@wooojin/forgen 0.3.1 → 0.4.0

package/dist/engine/solution-outcomes.js

@@ -2,6 +2,8 @@ import * as fs from 'node:fs';
 import * as path from 'node:path';
 import { OUTCOMES_DIR, STATE_DIR } from '../core/paths.js';
 import { sanitizeId } from '../hooks/shared/sanitize-id.js';
+import { withFileLockSync, FileLockError } from '../hooks/shared/file-lock.js';
+import { atomicWriteJSON } from '../hooks/shared/atomic-write.js';
 import { createLogger } from '../core/logger.js';
 const log = createLogger('solution-outcomes');
 function pendingPath(sessionId) {
@@ -24,12 +26,41 @@ function readPending(sessionId) {
 function writePending(sessionId, state) {
     const p = pendingPath(sessionId);
     fs.mkdirSync(STATE_DIR, { recursive: true });
-    fs.writeFileSync(p, JSON.stringify(state));
+    atomicWriteJSON(p, state, { mode: 0o600, dirMode: 0o700 });
 }
 function appendOutcome(event) {
     fs.mkdirSync(OUTCOMES_DIR, { recursive: true });
     fs.appendFileSync(outcomesPath(event.session_id), JSON.stringify(event) + '\n');
 }
+/**
+ * Run a read-modify-write pending-state mutation under a file lock
+ * (2026-04-21 audit fix #9).
+ *
+ * Prior code (`readPending` → in-memory mutate → `writePending`) was not
+ * serialised, so inject + correction + error hooks racing on the same
+ * session could lose or duplicate outcome events. The entire critical
+ * section now sits inside `withFileLockSync`; the lock file lives next
+ * to the pending file itself. A lock-acquire failure falls through
+ * fail-open (outcome tracking must never block the user).
+ */
+function mutatePending(sessionId, fn) {
+    const p = pendingPath(sessionId);
+    fs.mkdirSync(STATE_DIR, { recursive: true });
+    try {
+        let result = null;
+        withFileLockSync(p, () => {
+            result = fn();
+        });
+        return result;
+    }
+    catch (e) {
+        if (e instanceof FileLockError) {
+            log.debug(`pending lock 실패 — skip (fail-open): ${e.message}`);
+            return null;
+        }
+        throw e;
+    }
+}
 /**
  * Record that solutions were injected. Called from solution-injector right
  * after `approveWithContext` is emitted. Fails silently — outcome tracking
@@ -39,12 +70,14 @@ export function appendPending(sessionId, injections) {
     if (!sessionId || injections.length === 0)
         return;
     try {
-        const state = readPending(sessionId);
-        const ts = Date.now();
-        for (const inj of injections) {
-            state.pending.push({ ...inj, ts });
-        }
-        writePending(sessionId, state);
+        mutatePending(sessionId, () => {
+            const state = readPending(sessionId);
+            const ts = Date.now();
+            for (const inj of injections) {
+                state.pending.push({ ...inj, ts });
+            }
+            writePending(sessionId, state);
+        });
     }
     catch (e) {
         log.debug(`appendPending failed: ${e instanceof Error ? e.message : String(e)}`);
@@ -62,29 +95,37 @@ export function flushAccept(sessionId, excludeSolutions = new Set()) {
     if (!sessionId)
         return 0;
     try {
-        const state = readPending(sessionId);
-        if (state.pending.length === 0)
-            return 0;
-        const now = Date.now();
-        const kept = [];
-        let flushed = 0;
-        for (const p of state.pending) {
-            if (excludeSolutions.has(p.solution))
-                continue;
-            appendOutcome({
-                ts: now,
-                session_id: sessionId,
-                solution: p.solution,
-                match_score: p.match_score,
-                injected_chars: p.injected_chars,
-                outcome: 'accept',
-                outcome_lag_ms: now - p.ts,
-                attribution: 'default',
-            });
-            flushed++;
-        }
-        writePending(sessionId, { pending: kept, last_prompt_ts: now });
-        return flushed;
+        const result = mutatePending(sessionId, () => {
+            const state = readPending(sessionId);
+            if (state.pending.length === 0)
+                return 0;
+            const now = Date.now();
+            const kept = [];
+            let flushed = 0;
+            for (const p of state.pending) {
+                // P1-L1 fix (2026-04-20): 이전에는 excluded pending을 `continue`로 건너뛰면서
+                // `kept`에도 push 안 하고 appendOutcome도 안 해서 증거 없이 사라졌다.
+                // 이미 correct/error로 attribute된 항목은 보존 (나중 prompt에서 재처리 방지).
+                if (excludeSolutions.has(p.solution)) {
