loki-mode 6.36.2 → 6.36.4

package/SKILL.md

@@ -3,7 +3,7 @@ name: loki-mode
 description: Multi-agent autonomous startup system. Triggers on "Loki Mode". Takes PRD to deployed product with minimal human intervention. Requires --dangerously-skip-permissions flag.
 ---
 
-# Loki Mode v6.36.2
+# Loki Mode v6.36.4
 
 **You are an autonomous agent. You make decisions. You do not ask questions. You do not stop.**
 
@@ -267,4 +267,4 @@ The following features are documented in skill modules but not yet fully automat
 | Quality gates 3-reviewer system | Implemented (v5.35.0) | 5 specialist reviewers in `skills/quality-gates.md`; execution in run.sh |
 | Benchmarks (HumanEval, SWE-bench) | Infrastructure only | Runner scripts and datasets exist in `benchmarks/`; no published results |
 
-**v6.36.2 | [Autonomi](https://www.autonomi.dev/) flagship product | ~260 lines core**
+**v6.36.4 | [Autonomi](https://www.autonomi.dev/) flagship product | ~260 lines core**

package/VERSION

@@ -1 +1 @@
-6.36.2
+6.36.4

package/autonomy/loki

@@ -219,7 +219,7 @@ require_jq() {
         echo "  brew install jq    (macOS)"
         echo "  apt install jq     (Debian/Ubuntu)"
         echo "  yum install jq     (RHEL/CentOS)"
-        exit 1
+        return 1
     fi
 }
 
@@ -551,6 +551,10 @@ cmd_start() {
                 ;;
             --provider)
                 if [[ -n "${2:-}" ]]; then
+                    if [[ "$2" == --* ]]; then
+                        echo -e "${RED}Missing value for --provider flag${NC}"
+                        exit 1
+                    fi
                     provider="$2"
                     args+=("--provider" "$provider")
                     shift 2
@@ -1450,7 +1454,7 @@ cmd_status() {
         esac
     done
 
-    require_jq
+    require_jq || return 1
 
     if [ ! -d "$LOKI_DIR" ]; then
         echo -e "${BOLD}Loki Mode Status${NC}"
@@ -3451,7 +3455,7 @@ cmd_issue_parse() {
 
 # View parsed GitHub issue details
 cmd_issue_view() {
-    require_jq
+    require_jq || return 1
 
     local issue_ref="${1:-}"
 
@@ -3566,7 +3570,7 @@ cmd_issue_view() {
 #===============================================================================
 
 cmd_run() {
-    require_jq
+    require_jq || return 1
 
     local issue_ref=""
     local dry_run=false
@@ -3731,6 +3735,22 @@ cmd_run() {
         esac
     done
 
+    # Validate git prerequisites for --ship and --pr flags
+    if $create_pr || $auto_merge; then
+        if ! command -v git &>/dev/null; then
+            echo -e "${RED}Error: --pr/--ship requires git but it is not installed.${NC}"
+            return 1
+        fi
+        if ! git rev-parse --git-dir &>/dev/null 2>&1; then
+            echo -e "${RED}Error: --pr/--ship requires a git repository but the current directory is not one.${NC}"
+            return 1
+        fi
+        if [[ -z "$(git remote 2>/dev/null)" ]]; then
+            echo -e "${RED}Error: --pr/--ship requires a git remote but none is configured.${NC}"
+            return 1
+        fi
+    fi
+
     # Add --parallel once if worktree mode is enabled (not per-flag)
     if $use_worktree; then
         start_args+=("--parallel")
@@ -3994,7 +4014,7 @@ cmd_issue() {
     echo -e "${YELLOW}  'loki run' supports GitHub, GitLab, Jira, and Azure DevOps issues.${NC}" >&2
     echo "" >&2
 
-    require_jq
+    require_jq || return 1
 
     local issue_ref=""
     local repo=""
@@ -6595,6 +6615,19 @@ QPRDEOF
 
 # Project scaffolding (v6.28.0)
 cmd_init() {
+    # Guard: check if .loki/ already exists to avoid overwriting active session
+    if [[ -d ".loki" ]]; then
+        if [[ -f ".loki/loki.pid" ]]; then
+            local pid
+            pid=$(cat ".loki/loki.pid" 2>/dev/null)
+            if [[ -n "$pid" ]] && kill -0 "$pid" 2>/dev/null; then
+                echo -e "${RED}Cannot initialize: active session running. Stop it first with 'loki stop'.${NC}"
+                return 1
+            fi
+        fi
+        echo -e "${YELLOW}Reinitializing existing .loki/ directory${NC}"
+    fi
+
     local version=$(get_version)
     local project_name=""
     local template_name=""
@@ -10269,10 +10302,25 @@ cmd_worktree() {
                 return 1
             fi
 
