harness-evolve 1.0.0

package/dist/hooks/post-tool-use-failure.js

@@ -0,0 +1,437 @@
+// src/hooks/post-tool-use-failure.ts
+import { unlink } from "fs/promises";
+import { join as join3 } from "path";
+
+// src/schemas/hook-input.ts
+import { z } from "zod/v4";
+var hookCommonSchema = z.object({
+  session_id: z.string(),
+  transcript_path: z.string(),
+  cwd: z.string(),
+  permission_mode: z.string()
+});
+var userPromptSubmitInputSchema = hookCommonSchema.extend({
+  hook_event_name: z.literal("UserPromptSubmit"),
+  prompt: z.string()
+});
+var preToolUseInputSchema = hookCommonSchema.extend({
+  hook_event_name: z.literal("PreToolUse"),
+  tool_name: z.string(),
+  tool_input: z.record(z.string(), z.unknown()),
+  tool_use_id: z.string()
+});
+var postToolUseInputSchema = hookCommonSchema.extend({
+  hook_event_name: z.literal("PostToolUse"),
+  tool_name: z.string(),
+  tool_input: z.record(z.string(), z.unknown()),
+  tool_response: z.unknown().optional(),
+  tool_use_id: z.string()
+});
+var postToolUseFailureInputSchema = hookCommonSchema.extend({
+  hook_event_name: z.literal("PostToolUseFailure"),
+  tool_name: z.string(),
+  tool_input: z.record(z.string(), z.unknown()),
+  tool_use_id: z.string(),
+  error: z.string().optional(),
+  is_interrupt: z.boolean().optional()
+});
+var permissionRequestInputSchema = hookCommonSchema.extend({
+  hook_event_name: z.literal("PermissionRequest"),
+  tool_name: z.string(),
+  tool_input: z.record(z.string(), z.unknown()),
+  permission_suggestions: z.array(z.unknown()).optional()
+});
+var stopInputSchema = hookCommonSchema.extend({
+  hook_event_name: z.literal("Stop"),
+  stop_hook_active: z.boolean(),
+  last_assistant_message: z.string().optional()
+});
+
+// src/storage/logger.ts
+import { appendFile } from "fs/promises";
+import { join as join2 } from "path";
+
+// src/schemas/log-entry.ts
+import { z as z2 } from "zod/v4";
+var promptEntrySchema = z2.object({
+  timestamp: z2.iso.datetime(),
+  session_id: z2.string(),
+  cwd: z2.string(),
+  prompt: z2.string(),
+  prompt_length: z2.number(),
+  transcript_path: z2.string().optional()
+});
+var toolEntrySchema = z2.object({
+  timestamp: z2.iso.datetime(),
+  session_id: z2.string(),
+  event: z2.enum(["pre", "post", "failure"]),
+  tool_name: z2.string(),
+  input_summary: z2.string().optional(),
+  duration_ms: z2.number().optional(),
+  success: z2.boolean().optional()
+});
+var permissionEntrySchema = z2.object({
+  timestamp: z2.iso.datetime(),
+  session_id: z2.string(),
+  tool_name: z2.string(),
+  decision: z2.enum(["approved", "denied", "unknown"])
+});
+var sessionEntrySchema = z2.object({
+  timestamp: z2.iso.datetime(),
+  session_id: z2.string(),
+  event: z2.enum(["start", "end"]),
+  cwd: z2.string().optional()
+});
+
+// src/scrubber/patterns.ts
+var SCRUB_PATTERNS = [
+  {
+    name: "aws_key",
+    regex: /AKIA[0-9A-Z]{16}/g,
+    replacement: "[REDACTED:aws_key]"
+  },
+  {
+    name: "aws_secret",
+    regex: /(?:aws_secret_access_key|AWS_SECRET_ACCESS_KEY)[\s=:]+[A-Za-z0-9/+=]{40}/g,
+    replacement: "[REDACTED:aws_secret]"
+  },
+  {
+    name: "github_token",
+    regex: /gh[ps]_[A-Za-z0-9_]{36,}/g,
+    replacement: "[REDACTED:github_token]"
+  },
+  {
+    name: "github_oauth",
+    regex: /gho_[A-Za-z0-9_]{36,}/g,
+    replacement: "[REDACTED:github_oauth]"
+  },
+  {
+    name: "bearer_token",
+    regex: /[Bb]earer\s+[A-Za-z0-9\-._~+/]+=*/g,
+    replacement: "[REDACTED:bearer_token]"
+  },
+  {
+    name: "jwt",
+    regex: /eyJ[A-Za-z0-9\-_]+\.eyJ[A-Za-z0-9\-_]+\.[A-Za-z0-9\-_]+/g,
+    replacement: "[REDACTED:jwt]"
+  },
+  {
+    name: "api_key",
+    regex: /(?:api[_-]?key|apikey)[\s=:]+['"]?[A-Za-z0-9\-._]{20,}['"]?/gi,
+    replacement: "[REDACTED:api_key]"
+  },
+  {
+    name: "secret",
+    regex: /(?:secret|SECRET)[\s=:]+['"]?[A-Za-z0-9\-._]{20,}['"]?/g,
+    replacement: "[REDACTED:secret]"
+  },
+  {
+    name: "private_key",
+    regex: /-----BEGIN (?:RSA |EC |OPENSSH |DSA )?PRIVATE KEY-----/g,
+    replacement: "[REDACTED:private_key]"
+  },
+  {
+    name: "password",
+    regex: /(?:password|passwd|pwd)[\s=:]+['"]?[^\s'"]{8,}['"]?/gi,
+    replacement: "[REDACTED:password]"
+  },
+  {
+    name: "slack_token",
+    regex: /xox[bpors]-[A-Za-z0-9-]{10,}/g,
+    replacement: "[REDACTED:slack_token]"
+  },
+  {
+    name: "google_api_key",
+    regex: /AIza[0-9A-Za-z\-_]{35}/g,
+    replacement: "[REDACTED:google_api_key]"
+  },
+  {
+    name: "stripe_key",
+    regex: /[sr]k_(?:test|live)_[A-Za-z0-9]{20,}/g,
+    replacement: "[REDACTED:stripe_key]"
+  },
+  {
+    name: "db_url",
+    regex: /(?:postgres|mysql|mongodb):\/\/[^\s]+:[^\s]+@[^\s]+/g,
+    replacement: "[REDACTED:db_url]"
+  }
+  // Pattern 15: High-entropy string detection is intentionally omitted.
+  // It requires Shannon entropy calculation and is deferred to when
+  // config.scrubbing.highEntropyDetection is enabled.
