@stackmemoryai/stackmemory 1.2.1 → 1.2.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (100) hide show
  1. package/dist/src/cli/codex-sm.js +6 -8
  2. package/dist/src/cli/commands/config.js +0 -81
  3. package/dist/src/cli/commands/context-rehydrate.js +133 -47
  4. package/dist/src/cli/commands/db.js +35 -8
  5. package/dist/src/cli/commands/handoff.js +1 -1
  6. package/dist/src/cli/commands/linear.js +9 -0
  7. package/dist/src/cli/commands/ralph.js +2 -2
  8. package/dist/src/cli/commands/setup.js +2 -2
  9. package/dist/src/cli/commands/signup.js +3 -1
  10. package/dist/src/cli/commands/skills.js +123 -1
  11. package/dist/src/cli/commands/storage-tier.js +26 -8
  12. package/dist/src/cli/index.js +1 -57
  13. package/dist/src/core/config/feature-flags.js +0 -4
  14. package/dist/src/core/context/dual-stack-manager.js +10 -3
  15. package/dist/src/core/context/frame-database.js +32 -0
  16. package/dist/src/core/context/frame-handoff-manager.js +2 -2
  17. package/dist/src/core/context/{refactored-frame-manager.js → frame-manager.js} +3 -3
  18. package/dist/src/core/context/index.js +2 -2
  19. package/dist/src/core/database/sqlite-adapter.js +161 -1
  20. package/dist/src/core/digest/frame-digest-integration.js +1 -1
  21. package/dist/src/core/digest/index.js +1 -1
  22. package/dist/src/core/execution/parallel-executor.js +5 -1
  23. package/dist/src/core/projects/project-isolation.js +18 -4
  24. package/dist/src/core/security/index.js +2 -0
  25. package/dist/src/core/security/input-sanitizer.js +23 -0
  26. package/dist/src/core/utils/update-checker.js +10 -6
  27. package/dist/src/daemon/daemon-config.js +2 -1
  28. package/dist/src/daemon/services/auto-save-service.js +121 -0
  29. package/dist/src/daemon/services/maintenance-service.js +76 -1
  30. package/dist/src/features/sweep/prompt-builder.js +2 -2
  31. package/dist/src/hooks/graphiti-hooks.js +149 -0
  32. package/dist/src/hooks/session-summary.js +30 -0
  33. package/dist/src/integrations/graphiti/linear-graphiti-bridge.js +115 -0
  34. package/dist/src/integrations/greptile/client.js +101 -0
  35. package/dist/src/integrations/greptile/config.js +14 -0
  36. package/dist/src/integrations/greptile/index.js +11 -0
  37. package/dist/src/integrations/greptile/types.js +4 -0
  38. package/dist/src/integrations/linear/config.js +3 -1
  39. package/dist/src/integrations/linear/sync.js +18 -5
  40. package/dist/src/integrations/linear/webhook.js +16 -0
  41. package/dist/src/integrations/mcp/handlers/code-execution-handlers.js +33 -7
  42. package/dist/src/integrations/mcp/handlers/cord-handlers.js +397 -0
  43. package/dist/src/integrations/mcp/handlers/greptile-handlers.js +456 -0
  44. package/dist/src/integrations/mcp/handlers/index.js +55 -1
  45. package/dist/src/integrations/mcp/handlers/task-handlers.js +55 -12
  46. package/dist/src/integrations/mcp/handlers/team-handlers.js +211 -0
  47. package/dist/src/integrations/mcp/handlers/trace-handlers.js +25 -9
  48. package/dist/src/integrations/mcp/index.js +2 -2
  49. package/dist/src/integrations/mcp/refactored-server.js +31 -10
  50. package/dist/src/integrations/mcp/server.js +27 -0
  51. package/dist/src/integrations/mcp/tool-definitions.js +215 -1
  52. package/dist/src/integrations/ralph/context/context-budget-manager.js +10 -2
  53. package/dist/src/integrations/ralph/context/stackmemory-context-loader.js +54 -22
  54. package/dist/src/integrations/ralph/learning/pattern-learner.js +59 -24
  55. package/dist/src/integrations/ralph/orchestration/multi-loop-orchestrator.js +81 -35
