auditor-lambda 0.2.6 → 0.2.9

package/dist/orchestrator/advance.js

@@ -1,9 +1,22 @@
 import { decideNextStep } from "./nextStep.js";
 import { deriveAuditState } from "./state.js";
 import { computeArtifactMetadata } from "./artifactMetadata.js";
-import { runIntakeExecutor, runStructureExecutor, runPlanningExecutor, runResultIngestionExecutor, runRuntimeValidationUpdateExecutor, runSynthesisExecutor, runExternalAnalyzerImportExecutor, } from "./internalExecutors.js";
+import { runIntakeExecutor, runStructureExecutor, runPlanningExecutor, runResultIngestionExecutor, runRuntimeValidationExecutor, runRuntimeValidationUpdateExecutor, runSynthesisExecutor, runExternalAnalyzerImportExecutor, } from "./internalExecutors.js";
 import { runAutoFixExecutor } from "./autoFixExecutor.js";
 import { runSyntaxResolutionExecutor } from "./syntaxResolutionExecutor.js";
+function cloneState(state) {
+    return {
+        ...state,
+        blockers: [...(state.blockers ?? [])],
+        obligations: state.obligations.map((obligation) => ({ ...obligation })),
+    };
+}
+function formatExecutorFailure(selectedExecutor, selectedObligation, error) {
+    const detail = error instanceof Error ? error.message : String(error ?? "unknown error");
+    return new Error(`advanceAudit ${selectedExecutor} failed while resolving ${selectedObligation ?? "the current obligation"}: ${detail}`, {
+        cause: error instanceof Error ? error : undefined,
+    });
+}
 export async function advanceAudit(bundle, options = {}) {
     const decision = decideNextStep(bundle);
     const forcedExecutor = options.preferredExecutor ?? null;
@@ -12,9 +25,12 @@ export async function advanceAudit(bundle, options = {}) {
         ? `forced:${forcedExecutor}`
         : decision.selected_obligation;
     if (!selectedExecutor) {
-        const state = deriveAuditState(bundle);
-        // Do not overwrite last_executor when no executor was selected — preserve prior value
-        state.last_obligation = selectedObligation ?? undefined;
+        const state = cloneState(decision.state);
+        state.last_executor = bundle.audit_state?.last_executor ?? state.last_executor;
+        state.last_obligation =
+            selectedObligation ??
+                bundle.audit_state?.last_obligation ??
+                state.last_obligation;
         return {
             audit_state: state,
             selected_obligation: selectedObligation,
@@ -27,58 +43,70 @@ export async function advanceAudit(bundle, options = {}) {
         };
     }
     let run;
-    switch (selectedExecutor) {
-        case "intake_executor":
-            if (!options.root)
-                throw new Error("advanceAudit intake_executor requires root");
-            run = await runIntakeExecutor(bundle, options.root);
-            break;
-        case "structure_executor":
-            run = runStructureExecutor(bundle);
-            break;
-        case "planning_executor":
-            run = runPlanningExecutor(bundle, options.lineIndex ?? {});
-            break;
-        case "result_ingestion_executor":
-            run = runResultIngestionExecutor(bundle, options.auditResults ?? bundle.audit_results ?? []);
-            break;
-        case "synthesis_executor":
-            run = runSynthesisExecutor(bundle, options.auditResults);
-            break;
-        case "runtime_validation_update_executor":
-            if (!options.runtimeValidationUpdates)
-                throw new Error("advanceAudit runtime_validation_update_executor requires runtimeValidationUpdates");
-            run = runRuntimeValidationUpdateExecutor(bundle, options.runtimeValidationUpdates);
-            break;
-        case "external_analyzer_import_executor":
-            if (!options.externalAnalyzerResults)
-                throw new Error("advanceAudit external_analyzer_import_executor requires externalAnalyzerResults");
-            run = runExternalAnalyzerImportExecutor(bundle, options.externalAnalyzerResults);
-            break;
-        case "auto_fix_executor":
-            if (!options.root)
-                throw new Error("advanceAudit auto_fix_executor requires root");
-            run = runAutoFixExecutor(bundle, options.root);
-            break;
-        case "syntax_resolution_executor":
-            if (!options.root)
-                throw new Error("advanceAudit syntax_resolution_executor requires root");
