cool-workflow 0.1.79 → 0.1.81

package/dist/run-state-schema.js

@@ -58,6 +58,7 @@ exports.OPTIONAL_TOP_LEVEL_KEYS = [
     "audit",
     "workers",
     "sandboxProfiles",
+    "customSandboxProfiles",
     "candidates",
     "candidateSelections",
     "multiAgent",

package/dist/sandbox-profile.js

@@ -124,7 +124,37 @@ function showBundledSandboxProfile(id, context = defaultSandboxContext()) {
     return resolveSandboxProfile(profile, context);
 }
 function resolveSandboxProfileById(id, context = defaultSandboxContext()) {
-    return showBundledSandboxProfile(id || exports.DEFAULT_SANDBOX_PROFILE_ID, context);
+    const requested = id || exports.DEFAULT_SANDBOX_PROFILE_ID;
+    if (isBundledSandboxProfileId(requested))
+        return showBundledSandboxProfile(requested, context);
+    // A non-bundled id that resolves to a readable profile FILE is a CUSTOM profile:
+    // validate and ENFORCE it (the resolved policy snapshots onto the worker scope).
+    // This closes the gap where `sandbox validate` accepted a custom profile that
+    // dispatch/worker-isolation then refused — validated but never enforceable.
+    // A non-bundled, non-file id still fails closed via showBundledSandboxProfile.
+    const absolute = node_path_1.default.resolve(requested);
+    if (node_fs_1.default.existsSync(absolute) && node_fs_1.default.statSync(absolute).isFile()) {
+        const result = validateSandboxProfileFile(requested, context);
+        if (!result.valid || !result.profile) {
+            throw new SandboxProfileError("sandbox-profile-invalid", `Custom sandbox profile is invalid: ${requested}`, {
+                details: { issues: result.issues }
+            });
+        }
+        return result.profile;
+    }
+    // H7: a custom profile loaded from a FILE at dispatch persists as a DEFINITION
+    // in run.customSandboxProfiles (threaded here as context.customProfiles). After a
+    // worker scope snapshot is lost, the boundary re-resolves by the profile's
+    // LOGICAL id (e.g. "my-custom"), and the dispatch-time file path is gone. Resolve
+    // the persisted definition against the CURRENT (worker) context so worker-specific
+    // path tokens ($workerDir etc.) bind to THIS worker — re-enforcing the same
+    // policy instead of throwing not-found. This runs only after the bundled +
+    // file-path branches, so a custom id never shadows a bundled or on-disk profile.
+    const customDefinition = context.customProfiles?.[requested];
+    if (customDefinition) {
+        return resolveSandboxProfile(customDefinition, context);
+    }
+    return showBundledSandboxProfile(requested, context);
 }
 function resolveSandboxProfile(profile, context = defaultSandboxContext()) {
     const issues = validateSandboxProfileDefinition(profile, context);
@@ -189,6 +219,14 @@ function validateSandboxProfileFile(profileFile, context = defaultSandboxContext
         issues.push(issue("sandbox-profile-invalid", `Profile file is not valid JSON: ${messageOf(error)}`, absolutePath));
         return { valid: false, profileFile: absolutePath, issues };
     }
+    // Fail closed if a CUSTOM file reuses a BUNDLED id (H7 hardening): resolution is
+    // bundled-first, so a custom "default"/"workspace-write"/... would be silently
+    // shadowed by the WIDER bundled policy on a snapshot-loss re-resolve — widening
+    // the sandbox with no error. Reserve the bundled names for bundled profiles.
+    if (profile && typeof profile.id === "string" && isBundledSandboxProfileId(profile.id)) {
+        issues.push(issue("sandbox-profile-invalid", `Custom sandbox profile id "${profile.id}" is reserved (collides with a bundled profile); choose a different id`, absolutePath));
+        return { valid: false, profileFile: absolutePath, issues };
+    }
     issues.push(...validateSandboxProfileDefinition(profile, context));
     if (issues.length)
         return { valid: false, profileFile: absolutePath, issues };
@@ -280,7 +318,10 @@ function upsertRunSandboxPolicy(run, policy) {
 function sandboxContextForRun(run) {
     return {
         cwd: run.cwd,
-        runDir: run.paths.runDir
+        runDir: run.paths.runDir,
+        // H7: thread persisted custom profile DEFINITIONS so a boundary re-resolve by
+        // logical id can find + re-resolve a custom profile after snapshot loss.
+        customProfiles: run.customSandboxProfiles
     };
 }
 function sandboxContextForValidation(cwd = process.cwd()) {

