clementine-agent 1.0.18 → 1.0.20

package/dist/cli/dashboard.js

@@ -2085,6 +2085,54 @@ export async function cmdDashboard(opts) {
             res.status(500).json({ error: String(err) });
         }
     });
+    /**
+     * Apply the cached diagnosis's autoApply operations to the right CRON.md.
+     * Strict safety: requires a fresh diagnosis, requires autoApply present,
+     * requires riskLevel == 'low'. Otherwise returns 409 with a reason.
+     */
+    app.post('/api/cron/broken-jobs/:jobName/apply-fix', async (req, res) => {
+        const jobName = req.params.jobName;
+        try {
+            const { getDiagnosisIfFresh, clearDiagnosis } = await import('../gateway/failure-diagnostics.js');
+            const { applyFix } = await import('../gateway/fix-applier.js');
+            const d = getDiagnosisIfFresh(jobName);
+            if (!d) {
+                res.status(404).json({ error: 'No fresh diagnosis for this job. Wait for the next sweep.' });
+                return;
+            }
+            if (!d.proposedFix.autoApply) {
+                res.status(409).json({ error: 'Diagnosis has no auto-applicable operations — review manually.' });
+                return;
+            }
+            if (d.riskLevel !== 'low') {
+                res.status(409).json({ error: `riskLevel is '${d.riskLevel}' — only 'low' is auto-apply-able.` });
+                return;
+            }
+            const dryRun = req.body?.dryRun === true;
+            const result = applyFix(jobName, d.proposedFix.autoApply, { dryRun });
+            if (result.ok && !dryRun) {
+                // Clear the cached diagnosis so the next sweep re-evaluates with the
+                // new config. The existing CRON.md watcher will reload cron jobs
+                // within a couple of seconds.
+                clearDiagnosis(jobName);
+            }
+            res.status(result.ok ? 200 : 400).json(result);
+        }
+        catch (err) {
+            res.status(500).json({ error: String(err) });
+        }
+    });
+    /** Dismiss a diagnosis without applying — clears the cached result. */
+    app.post('/api/cron/broken-jobs/:jobName/dismiss-diagnosis', async (req, res) => {
+        try {
+            const { clearDiagnosis } = await import('../gateway/failure-diagnostics.js');
+            clearDiagnosis(req.params.jobName);
+            res.json({ ok: true });
+        }
+        catch (err) {
+            res.status(500).json({ error: String(err) });
+        }
+    });
     // ── Cron trace viewer ──────────────────────────────────────────
     app.get('/api/cron/traces/:job', (req, res) => {
         try {
@@ -16162,6 +16210,49 @@ async function expandSkill(name) {
   } catch(e) { toast('Failed to load skill', 'error'); }
 }
 
+async function applyBrokenJobFix(jobName) {
+  try {
+    // First: dry-run to get the actual diff to show in the confirm dialog
+    var dryRes = await apiJson('POST', '/api/cron/broken-jobs/' + encodeURIComponent(jobName) + '/apply-fix', { dryRun: true });
+    if (!dryRes || !dryRes.ok) {
+      toast('Cannot apply: ' + ((dryRes && (dryRes.message || dryRes.error)) || 'unknown error'), 'error');
+      return;
+    }
+    var diffPreview = (dryRes.diff || '(no diff)').slice(0, 1200);
+    var msg = 'Apply this fix to ' + jobName + '?\n\n'
+      + 'File: ' + (dryRes.file || 'unknown') + '\n'
+      + 'Operations: ' + (dryRes.appliedOps || []).length + '\n\n'
+      + diffPreview
+      + '\n\nA .bak will be written. The daemon auto-reloads; the next run will be fix-verified.';
+    if (!confirm(msg)) return;
+
+    var res = await apiJson('POST', '/api/cron/broken-jobs/' + encodeURIComponent(jobName) + '/apply-fix', {});
+    if (res && res.ok) {
+      toast('Applied ' + (res.appliedOps || []).length + ' op(s) to ' + jobName, 'success');
+      refreshBrokenJobs();
+    } else {
+      toast('Apply failed: ' + ((res && (res.message || res.error)) || 'unknown'), 'error');
+    }
+  } catch (e) {
+    toast('Apply failed: ' + String(e), 'error');
+  }
+}
+
+async function dismissBrokenJobDiagnosis(jobName) {
+  if (!confirm('Clear the cached diagnosis for ' + jobName + '? It will be re-diagnosed on the next sweep if still failing.')) return;
+  try {
+    var res = await apiJson('POST', '/api/cron/broken-jobs/' + encodeURIComponent(jobName) + '/dismiss-diagnosis', {});
+    if (res && res.ok) {
+      toast('Diagnosis dismissed', 'info');
+      refreshBrokenJobs();
+    } else {
+      toast('Failed to dismiss: ' + ((res && res.error) || 'unknown'), 'error');
+    }
+  } catch (e) {
+    toast('Failed to dismiss: ' + String(e), 'error');
+  }
+}
+
 async function refreshBrokenJobs() {
   try {
     var r = await apiFetch('/api/cron/broken-jobs');
@@ -16202,7 +16293,8 @@ async function refreshBrokenJobs() {
         ? '<span class="badge badge-blue" style="font-size:10px">' + esc(j.agentSlug) + '</span>'
         : '';
 
