agentxchain 2.140.0 → 2.141.1

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "agentxchain",
-  "version": "2.140.0",
+  "version": "2.141.1",
   "description": "CLI for AgentXchain — governed multi-agent software delivery",
   "type": "module",
   "bin": {

package/scripts/release-preflight.sh

@@ -153,7 +153,7 @@ if [[ "$PUBLISH_GATE" -eq 1 ]]; then
     test/release-notes-gate.test.js
     test/release-identity-hardening.test.js
     test/normalized-config.test.js
-    test/conformance.test.js
+    test/protocol-conformance.test.js
     test/beta-scenario-emission-guard.test.js
     test/claim-reality-preflight.test.js
     test/beta-tester-scenarios/*.test.js

package/src/lib/governed-state.js

@@ -37,6 +37,7 @@ import {
   deriveAcceptedRef,
   checkCleanBaseline,
   isOperationalPath,
+  isBaselineExemptPath,
 } from './repo-observer.js';
 import { getMaxConcurrentTurns } from './normalized-config.js';
 import { getTurnStagingResultPath, getTurnStagingDir, getDispatchTurnDir, getReviewArtifactPath } from './turn-paths.js';
@@ -106,6 +107,34 @@ function buildInitialPhaseGateStatus(config) {
   );
 }
 
+function buildObservationDrift(beforeObservation, afterObservation) {
+  const beforeFiles = (Array.isArray(beforeObservation?.files_changed) ? beforeObservation.files_changed : [])
+    .filter((filePath) => !isBaselineExemptPath(filePath));
+  const afterFiles = (Array.isArray(afterObservation?.files_changed) ? afterObservation.files_changed : [])
+    .filter((filePath) => !isBaselineExemptPath(filePath));
+  const beforeSet = new Set(beforeFiles);
+  const afterSet = new Set(afterFiles);
+  const beforeMarkers = beforeObservation?.file_markers && typeof beforeObservation.file_markers === 'object'
+    ? beforeObservation.file_markers
+    : {};
+  const afterMarkers = afterObservation?.file_markers && typeof afterObservation.file_markers === 'object'
+    ? afterObservation.file_markers
+    : {};
+
+  const added = afterFiles.filter((filePath) => !beforeSet.has(filePath));
+  const removed = beforeFiles.filter((filePath) => !afterSet.has(filePath));
+  const markerChanged = beforeFiles.filter((filePath) => (
+    afterSet.has(filePath) && beforeMarkers[filePath] !== afterMarkers[filePath]
+  ));
+
+  return {
+    added,
+    removed,
+    marker_changed: markerChanged,
+    drifted_files: [...new Set([...added, ...removed, ...markerChanged])].sort(),
+  };
+}
+
 function listIntakeIntentFiles(root) {
   const intentsDir = join(root, INTAKE_INTENTS_DIR);
   if (!existsSync(intentsDir)) return [];
@@ -3210,11 +3239,17 @@ function _acceptGovernedTurnLocked(root, config, opts) {
     currentTurn,
     historyEntries,
   );
-  const observation = attributeObservedChangesToTurn(rawObservation, currentTurn, historyEntries, {
+  const observationAttributionOptions = {
     currentDeclaredFiles: turnResult.files_changed || [],
     concurrentSiblingIds: pendingConcurrentSiblingDeclarations.map((entry) => entry.turn_id),
     pendingConcurrentSiblingDeclarations,
-  });
+  };
+  const observation = attributeObservedChangesToTurn(
+    rawObservation,
+    currentTurn,
+    historyEntries,
+    observationAttributionOptions,
+  );
   const role = config.roles?.[turnResult.role];
   const runtimeId = turnResult.runtime_id;
   const runtime = config.runtimes?.[runtimeId];
@@ -3403,6 +3438,30 @@ function _acceptGovernedTurnLocked(root, config, opts) {
     ? replayVerificationMachineEvidence({ root, verification: turnResult.verification })
     : null;
 
+  if (verificationReplay?.workspace_guard?.ok === false) {
+    const replayError = verificationReplay.workspace_guard.cleanup_error
+      || 'Verification replay mutated actor-owned workspace files and cleanup failed.';
+    transitionToFailedAcceptance(root, state, currentTurn, replayError, {
+      error_code: 'verification_replay_drift',
+      stage: 'verification_replay',
+      extra: {
+        replay_side_effect_files: verificationReplay.workspace_guard.restored_files || [],
+      },
+    });
+    return {
+      ok: false,
+      error: replayError,
+      validation: {
+        ...validation,
+        ok: false,
+        stage: 'verification_replay',
+        error_class: 'verification_replay_error',
+        errors: [replayError],
+        warnings: validation.warnings,
+      },
+    };
+  }
+
   // Policy evaluation — declarative governance rules (spec: POLICY_ENGINE_SPEC.md)
   const policyResult = evaluatePolicies(config.policies || [], {
     currentPhase: state.phase,
@@ -3638,6 +3697,38 @@ function _acceptGovernedTurnLocked(root, config, opts) {
     }
   }
 
