@unimatrix27/ralph-harness 1.0.0

package/dist/lib/post-hoc-agent-stuck-checker.js

@@ -0,0 +1,142 @@
+// post-hoc-agent-stuck-checker — slice-9 contract, ported to TS.
+//
+// After the EC2 instance terminates, the launcher checks whether the
+// implementation call left behind a marker:
+//
+//   - PR on the target repo carrying `<!-- ralph-launch: <tag> -->` in body
+//   - or, if no such PR, a `PICKED_ISSUE=<n>` line in the per-instance
+//     CloudWatch stream
+//
+// Outcomes:
+//   - PR found              → ClearTermination (the run produced output)
+//   - No PR, no picked issue → NoPickedIssueRecoverable (e.g. discovery
+//                              returned NONE/ALL_BLOCKED before any work)
+//   - No PR, picked issue   → AgentStuckLabelApplied (the launcher labels
+//                              the source issue `agent-stuck`)
+//
+// Composes:
+//   gh-runner            — list PRs, edit issue label
+//   aws-clients          — CloudWatch FilterLogEventsCommand
+//   structured-log-emitter — info-line sink for the diagnostic trail
+//
+// Failure mode: any read failure (gh auth, CloudWatch transient, missing
+// log stream) is treated as "no signal recovered" and the check returns
+// without applying a label. The cost of a missed label is a stale
+// `ready-for-agent` issue that the next iteration can re-evaluate; the
+// cost of a wrong label is operator confusion. Asymmetric, so we err on
+// the side of silence.
+import { FilterLogEventsCommand } from "@aws-sdk/client-cloudwatch-logs";
+import { GhRunnerError, runGh } from "./gh-runner.js";
+export const MODULE_PREFIX = "post-hoc-agent-stuck-checker";
+const noop = () => { };
+// findPrWithLaunchTag — list recent PRs (any state) on the target repo
+// whose body contains the `ralph-launch: <tag>` marker. Returns the first
+// match's PR number, or null. Network/auth failures return null.
+export async function findPrWithLaunchTag(repo, launchTag) {
+    let parsed;
+    try {
+        const r = runGh([
+            "pr",
+            "list",
+            "--repo",
+            repo,
+            "--state",
+            "all",
+            "--limit",
+            "50",
+            "--json",
+            "number,body",
+        ]);
+        const data = JSON.parse(r.stdout);
+        if (!Array.isArray(data))
+            return null;
+        parsed = data
+            .filter((i) => !!i &&
+            typeof i === "object" &&
+            typeof i.number === "number")
+            .map((i) => ({
+            number: i.number,
+            body: typeof i.body === "string"
+                ? i.body
+                : null,
+        }));
+    }
+    catch (err) {
+        if (err instanceof GhRunnerError)
+            return null;
+        return null;
+    }
+    const marker = `ralph-launch: ${launchTag}`;
+    for (const pr of parsed) {
+        if (pr.body && pr.body.includes(marker))
+            return pr.number;
+    }
+    return null;
+}
+// fetchPickedIssue — query CloudWatch for the orchestrator's
+// `PICKED_ISSUE=<n>` marker on the per-instance log stream. Returns the
+// integer or null on any failure.
+export async function fetchPickedIssue(clients, logGroup, instanceId) {
+    try {
+        const r = await clients.logs.send(new FilterLogEventsCommand({
+            logGroupName: logGroup,
+            logStreamNames: [instanceId],
+            filterPattern: '"PICKED_ISSUE="',
+        }));
+        for (const ev of r.events ?? []) {
+            const msg = ev.message ?? "";
+            const m = msg.match(/PICKED_ISSUE=(\d+)/);
+            if (m && m[1]) {
+                const n = Number.parseInt(m[1], 10);
+                if (Number.isFinite(n) && n > 0)
+                    return n;
+            }
+        }
+        return null;
+    }
+    catch {
+        return null;
+    }
+}
+// applyAgentStuckLabel — best-effort `gh issue edit --add-label`. We never
+// throw here: a label that was already applied returns non-zero with a
+// useful message, but for our purposes the post-condition (label present)
+// is what matters, and that's the case whether or not we re-applied.
+export function applyAgentStuckLabel(repo, issue, label, info) {
+    try {
+        runGh([
+            "issue",
+            "edit",
+            String(issue),
+            "--repo",
+            repo,
+            "--add-label",
+            label,
+        ]);
+        return true;
+    }
+    catch (err) {
+        if (err instanceof GhRunnerError) {
+            info(`${MODULE_PREFIX}: gh issue edit returned ${err.exitCode} (label may already be present)`);
+            return false;
+        }
+        throw err;
+    }
+}
+export async function postHocCheck(opts) {
+    const info = opts.info ?? noop;
+    const prNumber = await findPrWithLaunchTag(opts.targetRepo, opts.launchTag);
+    if (prNumber !== null) {
+        info(`${MODULE_PREFIX}: PR #${prNumber} carries launch tag ${opts.launchTag} — clean termination`);
+        return { kind: "ClearTermination", prNumber };
+    }
+    const issue = await fetchPickedIssue(opts.clients, opts.logGroup, opts.instanceId);
+    if (issue === null) {
+        info(`${MODULE_PREFIX}: no PR for launch ${opts.launchTag} and no picked issue recoverable from CloudWatch — nothing to label`);
+        return { kind: "NoPickedIssueRecoverable" };
+    }
+    info(`${MODULE_PREFIX}: no PR for launch ${opts.launchTag} — applying ${opts.agentStuckLabel} to ${opts.targetRepo}#${issue}`);
+    applyAgentStuckLabel(opts.targetRepo, issue, opts.agentStuckLabel, info);
+    return { kind: "AgentStuckLabelApplied", issue };
+}
+//# sourceMappingURL=post-hoc-agent-stuck-checker.js.map

