avorelo 0.1.0 → 0.3.0

package/scripts/lib/feedback-signals.js

@@ -1,205 +0,0 @@
-"use strict";
-
-const fs = require("node:fs");
-const path = require("node:path");
-const crypto = require("node:crypto");
-
-const CONTRACT = "avorelo.feedbackSignal.v1";
-const SCHEMA_VERSION = 1;
-
-const FEEDBACK_DIR_REL = ".claude/cco/feedback";
-
-const VALID_SOURCES = Object.freeze([
-  "dogfood",
-  "manual_customer",
-  "support_note",
-  "session_review",
-]);
-
-const VALID_FRICTION_TYPES = Object.freeze([
-  "missing_evidence",
-  "noisy_output",
-  "manual_fallback_required",
-  "generic_next_action",
-  "verification_missing",
-  "proof_missing",
-  "unavailable_worker",
-  "context_too_large",
-  "unknown_asset_repeated",
-  "high_risk_blocked_without_continuation",
-  "value_claim_not_evidence_backed",
-  "activation_friction",
-  "support_explainability_gap",
-  "other",
-]);
-
-const VALID_SEVERITIES = Object.freeze(["low", "medium", "high", "critical"]);
-
-// Patterns that must not appear in feedback payloads
-const FORBIDDEN_PATTERNS = [
-  /\bpassword\b/i,
-  /\bsecret\b/i,
-  /\bapi[_-]?key\b/i,
-  /\btoken\b.*[:=]\s*[A-Za-z0-9+/=]{20,}/i,
-  /\bPRIVATE\s+KEY\b/,
-  /sk-[A-Za-z0-9]{20,}/,
-];
-
-function redactString(val) {
-  if (typeof val !== "string") return val;
-  let result = val;
-  for (const pattern of FORBIDDEN_PATTERNS) {
-    result = result.replace(pattern, "[REDACTED]");
-  }
-  return result;
-}
-
-function redactPayload(obj) {
-  if (typeof obj === "string") return redactString(obj);
-  if (Array.isArray(obj)) return obj.map(redactPayload);
-  if (obj && typeof obj === "object") {
-    const out = {};
-    for (const [k, v] of Object.entries(obj)) {
-      out[k] = redactPayload(v);
-    }
-    return out;
-  }
-  return obj;
-}
-
-function validateFeedbackSignal(signal) {
-  const errors = [];
-
-  if (!signal || typeof signal !== "object") {
-    return { valid: false, errors: ["Signal must be an object."] };
-  }
-
-  if (!VALID_SOURCES.includes(signal.source)) {
-    errors.push(`source must be one of: ${VALID_SOURCES.join(", ")}`);
-  }
-
-  if (!signal.summary || typeof signal.summary !== "string" || signal.summary.trim().length === 0) {
-    errors.push("summary is required and must be a non-empty string.");
-  }
-
-  if (signal.frictionType && !VALID_FRICTION_TYPES.includes(signal.frictionType)) {
-    errors.push(`frictionType must be one of: ${VALID_FRICTION_TYPES.join(", ")}`);
-  }
-
-  if (signal.severity && !VALID_SEVERITIES.includes(signal.severity)) {
-    errors.push(`severity must be one of: ${VALID_SEVERITIES.join(", ")}`);
-  }
-
-  // Reject any forbidden patterns in summary or desiredBehavior
-  for (const field of ["summary", "desiredBehavior"]) {
-    if (typeof signal[field] === "string") {
-      for (const pattern of FORBIDDEN_PATTERNS) {
-        if (pattern.test(signal[field])) {
-          errors.push(`${field} contains forbidden/sensitive content.`);
-          break;
-        }
-      }
-    }
-  }
-
-  return { valid: errors.length === 0, errors };
-}
-
-function normalizeFeedbackSignal(raw) {
-  const signal = {
-    contract: CONTRACT,
-    schemaVersion: SCHEMA_VERSION,
-    signalId: raw.signalId || `feedback-${crypto.randomBytes(6).toString("hex")}`,
-    source: raw.source,
-    persona: raw.persona || null,
-    runId: raw.runId || null,
-    frictionType: raw.frictionType || "other",
-    severity: raw.severity || "medium",
-    summary: redactString(raw.summary || ""),
-    desiredBehavior: redactString(raw.desiredBehavior || null),
-    evidencePath: raw.evidencePath || null,
-    createdAt: raw.createdAt || new Date().toISOString(),
-    redacted: true,
-  };
-  return signal;
-}
-
-function writeFeedbackSignal(cwd, raw) {
-  const validation = validateFeedbackSignal(raw);
-  if (!validation.valid) {
-    throw new Error(`Invalid feedback signal: ${validation.errors.join("; ")}`);
-  }
-
-  const signal = normalizeFeedbackSignal(raw);
-  const dir = path.join(cwd, FEEDBACK_DIR_REL);
-  fs.mkdirSync(dir, { recursive: true });
-
-  const filename = `${signal.signalId}.json`;
-  const filePath = path.join(dir, filename);
-  fs.writeFileSync(filePath, JSON.stringify(signal, null, 2), "utf8");
-
-  return { filePath, signal };
-}
-
-function readFeedbackSignals(cwd) {
-  const dir = path.join(cwd, FEEDBACK_DIR_REL);
-  if (!fs.existsSync(dir)) return [];
-
-  const signals = [];
-  let files;
-  try {
-    files = fs.readdirSync(dir).filter((f) => f.endsWith(".json"));
-  } catch {
-    return [];
-  }
-
-  for (const f of files) {
-    try {
-      const raw = JSON.parse(fs.readFileSync(path.join(dir, f), "utf8"));
-      if (raw.contract === CONTRACT) {
-        signals.push(raw);
-      }
-    } catch {
-      // skip corrupted
-    }
-  }
-
-  return signals;
-}
-
-function summarizeFeedbackSignals(cwd) {
-  const signals = readFeedbackSignals(cwd);
-  if (signals.length === 0) {
-    return { total: 0, byFrictionType: {}, bySeverity: {}, topSummaries: [] };
-  }
-
-  const byFrictionType = {};
-  const bySeverity = {};
-  for (const s of signals) {
-    const ft = s.frictionType || "other";
-    byFrictionType[ft] = (byFrictionType[ft] || 0) + 1;
-    const sev = s.severity || "medium";
-    bySeverity[sev] = (bySeverity[sev] || 0) + 1;
-  }
-
-  return {
-    total: signals.length,
-    byFrictionType,
-    bySeverity,
-    topSummaries: signals.slice(-5).map((s) => s.summary),
-  };
-}
-
-module.exports = {
-  CONTRACT,
-  SCHEMA_VERSION,
-  FEEDBACK_DIR_REL,
-  VALID_SOURCES,
-  VALID_FRICTION_TYPES,
-  VALID_SEVERITIES,
-  validateFeedbackSignal,
-  normalizeFeedbackSignal,
-  writeFeedbackSignal,
-  readFeedbackSignals,
-  summarizeFeedbackSignals,
-};

