onto-mcp 0.3.2 → 0.4.0

package/dist/core-runtime/govern/drift-engine.test.js

@@ -1,319 +0,0 @@
-/**
- * drift-engine unit tests (W-C-02 v0).
- *
- * 검증 대상 (W-C-02 seat verification_method):
- *   1. drift 감지 + 큐 등록 + Principal 승인 흐름 (integration)
- *   2. 수준 0→1 판정 조건 3건 (self_apply / queue / principal_direct)
- *   3. 경계 guard (classify boundary cases)
- */
-import { afterEach, beforeEach, describe, expect, it } from "vitest";
-import { mkdtempSync, readFileSync, rmSync } from "node:fs";
-import { tmpdir } from "node:os";
-import { join } from "node:path";
-import { handleGovernCli } from "./cli.js";
-import { classifyProposal, routeProposal } from "./drift-engine.js";
-import { resolveQueuePath } from "./queue.js";
-describe("drift-engine classifier (W-C-02 v0, §1.3 수준 0→1 3 분기)", () => {
-    it("수준 1-A self_apply: docs_only + 단일 target → route=self_apply", () => {
-        const decision = classifyProposal({
-            summary: "README 오타 수정",
-            target_files: ["README.md"],
-            change_kind: "docs_only",
-        });
-        expect(decision.route).toBe("self_apply");
-        expect(decision.matched_rule).toBe("local_docs_single");
-    });
-    it("수준 1-B queue: code change 여러 파일 → route=queue", () => {
-        const decision = classifyProposal({
-            summary: "review runtime 리팩터",
-            target_files: [
-                "src/core-runtime/review/invoke.ts",
-                "src/core-runtime/review/packet.ts",
-            ],
-            change_kind: "code",
-        });
-        expect(decision.route).toBe("queue");
-        expect(decision.matched_rule).toBe("drift_default");
-    });
-    it("수준 1-C principal_direct: .onto/authority/ prefix → route=principal_direct", () => {
-        const decision = classifyProposal({
-            summary: "lexicon v0.13.0 entity 추가",
-            target_files: [".onto/authority/core-lexicon.yaml"],
-            change_kind: "config",
-        });
-        expect(decision.route).toBe("principal_direct");
-        expect(decision.matched_rule).toBe("governance_core");
-    });
-    it("boundary: .onto/principles/ 도 governance core → principal_direct", () => {
-        const decision = classifyProposal({
-            summary: "OaC 가이드라인 보강",
-            target_files: [".onto/principles/ontology-as-code-guideline.md"],
-            change_kind: "docs_only",
-        });
-        expect(decision.route).toBe("principal_direct");
-    });
-    it("boundary: .onto/processes/govern.md 는 governance core → principal_direct (self-modification 차단)", () => {
-        const decision = classifyProposal({
-            summary: "govern process §8 scope 수정",
-            target_files: [".onto/processes/govern.md"],
-            change_kind: "docs_only",
-        });
-        expect(decision.route).toBe("principal_direct");
-    });
-    it("boundary: 단일 docs 파일이어도 .onto/authority 포함 시 principal_direct 우선", () => {
-        const decision = classifyProposal({
-            summary: "lexicon term 수정",
-            target_files: [".onto/authority/core-lexicon.yaml"],
-            change_kind: "docs_only",
-        });
-        expect(decision.route).toBe("principal_direct");
-        expect(decision.matched_rule).toBe("governance_core");
-    });
-    it("boundary: docs_only 이지만 2+ 파일 → queue (local 경계 이탈)", () => {
-        const decision = classifyProposal({
-            summary: "README + CHANGELOG 일괄 갱신",
-            target_files: ["README.md", "CHANGELOG.md"],
-            change_kind: "docs_only",
-        });
-        expect(decision.route).toBe("queue");
-    });
-    it("boundary: mixed change_kind + 단일 파일 → queue (docs-only 아님)", () => {
-        const decision = classifyProposal({
-            summary: "설정 + 문서 혼합 수정",
-            target_files: ["src/core-runtime/config.ts"],
-            change_kind: "mixed",
-        });
-        expect(decision.route).toBe("queue");
-    });
-    it("boundary: .onto/authority/ (Phase 6 canonical) 도 governance core → principal_direct", () => {
-        const decision = classifyProposal({
-            summary: "Phase 6 rename 이후 lexicon 갱신",
-            target_files: [".onto/authority/core-lexicon.yaml"],
-            change_kind: "config",
-        });
-        expect(decision.route).toBe("principal_direct");
-        expect(decision.matched_rule).toBe("governance_core");
-    });
-    it("Phase 7 canonical-only: legacy design-principles/ 는 governance core 가 아님 (일반 문서로 간주)", () => {
-        // Phase 7 에서는 legacy layout 을 governance core 로 보지 않음. 단일 파일 docs 라서
-        // self_apply 분기로 라우팅되는 게 정상.
