nexo-brain 7.1.8 → 7.2.0

package/src/plugins/update.py

@@ -84,37 +84,67 @@ _THIS_DIR = Path(__file__).resolve().parent
 CODE_ROOT = _THIS_DIR.parent
 _REPO_CANDIDATE = CODE_ROOT.parent
 
+# B10 mini-refactor (AUDITOR-V700-PASS2 §11): the pieces below that look up
+# env-dependent or filesystem-dependent state now go through lazy helpers so
+# tests can monkeypatch NEXO_HOME / the .git location after the module was
+# imported without snapshotting a stale value. The module-level constants
+# (NEXO_HOME, DATA_DIR, BACKUP_BASE, REPO_DIR, SRC_DIR, PACKAGE_JSON) are
+# kept for the existing 77 callsites; they will migrate to the helpers in
+# followup NF-B10-UPDATE-PY-LAZY-CALLSITES-COSMETIC post-release.
+
+
+def _nexo_home() -> Path:
+    """Resolve the current NEXO_HOME on every call.
+
+    export_resolved_nexo_home() reads the env var + runtime config each time,
+    so fixtures that monkeypatch NEXO_HOME mid-test pick up the new path.
+    """
+    return export_resolved_nexo_home()
+
+
+def _is_packaged_install() -> bool:
+    """Return True iff we are running inside a packaged NEXO install.
+
+    Evaluated on every call because tests may stage a fake repo (or drop a
+    synthetic .git marker) after the module has already been imported.
+    """
+    return not (_REPO_CANDIDATE / ".git").exists() and not (_REPO_CANDIDATE / ".git").is_file()
+
+
 NEXO_HOME = export_resolved_nexo_home()
 DATA_DIR = paths.data_dir()
 BACKUP_BASE = paths.backups_dir()
 
 # In packaged installs, update.py lives at <NEXO_HOME>/plugins/update.py.
-_PACKAGED_INSTALL = not (_REPO_CANDIDATE / ".git").exists() and not (_REPO_CANDIDATE / ".git").is_file()
+_PACKAGED_INSTALL = _is_packaged_install()
 REPO_DIR = CODE_ROOT if _PACKAGED_INSTALL else _REPO_CANDIDATE
 SRC_DIR = CODE_ROOT
 PACKAGE_JSON = REPO_DIR / "package.json"
 
 
-def _venv_python_path(runtime_root: Path = NEXO_HOME) -> Path:
+def _venv_python_path(runtime_root: Path | None = None) -> Path:
+    root = runtime_root or _nexo_home()
     if sys.platform == "win32":
-        return runtime_root / ".venv" / "Scripts" / "python.exe"
-    return runtime_root / ".venv" / "bin" / "python3"
+        return root / ".venv" / "Scripts" / "python.exe"
+    return root / ".venv" / "bin" / "python3"
 
 
-def _venv_pip_path(runtime_root: Path = NEXO_HOME) -> Path:
+def _venv_pip_path(runtime_root: Path | None = None) -> Path:
+    root = runtime_root or _nexo_home()
     if sys.platform == "win32":
-        return runtime_root / ".venv" / "Scripts" / "pip.exe"
-    return runtime_root / ".venv" / "bin" / "pip"
+        return root / ".venv" / "Scripts" / "pip.exe"
+    return root / ".venv" / "bin" / "pip"
 
 
-def _ensure_managed_venv(runtime_root: Path = NEXO_HOME) -> str | None:
-    venv_python = _venv_python_path(runtime_root)
+def _ensure_managed_venv(runtime_root: Path | None = None) -> str | None:
+    root = runtime_root or _nexo_home()
+    venv_python = _venv_python_path(root)
     if venv_python.exists():
         return None
     try:
-        runtime_root.mkdir(parents=True, exist_ok=True)
+        root.mkdir(parents=True, exist_ok=True)
         result = subprocess.run(
-            [sys.executable, "-m", "venv", str(runtime_root / ".venv")],
+            [sys.executable, "-m", "venv", str(root / ".venv")],
             capture_output=True,
             text=True,
             timeout=120,
@@ -173,7 +203,7 @@ def _runtime_code_root(runtime_root: Path | None = None) -> Path:
 
 def _core_artifact_source_dir() -> Path | None:
     """Return the canonical source directory for packaged core artifacts."""
-    if _PACKAGED_INSTALL:
+    if _is_packaged_install():
         return _find_npm_pkg_src()
     return SRC_DIR
 
