@trac3er/oh-my-god 2.0.8 → 2.0.9

package/hooks/shadow_manager.py

@@ -6,6 +6,7 @@ Maintains overlay-style shadow writes and evidence artifacts.
 from __future__ import annotations
 
 import hashlib
+import importlib
 import json
 import os
 import platform
@@ -18,8 +19,15 @@ from typing import Any
 HOOKS_DIR = os.path.dirname(__file__)
 if HOOKS_DIR not in sys.path:
     sys.path.insert(0, HOOKS_DIR)
-from _common import _resolve_project_dir
-from security_validators import ensure_path_within_dir, validate_opaque_identifier
+try:
+    from hooks._common import _resolve_project_dir
+    from hooks.security_validators import ensure_path_within_dir, validate_opaque_identifier
+except ImportError:
+    _common = importlib.import_module("_common")
+    security_validators = importlib.import_module("security_validators")
+    _resolve_project_dir = _common._resolve_project_dir
+    ensure_path_within_dir = security_validators.ensure_path_within_dir
+    validate_opaque_identifier = security_validators.validate_opaque_identifier
 
 
 def _project_dir() -> str:
@@ -189,6 +197,11 @@ def create_evidence_pack(
     lineage: dict[str, Any] | None = None,
     executor: dict[str, Any] | None = None,
     environment: dict[str, Any] | None = None,
+    artifacts: list[dict[str, Any]] | None = None,
+    claims: list[dict[str, Any]] | None = None,
+    test_delta: dict[str, Any] | None = None,
+    browser_evidence_path: str | None = None,
+    repro_pack_path: str | None = None,
 ) -> str:
     ensure_shadow_dirs(project_dir)
     run_id = _validated_run_id(run_id)
@@ -209,6 +222,7 @@ def create_evidence_pack(
     
     evidence = {
         "schema": "EvidencePack",
+        "schema_version": 2,
         "run_id": run_id,
         "created_at": _utc_now(),
         "tests": tests or [],
@@ -224,7 +238,16 @@ def create_evidence_pack(
         "lineage": lineage or {},
         "executor": executor,
         "environment": environment,
+        "artifacts": artifacts or [],
     }
+    if claims is not None:
+        evidence["claims"] = claims
+    if test_delta is not None:
+        evidence["test_delta"] = test_delta
+    if browser_evidence_path is not None:
+        evidence["browser_evidence_path"] = browser_evidence_path
+    if repro_pack_path is not None:
+        evidence["repro_pack_path"] = repro_pack_path
     evidence_path = ensure_path_within_dir(
         _evidence_root(project_dir),
         os.path.join(_evidence_root(project_dir), f"{run_id}.json"),

package/hooks/state_migration.py

@@ -115,6 +115,9 @@ MIGRATION_MAP: list[tuple[str, str, str]] = [
     ("dir", "repl_sessions", "state/repl_sessions"),
     ("dir", "sessions", "state/sessions"),
     ("dir", "snapshots", "state/snapshots"),
+    ("file", "current_branch.json", "state/current_branch.json"),
+    ("file", "background-verification.json", "state/background-verification.json"),
+    ("dir", "branches", "state/branches"),
     ("dir", "knowledge", "knowledge"),
 ]
 

package/hud/omg-hud.mjs

@@ -55,7 +55,7 @@ function readOmgVersion() {
 const OMG_VERSION = readOmgVersion();
 
 const DEFAULT_HUD_CONFIG = {
-  preset: "focused",
+  preset: "standard",
   elements: {
     cwd: true,
     cwdFormat: "relative",
@@ -129,7 +129,7 @@ const PRESET_CONFIGS = {
     safeMode: true,
     inventory: true,
   },
-  focused: {
+  standard: {
     cwd: true,
     cwdFormat: "relative",
     gitRepo: false,
@@ -251,6 +251,17 @@ const PRESET_CONFIGS = {
   },
 };
 
