cool-workflow 0.1.98 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (306) hide show
  1. package/.claude-plugin/plugin.json +1 -1
  2. package/.codex-plugin/plugin.json +1 -1
  3. package/README.md +11 -2
  4. package/apps/architecture-review/app.json +1 -1
  5. package/apps/architecture-review-fast/app.json +1 -1
  6. package/apps/end-to-end-golden-path/app.json +1 -1
  7. package/apps/pr-review-fix-ci/app.json +1 -1
  8. package/apps/release-cut/app.json +1 -1
  9. package/apps/research-synthesis/app.json +1 -1
  10. package/dist/cli/dispatch.js +236 -0
  11. package/dist/cli/entry.js +120 -0
  12. package/dist/cli/io.js +21 -4
  13. package/dist/cli/parseargv.js +157 -0
  14. package/dist/cli.js +6 -33
  15. package/dist/core/capability-table.js +3534 -0
  16. package/dist/core/format/help.js +314 -0
  17. package/dist/{state-explosion/format.js → core/format/state-explosion-text.js} +10 -1
  18. package/dist/core/hash.js +137 -0
  19. package/dist/core/multi-agent/candidate-scoring.js +219 -0
  20. package/dist/core/multi-agent/collaboration.js +481 -0
  21. package/dist/core/multi-agent/coordinator.js +515 -0
  22. package/dist/core/multi-agent/eval-replay.js +306 -0
  23. package/dist/core/multi-agent/runtime.js +929 -0
  24. package/dist/core/multi-agent/topology.js +298 -0
  25. package/dist/core/multi-agent/trust-policy.js +197 -0
  26. package/dist/core/pipeline/commit-gate.js +320 -0
  27. package/dist/{pipeline-contract.js → core/pipeline/contract.js} +24 -37
  28. package/dist/core/pipeline/dispatch.js +103 -0
  29. package/dist/core/pipeline/drive-decide.js +227 -0
  30. package/dist/core/pipeline/error-feedback.js +161 -0
  31. package/dist/core/pipeline/loop-expansion.js +124 -0
  32. package/dist/{result-normalize.js → core/pipeline/result-normalize.js} +14 -37
  33. package/dist/core/pipeline/runner.js +230 -0
  34. package/dist/{contract-migration.js → core/state/contract-migration.js} +68 -92
  35. package/dist/{state-migrations.js → core/state/migrations.js} +103 -96
  36. package/dist/core/state/node-projection.js +95 -0
  37. package/dist/core/state/node-snapshot.js +230 -0
  38. package/dist/core/state/run-paths.js +93 -0
  39. package/dist/{schema-validate.js → core/state/schema-validate.js} +35 -28
  40. package/dist/core/state/schema.js +50 -0
  41. package/dist/core/state/state-explosion/digest.js +243 -0
  42. package/dist/core/state/state-explosion/graph.js +527 -0
  43. package/dist/{state-explosion → core/state/state-explosion}/helpers.js +34 -3
  44. package/dist/core/state/state-explosion/report.js +187 -0
  45. package/dist/{state-explosion → core/state/state-explosion}/size.js +25 -7
  46. package/dist/{state-node.js → core/state/state-node.js} +90 -113
  47. package/dist/core/state/types.js +19 -0
  48. package/dist/{validation.js → core/state/validation.js} +64 -131
  49. package/dist/core/trust/evidence-grounding.js +134 -0
  50. package/dist/core/trust/ledger.js +199 -0
  51. package/dist/{telemetry-attestation.js → core/trust/telemetry-attestation.js} +94 -68
  52. package/dist/core/trust/telemetry-ledger.js +127 -0
  53. package/dist/core/types.js +20 -0
  54. package/dist/core/version.js +16 -0
  55. package/dist/{workflow-app-framework.js → core/workflow-apps/app-schema.js} +337 -426
  56. package/dist/mcp/dispatch.js +104 -0
  57. package/dist/mcp/server.js +144 -0
  58. package/dist/mcp-server.js +6 -84
  59. package/dist/{agent-config.js → shell/agent-config.js} +118 -71
  60. package/dist/shell/app-run-cli.js +88 -0
  61. package/dist/shell/audit-cli.js +259 -0
  62. package/dist/shell/audit-provenance.js +83 -0
  63. package/dist/shell/candidate-scoring-io.js +459 -0
  64. package/dist/shell/collaboration-io.js +264 -0
  65. package/dist/shell/commit-summary.js +104 -0
  66. package/dist/shell/commit.js +290 -0
  67. package/dist/shell/coordinator-io.js +476 -0
  68. package/dist/shell/demo-cli.js +19 -0
  69. package/dist/shell/dispatch.js +162 -0
  70. package/dist/{doctor.js → shell/doctor.js} +123 -56
  71. package/dist/shell/drive.js +873 -0
  72. package/dist/shell/error-feedback-io.js +305 -0
  73. package/dist/shell/eval-io.js +473 -0
  74. package/dist/{multi-agent-eval/format.js → shell/eval-text.js} +78 -49
  75. package/dist/{evidence-reasoning.js → shell/evidence-reasoning.js} +124 -255
  76. package/dist/shell/exec-backend-cli.js +88 -0
  77. package/dist/shell/execution-backend/agent.js +475 -0
  78. package/dist/shell/execution-backend/ci.js +15 -0
  79. package/dist/shell/execution-backend/container.js +69 -0
  80. package/dist/shell/execution-backend/envelopes.js +55 -0
  81. package/dist/shell/execution-backend/local.js +113 -0
  82. package/dist/shell/execution-backend/probes.js +175 -0
  83. package/dist/shell/execution-backend/registry.js +402 -0
  84. package/dist/shell/execution-backend/remote.js +128 -0
  85. package/dist/shell/execution-backend/types.js +11 -0
  86. package/dist/shell/feedback-cli.js +81 -0
  87. package/dist/shell/feedback-operations.js +48 -0
  88. package/dist/shell/fs-atomic.js +276 -0
  89. package/dist/shell/harness.js +98 -0
  90. package/dist/shell/ledger-cli.js +212 -0
  91. package/dist/shell/ledger-io.js +169 -0
  92. package/dist/shell/man-cli.js +89 -0
  93. package/dist/shell/metrics-cli.js +98 -0
  94. package/dist/shell/multi-agent-cli.js +1002 -0
  95. package/dist/shell/multi-agent-host.js +563 -0
  96. package/dist/shell/multi-agent-io.js +387 -0
  97. package/dist/{multi-agent-operator-ux.js → shell/multi-agent-operator-ux.js} +234 -191
  98. package/dist/shell/node-store.js +124 -0
