dashclaw 2.1.5 → 2.2.1

package/README.md

@@ -1,4 +1,4 @@
-# DashClaw SDK (v2.1.2)
+# DashClaw SDK (v2.2.0)
 
 **Minimal governance runtime for AI agents.**
 
@@ -25,7 +25,7 @@ DashClaw v2 is designed around a single 4-step loop.
 import { DashClaw } from 'dashclaw';
 
 const claw = new DashClaw({
-  baseUrl: 'https://dashclaw.io',
+  baseUrl: process.env.DASHCLAW_BASE_URL,
   apiKey: process.env.DASHCLAW_API_KEY,
   agentId: 'my-agent'
 });
@@ -45,11 +45,12 @@ await claw.updateOutcome(action_id, { status: 'completed' });
 
 ### Python
 ```python
+import os
 from dashclaw import DashClaw
 
 claw = DashClaw(
-    base_url="https://dashclaw.io",
-    api_key="your_api_key",
+    base_url=os.environ["DASHCLAW_BASE_URL"],
+    api_key=os.environ["DASHCLAW_API_KEY"],
     agent_id="my-agent"
 )
 
@@ -69,38 +70,40 @@ claw.update_outcome(action_id, status="completed")
 
 ---
 
-## SDK Surface Area (v2.1.2)
+## SDK Surface Area (v2.1.5)
 
-The v2.1.2 SDK is optimized for stability and zero-overhead governance:
+The v2.1.5 SDK is optimized for stability and zero-overhead governance:
 
 ### Core Runtime
-- `guard(context)` — Policy evaluation ("Can I do X?")
-- `createAction(action)` — Lifecycle tracking ("I am doing X")
-- `updateOutcome(id, outcome)` — Result recording ("X finished with Y")
-- `recordAssumption(assumption)` — Integrity tracking ("I believe Z while doing X")
-- `waitForApproval(id)` — Polling helper for human-in-the-loop approvals
+- `guard(context)` -- Policy evaluation ("Can I do X?")
+- `createAction(action)` -- Lifecycle tracking ("I am doing X")
+- `updateOutcome(id, outcome)` -- Result recording ("X finished with Y")
+- `recordAssumption(assumption)` -- Integrity tracking ("I believe Z while doing X")
+- `waitForApproval(id)` -- Polling helper for human-in-the-loop approvals
+- `approveAction(id, decision, reasoning?)` -- Submit approval decisions from code
+- `getPendingApprovals()` -- List actions awaiting human review
 
 ### Decision Integrity
-- `registerOpenLoop(actionId, type, desc)` — Register unresolved dependencies.
-- `resolveOpenLoop(loopId, status, res)` — Resolve pending loops.
-- `getSignals()` — Get current risk signals across all agents.
+- `registerOpenLoop(actionId, type, desc)` -- Register unresolved dependencies.
+- `resolveOpenLoop(loopId, status, res)` -- Resolve pending loops.
+- `getSignals()` -- Get current risk signals across all agents.
 
 ### Swarm & Connectivity
-- `heartbeat(status, metadata)` — Report agent presence and health.
-- `reportConnections(connections)` — Report active provider connections.
+- `heartbeat(status, metadata)` -- Report agent presence and health.
+- `reportConnections(connections)` -- Report active provider connections.
 
 ### Learning & Optimization
-- `getLearningVelocity()` — Track agent improvement rate.
-- `getLearningCurves()` — Measure efficiency gains per action type.
-- `renderPrompt(context)` — Fetch rendered prompt templates from DashClaw.
+- `getLearningVelocity()` -- Track agent improvement rate.
+- `getLearningCurves()` -- Measure efficiency gains per action type.
+- `renderPrompt(context)` -- Fetch rendered prompt templates from DashClaw.
 
 ### Compliance & Audit
-- `createScorer(name, type, config)` — Define automated evaluations.
-- `createScoringProfile(profile)` — Weighted quality scoring.
-- `mapCompliance(framework)` — Map behavior to regulatory controls.
-- `getProofReport(format)` — Generate audit-ready evidence exports.
-- `getActivityLogs(filters)` — Query the immutable audit trail.
-- `createWebhook(url, events)` — Real-time event exfiltration.
+- `createScorer(name, type, config)` -- Define automated evaluations.
+- `createScoringProfile(profile)` -- Weighted quality scoring.
+- `mapCompliance(framework)` -- Map behavior to regulatory controls.
