@sanity/ailf 2.5.0 → 2.7.0

package/dist/_vendor/ailf-core/ports/context.d.ts

@@ -164,8 +164,25 @@ export interface ResolvedConfig {
     captureGcsBucket?: string;
     /** GCS object prefix for capture uploads (default: "captures/") */
     captureGcsPrefix?: string;
-    /** GCS bucket for report artifact uploads — enables ArtifactUploader (D0030) */
+    /**
+     * GCS bucket for report artifact uploads. Defaults to "ailf-artifacts"
+     * at the composition root — only set this to override (e.g., self-hosted
+     * deployment with a different bucket). Read access is governed by the
+     * gateway's signing credentials, so alternate bucket names require
+     * reconfiguring the gateway as well (D0030).
+     */
     artifactGcsBucket?: string;
+    /**
+     * Controls whether the ArtifactUploader is constructed.
+     *
+     * - `undefined` (default): auto — construct when credentials are available
+     *   (ADC for direct GCS, or AILF_API_KEY for gateway-signed URLs).
+     * - `true`: force-enable — still a no-op if no credentials are present (P5).
+     * - `false`: force-disable — skip artifact upload even when credentials exist.
+     *
+     * Sourced from AILF_ARTIFACT_UPLOAD env var or `artifactUpload` in ailf.config.ts.
+     */
+    artifactUpload?: boolean;
 }
 /**
  * Application context — the complete dependency carrier.

package/dist/cli.js

@@ -147,6 +147,8 @@ import { createAgentReportCommand } from "./commands/agent-report.js";
 program.addCommand(createAgentReportCommand().helpGroup(CommandGroup.AnalysisReports));
 import { createWeeklyDigestCommand } from "./commands/weekly-digest.js";
 program.addCommand(createWeeklyDigestCommand().helpGroup(CommandGroup.AnalysisReports));
+import { createCheckStalenessCommand } from "./commands/check-staleness.js";
+program.addCommand(createCheckStalenessCommand().helpGroup(CommandGroup.AnalysisReports));
 // ── Grader Reliability ────────────────────────────────────────────────
 import { createGraderCommand } from "./commands/grader/index.js";
 program.addCommand(createGraderCommand().helpGroup(CommandGroup.GraderReliability));

package/dist/commands/check-staleness.d.ts

@@ -0,0 +1,14 @@
+/**
+ * check-staleness command — verifies recent evaluation reports exist.
+ *
+ * Exits 0 when the most recent report in the Sanity Content Lake is within
+ * the max-age window, 1 otherwise (including "no reports at all"). Emits a
+ * single JSON line on stdout summarizing the decision so CI can pipe it
+ * directly into an alert payload.
+ *
+ * Used by the scheduled staleness workflow to detect silent pipeline
+ * failures — cases where scheduled evaluations stop producing reports but
+ * no workflow run fails loudly enough to be noticed.
+ */
+import { Command } from "commander";
+export declare function createCheckStalenessCommand(): Command;

package/dist/commands/check-staleness.js

@@ -0,0 +1,74 @@
+/**
+ * check-staleness command — verifies recent evaluation reports exist.
+ *
+ * Exits 0 when the most recent report in the Sanity Content Lake is within
+ * the max-age window, 1 otherwise (including "no reports at all"). Emits a
+ * single JSON line on stdout summarizing the decision so CI can pipe it
+ * directly into an alert payload.
+ *
+ * Used by the scheduled staleness workflow to detect silent pipeline
+ * failures — cases where scheduled evaluations stop producing reports but
+ * no workflow run fails loudly enough to be noticed.
+ */
+import { Command } from "commander";
+export function createCheckStalenessCommand() {
+    return new Command("check-staleness")
+        .description("Exit 1 if no evaluation report has been produced within the max-age window")
+        .option("--max-age <days>", "Max age in days before reports are considered stale", (v) => Number.parseInt(v, 10), 3)
+        .action(async (opts) => {
+        const { getSanityClient } = await import("../sanity/client.js");
+        // Resolve report-store credentials with the same precedence as
+        // weekly-digest.ts and composition-root.ts — AILF_REPORT_* wins over
+        // the evaluated-source SANITY_* defaults so the staleness probe tracks
+        // the actual report dataset even when it diverges from the eval source.
+        const client = getSanityClient({
+            dataset: process.env.AILF_REPORT_DATASET,
+            projectId: process.env.AILF_REPORT_PROJECT_ID,
+            token: process.env.AILF_REPORT_SANITY_API_TOKEN ??
+                process.env.SANITY_API_TOKEN,
+        });
+        const maxAgeDays = opts.maxAge;
+        // Bound the GROQ sort with a `completedAt > $floor` filter. Beyond
+        // ~10,000 reports the unbounded `order(completedAt desc)[0]` scan
+        // becomes a noticeable cost; a floor proportional to the max-age
+        // window keeps the scan cheap regardless of corpus size. The factor
+        // of 10× max-age gives plenty of headroom — if the last report
+        // predates the floor, the absence of any result still yields the
+        // correct "stale" verdict.
+        const floorDays = Math.max(maxAgeDays * 10, 30);
+        const floor = new Date(Date.now() - floorDays * 24 * 60 * 60 * 1000).toISOString();
+        const QUERY = `*[_type == "ailf.report" && completedAt > $floor] | order(completedAt desc)[0]{
+        "reportId": reportId,
+        "completedAt": completedAt,
+        "tag": tag
+      }`;
+        const latest = await client.fetch(QUERY, { floor });
+        // Use `process.exitCode` + `return` rather than `process.exit()` so
+        // stdout flushes cleanly when the caller captures via `$(...)` — a
+        // hard exit can drop buffered output on piped captures. Matches the
+        // pattern used by agent-report.ts, capture-list.ts, etc.
+        if (!latest || !latest.completedAt) {
+            console.log(JSON.stringify({
+                floorDays,
+                maxAgeDays,
+                reason: "no-reports",
+                stale: true,
+            }));
+            process.exitCode = 1;
+            return;
+        }
+        const ageMs = Date.now() - new Date(latest.completedAt).getTime();
+        const ageDays = Number((ageMs / (24 * 60 * 60 * 1000)).toFixed(2));
+        const stale = ageDays > maxAgeDays;
+        console.log(JSON.stringify({
+            ageDays,
+            floorDays,
+            latestCompletedAt: latest.completedAt,
+            latestReportId: latest.reportId,
+            latestTag: latest.tag,
+            maxAgeDays,
+            stale,
+        }));
+        process.exitCode = stale ? 1 : 0;
+    });
+}

