loki-mode 7.72.0 → 7.74.0

package/README.md

@@ -444,7 +444,7 @@ See [benchmarks/](benchmarks/) for methodology.
 | Area | What Works | What Doesn't (Yet) |
 |------|-----------|---------------------|
 | **Code Gen** | Full-stack apps from PRDs | Complex domain logic may need human review |
-| **Deploy** | Generates configs, Dockerfiles, CI/CD | Does not deploy -- human runs deploy commands |
+| **Deploy** | Generates configs, Dockerfiles, CI/CD; `loki deploy` prints the exact deploy command | Does not deploy -- human runs the printed deploy command (Loki never runs a cloud CLI or git push) |
 | **Testing** | 8 automated quality gates | Test quality depends on AI assertions |
 | **Providers** | 5 providers with auto-failover | Non-Claude providers lack parallel agents |
 | **Dashboard** | Real-time single-machine monitoring | No multi-node clustering |

package/SKILL.md

@@ -3,7 +3,7 @@ name: loki-mode
 description: Autonomous spec-driven build system with a built-in trust layer. It does not call work done until it is verified (RARV-C closure loop, 8 quality gates, completion council, verified-completion evidence gate). Triggers on "Loki Mode". Takes a spec (PRD, GitHub issue, OpenAPI doc, etc.) to deployed product with minimal human intervention. Provider-agnostic. Requires --dangerously-skip-permissions flag.
 ---
 
-# Loki Mode v7.72.0
+# Loki Mode v7.74.0
 
 **You are an autonomous agent. You make decisions. You do not ask questions. You do not stop.**
 
@@ -406,4 +406,4 @@ See `CHANGELOG.md` entries [7.5.7], [7.5.8], [7.5.13] for the per-fix list and r
 
 ---
 
-**v7.72.0 | [Autonomi](https://www.autonomi.dev/) flagship product | ~260 lines core**
+**v7.74.0 | [Autonomi](https://www.autonomi.dev/) flagship product | ~260 lines core**

package/VERSION

@@ -1 +1 @@
-7.72.0
+7.74.0

package/autonomy/completion-council.sh

@@ -2812,8 +2812,34 @@ council_evaluate() {
         # Re-derive complete count from the round file
         local round_file="$COUNCIL_STATE_DIR/votes/round-${ITERATION_COUNT}.json"
         local complete_count=0
+        local members_present=0
         if [ -f "$round_file" ]; then
             complete_count=$(_RF="$round_file" python3 -c "import json, os; print(json.load(open(os.environ['_RF'])).get('complete_votes', 0))" 2>/dev/null || echo "0")
+            # WAVE13 CRITICAL quorum gate: how many voters actually responded
+            # (total_members records the ACTUAL returned count -- see
+            # voter-agents.sh). A degraded/partial dispatch response must never
+            # be honored as COMPLETE even if its (now quorum-aware) verdict
+            # somehow read COMPLETE. This is defense-in-depth: the parser
+            # already forces CONTINUE on undercount, but the completion-detection
+            # trust core must independently assert full quorum before stopping.
+            members_present=$(_RF="$round_file" python3 -c "import json, os; print(json.load(open(os.environ['_RF'])).get('total_members', 0))" 2>/dev/null || echo "0")
+        fi
+        # Normalize to integers (guard against empty/non-numeric on read failure)
+        case "$complete_count" in (''|*[!0-9]*) complete_count=0 ;; esac
+        case "$members_present" in (''|*[!0-9]*) members_present=0 ;; esac
+
+        # Quorum-presence gate (distinct from the DA-unanimity trigger below):
+        # a COMPLETE verdict only stands when EXACTLY the expected council
+        # responded. Any mismatch is a degraded response and fails closed:
+        #   - undercount (< COUNCIL_SIZE): missing voters are non-approval.
+        #   - overcount (> COUNCIL_SIZE): extra/unprompted findings (e.g. a
+        #     model adding a 4th 'devils-advocate' finding) would otherwise let
+        #     a low-approval-ratio response clear the fixed threshold=2. Both
+        #     directions must CONTINUE, so we assert exact quorum (== not <).
+        if [ "$members_present" -ne "$COUNCIL_SIZE" ]; then
+            log_warn "Council evaluate: COMPLETE rejected -- quorum mismatch ($members_present voters present, expected $COUNCIL_SIZE); failing closed to CONTINUE"
+            council_write_transcript "${ITERATION_COUNT:-0}" "REJECTED" "false" "false" "$_eval_threshold"
+            return 1  # CONTINUE
         fi
 
