autosnippet 2.1.0 → 2.5.0

package/lib/core/gateway/Gateway.js

@@ -5,12 +5,10 @@ import { InternalError } from '../../shared/errors/BaseError.js';
 
 /**
  * Gateway - 统一网关
- * 所有操作的唯一入口，负责：
- * 1. 权限检查
- * 2. 宪法验证
- * 3. 审计日志
- * 4. 会话管理
- * 5. 事件分发
+ * 所有操作的唯一入口。
+ *
+ * Pipeline (4 步):
+ *   validate → guard → route → audit
  */
 export class Gateway extends EventEmitter {
   constructor(config) {
@@ -18,14 +16,12 @@ export class Gateway extends EventEmitter {
     this.config = config;
     this.logger = Logger.getInstance();
     this.routes = new Map();
-    this.plugins = [];
 
     // 依赖注入（稍后设置）
     this.constitution = null;
     this.constitutionValidator = null;
     this.permissionManager = null;
     this.auditLogger = null;
-    this.sessionManager = null;
   }
 
   /**
@@ -36,13 +32,11 @@ export class Gateway extends EventEmitter {
     constitutionValidator,
     permissionManager,
     auditLogger,
-    sessionManager,
   }) {
     this.constitution = constitution;
     this.constitutionValidator = constitutionValidator;
     this.permissionManager = permissionManager;
     this.auditLogger = auditLogger;
-    this.sessionManager = sessionManager;
   }
 
   /**
@@ -63,14 +57,6 @@ export class Gateway extends EventEmitter {
     return [...this.routes.keys()];
   }
 
-  /**
-   * 注册插件
-   */
-  use(plugin) {
-    this.plugins.push(plugin);
-    this.logger.debug(`Plugin registered: ${plugin.name}`);
-  }
-
   /**
    * 执行操作（主入口）
    */
@@ -95,28 +81,18 @@ export class Gateway extends EventEmitter {
     });
 
     try {
-      // 1. 验证请求
+      // 1. validate — 请求格式
       this.validateRequest(request);
 
-      // 2. 权限检查
-      await this.checkPermission(context);
+      // 2. guard — 权限 + 宪法规则
+      await this.guard(context);
 
-      // 3. 宪法验证
-      await this.validateConstitution(context);
-
-      // 4. 执行插件（pre-hook）
-      await this.runPlugins('pre', context);
-
-      // 5. 路由到处理器
+      // 3. route — 路由到处理器
       const result = await this.routeToHandler(context);
 
-      // 6. 执行插件（post-hook）
-      await this.runPlugins('post', context, result);
-
-      // 7. 审计日志（成功）
+      // 4. audit — 记录成功
       await this.auditSuccess(context, result);
 
-      // 8. 返回结果
       const duration = Date.now() - startTime;
       this.logger.info('Gateway: Request completed', {
         requestId,
@@ -130,7 +106,6 @@ export class Gateway extends EventEmitter {
         duration,
       };
     } catch (error) {
-      // 审计日志（失败）
       await this.auditFailure(context, error);
 
       const duration = Date.now() - startTime;
@@ -155,7 +130,7 @@ export class Gateway extends EventEmitter {
 
   /**
    * 仅检查权限与宪法（不执行业务逻辑）
-   * 用于 MCP Gateway gating — 只做 permission + constitution + audit，不路由到 handler
+   * 用于 MCP Gateway gating
    */
   async checkOnly(request) {
     const requestId = uuidv4();
@@ -173,13 +148,9 @@ export class Gateway extends EventEmitter {
 
     try {
       this.validateRequest(request);
-      await this.checkPermission(context);
-      await this.validateConstitution(context);
-      await this.runPlugins('pre', context);
+      await this.guard(context);
 
-      // 记录成功的 checkOnly 审计日志（供 MCP Gateway gating 审计追踪）
       await this.auditSuccess(context, { checkOnly: true });
-
       return { success: true, requestId };
     } catch (error) {
       await this.auditFailure(context, error);
@@ -195,8 +166,10 @@ export class Gateway extends EventEmitter {
     }
   }
 
+  // ─── Pipeline Steps ────────────────────────────────────
+
   /**
-   * 验证请求格式
+   * validate — 验证请求格式
    */
   validateRequest(request) {
     if (!request.actor) {
@@ -208,38 +181,27 @@ export class Gateway extends EventEmitter {
   }
 
   /**
-   * 权限检查
+   * guard — 权限检查 + 宪法验证
    */
-  async checkPermission(context) {
-    if (!this.permissionManager) {
-      this.logger.warn('PermissionManager not set, skipping permission check');
-      return;
+  async guard(context) {
+    // 权限检查
+    if (this.permissionManager) {
+      this.permissionManager.enforce(context.actor, context.action, context.resource);
     }
 