+                    kept.push(p);
+                    continue;
+                }
+                appendOutcome({
+                    ts: now,
+                    session_id: sessionId,
+                    solution: p.solution,
+                    match_score: p.match_score,
+                    injected_chars: p.injected_chars,
+                    outcome: 'accept',
+                    outcome_lag_ms: now - p.ts,
+                    attribution: 'default',
+                });
+                flushed++;
+            }
+            writePending(sessionId, { pending: kept, last_prompt_ts: now });
+            return flushed;
+        });
+        return result ?? 0;
     }
     catch (e) {
         log.debug(`flushAccept failed: ${e instanceof Error ? e.message : String(e)}`);
@@ -105,38 +146,64 @@ export function attributeCorrection(sessionId) {
     if (!sessionId)
         return [];
     try {
-        const state = readPending(sessionId);
-        if (state.pending.length === 0)
-            return [];
-        const now = Date.now();
-        const attributed = [];
-        for (const p of state.pending) {
-            appendOutcome({
-                ts: now,
-                session_id: sessionId,
-                solution: p.solution,
-                match_score: p.match_score,
-                injected_chars: p.injected_chars,
-                outcome: 'correct',
-                outcome_lag_ms: now - p.ts,
-                attribution: 'explicit',
-            });
-            attributed.push(p.solution);
-        }
-        writePending(sessionId, { pending: [], last_prompt_ts: state.last_prompt_ts });
-        return attributed;
+        const result = mutatePending(sessionId, () => {
+            const state = readPending(sessionId);
+            if (state.pending.length === 0)
+                return [];
+            const now = Date.now();
+            const attributed = [];
+            for (const p of state.pending) {
+                appendOutcome({
+                    ts: now,
+                    session_id: sessionId,
+                    solution: p.solution,
+                    match_score: p.match_score,
+                    injected_chars: p.injected_chars,
+                    outcome: 'correct',
+                    outcome_lag_ms: now - p.ts,
+                    attribution: 'explicit',
+                });
+                attributed.push(p.solution);
+            }
+            writePending(sessionId, { pending: [], last_prompt_ts: state.last_prompt_ts });
+            return attributed;
+        });
+        return result ?? [];
     }
     catch (e) {
         log.debug(`attributeCorrection failed: ${e instanceof Error ? e.message : String(e)}`);
         return [];
     }
 }
+/**
+ * Attribution gates for error events (2026-04-21 fix):
+ *   - MIN_ERROR_MATCH_SCORE: solutions injected on thin relevance (< 0.3)
+ *     are unlikely to have caused unrelated tool failures. Attributing
+ *     error to them distorts fitness and poisons the Phase 4 evolver.
+ *   - MAX_ATTRIBUTION_LAG_MS: errors more than 5 minutes after injection
+ *     are too temporally distant — the user has likely moved on to work
+ *     the solution has no bearing on.
+ *   - MAX_ATTRIBUTED_PER_ERROR: cap at the top 3 most-relevant pending
+ *     solutions so a broad inject batch doesn't scatter false blame.
+ *
+ * Data audit (2026-04-21, ~/.forgen/state/outcomes/ 260 sessions):
+ *   Top-3 "error" solutions = 80% of all error events, injected at score
+ *   0.15/0.21 nearly every session. Without these gates, fitness
+ *   classification drags good-but-low-score solutions into underperform.
+ */
+const MIN_ERROR_MATCH_SCORE = 0.3;
+const MAX_ATTRIBUTION_LAG_MS = 5 * 60 * 1000;
+const MAX_ATTRIBUTED_PER_ERROR = 3;
 /**
  * Attribute a tool error to pending solutions in this session. Called from
  * post-tool-failure hook. Unlike corrections, errors do not clear pending
  * — an error is a weaker signal and the next user prompt can still produce
  * a correct/accept decision.
  *
+ * Only the top-K most-relevant, recent, above-threshold pending solutions
+ * are attributed (see gates above). Below-threshold or stale pending
+ * entries are left untouched — they will resolve via accept/unknown later.
+ *
  * To avoid flooding the log with duplicate errors for the same pending
  * batch, we cap at one `error` event per (session, solution) pair per
  * pending-cycle by tracking a `error_flagged` set in the pending state.
@@ -145,33 +212,40 @@ export function attributeError(sessionId) {