+const HUD_PRESET_ALIASES = {
+  focused: "standard",
+};
+
+function resolveHudPreset(preset) {
+  const requested = typeof preset === "string" ? preset : DEFAULT_HUD_CONFIG.preset;
+  const canonical = HUD_PRESET_ALIASES[requested] || requested;
+  if (PRESET_CONFIGS[canonical]) return canonical;
+  return DEFAULT_HUD_CONFIG.preset;
+}
+
 function countByExt(dirPath, ext) {
   if (!existsSync(dirPath)) return 0;
   try {
@@ -373,7 +384,7 @@ function readRawHudConfig() {
 
 function readHudConfig() {
   const source = readRawHudConfig();
-  const preset = source.preset || DEFAULT_HUD_CONFIG.preset;
+  const preset = resolveHudPreset(source.preset);
   const presetElements = PRESET_CONFIGS[preset] || {};
   const elements = {
     ...DEFAULT_HUD_CONFIG.elements,
@@ -530,6 +541,7 @@ function readOmgState(cwd) {
   const stateDir = join(cwd, ".omg", "state");
   const result = {
     modes: [],
+    currentMode: null,
     hookCount: 0,
     profile: null,
     ralph: null,
@@ -564,6 +576,14 @@ function readOmgState(cwd) {
     }
   }
 
+  const modeState = readJsonSafe(join(stateDir, "mode.json"));
+  if (modeState && typeof modeState === "object") {
+    const candidate = modeState.mode || modeState.current_mode || modeState.name;
+    if (typeof candidate === "string" && candidate.trim()) {
+      result.currentMode = candidate.trim().toLowerCase();
+    }
+  }
+
   const ralphState = readJsonSafe(join(stateDir, "ralph-state.json"));
   if (ralphState?.active) {
     result.ralph = {
@@ -627,6 +647,19 @@ function readOmgState(cwd) {
   return result;
 }
 
+function readBackgroundVerificationState(stateDir) {
+  const filePath = join(stateDir, "background-verification.json");
+  const data = readJsonSafe(filePath);
+  if (!data || data.schema !== "BackgroundVerificationState") return null;
+  return {
+    status: data.status || "unknown",
+    blockers: Array.isArray(data.blockers) ? data.blockers : [],
+    evidence_links: Array.isArray(data.evidence_links) ? data.evidence_links : [],
+    progress: data.progress || {},
+    updated_at: data.updated_at || null,
+  };
+}
+
 function parseTranscript(transcriptPath) {
   const result = {
     tools: 0,
@@ -814,6 +847,29 @@ function renderBackgroundTasks(tasks) {
   return `bg:${colorFn(`${running}/${MAX}`)}`;
 }
 
+function renderVerificationStatus(state) {
+  if (!state) return dim("verification: unknown");
+  const { status, blockers, evidence_links } = state;
+  const blockerCount = blockers.length;
+  const latestEvidence = evidence_links.length > 0
+    ? evidence_links[evidence_links.length - 1]
+    : null;
+  const evidenceSuffix = latestEvidence
+    ? ` ${dim(`evidence:${basename(latestEvidence)}`)}`
+    : "";
+  if (status === "ok") {
+    return green("\u2713 verification ok") + evidenceSuffix;
+  }
+  if (status === "running") {
+    return yellow("\u27F3 verification running") + evidenceSuffix;
+  }
+  if (status === "error" || status === "blocked") {
+    const blockerSuffix = blockerCount > 0 ? ` (${blockerCount} blockers)` : "";
+    return red(`\u2717 verification blocked${blockerSuffix}`) + evidenceSuffix;
+  }
+  return dim("verification: unknown");
+}
+
 function renderTodos(todos) {
   if (!todos || todos.length === 0) return null;
   const completed = todos.filter((t) => t.status === "completed").length;
@@ -1136,6 +1192,9 @@ async function main() {
 
     // Active skills (modes) + last skill
     if (cfg.elements.activeSkills !== false) {
+      if (omgState.currentMode) {
+        els.push(`mode:${cyan(omgState.currentMode)}`);
+      }
       const modeBadges = renderModeBadges(omgState.modes, {
         hideRalph: !!omgState.ralph,
         hideAutopilot: !!omgState.autopilot,
@@ -1181,6 +1240,10 @@ async function main() {
       if (bgEl) els.push(bgEl);
     }
 