-      // Diagnosis block — root cause + proposed fix + diff preview.
+      // Diagnosis block — root cause + proposed fix + diff preview +
+      // Apply/Dismiss buttons when autoApply is present and risk is low.
       var diagnosisHtml = '';
       if (j.diagnosis) {
         var riskColor = j.diagnosis.riskLevel === 'high' ? '#ef4444'
@@ -16215,6 +16307,27 @@ async function refreshBrokenJobs() {
           diffHtml = '<pre style="font-size:11px;background:#0f172a;color:#e2e8f0;padding:8px;border-radius:4px;margin:6px 0 0;white-space:pre-wrap;word-break:break-word;max-height:200px;overflow-y:auto">'
             + esc(j.diagnosis.proposedFix.diff) + '</pre>';
         }
+
+        var canAutoApply = !!j.diagnosis.proposedFix.autoApply
+          && j.diagnosis.riskLevel === 'low';
+        var actionsHtml = '';
+        if (canAutoApply) {
+          var opCount = (j.diagnosis.proposedFix.autoApply.operations || []).length;
+          actionsHtml = '<div style="margin-top:10px;display:flex;gap:8px;align-items:center">'
+            + '<button onclick="applyBrokenJobFix(\\x27' + esc(j.jobName) + '\\x27)" '
+            + 'style="background:var(--accent);border:1px solid var(--accent);color:white;padding:4px 12px;border-radius:4px;font-size:11px;cursor:pointer">'
+            + 'Apply fix (' + opCount + ' op' + (opCount === 1 ? '' : 's') + ')</button>'
+            + '<button onclick="dismissBrokenJobDiagnosis(\\x27' + esc(j.jobName) + '\\x27)" '
+            + 'style="background:none;border:1px solid var(--border);color:var(--text-secondary);padding:4px 12px;border-radius:4px;font-size:11px;cursor:pointer">'
+            + 'Dismiss</button>'
+            + '<span style="font-size:10px;color:var(--text-muted);margin-left:auto">auto-verified after next run</span>'
+            + '</div>';
+        } else if (j.diagnosis.proposedFix.autoApply && j.diagnosis.riskLevel !== 'low') {
+          actionsHtml = '<div style="margin-top:10px;font-size:11px;color:var(--text-muted);font-style:italic">'
+            + 'Not auto-applicable (risk: ' + esc(j.diagnosis.riskLevel) + ') — review manually'
+            + '</div>';
+        }
+
         diagnosisHtml = '<div style="margin-top:10px;padding:10px;border-left:3px solid ' + riskColor
           + ';background:var(--bg-tertiary);border-radius:4px">'
           + '<div style="font-size:12px;margin-bottom:4px"><strong>Root cause' + confLabel + ':</strong> '
@@ -16222,6 +16335,7 @@ async function refreshBrokenJobs() {
           + '<div style="font-size:12px"><strong>Proposed fix:</strong> '
           + esc(j.diagnosis.proposedFix.details) + '</div>'
           + diffHtml
+          + actionsHtml
           + '<div style="font-size:10px;color:var(--text-muted);margin-top:6px">'
           + esc(j.diagnosis.proposedFix.type) + ' \\u00b7 ' + esc(j.diagnosis.riskLevel) + ' risk \\u00b7 diagnosed ' + timeAgo(j.diagnosis.generatedAt)
           + '</div>'