@@ -241,7 +271,7 @@ def _cleanup_retired_runtime_files() -> list[str]:
 
 def _read_version() -> str:
     """Read the installed/runtime version."""
-    if _PACKAGED_INSTALL:
+    if _is_packaged_install():
         # version.json is the runtime truth for packaged installs.
         try:
             version_file = NEXO_HOME / "version.json"
@@ -286,7 +316,7 @@ def _requirements_hash() -> str:
     """Return a content hash of requirements.txt, or empty string if missing."""
     import hashlib
     req_file = SRC_DIR / "requirements.txt"
-    if not req_file.exists() and _PACKAGED_INSTALL:
+    if not req_file.exists() and _is_packaged_install():
         npm_src = _find_npm_pkg_src()
         if npm_src:
             req_file = npm_src / "requirements.txt"
@@ -441,7 +471,7 @@ def _restore_databases(backup_dir: str):
 def _reinstall_pip_deps() -> str | None:
     """Reinstall Python dependencies from requirements.txt into the managed venv."""
     req_file = SRC_DIR / "requirements.txt"
-    if not req_file.exists() and _PACKAGED_INSTALL:
+    if not req_file.exists() and _is_packaged_install():
         # In packaged mode, requirements.txt lives in the npm package's src/ dir
         npm_src = _find_npm_pkg_src()
         if npm_src:
@@ -714,7 +744,7 @@ def _format_dep_results(dep_results: list[dict]) -> list[str]:
 def _run_migrations() -> str | None:
     """Run init_db() to apply pending migrations. Returns error or None."""
     # In packaged mode, db/ lives in NEXO_HOME; in dev mode, in SRC_DIR
-    cwd = str(NEXO_HOME) if _PACKAGED_INSTALL else str(SRC_DIR)
+    cwd = str(NEXO_HOME) if _is_packaged_install() else str(SRC_DIR)
     try:
         result = subprocess.run(
             [sys.executable, "-c", "import db; db.init_db()"],
@@ -733,7 +763,7 @@ def _run_migrations() -> str | None:
 def _verify_import() -> str | None:
     """Verify server.py can be imported successfully."""
     # In packaged mode, server.py lives in NEXO_HOME; in dev mode, in SRC_DIR
-    cwd = str(NEXO_HOME) if _PACKAGED_INSTALL else str(SRC_DIR)
+    cwd = str(NEXO_HOME) if _is_packaged_install() else str(SRC_DIR)
     try:
         result = subprocess.run(
             [sys.executable, "-c", "import server"],

package/src/plugins/workflow.py

@@ -71,6 +71,43 @@ def _parse_json_object(value: str) -> dict | None:
     return parsed if isinstance(parsed, dict) else None
 