+];
+
+// src/scrubber/scrub.ts
+function scrubString(input, extraPatterns) {
+  let result = input;
+  const patterns = extraPatterns ? [...SCRUB_PATTERNS, ...extraPatterns] : SCRUB_PATTERNS;
+  for (const pattern of patterns) {
+    pattern.regex.lastIndex = 0;
+    result = result.replace(pattern.regex, pattern.replacement);
+  }
+  return result;
+}
+function scrubObject(obj, extraPatterns) {
+  if (typeof obj === "string") {
+    return scrubString(obj, extraPatterns);
+  }
+  if (Array.isArray(obj)) {
+    return obj.map((item) => scrubObject(item, extraPatterns));
+  }
+  if (obj !== null && typeof obj === "object") {
+    const result = {};
+    for (const [key, value] of Object.entries(obj)) {
+      result[key] = scrubObject(value, extraPatterns);
+    }
+    return result;
+  }
+  return obj;
+}
+
+// src/storage/dirs.ts
+import { mkdir } from "fs/promises";
+import { join } from "path";
+var BASE_DIR = join(process.env.HOME ?? "", ".harness-evolve");
+var paths = {
+  base: BASE_DIR,
+  logs: {
+    prompts: join(BASE_DIR, "logs", "prompts"),
+    tools: join(BASE_DIR, "logs", "tools"),
+    permissions: join(BASE_DIR, "logs", "permissions"),
+    sessions: join(BASE_DIR, "logs", "sessions")
+  },
+  analysis: join(BASE_DIR, "analysis"),
+  analysisPreProcessed: join(BASE_DIR, "analysis", "pre-processed"),
+  summary: join(BASE_DIR, "analysis", "pre-processed", "summary.json"),
+  environmentSnapshot: join(BASE_DIR, "analysis", "environment-snapshot.json"),
+  analysisResult: join(BASE_DIR, "analysis", "analysis-result.json"),
+  pending: join(BASE_DIR, "pending"),
+  config: join(BASE_DIR, "config.json"),
+  counter: join(BASE_DIR, "counter.json"),
+  recommendations: join(BASE_DIR, "recommendations.md"),
+  recommendationState: join(BASE_DIR, "analysis", "recommendation-state.json"),
+  recommendationArchive: join(BASE_DIR, "analysis", "recommendations-archive"),
+  notificationFlag: join(BASE_DIR, "analysis", "has-pending-notifications"),
+  autoApplyLog: join(BASE_DIR, "analysis", "auto-apply-log.jsonl"),
+  outcomeHistory: join(BASE_DIR, "analysis", "outcome-history.jsonl")
+};
+var initialized = false;
+async function ensureInit() {
+  if (initialized) return;
+  await mkdir(paths.logs.prompts, { recursive: true });
+  await mkdir(paths.logs.tools, { recursive: true });
+  await mkdir(paths.logs.permissions, { recursive: true });
+  await mkdir(paths.logs.sessions, { recursive: true });
+  await mkdir(paths.analysis, { recursive: true });
+  await mkdir(paths.analysisPreProcessed, { recursive: true });
+  await mkdir(paths.pending, { recursive: true });
+  await mkdir(paths.recommendationArchive, { recursive: true });
+  initialized = true;
+}
+
+// src/storage/logger.ts
+var SCHEMA_MAP = {
+  prompts: promptEntrySchema,
+  tools: toolEntrySchema,
+  permissions: permissionEntrySchema,
+  sessions: sessionEntrySchema
+};
+function getLogDir(type) {
+  return paths.logs[type];
+}
+function getLogFilePath(type, date) {
+  const dateStr = (date ?? /* @__PURE__ */ new Date()).toISOString().slice(0, 10);
+  return join2(getLogDir(type), `${dateStr}.jsonl`);
+}
+async function appendLogEntry(type, rawEntry) {
+  await ensureInit();
+  const schema = SCHEMA_MAP[type];
+  const validated = schema.parse(rawEntry);
+  const scrubbed = scrubObject(validated);
+  const line = JSON.stringify(scrubbed) + "\n";
+  const filePath = getLogFilePath(type);
+  await appendFile(filePath, line, "utf-8");
+}
+
+// src/storage/counter.ts
+import { readFile } from "fs/promises";
+import { lock } from "proper-lockfile";
+import writeFileAtomic from "write-file-atomic";
+
+// src/schemas/counter.ts
+import { z as z3 } from "zod/v4";
+var counterSchema = z3.object({
+  total: z3.number().default(0),
+  session: z3.record(z3.string(), z3.number()).default({}),
+  last_analysis: z3.iso.datetime().optional(),
+  last_updated: z3.iso.datetime()
+});
+
+// src/storage/counter.ts
+async function incrementCounter(sessionId) {
+  await ensureInit();
+  try {
+    await readFile(paths.counter, "utf-8");
+  } catch {
+    const initial = {
+      total: 0,
+      session: {},
+      last_updated: (/* @__PURE__ */ new Date()).toISOString()
+    };
+    await writeFileAtomic(paths.counter, JSON.stringify(initial, null, 2));
+  }
+  const release = await lock(paths.counter, {
+    retries: { retries: 50, minTimeout: 20, maxTimeout: 1e3, randomize: true },
+    stale: 1e4
+    // Consider lock stale after 10 seconds
+  });
+  try {
+    const raw = await readFile(paths.counter, "utf-8");
+    const data = counterSchema.parse(JSON.parse(raw));
+    data.total += 1;
+    data.session[sessionId] = (data.session[sessionId] ?? 0) + 1;
+    data.last_updated = (/* @__PURE__ */ new Date()).toISOString();
+    await writeFileAtomic(paths.counter, JSON.stringify(data, null, 2));
+    return data.total;
+  } finally {
+    await release();
+  }
+}
+
+// src/storage/config.ts
+import { readFile as readFile2 } from "fs/promises";
+import writeFileAtomic2 from "write-file-atomic";
+
+// src/schemas/config.ts
+import { z as z4 } from "zod/v4";
+var configSchema = z4.object({
+  version: z4.number().default(1),
+  analysis: z4.object({
+    threshold: z4.number().min(1).default(50),
+    enabled: z4.boolean().default(true),
+    classifierThresholds: z4.record(z4.string(), z4.number()).default({})
+  }).default({ threshold: 50, enabled: true, classifierThresholds: {} }),
+  hooks: z4.object({
+    capturePrompts: z4.boolean().default(true),
+    captureTools: z4.boolean().default(true),
+    capturePermissions: z4.boolean().default(true),
+    captureSessions: z4.boolean().default(true)
+  }).default({
+    capturePrompts: true,
+    captureTools: true,
+    capturePermissions: true,
+    captureSessions: true
+  }),
+  scrubbing: z4.object({