package/dist/gateway/cron-scheduler.js

@@ -98,11 +98,18 @@ export function parseCronJobs() {
         const alwaysDeliver = job.always_deliver === true ? true : undefined;
         const context = job.context != null ? String(job.context) : undefined;
         const preCheck = job.pre_check != null ? String(job.pre_check) : undefined;
+        // Optional: scope a global job to a specific agent's profile (loads
+        // the agent's allowedTools whitelist, system prompt, etc.). Accept
+        // both camelCase and snake_case to be forgiving of user-written YAML.
+        const agentSlugRaw = job.agentSlug ?? job.agent_slug;
+        const agentSlug = typeof agentSlugRaw === 'string' && /^[a-z0-9-]+$/i.test(agentSlugRaw)
+            ? agentSlugRaw
+            : undefined;
         if (!name || !schedule || !prompt) {
             logger.warn({ job }, 'Skipping malformed cron job');
             continue;
         }
-        jobs.push({ name, schedule, prompt, enabled, tier, maxTurns, model, workDir, mode, maxHours, maxRetries, after, successCriteria, alwaysDeliver, context, preCheck });
+        jobs.push({ name, schedule, prompt, enabled, tier, maxTurns, model, workDir, mode, maxHours, maxRetries, after, successCriteria, alwaysDeliver, context, preCheck, agentSlug });
     }
     return jobs;
 }

package/dist/gateway/failure-diagnostics.d.ts

@@ -12,6 +12,21 @@
  */
 import type { Gateway } from './router.js';
 import type { BrokenJob } from './failure-monitor.js';
+/**
+ * Fields safe for one-click auto-apply. Limited to simple scalar YAML
+ * fields on cron jobs — nothing multi-line (prompt, pre_check, context,
+ * success_criteria), nothing structural (schedule edits would re-schedule
+ * a running job, handled manually).
+ */
+export declare const EDITABLE_FIELDS: Set<string>;
+export type FixOperation = {
+    op: 'set';
+    field: string;
+    value: string | number | boolean;
+} | {
+    op: 'remove';
+    field: string;
+};
 export interface Diagnosis {
     rootCause: string;
     confidence: 'high' | 'medium' | 'low';
@@ -19,6 +34,16 @@ export interface Diagnosis {
         type: 'config_change' | 'prompt_change' | 'agent_scope' | 'disable' | 'credential_refresh' | 'escalate_to_owner';
         details: string;
         diff?: string;
+        /**
+         * When present, the fix can be applied with one click via the
+         * /api/cron/broken-jobs/:jobName/apply-fix endpoint. Operations are
+         * silently filtered against EDITABLE_FIELDS — a proposal that mixes
+         * safe and unsafe edits gets the unsafe ones dropped.
+         */
+        autoApply?: {
+            agentSlug?: string;
+            operations: FixOperation[];
+        };
     };
     riskLevel: 'low' | 'medium' | 'high';
     generatedAt: string;