     if (!sessionId)
         return [];
     try {
-        const state = readPending(sessionId);
-        if (state.pending.length === 0)
-            return [];
-        const flaggedKey = `__error_flagged`;
-        const existing = state[flaggedKey];
-        const flagged = new Set(Array.isArray(existing) ? existing : []);
-        const now = Date.now();
-        const flaggedThisCall = [];
-        for (const p of state.pending) {
-            if (flagged.has(p.solution))
-                continue;
-            appendOutcome({
-                ts: now,
-                session_id: sessionId,
-                solution: p.solution,
-                match_score: p.match_score,
-                injected_chars: p.injected_chars,
-                outcome: 'error',
-                outcome_lag_ms: now - p.ts,
-                attribution: 'window',
-            });
-            flagged.add(p.solution);
-            flaggedThisCall.push(p.solution);
-        }
-        state[flaggedKey] = Array.from(flagged);
-        writePending(sessionId, state);
-        return flaggedThisCall;
+        const result = mutatePending(sessionId, () => {
+            const state = readPending(sessionId);
+            if (state.pending.length === 0)
+                return [];
+            const flaggedKey = `__error_flagged`;
+            const existing = state[flaggedKey];
+            const flagged = new Set(Array.isArray(existing) ? existing : []);
+            const now = Date.now();
+            const eligible = state.pending
+                .filter((p) => !flagged.has(p.solution))
+                .filter((p) => p.match_score >= MIN_ERROR_MATCH_SCORE)
+                .filter((p) => now - p.ts <= MAX_ATTRIBUTION_LAG_MS)
+                .sort((a, b) => b.match_score - a.match_score)
+                .slice(0, MAX_ATTRIBUTED_PER_ERROR);
+            const flaggedThisCall = [];
+            for (const p of eligible) {
+                appendOutcome({
+                    ts: now,
+                    session_id: sessionId,
+                    solution: p.solution,
+                    match_score: p.match_score,
+                    injected_chars: p.injected_chars,
+                    outcome: 'error',
+                    outcome_lag_ms: now - p.ts,
+                    attribution: 'window',
+                });
+                flagged.add(p.solution);
+                flaggedThisCall.push(p.solution);
+            }
+            state[flaggedKey] = Array.from(flagged);
+            writePending(sessionId, state);
+            return flaggedThisCall;
+        });
+        return result ?? [];
     }
     catch (e) {
         log.debug(`attributeError failed: ${e instanceof Error ? e.message : String(e)}`);
@@ -187,26 +261,29 @@ export function finalizeSession(sessionId) {
     if (!sessionId)
         return 0;
     try {
-        const state = readPending(sessionId);
-        const now = Date.now();
-        let finalized = 0;
-        for (const p of state.pending) {
-            appendOutcome({
-                ts: now,
-                session_id: sessionId,
-                solution: p.solution,
-                match_score: p.match_score,
-                injected_chars: p.injected_chars,
-                outcome: 'unknown',
-                outcome_lag_ms: now - p.ts,
-                attribution: 'session_end',
-            });
-            finalized++;
-        }
-        const p = pendingPath(sessionId);
-        if (fs.existsSync(p))
-            fs.unlinkSync(p);
-        return finalized;
+        const result = mutatePending(sessionId, () => {
+            const state = readPending(sessionId);
+            const now = Date.now();
+            let finalized = 0;
+            for (const p of state.pending) {
+                appendOutcome({
+                    ts: now,
+                    session_id: sessionId,
+                    solution: p.solution,
+                    match_score: p.match_score,
+                    injected_chars: p.injected_chars,
+                    outcome: 'unknown',
+                    outcome_lag_ms: now - p.ts,
+                    attribution: 'session_end',
+                });
+                finalized++;
+            }
+            const pendingFile = pendingPath(sessionId);
+            if (fs.existsSync(pendingFile))
+                fs.unlinkSync(pendingFile);
+            return finalized;
+        });
+        return result ?? 0;
     }
     catch (e) {
         log.debug(`finalizeSession failed: ${e instanceof Error ? e.message : String(e)}`);