package/dist/state-explosion/format.js

@@ -0,0 +1,159 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.formatStateExplosionReport = formatStateExplosionReport;
+exports.formatCompactGraph = formatCompactGraph;
+exports.formatBlackboardDigest = formatBlackboardDigest;
+exports.stateExplosionReportLines = stateExplosionReportLines;
+function formatStateExplosionReport(report) {
+    const lines = [];
+    const size = report.stateSize;
+    lines.push(`State Explosion Report: ${report.runId}`);
+    lines.push(`Freshness: ${report.freshness.status}${report.freshness.staleScopes.length ? ` (stale: ${report.freshness.staleScopes.join(", ")})` : ""}`);
+    lines.push("");
+    lines.push("State Size");
+    lines.push(`  records=${size.total}; graph nodes=${size.graphNodes}; graph edges=${size.graphEdges}; messages=${size.messages}; compaction=${size.compactionRecommended ? "recommended" : "not needed"}`);
+    for (const reason of size.reasons)
+        lines.push(`  - ${reason}`);
+    lines.push("");
+    lines.push("Compact Graph");
+    lines.push(`  full=${report.compactGraph.fullNodeCount} nodes/${report.compactGraph.fullEdgeCount} edges -> compact=${report.compactGraph.compactNodeCount} nodes/${report.compactGraph.compactEdgeCount} edges`);
+    if (report.compactGraph.collapsedNodeCount > 0) {
+        lines.push(`  Graph compacted: ${report.compactGraph.collapsedNodeCount} nodes collapsed into ${report.compactGraph.syntheticNodes.length} summary nodes`);
+    }
+    for (const syn of report.compactGraph.syntheticNodes) {
+        lines.push(`  [${syn.dominantStatus}] ${syn.id} collapses ${syn.collapsedNodeCount} nodes/${syn.collapsedEdgeCount} edges${syn.blockedReason ? ` blocked=${syn.blockedReason}` : ""}; expand: ${syn.expansionCommand}`);
+    }
+    lines.push("");
+    lines.push("Blackboard Digest");
+    lines.push(`  topics=${report.blackboardDigest.topicRollups.length}; threads=${report.blackboardDigest.threadSummaries.length}; unresolved=${report.blackboardDigest.unresolvedQuestions.length}; conflicts=${report.blackboardDigest.conflicts.length}; decisions=${report.blackboardDigest.decisions.length}; artifacts=${report.blackboardDigest.artifacts.length}`);
+    for (const topic of report.blackboardDigest.topicRollups.slice(0, 20))
+        lines.push(`  - ${topic.label}; expand: ${topic.expansionCommand}`);
+    lines.push("");
+    lines.push("Critical Path");
+    if (!report.criticalPathGraph.criticalPath.length)
+        lines.push("  none");
+    for (const id of report.criticalPathGraph.criticalPath.slice(0, 40))
+        lines.push(`  -> ${id}`);
+    lines.push("");
+    lines.push("Failures / Blockers");
+    if (!report.operatorDigest.failures.length)
+        lines.push("  none");
+    for (const failure of report.operatorDigest.failures.slice(0, 30))
+        lines.push(`  [${failure.status}] ${failure.kind} ${failure.id}: ${failure.reason}; next=${failure.nextCommand}`);
+    lines.push("");
+    lines.push("Evidence Digest");
+    lines.push(`  adopted=${report.operatorDigest.evidenceDigest.adopted}; missing=${report.operatorDigest.evidenceDigest.missing}; rejected=${report.operatorDigest.evidenceDigest.rejected}`);
+    lines.push("");
+    lines.push("Trust / Policy Digest");
+    lines.push(`  events=${report.operatorDigest.trustDigest.events}; policyViolations=${report.operatorDigest.trustDigest.policyViolations}; judgeRationales=${report.operatorDigest.trustDigest.judgeRationales}`);
+    for (const violation of report.blackboardDigest.policyViolations.slice(0, 20))
+        lines.push(`  [policy] ${violation.label}; expand: ${violation.expansionCommand}`);
+    lines.push("");
+    lines.push("Hidden Source Records");
+    if (!report.hiddenSourceRecords.length)
+        lines.push("  none (all records shown)");
+    for (const hidden of report.hiddenSourceRecords)
+        lines.push(`  ${hidden.kind}: ${hidden.count} records hidden; expand: ${hidden.expansionCommand}`);
+    lines.push("");
+    lines.push("Expansion Commands");
+    for (const command of report.expansionCommands)
+        lines.push(`  ${command}`);
+    lines.push("");
+    lines.push("Next Action");
+    lines.push(`  ${report.nextAction}`);
+    return lines.join("\n");
+}
+function formatCompactGraph(graph) {
+    const lines = [];
+    lines.push(`Compact Graph (${graph.view}): ${graph.runId}`);
