cool-workflow 0.1.80 → 0.1.81

package/dist/dispatch.js

@@ -32,6 +32,12 @@ function createDispatchManifest(run, limit, options = {}) {
     const requestedSandboxProfileId = options.sandboxProfileId || options.sandbox;
     const sandboxProfileId = String(requestedSandboxProfileId || sandbox_profile_1.DEFAULT_SANDBOX_PROFILE_ID);
     (0, sandbox_profile_1.resolveSandboxProfileById)(sandboxProfileId, (0, sandbox_profile_1.sandboxContextForValidation)(run.cwd));
+    // H7: if the requested profile is a CUSTOM profile loaded from a FILE (non-bundled,
+    // existing file), persist its DEFINITION on run.customSandboxProfiles keyed by the
+    // definition's logical id. This makes the custom profile durable with run state so a
+    // worker boundary can re-resolve it by logical id after a scope snapshot is lost
+    // (re-resolving against the worker context, not the dispatch-time file path).
+    persistCustomSandboxProfile(run, sandboxProfileId);
     // Resolve the execution backend once (mechanism vs policy): the kernel records
     // WHICH backend was selected; it never branches on which one. Defaults to node
     // (behavior-preserving) when no `--backend` flag / CW_BACKEND env is set.
@@ -199,3 +205,32 @@ function createDispatchId() {
     const stamp = new Date().toISOString().replace(/[-:]/g, "").replace(/\..+/, "Z");
     return `dispatch-${stamp}-${Math.random().toString(36).slice(2, 8)}`;
 }
+// H7: persist a CUSTOM sandbox profile DEFINITION (loaded from a FILE at dispatch)
+// onto run.customSandboxProfiles, keyed by the definition's logical id. Only fires
+// for a non-bundled id that resolves to a readable, valid profile file. The
+// resolveSandboxProfileById call above has already validated the file (it throws on
+// invalid), so this re-parses only to recover the raw DEFINITION — we store the
+// definition (not a resolved policy) so worker-specific path tokens re-bind to the
+// correct worker context on every later re-resolve. Bundled ids and unknown ids are
+// left untouched, so this never shadows a bundled profile or masks a fail-closed.
+function persistCustomSandboxProfile(run, requested) {
+    if (!requested || (0, sandbox_profile_1.isBundledSandboxProfileId)(requested))
+        return;
+    const absolute = node_path_1.default.resolve(requested);
+    if (!node_fs_1.default.existsSync(absolute) || !node_fs_1.default.statSync(absolute).isFile())
+        return;
+    const validation = (0, sandbox_profile_1.validateSandboxProfileFile)(requested, (0, sandbox_profile_1.sandboxContextForValidation)(run.cwd));
+    if (!validation.valid || !validation.profile)
+        return;
+    let definition;
+    try {
+        definition = JSON.parse(node_fs_1.default.readFileSync(absolute, "utf8"));
+    }
+    catch {
+        return;
+    }
+    if (!definition || typeof definition !== "object" || typeof definition.id !== "string" || !definition.id)
+        return;
+    run.customSandboxProfiles = run.customSandboxProfiles || {};
+    run.customSandboxProfiles[definition.id] = definition;
+}

package/dist/drive.js

@@ -39,6 +39,7 @@ const agent_config_1 = require("./agent-config");
 const scheduling_1 = require("./scheduling");
 const observability_1 = require("./observability");
 const state_1 = require("./state");
+const compare_1 = require("./compare");
 exports.DRIVE_SCHEMA_VERSION = 1;
 /** The task the next drive step would advance: a RUNNING (already-dispatched,
  *  awaiting fulfillment / retry) task first, else the next PENDING task in the
@@ -209,7 +210,7 @@ function processSelectedTask(ctx, selected, preparedOutcome) {
             runner.recordWorkerOutput(runId, workerId, manifest.resultPath, {});
         }
         catch (error) {
-            return handleHop(ctx, selected, workerId, `result cache rejected: ${error instanceof Error ? error.message : String(error)}`, dispatched);
+            return handleHop(ctx, selected, workerId, `result cache rejected: ${error instanceof Error ? error.message : String(error)}`);
         }
         return step("accept", "ok", {
             runId,
@@ -226,13 +227,13 @@ function processSelectedTask(ctx, selected, preparedOutcome) {
     const reportedUsage = handle?.metadata?.reportedUsage;
     const usageSignature = handle?.metadata?.usageSignature;
     if (envelope.status !== "completed") {
-        return handleHop(ctx, selected, workerId, `agent hop ${envelope.status}: ${envelope.result.summary}`, dispatched);
+        return handleHop(ctx, selected, workerId, `agent hop ${envelope.status}: ${envelope.result.summary}`);
     }
     // 3. ACCEPT — the SEPARATE recordWorkerOutput layer validates + records result.md.