+    enabled: z4.boolean().default(true),
+    highEntropyDetection: z4.boolean().default(false),
+    customPatterns: z4.array(z4.object({
+      name: z4.string(),
+      regex: z4.string(),
+      replacement: z4.string()
+    })).default([])
+  }).default({
+    enabled: true,
+    highEntropyDetection: false,
+    customPatterns: []
+  }),
+  delivery: z4.object({
+    stdoutInjection: z4.boolean().default(true),
+    maxTokens: z4.number().default(200),
+    fullAuto: z4.boolean().default(false),
+    maxRecommendationsInFile: z4.number().default(20),
+    archiveAfterDays: z4.number().default(7)
+  }).default({
+    stdoutInjection: true,
+    maxTokens: 200,
+    fullAuto: false,
+    maxRecommendationsInFile: 20,
+    archiveAfterDays: 7
+  })
+}).strict();
+
+// src/storage/config.ts
+async function loadConfig() {
+  try {
+    const raw = await readFile2(paths.config, "utf-8");
+    return configSchema.parse(JSON.parse(raw));
+  } catch {
+    const defaults = configSchema.parse({});
+    await writeFileAtomic2(paths.config, JSON.stringify(defaults, null, 2));
+    return defaults;
+  }
+}
+
+// src/hooks/shared.ts
+var MAX_LEN = 200;
+function truncate(str, maxLen) {
+  return str.length > maxLen ? str.slice(0, maxLen) + "..." : str;
+}
+function readFromStream(stream) {
+  return new Promise((resolve, reject) => {
+    let data = "";
+    stream.setEncoding("utf-8");
+    stream.on("data", (chunk) => {
+      data += chunk;
+    });
+    stream.on("end", () => resolve(data));
+    stream.on("error", reject);
+  });
+}
+function readStdin() {
+  return readFromStream(process.stdin);
+}
+function summarizeToolInput(toolName, toolInput) {
+  switch (toolName) {
+    case "Bash":
+      return truncate(String(toolInput.command ?? ""), MAX_LEN);
+    case "Write":
+    case "Edit":
+    case "Read":
+      return truncate(String(toolInput.file_path ?? ""), MAX_LEN);
+    case "Glob":
+      return truncate(String(toolInput.pattern ?? ""), MAX_LEN);
+    case "Grep":
+      return truncate(String(toolInput.pattern ?? ""), MAX_LEN);
+    default: {
+      const str = JSON.stringify(toolInput);
+      return truncate(str, MAX_LEN);
+    }
+  }
+}
+
+// src/hooks/post-tool-use-failure.ts
+async function handlePostToolUseFailure(rawJson) {
+  try {
+    const config = await loadConfig();
+    if (!config.hooks.captureTools) return;
+    const input = postToolUseFailureInputSchema.parse(JSON.parse(rawJson));
+    const markerPath = join3(paths.pending, `${input.tool_use_id}.ts`);
+    try {
+      await unlink(markerPath);
+    } catch {
+    }
+    await appendLogEntry("tools", {
+      timestamp: (/* @__PURE__ */ new Date()).toISOString(),
+      session_id: input.session_id,
+      event: "failure",
+      tool_name: input.tool_name,
+      input_summary: summarizeToolInput(input.tool_name, input.tool_input),
+      success: false
+    });
+    await incrementCounter(input.session_id);
+  } catch {
+  }
+}
+async function main() {
+  try {
+    const raw = await readStdin();
+    await handlePostToolUseFailure(raw);
+  } catch {
+  }
+  process.exit(0);
+}
+main();
+export {
+  handlePostToolUseFailure
+};
+//# sourceMappingURL=post-tool-use-failure.js.map

package/dist/hooks/post-tool-use-failure.js.map

@@ -0,0 +1 @@
+{"version":3,"sources":["../../src/hooks/post-tool-use-failure.ts","../../src/schemas/hook-input.ts","../../src/storage/logger.ts","../../src/schemas/log-entry.ts","../../src/scrubber/patterns.ts","../../src/scrubber/scrub.ts","../../src/storage/dirs.ts","../../src/storage/counter.ts","../../src/schemas/counter.ts","../../src/storage/config.ts","../../src/schemas/config.ts","../../src/hooks/shared.ts"],"sourcesContent":["// PostToolUseFailure hook handler: captures tool execution failure events.\n// Cleans up any PreToolUse marker file and logs a failure entry.\n\nimport { unlink } from 'node:fs/promises';\nimport { join } from 'node:path';\nimport { postToolUseFailureInputSchema } from '../schemas/hook-input.js';\nimport { appendLogEntry } from '../storage/logger.js';\nimport { incrementCounter } from '../storage/counter.js';\nimport { loadConfig } from '../storage/config.js';\nimport { paths } from '../storage/dirs.js';\nimport { readStdin, summarizeToolInput } from './shared.js';\n\n/**\n * Core handler logic, exported for testability.\n * Validates input, cleans up marker file, logs 'failure' tool entry\n * with success=false, increments counter.\n * Swallows all errors to never block Claude Code.\n */\nexport async function handlePostToolUseFailure(rawJson: string): Promise<void> {\n  try {\n    const config = await loadConfig();\n    if (!config.hooks.captureTools) return;\n\n    const input = postToolUseFailureInputSchema.parse(JSON.parse(rawJson));\n\n    // Clean up marker file if it exists\n    const markerPath = join(paths.pending, `${input.tool_use_id}.ts`);\n    try {\n      await unlink(markerPath);\n    } catch {\n      // Marker may not exist -- that's fine\n    }\n\n    await appendLogEntry('tools', {\n      timestamp: new Date().toISOString(),\n      session_id: input.session_id,\n      event: 'failure' as const,\n      tool_name: input.tool_name,\n      input_summary: summarizeToolInput(input.tool_name, input.tool_input as Record<string, unknown>),\n      success: false,\n    });\n\n    await incrementCounter(input.session_id);\n  } catch {\n    // Never block Claude Code on capture errors\n  }\n}\n\n// Entry point when invoked by Claude Code as a command hook\nasync function main(): Promise<void> {\n  try {\n    const raw = await readStdin();\n    await handlePostToolUseFailure(raw);\n  } catch {\n    // Never block Claude Code\n  }\n  process.exit(0);\n}\n\nmain();\n","import { z } from 'zod/v4';\n\n// Common fields present in ALL Claude Code hook