-        const decision = classifyProposal({
-            summary: "legacy layout 잔존 참조",
-            target_files: ["design-principles/ontology-as-code-guideline.md"],
-            change_kind: "docs_only",
-        });
-        expect(decision.route).toBe("self_apply");
-        expect(decision.matched_rule).toBe("local_docs_single");
-    });
-    it("boundary: segment-bound — .onto/authorityX/ 같은 near-miss prefix 는 governance core 아님", () => {
-        const decision = classifyProposal({
-            summary: "유사 이름 디렉토리 변경",
-            target_files: [".onto/authorityX/foo.md"],
-            change_kind: "docs_only",
-        });
-        expect(decision.route).toBe("self_apply");
-        expect(decision.matched_rule).toBe("local_docs_single");
-    });
-});
-describe("drift-engine router (큐 append 동작)", () => {
-    let tmpRoot;
-    beforeEach(() => {
-        tmpRoot = mkdtempSync(join(tmpdir(), "onto-drift-router-"));
-    });
-    afterEach(() => {
-        rmSync(tmpRoot, { recursive: true, force: true });
-    });
-    it("self_apply: 큐에 append 하지 않음 (no-op)", () => {
-        const outcome = routeProposal({
-            summary: "README 오타",
-            target_files: ["README.md"],
-            change_kind: "docs_only",
-        }, tmpRoot);
-        expect(outcome.decision.route).toBe("self_apply");
-        expect(outcome.queue_event_id).toBeUndefined();
-    });
-    it("queue: govern queue 에 origin=system, tag=drift event append + payload.route=queue", () => {
-        const outcome = routeProposal({
-            summary: "runtime 리팩터",
-            target_files: ["src/core-runtime/review/invoke.ts", "src/core-runtime/review/packet.ts"],
-            change_kind: "code",
-        }, tmpRoot);
-        expect(outcome.decision.route).toBe("queue");
-        expect(outcome.queue_event_id).toMatch(/^g-/);
-        const raw = readFileSync(resolveQueuePath(tmpRoot), "utf-8");
-        const event = JSON.parse(raw.trim());
-        expect(event.type).toBe("submit");
-        expect(event.origin).toBe("system");
-        expect(event.tag).toBe("drift");
-        expect(event.submitted_by).toBe("drift-engine");
-        expect(event.payload.route).toBe("queue");
-        expect(event.payload.matched_rule).toBe("drift_default");
-    });
-    it("principal_direct: queue 에 payload.route=principal_direct marker 로 append", () => {
-        const outcome = routeProposal({
-            summary: "lexicon 변경",
-            target_files: [".onto/authority/core-lexicon.yaml"],
-            change_kind: "config",
-        }, tmpRoot);
-        expect(outcome.decision.route).toBe("principal_direct");
-        const raw = readFileSync(resolveQueuePath(tmpRoot), "utf-8");
-        const event = JSON.parse(raw.trim());
-        expect(event.payload.route).toBe("principal_direct");
-        expect(event.payload.matched_rule).toBe("governance_core");
-    });
-});
-describe("drift 감지 + 큐 등록 + Principal 승인 흐름 (end-to-end)", () => {
-    let tmpRoot;
-    let logs;
-    let origLog;
-    beforeEach(() => {
-        tmpRoot = mkdtempSync(join(tmpdir(), "onto-drift-e2e-"));
-        logs = [];
-        origLog = console.log;
-        console.log = (...args) => {
-            logs.push(args.map((a) => (typeof a === "string" ? a : JSON.stringify(a))).join(" "));
-        };
-    });
-    afterEach(() => {
-        console.log = origLog;
-        rmSync(tmpRoot, { recursive: true, force: true });
-    });
-    function lastLogJson() {
-        return JSON.parse(logs[logs.length - 1]);
-    }
-    it("route → list(pending) → decide 전체 흐름 통과", async () => {
-        // (1) drift engine 이 변경 제안을 route → queue 분기 → queue 에 append
-        const routeCode = await handleGovernCli("", [
-            "route",
-            "--json",
-            JSON.stringify({
-                summary: "review runtime 변경",
-                target_files: ["src/core-runtime/review/invoke.ts", "src/core-runtime/review/packet.ts"],
-                change_kind: "code",
-            }),
-            "--project-root",
-            tmpRoot,
-        ]);
-        expect(routeCode).toBe(0);
-        const routed = lastLogJson();
-        expect(routed.route).toBe("queue");
-        const eventId = routed.queue_event_id;
-        // (2) list --status pending 으로 확인
-        logs.length = 0;
-        await handleGovernCli("", [
