loki-mode 7.5.6 → 7.5.8

package/mcp/__init__.py

@@ -57,4 +57,4 @@ try:
 except ImportError:
     __all__ = ['mcp']
 
-__version__ = '7.5.6'
+__version__ = '7.5.8'

package/mcp/server.py

@@ -1554,7 +1554,13 @@ async def loki_code_search(
         logger.error(f"Code search failed: {e}")
         _emit_tool_event_async('loki_code_search', 'complete',
                                result_status='error', error=str(e))
-        return json.dumps({"error": str(e)})
+        # Generic envelope: do not leak raw exception text (may include
+        # ChromaDB connection details / internal field names) to client.
+        return json.dumps({
+            "error": "Code search failed",
+            "code": "CHROMA_QUERY_ERROR",
+            "hint": "Ensure ChromaDB is running: docker start loki-chroma",
+        })
 
 
 @mcp.tool()
@@ -1601,7 +1607,13 @@ async def loki_code_search_stats() -> str:
             "reindex_command": "python3.12 tools/index-codebase.py --reset",
         })
     except Exception as e:
-        return json.dumps({"error": str(e)})
+        logger.error(f"Code search stats failed: {e}")
+        # Generic envelope: do not leak raw exception text to client.
+        return json.dumps({
+            "error": "Index unavailable",
+            "code": "CHROMA_STATS_ERROR",
+            "hint": "docker start loki-chroma",
+        })
 
 
 # ============================================================
@@ -1882,7 +1894,7 @@ async def loki_get_hotspots(
 
     try:
         results = []
-        with open(hotspots_path, 'r') as f:
+        with safe_open(hotspots_path, 'r') as f:
             for line in f:
                 line = line.strip()
                 if not line:
@@ -1940,7 +1952,7 @@ async def loki_get_co_changes(
         })
 
     try:
-        with open(co_changes_path, 'r') as f:
+        with safe_open(co_changes_path, 'r') as f:
             pairs = json.load(f)
 
         # Filter pairs involving the requested file
@@ -1993,7 +2005,7 @@ async def loki_get_doc_coverage() -> str:
         })
 
     try:
-        with open(manifest_path, 'r') as f:
+        with safe_open(manifest_path, 'r') as f:
             manifest = json.load(f)
 
         total_files = manifest.get("total_files", 0)
@@ -2077,7 +2089,13 @@ async def loki_findings(iteration: int = -1) -> str:
             if entry.endswith('-prompt.txt'):
                 continue
             reviewer = entry[:-4]
-            with safe_open(os.path.join(review_path, entry), 'r') as f:
+            try:
+                entry_path = safe_path_join(review_path, entry)
+            except PathTraversalError:
+                # Skip listdir entries that resolve outside the review dir
+                # (defensive against e.g. "../etc/passwd"-style names).
+                continue
+            with safe_open(entry_path, 'r') as f:
                 body = f.read()
             for line in body.splitlines():
                 stripped = line.strip().lstrip('-* ').strip()
@@ -2110,8 +2128,20 @@ async def loki_learnings(limit: int = 50) -> str:
         path = safe_path_join('.loki', 'state', 'relevant-learnings.json')
         if not os.path.exists(path):
             return json.dumps({"version": 1, "learnings": [], "total": 0})
-        with safe_open(path, 'r') as f:
-            data = json.load(f)
+        try:
+            with safe_open(path, 'r') as f:
+                data = json.load(f)
+        except (json.JSONDecodeError, ValueError) as je:
+            # Surface corruption explicitly rather than masking it as empty.
+            logger.error(f"loki_learnings corrupt file at {path}: {je}")
+            _emit_tool_event_async('loki_learnings', 'complete',
+                                   result_status='error', error=str(je))
+            return json.dumps({
+                "error": "Learning file corrupted",
+                "code": "LEARNINGS_CORRUPT",
+                "path": path,
+                "entries": [],
+            })
         learnings = data.get('learnings', []) if isinstance(data, dict) else []
         if not isinstance(learnings, list):
             learnings = []

