@riddledc/riddle-proof 0.8.32 → 0.8.33

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (11) hide show
  1. package/dist/advanced/index.d.cts +1 -1
  2. package/dist/advanced/index.d.ts +1 -1
  3. package/dist/advanced/proof-run-engine.d.cts +1 -1
  4. package/dist/advanced/proof-run-engine.d.ts +1 -1
  5. package/dist/{proof-run-engine-DeHxtGnW.d.cts → proof-run-engine-4dM37pEx.d.cts} +3 -3
  6. package/dist/{proof-run-engine-DYfmd8d7.d.ts → proof-run-engine-BqaeqAze.d.ts} +3 -3
  7. package/dist/proof-run-engine.d.cts +1 -1
  8. package/dist/proof-run-engine.d.ts +1 -1
  9. package/package.json +1 -1
  10. package/runtime/lib/ship.py +10 -5
  11. package/runtime/tests/ship_artifact_publication.py +7 -4
package/dist/advanced/index.d.cts CHANGED
@@ -1,5 +1,5 @@
1
1
  export { b as runner } from '../runner-4LJ5z0D-.cjs';
2
2
  export { l as engineHarness } from '../engine-harness-LBfqbFSe.cjs';
3
3
  export { p as proofRunCore } from '../proof-run-core-B1GeqkR8.cjs';
4
- export { p as proofRunEngine } from '../proof-run-engine-DeHxtGnW.cjs';
4
+ export { p as proofRunEngine } from '../proof-run-engine-4dM37pEx.cjs';
5
5
  import '../types.cjs';
package/dist/advanced/index.d.ts CHANGED
@@ -1,5 +1,5 @@
1
1
  export { b as runner } from '../runner-BdQpOkZD.js';
2
2
  export { l as engineHarness } from '../engine-harness-CMACHP6A.js';
3
3
  export { p as proofRunCore } from '../proof-run-core-B1GeqkR8.js';
4
- export { p as proofRunEngine } from '../proof-run-engine-DYfmd8d7.js';
4
+ export { p as proofRunEngine } from '../proof-run-engine-BqaeqAze.js';
5
5
  import '../types.js';
package/dist/advanced/proof-run-engine.d.cts CHANGED
@@ -1,2 +1,2 @@
1
- export { R as RiddleProofEngine, c as createRiddleProofEngine, e as executeWorkflow } from '../proof-run-engine-DeHxtGnW.cjs';
1
+ export { R as RiddleProofEngine, c as createRiddleProofEngine, e as executeWorkflow } from '../proof-run-engine-4dM37pEx.cjs';
2
2
  import '../proof-run-core-B1GeqkR8.cjs';
package/dist/advanced/proof-run-engine.d.ts CHANGED
@@ -1,2 +1,2 @@
1
- export { R as RiddleProofEngine, c as createRiddleProofEngine, e as executeWorkflow } from '../proof-run-engine-DYfmd8d7.js';
1
+ export { R as RiddleProofEngine, c as createRiddleProofEngine, e as executeWorkflow } from '../proof-run-engine-BqaeqAze.js';
2
2
  import '../proof-run-core-B1GeqkR8.js';
package/dist/{proof-run-engine-DeHxtGnW.d.cts → proof-run-engine-4dM37pEx.d.cts} RENAMED
@@ -292,7 +292,7 @@ declare function executeWorkflow(params: WorkflowParams, pluginConfig: any, reso
292
292
  blocking?: boolean;
293
293
  details?: Record<string, unknown>;
294
294
  ok: boolean;
295
- action: "recon" | "author" | "ship" | "implement" | "verify" | "setup" | "run";
295
+ action: "author" | "recon" | "ship" | "implement" | "verify" | "setup" | "run";
296
296
  state_path: string;
297
297
  stage: any;
298
298
  summary: string;
@@ -382,7 +382,7 @@ declare function executeWorkflow(params: WorkflowParams, pluginConfig: any, reso
382
382
  continueWithStage?: WorkflowStage | null;
383
383
  blocking?: boolean;
384
384
  details?: Record<string, unknown>;
385
- action: "recon" | "author" | "ship" | "implement" | "verify" | "setup" | "run";
385
