState) {
                     const mtimeMs = safeGetMtimeMs(statePath);
@@ -347,23 +316,16 @@ export function loadState() {
                 warn(MODULE, 'No valid backup found, starting fresh');
                 return { state: createFreshState(), mtimeMs: 0 };
             }
-            // Migrate from v1 to v2 if needed
-            if (state.version === 1) {
-                state = migrateV1ToV2(state);
-                // Save the migrated state immediately (atomic write)
-                atomicWriteFileSync(statePath, JSON.stringify(state, null, 2), 0o600);
-                debug(MODULE, 'Migrated state saved');
+            // Save migrated state only after validation succeeds
+            if (wasMigrated) {
+                atomicWriteFileSync(statePath, JSON.stringify(parsed.data, null, 2), 0o600);
+                debug(MODULE, 'Migrated and validated state saved');
             }
-            // Strip legacy fields from persisted state (snoozedPRs and PR dismiss
-            // entries were removed in the three-state PR model simplification)
+            const state = parsed.data;
+            // Strip PR URLs from dismissedIssues (PR dismiss removed).
+            // This filters values inside a known field — Zod .strip() only removes unknown keys.
             try {
                 let needsCleanupSave = false;
-                const rawConfig = state.config;
-                if (rawConfig.snoozedPRs) {
-                    delete rawConfig.snoozedPRs;
-                    needsCleanupSave = true;
-                }
-                // Strip PR URLs from dismissedIssues (PR dismiss removed)
                 if (state.config.dismissedIssues) {
                     const PR_URL_RE = /\/pull\/\d+$/;
                     for (const url of Object.keys(state.config.dismissedIssues)) {
@@ -375,7 +337,7 @@ export function loadState() {
                 }
                 if (needsCleanupSave) {
                     atomicWriteFileSync(statePath, JSON.stringify(state, null, 2), 0o600);
-                    warn(MODULE, 'Cleaned up removed features (snoozedPRs, dismissed PR URLs) from persisted state');
+                    warn(MODULE, 'Cleaned up dismissed PR URLs from persisted state');
                 }
             }
             catch (cleanupError) {