package/dist/gateway/failure-diagnostics.js

@@ -18,6 +18,26 @@ const logger = pino({ name: 'clementine.failure-diagnostics' });
 const CACHE_FILE = path.join(BASE_DIR, 'cron', 'failure-diagnostics.json');
 const CACHE_TTL_MS = 24 * 60 * 60 * 1000;
 const RUNS_DIR = path.join(BASE_DIR, 'cron', 'runs');
+/**
+ * Fields safe for one-click auto-apply. Limited to simple scalar YAML
+ * fields on cron jobs — nothing multi-line (prompt, pre_check, context,
+ * success_criteria), nothing structural (schedule edits would re-schedule
+ * a running job, handled manually).
+ */
+export const EDITABLE_FIELDS = new Set([
+    'tier',
+    'mode',
+    'max_hours',
+    'max_turns',
+    'max_retries',
+    'enabled',
+    'agentSlug',
+    'work_dir',
+    'model',
+    'always_deliver',
+    'after',
+    'timeout_ms',
+]);
 function loadCache() {
     try {
         if (!existsSync(CACHE_FILE))
@@ -149,6 +169,21 @@ function buildPrompt(broken, jobDef, agentProfile, recentRuns) {
         '- **Output preview contains BLOCKED / "no local bash" / "permission denied"** → agent picked the wrong tool. Propose either scoping the job to an agent whose allowedTools excludes the bad MCP, or adding explicit tool-choice guidance in the prompt.',
         '- **No clear pattern** → escalate_to_owner with what you would need to know.',
         '',
+        '## Auto-apply contract',
+        '',
+        'When (and ONLY when) the fix is a simple edit to one of these scalar fields — tier, mode, max_hours, max_turns, max_retries, enabled, agentSlug, work_dir, model, always_deliver, after, timeout_ms — also populate `proposedFix.autoApply`. The owner can one-click approve it from the dashboard.',
+        '',
+        'For multi-line fields (prompt, pre_check, context, success_criteria), or for credential refreshes, or any change you are not very confident about: OMIT autoApply entirely. The owner will handle those manually.',
+        '',
+        `If the job is agent-scoped (job name includes ":"), set autoApply.agentSlug to the part BEFORE the colon. Otherwise omit it (global CRON.md).`,
+        '',
+        'Operations use the shape { "op": "set", "field": "<name>", "value": <scalar> } or { "op": "remove", "field": "<name>" }. Values are strings, numbers, or booleans.',
+        '',
+        'Examples:',
+        '- Remove unleashed mode + its companion: operations: [{"op":"remove","field":"mode"}, {"op":"remove","field":"max_hours"}, {"op":"set","field":"max_turns","value":25}]',
+        '- Scope a broken global job to Ross\'s profile: operations: [{"op":"set","field":"agentSlug","value":"ross-the-sdr"}]',
+        '- Bump maxTurns on an under-resourced job: operations: [{"op":"set","field":"max_turns","value":10}]',
+        '',
         '## Output schema (JSON only, no markdown fences):',
         '{',
         '  "rootCause": "1-2 sentences explaining WHY the job is failing, referencing specific fields or error patterns from the CURRENT config",',
@@ -156,7 +191,8 @@ function buildPrompt(broken, jobDef, agentProfile, recentRuns) {
         '  "proposedFix": {',
         '    "type": "config_change|prompt_change|agent_scope|disable|credential_refresh|escalate_to_owner",',
         '    "details": "prose description of the fix, citing the exact field(s) to change",',
-        '    "diff": "optional: exact before/after diff if it is a small config edit"',
+        '    "diff": "optional: exact before/after diff",',
+        '    "autoApply": "optional: { agentSlug?, operations: [...] } — ONLY for simple scalar-field edits on the allowlist"',
         '  },',
         '  "riskLevel": "low|medium|high"',
         '}',
@@ -172,6 +208,7 @@ function parseResponse(raw) {
         const parsed = JSON.parse(match[0]);
         if (!parsed.rootCause || !parsed.proposedFix)
             return null;
+        const autoApply = sanitizeAutoApply(parsed.proposedFix.autoApply);
         return {
             rootCause: String(parsed.rootCause).slice(0, 500),
             confidence: (parsed.confidence ?? 'medium'),
@@ -179,6 +216,7 @@ function parseResponse(raw) {
                 type: (parsed.proposedFix.type ?? 'escalate_to_owner'),
                 details: String(parsed.proposedFix.details ?? '').slice(0, 800),
                 diff: parsed.proposedFix.diff ? String(parsed.proposedFix.diff).slice(0, 1000) : undefined,
+                ...(autoApply ? { autoApply } : {}),
             },
             riskLevel: (parsed.riskLevel ?? 'medium'),
             generatedAt: new Date().toISOString(),
@@ -189,6 +227,43 @@ function parseResponse(raw) {
         return null;
     }
 }
+/**
+ * Strictly validate and filter autoApply. Drops ops on non-allowlisted fields
+ * silently (rather than rejecting the whole diagnosis). Returns null if
+ * nothing valid remains.
+ */
+function sanitizeAutoApply(raw) {
+    if (!raw || typeof raw !== 'object')
+        return null;
+    const obj = raw;
+    if (!Array.isArray(obj.operations))
+        return null;
+    const operations = [];
+    for (const op of obj.operations) {
+        if (!op || typeof op !== 'object')
+            continue;
+        const raw = op;
+        if (typeof raw.field !== 'string')
+            continue;
+        if (!EDITABLE_FIELDS.has(raw.field))
+            continue;
+        if (raw.op === 'remove') {
+            operations.push({ op: 'remove', field: raw.field });
+        }
+        else if (raw.op === 'set') {
+            const v = raw.value;
+            if (typeof v === 'string' || typeof v === 'number' || typeof v === 'boolean') {
+                operations.push({ op: 'set', field: raw.field, value: v });
+            }
+        }
+    }
+    if (operations.length === 0)
+        return null;
+    const agentSlug = typeof obj.agentSlug === 'string' && /^[a-z0-9-]+$/i.test(obj.agentSlug)
+        ? obj.agentSlug
+        : undefined;
+    return agentSlug ? { agentSlug, operations } : { operations };
+}
 /**
  * Diagnose one broken job. Returns a cached diagnosis if one exists and is
  * fresher than 24h; otherwise invokes the LLM. Always best-effort — returns