+ action: "author" | "recon" | "ship" | "implement" | "verify" | "setup" | "run";
386
386
  state_path: string;
387
387
  stage: any;
388
388
  checkpoint: string;
@@ -659,7 +659,7 @@ declare function executeWorkflow(params: WorkflowParams, pluginConfig: any, reso
659
659
  error?: undefined;
660
660
  } | {
661
661
  ok: boolean;
662
- action: "recon" | "author" | "ship" | "implement" | "verify" | "setup";
662
+ action: "author" | "recon" | "ship" | "implement" | "verify" | "setup";
663
663
  state_path: string;
664
664
  stage: any;
665
665
  summary: string;
package/dist/{proof-run-engine-DYfmd8d7.d.ts → proof-run-engine-BqaeqAze.d.ts} RENAMED
@@ -292,7 +292,7 @@ declare function executeWorkflow(params: WorkflowParams, pluginConfig: any, reso
292
292
  blocking?: boolean;
293
293
  details?: Record<string, unknown>;
294
294
  ok: boolean;
295
- action: "recon" | "author" | "ship" | "implement" | "verify" | "setup" | "run";
295
+ action: "author" | "recon" | "ship" | "implement" | "verify" | "setup" | "run";
296
296
  state_path: string;
297
297
  stage: any;
298
298
  summary: string;
@@ -382,7 +382,7 @@ declare function executeWorkflow(params: WorkflowParams, pluginConfig: any, reso
382
382
  continueWithStage?: WorkflowStage | null;
383
383
  blocking?: boolean;
384
384
  details?: Record<string, unknown>;
385
- action: "recon" | "author" | "ship" | "implement" | "verify" | "setup" | "run";
385
+ action: "author" | "recon" | "ship" | "implement" | "verify" | "setup" | "run";
386
386
  state_path: string;
387
387
  stage: any;
388
388
  checkpoint: string;
@@ -659,7 +659,7 @@ declare function executeWorkflow(params: WorkflowParams, pluginConfig: any, reso
659
659
  error?: undefined;
660
660
  } | {
661
661
  ok: boolean;
662
- action: "recon" | "author" | "ship" | "implement" | "verify" | "setup";
662
+ action: "author" | "recon" | "ship" | "implement" | "verify" | "setup";
663
663
  state_path: string;
664
664
  stage: any;
665
665
  summary: string;
package/dist/proof-run-engine.d.cts CHANGED
@@ -1,2 +1,2 @@
1
1
  import './proof-run-core-B1GeqkR8.cjs';
2
- export { R as RiddleProofEngine, c as createRiddleProofEngine, e as executeWorkflow } from './proof-run-engine-DeHxtGnW.cjs';
2
+ export { R as RiddleProofEngine, c as createRiddleProofEngine, e as executeWorkflow } from './proof-run-engine-4dM37pEx.cjs';
package/dist/proof-run-engine.d.ts CHANGED
@@ -1,2 +1,2 @@
1
1
  import './proof-run-core-B1GeqkR8.js';
2
- export { R as RiddleProofEngine, c as createRiddleProofEngine, e as executeWorkflow } from './proof-run-engine-DYfmd8d7.js';
2
+ export { R as RiddleProofEngine, c as createRiddleProofEngine, e as executeWorkflow } from './proof-run-engine-BqaeqAze.js';
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@riddledc/riddle-proof",
3
- "version": "0.8.32",
3
+ "version": "0.8.33",
4
4
  "description": "Reusable Riddle Proof contracts and helpers for evidence-backed agent changes.",
5
5
  "license": "MIT",
6
6
  "author": "RiddleDC",
package/runtime/lib/ship.py CHANGED
@@ -362,6 +362,11 @@ def resolve_github_repo_name(repo_dir):
362
362
  return ''
363
363
 
364
364
 
365
+ def github_file_url(repo_name, ref, path_value, mode='blob'):
366