-            "list",
-            "--status",
-            "pending",
-            "--format",
-            "json",
-            "--project-root",
-            tmpRoot,
-        ]);
-        const entries = lastLogJson();
-        expect(entries.length).toBe(1);
-        expect(entries[0].id).toBe(eventId);
-        expect(entries[0].origin).toBe("system");
-        expect(entries[0].tag).toBe("drift");
-        // (3) Principal 판정 — decide reject (code 수정 쪽으로 가자 = 문서 유지)
-        logs.length = 0;
-        const decideCode = await handleGovernCli("", [
-            "decide",
-            eventId,
-            "--verdict",
-            "reject",
-            "--reason",
-            "코드 쪽을 문서에 맞추는 방향으로 수정",
-            "--project-root",
-            tmpRoot,
-        ]);
-        expect(decideCode).toBe(0);
-        const decided = lastLogJson();
-        expect(decided.status).toBe("decided");
-        expect(decided.verdict).toBe("reject");
-        // (4) list --status decided 로 감사 경로 확인 (dead-letter 방지)
-        logs.length = 0;
-        await handleGovernCli("", [
-            "list",
-            "--status",
-            "decided",
-            "--format",
-            "json",
-            "--project-root",
-            tmpRoot,
-        ]);
-        const decidedEntries = lastLogJson();
-        expect(decidedEntries.length).toBe(1);
-        expect(decidedEntries[0].id).toBe(eventId);
-        expect(decidedEntries[0].verdict.verdict).toBe("reject");
-    });
-});
-describe("route CLI input guards", () => {
-    let tmpRoot;
-    let errs;
-    let origErr;
-    let origLog;
-    beforeEach(() => {
-        tmpRoot = mkdtempSync(join(tmpdir(), "onto-drift-guard-"));
-        errs = [];
-        origErr = console.error;
-        origLog = console.log;
-        console.error = (...args) => {
-            errs.push(args.map((a) => (typeof a === "string" ? a : JSON.stringify(a))).join(" "));
-        };
-        console.log = () => { };
-    });
-    afterEach(() => {
-        console.error = origErr;
-        console.log = origLog;
-        rmSync(tmpRoot, { recursive: true, force: true });
-    });
-    it("missing --json → error", async () => {
-        const code = await handleGovernCli("", ["route", "--project-root", tmpRoot]);
-        expect(code).toBe(1);
-        expect(errs.some((e) => e.includes("--json proposal is required"))).toBe(true);
-    });
-    it("invalid change_kind → error", async () => {
-        const code = await handleGovernCli("", [
-            "route",
-            "--json",
-            JSON.stringify({
-                summary: "x",
-                target_files: ["a.md"],
-                change_kind: "bogus",
-            }),
-            "--project-root",
-            tmpRoot,
-        ]);
-        expect(code).toBe(1);
-        expect(errs.some((e) => e.includes("change_kind"))).toBe(true);
-    });
-    it("empty target_files → error", async () => {
-        const code = await handleGovernCli("", [
-            "route",
-            "--json",
-            JSON.stringify({
-                summary: "x",
-                target_files: [],
-                change_kind: "code",
-            }),
-            "--project-root",
-            tmpRoot,
-        ]);
-        expect(code).toBe(1);
-        expect(errs.some((e) => e.includes("target_files"))).toBe(true);
-    });
-    it("missing summary → error", async () => {
-        const code = await handleGovernCli("", [
-            "route",
-            "--json",
-            JSON.stringify({
-                target_files: ["a.md"],
-                change_kind: "code",
-            }),
-            "--project-root",
-            tmpRoot,
-        ]);
-        expect(code).toBe(1);
-        expect(errs.some((e) => e.includes("summary"))).toBe(true);
-    });
-});

package/dist/core-runtime/govern/promote-principle.js

@@ -1,206 +0,0 @@
-/**
- * govern promote-principle — Knowledge → Principle 승격 제안 (W-C-03 v0).
- *
- * 승격 기준 4 gate:
- *   - Completeness gate: proposal schema 필수 필드 전수
- *   - Quality gate: workload-evidence (events.ndjson 에서 집계된 지표 OR threshold)
- *   - Frequency gate: similar_to 가 기존 pending 참조 시 workload evidence 면제 (2번째부터)
- *   - Principal gate: queue verdict recorded through the govern adapter
- *
- * v0 bounded minimum surface: 기록만. decide approve 후 실제 파일 편집은 주체자 수동.