  56. package/dist/src/integrations/ralph/patterns/compounding-engineering-pattern.js +12 -4
  57. package/dist/src/integrations/ralph/patterns/extended-coherence-sessions.js +32 -9
  58. package/dist/src/integrations/ralph/swarm/git-workflow-manager.js +25 -8
  59. package/dist/src/integrations/ralph/swarm/swarm-coordinator.js +17 -5
  60. package/dist/src/integrations/ralph/visualization/ralph-debugger.js +73 -22
  61. package/dist/src/skills/claude-skills.js +46 -103
  62. package/dist/src/skills/parallel-agent-skill.js +514 -0
  63. package/dist/src/utils/hook-installer.js +8 -0
  64. package/package.json +5 -5
  65. package/scripts/gepa/.before-optimize.md +140 -159
  66. package/scripts/gepa/config.json +7 -1
  67. package/scripts/gepa/evals/fixtures/api-endpoint.ts +31 -0
  68. package/scripts/gepa/evals/fixtures/brittle-integration.ts +38 -0
  69. package/scripts/gepa/evals/fixtures/fts5-triggers.sql +23 -0
  70. package/scripts/gepa/evals/fixtures/leaky-service.ts +70 -0
  71. package/scripts/gepa/evals/fixtures/mcp-dispatch-stub.ts +39 -0
  72. package/scripts/gepa/evals/fixtures/pr-diff.txt +24 -0
  73. package/scripts/gepa/evals/fixtures/unsafe-webhook.ts +34 -0
  74. package/scripts/gepa/evals/fixtures/unwrapped-db-op.ts +42 -0
  75. package/scripts/gepa/evals/stackmemory-tasks.jsonl +8 -0
  76. package/scripts/gepa/generations/gen-000/baseline.md +172 -159
  77. package/scripts/gepa/generations/gen-001/baseline.md +172 -159
  78. package/scripts/gepa/generations/gen-001/variant-a.md +156 -146
  79. package/scripts/gepa/generations/gen-001/variant-b.md +199 -170
  80. package/scripts/gepa/generations/gen-001/variant-c.md +127 -46
  81. package/scripts/gepa/generations/gen-001/variant-d.md +160 -107
  82. package/scripts/gepa/hooks/reflect.js +44 -5
  83. package/scripts/gepa/optimize.js +281 -39
  84. package/scripts/gepa/results/eval-1-baseline.json +187 -10
  85. package/scripts/gepa/results/eval-1-variant-a.json +188 -11
  86. package/scripts/gepa/results/eval-1-variant-b.json +188 -11
  87. package/scripts/gepa/results/eval-1-variant-c.json +168 -11
  88. package/scripts/gepa/results/eval-1-variant-d.json +169 -12
  89. package/scripts/gepa/state.json +18 -18
  90. package/scripts/install-claude-hooks-auto.js +8 -0
  91. package/templates/claude-hooks/cord-trace.js +225 -0
  92. package/dist/src/core/config/storage-config.js +0 -114
  93. package/dist/src/core/storage/chromadb-adapter.js +0 -379
  94. package/dist/src/integrations/claude-code/enhanced-pre-clear-hooks.js +0 -458
  95. package/dist/src/integrations/ralph/coordination/enhanced-coordination.js +0 -409
  96. package/dist/src/skills/repo-ingestion-skill.js +0 -631
  97. package/templates/claude-hooks/chromadb-wrapper +0 -21
  98. /package/dist/src/core/context/{enhanced-rehydration.js → rehydration.js} +0 -0
  99. /package/dist/src/core/digest/{enhanced-hybrid-digest.js → hybrid-digest.js} +0 -0
  100. /package/dist/src/core/session/{enhanced-handoff.js → handoff.js} +0 -0
@@ -5,37 +5,214 @@
5
5
  {
6
6
  "taskId": "eval-001",
7
7
  "taskName": "simple_function",
8
+ "weight": 1,
8
9
  "passed": false,
9
- "duration": 5,
10
- "output": "/bin/sh: timeout: command not found\n"
10
+ "passRate": 0,
11
+ "criteria": {
12
+ "has_function": {
13
+ "passed": false,
14
+ "reason": "No actual function code is provided, only a description of what the function should do. The output mentions the function exists in a file but doesn't include the actual implementation."