+            # Validate JSON is parseable and contains required fields
+            if ! python3 -c "
+import json, sys
+try:
+    data = json.load(open('$signal_file'))
+    assert data.get('branch'), 'missing branch'
+    assert data.get('worktree'), 'missing worktree'
+except Exception as e:
+    print(str(e), file=sys.stderr)
+    sys.exit(1)
+" 2>/dev/null; then
+                echo -e "${RED}Invalid or corrupted merge signal file${NC}"
+                exit 1
+            fi
+
             local branch
-            branch=$(python3 -c "import json; print(json.load(open('$signal_file'))['branch'])" 2>/dev/null)
+            branch=$(python3 -c "import json; print(json.load(open('$signal_file'))['branch'])")
             local worktree_path
-            worktree_path=$(python3 -c "import json; print(json.load(open('$signal_file'))['worktree'])" 2>/dev/null)
+            worktree_path=$(python3 -c "import json; print(json.load(open('$signal_file'))['worktree'])")
 
             if git merge --no-ff "$branch" -m "merge($name): auto-merge from parallel worktree"; then
                 echo -e "${GREEN}Merge successful${NC}"
@@ -10785,7 +10833,7 @@ print()
 
 # Reset session state
 cmd_reset() {
-    require_jq
+    require_jq || return 1
 
     local subcommand="${1:-all}"
 

package/autonomy/run.sh

@@ -1212,13 +1212,17 @@ detect_complexity() {
     fi
 
     # Count files in project (excluding common non-source dirs)
-    local file_count=$(find "$target_dir" -type f \
+    local file_count=0
+    file_count=$(find "$target_dir" -type f \
         \( -name "*.ts" -o -name "*.tsx" -o -name "*.js" -o -name "*.jsx" \
         -o -name "*.py" -o -name "*.go" -o -name "*.rs" -o -name "*.java" \
         -o -name "*.rb" -o -name "*.php" -o -name "*.swift" -o -name "*.kt" \) \
         ! -path "*/node_modules/*" ! -path "*/.git/*" ! -path "*/vendor/*" \
         ! -path "*/dist/*" ! -path "*/build/*" ! -path "*/__pycache__/*" \
         2>/dev/null | wc -l | tr -d ' ')
+    # Validate file_count is numeric (guard against empty/malformed pipeline output)
+    file_count="${file_count:-0}"
+    file_count="${file_count//[^0-9]/}"
 
     # Check for external integrations
     local has_external=false
@@ -7901,8 +7905,10 @@ build_prompt() {
     # Load existing context if resuming
     local context_injection=""
     if [ $retry -gt 0 ]; then
-        local ledger=$(load_ledger_context)
-        local handoff=$(load_handoff_context)
+        local ledger=""
+        type -t load_ledger_context &>/dev/null && ledger=$(load_ledger_context)
+        local handoff=""
+        type -t load_handoff_context &>/dev/null && handoff=$(load_handoff_context)
 