  99. package/dist/{observability/format.js → shell/observability-format.js} +7 -1
  100. package/dist/{observability/intake.js → shell/observability-intake.js} +79 -56
  101. package/dist/{observability.js → shell/observability.js} +159 -332
  102. package/dist/{onramp.js → shell/onramp.js} +11 -0
  103. package/dist/{operator-ux/format.js → shell/operator-ux-text.js} +250 -239
  104. package/dist/shell/operator-ux.js +431 -0
  105. package/dist/shell/orchestrator.js +231 -0
  106. package/dist/shell/pipeline-cli.js +667 -0
  107. package/dist/shell/pipeline.js +217 -0
  108. package/dist/shell/reclamation-io.js +1366 -0
  109. package/dist/shell/registry-cli.js +329 -0
  110. package/dist/{remote-source.js → shell/remote-source.js} +2 -2
  111. package/dist/shell/report-cli.js +101 -0
  112. package/dist/shell/report-view-cli.js +117 -0
  113. package/dist/{orchestrator → shell}/report.js +289 -282
  114. package/dist/shell/reporter.js +62 -0
  115. package/dist/shell/run-export-cli.js +106 -0
  116. package/dist/shell/run-export.js +680 -0
  117. package/dist/shell/run-registry-io.js +1014 -0
  118. package/dist/shell/run-store.js +164 -0
  119. package/dist/{sandbox-profile.js → shell/sandbox-profile.js} +134 -95
  120. package/dist/{scheduler.js → shell/scheduler-io.js} +248 -48
  121. package/dist/shell/scheduling-io.js +311 -0
  122. package/dist/shell/state-cli.js +181 -0
  123. package/dist/shell/state-explosion-cli.js +197 -0
  124. package/dist/shell/telemetry-cli.js +85 -0
  125. package/dist/{telemetry-demo.js → shell/telemetry-demo.js} +149 -119
  126. package/dist/shell/telemetry-ledger-io.js +132 -0
  127. package/dist/{term.js → shell/term.js} +36 -46
  128. package/dist/shell/topology-io.js +361 -0
  129. package/dist/shell/trust-audit.js +471 -0
  130. package/dist/{multi-agent-trust.js → shell/trust-policy-io.js} +67 -205
  131. package/dist/shell/verifier.js +48 -0
  132. package/dist/shell/workbench-host.js +250 -0
  133. package/dist/shell/workbench-text.js +18 -0
  134. package/dist/shell/workbench.js +175 -0
  135. package/dist/shell/worker-cli.js +124 -0
  136. package/dist/shell/worker-isolation.js +852 -0
  137. package/dist/shell/workflow-app-loader.js +650 -0
  138. package/docs/agent-delegation-drive.7.md +2 -0
  139. package/docs/cli-mcp-parity.7.md +280 -219
  140. package/docs/contract-migration-tooling.7.md +2 -0
  141. package/docs/control-plane-scheduling.7.md +2 -0
  142. package/docs/durable-state-and-locking.7.md +2 -0
  143. package/docs/evidence-adoption-reasoning-chain.7.md +2 -0
  144. package/docs/execution-backends.7.md +2 -0
  145. package/docs/multi-agent-cli-mcp-surface.7.md +2 -0
  146. package/docs/multi-agent-eval-replay-harness.7.md +2 -0
  147. package/docs/multi-agent-operator-ux.7.md +2 -0
  148. package/docs/node-snapshot-diff-replay.7.md +2 -0
  149. package/docs/observability-cost-accounting.7.md +2 -0
  150. package/docs/project-index.md +132 -71
  151. package/docs/real-execution-backends.7.md +2 -0
  152. package/docs/release-and-migration.7.md +2 -0
  153. package/docs/release-tooling.7.md +2 -0
  154. package/docs/run-registry-control-plane.7.md +2 -0
  155. package/docs/run-retention-reclamation.7.md +23 -0
  156. package/docs/state-explosion-management.7.md +2 -0
  157. package/docs/team-collaboration.7.md +2 -0
  158. package/docs/web-desktop-workbench.7.md +2 -0
  159. package/manifest/plugin.manifest.json +1 -1
  160. package/manifest/source-context-profiles.json +9 -13
  161. package/package.json +1 -1
  162. package/scripts/agents/cw-attest-wrap.js +2 -2
  163. package/scripts/bump-version.js +4 -3
  164. package/scripts/canonical-apps.js +4 -4
  165. package/scripts/dogfood-architecture-review.js +2 -3
  166. package/scripts/dogfood-release.js +3 -3
  167. package/scripts/gen-parity-doc.js +15 -2
  168. package/scripts/golden-path.js +4 -4
  169. package/scripts/onramp-check.js +1 -1
  170. package/scripts/parity-check.js +38 -21
  171. package/scripts/release-flow.js +2 -2
  172. package/scripts/sync-project-index.js +51 -27
  173. package/scripts/validate-run-state-schema.js +2 -2
  174. package/scripts/version-sync-check.js +30 -30
  175. package/dist/candidate-scoring.js +0 -729
  176. package/dist/capability-core.js +0 -1189
  177. package/dist/capability-registry.js +0 -885
  178. package/dist/cli/command-surface.js +0 -494
  179. package/dist/cli/format.js +0 -56
  180. package/dist/cli/handlers/audit.js +0 -82
  181. package/dist/cli/handlers/blackboard.js +0 -81
  182. package/dist/cli/handlers/candidate.js +0 -40
  183. package/dist/cli/handlers/clones.js +0 -34
  184. package/dist/cli/handlers/collaboration.js +0 -61
  185. package/dist/cli/handlers/eval.js +0 -40
  186. package/dist/cli/handlers/ledger.js +0 -169
  187. package/dist/cli/handlers/maintenance.js +0 -107
  188. package/dist/cli/handlers/multi-agent.js +0 -165
  189. package/dist/cli/handlers/node.js +0 -41
  190. package/dist/cli/handlers/operational.js +0 -155
  191. package/dist/cli/handlers/operator.js +0 -146
  192. package/dist/cli/handlers/registry.js +0 -68
  193. package/dist/cli/handlers/run.js +0 -153
  194. package/dist/cli/handlers/scheduling.js +0 -132
  195. package/dist/cli/handlers/workbench.js +0 -41
  196. package/dist/cli/handlers/worker.js +0 -45
  197. package/dist/cli/run-summary.js +0 -45
  198. package/dist/clones.js +0 -162
  199. package/dist/collaboration.js +0 -726
  200. package/dist/commit.js +0 -592
  201. package/dist/compare.js +0 -18
  202. package/dist/coordinator/classify.js +0 -45
  203. package/dist/coordinator/paths.js +0 -42