package/dist/gateway/failure-monitor.d.ts

@@ -32,6 +32,17 @@ export interface BrokenJob {
             type: string;
             details: string;
             diff?: string;
+            autoApply?: {
+                agentSlug?: string;
+                operations: Array<{
+                    op: 'set';
+                    field: string;
+                    value: string | number | boolean;
+                } | {
+                    op: 'remove';
+                    field: string;
+                }>;
+            };
         };
         riskLevel: 'low' | 'medium' | 'high';
         generatedAt: string;

package/dist/gateway/fix-applier.d.ts

@@ -0,0 +1,34 @@
+/**
+ * Clementine TypeScript — Deterministic cron job fix applier.
+ *
+ * Applies the `autoApply` operations from a Diagnosis to a CRON.md file
+ * (global or agent-scoped). Strictly scoped to:
+ *   - Allowlisted scalar fields only (enforced by the diagnostics module
+ *     before they arrive here, and re-checked here for safety).
+ *   - A single job's YAML block, identified by `- name: <jobName>`.
+ *   - Line-level edits — never touches multi-line fields like `prompt`.
+ *
+ * Every apply writes a .bak next to the CRON.md and appends to an audit
+ * log before touching the file.
+ */
+import { type FixOperation } from './failure-diagnostics.js';
+export interface ApplyResult {
+    ok: boolean;
+    message: string;
+    file?: string;
+    appliedOps?: FixOperation[];
+    skippedOps?: FixOperation[];
+    diff?: string;
+}
+/**
+ * Apply a proposed fix to the right CRON.md file. Idempotent with respect
+ * to already-applied ops (remove on a missing field is a no-op, set on a
+ * matching value is a no-op).
+ */
+export declare function applyFix(jobName: string, autoApply: {
+    agentSlug?: string;
+    operations: FixOperation[];
+}, opts?: {
+    dryRun?: boolean;
+}): ApplyResult;
+//# sourceMappingURL=fix-applier.d.ts.map