package/dist/lib/post-hoc-agent-stuck-checker.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"post-hoc-agent-stuck-checker.js","sourceRoot":"","sources":["../../src/lib/post-hoc-agent-stuck-checker.ts"],"names":[],"mappings":"AAAA,iEAAiE;AACjE,EAAE;AACF,qEAAqE;AACrE,4CAA4C;AAC5C,EAAE;AACF,4EAA4E;AAC5E,uEAAuE;AACvE,wBAAwB;AACxB,EAAE;AACF,YAAY;AACZ,yEAAyE;AACzE,wEAAwE;AACxE,0EAA0E;AAC1E,0EAA0E;AAC1E,+DAA+D;AAC/D,EAAE;AACF,YAAY;AACZ,sDAAsD;AACtD,6DAA6D;AAC7D,qEAAqE;AACrE,EAAE;AACF,yEAAyE;AACzE,wEAAwE;AACxE,kEAAkE;AAClE,uEAAuE;AACvE,wEAAwE;AACxE,uBAAuB;AAEvB,OAAO,EAAE,sBAAsB,EAAE,MAAM,iCAAiC,CAAC;AAGzE,OAAO,EAAE,aAAa,EAAE,KAAK,EAAE,MAAM,gBAAgB,CAAC;AAGtD,MAAM,CAAC,MAAM,aAAa,GAAG,8BAA8B,CAAC;AAiB5D,MAAM,IAAI,GAAS,GAAG,EAAE,GAAE,CAAC,CAAC;AAO5B,uEAAuE;AACvE,0EAA0E;AAC1E,iEAAiE;AACjE,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,IAAY,EACZ,SAAiB;IAEjB,IAAI,MAAoB,CAAC;IACzB,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,KAAK,CAAC;YACd,IAAI;YACJ,MAAM;YACN,QAAQ;YACR,IAAI;YACJ,SAAS;YACT,KAAK;YACL,SAAS;YACT,IAAI;YACJ,QAAQ;YACR,aAAa;SACd,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QAClC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,CAAC;QACtC,MAAM,GAAG,IAAI;aACV,MAAM,CACL,CAAC,CAAC,EAAmB,EAAE,CACrB,CAAC,CAAC,CAAC;YACH,OAAO,CAAC,KAAK,QAAQ;YACrB,OAAQ,CAA0B,CAAC,MAAM,KAAK,QAAQ,CACzD;aACA,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACX,MAAM,EAAG,CAAwB,CAAC,MAAM;YACxC,IAAI,EAAE,OAAQ,CAAwB,CAAC,IAAI,KAAK,QAAQ;gBACtD,CAAC,CAAE,CAAsB,CAAC,IAAI;gBAC9B,CAAC,CAAC,IAAI;SACT,CAAC,CAAC,CAAC;IACR,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,aAAa;YAAE,OAAO,IAAI,CAAC;QAC9C,OAAO,IAAI,CAAC;IACd,CAAC;IACD,MAAM,MAAM,GAAG,iBAAiB,SAAS,EAAE,CAAC;IAC5C,KAAK,MAAM,EAAE,IAAI,MAAM,EAAE,CAAC;QACxB,IAAI,EAAE,CAAC,IAAI,IAAI,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;YAAE,OAAO,EAAE,CAAC,MAAM,CAAC;IAC5D,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,6DAA6D;AAC7D,wEAAwE;AACxE,kCAAkC;AAClC,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,OAAmB,EACnB,QAAgB,EAChB,UAAkB;IAElB,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,IAAI,CAC/B,IAAI,sBAAsB,CAAC;YACzB,YAAY,EAAE,QAAQ;YACtB,cAAc,EAAE,CAAC,UAAU,CAAC;YAC5B,aAAa,EAAE,iBAAiB;SACjC,CAAC,CACH,CAAC;QACF,KAAK,MAAM,EAAE,IAAI,CAAC,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;YAChC,MAAM,GAAG,GAAG,EAAE,CAAC,OAAO,IAAI,EAAE,CAAC;YAC7B,MAAM,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;YAC1C,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACd,MAAM,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACpC,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC;oBAAE,OAAO,CAAC,CAAC;YAC5C,CAAC;QACH,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,2EAA2E;AAC3E,uEAAuE;AACvE,0EAA0E;AAC1E,qEAAqE;AACrE,MAAM,UAAU,oBAAoB,CAClC,IAAY,EACZ,KAAa,EACb,KAAa,EACb,IAAU;IAEV,IAAI,CAAC;QACH,KAAK,CAAC;YACJ,OAAO;YACP,MAAM;YACN,MAAM,CAAC,KAAK,CAAC;YACb,QAAQ;YACR,IAAI;YACJ,aAAa;YACb,KAAK;SACN,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,aAAa,EAAE,CAAC;YACjC,IAAI,CACF,GAAG,aAAa,4BAA4B,GAAG,CAAC,QAAQ,iCAAiC,CAC1F,CAAC;YACF,OAAO,KAAK,CAAC;QACf,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,IAAkB;IAElB,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC;IAC/B,MAAM,QAAQ,GAAG,MAAM,mBAAmB,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;IAC5E,IAAI,QAAQ,KAAK,IAAI,EAAE,CAAC;QACtB,IAAI,CACF,GAAG,aAAa,SAAS,QAAQ,uBAAuB,IAAI,CAAC,SAAS,sBAAsB,CAC7F,CAAC;QACF,OAAO,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,CAAC;IAChD,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,gBAAgB,CAClC,IAAI,CAAC,OAAO,EACZ,IAAI,CAAC,QAAQ,EACb,IAAI,CAAC,UAAU,CAChB,CAAC;IACF,IAAI,KAAK,KAAK,IAAI,EAAE,CAAC;QACnB,IAAI,CACF,GAAG,aAAa,sBAAsB,IAAI,CAAC,SAAS,qEAAqE,CAC1H,CAAC;QACF,OAAO,EAAE,IAAI,EAAE,0BAA0B,EAAE,CAAC;IAC9C,CAAC;IAED,IAAI,CACF,GAAG,aAAa,sBAAsB,IAAI,CAAC,SAAS,eAAe,IAAI,CAAC,eAAe,OAAO,IAAI,CAAC,UAAU,IAAI,KAAK,EAAE,CACzH,CAAC;IACF,oBAAoB,CAClB,IAAI,CAAC,UAAU,EACf,KAAK,EACL,IAAI,CAAC,eAAe,EACpB,IAAI,CACL,CAAC;IACF,OAAO,EAAE,IAAI,EAAE,wBAAwB,EAAE,KAAK,EAAE,CAAC;AACnD,CAAC"}