package/scripts/lib/file-integrity.js

@@ -1,68 +0,0 @@
-// File integrity validation
-// Ensures "completed" states actually have required files
-
-const fs = require('fs');
-const path = require('path');
-
-/**
- * Expected files for a "completed" onboarding state
- */
-const EXPECTED_ONBOARDING_FILES = [
-  '.claude/cco/config.json',
-  '.claude/cco/state/onboarding.json',
-];
-
-/**
- * Validates that required files exist when onboarding state claims completion
- * If files are missing, returns validation errors for repair
- */
-function validateOnboardingFileIntegrity(cwd) {
-  const missing = [];
-  const onboardingPath = path.join(cwd, '.claude/cco/state/onboarding.json');
-
-  // Check onboarding state exists
-  if (!fs.existsSync(onboardingPath)) {
-    return {
-      isValid: false,
-      reason: 'no-state',
-      missing: [onboardingPath],
-      recommendedAction: 'Run initial setup'
-    };
-  }
-
-  // Check if state says "completed"
-  try {
-    const state = JSON.parse(fs.readFileSync(onboardingPath, 'utf8'));
-    if (state.status === 'completed') {
-      // Verify expected files exist
-      for (const file of EXPECTED_ONBOARDING_FILES) {
-        const fullPath = path.join(cwd, file);
-        if (!fs.existsSync(fullPath)) {
-          missing.push(file);
-        }
-      }
-
-      if (missing.length > 0) {
-        return {
-          isValid: false,
-          reason: 'missing-files',
-          missing: missing,
-          recommendedAction: 'Restore missing onboarding files or re-run initialization'
-        };
-      }
-    }
-  } catch (err) {
-    return {
-      isValid: false,
-      reason: 'corrupt-state',
-      error: err.message
-    };
-  }
-
-  return { isValid: true };
-}
-
-module.exports = {
-  validateOnboardingFileIntegrity,
-  EXPECTED_ONBOARDING_FILES
-};