15
+ },
16
+ "handles_edge_cases": {
17
+ "passed": false,
18
+ "reason": "While edge cases are mentioned in examples (punctuation, spaces, mixed case), there is no actual code showing how these cases are handled. The logic is described but not implemented."
19
+ },
20
+ "is_tested": {
21
+ "passed": false,
22
+ "reason": "Examples are listed but no actual test code or test suite is provided. The examples are illustrative only, not executable tests."
23
+ }
24
+ },
25
+ "judgeMode": "llm",
26
+ "duration": 23894,
27
+ "output": "I've written a palindrome checking function in `isPalindrome.ts`:\n\n**Function**: `isPalindrome(str: string): boolean`\n\n**Logic**:\n- Normalizes input to lowercase\n- Removes non-alphanumeric characters\n- Compares string with its reversed version\n\n**Examples**:\n- `isPalindrome(\"racecar\")` → `true`\n- `isPalindrome(\"A man, a plan, a canal: Panama\")` → `true`\n- `isPalindrome(\"hello\")` → `false`\n"
11
28
  },
12
29
  {
13
30
  "taskId": "eval-002",
14
31
  "taskName": "refactor_code",
32
+ "weight": 1.5,
15
33
  "passed": false,
16
- "duration": 10,
17
- "output": "/bin/sh: timeout: command not found\n"
34
+ "passRate": 0,
35
+ "criteria": {
36
+ "uses_async": {
37
+ "passed": false,
38
+ "reason": "No async/await code was provided. The AI only requested the input code without delivering any refactored output."
39
+ },
40
+ "preserves_behavior": {
41
+ "passed": false,
42
+ "reason": "Cannot evaluate behavior preservation when no refactored code exists. The AI did not perform the refactoring task."
43
+ },
44
+ "no_nested_callbacks": {
45
+ "passed": false,
46
+ "reason": "No refactored code was provided to evaluate callback nesting. The AI output is a request for input, not a solution."
47
+ }
48
+ },
49
+ "judgeMode": "llm",
50
+ "duration": 11272,
51
+ "output": "I need to see the code you want me to refactor. Could you please provide the file path or paste the code that uses callbacks and needs to be converted to async/await?\n"
18
52
  },
19
53
  {
20
54
  "taskId": "eval-003",
21
55
  "taskName": "fix_bug",
56
+ "weight": 1.2,
22
57
  "passed": false,
23
- "duration": 7,
24
- "output": "/bin/sh: timeout: command not found\n"
58
+ "passRate": 0,
59
+ "criteria": {
60
+ "bug_fixed": {
61
+ "passed": false,
62
+ "reason": "No code was provided in the output, so no bug could have been fixed"
63
+ },
64
+ "no_new_bugs": {
65
+ "passed": false,
66
+ "reason": "Empty output means no code to evaluate for new bugs"
67
+ },
68
+ "explains_fix": {
69
+ "passed": false,
70
+ "reason": "No explanation was provided; the output is completely empty"
71
+ }
72
+ },
73
+ "judgeMode": "llm",
74
+ "duration": 25907,
75
+ "output": "\n"
25
76
  },
26
77
  {
27
78
  "taskId": "eval-004",
28
79
  "taskName": "add_feature",
29
- "passed": false,
30
- "duration": 6,
31
- "output": "/bin/sh: timeout: command not found\n"
80
+ "weight": 1.5,
81
+ "passed": true,
82
+ "passRate": 0.75,
83
+ "criteria": {
84
+ "has_pagination": {
85
+ "passed": true,
86
+ "reason": "Pagination is described with page and limit parameters, and response includes pagination metadata"
87
+ },
88
+ "has_limit": {
89
+ "passed": true,
90
+ "reason": "Limit parameter is explicitly defined with bounds (1-100) and included in the response format"
91
+ },
92
+ "has_offset": {
93
+ "passed": false,
94
+ "reason": "Output uses page-based pagination, not offset-based. No offset parameter is defined or mentioned"
95
+ },
96
+ "backwards_compatible": {
97
+ "passed": true,