events\nexport const hookCommonSchema = z.object({\n  session_id: z.string(),\n  transcript_path: z.string(),\n  cwd: z.string(),\n  permission_mode: z.string(),\n});\nexport type HookCommon = z.infer<typeof hookCommonSchema>;\n\n// UserPromptSubmit: fires when user submits a prompt\nexport const userPromptSubmitInputSchema = hookCommonSchema.extend({\n  hook_event_name: z.literal('UserPromptSubmit'),\n  prompt: z.string(),\n});\nexport type UserPromptSubmitInput = z.infer<typeof userPromptSubmitInputSchema>;\n\n// PreToolUse: fires before a tool is invoked\nexport const preToolUseInputSchema = hookCommonSchema.extend({\n  hook_event_name: z.literal('PreToolUse'),\n  tool_name: z.string(),\n  tool_input: z.record(z.string(), z.unknown()),\n  tool_use_id: z.string(),\n});\nexport type PreToolUseInput = z.infer<typeof preToolUseInputSchema>;\n\n// PostToolUse: fires after a tool completes successfully\nexport const postToolUseInputSchema = hookCommonSchema.extend({\n  hook_event_name: z.literal('PostToolUse'),\n  tool_name: z.string(),\n  tool_input: z.record(z.string(), z.unknown()),\n  tool_response: z.unknown().optional(),\n  tool_use_id: z.string(),\n});\nexport type PostToolUseInput = z.infer<typeof postToolUseInputSchema>;\n\n// PostToolUseFailure: fires after a tool execution fails\nexport const postToolUseFailureInputSchema = hookCommonSchema.extend({\n  hook_event_name: z.literal('PostToolUseFailure'),\n  tool_name: z.string(),\n  tool_input: z.record(z.string(), z.unknown()),\n  tool_use_id: z.string(),\n  error: z.string().optional(),\n  is_interrupt: z.boolean().optional(),\n});\nexport type PostToolUseFailureInput = z.infer<typeof postToolUseFailureInputSchema>;\n\n// PermissionRequest: fires before user sees permission dialog\nexport const permissionRequestInputSchema = hookCommonSchema.extend({\n  hook_event_name: z.literal('PermissionRequest'),\n  tool_name: z.string(),\n  tool_input: z.record(z.string(), z.unknown()),\n  permission_suggestions: z.array(z.unknown()).optional(),\n});\nexport type PermissionRequestInput = z.infer<typeof permissionRequestInputSchema>;\n\n// Stop: fires after Claude Code completes a response\nexport const stopInputSchema = hookCommonSchema.extend({\n  hook_event_name: z.literal('Stop'),\n  stop_hook_active: z.boolean(),\n  last_assistant_message: z.string().optional(),\n});\nexport type StopInput = z.infer<typeof stopInputSchema>;\n","// JSONL logger with scrub-before-write pipeline and daily rotation.\n// Pipeline: raw data -> validate schema -> scrub strings -> append JSONL\n// Implements D-01 (scrub on write), D-03 (separate dirs), D-04 (daily rotation).\n\nimport { appendFile } from 'node:fs/promises';\nimport { join } from 'node:path';\nimport { z } from 'zod/v4';\nimport {\n  promptEntrySchema,\n  toolEntrySchema,\n  permissionEntrySchema,\n  sessionEntrySchema,\n} from '../schemas/log-entry.js';\nimport { scrubObject } from '../scrubber/scrub.js';\nimport { paths, ensureInit } from './dirs.js';\n\n// Schema map (schemas are static, safe to capture at module level)\nconst SCHEMA_MAP = {\n  prompts: promptEntrySchema,\n  tools: toolEntrySchema,\n  permissions: permissionEntrySchema,\n  sessions: sessionEntrySchema,\n} as const;\n\nexport type LogType = keyof typeof SCHEMA_MAP;\n\n// Resolve directory path at call time (not module load) to support testing\nfunction getLogDir(type: LogType): string {\n  return paths.logs[type];\n}\n\nfunction getLogFilePath(type: LogType, date?: Date): string {\n  const dateStr = (date ?? new Date()).toISOString().slice(0, 10); // YYYY-MM-DD per D-04\n  return join(getLogDir(type), `${dateStr}.jsonl`);\n}\n\n/**\n * Validate, scrub, and append a log entry as a JSONL line.\n *\n * Uses native fs.appendFile (NOT write-file-atomic) because:\n * - JSONL is append-only, not replace\n * - appendFile is atomic for writes <4KB on POSIX\n * - write-file-atomic replaces entire file (anti-pattern for appends)\n */\nexport async function appendLogEntry(type: LogType, rawEntry: unknown): Promise<void> {\n  await ensureInit();\n  const schema = SCHEMA_MAP[type];\n  const validated = (schema as z.ZodType).parse(rawEntry);\n  const scrubbed = scrubObject(validated); // D-01: scrub before write\n  const line = JSON.stringify(scrubbed) + '\\n';\n  const filePath = getLogFilePath(type);\n  await appendFile(filePath, line, 'utf-8');\n}\n","import { z } from 'zod/v4';\n\nexport const promptEntrySchema = z.object({\n  timestamp: z.iso.datetime(),\n  session_id: z.string(),\n  cwd: z.string(),\n  prompt: z.string(),\n  prompt_length: z.number(),\n  transcript_path: z.string().optional(),\n});\nexport type PromptEntry = z.infer<typeof promptEntrySchema>;\n\nexport const toolEntrySchema = z.object({\n  timestamp: z.iso.datetime(),\n  session_id: z.string(),\n  event: z.enum(['pre', 'post', 'failure']),\n  tool_name: z.string(),\n  input_summary: z.string().optional(),\n  duration_ms: z.number().optional(),\n  success: z.boolean().optional(),\n});\nexport type ToolEntry = z.infer<typeof toolEntrySchema>;\n\nexport const permissionEntrySchema = z.object({\n  timestamp: z.iso.datetime(),\n  session_id: z.string(),\n  tool_name: z.string(),\n  decision: z.enum(['approved', 'denied', 'unknown']),\n});\nexport type PermissionEntry = z.infer<typeof permissionEntrySchema>;\n\nexport const sessionEntrySchema = z.object({\n  timestamp: z.iso.datetime(),\n  session_id: z.string(),\n  event: z.enum(['start', 'end']),\n  cwd: z.string().optional(),\n});\nexport type SessionEntry = z.infer<typeof sessionEntrySchema>;\n","// Secret detection regex patterns with [REDACTED:type] markers.\n// Based on top-15 patterns from secrets-patterns-db research.\n// 14 regex patterns included; high-entropy detection (pattern 15)\n// is deferred to config.scrubbing.highEntropyDetection enablement.