         if [ "$complete_count" -eq "$COUNCIL_SIZE" ] && [ "$COUNCIL_SIZE" -ge 2 ]; then

package/autonomy/lib/git-pr-advisory.sh

@@ -0,0 +1,112 @@
+#!/usr/bin/env bash
+# git-pr-advisory.sh -- shared, PRINT-ONLY pull-request advisory helper.
+#
+# LOAD-BEARING INVARIANT: every function here is pure and print-only. It NEVER
+# runs `git push`, NEVER runs `gh pr create`, NEVER mutates the repo. It only
+# prints the commands a user would run, plus a best-effort clipboard copy of the
+# push line. This is the single source of truth sourced by BOTH autonomy/run.sh
+# (LOCK A3 create_session_pr) and autonomy/loki (cmd_deploy) so the two surfaces
+# print byte-identical, correct commands and cannot drift.
+#
+# set -e SAFE: this lib may be sourced under `set -uo pipefail` (run.sh) AND
+# `set -euo pipefail` (loki). Every fallible command ends with `|| true` or sits
+# in a guarded `if`; no bare `((..))`; every var defaulted with `${VAR:-}`;
+# every optional tool is `command -v`-guarded. All print paths `return 0` so a
+# sourced call cannot abort the caller under set -e.
+
+# Double-source guard.
+[ -n "${_GIT_PR_ADVISORY_SH:-}" ] && return 0
+_GIT_PR_ADVISORY_SH=1
+
+# _git_pr_advisory_origin_url [dir]
+# Echoes the origin remote URL, or empty string if none. Best-effort, never errors.
+_git_pr_advisory_origin_url() {
+    local dir="${1:-.}"
+    local url=""
+    command -v git >/dev/null 2>&1 || { printf '%s' ""; return 0; }
+    url="$(git -C "$dir" remote get-url origin 2>/dev/null || true)"
+    if [ -z "$url" ]; then
+        url="$(git -C "$dir" config --get remote.origin.url 2>/dev/null || true)"
+    fi
+    printf '%s' "${url:-}"
+    return 0
+}
+
+# _git_pr_advisory_compare_url <origin_url> <base> <head>
+# Echoes a GitHub compare URL, or empty if the origin URL is not a parseable
+# github.com remote. Handles both ssh (git@github.com:owner/repo.git) and https
+# (https://github.com/owner/repo[.git]) forms. Non-github hosts -> empty.
+_git_pr_advisory_compare_url() {
+    local origin_url="${1:-}"
+    local base="${2:-}"
+    local head="${3:-}"
+    [ -n "$origin_url" ] || { printf '%s' ""; return 0; }
+    [ -n "$base" ] || { printf '%s' ""; return 0; }
+    [ -n "$head" ] || { printf '%s' ""; return 0; }
+
+    # Only github.com remotes yield a compare URL. Do not fabricate for other hosts.
+    case "$origin_url" in
+        *github.com[:/]*) : ;;
+        *) printf '%s' ""; return 0 ;;
+    esac
+
+    # Reuse the run.sh:2123-2133 idiom: extract owner/repo from ssh or https forms.
+    local repo=""
+    repo="$(printf '%s' "$origin_url" | sed -E 's/.*github\.com[:/]([^/]+\/[^/]+)(\.git)?$/\1/' 2>/dev/null || true)"
+    repo="${repo%.git}"
+
+    if [ -n "$repo" ] && [ "$repo" != "$origin_url" ] && [ "${repo#*/}" != "$repo" ]; then
+        printf '%s' "https://github.com/${repo}/compare/${base}...${head}?expand=1"
+        return 0
+    fi
+
+    printf '%s' ""
+    return 0
+}
+
+# print_pr_advice <base_branch> <head_branch> [dir]
+# Prints PR advice. PRINT-ONLY: never pushes, never creates a PR. Always return 0.
+print_pr_advice() {
+    local base="${1:-main}"
+    local head="${2:-HEAD}"
+    local dir="${3:-.}"
+
+    printf '%s\n' "To open a pull request:"
+    printf '%s\n' "  git push -u origin ${head}"
+
+    if command -v gh >/dev/null 2>&1; then
+        printf '%s\n' "  gh pr create --base ${base} --head ${head} --title \"Loki Mode session changes\" --fill"
+    else
+        local origin_url="" compare_url=""
+        origin_url="$(_git_pr_advisory_origin_url "$dir")"
+        compare_url="$(_git_pr_advisory_compare_url "$origin_url" "$base" "$head")"
+        if [ -n "$compare_url" ]; then
+            printf '%s\n' "  Open: ${compare_url}"
+        else
+            printf '%s\n' "  Open a pull request for branch ${head} on your git host."
+        fi
+    fi
+
+    # Best-effort clipboard copy of the push line. TTY-gated, command-v guarded,
+    # never fatal. Print a note only if a copy tool actually ran.
+    if [ -t 1 ]; then
+        local push_line="git push -u origin ${head}"
+        local copied=""
+        if command -v pbcopy >/dev/null 2>&1; then
+            printf '%s' "$push_line" | pbcopy >/dev/null 2>&1 && copied="1" || true
+        elif command -v wl-copy >/dev/null 2>&1; then
+            printf '%s' "$push_line" | wl-copy >/dev/null 2>&1 && copied="1" || true
+        elif command -v xclip >/dev/null 2>&1; then
+            printf '%s' "$push_line" | xclip -selection clipboard >/dev/null 2>&1 && copied="1" || true
+        elif command -v xsel >/dev/null 2>&1; then
+            printf '%s' "$push_line" | xsel --clipboard --input >/dev/null 2>&1 && copied="1" || true
+        elif command -v clip >/dev/null 2>&1; then
+            printf '%s' "$push_line" | clip >/dev/null 2>&1 && copied="1" || true
+        fi
+        if [ -n "$copied" ]; then
+            printf '%s\n' "  (push command copied to clipboard)"
+        fi
+    fi
+
+    return 0
+}