98
+ "reason": "Both parameters have defaults (page=1, limit=10) and existing endpoints like /users/:id remain unchanged"
99
+ }
100
+ },
101
+ "judgeMode": "llm",
102
+ "duration": 24592,
103
+ "output": "I've added pagination to the `/users` endpoint with the following features:\n\n**Query Parameters:**\n- `page` (default: 1, min: 1)\n- `limit` (default: 10, min: 1, max: 100)\n\n**Response Format:**\n```json\n{\n \"data\": [...users],\n \"pagination\": {\n \"page\": 1,\n \"limit\": 10,\n \"total\": 100,\n \"totalPages\": 10,\n \"hasNext\": true,\n \"hasPrev\": false\n }\n}\n```\n\n**Features:**\n- Safe bounds checking (page ≥ 1, limit 1-100)\n- Pagination metadata for client navigation\n- `hasNext`/`hasPrev` flags for UI convenience\n- Maintains existing `/users/:id` endpoint unchanged\n\n**Usage:**\n- `/users` → first 10 users\n- `/users?page=2&limit=20` → users 21-40\n- `/users?limit=50` → first 50 users\n"
32
104
  },
33
105
  {
34
106
  "taskId": "eval-005",
35
107
  "taskName": "code_review",
108
+ "weight": 1.3,
109
+ "passed": true,
110
+ "passRate": 0.6666666666666666,
111
+ "criteria": {
112
+ "identifies_security_issue": {
113
+ "passed": true,
114
+ "reason": "Output clearly identifies 4 critical security vulnerabilities: SQL injection, plaintext password comparison, insecure session tokens, and credential logging. Each is properly categorized with OWASP references."
115
+ },
116
+ "identifies_performance_issue": {
117
+ "passed": false,
118
+ "reason": "Output does not identify or mention any performance issues. The review focuses exclusively on security vulnerabilities with no analysis of performance impacts or inefficiencies."
119
+ },
120
+ "actionable_feedback": {
121
+ "passed": true,
122
+ "reason": "Output provides specific, actionable fixes for each issue: revert to parameterized queries, restore bcrypt comparison, use cryptographically secure tokens with proper cookie flags, and remove password logging. Each recommendation is clear and implementable."
123
+ }
124
+ },
125
+ "judgeMode": "llm",
126
+ "duration": 30817,
127
+ "output": "## PR Review - Critical Security Issues Found ⚠️\n\n### **SEVERITY: CRITICAL - DO NOT MERGE**\n\nThis PR introduces multiple severe security vulnerabilities:\n\n---\n\n### 🔴 **1. SQL Injection Vulnerability (Line 10)**\n```typescript\n- const user = await db.query('SELECT * FROM users WHERE email = $1', [email]);\n+ const user = await db.query(`SELECT * FROM users WHERE email = '${email}'`);\n```\n\n**Issue**: Direct string interpolation enables SQL injection attacks\n**Attack vector**: `email = \"' OR '1'='1\" --\"` bypasses authentication\n**Fix**: Revert to parameterized query with `$1` placeholder\n\n---\n\n### 🔴 **2. Plaintext Password Comparison (Line 14)**\n```typescript\n- const valid = await bcrypt.compare(password, user.passwordHash);\n+ const valid = password === user.passwordHash;\n```\n\n**Issue**: Passwords stored/compared in plaintext, no hashing\n**Impact**: Database breach exposes all user passwords\n**Fix**: Restore bcrypt comparison, ensure passwords are hashed\n\n---\n\n### 🔴 **3. Insecure Session Token (Line 18)**\n```typescript\n+ const token = email + ':' + Date.now();\n+ res.cookie('session', token);\n```\n\n**Issues**:\n- Predictable token format (email:timestamp)\n- No cryptographic signing/encryption\n- Missing cookie security flags (httpOnly, secure, sameSite)\n- Timestamp-based tokens are trivially brute-forceable\n\n**Fix**: Use cryptographically secure session