@ouro.bot/cli 0.1.0-alpha.664 → 0.1.0-alpha.666

package/changelog.json

@@ -1,6 +1,18 @@
 {
   "_note": "This changelog is maintained as part of the PR/version-bump workflow. Agent-curated, not auto-generated. Agents read this file directly via read_file to understand what changed between versions.",
   "versions": [
+    {
+      "version": "0.1.0-alpha.666",
+      "changes": [
+        "Close pre-merge habit session review gaps for route gating, executable risk policy, and Desk produced refs."
+      ]
+    },
+    {
+      "version": "0.1.0-alpha.665",
+      "changes": [
+        "Ignore Sentinel-owned daemon-health git dirt when computing the Sentinel bundle signal, preventing a self-sustaining health-receipt loop while keeping real bundle dirt visible."
+      ]
+    },
     {
       "version": "0.1.0-alpha.664",
       "changes": [

package/dist/arc/flight-recorder.js

@@ -33,11 +33,15 @@ var __importStar = (this && this.__importStar) || (function () {
     };
 })();
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.isHabitRunTrigger = isHabitRunTrigger;
 exports.flightRecorderLatestPath = flightRecorderLatestPath;
 exports.isFlightRecorderResume = isFlightRecorderResume;
 exports.readFlightRecorderResume = readFlightRecorderResume;
 exports.writeFlightRecorderResume = writeFlightRecorderResume;
 exports.recordFlightRecorderEvent = recordFlightRecorderEvent;
+exports.isSafeHabitRunId = isSafeHabitRunId;
+exports.readHabitRunReceipt = readHabitRunReceipt;
+exports.listHabitRunReceipts = listHabitRunReceipts;
 exports.writeHabitRunReceipt = writeHabitRunReceipt;
 exports.formatFlightRecorderResume = formatFlightRecorderResume;
 exports.createHabitRunId = createHabitRunId;
@@ -46,6 +50,13 @@ const path = __importStar(require("path"));
 const crypto_1 = require("crypto");
 const session_events_1 = require("../heart/session-events");
 const runtime_1 = require("../nerves/runtime");
+function isHabitRunTrigger(value) {
+    return value === "cron"
+        || value === "launchd"
+        || value === "poke"
+        || value === "overdue"
+        || value === "manual";
+}
 function flightRecorderDir(agentRoot) {
     return path.join(agentRoot, "arc", "flight-recorder");
 }
@@ -55,6 +66,9 @@ function eventsDir(agentRoot) {
 function receiptsDir(agentRoot) {
     return path.join(flightRecorderDir(agentRoot), "habit-receipts");
 }
+function habitReceiptPath(agentRoot, runId) {
+    return path.join(receiptsDir(agentRoot), `${runId}.json`);
+}
 function flightRecorderLatestPath(agentRoot) {
     return path.join(flightRecorderDir(agentRoot), "latest.json");
 }
@@ -311,20 +325,269 @@ function recordFlightRecorderEvent(agentRoot, input) {
     });
     return event;
 }
-function writeHabitRunReceipt(agentRoot, receipt) {
-    fs.mkdirSync(receiptsDir(agentRoot), { recursive: true });
-    const safeReceipt = {
+function isSafeHabitRunId(value) {
+    return typeof value === "string"
+        && /^[A-Za-z0-9][A-Za-z0-9_.:-]*$/.test(value)
+        && !value.includes("..");
+}
+function isPlainRecord(value) {
+    return !!value && typeof value === "object" && !Array.isArray(value);
+}
+function isProducedRefArray(value) {
+    return Array.isArray(value)
+        && value.every((entry) => isPlainRecord(entry)
+            && (entry.kind === "arc"
+                || entry.kind === "desk_task"
+                || entry.kind === "desk_record"
+                || entry.kind === "claim"
+                || entry.kind === "surface"
+                || entry.kind === "none")
+            && typeof entry.locator === "string");
+}
+function isHabitSurfaceAttemptArray(value) {
+    return Array.isArray(value)
+        && value.every((entry) => isPlainRecord(entry)
+            && typeof entry.recipient === "string"
+            && typeof entry.channel === "string"
+            && (entry.reason === "needed_input"
+                || entry.reason === "status"
+                || entry.reason === "answer"
+                || entry.reason === "blocked"
+                || entry.reason === "other")
+            && (entry.result === "sent"
+                || entry.result === "delivered"
+                || entry.result === "delivered_now"
