@pensar/apex 2.0.0-canary.241920ad → 2.0.0

package/build/{cli-cbw2rmv7.js → cli-5fr9k6m4.js}

@@ -1,13 +1,13 @@
 import {
   BlackboxAttackSurfaceAgent
-} from "./cli-4ez6yssj.js";
+} from "./cli-sw5swz40.js";
 import {
   TargetedPentestAgent,
   buildPentestSystemPrompt
-} from "./cli-0svsmc2c.js";
+} from "./cli-cb5va0cs.js";
 import {
   CodeAgent
-} from "./cli-demg7sj2.js";
+} from "./cli-zpvmaxem.js";
 import {
   AppsDiscoveryResultSchema,
   DiscoverySummarySchema,
@@ -15,10 +15,10 @@ import {
   WHITEBOX_APPS_DISCOVERY_SYSTEM_PROMPT,
   WHITEBOX_DISCOVERY_SYSTEM_PROMPT,
   WHITEBOX_ENDPOINT_DOCUMENTATION_SYSTEM_PROMPT
-} from "./cli-ft17f9nh.js";
+} from "./cli-wdmqkshz.js";
 import {
   EvidenceFileEntrySchema
-} from "./cli-zyk3xsth.js";
+} from "./cli-ntd42071.js";
 import {
   CweEntrySchema,
   FindingsRegistry,
@@ -27,18 +27,14 @@ import {
   ValidatedCweEntrySchema,
   hasCanonicalName,
   runWithBoundedConcurrency
-} from "./cli-gtepvg8s.js";
+} from "./cli-k8mvghe1.js";
 import {
   createThreatModelPrompt
 } from "./cli-fw5r7pfj.js";
 import {
-  createLogger,
   hasToolCall,
-  init_dist,
-  init_lazyLogger,
-  init_structured,
-  scopedLogger
-} from "./cli-5h1kv0v4.js";
+  init_dist
+} from "./cli-h825qzmd.js";
 import {
   exports_external1 as exports_external,
   init_zod
@@ -92,9 +88,6 @@ ${objectiveList}
 4. Submit the plan via submit_plan when complete`;
 }
 
-// src/core/workflows/pentest.ts
-init_structured();
-
 // src/core/report/schemas.ts
 init_zod();
 var PentestReportFindingSchema = exports_external.object({
@@ -350,14 +343,10 @@ function formatDurationHmsFromMs(durationMs) {
 }
 
 // src/core/session/loader.ts
-init_structured();
 import { existsSync as existsSync3, readFileSync as readFileSync3 } from "fs";
 import { join as join3 } from "path";
-init_lazyLogger();
 
 // src/core/session/persistence.ts
-init_structured();
-init_lazyLogger();
 import {
   existsSync as existsSync2,
   mkdirSync,
@@ -367,7 +356,6 @@ import {
   writeFileSync as writeFileSync2
 } from "fs";
 import { join as join2 } from "path";
-var log = scopedLogger(() => createLogger("session:persistence"));
 var SUBAGENTS_DIR = "subagents";
 var MANIFEST_FILE = "agent-manifest.json";
 function loadSubagentMessages(session, agentName) {
@@ -653,7 +641,7 @@ function loadSubagents(rootPath) {
           status
         });
       } catch (e) {
-        log.error(`Failed to load subagent file ${file}`, e instanceof Error ? e : undefined, { error: String(e) });
+        console.error(`Failed to load subagent file ${file}:`, e);
       }
     }
     const entries = readdirSync(subagentsPath, { withFileTypes: true });
@@ -720,14 +708,13 @@ function loadSubagents(rootPath) {
         }
       }
     } catch (e) {
-      log.error("Failed to load agent manifest", e instanceof Error ? e : undefined, { error: String(e) });
+      console.error("Failed to load agent manifest:", e);
     }
   }
   return subagents;
 }
 