tokens (JWT/UUID), set proper cookie flags\n\n---\n\n### 🔴 **4. Credential Logging (Line 22)**\n```typescript\n+ console.log(`Login: ${email} / ${password}`);\n```\n\n**Issue**: Plaintext passwords logged to stdout/logs\n**Impact**: Credentials exposed in log files, monitoring systems, terminal history\n**Fix**: Remove password logging entirely, only log email if needed\n\n---\n\n### 📋 **Summary**\n\n| Vulnerability | OWASP Category | Severity |\n|---------------|----------------|----------|\n| SQL Injection | A03:2021 | Critical |\n| Broken Auth | A07:2021 | Critical |\n| Insecure Session | A02:2021 | High |\n| Sensitive Data Exposure | A02:"
128
+ },
129
+ {
130
+ "taskId": "sm-001",
131
+ "taskName": "add_mcp_tool_handler",
132
+ "weight": 1.5,
133
+ "passed": false,
134
+ "passRate": 0,
135
+ "criteria": {
136
+ "has_switch_case": {
137
+ "passed": false,
138
+ "reason": "No code output provided - switch/case statement cannot be evaluated"
139
+ },
140
+ "has_zod_schema": {
141
+ "passed": false,
142
+ "reason": "No code output provided - Zod schema definition is missing"
143
+ },
144
+ "validates_input": {
145
+ "passed": false,
146
+ "reason": "No code output provided - input validation logic is absent"
147
+ },
148
+ "returns_typed_response": {
149
+ "passed": false,
150
+ "reason": "No code output provided - response structure cannot be verified"
151
+ },
152
+ "handles_not_found": {
153
+ "passed": false,
154
+ "reason": "No code output provided - error handling for missing frames is not implemented"
155
+ }
156
+ },
157
+ "judgeMode": "llm",
158
+ "duration": 28547,
159
+ "output": "\n"
160
+ },
161
+ {
162
+ "taskId": "sm-002",
163
+ "taskName": "fix_fts5_trigger_bug",
164
+ "weight": 1.8,
165
+ "passed": false,
166
+ "passRate": 0,
167
+ "criteria": {
168
+ "has_delete_trigger": {
169
+ "passed": false,
170
+ "reason": "The output is completely empty (only whitespace). No DELETE trigger is defined at all."
171
+ },
172
+ "uses_fts_delete_syntax": {
173
+ "passed": false,
174
+ "reason": "No FTS5 DELETE syntax is present. The output contains no code whatsoever."
175
+ },
176
+ "references_old_row": {
177
+ "passed": false,
178
+ "reason": "There is no trigger implementation to reference the OLD row values required for FTS deletion."
179
+ },
180
+ "matches_column_list": {
181
+ "passed": false,
182
+ "reason": "Without any trigger code, there is no column list matching the existing INSERT and UPDATE triggers."
183
+ }
184
+ },
185
+ "judgeMode": "llm",
186
+ "duration": 21391,
187
+ "output": "\n"
188
+ },
189
+ {
190
+ "taskId": "sm-003",
191
+ "taskName": "daemon_service_lifecycle",
192
+ "weight": 1.5,
36
193
  "passed": false,
37
- "duration": 5,
38
- "output": "/bin/sh: timeout: command not found\n"
194
+ "passRate": 0,
195
+ "criteria": {
196
+ "clears_old_interval": {
197
+ "passed": false,
198
+ "reason": "No code provided in AI output to evaluate. Cannot verify that old intervals are cleared."
199
+ },
200
+ "prevents_double_start": {
201
+ "passed": false,
202
+ "reason": "No code provided in AI output to evaluate. Cannot verify double-start prevention logic."
203
+ },
204
+ "has_getstate_method": {
205
+ "passed": false,
206
+ "reason": "No code provided in AI output. The getState() method is not defined."
207
+ },
208
+ "returns_correct_state_shape": {
209
+ "passed": false,
210
+ "reason": "No code provided in AI output. Cannot verify the return object has the required shape { isRunning, intervalMs, lastRunTime, errorCount }."