     //    A missing result.md is a failed hop (pre-checked so no terminal side effect);
     //    an invalid result.md throws at validation BEFORE any state mutation.
     if (!manifest.resultPath || !node_fs_1.default.existsSync(manifest.resultPath)) {
-        return handleHop(ctx, selected, workerId, "agent produced no result.md", dispatched);
+        return handleHop(ctx, selected, workerId, "agent produced no result.md");
     }
     try {
         runner.recordWorkerOutput(runId, workerId, manifest.resultPath, {
@@ -254,7 +255,7 @@ function processSelectedTask(ctx, selected, preparedOutcome) {
         });
     }
     catch (error) {
-        return handleHop(ctx, selected, workerId, `result.md rejected: ${error instanceof Error ? error.message : String(error)}`, dispatched);
+        return handleHop(ctx, selected, workerId, `result.md rejected: ${error instanceof Error ? error.message : String(error)}`);
     }
     if (cachePath && manifest.resultPath && node_fs_1.default.existsSync(manifest.resultPath)) {
         writeResultCache(cachePath, node_fs_1.default.readFileSync(manifest.resultPath, "utf8"));
@@ -299,7 +300,7 @@ function completedResultsCacheDigest(run, task) {
     const previousTaskIds = new Set(run.phases.slice(0, phaseIndex).flatMap((phase) => phase.taskIds));
     const records = run.tasks
         .filter((candidate) => previousTaskIds.has(candidate.id))
-        .sort((a, b) => a.id.localeCompare(b.id))
+        .sort((a, b) => (0, compare_1.compareBytes)(a.id, b.id))
         .map((candidate) => {
         if (candidate.status !== "completed" || !candidate.resultPath || !node_fs_1.default.existsSync(candidate.resultPath))
             return undefined;
@@ -411,7 +412,7 @@ function prepareConcurrentOutcomes(ctx, batch) {
 }
 /** A failed agent hop: charge one attempt and (reuse v0.1.37 retryOrPark) either
  *  retry on the SAME worker scope next step, or PARK past the retry budget. */
-function handleHop(ctx, task, workerId, reason, dispatched) {
+function handleHop(ctx, task, workerId, reason) {
     const persisted = ctx.runner.showWorker(ctx.runId, workerId).retryCount || 0;
     const prior = Math.max(ctx.attempts.get(task.id) || 0, persisted);
     const entry = {
@@ -444,7 +445,6 @@ function handleHop(ctx, task, workerId, reason, dispatched) {
         });
     }
     // Retryable: leave the task running (scope reused) for the next step.
-    void dispatched;
     (0, worker_isolation_1.recordWorkerRetryAttempt)(ctx.runner.loadRun(ctx.runId), workerId, decided.attempts || prior + 1, reason);
     return step("fulfill", "failed", {
         runId: ctx.runId,

package/dist/error-feedback.js

@@ -97,7 +97,7 @@ function recordFeedback(run, input, options = {}) {
     const now = new Date().toISOString();
     const record = {
         schemaVersion: exports.ERROR_FEEDBACK_SCHEMA_VERSION,
-        id: createFeedbackId(classification),
+        id: createFeedbackId(run, classification),
         runId: run.id,
         createdAt: now,
         updatedAt: now,
@@ -357,9 +357,13 @@ function formatEvidence(evidence) {
         return ["No evidence recorded."];
     return evidence.map((entry) => `- ${entry.id}: ${entry.locator || entry.path || entry.summary || entry.source || ""}`);
 }
-function createFeedbackId(classification) {
-    const stamp = new Date().toISOString().replace(/[-:]/g, "").replace(/\..+/, "Z");
-    return `feedback-${classification}-${stamp}-${Math.random().toString(36).slice(2, 8)}`;
+// Deterministic feedback id (FreeBSD-audit L12/L13): the feedback record's
+// POSITION in the run's append-only feedback log, qualified by classification for
+// readability. recordFeedback dedups identical errors before minting, so the
+// sequence is stable and collision-free across replays — no clock, no PRNG.