package/dist/gateway/fix-applier.js

@@ -0,0 +1,308 @@
+/**
+ * Clementine TypeScript — Deterministic cron job fix applier.
+ *
+ * Applies the `autoApply` operations from a Diagnosis to a CRON.md file
+ * (global or agent-scoped). Strictly scoped to:
+ *   - Allowlisted scalar fields only (enforced by the diagnostics module
+ *     before they arrive here, and re-checked here for safety).
+ *   - A single job's YAML block, identified by `- name: <jobName>`.
+ *   - Line-level edits — never touches multi-line fields like `prompt`.
+ *
+ * Every apply writes a .bak next to the CRON.md and appends to an audit
+ * log before touching the file.
+ */
+import { appendFileSync, copyFileSync, existsSync, mkdirSync, readFileSync, writeFileSync, } from 'node:fs';
+import path from 'node:path';
+import pino from 'pino';
+import { AGENTS_DIR, BASE_DIR, CRON_FILE } from '../config.js';
+import { EDITABLE_FIELDS } from './failure-diagnostics.js';
+const logger = pino({ name: 'clementine.fix-applier' });
+const AUDIT_FILE = path.join(BASE_DIR, 'cron', 'fix-applier.log');
+/**
+ * Resolve which CRON.md to edit for this job. Agent-scoped jobs live in
+ * vault/00-System/agents/<slug>/CRON.md; everything else is the global
+ * vault/00-System/CRON.md. If autoApply.agentSlug is provided, trust it;
+ * otherwise infer from the job name.
+ */
+function resolveCronFile(jobName, autoApply) {
+    if (autoApply.agentSlug) {
+        const f = path.join(AGENTS_DIR, autoApply.agentSlug, 'CRON.md');
+        if (existsSync(f))
+            return f;
+        logger.warn({ agentSlug: autoApply.agentSlug, expected: f }, 'agent-scoped CRON.md not found');
+        return null;
+    }
+    // Infer from jobName prefix (e.g., "ross-the-sdr:reply-detection")
+    if (jobName.includes(':')) {
+        const slug = jobName.split(':')[0];
+        const f = path.join(AGENTS_DIR, slug, 'CRON.md');
+        if (existsSync(f))
+            return f;
+    }
+    return existsSync(CRON_FILE) ? CRON_FILE : null;
+}
+/**
+ * The bare job name without the agent prefix. Agent-scoped cron jobs are
+ * written in their own file without the prefix — it's added programmatically
+ * when the scheduler merges them into the global job list.
+ */
+function bareJobName(jobName) {
+    const idx = jobName.indexOf(':');
+    return idx === -1 ? jobName : jobName.slice(idx + 1);
+}
+/**
+ * Find the line-range of a job's YAML block in a CRON.md file.
+ * Blocks start with `  - name: <bareName>` and run until the next `  - name:`
+ * at the same indent, or end of the jobs array.
+ */
+function findJobBlock(lines, bareName) {
+    // Match: two-space indent, hyphen, space, "name:", name (allow trailing spaces)
+    const nameEsc = bareName.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+    const startRe = new RegExp(`^  - name:\\s+${nameEsc}\\s*$`);
+    const anyStartRe = /^  - name:\s+/;
+    let start = -1;
+    for (let i = 0; i < lines.length; i++) {
+        if (startRe.test(lines[i])) {
+            start = i;
+            break;
+        }
+    }
+    if (start === -1)
+        return null;
+    let end = lines.length;
+    for (let i = start + 1; i < lines.length; i++) {
+        if (anyStartRe.test(lines[i])) {
+            end = i;
+            break;
+        }
+    }
+    return { start, end };
+}
+/**
+ * Search a job block for a top-level scalar field (4-space indent, single
+ * line `key: value`). Returns the line index, or -1 if not present.
+ * Skips lines inside multi-line blocks (|>|, >) by tracking when we enter
+ * and exit them.
+ */
+function findFieldLine(lines, blockStart, blockEnd, field) {
+    const fieldEsc = field.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
+    const fieldRe = new RegExp(`^    ${fieldEsc}:\\s*(.*)$`);
+    // Multi-line marker pattern: `    key: |` or `    key: >-` or `    key: >`
+    const multiLineStartRe = /^    \w[\w-]*:\s*[|>][-+]?\s*$/;