 
+def _checkpoint_active_files(*payloads: dict | None) -> list[str]:
+    seen: list[str] = []
+    for payload in payloads:
+        if not isinstance(payload, dict):
+            continue
+        for key in ("active_files", "files", "tracked_files"):
+            raw = payload.get(key)
+            if raw is None:
+                continue
+            if isinstance(raw, str):
+                items = [item.strip() for item in raw.split(",") if item.strip()]
+            elif isinstance(raw, (list, tuple, set)):
+                items = [str(item).strip() for item in raw if str(item).strip()]
+            else:
+                items = [str(raw).strip()] if str(raw).strip() else []
+            for item in items:
+                if item and item not in seen:
+                    seen.append(item)
+    return seen
+
+
+def _workflow_blocker_text(
+    *,
+    step_status: str,
+    run_status: str,
+    summary: str,
+    next_action: str,
+    requires_approval: bool,
+) -> str:
+    status_tokens = {str(step_status or "").strip().lower(), str(run_status or "").strip().lower()}
+    if "blocked" in status_tokens:
+        return summary or next_action or "Workflow blocked."
+    if requires_approval or "waiting_approval" in status_tokens:
+        return summary or next_action or "Workflow waiting for approval."
+    return ""
+
+
 def handle_workflow_open(
     sid: str,
     goal: str,
@@ -387,6 +424,34 @@ def handle_workflow_update(
             "attempt_count": resume["next_step"].get("attempt_count", 0),
             "max_retries": resume["next_step"].get("max_retries", 0),
         }
+    try:
+        from checkpoint_policy import record_milestone
+
+        durable_checkpoint = record_milestone(
+            run.get("session_id", ""),
+            reason=f"workflow:{(step_key or run.get('current_step_key') or 'update')}",
+            task=run.get("goal", ""),
+            task_status=("blocked" if run["status"] in {"blocked", "waiting_approval"} else "active"),
+            active_files=_checkpoint_active_files(
+                _parse_json_object(shared_state) if str(shared_state).strip() else None,
+                _parse_json_object(state_patch) if str(state_patch).strip() else None,
+                run.get("shared_state") if isinstance(run.get("shared_state"), dict) else None,
+            ),
+            current_goal=run.get("goal", ""),
+            decisions_summary=(summary or checkpoint_label or step_title or step_key or run.get("last_checkpoint_label", "")),
+            blockers=_workflow_blocker_text(
+                step_status=step_status,
+                run_status=run["status"],
+                summary=summary,
+                next_action=next_action or run.get("next_action", ""),
+                requires_approval=requires_approval,
+            ),
+            reasoning_thread=(evidence or compensation or "").strip(),
+            next_step=(next_action or run.get("next_action", "")),
+        )
+        response["durable_checkpoint"] = durable_checkpoint
+    except Exception:
+        pass
     return json.dumps(response, ensure_ascii=False, indent=2)
 
 

package/src/public_contribution.py

@@ -42,11 +42,57 @@ VALID_STATUSES = {
     STATUS_OFF,
 }
 
-NEXO_HOME = Path(os.environ.get("NEXO_HOME", str(Path.home() / ".nexo")))
-CONTRIB_ROOT = NEXO_HOME / "contrib" / "public-core"
-CONTRIB_REPO_DIR = CONTRIB_ROOT / "repo"
-CONTRIB_WORKTREES_DIR = CONTRIB_ROOT / "worktrees"
-CONTRIB_ARTIFACTS_DIR = paths.operations_dir() / "public-contrib"
+# Path resolution moved to lazy functions (AUDITOR-V700-PASS2 §11, B10 item
+# 3). The previous module-level constants were evaluated at import time, so
+# any caller that monkeypatched NEXO_HOME or ``paths.operations_dir()`` after
+# import kept seeing the stale values. PEP 562 ``__getattr__`` below still
+# exposes ``public_contribution.NEXO_HOME`` / ``CONTRIB_ROOT`` / etc. for
+# legacy callers that access them as module attributes — re-evaluated on
+# every access. A call like ``from public_contribution import CONTRIB_ROOT``
+# still snapshots at import, which is the intended behaviour for scripts
+# whose NEXO_HOME is fixed before they start.
+
+
+def _nexo_home() -> Path:
+    return Path(os.environ.get("NEXO_HOME", str(Path.home() / ".nexo")))
+
+
+# Public-contribution staging lives under ``NEXO_HOME / contrib`` (the mirror
+# clone of the public repo plus per-proposal worktrees). It is intentionally
+# outside ``paths.operations_dir()`` because it holds an actual git clone, not
+# operational artifacts. Artifacts (logs, proposal payloads) live under
+# ``_contrib_artifacts_dir()`` below. If this ever relocates, migrate the
+# existing clone + open worktrees — do NOT delete and reclone blindly.
+def _contrib_root() -> Path:
+    return _nexo_home() / "contrib" / "public-core"
+
+
+def _contrib_repo_dir() -> Path:
+    return _contrib_root() / "repo"
+
+
+def _contrib_worktrees_dir() -> Path:
+    return _contrib_root() / "worktrees"
+
+
+def _contrib_artifacts_dir() -> Path:
+    return paths.operations_dir() / "public-contrib"
+
+
+_LAZY_PATHS = {
+    "NEXO_HOME": _nexo_home,
+    "CONTRIB_ROOT": _contrib_root,
+    "CONTRIB_REPO_DIR": _contrib_repo_dir,
+    "CONTRIB_WORKTREES_DIR": _contrib_worktrees_dir,
+    "CONTRIB_ARTIFACTS_DIR": _contrib_artifacts_dir,
+}
+
+
+def __getattr__(name: str):
+    resolver = _LAZY_PATHS.get(name)
+    if resolver is None:
+        raise AttributeError(f"module {__name__!r} has no attribute {name!r}")
+    return resolver()
 