package/dist/lib/prompt-renderer.d.ts

@@ -0,0 +1,4 @@
+export declare const MODULE_PREFIX = "prompt-renderer";
+export type PromptContext = Readonly<Record<string, string>>;
+export declare function render(template: string, context: PromptContext): string;
+//# sourceMappingURL=prompt-renderer.d.ts.map

package/dist/lib/prompt-renderer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"prompt-renderer.d.ts","sourceRoot":"","sources":["../../src/lib/prompt-renderer.ts"],"names":[],"mappings":"AAkBA,eAAO,MAAM,aAAa,oBAAoB,CAAC;AAE/C,MAAM,MAAM,aAAa,GAAG,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;AAI7D,wBAAgB,MAAM,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,GAAG,MAAM,CAQvE"}

package/dist/lib/prompt-renderer.js

@@ -0,0 +1,30 @@
+// prompt-renderer — pure {{...}} substitution for the harness prompt
+// templates. Replaces the bash parameter-expansion blocks in iteration-1's
+// ec2-orchestrator.sh.
+//
+// Contract:
+//   render(template, context) — returns a new string with every `{{KEY}}`
+//   occurrence replaced by `context[KEY]`. Keys are matched literally (no
+//   surrounding whitespace allowed inside the braces — the legacy bash port
+//   never produced any). Missing keys are left as the literal placeholder
+//   `{{KEY}}`; the call does NOT throw, mirroring the bash behaviour where an
+//   unset variable expanded to empty *or* untouched depending on quoting. We
+//   pick "leave untouched" so a missing-key bug is grep-visible in the
+//   rendered output rather than silently swallowed.
+//
+//   Escape: a `{{KEY}}` placeholder preceded by a backslash (`\{{KEY}}`) is
+//   emitted as the literal `{{KEY}}` with the backslash stripped — escape
+//   hatch for documentation that has to mention placeholder syntax verbatim.
+export const MODULE_PREFIX = "prompt-renderer";
+const PLACEHOLDER_RE = /(\\)?\{\{([A-Za-z_][A-Za-z0-9_]*)\}\}/g;
+export function render(template, context) {
+    return template.replace(PLACEHOLDER_RE, (match, escape, key) => {
+        if (escape)
+            return `{{${key}}}`;
+        if (Object.prototype.hasOwnProperty.call(context, key)) {
+            return context[key] ?? "";
+        }
+        return match;
+    });
+}
+//# sourceMappingURL=prompt-renderer.js.map

package/dist/lib/prompt-renderer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"prompt-renderer.js","sourceRoot":"","sources":["../../src/lib/prompt-renderer.ts"],"names":[],"mappings":"AAAA,qEAAqE;AACrE,2EAA2E;AAC3E,uBAAuB;AACvB,EAAE;AACF,YAAY;AACZ,0EAA0E;AAC1E,0EAA0E;AAC1E,4EAA4E;AAC5E,0EAA0E;AAC1E,8EAA8E;AAC9E,6EAA6E;AAC7E,uEAAuE;AACvE,oDAAoD;AACpD,EAAE;AACF,4EAA4E;AAC5E,0EAA0E;AAC1E,6EAA6E;AAE7E,MAAM,CAAC,MAAM,aAAa,GAAG,iBAAiB,CAAC;AAI/C,MAAM,cAAc,GAAG,wCAAwC,CAAC;AAEhE,MAAM,UAAU,MAAM,CAAC,QAAgB,EAAE,OAAsB;IAC7D,OAAO,QAAQ,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC,KAAK,EAAE,MAA0B,EAAE,GAAW,EAAE,EAAE;QACzF,IAAI,MAAM;YAAE,OAAO,KAAK,GAAG,IAAI,CAAC;QAChC,IAAI,MAAM,CAAC,SAAS,CAAC,cAAc,CAAC,IAAI,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC;YACvD,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;QAC5B,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/lib/security-runner.d.ts

@@ -0,0 +1,7 @@
+export declare class SecurityRunnerError extends Error {
+    readonly exitCode: number;
+    readonly stderr: string;
+    constructor(exitCode: number, stderr: string, message: string);
+}
+export declare function readGenericPassword(service: string): string;
+//# sourceMappingURL=security-runner.d.ts.map

package/dist/lib/security-runner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-runner.d.ts","sourceRoot":"","sources":["../../src/lib/security-runner.ts"],"names":[],"mappings":"AAuBA,qBAAa,mBAAoB,SAAQ,KAAK;aAE1B,QAAQ,EAAE,MAAM;aAChB,MAAM,EAAE,MAAM;gBADd,QAAQ,EAAE,MAAM,EAChB,MAAM,EAAE,MAAM,EAC9B,OAAO,EAAE,MAAM;CAKlB;AAKD,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAiC3D"}