+function createFeedbackId(run, classification) {
+    const seq = (run.feedback || []).length + 1;
+    return `feedback-${classification}-${String(seq).padStart(4, "0")}`;
 }
 function feedbackKey(value) {
     return [

package/dist/evidence-reasoning.js

@@ -343,7 +343,7 @@ function deriveCounterfactuals(run, scores) {
             forSelectionGate.push({
                 ref: candidate.id,
                 kind: "candidate",
-                status: candidate.status === "failed" ? "rejected" : "rejected",
+                status: "rejected",
                 reason: candidate.feedbackIds[0] ? `see feedback ${candidate.feedbackIds[0]}` : `candidate ${candidate.id} ${candidate.status}`
             });
             for (const scoreId of candidate.scores || []) {

package/dist/execution-backend/agent.js

@@ -0,0 +1,331 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.resolveAgentInvocation = resolveAgentInvocation;
+exports.stripSecretArgs = stripSecretArgs;
+exports.parseAgentReport = parseAgentReport;
+exports.agentSubstitutions = agentSubstitutions;
+exports.substituteAgentArg = substituteAgentArg;
+exports.recordedAgentHandle = recordedAgentHandle;
+exports.extractEndpointResult = extractEndpointResult;
+exports.agentHandle = agentHandle;
+exports.prepareAgentSpawn = prepareAgentSpawn;
+exports.runAgentBatchOutcomes = runAgentBatchOutcomes;
+// Agent-delegation pure helpers + concurrent batch fulfillment for the
+// execution-backend driver layer. Carved out of execution-backend.ts
+// (FreeBSD-audit god-module carve) so the driver layer no longer bundles the
+// agent sub-domain's data-transform helpers; the stateful runners
+// (runAgentProcess / runAgentEndpoint) that build refusal/delegated envelopes
+// stay in the parent and import these. The parent re-exports the public surface
+// (stripSecretArgs, AgentSpawnJob, prepareAgentSpawn, runAgentBatchOutcomes) so
+// every importer is byte-unchanged.
+//
+// BEHAVIOR-PRESERVING — pure code movement, zero logic change. Every function
+// here is a pure function of its inputs (request/env/argv → resolved data); none
+// reaches back into the parent's envelope builders, so there is no runtime cycle.
+// Matches the existing router pattern (orchestrator/*-operations.ts,
+// run-registry/derive.ts).
+//
+// agent — the v0.1.38 delegating driver. Spawns an EXTERNAL agent process per
+// worker (claude -p / codex exec / …) argv-style (shell:false), or POSTs the
+// manifest to a configured HTTP agent endpoint. The agent reads the worker
+// input/manifest and writes the worker's result.md out-of-process; CW captures
+// the agent CHILD's command + exit + stdout digest as the canonical evidence
+// triple (NEVER the result.md — that is the separate recordWorkerOutput layer)
+// and records the kind:process handle + agent-reported model in provenance.
+//
+// THE RED LINE: CW spawns the agent and records its attested output. It NEVER
+// imports a model SDK, holds an API key, or constructs a model API request. Any
+// API key flows from the agent's OWN inherited env; CW never reads or records it.
+// The operator-chosen CW_AGENT_MODEL is interpolated into `{{model}}` as policy
+// and recorded ONLY in secret-stripped args — it is NEVER the attested model id.
