nexo-brain 7.9.13 → 7.9.14

package/README.md

@@ -18,7 +18,7 @@
 
 [Watch the overview video](https://nexo-brain.com/watch/) · [Watch on YouTube](https://www.youtube.com/watch?v=i2lkGhKyVqI) · [Open the infographic](https://nexo-brain.com/assets/nexo-brain-infographic-v5.png)
 
-Version `7.9.13` is the current packaged-runtime line. Patch release over `7.9.12`: the remaining lifecycle/enforcement system prompts are now centralized in the core prompt catalog, operator-facing guard/followup/diary outputs are forced back into the operator language even when the base prompt is English, packaged installs recover the missing Guardian default preset, and the startup Guardian Health briefing now queries `hook_runs` correctly instead of reporting false green states. Coordinated Desktop release: v0.28.14.
+Version `7.9.14` is the current packaged-runtime line. Patch release over `7.9.13`: `task_close(done)` now hard-blocks missing verify/change-log/cortex evidence instead of silently degrading to debt-only closes, self-audit auto-drains stale `protocol_debt` every day, and Codex session parity now flags partial bootstrap/startup/heartbeat drift instead of passing as healthy when only one recent session behaved correctly. Coordinated Desktop release remains v0.28.14.
 
 Previously in `7.9.5`: patch release that fixes canonical diary confirmation for Desktop: Brain resolves the Desktop/Claude session UUID through NEXO SID aliases before checking `session_diary`, so archive/delete/app-exit can confirm diaries written by `nexo_session_diary_write` under the active `nexo-...` SID. Verification: `pytest tests/test_lifecycle_events.py` (28 passing) plus coordinated Desktop v0.28.6 shutdown/archive/delete/app-exit checks.
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "nexo-brain",
-  "version": "7.9.13",
+  "version": "7.9.14",
   "mcpName": "io.github.wazionapps/nexo",
   "description": "NEXO Brain — Shared brain for AI agents. Persistent memory, semantic RAG, natural forgetting, metacognitive guard, trust scoring, 150+ MCP tools. Works with Claude Code, Codex, Claude Desktop & any MCP client. 100% local, free.",
   "homepage": "https://nexo-brain.com",

package/src/doctor/providers/runtime.py

@@ -2112,14 +2112,32 @@ def check_codex_session_parity() -> DoctorCheck:
     status = "healthy"
     severity = "info"
     repair_plan: list[str] = []
-    if audit["bootstrap_sessions"] == 0:
+    missing_bootstrap = max(0, audit["files"] - audit["bootstrap_sessions"])
+    missing_startup = max(0, audit["files"] - audit["startup_sessions"])
+    missing_heartbeat = max(0, audit["files"] - audit["heartbeat_sessions"])
+    if missing_bootstrap:
         status = "degraded"
         severity = "warn"
-        repair_plan.append("Run `nexo update` or `nexo clients sync` so plain Codex sessions inherit the managed bootstrap")
-    if audit["startup_sessions"] == 0:
+        repair_plan.append(
+            "Run `nexo update` or `nexo clients sync` so every Codex session inherits the managed bootstrap, not just a subset"
+        )
+    if missing_startup:
+        status = "degraded"
+        severity = "warn"
+        repair_plan.append(
+            "Use `nexo chat` or keep the global Codex bootstrap intact so every Codex session actually calls `nexo_startup`"
+        )
+    if missing_heartbeat:
         status = "degraded"
         severity = "warn"
-        repair_plan.append("Use `nexo chat` or keep the global Codex bootstrap intact so sessions actually call `nexo_startup`")
+        repair_plan.append("Keep `nexo_heartbeat` on every user turn so restored/plain Codex sessions do not drift off-protocol")
+    if missing_bootstrap or missing_startup or missing_heartbeat:
+        evidence.append(
+            "session drift: "
+            f"{missing_bootstrap} missing bootstrap, "
+            f"{missing_startup} missing startup, "
+            f"{missing_heartbeat} missing heartbeat"
+        )
 
     return DoctorCheck(
         id="runtime.codex_sessions",

package/src/plugins/protocol.py

@@ -898,6 +898,46 @@ def _auto_capture_learning(task: dict, task_id: str, effective_files: list[str],
     )
 