package/dist/lib/security-runner.js

@@ -0,0 +1,53 @@
+// security-runner — thin subprocess wrapper around macOS `security` for the
+// one operation credential-syncer needs: read a generic-password Keychain
+// entry by service name.
+//
+// Exists for the same reason gh-runner does — so credential-syncer can be
+// unit-tested by mocking exactly one module instead of stubbing a binary on
+// PATH.
+//
+// Contract:
+//   readGenericPassword(service)
+//     - exit 0   → resolve with the stdout bytes (the password value)
+//     - exit ≠ 0 → throw SecurityRunnerError (the Keychain entry is missing
+//                  or the service is mistyped)
+//
+// Security: the password value is only ever returned from this function as
+// the resolved string. It is never passed on argv to any subsequent process,
+// never logged, and never included in any error message thrown by this
+// module.
+import { spawnSync } from "node:child_process";
+const MODULE_PREFIX = "security-runner";
+export class SecurityRunnerError extends Error {
+    exitCode;
+    stderr;
+    constructor(exitCode, stderr, message) {
+        super(message);
+        this.exitCode = exitCode;
+        this.stderr = stderr;
+        this.name = "SecurityRunnerError";
+    }
+}
+// readGenericPassword — runs `security find-generic-password -s <service> -w`
+// and returns the raw password bytes (no trailing newline trimming — the
+// caller decides). Throws SecurityRunnerError on non-zero exit.
+export function readGenericPassword(service) {
+    const r = spawnSync("security", ["find-generic-password", "-s", service, "-w"], { encoding: "utf8" });
+    if (r.error) {
+        throw new SecurityRunnerError(-1, "", `${MODULE_PREFIX}: failed to spawn security: ${r.error.message}`);
+    }
+    const exitCode = r.status ?? -1;
+    const stderr = r.stderr ?? "";
+    if (exitCode !== 0) {
+        throw new SecurityRunnerError(exitCode, stderr, `${MODULE_PREFIX}: security find-generic-password -s '${service}' failed (exit ${exitCode})`);
+    }
+    // `security -w` emits the password on stdout followed by a single newline.
+    // Strip exactly one trailing newline so the caller gets the bytes the user
+    // stored. (Some Keychain entries legitimately contain trailing newlines;
+    // matches the `out=$(security ...)` stripping done by the bash port.)
+    let stdout = r.stdout ?? "";
+    if (stdout.endsWith("\n"))
+        stdout = stdout.slice(0, -1);
+    return stdout;
+}
+//# sourceMappingURL=security-runner.js.map

package/dist/lib/security-runner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"security-runner.js","sourceRoot":"","sources":["../../src/lib/security-runner.ts"],"names":[],"mappings":"AAAA,4EAA4E;AAC5E,0EAA0E;AAC1E,yBAAyB;AACzB,EAAE;AACF,0EAA0E;AAC1E,4EAA4E;AAC5E,QAAQ;AACR,EAAE;AACF,YAAY;AACZ,iCAAiC;AACjC,sEAAsE;AACtE,4EAA4E;AAC5E,+CAA+C;AAC/C,EAAE;AACF,2EAA2E;AAC3E,6EAA6E;AAC7E,uEAAuE;AACvE,UAAU;AAEV,OAAO,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AAE/C,MAAM,aAAa,GAAG,iBAAiB,CAAC;AAExC,MAAM,OAAO,mBAAoB,SAAQ,KAAK;IAE1B;IACA;IAFlB,YACkB,QAAgB,EAChB,MAAc,EAC9B,OAAe;QAEf,KAAK,CAAC,OAAO,CAAC,CAAC;QAJC,aAAQ,GAAR,QAAQ,CAAQ;QAChB,WAAM,GAAN,MAAM,CAAQ;QAI9B,IAAI,CAAC,IAAI,GAAG,qBAAqB,CAAC;IACpC,CAAC;CACF;AAED,8EAA8E;AAC9E,yEAAyE;AACzE,gEAAgE;AAChE,MAAM,UAAU,mBAAmB,CAAC,OAAe;IACjD,MAAM,CAAC,GAAG,SAAS,CACjB,UAAU,EACV,CAAC,uBAAuB,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,CAAC,EAC9C,EAAE,QAAQ,EAAE,MAAM,EAAE,CACrB,CAAC;IAEF,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;QACZ,MAAM,IAAI,mBAAmB,CAC3B,CAAC,CAAC,EACF,EAAE,EACF,GAAG,aAAa,+BAA+B,CAAC,CAAC,KAAK,CAAC,OAAO,EAAE,CACjE,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAG,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC;IAChC,MAAM,MAAM,GAAG,CAAC,CAAC,MAAM,IAAI,EAAE,CAAC;IAE9B,IAAI,QAAQ,KAAK,CAAC,EAAE,CAAC;QACnB,MAAM,IAAI,mBAAmB,CAC3B,QAAQ,EACR,MAAM,EACN,GAAG,aAAa,wCAAwC,OAAO,kBAAkB,QAAQ,GAAG,CAC7F,CAAC;IACJ,CAAC;IAED,2EAA2E;IAC3E,2EAA2E;IAC3E,yEAAyE;IACzE,sEAAsE;IACtE,IAAI,MAAM,GAAG,CAAC,CAAC,MAAM,IAAI,EAAE,CAAC;IAC5B,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;QAAE,MAAM,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACxD,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/dist/lib/structured-log-emitter.d.ts

@@ -0,0 +1,53 @@
+export declare const MODULE_PREFIX = "structured-log-emitter";
+export type Phase = "discovery" | "implementation" | "review";
+export type Outcome = {
+    kind: "no_work";
+} | {
+    kind: "all_blocked";
+} | {
+    kind: "agent_stuck";
+    issue: number;
+} | {
+    kind: "pr_opened";
+    issue: number;
+    pr: number;
+    review: "none" | "revised";
+};
+export type ImplementationStatus = "PR_OPENED" | "AGENT_STUCK" | "unknown";
+export type ReviewStatus = "NO_REVIEW" | "REVISION_APPLIED" | "unknown";
+export type Clock = () => Date;
+export declare const realClock: Clock;
+export declare function nowUtc(clock?: Clock): string;
+export interface PhaseStartArgs {
+    phase: Phase;
+    ts: string;
+    target?: string;
+    issue?: number;
+    pr?: number;
+}
+export declare function phaseStart(args: PhaseStartArgs): string;
+export interface PhaseEndArgs {
+    phase: Phase;
+    durationSec: number;
+    ts: string;
+    issue?: number;
+    pr?: number;
+    status?: string;
+}
+export declare function phaseEnd(args: PhaseEndArgs): string;
+export declare function pickedIssue(issue: number): string;
+export declare function outcome(o: Outcome): string;
+export type Sink = (line: string) => void;
+export declare const stdoutSink: Sink;
+export declare class Emitter {
+    private readonly sink;
+    private readonly clock;
+    constructor(sink?: Sink, clock?: Clock);
+    ts(): string;
+    emit(line: string): void;
+    start(args: Omit<PhaseStartArgs, "ts">): string;
+    end(args: Omit<PhaseEndArgs, "ts">): string;
+    picked(issue: number): string;
+    outcome(o: Outcome): string;
+}
+//# sourceMappingURL=structured-log-emitter.d.ts.map

