loki-mode 7.55.0 → 7.57.0

package/autonomy/loki

@@ -726,8 +726,8 @@ show_help() {
     echo "  help             Show this help ('loki help aliases' for old names)"
     echo ""
     echo "More commands (grill, spec, cleanup, init, watch, demo, web, api,"
-    echo "logs, github, import, council, proof, audit, agent, template, magic,"
-    echo "docs, wiki, ci, test, bench, secrets, telemetry, crash, worktree,"
+    echo "logs, github, import, council, proof, audit, compliance, agent, template,"
+    echo "magic, docs, wiki, ci, test, bench, secrets, telemetry, crash, worktree,"
     echo "failover, monitor, remote, ...) are dispatchable and documented via"
     echo "'loki <command> --help'."
     echo ""
@@ -14530,6 +14530,9 @@ main() {
         audit)
             cmd_audit "$@"
             ;;
+        compliance)
+            cmd_compliance "$@"
+            ;;
         review)
             cmd_review "$@"
             ;;
@@ -15853,6 +15856,211 @@ STATE_QUERY_PY
 }
 
 # Agent action audit log and quality scanning
+# Resolve the repo root (where src/audit lives) from the loki script dir.
+# _LOKI_SCRIPT_DIR is autonomy/; the JS audit modules live at ../src/audit.
+_loki_audit_repo_root() {
+    ( cd "$_LOKI_SCRIPT_DIR/.." && pwd )
+}
+
+# Link the run manifest (.loki/loki-run.json) into the agent audit chain for
+# the TARGET project (not the loki repo). Honest no-op when the manifest is
+# absent. Exit 0 on link or honest no-op; exit 1 only on a real error.
+cmd_audit_link_manifest() {
+    local target_dir="${1:-$PWD}"
+    if ! command -v node &>/dev/null; then
+        echo -e "${RED}Error: node is required for 'loki audit link-manifest'${NC}"
+        echo "Install Node.js, then re-run."
+        return 1
+    fi
+    local repo_root
+    repo_root="$(_loki_audit_repo_root)"
+    local abs_target
+    abs_target="$( cd "$target_dir" 2>/dev/null && pwd )" || {
+        echo -e "${RED}Error: project dir not found: $target_dir${NC}"
+        return 1
+    }
+
+    echo -e "${BOLD}Linking run manifest into the audit chain...${NC}"
+    echo "  Project: $abs_target"
+
+    LOKI_AUDIT_MOD="$repo_root/src/audit" LOKI_AUDIT_TARGET="$abs_target" \
+        node -e '
+const audit = require(process.env.LOKI_AUDIT_MOD);
+const res = audit.linkManifest({ projectDir: process.env.LOKI_AUDIT_TARGET });
+if (res.linked) {
+  console.log("  linked: yes");
+  console.log("  manifest: " + res.manifestPath);
+  console.log("  sha256: " + res.manifestSha256);
+  if (res.manifestSchema) console.log("  schema: " + res.manifestSchema);
+  if (res.anchor && typeof res.anchor.seq !== "undefined") console.log("  anchor seq: " + res.anchor.seq);
+} else {
+  console.log("  linked: no (" + (res.reason || "no-op") + ")");
+  console.log("  manifest: " + res.manifestPath);
+}
+' || {
+        echo -e "${RED}Error: manifest link failed${NC}"
+        return 1
+    }
+    return 0
+}
+
+# Verify the run-manifest link for the TARGET project. Honest empty case
+# (no anchor recorded yet) exits 0; a real tamper/integrity failure exits 1.
+cmd_audit_verify_manifest() {
+    local target_dir="${1:-$PWD}"
+    if ! command -v node &>/dev/null; then
+        echo -e "${RED}Error: node is required for 'loki audit verify-manifest'${NC}"
+        echo "Install Node.js, then re-run."
+        return 1
+    fi
+    local repo_root
+    repo_root="$(_loki_audit_repo_root)"
+    local abs_target
+    abs_target="$( cd "$target_dir" 2>/dev/null && pwd )" || {
+        echo -e "${RED}Error: project dir not found: $target_dir${NC}"
+        return 1
+    }
+
+    echo -e "${BOLD}Verifying run-manifest link...${NC}"
+    echo "  Project: $abs_target"
+
+    LOKI_AUDIT_MOD="$repo_root/src/audit" LOKI_AUDIT_TARGET="$abs_target" \
+        node -e '
+const audit = require(process.env.LOKI_AUDIT_MOD);
+const res = audit.verifyManifestLink({ projectDir: process.env.LOKI_AUDIT_TARGET });
+const chainValid = res.chain && res.chain.valid;
+console.log("  chain integrity: " + (chainValid ? "valid" : "INVALID"));
+if (!res.present) {
+  console.log("  manifest link: none recorded yet (no-op)");
+  // Honest empty case: success only if the chain itself is valid.