+- `getProofReport(format)` -- Generate audit-ready evidence exports.
+- `getActivityLogs(filters)` -- Query the immutable audit trail.
+- `createWebhook(url, events)` -- Real-time event exfiltration.
 
 ---
 
@@ -108,8 +111,38 @@ The v2.1.2 SDK is optimized for stability and zero-overhead governance:
 
 DashClaw uses standard HTTP status codes and custom error classes:
 
-- `GuardBlockedError` — Thrown when `claw.guard()` returns a `block` decision.
-- `ApprovalDeniedError` — Thrown when an operator denies an action during `waitForApproval()`.
+- `GuardBlockedError` -- Thrown when `claw.guard()` returns a `block` decision.
+- `ApprovalDeniedError` -- Thrown when an operator denies an action during `waitForApproval()`.
+
+---
+
+## CLI Approval Channel
+
+Install the DashClaw CLI to approve agent actions from the terminal:
+
+```bash
+npm install -g @dashclaw/cli
+```
+
+```bash
+dashclaw approvals              # interactive approval inbox
+dashclaw approve <actionId>     # approve a specific action
+dashclaw deny <actionId>        # deny a specific action
+```
+
+When an agent calls `waitForApproval()`, it prints the action ID and replay link to stdout. Approve from any terminal or the dashboard, and the agent unblocks instantly.
+
+## Claude Code Hooks
+
+Govern Claude Code tool calls without any SDK instrumentation. Copy two files from the `hooks/` directory in the repo into your `.claude/hooks/` folder:
+
+```bash
+# In your project directory
+cp path/to/DashClaw/hooks/dashclaw_pretool.py .claude/hooks/
+cp path/to/DashClaw/hooks/dashclaw_posttool.py .claude/hooks/
+```
+
+Then merge the hooks block from `hooks/settings.json` into your `.claude/settings.json`. Set `DASHCLAW_BASE_URL`, `DASHCLAW_API_KEY`, and optionally `DASHCLAW_HOOK_MODE=enforce`.
 
 ---
 

package/dashclaw.js

@@ -57,6 +57,10 @@ class DashClaw {
     const data = await res.json();
 
     if (!res.ok) {
+      if (res.status === 403 && data.decision && data.decision.decision === 'block') {
+        throw new GuardBlockedError(data.decision);
+      }
+
       // Prioritize reason (from governance blocks) over generic error field
       const errorMessage = data.reason || data.error || `Request failed with status ${res.status}`;
       const err = new Error(errorMessage);
@@ -101,6 +105,36 @@ class DashClaw {
     });
   }
 
+  /**
+   * GET /api/actions/:id — Fetch a single action by ID.
+   */
+  async getAction(actionId) {
+    return this._request(`/api/actions/${actionId}`, 'GET');
+  }
+
+  /**
+   * GET /api/actions?status=pending_approval — List actions awaiting approval.
+   */
+  async getPendingApprovals(limit = 20, offset = 0) {
+    return this._request('/api/actions', 'GET', null, {
+      status: 'pending_approval',
+      limit,
+      offset,
+    });
+  }
+
+  /**
+   * POST /api/actions/:id/approve — Approve or deny an action.
+   * @param {string} actionId
+   * @param {'allow'|'deny'} decision
+   * @param {string} [reasoning]
+   */
+  async approveAction(actionId, decision, reasoning) {
+    const body = { decision };
+    if (reasoning) body.reasoning = reasoning;
+    return this._request(`/api/actions/${actionId}/approve`, 'POST', body);
+  }
+
   /**
    * POST /api/assumptions — "I believe Z is true while doing X."
    */
@@ -114,9 +148,40 @@ class DashClaw {
   async waitForApproval(actionId, { timeout = 300000, interval = 5000 } = {}) {
     const startTime = Date.now();
     let wasPending = false;
+    let printedBlock = false;
 
     while (Date.now() - startTime < timeout) {
       const { action } = await this._request(`/api/actions/${actionId}`, 'GET');
+
+      // Print structured approval block on first fetch
+      if (!printedBlock) {
+        printedBlock = true;
+        try {
+          const actionType = action.action_type || 'unknown';
