mustflow 2.21.1 → 2.21.2

package/dist/cli/commands/run.js

@@ -171,7 +171,9 @@ export async function runRun(args, reporter, lang = 'en', options = {}) {
     }
     const runReceiptPolicy = profiler.measure('retention_policy', () => resolveRunReceiptRetentionPolicy(readMustflowConfigIfExists(projectRoot)));
     const env = profiler.measure('environment', () => createCommandEnv(projectRoot, { policy: plan.envPolicy, allowlist: plan.envAllowlist }));
-    const writeTracker = profiler.measure('write_drift_before', () => startRunWriteTracking(projectRoot, contract, intentName));
+    const writeTracker = profiler.measure('write_drift_before', () => startRunWriteTracking(projectRoot, contract, intentName, {
+        additionalDeclaredPaths: options.additionalDeclaredWritePaths,
+    }));
     const stdoutTailBytes = Math.min(runReceiptPolicy.stdoutTailBytes, plan.maxOutputBytes);
     const stderrTailBytes = Math.min(runReceiptPolicy.stderrTailBytes, plan.maxOutputBytes);
     let streamedOutput = false;

package/dist/cli/commands/verify.js

@@ -628,11 +628,12 @@ function testTargetsByScheduledIntent(report) {
         candidate.appliedTestTargets.length > 0)
         .map((candidate) => [candidate.intent, candidate.appliedTestTargets]));
 }
-async function runVerificationIntent(intent, lang, verificationPlanId, testTargets = []) {
+async function runVerificationIntent(intent, lang, verificationPlanId, testTargets = [], additionalDeclaredWritePaths = []) {
     const output = createBufferedOutput();
     const exitCode = await runRun([intent, '--json'], output.reporter, lang, {
         writeLatestReceipt: false,
         testTargets,
+        additionalDeclaredWritePaths,
     });
     const rawStdout = output.stdout().trim();
     let receipt = null;
@@ -680,7 +681,12 @@ async function runVerificationEntriesInParallelChunks(entries, parallelism, lang
     const results = [];
     for (let index = 0; index < entries.length; index += parallelism) {
         const chunk = entries.slice(index, index + parallelism);
-        results.push(...(await Promise.all(chunk.map((entry) => runVerificationIntent(entry.intent, lang, verificationPlanId, scheduledTestTargets.get(entry.intent) ?? [])))));
+        const batchDeclaredWritePaths = [
+            ...new Set(chunk.flatMap((entry) => entry.effects
+                .filter((effect) => effect.access === 'write' && typeof effect.path === 'string')
+                .map((effect) => effect.path))),
+        ].sort((left, right) => left.localeCompare(right));
+        results.push(...(await Promise.all(chunk.map((entry) => runVerificationIntent(entry.intent, lang, verificationPlanId, scheduledTestTargets.get(entry.intent) ?? [], batchDeclaredWritePaths)))));
     }
     return results;
 }