package/dist/engine/solution-writer.d.ts

@@ -71,11 +71,14 @@ export declare function mutateSolutionByName(name: string, mutator: SolutionMuta
 }): boolean;
 /**
  * Evidence 카운터 단일 증가 helper.
- * mutateSolutionByName + 카운터 증가 패턴을 한 줄로.
  *
- * Also graduates Phase 4 candidates: when a `status: candidate` solution's
- * injected count reaches `CANDIDATE_PROMOTION_INJECTIONS`, its status flips
- * to `verified` in the same write. This keeps the exploration bonus from
- * clinging to a solution that has had enough trials.
+ * Invariant: status/confidence 같은 lifecycle 필드는 건드리지 않는다.
+ * 모든 status 전이는 compound-lifecycle.ts::runLifecycleCheck(자동, reflected
+ * /sessions/reExtracted + age-gate 기반)과 verifySolution(수동 명령)이라는
+ * 단일 경로로만 일어난다. dual-path 금지.
+ *
+ * 과거에는 inject≥5 자동 verified 승급이 이 함수 안에 있었는데, 그것은 outcome
+ * 증거 없이도 candidate를 승급시켜 self-rewarding 편향을 만들었다. 2026-04-20
+ * 제거 (feedback_core_loop_invariant 참고).
  */
 export declare function incrementEvidence(solutionName: string, field: 'reflected' | 'negative' | 'injected' | 'sessions' | 'reExtracted'): boolean;

package/dist/engine/solution-writer.js

@@ -31,6 +31,7 @@ import { atomicWriteText } from '../hooks/shared/atomic-write.js';
 import { parseFrontmatterOnly, parseSolutionV3, serializeSolutionV3, } from './solution-format.js';
 import { ME_SOLUTIONS, ME_RULES } from '../core/paths.js';
 import { createLogger } from '../core/logger.js';
+import { getOrBuildIndex } from './solution-index.js';
 const log = createLogger('solution-writer');
 /**
  * 단일 .md 파일에 lock 보호된 read-modify-write 수행.
@@ -96,7 +97,40 @@ export function mutateSolutionFile(filePath, mutator) {
  * symlink는 보안상 무시 (lstatSync 가드).
  */
 export function mutateSolutionByName(name, mutator, options) {
-    const dirs = [ME_SOLUTIONS, ME_RULES, ...(options?.extraDirs ?? [])];
+    const extraDirs = options?.extraDirs ?? [];
+    const dirs = [ME_SOLUTIONS, ME_RULES, ...extraDirs];
+    // P0-3 fast path (2026-04-20): solution-index의 캐시에서 name→filePath를
+    // O(1) 조회. 과거에는 매 호출마다 dir readdir + N번 readFileSync + YAML parse
+    // (N=500일 때 hook당 최대 1500회 I/O)로 5초 timeout을 위협했다.
+    // 인덱스 miss/stale 시 아래 기존 O(N) 스캔 경로로 fallback한다.
+    try {
+        const indexDirs = [
+            { dir: ME_SOLUTIONS, scope: 'me' },
+            { dir: ME_RULES, scope: 'me' },
+            ...extraDirs.map((d) => ({ dir: d, scope: 'project' })),
+        ];
+        const idx = getOrBuildIndex(indexDirs);
+        const entry = idx.entries.find(e => e.name === name);
+        if (entry?.filePath && fs.existsSync(entry.filePath)) {
+            let isSymlink = true;
+            try {
+                isSymlink = fs.lstatSync(entry.filePath).isSymbolicLink();
+            }
+            catch { /* fall through to full scan */ }
+            if (!isSymlink) {
+                const result = mutateSolutionFile(entry.filePath, sol => {
+                    if (sol.frontmatter.name !== name)
+                        return false;
+                    return mutator(sol);
+                });
+                if (result)
+                    return true;
+                // 인덱스가 stale(이름이 바뀌었거나 파일이 재생성됨)이면 fallback 경로로.
+            }
+        }
+    }
+    catch { /* 인덱스 빌드 실패 — fallback */ }
+    // Fallback: 전체 디렉터리 스캔 (인덱스 miss / stale 시)
     for (const dir of dirs) {
         if (!fs.existsSync(dir))
             continue;
@@ -142,22 +176,17 @@ export function mutateSolutionByName(name, mutator, options) {
     }
     return false;
 }
-/**
- * Phase 4 candidate promotion threshold: a `status: candidate` solution
- * automatically graduates to `status: verified` once its injected count
- * crosses this cutoff. At that point the cold-start exploration bonus
- * (solution-matcher.ts) disappears naturally, since the bonus keys off
- * `candidate` status.
- */
-const CANDIDATE_PROMOTION_INJECTIONS = 5;
 /**
  * Evidence 카운터 단일 증가 helper.
- * mutateSolutionByName + 카운터 증가 패턴을 한 줄로.
  *
- * Also graduates Phase 4 candidates: when a `status: candidate` solution's
- * injected count reaches `CANDIDATE_PROMOTION_INJECTIONS`, its status flips
- * to `verified` in the same write. This keeps the exploration bonus from
- * clinging to a solution that has had enough trials.
+ * Invariant: status/confidence 같은 lifecycle 필드는 건드리지 않는다.
+ * 모든 status 전이는 compound-lifecycle.ts::runLifecycleCheck(자동, reflected
+ * /sessions/reExtracted + age-gate 기반)과 verifySolution(수동 명령)이라는
+ * 단일 경로로만 일어난다. dual-path 금지.
+ *
+ * 과거에는 inject≥5 자동 verified 승급이 이 함수 안에 있었는데, 그것은 outcome
+ * 증거 없이도 candidate를 승급시켜 self-rewarding 편향을 만들었다. 2026-04-20
+ * 제거 (feedback_core_loop_invariant 참고).
  */
 export function incrementEvidence(solutionName, field) {
     return mutateSolutionByName(solutionName, sol => {
@@ -165,11 +194,6 @@ export function incrementEvidence(solutionName, field) {
         if (!(field in ev))
             return false;
         ev[field] = (ev[field] ?? 0) + 1;
-        if (field === 'injected' &&
-            sol.frontmatter.status === 'candidate' &&
-            ev.injected >= CANDIDATE_PROMOTION_INJECTIONS) {
-            sol.frontmatter.status = 'verified';
-        }
         return true;
     });
 }