-            run = runSyntaxResolutionExecutor(bundle, options.root);
-            break;
-        default:
-            const state = deriveAuditState(bundle);
-            state.last_executor = selectedExecutor;
-            state.last_obligation = selectedObligation ?? undefined;
-            return {
-                audit_state: state,
-                selected_obligation: selectedObligation,
-                selected_executor: selectedExecutor,
-                progress_made: false,
-                artifacts_written: ["audit_state.json"],
-                progress_summary: `Executor ${selectedExecutor} is selected but not yet dispatched through advance-audit.`,
-                next_likely_step: selectedObligation,
-                updated_bundle: { ...bundle, audit_state: state },
-            };
+    try {
+        switch (selectedExecutor) {
+            case "intake_executor":
+                if (!options.root)
+                    throw new Error("advanceAudit intake_executor requires root");
+                run = await runIntakeExecutor(bundle, options.root);
+                break;
+            case "structure_executor":
+                run = runStructureExecutor(bundle);
+                break;
+            case "planning_executor":
+                if (!options.root)
+                    throw new Error("advanceAudit planning_executor requires root");
+                run = await runPlanningExecutor(bundle, options.root, options.lineIndex ?? {});
+                break;
+            case "result_ingestion_executor":
+                run = runResultIngestionExecutor(bundle, options.auditResults ?? bundle.audit_results ?? []);
+                break;
+            case "runtime_validation_executor":
+                if (!options.root)
+                    throw new Error("advanceAudit runtime_validation_executor requires root");
+                run = await runRuntimeValidationExecutor(bundle, options.root);
+                break;
+            case "synthesis_executor":
+                run = runSynthesisExecutor(bundle, options.auditResults);
+                break;
+            case "runtime_validation_update_executor":
+                if (!options.runtimeValidationUpdates)
+                    throw new Error("advanceAudit runtime_validation_update_executor requires runtimeValidationUpdates");
+                run = runRuntimeValidationUpdateExecutor(bundle, options.runtimeValidationUpdates);
+                break;
+            case "external_analyzer_import_executor":
+                if (!options.externalAnalyzerResults)
+                    throw new Error("advanceAudit external_analyzer_import_executor requires externalAnalyzerResults");
+                run = runExternalAnalyzerImportExecutor(bundle, options.externalAnalyzerResults);
+                break;
+            case "auto_fix_executor":
+                if (!options.root)
+                    throw new Error("advanceAudit auto_fix_executor requires root");
+                run = runAutoFixExecutor(bundle, options.root);
+                break;
+            case "syntax_resolution_executor":
+                if (!options.root)
+                    throw new Error("advanceAudit syntax_resolution_executor requires root");
+                run = runSyntaxResolutionExecutor(bundle, options.root);
+                break;
+            default:
+                const state = deriveAuditState(bundle);
+                state.last_executor = selectedExecutor;
+                state.last_obligation = selectedObligation ?? undefined;
+                return {
+                    audit_state: state,
+                    selected_obligation: selectedObligation,
+                    selected_executor: selectedExecutor,
+                    progress_made: false,
+                    artifacts_written: ["audit_state.json"],
+                    progress_summary: `Executor ${selectedExecutor} is selected but not yet dispatched through advance-audit.`,
+                    next_likely_step: selectedObligation,
+                    updated_bundle: { ...bundle, audit_state: state },
+                };
+        }
+    }
+    catch (error) {
+        throw formatExecutorFailure(selectedExecutor, selectedObligation, error);
     }
     const metadata = computeArtifactMetadata(run.updated, bundle.artifact_metadata);
     const metadataBundle = { ...run.updated, artifact_metadata: metadata };

