bootproof 0.3.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +840 -152
- package/dist/agent-plan.d.ts +44 -0
- package/dist/agent-plan.js +826 -0
- package/dist/agent-run.d.ts +117 -0
- package/dist/agent-run.js +459 -0
- package/dist/ai-repair.d.ts +58 -0
- package/dist/ai-repair.js +380 -0
- package/dist/cli.js +730 -46
- package/dist/diagnosis.js +101 -16
- package/dist/diff.d.ts +29 -0
- package/dist/diff.js +569 -0
- package/dist/exec.d.ts +30 -2
- package/dist/exec.js +329 -51
- package/dist/external-health.d.ts +16 -0
- package/dist/external-health.js +214 -0
- package/dist/infer.js +238 -39
- package/dist/plan.js +2 -0
- package/dist/proof.d.ts +78 -2
- package/dist/proof.js +265 -12
- package/dist/receipt.d.ts +52 -0
- package/dist/receipt.js +356 -0
- package/dist/redact.d.ts +4 -0
- package/dist/redact.js +86 -2
- package/dist/registry.d.ts +82 -30
- package/dist/registry.js +355 -53
- package/dist/remote.js +3 -3
- package/dist/repair-playbooks.d.ts +24 -0
- package/dist/repair-playbooks.js +593 -0
- package/dist/repair-safety.d.ts +130 -0
- package/dist/repair-safety.js +766 -0
- package/dist/repair.d.ts +43 -11
- package/dist/repair.js +716 -7
- package/dist/run.d.ts +3 -0
- package/dist/run.js +218 -41
- package/dist/sbom.d.ts +22 -0
- package/dist/sbom.js +99 -0
- package/dist/taxonomy.d.ts +8 -3
- package/dist/taxonomy.js +404 -8
- package/dist/types.d.ts +40 -1
- package/docs/AGENT_IN_THE_LOOP.md +171 -0
- package/docs/AGENT_RUN_RECEIPTS.md +38 -0
- package/docs/CI_ACTION.md +67 -2
- package/docs/DETERMINISTIC_REPAIR_SAFETY_MODEL.md +705 -0
- package/docs/FAILURE_TAXONOMY.md +28 -1
- package/docs/HONESTY_CONTRACT.md +34 -12
- package/docs/LAUNCH_PLAYBOOK.md +232 -0
- package/docs/REAL_WORLD_FIXTURES.md +105 -0
- package/docs/REGISTRY.md +48 -28
- package/docs/REPAIR_RECEIPT.md +54 -8
- package/docs/agent-loop-gap-analysis.md +188 -0
- package/docs/examples/registry-seeds/advertised-port-mismatch.json +28 -0
- package/docs/examples/registry-seeds/airbyte-abctl-external-orchestrator.json +36 -0
- package/docs/examples/registry-seeds/go-ollama-service.json +36 -0
- package/docs/examples/registry-seeds/laravel-vite-sqlite.json +36 -0
- package/docs/examples/registry-seeds/monorepo-ambiguous-health.json +29 -0
- package/docs/examples/registry-seeds/php-composer.json +33 -0
- package/docs/examples/registry-seeds/rails-bundler.json +32 -0
- package/docs/examples/registry-seeds/sentry-devenv-direnv.json +41 -0
- package/docs/schemas/action-verdict-v1.schema.json +64 -0
- package/docs/schemas/agent-plan-v1.schema.json +148 -0
- package/docs/schemas/agent-run-receipts-v1.schema.json +192 -0
- package/docs/schemas/ai-repair-suggestion-v1.schema.json +70 -0
- package/docs/schemas/ci-context-v1.schema.json +63 -0
- package/docs/schemas/diff-result-v1.schema.json +66 -0
- package/docs/schemas/federated-receipt-v1.schema.json +51 -0
- package/docs/schemas/registry-entry-v1.schema.json +95 -0
- package/docs/schemas/registry-seed-example-v1.schema.json +102 -0
- package/docs/schemas/repair-action-v1.schema.json +136 -0
- package/docs/schemas/repair-receipt-v1.schema.json +221 -0
- package/package.json +10 -6
package/dist/repair.d.ts
CHANGED
|
@@ -1,23 +1,28 @@
|
|
|
1
|
+
import { type SignatureTrustResult } from "./proof.js";
|
|
2
|
+
import { type RepairAction, type RepairReceiptBase } from "./repair-safety.js";
|
|
3
|
+
import { type DeterministicRepairCandidate } from "./repair-playbooks.js";
|
|
1
4
|
import type { Attestation, FailureClass, PackageManager } from "./types.js";
|
|
5
|
+
import type { RequestedAiRepair } from "./ai-repair.js";
|
|
6
|
+
export * from "./repair-safety.js";
|
|
7
|
+
export * from "./repair-playbooks.js";
|
|
2
8
|
export type RepairKind = "repo-diff" | "plan-step" | "environment";
|
|
3
|
-
export interface RepairReceipt {
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
repo: {
|
|
9
|
+
export interface RepairReceipt extends RepairReceiptBase {
|
|
10
|
+
tool?: string;
|
|
11
|
+
repo?: {
|
|
7
12
|
remote: string | null;
|
|
8
13
|
commit: string | null;
|
|
9
14
|
dirty: boolean | null;
|
|
10
15
|
};
|
|
11
|
-
environment
|
|
16
|
+
environment?: {
|
|
12
17
|
os: string;
|
|
13
18
|
arch: string;
|
|
14
19
|
node: string;
|
|
15
20
|
};
|
|
16
|
-