package/dist/lib/structured-log-emitter.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"structured-log-emitter.d.ts","sourceRoot":"","sources":["../../src/lib/structured-log-emitter.ts"],"names":[],"mappings":"AAuBA,eAAO,MAAM,aAAa,2BAA2B,CAAC;AAEtD,MAAM,MAAM,KAAK,GAAG,WAAW,GAAG,gBAAgB,GAAG,QAAQ,CAAC;AAE9D,MAAM,MAAM,OAAO,GACf;IAAE,IAAI,EAAE,SAAS,CAAA;CAAE,GACnB;IAAE,IAAI,EAAE,aAAa,CAAA;CAAE,GACvB;IAAE,IAAI,EAAE,aAAa,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,GACtC;IACE,IAAI,EAAE,WAAW,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC;CAC5B,CAAC;AAEN,MAAM,MAAM,oBAAoB,GAAG,WAAW,GAAG,aAAa,GAAG,SAAS,CAAC;AAC3E,MAAM,MAAM,YAAY,GAAG,WAAW,GAAG,kBAAkB,GAAG,SAAS,CAAC;AAExE,MAAM,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC;AAE/B,eAAO,MAAM,SAAS,EAAE,KAAwB,CAAC;AAMjD,wBAAgB,MAAM,CAAC,KAAK,GAAE,KAAiB,GAAG,MAAM,CASvD;AAED,MAAM,WAAW,cAAc;IAC7B,KAAK,EAAE,KAAK,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,EAAE,CAAC,EAAE,MAAM,CAAC;CACb;AAED,wBAAgB,UAAU,CAAC,IAAI,EAAE,cAAc,GAAG,MAAM,CASvD;AAED,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,KAAK,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED,wBAAgB,QAAQ,CAAC,IAAI,EAAE,YAAY,GAAG,MAAM,CAoBnD;AAED,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEjD;AAED,wBAAgB,OAAO,CAAC,CAAC,EAAE,OAAO,GAAG,MAAM,CAW1C;AAID,MAAM,MAAM,IAAI,GAAG,CAAC,IAAI,EAAE,MAAM,KAAK,IAAI,CAAC;AAE1C,eAAO,MAAM,UAAU,EAAE,IAAkD,CAAC;AAE5E,qBAAa,OAAO;IAEhB,OAAO,CAAC,QAAQ,CAAC,IAAI;IACrB,OAAO,CAAC,QAAQ,CAAC,KAAK;gBADL,IAAI,GAAE,IAAiB,EACvB,KAAK,GAAE,KAAiB;IAG3C,EAAE,IAAI,MAAM;IAIZ,IAAI,CAAC,IAAI,EAAE,MAAM,GAAG,IAAI;IAIxB,KAAK,CAAC,IAAI,EAAE,IAAI,CAAC,cAAc,EAAE,IAAI,CAAC,GAAG,MAAM;IAM/C,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,GAAG,MAAM;IAM3C,MAAM,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM;IAM7B,OAAO,CAAC,CAAC,EAAE,OAAO,GAAG,MAAM;CAK5B"}