+                || entry.result === "queued"
+                || entry.result === "deferred"
+                || entry.result === "blocked"
+                || entry.result === "failed"
+                || entry.result === "unavailable")
+            && (entry.routeKind === undefined
+                || entry.routeKind === "family"
+                || entry.routeKind === "originator"
+                || entry.routeKind === "extra")
+            && (entry.rawStatus === undefined || typeof entry.rawStatus === "string")
+            && (entry.error === undefined || typeof entry.error === "string"));
+}
+function isHabitReturnRouteArray(value) {
+    return Array.isArray(value)
+        && value.every((entry) => isPlainRecord(entry)
+            && (entry.kind === "family" || entry.kind === "originator" || entry.kind === "extra")
+            && typeof entry.recipient === "string"
+            && (entry.status === "allowed" || entry.status === "unresolved")
+            && (entry.friendId === undefined || typeof entry.friendId === "string")
+            && (entry.channel === undefined || typeof entry.channel === "string")
+            && (entry.key === undefined || typeof entry.key === "string")
+            && (entry.reason === undefined || typeof entry.reason === "string"));
+}
+function isHabitPermissionEnvelope(value) {
+    if (!isPlainRecord(value))
+        return false;
+    return value.schemaVersion === 1
+        && typeof value.canMessageOutward === "boolean"
+        && isHabitReturnRouteArray(value.returnRoutes)
+        && isStringArray(value.deniedTools)
+        && isStringArray(value.warnings);
+}
+function isHabitToolPolicy(value) {
+    if (!isPlainRecord(value))
+        return false;
+    return (value.requestedTools === null || isStringArray(value.requestedTools))
+        && isStringArray(value.grantedTools)
+        && isStringArray(value.deniedTools)
+        && typeof value.outwardMessagingAllowed === "boolean";
+}
+function isHabitRunReceipt(value) {
+    if (!isPlainRecord(value))
+        return false;
+    return value.schemaVersion === 2
+        && isSafeHabitRunId(value.runId)
+        && typeof value.sessionId === "string"
+        && typeof value.habitName === "string"
+        && (value.trigger === "cron"
+            || value.trigger === "launchd"
+            || value.trigger === "poke"
+            || value.trigger === "overdue"
+            || value.trigger === "manual")
+        && typeof value.startedAt === "string"
+        && typeof value.endedAt === "string"
+        && (value.outcome === "no_change"
+            || value.outcome === "wrote_arc"
+            || value.outcome === "updated_desk"
+            || value.outcome === "wrote_record"
+            || value.outcome === "surfaced"
+            || value.outcome === "blocked"
+            || value.outcome === "error")
+        && typeof value.definitionLocator === "string"
+        && typeof value.sessionLocator === "string"
+        && typeof value.pendingLocator === "string"
+        && typeof value.runtimeStateLocator === "string"
+        && typeof value.receiptLocator === "string"
+        && (value.nextRunAt === null || typeof value.nextRunAt === "string")
+        && isHabitPermissionEnvelope(value.permissionEnvelope)
+        && isHabitToolPolicy(value.toolPolicy)
+        && isProducedRefArray(value.producedRefs)
+        && isHabitSurfaceAttemptArray(value.surfaceAttempts)
+        && isStringArray(value.errors);
+}
+function isLegacyHabitRunReceipt(value) {
+    if (!isPlainRecord(value))
+        return false;
+    return value.schemaVersion === 1
+        && isSafeHabitRunId(value.runId)
+        && typeof value.habitName === "string"
+        && (value.trigger === "cron"
+            || value.trigger === "launchd"
+            || value.trigger === "poke"
+            || value.trigger === "overdue"
+            || value.trigger === "manual")
+        && typeof value.startedAt === "string"
+        && typeof value.endedAt === "string"
+        && (value.outcome === "no_change"
+            || value.outcome === "wrote_arc"
+            || value.outcome === "updated_desk"
+            || value.outcome === "wrote_record"