  204. package/dist/coordinator/util.js +0 -126
  205. package/dist/coordinator.js +0 -990
  206. package/dist/daemon.js +0 -44
  207. package/dist/dispatch.js +0 -250
  208. package/dist/drive.js +0 -864
  209. package/dist/error-feedback.js +0 -419
  210. package/dist/evidence-grounding.js +0 -184
  211. package/dist/execution-backend/agent.js +0 -354
  212. package/dist/execution-backend/probes.js +0 -112
  213. package/dist/execution-backend/util.js +0 -47
  214. package/dist/execution-backend.js +0 -961
  215. package/dist/gates.js +0 -48
  216. package/dist/harness.js +0 -61
  217. package/dist/ledger.js +0 -313
  218. package/dist/loop-expansion.js +0 -60
  219. package/dist/mcp/tool-call.js +0 -470
  220. package/dist/mcp/tool-definitions.js +0 -1066
  221. package/dist/mcp-surface.js +0 -30
  222. package/dist/multi-agent/graph.js +0 -84
  223. package/dist/multi-agent/helpers.js +0 -141
  224. package/dist/multi-agent/ids.js +0 -20
  225. package/dist/multi-agent/paths.js +0 -22
  226. package/dist/multi-agent-eval/normalize.js +0 -51
  227. package/dist/multi-agent-eval.js +0 -678
  228. package/dist/multi-agent-host.js +0 -777
  229. package/dist/multi-agent.js +0 -984
  230. package/dist/node-projection.js +0 -59
  231. package/dist/node-snapshot.js +0 -260
  232. package/dist/operator-ux.js +0 -631
  233. package/dist/orchestrator/app-operations.js +0 -211
  234. package/dist/orchestrator/audit-operations.js +0 -182
  235. package/dist/orchestrator/candidate-operations.js +0 -117
  236. package/dist/orchestrator/cli-options.js +0 -294
  237. package/dist/orchestrator/collaboration-operations.js +0 -86
  238. package/dist/orchestrator/feedback-operations.js +0 -81
  239. package/dist/orchestrator/host-operations.js +0 -78
  240. package/dist/orchestrator/lifecycle-operations.js +0 -650
  241. package/dist/orchestrator/migration-operations.js +0 -44
  242. package/dist/orchestrator/multi-agent-operations.js +0 -362
  243. package/dist/orchestrator/topology-operations.js +0 -84
  244. package/dist/orchestrator.js +0 -925
  245. package/dist/pipeline-runner.js +0 -285
  246. package/dist/reclamation/hash.js +0 -72
  247. package/dist/reclamation.js +0 -812
  248. package/dist/reporter.js +0 -67
  249. package/dist/run-export.js +0 -815
  250. package/dist/run-registry/derive.js +0 -175
  251. package/dist/run-registry/format.js +0 -124
  252. package/dist/run-registry/gc.js +0 -251
  253. package/dist/run-registry/policy.js +0 -16
  254. package/dist/run-registry/queue.js +0 -115
  255. package/dist/run-registry.js +0 -850
  256. package/dist/run-state-schema.js +0 -68
  257. package/dist/scheduling.js +0 -184
  258. package/dist/state-explosion.js +0 -1014
  259. package/dist/state.js +0 -367
  260. package/dist/telemetry-ledger.js +0 -196
  261. package/dist/topology.js +0 -565
  262. package/dist/triggers.js +0 -184
  263. package/dist/trust-audit.js +0 -644
  264. package/dist/types/blackboard.js +0 -2
  265. package/dist/types/candidate.js +0 -2
  266. package/dist/types/collaboration.js +0 -2
  267. package/dist/types/core.js +0 -2
  268. package/dist/types/drive.js +0 -10
  269. package/dist/types/error-feedback.js +0 -2
  270. package/dist/types/evidence-reasoning.js +0 -2
  271. package/dist/types/execution-backend.js +0 -2
  272. package/dist/types/multi-agent.js +0 -2
  273. package/dist/types/observability.js +0 -2
  274. package/dist/types/pipeline.js +0 -2
  275. package/dist/types/reclamation.js +0 -8
  276. package/dist/types/report-bundle.js +0 -6
  277. package/dist/types/result.js +0 -2
  278. package/dist/types/run-registry.js +0 -2
  279. package/dist/types/run.js +0 -2
  280. package/dist/types/sandbox.js +0 -2
  281. package/dist/types/schedule.js +0 -2
  282. package/dist/types/state-node.js +0 -2
  283. package/dist/types/topology.js +0 -2
  284. package/dist/types/trust.js +0 -2
  285. package/dist/types/workbench.js +0 -2
  286. package/dist/types/worker.js +0 -2
  287. package/dist/types/workflow-app.js +0 -2
  288. package/dist/types.js +0 -44
  289. package/dist/util/fingerprint.js +0 -19
  290. package/dist/util/fingerprint.test.js +0 -27
  291. package/dist/verifier.js +0 -78
  292. package/dist/version.js +0 -8
  293. package/dist/workbench-host.js +0 -192
  294. package/dist/workbench.js +0 -192
  295. package/dist/worker-accept/acceptance.js +0 -114
  296. package/dist/worker-accept/blackboard-fanout.js +0 -80
  297. package/dist/worker-accept/blackboard-linkage.js +0 -19
  298. package/dist/worker-accept/context.js +0 -2
  299. package/dist/worker-accept/telemetry-ledger.js +0 -126
  300. package/dist/worker-accept/validation.js +0 -77
  301. package/dist/worker-accept/verifier-completion.js +0 -73
  302. package/dist/worker-isolation/helpers.js +0 -51
  303. package/dist/worker-isolation/paths.js +0 -46
  304. package/dist/worker-isolation.js +0 -656
  305. package/dist/workflow-api.js +0 -131
  306. /package/dist/{types → core/types}/boundary.js +0 -0
@@ -0,0 +1,264 @@
1
+ "use strict";
2
+ // shell/collaboration-io.ts — the impure wrapper around
3
+ // core/multi-agent/collaboration.ts's pure record builders + review-state
4
+ // projection: recordApproval/recordComment/recordHandoff/setReviewPolicy/
5
+ // deriveReviewState/reviewGateErrors, plus the read-only reports.
6
+ //
7
+ // MILESTONE 9. Byte-exact port of the impure half of the old build's
8
+ // src/collaboration.ts: trust-audit recording + saveCheckpoint.
9
+ //
10
+ // Evidence: SPEC/multi-agent.md section F; plugins/cool-workflow/src/
11
+ // collaboration.ts (byte-exact source for the wiring sequence).