-    this.permissionManager.enforce(context.actor, context.action, context.resource);
-  }
-
-  /**
-   * 宪法验证
-   */
-  async validateConstitution(context) {
-    if (!this.constitutionValidator) {
-      this.logger.warn('ConstitutionValidator not set, skipping validation');
-      return;
+    // 宪法数据完整性规则
+    if (this.constitutionValidator) {
+      await this.constitutionValidator.enforce({
+        actor: context.actor,
+        action: context.action,
+        resource: context.resource,
+        data: context.data,
+      });
     }
-
-    const request = {
-      actor: context.actor,
-      action: context.action,
-      resource: context.resource,
-      data: context.data,
-    };
-
-    await this.constitutionValidator.enforce(request);
   }
 
   /**
-   * 路由到处理器
+   * route — 路由到处理器
    */
   async routeToHandler(context) {
     const handler = this.routes.get(context.action);
@@ -252,23 +214,10 @@ export class Gateway extends EventEmitter {
   }
 
   /**
-   * 执行插件
-   */
-  async runPlugins(phase, context, result = null) {
-    for (const plugin of this.plugins) {
-      if (plugin[phase]) {
-        await plugin[phase](context, result);
-      }
-    }
-  }
-
-  /**
-   * 审计成功
+   * audit — 记录成功
    */
   async auditSuccess(context, result) {
-    if (!this.auditLogger) {
-      return;
-    }
+    if (!this.auditLogger) return;
 
     await this.auditLogger.log({
       requestId: context.requestId,
@@ -277,19 +226,15 @@ export class Gateway extends EventEmitter {
       resource: context.resource,
       result: 'success',
       duration: Date.now() - context.startTime,
-      context: {
-        session: context.session,
-      },
+      context: { session: context.session },
     });
   }
 
   /**
-   * 审计失败
+   * audit — 记录失败
    */
   async auditFailure(context, error) {
-    if (!this.auditLogger) {
-      return;
-    }
+    if (!this.auditLogger) return;
 
     await this.auditLogger.log({
       requestId: context.requestId,
@@ -299,9 +244,7 @@ export class Gateway extends EventEmitter {
       result: 'failure',
       error: error.message,
       duration: Date.now() - context.startTime,
-      context: {
-        session: context.session,
-      },
+      context: { session: context.session },
     });
   }
 
@@ -311,13 +254,6 @@ export class Gateway extends EventEmitter {
   getRoutes() {
     return Array.from(this.routes.keys());
   }
-
-  /**
-   * 获取所有插件
-   */
-  getPlugins() {
-    return this.plugins.map((p) => p.name || 'anonymous');
-  }
 }
 
 export default Gateway;

package/lib/core/gateway/GatewayActionRegistry.js

@@ -206,8 +206,19 @@ export function registerGatewayActions(gateway, container) {
 
   // ========== Search Actions ==========
 
+  // ========== Candidate Update (enrich/refine) ==========
+
+  gateway.register('candidate:update', async (ctx) => {
+    const service = container.get('candidateService');
+    return service.updateCandidate
+      ? service.updateCandidate(ctx.data.id, ctx.data, { userId: ctx.actor })
+      : service.createCandidate(ctx.data, { userId: ctx.actor });
+  });
+
+  // ========== Search ==========
+
   gateway.register('search:query', async (ctx) => {
-    const service = container.get('searchService');
+    const service = container.get('searchEngine');
     return service.search(ctx.data.keyword, ctx.data.options);
   });
 

package/lib/core/permission/PermissionManager.js

@@ -123,7 +123,7 @@ export class PermissionManager {
    * 处理多种格式：
    * - read_recipes -> read:recipes
    * - read:recipes -> read:recipes（已规范化）
-   * - perm_cursor_agent_read_recipes -> read:recipes（测试使用的格式）
+   * - perm_external_agent_read_recipes -> read:recipes（测试使用的格式）
    */
   _normalizeAction(action) {
     // 如果已经包含冒号，直接返回
@@ -134,7 +134,7 @@ export class PermissionManager {
     // 处理测试格式：perm_actor_action_resource -> action:resource
     if (action.startsWith('perm_')) {
       const parts = action.split('_');
-      // perm_cursor_agent_read_recipes -> ['perm', 'cursor', 'agent', 'read', 'recipes']
+      // perm_external_agent_read_recipes -> ['perm', 'cursor', 'agent', 'read', 'recipes']
       // 跳过 'perm' 和 actor 名称部分，从实际的 action 部分开始
       if (parts.length >= 4) {
         // 尝试找到 action 部分（常见的 action 包括 read, create, delete, submit, approve, reject）

package/lib/external/ai/AiProvider.js

@@ -472,11 +472,25 @@ ${items}`;
 