+  process.exit(chainValid ? 0 : 1);
+}
+const m = res.manifest || {};
+console.log("  manifest: " + (m.manifestPath || "?"));
+console.log("  pinned sha256:  " + (m.pinnedSha256 || "?"));
+console.log("  current sha256: " + (m.currentSha256 || "(absent)"));
+if (res.valid) {
+  console.log("  verdict: VALID (manifest matches anchored hash)");
+  process.exit(0);
+} else {
+  console.log("  verdict: TAMPERED / INVALID");
+  if (m.error) console.log("  reason: " + m.error);
+  process.exit(1);
+}
+'
+    return $?
+}
+
+# loki compliance - periodic compliance snapshot (SOC2 / ISO27001 / GDPR).
+# The scheduler is default-disabled (LOKI_COMPLIANCE_SNAPSHOT_INTERVAL_HOURS
+# unset or 0). `loki compliance snapshot` runs the self-rate-limiting check;
+# `--force` generates a snapshot now regardless of interval/elapsed gate.
+cmd_compliance() {
+    local subcommand="${1:-help}"
+
+    case "$subcommand" in
+        snapshot)
+            shift
+            local force="" target_dir="$PWD"
+            while [[ $# -gt 0 ]]; do
+                case "$1" in
+                    --force|-f) force="1"; shift ;;
+                    --help|-h)
+                        echo -e "${BOLD}loki compliance snapshot${NC} - Generate/check a compliance snapshot"
+                        echo ""
+                        echo "Usage: loki compliance snapshot [PROJECT_DIR] [--force]"
+                        echo ""
+                        echo "Without --force, respects the default-disabled interval"
+                        echo "(LOKI_COMPLIANCE_SNAPSHOT_INTERVAL_HOURS). Reports honestly:"
+                        echo "  disabled     interval unset/0 (default)"
+                        echo "  not-elapsed  interval not yet elapsed since last snapshot"
+                        echo "  generated    a new snapshot was written"
+                        echo ""
+                        echo "With --force, a snapshot is generated now regardless."
+                        echo "Snapshots are written to .loki/audit/compliance-snapshots/ in the project dir."
+                        return 0
+                        ;;
+                    -*) echo -e "${RED}Unknown option: $1${NC}"; return 1 ;;
+                    *) target_dir="$1"; shift ;;
+                esac
+            done
+
+            if ! command -v node &>/dev/null; then
+                echo -e "${RED}Error: node is required for 'loki compliance snapshot'${NC}"
+                echo "Install Node.js, then re-run."
+                return 1
+            fi
+            local repo_root
+            repo_root="$(_loki_audit_repo_root)"
+            local abs_target
+            abs_target="$( cd "$target_dir" 2>/dev/null && pwd )" || {
+                echo -e "${RED}Error: project dir not found: $target_dir${NC}"
+                return 1
+            }
+
+            echo -e "${BOLD}Compliance snapshot${NC}"
+            echo "  Project: $abs_target"
+
+            LOKI_SCHED_MOD="$repo_root/src/audit/compliance-scheduler.js" \
+            LOKI_SCHED_TARGET="$abs_target" LOKI_SCHED_FORCE="$force" \
+                node -e '
+const sched = require(process.env.LOKI_SCHED_MOD);
+const target = process.env.LOKI_SCHED_TARGET;
+const force = process.env.LOKI_SCHED_FORCE === "1";
+if (force) {
+  const now = Date.now();
+  const snapshot = sched.buildSnapshot({ projectDir: target, nowMs: now });
+  const file = sched.persistSnapshot({ projectDir: target, snapshot: snapshot, nowMs: now });
+  console.log("  result: generated (forced)");
+  console.log("  path: " + file);
+  console.log("  audit entries: " + snapshot.totalAuditEntries);
+  process.exit(0);
+}
+const res = sched.maybeGenerateSnapshot({ projectDir: target });
+if (res.generated) {
+  console.log("  result: generated");
+  console.log("  path: " + res.path);
+  console.log("  interval (hours): " + res.intervalHours);
+} else if (res.reason === "disabled") {
+  console.log("  result: disabled (scheduler off; default)");
+  console.log("  enable: set LOKI_COMPLIANCE_SNAPSHOT_INTERVAL_HOURS=<N>, or use --force to generate now");
+} else if (res.reason === "not-elapsed") {
+  console.log("  result: not-elapsed (interval not yet reached)");
+  console.log("  interval (hours): " + res.intervalHours);
+  if (res.nextEligibleAtMs) console.log("  next eligible: " + new Date(res.nextEligibleAtMs).toISOString());
+  console.log("  override: use --force to generate now");
+} else {
+  console.log("  result: " + (res.reason || "no-op"));
+}
+process.exit(0);
+' || {
+                echo -e "${RED}Error: compliance snapshot failed${NC}"
+                return 1
+            }
+            return 0
+            ;;
+        --help|-h|help)
+            echo -e "${BOLD}loki compliance${NC} - Periodic compliance snapshots"
+            echo ""
+            echo "Usage: loki compliance <subcommand> [options]"
+            echo ""
+            echo "Subcommands:"
+            echo "  snapshot [DIR] [--force]   Generate/check a compliance snapshot"
+            echo "  help                       Show this help"
+            echo ""
+            echo "The compliance scheduler is default-disabled. A snapshot bundles the"
+            echo "SOC2, ISO27001 and GDPR reports plus the audit chain-integrity verdict"
+            echo "into .loki/audit/compliance-snapshots/. Enable periodic generation by setting"
+            echo "LOKI_COMPLIANCE_SNAPSHOT_INTERVAL_HOURS, or run with --force on demand."