+ safe_path = urllib.parse.quote(str(path_value or '').lstrip('/'), safe='/._-')
367
+ return 'https://github.com/' + repo_name + '/' + mode + '/' + ref + '/' + safe_path
368
+
369
+
365
370
  def write_artifact_readme(path_value, state, artifacts):
366
371
  lines = [
367
372
  '# Riddle Proof Artifacts',
@@ -467,16 +472,16 @@ def publish_local_proof_artifacts_to_github(state, repo_dir, pr_num):
467
472
  for artifact in published:
468
473
  if artifact.get('published'):
469
474
  published_path = artifact.get('published_path')
470
- artifact['raw_url'] = 'https://raw.githubusercontent.com/' + repo_name + '/' + commit + '/' + published_path
471
- artifact['html_url'] = 'https://github.com/' + repo_name + '/blob/' + commit + '/' + published_path
475
+ artifact['raw_url'] = github_file_url(repo_name, commit, published_path, 'raw')
476
+ artifact['html_url'] = github_file_url(repo_name, commit, published_path, 'blob')
472
477
  publication = {
473
478
  'ok': True,
474
479
  'branch': artifact_branch,
475
480
  'commit': commit,
476
481
  'repo': repo_name,
477
- 'html_url': 'https://github.com/' + repo_name + '/tree/' + commit + '/' + artifact_dir_name,
478
- 'manifest_url': 'https://github.com/' + repo_name + '/blob/' + commit + '/' + artifact_dir_name + '/proof-artifacts.json',
479
- 'readme_url': 'https://github.com/' + repo_name + '/blob/' + commit + '/' + artifact_dir_name + '/README.md',
482
+ 'html_url': github_file_url(repo_name, commit, artifact_dir_name, 'tree'),
483
+ 'manifest_url': github_file_url(repo_name, commit, artifact_dir_name + '/proof-artifacts.json', 'blob'),
484
+ 'readme_url': github_file_url(repo_name, commit, artifact_dir_name + '/README.md', 'blob'),
480
485
  'source_fingerprint': source_fingerprint,
481
486
  'artifacts': published,
482
487
  }
package/runtime/tests/ship_artifact_publication.py CHANGED
@@ -163,13 +163,16 @@ def main():
163
163
  assert publication.get("ok") is True, "proof artifact publication should be recorded"
164
164
  assert publication.get("artifacts"), "published artifact list should be recorded"
165
165
  assert updated.get("ship_report", {}).get("after_artifact_url", "").startswith(
166
- "https://raw.githubusercontent.com/example/test-repo/"
167
- ), "ship report should expose a public after artifact URL"
166
+ "https://github.com/example/test-repo/raw/"
167
+ ), "ship report should expose a GitHub-hosted after artifact URL"
168
168
 
169
169
  comment = comment_body_path.read_text(encoding="utf-8")
170
170
  assert "file://" not in comment, "PR proof comment must not expose local file URLs"
171
- assert "![after](https://raw.githubusercontent.com/example/test-repo/" in comment, (
172
- "PR proof comment should embed the GitHub-hosted after screenshot"
171
+ assert "raw.githubusercontent.com" not in comment, (
172
+ "PR proof comment must not depend on unauthenticated raw GitHub URLs"
173
+ )
174
+ assert "![after](https://github.com/example/test-repo/raw/" in comment, (
175
+ "PR proof comment should embed the GitHub-hosted after screenshot using a private-repo-safe URL"
173
176
  )
174
177
  assert "[proof.json](https://github.com/example/test-repo/blob/" in comment, (
175
178
  "PR proof comment should link the structured proof JSON"