 
 def _utcnow() -> datetime:

package/src/r34_identity_coherence.py

@@ -26,11 +26,29 @@ and this module decides whether to inject.
 from __future__ import annotations
 
 import re
-from typing import Callable, Iterable, Optional
+from typing import Any, Callable, Iterable, Optional
 
 from core_prompts import render_core_prompt
 
 
+def _verdict_to_bool(verdict: Any) -> bool:
+    """Normalize a classifier verdict to an inject/no-inject decision.
+
+    The shared ``enforcement_classifier.classify`` exposes a ``tristate``
+    mode that returns ``"yes"``/``"no"``/``"unknown"`` strings. A naive
+    ``bool(verdict)`` wrap treats ``"unknown"`` (and any non-empty string
+    the model may produce) as truthy, which is fail-OPEN for R34. Only
+    a real ``True`` or an explicit ``"yes"`` should trigger an injection;
+    every other shape — ``False``, ``None``, ``"no"``, ``"unknown"``,
+    arbitrary strings — is conservative no-inject.
+    """
+    if isinstance(verdict, bool):
+        return verdict
+    if isinstance(verdict, str):
+        return verdict.strip().lower() == "yes"
+    return False
+
+
 # Shared-brain tools that count as "you checked before speaking".
 SHARED_BRAIN_TOOLS = frozenset({
     "nexo_recent_context",
@@ -79,7 +97,7 @@ def should_inject_r34(
     message: str,
     *,
     recent_tool_names: Iterable[str] | None,
-    classifier: Callable[[str, str], bool] | None = None,
+    classifier: Callable[[str, str], Any] | None = None,
 ) -> tuple[bool, str, str]:
     """Return ``(inject, prompt, matched_text)``.
 
@@ -88,9 +106,11 @@ def should_inject_r34(
         recent_tool_names: tool names seen in this turn; any match in
             SHARED_BRAIN_TOOLS suppresses the rule.
         classifier: optional LLM classifier. Signature
-            ``classifier(question, context) -> bool``. If provided, the
-            rule fires only when classifier says "yes". If None, the
-            regex match alone fires (test path).
+            ``classifier(question, context) -> bool | str``. Return ``True``
+            or the string ``"yes"`` to trigger injection; any other value
+            (``False``, ``None``, ``"no"``, ``"unknown"``, arbitrary
+            strings) is treated as no-inject. If ``None`` is passed for
+            the argument, the regex match alone fires (test path).
     """
     if not isinstance(message, str) or not message:
         return False, "", ""
@@ -103,15 +123,17 @@ def should_inject_r34(
     if classifier is None:
         return True, INJECTION_PROMPT, matched
     # LLM disambiguation — reuses T4 infra. The engine passes a lambda
-    # that calls enforcement_classifier.classify under the hood.
+    # that calls enforcement_classifier.classify under the hood. Parse
+    # the verdict via _verdict_to_bool so tristate "unknown" does not
+    # coerce to True.
     try:
-        verdict = bool(classifier(CLASSIFIER_QUESTION, message))
+        raw_verdict = classifier(CLASSIFIER_QUESTION, message)
     except Exception:
         # Fail-closed: if the classifier errors, do not inject (avoids
         # noisy false positives on regex-only matches when the LLM is
         # unavailable).
         return False, "", matched
-    if not verdict:
+    if not _verdict_to_bool(raw_verdict):
         return False, "", matched
     return True, INJECTION_PROMPT, matched
 