+            ;;
+        *)
+            echo -e "${RED}Unknown compliance subcommand: $subcommand${NC}"
+            echo "Run 'loki compliance help' for usage."
+            exit 1
+            ;;
+    esac
+}
+
 cmd_audit() {
     local subcommand="${1:-help}"
     local audit_file="$LOKI_DIR/logs/agent-audit.jsonl"
@@ -16148,23 +16356,51 @@ print()
             fi
             ;;
 
+        link-manifest)
+            # Fold the run manifest (.loki/loki-run.json bill-of-materials) into
+            # the agent audit chain so it becomes tamper-evident and verifiable
+            # against the evidence chain. Explicit, on-demand command: cmd_start
+            # execs run.sh and replaces the loki process, so there is no
+            # post-completion return point in this CLI wrapper to auto-invoke
+            # from. Honest no-op (exit 0) when the manifest is absent.
+            shift
+            local target_dir="${1:-$PWD}"
+            cmd_audit_link_manifest "$target_dir"
+            ;;
+        verify-manifest)
+            # Verify the run-manifest link: agent chain integrity AND the on-disk
+            # manifest still matching the hash pinned by the most recent
+            # manifest-link anchor. Honest empty case (exit 0) when no anchor was
+            # recorded yet; nonzero only on a real tamper/integrity failure.
+            shift
+            local target_dir="${1:-$PWD}"
+            cmd_audit_verify_manifest "$target_dir"
+            ;;
         --help|-h|help)
             echo -e "${BOLD}loki audit${NC} - Agent audit log and quality scanning"
             echo ""
             echo "Usage: loki audit <subcommand> [options]"
             echo ""
             echo "Subcommands:"
-            echo "  log [N]     Show last N audit log entries (default: 50)"
-            echo "  count       Count actions by type"
-            echo "  scan        Run quality scan against dashboard API"
-            echo "  lint        Run static analysis on project files"
-            echo "  test        Run test coverage check"
-            echo "  help        Show this help"
+            echo "  log [N]            Show last N audit log entries (default: 50)"
+            echo "  count              Count actions by type"
+            echo "  scan               Run quality scan against dashboard API"
+            echo "  lint               Run static analysis on project files"
+            echo "  test               Run test coverage check"
+            echo "  link-manifest [P]  Link the run manifest into the audit chain (tamper-evidence)"
+            echo "  verify-manifest [P] Verify the run-manifest link against the evidence chain"
+            echo "  help               Show this help"
             echo ""
             echo "Quality Scan Options (loki audit scan):"
             echo "  --preset NAME   Compliance preset (default|healthcare|fintech|government)"
             echo "  --export        Save report to .loki/quality/report-{date}.json"
             echo ""
+            echo "Manifest tamper-evidence (loki audit link-manifest / verify-manifest):"
+            echo "  Hashes .loki/loki-run.json (the build bill-of-materials) into the"
+            echo "  agent audit chain. link-manifest no-ops honestly if the manifest is"
+            echo "  absent; verify-manifest reports honestly if no anchor exists yet."
+            echo "  Optional [P] is the project dir (default: current directory)."