+  const finalObservation = attributeObservedChangesToTurn(
+    observeChanges(root, baseline),
+    currentTurn,
+    historyEntries,
+    observationAttributionOptions,
+  );
+  const observationDrift = buildObservationDrift(observation, finalObservation);
+  if (observationDrift.drifted_files.length > 0) {
+    const driftError = `Acceptance mutated actor-owned workspace after artifact observation: ${observationDrift.drifted_files.join(', ')}`;
+    transitionToFailedAcceptance(root, state, currentTurn, driftError, {
+      error_code: 'acceptance_drift',
+      stage: 'artifact_observation',
+      extra: {
+        added_files: observationDrift.added,
+        removed_files: observationDrift.removed,
+        marker_changed_files: observationDrift.marker_changed,
+      },
+    });
+    return {
+      ok: false,
+      error: driftError,
+      validation: {
+        ...validation,
+        ok: false,
+        stage: 'artifact_observation',
+        error_class: 'artifact_error',
+        errors: [driftError],
+        warnings: validation.warnings,
+      },
+    };
+  }
+
   const acceptedSequence = (state.turn_sequence || 0) + 1;
   const historyEntry = {
     turn_id: turnResult.turn_id,

package/src/lib/repo-observer.js

@@ -29,6 +29,8 @@ const OPERATIONAL_PATH_PREFIXES = [
   '.agentxchain/intake/',
   '.agentxchain/locks/',
   '.agentxchain/transactions/',
+  '.agentxchain/missions/',
+  '.agentxchain/multirepo/',
 ];
 
 // Orchestrator-owned state files that agents must never be blamed for modifying.
@@ -38,6 +40,7 @@ const ORCHESTRATOR_STATE_FILES = [
   '.agentxchain/session.json',
   '.agentxchain/history.jsonl',
   '.agentxchain/decision-ledger.jsonl',
+  '.agentxchain/repo-decisions.jsonl',
   '.agentxchain/lock.json',
   '.agentxchain/hook-audit.jsonl',
   '.agentxchain/hook-annotations.jsonl',
@@ -71,7 +74,7 @@ export function isOperationalPath(filePath) {
     || ORCHESTRATOR_STATE_FILES.includes(filePath);
 }
 
-function isBaselineExemptPath(filePath) {
+export function isBaselineExemptPath(filePath) {
   return isOperationalPath(filePath)
     || BASELINE_EXEMPT_PATH_PREFIXES.some(prefix => filePath.startsWith(prefix));
 }

package/src/lib/verification-replay.js

@@ -1,4 +1,10 @@
-import { spawnSync } from 'node:child_process';
+import { execFileSync, spawnSync } from 'node:child_process';
+import { createHash } from 'node:crypto';
+import { cpSync, existsSync, mkdirSync, mkdtempSync, readFileSync, rmSync } from 'node:fs';
+import { tmpdir } from 'node:os';
+import { dirname, join } from 'node:path';
+
+import { isOperationalPath } from './repo-observer.js';
 
 export const DEFAULT_VERIFICATION_REPLAY_TIMEOUT_MS = 30_000;
 
@@ -22,10 +28,15 @@ export function replayVerificationMachineEvidence({ root, verification, timeoutM
     return payload;
   }
 
-  payload.commands = machineEvidence.map((entry, index) => replayEvidenceCommand(root, entry, index, timeoutMs));
-  payload.replayed_commands = payload.commands.length;
-  payload.matched_commands = payload.commands.filter((entry) => entry.matched).length;
-  payload.overall = payload.commands.every((entry) => entry.matched) ? 'match' : 'mismatch';
+  const workspaceGuard = createReplayWorkspaceGuard(root);
+  try {
+    payload.commands = machineEvidence.map((entry, index) => replayEvidenceCommand(root, entry, index, timeoutMs));
+    payload.replayed_commands = payload.commands.length;
+    payload.matched_commands = payload.commands.filter((entry) => entry.matched).length;
+    payload.overall = payload.commands.every((entry) => entry.matched) ? 'match' : 'mismatch';
+  } finally {
+    payload.workspace_guard = workspaceGuard.cleanup();
+  }
 