+          const riskScore = action.risk_score != null ? String(action.risk_score) : '-';
+          const goal = action.declared_goal || '-';
+          const agent = action.agent_id || this.agentId;
+          const replayUrl = `${this.baseUrl}/replay/${actionId}`;
+
+          const lines = [
+            '\u2554\u2550\u2550 DashClaw Approval Required \u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2557',
+            `  Action ID:   ${actionId}`,
+            `  Agent:       ${agent}`,
+            `  Action:      ${actionType}`,
+            '  Policy:      require_approval',
+            `  Risk Score:  ${riskScore}`,
+            `  Goal:        ${goal}`,
+            '',
+            `  Replay:      ${replayUrl}`,
+            '',
+            '  Waiting for approval... (Ctrl+C to abort)',
+            '\u255a\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u2550\u255d',
+          ];
+          process.stdout.write('\n' + lines.join('\n') + '\n\n');
+        } catch (_) {
+          // Rendering failure must not prevent the wait from proceeding
+        }
+      }
       
       if (action.status === 'pending_approval') {
         wasPending = true;

package/legacy/index-v1.cjs

@@ -1,14 +1,14 @@
 /**
- * DashClaw SDK: CommonJS compatibility wrapper.
- * For ESM: import { DashClaw } from 'dashclaw'
- * For CJS: const { DashClaw } = require('dashclaw')
+ * DashClaw SDK v1 (Legacy): CommonJS compatibility wrapper.
+ * For ESM: import { DashClaw } from 'dashclaw/legacy'
+ * For CJS: const { DashClaw } = require('dashclaw/legacy')
  */
 
 let _module;
 
 async function loadModule() {
   if (!_module) {
-    _module = await import('./dashclaw.js');
+    _module = await import('./dashclaw-v1.js');
   }
   return _module;
 }

package/package.json

@@ -1,49 +1,49 @@
-{
-  "name": "dashclaw",
-  "version": "2.1.5",
-  "description": "Minimal governance runtime for AI agents. Intercept, govern, and verify agent actions.",
-  "type": "module",
-  "publishConfig": {
-    "access": "public"
-  },
-  "main": "./index.cjs",
-  "module": "./dashclaw.js",
-  "exports": {
-    ".": {
-      "import": "./dashclaw.js",
-      "require": "./index.cjs"
-    },
-    "./legacy": {
-      "import": "./legacy/dashclaw-v1.js",
-      "require": "./legacy/index-v1.cjs"
-    }
-  },
-  "files": [
-    "dashclaw.js",
-    "index.cjs",
-    "LICENSE",
-    "README.md",
-    "legacy/"
-  ],
-  "keywords": [
-    "ai-agent",
-    "decision-infrastructure",
-    "agent-governance",
-    "guardrails",
-    "dashclaw"
-  ],
-  "author": "DashClaw",
-  "license": "MIT",
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/ucsandman/DashClaw.git",
-    "directory": "sdk"
-  },
-  "engines": {
-    "node": ">=18.0.0"
-  },
-  "dependencies": {},
-  "devDependencies": {},
-  "scripts": {},
-  "sideEffects": false
-}
+{
+  "name": "dashclaw",
+  "version": "2.2.1",
+  "description": "Minimal governance runtime for AI agents. Intercept, govern, and verify agent actions.",
+  "type": "module",
+  "publishConfig": {
+    "access": "public"
+  },
+  "main": "./index.cjs",
+  "module": "./dashclaw.js",
+  "exports": {
+    ".": {
+      "import": "./dashclaw.js",
+      "require": "./index.cjs"
+    },
+    "./legacy": {
+      "import": "./legacy/dashclaw-v1.js",
+      "require": "./legacy/index-v1.cjs"
+    }
+  },
+  "files": [
+    "dashclaw.js",
+    "index.cjs",
+    "LICENSE",
+    "README.md",
+    "legacy/"
+  ],
+  "keywords": [
+    "ai-agent",
+    "decision-infrastructure",
+    "agent-governance",
+    "guardrails",
+    "dashclaw"
+  ],
+  "author": "DashClaw",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/ucsandman/DashClaw.git",
+    "directory": "sdk"
+  },
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "dependencies": {},
+  "devDependencies": {},
+  "scripts": {},
+  "sideEffects": false
+}