+            echo ""
             echo "The agent audit log records actions taken during Loki sessions,"
             echo "including CLI invocations, git commits, and session lifecycle events."
             echo "Log file: $audit_file"

package/autonomy/run.sh

@@ -8320,23 +8320,31 @@ enforce_mutation_integrity() {
 }
 
 # ============================================================================
-# Semantic Test-Authenticity Gate (P1-3): wire tests/detect-semantic-test-problems.sh
-# as an OPT-IN completion gate. The detector catches the harder class of fake
-# tests that the regex detectors (gates 5+6) miss: assertions that look real but
-# verify nothing because the asserted value never flows through code under test
-# (literal-via-variable echo HIGH, mock-return echo MED, deleted assertions MED).
+# Semantic Test-Authenticity Gate (P1-3): wire tests/detect-semantic-test-problems.sh.
+# The detector catches the harder class of fake tests that the regex detectors
+# (gates 5+6) miss: assertions that look real but verify nothing because the
+# asserted value never flows through code under test (literal-via-variable echo
+# HIGH, mock-return echo MED, deleted assertions MED).
 #
-# ADVISORY-FIRST POSTURE (no-deadlock contract): this helper is invoked ONLY when
-# LOKI_GATE_SEMANTIC_TESTS=true (the elif guard at the completion-promise arm
-# short-circuits when off, so there is zero runtime cost on the default path).
-# When on, it runs the detector with --block-high (clean exit-code contract:
-# rc 2 iff a CRITICAL/HIGH finding exists). We surface ALL severities to a
-# findings file (advisory) and return nonzero ONLY on rc 2. Every other exit --
-# rc 0 (clean), rc 124 (timeout), detector absent, no test files, malformed
-# output -- returns 0 (pass/fall-through), so the autonomous loop can NEVER
-# deadlock on a clean run. Mirrors enforce_mock_integrity's invocation
-# (cd TARGET_DIR + LOKI_SCAN_DIR=TARGET_DIR + timeout), swapping --strict for
-# --block-high and deciding on the rc-2 contract instead of grepping stdout.
+# POSTURE (v7.57.0): this enforce_* helper is the shared core for TWO callers:
+#   1) the DEFAULT-ON mid-iteration ADVISORY arm (gated on LOKI_GATE_SEMANTIC_TESTS,
+#      default true) -- runs every iteration, writes findings, and on a CRIT/HIGH
+#      result the arm only calls track_gate_failure (surfaces to the next prompt),
+#      NEVER PAUSEs / NEVER rejects completion (clone of the mock arm).
+#   2) the OPT-IN completion-BLOCKING elif (gated on LOKI_GATE_SEMANTIC_TESTS_BLOCK,
+#      default false) -- when set, rejects the completion claim on a CRIT/HIGH.
+# The default-on flip applies ONLY to surfacing; blocking stays opt-in via the
+# separate _BLOCK flag, so surfacing-default-on does NOT make blocking default-on.
+#
+# NO-DEADLOCK CONTRACT: it runs the detector with --block-high (clean exit-code
+# contract: rc 2 iff a CRITICAL/HIGH finding exists). It surfaces ALL severities
+# to a findings file (advisory) and returns nonzero ONLY on rc 2. Every other
+# exit -- rc 0 (clean), rc 124 (timeout), detector absent, no test files,
+# malformed output -- returns 0 (pass/fall-through), so the autonomous loop can
+# NEVER deadlock on a clean run (default-on surfacing is therefore deadlock-safe,
+# exactly as the mock/mutation gates prove in production). Mirrors
+# enforce_mock_integrity's invocation (cd TARGET_DIR + LOKI_SCAN_DIR=TARGET_DIR +
+# timeout), swapping --strict for --block-high and deciding on the rc-2 contract.
 # ============================================================================
 enforce_semantic_integrity() {
     local loki_dir="${TARGET_DIR:-.}/.loki"
@@ -8416,9 +8424,19 @@ _semantic_gate_and_surface() {
 #     redirect the scan).
 # The PLURAL token LOKI_GATE_INVARIANTS is used deliberately to match the Bun
 # readToggles flag name; the detector's own reference comment suggests a
-# singular default-on variant (no trailing S), which is NOT used here (parity
-# needs the plural, and this gate is OPT-IN / default OFF like the semantic
-# gate).
+# singular variant (no trailing S), which is NOT used here (parity needs the
+# plural).
+#
+# POSTURE (v7.57.0): this enforce_* helper is the shared core for TWO callers,
+# mirroring enforce_semantic_integrity:
+#   1) the DEFAULT-ON mid-iteration ADVISORY arm (gated on LOKI_GATE_INVARIANTS,
+#      default true) -- runs every iteration, writes invariant-findings.txt, and
+#      on a CRIT/HIGH result the arm only calls track_gate_failure (surfaces to
+#      the next prompt via the invariant injector in build_prompt), NEVER PAUSEs /
+#      NEVER rejects completion.