+    const verificationStateDir = join(cwd, ".omg", "state");
+    const verificationState = readBackgroundVerificationState(verificationStateDir);
+    els.push(renderVerificationStatus(verificationState));
+
     // Model name
     if (cfg.elements.model !== false && model && model !== "?") {
       els.push(dim(model));

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@trac3er/oh-my-god",
-  "version": "2.0.8",
+  "version": "2.0.9",
   "description": "OMG (Oh My God) — Multi-agent orchestration, evidence-backed verification, and durable session state for Claude Code, Codex, and supported agent hosts",
   "main": "OMG-setup.sh",
   "scripts": {

package/plugins/advanced/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "omg-advanced",
-  "version": "2.0.8",
+  "version": "2.0.9",
   "description": "Advanced OMG commands - deep planning, learning, code review, and specialized workflows",
   "type": "omg-plugin",
   "commands": {

package/plugins/core/plugin.json

@@ -1,6 +1,6 @@
 {
   "name": "omg-core",
-  "version": "2.0.8",
+  "version": "2.0.9",
   "description": "Core OMG commands - native setup, routing, orchestration, and verification surfaces",
   "type": "omg-plugin",
   "commands": {

package/plugins/dephealth/cve_scanner.py

@@ -10,7 +10,11 @@ import urllib.request
 
 
 OSV_BATCH_URL = "https://api.osv.dev/v1/querybatch"
+KEV_URL = "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
+EPSS_URL_TEMPLATE = "https://api.first.org/data/v1/epss?cve={cve_id}"
 CACHE_REL_PATH = Path(".omg") / "state" / "cve-cache.json"
+KEV_CACHE_REL_PATH = Path(".omg") / "state" / "kev-cache.json"
+EPSS_CACHE_REL_PATH = Path(".omg") / "state" / "epss-cache.json"
 CACHE_TTL_HOURS = 24
 
 
@@ -72,6 +76,93 @@ def scan_for_cves(dependency_list: list[dict[str, str]], project_dir: str = ".")
     return scan_result
 
 
+def enrich_with_kev(finding: dict[str, Any], cache_dir: str) -> dict[str, Any]:
+    result = dict(finding)
+    if not _dep_health_enabled():
+        result["kev_listed"] = False
+        return result
+
+    cve_id = str(finding.get("id", "")).strip()
+    if not cve_id:
+        result["kev_listed"] = False
+        return result
+
+    cache_path = Path(cache_dir) / KEV_CACHE_REL_PATH
+    cached = _load_cache(cache_path)
+
+    if cached and _is_cache_fresh(cached.get("fetched_at")):
+        result["kev_listed"] = cve_id in cached.get("cve_ids", [])
+        return result
+
+    try:
+        kev_data = _fetch_kev_catalog()
+        kev_ids = [v.get("cveID", "") for v in kev_data.get("vulnerabilities", [])]
+        _save_cache(cache_path, {
+            "fetched_at": datetime.now(timezone.utc).isoformat(),
+            "cve_ids": kev_ids,
+        })
+        result["kev_listed"] = cve_id in kev_ids
+    except (urllib.error.URLError, OSError, json.JSONDecodeError):
+        if cached:
+            result["kev_listed"] = cve_id in cached.get("cve_ids", [])
+        else:
+            result["kev_listed"] = False
+    return result
+
+
+def enrich_with_epss(finding: dict[str, Any], cache_dir: str) -> dict[str, Any]:
+    result = dict(finding)
+    if not _dep_health_enabled():
+        result["epss_score"] = None
+        return result
+
+    cve_id = str(finding.get("id", "")).strip()
+    if not cve_id:
+        result["epss_score"] = None
+        return result
+
+    cache_path = Path(cache_dir) / EPSS_CACHE_REL_PATH
+    cached = _load_cache(cache_path) or {}
+    entries = cached.get("entries", {})
+
+    entry = entries.get(cve_id)
+    if entry and _is_cache_fresh(entry.get("fetched_at")):
+        result["epss_score"] = entry.get("epss")
+        return result
+
+    try:
+        epss_data = _fetch_epss_score(cve_id)
+        data_list = epss_data.get("data", [])
+        score = float(data_list[0].get("epss", 0)) if data_list else None
+        entries[cve_id] = {
+            "epss": score,
+            "fetched_at": datetime.now(timezone.utc).isoformat(),
+        }
+        _save_cache(cache_path, {"entries": entries})
+        result["epss_score"] = score
+    except (urllib.error.URLError, OSError, json.JSONDecodeError, ValueError, TypeError):
+        if entry:
+            result["epss_score"] = entry.get("epss")
+        else:
+            result["epss_score"] = None
+    return result
+
+
+def _fetch_kev_catalog() -> dict[str, Any]:
+    request = urllib.request.Request(KEV_URL, headers={"Accept": "application/json"})
+    with urllib.request.urlopen(request, timeout=15) as response:
+        body = response.read().decode("utf-8")
+    return json.loads(body)
+
+
+def _fetch_epss_score(cve_id: str) -> dict[str, Any]:
+    url = EPSS_URL_TEMPLATE.format(cve_id=cve_id)
+    request = urllib.request.Request(url, headers={"Accept": "application/json"})
+    with urllib.request.urlopen(request, timeout=15) as response:
+        body = response.read().decode("utf-8")
+    return json.loads(body)
+
+
 def _query_osv_batch(dependency_list: list[dict[str, str]]) -> dict[str, Any]:
     payload = {
         "queries": [