12
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
13
+ if (k2 === undefined) k2 = k;
14
+ var desc = Object.getOwnPropertyDescriptor(m, k);
15
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
16
+ desc = { enumerable: true, get: function() { return m[k]; } };
17
+ }
18
+ Object.defineProperty(o, k2, desc);
19
+ }) : (function(o, m, k, k2) {
20
+ if (k2 === undefined) k2 = k;
21
+ o[k2] = m[k];
22
+ }));
23
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
24
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
25
+ }) : function(o, v) {
26
+ o["default"] = v;
27
+ });
28
+ var __importStar = (this && this.__importStar) || (function () {
29
+ var ownKeys = function(o) {
30
+ ownKeys = Object.getOwnPropertyNames || function (o) {
31
+ var ar = [];
32
+ for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
33
+ return ar;
34
+ };
35
+ return ownKeys(o);
36
+ };
37
+ return function (mod) {
38
+ if (mod && mod.__esModule) return mod;
39
+ var result = {};
40
+ if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
41
+ __setModuleDefault(result, mod);
42
+ return result;
43
+ };
44
+ })();
45
+ Object.defineProperty(exports, "__esModule", { value: true });
46
+ exports.formatReviewStatus = void 0;
47
+ exports.ensureCollaborationState = ensureCollaborationState;
48
+ exports.recordApproval = recordApproval;
49
+ exports.recordComment = recordComment;
50
+ exports.recordHandoff = recordHandoff;
51
+ exports.setReviewPolicy = setReviewPolicy;
52
+ exports.resolveReviewPolicy = resolveReviewPolicy;
53
+ exports.selfActorIdsForCandidate = selfActorIdsForCandidate;
54
+ exports.deriveReviewState = deriveReviewState;
55
+ exports.reviewGateErrors = reviewGateErrors;
56
+ exports.commitReviewProvenance = commitReviewProvenance;
57
+ exports.buildReviewStatusReport = buildReviewStatusReport;
58
+ exports.listComments = listComments;
59
+ exports.deriveOwner = deriveOwner;
60
+ exports.formatCommentList = formatCommentList;
61
+ const trust_audit_1 = require("./trust-audit");
62
+ const run_store_1 = require("./run-store");
63
+ const collab = __importStar(require("../core/multi-agent/collaboration"));
64
+ function now() {
65
+ return new Date().toISOString();
66
+ }
67
+ function auditTargetFields(target) {
68
+ switch (target.kind) {
69
+ case "candidate":
70
+ return { candidateId: target.id };
71
+ case "selection":
72
+ return { selectionId: target.id };
73
+ case "commit":
74
+ return { commitId: target.id };
75
+ case "node":
76
+ return { nodeId: target.id };
77
+ case "task":
78
+ return { taskId: target.id };
79
+ default:
80
+ return {};
81
+ }
82
+ }
83
+ function compact(value) {
84
+ return Object.fromEntries(Object.entries(value).filter(([, entry]) => entry !== undefined));
85
+ }
86
+ function ensureCollaborationState(run) {
87
+ const existing = run.collaboration;
88
+ const state = existing || collab.emptyCollaborationState();
89
+ if (!Array.isArray(state.approvals))
90
+ state.approvals = [];
91
+ if (!Array.isArray(state.comments))
92
+ state.comments = [];
93
+ if (!Array.isArray(state.handoffs))
94
+ state.handoffs = [];
95
+ run.collaboration = state;
96
+ return state;
97
+ }
98
+ function persist(run, options) {
99
+ if (options.persist === false)
100
+ return;
101
+ (0, run_store_1.saveCheckpoint)(run);
102
+ }
103
+ function recordApproval(run, input, options = {}) {
104
+ const state = ensureCollaborationState(run);
105
+ const actor = collab.normalizeActor(input);
106
+ const target = collab.normalizeTarget(input.target);
107
+ const decision = input.decision === "reject" ? "reject" : "approve";
108
+ const audit = (0, trust_audit_1.recordTrustAuditEvent)(run, {
109
+ kind: decision === "approve" ? "collaboration.approval" : "collaboration.rejection",
110
+ decision: decision === "approve" ? "accepted" : "rejected",
111
+ source: actor.source,
112
+ actor: actor.id,
113
+ ...auditTargetFields(target),
114
+ agentRoleId: actor.roleId,
115
+ metadata: compact({ decision, rationale: input.rationale, roleId: actor.roleId, attestation: actor.attestation, targetKind: target.kind, supersedes: input.supersedes }),
116
+ });
117
+ const record = collab.buildApproval(input, state.approvals.length, run.id, now(), audit.id);
118
+ state.approvals.push(record);
119
+ persist(run, options);
120
+ return record;
121
+ }
122
+ function recordComment(run, input, options = {}) {
123
+ const state = ensureCollaborationState(run);
124
+ const actor = collab.normalizeActor(input);
125
+ const target = collab.normalizeTarget(input.target);
126
+ const threadId = input.threadId?.trim() || `${target.kind}:${target.id}`;
127
+ const audit = (0, trust_audit_1.recordTrustAuditEvent)(run, { kind: "collaboration.comment", decision: "recorded", source: actor.source, actor: actor.id, ...auditTargetFields(target), agentRoleId: actor.roleId, metadata: compact({ threadId, parentId: input.parentId, targetKind: target.kind }) });
128
+ const record = collab.buildComment(input, state.comments.length, run.id, now(), audit.id);
129
+ state.comments.push(record);
130
+ persist(run, options);
131
+ return record;
132
+ }
133
+ function recordHandoff(run, input, options = {}) {
134
+ const state = ensureCollaborationState(run);
135
+ const recorder = collab.normalizeActor(input);
136
+ const fromActor = input.fromActor ? collab.normalizeActor({ actor: input.fromActor, actorKind: input.fromActorKind, role: input.fromRole, attested: input.attested }) : recorder;
137
+ const toActor = collab.normalizeActor({ actor: input.toActor, actorKind: input.toActorKind, role: input.toRole, displayName: input.toDisplayName, attested: input.toAttested });
138
+ const target = collab.normalizeTarget(input.target);
139
+ const reason = input.reason?.trim() || "handoff";
140
+ const audit = (0, trust_audit_1.recordTrustAuditEvent)(run, { kind: "collaboration.handoff", decision: "recorded", source: recorder.source, actor: recorder.id, ...auditTargetFields(target), metadata: compact({ from: fromActor.id, to: toActor.id, reason, targetKind: target.kind }) });
141
+ const record = collab.buildHandoff(input, state.handoffs.length, run.id, now(), audit.id);
142
+ state.handoffs.push(record);
143
+ persist(run, options);
144
+ return record;
145
+ }
146
+ /** First defined value among a set of option-name aliases (old wrapper's
147
+ * `firstDefined`) — lets a caller pass any of `requiredApprovals`/`required`,
148
+ * `authorizedRoles`/`roles`, `allowSelfApproval`/`allow-self-approval`, etc. */
149
+ function firstDefined(source, ...keys) {
150
+ for (const key of keys) {
151
+ if (source[key] !== undefined)
152
+ return source[key];
153
+ }
154
+ return undefined;
155
+ }
156
+ function setReviewPolicy(run, input, options = {}) {
157
+ const state = ensureCollaborationState(run);
158
+ // Resolve the old wrapper's option-name aliases before building the policy,
159
+ // so `required`/`roles`/`allow-self-approval`/... reach buildReviewPolicy on
160
+ // the canonical keys. Values are Boolean/number-coerced inside
161
+ // buildReviewPolicy; undefined aliases fall through to existing/defaults.