+#   2) the OPT-IN completion-BLOCKING elif (gated on LOKI_GATE_INVARIANTS_BLOCK,
+#      default false) -- when set, rejects the completion claim on a CRIT/HIGH.
+# Surfacing-default-on does NOT make blocking default-on (separate _BLOCK flag).
 enforce_invariant_integrity() {
     local loki_dir="${TARGET_DIR:-.}/.loki"
     local quality_dir="$loki_dir/quality"
@@ -12435,6 +12453,21 @@ if d.get('blocked'):
         fi
     fi
 
+    # P1-4 / v7.57.0: surface specific invariant/property findings (which file,
+    # which violated invariant) when the default-on advisory gate (or the opt-in
+    # LOKI_GATE_INVARIANTS_BLOCK gate) wrote them, so a block converges and an
+    # advisory run still informs the next iteration. The file exists only when
+    # the gate ran AND found something (cleared on clean), so this is zero-cost on
+    # a clean run and when the surfacing gate is opted out. Mirrors the semantic
+    # injector above and is independent of gate-failures.txt presence.
+    if [ -f "${TARGET_DIR:-.}/.loki/quality/invariant-findings.txt" ]; then
+        local inv_findings
+        inv_findings=$(grep -E '\[(CRITICAL|HIGH|MEDIUM|LOW)\]' "${TARGET_DIR:-.}/.loki/quality/invariant-findings.txt" 2>/dev/null | head -20 || true)
+        if [ -n "$inv_findings" ]; then
+            gate_failure_context="${gate_failure_context} INVARIANT/PROPERTY FINDINGS (fix the violated invariants; the code must preserve the stated property/metamorphic relation, not just pass example-based tests): ${inv_findings}"
+        fi
+    fi
+
     # P2-2: high-severity spec-assumption context. When DISCOVERY recorded any
     # high-severity assumption (the spec was ambiguous in a high-impact place),
     # surface it to the build agent so it implements with the gap in view (or
@@ -13461,9 +13494,12 @@ if not features:
             continue
         clean_name = strip_numbering(section_name)
         if len(section_content) > 20 and len(clean_name) > 5:
+            # BUG-A fix: store the REAL section/heading key (not a hardcoded
+            # "Requirements") so sections.get(feat["section"]) later resolves
+            # to this section's body and the description is not just the title.
             features.append({
                 "title": clean_name,
-                "section": "Requirements",
+                "section": section_name,
             })
 
 if not features:
@@ -13601,6 +13637,20 @@ PRD_PARSE_EOF
         return 0
     fi
 
+    # LLM enrichment post-pass (v7.52.0). The python heredoc above has no model
+    # access, so stub tasks (description == title, or the templated user_story)
+    # are enriched here via one batched provider call. Best-effort: on any
+    # failure (non-claude provider, degraded mode, no binary, timeout, parse
+    # error) the deterministic output is left intact. Never blocks the queue.
+    local _prd_enrich_lib="$SCRIPT_DIR/lib/prd-enrich.sh"
+    if [ -f "$_prd_enrich_lib" ]; then
+        # shellcheck source=lib/prd-enrich.sh
+        source "$_prd_enrich_lib" 2>/dev/null || true
+        if declare -f loki_prd_enrich >/dev/null 2>&1; then
+            loki_prd_enrich ".loki/queue/pending.json" "$effective_prd" || true
+        fi
+    fi
+
     touch ".loki/queue/.prd-populated"
     log_info "PRD task parsing complete"
 }
@@ -15146,27 +15196,39 @@ if __name__ == "__main__":
                     log_warn "Mutation integrity gate FAILED ($mt_count consecutive) - HIGH test-fitting detected"
                 fi
             fi
-            # LSP diagnostics gate (P1-5 bash-route parity, v7.51.0). Closes the
-            # parity gap: the Bun route ships runLSPDiagnostics
-            # (loki-ts/src/runner/quality_gates.ts) with a route-neutral Python
-            # writer (mcp/lsp_proxy.py); the bash route had NO writer/reader.
-            # This block runs the SAME writer and mirrors the TS blocking
-            # semantics byte-for-byte:
-            #   - Gate is OPT-IN: default OFF. Enabled by LOKI_GATE_LSP_DIAGNOSTICS=true
-            #     (the single toggle; mirrors flag("LOKI_GATE_LSP_DIAGNOSTICS", false)
-            #     at quality_gates.ts:1717). No second knob.
-            #   - When enabled, count_errors > 0 -> BLOCK (mirrors
-            #     "if (errorCount > 0) { passed: false }" at quality_gates.ts:1667).