 
+def _append_debt_ref(debts: list[dict], debt: dict, *, debt_type: str, severity: str):
+    debt_id = debt.get("id")
+    if debt_id and any(item.get("id") == debt_id for item in debts):
+        return
+    debts.append(
+        {
+            "id": debt_id,
+            "debt_type": debt_type,
+            "severity": severity,
+        }
+    )
+
+
+def _ensure_open_debt(
+    session_id: str,
+    task_id: str,
+    debt_type: str,
+    *,
+    severity: str,
+    evidence: str,
+    debts: list[dict],
+) -> dict:
+    existing = list_protocol_debts(
+        status="open",
+        task_id=task_id,
+        session_id="" if task_id else session_id,
+        debt_type=debt_type,
+        limit=1,
+    )
+    debt = existing[0] if existing else create_protocol_debt(
+        session_id,
+        debt_type,
+        severity=severity,
+        task_id=task_id,
+        evidence=evidence,
+    )
+    _append_debt_ref(debts, debt, debt_type=debt_type, severity=severity)
+    return debt
+
+
 def _record_debt(session_id: str, task_id: str, debt_type: str, *, severity: str, evidence: str, debts: list[dict]):
     debt = create_protocol_debt(
         session_id,
@@ -906,13 +946,7 @@ def _record_debt(session_id: str, task_id: str, debt_type: str, *, severity: str
         task_id=task_id,
         evidence=evidence,
     )
-    debts.append(
-        {
-            "id": debt.get("id"),
-            "debt_type": debt_type,
-            "severity": severity,
-        }
-    )
+    _append_debt_ref(debts, debt, debt_type=debt_type, severity=severity)
 
 
 def handle_confidence_check(
@@ -1336,10 +1370,10 @@ def handle_task_close(
         high_stakes=bool(task.get("response_high_stakes")),
     )
 
-    # ── Evidence enforcement: reject 'done' without proof in strict mode ──
-    # Fase 2 R03 extension: "evidence" must not be empty, nor <50 chars, nor
-    # a single filler word like "done" / "listo" / "ok". Trivial evidence is
-    # rejected in strict mode and logged as protocol debt in any other mode.
+    # ── Evidence enforcement: reject 'done' without proof ──
+    # G1 hardening: "done" is no longer allowed to degrade into a debt-only
+    # close when verify evidence is missing. Keep the task open, open/dedupe
+    # the debt, and force the caller to provide real proof before closing.
     if task.get("must_verify") and clean_outcome == "done":
         is_trivial, trivial_reason = _is_trivial_evidence(clean_evidence)
         if not is_trivial:
@@ -1349,39 +1383,7 @@ def handle_task_close(
                 resolution="Verification evidence supplied during task_close",
             )
         else:
-            protocol_strictness = get_protocol_strictness()
-            if protocol_strictness == "strict":
-                if trivial_reason == "empty":
-                    err = "Cannot close task as 'done' without evidence."
-                    hint = (
-                        "Provide the `evidence` parameter with verifiable proof: "
-                        "test output, curl response, screenshot path, or real "
-                        "command output."
-                    )
-                else:
-                    err = (
-                        "Cannot close task as 'done' with trivial evidence "
-                        f"({trivial_reason})."
-                    )
-                    hint = (
-                        f"Evidence must be substantive: >= {R03_MIN_EVIDENCE_CHARS} "
-                        "characters AND not a single filler word. Attach real "
-                        "proof — test output excerpt, curl response, DB row, "
-                        "screenshot path, or command stdout."
-                    )
-                return json.dumps(
-                    {
-                        "ok": False,
-                        "error": err,
-                        "hint": hint,
-                        "task_id": task_id,
-                        "protocol_strictness": protocol_strictness,
-                        "evidence_quality_reason": trivial_reason,
-                    },
-                    ensure_ascii=False,
-                    indent=2,
-                )
-            _record_debt(
+            debt = _ensure_open_debt(
                 task["session_id"],
                 task_id,
                 "claimed_done_without_evidence",
@@ -1393,6 +1395,39 @@ def handle_task_close(
                 ),
                 debts=debts_created,
             )
+            if trivial_reason == "empty":
+                err = "Cannot close task as 'done' without evidence."
+                hint = (
+                    "Provide the `evidence` parameter with verifiable proof: "
+                    "test output, curl response, screenshot path, or real "
+                    "command output."
+                )
+            else:
+                err = (
+                    "Cannot close task as 'done' with trivial evidence "
+                    f"({trivial_reason})."
+                )
+                hint = (
+                    f"Evidence must be substantive: >= {R03_MIN_EVIDENCE_CHARS} "
+                    "characters AND not a single filler word. Attach real "
+                    "proof — test output excerpt, curl response, DB row, "
+                    "screenshot path, or command stdout."
+                )
+            return json.dumps(
+                {
+                    "ok": False,
+                    "error": err,
+                    "hint": hint,
+                    "task_id": task_id,
+                    "blocked_by": "g1_verify",
+                    "debt_id": debt.get("id"),
+                    "debt_type": "claimed_done_without_evidence",
+                    "evidence_quality_reason": trivial_reason,
+                    "protocol_strictness": get_protocol_strictness(),
+                },
+                ensure_ascii=False,
+                indent=2,
+            )
 