package/plugins/dephealth/vuln_analyzer.py

@@ -3,6 +3,8 @@ import re
 from pathlib import Path
 from typing import Any
 
+from plugins.dephealth.cve_scanner import enrich_with_kev, enrich_with_epss
+
 
 _CRITICAL_PATTERN = re.compile(r"\bcritical\b", re.IGNORECASE)
 _HIGH_PATTERN = re.compile(r"\bhigh\b", re.IGNORECASE)
@@ -33,6 +35,9 @@ def analyze_reachability(cve_result: dict[str, Any], project_dir: str) -> dict[s
     risk_level = _classify_risk(reachability, summary)
     recommendation = _build_recommendation(package, fixed_version, reachability)
 
+    kev_enriched = enrich_with_kev({"id": cve_id}, project_dir)
+    epss_enriched = enrich_with_epss({"id": cve_id}, project_dir)
+
     return {
         "package": package,
         "cve_id": cve_id,
@@ -40,6 +45,8 @@ def analyze_reachability(cve_result: dict[str, Any], project_dir: str) -> dict[s
         "import_locations": sorted(imported_files),
         "risk_level": risk_level,
         "recommendation": recommendation,
+        "kev_listed": kev_enriched.get("kev_listed", False),
+        "epss_score": epss_enriched.get("epss_score"),
     }
 
 

package/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "oh-my-god"
-version = "2.0.8"
+version = "2.0.9"
 description = "OMG (Oh My God) — Multi-agent orchestration, evidence-backed verification, and durable session state for Claude Code, Codex, and supported agent hosts"
 readme = "README.md"
 requires-python = ">=3.10"