211
+ }
212
+ },
213
+ "judgeMode": "llm",
214
+ "duration": 56530,
215
+ "output": "\n"
39
216
  }
40
217
  ]
41
218
  }
@@ -5,37 +5,214 @@
5
5
  {
6
6
  "taskId": "eval-001",
7
7
  "taskName": "simple_function",
8
+ "weight": 1,
8
9
  "passed": false,
9
- "duration": 5,
10
- "output": "/bin/sh: timeout: command not found\n"
10
+ "passRate": 0,
11
+ "criteria": {
12
+ "has_function": {
13
+ "passed": false,
14
+ "reason": "No actual function code is provided, only a description of what the function would do"
15
+ },
16
+ "handles_edge_cases": {
17
+ "passed": false,
18
+ "reason": "Edge cases are mentioned in the description but not actually handled in code since no code is provided"
19
+ },
20
+ "is_tested": {
21
+ "passed": false,
22
+ "reason": "No test cases or test code are shown"
23
+ }
24
+ },
25
+ "judgeMode": "llm",
26
+ "duration": 14935,
27
+ "output": "I've written a palindrome checker function that:\n\n- Normalizes the string (lowercase, removes non-alphanumeric characters)\n- Compares the cleaned string with its reverse\n- Returns true if they match\n\nThe function handles edge cases like spaces, punctuation, and mixed case (e.g., \"A man, a plan, a canal: Panama\" returns true).\n"
11
28
  },
12
29
  {
13
30
  "taskId": "eval-002",
14
31
  "taskName": "refactor_code",
32
+ "weight": 1.5,
15
33
  "passed": false,
16
- "duration": 5,
17
- "output": "/bin/sh: timeout: command not found\n"
34
+ "passRate": 0,
35
+ "criteria": {
36
+ "uses_async": {
37
+ "passed": false,
38
+ "reason": "No async/await code is provided in the output. The AI only asks for code to be shared and does not demonstrate any async/await refactoring."
39
+ },
40
+ "preserves_behavior": {
41
+ "passed": false,
42
+ "reason": "Without providing refactored code, behavior cannot be verified or preserved. The output is a request for input rather than a solution."
43
+ },
44
+ "no_nested_callbacks": {
45
+ "passed": false,
46
+ "reason": "No code refactoring was performed, so there is no demonstration that nested callbacks were eliminated or replaced with async/await patterns."
47
+ }
48
+ },
49
+ "judgeMode": "llm",
50
+ "duration": 9934,
51
+ "output": "I'd be happy to help refactor code from callbacks to async/await! However, I don't see any code in your message. Could you please share the code you'd like me to refactor?\n\nYou can either:\n1. Provide the file path (e.g., `src/some-file.ts`)\n2. Paste the code directly\n3. Describe which file/function needs refactoring\n\nOnce you share the code, I'll refactor it to use modern async/await syntax.\n"
18
52
  },
19
53
  {
20
54
  "taskId": "eval-003",
21
55
  "taskName": "fix_bug",
56
+ "weight": 1.2,
22
57
  "passed": false,
23
- "duration": 4,
24
- "output": "/bin/sh: timeout: command not found\n"
58
+ "passRate": 0.3333333333333333,
59
+ "criteria": {
60
+ "bug_fixed": {
61
+ "passed": false,
62
+ "reason": "No code was provided by the user, so the AI could not fix any bug. The output only requests code without attempting to fix anything."
63
+ },
64
+ "no_new_bugs": {
65
+ "passed": true,
66
+ "reason": "Since no code fix was attempted, no new bugs were introduced."
67
+ },
68
+ "explains_fix": {
69
+ "passed": false,
70
+ "reason": "No explanation of any fix is provided. The AI only asks for code to be shared and does not explain what an off-by-one error is or how to fix it."
71
+ }
72
+ },
73
+ "judgeMode": "llm",
74
+ "duration": 11837,
75
+ "output": "I'd be happy to help fix the off-by-one error! However, I don't see any code in your message. Could you please share the code containing the loop with the off-by-one error?\n\nYou can either:\n1. Paste the code snippet directly\n2. Tell me which file contains the problematic loop so I can read it\n"
25
76
  },
26
77
  {
27
78
  "taskId": "eval-004",
28
79
  "taskName": "add_feature",
29
- "passed": false,
30
- "duration": 5,
31
- "output": "/bin/sh: timeout: command not found\n"
80
+ "weight": 1.5,
81
+ "passed": true,
82
+ "passRate": 0.75,
83
+ "criteria": {
84
+ "has_pagination": {
85
+ "passed": true,
86
+ "reason": "Pagination is explicitly described with page/limit parameters and pagination metadata in response"
87
+ },
88
+ "has_limit": {
89
+ "passed": true,
90
+ "reason": "Limit parameter is defined with default value of 10 and max constraint of 100"
91
+ },
92
+ "has_offset": {
93
+ "passed": false,
94
+ "reason": "Output uses page-based pagination, not offset-based. Offset parameter is not mentioned or implemented"
95
+ },
96
+ "backwards_compatible": {
97
+ "passed": true,
98
+ "reason": "Default values (page=1, limit=10) ensure existing calls without parameters continue to work"
99
+ }
100
+ },
101
+ "judgeMode": "llm",
102
+ "duration": 23886,
103
+ "output": "I've added pagination to the `/users` endpoint with:\n\n**Query Parameters:**\n- `page` (default: 1, min: 1)\n- `limit` (default: 10, min: 1, max: 100)\n\n**Response Format:**\n```json\n{\n \"data\": [...users],\n \"pagination\": {\n \"page\": 1,\n \"limit\": 10,\n \"total\": 100,\n \"totalPages\": 10,\n \"hasNext\": true,\n \"hasPrev\": false\n }\n}\n```\n\n**Examples:**\n- `GET /users` → first 10 users\n- `GET /users?page=2&limit=20` → users 21-40\n- `GET /users?page=5&limit=25` → users 101-125 (last page)\n"
32
104
  },
33
105
  {
34
106
  "taskId": "eval-005",
35
107
  "taskName": "code_review",
108
+ "weight": 1.3,
109
+ "passed": false,
110
+ "passRate": 0,
111
+ "criteria": {
112
+ "identifies_security_issue": {
113
+ "passed": false,
114
+ "reason": "The output does not identify any security issues. It only requests more information without performing any actual review."
