moflo 4.9.21 → 4.9.23

package/dist/src/cli/services/worker-daemon.js

@@ -1,13 +1,21 @@
 /**
  * Worker Daemon Service
- * Node.js-based background worker system that auto-runs like shell daemons
+ * Node.js-based background worker system that auto-runs like shell daemons.
  *
- * Workers:
- * - map: Codebase mapping (5 min interval)
- * - audit: Security analysis (10 min interval)
+ * Default workers:
+ * - map: Codebase mapping (15 min interval)
  * - optimize: Performance optimization (15 min interval)
  * - consolidate: Memory consolidation (30 min interval)
  * - testgaps: Test coverage analysis (20 min interval)
+ *
+ * Manual-trigger-only workers (disabled by default, no scheduled run):
+ * ultralearn, refactor, deepdive, benchmark, preload.
+ *
+ * The `audit`, `predict`, and `document` workers were removed in #970 —
+ * they were default-disabled with no surfacing layer for findings, and the
+ * dashboard rendered them as "disabled" rows that read as broken. If a
+ * security or doc scan returns it should land as an opt-in `flo doctor`
+ * one-shot with a real findings UI, not as a recurring background worker.
  */
 import { EventEmitter } from 'events';
 import { existsSync, mkdirSync, writeFileSync, readFileSync } from 'fs';
@@ -21,18 +29,32 @@ import { attachSignalHandlers } from '../shared/resilience/signal-handlers.js';
 import { calculateDelay } from '../production/retry.js';
 import { CircuitBreaker } from '../production/circuit-breaker.js';
 import { errorDetail } from '../shared/utils/error-detail.js';
+/**
+ * Runtime allow-list of known {@link WorkerType} values. Used by
+ * `initializeWorkerStates` to silently drop entries from a stale
+ * `daemon-state.json` after a worker is removed from the union (#970).
+ * Keep in sync with the `WorkerType` definition above.
+ */
+const KNOWN_WORKER_TYPES = new Set([
+    'ultralearn',
+    'optimize',
+    'consolidate',
+    'map',
+    'preload',
+    'deepdive',
+    'refactor',
+    'benchmark',
+    'testgaps',
+]);
+function isKnownWorkerType(value) {
+    return typeof value === 'string' && KNOWN_WORKER_TYPES.has(value);
+}
 // Default worker configurations with improved intervals (P0 fix: map 5min -> 15min)
 const DEFAULT_WORKERS = [
     { type: 'map', intervalMs: 15 * 60 * 1000, offsetMs: 0, priority: 'normal', description: 'Codebase mapping', enabled: true },
-    // Default-disabled until the perf regression in #631 is remediated. The
-    // worker averages 238 s/run on real installs, saturating cores back-to-back
-    // when scheduled at the 10-minute interval. Re-enable here when #631 ships.
-    { type: 'audit', intervalMs: 10 * 60 * 1000, offsetMs: 2 * 60 * 1000, priority: 'critical', description: 'Security analysis', enabled: false },
     { type: 'optimize', intervalMs: 15 * 60 * 1000, offsetMs: 4 * 60 * 1000, priority: 'high', description: 'Performance optimization', enabled: true },
     { type: 'consolidate', intervalMs: 30 * 60 * 1000, offsetMs: 6 * 60 * 1000, priority: 'low', description: 'Memory consolidation', enabled: true },
     { type: 'testgaps', intervalMs: 20 * 60 * 1000, offsetMs: 8 * 60 * 1000, priority: 'normal', description: 'Test coverage analysis', enabled: true },
-    { type: 'predict', intervalMs: 10 * 60 * 1000, offsetMs: 0, priority: 'low', description: 'Predictive preloading', enabled: false },
-    { type: 'document', intervalMs: 60 * 60 * 1000, offsetMs: 0, priority: 'low', description: 'Auto-documentation', enabled: false },
 ];
 // Worker timeout (5 minutes max per worker)
 const DEFAULT_WORKER_TIMEOUT_MS = 5 * 60 * 1000;
@@ -326,9 +348,16 @@ export class WorkerDaemon extends EventEmitter {
                 if (typeof saved.config?.workerTimeoutMs === 'number' && saved.config.workerTimeoutMs > 0) {
                     this.config.workerTimeoutMs = saved.config.workerTimeoutMs;
                 }
-                // Restore worker runtime states (runCount, successCount, etc.)
+                // Restore worker runtime states (runCount, successCount, etc.).
+                // Unknown worker types (left over from a prior moflo version where
+                // `audit`/`predict`/`document` existed) are silently dropped — see
+                // KNOWN_WORKER_TYPES + #970 — so consumers upgrading don't crash on
+                // stale state, and the orphan entries don't get re-persisted on the
+                // next saveState.
                 if (saved.workers) {
                     for (const [type, state] of Object.entries(saved.workers)) {
+                        if (!isKnownWorkerType(type))
+                            continue;
                         const savedState = state;
                         const lastRunValue = savedState.lastRun;
                         const restoredState = {
@@ -749,18 +778,12 @@ export class WorkerDaemon extends EventEmitter {
         switch (workerConfig.type) {
             case 'map':
                 return this.runMapWorker();
-            case 'audit':
-                return this.runAuditWorkerLocal();
             case 'optimize':
                 return this.runOptimizeWorkerLocal();
             case 'consolidate':
                 return this.runConsolidateWorker();
             case 'testgaps':
                 return this.runTestGapsWorkerLocal();
-            case 'predict':
-                return this.runPredictWorkerLocal();
-            case 'document':
-                return this.runDocumentWorkerLocal();
             case 'ultralearn':
                 return this.runUltralearnWorkerLocal();
             case 'refactor':
@@ -797,31 +820,6 @@ export class WorkerDaemon extends EventEmitter {
         writeFileSync(metricsFile, JSON.stringify(map, null, 2));
         return map;
     }
-    /**
-     * Local audit worker (fallback when headless unavailable)
-     */
-    async runAuditWorkerLocal() {
-        // Basic security checks
-        const auditFile = join(this.projectRoot, '.moflo', 'metrics', 'security-audit.json');
-        const metricsDir = join(this.projectRoot, '.moflo', 'metrics');
-        if (!existsSync(metricsDir)) {
-            mkdirSync(metricsDir, { recursive: true });
-        }
-        const audit = {
-            timestamp: new Date().toISOString(),
-            mode: 'local',
-            checks: {
-                envFilesProtected: !existsSync(join(this.projectRoot, '.env.local')),
-                gitIgnoreExists: existsSync(join(this.projectRoot, '.gitignore')),
-                noHardcodedSecrets: true, // Would need actual scanning
-            },
-            riskLevel: 'low',
-            recommendations: [],
-            note: 'Install Claude Code CLI for AI-powered security analysis',
-        };
-        writeFileSync(auditFile, JSON.stringify(audit, null, 2));
-        return audit;
-    }
     /**
      * Local optimize worker (fallback when headless unavailable)
      */
@@ -883,30 +881,6 @@ export class WorkerDaemon extends EventEmitter {
         writeFileSync(testGapsFile, JSON.stringify(result, null, 2));
         return result;
     }
-    /**
-     * Local predict worker (fallback when headless unavailable)
-     */
-    async runPredictWorkerLocal() {
-        return {
-            timestamp: new Date().toISOString(),
-            mode: 'local',
-            predictions: [],
-            preloaded: [],
-            note: 'Install Claude Code CLI for AI-powered predictions',
-        };
-    }
-    /**
-     * Local document worker (fallback when headless unavailable)
-     */
-    async runDocumentWorkerLocal() {
-        return {
-            timestamp: new Date().toISOString(),
-            mode: 'local',
-            filesDocumented: 0,
-            suggestedDocs: [],
-            note: 'Install Claude Code CLI for AI-powered documentation generation',
-        };
-    }
     /**
      * Local ultralearn worker (fallback when headless unavailable)
      */

