opencode-swarm 6.30.2 → 6.31.1

package/dist/cli/index.js

@@ -18070,6 +18070,15 @@ var GuardrailsConfigSchema = exports_external.object({
   }).optional(),
   profiles: exports_external.record(exports_external.string(), GuardrailsProfileSchema).optional()
 });
+var WatchdogConfigSchema = exports_external.object({
+  scope_guard: exports_external.boolean().default(true),
+  skip_in_turbo: exports_external.boolean().default(false),
+  delegation_ledger: exports_external.boolean().default(true)
+});
+var SelfReviewConfigSchema = exports_external.object({
+  enabled: exports_external.boolean().default(true),
+  skip_in_turbo: exports_external.boolean().default(true)
+});
 var ToolFilterConfigSchema = exports_external.object({
   enabled: exports_external.boolean().default(true),
   overrides: exports_external.record(exports_external.string(), exports_external.array(exports_external.string())).default({})
@@ -18141,7 +18150,8 @@ var SlopDetectorConfigSchema = exports_external.object({
   enabled: exports_external.boolean().default(true),
   classThreshold: exports_external.number().int().min(1).default(3),
   commentStripThreshold: exports_external.number().int().min(1).default(5),
-  diffLineThreshold: exports_external.number().int().min(10).default(200)
+  diffLineThreshold: exports_external.number().int().min(10).default(200),
+  importHygieneThreshold: exports_external.number().int().min(1).default(2)
 });
 var IncrementalVerifyConfigSchema = exports_external.object({
   enabled: exports_external.boolean().default(true),
@@ -18168,6 +18178,8 @@ var PluginConfigSchema = exports_external.object({
   gates: GateConfigSchema.optional(),
   context_budget: ContextBudgetConfigSchema.optional(),
   guardrails: GuardrailsConfigSchema.optional(),
+  watchdog: WatchdogConfigSchema.optional(),
+  self_review: SelfReviewConfigSchema.optional(),
   tool_filter: ToolFilterConfigSchema.optional(),
   plan_cursor: PlanCursorConfigSchema.optional(),
   evidence: EvidenceConfigSchema.optional(),
@@ -36001,14 +36013,14 @@ function detectAdditionalLinter(cwd) {
   return null;
 }
 async function detectAvailableLinter(directory) {
-  const DETECT_TIMEOUT = 2000;
-  const projectDir = directory ?? process.cwd();
+  const _DETECT_TIMEOUT = 2000;
+  const projectDir = directory || process.cwd();
   const isWindows = process.platform === "win32";
   const biomeBin = isWindows ? path17.join(projectDir, "node_modules", ".bin", "biome.EXE") : path17.join(projectDir, "node_modules", ".bin", "biome");
   const eslintBin = isWindows ? path17.join(projectDir, "node_modules", ".bin", "eslint.cmd") : path17.join(projectDir, "node_modules", ".bin", "eslint");
   return _detectAvailableLinter(projectDir, biomeBin, eslintBin);
 }
-async function _detectAvailableLinter(projectDir, biomeBin, eslintBin) {
+async function _detectAvailableLinter(_projectDir, biomeBin, eslintBin) {
   const DETECT_TIMEOUT = 2000;
   try {
     const biomeProc = Bun.spawn(["npx", "biome", "--version"], {
@@ -36703,19 +36715,20 @@ function findScannableFiles(dir, excludeExact, excludeGlobs, scanDir, visited, s
   }
   return files;
 }
-var secretscan = tool({
+var secretscan = createSwarmTool({
   description: "Scan directory for potential secrets (API keys, tokens, passwords) using regex patterns and entropy heuristics. Returns metadata-only findings with redacted previews - NEVER returns raw secrets. Excludes common directories (node_modules, .git, dist, etc.) by default. Supports glob patterns (e.g. **/.svelte-kit/**, **/*.test.ts) and reads .secretscanignore at the scan root.",
   args: {
     directory: tool.schema.string().describe('Directory to scan for secrets (e.g., "." or "./src")'),
     exclude: tool.schema.array(tool.schema.string()).optional().describe("Patterns to exclude: plain directory names (e.g. node_modules), relative paths, or globs (e.g. **/.svelte-kit/**, **/*.test.ts). Added to default exclusions.")
   },
-  async execute(args, _context) {
+  async execute(args, _directory, _ctx) {
+    const typedArgs = args;
     let directory;
     let exclude;
     try {
-      if (args && typeof args === "object") {
-        directory = args.directory;
-        exclude = args.exclude;
+      if (typedArgs && typeof typedArgs === "object") {
+        directory = typedArgs.directory;
+        exclude = typedArgs.exclude;
       }
     } catch {}
     if (directory === undefined) {
@@ -37610,7 +37623,7 @@ function parseTestOutput(framework, output) {
   return { totals, coveragePercent };
 }
 async function runTests(framework, scope, files, coverage, timeout_ms, cwd) {
-  const command = buildTestCommand(framework, scope, files, coverage, cwd ?? process.cwd());
+  const command = buildTestCommand(framework, scope, files, coverage, cwd);
   if (!command) {
     return {
       success: false,
@@ -37635,7 +37648,7 @@ async function runTests(framework, scope, files, coverage, timeout_ms, cwd) {
     const proc = Bun.spawn(command, {
       stdout: "pipe",
       stderr: "pipe",
-      cwd: cwd || process.cwd()
+      cwd
     });
     const exitPromise = proc.exited;
     const timeoutPromise = new Promise((resolve7) => setTimeout(() => {
@@ -38151,7 +38164,7 @@ async function runLintCheck(dir, linter, timeoutMs) {
 async function runTestsCheck(_dir, scope, timeoutMs) {
   const startTime = Date.now();
   try {
-    const result = await runTests("none", scope, [], false, timeoutMs);
+    const result = await runTests("none", scope, [], false, timeoutMs, _dir);
     if (!result.success) {
       return {
         type: "tests",