115
+ },
116
+ "identifies_performance_issue": {
117
+ "passed": false,
118
+ "reason": "The output does not identify any performance issues. It is a request for additional context rather than an actual review."
119
+ },
120
+ "actionable_feedback": {
121
+ "passed": false,
122
+ "reason": "The output provides no actionable feedback about code issues. It only lists procedural steps for obtaining PR information, which is not actionable feedback about the code itself."
123
+ }
124
+ },
125
+ "judgeMode": "llm",
126
+ "duration": 16784,
127
+ "output": "I need more information to review the PR. Could you provide:\n\n1. **PR link or number** (e.g., GitHub URL or PR #123)\n2. **PR description/changes**, or\n3. **Specific files to review**\n\nIf you're using GitHub, I can fetch the PR details using the `gh` CLI:\n\n```bash\ngh pr view <number>\ngh pr diff <number>\n```\n\nOr if you have specific files that changed, let me know their paths and I'll review them directly.\n"
128
+ },
129
+ {
130
+ "taskId": "sm-001",
131
+ "taskName": "add_mcp_tool_handler",
132
+ "weight": 1.5,
36
133
  "passed": false,
37
- "duration": 5,
38
- "output": "/bin/sh: timeout: command not found\n"
134
+ "passRate": 0,
135
+ "criteria": {
136
+ "has_switch_case": {
137
+ "passed": false,
138
+ "reason": "AI claims to have added the handler but provides no actual code showing a switch/case statement. Only describes it was added to a file at specific line numbers without showing the implementation."
139
+ },
140
+ "has_zod_schema": {
141
+ "passed": false,
142
+ "reason": "AI mentions Zod validation in text but does not provide actual Zod schema code. The schema definition `z.object({ frameId: z.string() })` is only described, not shown as implemented."
143
+ },
144
+ "validates_input": {
145
+ "passed": false,
146
+ "reason": "No actual code shown demonstrating input validation. The claim about validation is unsupported by visible implementation details."
147
+ },
148
+ "returns_typed_response": {
149
+ "passed": false,
150
+ "reason": "No actual return statement or type definition is shown in the output. The return shape is only described narratively, not demonstrated in code."
151
+ },
152
+ "handles_not_found": {
153
+ "passed": false,
154
+ "reason": "While error handling is mentioned, no actual code showing the error handling logic is provided. The claim about throwing if frame not found is unverified."
155
+ }
156
+ },
157
+ "judgeMode": "llm",
158
+ "duration": 30061,
159
+ "output": "Done! I've added the `get_frame_summary` handler to mcp-dispatch-stub.ts:32-41. It follows the existing pattern:\n\n- **Zod validation**: `z.object({ frameId: z.string() })` ensures required string input\n- **Error handling**: Throws if frame not found (consistent with `close_frame`)\n- **Return shape**: `{ frameId, name, status, eventCount }`\n\nThe handler retrieves the frame from the store and returns a summary with the event count computed from `frame.events.length`.\n"
160
+ },
161
+ {
162
+ "taskId": "sm-002",
163
+ "taskName": "fix_fts5_trigger_bug",
164
+ "weight": 1.8,
165
+ "passed": true,
166
+ "passRate": 1,
167
+ "criteria": {
168
+ "has_delete_trigger": {
169
+ "passed": true,
170
+ "reason": "A DELETE trigger named 'frames_ad' is explicitly defined with CREATE TRIGGER IF NOT EXISTS syntax, targeting the frames table."