\n\nexport interface ScrubPattern {\n  name: string;\n  regex: RegExp;\n  replacement: string;\n}\n\nexport const SCRUB_PATTERNS: ScrubPattern[] = [\n  {\n    name: 'aws_key',\n    regex: /AKIA[0-9A-Z]{16}/g,\n    replacement: '[REDACTED:aws_key]',\n  },\n  {\n    name: 'aws_secret',\n    regex: /(?:aws_secret_access_key|AWS_SECRET_ACCESS_KEY)[\\s=:]+[A-Za-z0-9/+=]{40}/g,\n    replacement: '[REDACTED:aws_secret]',\n  },\n  {\n    name: 'github_token',\n    regex: /gh[ps]_[A-Za-z0-9_]{36,}/g,\n    replacement: '[REDACTED:github_token]',\n  },\n  {\n    name: 'github_oauth',\n    regex: /gho_[A-Za-z0-9_]{36,}/g,\n    replacement: '[REDACTED:github_oauth]',\n  },\n  {\n    name: 'bearer_token',\n    regex: /[Bb]earer\\s+[A-Za-z0-9\\-._~+/]+=*/g,\n    replacement: '[REDACTED:bearer_token]',\n  },\n  {\n    name: 'jwt',\n    regex: /eyJ[A-Za-z0-9\\-_]+\\.eyJ[A-Za-z0-9\\-_]+\\.[A-Za-z0-9\\-_]+/g,\n    replacement: '[REDACTED:jwt]',\n  },\n  {\n    name: 'api_key',\n    regex: /(?:api[_-]?key|apikey)[\\s=:]+['\"]?[A-Za-z0-9\\-._]{20,}['\"]?/gi,\n    replacement: '[REDACTED:api_key]',\n  },\n  {\n    name: 'secret',\n    regex: /(?:secret|SECRET)[\\s=:]+['\"]?[A-Za-z0-9\\-._]{20,}['\"]?/g,\n    replacement: '[REDACTED:secret]',\n  },\n  {\n    name: 'private_key',\n    regex: /-----BEGIN (?:RSA |EC |OPENSSH |DSA )?PRIVATE KEY-----/g,\n    replacement: '[REDACTED:private_key]',\n  },\n  {\n    name: 'password',\n    regex: /(?:password|passwd|pwd)[\\s=:]+['\"]?[^\\s'\"]{8,}['\"]?/gi,\n    replacement: '[REDACTED:password]',\n  },\n  {\n    name: 'slack_token',\n    regex: /xox[bpors]-[A-Za-z0-9-]{10,}/g,\n    replacement: '[REDACTED:slack_token]',\n  },\n  {\n    name: 'google_api_key',\n    regex: /AIza[0-9A-Za-z\\-_]{35}/g,\n    replacement: '[REDACTED:google_api_key]',\n  },\n  {\n    name: 'stripe_key',\n    regex: /[sr]k_(?:test|live)_[A-Za-z0-9]{20,}/g,\n    replacement: '[REDACTED:stripe_key]',\n  },\n  {\n    name: 'db_url',\n    regex: /(?:postgres|mysql|mongodb):\\/\\/[^\\s]+:[^\\s]+@[^\\s]+/g,\n    replacement: '[REDACTED:db_url]',\n  },\n  // Pattern 15: High-entropy string detection is intentionally omitted.\n  // It requires Shannon entropy calculation and is deferred to when\n  // config.scrubbing.highEntropyDetection is enabled.\n];\n","// String and object scrubbing functions.\n// Applies regex-based secret detection patterns to replace\n// sensitive values with [REDACTED:type] markers (D-01, D-02).\n\nimport { SCRUB_PATTERNS, type ScrubPattern } from './patterns.js';\n\n/**\n * Scrub secrets from a string using built-in patterns\n * plus optional extra patterns (e.g., user-defined custom patterns).\n */\nexport function scrubString(input: string, extraPatterns?: ScrubPattern[]): string {\n  let result = input;\n  const patterns = extraPatterns\n    ? [...SCRUB_PATTERNS, ...extraPatterns]\n    : SCRUB_PATTERNS;\n  for (const pattern of patterns) {\n    // Reset regex lastIndex for global patterns to ensure\n    // correct matching when regex objects are reused across calls\n    pattern.regex.lastIndex = 0;\n    result = result.replace(pattern.regex, pattern.replacement);\n  }\n  return result;\n}\n\n/**\n * Recursively scrub all string values in an object/array structure.\n * Non-string primitives (numbers, booleans, null, undefined) pass through unchanged.\n */\nexport function scrubObject<T>(obj: T, extraPatterns?: ScrubPattern[]): T {\n  if (typeof obj === 'string') {\n    return scrubString(obj, extraPatterns) as T;\n  }\n  if (Array.isArray(obj)) {\n    return obj.map(item => scrubObject(item, extraPatterns)) as T;\n  }\n  if (obj !== null && typeof obj === 'object') {\n    const result: Record<string, unknown> = {};\n    for (const [key, value] of Object.entries(obj)) {\n      result[key] = scrubObject(value, extraPatterns);\n    }\n    return result as T;\n  }\n  return obj; // numbers, booleans, null, undefined pass through\n}\n","import { mkdir } from 'node:fs/promises';\nimport { join } from 'node:path';\n\nconst BASE_DIR = join(process.env.HOME ?? '', '.harness-evolve');\n\nexport const paths = {\n  base: BASE_DIR,\n  logs: {\n    prompts: join(BASE_DIR, 'logs', 'prompts'),\n    tools: join(BASE_DIR, 'logs', 'tools'),\n    permissions: join(BASE_DIR, 'logs', 'permissions'),\n    sessions: join(BASE_DIR, 'logs', 'sessions'),\n  },\n  analysis: join(BASE_DIR, 'analysis'),\n  analysisPreProcessed: join(BASE_DIR, 'analysis', 'pre-processed'),\n  summary: join(BASE_DIR, 'analysis', 'pre-processed', 'summary.json'),\n  environmentSnapshot: join(BASE_DIR, 'analysis', 'environment-snapshot.json'),\n  analysisResult: join(BASE_DIR, 'analysis', 'analysis-result.json'),\n  pending: join(BASE_DIR, 'pending'),\n  config: join(BASE_DIR, 'config.json'),\n  counter: join(BASE_DIR, 'counter.json'),\n  recommendations: join(BASE_DIR, 'recommendations.md'),\n  recommendationState: join(BASE_DIR, 'analysis', 'recommendation-state.json'),\n  recommendationArchive: join(BASE_DIR, 'analysis', 'recommendations-archive'),\n  notificationFlag: join(BASE_DIR, 'analysis', 'has-pending-notifications'),\n  autoApplyLog: join(BASE_DIR, 'analysis', 'auto-apply-log.jsonl'),\n  outcomeHistory: join(BASE_DIR, 'analysis', 'outcome-history.jsonl'),\n} as const;\n\nlet initialized = false;\n\nexport async function ensureInit(): Promise<void> {\n  if (initialized) return;\n  await mkdir(paths.logs.prompts, { recursive: true });\n  await mkdir(paths.logs.tools, { recursive: true });\n  await mkdir(paths.logs.permissions, { recursive: true });\n  await mkdir(paths.logs.sessions, { recursive: true });\n  await mkdir(paths.analysis, { recursive: true });\n  await mkdir(paths.analysisPreProcessed, { recursive: true });\n  await mkdir(paths.pending, { recursive: true });\n  await mkdir(paths.recommendationArchive, { recursive: true });\n  initialized = true;\n}\n\n// For testing: reset the initialized flag\nexport function resetInit(): void {\n  initialized = false;\n}\n","import { readFile } from 'node:fs/promises';\nimport { lock } from 'proper-lockfile';\nimport writeFileAtomic from 'write-file-atomic';\nimport { counterSchema, type Counter } from '../schemas/counter.js';\nimport { paths, ensureInit } from './dirs.js';\n\n/**\n * Read the current counter state from disk.