package/dist/lib/structured-log-emitter.js

@@ -0,0 +1,122 @@
+// structured-log-emitter — formats the CloudWatch markers the harness emits
+// at every phase boundary. The wire format is byte-identical to iteration 1's
+// ec2-orchestrator.sh output so existing CloudWatch Insights queries / smoke-
+// test grep lines keep working unchanged.
+//
+// Markers:
+//   PHASE_START phase=<discovery>       ts=<iso> target=<repo>
+//   PHASE_START phase=<implementation>  ts=<iso> issue=<n>
+//   PHASE_START phase=<review>          ts=<iso> issue=<n> pr=<m>
+//   PHASE_END   phase=<discovery>       duration_s=<n> ts=<iso>
+//   PHASE_END   phase=<implementation>  duration_s=<n> issue=<n> status=<s> ts=<iso>
+//   PHASE_END   phase=<review>          duration_s=<n> issue=<n> pr=<m> status=<s> ts=<iso>
+//   PICKED_ISSUE=<n>
+//   OUTCOME=no_work
+//   OUTCOME=all_blocked
+//   OUTCOME=agent_stuck issue=<n>
+//   OUTCOME=pr_opened issue=<n> pr=<m> review=<none|revised>
+//
+// The iteration-1 timestamps come from `date -u +%FT%TZ`, e.g.
+// `2026-05-04T11:43:57Z`. We reproduce that via `nowUtc()` rather than
+// taking it as a free parameter — keeps callers honest and tests
+// deterministic via the injectable `clock` argument.
+export const MODULE_PREFIX = "structured-log-emitter";
+export const realClock = () => new Date();
+// nowUtc — formats a Date as `YYYY-MM-DDTHH:MM:SSZ`, matching iteration-1's
+// `date -u +%FT%TZ`. We can NOT use `Date.toISOString()` directly: it emits
+// fractional milliseconds (`.123Z`), which would break byte-identity with
+// the bash port.
+export function nowUtc(clock = realClock) {
+    const d = clock();
+    const yyyy = d.getUTCFullYear().toString().padStart(4, "0");
+    const mm = (d.getUTCMonth() + 1).toString().padStart(2, "0");
+    const dd = d.getUTCDate().toString().padStart(2, "0");
+    const hh = d.getUTCHours().toString().padStart(2, "0");
+    const mi = d.getUTCMinutes().toString().padStart(2, "0");
+    const ss = d.getUTCSeconds().toString().padStart(2, "0");
+    return `${yyyy}-${mm}-${dd}T${hh}:${mi}:${ss}Z`;
+}
+export function phaseStart(args) {
+    switch (args.phase) {
+        case "discovery":
+            return `PHASE_START phase=discovery ts=${args.ts} target=${args.target ?? "unknown"}`;
+        case "implementation":
+            return `PHASE_START phase=implementation ts=${args.ts} issue=${requireNumber(args.issue, "issue")}`;
+        case "review":
+            return `PHASE_START phase=review ts=${args.ts} issue=${requireNumber(args.issue, "issue")} pr=${requireNumber(args.pr, "pr")}`;
+    }
+}
+export function phaseEnd(args) {
+    switch (args.phase) {
+        case "discovery":
+            return `PHASE_END phase=discovery duration_s=${args.durationSec} ts=${args.ts}`;
+        case "implementation":
+            return (`PHASE_END phase=implementation duration_s=${args.durationSec}` +
+                ` issue=${requireNumber(args.issue, "issue")}` +
+                ` status=${args.status ?? "unknown"}` +
+                ` ts=${args.ts}`);
+        case "review":
+            return (`PHASE_END phase=review duration_s=${args.durationSec}` +
+                ` issue=${requireNumber(args.issue, "issue")}` +
+                ` pr=${requireNumber(args.pr, "pr")}` +
+                ` status=${args.status ?? "unknown"}` +
+                ` ts=${args.ts}`);
+    }
+}
+export function pickedIssue(issue) {
+    return `PICKED_ISSUE=${issue}`;
+}
+export function outcome(o) {
+    switch (o.kind) {
+        case "no_work":
+            return "OUTCOME=no_work";
+        case "all_blocked":
+            return "OUTCOME=all_blocked";
+        case "agent_stuck":
+            return `OUTCOME=agent_stuck issue=${o.issue}`;
+        case "pr_opened":
+            return `OUTCOME=pr_opened issue=${o.issue} pr=${o.pr} review=${o.review}`;
+    }
+}
+export const stdoutSink = (line) => process.stdout.write(`${line}\n`);
+export class Emitter {
+    sink;
+    clock;
+    constructor(sink = stdoutSink, clock = realClock) {
+        this.sink = sink;
+        this.clock = clock;
+    }
+    ts() {
+        return nowUtc(this.clock);
+    }
+    emit(line) {
+        this.sink(line);
+    }
+    start(args) {
+        const line = phaseStart({ ...args, ts: this.ts() });
+        this.sink(line);
+        return line;
+    }
+    end(args) {
+        const line = phaseEnd({ ...args, ts: this.ts() });
+        this.sink(line);
+        return line;
+    }
+    picked(issue) {
+        const line = pickedIssue(issue);
+        this.sink(line);
+        return line;
+    }
+    outcome(o) {
+        const line = outcome(o);
+        this.sink(line);
+        return line;
+    }
+}
+function requireNumber(v, name) {
+    if (typeof v !== "number" || !Number.isFinite(v)) {
+        throw new Error(`${MODULE_PREFIX}: ${name} is required`);
+    }
+    return v;
+}
+//# sourceMappingURL=structured-log-emitter.js.map

