opencode-swarm 6.61.0 → 6.63.0

package/dist/plan/ledger.d.ts

@@ -108,7 +108,7 @@ export declare function readLedgerEvents(directory: string): Promise<LedgerEvent
  * @param directory - The working directory
  * @param planId - Unique identifier for the plan
  */
-export declare function initLedger(directory: string, planId: string, initialPlanHash?: string): Promise<void>;
+export declare function initLedger(directory: string, planId: string, initialPlanHash?: string, initialPlan?: Plan): Promise<void>;
 /**
  * Append a new event to the ledger.
  * Uses atomic write: write to temp file then rename.
@@ -206,7 +206,7 @@ interface ReplayOptions {
  * @param options - Optional replay options
  * @returns Reconstructed Plan from ledger events, or null if plan.json doesn't exist or ledger is empty
  */
-export declare function replayFromLedger(directory: string, options?: ReplayOptions): Promise<Plan | null>;
+export declare function replayFromLedger(directory: string, _options?: ReplayOptions): Promise<Plan | null>;
 /**
  * Result type for readLedgerEventsWithIntegrity
  */

package/dist/plan/manager.d.ts

@@ -1,3 +1,11 @@
+/**
+ * Typed error for concurrent plan modification (#444 item 3).
+ * Thrown when savePlan exhausts CAS retries due to concurrent writers.
+ * Callers can catch this specifically to refresh and retry at the outer level.
+ */
+export declare class PlanConcurrentModificationError extends Error {
+    constructor(message: string);
+}
 import { type Plan, type RuntimePlan, type TaskStatus } from '../config/plan-schema';
 /** Reset the startup ledger check flag. For testing only. */
 export declare function resetStartupLedgerCheck(): void;

package/dist/tools/get-approved-plan.d.ts

@@ -0,0 +1,44 @@
+/**
+ * Tool to retrieve the last critic-approved immutable plan snapshot.
+ *
+ * Wraps `loadLastApprovedPlan` from `src/plan/ledger.ts` as a tool callable
+ * by the critic `phase_drift_verifier` agent. Enables active baseline drift
+ * comparison: the drift verifier can compare the immutable approved snapshot
+ * against the current `plan.json` to detect silent plan mutations introduced
+ * after approval.
+ *
+ * The tool internally derives `plan_id` from the current plan for
+ * cross-identity safety — the caller does not need to know the format.
+ *
+ * Read-only: no file writes.
+ *
+ * @see https://github.com/zaxbysauce/opencode-swarm/issues/449
+ */
+import { tool } from '@opencode-ai/plugin';
+interface GetApprovedPlanResult {
+    success: boolean;
+    reason?: string;
+    approved_plan?: ApprovedPlanPayload;
+    current_plan?: CurrentPlanPayload | null;
+    drift_detected?: boolean | 'unknown';
+    current_plan_error?: string;
+}
+interface ApprovedPlanPayload {
+    plan: unknown;
+    approval_metadata: Record<string, unknown> | undefined;
+    snapshot_seq: number;
+    snapshot_timestamp: string;
+    payload_hash: string;
+}
+interface CurrentPlanPayload {
+    plan: unknown;
+    current_hash: string;
+}
+/**
+ * Core execution logic — exported for direct testing.
+ */
+export declare function executeGetApprovedPlan(args: {
+    summary_only?: boolean;
+}, directory: string): Promise<GetApprovedPlanResult>;
+export declare const get_approved_plan: ReturnType<typeof tool>;
+export {};

package/dist/tools/index.d.ts

@@ -12,6 +12,7 @@ export { doc_extract, doc_scan } from './doc-scan';
 export { detect_domains } from './domain-detector';
 export { evidence_check } from './evidence-check';
 export { extract_code_blocks } from './file-extractor';
+export { get_approved_plan } from './get-approved-plan';
 export { fetchGitingest, type GitingestArgs, gitingest } from './gitingest';
 export { imports } from './imports';
 export { knowledge_add } from './knowledge-add';