162
+ const raw = input;
163
+ const resolved = {
164
+ requiredApprovals: firstDefined(raw, "requiredApprovals", "required-approvals", "required", "approvals"),
165
+ authorizedRoles: firstDefined(raw, "authorizedRoles", "authorized-roles", "roles"),
166
+ allowSelfApproval: firstDefined(raw, "allowSelfApproval", "allow-self-approval"),
167
+ requireAttestedActor: firstDefined(raw, "requireAttestedActor", "require-attested-actor"),
168
+ appliesTo: firstDefined(raw, "appliesTo", "applies-to", "targets"),
169
+ };
170
+ const policy = collab.buildReviewPolicy(resolved, state.policy, now());
171
+ state.policy = policy;
172
+ (0, trust_audit_1.recordTrustAuditEvent)(run, { kind: "collaboration.review-policy", decision: "recorded", source: "operator-recorded", metadata: compact({ policyId: policy.id, requiredApprovals: policy.requiredApprovals, authorizedRoles: policy.authorizedRoles, allowSelfApproval: policy.allowSelfApproval, requireAttestedActor: policy.requireAttestedActor, appliesTo: policy.appliesTo }) });
173
+ persist(run, options);
174
+ return { ...policy, surface: "collaboration", runId: run.id, policy };
175
+ }
176
+ function resolveReviewPolicy(run, policy) {
177
+ return policy || ensureCollaborationState(run).policy || undefined;
178
+ }
179
+ function relatedTargetsFor(run, target) {
180
+ if (target.kind !== "commit")
181
+ return [target];
182
+ const commit = (run.commits || []).find((entry) => entry.id === target.id);
183
+ const related = [target];
184
+ if (commit?.selectionId)
185
+ related.push({ kind: "selection", id: commit.selectionId });
186
+ if (commit?.candidateId)
187
+ related.push({ kind: "candidate", id: commit.candidateId });
188
+ return related;
189
+ }
190
+ function candidateWorkerId(run, candidateId) {
191
+ const candidate = candidateId ? (run.candidates || []).find((entry) => entry.id === candidateId) : undefined;
192
+ return candidate?.workerId;
193
+ }
194
+ function selectedByForCandidate(run, candidateId, selectionId) {
195
+ const selections = (run.candidateSelections || []).filter((selection) => (selectionId && selection.id === selectionId) || (candidateId && selection.candidateId === candidateId));
196
+ return selections.map((selection) => selection.selectedBy).filter((id) => Boolean(id));
197
+ }
198
+ function selfActorIdsForCandidate(run, candidateId, selectionId) {
199
+ return collab.selfActorIdsForCandidate(candidateWorkerId(run, candidateId), selectedByForCandidate(run, candidateId, selectionId));
200
+ }
201
+ function selfActorIdsForTarget(run, target) {
202
+ if (target.kind === "candidate")
203
+ return selfActorIdsForCandidate(run, target.id);
204
+ if (target.kind === "selection") {
205
+ const selection = (run.candidateSelections || []).find((entry) => entry.id === target.id);
206
+ return selfActorIdsForCandidate(run, selection?.candidateId, target.id);
207
+ }
208
+ if (target.kind === "commit") {
209
+ const commit = (run.commits || []).find((entry) => entry.id === target.id);
210
+ return selfActorIdsForCandidate(run, commit?.candidateId, commit?.selectionId);
211
+ }
212
+ return [];
213
+ }
214
+ function deriveReviewState(run, target, options = {}) {
215
+ const state = ensureCollaborationState(run);
216
+ const policy = resolveReviewPolicy(run, options.policy);
217
+ return collab.deriveReviewState(run.id, state.approvals, target, { ...options, policy });
218
+ }
219
+ function reviewGateErrors(run, input) {
220
+ const state = ensureCollaborationState(run);
221
+ const policy = resolveReviewPolicy(run, input.policy);
222
+ return collab.reviewGateErrors(run.id, state.approvals, { ...input, policy }, now());
223
+ }
224
+ function commitReviewProvenance(run, input) {
225
+ const state = ensureCollaborationState(run);
226
+ const policy = resolveReviewPolicy(run, input.policy);
227
+ return collab.commitReviewProvenance(run.id, state.approvals, { ...input, policy });
228
+ }
229
+ function buildReviewStatusReport(run, options) {
230
+ const state = ensureCollaborationState(run);
231
+ const targets = options.target ? [collab.normalizeTarget(options.target)] : collab.distinctTargets(state);
232
+ const reviewStates = targets.map((target) => deriveReviewState(run, target, { policy: state.policy, relatedTargets: relatedTargetsFor(run, target), selfActorIds: selfActorIdsForTarget(run, target) }));
233
+ const owner = collab.deriveOwner(state.handoffs);
234
+ const timeline = collab.buildTimeline(state);
235
+ return {
236
+ schemaVersion: 1,
237
+ surface: "collaboration",
238
+ runId: run.id,
239
+ generatedAt: options.now,
240
+ policy: state.policy,
241
+ owner,
242
+ targets: reviewStates,
243
+ counts: { approvals: state.approvals.filter((record) => record.decision === "approve").length, rejections: state.approvals.filter((record) => record.decision === "reject").length, comments: state.comments.length, handoffs: state.handoffs.length },
244
+ timeline,
245
+ nextActions: collab.buildNextActions(run.id, reviewStates, state.policy),
246
+ };
247
+ }
248
+ function listComments(run, target) {
249
+ const normalized = target ? collab.normalizeTarget(target) : undefined;
250
+ const comments = collab.listComments(ensureCollaborationState(run), normalized);
251
+ return { schemaVersion: 1, surface: "collaboration", runId: run.id, ...(normalized ? { target: normalized } : {}), count: comments.length, comments };
252
+ }
253
+ function deriveOwner(run) {
254
+ return collab.deriveOwner(ensureCollaborationState(run).handoffs);
255
+ }
256
+ exports.formatReviewStatus = collab.formatReviewStatus;
257
+ /** Format the comment list for humans. Accepts either the bare record array
258
+ * (the core formatter's shape) or the `CommentListReport` envelope this
259
+ * module now returns, so a caller that passes `listComments(run)` straight
260
+ * through still renders the comments (never the envelope's own keys). */
261
+ function formatCommentList(input) {
262
+ const comments = Array.isArray(input) ? input : input.comments;
263
+ return collab.formatCommentList(comments);
264
+ }
@@ -0,0 +1,104 @@
1
+ "use strict";
2
+ // shell/commit-summary.ts — `cw commit summary` / `cw_commit_summary`.
3
+ //
4
+ // GAP #26 port: v2 dropped the CLI binding + shell body for commit.summary,
5
+ // keeping only the MCP tool row. This restores the old build's
6
+ // `summarizeOperatorCommits` (src/operator-ux.ts:339-349) + `formatCommitRow`
7
+ // (src/operator-ux.ts:683-696) byte-for-byte, plus the `commitSummaryCli`
8
+ // thin adapter both front doors call (mirrors feedbackSummaryCli /
9
+ // candidateSummaryCli shape). Impure: reads run state from disk.