package/dist/config/schema.d.ts

@@ -324,6 +324,17 @@ export declare const GuardrailsConfigSchema: z.ZodObject<{
     }, z.core.$strip>>>;
 }, z.core.$strip>;
 export type GuardrailsConfig = z.infer<typeof GuardrailsConfigSchema>;
+export declare const WatchdogConfigSchema: z.ZodObject<{
+    scope_guard: z.ZodDefault<z.ZodBoolean>;
+    skip_in_turbo: z.ZodDefault<z.ZodBoolean>;
+    delegation_ledger: z.ZodDefault<z.ZodBoolean>;
+}, z.core.$strip>;
+export type WatchdogConfig = z.infer<typeof WatchdogConfigSchema>;
+export declare const SelfReviewConfigSchema: z.ZodObject<{
+    enabled: z.ZodDefault<z.ZodBoolean>;
+    skip_in_turbo: z.ZodDefault<z.ZodBoolean>;
+}, z.core.$strip>;
+export type SelfReviewConfig = z.infer<typeof SelfReviewConfigSchema>;
 /**
  * Resolves guardrails configuration for a specific agent.
  *
@@ -430,6 +441,7 @@ export declare const SlopDetectorConfigSchema: z.ZodObject<{
     classThreshold: z.ZodDefault<z.ZodNumber>;
     commentStripThreshold: z.ZodDefault<z.ZodNumber>;
     diffLineThreshold: z.ZodDefault<z.ZodNumber>;
+    importHygieneThreshold: z.ZodDefault<z.ZodNumber>;
 }, z.core.$strip>;
 export type SlopDetectorConfig = z.infer<typeof SlopDetectorConfigSchema>;
 export declare const IncrementalVerifyConfigSchema: z.ZodObject<{
@@ -580,6 +592,15 @@ export declare const PluginConfigSchema: z.ZodObject<{
             idle_timeout_minutes: z.ZodOptional<z.ZodNumber>;
         }, z.core.$strip>>>;
     }, z.core.$strip>>;
+    watchdog: z.ZodOptional<z.ZodObject<{
+        scope_guard: z.ZodDefault<z.ZodBoolean>;
+        skip_in_turbo: z.ZodDefault<z.ZodBoolean>;
+        delegation_ledger: z.ZodDefault<z.ZodBoolean>;
+    }, z.core.$strip>>;
+    self_review: z.ZodOptional<z.ZodObject<{
+        enabled: z.ZodDefault<z.ZodBoolean>;
+        skip_in_turbo: z.ZodDefault<z.ZodBoolean>;
+    }, z.core.$strip>>;
     tool_filter: z.ZodOptional<z.ZodObject<{
         enabled: z.ZodDefault<z.ZodBoolean>;
         overrides: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodArray<z.ZodString>>>;
@@ -722,6 +743,7 @@ export declare const PluginConfigSchema: z.ZodObject<{
         classThreshold: z.ZodDefault<z.ZodNumber>;
         commentStripThreshold: z.ZodDefault<z.ZodNumber>;
         diffLineThreshold: z.ZodDefault<z.ZodNumber>;
+        importHygieneThreshold: z.ZodDefault<z.ZodNumber>;
     }, z.core.$strip>>;
     incremental_verify: z.ZodOptional<z.ZodObject<{
         enabled: z.ZodDefault<z.ZodBoolean>;

package/dist/hooks/curator-drift-advisory.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/hooks/curator-drift.d.ts