+const node_path_1 = __importDefault(require("node:path"));
+const node_child_process_1 = require("node:child_process");
+const util_1 = require("./util");
+/** Resolve the agent invocation from the request delegation > env. Vendor-neutral;
+ *  the durable file config is folded in by the drive layer before this point. */
+function resolveAgentInvocation(request) {
+    const delegation = request.delegation || {};
+    const envCommand = (process.env.CW_AGENT_COMMAND || "").trim();
+    const endpoint = delegation.endpoint || (process.env.CW_AGENT_ENDPOINT || "").trim() || undefined;
+    const model = delegation.model || (process.env.CW_AGENT_MODEL || "").trim() || undefined;
+    // Accept the invocation via delegation (preferred) OR the top-level command/args.
+    let binary = delegation.command || request.command || undefined;
+    let rawArgs = delegation.args ? [...delegation.args] : request.args ? [...request.args] : [];
+    // An env-string command ("claude -p --output-format json {{manifest}}") is split
+    // into a binary + discrete argv template — NEVER shell-interpreted.
+    if (!binary && envCommand) {
+        const parts = envCommand.split(/\s+/).filter(Boolean);
+        binary = parts[0];
+        if (!delegation.args)
+            rawArgs = parts.slice(1);
+    }
+    else if (binary && !delegation.args && /\s/.test(binary)) {
+        const parts = binary.split(/\s+/).filter(Boolean);
+        binary = parts[0];
+        rawArgs = parts.slice(1);
+    }
+    return { binary, rawArgs, endpoint, model, timeoutMs: request.timeoutMs };
+}
+const AGENT_SECRET_FLAGS = new Set(["--api-key", "--apikey", "--token", "--key", "--secret", "--password", "--auth", "--bearer"]);
+/** Redact secrets from recorded agent args: a value FOLLOWING a known secret flag,
+ *  an `--x-key=...` inline value, or a token that LOOKS like a credential. Never
+ *  record a raw secret in provenance/evidence. Exported so the durable config
+ *  surface strips the SAME way before persisting/showing a command template. */
+function stripSecretArgs(args) {
+    const out = [];
+    for (let i = 0; i < args.length; i++) {
+        const arg = String(args[i]);
+        if (AGENT_SECRET_FLAGS.has(arg.toLowerCase())) {
+            out.push(arg);
+            if (i + 1 < args.length) {
+                out.push("<redacted>");
+                i++;
+            }
+            continue;
+        }
+        const inline = arg.match(/^(--?[A-Za-z][\w-]*(?:key|token|secret|password|auth|bearer)[\w-]*)=.*/i);
+        if (inline) {
+            out.push(`${inline[1]}=<redacted>`);
+            continue;
+        }
+        // Bare credential-looking token: a known provider prefix, or a long high-entropy
+        // run with NO path separators (so file paths / {{...}} substitutions survive as
+        // useful provenance). Over-redaction is safe; leaking a key is not.
+        if (/^(sk-|ghp_|gho_|github_pat_|xox[abpr]-|Bearer\s)/.test(arg) || (arg.length >= 32 && /^[A-Za-z0-9_\-]{32,}$/.test(arg))) {
+            out.push("<redacted>");
+            continue;
+        }
+        out.push(arg);
+    }
+    return out;
+}
+/** Best-effort parse of the AGENT-reported model id from its stdout. SOLELY the
+ *  agent's own report — `unreported` when absent. Never CW_AGENT_MODEL. */
+function parseAgentReport(stdout) {
+    const text = String(stdout || "").trim();
+    if (!text)
+        return {};
+    const tryObj = (value) => {
+        try {
+            const parsed = JSON.parse(value);
+            return parsed && typeof parsed === "object" && !Array.isArray(parsed) ? parsed : undefined;
+        }
+        catch {
+            return undefined;
+        }
+    };
+    let obj = tryObj(text);
+    if (!obj) {
+        const line = text
+            .split(/\r?\n/)
+            .reverse()
+            .find((entry) => entry.trim().startsWith("{") && entry.trim().endsWith("}"));
+        if (line)
+            obj = tryObj(line.trim());
+    }
+    if (!obj)
+        return {};
+    const usage = obj.usage && typeof obj.usage === "object" ? obj.usage : undefined;
+    let model = typeof obj.model === "string"
+        ? obj.model
+        : usage && typeof usage.model === "string"
+            ? usage.model
+            : typeof obj.modelId === "string"
+                ? obj.modelId
+                : undefined;
+    // Some agents (e.g. `claude -p --output-format json`) report no top-level model;
+    // the model id(s) appear as KEYS of a `modelUsage` object. Pick the primary model
+    // (the one with the most input tokens). Still SOLELY the agent's own report.