package/dist/src/cli/shared/events/example-usage.js

@@ -36,20 +36,20 @@ async function main() {
     // 3. Record Agent Lifecycle Events
     // =========================================================================
     console.log('3. Recording Agent Lifecycle Events...');
-    // Agent 1: Queen Coordinator
-    await eventStore.append(createAgentSpawnedEvent('agent-1', 'queen-coordinator', 'coordination', [
+    // Agent 1: Coordinator
+    await eventStore.append(createAgentSpawnedEvent('agent-1', 'coordinator', 'coordination', [
         'orchestration',
         'task-assignment',
     ]));
     await eventStore.append(createAgentStartedEvent('agent-1'));
-    // Agent 2: Security Architect
-    await eventStore.append(createAgentSpawnedEvent('agent-2', 'security-architect', 'security', [
+    // Agent 2: Security Auditor
+    await eventStore.append(createAgentSpawnedEvent('agent-2', 'security-auditor', 'security', [
         'threat-modeling',
         'security-design',
     ]));
     await eventStore.append(createAgentStartedEvent('agent-2'));
-    // Agent 3: Core Architect
-    await eventStore.append(createAgentSpawnedEvent('agent-3', 'core-architect', 'core', ['ddd-design', 'architecture']));
+    // Agent 3: Architect
+    await eventStore.append(createAgentSpawnedEvent('agent-3', 'architect', 'core', ['ddd-design', 'architecture']));
     await eventStore.append(createAgentStartedEvent('agent-3'));
     console.log('   Agent events recorded\n');
     // =========================================================================