package/dist/commands/pipeline-action.js

@@ -16,7 +16,7 @@ import { fileURLToPath } from "url";
 import { classifyUrls } from "../pipeline/classify-url.js";
 import { normalizeMode } from "../pipeline/normalize-mode.js";
 import { assessImpact, buildReverseMapping, } from "../pipeline/reverse-mapping.js";
-import { buildAppContext } from "../orchestration/build-app-context.js";
+import { buildAppContext, parseArtifactUploadEnv, } from "../orchestration/build-app-context.js";
 import { buildStepSequence } from "../orchestration/build-step-sequence.js";
 import { orchestratePipeline } from "../orchestration/pipeline-orchestrator.js";
 import { load } from "js-yaml";
@@ -329,6 +329,7 @@ export async function executePipeline(cliOpts) {
         config.captureGcsBucket ??= process.env.AILF_CAPTURE_GCS_BUCKET;
         config.captureGcsPrefix ??= process.env.AILF_CAPTURE_GCS_PREFIX;
         config.artifactGcsBucket ??= process.env.AILF_GCS_ARTIFACT_BUCKET;
+        config.artifactUpload ??= parseArtifactUploadEnv(process.env.AILF_ARTIFACT_UPLOAD);
         // Create AppContext directly from the merged config so adapters
         // (especially taskSource) are wired from the file config's
         // taskSourceType — not from CLI defaults.

package/dist/composition-root.d.ts

@@ -26,8 +26,15 @@ export declare function createAppContext(config: ResolvedConfig): AppContext;
 /**
  * Selects an ArtifactUploader implementation based on available credentials.
  *
- * Returns undefined when artifact upload is not configured — the publish
- * step skips silently in that case (P5).
+ * Selection order:
+ *   1. config.artifactUpload === false → always skip (explicit opt-out)
+ *   2. GOOGLE_APPLICATION_CREDENTIALS or GCLOUD_PROJECT present → direct GCS
+ *   3. apiKey + apiUrl present → gateway-signed PUT URL
+ *   4. Neither → skip silently (P5)
+ *
+ * The bucket defaults to DEFAULT_ARTIFACT_BUCKET when not explicitly set —
+ * users only need to override for self-hosted deployments with a different
+ * bucket (and matching gateway signing credentials).
  *
  * Exported for unit-test access; not part of the public package API.
  */