+    if (!model && obj.modelUsage && typeof obj.modelUsage === "object" && !Array.isArray(obj.modelUsage)) {
+        const entries = Object.entries(obj.modelUsage);
+        if (entries.length) {
+            const tokensOf = (value) => {
+                const record = value && typeof value === "object" ? value : {};
+                const input = Number(record.inputTokens ?? record.input_tokens ?? 0);
+                return Number.isFinite(input) ? input : 0;
+            };
+            entries.sort((left, right) => tokensOf(right[1]) - tokensOf(left[1]));
+            model = entries[0][0];
+        }
+    }
+    // Track 1: the executor's detached signature over its usage report, if it signs.
+    // SOLELY the agent's own field — CW verifies it later against the trust key.
+    const usageSignature = typeof obj.usageSignature === "string"
+        ? obj.usageSignature
+        : typeof obj.usage_signature === "string"
+            ? obj.usage_signature
+            : undefined;
+    return { model, usage, usageSignature };
+}
+function agentSubstitutions(request, model) {
+    const manifest = request.manifest;
+    const workerDir = manifest?.workerDir || request.cwd || "";
+    return {
+        manifest: manifest?.manifestPath || (workerDir ? node_path_1.default.join(workerDir, "manifest.json") : ""),
+        input: manifest?.inputPath || "",
+        result: manifest?.resultPath || "",
+        workerDir,
+        model: model || "",
+        prompt: manifest?.prompt || ""
+    };
+}
+function substituteAgentArg(arg, subst) {
+    return arg.replace(/\{\{(\w+)\}\}/g, (_, key) => (key in subst ? subst[key] : `{{${key}}}`));
+}
+/** Build the recorded process handle for the envelope — secret-stripped + the
+ *  agent-reported model. Same SHAPE that lands in provenance, never in evidence. */
+function recordedAgentHandle(binary, endpoint, recordedArgs, model, reportedModel, reportedUsage, usageSignature) {
+    const ref = binary ? [binary, ...recordedArgs].join(" ") : endpoint || "";
+    return {
+        kind: "process",
+        ref,
+        endpoint,
+        metadata: {
+            mode: binary ? "command" : "endpoint",
+            command: binary,
+            args: recordedArgs,
+            model,
+            reportedModel,
+            // Telemetry thread-back: the agent's OWN self-reported token usage (parsed
+            // from its stdout by parseAgentReport). ATTESTED, never measured by CW —
+            // same red-line posture as reportedModel. Lands in provenance, never in the
+            // byte-stable evidence triple. Absent when the agent reported no usage.
+            ...(reportedUsage ? { reportedUsage } : {}),
+            // Track 1: the executor's detached signature over its usage report. CW
+            // verifies it against the operator trust key at output intake.
+            ...(usageSignature ? { usageSignature } : {})
+        }
+    };
+}
+function extractEndpointResult(stdout) {
+    const text = String(stdout || "").trim();
+    if (!text)
+        return undefined;
+    try {
+        const parsed = JSON.parse(text);
+        if (parsed && typeof parsed === "object") {
+            if (typeof parsed.result === "string")
+                return parsed.result;
+            if (typeof parsed.resultMarkdown === "string")
+                return parsed.resultMarkdown;
+        }
+    }
+    catch {
+        /* not JSON — treat the raw text as the result body */
+        return text;
+    }
+    return undefined;
+}
+function agentHandle(request) {
+    // The agent invocation is POLICY-as-DATA, resolved flags(delegation) > env. The
+    // handle records ONLY secret-stripped provenance; the raw template is re-resolved
+    // inside runAgentProcess for substitution + spawning so no secret ever lands in
+    // a recorded handle/evidence entry.