package/dist/src/cli/shared/hooks/task-hooks.js

@@ -144,27 +144,27 @@ export class TaskHooksManager {
             },
             {
                 keywords: ['security', 'vulnerability', 'cve', 'threat'],
-                agent: 'security-architect',
+                agent: 'security-auditor',
                 capabilities: ['security-analysis', 'vulnerability-detection', 'threat-modeling'],
             },
             {
-                keywords: ['performance', 'optimize', 'speed', 'memory'],
-                agent: 'performance-engineer',
+                keywords: ['performance', 'optimize', 'speed', 'memory', 'profile', 'benchmark'],
+                agent: 'reviewer',
                 capabilities: ['performance-optimization', 'profiling', 'benchmarking'],
             },
             {
                 keywords: ['architect', 'design', 'structure', 'pattern'],
-                agent: 'core-architect',
+                agent: 'architect',
                 capabilities: ['architecture-design', 'pattern-application', 'system-design'],
             },
             {
-                keywords: ['memory', 'storage', 'database', 'cache'],
-                agent: 'memory-specialist',
+                keywords: ['storage', 'database', 'cache', 'persistence'],
+                agent: 'researcher',
                 capabilities: ['memory-management', 'data-persistence', 'caching'],
             },
             {
-                keywords: ['swarm', 'coordinate', 'orchestrate', 'agent'],
-                agent: 'swarm-specialist',
+                keywords: ['swarm', 'coordinate', 'orchestrate', 'agent', 'hive'],
+                agent: 'coordinator',
                 capabilities: ['swarm-coordination', 'agent-orchestration', 'distributed-systems'],
             },
         ];

package/dist/src/cli/spells/core/runner.js

@@ -150,6 +150,18 @@ export class SpellCaster {
                     message: err.message,
                 }], definition.name);
         }
+        // Per-spell sandbox requirement (#878) — "more strict wins": the spell
+        // can opt in to sandboxing even when the global config is off, and the
+        // runner refuses to cast if no OS sandbox is active.
+        if (definition.sandbox?.required === true && !effectiveSandbox.useOsSandbox) {
+            return this.failureResult(spellId, startTime, [{
+                    code: 'SANDBOX_REQUIRED',
+                    message: `Spell "${definition.name}" requires an OS sandbox but none is active ` +
+                        `(${effectiveSandbox.displayStatus}). Enable sandboxing by setting ` +
+                        `\`sandbox.enabled: true\` in moflo.yaml (and \`sandbox.tier: auto\` ` +
+                        `or \`full\`), or remove \`sandbox.required: true\` from the spell.`,
+                }], definition.name);
+        }
         return this.executeSteps(definition, resolvedArgs, spellId, options, startTime, effectiveSandbox);
     }
     async dryRun(definition, resolvedArgs, options = {}) {

package/dist/src/cli/spells/scheduler/scheduler.js

@@ -369,15 +369,30 @@ export class SpellScheduler {
                 duration: completedAt - now,
             };
             await this.memory.write(NAMESPACE_EXECUTIONS, executionId, finalRecord);
-            this.emit({
-                type: result.success ? 'schedule:completed' : 'schedule:failed',
-                scheduleId: schedule.id,
-                spellName: schedule.spellName,
-                message: result.success
-                    ? `Completed in ${finalRecord.duration}ms`
-                    : `Failed: ${finalRecord.error}`,
-                timestamp: completedAt,
-            });
+            // SANDBOX_REQUIRED (#878) is a configuration mismatch, not a runtime
+            // failure — surface it as a skip so dashboards/oncall don't page on a
+            // missing sandbox the user can resolve in moflo.yaml.
+            const sandboxRequiredErr = result.errors.find(e => e.code === 'SANDBOX_REQUIRED');
+            if (!result.success && sandboxRequiredErr) {
+                this.emit({
+                    type: 'schedule:skipped',
+                    scheduleId: schedule.id,
+                    spellName: schedule.spellName,
+                    message: sandboxRequiredErr.message,
+                    timestamp: completedAt,
+                });
+            }
+            else {
+                this.emit({
+                    type: result.success ? 'schedule:completed' : 'schedule:failed',
+                    scheduleId: schedule.id,
+                    spellName: schedule.spellName,
+                    message: result.success
+                        ? `Completed in ${finalRecord.duration}ms`
+                        : `Failed: ${finalRecord.error}`,
+                    timestamp: completedAt,
+                });
+            }
         }
         catch (err) {
             const completedAt = Date.now();