package/dist/cli/lib/filesystem.js

@@ -1,103 +1,10 @@
-import { closeSync, constants, copyFileSync, existsSync, lstatSync, mkdirSync, openSync, readFileSync, readdirSync, statSync, writeFileSync, } from 'node:fs';
+import { copyFileSync, existsSync, mkdirSync, readdirSync, statSync } from 'node:fs';
 import path from 'node:path';
-const NOFOLLOW_FLAG = typeof constants.O_NOFOLLOW === 'number' ? constants.O_NOFOLLOW : 0;
+export { ensureFileTargetInsideWithoutSymlinks, ensureInside, ensureInsideWithoutSymlinks, readFileInsideWithoutSymlinks, readUtf8FileInsideWithoutSymlinks, writeFileInsideWithoutSymlinks, writeUtf8FileInsideWithoutSymlinks, } from '../../core/safe-filesystem.js';
+import { readFileInsideWithoutSymlinks, writeFileInsideWithoutSymlinks, } from '../../core/safe-filesystem.js';
 export function toPosixPath(value) {
     return value.split(path.sep).join('/');
 }
-export function ensureInside(parentPath, childPath) {
-    const parent = path.resolve(parentPath);
-    const child = path.resolve(childPath);
-    const relative = path.relative(parent, child);
-    if (relative === '' || (!relative.startsWith('..') && !path.isAbsolute(relative))) {
-        return;
-    }
-    throw new Error(`Path escapes allowed directory: ${childPath}`);
-}
-function isMissingPathError(error) {
-    return error instanceof Error && 'code' in error && error.code === 'ENOENT';
-}
-export function ensureInsideWithoutSymlinks(parentPath, childPath, options = {}) {
-    ensureInside(parentPath, childPath);
-    const parent = path.resolve(parentPath);
-    const child = path.resolve(childPath);
-    const relative = path.relative(parent, child);
-    const segments = relative === '' ? [] : relative.split(path.sep).filter((segment) => segment.length > 0);
-    let currentPath = parent;
-    const parentStats = lstatSync(parent);
-    if (parentStats.isSymbolicLink()) {
-        throw new Error(`Path must not contain symlinks: ${childPath}`);
-    }
-    for (const [index, segment] of segments.entries()) {
-        currentPath = path.join(currentPath, segment);
-        const isLeaf = index === segments.length - 1;
-        try {
-            const stats = lstatSync(currentPath);
-            if (stats.isSymbolicLink()) {
-                throw new Error(`Path must not contain symlinks: ${childPath}`);
-            }
-            if (!isLeaf && !stats.isDirectory()) {
-                throw new Error(`Path component is not a directory: ${currentPath}`);
-            }
-        }
-        catch (error) {
-            if (isMissingPathError(error) && options.allowMissingLeaf) {
-                return;
-            }
-            throw error;
-        }
-    }
-}
-export function readUtf8FileInsideWithoutSymlinks(parentPath, childPath) {
-    return readFileInsideWithoutSymlinks(parentPath, childPath).toString('utf8');
-}
-export function readFileInsideWithoutSymlinks(parentPath, childPath) {
-    const absoluteChildPath = path.resolve(childPath);
-    ensureInsideWithoutSymlinks(parentPath, absoluteChildPath);
-    const fileDescriptor = openSync(absoluteChildPath, constants.O_RDONLY | NOFOLLOW_FLAG);
-    try {
-        return readFileSync(fileDescriptor);
-    }
-    finally {
-        closeSync(fileDescriptor);
-    }
-}
-export function ensureFileTargetInsideWithoutSymlinks(parentPath, childPath, options = {}) {
-    const absoluteChildPath = path.resolve(childPath);
-    ensureInside(parentPath, absoluteChildPath);
-    ensureInsideWithoutSymlinks(parentPath, path.dirname(absoluteChildPath), { allowMissingLeaf: true });
-    try {
-        const stats = lstatSync(absoluteChildPath);
-        if (stats.isSymbolicLink()) {
-            throw new Error(`Path must not contain symlinks: ${childPath}`);
-        }
-        if (!stats.isFile()) {
-            throw new Error(`Path must be a regular file: ${childPath}`);
-        }
-    }
-    catch (error) {
-        if (isMissingPathError(error) && options.allowMissingLeaf) {
-            return;
-        }
-        throw error;
-    }
-}
-export function writeUtf8FileInsideWithoutSymlinks(parentPath, childPath, content) {
-    writeFileInsideWithoutSymlinks(parentPath, childPath, content);
-}
-export function writeFileInsideWithoutSymlinks(parentPath, childPath, content) {
-    const absoluteChildPath = path.resolve(childPath);
-    const directoryPath = path.dirname(absoluteChildPath);
-    ensureInsideWithoutSymlinks(parentPath, directoryPath, { allowMissingLeaf: true });
-    mkdirSync(directoryPath, { recursive: true });
-    ensureFileTargetInsideWithoutSymlinks(parentPath, absoluteChildPath, { allowMissingLeaf: true });
-    const fileDescriptor = openSync(absoluteChildPath, constants.O_WRONLY | constants.O_CREAT | constants.O_TRUNC | NOFOLLOW_FLAG);
-    try {
-        writeFileSync(fileDescriptor, content);
-    }
-    finally {
-        closeSync(fileDescriptor);
-    }
-}
 export function copyFileInsideWithoutSymlinks(sourceParentPath, sourcePath, targetParentPath, targetPath) {
     const content = readFileInsideWithoutSymlinks(sourceParentPath, sourcePath);
     writeFileInsideWithoutSymlinks(targetParentPath, targetPath, content);