 // src/core/session/loader.ts
-var log2 = scopedLogger(() => createLogger("session:loader"));
 function loadAttackSurfaceResults(rootPath) {
   const resultsPath = join3(rootPath, "attack-surface-results.json");
   if (!existsSync3(resultsPath)) {
@@ -736,14 +723,11 @@ function loadAttackSurfaceResults(rootPath) {
   try {
     return JSON.parse(readFileSync3(resultsPath, "utf-8"));
   } catch (e) {
-    log2.error("Failed to load attack surface results", e instanceof Error ? e : undefined, { error: String(e) });
+    console.error("Failed to load attack surface results:", e);
     return null;
   }
 }
 
-// src/core/workflows/pentest.ts
-init_lazyLogger();
-
 // src/core/workflows/whiteboxAttackSurface.ts
 import {
   existsSync as existsSync12,
@@ -756,9 +740,6 @@ import {
 import { join as join15 } from "path";
 
 // src/core/agents/specialized/whiteboxAttackSurface/endpointDocumentationAgent.ts
-init_structured();
-init_lazyLogger();
-var log3 = scopedLogger(() => createLogger("endpoint-documentation-agent"));
 var ENDPOINT_DOCUMENTATION_CONCURRENCY = 10;
 function slug(name) {
   return name.toLowerCase().replace(/[^a-z0-9]+/g, "_").replace(/^_|_$/g, "");
@@ -880,7 +861,7 @@ async function runEndpointDocumentationAgent(opts) {
     });
     return true;
   } catch (error) {
-    log3.error(`"${subagentId}" FAILED`, error instanceof Error ? error : undefined, { error: String(error) });
+    console.error(`[endpoint-documentation-agent] "${subagentId}" FAILED:`, error instanceof Error ? error.message : String(error));
     eventBus?.emit("subagent-complete", {
       subagentId,
       status: "failed",
@@ -6187,9 +6168,6 @@ function mapAppWithSurface(appPath, repoRoot, options) {
 }
 