package/dist/src/cli/spells/schema/validator.js

@@ -16,7 +16,7 @@
 import { isValidMofloLevel } from '../core/capability-validator.js';
 import { MOFLO_LEVEL_ORDER } from '../types/step-command.types.js';
 import { validateSchedule } from '../scheduler/cron-parser.js';
-import { validateTopLevel, validateArguments, matchesArgumentType } from './validators/top-level.js';
+import { validateTopLevel, validateArguments, matchesArgumentType, validateSandbox } from './validators/top-level.js';
 import { validateSteps } from './validators/steps.js';
 import { validatePrerequisites } from './validators/prerequisites.js';
 import { validateVariableReferences } from './validators/references.js';
@@ -27,6 +27,7 @@ import { detectCircularJumps } from './validators/jumps.js';
 export function validateSpellDefinition(def, options) {
     const errors = [];
     validateTopLevel(def, errors);
+    validateSandbox(def, errors);
     if (def.mofloLevel !== undefined && !isValidMofloLevel(def.mofloLevel)) {
         errors.push({
             path: 'mofloLevel',

package/dist/src/cli/spells/schema/validators/top-level.js

@@ -58,6 +58,24 @@ export function validateArguments(args, errors) {
         }
     }
 }
+/**
+ * Validate the optional `sandbox` block on a spell definition.
+ * Accepts: missing, `{}`, `{ required: boolean }`.
+ * Rejects: non-object value, non-boolean `required`.
+ */
+export function validateSandbox(def, errors) {
+    const sandbox = def.sandbox;
+    if (sandbox === undefined)
+        return;
+    if (sandbox === null || typeof sandbox !== 'object' || Array.isArray(sandbox)) {
+        errors.push({ path: 'sandbox', message: 'sandbox must be an object' });
+        return;
+    }
+    const { required } = sandbox;
+    if (required !== undefined && typeof required !== 'boolean') {
+        errors.push({ path: 'sandbox.required', message: 'sandbox.required must be a boolean' });
+    }
+}
 /** Check whether a value matches a declared ArgumentType. */
 export function matchesArgumentType(value, type) {
     switch (type) {

package/dist/src/cli/version.js

@@ -2,5 +2,5 @@
  * Auto-generated by build. Do not edit manually.
  * Source of truth: root package.json → scripts/sync-version.mjs
  */
-export const VERSION = '4.9.21';
+export const VERSION = '4.9.23';
 //# sourceMappingURL=version.js.map

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "moflo",
-  "version": "4.9.21",
+  "version": "4.9.23",
   "description": "MoFlo — AI agent orchestration for Claude Code. A standalone, opinionated toolkit with semantic memory, learned routing, gates, spells, and the /flo issue-execution skill.",
   "main": "dist/src/cli/index.js",
   "type": "module",
@@ -29,6 +29,7 @@
     "src/cli/spells/definitions/**/*.yaml",
     "!**/*.test.js",
     "!**/*.spec.js",
+    "!**/*.perf.js",
     "!**/__tests__/**",
     ".claude/commands/**/*.md",
     ".claude/agents/**/*.md",
@@ -39,6 +40,7 @@
     "!.claude/**/*.map",
     "README.md",
     "LICENSE",
+    "retired-files.json",
     "scripts/prune-native-binaries.mjs",
     "scripts/post-install-notice.mjs",
     "scripts/post-install-bootstrap.mjs"
@@ -53,6 +55,7 @@
     "test:ui": "vitest --ui",
     "test:smoke": "node harness/consumer-smoke/run.mjs",
     "test:smoke:populated": "node harness/consumer-smoke/run-populated.mjs",
+    "bench": "vitest run --config vitest.bench.config.ts",
     "lint": "eslint src/ bin/ .claude/scripts/ --ext .ts,.tsx,.mts,.cts,.js,.mjs,.cjs --max-warnings 0",
     "security:audit": "npm audit --omit=dev --audit-level high",
     "security:fix": "npm audit fix",
@@ -81,7 +84,7 @@
     "@typescript-eslint/eslint-plugin": "^7.18.0",
     "@typescript-eslint/parser": "^7.18.0",
     "eslint": "^8.0.0",
-    "moflo": "^4.9.20",
+    "moflo": "^4.9.22",
     "tsx": "^4.21.0",
     "typescript": "^5.9.3",
     "vitest": "^4.0.0"