10
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
11
+ if (k2 === undefined) k2 = k;
12
+ var desc = Object.getOwnPropertyDescriptor(m, k);
13
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
14
+ desc = { enumerable: true, get: function() { return m[k]; } };
15
+ }
16
+ Object.defineProperty(o, k2, desc);
17
+ }) : (function(o, m, k, k2) {
18
+ if (k2 === undefined) k2 = k;
19
+ o[k2] = m[k];
20
+ }));
21
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
22
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
23
+ }) : function(o, v) {
24
+ o["default"] = v;
25
+ });
26
+ var __importStar = (this && this.__importStar) || (function () {
27
+ var ownKeys = function(o) {
28
+ ownKeys = Object.getOwnPropertyNames || function (o) {
29
+ var ar = [];
30
+ for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
31
+ return ar;
32
+ };
33
+ return ownKeys(o);
34
+ };
35
+ return function (mod) {
36
+ if (mod && mod.__esModule) return mod;
37
+ var result = {};
38
+ if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
39
+ __setModuleDefault(result, mod);
40
+ return result;
41
+ };
42
+ })();
43
+ Object.defineProperty(exports, "__esModule", { value: true });
44
+ exports.summarizeOperatorCommits = summarizeOperatorCommits;
45
+ exports.commitSummaryCli = commitSummaryCli;
46
+ exports.formatCommitSummaryText = formatCommitSummaryText;
47
+ const path = __importStar(require("node:path"));
48
+ const run_store_1 = require("./run-store");
49
+ function formatCommitRow(commit) {
50
+ return {
51
+ id: commit.id,
52
+ kind: commit.verifierGated ? "verifier-gated" : "checkpoint",
53
+ reason: commit.reason,
54
+ createdAt: commit.createdAt,
55
+ snapshotPath: commit.snapshotPath,
56
+ stateNodeId: commit.stateNodeId,
57
+ verifierNodeId: commit.verifierNodeId,
58
+ candidateId: commit.candidateId,
59
+ selectionId: commit.selectionId,
60
+ evidenceCount: commit.evidence?.length || 0,
61
+ };
62
+ }
63
+ /** Byte-exact port of the old build's `summarizeOperatorCommits`
64
+ * (src/operator-ux.ts:339-349). */
65
+ function summarizeOperatorCommits(run) {
66
+ const commits = [...(run.commits || [])].sort((left, right) => left.createdAt.localeCompare(right.createdAt) || left.id.localeCompare(right.id));
67
+ const rows = commits.map(formatCommitRow);
68
+ return {
69
+ total: rows.length,
70
+ verifierGated: rows.filter((commit) => commit.kind === "verifier-gated").length,
71
+ checkpoints: rows.filter((commit) => commit.kind === "checkpoint").length,
72
+ latest: rows.at(-1),
73
+ commits: rows,
74
+ };
75
+ }
76
+ function req(value, label) {
77
+ const s = value === undefined || value === null ? "" : String(value);
78
+ if (!s)
79
+ throw new Error(`Missing ${label}`);
80
+ return s;
81
+ }
82
+ function cwdFor(args) {
83
+ return typeof args.cwd === "string" && args.cwd.trim() ? path.resolve(args.cwd) : process.cwd();
84
+ }
85
+ /** Thin adapter both front doors call (mirrors the old build's orchestrator
86
+ * `summarizeCommitRecords(runId)` = `summarizeOperatorCommits(loadRun(runId))`). */
87
+ function commitSummaryCli(args) {
88
+ const run = (0, run_store_1.loadRunFromCwd)(req(args.runId, "run id"), cwdFor(args));
89
+ return summarizeOperatorCommits(run);
90
+ }
91
+ /** `cw commit summary <run>` human text — port of the old build's
92
+ * formatCommitPanel (operator-ux/format.ts): a `Commits` rollup with the
93
+ * verifier-gated / checkpoint counts and the latest commit. */
94
+ function formatCommitSummaryText(summary) {
95
+ const lines = [
96
+ "Commits",
97
+ ` total=${summary.total}; verifier-gated=${summary.verifierGated}; checkpoints=${summary.checkpoints}`,
98
+ ` latest=${summary.latest ? `${summary.latest.id} (${summary.latest.kind}) ${summary.latest.snapshotPath}` : "none"}`,
99
+ ];
100
+ for (const commit of summary.commits.slice(-8)) {
101
+ lines.push(` ${commit.id}: ${commit.kind}, reason=${commit.reason}`);
102
+ }
103
+ return lines.join("\n");
104
+ }
@@ -0,0 +1,290 @@
1
+ "use strict";
2
+ // shell/commit.ts — commitState: the imperative wrapper around
3
+ // core/pipeline/commit-gate.ts's pure gate resolution.
4
+ //
5
+ // MILESTONE 6+7 (combined). Byte-exact port of the old build's
6
+ // src/commit.ts's IO half (snapshot write, git-head read, the commit
7
+ // node's disk write via the pipeline runner).
8
+ //
9
+ // Evidence: SPEC/pipeline-run.md "Commit gate — src/commit.ts".
10
+ var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
11
+ if (k2 === undefined) k2 = k;
12
+ var desc = Object.getOwnPropertyDescriptor(m, k);
13
+ if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
14
+ desc = { enumerable: true, get: function() { return m[k]; } };
15
+ }
16
+ Object.defineProperty(o, k2, desc);
17
+ }) : (function(o, m, k, k2) {
18
+ if (k2 === undefined) k2 = k;
19
+ o[k2] = m[k];
20
+ }));
21
+ var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
22
+ Object.defineProperty(o, "default", { enumerable: true, value: v });
23
+ }) : function(o, v) {
24
+ o["default"] = v;
25
+ });
26
+ var __importStar = (this && this.__importStar) || (function () {
27
+ var ownKeys = function(o) {
28
+ ownKeys = Object.getOwnPropertyNames || function (o) {
29
+ var ar = [];
30
+ for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
31
+ return ar;
32
+ };
33
+ return ownKeys(o);
34
+ };
35
+ return function (mod) {
36
+ if (mod && mod.__esModule) return mod;
37
+ var result = {};
38
+ if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
39
+ __setModuleDefault(result, mod);
40
+ return result;
41
+ };
42
+ })();
43
+ Object.defineProperty(exports, "__esModule", { value: true });
44
+ exports.CommitGateError = void 0;
45
+ exports.commitState = commitState;
46
+ const fs = __importStar(require("node:fs"));
47
+ const path = __importStar(require("node:path"));
48
+ const node_child_process_1 = require("node:child_process");
49
+ const fs_atomic_1 = require("./fs-atomic");
50
+ const commit_gate_1 = require("../core/pipeline/commit-gate");
51
+ const contract_1 = require("../core/pipeline/contract");
52
+ const runner_1 = require("../core/pipeline/runner");
53
+ const node_store_1 = require("./node-store");
54
+ const state_node_1 = require("../core/state/state-node");
55
+ const trust_audit_1 = require("./trust-audit");
56
+ const evidence_grounding_1 = require("../core/trust/evidence-grounding");
57
+ const collaboration_io_1 = require("./collaboration-io");
58
+ const error_feedback_io_1 = require("./error-feedback-io");
59
+ class CommitGateError extends Error {
60
+ structured;
61
+ feedbackId;
62
+ stateNodeId;
63
+ constructor(error, options = {}) {
64
+ super(error.message);
65
+ this.name = "CommitGateError";
66
+ this.structured = error;
67
+ this.feedbackId = options.feedbackId;
68
+ this.stateNodeId = options.stateNodeId;
69
+ }
70
+ }
71
+ exports.CommitGateError = CommitGateError;
72
+ function normalizeCommitOptions(input) {
73
+ if (typeof input === "string")
74
+ return { reason: input || "manual", source: "runtime" };
75
+ // Fold facade-style bare nouns (verifier/candidate/selection) into the *Id
76
+ // fields so a host/MCP-shaped payload gates the same as a CLI-shaped one. When
77
+ // any gate option is supplied, the commit is verifier-gated by construction —
78
+ // mirrors commitRun()'s hasGateOption, so calling commitState directly with
79
+ // { selection } gates exactly as `cw commit --selection` does.