 // src/core/workflows/whiteboxAttackSurface.ts
-init_structured();
-init_lazyLogger();
-var log4 = scopedLogger(() => createLogger("whitebox-workflow"));
 var DEFAULT_CONCURRENCY = 5;
 var TASK_TYPE_LABELS = {
   pages: "Pages",
@@ -6243,7 +6221,7 @@ async function runWhiteboxAttackSurfaceWorkflow(input) {
     projectThreatModel,
     excludeTools: ["document_endpoint"]
   });
-  log4.info(`Phase 1: discovering apps in ${codebasePath}${domains?.length ? ` (${domains.length} known domains)` : ""}`);
+  console.log(`[whitebox-workflow] Phase 1: discovering apps in ${codebasePath}${domains?.length ? ` (${domains.length} known domains)` : ""}`);
   const WORKFLOW_UMBRELLA_ID = "whitebox-apps-discovery";
   eventBus?.emit("subagent-spawn", {
     subagentId: WORKFLOW_UMBRELLA_ID,
@@ -6251,10 +6229,10 @@ async function runWhiteboxAttackSurfaceWorkflow(input) {
     input: { codebasePath }
   });
   const appsResult = await appsAgent.consume();
-  log4.info(`Phase 1 complete: ${appsResult?.apps.length ?? 0} apps discovered` + (appsResult ? ` (repoType=${appsResult.repoType}, packageManager=${appsResult.packageManager})` : " (no result returned)"));
+  console.log(`[whitebox-workflow] Phase 1 complete: ${appsResult?.apps.length ?? 0} apps discovered` + (appsResult ? ` (repoType=${appsResult.repoType}, packageManager=${appsResult.packageManager})` : " (no result returned)"));
   if (appsResult?.apps.length) {
     for (const app of appsResult.apps) {
-      log4.debug(`app: "${app.name}" type=${app.type} framework="${app.framework}" location="${app.location}"`);
+      console.log(`[whitebox-workflow]   app: "${app.name}" type=${app.type} framework="${app.framework}" location="${app.location}"`);
     }
   }
   if (!appsResult || appsResult.apps.length === 0) {
@@ -6281,11 +6259,11 @@ async function runWhiteboxAttackSurfaceWorkflow(input) {
     mkdirSync2(appDir, { recursive: true });
     writeFileSync3(join15(appDir, "app.json"), JSON.stringify(toAppMetadata(app), null, 2), "utf-8");
   }
-  log4.info(`Phase 2: surfaceIntegrationEnabled=${surfaceIntegrationEnabled}`);
+  console.log(`[whitebox-workflow] Phase 2: surfaceIntegrationEnabled=${surfaceIntegrationEnabled}`);
   const NON_SERVICE_TYPES = ["cloud_resource", "storage", "database"];
   const serviceApps = appsResult.apps.filter((app) => !NON_SERVICE_TYPES.includes(app.type));
   const cloudApps = appsResult.apps.filter((app) => NON_SERVICE_TYPES.includes(app.type));
-  log4.info(`Phase 2: ${serviceApps.length} service apps (surface or fallback per app), ${cloudApps.length} cloud resources → ${appsResult.apps.length} total apps`);
+  console.log(`[whitebox-workflow] Phase 2: ${serviceApps.length} service apps (surface or fallback per app), ${cloudApps.length} cloud resources → ${appsResult.apps.length} total apps`);
   const totalApps = appsResult.apps.length;
   let completedAppCount = 0;
   eventBus?.emit("app-analysis-progress", {
@@ -6307,7 +6285,7 @@ async function runWhiteboxAttackSurfaceWorkflow(input) {
   const spawnDiscoveryAgent = async (app, type2, objective) => {
     const subagentId = `${type2}-${app.name}`;
     const appNodeId = appNodeIdFor(app.name);
-    log4.debug(`Phase 2: spawning agent id="${subagentId}" parent="${appNodeId}" (app="${app.name}", type=${type2}, appType=${app.type})`);
+    console.log(`[whitebox-workflow] Phase 2: spawning agent id="${subagentId}" parent="${appNodeId}" (app="${app.name}", type=${type2}, appType=${app.type})`);
     eventBus?.emit("subagent-spawn", {
       subagentId,
       name: TASK_TYPE_LABELS[type2],
@@ -6334,14 +6312,14 @@ async function runWhiteboxAttackSurfaceWorkflow(input) {
     });
     try {
       await agent.consume();
-      log4.debug(`Phase 2: agent "${subagentId}" completed`);
+      console.log(`[whitebox-workflow] Phase 2: agent "${subagentId}" completed`);
       eventBus?.emit("subagent-complete", {
         subagentId,
         status: "completed",
         parentSubagentId: appNodeId
       });
     } catch (error) {
-      log4.error(`Phase 2: agent "${subagentId}" FAILED`, error instanceof Error ? error : undefined, { error: String(error) });
+      console.error(`[whitebox-workflow] Phase 2: agent "${subagentId}" FAILED:`, error instanceof Error ? error.message : String(error));
       appAnyTaskFailed.set(app.name, true);
       eventBus?.emit("subagent-complete", {
         subagentId,
@@ -6359,7 +6337,7 @@ async function runWhiteboxAttackSurfaceWorkflow(input) {
       if (NON_SERVICE_TYPES.includes(app.type)) {
         await spawnCloudResourceAgent(app);
       } else if (!surfaceIntegrationEnabled) {
-        log4.debug(`${app.name}: legacy (surfaceIntegrationEnabled=false)`);
+        console.log(`[whitebox] ${app.name}: legacy (surfaceIntegrationEnabled=false)`);
         await Promise.all([
           spawnPagesAgent(app),
           spawnApiEndpointsAgent(app)
@@ -6367,7 +6345,7 @@ async function runWhiteboxAttackSurfaceWorkflow(input) {
       } else {
         const surfaceResult = mapAppWithSurface(join15(codebasePath, app.location), codebasePath, { isSingleAppRepo: serviceApps.length === 1 });