+    lines.push(`  full=${graph.fullNodeCount} nodes/${graph.fullEdgeCount} edges -> view=${graph.compactNodeCount} nodes/${graph.compactEdgeCount} edges`);
+    if (graph.collapsedNodeCount > 0) {
+        lines.push(`  Graph compacted: ${graph.collapsedNodeCount} nodes collapsed into ${graph.syntheticNodes.length} summary nodes`);
+    }
+    lines.push("");
+    lines.push("Critical Path");
+    if (!graph.criticalPath.length)
+        lines.push("  none");
+    for (const id of graph.criticalPath.slice(0, 40))
+        lines.push(`  -> ${id}`);
+    lines.push("");
+    lines.push("Summary Nodes");
+    if (!graph.syntheticNodes.length)
+        lines.push("  none");
+    for (const syn of graph.syntheticNodes) {
+        lines.push(`  [${syn.dominantStatus}] ${syn.id}: ${syn.collapsedNodeCount} nodes / ${syn.collapsedEdgeCount} edges${syn.blockedReason ? ` blocked=${syn.blockedReason}` : ""}`);
+        lines.push(`    expand: ${syn.expansionCommand}`);
+    }
+    lines.push("");
+    lines.push("Blockers");
+    if (!graph.blockedReasons.length)
+        lines.push("  none");
+    for (const reason of graph.blockedReasons.slice(0, 20))
+        lines.push(`  ${reason}`);
+    lines.push("");
+    lines.push("Nodes");
+    for (const node of graph.nodes.slice(0, 80)) {
+        lines.push(`  [${node.status}] ${node.kind} ${node.id}${node.synthetic ? ` (summary of ${node.synthetic.collapsedNodeCount})` : ""}`);
+    }
+    if (graph.nodes.length > 80)
+        lines.push(`  ... ${graph.nodes.length - 80} more`);
+    lines.push("");
+    lines.push("Next Action");
+    lines.push(`  ${graph.nextAction}`);
+    return lines.join("\n");
+}
+function formatBlackboardDigest(record) {
+    const lines = [];
+    lines.push(`Blackboard Digest: ${record.runId}${record.blackboardId ? ` (${record.blackboardId})` : ""}`);
+    lines.push(`  freshness=${record.status}; included=${record.includedCount}; omitted=${record.omittedCount}`);
+    const section = (title, entries) => {
+        lines.push("");
+        lines.push(title);
+        if (!entries.length) {
+            lines.push("  none");
+            return;
+        }
+        for (const entry of entries.slice(0, 25))
+            lines.push(`  [${entry.status}] ${entry.label}; expand: ${entry.expansionCommand}`);
+        if (entries.length > 25)
+            lines.push(`  ... ${entries.length - 25} more`);
+    };
+    section("Topic Rollups", record.topicRollups);
+    section("Thread Summaries", record.threadSummaries);
+    section("Unresolved Questions", record.unresolvedQuestions);
+    section("Conflicts", record.conflicts);
+    section("Decisions", record.decisions);
+    section("Artifacts", record.artifacts);
+    section("Adopted Evidence", record.adoptedEvidence);
+    section("Missing Evidence", record.missingEvidence);
+    section("Policy Violations", record.policyViolations);
+    section("Judge Rationale", record.judgeRationale);
+    section("Recent Changes", record.recentChanges);
+    section("High-Signal Records", record.highSignal);
+    lines.push("");
+    lines.push("Next Action");
+    lines.push(`  ${record.nextAction}`);
+    return lines.join("\n");
+}
+function stateExplosionReportLines(report) {
+    // Markdown lines for inclusion in the run report.md State Size section.
+    const size = report.stateSize;
+    const lines = [
+        `- Records: ${size.total}; graph nodes: ${size.graphNodes}; graph edges: ${size.graphEdges}; messages: ${size.messages}`,
+        `- Compaction: ${size.compactionRecommended ? "recommended" : "not needed"}`,
+        `- Summary freshness: ${report.freshness.status}`
+    ];
+    for (const reason of size.reasons)
+        lines.push(`  - ${reason}`);
+    if (report.compactGraph.collapsedNodeCount > 0) {
+        lines.push(`- Graph compacted: ${report.compactGraph.collapsedNodeCount} nodes collapsed into ${report.compactGraph.syntheticNodes.length} summary nodes`);
+        lines.push(`  - Use: \`node scripts/cw.js multi-agent graph ${report.runId} --view full --json\``);
+    }
+    if (report.hiddenSourceRecords.length) {
+        for (const hidden of report.hiddenSourceRecords) {
+            lines.push(`- Hidden ${hidden.kind}: ${hidden.count} records; expand: \`${hidden.expansionCommand}\``);
+        }
+    }
+    lines.push(`- Next: \`${report.nextAction}\``);
+    return lines;
+}