- */
-import { existsSync, readFileSync } from "node:fs";
-import { join, isAbsolute as isAbsolutePath, relative as relativePath, resolve as resolvePath, } from "node:path";
-import { appendQueueEvent, generateGovernId, projectQueue, readQueueEvents, resolveQueuePath, } from "./queue.js";
-import { startsWithDirPrefix } from "../discovery/path-normalization.js";
-const DEFAULT_THRESHOLDS = {
-    mode: "any",
-    state_transitions_min: 8,
-    constraint_count_min: 3,
-    retry_count_min: 2,
-    repeat_observation_min: 1,
-};
-export function readThresholds(projectRoot) {
-    const configPath = join(projectRoot, ".onto", "govern", "thresholds.yaml");
-    if (!existsSync(configPath))
-        return { ...DEFAULT_THRESHOLDS };
-    try {
-        const raw = readFileSync(configPath, "utf-8");
-        const parsed = parseSimpleYaml(raw);
-        return {
-            mode: parsed.mode === "all" ? "all" : "any",
-            state_transitions_min: Number(parsed.state_transitions_min) || DEFAULT_THRESHOLDS.state_transitions_min,
-            constraint_count_min: Number(parsed.constraint_count_min) || DEFAULT_THRESHOLDS.constraint_count_min,
-            retry_count_min: Number(parsed.retry_count_min) || DEFAULT_THRESHOLDS.retry_count_min,
-            repeat_observation_min: Number(parsed.repeat_observation_min) || DEFAULT_THRESHOLDS.repeat_observation_min,
-        };
-    }
-    catch {
-        return { ...DEFAULT_THRESHOLDS };
-    }
-}
-function parseSimpleYaml(raw) {
-    const result = {};
-    for (const line of raw.split("\n")) {
-        const trimmed = line.trim();
-        if (!trimmed || trimmed.startsWith("#"))
-            continue;
-        const colonIdx = trimmed.indexOf(":");
-        if (colonIdx < 0)
-            continue;
-        const key = trimmed.slice(0, colonIdx).trim();
-        const val = trimmed.slice(colonIdx + 1).trim().replace(/^["']|["']$/g, "");
-        if (key && val)
-            result[key] = val;
-    }
-    return result;
-}
-function passesQualityGate(evidence, thresholds) {
-    const checks = [
-        (evidence.state_transitions ?? 0) >= thresholds.state_transitions_min,
-        (evidence.constraint_count ?? 0) >= thresholds.constraint_count_min,
-        (evidence.retry_count ?? 0) >= thresholds.retry_count_min,
-    ];
-    return thresholds.mode === "any"
-        ? checks.some(Boolean)
-        : checks.every(Boolean);
-}
-function passesFrequencyGate(similarTo, pendingIds, thresholds) {
-    if (!similarTo || similarTo.length === 0)
-        return false;
-    const validRefs = similarTo.filter((id) => pendingIds.has(id));
-    return validRefs.length >= thresholds.repeat_observation_min;
-}
-export function executePromotePrinciple(proposal, projectRoot, now = new Date()) {
-    // Completeness gate
-    if (!proposal.learning_ref?.agent_id || !proposal.learning_ref?.entry_marker) {
-        return { success: false, reason: "learning_ref.agent_id 와 entry_marker 필수.", gate_failed: "completeness" };
-    }
-    const validCategories = ["principle", "process"];
-    const rawCategory = (proposal.target?.category ?? "");
-    // Missing required fields → completeness gate.
-    if (!proposal.target?.file_path || !proposal.target?.section || rawCategory.length === 0) {
-        return {
-            success: false,
-            reason: "target.file_path, section, category (principle|process) 필수.",
-            gate_failed: "completeness",
-        };
-    }
-    // Field present but value invalid → validation gate.
-    if (!validCategories.includes(rawCategory)) {
-        const hint = rawCategory === "design_principle"
-            ? " (legacy label 'design_principle' was renamed to 'principle' in Phase 7)"
-            : "";
-        return {
-            success: false,
-            reason: `target.category '${rawCategory}' 는 허용되지 않음. 허용: principle | process.${hint}`,
-            gate_failed: "validation",
-        };
-    }
-    if (!proposal.rationale || proposal.rationale.trim().length === 0) {
-        return { success: false, reason: "rationale 필수.", gate_failed: "completeness" };
-    }
-    if (!proposal.conflict_check || typeof proposal.conflict_check.conflict_summary !== "string") {
-        return { success: false, reason: "conflict_check (reviewed_by_agent, existing_principle_refs, conflict_summary) 필수.", gate_failed: "completeness" };
-    }
-    if (!proposal.workload_evidence || !proposal.workload_evidence.evidence_summary) {
-        return { success: false, reason: "workload_evidence.evidence_summary 필수.", gate_failed: "completeness" };
-    }
-    // Target validation — seat integrity check.