     # ── Release checklist: require channel alignment evidence for release tasks ──
     is_release = _is_release_task(
@@ -1430,7 +1465,7 @@ def handle_task_close(
                 (clean_change_verify or clean_evidence)[:500],
             )
             if "error" in change:
-                _record_debt(
+                debt = _ensure_open_debt(
                     task["session_id"],
                     task_id,
                     "missing_change_log",
@@ -1438,6 +1473,21 @@ def handle_task_close(
                     evidence=f"change_log failed: {change['error']}",
                     debts=debts_created,
                 )
+                if clean_outcome == "done":
+                    return json.dumps(
+                        {
+                            "ok": False,
+                            "error": "Cannot close task as 'done' because change_log creation failed.",
+                            "hint": "Capture the changed files and create the change log successfully before closing as done.",
+                            "task_id": task_id,
+                            "blocked_by": "g1_change_log",
+                            "debt_id": debt.get("id"),
+                            "debt_type": "missing_change_log",
+                            "change_log_error": change.get("error"),
+                        },
+                        ensure_ascii=False,
+                        indent=2,
+                    )
             else:
                 change_log_id = change.get("id")
                 resolve_protocol_debts(
@@ -1446,7 +1496,7 @@ def handle_task_close(
                     resolution="Change log created by nexo_task_close",
                 )
         else:
-            _record_debt(
+            debt = _ensure_open_debt(
                 task["session_id"],
                 task_id,
                 "missing_change_log",
@@ -1454,6 +1504,20 @@ def handle_task_close(
                 evidence="Task required change_log but no changed files were supplied or recorded.",
                 debts=debts_created,
             )
+            if clean_outcome == "done":
+                return json.dumps(
+                    {
+                        "ok": False,
+                        "error": "Cannot close task as 'done' without changed files for the required change_log.",
+                        "hint": "Pass `files_changed` (or open the task with files) so nexo_task_close can persist the change log before closing as done.",
+                        "task_id": task_id,
+                        "blocked_by": "g1_change_log",
+                        "debt_id": debt.get("id"),
+                        "debt_type": "missing_change_log",
+                    },
+                    ensure_ascii=False,
+                    indent=2,
+                )
 