package/dist/state-explosion/helpers.js

@@ -0,0 +1,82 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isProtectedStatus = isProtectedStatus;
+exports.dominantStatus = dominantStatus;
+exports.parentMap = parentMap;
+exports.fingerprintRecords = fingerprintRecords;
+exports.fingerprintStrings = fingerprintStrings;
+exports.stableLine = stableLine;
+exports.sortKeys = sortKeys;
+exports.stripRunId = stripRunId;
+exports.unique = unique;
+exports.byId = byId;
+exports.truncate = truncate;
+exports.slug = slug;
+// Pure, stateless helpers for the state-explosion derived-index layer —
+// status priority, fingerprinting, deterministic key-sorting, id/string
+// utilities. Carved out of state-explosion.ts (FreeBSD-audit god-module carve)
+// so the report/graph/digest builders no longer bundle the primitive helper
+// layer. Nothing here touches run state beyond its arguments; every function is
+// pure (`fingerprintStrings` is re-exported from state-explosion.ts to keep the
+// public surface byte-identical for importers).
+const node_crypto_1 = __importDefault(require("node:crypto"));
+function isProtectedStatus(status) {
+    return ["failed", "blocked", "rejected", "conflicting"].includes(status);
+}
+function dominantStatus(statuses) {
+    for (const priority of ["failed", "blocked", "rejected", "conflicting", "running", "pending"]) {
+        if (statuses.includes(priority))
+            return priority;
+    }
+    return statuses[0] || "completed";
+}
+function parentMap(edges) {
+    const parents = new Map();
+    for (const edge of edges) {
+        if (!parents.has(edge.to))
+            parents.set(edge.to, edge.from);
+    }
+    return parents;
+}
+function fingerprintRecords(records) {
+    return fingerprintStrings(records.map((r) => `${r.id}:${r.status || ""}`).sort());
+}
+function fingerprintStrings(values) {
+    const hash = node_crypto_1.default.createHash("sha256");
+    hash.update(JSON.stringify([...values].sort()));
+    return `sha256:${hash.digest("hex").slice(0, 32)}`;
+}
+function stableLine(value) {
+    return JSON.stringify(sortKeys(value));
+}
+function sortKeys(value) {
+    if (Array.isArray(value))
+        return value.map(sortKeys);
+    if (value && typeof value === "object") {
+        const record = value;
+        const result = {};
+        for (const key of Object.keys(record).sort())
+            result[key] = sortKeys(record[key]);
+        return result;
+    }
+    return value;
+}
+function stripRunId(run, id) {
+    return id.startsWith(`${run.id}:`) ? id.slice(run.id.length + 1) : id;
+}
+function unique(values) {
+    return Array.from(new Set(values.filter(Boolean))).sort();
+}
+function byId(a, b) {
+    return a.id.localeCompare(b.id);
+}
+function truncate(value) {
+    const single = value.replace(/\s+/g, " ").trim();
+    return single.length > 80 ? `${single.slice(0, 77)}...` : single;
+}
+function slug(value) {
+    return value.replace(/[^a-zA-Z0-9._:-]/g, "-");
+}