\n * Returns defaults (total=0, session={}) if no counter file exists.\n */\nexport async function readCounter(): Promise<Counter> {\n  await ensureInit();\n  try {\n    const raw = await readFile(paths.counter, 'utf-8');\n    return counterSchema.parse(JSON.parse(raw));\n  } catch {\n    // File doesn't exist or invalid -- return defaults\n    return {\n      total: 0,\n      session: {},\n      last_updated: new Date().toISOString(),\n    };\n  }\n}\n\n/**\n * Atomically increment the interaction counter with cross-process safety.\n *\n * Uses proper-lockfile (mkdir-based, macOS-safe) for cross-process locking\n * and write-file-atomic for crash-safe writes inside the lock.\n *\n * Pattern: ensure-file -> lock -> read -> increment -> atomic-write -> unlock\n */\nexport async function incrementCounter(sessionId: string): Promise<number> {\n  await ensureInit();\n\n  // Ensure counter file exists before locking (proper-lockfile requires existing file)\n  try {\n    await readFile(paths.counter, 'utf-8');\n  } catch {\n    const initial: Counter = {\n      total: 0,\n      session: {},\n      last_updated: new Date().toISOString(),\n    };\n    await writeFileAtomic(paths.counter, JSON.stringify(initial, null, 2));\n  }\n\n  const release = await lock(paths.counter, {\n    retries: { retries: 50, minTimeout: 20, maxTimeout: 1000, randomize: true },\n    stale: 10000, // Consider lock stale after 10 seconds\n  });\n\n  try {\n    const raw = await readFile(paths.counter, 'utf-8');\n    const data = counterSchema.parse(JSON.parse(raw));\n    data.total += 1;\n    data.session[sessionId] = (data.session[sessionId] ?? 0) + 1;\n    data.last_updated = new Date().toISOString();\n    await writeFileAtomic(paths.counter, JSON.stringify(data, null, 2));\n    return data.total;\n  } finally {\n    await release();\n  }\n}\n\n/**\n * Reset the counter to zero. Used for testing and post-analysis reset.\n */\nexport async function resetCounter(): Promise<void> {\n  await ensureInit();\n  const data: Counter = {\n    total: 0,\n    session: {},\n    last_updated: new Date().toISOString(),\n  };\n  await writeFileAtomic(paths.counter, JSON.stringify(data, null, 2));\n}\n","import { z } from 'zod/v4';\n\nexport const counterSchema = z.object({\n  total: z.number().default(0),\n  session: z.record(z.string(), z.number()).default({}),\n  last_analysis: z.iso.datetime().optional(),\n  last_updated: z.iso.datetime(),\n});\nexport type Counter = z.infer<typeof counterSchema>;\n","import { readFile } from 'node:fs/promises';\nimport writeFileAtomic from 'write-file-atomic';\nimport { configSchema, type Config } from '../schemas/config.js';\nimport { paths } from './dirs.js';\n\nexport async function loadConfig(): Promise<Config> {\n  try {\n    const raw = await readFile(paths.config, 'utf-8');\n    return configSchema.parse(JSON.parse(raw));\n  } catch {\n    // File doesn't exist, is invalid JSON, or fails strict validation\n    const defaults = configSchema.parse({});\n    await writeFileAtomic(paths.config, JSON.stringify(defaults, null, 2));\n    return defaults;\n  }\n}\n","import { z } from 'zod/v4';\n\nexport const configSchema = z.object({\n  version: z.number().default(1),\n  analysis: z.object({\n    threshold: z.number().min(1).default(50),\n    enabled: z.boolean().default(true),\n    classifierThresholds: z.record(z.string(), z.number()).default({}),\n  }).default({ threshold: 50, enabled: true, classifierThresholds: {} }),\n  hooks: z.object({\n    capturePrompts: z.boolean().default(true),\n    captureTools: z.boolean().default(true),\n    capturePermissions: z.boolean().default(true),\n    captureSessions: z.boolean().default(true),\n  }).default({\n    capturePrompts: true,\n    captureTools: true,\n    capturePermissions: true,\n    captureSessions: true,\n  }),\n  scrubbing: z.object({\n    enabled: z.boolean().default(true),\n    highEntropyDetection: z.boolean().default(false),\n    customPatterns: z.array(z.object({\n      name: z.string(),\n      regex: z.string(),\n      replacement: z.string(),\n    })).default([]),\n  }).default({\n    enabled: true,\n    highEntropyDetection: false,\n    customPatterns: [],\n  }),\n  delivery: z.object({\n    stdoutInjection: z.boolean().default(true),\n    maxTokens: z.number().default(200),\n    fullAuto: z.boolean().default(false),\n    maxRecommendationsInFile: z.number().default(20),\n    archiveAfterDays: z.number().default(7),\n  }).default({\n    stdoutInjection: true,\n    maxTokens: 200,\n    fullAuto: false,\n    maxRecommendationsInFile: 20,\n    archiveAfterDays: 7,\n  }),\n}).strict();\n\nexport type Config = z.infer<typeof configSchema>;\n","// Shared utilities for hook handlers: stdin reading and tool input summarization\n\nconst MAX_LEN = 200;\n\n/**\n * Truncate a string to maxLen characters, appending '...' if truncated.\n */\nfunction truncate(str: string, maxLen: number): string {\n  return str.length > maxLen ? str.slice(0, maxLen) + '...' : str;\n}\n\n/**\n * Read all data from a readable stream into a string buffer.\n * Used for testability -- readStdin() delegates to this with process.stdin.