80
+ const verifierNodeId = input.verifierNodeId || input.verifier || input.verifierNode;
81
+ const candidateId = input.candidateId || input.candidate;
82
+ const selectionId = input.selectionId || input.selection;
83
+ const hasGateOption = Boolean(verifierNodeId || candidateId || selectionId);
84
+ return {
85
+ ...input,
86
+ reason: input.reason || "manual",
87
+ source: input.source || "runtime",
88
+ verifierNodeId,
89
+ candidateId,
90
+ selectionId,
91
+ verifierGated: input.verifierGated || (hasGateOption && !input.allowUnverifiedCheckpoint),
92
+ };
93
+ }
94
+ function readGitHead(cwd) {
95
+ try {
96
+ return (0, node_child_process_1.execFileSync)("git", ["rev-parse", "HEAD"], { cwd, encoding: "utf8", stdio: ["ignore", "pipe", "ignore"], timeout: 5000 }).trim();
97
+ }
98
+ catch {
99
+ return undefined;
100
+ }
101
+ }
102
+ function findNode(run, nodeId) {
103
+ return (run.nodes || []).find((n) => n.id === nodeId);
104
+ }
105
+ function backingResultFor(run, verifierNodeId) {
106
+ if (!verifierNodeId)
107
+ return { result: undefined, requiresEvidence: undefined };
108
+ const marker = ":verifier:";
109
+ const idx = verifierNodeId.indexOf(marker);
110
+ const taskId = idx >= 0 ? verifierNodeId.slice(idx + marker.length) : undefined;
111
+ const task = taskId ? run.tasks.find((t) => t.id === taskId) : undefined;
112
+ if (!task)
113
+ return { result: undefined, requiresEvidence: undefined };
114
+ return { result: task.result, requiresEvidence: Boolean(task.requiresEvidence) };
115
+ }
116
+ /** commitState(run, input) — resolves the gate, writes the failure node +
117
+ * throws on any error; on success writes the snapshot + commit node and
118
+ * pushes the commit. */
119
+ function commitState(run, input) {
120
+ const options = normalizeCommitOptions(input);
121
+ const now = new Date().toISOString();
122
+ const { result: backingResult, requiresEvidence } = backingResultFor(run, options.verifierNodeId || (options.reason.startsWith("result:") ? run.tasks.find((t) => t.id === options.reason.slice(7))?.verifierNodeId : undefined));
123
+ const gate = (0, commit_gate_1.resolveCommitGate)(run, options, {
124
+ now,
125
+ backingResult,
126
+ taskRequiresEvidence: requiresEvidence,
127
+ unresolvedFileEvidence: (0, evidence_grounding_1.requireResolvableEvidence)()
128
+ ? (evidence) => (0, evidence_grounding_1.unresolvedFileEvidence)(evidence, Array.from(new Set([run.cwd, process.cwd(), run.paths.runDir])), { exists: fs.existsSync, isAbsolute: path.isAbsolute, resolve: (base, rel) => path.resolve(base, rel) })
129
+ : undefined,
130
+ });
131
+ // Stack the review gate ON TOP of the verifier gate. An applicable review
132
+ // policy can only ADD required-approval constraints from authorized roles; it
133
+ // never relaxes verifier acceptance. Fail closed: a verifier-passing but
134
+ // un-approved commit is BLOCKED here. Provenance (who approved the shipped
135
+ // commit) is stamped only when NO errors remain. The old build wired this
136
+ // inside resolveVerifierGate; v2's resolver is pure, so it layers in the
137
+ // shell where the run's approval state lives.
138
+ let reviewProvenance;
139
+ if (gate.verifierGated) {
140
+ const reviewInput = {
141
+ targetKind: "commit",
142
+ candidateId: gate.candidateId,
143
+ selectionId: gate.selectionId,
144
+ selfActorIds: (0, collaboration_io_1.selfActorIdsForCandidate)(run, gate.candidateId, gate.selectionId),
145
+ };
146
+ const reviewErrors = (0, collaboration_io_1.reviewGateErrors)(run, reviewInput);
147
+ if (reviewErrors.length)
148
+ gate.errors.push(...reviewErrors);
149
+ else
150
+ reviewProvenance = (0, collaboration_io_1.commitReviewProvenance)(run, reviewInput);
151
+ }
152
+ if (gate.errors.length) {
153
+ throw recordCommitGateFailure(run, options, gate);
154
+ }
155
+ fs.mkdirSync(run.paths.commitsDir, { recursive: true });
156
+ const id = (0, commit_gate_1.formatCommitId)((run.commits || []).length + 1);
157
+ const snapshotPath = path.join(run.paths.commitsDir, `${id}.json`);
158
+ const rationale = gate.acceptanceRationale;
159
+ const audit = gate.verifierGated
160
+ ? (0, trust_audit_1.recordTrustAuditEvent)(run, { kind: "commit.gate", decision: "accepted", source: "cw-validated", workerId: rationale?.workerId, nodeId: gate.verifierNodeId, candidateId: gate.candidateId, selectionId: gate.selectionId, commitId: id, sandboxProfileId: rationale?.sandboxProfileId, evidence: gate.evidence, metadata: rationale })
161
+ : undefined;
162
+ const evidence = (0, trust_audit_1.normalizeEvidence)(run, gate.evidence, { source: gate.verifierGated ? "cw-validated" : "runtime-derived", workerId: rationale?.workerId, verifierNodeId: gate.verifierNodeId, candidateId: gate.candidateId, selectionId: gate.selectionId, commitId: id, auditEventIds: audit ? [audit.id] : [] });
163
+ const commit = {
164
+ id,
165
+ createdAt: now,
166
+ reason: options.reason,
167
+ loopStage: run.loopStage,
168
+ statePath: run.paths.state,
169
+ reportPath: run.paths.report,
170
+ snapshotPath,
171
+ gitHead: readGitHead(run.cwd),
172
+ verifierGated: gate.verifierGated,
173
+ checkpoint: !gate.verifierGated,
174
+ verifierNodeId: gate.verifierNodeId,
175
+ candidateId: gate.candidateId,
176
+ selectionId: gate.selectionId,
177
+ evidence,
178
+ // Acceptance rationale rides on the commit so `report`/`metrics`/audit can
179
+ // explain WHY it was accepted. commitGateResult reflects whether the gate
180
+ // ran (passed) or this was an unverified checkpoint; audit event id is
181
+ // threaded so the rationale points back at its own audit record.