package/dist/fgx.js

@@ -15,10 +15,17 @@ if (!launchArgs.includes('--dangerously-skip-permissions')) {
     launchArgs.unshift('--dangerously-skip-permissions');
 }
 async function main() {
-    // Security warning — fgx bypasses all Claude Code permission checks
+    // Security warning — fgx bypasses all Claude Code permission checks.
+    //
+    // Audit fix #3 (2026-04-21): The warning banner is shown regardless of
+    // the user's profile trust policy, which means "가드레일 우선" users who
+    // alias `fgx` unknowingly run with zero guardrails. Users who rely on
+    // the profile trust policy should NOT use `fgx`. Surface the mismatch
+    // loudly (harness.ts also prints the Trust 상승 warning downstream).
     console.warn('\n  ⚠  fgx: ALL permission checks are disabled (--dangerously-skip-permissions)');
     console.warn('  ⚠  Claude Code will execute tools without asking for confirmation.');
-    console.warn('  ⚠  Use only in trusted environments.\n');
+    console.warn('  ⚠  Use only in trusted environments. If your profile trust policy is');
+    console.warn('  ⚠  "가드레일 우선" or "승인 완화", consider `forgen` (no flag) instead.\n');
     // fgx는 서브커맨드 없이 바로 Claude Code 실행 전용
     const firstRun = isFirstRun();
     if (firstRun) {