package/dist/orchestrator/dependencyMap.js

@@ -12,7 +12,7 @@ export const ARTIFACT_DEPENDENCY_MAP = {
         "requeue_tasks.json",
         "runtime_validation_tasks.json",
         "runtime_validation_report.json",
-        "synthesis_report.json",
+        "audit-report.md",
     ],
     "file_disposition.json": [
         "unit_manifest.json",
@@ -26,7 +26,7 @@ export const ARTIFACT_DEPENDENCY_MAP = {
         "requeue_tasks.json",
         "runtime_validation_tasks.json",
         "runtime_validation_report.json",
-        "synthesis_report.json",
+        "audit-report.md",
     ],
     "unit_manifest.json": [
         "risk_register.json",
@@ -34,13 +34,13 @@ export const ARTIFACT_DEPENDENCY_MAP = {
         "audit_tasks.json",
         "runtime_validation_tasks.json",
         "requeue_tasks.json",
-        "synthesis_report.json",
+        "audit-report.md",
     ],
     "surface_manifest.json": [
         "critical_flows.json",
         "risk_register.json",
         "runtime_validation_tasks.json",
-        "synthesis_report.json",
+        "audit-report.md",
     ],
     "critical_flows.json": [
         "flow_coverage.json",
@@ -49,7 +49,7 @@ export const ARTIFACT_DEPENDENCY_MAP = {
         "requeue_tasks.json",
         "runtime_validation_tasks.json",
         "runtime_validation_report.json",
-        "synthesis_report.json",
+        "audit-report.md",
     ],
     "audit_results.jsonl": [
         "coverage_matrix.json",
@@ -57,26 +57,22 @@ export const ARTIFACT_DEPENDENCY_MAP = {
         "requeue_tasks.json",
         "runtime_validation_tasks.json",
         "runtime_validation_report.json",
-        "merged_findings.json",
-        "root_cause_clusters.json",
-        "synthesis_report.json",
+        "audit-report.md",
     ],
     "coverage_matrix.json": [
         "flow_coverage.json",
         "requeue_tasks.json",
         "runtime_validation_tasks.json",
         "runtime_validation_report.json",
-        "synthesis_report.json",
+        "audit-report.md",
     ],
     "flow_coverage.json": [
         "requeue_tasks.json",
         "runtime_validation_tasks.json",
         "runtime_validation_report.json",
-        "synthesis_report.json",
+        "audit-report.md",
     ],
     "runtime_validation_report.json": [
-        "merged_findings.json",
-        "root_cause_clusters.json",
-        "synthesis_report.json",
+        "audit-report.md",
     ],
 };

package/dist/orchestrator/executors.js

@@ -20,14 +20,19 @@ export const EXECUTOR_REGISTRY = [
         description: "Ingest available audit result artifacts and refresh dependent coverage artifacts.",
     },
     {
-        id: "runtime_validation_update_executor",
+        id: "runtime_validation_executor",
         obligation_ids: ["runtime_validation_current"],
         description: "Merge runtime validation evidence updates when provided.",
     },
+    {
+        id: "runtime_validation_update_executor",
+        obligation_ids: [],
+        description: "Merge imported runtime validation evidence updates.",
+    },
     {
         id: "synthesis_executor",
         obligation_ids: ["synthesis_current"],
-        description: "Refresh merged findings, clusters, and synthesis outputs.",
+        description: "Render the final deterministic Markdown audit report.",
     },
     {
         id: "external_analyzer_import_executor",

package/dist/orchestrator/flowCoverage.js

@@ -10,11 +10,17 @@ function lensSetForFlow(concerns) {
     return concerns.filter((concern) => allowed.includes(concern));
 }
 export function buildFlowCoverage(criticalFlows, coverageMatrix) {
+    const coverageByPath = new Map(coverageMatrix.files.map((file) => [file.path, file]));
     const flows = criticalFlows.flows.map((flow) => {
-        const required = lensSetForFlow(flow.concerns);
+        const flowPaths = Array.isArray(flow.paths)
+            ? flow.paths.filter((path) => typeof path === "string")
+            : [];
+        const required = lensSetForFlow(Array.isArray(flow.concerns)
+            ? flow.concerns.filter((concern) => typeof concern === "string")
+            : []);
         const completed = new Set();
-        for (const path of flow.paths) {
-            const record = coverageMatrix.files.find((file) => file.path === path);
+        for (const path of flowPaths) {
+            const record = coverageByPath.get(path);
             if (!record || record.audit_status === "excluded") {
                 continue;
             }
@@ -33,11 +39,11 @@ export function buildFlowCoverage(criticalFlows, coverageMatrix) {
                 : "pending";
         return {
             flow_id: flow.id,
-            paths: flow.paths,
+            paths: flowPaths,
             required_lenses: required,
             completed_lenses,
             status,
-            notes: [`Derived from ${flow.paths.length} path(s).`],
+            notes: [`Derived from ${flowPaths.length} path(s).`],
         };
     });
     return { flows };

package/dist/orchestrator/flowPlanning.d.ts

@@ -1,3 +1,8 @@
-import type { AuditTask } from "../types.js";
+import type { Lens } from "../types.js";
 import type { CriticalFlowManifest } from "../types/flows.js";
-export declare function buildFlowAwareTaskAugmentations(existingTasks: AuditTask[], criticalFlows: CriticalFlowManifest, _lineIndex: Record<string, number>): AuditTask[];
+export interface FlowReviewBlock {
+    flow_id: string;
+    lens: Lens;
+    file_paths: string[];
+}
+export declare function claimFlowReviewBlocks(criticalFlows: CriticalFlowManifest, pendingByLens: Map<Lens, Set<string>>, assigned: Set<string>): FlowReviewBlock[];