+            # LSP diagnostics gate (P1-5 bash-route parity, v7.51.0; default-on
+            # advisory-surfacing as of v7.57.0). Closes the parity gap: the Bun
+            # route ships runLSPDiagnostics (loki-ts/src/runner/quality_gates.ts)
+            # with a route-neutral Python writer (mcp/lsp_proxy.py); the bash
+            # route had NO writer/reader.
+            #
+            # POSTURE (v7.57.0): DEFAULT-ON SURFACING (no blocking arm exists).
+            # This is the mid-iteration advisory arm -- it RUNS by default (like
+            # the mock/mutation gates), writes lsp-diagnostics.json, and surfaces
+            # errors to the NEXT iteration via track_gate_failure (the
+            # lsp_diagnostics token flows into gate-failures.txt -> build_prompt).
+            # It does NOT reject completion: the "block*" case below only calls
+            # track_gate_failure, never PAUSE / never the completion-promise arm,
+            # exactly like the mock gate. Default-on surfacing CANNOT deadlock
+            # (mock/mutation prove this in production); there is therefore NO
+            # separate blocking knob for LSP (none ever existed on the bash route).
+            #   - Toggle: LOKI_GATE_LSP_DIAGNOSTICS (default TRUE = surfacing on;
+            #     opt out with =false). Accepts "true" or "1". Single knob (no
+            #     blocking arm exists on the bash route, so there is no _BLOCK flag).
+            #   - count_errors > 0 -> surface (track_gate_failure), mirroring the
+            #     TS "errorCount > 0" finding at quality_gates.ts:1667 but WITHOUT
+            #     rejecting completion (advisory-first on the bash route).
             #   - warnings only -> advisory PASS (quality_gates.ts:1673).
-            #   - artifact absent/malformed -> honest pass-through, NEVER block
-            #     (quality_gates.ts:1646 returns passed:true on null artifact).
+            #   - artifact absent/malformed/timeout -> honest pass-through, NEVER
+            #     surface a block, NEVER deadlock (deny-filter; mirrors
+            #     quality_gates.ts:1646 returning passed:true on null artifact).
             # The writer is OPT-OUT-able with LOKI_GATE_LSP_WRITER=0 (operator can
             # supply a pre-built artifact), matching the TS escape hatch
             # (quality_gates.ts:1630). cwd must be the install dir (PROJECT_DIR =
             # $SCRIPT_DIR/.. ) so `-m mcp.lsp_proxy` imports, while --root points
             # at the TARGET project the loop is building (mirrors
             # runLSPDiagnosticsWriter: cwd=REPO_ROOT, --root=ctx.cwd).
-            if [ "${LOKI_GATE_LSP_DIAGNOSTICS:-false}" = "true" ] && [ "$ITERATION_COUNT" -gt 0 ]; then
+            if { [ "${LOKI_GATE_LSP_DIAGNOSTICS:-true}" = "true" ] || [ "${LOKI_GATE_LSP_DIAGNOSTICS:-true}" = "1" ]; } && [ "$ITERATION_COUNT" -gt 0 ]; then
                 log_info "Quality gate: LSP diagnostics..."
                 # WRITER: route-neutral Python, same program as the Bun route.
                 if [ "${LOKI_GATE_LSP_WRITER:-1}" != "0" ]; then
@@ -15228,6 +15290,54 @@ else:
                         ;;
                 esac
             fi
+            # Semantic test-authenticity gate -- mid-iteration ADVISORY arm
+            # (v7.57.0 default-on surfacing). Clones the mock arm (~15126)
+            # byte-for-byte: runs enforce_semantic_integrity, which writes
+            # semantic-findings.txt and returns 1 ONLY on a CRITICAL/HIGH
+            # fake-test finding (clean / no-test-files / detector-absent / timeout
+            # / malformed all collapse to rc 0 inside the function -- deny-filter).
+            # On rc 1 we ONLY track_gate_failure (surface to the next prompt via
+            # the semantic-findings injector at build_prompt); we NEVER PAUSE and
+            # NEVER reject completion here. Default-on surfacing cannot deadlock
+            # (mock/mutation prove this in production). The opt-in completion-
+            # BLOCKING arm lives behind LOKI_GATE_SEMANTIC_TESTS_BLOCK at the
+            # completion-promise elif below; this surfacing arm is independent.
+            #   - Toggle: LOKI_GATE_SEMANTIC_TESTS (default TRUE = surfacing on;
+            #     opt out with =false). Accepts "true" or "1".
+            if { [ "${LOKI_GATE_SEMANTIC_TESTS:-true}" = "true" ] || [ "${LOKI_GATE_SEMANTIC_TESTS:-true}" = "1" ]; } && [ "$ITERATION_COUNT" -gt 0 ]; then
+                log_info "Quality gate: semantic test-authenticity (advisory)..."