package/dist/forge/cli.js

@@ -58,7 +58,7 @@ async function handleReset(level) {
     }
     // 동적 import로 store 모듈 로드
     const fs = await import('node:fs');
-    const { V1_PROFILE, V1_RULES_DIR, V1_EVIDENCE_DIR, V1_RECOMMENDATIONS_DIR, V1_SESSIONS_DIR, V1_RAW_LOGS_DIR, V1_SOLUTIONS_DIR } = await import('../core/paths.js');
+    const { FORGE_PROFILE, ME_RULES, ME_BEHAVIOR, V1_RECOMMENDATIONS_DIR, V1_SESSIONS_DIR, V1_RAW_LOGS_DIR, ME_SOLUTIONS } = await import('../core/paths.js');
     const deleteDirs = (dirs) => {
         for (const dir of dirs) {
             try {
@@ -75,18 +75,18 @@ async function handleReset(level) {
         catch { /* ignore */ }
     };
     if (level === 'soft') {
-        deleteFile(V1_PROFILE);
-        deleteDirs([V1_RULES_DIR, V1_RECOMMENDATIONS_DIR, V1_SESSIONS_DIR]);
+        deleteFile(FORGE_PROFILE);
+        deleteDirs([ME_RULES, V1_RECOMMENDATIONS_DIR, V1_SESSIONS_DIR]);
         console.log('\n  Soft reset 완료. Profile + Rule + Recommendation + Session 초기화.');
     }
     else if (level === 'learning') {
-        deleteFile(V1_PROFILE);
-        deleteDirs([V1_RULES_DIR, V1_EVIDENCE_DIR, V1_RECOMMENDATIONS_DIR, V1_SESSIONS_DIR, V1_RAW_LOGS_DIR]);
+        deleteFile(FORGE_PROFILE);
+        deleteDirs([ME_RULES, ME_BEHAVIOR, V1_RECOMMENDATIONS_DIR, V1_SESSIONS_DIR, V1_RAW_LOGS_DIR]);
         console.log('\n  Learning reset 완료. 개인 학습 전체 초기화.');
     }
     else if (level === 'full') {
-        deleteFile(V1_PROFILE);
-        deleteDirs([V1_RULES_DIR, V1_EVIDENCE_DIR, V1_RECOMMENDATIONS_DIR, V1_SESSIONS_DIR, V1_RAW_LOGS_DIR, V1_SOLUTIONS_DIR]);
+        deleteFile(FORGE_PROFILE);
+        deleteDirs([ME_RULES, ME_BEHAVIOR, V1_RECOMMENDATIONS_DIR, V1_SESSIONS_DIR, V1_RAW_LOGS_DIR, ME_SOLUTIONS]);
         console.log('\n  Full reset 완료. Compound 포함 전체 초기화.');
     }
     // Reset 후 자동 온보딩 (interactive 환경에서만)

package/dist/forge/evidence-processor.js

@@ -5,8 +5,9 @@
  * Migration Plan §5.4: 이 모듈의 "해석" 계층은 AI(Claude 세션)가 채운다.
  * 여기서는 구조화된 입출력 인터페이스와 알고리즘 적용 함수만 정의.
  */
-import { createEvidence, saveEvidence } from '../store/evidence-store.js';
+import { createEvidence, appendEvidence } from '../store/evidence-store.js';
 import { createRule, saveRule } from '../store/rule-store.js';
+import { classify, applyProposal } from '../engine/enforce-classifier.js';
 // ── Correction → Evidence + Temporary Rule ──
 /**
  * 사용자 교정을 Evidence로 기록하고, 필요 시 temporary rule 생성.
@@ -29,7 +30,7 @@ export function processCorrection(req) {
             direction: req.kind === 'avoid-this' ? 'opposite' : 'same',
         },
     });
-    saveEvidence(evidence);
+    appendEvidence(evidence); // T1 lifecycle trigger fires here for explicit_correction
     // fix-now, avoid-this → temporary session rule
     let temporaryRule = null;
     if (req.kind === 'fix-now' || req.kind === 'avoid-this') {
@@ -45,6 +46,13 @@ export function processCorrection(req) {
             evidence_refs: [evidence.evidence_id],
             render_key: `${req.axis_hint ?? 'workflow'}.${req.target.toLowerCase().replace(/\s+/g, '-').slice(0, 30)}`,
         });
+        // ADR-001 auto-classify on creation — 교정 즉시 enforce_via 가 붙어야 다음 턴부터 Mech-A/B 발화.
+        // 기존 `forgen classify-enforce --apply` 수동 경로를 유지하되, 신규 rule 은 창조 시점에 자동 populate.
+        try {
+            const proposal = classify(temporaryRule);
+            temporaryRule = applyProposal(temporaryRule, proposal);
+        }
+        catch { /* fail-open: classify 실패는 rule 저장 자체를 막지 않음 */ }
         saveRule(temporaryRule);
     }
     return {