@@ -121,5 +143,6 @@ __all__ = [
     "CLASSIFIER_QUESTION",
     "INJECTION_PROMPT",
     "SHARED_BRAIN_TOOLS",
+    "_verdict_to_bool",
     "should_inject_r34",
 ]

package/src/script_registry.py

@@ -707,7 +707,14 @@ def classify_scripts_dir() -> dict:
     core_names = load_core_script_names()
     core_identities = load_core_script_identities()
     entries: list[dict] = []
-    seen_keys: set[tuple[str, str]] = set()
+    # Dedup by resolved real path so the same physical file surfaced
+    # from two candidate dirs (e.g. core/scripts/foo.sh + the F0.6
+    # legacy fallback ~/.nexo/scripts/foo.sh pointing at the same inode
+    # via symlink) appears once. Two distinct files that happen to share
+    # a filename resolve to different paths and both survive — preserves
+    # the D2 audit fix without the cosmetic duplicate the AUDITOR-V700-
+    # PASS2 §5 transitional window flagged.
+    seen_real_paths: set[str] = set()
     for sdir in candidate_dirs:
         if not sdir.is_dir():
             continue
@@ -725,12 +732,13 @@ def classify_scripts_dir() -> dict:
         for f in sorted(sdir.iterdir()):
             if not f.is_file():
                 continue
-            # Dedup by (name, dir-classification) so a personal script with
-            # the same filename as a core script doesn't disappear (D2 audit fix).
-            dedup_key = (f.name, dir_classification or "legacy")
-            if dedup_key in seen_keys:
+            try:
+                real_path = str(f.resolve(strict=False))
+            except OSError:
+                real_path = str(f)
+            if real_path in seen_real_paths:
                 continue
-            seen_keys.add(dedup_key)
+            seen_real_paths.add(real_path)
             meta = parse_inline_metadata(f)
             if _is_ignored(f):
                 entries.append(_script_entry(f, meta, is_core=False, classification="ignored", reason="internal or hidden artifact"))

package/src/scripts/nexo-watchdog.sh

@@ -55,9 +55,15 @@ log() { echo "[$TS] $1" >> "$LOG"; }
 # The NEXO_CODE env var must point to the repo src/ directory.
 # Add personal (non-manifest) monitors to PERSONAL_MONITORS below.
 NEXO_CODE="${NEXO_CODE:-$(cd "$(dirname "$0")/.." 2>/dev/null && pwd)}"
-# Look for manifest in NEXO_HOME first (packaged install), then NEXO_CODE (dev/repo)
+# Manifest resolution priority:
+#   1. $NEXO_HOME/runtime/crons/manifest.json  — F0.6 canonical location
+#   2. $NEXO_HOME/crons/manifest.json          — pre-F0.6 legacy (kept so
+#      half-migrated installs don't silently lose all core monitors)
+#   3. $NEXO_CODE/crons/manifest.json          — dev/repo checkout
 if [ -f "$NEXO_HOME/runtime/crons/manifest.json" ]; then
   MANIFEST_FILE="$NEXO_HOME/runtime/crons/manifest.json"
+elif [ -f "$NEXO_HOME/crons/manifest.json" ]; then
+  MANIFEST_FILE="$NEXO_HOME/crons/manifest.json"
 else
   MANIFEST_FILE="$NEXO_CODE/crons/manifest.json"
 fi