failure
|
|
21
|
+
failure?: {
|
|
17
22
|
class: FailureClass;
|
|
18
23
|
beforeAttestationSha256: string;
|
|
19
24
|
};
|
|
20
|
-
repair
|
|
25
|
+
repair?: {
|
|
21
26
|
id: string;
|
|
22
27
|
kind: RepairKind;
|
|
23
28
|
description: string;
|
|
@@ -28,25 +33,40 @@ export interface RepairReceipt {
|
|
|
28
33
|
planDelta: string | null;
|
|
29
34
|
envDelta: string | null;
|
|
30
35
|
};
|
|
31
|
-
verification
|
|
36
|
+
verification?: {
|
|
32
37
|
before: {
|
|
33
38
|
booted: false;
|
|
34
39
|
failureClass: FailureClass;
|
|
35
40
|
attestationSha256: string;
|
|
36
41
|
};
|
|
37
42
|
after: {
|
|
38
|
-
booted:
|
|
43
|
+
booted: boolean;
|
|
44
|
+
bootproofOrchestrated: boolean;
|
|
39
45
|
healthObservation: string;
|
|
40
46
|
attestationSha256: string;
|
|
41
47
|
};
|
|
42
48
|
};
|
|
43
|
-
startedAt
|
|
44
|
-
finishedAt
|
|
49
|
+
startedAt?: string;
|
|
50
|
+
finishedAt?: string;
|
|
45
51
|
signer: {
|
|
46
52
|
publicKey: string;
|
|
47
53
|
algorithm: "ed25519";
|
|
48
54
|
} | null;
|
|
49
55
|
signature: string | null;
|
|
56
|
+
/**
|
|
57
|
+
* AI evidence captured for auditability when source === "ai_suggested".
|
|
58
|
+
* Contains the redacted prompt context and the AI's structured suggestion.
|
|
59
|
+
* Required by the AGENTS.md constitution: an auditor must be able to
|
|
60
|
+
* reconstruct what the AI proposed without trusting the AI provider.
|
|
61
|
+
*/
|
|
62
|
+
aiEvidence?: {
|
|
63
|
+
provider: "openai" | "anthropic";
|
|
64
|
+
model: string;
|
|
65
|
+
/** The redacted bootproof/ai-repair-context/v1 object sent to the AI. */
|
|
66
|
+
context: Record<string, unknown>;
|
|
67
|
+
/** The validated bootproof/ai-repair-suggestion/v1 object the AI returned. */
|
|
68
|
+
suggestion: Record<string, unknown>;
|
|
69
|
+
};
|
|
50
70
|
}
|
|
51
71
|
export interface RepairResult {
|
|
52
72
|
schema: "bootproof/repair-result/v1";
|
|
@@ -71,6 +91,14 @@ export interface RepairOptions {
|
|
|
71
91
|
timeoutMs: number;
|
|
72
92
|
port?: number;
|
|
73
93
|
remoteSource?: string;
|
|
94
|
+
commandApproved?: boolean;
|
|
95
|
+
actionApproved?: boolean;
|
|
96
|
+
/** The full AI repair request (context + suggestion) to embed in the receipt for audit. */
|
|
97
|
+
aiRepair?: RequestedAiRepair | null;
|
|
98
|
+
}
|
|
99
|
+
export interface LatestRepairCandidate {
|
|
100
|
+
attestation: Attestation;
|
|
101
|
+
candidate: DeterministicRepairCandidate;
|
|
74
102
|
}
|
|
75
103
|
export interface RepairFileChange {
|
|
76
104
|
path: string;
|
|
@@ -91,6 +119,7 @@ export interface RepairReceiptPrecondition {
|
|
|
91
119
|
export declare function assertRepairTargetPath(repoPath: string, file: string): void;
|
|
92
120
|
export declare function assertRepairScope(changes: RepairFileChange[]): void;
|
|
93
121
|
export declare function verifyRepairReceipt(receipt: RepairReceipt): boolean;
|
|
122
|
+
export declare function evaluateRepairReceiptSignature(receipt: RepairReceipt): SignatureTrustResult;
|
|
94
123
|
export declare function sha256Attestation(attestation: Attestation): string;
|
|
95
124
|
export declare function composePortRepair(source: string, service: string, occupiedPort: number, replacementPort: number, containerPort: number): string;
|
|
96
125
|
export declare function packageManagerActivationCommand(packageManager: PackageManager, version: string | null): string | null;
|
|
@@ -106,5 +135,8 @@ export declare function registeredRemediationsFor(failureClass: FailureClass): {
|
|
|
106
135
|
id: string;
|
|
107
136
|
kind: RepairKind;
|
|
108
137
|
}[];
|
|
138
|
+
export declare function latestDeterministicRepairCandidate(repoPath: string, requestedProvider?: "docker" | "local"): LatestRepairCandidate | null;
|
|
139
|
+
export declare function latestFailedAttestation(repoPath: string, requestedProvider?: "docker" | "local"): Attestation | null;
|
|
140
|
+
export declare function executeAiSuggestedRepair(repoPath: string, before: Attestation, action: RepairAction, options: RepairOptions): Promise<RepairResult>;
|
|
109
141
|
export declare function applyVerifiedRepair(repoPath: string, receiptFile?: string): RepairApplyResult;
|
|
110
142
|
export declare function repairRepo(repoPath: string, options: RepairOptions): Promise<RepairResult>;
|