package/registry/omg-capability.schema.json

@@ -43,7 +43,9 @@
         "type": "string",
         "enum": [
           "claude",
-          "codex"
+          "codex",
+          "gemini",
+          "kimi"
         ]
       },
       "minItems": 1
@@ -281,6 +283,86 @@
                 }
               },
               "additionalProperties": true
+            },
+            "gemini": {
+              "type": "object",
+              "required": [
+                "compilation_targets",
+                "mcp",
+                "skills",
+                "automations"
+              ],
+              "properties": {
+                "compilation_targets": {
+                  "type": "array",
+                  "minItems": 1,
+                  "items": {
+                    "type": "string"
+                  }
+                },
+                "mcp": {
+                  "type": "array",
+                  "minItems": 1,
+                  "items": {
+                    "type": "string"
+                  }
+                },
+                "skills": {
+                  "type": "array",
+                  "minItems": 1,
+                  "items": {
+                    "type": "string"
+                  }
+                },
+                "automations": {
+                  "type": "array",
+                  "minItems": 1,
+                  "items": {
+                    "type": "string"
+                  }
+                }
+              },
+              "additionalProperties": true
+            },
+            "kimi": {
+              "type": "object",
+              "required": [
+                "compilation_targets",
+                "mcp",
+                "skills",
+                "automations"
+              ],
+              "properties": {
+                "compilation_targets": {
+                  "type": "array",
+                  "minItems": 1,
+                  "items": {
+                    "type": "string"
+                  }
+                },
+                "mcp": {
+                  "type": "array",
+                  "minItems": 1,
+                  "items": {
+                    "type": "string"
+                  }
+                },
+                "skills": {
+                  "type": "array",
+                  "minItems": 1,
+                  "items": {
+                    "type": "string"
+                  }
+                },
+                "automations": {
+                  "type": "array",
+                  "minItems": 1,
+                  "items": {
+                    "type": "string"
+                  }
+                }
+              },
+              "additionalProperties": true
             }
           },
           "additionalProperties": true

package/runtime/adoption.py

@@ -2,8 +2,8 @@
 from __future__ import annotations
 
 import json
+import importlib
 from pathlib import Path
-from typing import Any
 
 
 CANONICAL_BRAND = "OMG"
@@ -11,10 +11,12 @@ CANONICAL_REPO_URL = "https://github.com/trac3er00/OMG"
 CANONICAL_PACKAGE_NAME = "@trac3er/oh-my-god"
 CANONICAL_PLUGIN_ID = "omg"
 CANONICAL_MARKETPLACE_ID = "omg"
-CANONICAL_VERSION = "2.0.8"
+CANONICAL_VERSION = "2.0.9"
 
 VALID_ADOPTION_MODES = ("omg-only", "coexist")
 VALID_PRESETS = ("safe", "balanced", "interop", "labs")
+CANONICAL_MODE_NAMES = ("chill", "focused", "exploratory")
+"""Cross-surface user-facing mode names reserved for the shared mode system."""
 
 MANAGED_PRESET_FLAGS = (
     "SETUP",
@@ -91,6 +93,12 @@ def get_preset_features(preset: str | None) -> dict[str, bool]:
     return dict(PRESET_FEATURES[resolved])
 
 
+def get_mode_profile(mode: str) -> dict[str, object]:
+    runtime_profile = importlib.import_module("runtime.runtime_profile")
+    loader = getattr(runtime_profile, "load_canonical_mode_profile")
+    return loader(mode)
+
+
 def _resolve_claude_dir(base_dir: Path) -> Path:
     nested = base_dir / ".claude"
     if nested.exists():
@@ -180,7 +188,7 @@ def build_adoption_report(
     requested_mode: str | None = None,
     preset: str | None = None,
     adopt: str = "auto",
-) -> dict[str, Any]:
+) -> dict[str, object]:
     detected_ecosystems = detect_ecosystems(project_dir) if adopt == "auto" else []
     recommended_mode = recommend_mode(detected_ecosystems)
     selected_mode = requested_mode if requested_mode in VALID_ADOPTION_MODES else recommended_mode
@@ -204,9 +212,9 @@ def build_adoption_report(
     }
 
 
-def write_adoption_report(project_dir: str | Path, report: dict[str, Any]) -> str:
+def write_adoption_report(project_dir: str | Path, report: dict[str, object]) -> str:
     state_dir = Path(project_dir) / ".omg" / "state"
     state_dir.mkdir(parents=True, exist_ok=True)
     report_path = state_dir / "adoption-report.json"
-    report_path.write_text(json.dumps(report, indent=2, ensure_ascii=True) + "\n", encoding="utf-8")
+    _ = report_path.write_text(json.dumps(report, indent=2, ensure_ascii=True) + "\n", encoding="utf-8")
     return str(report_path)