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "loki-mode",
-  "version": "7.5.6",
+  "version": "7.5.8",
   "description": "Loki Mode by Autonomi - Multi-agent autonomous startup system for Claude Code, Codex CLI, and Gemini CLI",
   "keywords": [
     "agent",
@@ -124,7 +124,7 @@
     "@opentelemetry/exporter-trace-otlp-http": "^0.57.0"
   },
   "overrides": {
-    "protobufjs": ">=7.5.6"
+    "protobufjs": ">=7.5.8"
   },
   "devDependencies": {
     "@types/node": "^25.2.0",

package/references/core-workflow.md

@@ -70,6 +70,10 @@ Every iteration follows this cycle:
 - Retries with learned context
 - Achieves 2-3x quality improvement (Boris Cherny's observed result)
 
+### Phase 1 RARV-C Closure (v7.5.0+)
+
+The RARV cycle now closes with an explicit Critique step (RARV-C). After VERIFY, an override council of real provider judges (v7.5.4) issues a binding decision before the iteration is marked complete. See `references/quality-control.md` for the override council protocol.
+
 ---
 
 ## CONTINUITY.md - Working Memory Protocol

package/references/deployment.md

@@ -602,3 +602,9 @@ vault kv get -field=database-url secret/app
 ```
 
 All production secrets must be in a secrets manager, never in code or environment files.
+
+---
+
+## Loki Mode Release Workflow
+
+Releasing a new Loki Mode version requires bumping the version string in 14 locations in a single commit (VERSION, package.json, SKILL.md header and footer, Dockerfile, Dockerfile.sandbox, vscode-extension/package.json, CLAUDE.md, dashboard/__init__.py, mcp/__init__.py, CHANGELOG.md, docs/INSTALLATION.md, wiki/Home.md, wiki/_Sidebar.md, wiki/API-Reference.md). The full step-by-step procedure, pre-publish validation, and distribution channel checklist live in the project root `CLAUDE.md` Release Workflow section.

package/references/memory-system.md

@@ -4,7 +4,7 @@ Enhanced memory architecture based on 2025 research (MIRIX, A-Mem, MemGPT, AriGr
 
 ---
 
-## Implementation Status (v5.15.0)
+## Implementation Status (introduced v5.15.0, current as of v7.5.x)
 
 | Feature | Status | Location |
 |---------|--------|----------|

package/references/production-patterns.md

@@ -550,6 +550,12 @@ cost_patterns:
 
 ---
 
+## Cross-Process File Lock (v7.5.5)
+
+Concurrent loki invocations on the same `.loki/` workspace previously raced on `state/orchestrator.json`, `queue/pending.json`, and CONTINUITY.md. v7.5.5 introduces a `flock`-backed cross-process lock around all state writes. Concurrent runs serialize state mutations cleanly; readers continue without blocking.
+
+---
+
 ## Sources
 
 **Hacker News Discussions:**

package/references/prompt-repetition.md

@@ -14,13 +14,13 @@ Research-backed technique from arXiv 2512.14982v1: "Prompt Repetition Improves N
 
 ## When to Apply
 
-### ✅ USE Prompt Repetition For:
+### USE Prompt Repetition For:
 - **Haiku agents** (non-reasoning model)
 - **Structured tasks** (unit tests, linting, formatting)
 - **Position-dependent operations** (finding items in lists, parsing structured data)
 - **Simple bug fixes** (typos, imports, syntax errors)
 
-### ❌ DO NOT Use For:
+### DO NOT Use For:
 - **Opus agents** (reasoning model - neutral/slightly negative effect)
 - **Sonnet agents** (reasoning model - neutral effect)
 - **Complex reasoning tasks** (architecture decisions, planning)

package/references/quality-control.md

@@ -135,6 +135,12 @@ See `references/openai-patterns.md` for full guardrails implementation.
 
 ---
 
+## Override Council (v7.5.4)
+
+The override council closes the RARV-C cycle with real provider judges (Claude/Codex/Gemini) rather than scripted heuristics. Each judge reviews the iteration outcome independently and casts a binding ALLOW or BLOCK vote. A unanimous ALLOW closes the iteration; any BLOCK reopens REASON with the judge's rationale appended to CONTINUITY.md. See Phase 1 RARV-C closure in `references/core-workflow.md`.
+
+---
+
 ## Quality Gates
 
 **Never ship code without passing all quality gates:**

package/skills/agents.md

@@ -93,11 +93,11 @@ Success: Endpoint works, tests pass, matches OpenAPI spec.
 
 ## Specialist Review Pattern (v5.30.0)
 
-**Code review uses 3 specialist reviewers selected from a pool of 5 named experts.**
+**Code review uses 3 specialist reviewers selected from a pool of 6 named experts.**
 
 See `quality-gates.md` for full specialist definitions, selection rules, and prompt templates.
 
-**Pool:** security-sentinel, performance-oracle, architecture-strategist, test-coverage-auditor, dependency-analyst
+**Pool:** security-sentinel, performance-oracle, architecture-strategist, test-coverage-auditor, dependency-analyst, legacy-healing-auditor
 
 **Selection:** architecture-strategist always included + top 2 by trigger keyword match against diff.
 

package/skills/healing.md

@@ -257,6 +257,22 @@ VERIFY: Run the test.
                 (Amazon: "the hardest part is teaching why workflows fail")
 ```
 