package/dist/tools/tool-names.d.ts

@@ -3,7 +3,7 @@
  * Used for constants and agent setup references.
  */
 /** Union type of all valid tool names */
-export type ToolName = 'diff' | 'syntax_check' | 'placeholder_scan' | 'imports' | 'lint' | 'secretscan' | 'sast_scan' | 'build_check' | 'pre_check_batch' | 'quality_budget' | 'symbols' | 'complexity_hotspots' | 'schema_drift' | 'todo_extract' | 'evidence_check' | 'check_gate_status' | 'completion_verify' | 'sbom_generate' | 'checkpoint' | 'pkg_audit' | 'test_runner' | 'detect_domains' | 'gitingest' | 'retrieve_summary' | 'extract_code_blocks' | 'phase_complete' | 'save_plan' | 'update_task_status' | 'lint_spec' | 'write_retro' | 'write_drift_evidence' | 'declare_scope' | 'knowledge_query' | 'doc_scan' | 'doc_extract' | 'curator_analyze' | 'knowledge_add' | 'knowledge_recall' | 'knowledge_remove' | 'co_change_analyzer' | 'search' | 'batch_symbols' | 'suggest_patch' | 'req_coverage';
+export type ToolName = 'diff' | 'syntax_check' | 'placeholder_scan' | 'imports' | 'lint' | 'secretscan' | 'sast_scan' | 'build_check' | 'pre_check_batch' | 'quality_budget' | 'symbols' | 'complexity_hotspots' | 'schema_drift' | 'todo_extract' | 'evidence_check' | 'check_gate_status' | 'completion_verify' | 'sbom_generate' | 'checkpoint' | 'pkg_audit' | 'test_runner' | 'detect_domains' | 'gitingest' | 'retrieve_summary' | 'extract_code_blocks' | 'phase_complete' | 'save_plan' | 'update_task_status' | 'lint_spec' | 'write_retro' | 'write_drift_evidence' | 'declare_scope' | 'knowledge_query' | 'doc_scan' | 'doc_extract' | 'curator_analyze' | 'knowledge_add' | 'knowledge_recall' | 'knowledge_remove' | 'co_change_analyzer' | 'search' | 'batch_symbols' | 'suggest_patch' | 'req_coverage' | 'get_approved_plan';
 /** Readonly array of all tool names */
 export declare const TOOL_NAMES: readonly ToolName[];
 /** Set for O(1) tool name validation */

package/dist/validation/task-id.d.ts

@@ -0,0 +1,43 @@
+/**
+ * Centralized task ID validation (#452 item 2).
+ *
+ * Two strictness levels exist by design:
+ *
+ * - **Strict** (`isStrictTaskId`): Only numeric N.M or N.M.P format.
+ *   Use for gate-evidence operations where task IDs map to plan phases/tasks.
+ *
+ * - **Broad** (`isValidTaskId` / `sanitizeTaskId`): Accepts numeric, retrospective
+ *   (retro-N), internal tool IDs (sast_scan, etc.), and general alphanumeric.
+ *   Use for evidence storage, trajectory logging, and other paths that handle
+ *   non-plan task IDs.
+ *
+ * Both levels reject path traversal, null bytes, control characters, and
+ * other unsafe patterns.
+ */
+/**
+ * Strict validation: only numeric N.M or N.M.P format.
+ * Use for gate-evidence operations where task IDs correspond to plan phases/tasks.
+ */
+export declare function isStrictTaskId(taskId: string): boolean;
+/**
+ * Broad validation: accepts numeric, retrospective, internal tool, and
+ * general alphanumeric task IDs.
+ * Use for evidence storage, trajectory logging, and non-plan task ID paths.
+ */
+export declare function isValidTaskId(taskId: string): boolean;
+/**
+ * Throws if the task ID fails strict validation.
+ * Use as a guard at the top of functions that build file paths from task IDs.
+ */
+export declare function assertStrictTaskId(taskId: string): void;
+/**
+ * Validates and returns the task ID (broad validation).
+ * Throws with a descriptive message if the ID is invalid.
+ * Replaces evidence/manager.ts sanitizeTaskId for new callers.
+ */
+export declare function sanitizeTaskId(taskId: string): string;
+/**
+ * Validation for tool input: returns error message string if invalid, undefined if valid.
+ * Strict numeric format only (for update-task-status, declare-scope, etc.).
+ */
+export declare function validateTaskIdFormat(taskId: string): string | undefined;

package/package.json

@@ -1,6 +1,6 @@
 {
 	"name": "opencode-swarm",
-	"version": "6.61.0",
+	"version": "6.63.0",
 	"description": "Architect-centric agentic swarm plugin for OpenCode - hub-and-spoke orchestration with SME consultation, code generation, and QA review",
 	"main": "dist/index.js",
 	"types": "dist/index.d.ts",