auditor-lambda 0.3.0 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/audit-code-wrapper-lib.mjs +18 -0
  2. package/dist/cli.js +3 -3
  3. package/dist/prompts/renderWorkerPrompt.js +9 -4
  4. package/package.json +1 -1
  5. package/skills/audit-code/audit-code.prompt.md +6 -6
package/audit-code-wrapper-lib.mjs CHANGED
@@ -260,6 +260,9 @@ function printHelp({ usageName, preferredEntrypoint }) {
260
260
  '- validate checks the current artifact bundle plus session-config/provider readiness and exits non-zero when issues exist',
261
261
  '- validate-results --results FILE validates AuditResult payloads against the active task manifest without ingesting them',
262
262
  '- explain-task <task_id> prints the resolved file coverage and current status for a task id',
263
+ '- prepare-dispatch --run-id <id> [--artifacts-dir <dir>] creates per-task prompt files and dispatch-plan.json for parallel subagent dispatch',
264
+ '- merge-and-ingest --run-id <id> [--root <dir>] [--artifacts-dir <dir>] merges per-task results and ingests them into the coverage matrix',
265
+ '- validate-result --run-id <id> --task-id <id> [--artifacts-dir <dir>] validates a single task result against the schema and line counts',
263
266
  '',
264
267
  'Primary usage:',
265
268
  '- from the repository root, run the wrapper with no arguments',
@@ -2195,6 +2198,21 @@ export async function runAuditCodeWrapper({
2195
2198
  return;
2196
2199
  }
2197
2200
 
2201
+ if (argv[0] === 'prepare-dispatch') {
2202
+ await runDistCommand('prepare-dispatch', argv.slice(1));
2203
+ return;
2204
+ }
2205
+
2206
+ if (argv[0] === 'validate-result') {
2207
+ await runDistCommand('validate-result', argv.slice(1));
2208
+ return;
2209
+ }
2210
+
2211
+ if (argv[0] === 'merge-and-ingest') {
2212
+ await runDistCommand('merge-and-ingest', argv.slice(1), { ensureArtifactsDir: true });
2213
+ return;
2214
+ }
2215
+
2198
2216
  const wrapperArgs = [...argv];
2199
2217
  if (defaultSingleStep && !hasFlag(wrapperArgs, '--single-step')) {
2200
2218
  wrapperArgs.push('--single-step');
package/dist/cli.js CHANGED
@@ -112,7 +112,7 @@ function getExplicitProvider(argv) {
112
112
  return getFlag(argv, "--provider");
113
113
  }
114
114
  function resolveRunProviderName(argv, sessionConfig) {
115
- return resolveFreshSessionProviderName(getExplicitProvider(argv) ?? "auto", sessionConfig);
115
+ return resolveFreshSessionProviderName(getExplicitProvider(argv), sessionConfig);
116
116
  }
117
117
  function chunkArray(arr, size) {
118
118
  const chunkSize = normalizePositiveInteger(size);
@@ -648,7 +648,7 @@ async function cmdRunToCompletion(argv) {
648
648
  throw error;
649
649
  }
650
650
  const explicitProvider = getExplicitProvider(argv);
651
- const provider = createFreshSessionProvider(explicitProvider ?? "auto", sessionConfig);
651
+ const provider = createFreshSessionProvider(explicitProvider, sessionConfig);
652
652
  const uiMode = getUiMode(argv, sessionConfig.ui_mode ?? "headless");
653
653
  const maxRuns = getMaxRuns(argv);
654
654
  const agentBatchSize = getAgentBatchSize(argv, sessionConfig);
@@ -1479,7 +1479,7 @@ async function cmdPrepareDispatch(argv) {
1479
1479
  "",
1480
1480
  "## Validate",
1481
1481
  "After writing your result, run:",
1482
- ` audit-code validate-result --run-id ${runId} --task-id ${task.task_id} --artifacts-dir ${artifactsDir}`,
1482
+ ` "${process.execPath}" "${join(packageRoot, "audit-code.mjs")}" validate-result --run-id ${runId} --task-id ${task.task_id} --artifacts-dir "${artifactsDir}"`,
1483
1483
  "",
1484
1484
  "Exit 0 means valid. Non-zero: read the errors, fix your JSON, rewrite the file, run again. Retry up to 3 times.",
1485
1485
  ].join("\n");
package/dist/prompts/renderWorkerPrompt.js CHANGED
@@ -11,10 +11,15 @@ export function renderWorkerPrompt(task) {
11
11
  `Audit run: ${task.run_id}`,
12
12
  `Read: ${tasksPath}`,
13
13
  "For each task: read all file_paths in full, review under the specified lens,",
14
- "and emit one AuditResult with: task_id, unit_id, pass_id, lens, file_coverage,",
15
- "findings. Each finding: id, title, category, severity, confidence, lens, summary,",
16
- "affected_files (path, line_start, line_end, symbol), evidence (plain strings).",
17
- `Write to: ${task.audit_results_path}`,
14
+ "and emit one AuditResult with:",
15
+ " task_id, unit_id, pass_id, lens (copy from task),",
16
+ " file_coverage: [{path, total_lines}] use file_line_counts[path] from the task for each file,",
17
+ " findings: [] or array of finding objects.",
18
+ "Each finding: id, title, category, severity, confidence, lens, summary,",
19
+ " affected_files [{path, line_start, line_end, symbol}] (objects, not strings; min 1 entry),",
20
+ " evidence [strings] (min 1 entry).",
21
+ "Constraint: line_end must not exceed total_lines for that file.",
22
+ `Write all results as a JSON array to: ${task.audit_results_path}`,
18
23
  ];
19
24
  if (usesDeferredWorkerCommand(task)) {
20
25
  lines.push("Deferred mode: write results, do not execute worker_command.");
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "auditor-lambda",
3
- "version": "0.3.0",
3
+ "version": "0.3.1",
4
4
  "private": false,
5
5
  "description": "Portable hybrid code-auditing framework for arbitrary repositories.",
6
6
  "type": "module",
package/skills/audit-code/audit-code.prompt.md CHANGED
@@ -36,13 +36,11 @@ Parse the JSON output. Check `audit_state.status`:
36
36
 