+            || value.outcome === "surfaced"
+            || value.outcome === "blocked"
+            || value.outcome === "error")
+        && isProducedRefArray(value.producedRefs)
+        && isHabitSurfaceAttemptArray(value.surfaceAttempts)
+        && isStringArray(value.errors);
+}
+function warnMalformedHabitReceipt(agentRoot, runId, reason) {
+    (0, runtime_1.emitNervesEvent)({
+        level: "warn",
+        component: "mind",
+        event: "mind.flight_recorder_habit_receipt_malformed",
+        message: "flight recorder habit receipt malformed",
+        meta: { agentRoot, runId: (0, session_events_1.capStructuredRecordString)(runId), reason },
+    });
+}
+function normalizeLegacyHabitRunReceipt(receipt) {
+    const sawSurface = receipt.surfaceAttempts.length > 0 || receipt.producedRefs.some((ref) => ref.kind === "surface");
+    return {
+        schemaVersion: 2,
+        runId: receipt.runId,
+        sessionId: receipt.runId,
+        habitName: receipt.habitName,
+        trigger: receipt.trigger,
+        startedAt: receipt.startedAt,
+        endedAt: receipt.endedAt,
+        outcome: receipt.outcome,
+        definitionLocator: `habits/${receipt.habitName}.md`,
+        sessionLocator: `state/habit-sessions/${receipt.runId}/session.json`,
+        pendingLocator: `state/habit-sessions/${receipt.runId}/pending`,
+        runtimeStateLocator: `state/habits/${receipt.habitName}.json`,
+        receiptLocator: `arc/flight-recorder/habit-receipts/${receipt.runId}.json`,
+        nextRunAt: null,
+        permissionEnvelope: {
+            schemaVersion: 1,
+            canMessageOutward: sawSurface,
+            returnRoutes: [],
+            deniedTools: sawSurface ? [] : ["send_message", "surface"],
+            warnings: ["legacy receipt normalized without habit permission envelope"],
+        },
+        toolPolicy: {
+            requestedTools: null,
+            grantedTools: sawSurface ? ["surface"] : [],
+            deniedTools: sawSurface ? [] : ["send_message", "surface"],
+            outwardMessagingAllowed: sawSurface,
+        },
+        producedRefs: receipt.producedRefs,
+        surfaceAttempts: receipt.surfaceAttempts,
+        errors: receipt.errors,
+    };
+}
+function capHabitRunReceipt(receipt) {
+    return {
         ...receipt,
         habitName: (0, session_events_1.capStructuredRecordString)(receipt.habitName),
+        definitionLocator: (0, session_events_1.capStructuredRecordString)(receipt.definitionLocator),
+        sessionLocator: (0, session_events_1.capStructuredRecordString)(receipt.sessionLocator),
+        pendingLocator: (0, session_events_1.capStructuredRecordString)(receipt.pendingLocator),
+        runtimeStateLocator: (0, session_events_1.capStructuredRecordString)(receipt.runtimeStateLocator),
+        receiptLocator: (0, session_events_1.capStructuredRecordString)(receipt.receiptLocator),
+        permissionEnvelope: {
+            ...receipt.permissionEnvelope,
+            returnRoutes: receipt.permissionEnvelope.returnRoutes.map((route) => ({
+                ...route,
+                recipient: (0, session_events_1.capStructuredRecordString)(route.recipient),
+                ...(route.friendId ? { friendId: (0, session_events_1.capStructuredRecordString)(route.friendId) } : {}),
+                ...(route.channel ? { channel: (0, session_events_1.capStructuredRecordString)(route.channel) } : {}),
+                ...(route.key ? { key: (0, session_events_1.capStructuredRecordString)(route.key) } : {}),
+                ...(route.reason ? { reason: (0, session_events_1.capStructuredRecordString)(route.reason) } : {}),
+            })),
+            deniedTools: cappedArray(receipt.permissionEnvelope.deniedTools),
+            warnings: cappedArray(receipt.permissionEnvelope.warnings),
+        },
+        toolPolicy: {
+            requestedTools: receipt.toolPolicy.requestedTools ? cappedArray(receipt.toolPolicy.requestedTools) : null,
+            grantedTools: cappedArray(receipt.toolPolicy.grantedTools),
+            deniedTools: cappedArray(receipt.toolPolicy.deniedTools),
+            outwardMessagingAllowed: receipt.toolPolicy.outwardMessagingAllowed,