package/dist/orchestrator/flowPlanning.js

@@ -3,33 +3,58 @@ const DEFAULT_FLOW_LENS_PRIORITY = [
     "reliability",
     "correctness",
 ];
-export function buildFlowAwareTaskAugmentations(existingTasks, criticalFlows, _lineIndex) {
-    const seenTaskIds = new Set(existingTasks.map((task) => task.task_id));
-    // Signature: lens + sorted file list, so duplicate (flow, lens) combos across
-    // different flow groupings are still deduplicated.
-    const existingSignatures = new Set(existingTasks.map((t) => `${t.lens}|${[...t.file_paths].sort().join(",")}`));
-    const extraTasks = [];
+function lensPathKey(lens, path) {
+    return `${lens}:${path}`;
+}
+function flowLensPriority(lens) {
+    const index = DEFAULT_FLOW_LENS_PRIORITY.indexOf(lens);
+    return index >= 0 ? index : DEFAULT_FLOW_LENS_PRIORITY.length;
+}
+export function claimFlowReviewBlocks(criticalFlows, pendingByLens, assigned) {
+    const candidates = [];
     for (const flow of criticalFlows.flows) {
-        const desiredLenses = flow.concerns.filter((concern) => DEFAULT_FLOW_LENS_PRIORITY.includes(concern));
+        const flowPaths = [...new Set(flow.paths)].sort((a, b) => a.localeCompare(b));
+        const desiredLenses = flow.concerns
+            .filter((concern) => DEFAULT_FLOW_LENS_PRIORITY.includes(concern))
+            .sort((a, b) => flowLensPriority(a) - flowLensPriority(b));
         for (const lens of desiredLenses) {
-            // One task per (flow, lens) with all flow paths together so the agent
-            // can trace data across file boundaries in a single pass.
-            const taskId = `flow:${flow.id}:${lens}`;
-            const signature = `${lens}|${[...flow.paths].sort().join(",")}`;
-            if (seenTaskIds.has(taskId) || existingSignatures.has(signature)) {
+            const pendingPaths = pendingByLens.get(lens);
+            if (!pendingPaths || pendingPaths.size === 0) {
+                continue;
+            }
+            const filePaths = flowPaths.filter((path) => pendingPaths.has(path));
+            if (filePaths.length === 0) {
                 continue;
             }
-            extraTasks.push({
-                task_id: taskId,
-                unit_id: `flow:${flow.id}`,
-                pass_id: `flow-pass:${lens}`,
+            candidates.push({
+                flow_id: flow.id,
                 lens,
-                file_paths: [...flow.paths],
-                rationale: `Flow-aware audit for critical flow "${flow.id}" (${flow.paths.length} file${flow.paths.length === 1 ? "" : "s"}) under the ${lens} lens.`,
+                file_paths: filePaths,
             });
-            seenTaskIds.add(taskId);
-            existingSignatures.add(signature);
         }
     }
-    return extraTasks;
+    candidates.sort((a, b) => {
+        const sizeDelta = b.file_paths.length - a.file_paths.length;
+        if (sizeDelta !== 0)
+            return sizeDelta;
+        const lensDelta = flowLensPriority(a.lens) - flowLensPriority(b.lens);
+        if (lensDelta !== 0)
+            return lensDelta;
+        return a.flow_id.localeCompare(b.flow_id);
+    });
+    const blocks = [];
+    for (const candidate of candidates) {
+        const unclaimedPaths = candidate.file_paths.filter((path) => !assigned.has(lensPathKey(candidate.lens, path)));
+        if (unclaimedPaths.length === 0) {
+            continue;
+        }
+        for (const path of unclaimedPaths) {
+            assigned.add(lensPathKey(candidate.lens, path));
+        }
+        blocks.push({
+            ...candidate,
+            file_paths: unclaimedPaths,
+        });
+    }
+    return blocks;
 }