   /**
    * 修复被截断的 JSON 数组 — 回收已完成的对象
-   * 策略：找到最后一个完整的 {...} 对象，截断后闭合数组
+   * 策略 1（主路径）: 字符级解析找到最后一个完整的顶层 {...} 对象
+   * 策略 2（回退路径）: 正则 + 渐进 JSON.parse 尝试（应对代码段中未转义引号导致 inString 追踪失效）
    */
   _repairTruncatedArray(text) {
-    // 找到最后一个完整对象的结尾 "},"  或  "}\n" 或直接 "}"
-    // 从后向前搜索最后一个顶层 "}" 后跟 "," 或空白
+    // ── 策略 1：字符级深度追踪 ──
+    const charResult = this._repairByCharTracking(text);
+    if (charResult) return charResult;
+
+    // ── 策略 2：正则回退 — 找所有 "}," 或 "}\n" 位置，从后向前逐一尝试 JSON.parse ──
+    const regexResult = this._repairByRegexFallback(text);
+    if (regexResult) return regexResult;
+
+    return null;
+  }
+
+  /**
+   * 字符级深度追踪修复（原逻辑，处理标准 JSON）
+   */
+  _repairByCharTracking(text) {
     let depth = 0;
     let inString = false;
     let escape = false;
@@ -500,13 +514,39 @@ ${items}`;
     }
 
     if (lastCompleteObjEnd === -1) return null;
+    return this._tryRepairAt(text, lastCompleteObjEnd);
+  }
+
+  /**
+   * 正则回退修复 — 不依赖 inString 追踪
+   * 寻找所有 "},\s*{" 或 "}\s*]" 边界，从后往前尝试 JSON.parse
+   */
+  _repairByRegexFallback(text) {
+    // 收集所有 "}" 后跟 "," 或空白的位置（可能是对象边界）
+    const candidates = [];
+    const re = /\}[\s,]*(?=\s*[\[{]|$)/g;
+    let m;
+    while ((m = re.exec(text)) !== null) {
+      candidates.push(m.index); // "}" 的位置
+    }
 
-    // 截取到最后一个完整对象，闭合数组
-    let repaired = text.slice(0, lastCompleteObjEnd + 1);
+    // 从后往前尝试
+    for (let i = candidates.length - 1; i >= 0; i--) {
+      const result = this._tryRepairAt(text, candidates[i]);
+      if (result) return result;
+    }
+    return null;
+  }
+
+  /**
+   * 在指定位置截断并尝试闭合 JSON 数组
+   */
+  _tryRepairAt(text, endPos) {
+    let repaired = text.slice(0, endPos + 1);
     // 去掉尾逗号
     repaired = repaired.replace(/,\s*$/, '');
     repaired += ']';
-    // 修复尾逗号
+    // 修复尾逗号（对象/数组末尾多余逗号）
     repaired = repaired.replace(/,\s*([}\]])/g, '$1');
 
     try {
@@ -515,7 +555,7 @@ ${items}`;
         this._log('warn', `[extractJSON] Repaired truncated JSON array: recovered ${result.length} items from truncated response`);
         return result;
       }
-    } catch { /* repair failed */ }
+    } catch { /* this position didn't work, try next */ }
     return null;
   }
 

package/lib/external/mcp/McpServer.js

@@ -61,10 +61,7 @@ export class McpServer {
         db: components.db,
         auditLogger: components.auditLogger,
         gateway: components.gateway,
-        reasoningLogger: components.reasoningLogger,
-        roleDriftMonitor: components.roleDriftMonitor,
-        complianceEvaluator: components.complianceEvaluator,
-        sessionManager: components.sessionManager,
+        constitution: components.constitution,
         projectRoot: process.env.ASD_PROJECT_DIR || process.cwd(),
       });
 
@@ -123,7 +120,6 @@ export class McpServer {
       case 'autosnippet_list_recipes':      return browseHandlers.listRecipes(ctx, args);
       case 'autosnippet_get_recipe':        return browseHandlers.getRecipe(ctx, args);
       case 'autosnippet_recipe_insights':   return browseHandlers.recipeInsights(ctx, args);
-      case 'autosnippet_compliance_report': return browseHandlers.complianceReport(ctx, args);
       case 'autosnippet_confirm_usage':     return browseHandlers.confirmUsage(ctx, args);
       // 项目结构 & 图谱
       case 'autosnippet_get_targets':       return structureHandlers.getTargets(ctx);
@@ -147,9 +143,10 @@ export class McpServer {
       // Bootstrap 冷启动
       case 'autosnippet_bootstrap_knowledge': return bootstrapHandlers.bootstrapKnowledge(ctx, args);
       case 'autosnippet_bootstrap_refine':    return bootstrapHandlers.bootstrapRefine(ctx, args);
-      // Skills 加载
+      // Skills 加载 & 创建
       case 'autosnippet_list_skills':         return skillHandlers.listSkills();
       case 'autosnippet_load_skill':          return skillHandlers.loadSkill(ctx, args);
+      case 'autosnippet_create_skill':        return skillHandlers.createSkill(ctx, args);
       default: throw new Error(`Unknown tool: ${name}`);
     }
   }
@@ -167,7 +164,7 @@ export class McpServer {
       if (!gateway) return; // Gateway 未初始化，降级放行
 