+    let inMultiLine = false;
+    for (let i = blockStart + 1; i < blockEnd; i++) {
+        const line = lines[i];
+        if (inMultiLine) {
+            // Multi-line content is indented MORE than 4 spaces. When we hit a line
+            // indented exactly 4 (another field) or less, we've exited.
+            if (/^    \S/.test(line) && !/^     /.test(line)) {
+                inMultiLine = false;
+                // Fall through to check this line
+            }
+            else {
+                continue;
+            }
+        }
+        if (multiLineStartRe.test(line)) {
+            inMultiLine = true;
+            continue;
+        }
+        if (fieldRe.test(line))
+            return i;
+    }
+    return -1;
+}
+/**
+ * Serialize a scalar value to YAML. Strings with colons, leading dashes, or
+ * YAML-sensitive characters get quoted. Everything else emits bare.
+ */
+function yamlScalar(value) {
+    if (typeof value === 'boolean')
+        return value ? 'true' : 'false';
+    if (typeof value === 'number')
+        return String(value);
+    const s = String(value);
+    if (/^[\w\-./]+$/.test(s) && !/^(true|false|yes|no|null|~|\d)/i.test(s)) {
+        return s;
+    }
+    // Quote with double quotes, escape any embedded "
+    return `"${s.replace(/\\/g, '\\\\').replace(/"/g, '\\"')}"`;
+}
+/**
+ * Apply operations to a single job block in-place (returns a new array of
+ * lines). Silently drops operations targeting fields not in EDITABLE_FIELDS
+ * (defense in depth — the diagnostics parser filters these too).
+ */
+function applyOperations(lines, block, operations) {
+    // Work on a mutable copy. We track the evolving block.end as we insert/delete.
+    let working = lines.slice();
+    let blockEnd = block.end;
+    const applied = [];
+    const skipped = [];
+    for (const op of operations) {
+        if (!EDITABLE_FIELDS.has(op.field)) {
+            skipped.push(op);
+            continue;
+        }
+        const existing = findFieldLine(working, block.start, blockEnd, op.field);
+        if (op.op === 'remove') {
+            if (existing === -1) {
+                skipped.push(op); // nothing to remove
+                continue;
+            }
+            working.splice(existing, 1);
+            blockEnd -= 1;
+            applied.push(op);
+        }
+        else if (op.op === 'set') {
+            const newLine = `    ${op.field}: ${yamlScalar(op.value)}`;
+            if (existing !== -1) {
+                working[existing] = newLine;
+            }
+            else {
+                // Insert right after the name line so field order stays predictable.
+                working.splice(block.start + 1, 0, newLine);
+                blockEnd += 1;
+            }
+            applied.push(op);
+        }
+    }
+    return { newLines: working, applied, skipped };
+}
+/**
+ * Build a compact diff of only the scalar-field lines that changed.
+ * Ignores multi-line content like embedded prompts — walks each block,
+ * extracts single-line `    key: value` fields, and compares those.
+ * Keeps output readable for confirm dialogs and audit logs.
+ */
+function makeDiff(before, after, blockStart, newBlockEnd) {
+    const beforeEnd = findBlockEnd(before, blockStart);
+    const beforeFields = extractScalarFields(before.slice(blockStart, beforeEnd));
+    const afterFields = extractScalarFields(after.slice(blockStart, newBlockEnd));
+    const allKeys = new Set([...beforeFields.keys(), ...afterFields.keys()]);
+    const lines = [];
+    lines.push(`@@ ${after[blockStart].trim()} @@`);
+    for (const key of allKeys) {
+        const b = beforeFields.get(key);
+        const a = afterFields.get(key);
+        if (b === a)
+            continue;
+        if (b !== undefined)
+            lines.push(`- ${b}`);
+        if (a !== undefined)
+            lines.push(`+ ${a}`);
+    }
+    return lines.join('\n');
+}
+/**