@@ -19,7 +19,7 @@ export declare function writeDriftReport(directory: string, report: DriftReport)
  * On any error: emits 'curator.error' event and returns a safe default result.
  * NEVER throws — drift failures must not block phase_complete.
  */
-export declare function runCriticDriftCheck(directory: string, phase: number, curatorResult: CuratorPhaseResult, config: CuratorConfig): Promise<CriticDriftResult>;
+export declare function runCriticDriftCheck(directory: string, phase: number, curatorResult: CuratorPhaseResult, config: CuratorConfig, injectAdvisory?: (message: string) => void): Promise<CriticDriftResult>;
 /**
  * Build a truncated summary suitable for architect context injection.
  * Format: "<drift_report>Phase N: {alignment} ({drift_score}) — {key finding}. {correction if any}.</drift_report>"

package/dist/hooks/delegation-ledger.d.ts

@@ -0,0 +1,37 @@
+/**
+ * DELEGATION LEDGER (v6.31 Task 3.2)
+ *
+ * tool.execute.after hook that maintains a per-session in-memory ledger of tool calls
+ * made during a delegation. When the architect session receives a message (resume),
+ * injects a compact DELEGATION SUMMARY via pendingAdvisoryMessages.
+ *
+ * No file I/O — fully in-memory.
+ */
+export interface LedgerEntry {
+    agent: string;
+    tool: string;
+    file?: string;
+    duration_ms: number;
+    success: boolean;
+    timestamp: number;
+}
+export interface DelegationLedgerConfig {
+    enabled: boolean;
+}
+/**
+ * Creates the delegation ledger hook pair (toolAfter + summary injection).
+ */
+export declare function createDelegationLedgerHook(config: Partial<DelegationLedgerConfig>, _directory: string, // reserved for future use
+injectAdvisory: (sessionId: string, message: string) => void): {
+    toolAfter: (input: {
+        tool: string;
+        sessionID: string;
+        callID: string;
+        args?: Record<string, unknown>;
+    }, output: {
+        title: string;
+        output: string;
+        metadata: unknown;
+    }) => Promise<void>;
+    onArchitectResume: (sessionId: string) => void;
+};

package/dist/hooks/delegation-ledger.test.d.ts

@@ -0,0 +1,11 @@
+/**
+ * delegation-ledger.test.ts
+ *
+ * Tests for delegation-ledger hook (Task 3.2):
+ * 1. toolAfter records entries in ledgerBySession
+ * 2. onArchitectResume generates DELEGATION SUMMARY when non-architect tool calls exist
+ * 3. onArchitectResume is no-op when no entries exist
+ * 4. Success is false when output starts with 'Error:'
+ * 5. Success is true for normal output
+ */
+export {};

package/dist/hooks/scope-guard-throw-behavior.test.d.ts

@@ -0,0 +1,15 @@
+/**
+ * Smoke test: documents the confirmed behavior that tool.execute.before hook
+ * throws propagate as tool rejection, not session crash.
+ *
+ * VERIFIED from src/hooks/guardrails.ts existing patterns:
+ *   - Loop circuit breaker (count >= 5): throw new Error('CIRCUIT BREAKER...')
+ *   - Full test suite block: throw new Error('BLOCKED: Full test suite...')
+ *   - Plan state violation: throw new Error('PLAN STATE VIOLATION...')
+ * All throw in toolBefore, and the plugin propagates as tool rejection.
+ *
+ * SAFE MECHANISM for scope-guard.ts:
+ *   throw new Error(`SCOPE VIOLATION: [agent] attempted to modify [file] not in task [id] scope`)
+ * This is the CORRECT blocking pattern. DO NOT use return-value signals.
+ */
+export {};

package/dist/hooks/scope-guard.adversarial.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/hooks/scope-guard.d.ts