182
+ ...(rationale
183
+ ? {
184
+ acceptanceRationale: {
185
+ ...rationale,
186
+ commitGateResult: gate.verifierGated ? "passed" : "checkpoint",
187
+ auditEventIds: audit ? [...(rationale.auditEventIds || []), audit.id] : rationale.auditEventIds,
188
+ },
189
+ }
190
+ : {}),
191
+ metadata: { ...(options.metadata || {}), ...gate.metadata },
192
+ ...(reviewProvenance ? { review: reviewProvenance } : {}),
193
+ };
194
+ const commitNodeId = recordCommitNode(run, commit, options, gate);
195
+ if (commitNodeId)
196
+ commit.stateNodeId = commitNodeId;
197
+ // A verifier-gated commit is the run's checkpoint — advance the run-level loop
198
+ // stage. Guard on verifierGated so the initial plan/unverified checkpoint does
199
+ // NOT prematurely move the run off "interpret".
200
+ if (gate.verifierGated)
201
+ run.loopStage = "checkpoint";
202
+ (0, fs_atomic_1.writeJson)(snapshotPath, { commit, run });
203
+ run.commits.push(commit);
204
+ return commit;
205
+ }
206
+ function recordCommitNode(run, commit, options, gate) {
207
+ const verifierNode = gate.verifierNodeId ? findNode(run, gate.verifierNodeId) : undefined;
208
+ if (commit.verifierGated && verifierNode) {
209
+ const commitResult = (0, runner_1.runPipelineStage)(run, "commit", verifierNode.id, {
210
+ outputNodeId: `${run.id}:commit:${commit.id}`,
211
+ outputStatus: "committed",
212
+ loopStage: "checkpoint",
213
+ outputs: { snapshotPath: commit.snapshotPath, gitHead: commit.gitHead, verifierGated: true, verifierNodeId: verifierNode.id, candidateId: gate.candidateId, selectionId: gate.selectionId },
214
+ artifacts: [{ id: "snapshot", kind: "json", path: commit.snapshotPath }],
215
+ evidence: commit.evidence || verifierNode.evidence,
216
+ metadata: { ...(options.metadata || {}), reason: options.reason, commitId: commit.id, verifierGated: true, checkpoint: false, verifierNodeId: verifierNode.id, candidateId: gate.candidateId, selectionId: gate.selectionId, selectionNodeId: gate.selectionNodeId },
217
+ }, { persist: false, persistNode: node_store_1.writeRunNode });
218
+ if (gate.selectionNodeId && commitResult.outputNodeId)
219
+ linkAdditionalParent(run, gate.selectionNodeId, commitResult.outputNodeId);
220
+ return commitResult.outputNodeId;
221
+ }
222
+ const checkpointNode = (0, state_node_1.createStateNode)({
223
+ id: `${run.id}:checkpoint:${commit.id}`,
224
+ kind: "commit",
225
+ status: "completed",
226
+ loopStage: "checkpoint",
227
+ inputs: { reason: options.reason, commitId: commit.id },
228
+ outputs: { snapshotPath: commit.snapshotPath, gitHead: commit.gitHead, verifierGated: false, checkpoint: true },
229
+ artifacts: [{ id: "snapshot", kind: "json", path: commit.snapshotPath }],
230
+ contractId: contract_1.DEFAULT_PIPELINE_CONTRACT_ID,
231
+ metadata: { ...(options.metadata || {}), verifierGated: false, checkpoint: true },
232
+ });
233
+ (0, node_store_1.appendRunNode)(run, checkpointNode);
234
+ return checkpointNode.id;
235
+ }
236
+ function recordCommitGateFailure(run, options, gate) {
237
+ const first = gate.errors[0] || { code: "commit-gate-blocked", message: "Verifier-gated commit blocked", at: new Date().toISOString(), retryable: false };
238
+ const node = (0, state_node_1.recordNodeError)((0, state_node_1.createStateNode)({
239
+ id: `${run.id}:commit-gate-failed:${(0, commit_gate_1.gateFailureSeq)(run)}`,
240
+ kind: "error",
241
+ status: "pending",
242
+ loopStage: "checkpoint",
243
+ inputs: { reason: options.reason, verifierNodeId: gate.verifierNodeId, candidateId: gate.candidateId, selectionId: gate.selectionId },
244
+ evidence: gate.evidence,
245
+ contractId: contract_1.DEFAULT_PIPELINE_CONTRACT_ID,
246
+ metadata: {
247
+ ...(options.metadata || {}),
248
+ verifierGated: true,
249
+ checkpoint: false,
250
+ failureCount: gate.errors.length,
251
+ failures: gate.errors.map((entry) => ({ code: entry.code, message: entry.message, nodeId: entry.nodeId })),
252
+ gate: gate.metadata,
253
+ },
254
+ }), first);
255
+ const persisted = (0, node_store_1.appendRunNode)(run, node);
256
+ for (const parentId of [gate.selectionNodeId, gate.verifierNodeId].filter(Boolean)) {
257
+ linkAdditionalParent(run, parentId, persisted.id);
258
+ }
259
+ // Record the block as append-only operator feedback so the codes
260
+ // (commit-verifier-not-found / missing-evidence / review-gate-missing-
261
+ // approvals / …) are not lost — the old build did this and the commit gate's
262
+ // failure must surface visibly, not silently.
263
+ const feedback = (0, error_feedback_io_1.recordFeedback)(run, {
264
+ source: options.source === "cli" ? "cli" : "verifier",
265
+ error: first,
266
+ nodeId: persisted.id,
267
+ stageId: "commit",
268
+ contractId: contract_1.DEFAULT_PIPELINE_CONTRACT_ID,
269
+ retryable: false,
270
+ evidence: gate.evidence,
271
+ artifacts: [],
272
+ metadata: {
273
+ reason: options.reason,
274
+ verifierNodeId: gate.verifierNodeId,
275
+ candidateId: gate.candidateId,
276
+ selectionId: gate.selectionId,
277
+ failures: gate.errors.map((entry) => ({ code: entry.code, message: entry.message, nodeId: entry.nodeId })),
278
+ },
279
+ });
280
+ return new CommitGateError(first, { feedbackId: feedback.id, stateNodeId: persisted.id });
281
+ }
282
+ function linkAdditionalParent(run, parentId, childId) {
283
+ const parent = findNode(run, parentId);
284
+ const child = findNode(run, childId);
285
+ if (!parent || !child)
286
+ return;
287
+ const [linkedParent, linkedChild] = (0, state_node_1.linkStateNodes)(parent, child);
288
+ (0, node_store_1.appendRunNode)(run, linkedParent);
289
+ (0, node_store_1.appendRunNode)(run, linkedChild);
290
+ }