         if [ -n "$ledger" ]; then
             context_injection="PREVIOUS_LEDGER_STATE: $ledger"
@@ -8432,11 +8438,15 @@ run_autonomous() {
         if [ -n "$found_prd" ]; then
             log_info "Found existing PRD: $found_prd"
             prd_path="$found_prd"
+            # Warn if a generated PRD also exists (user file takes precedence)
+            if [ -f ".loki/generated-prd.md" ] || [ -f ".loki/generated-prd.json" ]; then
+                log_warn "Using user PRD ($found_prd) instead of generated PRD (.loki/generated-prd.md). Remove generated PRD if no longer needed."
+            fi
         elif [ -f ".loki/generated-prd.md" ]; then
-            log_info "Using previously generated PRD: .loki/generated-prd.md"
+            log_info "No user PRD found. Using previously generated PRD: .loki/generated-prd.md"
             prd_path=".loki/generated-prd.md"
         elif [ -f ".loki/generated-prd.json" ]; then
-            log_info "Using previously generated PRD: .loki/generated-prd.json"
+            log_info "No user PRD found. Using previously generated PRD: .loki/generated-prd.json"
             prd_path=".loki/generated-prd.json"
         else
             log_info "No PRD found - will analyze codebase and generate one"
@@ -9194,8 +9204,9 @@ check_human_intervention() {
                 log_warn "PAUSE file created by budget limit - NOT auto-clearing in perpetual mode"
                 log_warn "Budget limit reached. Remove .loki/signals/BUDGET_EXCEEDED and .loki/PAUSE to continue."
                 notify_intervention_needed "Budget limit reached - execution paused" 2>/dev/null || true
+                local pause_result
                 handle_pause
-                local pause_result=$?
+                pause_result=$?
                 rm -f "$loki_dir/PAUSE"
                 if [ "$pause_result" -eq 1 ]; then
                     return 2
@@ -9211,8 +9222,9 @@ check_human_intervention() {
         fi
         log_warn "PAUSE file detected - pausing execution"
         notify_intervention_needed "Execution paused via PAUSE file"
+        local pause_result
         handle_pause
-        local pause_result=$?
+        pause_result=$?
         rm -f "$loki_dir/PAUSE"
         if [ "$pause_result" -eq 1 ]; then
             # STOP was requested during pause
@@ -9228,8 +9240,9 @@ check_human_intervention() {
             rm -f "$loki_dir/PAUSE_AT_CHECKPOINT"
             notify_intervention_needed "Execution paused at checkpoint"
             touch "$loki_dir/PAUSE"
+            local pause_result
             handle_pause
-            local pause_result=$?
+            pause_result=$?
             rm -f "$loki_dir/PAUSE"
             if [ "$pause_result" -eq 1 ]; then
                 return 2

package/dashboard/__init__.py

@@ -7,7 +7,7 @@ Modules:
     control: Session control API (start/stop/pause/resume)
 """
 
-__version__ = "6.36.2"
+__version__ = "6.36.3"
 
 # Expose the control app for easy import
 try:

package/docs/INSTALLATION.md

@@ -2,7 +2,7 @@
 
 The flagship product of [Autonomi](https://www.autonomi.dev/). Complete installation instructions for all platforms and use cases.
 
-**Version:** v6.36.2
+**Version:** v6.36.3
 
 ---
 

package/mcp/__init__.py

@@ -57,4 +57,4 @@ try:
 except ImportError:
     __all__ = ['mcp']
 
-__version__ = '6.36.2'
+__version__ = '6.36.3'

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "loki-mode",
-  "version": "6.36.2",
+  "version": "6.36.4",
   "description": "Loki Mode by Autonomi - Multi-agent autonomous startup system for Claude Code, Codex CLI, and Gemini CLI",
   "keywords": [
     "agent",

package/web-app/server.py

@@ -44,9 +44,20 @@ DIST_DIR = SCRIPT_DIR / "dist"
 
 app = FastAPI(title="Purple Lab", docs_url=None, redoc_url=None)
 
+_default_cors_origins = [
+    f"http://127.0.0.1:{PORT}",
+    f"http://localhost:{PORT}",
+]
+_cors_env = os.environ.get("PURPLE_LAB_CORS_ORIGINS", "")
+_cors_origins = (
+    [o.strip() for o in _cors_env.split(",") if o.strip()]
+    if _cors_env
+    else _default_cors_origins
+)
+
 app.add_middleware(
     CORSMiddleware,
-    allow_origins=["http://127.0.0.1:57375", "http://localhost:57375"],
+    allow_origins=_cors_origins,
     allow_methods=["*"],
     allow_headers=["*"],
 )
@@ -149,12 +160,25 @@ def _loki_dir() -> Path:
 
 
 def _safe_resolve(base: Path, requested: str) -> Optional[Path]:
-    """Resolve a path ensuring it stays within base (path traversal protection)."""
+    """Resolve a path ensuring it stays within base (path traversal protection).
+
+    Uses os.path.commonpath to avoid the startswith prefix collision where
+    /tmp/proj would incorrectly pass a check against /tmp/projother.
+    Also rejects symlinks that escape the base directory.
+    """
     try:
         resolved = (base / requested).resolve()
         base_resolved = base.resolve()
-        if str(resolved).startswith(str(base_resolved)):
-            return resolved
+        # Ensure resolved is strictly inside base_resolved
+        resolved.relative_to(base_resolved)
+        # Reject if any component is a symlink pointing outside base
+        check = base_resolved
+        for part in resolved.relative_to(base_resolved).parts:
+            check = check / part
+            if check.is_symlink():
+                link_target = check.resolve()
+                link_target.relative_to(base_resolved)  # raises ValueError if outside
+        return resolved
     except (ValueError, OSError):
         pass
     return None