package/dist/composition-root.js

@@ -83,13 +83,9 @@ export function createAppContext(config) {
             : fsCollector;
     }
     // Report artifact uploader — uploads structured files to GCS at known
-    // paths for Studio to fetch via signed URLs (D0030).
-    //
-    // Selection (W0042):
-    //   1. Direct GCS upload when ADC env vars are present (CI / GCP runtime)
-    //   2. API Gateway signed-URL upload when only an AILF API key is present
-    //      (local dev — no GCS credentials needed)
-    //   3. Skipped silently when neither is configured
+    // paths for Studio to fetch via signed URLs (D0030). Auto-detects the
+    // right adapter from available credentials; defaults bucket to
+    // "ailf-artifacts". Set artifactUpload: false to opt out entirely.
     const artifactUploader = createArtifactUploader(config, logger);
     return {
         artifactUploader,
@@ -120,34 +116,51 @@ function createLogger() {
             process.env.AILF_VERBOSE === "1",
     });
 }
+/**
+ * Shared GCS bucket for report artifacts. Matches the gateway default at
+ * packages/api/src/routes/artifacts.ts — both sides assume ailf-artifacts
+ * unless explicitly overridden. The gateway's signing credentials are scoped
+ * to this bucket, so alternate names require reconfiguring the gateway.
+ */
+const DEFAULT_ARTIFACT_BUCKET = "ailf-artifacts";
 /**
  * Selects an ArtifactUploader implementation based on available credentials.
  *
- * Returns undefined when artifact upload is not configured — the publish
- * step skips silently in that case (P5).
+ * Selection order:
+ *   1. config.artifactUpload === false → always skip (explicit opt-out)
+ *   2. GOOGLE_APPLICATION_CREDENTIALS or GCLOUD_PROJECT present → direct GCS
+ *   3. apiKey + apiUrl present → gateway-signed PUT URL
+ *   4. Neither → skip silently (P5)
+ *
+ * The bucket defaults to DEFAULT_ARTIFACT_BUCKET when not explicitly set —
+ * users only need to override for self-hosted deployments with a different
+ * bucket (and matching gateway signing credentials).
  *
  * Exported for unit-test access; not part of the public package API.
  */
 export function createArtifactUploader(config, logger) {
-    if (!config.artifactGcsBucket)
+    if (config.artifactUpload === false) {
+        logger.debug("Artifact upload explicitly disabled via artifactUpload=false");
         return undefined;
+    }
+    const bucket = config.artifactGcsBucket ?? DEFAULT_ARTIFACT_BUCKET;
     // CI / GCP runtime — direct GCS upload (fastest, no extra hop).
     // We treat the presence of either env var as the user opting in to ADC.
     const hasGcsCredentials = Boolean(process.env.GOOGLE_APPLICATION_CREDENTIALS || process.env.GCLOUD_PROJECT);
     if (hasGcsCredentials) {
-        logger.debug("Artifact uploader: GcsReportArtifactUploader (direct GCS via ADC)");
-        return new GcsReportArtifactUploader({ bucket: config.artifactGcsBucket });
+        logger.debug(`Artifact uploader: GcsReportArtifactUploader (direct GCS via ADC, bucket=${bucket})`);
+        return new GcsReportArtifactUploader({ bucket });
     }
     // Local dev — request signed PUT URLs from the API gateway, no GCS creds needed.
     if (config.apiKey && config.apiUrl) {
-        logger.debug(`Artifact uploader: ApiGatewayArtifactUploader (signed URL via ${config.apiUrl})`);
+        logger.debug(`Artifact uploader: ApiGatewayArtifactUploader (signed URL via ${config.apiUrl}, bucket=${bucket})`);
         return new ApiGatewayArtifactUploader({
             apiBaseUrl: config.apiUrl,
             apiKey: config.apiKey,
-            bucket: config.artifactGcsBucket,
+            bucket,
         });
     }
-    logger.debug("Artifact upload skipped: AILF_GCS_ARTIFACT_BUCKET set but no GCS credentials or AILF_API_KEY available");
+    logger.debug("Artifact upload skipped: no GCS credentials or AILF_API_KEY available");
     return undefined;
 }
 function createCache(config) {

package/dist/orchestration/build-app-context.d.ts

@@ -18,6 +18,14 @@ import type { ResolvedOptions } from "../commands/pipeline-action.js";
  * are derived (e.g., areas from areaOption).
  */
 export declare function mapToResolvedConfig(opts: ResolvedOptions, rootDir: string): ResolvedConfig;
+/**
+ * Parse the AILF_ARTIFACT_UPLOAD env var into a tri-state.
+ *
+ * - "0" | "false" → false (force-disable)
+ * - "1" | "true"  → true  (force-enable; still a no-op without credentials)
+ * - unset | other → undefined (auto-detect from credentials)
+ */
+export declare function parseArtifactUploadEnv(value: string | undefined): boolean | undefined;
 /**
  * Build an AppContext from legacy ResolvedOptions.
  *

package/dist/orchestration/build-app-context.js

@@ -85,8 +85,26 @@ export function mapToResolvedConfig(opts, rootDir) {
         captureGcsBucket: process.env.AILF_CAPTURE_GCS_BUCKET,
         captureGcsPrefix: process.env.AILF_CAPTURE_GCS_PREFIX,
         artifactGcsBucket: process.env.AILF_GCS_ARTIFACT_BUCKET,
+        artifactUpload: parseArtifactUploadEnv(process.env.AILF_ARTIFACT_UPLOAD),
     };
 }
+/**
+ * Parse the AILF_ARTIFACT_UPLOAD env var into a tri-state.
+ *
+ * - "0" | "false" → false (force-disable)
+ * - "1" | "true"  → true  (force-enable; still a no-op without credentials)
+ * - unset | other → undefined (auto-detect from credentials)
+ */
+export function parseArtifactUploadEnv(value) {
+    if (value === undefined)
+        return undefined;
+    const normalized = value.trim().toLowerCase();
+    if (normalized === "0" || normalized === "false")
+        return false;
+    if (normalized === "1" || normalized === "true")
+        return true;
+    return undefined;
+}
 /**
  * Build an AppContext from legacy ResolvedOptions.
  *

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@sanity/ailf",
-  "version": "2.5.0",
+  "version": "2.7.0",
   "private": false,
   "publishConfig": {
     "access": "public"