       const result = await gateway.checkOnly({
-        actor: 'cursor_agent',
+        actor: 'external_agent',
         action: mapping.action,
         resource: mapping.resource,
         data: args || {},

package/lib/external/mcp/handlers/bootstrap.js

@@ -664,6 +664,18 @@ export async function bootstrapKnowledge(ctx, args) {
   responseData.skillsEnhanced = skillsEnhanced;
   responseData.message = `Bootstrap 完成: ${allFiles.length} files, ${allTargets.length} targets, ${depEdgesWritten} graph edges, ${candidateResults.created} 条单一职责候选已创建${skillsEnhanced ? '（Skill 增强）' : ''}。${skillContext?.loaded?.length ? `已加载 Skills: ${skillContext.loaded.join(', ')}。` : ''}⚠️ 候选为启发式初稿，请务必执行后续 AI 精炼步骤提升质量。`;
 
+  // ── SkillHooks: onBootstrapComplete (fire-and-forget) ──
+  try {
+    const skillHooks = ctx.container.get('skillHooks');
+    skillHooks.run('onBootstrapComplete', {
+      filesScanned: allFiles.length,
+      targetsFound: allTargets.length,
+      candidatesCreated: candidateResults.created,
+      candidatesFailed: candidateResults.failed,
+    }, { projectRoot: ctx.container.get('database')?.filename || '' })
+      .catch(() => {}); // fire-and-forget
+  } catch { /* skillHooks not available */ }
+
   return envelope({
     success: true,
     data: responseData,
@@ -695,7 +707,7 @@ export async function bootstrapRefine(ctx, args) {
   const result = await candidateService.refineBootstrapCandidates(
     aiProvider,
     { candidateIds: args.candidateIds, userPrompt: args.userPrompt, dryRun: args.dryRun },
-    { userId: 'cursor_agent' },
+    { userId: 'external_agent' },
   );
 
   return envelope({

package/lib/external/mcp/handlers/browse.js

@@ -119,13 +119,6 @@ export async function recipeInsights(ctx, args) {
   return envelope({ success: true, data: insights, meta: { tool: 'autosnippet_recipe_insights' } });
 }
 
-export async function complianceReport(ctx, args = {}) {
-  const evaluator = ctx.container.get('complianceEvaluator');
-  if (!evaluator) return envelope({ success: false, message: 'ComplianceEvaluator not available', meta: { tool: 'autosnippet_compliance_report' } });
-  const report = await evaluator.evaluate({ period: args.period || 'all' });
-  return envelope({ success: true, data: report, meta: { tool: 'autosnippet_compliance_report' } });
-}
-
 export async function confirmUsage(ctx, args) {
   if (!args.recipeId) throw new Error('recipeId is required');
   const recipeService = ctx.container.get('recipeService');

package/lib/external/mcp/handlers/candidate.js

@@ -65,7 +65,7 @@ export function buildCandidateMetadata(obj) {
  * 保留此函数作为 MCP handler 层的快捷入口，保持向后兼容。
  */
 async function _createCandidateItem(candidateService, item, source, extraMeta = {}) {
-  return candidateService.createFromToolParams(item, source, extraMeta, { userId: 'cursor_agent' });
+  return candidateService.createFromToolParams(item, source, extraMeta, { userId: 'external_agent' });
 }
 
 // ─── 限流检查 ──────────────────────────────────────────────

package/lib/external/mcp/handlers/guard.js

@@ -24,6 +24,17 @@ export async function guardCheck(ctx, args) {
   const language = args.language || detectLanguage(args.filePath || '');
   const violations = engine.checkCode(args.code, language);
 
+  // ── SkillHooks: onGuardCheck — 允许 hooks 修改 violations ──
+  try {
+    const skillHooks = ctx.container.get('skillHooks');
+    if (skillHooks.has('onGuardCheck')) {
+      for (let i = 0; i < violations.length; i++) {
+        const modified = await skillHooks.run('onGuardCheck', violations[i], { language });
+        if (modified && typeof modified === 'object') violations[i] = modified;
+      }
+    }
+  } catch { /* skillHooks not available */ }
+
   const warnings = [];
   if (language === 'unknown') {
     warnings.push('未能识别语言，部分语言相关规则可能未执行。建议提供 language 或 filePath 参数。');