+        },
         producedRefs: receipt.producedRefs.map((ref) => ({ ...ref, locator: (0, session_events_1.capStructuredRecordString)(ref.locator) })),
         surfaceAttempts: receipt.surfaceAttempts.map((attempt) => ({
             ...attempt,
             recipient: (0, session_events_1.capStructuredRecordString)(attempt.recipient),
             channel: (0, session_events_1.capStructuredRecordString)(attempt.channel),
+            ...(attempt.rawStatus ? { rawStatus: (0, session_events_1.capStructuredRecordString)(attempt.rawStatus) } : {}),
+            ...(attempt.error ? { error: (0, session_events_1.capStructuredRecordString)(attempt.error) } : {}),
         })),
         errors: receipt.errors.map((error) => (0, session_events_1.capStructuredRecordString)(error)),
     };
-    atomicWriteJson(path.join(receiptsDir(agentRoot), `${safeReceipt.runId}.json`), safeReceipt);
+}
+function normalizeHabitRunReceiptForWrite(receipt) {
+    return capHabitRunReceipt(receipt.schemaVersion === 1 ? normalizeLegacyHabitRunReceipt(receipt) : receipt);
+}
+function readHabitRunReceipt(agentRoot, runId) {
+    if (!isSafeHabitRunId(runId)) {
+        warnMalformedHabitReceipt(agentRoot, runId, "unsafe run id");
+        return null;
+    }
+    try {
+        const parsed = JSON.parse(fs.readFileSync(habitReceiptPath(agentRoot, runId), "utf-8"));
+        const receipt = isHabitRunReceipt(parsed)
+            ? parsed
+            : isLegacyHabitRunReceipt(parsed)
+                ? normalizeLegacyHabitRunReceipt(parsed)
+                : null;
+        if (!receipt) {
+            warnMalformedHabitReceipt(agentRoot, runId, "invalid habit receipt shape");
+            return null;
+        }
+        (0, runtime_1.emitNervesEvent)({
+            component: "mind",
+            event: "mind.flight_recorder_habit_receipt_read",
+            message: "flight recorder habit receipt read",
+            meta: { agentRoot, runId },
+        });
+        return receipt;
+    }
+    catch (error) {
+        warnMalformedHabitReceipt(agentRoot, runId, error instanceof Error ? error.message : /* v8 ignore next -- defensive: non-Error catch branch @preserve */ String(error));
+        return null;
+    }
+}
+function listHabitRunReceipts(agentRoot, options = {}) {
+    const dir = receiptsDir(agentRoot);
+    if (!fs.existsSync(dir))
+        return [];
+    const receipts = fs.readdirSync(dir)
+        .filter((fileName) => fileName.endsWith(".json"))
+        .map((fileName) => readHabitRunReceipt(agentRoot, path.basename(fileName, ".json")))
+        .filter((receipt) => receipt !== null)
+        .sort((left, right) => right.endedAt.localeCompare(left.endedAt) || right.runId.localeCompare(left.runId));
+    return typeof options.limit === "number" && options.limit >= 0 ? receipts.slice(0, options.limit) : receipts;
+}
+function writeHabitRunReceipt(agentRoot, receipt) {
+    fs.mkdirSync(receiptsDir(agentRoot), { recursive: true });
+    const safeReceipt = normalizeHabitRunReceiptForWrite(receipt);
+    if (!isSafeHabitRunId(safeReceipt.runId)) {
+        warnMalformedHabitReceipt(agentRoot, safeReceipt.runId, "unsafe run id");
+        throw new Error(`unsafe habit run id: ${safeReceipt.runId}`);
+    }
+    atomicWriteJson(habitReceiptPath(agentRoot, safeReceipt.runId), safeReceipt);
     recordFlightRecorderEvent(agentRoot, {
         kind: "habit_run",
         recordedAt: safeReceipt.endedAt,

package/dist/heart/context-loss-sentinel.js

@@ -482,7 +482,7 @@ function healthSignals(results) {
 }
 function defaultGitStatus(agentRoot) {
     try {
-        const porcelain = (0, child_process_1.execFileSync)("git", ["status", "--porcelain"], {
+        const porcelain = (0, child_process_1.execFileSync)("git", ["status", "--porcelain=v1", "-uall"], {
             cwd: agentRoot,
             encoding: "utf-8",
             stdio: ["ignore", "pipe", "pipe"],
@@ -494,7 +494,50 @@ function defaultGitStatus(agentRoot) {
         return { ok: false, error: String(error) };
     }
 }
-function bundleSignal(status) {
+function gitStatusEntries(porcelain) {
+    return porcelain.split(/\r?\n/).filter((line) => line.trim().length > 0);