@@ -0,0 +1,43 @@
+/**
+ * SCOPE GUARD (v6.31 Task 3.1)
+ *
+ * CONFIRMED THROW MECHANISM: throwing in tool.execute.before propagates as tool rejection,
+ * NOT as session crash. Verified from guardrails.ts multiple existing throw sites.
+ * Safe blocking pattern: throw new Error(`SCOPE VIOLATION: ...`)
+ *
+ * Fires BEFORE write/edit tools execute. When a non-architect agent attempts to
+ * modify a file outside the declared task scope, blocks the call and injects an advisory.
+ */
+/**
+ * Configuration for scope guard behavior.
+ */
+export interface ScopeGuardConfig {
+    /** Whether scope guard is enabled (default: true) */
+    enabled: boolean;
+    /** Whether to skip in turbo mode (default: false — NOT skippable by design) */
+    skip_in_turbo: boolean;
+}
+/**
+ * Creates the scope-guard hook that blocks out-of-scope writes.
+ * @param config - ScopeGuardConfig (enabled, skip_in_turbo)
+ * @param _directory - The workspace directory (reserved for future use)
+ * @param injectAdvisory - Optional callback to push advisory to architect session
+ */
+export declare function createScopeGuardHook(config: Partial<ScopeGuardConfig>, _directory: string, injectAdvisory?: (sessionId: string, message: string) => void): {
+    toolBefore: (input: {
+        tool: string;
+        sessionID: string;
+        callID: string;
+    }, output: {
+        args: unknown;
+    }) => Promise<void>;
+};
+/**
+ * Check if a file path is within declared scope entries.
+ * Handles exact match and directory containment.
+ *
+ * @param filePath - The file path to check
+ * @param scopeEntries - Array of declared scope entries (files or directories)
+ * @returns true if the file is within scope, false otherwise
+ */
+export declare function isFileInScope(filePath: string, scopeEntries: string[]): boolean;

package/dist/hooks/scope-guard.test.d.ts

@@ -0,0 +1,14 @@
+/**
+ * scope-guard.test.ts
+ *
+ * Tests for scope-guard hook (Task 3.1):
+ * 1. Returns early (no throw) when guard is disabled (config.enabled = false)
+ * 2. Returns early when tool is not in WRITE_TOOLS set (e.g., 'read')
+ * 3. Returns early when session is the architect (agentName = 'Architect')
+ * 4. Returns early when declaredCoderScope is null (no scope declared)
+ * 5. Throws 'SCOPE VIOLATION' when non-architect writes file outside declared scope
+ * 6. Does NOT throw when non-architect writes file INSIDE declared scope
+ * 7. Sanitizes path with \r\n to prevent log injection (SEC-1 fix)
+ * 8. isFileInScope correctly handles exact match and directory containment
+ */
+export {};

package/dist/hooks/self-review.d.ts

@@ -0,0 +1,14 @@
+export interface SelfReviewConfig {
+    enabled: boolean;
+    skip_in_turbo: boolean;
+}
+export declare function createSelfReviewHook(config: Partial<SelfReviewConfig>, injectAdvisory: (sessionId: string, message: string) => void): {
+    toolAfter: (input: {
+        tool: string;
+        sessionID: string;
+        callID: string;
+    }, output: {
+        args?: Record<string, unknown>;
+        output?: unknown;
+    }) => Promise<void>;
+};

package/dist/hooks/self-review.test.d.ts

@@ -0,0 +1,14 @@
+/**
+ * self-review.test.ts
+ *
+ * Tests for self-review hook (Task 4.1):
+ * 1. Advisory injected when architect calls update_task_status with status=in_progress
+ * 2. NOT injected when status=completed (not in_progress)
+ * 3. NOT injected when calling session is not architect
+ * 4. Turbo-skip: NOT injected when session.turboMode=true and skip_in_turbo=true
+ * 5. Disabled: NOT injected when enabled=false
+ * 6. Advisory text contains self-review focus items
+ * 7. injectAdvisory errors are caught (non-blocking)
+ * 8. No advisory for other tools (not update_task_status)
+ */
+export {};

package/dist/hooks/slop-detector.adversarial.test.d.ts

@@ -0,0 +1 @@
+export {};

package/dist/hooks/watchdog.integration.test.d.ts

@@ -0,0 +1,9 @@
+/**
+ * WATCHDOG INTEGRATION TEST (v6.31 Task 3.5)
+ *
+ * Integration test covering coordinated watchdog behaviour across:
+ * - scope-guard (3.1): toolBefore hook blocks out-of-scope writes by throwing
+ * - delegation-ledger (3.2): toolAfter hook records tool calls, onArchitectResume generates DELEGATION SUMMARY
+ * - loop-detector enhancement (3.3): at count=3, structured escalation message includes loop pattern + accomplishment + alternative suggestion
+ */
+export {};