package/dist/orchestrator/flowRequeue.js

@@ -10,7 +10,17 @@ function isLens(value) {
         "tests",
         "operability",
         "config_deployment",
-    ].includes(value);
+    ].includes(String(value));
+}
+function getExternalSignalPaths(externalAnalyzerResults) {
+    const results = Array.isArray(externalAnalyzerResults?.results)
+        ? externalAnalyzerResults.results
+        : [];
+    return new Set(results
+        .map((item) => item && typeof item.path === "string" && item.path.length > 0
+        ? item.path
+        : null)
+        .filter((path) => path !== null));
 }
 function taskPriority(hasExternalSignal, lens) {
     if (hasExternalSignal &&
@@ -19,8 +29,8 @@ function taskPriority(hasExternalSignal, lens) {
     }
     return hasExternalSignal ? "medium" : "low";
 }
-function fileStillNeedsLens(coverageMatrix, path, lens) {
-    const record = coverageMatrix.files.find((file) => file.path === path);
+function fileStillNeedsLens(coverageByPath, path, lens) {
+    const record = coverageByPath.get(path);
     if (!record || record.audit_status === "excluded") {
         return false;
     }
@@ -28,21 +38,31 @@ function fileStillNeedsLens(coverageMatrix, path, lens) {
 }
 export function buildFlowRequeueTasks(criticalFlows, flowCoverage, coverageMatrix, externalAnalyzerResults) {
     const flowMap = new Map(criticalFlows.flows.map((flow) => [flow.id, flow]));
+    const coverageByPath = new Map(coverageMatrix.files.map((file) => [file.path, file]));
     const tasks = [];
     const seen = new Set();
-    const externalPaths = new Set((externalAnalyzerResults?.results ?? []).map((item) => item.path));
+    const externalPaths = getExternalSignalPaths(externalAnalyzerResults);
     for (const record of flowCoverage.flows) {
         const flow = flowMap.get(record.flow_id);
         if (!flow) {
             continue;
         }
-        const missingLenses = record.required_lenses.filter((lens) => !record.completed_lenses.includes(lens));
+        const requiredLenses = Array.isArray(record.required_lenses)
+            ? record.required_lenses.filter((lens) => typeof lens === "string")
+            : [];
+        const completedLenses = new Set(Array.isArray(record.completed_lenses)
+            ? record.completed_lenses.filter((lens) => typeof lens === "string")
+            : []);
+        const missingLenses = requiredLenses.filter((lens) => !completedLenses.has(lens));
+        const flowPaths = Array.isArray(flow.paths)
+            ? flow.paths.filter((path) => typeof path === "string")
+            : [];
         for (const lensName of missingLenses) {
             if (!isLens(lensName)) {
-                continue;
+                throw new Error(`buildFlowRequeueTasks encountered unsupported lens "${String(lensName)}" for flow ${record.flow_id}.`);
             }
-            for (const path of flow.paths) {
-                if (!fileStillNeedsLens(coverageMatrix, path, lensName)) {
+            for (const path of flowPaths) {
+                if (!fileStillNeedsLens(coverageByPath, path, lensName)) {
                     continue;
                 }
                 const signature = `${flow.id}|${lensName}|${path}`;
@@ -57,7 +77,7 @@ export function buildFlowRequeueTasks(criticalFlows, flowCoverage, coverageMatri
                     pass_id: `flow-requeue:${lensName}`,
                     lens: lensName,
                     file_paths: [path],
-                    rationale: `Requeue ${path} because critical flow ${flow.id} is still missing the ${lensName} lens.${hasExternalSignal ? " External analyzer signals make this follow-up higher priority." : ""}`,
+                    rationale: `Mandatory audit coverage is still missing for critical flow ${flow.id} at ${path} under the ${lensName} lens.`,
                     priority: taskPriority(hasExternalSignal, lensName),
                     tags: hasExternalSignal
                         ? ["critical_flow_followup", "external_analyzer_signal"]

package/dist/orchestrator/internalExecutors.d.ts

@@ -9,8 +9,9 @@ export interface ExecutorRunResult {
 }
 export declare function runIntakeExecutor(bundle: ArtifactBundle, root: string): Promise<ExecutorRunResult>;
 export declare function runStructureExecutor(bundle: ArtifactBundle): ExecutorRunResult;
-export declare function runPlanningExecutor(bundle: ArtifactBundle, lineIndex?: Record<string, number>): ExecutorRunResult;
+export declare function runPlanningExecutor(bundle: ArtifactBundle, root: string, lineIndex?: Record<string, number>): Promise<ExecutorRunResult>;
 export declare function runResultIngestionExecutor(bundle: ArtifactBundle, results: AuditResult[]): ExecutorRunResult;
+export declare function runRuntimeValidationExecutor(bundle: ArtifactBundle, root: string): Promise<ExecutorRunResult>;
 export declare function runRuntimeValidationUpdateExecutor(bundle: ArtifactBundle, updates: RuntimeValidationReport): ExecutorRunResult;
 export declare function runSynthesisExecutor(bundle: ArtifactBundle, results?: AuditResult[]): ExecutorRunResult;
 export declare function runExternalAnalyzerImportExecutor(bundle: ArtifactBundle, externalResults: ExternalAnalyzerResults): ExecutorRunResult;