+}
+function normalizeGitStatusPath(entryPath) {
+    return entryPath.trim().replace(/^"|"$/g, "");
+}
+function gitStatusPaths(entry) {
+    const rawPath = entry.slice(3).trim();
+    const paths = [];
+    let start = 0;
+    let inQuote = false;
+    let escaped = false;
+    for (let index = 0; index < rawPath.length; index += 1) {
+        const char = rawPath[index];
+        if (escaped) {
+            escaped = false;
+            continue;
+        }
+        if (inQuote && char === "\\") {
+            escaped = true;
+            continue;
+        }
+        if (char === "\"") {
+            inQuote = !inQuote;
+            continue;
+        }
+        if (!inQuote && rawPath.startsWith(" -> ", index)) {
+            paths.push(rawPath.slice(start, index));
+            start = index + 4;
+            index += 3;
+        }
+    }
+    paths.push(rawPath.slice(start));
+    return paths.map(normalizeGitStatusPath);
+}
+function isSentinelGitStatusEntry(entry) {
+    const sentinelRoot = relativeSentinelRoot();
+    return gitStatusPaths(entry).every((entryPath) => {
+        const normalizedPath = entryPath.replace(/\/$/, "");
+        return normalizedPath === sentinelRoot || normalizedPath.startsWith(`${sentinelRoot}/`);
+    });
+}
+function bundleSignal(status, options = {}) {
+    const gitStatusCommand = "git status --porcelain=v1 -uall";
     if (!status.ok) {
         return {
             id: "bundle:git",
@@ -503,11 +546,12 @@ function bundleSignal(status) {
             severity: "warn",
             verdictImpact: "watch",
             summary: `bundle git status unavailable: ${status.error}`,
-            source: { kind: "git", locator: "git status --porcelain" },
-            repair: repair("agent-runnable", "bundle-cleanup", "Inspect bundle git state before assuming the local state is clean.", "git status --porcelain"),
+            source: { kind: "git", locator: gitStatusCommand },
+            repair: repair("agent-runnable", "bundle-cleanup", "Inspect bundle git state before assuming the local state is clean.", gitStatusCommand),
         };
     }
-    const dirtyEntries = status.porcelain.split(/\r?\n/).filter((line) => line.trim().length > 0);
+    const dirtyEntries = gitStatusEntries(status.porcelain)
+        .filter((entry) => !(options.ignoreSentinelDirtyEntries && isSentinelGitStatusEntry(entry)));
     if (dirtyEntries.length > 0) {
         return {
             id: "bundle:git",
@@ -516,8 +560,8 @@ function bundleSignal(status) {
             severity: "warn",
             verdictImpact: "watch",
             summary: `bundle has ${dirtyEntries.length} uncommitted git status entr${dirtyEntries.length === 1 ? "y" : "ies"}`,
-            source: { kind: "git", locator: "git status --porcelain" },
-            repair: repair("agent-runnable", "bundle-cleanup", "Resolve or intentionally preserve local bundle changes before handoff.", "git status --porcelain"),
+            source: { kind: "git", locator: gitStatusCommand },
+            repair: repair("agent-runnable", "bundle-cleanup", "Resolve or intentionally preserve local bundle changes before handoff.", gitStatusCommand),
             meta: { dirtyEntries },
         };
     }
@@ -528,7 +572,7 @@ function bundleSignal(status) {
         severity: "info",
         verdictImpact: "none",
         summary: "bundle git status clean",
-        source: { kind: "git", locator: "git status --porcelain" },
+        source: { kind: "git", locator: gitStatusCommand },
     };
 }
 function sentinelVerdict(signals) {
@@ -633,7 +677,9 @@ function makeReceipt(agentName, agentRoot, options, generatedAt) {
         gauntletSignal(report),
         ...deriveContextLossSentinelProviderSignals(providerVisibility),
         ...healthSignals(options.daemonHealthResults ?? []),
-        bundleSignal((options.gitStatus ?? (() => defaultGitStatus(agentRoot)))()),
+        bundleSignal((options.gitStatus ?? (() => defaultGitStatus(agentRoot)))(), {
+            ignoreSentinelDirtyEntries: options.trigger === "daemon_health",
+        }),
     ];
     const verdict = sentinelVerdict(signals);
     const latestReady = readLatestReady(agentRoot);