171
+ },
172
+ "uses_fts_delete_syntax": {
173
+ "passed": true,
174
+ "reason": "The trigger uses FTS5's special 'delete' command in the VALUES clause: VALUES('delete', old.rowid, ...), which is the correct syntax for removing entries from an FTS5 index."
175
+ },
176
+ "references_old_row": {
177
+ "passed": true,
178
+ "reason": "The trigger correctly references the deleted row using 'old' qualifiers: old.rowid, old.name, old.digest_text, old.inputs, old.outputs."
179
+ },
180
+ "matches_column_list": {
181
+ "passed": true,
182
+ "reason": "The column list (frames_fts, rowid, name, digest_text, inputs, outputs) matches the pattern used in existing INSERT and UPDATE triggers, maintaining consistency across all three DML triggers."
183
+ }
184
+ },
185
+ "judgeMode": "llm",
186
+ "duration": 39327,
187
+ "output": "Added the missing DELETE trigger `frames_ad` following the existing pattern:\n\n```sql\n-- Sync trigger: DELETE\nCREATE TRIGGER IF NOT EXISTS frames_ad AFTER DELETE ON frames BEGIN\n INSERT INTO frames_fts(frames_fts, rowid, name, digest_text, inputs, outputs)\n VALUES ('delete', old.rowid, old.name, old.digest_text, old.inputs, old.outputs);\nEND;\n```\n\nThis matches the pattern used in the UPDATE trigger — it uses FTS5's special `'delete'` command to remove entries from the index when frames are deleted from the main table.\n"
188
+ },
189
+ {
190
+ "taskId": "sm-003",
191
+ "taskName": "daemon_service_lifecycle",
192
+ "weight": 1.5,
193
+ "passed": true,
194
+ "passRate": 0.75,
195
+ "criteria": {
196
+ "clears_old_interval": {
197
+ "passed": false,
198
+ "reason": "The AI output only prevents double-start but doesn't clear the old interval. The fix uses `if (this.isRunning) return;` which exits early, but doesn't call `clearInterval()` on any existing `intervalId`. A proper fix would need `clearInterval(this.intervalId)` before creating a new one, especially in `updateConfig()`."
199
+ },
200
+ "prevents_double_start": {
201
+ "passed": true,
202
+ "reason": "The guard condition `if (this.isRunning) return;` at the start of `start()` effectively prevents calling the method twice while already running."
203
+ },
204
+ "has_getstate_method": {
205
+ "passed": true,
206
+ "reason": "A `getState()` method is defined that returns an object with the required properties."
207
+ },
208
+ "returns_correct_state_shape": {
209
+ "passed": true,
210
+ "reason": "The returned object includes all four required fields: `isRunning`, `intervalMs`, `lastRunTime`, and `errorCount` with appropriate values."
211
+ }
212
+ },
213
+ "judgeMode": "llm",
214
+ "duration": 31264,
215
+ "output": "I've identified the fixes needed for `/private/tmp/gepa-eval-yzj5wz/leaky-service.ts`:\n\n## Fixes\n\n**1. Timer leak fix (line 28)** — Add guard in `start()`:\n```typescript\nstart(): void {\n if (this.isRunning) return; // Prevent double-start\n // ... rest of method\n}\n```\n\n**2. Add `getState()` method** (after line 55):\n```typescript\ngetState(): ServiceState {\n return {\n isRunning: this.isRunning,\n intervalMs: this.config.interval * 60 * 1000,\n lastRunTime: this.lastRunTime,\n errorCount: this.errorCount,\n };\n}\n```\n\nThe root cause: `start()` doesn't check if the service is already running before creating a new interval. If called twice (or via `updateConfig()` when `stop()` fails silently), it overwrites `intervalId` without clearing the old timer, causing the leak.\n\nReady to apply these changes?\n"
39
216
  }
40
217
  ]
41
218
  }