+### RARV-C Closure Flags (v7.5.0+)
+
+The Phase 1 RARV-C closure pipeline is also useful in healing runs because
+characterization-test failures generate structured findings that benefit
+from override-council adjudication and persistent learnings:
+
+```bash
+LOKI_INJECT_FINDINGS=1     # structured findings -> next-iteration prompt
+LOKI_OVERRIDE_COUNCIL=1    # 3-judge override council on BLOCK
+LOKI_AUTO_LEARNINGS=1      # persist code_review failures as learnings
+LOKI_HANDOFF_MD=1          # write handoff doc before PAUSE
+```
+
+Full spec and counter-evidence schema: `skills/quality-gates.md` (v7.5.0
+Phase 1 environment flags section).
+
 ---
 
 ## Structured Fault Injection (Honest Alternative to RL Gyms)

package/skills/providers.md

@@ -166,7 +166,7 @@ loki start --provider cline ./prd.md
 # With specific model
 loki start --provider cline --cline-model deepseek/deepseek-chat ./prd.md
 
-# With loki run
+# With loki run (DEPRECATED -- still works; prefer `loki start`)
 loki run 52 --provider cline --ship -d
 ```
 

package/skills/quality-gates.md

@@ -110,6 +110,24 @@ LOKI_HANDOFF_MD=1          # write a structured handoff doc to
 Optional: `LOKI_AUTO_LEARNINGS_EPISODE=1` also writes the learning into
 the Python episodic memory layer via `memory.engine.save_episode`.
 
+**Override-judge knobs (v7.5.4+):**
+
+```bash
+LOKI_OVERRIDE_JUDGES=claude,gemini   # csv of provider names for the
+                                     # 3-judge override council. Defaults
+                                     # to the available installed providers
+                                     # (claude, codex, gemini, cline, aider).
+LOKI_OVERRIDE_REAL_JUDGE=0           # force the deterministic stub-judge
+                                     # path (hermetic CI / cost control).
+                                     # Default: 1 = real provider-backed
+                                     # judges when their CLIs are present;
+                                     # falls back to stub on missing CLI
+                                     # or transient provider failure.
+```
+
+Implementation: `loki-ts/src/runner/quality_gates.ts:760` (judge dispatch),
+`:780` (csv parse), `:987` (real-judge gate).
+
 **Reachability note (v7.5.0/v7.5.1)**: these flags activate inside the
 Bun runtime. Today `loki start <prd>` routes through the bash runner via
 `bin/loki` shim fall-through, so the flags do not yet trigger on a real