package/scripts/lib/fsx.js

@@ -1,127 +0,0 @@
-"use strict";
-
-const fs = require("fs");
-const path = require("path");
-const {
-  readProjectConfig,
-  ensureProjectConfig,
-  writeProjectConfig,
-  readTeamPolicy,
-  ensureTeamPolicy,
-  getEffectiveConfig,
-} = require("./config");
-
-function readStdinJson() {
-  return new Promise((resolve) => {
-    let data = "";
-    process.stdin.setEncoding("utf8");
-    process.stdin.on("data", (chunk) => (data += chunk));
-    process.stdin.on("end", () => {
-      try {
-        resolve(JSON.parse(data || "{}"));
-      } catch {
-        resolve({});
-      }
-    });
-  });
-}
-
-function ensureDir(p) {
-  fs.mkdirSync(p, { recursive: true });
-}
-
-function ensureCcoDirs(cwd) {
-  // Essential directories for local-first operation (7 dirs for core functionality)
-  ensureDir(path.join(cwd, ".claude", "cco", "reports"));
-  ensureDir(path.join(cwd, ".claude", "cco", "metrics"));
-  ensureDir(path.join(cwd, ".claude", "cco", "state"));
-  ensureDir(path.join(cwd, ".claude", "cco", "security"));
-  ensureDir(path.join(cwd, ".claude", "cco", "events"));
-  ensureDir(path.join(cwd, ".claude", "cco", "memory"));
-  ensureDir(path.join(cwd, ".claude", "cco", "orchestration"));
-  ensureDir(path.join(cwd, ".claude", "cco", "orchestration", "runs"));
-  ensureDir(path.join(cwd, ".claude", "cco", "orchestration", "handoffs"));
-  ensureDir(path.join(cwd, ".claude", "cco", "orchestration", "host-contracts"));
-}
-
-function safeWriteText(cwd, relPath, content) {
-  const abs = path.join(cwd, relPath);
-  ensureDir(path.dirname(abs));
-  fs.writeFileSync(abs, content, "utf8");
-}
-
-function safeWriteJson(cwd, relPath, obj) {
-  safeWriteText(cwd, relPath, JSON.stringify(obj, null, 2));
-}
-
-function safeReadJson(cwd, relPath, fallback = null) {
-  const abs = path.join(cwd, relPath);
-  try {
-    return JSON.parse(fs.readFileSync(abs, "utf8").replace(/^\uFEFF/, ""));
-  } catch {
-    return fallback;
-  }
-}
-
-function nowIso() {
-  return new Date().toISOString();
-}
-
-function latestArtifactMeta(cwd, dirRel, nameContains) {
-  const dir = path.join(cwd, dirRel);
-  try {
-    const files = fs
-      .readdirSync(dir)
-      .filter((f) => f.endsWith(".json") && (!nameContains || f.includes(nameContains)));
-    if (!files.length) return null;
-    const latest = files
-      .map((name) => ({ name, mtimeMs: fs.statSync(path.join(dir, name)).mtimeMs }))
-      .sort((a, b) => b.mtimeMs - a.mtimeMs)[0];
-    return {
-      relPath: path.posix.join(dirRel.replace(/\\/g, "/"), latest.name.replace(/\\/g, "/")),
-      mtimeMs: latest.mtimeMs,
-    };
-  } catch {
-    return null;
-  }
-}
-
-function latestSecurityScanMeta(cwd) {
-  return latestArtifactMeta(cwd, ".claude/cco/security", null);
-}
-
-function latestTrustAuditMeta(cwd) {
-  return latestArtifactMeta(cwd, ".claude/cco/security", "trust-audit-");
-}
-
-function latestMemoryProfileMeta(cwd) {
-  return latestArtifactMeta(cwd, ".claude/cco/memory", "profile");
-}
-
-function latestIntelSignalsMeta(cwd) {
-  return latestArtifactMeta(cwd, ".claude/cco/intel/signals", null);
-}
-
-function latestOutcomeEventsMeta(cwd) {
-  return latestArtifactMeta(cwd, ".claude/cco/events", "outcome-events");
-}
-
-module.exports = {
-  readStdinJson,
-  ensureCcoDirs,
-  safeWriteJson,
-  safeWriteText,
-  safeReadJson,
-  readProjectConfig,
-  ensureProjectConfig,
-  writeProjectConfig,
-  readTeamPolicy,
-  ensureTeamPolicy,
-  getEffectiveConfig,
-  nowIso,
-  latestSecurityScanMeta,
-  latestTrustAuditMeta,
-  latestMemoryProfileMeta,
-  latestIntelSignalsMeta,
-  latestOutcomeEventsMeta,
-};