package/autonomy/lib/voter-agents.sh

@@ -273,6 +273,7 @@ loki_council_dispatch_agents() {
     _VA_ITER="$iteration" \
     _VA_VDIR="$verdicts_dir" \
     _VA_RFILE="$votes_dir/round-${iteration}.json" \
+    _VA_EXPECTED="${COUNCIL_SIZE:-3}" \
     python3 -c '
 import json, os, sys
 from datetime import datetime, timezone
@@ -290,6 +291,26 @@ it = int(os.environ.get("_VA_ITER", "0") or 0)
 vdir = os.environ["_VA_VDIR"]
 rfile = os.environ["_VA_RFILE"]
 
+# WAVE13 CRITICAL quorum fix: the quorum denominator MUST be the EXPECTED
+# council size (COUNCIL_SIZE), never the number of findings the model happened
+# to return. Pre-fix this parser computed threshold = (returned*2+2)//3, so a
+# degraded response with a single APPROVE finding (returned=1) yielded
+# threshold=1 and a COMPLETE verdict from a SINGLE voter, with the missing
+# voters silently dropped. That fails OPEN on the completion-detection trust
+# core. We now fail CLOSED: any undercount (returned < expected) forces a
+# CONTINUE verdict so a partial/degraded model response can never reach
+# COMPLETE on the returned subset. Design choice (Option 2): compute the
+# verdict in-path (rather than sys.exit -> heuristic fallback) so the round
+# file always records the actual returned count in total_members, making the
+# downstream quorum assertion in completion-council.sh meaningful and locally
+# testable without depending on the heuristic-path disk-state behavior.
+try:
+    expected_count = int(os.environ.get("_VA_EXPECTED", "3") or 3)
+except (TypeError, ValueError):
+    expected_count = 3
+if expected_count < 1:
+    expected_count = 1
+
 def to_legacy(vote: str) -> str:
     v = (vote or "").upper()
     if v == "APPROVE":
@@ -338,14 +359,34 @@ for idx, f in enumerate(findings, start=1):
 if total == 0:
     sys.exit(5)
 
-threshold = (total * 2 + 2) // 3
-verdict = "COMPLETE" if complete >= threshold else "CONTINUE"
+# Quorum-aware threshold (WAVE13). threshold is computed against the EXPECTED
+# council size so it can never shrink to 1 on a degraded response. Absent
+# voters (total < expected) are treated as non-approval: the round is forced
+# to CONTINUE and can never reach COMPLETE on the returned subset. With
+# expected=3, threshold = ceil(2/3 * 3) = 2, so 1-of-3 (or any single voter)
+# is structurally incapable of producing COMPLETE.
+threshold = (expected_count * 2 + 2) // 3
+if total != expected_count:
+    # Fail closed on ANY quorum mismatch:
+    #   - undercount (total < expected): missing voters count as non-approval.
+    #   - overcount  (total > expected): extra/unprompted findings (e.g. a model
+    #     adding a 4th finding) would otherwise let a low-approval-ratio response
+    #     clear the fixed threshold. A degraded response in either direction must
+    #     never reach COMPLETE on the returned subset.
+    verdict = "CONTINUE"
+else:
+    verdict = "COMPLETE" if complete >= threshold else "CONTINUE"
 round_data = {
     "round": it,
     "timestamp": datetime.now(timezone.utc).strftime("%Y-%m-%dT%H:%M:%SZ"),
     "complete_votes": complete,
     "continue_votes": total - complete,
+    # total_members records the ACTUAL number of voters that responded (not the
+    # expected size) so the completion-council quorum assertion can detect an
+    # undercount. expected_members records the size the verdict was judged
+    # against.
     "total_members": total,
+    "expected_members": expected_count,
     "threshold": threshold,
     "verdict": verdict,
     "votes": votes,