+    const resolved = resolveAgentInvocation(request);
+    if (!resolved.binary && !resolved.endpoint)
+        return undefined;
+    const strippedArgs = stripSecretArgs(resolved.rawArgs);
+    const ref = resolved.binary ? [resolved.binary, ...strippedArgs].join(" ") : resolved.endpoint || "";
+    return {
+        kind: "process",
+        ref,
+        endpoint: resolved.endpoint,
+        metadata: {
+            mode: resolved.binary ? "command" : "endpoint",
+            command: resolved.binary,
+            args: strippedArgs,
+            model: resolved.model
+        }
+    };
+}
+/** Resolve a request to a spawn-style batch job, or undefined when the agent is
+ *  endpoint-configured/unconfigured (those settle through the serial path). */
+function prepareAgentSpawn(request) {
+    const resolved = resolveAgentInvocation(request);
+    if (!resolved.binary)
+        return undefined;
+    const subst = agentSubstitutions(request, resolved.model);
+    return {
+        binary: resolved.binary,
+        args: resolved.rawArgs.map((arg) => substituteAgentArg(arg, subst)),
+        cwd: request.cwd,
+        timeoutMs: resolved.timeoutMs || 600000
+    };
+}
+// Reads jobs JSON on stdin, spawns ALL concurrently (shell:false, inherited env —
+// the agent's own credentials resolve; CW never reads them), per-job SIGTERM at
+// timeoutMs + SIGKILL at +5s, caps each captured stdout at 32MB, and prints the
+// outcome array when every job has settled. stderr is drained (a full pipe must
+// never wedge a child). A kill yields exitCode null — the no-exit-code refusal.
+const BATCH_DELEGATE_CHILD = `
+const { spawn } = require("node:child_process");
+let raw = "";
+process.stdin.setEncoding("utf8");
+process.stdin.on("data", (d) => (raw += d));
+process.stdin.on("end", () => {
+  const jobs = JSON.parse(raw);
+  if (!jobs.length) { process.stdout.write("[]"); return; }
+  const out = new Array(jobs.length);
+  let pending = jobs.length;
+  const CAP = 32 * 1024 * 1024;
+  jobs.forEach((job, i) => {
+    let stdout = "";
+    let settled = false;
+    const settle = (o) => {
+      if (settled) return;
+      settled = true;
+      out[i] = o;
+      if (--pending === 0) process.stdout.write(JSON.stringify(out));
+    };
+    let child;
+    try {
+      child = spawn(job.binary, job.args, { cwd: job.cwd, env: process.env, shell: false });
+    } catch (error) {
+      settle({ spawnError: String((error && error.message) || error), exitCode: null, stdout: "" });
+      return;
+    }
+    const term = setTimeout(() => { try { child.kill("SIGTERM"); } catch {} }, job.timeoutMs);
+    const kill = setTimeout(() => { try { child.kill("SIGKILL"); } catch {} }, job.timeoutMs + 5000);
+    child.stdout.on("data", (d) => { if (stdout.length < CAP) stdout += d; });
+    child.stderr.on("data", () => {});
+    child.on("error", (error) => {
+      clearTimeout(term); clearTimeout(kill);
+      settle({ spawnError: String((error && error.message) || error), exitCode: null, stdout });
+    });
+    child.on("close", (code) => {
+      clearTimeout(term); clearTimeout(kill);
+      settle({ exitCode: typeof code === "number" ? code : null, stdout });
+    });
+  });
+});
+`;
+/** Run a batch of agent spawns concurrently; outcomes index-align with jobs. The
+ *  parent backstop timeout (max job timeout + 30s) means even a wedged delegate
+ *  child cannot deadlock the drive: on any batch-level failure EVERY job settles
+ *  as a fail-closed spawn refusal — never a fabricated completion, never a hang. */
+function runAgentBatchOutcomes(jobs) {
+    if (!jobs.length)
+        return [];
+    const maxTimeout = Math.max(...jobs.map((job) => job.timeoutMs));
+    const child = (0, node_child_process_1.spawnSync)(process.execPath, ["-e", BATCH_DELEGATE_CHILD], {
+        input: JSON.stringify(jobs),