     if correction:
         if (learning_title or "").strip() and (learning_content or "").strip():
@@ -1564,7 +1628,7 @@ def handle_task_close(
                 resolution="High-stakes action task has a persisted Cortex evaluation.",
             )
         else:
-            _record_debt(
+            debt = _ensure_open_debt(
                 task["session_id"],
                 task_id,
                 "missing_cortex_evaluation",
@@ -1572,6 +1636,20 @@ def handle_task_close(
                 evidence="High-stakes action task closed without nexo_cortex_decide / persisted evaluation.",
                 debts=debts_created,
             )
+            if clean_outcome == "done":
+                return json.dumps(
+                    {
+                        "ok": False,
+                        "error": "Cannot close high-stakes action task as 'done' without a persisted cortex evaluation.",
+                        "hint": "Run `nexo_cortex_decide(...)` for this task and then close it again with the final evidence.",
+                        "task_id": task_id,
+                        "blocked_by": "g1_cortex",
+                        "debt_id": debt.get("id"),
+                        "debt_type": "missing_cortex_evaluation",
+                    },
+                    ensure_ascii=False,
+                    indent=2,
+                )
 
     if task.get("guard_has_blocking") and not files_changed_list:
         open_task_debts = list_protocol_debts(status="open", task_id=task_id, limit=200)

package/src/scripts/nexo-daily-self-audit.py

@@ -18,6 +18,7 @@ Runs via launchd at 7:00 AM daily.
 """
 import json
 import hashlib
+import importlib.util
 import os
 import py_compile
 import re
@@ -1901,6 +1902,31 @@ def _sync_managed_bootstraps_inline() -> list[str]:
     return results
 
 
+def _run_protocol_debt_drain_inline() -> dict:
+    try:
+        phase_path = NEXO_CODE / "scripts" / "deep-sleep" / "phase_protocol_debt_drain.py"
+        spec = importlib.util.spec_from_file_location("phase_protocol_debt_drain_inline", phase_path)
+        if not spec or not spec.loader:
+            raise RuntimeError(f"Cannot load phase module from {phase_path}")
+        module = importlib.util.module_from_spec(spec)
+        spec.loader.exec_module(module)
+    except Exception as exc:
+        return {"ok": False, "error": f"import_failed: {exc}"}
+
+    try:
+        report = module.run()
+    except Exception as exc:
+        return {"ok": False, "error": f"run_failed: {exc}"}
+
+    return {
+        "ok": "error" not in report,
+        "error": report.get("error", ""),
+        "drained_count": len(report.get("drained_ids") or []),
+        "requires_user_summary": report.get("requires_user_summary") or [],
+        "audit_path": report.get("audit_path", ""),
+    }
+
+
 def _sanitize_watchdog_registry_inline() -> dict:
     hash_registry = _hash_registry_path()
     if not hash_registry.exists():
@@ -1984,6 +2010,24 @@ def _disable_broken_personal_plugins_inline(conn: sqlite3.Connection | None) ->
 def run_mechanical_autofixes():
     conn = None
     try:
+        debt_drain = _run_protocol_debt_drain_inline()
+        if debt_drain.get("ok"):
+            drained_count = int(debt_drain.get("drained_count") or 0)
+            requires_user_summary = debt_drain.get("requires_user_summary") or []
+            if drained_count or requires_user_summary:
+                detail_bits: list[str] = []
+                if drained_count:
+                    detail_bits.append(f"drained {drained_count} stale protocol debt item(s)")
+                if requires_user_summary:
+                    summary = ", ".join(
+                        f"{item.get('debt_type')} x{int(item.get('count') or 0)}"
+                        for item in requires_user_summary[:4]
+                    )
+                    detail_bits.append(f"still needs user review: {summary}")
+                finding("INFO", "autofix", "Self-audit protocol debt drain: " + " | ".join(detail_bits))
+        elif debt_drain.get("error"):
+            finding("WARN", "autofix", f"Protocol debt drain inline failed: {debt_drain['error']}")
+
         if NEXO_DB.exists():
             conn = sqlite3.connect(str(NEXO_DB))
             conn.row_factory = sqlite3.Row