package/dist/lib/structured-log-emitter.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"structured-log-emitter.js","sourceRoot":"","sources":["../../src/lib/structured-log-emitter.ts"],"names":[],"mappings":"AAAA,4EAA4E;AAC5E,8EAA8E;AAC9E,8EAA8E;AAC9E,0CAA0C;AAC1C,EAAE;AACF,WAAW;AACX,+DAA+D;AAC/D,2DAA2D;AAC3D,kEAAkE;AAClE,gEAAgE;AAChE,qFAAqF;AACrF,4FAA4F;AAC5F,qBAAqB;AACrB,oBAAoB;AACpB,wBAAwB;AACxB,kCAAkC;AAClC,6DAA6D;AAC7D,EAAE;AACF,+DAA+D;AAC/D,uEAAuE;AACvE,iEAAiE;AACjE,qDAAqD;AAErD,MAAM,CAAC,MAAM,aAAa,GAAG,wBAAwB,CAAC;AAoBtD,MAAM,CAAC,MAAM,SAAS,GAAU,GAAG,EAAE,CAAC,IAAI,IAAI,EAAE,CAAC;AAEjD,4EAA4E;AAC5E,4EAA4E;AAC5E,0EAA0E;AAC1E,iBAAiB;AACjB,MAAM,UAAU,MAAM,CAAC,QAAe,SAAS;IAC7C,MAAM,CAAC,GAAG,KAAK,EAAE,CAAC;IAClB,MAAM,IAAI,GAAG,CAAC,CAAC,cAAc,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAC5D,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAC7D,MAAM,EAAE,GAAG,CAAC,CAAC,UAAU,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACtD,MAAM,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACvD,MAAM,EAAE,GAAG,CAAC,CAAC,aAAa,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACzD,MAAM,EAAE,GAAG,CAAC,CAAC,aAAa,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACzD,OAAO,GAAG,IAAI,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC;AAClD,CAAC;AAUD,MAAM,UAAU,UAAU,CAAC,IAAoB;IAC7C,QAAQ,IAAI,CAAC,KAAK,EAAE,CAAC;QACnB,KAAK,WAAW;YACd,OAAO,kCAAkC,IAAI,CAAC,EAAE,WAAW,IAAI,CAAC,MAAM,IAAI,SAAS,EAAE,CAAC;QACxF,KAAK,gBAAgB;YACnB,OAAO,uCAAuC,IAAI,CAAC,EAAE,UAAU,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE,CAAC;QACtG,KAAK,QAAQ;YACX,OAAO,+BAA+B,IAAI,CAAC,EAAE,UAAU,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,OAAO,aAAa,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE,CAAC;IACnI,CAAC;AACH,CAAC;AAWD,MAAM,UAAU,QAAQ,CAAC,IAAkB;IACzC,QAAQ,IAAI,CAAC,KAAK,EAAE,CAAC;QACnB,KAAK,WAAW;YACd,OAAO,wCAAwC,IAAI,CAAC,WAAW,OAAO,IAAI,CAAC,EAAE,EAAE,CAAC;QAClF,KAAK,gBAAgB;YACnB,OAAO,CACL,6CAA6C,IAAI,CAAC,WAAW,EAAE;gBAC/D,UAAU,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE;gBAC9C,WAAW,IAAI,CAAC,MAAM,IAAI,SAAS,EAAE;gBACrC,OAAO,IAAI,CAAC,EAAE,EAAE,CACjB,CAAC;QACJ,KAAK,QAAQ;YACX,OAAO,CACL,qCAAqC,IAAI,CAAC,WAAW,EAAE;gBACvD,UAAU,aAAa,CAAC,IAAI,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE;gBAC9C,OAAO,aAAa,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,CAAC,EAAE;gBACrC,WAAW,IAAI,CAAC,MAAM,IAAI,SAAS,EAAE;gBACrC,OAAO,IAAI,CAAC,EAAE,EAAE,CACjB,CAAC;IACN,CAAC;AACH,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,KAAa;IACvC,OAAO,gBAAgB,KAAK,EAAE,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,OAAO,CAAC,CAAU;IAChC,QAAQ,CAAC,CAAC,IAAI,EAAE,CAAC;QACf,KAAK,SAAS;YACZ,OAAO,iBAAiB,CAAC;QAC3B,KAAK,aAAa;YAChB,OAAO,qBAAqB,CAAC;QAC/B,KAAK,aAAa;YAChB,OAAO,6BAA6B,CAAC,CAAC,KAAK,EAAE,CAAC;QAChD,KAAK,WAAW;YACd,OAAO,2BAA2B,CAAC,CAAC,KAAK,OAAO,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,MAAM,EAAE,CAAC;IAC9E,CAAC;AACH,CAAC;AAMD,MAAM,CAAC,MAAM,UAAU,GAAS,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC;AAE5E,MAAM,OAAO,OAAO;IAEC;IACA;IAFnB,YACmB,OAAa,UAAU,EACvB,QAAe,SAAS;QADxB,SAAI,GAAJ,IAAI,CAAmB;QACvB,UAAK,GAAL,KAAK,CAAmB;IACxC,CAAC;IAEJ,EAAE;QACA,OAAO,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC5B,CAAC;IAED,IAAI,CAAC,IAAY;QACf,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClB,CAAC;IAED,KAAK,CAAC,IAAgC;QACpC,MAAM,IAAI,GAAG,UAAU,CAAC,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QACpD,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,GAAG,CAAC,IAA8B;QAChC,MAAM,IAAI,GAAG,QAAQ,CAAC,EAAE,GAAG,IAAI,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC;QAClD,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,CAAC,KAAa;QAClB,MAAM,IAAI,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;QAChC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CAAC,CAAU;QAChB,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACxB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;CACF;AAED,SAAS,aAAa,CAAC,CAAqB,EAAE,IAAY;IACxD,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;QACjD,MAAM,IAAI,KAAK,CAAC,GAAG,aAAa,KAAK,IAAI,cAAc,CAAC,CAAC;IAC3D,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC"}

package/dist/lib/target-config-schema.d.ts

@@ -0,0 +1,28 @@
+import { z } from "zod";
+export type ValidateExitCode = 3 | 4 | 5 | 6;
+export declare class ValidateError extends Error {
+    readonly code: ValidateExitCode;
+    constructor(code: ValidateExitCode, message: string);
+}
+export declare const TargetConfigSchema: z.ZodObject<{
+    build_cmd: z.ZodString;
+    test_cmd: z.ZodString;
+    branch_prefix: z.ZodString;
+    review_bot: z.ZodObject<{
+        username: z.ZodString;
+        source: z.ZodEnum<{
+            review: "review";
+            comment: "comment";
+        }>;
+    }, z.core.$strict>;
+    agent_stuck_label: z.ZodOptional<z.ZodString>;
+    prompt_extensions: z.ZodOptional<z.ZodObject<{
+        discovery: z.ZodOptional<z.ZodString>;
+        implementation: z.ZodOptional<z.ZodString>;
+        review: z.ZodOptional<z.ZodString>;
+    }, z.core.$strict>>;
+}, z.core.$strict>;
+export type TargetConfig = z.infer<typeof TargetConfigSchema>;
+export declare function validate(yamlString: string): TargetConfig;
+export declare function moduleErr(message: string): string;
+//# sourceMappingURL=target-config-schema.d.ts.map

package/dist/lib/target-config-schema.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"target-config-schema.d.ts","sourceRoot":"","sources":["../../src/lib/target-config-schema.ts"],"names":[],"mappings":"AAkBA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAIxB,MAAM,MAAM,gBAAgB,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;AAE7C,qBAAa,aAAc,SAAQ,KAAK;aAEpB,IAAI,EAAE,gBAAgB;gBAAtB,IAAI,EAAE,gBAAgB,EACtC,OAAO,EAAE,MAAM;CAKlB;AAwBD,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;kBASpB,CAAC;AAEZ,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAE9D,wBAAgB,QAAQ,CAAC,UAAU,EAAE,MAAM,GAAG,YAAY,CAqBzD;AAmGD,wBAAgB,SAAS,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAEjD"}