package/dist/cli/lib/local-index/index.js

@@ -2245,7 +2245,7 @@ export async function createLocalIndex(projectRoot, options = {}) {
         max_snippet_bytes_per_document: MAX_SNIPPET_BYTES_PER_DOCUMENT,
         excluded_raw_data_kinds: [...LOCAL_INDEX_EXCLUDED_RAW_DATA_KINDS],
         indexed_file_count: indexedFiles.length,
-        indexed_paths: documents.map((document) => document.path),
+        indexed_paths: indexedFiles.map((file) => file.path),
     };
 }
 function readStoredSchemaVersion(database) {

package/dist/core/command-effects.js

@@ -17,12 +17,11 @@ function validateEffectPath(projectRoot, intent, rawPath) {
     const cwd = resolveSafeProjectCwd(projectRoot, readString(intent, 'cwd'));
     const resolved = path.resolve(cwd, rawPath);
     const root = path.resolve(projectRoot);
-    const resolvedLower = resolved.toLowerCase();
-    const rootLower = root.toLowerCase();
-    if (resolvedLower !== rootLower && !resolvedLower.startsWith(`${rootLower}${path.sep}`)) {
+    const relative = path.relative(root, resolved);
+    if (relative.startsWith('..') || path.isAbsolute(relative)) {
         throw new Error(`Command effect path must stay inside the current root: ${rawPath}`);
     }
-    return normalizeRelativePath(path.relative(projectRoot, resolved));
+    return normalizeRelativePath(relative);
 }
 function readResourcePaths(commandContract, lock) {
     const resource = commandContract.resources[lock];

package/dist/core/run-write-drift.js

@@ -11,7 +11,7 @@ const GIT_STATUS_UNTRACKED_MODE = 'normal';
 const MAX_HASH_BYTES = 5 * 1024 * 1024;
 const RECURSIVE_SNAPSHOT_ENV = 'MUSTFLOW_WRITE_DRIFT_SNAPSHOT';
 const EXCLUDED_DIRECTORY_NAMES = new Set(['.git', 'node_modules']);
-const EXCLUDED_RELATIVE_DIRECTORY_PATHS = new Set(['.mustflow/state/runs']);
+const EXCLUDED_RELATIVE_DIRECTORY_PATHS = new Set(['.mustflow/state/perf', '.mustflow/state/runs']);
 function isRecursiveSnapshotEnabled() {
     const value = process.env[RECURSIVE_SNAPSHOT_ENV];
     return value === '1' || value?.toLowerCase() === 'true';
@@ -186,10 +186,14 @@ function truncatePaths(paths) {
     }
     return { paths: paths.slice(0, MAX_REPORTED_PATHS), truncated: true };
 }
-export function startRunWriteTracking(projectRoot, contract, intentName) {
+export function startRunWriteTracking(projectRoot, contract, intentName, options = {}) {
+    const declaredPaths = [
+        ...listDeclaredWritePaths(projectRoot, contract, intentName),
+        ...(options.additionalDeclaredPaths ?? []).map(normalizeRelativePath),
+    ];
     return {
         projectRoot,
-        declaredPaths: listDeclaredWritePaths(projectRoot, contract, intentName),
+        declaredPaths: [...new Set(declaredPaths)].sort((left, right) => left.localeCompare(right)),
         before: captureSnapshot(projectRoot),
     };
 }

package/dist/core/safe-filesystem.js

@@ -114,6 +114,9 @@ export function readFileInsideWithoutSymlinks(parentPath, childPath) {
         closeSync(fileDescriptor);
     }
 }
+export function readUtf8FileInsideWithoutSymlinks(parentPath, childPath) {
+    return readFileInsideWithoutSymlinks(parentPath, childPath).toString('utf8');
+}
 export function writeFileInsideWithoutSymlinks(parentPath, childPath, content) {
     const absoluteChildPath = path.resolve(childPath);
     const directoryPath = path.dirname(absoluteChildPath);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "mustflow",
-  "version": "2.21.1",
+  "version": "2.21.2",
   "description": "Agent workflow documents and CLI for mustflow repository roots.",
   "type": "module",
   "license": "MIT-0",

package/templates/default/manifest.toml

@@ -1,6 +1,6 @@
 id = "default"
 name = "default"
-version = "2.21.1"
+version = "2.21.2"
 description = "Minimal workflow for LLM agents to read, edit, and verify their work in a repository."
 common_root = "common"
 locales_root = "locales"