   return payload;
 }
@@ -69,3 +80,186 @@ export function summarizeVerificationReplay(payload) {
     ...(payload.reason ? { reason: payload.reason } : {}),
   };
 }
+
+function createReplayWorkspaceGuard(root) {
+  if (!isGitRepo(root)) {
+    return {
+      cleanup() {
+        return { ok: true, restored_files: [], cleanup_error: null };
+      },
+    };
+  }
+
+  const backupDir = mkdtempSync(join(tmpdir(), 'axc-verification-replay-'));
+  const beforeState = captureDirtyWorkspaceState(root, backupDir);
+
+  return {
+    cleanup() {
+      const restoredFiles = new Set();
+
+      try {
+        const afterFiles = collectDirtyActorFiles(root);
+        const candidateFiles = new Set([...beforeState.files.keys(), ...afterFiles]);
+
+        for (const filePath of candidateFiles) {
+          const beforeInfo = beforeState.files.get(filePath);
+          const currentMarker = getWorkspaceFileMarker(root, filePath);
+
+          if (beforeInfo) {
+            if (currentMarker !== beforeInfo.marker) {
+              restorePreReplayPath(root, filePath, beforeInfo);
+              restoredFiles.add(filePath);
+            }
+            continue;
+          }
+
+          restoreCleanPath(root, filePath);
+          restoredFiles.add(filePath);
+        }
+
+        const remainingDrift = detectWorkspaceDrift(root, beforeState.files);
+        if (remainingDrift.length > 0) {
+          return {
+            ok: false,
+            restored_files: [...restoredFiles].sort(),
+            cleanup_error: `Verification replay left actor-owned workspace drift after cleanup: ${remainingDrift.join(', ')}`,
+          };
+        }
+
+        return {
+          ok: true,
+          restored_files: [...restoredFiles].sort(),
+          cleanup_error: null,
+        };
+      } catch (err) {
+        return {
+          ok: false,
+          restored_files: [...restoredFiles].sort(),
+          cleanup_error: err?.message || String(err),
+        };
+      } finally {
+        rmSync(backupDir, { recursive: true, force: true });
+      }
+    },
+  };
+}
+
+function captureDirtyWorkspaceState(root, backupDir) {
+  const files = new Map();
+  for (const filePath of collectDirtyActorFiles(root)) {
+    const absPath = join(root, filePath);
+    const backupPath = join(backupDir, filePath);
+    const existed = existsSync(absPath);
+    const marker = getWorkspaceFileMarker(root, filePath);
+
+    if (existed) {
+      mkdirSync(dirname(backupPath), { recursive: true });
+      cpSync(absPath, backupPath, { force: true, recursive: true });
+    }
+
+    files.set(filePath, { existed, marker, backupPath });
+  }
+  return { files };
+}
+
+function detectWorkspaceDrift(root, beforeFiles) {
+  const afterFiles = collectDirtyActorFiles(root);
+  const candidates = new Set([...beforeFiles.keys(), ...afterFiles]);
+  const drift = [];
+
+  for (const filePath of candidates) {
+    const beforeInfo = beforeFiles.get(filePath);
+    const currentMarker = getWorkspaceFileMarker(root, filePath);
+    if (beforeInfo) {
+      if (currentMarker !== beforeInfo.marker) {
+        drift.push(filePath);
+      }
+      continue;
+    }
+    drift.push(filePath);
+  }
+
+  return drift.sort();
+}
+
+function restorePreReplayPath(root, filePath, beforeInfo) {
+  const absPath = join(root, filePath);
+  if (!beforeInfo.existed) {
+    rmSync(absPath, { recursive: true, force: true });
+    return;
+  }
+
+  rmSync(absPath, { recursive: true, force: true });
+  mkdirSync(dirname(absPath), { recursive: true });
+  cpSync(beforeInfo.backupPath, absPath, { force: true, recursive: true });
+}
+
+function restoreCleanPath(root, filePath) {
+  const absPath = join(root, filePath);
+  if (isTrackedPath(root, filePath)) {
+    execFileSync('git', ['restore', '--source=HEAD', '--staged', '--worktree', '--', filePath], {
+      cwd: root,
+      stdio: ['ignore', 'pipe', 'pipe'],
+    });
+    return;
+  }
+
+  rmSync(absPath, { recursive: true, force: true });
+}
+
+function collectDirtyActorFiles(root) {
+  return [...new Set([
+    ...readGitLines(root, ['diff', '--name-only', 'HEAD']),
+    ...readGitLines(root, ['diff', '--name-only', '--cached']),
+    ...readGitLines(root, ['ls-files', '--others', '--exclude-standard']),
+  ])]
+    .filter((filePath) => filePath && !isOperationalPath(filePath))
+    .sort();
+}
+
+function readGitLines(root, args) {
+  try {
+    const output = execFileSync('git', args, {
+      cwd: root,
+      encoding: 'utf8',
+      stdio: ['ignore', 'pipe', 'pipe'],
+    }).trim();
+    return output ? output.split('\n').filter(Boolean) : [];
+  } catch {
+    return [];
+  }
+}
+
+function isTrackedPath(root, filePath) {
+  try {
+    execFileSync('git', ['ls-files', '--error-unmatch', '--', filePath], {
+      cwd: root,
+      stdio: ['ignore', 'pipe', 'pipe'],
+    });
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+function isGitRepo(root) {
+  try {
+    execFileSync('git', ['rev-parse', '--is-inside-work-tree'], {
+      cwd: root,
+      stdio: ['ignore', 'pipe', 'pipe'],
+    });
+    return true;
+  } catch {
+    return false;
+  }
+}
+
+function getWorkspaceFileMarker(root, filePath) {
+  const absPath = join(root, filePath);
+  if (!existsSync(absPath)) {
+    return '__deleted__';
+  }
+
+  const content = readFileSync(absPath);
+  return createHash('sha1').update(content).digest('hex');
+}