+        encoding: "utf8",
+        maxBuffer: 33 * 1024 * 1024 * jobs.length,
+        timeout: maxTimeout + 30000
+    });
+    if (!child.error && typeof child.status === "number" && child.status === 0) {
+        try {
+            const parsed = JSON.parse(String(child.stdout || ""));
+            if (Array.isArray(parsed) && parsed.length === jobs.length)
+                return parsed;
+        }
+        catch {
+            // fall through to the fail-closed mapping below
+        }
+    }
+    const reason = child.error ? (0, util_1.messageOf)(child.error) : `batch delegate exited ${child.status === null ? "without an exit code (timed out or killed)" : `with ${child.status}`}`;
+    return jobs.map(() => ({ spawnError: `batch delegate failed: ${reason}`, exitCode: null, stdout: "" }));
+}

package/dist/execution-backend/probes.js

@@ -0,0 +1,96 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.probeNodeBackend = probeNodeBackend;
+exports.probeShellBackend = probeShellBackend;
+exports.probeBunBackend = probeBunBackend;
+exports.probeContainerBackend = probeContainerBackend;
+exports.probeRemoteBackend = probeRemoteBackend;
+exports.probeCiBackend = probeCiBackend;
+exports.probeAgentBackend = probeAgentBackend;
+// Per-backend readiness probe bodies for the execution-backend driver layer.
+// Carved out of execution-backend.ts (FreeBSD-audit god-module carve) so the
+// driver layer no longer bundles every driver's readiness check; the parent's
+// `probeBackend` still wraps these with the descriptor-derived envelope, and each
+// built-in driver references its probe through BUILTIN_DRIVER_BEHAVIORS.
+//
+// BEHAVIOR-PRESERVING — pure code movement, zero logic change. Each probe is a
+// pure free function of the host (PATH + configured env), matching the existing
+// router pattern (run-registry/derive.ts, orchestrator/*-operations.ts).
+//
+// Readiness probe. Deterministic given the host (PATH + configured env).
+const node_fs_1 = __importDefault(require("node:fs"));
+const util_1 = require("./util");
+function probeNodeBackend() {
+    const ok = (0, util_1.hasExecutable)("node");
+    return {
+        checks: [{ name: "node-runtime", ok, detail: ok ? "node on PATH" : "node not found on PATH" }],
+        readiness: ok ? "ready" : "unavailable",
+        reason: ok ? undefined : "node runtime not found on PATH"
+    };
+}
+function probeShellBackend() {
+    const ok = (0, util_1.hasExecutable)("sh") || node_fs_1.default.existsSync("/bin/sh");
+    return {
+        checks: [{ name: "posix-shell", ok, detail: ok ? "sh available" : "no POSIX shell found" }],
+        readiness: ok ? "ready" : "unavailable",
+        reason: ok ? undefined : "POSIX shell not found"
+    };
+}
+function probeBunBackend() {
+    const bun = (0, util_1.hasExecutable)("bun");
+    const node = (0, util_1.hasExecutable)("node");
+    return {
+        checks: [
+            { name: "bun-runtime", ok: bun, detail: bun ? "bun on PATH" : "bun not found; node-compatible fallback" },
+            { name: "node-compatible-fallback", ok: node, detail: node ? "node on PATH" : "node not found on PATH" }
+        ],
+        readiness: bun || node ? "ready" : "unavailable",
+        reason: !bun && node ? "bun not installed; executing via node-compatible runtime" : !bun && !node ? "neither bun nor node found on PATH" : undefined
+    };
+}
+function probeContainerBackend() {
+    const docker = (0, util_1.hasExecutable)("docker");
+    const podman = (0, util_1.hasExecutable)("podman");
+    return {
+        checks: [
+            { name: "docker", ok: docker, detail: docker ? "docker on PATH" : "docker not found" },
+            { name: "podman", ok: podman, detail: podman ? "podman on PATH" : "podman not found" }
+        ],
+        readiness: docker || podman ? "ready" : "unavailable",