37
37
  ---
38
38
 
39
- ### Step 2 — Read the Task
39
+ ### Step 2 — Extract the Task IDs
40
40
 
41
- Read the file at `.audit-artifacts/dispatch/current-task.json`.
42
-
43
- Note these fields:
44
- - `run_id` — identifies this batch of audit work
45
- - `artifacts_dir` — base artifacts directory
41
+ Parse these fields directly from the Step 1 JSON output:
42
+ - `run_id` — from `handoff.active_review_run.run_id`
43
+ - `artifacts_dir` — from `handoff.artifacts_dir`
46
44
 
47
45
  _(If `audit_state.blockers` contains a message that requires operator input rather than code review, stop and report the blocker verbatim to the user.)_
48
46
 
@@ -103,3 +101,5 @@ Read `audit-report.md` and present the completed audit to the user. Lead with th
103
101
  **Large task warnings:** `prepare-dispatch` warns about tasks exceeding ~1500 lines. If a subagent hits a quota limit and fails to produce output, `merge-and-ingest` excludes it silently — those tasks remain pending and are picked up in the next loop iteration. No manual intervention needed.
104
102
 
105
103
  **Failed validation:** Subagents self-validate and retry up to 3 times before finishing. `merge-and-ingest` excludes any results that still lack required fields and writes `failed-tasks.json`. Those tasks are requeued automatically in the next cycle.
104
+
105
+ **Command failures:** If `prepare-dispatch` or `merge-and-ingest` exits non-zero, **STOP immediately** and report the exact error output to the user. Do NOT improvise manual dispatch, manually split tasks, manually create directories, manually construct prompts, or manually merge results. These scripts are the canonical mechanism — operating without them produces incorrect output. Fix the underlying issue and re-run the failed command.