         if (surfaceResult.mode === "surface") {
-          log4.debug(`${app.name}: surface-driven (${surfaceResult.endpoints.length} endpoints, frameworks=${surfaceResult.frameworks.join(",")})`);
+          console.log(`[whitebox] ${app.name}: surface-driven (${surfaceResult.endpoints.length} endpoints, frameworks=${surfaceResult.frameworks.join(",")})`);
           await runAppEndpointDocumentation({
             codebasePath,
             app,
@@ -6386,7 +6364,7 @@ async function runWhiteboxAttackSurfaceWorkflow(input) {
             parentSubagentId: appNodeId
           });
         } else {
-          log4.debug(`${app.name}: fallback (${surfaceResult.reason})`);
+          console.log(`[whitebox] ${app.name}: fallback (${surfaceResult.reason})`);
           await Promise.all([
             spawnPagesAgent(app),
             spawnApiEndpointsAgent(app)
@@ -6414,14 +6392,14 @@ async function runWhiteboxAttackSurfaceWorkflow(input) {
     subagentId: WORKFLOW_UMBRELLA_ID,
     status: "completed"
   });
-  log4.info(`Phase 3: reading assets from ${assetsPath}`);
+  console.log(`[whitebox-workflow] Phase 3: reading assets from ${assetsPath}`);
   const {
     apps: parsedApps,
     repoType,
     packageManager
   } = readAppsFromAssetsDirectory(assetsPath, appsResult);
   for (const app of parsedApps) {
-    log4.debug(`Phase 3: "${app.name}" → ${app.pages.length} pages, ${app.apiEndpoints.length} API endpoints`);
+    console.log(`[whitebox-workflow] Phase 3: "${app.name}" → ${app.pages.length} pages, ${app.apiEndpoints.length} API endpoints`);
   }
   const apps = parsedApps;
   const totalPages = apps.reduce((sum, a) => sum + a.pages.length, 0);
@@ -6443,16 +6421,16 @@ function readAppsFromAssetsDirectory(assetsPath, appsDiscovery) {
   const repoType = appsDiscovery?.repoType ?? "unknown";
   const packageManager = appsDiscovery?.packageManager ?? "unknown";
   if (!existsSync12(assetsPath)) {
-    log4.debug(`readAssets: assets directory does not exist: ${assetsPath}`);
+    console.log(`[readAssets] Assets directory does not exist: ${assetsPath}`);
     return { apps: [], repoType, packageManager };
   }
   const entries = readdirSync10(assetsPath);
-  log4.debug(`readAssets: found ${entries.length} entries in ${assetsPath}: [${entries.join(", ")}]`);
+  console.log(`[readAssets] Found ${entries.length} entries in ${assetsPath}: [${entries.join(", ")}]`);
   const apps = [];
   for (const entry of entries) {
     const entryPath = join15(assetsPath, entry);
     if (!statSync2(entryPath).isDirectory()) {
-      log4.debug(`readAssets: skipping non-directory: ${entry}`);
+      console.log(`[readAssets] Skipping non-directory: ${entry}`);
       continue;
     }
     const appJsonPath = join15(entryPath, "app.json");
@@ -6461,17 +6439,17 @@ function readAppsFromAssetsDirectory(assetsPath, appsDiscovery) {
       try {
         metadata = JSON.parse(readFileSync9(appJsonPath, "utf-8"));
       } catch {
-        log4.warn(`readAssets: skipping app folder with unreadable app.json: ${entry}`);
+        console.warn(`[readAssets] Skipping app folder with unreadable app.json: ${entry}`);
         continue;
       }
     } else {
-      log4.debug(`readAssets: skipping folder without app.json: ${entry}`);
+      console.log(`[readAssets] Skipping folder without app.json: ${entry}`);
       continue;
     }
     const pages = [];
     const apiEndpoints = [];
     const assetFiles = readdirSync10(entryPath).filter((f) => f.endsWith(".json") && f !== "app.json");
-    log4.debug(`readAssets: app "${metadata.name}" (${entry}): ${assetFiles.length} asset files`);
+    console.log(`[readAssets] App "${metadata.name}" (${entry}): ${assetFiles.length} asset files`);
     let parseFailed = 0;
     for (const file of assetFiles) {
       try {
@@ -6479,7 +6457,7 @@ function readAppsFromAssetsDirectory(assetsPath, appsDiscovery) {
         const data = JSON.parse(raw);
         const endpoint2 = assetRecordToEndpoint(data);
         if (!endpoint2) {
-          log4.debug(`readAssets: ${file}: failed schema validation (assetRecordToEndpoint returned null)`);
+          console.log(`[readAssets]   ${file}: failed schema validation (assetRecordToEndpoint returned null)`);
           parseFailed++;
           continue;
         }
@@ -6489,11 +6467,11 @@ function readAppsFromAssetsDirectory(assetsPath, appsDiscovery) {
           apiEndpoints.push(endpoint2);
         }
       } catch {
-        log4.warn(`readAssets: skipping unreadable asset file: ${entry}/${file}`);
+        console.warn(`[readAssets] Skipping unreadable asset file: ${entry}/${file}`);
         parseFailed++;
       }
     }
-    log4.debug(`readAssets: app "${metadata.name}": ${pages.length} pages, ${apiEndpoints.length} API endpoints, ${parseFailed} failed`);
+    console.log(`[readAssets] App "${metadata.name}": ${pages.length} pages, ${apiEndpoints.length} API endpoints, ${parseFailed} failed`);
     apps.push({
       name: metadata.name,
       type: metadata.type ?? "web_application",
@@ -6819,7 +6797,6 @@ When finished, call \`response\` with a summary of how many entry points you doc
 }
 