package/dist/lib/target-config-schema.js

@@ -0,0 +1,157 @@
+// target-config-schema — load + validate a target repo's .ralph/config.yaml.
+//
+// Pure module: YAML string in / typed config out, or throws ValidateError
+// with a numbered exit code that the CLI surfaces as its own exit code.
+//
+// Exit codes (must match lib/target-config-schema.sh — bash module is still
+// sourced by the EC2 orchestrator until slice 5 cuts it over):
+//   0  valid                                    (no error thrown)
+//   2  usage / file not found                   (CLI only — see ralph-validate-config)
+//   3  malformed yaml
+//   4  missing required field
+//   5  unknown field
+//   6  type error or invalid value
+//   7  reserved (was: missing yq dependency in the bash port; not used here)
+//
+// Schema: see docs/config-schema.md.
+import { parse as parseYaml } from "yaml";
+import { z } from "zod";
+const MODULE_PREFIX = "target-config-schema";
+export class ValidateError extends Error {
+    code;
+    constructor(code, message) {
+        super(message);
+        this.code = code;
+        this.name = "ValidateError";
+    }
+}
+const NonEmptyString = z.string().min(1);
+const ReviewBotSchema = z
+    .object({
+    username: NonEmptyString,
+    source: z.enum(["comment", "review"]),
+})
+    .strict();
+const PromptExtensionsSchema = z
+    .object({
+    discovery: NonEmptyString.optional(),
+    implementation: NonEmptyString.optional(),
+    review: NonEmptyString.optional(),
+})
+    .strict();
+const BranchPrefixSchema = NonEmptyString.refine((v) => !v.includes("/") && !/\s/.test(v), { message: "branch_prefix must not contain '/' or whitespace" });
+export const TargetConfigSchema = z
+    .object({
+    build_cmd: NonEmptyString,
+    test_cmd: NonEmptyString,
+    branch_prefix: BranchPrefixSchema,
+    review_bot: ReviewBotSchema,
+    agent_stuck_label: NonEmptyString.optional(),
+    prompt_extensions: PromptExtensionsSchema.optional(),
+})
+    .strict();
+export function validate(yamlString) {
+    let parsed;
+    try {
+        parsed = parseYaml(yamlString, { prettyErrors: false });
+    }
+    catch (err) {
+        const detail = err instanceof Error ? err.message : String(err);
+        throw new ValidateError(3, `malformed yaml: ${detail}`);
+    }
+    if (parsed === null || parsed === undefined) {
+        throw new ValidateError(6, "top-level must be a mapping, got empty");
+    }
+    if (typeof parsed !== "object" || Array.isArray(parsed)) {
+        const got = Array.isArray(parsed) ? "array" : typeof parsed;
+        throw new ValidateError(6, `top-level must be a mapping, got ${got}`);
+    }
+    const result = TargetConfigSchema.safeParse(parsed);
+    if (result.success)
+        return result.data;
+    throw issueToValidateError(result.error, parsed);
+}
+function issueToValidateError(err, input) {
+    // Prefer issues that map to the most specific exit code so a multi-issue
+    // failure surfaces the same code the bash module would have surfaced
+    // (which checks unknown-field rejection BEFORE per-field type checks, and
+    // missing-field BEFORE wrong-type).
+    const ranked = [...err.issues].sort((a, b) => issueRank(a, input) - issueRank(b, input));
+    const issue = ranked[0];
+    const path = issue.path.map(String);
+    const pathStr = path.length > 0 ? path.join(".") : "<root>";
+    if (issue.code === "unrecognized_keys") {
+        const keys = issue.keys ?? [];
+        const key = keys[0] ?? "<unknown>";
+        const fullKey = path.length > 0 ? `${pathStr}.${key}` : key;
+        return new ValidateError(5, `unknown field: ${fullKey}`);
+    }
+    if (issue.code === "invalid_type") {
+        const expected = issue.expected ?? "valid value";
+        if (!pathExists(input, issue.path)) {
+            return new ValidateError(4, `missing required field: ${pathStr}`);
+        }
+        const got = actualTypeAt(input, issue.path);
+        return new ValidateError(6, `${pathStr} must be a ${expected}, got ${got}`);
+    }
+    if (issue.code === "too_small" || issue.code === "too_big") {
+        return new ValidateError(6, `${pathStr} must be a non-empty string`);
+    }
+    // Zod 4 names enum mismatches "invalid_value"; Zod 3 used "invalid_enum_value".
+    if (issue.code === "invalid_value" ||
+        issue.code === "invalid_enum_value") {
+        const opts = issue.options ??
+            issue.values ??
+            [];
+        const optList = opts.map((o) => `'${String(o)}'`).join(" or ");
+        const received = issue.received;
+        return new ValidateError(6, `${pathStr} must be ${optList || "a valid value"}, got '${formatReceived(received)}'`);
+    }
+    if (issue.code === "custom") {
+        return new ValidateError(6, `${pathStr}: ${issue.message}`);
+    }
+    return new ValidateError(6, `${pathStr}: ${issue.message}`);
+}
+function issueRank(issue, input) {
+    // Lower wins. Order: unknown field (5) → missing field (4) → everything else (6).
+    if (issue.code === "unrecognized_keys")
+        return 0;
+    if (issue.code === "invalid_type" && !pathExists(input, issue.path))
+        return 1;
+    return 2;
+}
+function pathExists(input, path) {
+    let cur = input;
+    for (const p of path) {
+        if (cur === null || cur === undefined || typeof cur !== "object")
+            return false;
+        if (!Object.prototype.hasOwnProperty.call(cur, p))
+            return false;
+        cur = cur[String(p)];
+    }
+    return true;
+}
+function actualTypeAt(input, path) {
+    let cur = input;
+    for (const p of path) {
+        if (cur === null || cur === undefined || typeof cur !== "object")
+            return "undefined";
+        cur = cur[String(p)];
+    }
+    if (Array.isArray(cur))
+        return "array";
+    if (cur === null)
+        return "null";
+    return typeof cur;
+}
+function formatReceived(received) {
+    if (received === undefined)
+        return "undefined";
+    if (typeof received === "string")
+        return received;
+    return String(received);
+}
+export function moduleErr(message) {
+    return `${MODULE_PREFIX}: error: ${message}`;
+}
+//# sourceMappingURL=target-config-schema.js.map