+                if enforce_semantic_integrity; then
+                    clear_gate_failure "semantic_tests"
+                else
+                    local sem_count
+                    sem_count=$(track_gate_failure "semantic_tests")
+                    gate_failures="${gate_failures}semantic_tests,"
+                    log_warn "Semantic test-authenticity gate FAILED ($sem_count consecutive) - CRITICAL/HIGH fake-test problems (advisory; surfaced to next iteration)"
+                fi
+            fi
+            # Invariant/property gate -- mid-iteration ADVISORY arm (v7.57.0
+            # default-on surfacing). Mirrors the semantic arm above: runs
+            # enforce_invariant_integrity, which writes invariant-findings.txt and
+            # returns 1 ONLY on a CRITICAL/HIGH invariant violation (clean /
+            # detector-absent / timeout / malformed all collapse to rc 0 inside
+            # the function -- deny-filter). On rc 1 we ONLY track_gate_failure
+            # (surfaced to the next prompt via the invariant-findings injector in
+            # build_prompt); we NEVER PAUSE and NEVER reject completion here. The
+            # opt-in completion-BLOCKING arm lives behind LOKI_GATE_INVARIANTS_BLOCK
+            # at the completion-promise elif below.
+            #   - Toggle: LOKI_GATE_INVARIANTS (default TRUE = surfacing on; opt
+            #     out with =false). Accepts "true" or "1".
+            if { [ "${LOKI_GATE_INVARIANTS:-true}" = "true" ] || [ "${LOKI_GATE_INVARIANTS:-true}" = "1" ]; } && [ "$ITERATION_COUNT" -gt 0 ]; then
+                log_info "Quality gate: invariant/property (advisory)..."
+                if enforce_invariant_integrity; then
+                    clear_gate_failure "invariants"
+                else
+                    local inv_count
+                    inv_count=$(track_gate_failure "invariants")
+                    gate_failures="${gate_failures}invariants,"
+                    log_warn "Invariant gate FAILED ($inv_count consecutive) - CRITICAL/HIGH invariant/property violations (advisory; surfaced to next iteration)"
+                fi
+            fi
             # Code review gate (upgraded from advisory, with escalation)
             if [ "$PHASE_CODE_REVIEW" = "true" ] && [ "$ITERATION_COUNT" -gt 0 ]; then
                 log_info "Quality gate: code review..."
@@ -15534,35 +15644,40 @@ else:
                 log_warn "Completion claim rejected: assumption ledger gate found unresolved high-severity spec assumption(s)."
                 log_warn "  Details under .loki/council/assumption-block.json ; opt out with LOKI_ASSUMPTION_GATE=0"
                 # Fall through; keep iterating until high-sev assumptions resolve.
-            # P1-3: semantic test-authenticity gate (OPT-IN, default OFF). Catches
-            # fake tests that look real but verify nothing (literal-via-variable
-            # echo etc.) that the regex gates 5+6 miss. ADVISORY-FIRST: the arm is
-            # guarded by LOKI_GATE_SEMANTIC_TESTS=true, so by default it never runs
-            # (zero runtime cost, never blocks). When enabled it runs the detector
-            # with --block-high and rejects the completion ONLY on a CRITICAL/HIGH
-            # finding; clean / no-test-files / detector-absent / timeout / malformed
-            # all collapse to a pass inside _semantic_gate_and_surface, so the
-            # autonomous loop can never deadlock on a clean run. Mirrors the
-            # evidence / held-out / assumption arms above.
-            elif [ "$_completion_claimed" = 1 ] && [ "${LOKI_GATE_SEMANTIC_TESTS:-false}" = "true" ] && type _semantic_gate_and_surface &>/dev/null && ! _semantic_gate_and_surface; then
+            # P1-3: semantic test-authenticity completion-BLOCKING gate (OPT-IN,
+            # default OFF). Catches fake tests that look real but verify nothing
+            # (literal-via-variable echo etc.) that the regex gates 5+6 miss.
+            # v7.57.0: the SURFACING of these findings is now default-on (see the
+            # mid-iteration advisory arm above, gated on LOKI_GATE_SEMANTIC_TESTS,
+            # default true). This completion-BLOCKING arm is a SEPARATE opt-in,
+            # gated on LOKI_GATE_SEMANTIC_TESTS_BLOCK (default OFF; accepts "true"
+            # or "1"), so the surfacing-default-on flip does NOT make blocking
+            # default-on. When the BLOCK flag is set it runs the detector with --block-high and
+            # rejects completion ONLY on a CRITICAL/HIGH finding; clean /
+            # no-test-files / detector-absent / timeout / malformed all collapse
+            # to a pass inside _semantic_gate_and_surface, so the autonomous loop
+            # can never deadlock on a clean run. Mirrors the evidence / held-out /
+            # assumption arms above.