 // src/core/workflows/pentest.ts
-var log5 = scopedLogger(() => createLogger("pentest-swarm"));
 var DEFAULT_CONCURRENCY2 = 10;
 function addUsageTotals(totals, usage) {
   if (!usage)
@@ -6897,7 +6874,7 @@ async function runPentestSwarm(input) {
         });
         await planAgent.consume();
       } catch (planErr) {
-        log5.warn(`Plan phase failed for ${subagentId}: ${planErr}`);
+        console.error(`[pentest-swarm] Plan phase failed for ${subagentId}: ${planErr}`);
       }
     }
     const objectiveStr = target.objectives.join("; ");

package/build/{cli-78s9w64j.js → cli-948dk60p.js}

@@ -1,7 +1,7 @@
 import {
   config,
   init_config
-} from "./cli-rtbry75t.js";
+} from "./cli-h6nw89zf.js";
 import {
   __esm
 } from "./cli-8rxa073f.js";

package/build/{cli-k1vsv3qh.js → cli-a20jcpmp.js}

@@ -119,7 +119,7 @@ var init_package = __esm(() => {
       tsc: "tsc --noEmit"
     },
     type: "module",
-    version: "2.0.0-canary.241920ad"
+    version: "2.0.0"
   };
 });
 

package/build/{cli-0svsmc2c.js → cli-cb5va0cs.js}

@@ -2,13 +2,7 @@ import {
   OffensiveSecurityAgent,
   isMemoryEnabled,
   readPlan
-} from "./cli-gtepvg8s.js";
-import {
-  createLogger,
-  init_lazyLogger,
-  init_structured,
-  scopedLogger
-} from "./cli-5h1kv0v4.js";
+} from "./cli-k8mvghe1.js";
 import {
   exports_external1 as exports_external,
   init_zod
@@ -16,11 +10,8 @@ import {
 
 // src/core/agents/specialized/pentest/agent.ts
 init_zod();
-init_structured();
 import { existsSync, readdirSync, readFileSync } from "fs";
 import { join } from "path";
-init_lazyLogger();
-var log = scopedLogger(() => createLogger("pentest-agent"));
 var ObjectiveResultSchema = exports_external.object({
   objective: exports_external.string().describe("The objective text, exactly as it was provided or a refined version"),
   completed: exports_external.boolean().describe("true if this objective was thoroughly tested and can be considered done for this endpoint; false if it still needs further testing in future runs"),

package/build/{cli-rtbry75t.js → cli-h6nw89zf.js}

@@ -3,7 +3,7 @@ import {
   init,
   init_config,
   update
-} from "./cli-23xtyah8.js";
+} from "./cli-0v9x0eby.js";
 import {
   __esm
 } from "./cli-8rxa073f.js";