\n */\nexport function readFromStream(stream: NodeJS.ReadableStream): Promise<string> {\n  return new Promise((resolve, reject) => {\n    let data = '';\n    stream.setEncoding('utf-8');\n    stream.on('data', (chunk: string) => {\n      data += chunk;\n    });\n    stream.on('end', () => resolve(data));\n    stream.on('error', reject);\n  });\n}\n\n/**\n * Read all stdin data into a string buffer.\n * Claude Code pipes JSON to hook stdin; this collects all chunks before parsing.\n */\nexport function readStdin(): Promise<string> {\n  return readFromStream(process.stdin);\n}\n\n/**\n * Produce a concise summary of tool_input, capped at 200 characters.\n * Prevents Write/Edit tool inputs (with full file content) from bloating logs.\n */\nexport function summarizeToolInput(\n  toolName: string,\n  toolInput: Record<string, unknown>,\n): string {\n  switch (toolName) {\n    case 'Bash':\n      return truncate(String(toolInput.command ?? ''), MAX_LEN);\n    case 'Write':\n    case 'Edit':\n    case 'Read':\n      return truncate(String(toolInput.file_path ?? ''), MAX_LEN);\n    case 'Glob':\n      return truncate(String(toolInput.pattern ?? ''), MAX_LEN);\n    case 'Grep':\n      return truncate(String(toolInput.pattern ?? ''), MAX_LEN);\n    default: {\n      // MCP tools and others: stringify then truncate\n      const str = JSON.stringify(toolInput);\n      return truncate(str, MAX_LEN);\n    }\n  }\n}\n"],"mappings":";AAGA,SAAS,cAAc;AACvB,SAAS,QAAAA,aAAY;;;ACJrB,SAAS,SAAS;AAGX,IAAM,mBAAmB,EAAE,OAAO;AAAA,EACvC,YAAY,EAAE,OAAO;AAAA,EACrB,iBAAiB,EAAE,OAAO;AAAA,EAC1B,KAAK,EAAE,OAAO;AAAA,EACd,iBAAiB,EAAE,OAAO;AAC5B,CAAC;AAIM,IAAM,8BAA8B,iBAAiB,OAAO;AAAA,EACjE,iBAAiB,EAAE,QAAQ,kBAAkB;AAAA,EAC7C,QAAQ,EAAE,OAAO;AACnB,CAAC;AAIM,IAAM,wBAAwB,iBAAiB,OAAO;AAAA,EAC3D,iBAAiB,EAAE,QAAQ,YAAY;AAAA,EACvC,WAAW,EAAE,OAAO;AAAA,EACpB,YAAY,EAAE,OAAO,EAAE,OAAO,GAAG,EAAE,QAAQ,CAAC;AAAA,EAC5C,aAAa,EAAE,OAAO;AACxB,CAAC;AAIM,IAAM,yBAAyB,iBAAiB,OAAO;AAAA,EAC5D,iBAAiB,EAAE,QAAQ,aAAa;AAAA,EACxC,WAAW,EAAE,OAAO;AAAA,EACpB,YAAY,EAAE,OAAO,EAAE,OAAO,GAAG,EAAE,QAAQ,CAAC;AAAA,EAC5C,eAAe,EAAE,QAAQ,EAAE,SAAS;AAAA,EACpC,aAAa,EAAE,OAAO;AACxB,CAAC;AAIM,IAAM,gCAAgC,iBAAiB,OAAO;AAAA,EACnE,iBAAiB,EAAE,QAAQ,oBAAoB;AAAA,EAC/C,WAAW,EAAE,OAAO;AAAA,EACpB,YAAY,EAAE,OAAO,EAAE,OAAO,GAAG,EAAE,QAAQ,CAAC;AAAA,EAC5C,aAAa,EAAE,OAAO;AAAA,EACtB,OAAO,EAAE,OAAO,EAAE,SAAS;AAAA,EAC3B,cAAc,EAAE,QAAQ,EAAE,SAAS;AACrC,CAAC;AAIM,IAAM,+BAA+B,iBAAiB,OAAO;AAAA,EAClE,iBAAiB,EAAE,QAAQ,mBAAmB;AAAA,EAC9C,WAAW,EAAE,OAAO;AAAA,EACpB,YAAY,EAAE,OAAO,EAAE,OAAO,GAAG,EAAE,QAAQ,CAAC;AAAA,EAC5C,wBAAwB,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,SAAS;AACxD,CAAC;AAIM,IAAM,kBAAkB,iBAAiB,OAAO;AAAA,EACrD,iBAAiB,EAAE,QAAQ,MAAM;AAAA,EACjC,kBAAkB,EAAE,QAAQ;AAAA,EAC5B,wBAAwB,EAAE,OAAO,EAAE,SAAS;AAC9C,CAAC;;;AC1DD,SAAS,kBAAkB;AAC3B,SAAS,QAAAC,aAAY;;;ACLrB,SAAS,KAAAC,UAAS;AAEX,IAAM,oBAAoBA,GAAE,OAAO;AAAA,EACxC,WAAWA,GAAE,IAAI,SAAS;AAAA,EAC1B,YAAYA,GAAE,OAAO;AAAA,EACrB,KAAKA,GAAE,OAAO;AAAA,EACd,QAAQA,GAAE,OAAO;AAAA,EACjB,eAAeA,GAAE,OAAO;AAAA,EACxB,iBAAiBA,GAAE,OAAO,EAAE,SAAS;AACvC,CAAC;AAGM,IAAM,kBAAkBA,GAAE,OAAO;AAAA,EACtC,WAAWA,GAAE,IAAI,SAAS;AAAA,EAC1B,YAAYA,GAAE,OAAO;AAAA,EACrB,OAAOA,GAAE,KAAK,CAAC,OAAO,QAAQ,SAAS,CAAC;AAAA,EACxC,WAAWA,GAAE,OAAO;AAAA,EACpB,eAAeA,GAAE,OAAO,EAAE,SAAS;AAAA,EACnC,aAAaA,GAAE,OAAO,EAAE,SAAS;AAAA,EACjC,SAASA,GAAE,QAAQ,EAAE,SAAS;AAChC,CAAC;AAGM,IAAM,wBAAwBA,GAAE,OAAO;AAAA,EAC5C,WAAWA,GAAE,IAAI,SAAS;AAAA,EAC1B,YAAYA,GAAE,OAAO;AAAA,EACrB,WAAWA,GAAE,OAAO;AAAA,EACpB,UAAUA,GAAE,KAAK,CAAC,YAAY,UAAU,SAAS,CAAC;AACpD,CAAC;AAGM,IAAM,qBAAqBA,GAAE,OAAO;AAAA,EACzC,WAAWA,GAAE,IAAI,SAAS;AAAA,EAC1B,YAAYA,GAAE,OAAO;AAAA,EACrB,OAAOA,GAAE,KAAK,CAAC,SAAS,KAAK,CAAC;AAAA,EAC9B,KAAKA,GAAE,OAAO,EAAE,SAAS;AAC3B,CAAC;;;ACzBM,IAAM,iBAAiC;AAAA,EAC5C;AAAA,IACE,MAAM;AAAA,IACN,OAAO;AAAA,IACP,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,OAAO;AAAA,IACP,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,OAAO;AAAA,IACP,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,OAAO;AAAA,IACP,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,OAAO;AAAA,IACP,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,OAAO;AAAA,IACP,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,OAAO;AAAA,IACP,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,OAAO;AAAA,IACP,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,OAAO;AAAA,IACP,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,OAAO;AAAA,IACP,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,OAAO;AAAA,IACP,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,OAAO;AAAA,IACP,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,OAAO;AAAA,IACP,aAAa;AAAA,EACf;AAAA,EACA;AAAA,IACE,MAAM;AAAA,IACN,OAAO;AAAA,IACP,aAAa;AAAA,EACf;AAAA;AAAA;AAAA;AAIF;;;AC3EO,SAAS,YAAY,OAAe,eAAwC;AACjF,MAAI,SAAS;AACb,QAAM,WAAW,gBACb,CAAC,GAAG,gBAAgB,GAAG,aAAa,IACpC;AACJ,aAAW,WAAW,UAAU;AAG9B,YAAQ,MAAM,YAAY;AAC1B,aAAS,OAAO,QAAQ,QAAQ,OAAO,QAAQ,WAAW;AAAA,EAC5D;AACA,SAAO;AACT;AAMO,SAAS,YAAe,KAAQ,eAAmC;AACxE,MAAI,OAAO,QAAQ,UAAU;AAC3B,WAAO,YAAY,KAAK,aAAa;AAAA,EACvC;AACA,MAAI,MAAM,QAAQ,GAAG,GAAG;AACtB,WAAO,IAAI,IAAI,UAAQ,YAAY,MAAM,aAAa,CAAC;AAAA,EACzD;AACA,MAAI,QAAQ,QAAQ,OAAO,QAAQ,UAAU;AAC3C,UAAM,SAAkC,CAAC;AACzC,eAAW,CAAC,KAAK,KAAK,KAAK,OAAO,QAAQ,GAAG,GAAG;AAC9C,aAAO,GAAG,IAAI,YAAY,OAAO,aAAa;AAAA,IAChD;AACA,WAAO;AAAA,EACT;AACA,SAAO;AACT;;;AC3CA,SAAS,aAAa;AACtB,SAAS,YAAY;AAErB,IAAM,WAAW,KAAK,QAAQ,IAAI,QAAQ,IAAI,iBAAiB;AAExD,IAAM,QAAQ;AAAA,EACnB,MAAM;AAAA,EACN,MAAM;AAAA,IACJ,SAAS,KAAK,UAAU,QAAQ,SAAS;AAAA,IACzC,OAAO,KAAK,UAAU,QAAQ,OAAO;AAAA,IACrC,aAAa,KAAK,UAAU,QAAQ,aAAa;AAAA,IACjD,UAAU,KAAK,UAAU,QAAQ,UAAU;AAAA,EAC7C;AAAA,EACA,UAAU,KAAK,UAAU,UAAU;AAAA,EACnC,sBAAsB,KAAK,UAAU,YAAY,eAAe;AAAA,EAChE,SAAS,KAAK,UAAU,YAAY,iBAAiB,cAAc;AAAA,EACnE,qBAAqB,KAAK,UAAU,YAAY,2BAA2B;AAAA,EAC3E,gBAAgB,KAAK,UAAU,YAAY,sBAAsB;AAAA,EACjE,SAAS,KAAK,UAAU,SAAS;AAAA,EACjC,QAAQ,KAAK,UAAU,aAAa;AAAA,EACpC,SAAS,KAAK,UAAU,cAAc;AAAA,EACtC,iBAAiB,KAAK,UAAU,oBAAoB;AAAA,EACpD,qBAAqB,KAAK,UAAU,YAAY,2BAA2B;AAAA,EAC3E,uBAAuB,KAAK,UAAU,YAAY,yBAAyB;AAAA,EAC3E,kBAAkB,KAAK,UAAU,YAAY,2BAA2B;AAAA,EACxE,cAAc,KAAK,UAAU,YAAY,sBAAsB;AAAA,EAC/D,gBAAgB,KAAK,UAAU,YAAY,uBAAuB;AACpE;AAEA,IAAI,cAAc;AAElB,eAAsB,aAA4B;AAChD,MAAI,YAAa;AACjB,QAAM,MAAM,MAAM,KAAK,SAAS,EAAE,WAAW,KAAK,CAAC;AACnD,QAAM,MAAM,MAAM,KAAK,OAAO,EAAE,WAAW,KAAK,CAAC;AACjD,QAAM,MAAM,MAAM,KAAK,aAAa,EAAE,WAAW,KAAK,CAAC;AACvD,QAAM,MAAM,MAAM,KAAK,UAAU,EAAE,WAAW,KAAK,CAAC;AACpD,QAAM,MAAM,MAAM,UAAU,EAAE,WAAW,KAAK,CAAC;AAC/C,QAAM,MAAM,MAAM,sBAAsB,EAAE,WAAW,KAAK,CAAC;AAC3D,QAAM,MAAM,MAAM,SAAS,EAAE,WAAW,KAAK,CAAC;AAC9C,QAAM,MAAM,MAAM,uBAAuB,EAAE,WAAW,KAAK,CAAC;AAC5D,gBAAc;AAChB;;;AJzBA,IAAM,aAAa;AAAA,EACjB,SAAS;AAAA,EACT,OAAO;AAAA,EACP,aAAa;AAAA,EACb,UAAU;AACZ;AAKA,SAAS,UAAU,MAAuB;AACxC,SAAO,MAAM,KAAK,IAAI;AACxB;AAEA,SAAS,eAAe,MAAe,MAAqB;AAC1D,QAAM,WAAW,QAAQ,oBAAI,KAAK,GAAG,YAAY,EAAE,MAAM,GAAG,EAAE;AAC9D,SAAOC,MAAK,UAAU,IAAI,GAAG,GAAG,OAAO,QAAQ;AACjD;AAUA,eAAsB,eAAe,MAAe,UAAkC;AACpF,QAAM,WAAW;AACjB,QAAM,SAAS,WAAW,IAAI;AAC9B,QAAM,YAAa,OAAqB,MAAM,QAAQ;AACtD,QAAM,WAAW,YAAY,SAAS;AACtC,QAAM,OAAO,KAAK,UAAU,QAAQ,IAAI;AACxC,QAAM,WAAW,eAAe,IAAI;AACpC,QAAM,WAAW,UAAU,MAAM,OAAO;AAC1C;;;AKpDA,SAAS,gBAAgB;AACzB,SAAS,YAAY;AACrB,OAAO,qBAAqB;;;ACF5B,SAAS,KAAAC,UAAS;AAEX,IAAM,gBAAgBA,GAAE,OAAO;AAAA,EACpC,OAAOA,GAAE,OAAO,EAAE,QAAQ,CAAC;AAAA,EAC3B,SAASA,GAAE,OAAOA,GAAE,OAAO,GAAGA,GAAE,OAAO,CAAC,EAAE,QAAQ,CAAC,CAAC;AAAA,EACpD,eAAeA,GAAE,IAAI,SAAS,EAAE,SAAS;AAAA,EACzC,cAAcA,GAAE,IAAI,SAAS;AAC/B,CAAC;;;AD0BD,eAAsB,iBAAiB,WAAoC;AACzE,QAAM,WAAW;AAGjB,MAAI;AACF,UAAM,SAAS,MAAM,SAAS,OAAO;AAAA,EACvC,QAAQ;AACN,UAAM,UAAmB;AAAA,MACvB,OAAO;AAAA,MACP,SAAS,CAAC;AAAA,MACV,eAAc,oBAAI,KAAK,GAAE,YAAY;AAAA,IACvC;AACA,UAAM,gBAAgB,MAAM,SAAS,KAAK,UAAU,SAAS,MAAM,CAAC,CAAC;AAAA,EACvE;AAEA,QAAM,UAAU,MAAM,KAAK,MAAM,SAAS;AAAA,IACxC,SAAS,EAAE,SAAS,IAAI,YAAY,IAAI,YAAY,KAAM,WAAW,KAAK;AAAA,IAC1E,OAAO;AAAA;AAAA,EACT,CAAC;AAED,MAAI;AACF,UAAM,MAAM,MAAM,SAAS,MAAM,SAAS,OAAO;AACjD,UAAM,OAAO,cAAc,MAAM,KAAK,MAAM,GAAG,CAAC;AAChD,SAAK,SAAS;AACd,SAAK,QAAQ,SAAS,KAAK,KAAK,QAAQ,SAAS,KAAK,KAAK;AAC3D,SAAK,gBAAe,oBAAI,KAAK,GAAE,YAAY;AAC3C,UAAM,gBAAgB,MAAM,SAAS,KAAK,UAAU,MAAM,MAAM,CAAC,CAAC;AAClE,WAAO,KAAK;AAAA,EACd,UAAE;AACA,UAAM,QAAQ;AAAA,EAChB;AACF;;;AEhEA,SAAS,YAAAC,iBAAgB;AACzB,OAAOC,sBAAqB;;;ACD5B,SAAS,KAAAC,UAAS;AAEX,IAAM,eAAeA,GAAE,OAAO;AAAA,EACnC,SAASA,GAAE,OAAO,EAAE,QAAQ,CAAC;AAAA,EAC7B,UAAUA,GAAE,OAAO;AAAA,IACjB,WAAWA,GAAE,OAAO,EAAE,IAAI,CAAC,EAAE,QAAQ,EAAE;AAAA,IACvC,SAASA,GAAE,QAAQ,EAAE,QAAQ,IAAI;AAAA,IACjC,sBAAsBA,GAAE,OAAOA,GAAE,OAAO,GAAGA,GAAE,OAAO,CAAC,EAAE,QAAQ,CAAC,CAAC;AAAA,EACnE,CAAC,EAAE,QAAQ,EAAE,WAAW,IAAI,SAAS,MAAM,sBAAsB,CAAC,EAAE,CAAC;AAAA,EACrE,OAAOA,GAAE,OAAO;AAAA,IACd,gBAAgBA,GAAE,QAAQ,EAAE,QAAQ,IAAI;AAAA,IACxC,cAAcA,GAAE,QAAQ,EAAE,QAAQ,IAAI;AAAA,IACtC,oBAAoBA,GAAE,QAAQ,EAAE,QAAQ,IAAI;AAAA,IAC5C,iBAAiBA,GAAE,QAAQ,EAAE,QAAQ,IAAI;AAAA,EAC3C,CAAC,EAAE,QAAQ;AAAA,IACT,gBAAgB;AAAA,IAChB,cAAc;AAAA,IACd,oBAAoB;AAAA,IACpB,iBAAiB;AAAA,EACnB,CAAC;AAAA,EACD,WAAWA,GAAE,OAAO;AAAA,IAClB,SAASA,GAAE,QAAQ,EAAE,QAAQ,IAAI;AAAA,IACjC,sBAAsBA,GAAE,QAAQ,EAAE,QAAQ,KAAK;AAAA,IAC/C,gBAAgBA,GAAE,MAAMA,GAAE,OAAO;AAAA,MAC/B,MAAMA,GAAE,OAAO;AAAA,MACf,OAAOA,GAAE,OAAO;AAAA,MAChB,aAAaA,GAAE,OAAO;AAAA,IACxB,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;AAAA,EAChB,CAAC,EAAE,QAAQ;AAAA,IACT,SAAS;AAAA,IACT,sBAAsB;AAAA,IACtB,gBAAgB,CAAC;AAAA,EACnB,CAAC;AAAA,EACD,UAAUA,GAAE,OAAO;AAAA,IACjB,iBAAiBA,GAAE,QAAQ,EAAE,QAAQ,IAAI;AAAA,IACzC,WAAWA,GAAE,OAAO,EAAE,QAAQ,GAAG;AAAA,IACjC,UAAUA,GAAE,QAAQ,EAAE,QAAQ,KAAK;AAAA,IACnC,0BAA0BA,GAAE,OAAO,EAAE,QAAQ,EAAE;AAAA,IAC/C,kBAAkBA,GAAE,OAAO,EAAE,QAAQ,CAAC;AAAA,EACxC,CAAC,EAAE,QAAQ;AAAA,IACT,iBAAiB;AAAA,IACjB,WAAW;AAAA,IACX,UAAU;AAAA,IACV,0BAA0B;AAAA,IAC1B,kBAAkB;AAAA,EACpB,CAAC;AACH,CAAC,EAAE,OAAO;;;ADzCV,eAAsB,aAA8B;AAClD,MAAI;AACF,UAAM,MAAM,MAAMC,UAAS,MAAM,QAAQ,OAAO;AAChD,WAAO,aAAa,MAAM,KAAK,MAAM,GAAG,CAAC;AAAA,EAC3C,QAAQ;AAEN,UAAM,WAAW,aAAa,MAAM,CAAC,CAAC;AACtC,UAAMC,iBAAgB,MAAM,QAAQ,KAAK,UAAU,UAAU,MAAM,CAAC,CAAC;AACrE,WAAO;AAAA,EACT;AACF;;;AEbA,IAAM,UAAU;AAKhB,SAAS,SAAS,KAAa,QAAwB;AACrD,SAAO,IAAI,SAAS,SAAS,IAAI,MAAM,GAAG,MAAM,IAAI,QAAQ;AAC9D;AAMO,SAAS,eAAe,QAAgD;AAC7E,SAAO,IAAI,QAAQ,CAAC,SAAS,WAAW;AACtC,QAAI,OAAO;AACX,WAAO,YAAY,OAAO;AAC1B,WAAO,GAAG,QAAQ,CAAC,UAAkB;AACnC,cAAQ;AAAA,IACV,CAAC;AACD,WAAO,GAAG,OAAO,MAAM,QAAQ,IAAI,CAAC;AACpC,WAAO,GAAG,SAAS,MAAM;AAAA,EAC3B,CAAC;AACH;AAMO,SAAS,YAA6B;AAC3C,SAAO,eAAe,QAAQ,KAAK;AACrC;AAMO,SAAS,mBACd,UACA,WACQ;AACR,UAAQ,UAAU;AAAA,IAChB,KAAK;AACH,aAAO,SAAS,OAAO,UAAU,WAAW,EAAE,GAAG,OAAO;AAAA,IAC1D,KAAK;AAAA,IACL,KAAK;AAAA,IACL,KAAK;AACH,aAAO,SAAS,OAAO,UAAU,aAAa,EAAE,GAAG,OAAO;AAAA,IAC5D,KAAK;AACH,aAAO,SAAS,OAAO,UAAU,WAAW,EAAE,GAAG,OAAO;AAAA,IAC1D,KAAK;AACH,aAAO,SAAS,OAAO,UAAU,WAAW,EAAE,GAAG,OAAO;AAAA,IAC1D,SAAS;AAEP,YAAM,MAAM,KAAK,UAAU,SAAS;AACpC,aAAO,SAAS,KAAK,OAAO;AAAA,IAC9B;AAAA,EACF;AACF;;;AX1CA,eAAsB,yBAAyB,SAAgC;AAC7E,MAAI;AACF,UAAM,SAAS,MAAM,WAAW;AAChC,QAAI,CAAC,OAAO,MAAM,aAAc;AAEhC,UAAM,QAAQ,8BAA8B,MAAM,KAAK,MAAM,OAAO,CAAC;AAGrE,UAAM,aAAaC,MAAK,MAAM,SAAS,GAAG,MAAM,WAAW,KAAK;AAChE,QAAI;AACF,YAAM,OAAO,UAAU;AAAA,IACzB,QAAQ;AAAA,IAER;AAEA,UAAM,eAAe,SAAS;AAAA,MAC5B,YAAW,oBAAI,KAAK,GAAE,YAAY;AAAA,MAClC,YAAY,MAAM;AAAA,MAClB,OAAO;AAAA,MACP,WAAW,MAAM;AAAA,MACjB,eAAe,mBAAmB,MAAM,WAAW,MAAM,UAAqC;AAAA,MAC9F,SAAS;AAAA,IACX,CAAC;AAED,UAAM,iBAAiB,MAAM,UAAU;AAAA,EACzC,QAAQ;AAAA,EAER;AACF;AAGA,eAAe,OAAsB;AACnC,MAAI;AACF,UAAM,MAAM,MAAM,UAAU;AAC5B,UAAM,yBAAyB,GAAG;AAAA,EACpC,QAAQ;AAAA,EAER;AACA,UAAQ,KAAK,CAAC;AAChB;AAEA,KAAK;","names":["join","join","z","join","z","readFile","writeFileAtomic","z","readFile","writeFileAtomic","join"]}

package/dist/hooks/post-tool-use.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Core handler logic, exported for testability.
+ * Reads marker file for duration, validates input, logs 'post' tool entry
+ * with duration_ms and success=true, increments counter.
+ * Swallows all errors to never block Claude Code.
+ */
+declare function handlePostToolUse(rawJson: string): Promise<void>;
+
+export { handlePostToolUse };