+            elif [ "$_completion_claimed" = 1 ] && { [ "${LOKI_GATE_SEMANTIC_TESTS_BLOCK:-false}" = "true" ] || [ "${LOKI_GATE_SEMANTIC_TESTS_BLOCK:-false}" = "1" ]; } && type _semantic_gate_and_surface &>/dev/null && ! _semantic_gate_and_surface; then
                 log_warn "Completion claim rejected: semantic test-authenticity gate found CRITICAL/HIGH fake-test problem(s)."
-                log_warn "  Details under .loki/quality/semantic-findings.txt ; opt-in gate -- disable with LOKI_GATE_SEMANTIC_TESTS=false"
+                log_warn "  Details under .loki/quality/semantic-findings.txt ; opt-in blocking -- disable with LOKI_GATE_SEMANTIC_TESTS_BLOCK=false"
                 # Fall through; keep iterating until the fake tests are fixed.
-            # P1-4: invariant/property gate (OPT-IN, default OFF). Mirrors the
-            # semantic arm above and the Bun route's invariants toggle
-            # (loki-ts/src/runner/quality_gates.ts:2057). Guarded by
-            # LOKI_GATE_INVARIANTS (PLURAL, to match the Bun readToggles flag
-            # name; the detector's reference-comment singular default-on variant
-            # without the trailing S is deliberately NOT used). Accepts "true" or
-            # "1"; default OFF means the arm never runs (zero cost, never
-            # blocks). When enabled it runs detect-invariant-violations.sh
-            # --strict and rejects completion ONLY on a CRITICAL/HIGH (rc 1)
-            # finding; clean / detector-absent / timeout / malformed all
-            # collapse to a pass inside _invariant_gate_and_surface, so the
-            # autonomous loop can never deadlock on a clean run.
-            elif [ "$_completion_claimed" = 1 ] && { [ "${LOKI_GATE_INVARIANTS:-false}" = "true" ] || [ "${LOKI_GATE_INVARIANTS:-false}" = "1" ]; } && type _invariant_gate_and_surface &>/dev/null && ! _invariant_gate_and_surface; then
+            # P1-4: invariant/property completion-BLOCKING gate (OPT-IN, default
+            # OFF). Mirrors the semantic arm above and the Bun route's invariants
+            # toggle (loki-ts/src/runner/quality_gates.ts:2057). v7.57.0: the
+            # SURFACING of these findings is now default-on (see the mid-iteration
+            # advisory arm above, gated on LOKI_GATE_INVARIANTS, default true).
+            # This completion-BLOCKING arm is a SEPARATE opt-in, gated on
+            # LOKI_GATE_INVARIANTS_BLOCK (default OFF), so the surfacing-default-on
+            # flip does NOT make blocking default-on. Accepts "true" or "1". When
+            # the BLOCK flag is set it runs detect-invariant-violations.sh --strict
+            # and rejects completion ONLY on a CRITICAL/HIGH (rc 1) finding;
+            # clean / detector-absent / timeout / malformed all collapse to a pass
+            # inside _invariant_gate_and_surface, so the autonomous loop can never
+            # deadlock on a clean run.
+            elif [ "$_completion_claimed" = 1 ] && { [ "${LOKI_GATE_INVARIANTS_BLOCK:-false}" = "true" ] || [ "${LOKI_GATE_INVARIANTS_BLOCK:-false}" = "1" ]; } && type _invariant_gate_and_surface &>/dev/null && ! _invariant_gate_and_surface; then
                 log_warn "Completion claim rejected: invariant gate found CRITICAL/HIGH invariant/property violation(s)."
-                log_warn "  Details under .loki/quality/invariant-findings.txt ; opt-in gate -- disable with LOKI_GATE_INVARIANTS=false"
+                log_warn "  Details under .loki/quality/invariant-findings.txt ; opt-in blocking -- disable with LOKI_GATE_INVARIANTS_BLOCK=false"
                 # Fall through; keep iterating until the invariant violations are fixed.
             elif [ "$_completion_claimed" = 1 ]; then
                 echo ""

package/dashboard/__init__.py

@@ -7,7 +7,7 @@ Modules:
     control: Session control API (start/stop/pause/resume)
 """
 
-__version__ = "7.55.0"
+__version__ = "7.57.0"
 
 # Expose the control app for easy import
 try: