auditor-lambda 0.3.16 → 0.3.18
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +12 -0
- package/dist/cli.js +62 -2
- package/docs/operator-guide.md +8 -0
- package/package.json +1 -1
- package/scripts/postinstall.mjs +8 -0
package/README.md
CHANGED
|
@@ -149,6 +149,18 @@ For task-to-coverage inspection without reverse-engineering multiple artifacts:
|
|
|
149
149
|
audit-code explain-task <task_id>
|
|
150
150
|
```
|
|
151
151
|
|
|
152
|
+
To remove a leftover `.audit-artifacts/` directory from an interrupted or
|
|
153
|
+
crashed audit:
|
|
154
|
+
|
|
155
|
+
```bash
|
|
156
|
+
audit-code cleanup
|
|
157
|
+
audit-code cleanup --dry-run # preview without deleting
|
|
158
|
+
audit-code cleanup --force # delete even if state is unknown
|
|
159
|
+
```
|
|
160
|
+
|
|
161
|
+
Refuses to delete if the audit state is `active` or `blocked` (resumable).
|
|
162
|
+
Pass `--force` when `audit_state.json` is missing (crashed run).
|
|
163
|
+
|
|
152
164
|
For a local stdio MCP server entrypoint:
|
|
153
165
|
|
|
154
166
|
```bash
|
package/dist/cli.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { access, mkdir, readFile, readdir, rename, writeFile } from "node:fs/promises";
|
|
1
|
+
import { access, mkdir, readFile, readdir, rename, rm, writeFile } from "node:fs/promises";
|
|
2
2
|
import { createReadStream } from "node:fs";
|
|
3
3
|
import { Buffer } from "node:buffer";
|
|
4
4
|
import { createHash } from "node:crypto";
|
|
@@ -606,6 +606,7 @@ export async function runSample(argv = process.argv) {
|
|
|
606
606
|
async function cmdAdvanceAudit(argv) {
|
|
607
607
|
const root = getRootDir(argv);
|
|
608
608
|
const artifactsDir = getArtifactsDir(argv);
|
|
609
|
+
await cleanupStaleArtifactsDir(artifactsDir);
|
|
609
610
|
await mkdir(artifactsDir, { recursive: true });
|
|
610
611
|
await ensureSupervisorDirs(artifactsDir);
|
|
611
612
|
let sessionConfig;
|
|
@@ -685,6 +686,7 @@ async function cmdAdvanceAudit(argv) {
|
|
|
685
686
|
async function cmdRunToCompletion(argv) {
|
|
686
687
|
const root = getRootDir(argv);
|
|
687
688
|
const artifactsDir = getArtifactsDir(argv);
|
|
689
|
+
await cleanupStaleArtifactsDir(artifactsDir);
|
|
688
690
|
await mkdir(artifactsDir, { recursive: true });
|
|
689
691
|
await ensureSupervisorDirs(artifactsDir);
|
|
690
692
|
let sessionConfig;
|
|
@@ -2353,6 +2355,61 @@ async function cmdSynthesize(argv) {
|
|
|
2353
2355
|
progress_summary: result.progress_summary,
|
|
2354
2356
|
}, null, 2));
|
|
2355
2357
|
}
|
|
2358
|
+
async function cleanupStaleArtifactsDir(artifactsDir) {
|
|
2359
|
+
let status;
|
|
2360
|
+
try {
|
|
2361
|
+
const state = await readJsonFile(join(artifactsDir, "audit_state.json"));
|
|
2362
|
+
status = state.status;
|
|
2363
|
+
}
|
|
2364
|
+
catch (error) {
|
|
2365
|
+
if (!isFileMissingError(error)) {
|
|
2366
|
+
throw error;
|
|
2367
|
+
}
|
|
2368
|
+
return;
|
|
2369
|
+
}
|
|
2370
|
+
if (status === "complete" || status === "not_started") {
|
|
2371
|
+
await rm(artifactsDir, { recursive: true, force: true });
|
|
2372
|
+
}
|
|
2373
|
+
}
|
|
2374
|
+
async function cmdCleanup(argv) {
|
|
2375
|
+
const artifactsDir = getArtifactsDir(argv);
|
|
2376
|
+
const dryRun = hasFlag(argv, "--dry-run");
|
|
2377
|
+
const force = hasFlag(argv, "--force");
|
|
2378
|
+
let status;
|
|
2379
|
+
try {
|
|
2380
|
+
const state = await readJsonFile(join(artifactsDir, "audit_state.json"));
|
|
2381
|
+
status = state.status;
|
|
2382
|
+
}
|
|
2383
|
+
catch (error) {
|
|
2384
|
+
if (!isFileMissingError(error)) {
|
|
2385
|
+
throw error;
|
|
2386
|
+
}
|
|
2387
|
+
}
|
|
2388
|
+
const resumable = status === "active" || status === "blocked";
|
|
2389
|
+
const unknown = status === undefined;
|
|
2390
|
+
if ((resumable || unknown) && !force) {
|
|
2391
|
+
const reason = resumable
|
|
2392
|
+
? `audit is ${status} and may be resumed`
|
|
2393
|
+
: "no audit_state.json found; artifacts may be from a crashed audit";
|
|
2394
|
+
console.log(JSON.stringify({
|
|
2395
|
+
artifacts_dir: artifactsDir,
|
|
2396
|
+
action: "skipped",
|
|
2397
|
+
reason: `${reason} — use --force to delete anyway`,
|
|
2398
|
+
dry_run: dryRun,
|
|
2399
|
+
}, null, 2));
|
|
2400
|
+
process.exitCode = 1;
|
|
2401
|
+
return;
|
|
2402
|
+
}
|
|
2403
|
+
if (!dryRun) {
|
|
2404
|
+
await rm(artifactsDir, { recursive: true, force: true });
|
|
2405
|
+
}
|
|
2406
|
+
console.log(JSON.stringify({
|
|
2407
|
+
artifacts_dir: artifactsDir,
|
|
2408
|
+
action: dryRun ? "dry-run" : "deleted",
|
|
2409
|
+
status: status ?? "unknown",
|
|
2410
|
+
dry_run: dryRun,
|
|
2411
|
+
}, null, 2));
|
|
2412
|
+
}
|
|
2356
2413
|
async function cmdMcp(argv) {
|
|
2357
2414
|
await runAuditCodeMcpServer(argv.slice(3));
|
|
2358
2415
|
}
|
|
@@ -2401,6 +2458,9 @@ async function main(argv) {
|
|
|
2401
2458
|
case "synthesize":
|
|
2402
2459
|
await cmdSynthesize(argv);
|
|
2403
2460
|
return;
|
|
2461
|
+
case "cleanup":
|
|
2462
|
+
await cmdCleanup(argv);
|
|
2463
|
+
return;
|
|
2404
2464
|
case "mcp":
|
|
2405
2465
|
await cmdMcp(argv);
|
|
2406
2466
|
return;
|
|
@@ -2418,7 +2478,7 @@ async function main(argv) {
|
|
|
2418
2478
|
return;
|
|
2419
2479
|
default:
|
|
2420
2480
|
console.error(`Unknown command: ${command}`);
|
|
2421
|
-
console.error("Available commands: sample-run, advance-audit, run-to-completion, worker-run, import-external-analyzer, intake, plan, ingest-results, explain-task, update-runtime-validation, validate, validate-results, requeue, synthesize, mcp, prepare-dispatch, merge-and-ingest, submit-packet, validate-result");
|
|
2481
|
+
console.error("Available commands: sample-run, advance-audit, run-to-completion, worker-run, import-external-analyzer, intake, plan, ingest-results, explain-task, update-runtime-validation, validate, validate-results, requeue, synthesize, cleanup, mcp, prepare-dispatch, merge-and-ingest, submit-packet, validate-result");
|
|
2422
2482
|
process.exitCode = 1;
|
|
2423
2483
|
}
|
|
2424
2484
|
}
|
package/docs/operator-guide.md
CHANGED
|
@@ -105,12 +105,20 @@ audit-code --updates /path/to/runtime_validation_update.json
|
|
|
105
105
|
audit-code --external-analyzer-results /path/to/external_analyzer_results.json
|
|
106
106
|
audit-code explain-task <task_id>
|
|
107
107
|
audit-code validate
|
|
108
|
+
audit-code cleanup
|
|
108
109
|
audit-code mcp
|
|
109
110
|
```
|
|
110
111
|
|
|
111
112
|
`audit-code validate` checks artifact shape, cross-artifact consistency,
|
|
112
113
|
session config, and explicit provider readiness.
|
|
113
114
|
|
|
115
|
+
`audit-code cleanup` removes the `.audit-artifacts/` directory when safe to
|
|
116
|
+
do so. It reads `audit_state.json` before acting: `complete` and `not_started`
|
|
117
|
+
states are deleted unconditionally; `active` and `blocked` states are refused
|
|
118
|
+
(the audit is resumable). If `audit_state.json` is missing — typically a
|
|
119
|
+
crashed run — cleanup also refuses unless `--force` is passed. `--dry-run`
|
|
120
|
+
previews the action without deleting anything.
|
|
121
|
+
|
|
114
122
|
## Session config
|
|
115
123
|
|
|
116
124
|
Backend fallback configuration lives at:
|
package/package.json
CHANGED
package/scripts/postinstall.mjs
CHANGED
|
@@ -47,6 +47,14 @@ function mergeOpenCodeGlobalConfig(existing, promptBody) {
|
|
|
47
47
|
subtask: false,
|
|
48
48
|
},
|
|
49
49
|
},
|
|
50
|
+
agent: {
|
|
51
|
+
...(parsed.agent && typeof parsed.agent === 'object' && !Array.isArray(parsed.agent)
|
|
52
|
+
? parsed.agent
|
|
53
|
+
: {}),
|
|
54
|
+
auditor: {
|
|
55
|
+
description: 'Read-heavy audit orchestration agent for the /audit-code workflow.',
|
|
56
|
+
},
|
|
57
|
+
},
|
|
50
58
|
};
|
|
51
59
|
}
|
|
52
60
|
|