+        reason: docker || podman ? undefined : "no container runtime (docker/podman) found; supply --image to delegate explicitly"
+    };
+}
+function probeRemoteBackend() {
+    const endpoint = (process.env.CW_REMOTE_ENDPOINT || "").trim();
+    return {
+        checks: [{ name: "endpoint", ok: Boolean(endpoint), detail: endpoint ? "CW_REMOTE_ENDPOINT configured" : "CW_REMOTE_ENDPOINT not set" }],
+        readiness: endpoint ? "ready" : "unverified",
+        reason: endpoint ? undefined : "no remote endpoint configured (set CW_REMOTE_ENDPOINT or pass --endpoint)"
+    };
+}
+function probeCiBackend() {
+    const endpoint = (process.env.CW_CI_ENDPOINT || "").trim();
+    return {
+        checks: [{ name: "ci-endpoint", ok: Boolean(endpoint), detail: endpoint ? "CW_CI_ENDPOINT configured" : "CW_CI_ENDPOINT not set" }],
+        readiness: endpoint ? "ready" : "unverified",
+        reason: endpoint ? undefined : "no CI job target configured (set CW_CI_ENDPOINT or pass --job)"
+    };
+}
+function probeAgentBackend() {
+    // Mirrors remote/ci EXACTLY: unconfigured ⇒ `unverified` (NOT a hard refusal),
+    // configured ⇒ `ready`. "Configured" = a command-template or endpoint is set.
+    const command = (process.env.CW_AGENT_COMMAND || "").trim();
+    const endpoint = (process.env.CW_AGENT_ENDPOINT || "").trim();
+    const configured = Boolean(command || endpoint);
+    return {
+        checks: [
+            { name: "agent-command", ok: Boolean(command), detail: command ? "CW_AGENT_COMMAND configured" : "CW_AGENT_COMMAND not set" },
+            { name: "agent-endpoint", ok: Boolean(endpoint), detail: endpoint ? "CW_AGENT_ENDPOINT configured" : "CW_AGENT_ENDPOINT not set" }
+        ],
+        readiness: configured ? "ready" : "unverified",
+        reason: configured ? undefined : "no agent configured (set CW_AGENT_COMMAND or CW_AGENT_ENDPOINT, or pass --agent-command/--agent-endpoint)"
+    };
+}

package/dist/execution-backend/util.js

@@ -0,0 +1,47 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.sha256 = sha256;
+exports.hasExecutable = hasExecutable;
+exports.firstString = firstString;
+exports.messageOf = messageOf;
+// Leaf helpers for the execution-backend driver layer. Carved out of
+// execution-backend.ts (FreeBSD-audit god-module carve) so the driver layer no
+// longer bundles its pure utilities; the parent re-exports `sha256` to keep the
+// public surface byte-identical, and imports the rest internally.
+//
+// BEHAVIOR-PRESERVING — pure code movement, zero logic change. Each function is a
+// pure leaf (no dependency on the rest of the module), matching the existing
+// router pattern (run-registry/derive.ts + format.ts, orchestrator/*-operations.ts).
+const node_crypto_1 = __importDefault(require("node:crypto"));
+const node_fs_1 = __importDefault(require("node:fs"));
+const node_path_1 = __importDefault(require("node:path"));
+function sha256(value) {
+    return `sha256:${node_crypto_1.default.createHash("sha256").update(value, "utf8").digest("hex")}`;
+}
+function hasExecutable(name) {
+    const dirs = (process.env.PATH || "").split(node_path_1.default.delimiter).filter(Boolean);
+    for (const dir of dirs) {
+        const candidate = node_path_1.default.join(dir, name);
+        try {
+            if (node_fs_1.default.existsSync(candidate) && node_fs_1.default.statSync(candidate).isFile())
+                return true;
+        }
+        catch {
+            // ignore unreadable PATH entries
+        }
+    }
+    return false;
+}
+function firstString(...values) {
+    for (const value of values) {
+        if (typeof value === "string" && value.trim())
+            return value.trim();
+    }
+    return undefined;
+}
+function messageOf(error) {
+    return error instanceof Error ? error.message : String(error);
+}