-    //
-    // Phase 7 (2026-04-21) removed legacy-layout acceptance. Only canonical
-    // `.onto/principles/*` or `.onto/processes/*` are valid targets.
-    //
-    // `principle` category maps to the full `.onto/principles/` set (which
-    // houses principles, guidelines, and charters).
-    //
-    // Two-stage defense:
-    //   1. Lexical segment-bound check — rejects near-miss directory names
-    //      (`.onto/principlesABC/foo.md`) without touching the filesystem.
-    //   2. Normalized-descendant check — rejects traversal-shaped inputs
-    //      (`.onto/principles/../../etc/passwd`) that would pass the lexical
-    //      check but, after `path.resolve`, land outside the canonical dir.
-    //      This is path-seat containment on the normalized string, not
-    //      symlink-aware `realpath` containment — symlink escape is out of
-    //      scope within the current threat model (proposals are internal,
-    //      not arbitrary user-supplied paths).
-    const canonicalDir = proposal.target.category === "principle"
-        ? ".onto/principles"
-        : ".onto/processes";
-    const rawPath = proposal.target.file_path;
-    const lexicalPass = startsWithDirPrefix(rawPath, canonicalDir);
-    let canonicalPass = false;
-    if (lexicalPass) {
-        const resolvedAbs = resolvePath(projectRoot, rawPath);
-        const canonicalAbs = resolvePath(projectRoot, canonicalDir);
-        const rel = relativePath(canonicalAbs, resolvedAbs);
-        canonicalPass = rel.length > 0 && !rel.startsWith("..") && !isAbsolutePath(rel);
-    }
-    if (!lexicalPass || !canonicalPass) {
-        return {
-            success: false,
-            reason: `target.file_path '${rawPath}' 가 category '${proposal.target.category}' 에 맞는 디렉토리 (${canonicalDir}/) 에 속하지 않음.`,
-            gate_failed: "validation",
-        };
-    }
-    // Read thresholds + pending queue
-    const thresholds = readThresholds(projectRoot);
-    const queuePath = resolveQueuePath(projectRoot);
-    const events = readQueueEvents(queuePath);
-    const entries = projectQueue(events);
-    const pendingIds = new Set(entries.filter((e) => e.status === "pending").map((e) => e.id));
-    // similar_to validation
-    const similarTo = proposal.similar_to ?? [];
-    for (const refId of similarTo) {
-        if (!pendingIds.has(refId)) {
-            return {
-                success: false,
-                reason: `similar_to 의 '${refId}' 가 pending queue 에 존재하지 않음.`,
-                gate_failed: "validation",
-            };
-        }
-    }
-    // Quality gate OR Frequency gate
-    const qualityPass = passesQualityGate(proposal.workload_evidence, thresholds);
-    const frequencyPass = passesFrequencyGate(proposal.similar_to, pendingIds, thresholds);
-    let gatePassed;
-    if (qualityPass) {
-        gatePassed = "quality";
-    }
-    else if (frequencyPass) {
-        gatePassed = "frequency";
-    }
-    else {
-        const t = thresholds;
-        return {
-            success: false,
-            reason: `Quality gate 미충족 (threshold: state_transitions≥${t.state_transitions_min}, constraint_count≥${t.constraint_count_min}, retry_count≥${t.retry_count_min}, mode=${t.mode}). Frequency gate 도 미충족 (similar_to pending ${similarTo.length}건, 필요 ${t.repeat_observation_min}건).`,
-            gate_failed: "quality",
-        };
-    }
-    // Queue append. Phase 7 removed legacy-prefix canonicalization since
-    // validation now rejects anything outside `.onto/…` — the raw input is
-    // already canonical by construction.
-    const id = generateGovernId(now);
-    const event = {
-        type: "submit",
-        id,
-        origin: "human",
-        tag: "norm_change",
-        target: proposal.target.file_path,
-        payload: {
-            promotion_kind: "knowledge_to_principle",
-            proposal,
-            gate_passed: gatePassed,
-        },
-        submitted_at: now.toISOString(),
-        submitted_by: "principal",
-    };
-    appendQueueEvent(queuePath, event);
-    return {
-        success: true,
-        id,
-        similar_to: similarTo,
-        gate_passed: gatePassed,
-    };
-}