+ * Extract single-line scalar `    key: value` fields from a job block.
+ * Skips the `- name:` line and multi-line `key: |` / `key: >` content.
+ */
+function extractScalarFields(blockLines) {
+    const out = new Map();
+    const scalarRe = /^    ([\w-]+):\s*(.*)$/;
+    const multiStartRe = /^    [\w-]+:\s*[|>][-+]?\s*$/;
+    let inMulti = false;
+    for (const line of blockLines) {
+        if (inMulti) {
+            // Exit when we hit another 4-space field
+            if (/^    \S/.test(line) && !/^     /.test(line)) {
+                inMulti = false;
+            }
+            else {
+                continue;
+            }
+        }
+        if (multiStartRe.test(line)) {
+            inMulti = true;
+            continue;
+        }
+        const m = line.match(scalarRe);
+        if (m)
+            out.set(m[1], line);
+    }
+    return out;
+}
+function findBlockEnd(lines, start) {
+    const anyStartRe = /^  - name:\s+/;
+    for (let i = start + 1; i < lines.length; i++) {
+        if (anyStartRe.test(lines[i]))
+            return i;
+    }
+    return lines.length;
+}
+/**
+ * Apply a proposed fix to the right CRON.md file. Idempotent with respect
+ * to already-applied ops (remove on a missing field is a no-op, set on a
+ * matching value is a no-op).
+ */
+export function applyFix(jobName, autoApply, opts = {}) {
+    const cronFile = resolveCronFile(jobName, autoApply);
+    if (!cronFile) {
+        return { ok: false, message: `No CRON.md found for ${jobName}` };
+    }
+    const bare = bareJobName(jobName);
+    const original = readFileSync(cronFile, 'utf-8');
+    const lines = original.split('\n');
+    const block = findJobBlock(lines, bare);
+    if (!block) {
+        return { ok: false, message: `Job '${bare}' not found in ${cronFile}`, file: cronFile };
+    }
+    const { newLines, applied, skipped } = applyOperations(lines, block, autoApply.operations);
+    if (applied.length === 0) {
+        return {
+            ok: false,
+            message: 'Nothing to apply (all ops were no-ops or on disallowed fields)',
+            file: cronFile,
+            appliedOps: applied,
+            skippedOps: skipped,
+        };
+    }
+    const newBlockEnd = findBlockEnd(newLines, block.start);
+    const diff = makeDiff(lines, newLines, block.start, newBlockEnd);
+    if (opts.dryRun) {
+        return {
+            ok: true,
+            message: `Dry run: ${applied.length} op(s) would apply`,
+            file: cronFile,
+            appliedOps: applied,
+            skippedOps: skipped,
+            diff,
+        };
+    }
+    // Backup before write
+    try {
+        copyFileSync(cronFile, cronFile + '.bak');
+    }
+    catch (err) {
+        logger.warn({ err, file: cronFile }, 'Failed to write .bak before applying fix');
+    }
+    const newContent = newLines.join('\n');
+    writeFileSync(cronFile, newContent);
+    appendAudit({
+        jobName,
+        file: cronFile,
+        applied,
+        skipped,
+        diff,
+    });
+    logger.info({ jobName, file: cronFile, applied: applied.length }, 'Applied cron job fix');
+    return {
+        ok: true,
+        message: `Applied ${applied.length} op(s) to ${path.basename(cronFile)}`,
+        file: cronFile,
+        appliedOps: applied,
+        skippedOps: skipped,
+        diff,
+    };
+}
+function appendAudit(entry) {
+    try {
+        mkdirSync(path.dirname(AUDIT_FILE), { recursive: true });
+        appendFileSync(AUDIT_FILE, JSON.stringify({ ...entry, timestamp: new Date().toISOString() }) + '\n');
+    }
+    catch (err) {
+        logger.warn({ err }, 'Failed to append fix-applier audit');
+    }
+}
+//# sourceMappingURL=fix-applier.js.map

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "clementine-agent",
-  "version": "1.0.18",
+  "version": "1.0.20",
   "description": "Clementine — Personal AI Assistant (TypeScript)",
   "type": "module",
   "main": "dist/index.js",